Lucent Technologies AP-1, AP-3, AP-4, AP-5, AP-6 Connection Manual

...

CCESS OINT

UILDER

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

SER UIDE

. . . . .

This manual describes how to use the Access Point QVPN Builder™ application with Access Point™ IP Services routers.

Product: Access Point QVPN Builder Version: Version 2.4

Part Number: 610-5004-061

Lucent Technologi es May 2001

Important - Please Read

. . . . .

IMPORTANT - PLEASE READ

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

NOTICE

The information i n this manu al is pr ovided wit hout warr anty of a ny kind and is subject to change wit hout not ice. Luc ent Techno logies Inc. ass umes no respon sibility, and shall have no liability of any kind arising from supply or use of this publication or any material contained herein.

Company and product names are trademarks or registered trademarks of their respective companies.

Copyright © 1997 - 2001 by Lucent Technologies Inc. All rights reserved. No part of this publication may be reproduced, photocopied, or transmitted without express, written consent of Lucent Technologies Inc.

Lucent Technologies Inc.

50 Nagog Park

Acton, MA 01720

USA

http://www .lucent.com

FEDERAL COMMUNICATIONS COMMISSION WARNING

This device complies with Part 15 of the FCC Rules and Regulations. Operation is subject to the following two conditions:

• The device may not cause harmful interference.

• The device must withstand any interference received, including interfer-

ence that may cause undesired operation.

The Access Point rout er has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules and Regulations. These limits are designed to provide reasonable protection against harmful interference when this equipment is operated in a commercial environment. This equipment generat es, uses , an d can ra diate radi o-frequen cy e ner gy an d, if not installed and used in accordance with the instruction manual, may cause harmful interfer ence to radio and televisi on communica tions. Oper ation of thi s equipment in a residential area is likely to cause interference in which case the user will be required to correct the interference at his or her own expense.

Access Point QVPN Builder User Guide III

Important - Please Read

Shielded cables must be used with this unit to ensure compliance with the FCC Class A limits.

IV Access Point QVPN Builder User Guide

ONTENTS

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Preface ........................................................................................................XI

1 Product Overview ........................................................................................ 1

Access Point QVPN Builder Application...................................................................1

Integrated Applications...............................................................................................2

Platform Requirements ...............................................................................................2

NT 4.0 Requirements.................................................................................................................2

Solaris 2.6 Requirements............................................................................................................3

Access Point Operating System Support Matrix ........................................................3

2 Installing the QVPN Builder........................................................................5

Installing Builder ........................................................................................................5

Installing the Standalone Version on Solaris Systems...............................................................6

Installing the Client/Server Version on Solaris Systems ...........................................................9

Installing the Standalone Version on Windows NT Systems ....................................................13

Installing the Client/Server Version on Windows NT Systems.................................................14

Initial Startup Tasks....................................................................................................16

Logging In For the First Time....................................................................................................17

Logging In For the First Time As a Client.................................................................................17

Evolving Version 2.1 and 2.3 Databases....................................................................................18

Accessing UNIX Server Databases From Windows NT Client Systems..................................19

Setting Up the QVPN Request Config Daemon to Access UNIX Databases............................20

. . . . .

QVPN Builder User Guide V

CONTENTS

3 Getting Started With Builder ............................ ..................................... .....21

About the Builder Window ........................................................................................21

The Tree Frame ..........................................................................................................................23

The Configuration and Deployment Tabs..................................................................................23

The Log Frame ...........................................................................................................................24

Getting Detailed Help Information.............................................................................26

Configuring SNMP Access Settings ..........................................................................26

Managing Access Point Systems................................................................................28

Adding Access Point Systems....................................................................................................28

Modifying Access Point Systems...............................................................................................28

Removing Access Point Systems ...............................................................................................28

Using the Traffic Status and Tunnel Status Applications ..........................................29

Traffic Status Application ..........................................................................................................30

Tunnel Status Application..........................................................................................................31

Using the QVPN Request Config Daemon................................................................32

Starting Up the Daemon.............................................................................................................33

Using the Daemon......................................................................................................................33

Shutting Down the Daemon .......................................................................................................34

Verifying Daemon Operation............................... ......................................................................34

Changing the SNMP Community Name for the Daemon..........................................................35

Troubleshooting the Daemon.....................................................................................................35

4 Managing VPNs ...........................................................................................37

Creating or Modifying VPN Definitions....................................................................38

Selecting the Configuration Method...........................................................................................38

Changing VPN Settings for the VPN.........................................................................................39

Changing VPN Settings for the Access Point Systems..............................................................41

Changing Probe Settings ............................................................................................................43

Saving the VPN Definition.........................................................................................45

Saving the VPN Definition With the Standalone Version .........................................................46

Saving the VPN Definition With the Client/Server Version......................................................46

Opening VPN Definitions ..........................................................................................46

Opening the VPN Definition With the Standalone Version.......................................................47

Opening the VPN Definition With the Client/Server Version ...................................................47

Accessing Locked Files..............................................................................................................48

Removing VPN Definitions .......................................................................................48

Removing the VPN Definition With the Standalone Version....................................................48

VI QVPN Builder User Guide

CONTENTS

Removing the VPN Definition With the Client/Server Version................................................49

Using VPN Definitions...............................................................................................49

Exporting Data ...........................................................................................................................49

Importing VPN Data Files..........................................................................................................50

Importing VPN Definitions From Version 1.1...........................................................................53

Verifying the Configuration........................................................................................53

Deploying the Configuration ......................................................................................53

Using the VPN Deployment Tables............................................................................54

VPN Statistics ............................................................................................................................55

VPN or AP Summary Information.............................................................................................55

Tunnel, Route, and IPSec Interface Information........................................................................56

Managing Security Profiles ........................................................................................58

Adding Security Profiles............................. ..... ...... ....................................................................59

Modifying Security Profiles.......................................................................................................59

Deleting Security Profiles ........................... ..... .............................................. ............................60

. . . . .

5 Managing QoS/Firewall Policies................................................................61

Using the QoS/Firewall Rule Set Editor.....................................................................62

Default Template Rule Set Definition and Modification...........................................................64

Defining a Rule Set.....................................................................................................66

Adding a Rule............................. ..... ...... .....................................................................................67

Specifying Parameters................................................................................................................67

Changing the Rule Name...........................................................................................................75

Specifying Execution Order.......................................................................................................76

Adding or Changing Comments.................................................................................................76

Removing a Rule........................................................................................................................77

Purging Unused Parameters......................................... ..... ...... ...................................................77

Modifying a Rule Set..................................................................................................77

Modifying the Default New Rule Set .........................................................................78

Removing a Rule Set ..................................................................................................79

Associating a Rule Set................................................................................................79

Setting Parameter Values............................................................................................80

Verifying the QoS/Firewall Policies...........................................................................82

Deploying the QoS/Firewall Policies to APs..............................................................82

Using the QoS/Firewall Deployment Table................................................................83

Modifying the Definition View..................................................................................................83

Using the Apply/Query View.....................................................................................................84

QVPN Builder User Guide VII

CONTENTS

Using Rule Sets ..........................................................................................................85

Exporting Rule Sets....................................................................................................................85

Importing Rule Set Files.............................................................................................................86

Specifying a Rule Set for a VPN................................................................................87

Using the QoS/Firewall: Examples............................................................................88

Configuring a Firewall That Allows Web Surfing.....................................................................88

Configuring SYN Flood Protection............................................................................................95

Classifying ICMP Packets..........................................................................................................99

Creating a Forwarding Policy.....................................................................................................101

6 Managing NAT .............................................................................................105

Configuring General NAT Parameters.......................................................................106

Enabling NAT.............................................................................................................................106

Specifying Maximum Number of Sessions................................................................................107

Specifying Session Timers.........................................................................................................107

Applying Parameters..................................................................................................................108

Saving the NAT Configuration...................................................................................................109

Adding the NAT Layer...............................................................................................109

Configuring Static Bindings.......................................................................................111

Configuring Address Translation Pools .....................................................................112

Configuring Basic NAT Pools....................................................................................................113

Configuring NAPT Pools...........................................................................................................114

Configuring LSNAT Pools.........................................................................................................115

Removing Pools..........................................................................................................................117

Configuring Private Networks....................................................................................117

Checking the Configuration .......................................................................................119

Deploying the NAT Configuration to All APs...........................................................120

Using the NAT Deployment Tab ...............................................................................120

7 Advanced Features of Builder....................................................................125

Specifying Preferences...............................................................................................126

General Preferences.................................................................................................................... 126

Logging Preferences...................................................................................................................126

Directory Preferences.................................................................................................................128

Configuring Logging..................................................................................................129

Clearing the Log Display............................................................................................................ 129

Purging the Log Database...........................................................................................................129

VIII QVPN Builder User Guide

CONTENTS

Exporting the Log Table To a File.............................................................................................130

Managing User Profiles ..............................................................................................130

Adding User Profiles........................................ ...... ...... ............................................. .................131

Modifying User Profiles.............................................................................................................131

Deleting User Profiles................................................................................................................132

Restoring VPN Databases...........................................................................................132

Finding a VPN Name..................................................................................................133

Troubleshooting..........................................................................................................133

Figures

Figure 1 QVPN Builder Login Screen ........................................................................16

Figure 2 QVPN Builder Definition View Window .....................................................22

Figure 3 QoS/Firewall Rule Set Editor Window ........................................................62

Figure 4 Stateful Firewall that Allows Web Surfing ...................................................88

. . . . .

Tables

Table 1 Definition View Tool Bar Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Table 2 QoS/Firewall Rule Set Editor Tool Bar Buttons . . . . . . . . . . . . . . . . . . . . . 62

Table 3 Default Action Profiles and Associated CBQ Trees . . . . . . . . . . . . . . . . . . 75

QVPN Builder User Guide IX

CONTENTS

X QVPN Builder User Guide

REFACE

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The Access Point™ IP Services family comprises a set of bridging routers with advanced bandwidth management and VPN server capabilities. The Access Point QVPN Builder monitor a virtual private network of Access Point systems. This guide explains how to install, configure, and manage the Access Point QVPN Builder application. Chapter titles and their subject areas are outlined below.

Chapter Title Areas Treated

Product Overview Provides an overview of the Access Point

Installing the QVPN Builder Provides information about installing Access

Getting Started With Builder Provides general information about the

Managing VPNs Explains how to configure IPSEC tunnels

Managing QoS/Firewall Policies

Managing NAT Explains how to configure the Network

Advanced Features of Builder

™ application lets you manage and

QVPN Builder application

Point QVPN Builder

Builder graphical user interface, applicationwide tasks, and associated applications

using VPN definitions Explains how to set firewall rules and QoS

policies

Address Translator (NAT) Provides information about preferences,

logging, and user profiles for Builder

. . . . .

Audience

The Access Point product is a bridging router with advanced bandwidth management and VPN capabilities. Configuring any IP routing engine

Access Point QVPN Builder User Guide XI

PREFACE

requires considerable experience with routers, hubs, bridges, and other networking devices. In particular, Lucent Technologies assumes that persons installing, configuring, and managing the Access Point product have several years of networking experience.

The Access Point QVPN Builder application lets you configure and manage virtual private networks from a cen tral management stati on. Build er is fl exibl e enough to provis ion t he sec urit y prof iles , fir ewall rule s, and Quali ty of Servi ce policies for small or large VPNs.

Conventions

This guide uses the following conventions.

• Bold indicates items that you select from the Builder application.

• Italics indicates command.

• A vertical bar | between elements indicates that you must choose one of

them.

• Square brackets [ ] indicate optional elements.

• Parentheses ( ) contain a group from which you make a selection.

• Angle bracket s < > con tain a n element that y ou sp ecify, suc h as a name o r

an address.

• Ellipses ... following a component, subcomponent, or parameter indicate

that it can be repeated.

AFETY SYMBOLS

The following safety symbols are used to call attention to certain topics. To avoid equipment damage or possible injury, please devote special attention to these areas and follow all applicable procedures and warnings.

WARNING:

This symbol calls attention to issues or practices that could cause serious injury to yourself or others if safety precautions are disregar ded .

CAUTION: This symbol calls attention to issues or practices that

could damage the equipment or cause loss of data if you disregard the required safety precautions.

XII Access Point QVPN Builder User Guide

Contacting Lucent Support

For questions or probl ems with th e Access Point QVPN Builder app licati on or the Access Point router, refer to this manual or to the Lucent Technologies Lucent Worldwide Services Web site at:

http://www.lucent.com/networkcare

If you are not able to find t he he lp you need, contact Lucent Technologi es I nc. at one of the following locations:

Customer Service: 1.800.272.3634

E-mail:webmail@lucent.com

PREFACE

. . . . .

Access Point QVPN Builder User Guide XIII

PREFACE

XIV Access Point QVPN Builder User Guide

RODUCT

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

VERVIEW

The Access Point QVPN Builder™ applic ation (Builde r) lets you manage and monitor a virtual private network consisting of Access Point tems (APs). This application lets you:

• Configure and create virtual private networks

• Configure QoS/Firew all parameters

• Configure NAT

• Monitor usage data

. . . . .

™ sys-

ACCESS POINT QVPN BUILDER APPLICATION

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

As use of the Interne t for busi ness-class application s continues to grow , so has the importance of virtual private networks (VPNs). VPNs use a combination of encryption, authentication, and tunneling techniques to create secure pathways, or tunnels, between geographicall y separ ated ho sts ove r a public network infrastructure. Moreover, with the increasing flow of data over costly infrastructure, bandwidth management and firewalling capabilities are essential to classify and schedule IP traffic. Setting up secure tunnels and managing bandwidth and firewalls to protect business communications among widely dispersed sites can be time-consuming and costly.

The Access Point QVP N Builder application is a powerful tool that l ets you create and deploy VPNs easily from a central management station. While most VPNs must be configured on a host-by-host basis, Builder enables VPNs to be defined at a single location and exported to defined

Access Point QVPN Builder User Guide 1

PRODUCT OVERVIEW

Integrated Applications

sets of hosts (Acce ss Po int systems) without network disrupt ions. Builder also lets you incorporate firewall and Quality of Service (QoS ) parameters as part of a VPN definition, allowing you to rate-limit and shape traffic flowing over tunnels. Thus, you get the benefits of IP QoS integrated within a remotely managed tunnel framework, or QVPN.

INTEGRATED APPLICATIONS

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The Builder includes integrated applications:

• The QVPN Request Config dae mon a ll ows APs to request (pull) t hei r con-

figuration information from a Builder client or server.

• The Traffic Status applic ati on di splays dynamic bandwidth usage inf orma -

tion with pie and bar graphs and tracks the performance of defined traffic classes with a graph wizard.

• The Tunnel Status application has specialized applets that display sum-

mary information and traffic rate usage for the tunnels.

PLATFORM REQUIREMENTS

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

To run the Builder application, your NT or Solaris platform, for standalone or client/server operation, should meet the following requirements:

NT 4.0 R

EQUIREMENTS

• Standalone

• 400 MHz system

• 50 MB disk (and additional space for the user-created databases)

• 128 MB RAM

• Java Runtime Environment version 1.2.2 software

• Client/Server

• 400 MHz system

• 270 MB disk (and additional space for the user-created databases on

the server)

2 Access Point QVPN Builder User Guide

OLARIS

• 256 MB RAM

• Java Runtime Environment version 1.2.2 software

2.6 R

EQUIREMENTS

• Standalone

• 100 MB disk (and additional space for the user-created databases)

• 256 MB RAM

• Java Runtime Environment version 1.2.2 software

• Client/Server

• 200 MB disk (and additional space for the user-created databases on

the server)

• 256 MB RAM

PRODUCT OVERVIEW

Access Point Operating S ystem Support Matrix

. . . . .

• Java Runtime Environment version 1.2.2 software

ACCESS POINT OPERATING SYSTEM SUPPORT MATRIX

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The follow ing table shows the relationsh ip of AP operating systems and features that Builder sup ports.

Access Point Operating System

V2.1 Yes No No V2.2.0 Yes Yes Partial V2.2.1 Yes Yes Yes V2.3 Yes Yes Yes V2.4 Yes Yes Yes

VPN CBQ NAT

Access Point QVPN Builder User Guide 3

PRODUCT OVERVIEW

Access Point Operating System Support Matrix

4 Access Point QVPN Builder User Guide

NSTALLING THE

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

This section provides general information about installing the Access Point QVPN Builder application (Builder) and performing initial startup tasks. Read through the installation and initial startup sections to determine specific requirements for those tasks.

QVPN B

UILDER

. . . . .

INSTALLING BUILDER

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Before installing or using Builder, make sure the Access Point systems (APs) are configured and reachable through SNMP. Otherwise, Builder will not be able to configure these systems. You must configure the AP with Access Point version 2.2.1 or later software beforehand (including SNMP access and routing informat ion) so that the Builder can connect to each AP to perform its tasks.

The Builder has two versions — standalone and client/server.

The standalone version has these features:

• Installs on a single system

• Supports up to 250 QVPN nodes per VPN (VPN count is limited

by only disk space)

The client/server version has these features:

• Installs on a single server or many clients of the central server

• Supports up to 800 QVPN nodes per VPN (VPN count is limited

by only disk space)

Access Point QVPN Builder User Guide 5

INSTALLING THE QVPN BUILDER

Installing Builder

This section describes how to install either the standalone or the client/server version of the Builder on Solaris or Windows NT systems. You will find instructions fo r installing Bui lder from bot h a CD-ROM and an exec utable file. Refer to one of the following sections to install the Builder.

• “Installing the Standalone Version on Solaris Systems” on Page 6

• “Installing the Clie nt/Server Version on Solaris Systems” on Page 9

• “Installing the Standalone Version on Windows NT Systems” on Page 13

• “Installing the Client/Server Version on Windows NT Systems” on Page

NSTALLING THE STANDALONE VERSION ON SOLARIS SYSTEMS

Builder runs on a Sun SPARC workstation with these system requirements:

• Solaris 2. 6 operating system

• The JDK patches for Solaris SPARC 2.6 (5.6) with these patch IDs:

- 105490-05 (Linker Patch)

- 105568-13 (Libthread Patch)

- 105210-17 (LibC Patch)

- 105181-11 (Kernel Update Patch — socket close/hang)

- 105669-04 (CDE 1.2: libDTSvc Patch — dtmail)

To download the patches, start at http://www.sun.com/solaris/java and fol- low the link s to download the JDK; the patche s are available on the same page as the JDK. Follow the instructions to load the patch from the README.sparc file.

• 100 MB disk, 256 MB RAM (standalone version)

NSTALLING THE STANDALONE VERSION ON SOLARIS SYSTEMS FROM A CD-ROM

Builder is distributed on a CD-ROM. LUxavs, the standalone version of the Builder applica ti on, co me s as a directory pack age that is ready f or i nst allation. The following procedure describes how to install Builder:

1 Make sure you are logged on as a superuser (root). 2 To install Builder, enter the following command:

6 Access Point QVPN Builder User Guide

INSTALLING THE QVPN BUILDER

Installing Builder

pkgadd -d /cdrom/builder -R <desired-install-path> LUxavs

The installation asks if you want to create the installation directory if it doesn’t already exist.

4 Next, the installation asks if you want to run the included scripts as root.

Answer “y”.

5 You’ll be asked additional questions about how you want to configure

Builder. After you’ve answered all the questions, the installation begins.

6 After the in stallation completes , you can check if the package is installed

or retrieve additional package information by entering the following command:

pkginfo -l -R <installed-package-path> LUxavs

To remove the Builder installation from the system, enter the following command:

pkgrm -R <installed-package-path> LUxavs

. . . . .

NOTE Be sure to use the pkgrm command to delete the installation,

so files are removed in an orderly manner.

Solaris systems provide man pages for th e various pac kage commands jus t mentioned.

7 After Builder is installed, you can go to the installation directory where

you will find the AccessView subdirectory. The QVPNBuilder script is located in the bin subdirectory. You can include the path to Build er in your shell initialization file. You can also create a soft link to the Builder using the ln -s com mand.

Start Builder with the following command:

> QVPNBuilder

NOTE You must not be logged on as the superuser when starting the

application.

INSTALLING THE STANDALONE VERSION ON SOLARIS SYSTEMS FROM AN E

XECUTABLE FILE

To install the standalone version of Builder from an executable file, complete the following steps:

1 Make sure you are logged on as a superuser (root).

Access Point QVPN Builder User Guide 7

INSTALLING THE QVPN BUILDER

Installing Builder

2 Copy the xavs2_4_R001.bin program to the appropriate directory. 3 Use the chmod +x command (specifying your program file) to change the

privileges so you can execute the program.

4 Use the ./xavs2_4_R001.bin command to install the program.

You are asked if you want to con figur e the QVPN Reques t Confi g daemon to start at system boot as part of the installation procedure. If you reply with yes, then the necessary boot script files are created and the installation procedure asks if you want to start the QVPN Reques t Config daemon immediately. If you reply with yes, the Config daemon is started immediately. If you reply with no, you can start the daemon at any time with the QVPNRequestConfigDaemon command. Refer to “Using the QVPN

Request Config Daemon” on Page 32 for more information.

You will see output simila r to the following:

Installing Lucent Technologies Access Point QVPN Builder Client/Server version: 2.4.B002 02-27-2001... Checking for available space... Unpacking... Checksumming... 0 0 Extracting... Done.

Shutting down the ObjectStore Server in /AV2.4/Acc essView /odi/ostore on host psara.

Shutting down the ObjectStore Cache Manager in /AV2.4/Acce ssView/odi/ostore on host psara. Shutting down Cache Manager process 010321 140658.168 ObjectStore Release 6.0 Service Pack 4 Database Server The ObjectStore server is running. Successfully created /etc/rc2.d/S80ostore4. Successfully created link from /etc/rc2.d/K80ostore4 to /etc/rc2.d/S80ostore4.

This script will now verify the installation:

The ObjectStore Server daemon process is accessible. Schema databases are accessible.

The cache manager launcher (/AV2.4/AccessView/odi/ostore/lib/oscminit6) has correct modes and ownership. ObjectStore configuration completed. Do you wish to evolve existing databases ? [yes] no

QVPNBuilder setup ... Lucent Access Point QVPN Builder configuration completed.

QVPNRequestConfigDaemon setup ...

8 Access Point QVPN Builder User Guide

INSTALLING THE QVPN BUILDER

Do you want the QVPNRequestConfigDaemon configured to start at system boot ? [yes]

Successfully created /etc/rc2.d/S90rcd. Successfully created link from /etc/rc2.d/K90rcd to /etc/rc2.d/S90rcd.

Do you want to start the QVPNRequestConfigDaemon now ? [yes]

Starting AccessView QVPNRequestConfigDaemon 2.4.B002 02-27-2001

QVPNRequestConfigDaemon configuration completed.

Lucent Access Point QVPN Builder 2.4.B002 02-27-2001 Installation Complete:

To start the QVPN Builder application run /AV2.4/AccessView/bin/QVPNBuilder To start the Tunnel Status application run /AV2.4/AccessView/bin/TunnelStatus To start the Traffic Status application run /AV2.4/AccessView/bin/TrafficStatus To control the Request Config Daemon use the "/etc/rc2.d/S90rcd <start|stop>" command

Note that the Tunnel Status and Traffic Status applications were installed and can be run. Refe r to “Usin g the Traffic Status and Tunnel Status Appli-

cations” on Page 29 for more information.

Installing Builder

. . . . .

5 You can include the path to Builder in your shell in itializatio n file. You can

also create a soft link to the Builder using the ln -s comman d. The Builder executable file is located in the directory where you installed the application.

After installing Builder, you can start up the application with this command:

> QVPNBuilder

NOTE You must not be logged on as the superuser when starting the

application.

To uninstall the application, execute this command as the superuser:

# ./uninstall

This procedure keeps the AccessView directories for upgrade purposes. To completely remove the application, delete the AccessView directory.

NSTALLING THE CLIENT/SERVER VERSION ON SOLARIS SYSTEMS

Builder runs on a Sun SPARC workstation with these system requirements:

• Solaris 2. 6 operating system

Access Point QVPN Builder User Guide 9

INSTALLING THE QVPN BUILDER

Installing Builder

• The JDK patches for Solaris SPARC 2.6 (5.6) with these patch IDs:

- 105490-05 (Linker Patch)

- 105568-13 (Libthread Patch)

- 105210-17 (LibC Patch)

- 105181-11 (Kernel Update Patch — socket close/hang)

- 105669-04 (CDE 1.2: libDTSvc Patch — dtmail)

• 200 MB disk, 256 MB RAM (client/server version)

NOTE

If you already have Builder V2.1 installed on your system, it is recommended that you install V2.4 directly over it without uninstalling the V2.1 software to ensure that the existing databases are evolved properly.

If you install Builder V2.4 in a different directory than the one in which V2.1 was installed, see Page 18 for information about how to evolve the existing databases manually.

INSTALLING THE CLIENT/SERVER VERSION ON SOLARIS SYSTEMS FROM A CD-ROM

Builder is distributed on a CD-ROM. LUxavd, the database (client/server) version of the Builder application, comes as a directory package that is ready for installation. The following procedure describes how to install Builder:

1 Make sure you are logged on as a superuser (root). 2 To install Builder, enter the following command:

pkgadd -d /cdrom/builder -R <desired-install-path> LUxavd

Answer “y” to the following prompt:

Do you want to install these as setuid/setgid files [y,n,?,q]

The installation asks if you want to create the installation directory if it

doesn't already exist.

5 Next, the installation asks if you want to run the included scripts as root.

Answer “y”.

10 Access Point QVPN Builder User Guide

INSTALLING THE QVPN BUILDER

Installing Builder

6 You’ll be asked additional questions about how you want to configure

Builder , including whether you want to insta ll as a cl ie nt or a ser ver. After you’ve answere d all the questions, the installation begins.

7 After the in stallation completes , you can check if the package is installed

or retrieve additional package i nformation by entering the follo wing command:

pkginfo -l -R <installed-package-path> LUxavd

To remove the Builder installation from the system, enter the following command:

pkgrm -R <installed-package-path> LUxavd

NOTE Be sure to use the pkgrm command to delete the installation,

so files are removed in an orderly manner.

Solaris systems provide man pages for th e various pac kage commands jus t mentioned.

. . . . .

8 After Builder is installed, you can go to the installation directory where

Start Builder with the following command:

> QVPNBuilder

NOTE You must not be logged on as the superuser when starting the

application.

INSTALLING THE CLIENT/SERVER VERSION ON SOLARIS SYSTEMS FROM AN E

XECUTABLE FILE

T o install the client/server version of Builder from an executable file, complete the following steps:

NOTE

1 2 Copy the xavd2_4_R001.bin program to the appropriate directory.

Builder cannot be installed in an NFS mounted partition.

Make sure you are logged on as a superuser.

3 Use the chmod +x command (specifying your program file) to change the

privileges so you can execute the program.

Access Point QVPN Builder User Guide 11

INSTALLING THE QVPN BUILDER

Installing Builder

4 Use the ./xavd2_4_R001.bin command to install the applicat ion as a se rver

or as a client. To install the application as a server, use the -s option. To install the application as a client, use the -c option. If you install the app li cat i on as a client, you are ask ed t o provide the name

of the server and the full pathname for the master database. This information can be found in the DatabaseInfo.txt file located in the AccessView installation directory of your database server. If your client is using a Windows NT server, you must specify the full pathname using escape characters. To represent a colon (:), a space, or a backslash (\), place a backslash (\) in front of these special characters. For example, to represent the full pathname of the master database in the default database directory on a Windows NT server, enter:

c\:Program\ Files\\Lucent\\AccessView\\db\\AccessViewMaster.db

To represent the full pathname of the master database in the default database directory on a Solaris server, enter:

NOTE

/usr/AccessView/db/AccessViewMaster.db

The rest of the installation is the same for either the server or the client. You are asked if you want to con figur e the QVPN Reques t Confi g daemon

to start at system boot as part of the installation procedure. If you reply with yes, then the necessary boot script files are created and the installation procedure asks if you want to start the QVPN Reques t Config daemon immediately. If you reply with yes, the Config daemon is started immediately. If you reply with no, you can start the daemon at any time with the QVPNRequestConfigDaemon command.

The QVPNRequestConfigDaemon uses port 161. If another application or service (such as snmpdx) is using port 161, the QVPNRequestConfigDaemon might not start at system boot.

Refer to “Using the QVPN Request Config Daemon” on Page 32 fo r more information.

Note that the Tunnel Status and Traffic Status applications were installed and can be run. Refe r to “Usin g the Traffic Status and Tunnel Status Appli-

cations” on Page 29 for more information.

5 You can include the path to Builder in your shell in itializatio n file. You can

also create a so ft li nk to Buil der us ing the ln -s command. Th e Build er exe -

12 Access Point QVPN Builder User Guide

INSTALLING THE QVPN BUILDER

Installing Builder

cutable file is located in the directory where you installed the application.

After installing Builder, you can start up the application with this command:

> QVPNBuilder

NOTE You must not be logged on as the superuser when starting the

application.

To uninstall the application, execute this command as the superuser:

# ./uninstall

This procedure keeps the AccessView directories for upgrade purposes. To completely remove the application, delete the AccessView directory.

NSTALLING THE STANDALONE VERSION ON

Builder ru ns on PCs with these system requirements:

INDOWS

NT S

. . . . .

YSTEMS

• Windows NT 4.0 (Service Pack 5 or greater) operating systems

• 400 MHz system with 50 MB disk, 128 MB RAM (standalone ver-

sion)

Builder requires Java Runtime Environment version 1.2.2 software. If this software is not already on your system, the installation procedure lets you add it.

INSTALLING THE STANDALONE VERSION ON WINDOWS NT FROM A CD-ROM

Builder is distributed on a CD-ROM. The following procedure describes how to install Builder.

1 Insert the CD into your CD-ROM drive. 2 Double click on the CD-ROM drive icon. 3 Double click on the Setup.exe file.

If you have a previous version of Builder installed, the installation procedure asks if you want to remove it. After the previous installation is removed, double click on the Setup.exe file to restart the installation.

4 Follow the instructions on the screen.

Access Point QVPN Builder User Guide 13

INSTALLING THE QVPN BUILDER

Installing Builder

INSTALLING THE STANDALONE VERSION ON WINDOWS NT FROM AN E

XECUTABLE FILE

To install Builder from an executable file, complete the following steps:

1 Close down all Windows programs. 2 In Windows Explorer, double-click on the self-extracting executable pro-

gram (xavs_2.4.R001.exe) and follow the InstallShield prompts. By default, Builder is installed in the

C:\Program Files\Lucent\AccessView directory.

3 Optionally, the icons for the applications can be placed on your desktop.

Start up the application by clicking on the icon on your desktop (if available) or selecting Start → Programs → Lucent Access Point → QVPN Builder.

To uninstall the application, select Start → Settings → Control Panel → Add/Remove Programs. Select AccessView from the list and click Add/Remove. This procedure keeps the AccessView directories for upgrade purposes. T o completely remove the application, delete the AccessView folder.

NSTALLING THE CLIENT/SERVER VERSION ON

Builder ru ns on PCs with these system requirements:

• Windows NT 4.0 (Service Pack 5 or greater) operating systems

• 400 MHz system with 270 MB disk, 256 MB RAM (client/server ver-

sion)

NOTE

Builder requires Java Runtime Environment version 1.2.2 software. If this software is not already on your system, the installation procedure lets you add it.

The installation requires 270 MB of disk space, including 180 MB in your system’s TEMP directory. Make sure you have enough disk space, especially if your TEMP and installation directories are on the same disk.

After installation, the system requires at least 100 MB to run the application. Remember that the number of VPNs depends on available disk space.

INDOWS

NT S

YSTEMS

14 Access Point QVPN Builder User Guide

INSTALLING THE QVPN BUILDER

Installing Builder

INSTALLING THE CLIENT/SERVER VERSION ON WINDOWS NT FROM A CD-ROM

Builder is distributed on a CD-ROM. The following procedure describes how to install Builder.

1 Insert the CD into your CD-ROM drive. 2 Double click on the CD-ROM drive icon. 3 Double click on the Setup.exe file.

4 Follow the instructions on the screen.

NSTALLING THE CLIENT/SERVER VERSION ON WINDOWS NT FROM AN

XECUTABLE FILE

. . . . .

If you have previously installed Builder, complete the following before installing a new version of the application:

1 Uninstall Builder (existing databases will remain after the uninstall) 2 Uninstall ObjectStore

Now you can reinstall Builder. To install Builder from an executable file, complete the following steps:

1 Make sure you are logged on as an administrator. 2 Close down all Windows programs. 3 In Windows Explorer, double-click on the self-extracting executable pro-

gram (xavd_2.4.R001.exe) and follow the InstallShield prompts. Install the application as a server or as a client by selecting the Object

Database Server (default) or Object Database Client radio button. If you install the application as a client, you are asked to provide the name of the server and the full pathname for the master database. If you install the application as a client and you intend to communicate with a UNIX database server, you must set up access to the UNIX database server as described on “Accessing UNIX Server Databases From Windows NT Cli-

ent Systems” on Page 19.

The installation procedure requests a destination path for Object Database

Access Point QVPN Builder User Guide 15

INSTALLING THE QVPN BUILDER

Initial S tar tu p Tasks

Installation. The default installation destination path is C:\ODI. By default, Builder is installed in C:\Program Files\Lucent\AccessView

directory. The C:\Program Files\Lucent\AccessView\db directory is the default database destination path. Remember the destination path, as you must use it when starting up the application.

Optionally, the icons for the applications can be placed on your desktop.

4 You must reboot after the installation.

Start up the application by clicking on the icon on your desktop (if available) or selecting Start → Programs → Lucent Access Point → QVPN Builder.

NOTE

To uninstall the client/server version, you must uninstall the application (by selecting Start

→ Add/Remove Programs) before you uninstall the

ObjectStore software. Uninstall the ObjectStor e software by selecting Start →

Programs → ObjectStore Win32 → ObjectStore Uninstall. This procedure keeps the AccessView directories for upgrade

purposes. To completely remove the application, delete the AccessView folder.

→ Settings → Control Panel

INITIAL STARTUP TASKS

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

When you start up the app licati on, the QVPN Bui lder Lo gin windo w shown in

Figure 1 appears.

Figure 1 QVPN Builder Login Screen

16 Access Point QVPN Builder User Guide

+ 126 hidden pages

Lucent Technologies AP-1, AP-3, AP-4, AP-5, AP-6 Connection Manual

Specifications and Main Features

Frequently Asked Questions

User Manual