Version 7.05.300
NN46110-318 02.01
322831-B Rev 01
November 2007
Standard
600 Technology Park Drive
Billerica, MA 01821-4130
Nortel VPN Router Installation
— VPN Router 2750
2
Copyright © 2007 Nortel Networks. All Rights Reserved.
The information in this document is subject to change without notice. The statements, configurations, technical data, and
recommendations in this document are believed to be accurate and reliable, but are presented without express or implied
warranty. Users must take full responsibility for their applications of any products specified in this document. The
information in this document is proprietary to Nortel Networks Inc.
Trademarks
Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks.
Adobe and Acrobat Reader are trademarks of Adobe Systems Incorporated.
HyperTerminal is a trademark of Hilgraeve, Inc.
Intel is a trademark of Intel Corporation.
Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation.
Netscape and Netscape Navigator are trademarks of Netscape Communications Corporation.
All other trademarks are the property of their respective owners.
Statement of conditions
In the interest of improving internal design, operational function, and/or reliability, Nortel Networks Inc. reserves the
right to make changes to the products described in this document without notice.
Nortel Networks Inc. does not assume any liability that may occur due to the use or application of the product(s) or
circuit layout(s) described herein.
USA requirements only
Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice
Note: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to
Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when
the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency
energy. If it is not installed and used in accordance with the instruction manual, it may cause harmful interference to
radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which
case users will be required to take whatever measures may be necessary to correct the interference at their own expense.
European requirements only
EN 55 022 statement
This is to certify that the Nortel Networks VPN Router 2750 is shielded against the generation of radio interference in
accordance with the application of Council Directive 89/336/EEC, Article 4a. Conformity is declared by the application
of EN 55 022 Class A (CISPR 22).
NN46110-318 02.01
War ning: This is a Class A product. In a domestic environment, this product may cause radio interference, in which
case, the user may be required to take appropriate measures.
Achtung: Dieses ist ein Gerät der Funkstörgrenzwertklasse A. In Wohnbereichen können bei Betrieb dieses Gerätes
Rundfunkstörungen auftreten, in welchen Fällen der Benutzer für entsprechende Gegenmaßnahmen verantwortlich ist.
Attention: Ceci est un produit de Classe A. Dans un environnement domestique, ce produit risque de créer des
interférences radioélectriques, il appartiendra alors à l’utilisateur de prendre les mesures spécifiques appropriées.
EC Declaration of Conformity
This product conforms (or these products conform) to the provisions of the R&TTE Directive 1999/5/EC.
Japan/Nippon requirements only
Denan statement
3
Voluntary Control Council for Interference (VCCI) statement
Taiwan requirements
Bureau of Standards, Metrology and Inspection (BSMI) statement
Nortel VPN Router Installation — VPN Router 2750
4
Canada requirements only
Canadian Department of Communications Radio Interference Regulations
This digital apparatus (VPN Router 2750) does not exceed the Class A limits for radio-noise emissions from digital
apparatus as set out in the Radio Interference Regulations of the Canadian Department of Communications.
Règlement sur le brouillage radioélectrique du ministère des Communications
Cet appareil numérique (VPN Router 2750) respecte les limites de bruits radioélectriques visant les appareils
numériques de classe A prescrites dans le Règlement sur le brouillage radioélectrique du ministère des Communications
du Canada.
Nortel Networks Inc. software license agreement
This Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nortel
Networks Corporation and its subsidiaries and affiliates (“Nortel Networks”). PLEASE READ THE FOLLOWING
CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE
SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE
AGREEMENT. If you do not accept these terms and conditions, return the Software, unused and in the original shipping
container, within 30 days of purchase to obtain a credit for the full purchase price.
“Software” is owned or licensed by Nortel Networks, its parent or one of its subsidiaries or affiliates, and is copyrighted
and licensed, not sold. Software consists of machine-readable instructions, its components, data, audio-visual content
(such as images, text, recordings or pictures) and related licensed materials including all whole or partial copies. Nortel
Networks grants you a license to use the Software only in the country where you acquired the Software. You obtain no
rights other than those granted to you under this License Agreement. You are responsible for the selection of the
Software and for the installation of, use of, and results obtained from the Software.
1. Licensed Use of Software. Nortel Networks grants Customer a nonexclusive license to use a copy of the Software
on only one machine at any one time or to the extent of the activation or authorized usage level, whichever is applicable.
To the extent Software is furnished for use with designated hardware or Customer furnished equipment (“CFE”),
Customer is granted a nonexclusive license to use Software only on such hardware or CFE, as applicable. Software
contains trade secrets and Customer agrees to treat Software as confidential information using the same care and
discretion Customer uses with its own similar information that it does not wish to disclose, publish or disseminate.
Customer will ensure that anyone who uses the Software does so only in compliance with the terms of this Agreement.
Customer shall not a) use, copy, modify, transfer or distribute the Software except as expressly authorized; b) reverse
assemble, reverse compile, reverse engineer or otherwise translate the Software; c) create derivative works or
modifications unless expressly authorized; or d) sublicense, rent or lease the Software. Licensors of intellectual property
to Nortel Networks are beneficiaries of this provision. Upon termination or breach of the license by Customer or in the
event designated hardware or CFE is no longer in use, Customer will promptly return the Software to Nortel Networks or
certify its destruction. Nortel Networks may audit by remote polling or other reasonable means to determine Customer’s
Software activation or usage levels. If suppliers of third party software included in Software require Nortel Networks to
include additional or different terms, Customer agrees to abide by such terms provided by Nortel Networks with respect
to such third party software.
2. Warranty. Except as may be otherwise expressly agreed to in writing between Nortel Networks and Customer,
Software is provided “AS IS” without any warranties (conditions) of any kind. NORTEL NETWORKS DISCLAIMS
ALL WARRANTIES (CONDITIONS) FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING,
BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel Networks is not obligated to
provide support of any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties, and, in
such event, the above exclusions may not apply.
NN46110-318 02.01
3. Limitation of Remedies. IN NO EVENT SHALL NORTEL NETWORKS OR ITS AGENTS OR SUPPLIERS BE
LIABLE FOR ANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS OF,
OR DAMAGE TO, CUSTOMER’S RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL,
INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS),
WHETHER IN CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR
USE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS, ITS AGENTS OR SUPPLIERS HAVE BEEN
ADVISED OF THEIR POSSIBILITY. The forgoing limitations of remedies also apply to any developer and/or supplier
of the Software. Such developer and/or supplier is an intended beneficiary of this Section. Some jurisdictions do not
allow these limitations or exclusions and, in such event, they may not apply.
4. General
a. If Customer is the United States Government, the following paragraph shall apply: All Nortel Networks
Software available under this License Agreement is commercial computer software and commercial computer
software documentation and, in the event Software is licensed for or on behalf of the United States
Government, the respective rights to the software and software documentation are governed by Nortel
Networks standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections
12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).
b. Customer may terminate the license at any time. Nortel Networks may terminate the license if Customer fails
to comply with the terms and conditions of this license. In either event, upon termination, Customer must
either return the Software to Nortel Networks or certify its destruction.
c. Customer is responsible for payment of any taxes, including personal property taxes, resulting from
Customer’s use of the Software. Customer agrees to comply with all applicable laws including all applicable
export and import laws and regulations.
d. Neither party may bring an action, regardless of form, more than two years after the cause of the action arose.
e. The terms and conditions of this License Agreement form the complete and exclusive agreement between
Customer and Nortel Networks.
f. This License Agreement is governed by the laws of the country in which Customer acquires the Software. If
the Software is acquired in the United States, then this License Agreement is governed by the laws of the state
of New York.
5
Nortel VPN Router Installation — VPN Router 2750
6
NN46110-318 02.01
Contents
New in this release. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
1000BASE-T (1000 GT) Ethernet card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Finding the latest updates on the Nortel Web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Getting help from the Nortel Web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Getting help over the phone from a Nortel Solutions Center . . . . . . . . . . . . . . . . . . . . 18
Getting help from a specialist by using an Express Routing Code . . . . . . . . . . . . . . . 18
Getting help through a Nortel distributor or reseller . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Text conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Printed technical manuals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
7
Chapter 1
Installing the Nortel VPN Router 2750 chassis . . . . . . . . . . . . . . . . . . . . . . 25
Description of the Nortel VPN Router 2750 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Preparing to install the Nortel VPN Router 2750 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Shipment contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Additional equipment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Cables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Hardware for mounting the chassis in an equipment rack . . . . . . . . . . . . . . . 28
Site requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Nortel VPN Router Installation — VPN Router 2750
8 Contents
Installing the chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Chapter 2
Cabling the VPN Router and turning the power on . . . . . . . . . . . . . . . . . . 35
Connecting communications cables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Connecting the power cord . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Verifying a successful installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Understanding the LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Installing the chassis on a flat surface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Installing the chassis in an equipment rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Rack-mount recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Attaching the shelf in the equipment rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Mounting the chassis in the equipment rack . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Front panel LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
LEDs on the system 10/100BASE-TX Ethernet ports . . . . . . . . . . . . . . . . . . . . . . 41
10/100BASE-TX Ethernet interface card LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
1000BASE-T (1000 GT) Ethernet interface card LEDs . . . . . . . . . . . . . . . . . . . . . 43
1000BASE-T (1000 MT) Ethernet interface card LEDs . . . . . . . . . . . . . . . . . . . . . 43
1000BASE-SX Ethernet interface card LED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
56/64K CSU/DSU WAN interface card LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
ADSL WAN interface card LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
T1/E1 CSU/DSU WAN interface card LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Quad T1/E1 CSU/DSU WAN interface card LEDs . . . . . . . . . . . . . . . . . . . . . . . . 49
Single V.35/X.21 WAN interface card LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
SSL VPN Module 1000 LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Chapter 3
Configuring the management IP interface. . . . . . . . . . . . . . . . . . . . . . . . . . 53
Required information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Configuring the management IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Testing the configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
NN46110-318 02.01
Chapter 4
Installing option cards and DIMMs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Shutting down the system to add or replace hardware . . . . . . . . . . . . . . . . . . . . . . . . 62
Removing the front bezel and top cover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Attaching the antistatic wrist strap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Installing and replacing option cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Installing and replacing an option card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Installing and replacing DIMMs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Appendix A
Technical specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Chassis specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
System ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
10/100BASE-TX Ethernet LAN ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Serial port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Modem cable specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Hardware option cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
VPN Router Security Accelerator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
SSL VPN Module 1000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
10/100BASE-TX Ethernet interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
1000BASE-T (1000 GT) Ethernet interface card . . . . . . . . . . . . . . . . . . . . . . . . . . 85
1000BASE-T (1000 MT) Ethernet interface card . . . . . . . . . . . . . . . . . . . . . . . . . . 87
1000BASE-SX Ethernet interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
56/64K CSU/DSU WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
ADSL WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
ISDN BRI interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
T1/E1 CSU/DSU WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Quad T1/E1 CSU/DSU WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
V.90 modem interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Single V.35/X.21 WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
HSSI WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
9
Nortel VPN Router Installation — VPN Router 2750
10 Contents
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
NN46110-318 02.01
Figures
Figure 1 Front view of the Nortel VPN Router 2750 . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 2 Placement of rubber feet on the bottom of the chassis . . . . . . . . . . . . . . 29
Figure 3 Attaching the cage nuts to the rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Figure 4 Installing the shelf in the equipment rack . . . . . . . . . . . . . . . . . . . . . . . . . 31
Figure 5 Removing the front bezel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Figure 6 Replacing the front bezel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Figure 7 Rear view of the Nortel VPN Router 2750 . . . . . . . . . . . . . . . . . . . . . . . . 37
Figure 8 Front panel LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 9 LEDs on the system 10/100BASE-TX Ethernet ports . . . . . . . . . . . . . . . . 41
Figure 10 LEDs on the 10/100BASE-TX Ethernet interface card . . . . . . . . . . . . . . . 42
Figure 11 LEDs on the 1000 GT Ethernet interface card . . . . . . . . . . . . . . . . . . . . . 43
Figure 12 LEDs on the 1000BASE-T (1000 MT) Ethernet interface card . . . . . . . . . 44
Figure 13 LED on the 1000BASE-SX Ethernet interface card . . . . . . . . . . . . . . . . . 44
Figure 14 LEDs on the 56/64K CSU/DSU WAN interface card . . . . . . . . . . . . . . . . 46
Figure 15 LEDs on the ADSL WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Figure 16 LEDs on the T1/E1 CSU/DSU WAN interface card . . . . . . . . . . . . . . . . . 48
Figure 17 LEDs on the quad T1/E1 CSU/DSU WAN interface card . . . . . . . . . . . . . 49
Figure 18 LEDs on the single V.35/X.21 WAN interface card . . . . . . . . . . . . . . . . . . 50
Figure 19 LEDs on the SSL VPN Module 1000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Figure 20 Removing the front bezel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Figure 21 Removing the top cover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Figure 22 Location of option card and DIMM slots on the system board . . . . . . . . . 66
Figure 23 Location of the grounding jack for the antistatic wrist strap . . . . . . . . . . . 67
Figure 24 Installing and removing an option card . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Figure 25 Replacing the front bezel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Figure 26 Installing and removing a DIMM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Figure 27 10/100BASE-TX Ethernet connector . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Figure 28 Serial cable (9-pin D-sub plug to RS-232-C modem plug) . . . . . . . . . . . . 80
Figure 29 Modem cable (9-pin D-sub plug to RS-232-C modem plug) . . . . . . . . . . . 81
11
Nortel VPN Router Installation — VPN Router 2750
12 Figures
Figure 30 VPN Router Security Accelerator card . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Figure 31 SSL VPN Module 1000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Figure 32 10/100BASE-TX Ethernet interface card . . . . . . . . . . . . . . . . . . . . . . . . . 84
Figure 33 1000BASE-T (1000 GT) Ethernet interface card (all models except VPN
Figure 34 1000BASE-T (1000 MT) Ethernet interface card . . . . . . . . . . . . . . . . . . . 87
Figure 35 1000BASE-SX Ethernet interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Figure 36 56/64K CSU/DSU WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Figure 37 ADSL WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Figure 38 ISDN BRI S/T or IDSDN BRI U . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Figure 39 T1/E1 CSU/DSU WAN interface card (half-height card) . . . . . . . . . . . . . . 94
Figure 40 T1/E1 CSU/DSU WAN interface card (full-height card) . . . . . . . . . . . . . . 94
Figure 41 Quad T1/E1 CSU/DSU WAN interface card . . . . . . . . . . . . . . . . . . . . . . . 96
Figure 42 V.90 modem interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Figure 43 Single V.35/X.21 WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Figure 44 HSSI WAN interface card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Router 2750 1100) 86
NN46110-318 02.01
Tables
Table 1 Items shipped with the Nortel VPN Router 2750 . . . . . . . . . . . . . . . . . . . 27
Table 2 Interfaces and cables for the Nortel VPN Router 2750 . . . . . . . . . . . . . . . 36
Table 3 Power cord requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Table 4 Front panel LED indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Table 5 LED indicators on the system 10/100BASE-TX Ethernet ports . . . . . . . . 41
Table 6 LED indicators on the 10/100BASE-TX Ethernet interface card . . . . . . . . 42
Table 7 LED indicators on the 1000 GT Ethernet interface card . . . . . . . . . . . . . . 43
Table 8 LED indicators on the 1000BASE-T (1000 MT) Ethernet interface card . 44
Table 9 LED indicator on the 1000BASE-SX Ethernet interface card . . . . . . . . . . 45
Table 10 LED indicators on the 56/64K CSU/DSU WAN interface card . . . . . . . . . 46
Table 11 LED indicators on the ADSL WAN interface card . . . . . . . . . . . . . . . . . . . 47
Table 12 LED indicators on the T1/E1 CSU/DSU WAN interface card . . . . . . . . . . 48
Table 13 LED indicators on the quad T1/E1 CSU/DSU WAN interface card . . . . . 49
Table 14 LED indicators on the single V.35/X.21 WAN interface card . . . . . . . . . . 50
Table 15 LED indicators on the SSL VPN Module 1000 . . . . . . . . . . . . . . . . . . . . . 51
Table 16 Supported option cards for the Nortel VPN Router 2750 2750 . . . . . . . . . 68
Table 17 Installing other option cards with the SSL VPN Module 1000 . . . . . . . . . 69
Table 18 Physical, electrical, and environmental specifications . . . . . . . . . . . . . . . 77
Table 19 10/100BASE-X Ethernet port pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Table 20 Multiple DB9 and DB25 connector pinouts . . . . . . . . . . . . . . . . . . . . . . . . 80
Table 21 Modem cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Table 22 1000BASE-T (1000 GT) Ethernet pinouts . . . . . . . . . . . . . . . . . . . . . . . . 86
Table 23 1000BASE-T Ethernet port pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Table 24 56/64K CSU/DSU cable pinouts for crossover connection . . . . . . . . . . . . 90
Table 25 56/64K CSU/DSU cable pinouts for straight-through connection . . . . . . . 90
Table 26 ADSL Annex A cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Table 27 ADSL Annex B cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Table 28 ISDN BRI S/T cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Table 29 ISDN BRI U cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
13
Nortel VPN Router Installation — VPN Router 2750
Table 30 T1/E1 CSU/DSU cable pinouts for crossover connection . . . . . . . . . . . . . 95
Table 31 T1/E1 CSU/DSU cable pinouts for straight-through connection . . . . . . . . 96
Table 32 V.90 modem cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Table 33 V.35 cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Table 34 X.21 cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Table 35 T3 cable pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
14
Nortel VPN Router Installation — VPN Router 2750
New in this release
The following section details what’s new in Nortel VPN Router Installation—
VPN Router 2750 (NN46110-318) for Release 7.05.300.
Features
See the following sections for information about feature-related changes.
1000BASE-T (1000 GT) Ethernet card
The 1000BASE-T (1000 GT) Ethernet card is new for Release 7.05.300. See
“1000BASE-T (1000 GT) Ethernet interface card LEDs” on page 43 and
“1000BASE-T (1000 GT) Ethernet interface card” on page 85.
15
Nortel VPN Router Installation — VPN Router 2750
16 New in this release
NN46110-318 02.01
How to get help
This chapter explains how to get help for Nortel products and services.
Finding the latest updates on the Nortel Web site
The content of this documentation was current at the time the product was
released. To check for updates to the latest documentation and software for the
VPN Router 2750, go to:
www.nortel.com/support
Select Security & VPN and then, in the section called Virtual Private Networking
(VPN), IPSEC, and SSL, click the appropriate VPN Router product.
Getting help from the Nortel Web site
17
The best way to get technical support for Nortel products is from the Nortel
Technical Support Web site:
www.nortel.com/support
Nortel VPN Router Installation — VPN Router 2750
18 How to get help
This site provides quick access to software, documentation, bulletins, and tools to
address issues with Nortel products. From this site you can:
• download software, documentation, and product bulletins
• search the Technical Support site and the Nortel Knowledge Base for answers
to technical issues
• sign up for automatic notification of new software and documentation for
Nortel equipment
• open and manage technical support cases
Getting help over the phone from a Nortel Solutions Center
If you do not find the information you require on the Nortel Technical Support
Web site, and you have a Nortel support contract, you can also get help over the
phone from a Nortel Solutions Center.
In North America, call 1-800-4NORTEL (1-800-466-7835).
Outside North America, go to the following Web site to obtain the phone number
for your region:
www.nortel.com/callus
Getting help from a specialist by using an Express Routing Code
To access some Nortel Technical Solutions Centers, you can use an Express
Routing Code (ERC) to quickly route your call to a specialist in your Nortel
product or service. To locate the ERC for your product or service, go to:
www.nortel.com/erc
NN46110-318 02.01
How to get help 19
Getting help through a Nortel distributor or reseller
If you purchased a service contract for your Nortel product from a distributor or
authorized reseller, contact the technical support staff for that distributor or
reseller.
Nortel VPN Router Installation — VPN Router 2750
20 How to get help
NN46110-318 02.01
Preface
The Nortel VPN Router 2750 is part of the Nortel VPN router product family. The
VPN Nortel Routers support secure, reliable IP VPNs in a single, integrated
hardware device. Throughout this guide, the VPN Router is also referred to as the
gateway.
This guide provides instructions for installing the VPN Router 2750 for the first
time and for replacing any field replaceable unit (FRU). This guide also provides
some initial configuration information and includes technical specifications for
the VPN Router 2750.
For complete information about configuring and monitoring the VPN Router
2750, see the documentation on the software CD. For information about VPN
Router documentation, see “Related publications” on page 23.
Before you begin
21
This guide is intended for qualified service personnel who are installing the VPN
Router 2750 for the first time or who need to install or replace any of the
following field replaceable units (FRU):
• LAN, WAN, and serial interface cards
• VPN Router Security Accelerator card
• SSL VPN Module 1000
• dual inline memory modules (DIMM)
Before you install the VPN Router 2750, ensure that you install all network wiring
on the premises using standard cable system practices.
Nortel VPN Router Installation — VPN Router 2750
22 Preface
Text conventions
This guide uses the following text conventions:
Acronyms
bold Courier text
italic text Indicates new terms and book titles.
plain Courier
text
separator ( > ) Shows menu paths.
This guide uses the following acronyms:
ADSL asymmetric digital subscriber line
AES Advanced Encryption Standard
AIS alarm indication signal
Indicates command names and options and text that
you need to enter.
Example: Use the
Example: Enter
Indicates system output, for example, prompts and
system messages.
Example:
Example: Choose Status > Health Check.
File not found.
show health command.
terminal paging {off | on}.
CSU/DSU channel service unit/digital service unit
DES Data Encryption Standard
DIMM dual inline memory module
DTE data terminal equipment
FRU field replaceable unit
GUI graphical user interface
HSSI High Speed Serial Interface
IP Internet Protocol
IPsec IP Security
NN46110-318 02.01
ISDN Integrated Services Digital Network
LAN local area network
LED light emitting diode
LOS loss of signal
OOF out of frame
PCI peripheral component interconnect
SSL Secure Sockets Layer
VPN virtual private network
WAN wide area network
Related publications
For complete information about configuring, monitoring, and managing the VPN
Router 2750, refer to the following publications (included on the software CD):
Preface 23
• Release notes provide the latest information, including brief descriptions of
the new features, problems fixed in this release, and known problems and
workarounds.
• Nortel VPN Router Configuration — Basic Features (NN46110-500)
introduces the product and provides information about initial configuration.
• Nortel VPN Router Security — Servers, Authentication, and Certificates
(NN46110-600) provides instructions for configuring authentication servers
and services, as well as digital certificates.
• Nortel VPN Router Security — Firewalls, Filters, NAT, and QoS
(NN46110-601) provides instructions for configuring the Stateful Firewall,
NAT, and VPN Router interface and tunnel filters.
• Nortel VPN Router Configuration — Tunneling Protocols (NN46110-503)
provides instructions for configuring the tunneling protocols IPsec, L2TP,
PPTP, and L2F.
• Nortel VPN Router Configuration— Advanced Features (NN46110-502)
provides instructions for configuring 802.1Q VLANs, circuitless IP, advanced
WAN settings, PPP, PPPoE, frame relay, ADSL and ATM, T1/E1 CSU/DSU
interfaces, dial services and BIS, DLSw, IPX, and Hardware Accelerator
cards.
Nortel VPN Router Installation — VPN Router 2750
24 Preface
• Nortel VPN Router Configuration — Routing (NN46110-504) provides
instructions for configuring RIP, OSPF, and VRRP, as well as instructions for
configuring ECMP, routing policy services, and client address redistribution.
• Nortel VPN Router Configuration — SSL VPN Services (NN46110-501)
provides instructions for configuring services on the SSL VPN Module 1000,
including authentication, networks, user groups, and portal links.
• Nortel VPN Router Using the Command Line Interface (NN46110-507)
provides syntax, descriptions, and examples for the commands that you can
use to configure, manage, and monitor the gateway.
• Nortel VPN Router Troubleshooting (NN46110-602) provides information
about backup and recovery, file management, upgrading software, and
troubleshooting. This guide also provides instructions for monitoring gateway
status and performance.
Printed technical manuals
You can print selected technical manuals and release notes free, directly from the
Internet. Go to www.nortel.com/documentation, find the product for which you
need documentation, then locate the specific category and model or version for
your hardware or software product. Use Adobe Reader to open the manuals and
release notes, search for the sections you need, and print them on most standard
printers. Go to Adobe Systems at www.adobe.com to download a free copy of the
Adobe Reader.
NN46110-318 02.01
Chapter 1
Installing the Nortel VPN Router 2750 chassis
This chapter describes how to install the VPN Router 2750 chassis.
Note: Before you install the chassis, ensure that you install all network
wiring on the premises using standard cable system practices.
This chapter contains the following topics:
Topic Page
Description of the Nortel VPN Router 2750 25
Preparing to install the Nortel VPN Router 2750 26
Installing the chassis 29
25
Description of the Nortel VPN Router 2750
With the VPN Router 2750, you can supply scalable, secure, and robust Internet
Protocol (IP) virtual private networks (VPN) across the public data network. The
VPN Router 2750 provides routing, firewall, bandwidth management, encryption,
authentication, and data integrity services to ensure secure tunneling across IP
networks and the Internet.
The VPN Router 2750 is available in two models:
• VPN Router 2750 with five tunnels (128-bit)
• VPN Router 2750 with 2 000 tunnels (128-bit)
Nortel VPN Router Installation — VPN Router 2750
26 Chapter 1 Installing the Nortel VPN Router 2750 chassis
Figure 1 shows the front view of the Nortel VPN Router 2750.
Figure 1 Front view of the Nortel VPN Router 2750
Alert
Boot/Ready
VPN Router 2750
The VPN Router 2750 chassis provides the following:
• two 10/100 Ethernet local area network (LAN) ports on the base system
• one serial port for out-of-band management of the VPN Router 2750
• four expansion peripheral component interconnect (PCI) slots that can contain
optional interface cards, a VPN Router Security Accelerator card, and the
Secure Sockets Layer (SSL) VPN Module 1000
• a memory of 256 MB that is upgradable to 512 MB total
CS260001D
Preparing to install the Nortel VPN Router 2750
Before you begin the installation, verify that:
• Your shipment is complete and undamaged.
• You have the cables, tools, and other equipment that you need.
• Your installation site meets the physical, electrical, and environmental
requirements.
The sections that follow provide information to help you prepare for installation.
NN46110-318 02.01
Shipment contents
In addition to the gateway and this guide, the shipping container for the VPN
Router 2750 contains a number of hardware accessories and other items (Table 1).
Note: Nortel does not ship a power cord with the VPN Router 2750
unless you order one.
Table 1 Items shipped with the Nortel VPN Router 2750
Quantity Item Purpose
1 Rack mount shelf Supports the chassis in the equipment rack
4 10-32 panhead screws Secures the rack-mount shelf and the chassis to
4 10-32 panhead cage nuts Used if the equipment rack does not have
4 Rubber feet Used to install the chassis on a surface
1 Antistatic wrist strap Directs the discharge of static electricity from
1 Molded serial cable
DB9/DB25-to-DB9/DB25
1 Nortel VPN Router
Installation — VPN Router
2750 (this book)
1 Recovery diskette Used to restore the software image and file
1 Nortel VPN Router
software kit
1 Nortel VPN client kit Contains VPN Client software and
1 Sheet of labels Used to note IP address (apply to front bezel)
Chapter 1 Installing the Nortel VPN Router 2750 chassis 27
the equipment rack
threaded rail holes
your body to the chassis to prevent damage to
sensitive electronic components
Connects the VPN Router 2750 to a PC or to a
local terminal
Provides instructions for installing the chassis
and hardware options
system
Contains VPN Router software and
documentation on CD
documentation on CD
Inspect all items for shipping damage. If you detect any damage, do not install the
VPN Router 2750. Call the Nortel Technical Solutions Center in your area (see
“How to get help” on page 17).
Nortel VPN Router Installation — VPN Router 2750
28 Chapter 1 Installing the Nortel VPN Router 2750 chassis
Additional equipment
You need items that are not included in the VPN Router 2750 shipping container.
Before you begin the installation, ensure that you have all the cables, tools, and
other equipment that you need.
Cables
You need cables that are not included in the VPN Router 2750 shipping container.
For information about which cables are shipped and which ones you can order,
see “Connecting communications cables” on page 36. If you do not have the
proper cables, contact your network administrator.
Hardware for mounting the chassis in an equipment rack
To install the VPN Router 2750 in an equipment rack, you need a Phillips
screwdriver and an equipment rack that meets the following specifications:
• heavy-duty steel construction
• width of 19 in. (48.26 cm) and depth of 24 in. (60.96 cm)
• Electronic Industries Association (EIA) standard hole-spacing
If the rack does not have threaded rail holes, you must use the cage nuts shipped
with the VPN Router 2750.
Site requirements
The installation site must provide sufficient free space around the VPN Router
2750 to ensure proper ventilation and access for servicing. For information about
the physical, electrical, and environmental requirements for the VPN Router
2750, see Appendix A, “Technical specifications,” on page 77.
NN46110-318 02.01
Installing the chassis
To install the VPN Router 2750, do one of the following:
• Position the chassis on a flat, sturdy, horizontal surface.
• Mount the chassis in a standard equipment rack (see “Installing the chassis in
an equipment rack” on page 30).
Installing the chassis on a flat surface
If you decide to place the VPN Router 2750 on a flat surface, ensure that the
surface is large enough for the gateway and sturdy enough to support the
combined weight of the VPN Router 2750 and the cables that you attach to it.
The VPN Router 2750 accessory kit includes four rubber feet that you can attach
to the bottom of the gateway. Figure 2 shows the placement of these rubber feet.
Figure 2 Placement of rubber feet on the bottom of the chassis
Chapter 1 Installing the Nortel VPN Router 2750 chassis 29
Attach feet (4)
CS160016A
Nortel VPN Router Installation — VPN Router 2750
30 Chapter 1 Installing the Nortel VPN Router 2750 chassis
Installing the chassis in an equipment rack
To mount the VPN Router 2750 in an equipment rack, you need the following
equipment:
• a standard 19-inch equipment rack
• four screws (supplied with the chassis)
• four cage nuts (supplied with the chassis) if the rack does not have threaded
rail holes
• a #2 Phillips screwdriver
Rack-mount recommendations
When you mount the chassis in the equipment rack, observe the following
standard recommendations:
• Nortel recommends a maximum ambient temperature of 40
that the internal temperature of the rack does not exceed (104
o
C (104oF). Ensure
o
F).
• Do not block the power supply vents or otherwise restrict air flow when
installing the chassis in the rack.
• Stabilize your rack so that it does not tip over under the weight of the gateway
and other devices.
• Ensure that the electrical branch circuits can handle the VPN Router 2750 and
other units in the rack before you install and turn on the gateway.
• Maintain a reliable earth-ground path in the rack system. You must connect
the gateway to an earth ground.
Attaching the shelf in the equipment rack
The VPN Router 2750 ships with a rack-mount shelf to support the chassis in the
equipment rack.
To attach the shelf to the inside of the equipment rack:
1 If the holes in the rack’s vertical supports are not threaded, attach a cage nut in
four locations at the front of the rack (Figure 3 on page 31).
NN46110-318 02.01
Chapter 1 Installing the Nortel VPN Router 2750 chassis 31
Figure 3 Attaching the cage nuts to the rack
Rail
without
threaded
holes
Cage nut
CS260003A
2 Position the rack-mount shelf inside the rack as shown in Figure 4.
3 Align the holes in the shelf with holes in the front of the rack.
Figure 4 Installing the shelf in the equipment rack
Rack edge
Flange
CS260003A
4 Snap the support flange into place (Figure 4). Ensure that the alignment pin
above the flange fits into the appropriate hole.
5 Insert one of the supplied panhead screws through the top hole on each side of
the shelf into the hole in the rack, and tighten the screws (Figure 4).
Nortel VPN Router Installation — VPN Router 2750
32 Chapter 1 Installing the Nortel VPN Router 2750 chassis
Mounting the chassis in the equipment rack
Nortel recommends that two people install the chassis in the rack.
To install the VPN Router 2750 in the equipment rack:
1 Set the VPN Router 2750 on the rack-mount shelf.
2 Remove the front bezel from the VPN Router 2750 (Figure 5).
a Use the Phillips screwdriver to turn each of the two screws on the front
bezel a quarter turn counterclockwise.
Figure 5 Removing the front bezel
NN46110-318 02.01
CS260015E
b Grip the two handles, and firmly pull the bezel toward you to unsnap it
from the chassis.
Caution: Risk of equipment damage
Do not use the piece with the Nortel logo and the LEDs as a handle.
The first several times that you remove the front bezel, the bezel can stick
because the ball studs and socket clips are new.
3 Insert one of the supplied panhead screws through the bottom hole on each
side of the shelf into the hole in the rack, and tighten the screws (Figure 4 on
page 31).
4 Replace the front bezel (Figure 6).
a Hold the two handles on the bezel, and push it onto the chassis.
b Use the Phillips screwdriver to tighten the two screws that secure the
bezel to the chassis.
Figure 6 Replacing the front bezel
Chapter 1 Installing the Nortel VPN Router 2750 chassis 33
Press here
CS260005E
Nortel VPN Router Installation — VPN Router 2750
34 Chapter 1 Installing the Nortel VPN Router 2750 chassis
NN46110-318 02.01
Chapter 2
Cabling the VPN Router and turning the power on
This chapter provides information about how to connect communications cables
and the power cord to the VPN Router 2750.
Caution: Connect the cables to the built-in Ethernet ports and to the
interfaces on the option cards installed in the VPN Router 2750 before
you plug the power cord into the outlet.
This chapter contains the following topics:
Topic Page
Connecting communications cables 36
Connecting the power cord 37
Verifying a successful installation 39
Understanding the LEDs 40
35
Caution: You must route the cabling for all wide area network (WAN),
local area network (LAN), and serial connections inside the building
environment.
Nortel VPN Router Installation — VPN Router 2750
36 Chapter 2 Cabling the VPN Router and turning the power on
Connecting communications cables
Gather the cables to attach to the VPN Router 2750.
Tabl e 2 lists the system ports and the ports provided on the optional interface
cards that you can install in the VPN Router 2750. The table also indicates
whether you can obtain cables for the ports from Nortel.
Table 2 Interfaces and cables for the Nortel VPN Router 2750
Cable available from Nortel
Interface Included Ordered separately Contact supplier
10/100BASE-TX Ethernet system ports X
Serial port X
10/100BASE-TX Ethernet X
1000BASE-T (1000 GT) Ethernet X
1000BASE-T (1000 MT) Ethernet
(copper)
1000BASE-SX Ethernet (fiber) X
56/64K CSU/DSU WAN X
ADSL WAN X
ISDN BRI X
V.90 modem X
T1/E1 CSU/DSU WAN X
Quad T1/E1 CSU/DSU WAN X
Single V.35/X.21 WAN X
HSSI WAN X
1 Order either the LC-to-LC cable or the LC-to-SC cable.
2 Order either the V.35 cable or the X.21 cable.
1
2
X
For information about the connectors and cable pinouts, see Appendix A,
“Technical specifications,” on page 77.
NN46110-318 02.01
Chapter 2 Cabling the VPN Router and turning the power on 37
Figure 7 shows the back of the VPN Router 2750. All interface cables and the
power cord attach to the rear of the gateway.
Figure 7 Rear view of the Nortel VPN Router 2750
4 PCI slots
VPN Router 2750
100 - 240 V~
5 - 3 A
60 - 50 Hz
receptacle
Power
Power
switch
Serial portAC
Connect the interface cables to the VPN Router 2750 in this order:
1 Connect the 10/100BASE-X RJ-45 cables to the built-in 10/100BASE-X
Ethernet LAN ports on the gateway (Figure 7).
2 Connect the serial cable shipped with the VPN Router 2750 to the serial port
(Figure 7), if you plan to connect a terminal or PC to the gateway.
3 Connect all other cables to the ports on the installed interface cards.
If you ordered optional interface cards, connect the cables for these interfaces
to the ports.
Connecting the power cord
LAN0 LAN1
Serial Port
1234
10/100
Ethernet
LAN ports
11424EA
You must order the power cord for the VPN Router 2750 separately.
Caution: Risk of equipment damage
Do not modify or use the AC power cord if it is not the exact type that is
required for your power outlet.
Nortel VPN Router Installation — VPN Router 2750
38 Chapter 2 Cabling the VPN Router and turning the power on
The power cord must meet the requirements described in Tab le 3 .
Table 3 Power cord requirements
Requirement Description
Current rating The power cord must be rated for the available AC voltage
Certification The power cord must have certification marks from an
Cord length and flexibility The power cord must be less than 4.5 meters (14.7 feet) long.
Power supply connector The connector that you plug into the AC receptacle on the
Wall outlet connector The power cord must terminate in a male plug with
and must have a current rating that is at least 125 percent of
the gateway’s current rating (5 A @ 100 VAC or 3 A @ 240
VAC ).
acceptable regional agency.
It must be a flexible HAR (harmonized) cord or VDE-certified
cordage to comply with the gateway’s safety certifications.
gateway must be an IEC 320, Sheet C13 female.
appropriate grounding.
To connect the power cord and turn on the system power:
1 Connect the power cord to the AC receptacle on the back of the gateway (see
Figure 7 on page 37).
2 Connect the power cord to the power outlet.
Caution: Risk of equipment damage
Protect the VPN Router 2750 by plugging it into a surge suppressor.
3 Press and release the power switch on the rear of the VPN Router 2750
NN46110-318 02.01
(Figure 7 on page 37), and wait for the gateway to boot.
Chapter 2 Cabling the VPN Router and turning the power on 39
Verifying a successful installation
After you connect the gateway to the power source and turn it on, you can verify a
successful installation by checking the light emitting diodes (LED) on the front
panel (Figure 8 on page 40).
The following sequence of LEDs should occur:
1 The power LED (the Nortel logo) lights blue.
2 The Alert LED lights red, and the Boot/Ready LED lights green.
3 The Boot/Ready LED lights yellow, and the Alert LED turns off when the
gateway begins its boot sequence.
4 The Boot/Ready LED lights green to indicate that the gateway is operational
after the boot process is complete.
5 The Alert LED lights yellow because the gateway is not configured.
For a newly installed VPN Router 2750, a yellow Alert LED does not indicate
an alarm condition. After you configure the gateway, the Alert LED turns off.
(See Chapter 3, “Configuring the management IP interface,” on page 53.)
If the LEDs on the front panel light in this sequence, your installation is
successful. If the LEDs do not light in this sequence, check that you correctly
installed the bezel on the gateway and that you properly attached the power cord
to the power supply (see “Connecting the power cord” on page 37).
If the VPN Router 2750 still does not boot, contact your local Nortel Technical
Solutions Center (see “How to get help” on page 17).
Nortel VPN Router Installation — VPN Router 2750
40 Chapter 2 Cabling the VPN Router and turning the power on
Understanding the LEDs
This section describes the LEDs on the front panel of the VPN Router 2750 and
on the interface cards that have LEDs. You can confirm that you properly cabled
the LAN and WAN interfaces by examining the LEDs.
Front panel LEDs
The front panel of the VPN Router 2750 has a lighted Nortel logo and two LEDs
(Figure 8). These LEDs indicate the status of the VPN Router 2750.
Figure 8 Front panel LEDs
Powe r
Alert
Boot/Ready
Alert
Boot/Ready
CS160013A
Tabl e 4 describes the LEDs on the VPN Router 2750 front panel.
Table 4 Front panel LED indicators
LED Indicator Description
Power (Nortel
logo)
Alert Yellow A non-fatal alarm condition exists. The yellow alert
Boot/Ready Yellow The gateway is booting and is in a non-ready state.
On The gateway is receiving AC power.
Off The gateway is not receiving AC power.
condition is described in the health check display.
Red A serious alarm condition exists that requires attention.
A red alert usually indicates a hardware error. The red
alert condition is described in the health check display.
Green The boot process is complete and the gateway is in a
state of readiness.
For complete information about the health check, event log, and system log, see
Nortel VPN Router Troubleshooting.
NN46110-318 02.01
Chapter 2 Cabling the VPN Router and turning the power on 41
LEDs on the system 10/100BASE-TX Ethernet ports
Each of the two 10/100BASE-TX Ethernet ports on the rear of the VPN Router
2750 has two LEDs (Figure 9).
Figure 9 LEDs on the system 10/100BASE-TX Ethernet ports
Green
CS260011A
Yellow
Tabl e 5 describes the LEDs on the system 10/100BASE-TX Ethernet ports.
Table 5 LED indicators on the system 10/100BASE-TX Ethernet ports
LED Indicator Description
Green On The LAN port is operating at 100 Mb/s.
Off The LAN port is operating at 10 Mb/s.
Yellow On The cable connections between the LAN port and the
hub are good.
Off The cable connections between the LAN port and the
Flashing The LAN port is sending or receiving network data.
hub are faulty.
The frequency of the flashes increases with
increased traffic.
Nortel VPN Router Installation — VPN Router 2750
42 Chapter 2 Cabling the VPN Router and turning the power on
10/100BASE-TX Ethernet interface card LEDs
Figure 10 shows the LEDs on the 10/100BASE-TX Ethernet interface card.
Figure 10 LEDs on the 10/100BASE-TX Ethernet interface card
DATA
ACT/LINK
Activity/Link
100TX
10/100 Mb/s
CS260009A
Tabl e 6 describes the LEDs on the 10/100BASE-TX Ethernet interface card.
Table 6 LED indicators on the 10/100BASE-TX Ethernet interface card
LED Indicator Description
ACT/LINK Steady green or
Flashing green
Off The card is not sending or receiving data.
10/100TX Green The port is operating at 100 Mb/s.
Off The port is operating at 10 Mb/s.
The card is sending or receiving network data. The
frequency of the flashes increases with increased
traffic.
NN46110-318 02.01
Chapter 2 Cabling the VPN Router and turning the power on 43
1000BASE-T (1000 GT) Ethernet interface card LEDs
The following figure shows the LEDs on the 10BASE-T/100BASE-TX/
1000BASE-T 1000 GT Ethernet interface card.
Figure 11 LEDs on the 1000 GT Ethernet interface card
The following table describes the LEDs on the 1000 GT Ethernet interface card.
Table 7 LED indicators on the 1000 GT Ethernet interface card
LED Indicator Description
ACT/LINK Steady green The port is connected to a valid link partner.
Flashing green The card is sending or receiving network data. The
Off The card is not sending or receiving data.
10/100/1000 Yellow The port is operating at 1000 Mb/s.
Green The port is operating at 100 Mb/s.
frequency of the flashes increases with increased
traffic.
Off The port is operating at 10 Mb/s.
1000BASE-T (1000 MT) Ethernet interface card LEDs
Figure 12 shows the LEDs on the 1000BASE-T Ethernet interface card.
Nortel VPN Router Installation — VPN Router 2750
44 Chapter 2 Cabling the VPN Router and turning the power on
Figure 12 LEDs on the 1000BASE-T (1000 MT) Ethernet interface card
R
Intel PRO
ACT/LNK
10 = OFF
100 = GRN
1000 = ORG
ACT/LNK
10/100/1000
Tabl e 8 describes the LEDs on the 1000BASE-T Ethernet interface card.
Table 8 LED indicators on the 1000BASE-T (1000 MT) Ethernet interface card
LED Indicator Description
ACT/LNK Steady green The port is connected to a valid link partner.
Flashing green The LAN port is sending or receiving network data.
Off The port is not linked to a valid partner.
10/100/1000 Off The LAN port is operating at 10 Mb/s.
Green The LAN port is operating at 100 Mb/s.
Orange The LAN port is operating at 1000 Mb/s.
1000BASE-SX Ethernet interface card LED
Figure 13 shows the LED on the 1000BASE-SX Ethernet interface card.
Figure 13 LED on the 1000BASE-SX Ethernet interface card
11287EA
NN46110-318 02.01
R
Intel PRO
ACT/LNK
ACT/LNK
11288EA
Chapter 2 Cabling the VPN Router and turning the power on 45
Tabl e 9 describes the LED on the 1000BASE-SX Ethernet interface card.
Table 9 LED indicator on the 1000BASE-SX Ethernet interface card
LED Indicator Description
ACT/LNK Steady green The port is connected to a valid link partner.
Flashing green The LAN port is sending or receiving network data.
Off The port is not linked to a valid partner.
Nortel VPN Router Installation — VPN Router 2750
46 Chapter 2 Cabling the VPN Router and turning the power on
56/64K CSU/DSU WAN interface card LEDs
Figure 14 shows the LEDs on the 56/64K CSU/DSU WAN interface card.
Figure 14 LEDs on the 56/64K CSU/DSU WAN interface card
Blue LED
Green LED
Red LED
56/64K
DDS
Yellow LED
Tabl e 10 describes the LEDs on the 56/64K CSU/DSU WAN interface card.
Table 10 LED indicators on the 56/64K CSU/DSU WAN interface card
LED Description
Blue The blue alarm LED is lit when the interface card detects a DDS
Red The red alarm LED is lit when the interface card detects a DDS loss-of-
Yellow The yellow alarm LED is lit when the interface card detects a DDS
Green The green LED is lit when the interface card receives valid DDS signal
All LEDs off The port is disabled.
out-of-frame (OOF) condition on the receive signal.
signal (LOS) or loss-of-frame (LOF) condition on the receive signal.
out-of-service condition on the receive signal. (This LED indicates that
the far-end equipment detects a local LOS or LOF condition.)
and framing (this LED indicates normal operation of the card.)
NN46110-318 02.01
Chapter 2 Cabling the VPN Router and turning the power on 47
ADSL WAN interface card LEDs
Figure 15 shows the LEDs on the asymmetric digital subscriber line (ADSL)
WAN interface card.
Figure 15 LEDs on the ADSL WAN interface card
RX/TX LED
ADSL
CONN LED
RX/TX
CONN
Tabl e 11 describes the LEDs on the ADSL WAN interface card.
Table 11 LED indicators on the ADSL WAN interface card
CONN LED Tx/Rx LED Description
Steady green Steady green The ADSL interface card is not initialized; the
software driver is not installed.
Off Off The ADSL interface card is initialized, but has not
established a link with the ADSL network.
Flashing green Off The ADSL interface card is attempting to establish a
Steady green Off The ADSL interface card has established a link with
Steady green Flashing green The ADSL interface card is sending or receiving
link with the ADSL network.
the ADSL network.
network data. (The LED can be dim.)
Nortel VPN Router Installation — VPN Router 2750
48 Chapter 2 Cabling the VPN Router and turning the power on
T1/E1 CSU/DSU WAN interface card LEDs
Figure 16 shows the LEDs on the T1/E1 CSU/DSU WAN interface card.
Figure 16 LEDs on the T1/E1 CSU/DSU WAN interface card
LED 1, Red LED 2, Blue
LED 4, Green LED 3, Yellow
CS160012A
Tabl e 12 describes the LEDs on the T1/E1 CSU/DSU WAN interface card.
Table 12 LED indicators on the T1/E1 CSU/DSU WAN interface card
LED Indicator Description
LED 1 Red The red alarm LED is lit when a loss-of-signal (LOS) or
out-of-frame (OOF) condition is detected on the receive
signal.
LED 2 Blue The blue alarm LED is lit when receiving an upstream
failure denoted by an alarm indication signal (AIS).
LED 3 Yellow The yellow alarm LED is lit when the far-end equipment
is in the red alarm condition.
LED 4 Green The green LED is lit when the condition is normal
operation.
NN46110-318 02.01
Chapter 2 Cabling the VPN Router and turning the power on 49
Quad T1/E1 CSU/DSU WAN interface card LEDs
Figure 17 shows the LEDs on the quad T1/E1 channel service unit/digital service
unit (CSU/DSU) WAN interface card.
Figure 17 LEDs on the quad T1/E1 CSU/DSU WAN interface card
LED 1 LED 2
LED 3 LED 4
CS160012A
Tabl e 13 describes the LEDs on the quad T1/E1 CSU/DSU WAN interface card.
Table 13 LED indicators on the quad T1/E1 CSU/DSU WAN interface card
LED Indicator Description
LED 1 Off Port 1 is disabled.
On Port 1 is enabled and operating normally.
Flashing Port 1 is enabled and in an alarm state (red, yellow, or blue).
LED 2 Off Port 2 is disabled.
On Port 2 is enabled and operating normally.
Flashing Port 2 is enabled and in an alarm state (red, yellow, or blue).
LED 3 Off Port 3 is disabled.
On Port 3 is enabled and operating normally.
Flashing Port 3 is enabled and in an alarm state (red, yellow, or blue).
LED 4 Off Port 4 is disabled.
On Port 4 is enabled and operating normally.
Flashing Port 4 is enabled and in an alarm state (red, yellow, or blue).
Nortel VPN Router Installation — VPN Router 2750
50 Chapter 2 Cabling the VPN Router and turning the power on
Single V.35/X.21 WAN interface card LEDs
Figure 18 shows the LEDs on the single V.35/X.21 WAN interface card.
Figure 18 LEDs on the single V.35/X.21 WAN interface card
LED 1, Red LED 2, Green
LED 4, Green LED 3, Green
Tabl e 14 describes the LEDs on the single V.35/X.21 WAN interface card.
Table 14 LED indicators on the single V.35/X.21 WAN interface card
LED Indicator Description
LED 1 Red No external transmit clock source is available.
LED 2 Green The signals CDC and DSR are on between the DSU
and the adapter. LED 2 detects receive link status.
LED 3 Green Power to the adapter is on and the onboard
microcode is loaded.
LED 4 Green Cable is detected.
NN46110-318 02.01
Chapter 2 Cabling the VPN Router and turning the power on 51
SSL VPN Module 1000 LEDs
Figure 19 shows the LEDs on the Secure Sockets Layer (SSL) VPN Module 1000.
Figure 19 LEDs on the SSL VPN Module 1000
Utilization
Tabl e 15 describes the LEDs on the SSL VPN Module 1000.
Table 15 LED indicators on the SSL VPN Module 1000
LEDs Indicator Description
Online Steady green The SSL VPN Module 1000 is operating normally.
Yellow A reset occurred on the SSL VPN Module 1000.
Off The SSL VPN Module 1000 is not receiving power.
Activity LED 1 Steady green The SSL VPN Module 1000 is operating normally.
Flashing green Activity is occurring on the SSL VPN Module 1000.
Yellow A reset occurred on the SSL VPN Module 1000.
Activity LED 2 — Not used. (This LED is often lit, but it has no
Utilization
(4 LEDs)
Steady green Together, these four LEDs indicate an approximate
Blinking in unison The SSL VPN Module 1000 is idle.
Online
1
Activity2 -
11356EA
meaning.)
average level of CPU utilization. When one LED is
lit, CPU utilization is approximately 25%; when two
LEDs are lit, CPU utilization is approximately 50%.
Nortel VPN Router Installation — VPN Router 2750
52 Chapter 2 Cabling the VPN Router and turning the power on
NN46110-318 02.01
Chapter 3
Configuring the management IP interface
This chapter describes how to configure a management Internet Protocol (IP)
address, subnet mask, and default gateway address on a newly installed VPN
Router 2750. After you complete the procedures in this chapter, you can configure
and manage the VPN Router 2750 using a Web browser from a PC.
To configure the management IP interface, you use the serial interface
configuration menu. You must connect a PC or terminal to the serial port on the
VPN Router 2750.
This chapter contains the following topics:
Topic Page
Required information 54
Configuring the management IP address 55
Testing the configuration 59
Troubleshooting 60
53
Nortel VPN Router Installation — VPN Router 2750
54 Chapter 3 Configuring the management IP interface
Required information
Before you configure the management interface, collect this information:
• IP address for the management interface
The management IP address must be accessible from one of the private
physical interfaces on the VPN Router 2750. For example, if you plan to
assign IP address 10.2.3.3 with subnet mask 255.255.0.0 to the private
physical interface, the management IP address must reside in the 10.2
network.
• Subnet mask
The subnet mask specifies which IP addresses are directly reachable on the
network and which ones must be routed through a gateway. For example, the
IP address 10.2.3.3 with a subnet mask of 255.255.0.0 indicates that all hosts
with addresses 10.2.n.n are directly reachable.
• Default gateway (optional)
The default gateway routes packets to destinations for which there is no
specific route in the routing table. You can configure a default gateway when
you assign the management IP address, or you can configure it at a later time.
NN46110-318 02.01
Note: Write down and save the management IP address. You need it to
configure the VPN Router 2750.
Chapter 3 Configuring the management IP interface 55
Configuring the management IP address
You use the serial interface to assign the VPN Router 2750 a management IP
address and subnet mask so that you can then use a Web browser for management.
To configure the management IP address using the serial interface:
1 Turn on the terminal or PC.
Configure the terminal or PC as follows:
• 9600 baud
• eight data bits
• one stop bit
•no parity
• no flow control
2 Connect the serial cable (supplied with the VPN Router 2750) from the
gateway’s serial port to a terminal or to the communications port on a PC.
3 On the PC, start HyperTerminal or another terminal emulation program, and
press Enter.
The Welcome window appears.
Welcome to the VPN Router
Copyright (c) 1999-2005 Nortel Networks, Inc.
Version: V06_20.004
Creation date: Mar 7 2006, 13:52:02
Unit Serial Number: 19677
Please enter the administrator's user name:
4 Enter the default user name and password for the administrator.
The factory default user name is admin and the default password is setup. The
user name and password are case sensitive.
Please enter the administrator's user name: admin
Please enter the administrator's password: *****
Nortel VPN Router Installation — VPN Router 2750
56 Chapter 3 Configuring the management IP interface
The serial main menu appears.
Main Menu: System is currently in NORMAL mode.
0) Management Address
1) Interfaces
2) Administrator
3) Default Private Route Menu
4) Default Public Route Menu
5) Create A User Control Tunnel (IPsec) Profile
6) Restricted Management Mode FALSE
7) Allow HTTP Management TRUE
8) Firewall Options
9) Shutdown
B) System Boot Options
P) Configure Serial Port
C) Controlled Crash
L) Command Line Interface
R) Reset System to Factory Defaults
E) Exit, Save and Invoke Changes
Please select a menu choice (0 - 9,B,P,C,L,R,E):
5 To configure the Interface IP address, from the serial menu, type 1 and press
NN46110-318 02.01
Enter.
The interface menu appears.
- Interface Menu
0) Slot 0, Port 2, Public LAN
IP Address =
Subnet Mask = 0.0.0.0
Speed/Duplex = AutoNegotiate
1) Slot 0, Port 1, Private LAN
IP Address =192.167.120.14
Subnet Mask = 255.255.255.0
Speed/Duplex = AutoNegotiate
R) Return to the Main Menu.
Please select a menu choice:
Chapter 3 Configuring the management IP interface 57
6 Ty pe 0, and press Enter to configure the IP address.
The IP address prompt appears.
0) Slot 0, Port 2, Public LAN
IP Address =
Subnet Mask = 0.0.0.0
Speed/Duplex = AutoNegotiate
*Type 0.0.0.0 to delete.
*Just type <CR> to skip.
Old IP address =
New IP address =
7 Type a new IP address, and press Enter.
The subnet mask prompt appears.
Old Subnet Mask = 0.0.0.0
New Subnet Mask =
8 At the New Subnet Mask prompt, type the subnet mask for the management
IP address, and press Enter.
The Speed/Duplex prompt appears.
9 Press Enter to leave the speed and duplex settings unchanged.
The Interface menu appears again with the changes you made.
0) Slot 0, Port 2, Public LAN
IP Address =
Subnet Mask = 0.0.0.0
Speed/Duplex = AutoNegotiate
1) Slot 0, Port 1, Private LAN
IP Address =192.167.120.14
Subnet Mask = 255.255.255.0
Speed/Duplex = AutoNegotiate
R) Return to the Main Menu.
Please select a menu choice:
Nortel VPN Router Installation — VPN Router 2750
58 Chapter 3 Configuring the management IP interface
Type R, and press Enter to return to the serial main menu.
10 To configure the management IP address, type 0, and press Enter.
The Management IP Address menu appears.
- Management IP Address Menu
M) Management IP Address =
R) Return to the Main Menu
Please select a menu choice (M,R):
11 Type M, and press Enter.
The Management IP Address prompt appears.
*Type 0.0.0.0 to delete.
*Just type <CR> to skip.
Old management IP address =
New management IP address =
12 Type the new management IP address, and press Enter to configure the
management IP address.
13 Type R, and press Enter to return to the serial main menu.
14 From the serial main menu, type E, and press Enter to save the new
15 Go to the next section, “Testing the configuration” on page 59 to verify that
NN46110-318 02.01
The new IP management address appears in the Management IP Address
menu.
- Management IP address menu
M) Management IP Address =192.167.120.13
R) Return to the Main Menu
Please select a menu choice (M,R):
The serial main menu appears.
management IP address and mask and to exit the serial menu.
you can access the VPN Router 2750 from a Web browser.
Testing the configuration
After you assign a management IP address to the VPN Router 2750, start your
Web browser to verify that you can access the gateway from the browser.
To manage the VPN Router 2750 using the GUI, your PC must be running one of
the following browsers:
• Windows 2000 and NT
— Internet Explorer 6.0
— Monzilla 1.7
— Firefox (all versions)
— Netscape 7.x, 8.0.x or 8.1.x
•Unix
— Firefox 1.5
— Monzilla 1.7
•Linux
— Firefox 1.5
— Monzilla 1.7
Chapter 3 Configuring the management IP interface 59
To test the management IP address on the VPN Router 2750:
1 Open a Web browser.
2 In the URL field, enter http:// followed by the management IP address that
you assigned to the VPN Router 2750.
For example, if the management IP address is 47.17.248.52, enter
http://47.17.248.52.
If the Welcome window appears, you correctly configured the management IP
address for the VPN Router 2750.
Note: If the Welcome window does not appear, see “Troubleshooting”
on page 60.
3 Go to Nortel VPN Router Configuration — Basic Features (NN46110-602)
for information about configuring the VPN Router 2750.
Nortel VPN Router Installation — VPN Router 2750
60 Chapter 3 Configuring the management IP interface
Troubleshooting
If you cannot connect to the VPN Router 2750 using your browser, check the
following items:
• Ensure that you entered the correct IP address in the browser window.
• Type a known URL in the browser window to ensure that your network
connection is good.
• Check that the management IP address that you configured is on the same
subnet as the physical LAN attached to the gateway.
• Ensure that your PC is running a supported browser (see“Testing the
configuration” on page 59).
• Check the physical connections on the VPN Router 2750, especially the LAN
cables and the power cord.
If you still cannot connect to the VPN Router 2750 using a browser, connect a
terminal or PC to the gateway with the serial cable and check the management IP
address listed in the serial menu (see “Configuring the management IP address”
on page 55). Reconfigure the management IP address if necessary.
If you cannot resolve the problem, contact the Nortel Technical Solutions Center
closest to you (see “How to get help” on page 17).
NN46110-318 02.01
Chapter 4
Installing option cards and DIMMs
This chapter provides instructions about how to install and replace the following
field replaceable units (FRU) in the VPN Router 2750:
• LAN, WAN, and serial interface cards
• Secure Sockets Layer (SSL) VPN Module 1000
• VPN Router Security Accelerator card
• Dual inline memory modules (DIMM)
This chapter contains the following topics:
Topic Page
Shutting down the system to add or replace hardware 62
Removing the front bezel and top cover 63
Attaching the antistatic wrist strap 67
Installing and replacing option cards 68
Installing and replacing DIMMs 72
61
Nortel VPN Router Installation — VPN Router 2750
62 Chapter 4 Installing option cards and DIMMs
Shutting down the system to add or replace hardware
To install or replace an option card or a DIMM, you must first shut down the VPN
Router 2750 and unplug it.
Warning: Risk of electric shock
Shut down the VPN Router 2750 as described in this section before you
attempt to add or replace an option card or DIMM.
To shut down the VPN Router 2750:
1 Use the Web graphical user interface (GUI) or the command line interface
(CLI) to shut down the gateway.
• Web GUI: Choose Admin > Shutdown. Select the option to power off the
gateway after shutdown.
• CLI: Use the
reload power-off disable-logins “Upgrade hardware”
enter
For the complete syntax of the reload command, see Nortel VPN Router
Using the Command Line Interface (NN46110-507).
reload command to shut down the system. For example,
2 Wait for the system to shut down.
3 Disconnect the power cord from the power outlet and then disconnect the cord
NN46110-318 02.01
from the VPN Router 2750.
The power receptacle is on the rear of the VPN Router 2750 (see Figure 7 on
page 37).
Chapter 4 Installing option cards and DIMMs 63
Removing the front bezel and top cover
To install option cards or DIMMs, you must remove the front bezel and the top
cover from the gateway.
To remove the front bezel:
1 Shut down the VPN Router 2750 using the Web GUI or the CLI, and then
unplug it as described in “Shutting down the system to add or replace
hardware” on page 62.
Warning: Risk of electric shock
Turn off the VPN Router 2750, and unplug it before you attempt to
install an option card or DIMM.
2 Use a Phillips screwdriver to turn each of the two screws on the front bezel a
quarter turn counterclockwise (Figure 20).
Figure 20 Removing the front bezel
CS260015E
Nortel VPN Router Installation — VPN Router 2750
64 Chapter 4 Installing option cards and DIMMs
3 Grip the two handles, and firmly pull the bezel toward you to unsnap it from
the chassis.
Caution: Risk of equipment damage
Do not use the piece with the Nortel logo and the LEDs as a handle.
The first several times that you remove the front bezel, the bezel can stick
because the ball studs and socket clips are new.
To remove the top cover:
1 Remove the VPN Router 2750 from the rack if the router is installed in an
equipment rack.
a At the front of the chassis, remove the two panhead screws that secure the
bottom of the chassis to the equipment rack.
b Remove the VPN Router 2750 from the rack-mount shelf.
c Set the VPN Router 2750 on a sturdy surface.
2 Use a Phillips screwdriver to remove the four screws that secure the cover to
the chassis (Figure 21).
NN46110-318 02.01
Chapter 4 Installing option cards and DIMMs 65
Figure 21 Removing the top cover
Remove these 4 screws
Alert
Boot/Ready
Alert
Boot/Ready
Slide cover forward and lift up
3 Slide the top cover forward approximately 1/4 inch.
4 Lift the lid 2 or 3 inches, and pull it off the chassis.
The VPN Router 2750 system board is now exposed. Figure 22 shows the
location of the option card and DIMM slots on the system board.
Nortel VPN Router Installation — VPN Router 2750
CS260006A
66 Chapter 4 Installing option cards and DIMMs
Figure 22 Location of option card and DIMM slots on the system board
DIMMs (1 and 2)
Option card slots
2
1
DIMM
slots
PCI
slots
3
4
CS160004A
1 2
Warning: Risk of injury
Beware of danger if you incorrectly replace the battery. Replace the
battery with the same type or an equivalent battery only, as
recommended by the manufacturer’s instructions. In spite of this
warning, which is mandated for regulatory approval, you must not
change the battery. If you suspect a dead battery, contact Nortel
Customer Support.
NN46110-318 02.01
Chapter 4 Installing option cards and DIMMs 67
Attaching the antistatic wrist strap
Nortel ships the VPN Router 2750 with an antistatic wrist strap. The antistatic
wrist strap directs the discharge of static electricity from your body to the chassis
of the gateway to avoid damage to sensitive electronic components.
You must wear an antistatic wrist strap on your arm when you remove, install, or
handle option cards and DIMMs.
Caution: Risk of equipment damage
Electrostatic discharge can damage hardware. Follow the procedure in
this section to protect your equipment from damage.
To attach the antistatic wrist strap:
1 Locate the antistatic wrist strap, and verify that the cable is attached to the
wrist strap.
2 Place the strap around your wrist, and adjust the strap to ensure that the metal
buckle inside the strap touches your skin.
3 Insert the banana plug into the grounding jack at the rear of the chassis
(Figure 23).
Figure 23 Location of the grounding jack for the antistatic wrist strap
Grounding jack
VPN Router 2750
100 - 240 V~
5 - 3 A
60 - 50 Hz
Power
Serial Port
Nortel VPN Router Installation — VPN Router 2750
LAN0 LAN1
1234
11424EA
68 Chapter 4 Installing option cards and DIMMs
Installing and replacing option cards
The VPN Router 2750 has four slots for option cards (Figure 22 on page 66). This
section provides instructions about adding new option cards to the gateway or, if
necessary, replacing an existing card. Tabl e 16 lists the option cards that you can
install in the VPN Router 2750.
Table 16 Supported option cards for the Nortel VPN Router 2750 2750
Maximum
Option card
SSL VPN Module 1000
1
VPN Router 2750 Security Accelerator
10/100BASE-TX Ethernet interface 4
1000BASE-T (1000 GT) Ethernet
interface
1000BASE-T (1000 MT) interface
(copper)
1000BASE-SX interface (fiber)
3
4
5
56/64K channel service unit/digital
service unit
Asymmetric digital subscriber line
ADSL) WAN interface
(
Integrated Services Digital Network
(ISDN) BRI S/T or U interface
(CSU/DSU) WAN interface
7
8
T1 CSU/DSU WAN interface
(full-height)
T1/E1 CSU/DSU WAN interface
(half-height)
Quad T1/E1 CSU/DSU WAN interface
V.90 modem interface
10
Single V.35/X.21 WAN interface
(full-height)
Single V.35/X.21 WAN interface
(half-height)
HSSI WAN interface
11
12
number Restrictions
1 Install this card in slot 1 only.
2
1
4
Install two 1000BASE-T (1000 MT) (1000 MT)
2
6
4
cards, two 1000BASE-SX cards, or one card of
each type. (But see Table 17 on page 69.)
4
4
4
4
9
3
For E1 support, you must install the half-height
interface card.
4 If an SSL VPN Module 1000 is in slot 1, do not
install the V.90 modem interface card in slot 2.
4
4
2 Do not install in slot 4; install in slot 3 or 1 if
possible. If an SSL VPN Module 1000 is installed,
you can install only one HSSI WAN interface card.
NN46110-318 02.01
Chapter 4 Installing option cards and DIMMs 69
1 The VPN Router 2750 2750 must be running Version 5.0 or later.
2 The VPN Router 2750 2750 must be running Version 4.90 or later.
3 The VPN Router 2750 must be running Version 5.05.330, 6.05.140 and later, 7.00.062, 7.05.100 and later, or 7.05.300
and later.
4 The VPN Router 2750 2750 must be running Version 4.90 or later.
5 The VPN Router 2750 2750 must be running Version 4.90 or later.
6 The VPN Router 2750 2750 must be running Version 5.0 or later.
7 The VPN Router 2750 2750 must be running Version 4.90 or later.
8 The VPN Router 2750 2750 must be running Version 4.80 or later.
9 The VPN Router 2750 2750 must be running Version 4.90 or later.
10 The VPN Router 2750 2750 must be running Version 4.80 or later.
11 The VPN Router 2750 2750 must be running Version 4.80 or later.
12 The gateway must be running Version 4.76 or later, or the hardware revision must be at least 03.
Tabl e 17 provides additional guidelines for option card installation when an SSL
VPN Module 1000 is installed in slot 1.
Table 17 Installing other option cards with the SSL VPN Module 1000
Option card Restrictions with SSL VPN Module 1000 installed
VPN Router Security Accelerator Only one VPN Router Security Accelerator card can be
installed.
1000BASE-T or 1000BASE-SX interface You can install two cards only if none of these cards is installed:
• VPN Router Security Accelerator
• HSSI
If a VPN Router Security Accelerator or HSSI card is installed,
only one 1000BASE-T or 1000BASE-SX card can be installed.
V.90 modem interface Do not install this card in slot 2.
HSSI WAN interface You can install only one HSSI card. Install this card in slot 3 if
possible, and do not install this card in slot 4.
Installing and replacing an option card
To install or replace an interface card or the VPN Router Security Accelerator
card:
Nortel VPN Router Installation — VPN Router 2750
70 Chapter 4 Installing option cards and DIMMs
1 Shut down the VPN Router 2750 using the Web GUI or the command line
interface and then unplug it as described in “Shutting down the system to add
or replace hardware” on page 62.
Warning: Risk of electric shock
Turn off the VPN Router 2750 and unplug it before you attempt to install
an option card.
2 Remove the front bezel from the chassis, and then remove the chassis from the
equipment rack (see “Removing the front bezel and top cover” on page 63).
3 Remove the top cover from the chassis (see “Removing the front bezel and
top cover” on page 63).
4 Attach the antistatic wrist strap that was shipped with the VPN Router 2750
(see “Attaching the antistatic wrist strap” on page 67).
5 Locate the slot where you plan to install the new or replacement option card.
Note: Do not try to install an HSSI WAN interface card or a VPN
Router Security Accelerator card in slot 4.
6 Remove the filler panel screw.
7 Pull out the filler panel (or the option card that you are replacing) from the
NN46110-318 02.01
slot (Figure 24).
Chapter 4 Installing option cards and DIMMs 71
Figure 24 Installing and removing an option card
Option card
Motherboard
Rear of unit
Option card slots
Filler panel screw
CS2600017A
8 Lower the new option card into the slot, and gently press the connector into
the slot.
Seat the card firmly in the slot. If you do not properly seat the card, it does not
work.
9 Replace the screw that secures the card to the slot (Figure 24 on page 71).
10 Replace the top cover on the chassis (Figure 21 on page 65).
a Hold the cover at an angle, and slide it onto the chassis.
b Insert the four screws that secure the cover to the chassis, and use a
screwdriver to tighten the screws.
11 Do the following to install the VPN Router 2750 in an equipment rack:
Nortel VPN Router Installation — VPN Router 2750
72 Chapter 4 Installing option cards and DIMMs
a Set the VPN Router 2750 on the rack-mount shelf in the rack.
b Insert one of the panhead screws through the bottom hole on each side of
the shelf into the hole in the rack, and tighten the screws (Figure 4 on
page 31).
12 Replace the front bezel (Figure 25).
a Hold the bezel by the two handles, and push the bezel onto the chassis.
b Use a screwdriver, to tighten the two screws that secure the bezel to the
chassis.
Figure 25 Replacing the front bezel
Press here
Installing and replacing DIMMs
The VPN Router 2750 has two slots for dual inline memory modules (DIMM)
(Figure 22 on page 66). Unless you ordered additional memory, the VPN Router
2750 is shipped with one 256 MB DIMM installed. You can upgrade memory in
the gateway by installing a second 256 MB DIMM.
NN46110-318 02.01
CS260005E
Chapter 4 Installing option cards and DIMMs 73
This section provides instructions on adding a second DIMM to the VPN Router
2750 or, if necessary, replacing an existing DIMM.
Caution: Use of a memory module not purchased from Nortel can
render void your warranty or your service contract.
Caution: Ensure that you install the same type of DIMM that is already
installed in your gateway.
To install or replace a DIMM:
1 Shut down the VPN Router 2750 using the Web GUI or the CLI, and then
unplug it as described in “Shutting down the system to add or replace
hardware” on page 62.
Warning: Risk of electric shock
Turn off the VPN Router 2750 and unplug it before you attempt to install
a DIMM.
2 Remove the front bezel from the chassis, and then remove the chassis from the
equipment rack (see “Removing the front bezel and top cover” on page 63).
3 Remove the top cover from the chassis (see “Removing the front bezel and
top cover” on page 63).
4 Attach the antistatic wrist strap that was shipped with the VPN Router 2750
(see “Attaching the antistatic wrist strap” on page 67).
Caution: Risk of equipment damage
Electrostatic discharge can damage VPN Router 2750 components.
Nortel VPN Router Installation — VPN Router 2750
74 Chapter 4 Installing option cards and DIMMs
5 To replace a DIMM, remove the installed DIMM as follows:
a Press down the locking lever on either side of the DIMM (Figure 26).
b Pull the DIMM up to remove it from the slot.
6 Press down the locking lever on either side of the slot where you plan to
install the new DIMM (Figure 26).
7 Place the new or replacement DIMM in the slot (Figure 26).
Use the alignment keys to properly position the DIMM in the slot.
8 Press the DIMM firmly into the socket.
9 Pull up the locking lever on either side of the DIMM to snap it into position.
Figure 26 Installing and removing a DIMM
Alignment keys
NN46110-318 02.01
To remove DIMMs, pull back
locking levers and pull out DIMM.
To install DIMMs, pull back locking
levers and push in DIMM.
Locking lever
CS260019A
Chapter 4 Installing option cards and DIMMs 75
10 Replace the top cover on the chassis (Figure 21 on page 65).
a Hold the cover at an angle, and slide it onto the chassis.
b Insert the four screws that secure the cover to the chassis, and use the
screwdriver to tighten the screws.
11 To install the VPN Router 2750 in an equipment rack, do the following:
a Set the VPN Router 2750 on the rack-mount shelf in the rack.
b Insert one of the panhead screws through the bottom hole on each side of
the shelf into the hole in the rack, and tighten the screws (Figure 4 on
page 31).
12 Replace the front bezel (Figure 25 on page 72).
a Hold the bezel by the two handles, and push the bezel onto the chassis.
b Use the screwdriver to tighten the two screws that secure the bezel to the
chassis.
Nortel VPN Router Installation — VPN Router 2750
76 Chapter 4 Installing option cards and DIMMs
NN46110-318 02.01
Appendix A
Technical specifications
This appendix provides technical specifications for the VPN Router 2750 chassis
and the chassis interfaces.
Chassis specifications
Tabl e 18 lists physical, electrical, and environmental specifications for the
chassis.
Table 18 Physical, electrical, and environmental specifications
Specification Description
Physical
Height 5.25 in. (13.335 cm)
Width 17 in. (43.18 cm)
Depth 21 in. (53.34 cm)
Weight 28 lbs. (12.7 kg)
Electrical
Voltage 100–240 VAC
Current 5 A @ 100 VAC or 3 A @ 240 VAC
Frequency 50–60 Hz
Environmental
Operating temperature 32–104
Storage temperature -40–185oF (-40–85oC)
Operating humidity 10–90% noncondensing
Storage humidity 10–95% noncondensing
o
F (0–40oC)
77
Nortel VPN Router Installation — VPN Router 2750
78 Appendix A Technical specifications
Table 18 Physical, electrical, and environmental specifications (continued)
Specification Description
Operating altitude 8202 ft (2500 m) maximum
Storage altitude 40 000 ft (12 192 m) maximum
System ports
The VPN Router 2750 system board provides the following built-in interfaces:
• two 10/100BASE-TX Ethernet local area network (LAN) ports
•serial port
This section provides information about the 10/100BASE-TX Ethernet LAN ports
and the serial port on the system board.
10/100BASE-TX Ethernet LAN ports
The system board provides two 10/100BASE-TX Ethernet LAN interfaces—LAN
0 and LAN 1—on the rear of the chassis. (The LAN 0 interface is used for Web
management.) Both built-in LAN interfaces accommodate an RJ-45 straightthrough cable. Depending on whether you use the interfaces for 10BASE-T or
100BASE-TX operation, select cables for the interfaces as follows:
• 100BASE-TX connections require Category 5 twisted-pair wire. The
• 10BASE-T connections can use Category 3, 4, or 5 twisted-pair wiring.
Figure 27 on page 79 shows the 10/100BASE-X connector and the connector
pinouts.
NN46110-318 02.01
100BASE-TX specification supports 100 Mb/s transmission over two pairs of
Category 5 twisted-pair Ethernet wiring: one pair each for transmit and
receive operations.
Nortel recommends a maximum length of 100 meters for the cable segment
between a 100BASE-TX repeater and a workstation (due to signal timing
requirements). This wiring scheme complies with the EIA 568 wiring
standard.
Appendix A Technical specifications 79
Figure 27 10/100BASE-TX Ethernet connector
87654321
RD- RD+ TD- TD+
CS260010A
Tabl e 19 provides the 10/100BASE-TX Ethernet port pinouts.
Table 19 10/100BASE-X Ethernet port pinouts
Pin Description
1TD +
2TD -
3 RD +
6 RD -
Serial port
The system board provides a serial port on the rear of the chassis to enable
out-of-band management. Use the serial port to assign the management IP address
and subnet mask to the newly installed gateway (for more information, see
Chapter 3, “Configuring the management IP interface,” on page 53).
The serial cable that Nortel supplies with the VPN Router 2750 is a DB9/
DB25-to-DB9/DB25 cable. This cable provides a crossover connection
(transmit-to-receive and receive-to-transmit). The DB9 connector goes into the
gateway and the other DB9 or DB25 connector goes into your workstation
(Figure 28 on page 80).
Nortel VPN Router Installation — VPN Router 2750
80 Appendix A Technical specifications
Figure 28 Serial cable (9-pin D-sub plug to RS-232-C modem plug)
10 ft
(3.05 m)
Pin 1Pin 5
Pin 1
Pin 13
Pin 6Pin 9
9-position D-sub receptacle with screw locks
(ground shield connected to backshell)
Pin 14
25-position D-sub plug with screw locks
(ground shield connected to backshell)
Pin 25
CAB0056A
Tabl e 20 provides the multiple DB9/DB25 serial interface cable pinouts.
Table 20 Multiple DB9 and DB25 connector pinouts
Serial port
DB9 connector
Pinout Signal Pinout Signal Pinout Signal Pinout Signal
2RXD3TXD>2RXD3TXD
3TXD2RXD>3TXD2RXD
4DTR20DSR>6DTR6DSR
5 Ground 7 Ground > 7 Ground 5 Ground
6DSR6DTR>20DSR4DTR
7RTS4RTS>5CTS8CTS
8CTS5CTS>4RTS7RTS
Serial port
DB25 connector
Serial port
DB25 connector
Serial port
DB9 connector
Modem cable specifications
If you need to connect a modem to a VPN Router 2750, you must obtain an
appropriate modem cable. The modem cable must have a 9-pin D-sub plug that
connects to the VPN Router 2750 serial port and a 25-pin D-sub plug that
connects to the RS-232-C modem port (Figure 29 on page 81).
NN46110-318 02.01
Appendix A Technical specifications 81
Figure 29 Modem cable (9-pin D-sub plug to RS-232-C modem plug)
10 ft
(3.05 m)
Pin 1Pin 5
Pin 1
Pin 13
Pin 6Pin 9
9-position D-sub receptacle with screw locks
(ground shield connected to backshell)
Tabl e 21 provides the modem cable pinouts.
Table 21 Modem cable pinouts
Nortel termination Modem termination
Signal Pin # to Pin # Signal
Data Carrier Detect 1 8 Data Carrier Detect
Transmit Data (TXD) 2 2 Transmit Data (TXD)
Receive Data (RXD) 3 3 Receive Data (RXD)
Data Set Ready 4 6 Data Set Ready
Data Terminal Ready 6 20 Data Terminal Ready
Clear to Send 7 5 Clear to Send
Request to Send 8 4 Request to Send
Pin 14
25-position D-sub plug with screw locks
(ground shield connected to backshell)
Pin 25
CAB0056A
Hardware option cards
The VPN Router 2750 provides four PCI slots that support a combination of the
following option cards:
• VPN Router Security Accelerator card
• SSL VPN Module 1000
• 10/100BASE-TX Ethernet interface card
• 1000BASE-T (1000 GT) Ethernet interface card
Nortel VPN Router Installation — VPN Router 2750
82 Appendix A Technical specifications
• 1000BASE-T (1000 MT) Ethernet interface card
• 1000BASE-SX Ethernet interface card
• 56/64K CSU/DSU WAN interface card
• ADSL WAN interface card
• ISDN BRI interface card
• T1 CSU/DSU WAN interface card (full-height card)
• T1/E1 CSU/DSU WAN interface card (half-height card)
• Quad T1/E1 CSU/DSU WAN interface card
• V.90 modem interface card
• Single V.35/X.21 WAN interface card
• HSSI WAN interface card
This section provides information about the option cards, including the connector
and the cable pinouts for each supported network interface card. For more
information about the restrictions on the option cards see Table 16 on page 68.
VPN Router Security Accelerator
Nortel supports the VPN Router Security Accelerator option card that performs
bulk encryption and compression algorithms for IPsec tunnel traffic.
Figure 30 shows the VPN Router Security Accelerator card.
Figure 30 VPN Router Security Accelerator card
The VPN Router Security Accelerator card uses a single Hifn 7854 chip for
encryption and compression and has 64 MB of onboard RAM. It supports
Advanced Encryption Standard (AES)-128 cryptography with SHA-1
authentication and triple Data Encryption Standard (DES) cryptography with
either Message Digest 5 Algorithm (MD5) or Secure Hash Algorithm (SHA)-1
authentication.
NN46110-318 02.01
Appendix A Technical specifications 83
The VPN Router Security Accelerator card is the successor to the Hardware
Accelerator card. The Hardware Accelerator Hifn 7811 card has been
discontinued effective January 2006 although Nortel still supports this card.
However, the VPN Router 2750 does not support the Hardware Accelerator card.
Along with providing support for AES, the VPN Router Security Accelerator card
provides increased encryption throughput and improved compression
performance.
Note: The VPN Router Security Accelerator card has one green LED.
At startup, when you manually enable an accelerator card, or when the accelerator
recovers from a failure, the power-on self-test (POST) verifies the integrity of the
hardware. This test includes validation of the accelerator’s encryption, MAC, and
compression algorithms against their software counterparts. In the event POST
fails, the accelerator card is set offline.
For more information about the VPN Router Security Accelerator card and
instructions for configuring this card, see the guide Nortel VPN Router
Configuration — Advanced Features (NN46110-502).
SSL VPN Module 1000
The SSL VPN Module 1000 provides complete SSL VPN processing capability to
the VPN Router gateway. This module provides a unified solution for IPsec and
remote access SSL VPN.
Figure 31 shows the SSL VPN Module 1000.
Figure 31 SSL VPN Module 1000
The SSL VPN Module 1000 has no external access: all traffic to and from the SSL
VPN Module 1000 card occurs over an internal high-speed link.
Online
1
Utilization
Nortel VPN Router Installation — VPN Router 2750
Activity2 -
11356EA
84 Appendix A Technical specifications
The SSL VPN Module 1000 is supported on VPN Router 5000, 2750, 2700, and
1750 gateways running VPN Router Version 5.0 software. You must install the
SSL VPN Module 1000 in slot 1 of the VPN Router 5000, 2750, 2700, or 1750.
The VPN Router gateway distinguishes between the services that it provides and
the services that the SSL VPN Module 1000 provides and immediately forwards
the appropriate traffic to the SSL VPN module.
Note: For complete information about the SSL VPN Module 1000 and
instructions for configuring it, see Nortel VPN Router Configuration —
SSL VPN Services (NN46110-501).
10/100BASE-TX Ethernet interface card
The 10/100BASE-TX Ethernet interface card has a single RJ-45 connector that
provides the signals needed to interface to 10BASE-T and 100BASE-TX Ethernet
equipment.
Figure 32 shows the 10/100BASE-TX Ethernet interface card.
Figure 32 10/100BASE-TX Ethernet interface card
For information about the cables that you can connect to this interface and the
cable pinouts, see “10/100BASE-TX Ethernet LAN ports” on page 78.
NN46110-318 02.01
DATA
ACT/LINK
100TX
CS260009A
Appendix A Technical specifications 85
1000BASE-T (1000 GT) Ethernet interface card
The 1000BASE-T (1000 GT) Ethernet card replaces the 10/100BASE-TX
Ethernet card (see the previous section). This card provides 10/100/1000 Mbit/s
Ethernet services and supports autonegotiation. The card supports the IEEE
802.3ab standard and provides RJ-45/CAT 5 interconnection. It can operate in
either full or half duplex mode at 10/100 Mbit/s, and in full duplex mode at 1
Gbit/s. At 1 Gbit/s, autonegotiation must be used.
The 1000BASE-T (1000 GT) Ethernet card supports 10/100/1000 Mbit/s
operation in the VPN Router 2700/2750.
For the 1000BASE-T (1000 GT) Ethernet interface card to be recognized by the
system, the minimum required VPN Router operating software is:
•5.05.330
• 6.05.140 and all subsequent versions
•7.00.062
• 7.05.100 and all subsequent versions (FIPS branch)
• 7.05.300 and all subsequent versions
The 1000 GT card does not replace the high-performance 1000BASE-T 1000 MT
card (see the following section).
The following figure shows the 1000BASE-T (1000 GT) Ethernet interface
full-height card for VPN Router.
Nortel VPN Router Installation — VPN Router 2750
86 Appendix A Technical specifications
Figure 33 1000BASE-T (1000 GT) Ethernet interface card (all models except
VPN Router 2750 1100)
Select cables for this card as follows. Keep in mind that this card is
auto-negotiating and uses the highest possible data rate:
• For 1000BASE-T operation, use Category 5 four-pair Ethernet wiring. The
cable must comply with the TIA 568 wiring specification. Nortel recommends
a maximum length of 100 meters for the cable segment.
• For 100BASE-TX operation, use Category 5 twisted-pair wiring: one pair
each for transmit and receive operations. The cable must comply with the
EIA 568 wiring specification. Nortel recommends a maximum length of 100
meters for the cable segment.
• For 10BASE-T operation, use Category 3, 4, or 5 twisted-pair wiring.
The following table provides the pinouts for the 1000BASE-T (1000 GT) Ethernet
interface card..
Table 22 1000BASE-T (1000 GT) Ethernet pinouts
NN46110-318 02.01
12345678
CS260010A
Pin Description
1TP0+
2TP0-
3TP1+
4TP2+
5TP2-
6TP1-
7TP3+
8TP3-
Appendix A Technical specifications 87
1000BASE-T (1000 MT) Ethernet interface card
Use the 1000BASE-T Ethernet interface card to connect to Gigabit Ethernet
interfaces on other devices in your network, as well as to provide increased
throughput. This interface card has a single RJ-45 connector.
Figure 34 shows the 1000BASE-T Ethernet interface card.
Figure 34 1000BASE-T (1000 MT) Ethernet interface card
R
Intel PRO
The port on the 1000BASE-T Ethernet interface card accommodates an RJ-45
straight-through cable. Select cables for this port as follows:
• For 1000BASE-T operation, use Category 5 four-pair Ethernet wiring. The
cable must comply with the TIA 568 wiring specification. Nortel recommends
a maximum length of 100 meters for the cable segment.
• For 100BASE-TX operation, use Category 5 twisted-pair wiring: one pair
each for transmit and receive operations. The cable must comply with the
EIA 568 wiring specification. Nortel recommends a maximum length of 100
meters for the cable segment.
• For 10BASE-T operation, use Category 3, 4, or 5 twisted-pair wiring.
ACT/LNK
10 = OFF
100 = GRN
1000 = ORG
11287EA
Tabl e 23 provides the 1000BASE-T Ethernet port pinouts.
Table 23 1000BASE-T Ethernet port pinouts
Pin Description
12345678
CS260010A
1TP0+
2TP0-
3TP1+
4TP2+
5TP2-
6TP1-
Nortel VPN Router Installation — VPN Router 2750
88 Appendix A Technical specifications
Table 23 1000BASE-T Ethernet port pinouts
Pin Description
7TP3+
8TP3-
1000BASE-SX Ethernet interface card
The 1000BASE-SX Ethernet interface card implements short-wavelength
(850 nm) laser transmissions. Use this interface card to connect to fiber Gigabit
Ethernet interfaces on other devices in your network, as well as to provide
increased throughput. The 1000BASE-SX Ethernet interface card has a single
type LC fiber connector.
Figure 35 shows the 1000BASE-SX Ethernet interface card.
Figure 35 1000BASE-SX Ethernet interface card
The port on the 1000BASE-SX Ethernet interface card accommodates a
multimode fiber (MMF) cable that meets MMF standards. Select fiber cable for
this interface as follows:
• 50-micron MMF cable: provides a distance range of 500–550 meters (m)
• 62.5-micron MMF cable: provides a distance range of 220–275 m
You can order a 10-foot MMF cable from Nortel:
• Order no. DM0011117 provides an LC-to-LC connector
• Order no. DM0011118 provides an LC-to-SC connector
NN46110-318 02.01
R
Intel PRO
ACT/LNK
11288EA
Appendix A Technical specifications 89
56/64K CSU/DSU WAN interface card
The 56/64K CSU/DSU WAN interface card has a single RJ-48 connector that
provides the signals needed to interface to network equipment.
Figure 36 shows the 56/64K CSU/DSU WAN interface card.
Figure 36 56/64K CSU/DSU WAN interface card
56/64K
DDS
The connector on the 56/64K CSU/DSU WAN interface card accommodates an
8-pin RJ-48 modular patch cord.
Note: Nortel does not supply an interface cable with the
56/64K CSU/DSU WAN interface card.
Use cable that is wired in accordance with ANSI T1.410 wiring style. This wiring
style ensures that a twisted pair inside the patch cord carries the transmit signal
(pins 1 and 2) and the receive signal (pins 7 and 8). Nortel strongly recommends
that you use professionally manufactured patch cords.
You connect the 56/64K CSU/DSU WAN interface card to the service provider
network using a straight-through cable or a crossover cable, depending on how the
service provider wired its jack.
Nortel VPN Router Installation — VPN Router 2750
90 Appendix A Technical specifications
Tabl e 24 provides the 56/64K CSU/DSU cable pinouts for a crossover
connection.
Table 24 56/64K CSU/DSU cable pinouts for crossover connection
Nortel termination Remote termination
Signal Pin # to Pin # Signal
Transmit tip 1 7 Receive tip
Transmit ring 2 8 Receive ring
not used 3 3 not used
not used 4 4 not used
not used 5 5 not used
not used 6 6 not used
Receive tip 7 1 Transmit tip
Receive ring 8 2 Transmit ring
The cable operates properly if you do not connect pins 3, 4, 5, and 6.
Tabl e 25 provides the 56/64K CSU/DSU cable pinouts for a straight-through
connection.
Table 25 56/64K CSU/DSU cable pinouts for straight-through connection
Nortel termination Remote termination
Signal Pin # to Pin # Signal
Transmit tip 1 1 Transmit tip
Transmit ring 2 2 Transmit ring
not used 3 3 not used
not used 4 4 not used
not used 5 5 not used
not used 6 6 not used
Receive tip 7 7 Receive tip
Receive ring 8 8 Receive ring
NN46110-318 02.01
ADSL WAN interface card
The ADSL Annex A and Annex B WAN interface cards have a single RJ-11
connector that provides the signals needed to interface to the ADSL-provisioned
telephone line.
Figure 37 shows the ADSL WAN interface card.
Note: The ADSL Annex A and ADSL Annex B cards look identical.
Figure 37 ADSL WAN interface card
Appendix A Technical specifications 91
ADSL
RX/TX
CONN
Included in the accessory box with the ADSL WAN interface card is a 7-foot
cable to attach to the DSLAM.
• The Annex A cable is an RJ-11 to RJ-11 cable.
• The Annex B cable is an RJ-11 to RJ-45 cable.
Tabl e 26 provides the pinouts for the ADSL Annex A cable.
Table 26 ADSL Annex A cable pinouts
Pin Function
1N/C
2Tip
3 Ring
4N/C
Nortel VPN Router Installation — VPN Router 2750
92 Appendix A Technical specifications
Tabl e 27 provides the pinouts for the ADSL Annex B cable.
Table 27 ADSL Annex B cable pinouts
RJ-11 termination RJ-45 termination
Signal Pin # to Pin # Signal
N/C 16N/C
Tip 25Tip
Ring 3 4 Ring
N/C 43N/C
ISDN BRI interface card
The ISDN BRI S/T and ISDN BRI U interface cards have a single RJ-45
connector that provides the signals needed to interface to ISDN equipment. (To
connect the ISDN S/T interface to the ISDN network, you must attach an external
NT-1 device to the RJ-45 connector.)
Figure 38 shows the ISDN BRI S/T interface card or the ISDN BRI U interface
card. The two look identical.
Figure 38 ISDN BRI S/T or IDSDN BRI U
The connector on the ISDN BRI S/T and ISDN BRI U interface cards
accommodates an 8-pin RJ-45 modular patch cord. These cables are sold as
Category 5, or Ethernet, cables.
NN46110-318 02.01
Note: Nortel does not supply a cable with the ISDN BRI interface cards.
Appendix A Technical specifications 93
Tabl e 28 provides the ISDN BRI S/T cable pinouts.
Table 28 ISDN BRI S/T cable pinouts
Pin Function
1N/C
2N/C
3 Receive +
4 Transmit +
5 Transmit -
6 Receive -
7N/C
8N/C
Tabl e 29 provides the ISDN BRI U cable pinouts.
Table 29 ISDN BRI U cable pinouts
Pin Function
1N/C
2N/C
3N/C
4 U interface network connection (tip)
5 U interface network connection (ring)
6N/C
7N/C
8N/C
Nortel VPN Router Installation — VPN Router 2750
94 Appendix A Technical specifications
T1/E1 CSU/DSU WAN interface card
The T1/E1 CSU/DSU WAN interface card has a single connector that provides
the signals needed to interface to T1 or E1 equipment. This interface card ships as
a half-height card and as a full-height card.
Figure 39 shows the T1/E1 CSU/DSU WAN interface card (half-height card)
Figure 39 T1/E1 CSU/DSU WAN interface card (half-height card)
.
Note: For E1 service, you must install the half-height version of the
T1/E1 CSU/DSU WAN interface card.
Figure 40 shows the T1/E1 CSU/DSU WAN interface card (full-height card).
Figure 40 T1/E1 CSU/DSU WAN interface card (full-height card)
CS160012A
The connector on the T1/E1 CSU/DSU WAN interface accommodates an 8-pin
RJ-48 modular patch cord. These cables are commonly sold as Category 5, or
Ethernet, cables.
Use cable that is wired in accordance with EIA-568-A wiring style. This wiring
style ensures that a twisted pair inside the patch cord carries the transmit signal
(pins 4 and 5) and the receive signal (pins 1 and 2). Nortel strongly recommends
that you use professionally manufactured patch cords.
NN46110-318 02.01
Note: Nortel does not supply the T1/E1 CSU/DSU WAN interface
cable with the WAN interface card.
Appendix A Technical specifications 95
You connect the T1/E1 CSU/DSU WAN interface card to the service provider
network using a straight-through cable or a crossover cable, depending on how the
service provider wired its jack.
• For a straight-through connection, you can use a standard Category 5
(Ethernet) straight-through cable.
• For a crossover connection, you cannot use a standard Category 5 crossover
cable. Do not interchange the T1/E1 CSU/DSU crossover cable and the
Ethernet crossover cable.
Tabl e 30 provides the T1/E1 CSU/DSU cable pinouts for a crossover connection.
Table 30 T1/E1 CSU/DSU cable pinouts for crossover connection
Standard-wired
end 8-pin male Signal name
1 RXDA<-TXDA wht/org pair 2A 5
2 RXDB<-TXDB orange pair 2B 4
3 not used wht/grn pair 3A 3
4 TXDB->RXDB blue pair 1B 2
5 TXDA->RXDA wht/blu pair 1A 1
6 not used green pair 3B 6
7 not used wht/brn pair 4A 7
8 not used brown pair 4B 8
Pair number
and conductor
Special-wired
end 8-pin male
The cable operates properly if you do not connect pins 3, 6, 7, and 8.
Caution: For crossover connections, do not use Ethernet cable. If you
use Ethernet cable, the T1/E1 CSU/DSU does not work to specifications,
and this condition can corrupt data.
Nortel VPN Router Installation — VPN Router 2750
96 Appendix A Technical specifications
Tabl e 31 provides the T1/E1 CSU/DSU cable pinouts for a straight-through
connection.
Table 31 T1/E1 CSU/DSU cable pinouts for straight-through connection
Nortel termination Remote termination
Signal Pin # to Pin # Signal
Receive A (RXDA) 1 1 Receive A (RXDA)
Receive B (RXDB) 2 2 Receive B (RXDB)
not used 3 3 not used
Transmit B (TXDB) 4 4 Transmit B (TXDB)
Transmit A (TXDA) 5 5 Transmit A (TXDA)
not used 6 6 not used
not used 7 7 not used
not used 8 8 not used
Quad T1/E1 CSU/DSU WAN interface card
The quad T1/E1 CSU/DSU WAN interface card has four connectors that provide
the signals needed to interface to T1 or E1 equipment. Figure 41 shows the quad
T1/E1 CSU/DSU WAN interface card.
Figure 41 Quad T1/E1 CSU/DSU WAN interface card
Each connector on the quad T1/E1 CSU/DSU WAN interface card accommodates
an 8-pin RJ-48 modular patch cord. These cables are sold as Category 5, or
Ethernet, cables.
NN46110-318 02.01
CS160012A
Note: Nortel does not supply cables with the quad T1/E1 CSU/DSU
interface card.
Use cable that is wired in accordance with EIA-568-A wiring style. This wiring
style ensures that a twisted pair inside the patch cord carries the transmit signal
(pins 4 and 5) and the receive signal (pins 1 and 2). Nortel strongly recommends
that you use professionally manufactured patch cords.
You connect the quad T1/E1 CSU/DSU WAN interface card to the service
provider network using a straight-through cable or a crossover cable, depending
on how the service provider wired its jack.
• For a straight-through connection, you can use a standard Category 5
(Ethernet) straight-through cable.
• For a crossover connection, you cannot use a standard Category 5 crossover
cable. Do not interchange the T1/E1 CSU/DSU crossover cable and the
Ethernet crossover cable.
For information about the cable pinouts for a crossover connection, see Tab le 3 0
on page 95. For information about the cable pinouts for a straight-through
connection, see Table 31 on page 96.
V.90 modem interface card
Appendix A Technical specifications 97
The V.90 modem interface card has two RJ-11 connectors that provide the signals
needed to interface to an incoming telephone line and to telephone equipment.
Figure 42 shows the V.90 modem interface card.
Figure 42 V.90 modem interface card
PHONE
LINE
Included in the accessory box is a 7-foot RJ-11 cable to attach to a telephone jack.
Nortel VPN Router Installation — VPN Router 2750
98 Appendix A Technical specifications
Tabl e 32 provides the V.90 modem port cable pinouts.
Table 32 V.90 modem cable pinouts
Pin Function
1N/C
2Tip
3 Ring
4N/C
Single V.35/X.21 WAN interface card
The single V.35/X.21 WAN interface card has a single DB28S connector that
provides the signals needed to interface to V.35 and X.21 equipment. Figure 43 on
page 98 shows the single V.35/X.21 WAN interface card.
Figure 43 Single V.35/X.21 WAN interface card
You need a DSU/CSU (digital service unit/channel service unit) between the
WAN connection and the gateway. You can order a V.35 or X.21 cable to attach
to the connector. With this cable, the WAN adapter can function as DTE (data
terminal equipment).
Tabl e 33 provides the V.35 cable pinouts. Table 34 on page 100 provides the X.21
cable pinouts. (The pair suffix A or B refers to an individual wire within a twisted
pair.)
Table 33 V.35 cable pinouts
Standard-wired
end 28-pin male Signal name
2 TXDA pair 1A P
14 TXDB pair 1B S
NN46110-318 02.01
Pair number
and conductor
CS160011A
Special-wired
end 34-pin male Notes
Table 33 V.35 cable pinouts (continued)
Appendix A Technical specifications 99
Standard-wired
end 28-pin male Signal name
Pair number
and conductor
Special-wired
end 34-pin male Notes
3 RXDA pair 2A R
16 RXDB pair 2B T
15 TXCA pair 3A Y
12 TXCB pair 3B AA
17 RXCA pair 4A V
9 RXCB pair 4B X
24 SCTEA pair 5A U
11 SCTEB pair 5B W
4 RTSA pair 6A C
19 RTSB pair 6B no conn Note 1
5 CTSA pair 7A D
13 CTSB pair 7B no conn Note 1
6 DSRA pair 8A E
22 DSRB pair 8B J
20 DTRA pair 9A H
23 DTRB pair 9B no conn Note 1
8 DCDA pair 10A F
10 DCDB pair 10B no conn Note 1
18 LL pair 11A L
21 RL pair 11B N
25 TM pair 12A NN
26 M0<-SIGNAL GROUND pair 12B B Note 2
27 M1<-SIGNAL GROUND pair 13A B Note 2
28 M2 pair 13B no conn Note 1
1 SHIELD pair 14A A Notes 3,4
7 SIGNAL GROUND pair 14B B Notes 2,4
The following notes apply to the single V.35 DTE cable:
1. The term “no conn” means the wire is not connected to a pin in the 34-pin connector.
2. Wires 12B, 13A, and 14B connect to pin B in the 34-pin connector.
Nortel VPN Router Installation — VPN Router 2750
100 Appendix A Technical specifications
3. At each end, the cable shield and connector shell must connect respectively to pin A of the 34-pin connector and
pin 1 of the standard 28-pin connector.
4. Do not connect Shield to Signal Ground because these are separate signals.
Tabl e 34 provides the X.21 cable pinouts. (The pair suffix A or B refers to an
individual wire within a twisted pair.)
Table 34 X.21 cable pinouts
Standard-wired
end 28-pin male Signal name
2 TXDA pair 1A 2
14 TXDB pair 1B 9
3 RXDA pair 2A 4
16 RXDB pair 2B 11
15 TXCA pair 3A 6
12 TXCB pair 3B 13
17 RXCA pair 4A pair 5A Note 1
9 RXCB pair 4B pair 5B Note 1
24 SCTEA pair 5A pair 4A Note 1
11 SCTEB pair 5B pair 4B Note 1
4 RTSA pair 6A 3
19 RTSB pair 6B 10
5 CTSA pair 7A 5
13 CTSB pair 7B 12
6 DSRA pair 8A no conn Note 2
22 DSRB pair 8B no conn Note 2
20 DTRA pair 9A no conn Note 2
23 DTRB pair 9B no conn Note 2
8 DCDA pair 10A no conn Note 2
10 DCDB pair 10B no conn Note 2
18 LL pair 11A no conn Note 2
21 RL pair 11B no conn Note 2
25 TM pair 12A no conn Note 2
26 M0 pair 12B no conn Note 2
27 M1 pair 13A no conn Note 2
Pair number
and conductor
Standard-wired
end 15-pin male Notes
NN46110-318 02.01
Loading...