Nokia IP290 - Security Appliance Installation Manual

Part No. N450000746 Rev 001

Published August 2008

Nokia IP290 Security Platform

Installation Guide

2 Nokia IP290 Security Platform Installation Guide

COPYRIGHT

©2008 Nokia. All rights reserved.
Rights reserved under the copyright laws of the United States.

RESTRICTED RIGHTS LEGEND

Use, duplication, or disclosure by the United States Government is subject to restrictions as set forth in subparagraph
(c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013.

Notwithstanding any other license agreement that may pertain to, or accompany the delivery of, this computer software,
the rights of the United States Government regarding its use, reproduction, and disclosure are as set forth in the
Commercial Computer Software-Restricted Rights clause at FAR 52.227-19.

IMPORTANT NOTE TO USERS

This software and hardware is provided by Nokia Inc. as is and any express or implied warranties, including, but not
limited to, implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall
Nokia, or its affiliates, subsidiaries or suppliers be liable for any direct, indirect, incidental, special, exemplary, or
consequential damages (including, but not limited to, procurement of substitute goods or services; loss of use, data, or
profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort
(including negligence or otherwise) arising in any way out of the use of this software, even if advised of the possibility of
such damage.

Nokia reserves the right to make changes without further notice to any products herein.

TRADEMARKS

Nokia is a registered trademark of Nokia Corporation. Other products mentioned in this document are trademarks or
registered trademarks of their respective holders.

080101

Nokia IP290 Security Platform Installation Guide 3

Nokia Contact Information

Corporate Headquarters

Regional Contact Information

Nokia Customer Support

Web Site http://www.nokia.com

Telephone 1-888-477-4566 or

1-650-625-2000

Fax 1-650-691-2170

Mail
Address

Nokia Inc.
313 Fairchild Drive
Mountain View, California
94043-2215 USA

Americas Nokia Inc.

313 Fairchild Drive
Mountain View, CA 94043-2215
USA

Tel: 1-877-997-9199
Outside USA and Canada: +1 512-437-7089
email: info.ipnetworking_americas@nokia.com

Europe, Mid­dle East, and
Africa

Nokia House, Summit Avenue
Southwood, Farnborough
Hampshire GU14 ONG UK

Tel: UK: +44 161 601 8908
Tel: France: +33 170 708 166
email: info.ipnetworking_emea@nokia.com

Asia-Pacific 438B Alexandra Road

#07-00 Alexandra Technopark
Singapore 119968

Tel: +65 6588 3364
email: info.ipnetworking_apac@nokia.com

Web Site: https://support.nokia.com/

Email: tac.support@nokia.com

Americas Europe

Voi ce: 1-888-361-5030 or

1-613-271-6721

Voi ce: +44 (0) 125-286-8900

Fax: 1-613-271-8782 Fax: +44 (0) 125-286-5666

Asia-Pacific

Voi ce: +65-67232999

Fax: +65-67232897

050602

4 Nokia IP290 Security Platform Installation Guide

Nokia IP290 Security Platform Installation Guide 5

Contents

About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

In This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Conventions This Guide Uses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Command-Line Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Text Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

About the Nokia IP290 Security Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Nokia IP290 Appliance Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Built-in Gigabit Ethernet Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Auxiliary Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

System Status LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Site Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Product Disposal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Safety Warnings and Cautions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Managing Nokia IP290 Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

2 Installing the Nokia IP290 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Removing the Securing Screws . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Rack Mounting a Single Nokia IP290 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Rack Mounting Two Nokia IP290 Appliances Side-by-Side. . . . . . . . . . . . . . . . . . . 26

3 Performing the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Connecting to the Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Connecting Power and Turning the Power On. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Performing the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Connecting Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Using Nokia Network Voyager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Viewing Nokia IPSO Documentation by Using

Nokia Network Voyager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Using the Command-Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Using Nokia Horizon Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

6 Nokia IP290 Security Platform Installation Guide

4 About IP290 Appliance Network Interface Cards . . . . . . . . . . . . . . . . . . . . . . . . 39

Two-Port Copper Gigabit Ethernet NIC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Copper Gigabit Ethernet NIC Features in the IP290 . . . . . . . . . . . . . . . . . . . . . . 40

Copper Gigabit Ethernet NIC Connectors and Cables. . . . . . . . . . . . . . . . . . . . . 41

Two-Port Fiber-Optic Gigabit Ethernet NICs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Fiber-Optic Gigabit Ethernet NIC Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Fiber-Optic Gigabit Ethernet NIC Connectors and Cables. . . . . . . . . . . . . . . . . . 43

5 Installing and Replacing Network Interface Cards . . . . . . . . . . . . . . . . . . . . . . . 45

Deactivating Configured Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Installing NICs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Configuring and Activating Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Monitoring Network Interface Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

6 Installing and Replacing Components Other than Network Interface Cards . . 53

Installing a Hard-Disk Drive. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Replacing or Upgrading Memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Replacing a Nokia Encryption Accelerator Card . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Configuring Software to Use Hardware Acceleration. . . . . . . . . . . . . . . . . . . . . . 64

Replacing the Battery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

7 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

General Troubleshooting Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

A Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Physical Dimensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Space Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Other Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

B Compliance Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Declaration of Conformity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Compliance Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

FCC Notice (US) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Nokia IP290 Security Platform Installation Guide 7

Tables

Table 1 Command-Line Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Table 2 Text Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Table 3 Appliance Status LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Table 4 NIC PCI Frequency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

8 Nokia IP290 Security Platform Installation Guide

Nokia IP290 Security Platform Installation Guide 9

Figures

Figure 1 Component Locations Front View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Figure 2 Component Locations Rear View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Figure 3 Built-In Gigabit Ethernet Interface Front Panel Details . . . . . . . . . . . . . 17

Figure 4 Appliance Status LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Figure 5 Removing the Shipping Screw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Figure 6 Installing the Mounting Brackets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Figure 7 Single Appliance Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Figure 8 Power Switch Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Figure 9 Nokia Network Voyager Reference Access Points . . . . . . . . . . . . . . . . 37

Figure 10 Two-Port Copper Gigabit Ethernet NIC Front Panel . . . . . . . . . . . . . . 40

Figure 11 Gigabit Ethernet Cable Connector Pin Assignments . . . . . . . . . . . . . 41

Figure 12 Gigabit Ethernet Crossover Cable Pin Connections . . . . . . . . . . . . . . 42

Figure 13 PMC Two-Port Short-Range Gigabit Ethernet NIC . . . . . . . . . . . . . . . 43

Figure 14 PMC Two-Port Long-Range Gigabit Ethernet NIC . . . . . . . . . . . . . . . 43

Figure 15 DIMM Socket Locations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

10 Nokia IP290 Security Platform Installation Guide

Nokia IP290 Security Platform Installation Guide 11

About this Guide

This guide describes how to install and use the Nokia IP290 security platform. Installation and
maintenance should be performed by experienced technicians or Nokia-approved service
providers only.

This preface provides the following information:

 In This Guide

 Conventions This Guide Uses

 Related Documentation

In This Guide

This guide is organized into the following chapters and appendixes:

 Chapter 1, “Overview” provides a general overview of the Nokia IP290 appliance.

 Chapter 2, “Installing the Nokia IP290 Appliance” describes how to rack mount the

appliance and how to physically connect it to a network and power.

 Chapter 3, “Performing the Initial Configuration” describes how to make the appliance

available on the network.

 Chapter 4, “About IP290 Appliance Network Interface Cards” describes how to connect to

the supported Ethernet ports.

 Chapter 5, “Installing and Replacing Network Interface Cards” describes how to install and

replace NICs in your Nokia IP290 appliance.

 Chapter 6, “Installing and Replacing Components Other than Network Interface Cards”

describes how to install components other than NICs in your Nokia IP290 appliance.

 Chapter 7, “Troubleshooting” describes problems you might encounter and proposes

solutions to these problems.

 Appendix A, “Technical Specifications” provides technical specifications such as interface

characteristics.

 Appendix B, “Compliance Information” provides compliance and regulatory information.

About this Guide

12 Nokia IP290 Security Platform Installation Guide

Conventions This Guide Uses

The following sections describe the conventions this guide uses, including notices, text
conventions, and command-line conventions.

Notices

Warnings advise the user that bodily injury might occur because of a physical hazard.
Cautions indicate potential equipment damage, equipment malfunction, loss of
performance, loss of data, or interruption of service.
Notes provide information of special interest or recommendations.

Command-Line Conventions

Table 1 describes the elements of commands that are available in Nokia business security

products. You might encounter one or more of the following elements in a command-line path.

Table 1 Command-Line Conventions

Convention Description

command A user-generated instruction typically sent using a console

or terminal. The command statement and its associated
syntax must be entered exactly as shown in lowercase
letters.

italics Indicates a variable in a command that you must supply. For

example:

delete interface if_name

Supply an interface name in place of the variable. For
example:

delete interface nic1

angle brackets < > Indicates arguments for which you must supply a value:

retry-limit <1–100>

Supply a value. For example:

retry-limit 60

-flag A flag is usually an abbreviation for a function, menu, or
option name, or for a compiler or preprocessor argument.
You must enter a flag exactly as shown, including the
preceding hyphen.

Related Documentation

Nokia IP290 Security Platform Installation Guide 13

Text Conventions

Table 2 describes the text conventions this guide uses.

Related Documentation

You can find this guide in PDF on the Nokia support Web site (https:// support.nokia.com/) and
on the Nokia IPSO operating system CD-ROM issued with your Nokia IP290 security platform.

.ext A filename extension, such as .ext, might follow a variable

that represents a filename. Type this extension exactly as
shown, immediately after the name of the file. The extension
might be optional in certain products.

( . , ; + * - / ) Punctuation and mathematical notations are literal symbols

that you must enter exactly as shown.

Table 1 Command-Line Conventions (continued)

Convention Description

Table 2 Text Conventions

Convention Description

monospace font

Indicates command syntax, or represents computer or
screen output, for example:

Log error 12453

bold monospace font Indicates text you enter or type, for example:

# configure nat

Key names Keys that you press simultaneously are linked by a

plus sign (+):
Press Ctrl + Alt + Del.

Menu commands Menu commands are separated by a greater than

sign (>):
Choose File > Open.

The words enter and type Enter indicates you type something and then press

the Return or Enter key.
Do not press the Return or Enter key when an

instruction says type.

Italics

• Emphasizes a point or denotes new terms at the
place where they are defined in the text.

• Indicates an external book title reference.

• Indicates a variable in a command:

delete interface

if_name

1 About this Guide

14 Nokia IP290 Security Platform Installation Guide

In addition to this guide and other documents shipped with your appliance, documentation for
this product includes the following:

 Nokia Network Voyager Reference Guide for the version of Nokia IPSO you are using

 CLI Reference Guide for the version of Nokia IPSO you are using

 Getting Started Guide and Release Notes for the version of Nokia IPSO you are using

 Nokia IPSO Boot Manager Reference Guide, which describes how to use the Nokia IPSO

boot manager

 Clustering Configuration Guide for the version of Nokia IPSO you are using

 Nokia Network Voyager inline help

You can find the most up-to-date version of the Nokia IP290 Security Platform Installation
Guide in PDF on the Nokia support site (https://support.nokia.com). You can access inline help,

the Nokia Network Voyager Reference Guide, and the CLI Reference Guide from Nokia Network
Voyager.

Check Point documentation is available from the Check Point Web site at: http://

www.checkpoint.com/

060306

Nokia IP290 Security Platform Installation Guide 15

1 Overview

This chapter provides an overview of the Nokia IP290 security platform and the requirements
for using the appliances. The following topics are covered:

 About the Nokia IP290 Security Platform on page 15

 Nokia IP290 Appliance Overview on page 15

 System Status LEDs on page 18

 Site Requirements on page 19

 Product Disposal on page 19

 Safety Warnings and Cautions on page 20

 Managing Nokia IP290 Appliances on page 20

About the Nokia IP290 Security Platform

The Nokia IP290 security platform combines the power of Nokia IPSO software with your
choice of firewall and VPN applications.

The IP290 appliances are ideally suited for growing companies and satellite offices that want
high-performance IP routing combined with the industry-leading Check Point VPN-1/
FireWall-1 enterprise security suite. The small size of the IP290 appliances makes them ideal for
installations that need to conserve space.

As network devices, the IP290 appliances support a comprehensive suite of IP-routing functions
and protocols. The integrated router functionality eliminates the need for separate intranet and
access routers in security applications.

For more information and technical specifications, see Appendix A, “Technical Specifications.”.

Nokia IP290 Appliance Overview

The following figures show component locations for Nokia IP290 appliances.

1 Overview

16 Nokia IP290 Security Platform Installation Guide

Figure 1 Component Locations Front View

Figure 2 Component Locations Rear View

Built-in Gigabit Ethernet Ports

Figure 3 shows the layout of the six built-in 10/100/1000 Ethernet ports and their LEDs.

00557

IP290

STATUS

SLOT 1 AUX

RESET

1000BaseT

135

246

CONSOLE

POWER FAULT

LINK

ACT

LINK

ACT

Built-in Gigabit
Ethernet ports
(10/100/1000 Mbps)

Status LEDs

Auxiliary (AUX) port

PMC slot 1

Reset switch

Console port

00558

Power plug

Power switch

Fan vent

Nokia IP290 Appliance Overview

Nokia IP290 Security Platform Installation Guide 17

Figure 3 Built-In Gigabit Ethernet Interface Front Panel Details

Note

The Link LED is bicolored. A green LED indicates a 1 Gbps link speed, and an orange LED
indicates a 10/100 Mbps link speed.

Console Port

Use the built-in console port, shown in Figure 1, to make a local connection to the appliance and
to supply the initial configuration information that makes the appliance available on the
network.

For more information on how to make a console connection to the appliance, see “Connecting to

the Console Port” on page 31.

Caution

Nokia recommends that you use the console cable that was delivered with your
appliance for your console connection. Otherwise, ensure that the pin assignments for
your cable match those provided in.

Auxiliary Port

Use the built-in serial (AUX) port, shown in Figure 1, to establish a modem connection for
managing the appliance remotely or out-of-band. Use USB cables with a standard USB A-style
connector and pinout for the AUX port. For Nokia approved modem connections, you will need
a USB to RS232 adaptor.

135

246

00610

Link LED (green for 1000 Mbps or orange for 10/100 Mbps)

Activity LED (orange)

RJ-45 connectors

1 Overview

18 Nokia IP290 Security Platform Installation Guide

Note

The only modem approved for use with Nokia security appliances with USB AUX ports is the
Radicom model V92MB-U-E, and you must be using Nokia IPSO 6.1 or greater.

System Status LEDs

You can monitor the basic operation of Nokia IP290 appliances by checking their status LEDs.
The system status LEDs are located on the front panel of the appliance, as Figure 4 shows.

Figure 4 Appliance Status LEDs

Figure 3 describes the status conditions for each of the LEDs for all indications they might

display.

Table 3 Appliance Status LEDs

Indicator Color Description

Caution None (off)

Yellow (steady)

Yellow (blinking)

Normal

Initial boot flash activity
or
Internal voltage problem

Temperature fault

00557

IP290

STATUS

SLOT 1 AUX

RESET

1000BaseT

135

246

CONSOLE

POWER FAULT

LINK

ACT

LINK

ACT

Critical

Power or Status

Caution

Site Requirements

Nokia IP290 Security Platform Installation Guide 19

Site Requirements

Before you install a Nokia IP290 appliance, ensure that your computer room or wiring closet
conforms to the environmental specifications listed in Appendix A, “Technical Specifications.”

Product Disposal

At the end of its useful life, your appliance and all peripherals included with it, including power
cords and cables, must be disposed of in accordance with all applicable national, state, and local
laws and regulations. These devices contain materials and components that must be disposed of
properly. Therefore, to help prevent damage to the environment, Nokia encourages you to
dispose of these devices in an environmentally-friendly manner.

The following resources are available to you to help with equipment-disposal decisions:

 Many Nokia products are labeled with information about the materials used in their

manufacture that can help those who will process equipment after you have disposed of it.

 The Nokia web site (http://www.nokia.com) provides information about our environmental

programs and practices, which includes details about materials used in manufacturing and
end-of-life practices. You can also find your product’s Eco Declaration, which provides
basic information on the environmental attributes of the product covering material use,
packaging, disassembly, and recycling.

 Contact your local waste management agencies for guidelines specific to your area.

050930

Power or
Status

None (off)

Blue

Power off

Power on

Critical None (off)

Red

Normal

One or more fans are defective.

or

No recognizable boot device with a valid kernel found.

or

Kernel panic (followed in 20 seconds by CPU reset).

Table 3 Appliance Status LEDs (continued)

Indicator Color Description

The crossed-out wheeled bin means that within the European Union the product
must be taken to separate collection at the product end-of-life. This applies to your
device but also to any enhancements marked with this symbol. Do not dispose of
these products as unsorted municipal waste.

1 Overview

20 Nokia IP290 Security Platform Installation Guide

Safety Warnings and Cautions

Warning

To reduce the risk of fire, electric shock, and injury when you use telephone equipment,
follow basic safety precautions. Do not use the product near water.

Warning

Risk of explosion if battery is replaced by an incorrect type. Replace the battery only with the
same or equivalent type that the manufacturer recommends. Dispose of used batteries
according to the manufacturer's instructions.

Warning

To reduce the risk of fire, electric shock, and injury, disconnect the power cord and any
cables that connect to the appliance or gateway before you open the chassis and expose
internal components. Even though the power switch is turned off, power is still present inside
the appliance or gateway.

Caution

Do not place objects over the ventilation holes on the IP290 appliance. The
components might overheat and become damaged.

Caution

For IP290 appliances intended for shipment outside of the United States, the power
cord might not be included. If a power cord is not provided, use a power cord rated at
6A, 250V, maximum 15 feet long, made of HAR cordage and IEC fittings approved by
the country of end use.

Managing Nokia IP290 Appliances

You can manage Nokia IP290 appliances by using one of the following interfaces:

 Nokia Network Voyager—an SSL-secured, Web-based element management interface to

Nokia IP security platforms. Network Voyager is preinstalled on the IP290 appliance and
enabled through the IPSO operating system. With Network Voyager, you can manage,
monitor, and configure the IP290 appliance from any authorized location within the network
by using a standard Web browser.

For information about how to access Network Voyager and the related reference materials,
see “Using Nokia Network Voyager” on page 36.

 The Nokia IPSO command-line interface (CLI)—an SSHv2-secured interface that

enables you to configure Nokia IP security platforms from the command line.

Managing Nokia IP290 Appliances

Nokia IP290 Security Platform Installation Guide 21

Everything that you can accomplish with Nokia Voyager—to manage and configure the
IP290 appliance—you can also do with the CLI.

For information about how to access the CLI, see the Nokia CLI Reference Guide for the
version of IPSO you are using.

 Nokia Horizon Manager—a secure GUI-based software image management application.

With Horizon Manager, you can securely install and upgrade the proprietary Nokia IPSO
operating system, plus hardware and third-party applications such as Check Point
FireWall-1. Horizon Manager can perform installations and upgrades on up to 2,500 Nokia
IP security platforms, offering administrators the most rapid and dependable upgrade to
Check Point NG.

For information about how to obtain Horizon Manager, see “Nokia Contact Information” on
page 3.

1 Overview

22 Nokia IP290 Security Platform Installation Guide

Nokia IP290 Security Platform Installation Guide 23

2 Installing the Nokia IP290 Appliance

You can rack mount Nokia IP290 appliances in the following ways:

 A single appliance in a one-unit space (1U) or in a two-appliance shell with the second

appliance space covered by a filler panel.

 Two appliances in a 1U space in a two-appliance shell.

This section describes how to perform both of these installations.

Removing the Securing Screws

Before you rack mount your IP290, remove the screw from the back of the appliance as shown
in Figure 5. The screw is required only for shipping, and leaving it in prevents you from sliding
the chassis assembly tray out. If you have two appliances in a two-appliance shell, you need to
remove one screw from each appliance.

2 Installing the Nokia IP290 Appliance

24 Nokia IP290 Security Platform Installation Guide

Figure 5 Removing the Shipping Screw

Rack Mounting a Single Nokia IP290 Appliance

Before you mount the appliance on the rack, install the two side brackets with four screws on
each side as shown in Figure 6. The brackets and screws are included with the materials you
receive with the appliance.

Two mounting positions allow you to mount the appliance either flush with the rack (bracket
position A), or two inches forward of the rack (bracket position B).

00614a

IP290

STATUS

AUX

RESET

1

3

5

2

4

6

CONSOLE

POWER FAULT

1000BaseT

LINK

ACT

LINK

ACT

SLOT 1

IP290

STATUS

SLOT 1

AUX

RESET

13

5

24

6

CONSOLE

POWER FAULT

1000BaseT

LINK

ACT

LINK

ACT

Rack Mounting a Single Nokia IP290 Appliance

Nokia IP290 Security Platform Installation Guide 25

Figure 6 Installing the Mounting Brackets

You can mount IP290 appliances in a standard 19-inch rack with four mounting screws as

Figure 7 shows.

00559

IP290

STATUS

SLOT 1

AUX

RESET

1

3

5

2

4

6

CONSOLE

POWER FAULT

IP290

STATUS

SLOT 1

AUX

RESET

13

5

2

4

6

CONSOLE

POWER FAULT

1000BaseT

LINK

ACT

LINK

ACT

1000BaseT

LINK

ACT

LINK

ACT

Bracket position A

Bracket position B