Nokia IP1220, IP1260 Installation Manual

IP01200 Series

Security Platform

Installation Guide

Part No. N450897005 Rev A

Published May 2005

COPYRIGHT

©2005 Nokia. All rights reserved.
Rights reserved under the copyright laws of the United States.

RESTRICTED RIGHTS LEGEND

Use, duplication, or disclosure by the United States Government is subject to restrictions as set
forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at
DFARS 252.227-7013.

Notwithstanding any other license agreement that may pertain to, or accompany the delivery of,
this computer software, the rights of the United States Government regarding its use,
reproduction, and disclosure are as set forth in the Commercial Computer Software-Restricted
Rights clause at FAR 52.227-19.

IMPORTANT NOTE TO USERS

This software and hardware is provided by Nokia Inc. as is and any express or implied
warranties, including, but not limited to, implied warranties of merchantability and fitness for a
particular purpose are disclaimed. In no event shall Nokia, or its affiliates, subsidiaries or
suppliers be liable for any direct, indirect, incidental, special, exemplary, or consequential
damages (including, but not limited to, procurement of substitute goods or services; loss of use,
data, or profits; or business interruption) however caused and on any theory of liability, whether in
contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use
of this software, even if advised of the possibility of such damage.

Nokia reserves the right to make changes without further notice to any products herein.

TRADEMARKS

Nokia is a registered trademark of Nokia Corporation. Other products mentioned in this document
are trademarks or registered trademarks of their respective holders.

050110

2 Nokia IP1200 Series Security Platform Installation Guide

Nokia Contact Information
Corporate Headquarters

Web Site http://www.nokia.com
Telephone 1-888-477-4566 or

Fax 1-650-691-2170
Mail

Address

Regional Contact Information

1-650-625-2000

Nokia Inc.
313 Fairchild Drive
Mountain View, California
94043-2215 USA

Americas Nokia Inc.

Europe,
Middle East,
and Africa

Asia-Pacific 438B Alexandra Road

Nokia Customer Support

Web Site: https://support.nokia.com/
Email: tac.support@nokia.com
Americas Europe
Voice: 1-888-361-5030 or

Fax: 1-613-271-8782 Fax: +44 (0) 125-286-5666
Asia-Pacific
Voice: +65-67232999
Fax: +65-67232897

313 Fairchild Drive
Mountain View, CA 94043-2215
USA

Nokia House, Summit Avenue
Southwood, Farnborough
Hampshire GU14 ONG UK

#07-00 Alexandra Technopark
Singapore 119968

1-613-271-6721

Tel: 1-877-997-9199
Outside USA and Canada: +1 512-437-7089
email: ipsecurity.na@nokia.com

Tel: UK: +44 161 601 8908
Tel: France: +33 170 708 166
email: ipsecurity.emea@nokia.com

Tel: +65 6588 3364
email: ipsecurity.apac@nokia.com

Voice: +44 (0) 125-286-8900

050113

Nokia IP01200 Series Security Platform Installation Guide 3

4 Nokia IP1200 Series Security Platform Installation Guide

IP1220

IP1260

www.anatel.gov.br

Contents

About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

In This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Conventions This Guide Uses . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Text Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

About the Nokia IP
About the Nokia IP

Managing the Nokia IP1200 Series Security Platform. . . . . . . . . . 22

Nokia IP1200 Series Security Platform Overview . . . . . . . . . . . . . 24

Ethernet Management Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

PMC Expansio n Slo ts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Serial (AUX) Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

System Statu s LE Ds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Hard Disk Drives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Disk Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Hard-Disk Drive Hot Swap Feature . . . . . . . . . . . . . . . . . . . . . 31

Hard-Disk Drive LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Power Supplies and Fan Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Power Supplies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Fan Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Site Requirements, Warnings, and Cautions. . . . . . . . . . . . . . . . . 36

Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

01200 Series Security Platform . . . . . . . . . . . . 19

01200 Series Diskless Security Platform s . . . . 21

Nokia IP1200 Series Security Platform Installation Guide 5

2 Performing the Initial Configuration . . . . . . . . . . . . . . . . . . . . . 39

Using a Console Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Connecting Power and Turning the Power On. . . . . . . . . . . . . . . . 42

Performing the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . 44

Connecting Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Using Nokia Network Voyager to Manage Your Security Platform 47

Accessing Nokia Network Voyager Reference Informat ion. . . . . 48

Nokia Network Voyager Reference Guide . . . . . . . . . . . . . . . . 49

Nokia Network Voyager Inline Help . . . . . . . . . . . . . . . . . . . . . 49

Using Nokia Network Voyager to Monitor a Nokia IP1200 Series Se-

curity Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Using the Command-Line Interface to Manage

Your Security Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Using Nokia Horizon Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

3 Installing the Nokia IP1200 Series Security Platform . . . . . . . 53

Rack Mounting the Security Platform . . . . . . . . . . . . . . . . . . . . . . . 53

Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

4 Installing and Replacing Network Interface Cards . . . . . . . . . 61

Removing, Installing, and Replacing NICs. . . . . . . . . . . . . . . . . . . 62

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Configuring and Activating Interfaces . . . . . . . . . . . . . . . . . . . . . . 70

Monitoring N etw o rk Interface C a rd s. . . . . . . . . . . . . . . . . . . . . . . . 71

5 Connecting PMC Network Interface Cards . . . . . . . . . . . . . . . . 73

Four-Port and Dual-Port 10/100 Ethernet NICs. . . . . . . . . . . . . . . 75

10/100 Ethernet NIC Features . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Ethernet NIC Connectors and Cables. . . . . . . . . . . . . . . . . . . . . 77

Dual-Port Fiber-Optic Gigabit Ethernet NIC . . . . . . . . . . . . . . . . . . 78

Fiber-Optic Gigabit Ethernet NIC Features. . . . . . . . . . . . . . . . . 79

6 Nokia IP1200 Series Security Platform Installation Guide

Fiber-Optic Gigabit Ethernet NIC Connectors and Cables . . . . . 80

Dual-Port Copper Gigabit Ethernet NIC. . . . . . . . . . . . . . . . . . . . . 80

Performance Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Copper Gigabit Ethernet NIC Features. . . . . . . . . . . . . . . . . . . . 81

Dual-Port Copper Gigabit Ethernet NIC Connectors and Cables 83

6 Using the Boot Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

Viewing the Variables and Other System Parameters . . . . . . . . 89

printenv. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

sysinfo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

ls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Setting the Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

setenv. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

unsetenv. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

set-defaults. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

setalias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

unsetalias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Other commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

halt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Booting the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Using the Boot Manager to Install Nokia IPSO . . . . . . . . . . . . . . . 95

Protecting the Boot Manager with a Password . . . . . . . . . . . . . . . 96

Installing the Boot Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Upgrading the Boot Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

7 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

General Troubleshooting Information. . . . . . . . . . . . . . . . . . . . . . . 99

8 Installing and Replacing Other Components . . . . . . . . . . . . . 107

Replacing a Hard Disk Drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

Disk Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Nokia IP1200 Series Security Platform Installation Guide 7

Hard Disk Drive Hot Swap Feature. . . . . . . . . . . . . . . . . . . . . . 109

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Removing and Replacing a Hard Disk Drive . . . . . . . . . . . . . 111

Replacing the Compact Flash Memory Card. . . . . . . . . . . . . . . . 116

Replacing or Upgrading Memory . . . . . . . . . . . . . . . . . . . . . . . . . 120

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Installing a Nokia Encryption Accelerator Card . . . . . . . . . . . . . . 126

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Configuring Software to Use Hardware Accelerat ion . . . . . . . . 131

Installing a Fan Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Installing or Replacing a Power Supply . . . . . . . . . . . . . . . . . . . . 133

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Monitoring the Nokia IP1200 Series Security Platform Power Supply.
136

Replacing the Compact Flash Memory Card. . . . . . . . . . . . . . . . 136

Replacing Motherboard Batteries. . . . . . . . . . . . . . . . . . . . . . . . . 138

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

9 Installing PC Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Installing a Fla s h -M e mory PC Card . . . . . . . . . . . . . . . . . . . . . 144

Storing System Logs on the Flash-Memory PC Card. . . . . . . . 144

Disabling PC Cards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Transferring Files with the Flash-Memory PC Card . . . . . . . . . 146

A Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Space Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

B Compliance Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Declaration of Conformity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Compliance Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

FCC Notice (US) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

8 Nokia IP1200 Series Security Platform Installation Guide

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Nokia IP1200 Series Security Platform Installation Guide 9

10 Nokia IP1200 Series Security Platform Installation Guide

Figures

Figure 1 Component Locations Front View . . . . . . . . . . . . . . . . . 24

Figure 2 Ethernet Management Ports Details . . . . . . . . . . . . . . . 25

Figure 3 Pin Assignments for Console Connection . . . . . . . . . . . 27

Figure 4 Pin Assignments for Modem Connection . . . . . . . . . . . 28

Figure 5 Nokia IP1200 Series Security Platform System Status

LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Figure 6 Hard-Disk Drive Front Panel . . . . . . . . . . . . . . . . . . . . . 31

Figure 7 Power Supply and Fan Unit Locations . . . . . . . . . . . . . 33

Figure 8 Power Supply, Cooling Fan, and Power Switch Locations .

34

Figure 9 P o w er S w it ch Location . . . . . . . . . . . . . . . . . . . . . . . . . 42

Figure 10 Nokia Network Voyager Reference Access Points

Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Figure 11 Rack-Mounting Screw Locations . . . . . . . . . . . . . . . . . 54

Figure 12 Four-Port 10/100 Ethernet NIC Front Panel Details . . 76
Figure 13 Dual-Port 10/100 Ethernet NIC Front Panel Details . . 76

Figure 14 Output Connector for the Ethernet Cable . . . . . . . . . . 77

Figure 15 Ethernet Crossover-Cable Pin Connections . . . . . . . . 78

Figure 16 Dual-Port Fiber-Optic Gigabit Ethernet NIC Front Panel

Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Figure 17 Dual-Port Copper Gigabit Ethernet NIC Front Panel

Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

Figure 18 Ethernet Cable Connector Output Pin Assignments . . 84

Nokia IP1200 Series Security Platform Installation Guide 11

Figure 19 Ethernet Crossover Cable Pin Connections . . . . . . . . 85

Figure 20 Location of Hard Disk Drives . . . . . . . . . . . . . . . . . . 108

Figure 21 DIMM Socket Locations . . . . . . . . . . . . . . . . . . . . . . 121

12 Nokia IP1200 Series Security Platform Installation Guide

Tables

Table 1 Text Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Table 2 Nokia IP1200 Series Security Platform Specifics . . . . . . 20

Table 3 PMC Expansion Slots . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Table 4 System Status LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Table 5 Hard-Disk Drive LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Table 6 Power Supply Status LEDs . . . . . . . . . . . . . . . . . . . . . . 34

Table 7 NIC PCI Frequency . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Table 8 Boot Manager Variables . . . . . . . . . . . . . . . . . . . . . . . . . 98

Nokia IP1200 Series Security Platform Installation Guide 13

14 Nokia IP1200 Series Security Platform Installation Guide

About this Guide

This manual provides information for the installation and use of the Nokia
IP1200 Series Security Platforms. Installation and maintenance should be
performed by experienced technicians or Nokia-approved service providers
only.

This preface provides the following information:

 In This Gu ide
 Conven tions This Guide Uses
 Related Documentation

In This Guide

This guide is organized into the following chapters and appendixes:

 Chapter 1, “Overview” presents a general overview of the Nokia IP1200

Series Security Platform.

 Chapter 2, “Performing the Initial Configuration” describes how to

physically connect it to a network and to a po wer so urce and ho w to make
the security platform available on the network.

 Chapter 3, “Installing the Nokia IP1200 Series Security Platform”

describes how to install the Nokia IP1200 Series security platform.

 Chapter 4, “Installing and Replacing Network Interface Cards” describes

how to install, monitor, and replace network interface cards (NICs).

Nokia IP1200 Series Security Platform Installation Guide 15

About this Guide

 Chapter 5, “Connecting PMC Net wor k I nte rf ace Cards” descri bes how to

connect to and use each of the supported NICs.

 Chapter 6, “Using the Boot Manager” describes how to use the boot

manager, which is part of the IPSO software.

 Chapter 7, “Troubleshooting” discusses problems you might encounter

and proposes solutions to these problems.

 Chapter 8, “Installing and Replacing Other Components” describes how

to install or replace memory, hard disk drives, and power supplies.

 Appendix A, “Technical Sp ecifica tions ” pr ovides te chnica l spec ific ation s

such as interface characteristics.

 Appendix B, “Compliance Information” provides compliance and

regulatory informatio n.

Conventions This Guide Uses

The following sections describe the conventions this guide uses, including
notices, text conventions, and command-line conventions.

Notices

Warning

Warnings advise the user that either bodily injury might occur because of
a physical hazard, or that damage to a structure, such as a room or
equipment closet, might occur because of equipment damage.

Caution

Cautions indicate potential equipment damage, equipment
malfunction, loss of performance, loss of data, or interruption of
service.

16 Nokia IP1200 Series Security Platform Installation Guide

Note

Notes provide information of special interest or recommendations.

Text Conventions

Table 1 describes the text conventions this guide uses.

Table 1 Text Conventions

Convention Description

Conventions This Guide Uses

monospace font

Indicates command syntax, or represents computer or screen
output, for example:

Log error 12453

bold monospace font

Indicates text you enter or type, for example:

# configure nat

Key names Keys that you press simultaneously are linked by a plus sign (+):

Press Ctrl + Alt + Del.

Menu commands Menu commands are separated by a greater than sign (>):

Choose File > Open.

The words enter and type Enter indicates that you type something and then press the

Return or Enter key.
Do not press the Return or Enter key when an instruction says

type.

Italics

• Emphasizes a point or denotes new terms at the place where
they are defined in the text.

• Indicates an external book title reference.

• Indicates a variable in a command:

delete interface

if_name

Nokia IP1200 Series Security Platform Installation Guide 17

About this Guide

Related Documentation

You can find this guide in PDF on the Nokia support Web site (https://

support.nokia.com/) and on the Nokia IPSO Operating System CD-ROM

issued with your Nokia IP1200 Series Security Platform.
In addition to this guide, documentation for this product includes the

following:

 Getting Started Guide and Release Notes for the version of Nokia IPSO

you are using

 Nokia Network Voyager Reference Guide
 Nokia Network Voyager inline help
 Nokia IP Security Platform Quick Setup Guide
 Clustering Configuration Guide for the version of IPSO you are using
 IPSO Boot Manager Reference Guide

You can access the Network Voyager inline help and the Nokia Network
Voyager Reference Guide from the Network Voyager application.

To access inline help for a specific subject, click Help next to the subject.
To access the Nokia Network Voyager Reference Guide for tasks, examples,

and more information, click Doc.
Check Point documentation is available from the Check Point Web site at

www.checkpoint.com.

18 Nokia IP1200 Series Security Platform Installation Guide

1 Overview

This chapter provides an overview of the Nokia IP1200 Series Security
Platform and the requirements for its use. The following topics are covered:

 About the Nokia IP1200 Series Security Platform
 Managing the Nokia IP1200 Series Security Platform
 Nokia IP1200 Series Security Platform Overview
 Site Requirements, Warnings, and Cautions
 Software Requirements

About the Nokia IP1200 Series Security Platform

The Nokia IP1200 Series Securi t y Pla tf orm combi nes the power of the Nokia
IPSO operating system with the Nokia Secure Access System and firewall
applications. The Nokia IP1260 Security Platform is a high-end, multi port
security platform that is ideally suited for the enterprise data center. The
Nokia IP1220 Security Platform is a mid-range security platform that is
ideally suited for a smal ler data ce nter. Both IP1200 Series Security Platforms
support an encryption accelerator card to further enhance VPN performance.

Table 2 presents specifics about the Nokia IP1200 Series Security Platforms.

Nokia IP1200 Series Security Platform Installation Guide 19

1 Overview

Table 2 Nokia IP1200 Series Security Platform Specifics

IP Security
Platform IPSO Version Software

IP1260 v3.7 or later Check Point NG FP3 (hf2)

Nokia Secure Access System
v1.02 or later

IP1220 v3.8 or later Check Point NG with

Application Intelligence R55

The IP1200 Series is a two-rac k unit app lianc e that in corpor ates a se rvice able
slide-out tray in to the c hassi s desig n. The front panel of the I P1200 S eries has
two I/O slots that support hot-swapping operations. A PMC carrier is
provided for the I/O slots. Each PMC carrier supports two PMC network
interface cards (NICs) for a total of four NICs. These network interfaces
provide exceptional data forwarding and monitoring performance when used
with Nokia and partner appl ication s. The front panel of the IP120 0 Series also
contains:

 two storage device slots
 two PCMCIA slots
 a console port
 a serial port
 a four-port Ethernet management inter fa ce

Initial Memory
Configuration

1GB 2GB

512 MB 1 GB

Upgradeable
RAM

The network interfaces in the external PMC slot are designated for
management, monitoring, and high-availability traffic. Partner application
and operating system storage is provided on mirrored hard disks in the two
storage device slots.

The IP1200 Series is designed to meet other mid- to high-end availability
requirements, including port density for connections to redundant internal,
external, DMZ, and management networks. In addition, the IP1200 Series

20 Nokia IP1200 Series Security Platform Installation Guide

About the Nokia IP1200 Series Diskless Security Platforms

provides redundant power supp lies, N + 1 cooling , and hot swapping fr om the
storage and PMC NIC slots.

As a network device, the IP1200 Series supports a comprehensive suite of IP­routing functions and protocols, including:

 RIPv1/RIPv2
 IGRP
 OSPF
 BGP4 for unicast traffic
 DVMRP fo r multicast tra ffic

The integrated router functionality eliminates the need for separate intranet
and access routers in security applications.

About the Nokia IP01200 Series Diskless Security
Platforms

This section provides information on Nokia IP1200 Series diskless security
platforms. Table 3 provides information on the size of RAM and compact
flash in a Nokia IP1200 Series security platform.

Table 3 Nokia IP1200 Series - RAM and compact flash sizes

Security Platform RAM Compact Flash

Nokia IP1220 1 GB or 2 GB 512 MB, 1 GB
Nokia IP1260 1 GB or 2 GB 512 MB, 1 GB

Note

The IP1220 and IP1260 model numbers are used for both disk-based
IPSO and diskless IPSO.

Nokia IP1200 Series Security Platform Installation Guide 21

1 Overview

For information on how to configure the Nokia IP1200 diskless security
platforms, see the Nokia IP1200 Security Platform Diskless Configuration

Guide.

Managing the Nokia IP1200 Series Security Platform

You can manage the Nokia IP1200 Series Security Platform by using the
following interfaces:

 Nokia Network Voyager—an SSL-secured, Web-based element

management interface to Nokia IP s ecurity pla tforms. Network Voyager is
preinstalled on the IP12 00 Series and enabled thr ough the IPSO oper ating
system. With Network Voyager, you can manage, monitor, and configure
the IP1200 Series from any authorized location within the network by
using a standard Web browser. Use one of the four Ethernet management
ports to access the Network Voyager interface.

For information about how to access Network Voyager and the related
reference materials, see “Using Nokia Network Voyager to Manage Your

Security Platform” on page 47.

 The IPSO command-line interface (CLI)—an SSHv2-secured interface

that enables you to easily configure Nokia IP security platforms from the
command line. Everything that you can accomplish with Network
Voyager—manage, monitor, and configure the IP1200 Series—you can
also do with the CLI.

For information about how to access the CLI, see the Nokia CLI
Reference Guide for IPSO v3.6 or later.

 Nokia Horizon Manager—a secure GUI-based softwar e image

management application. With Horizon Manager, you can securely ins tall
and upgrade the No kia pr oprietary IPSO operat ing system, plus hardware
and third-party applications such as Check Point VPN-1/FireWall-1 for
Nokia. Horizon Manager can perfor m inst al la tions and upgrades on up to

22 Nokia IP1200 Series Security Platform Installation Guide

Managing the Nokia IP1200 Series Security Platform

2,500 Nokia IP security platforms, offering administrators the most rapid
and dependable upgrade to Check Point NG.

For information about how to obtain Horizon Manager, contact your
Nokia solution provider or see the “Nokia Contact Information” on page

3.

Nokia IP1200 Series Security Platform Installation Guide 23

1 Overview

Nokia IP1200 Series Security Platform Overv ie w

Figure 1 shows the component locat io ns for the Noki a IP1200 Series Securi ty

Platform.

Figure 1 Component Locations Front View

Hard disk drive A
Hard disk drive B

Console port

System status LEDs

Grounding plug

Serial (AUX) port

Dual 6U PMC carrier
expansion slots 1 and 2

00307a.2

PCMCIA slots Ethernet management

ports (slot 3)

24 Nokia IP1200 Series Security Platform Installation Guide

Ethernet Management Ports

The Ethernet management ports are located in slot 3. Figure 2 shows the
layout of the Ethernet management ports and link LEDs. The top link LED
represents the left-most port (port 1). The remaining LEDs represent the
remaining ports from top to bottom and left to right.

Note

The Ethernet management ports are intended for management purposes.
These ports do not provide the same performance as Ethernet cards in
the PMC slots.

Figure 2 Ethernet Management Ports Details

LInk LEDs (green)

Port 1 Port 2 Port 3 Port 4

Nokia IP1200 Series Security Platform Overview

00120a

RJ-45 connectors

Caution

Cables that connect to the Ethernet card must be IEEE 802.3
compliant to prevent potential data loss.

PMC Expansion Slots

The IP1200 Series uses two 6U dual PMC carriers in slot 1 and slot 2 to
provide up to four expansion subslots for the NICs listed in Table 4.

Nokia IP1200 Series Security Platform Installation Guide 25

1 Overview

Table 4 PMC Expansion Slots

Interface For details, see...

Four-port Ethernet
(10 or 100 Mbps)

Dual-port Ethernet
(10 or 100 Mbps)

Dual-port fiber-optic
Gigabit Ethe rnet

Dual-port copper Gigabit
Ethernet (10/100/1000
Mbps)

“Four-Port and Dual-Port
10/100 Ethernet NICs”

on page 75

“Four-Port and Dual-Port
10/100 Ethernet NICs”

on page 75

“Dual-Port Fiber-Optic
Gigabit Ethernet NIC” on

page 78

“Dual-Port Copper
Gigabit Ethernet NIC” on

page 80

Note

Nokia products only support NICs purchased from Nokia or Nokia­approved resellers. The Nokia Global Support Services group can only
provide support for Nokia products that use Nokia-approved accessories.
For sales or reseller information, contact a Nokia service provider listed in
the “Nokia Contact Information” on page 3.

Console Port

Use the built-in console port, shown in Figure 1, to supply information that
makes the appliance available on the network. Figure 3 provides pin
assignment information for console connections. If you need to access the
devices locally, you must use the console port.

26 Nokia IP1200 Series Security Platform Installation Guide

Nokia IP1200 Series Security Platform Overview

Figure 3 Pin Assignments for Console Connection

Pin Assignment Input/Output

1 DCD Input

1

Serial (AUX) Port

Use the built-in serial (AUX) port, shown in Figure 1, to establish a modem
connection for managing the appliance remotely or out-of-Band. Figure 4
provides pin assignment information for modem connections.

5

69

700001

2RXD Input
3TXD Output
4DTR Output
5GND
6DSR Input
7RTS Output
8CTS Input

9

DTR Output

Nokia IP1200 Series Security Platform Installation Guide 27

1 Overview

Figure 4 Pin Assignments for Modem Connection

1

69

Pin Input/Output

1 (DCD) Input 8 (DCD) 7 (RTS)

2 (RXD) Input 2 (TXD) 3 (TXD)
3 (TXD) Output 3 (RXD) 2 (RXD
4 (DTR) Output 20 (DTR) 6 (DSR)

5 (GND) 7 (GND) 5 (GND)
6 (DSR) Input 6 (DSR) 4 (DTR)
7 (RTS) Output 4 (RTS) 1 (DCD)
8 (CTS) Input 5 (CTS) 1 (DCD)
9 (RI) Output 22 (RI) 4 (DTR)

5

700001

To DB25
Cable Out

To DB9
Cable Out

8 (CTS)

9 (RI)

System Status LEDs

You can visually monitor the status of the Nokia IP1200 Series Security
Platform by checking the system status LEDs. The system status LEDs are
located on the center of the front panel, as shown in Figure 5.

28 Nokia IP1200 Series Security Platform Installation Guide

Nokia IP1200 Series Security Platform Overview

Figure 5 Nokia IP1200 Series Security Platform System Status LEDs

Power/Status

M

O

M

C

D

S

E

P

O

I

N

T

O

G

R

O

N

D

N

U

Warning

Fault

00307d

Table 5 shows the system status LEDs and describes their meaning.

T a ble 5 System Status LEDs

Status Indicator Meaning Symbol

Solid blue Power on

Solid yellow Appliance is experiencing an

internal voltage problem.

!

Blinking yellow Appliance is experiencing a

temperature problem.

!

Solid red One or more fans are not

operating properly.

The location and meaning of the status LEDs for the installed network
interface cards (NICs) is described in Chapter 5, “Connecting PMC Network

Interface Cards.”

Nokia IP1200 Series Security Platform Installation Guide 29

1 Overview

Note

The symbols in Table 3 are visibly only if there is an alarm condition, as
specified.

Hard Disk Drives

The Nokia IP1200 Series Security Platform supports up to two hard disk
drives. The IP1260 comes with two hard disk drives as the standard package.
The IP1220 comes with one hard disk drive; a second one is optional. The
hard disk drive s support hot swappi ng, an d an opti onal dis k-mirrori ng feat ure,
described in the following section.

Disk Mirroring

The Nokia disk-mirroring feature provides fault tolerance by allowing the
IP1200 Series to continue working in the event of a disk failure. You can
create mirror sets that consist of a source hard disk drive (which holds the
active copy of the operating system) and mirror hard disk drive. The mirror
hard disk drive cont ains a cop y of all of the files on t he source hard disk dr ive,
and if the source hard disk drive fails, the mirror hard disk drive immediately
takes over. The IP1200 Series continues to operate normally, and the
switchover to the secondary mirror drive should be transparent to your data
connections.

You can use Nokia Network Voyager, the command-line interface (CLI), or
Lynx to create and delete mirror sets.

Note

If your IP1200 Series contains two hard disk drives when you receive it,
the disk-mirroring feature is already enabled.
The IP1200 series diskless security platforms do not suppo rt dis k
mirroring.

30 Nokia IP1200 Series Security Platform Installation Guide