SR1001_Web_UI_User_Guide.pdf

8/17/2019 SR1001_Web_UI_User_Guide.pdf

1/42

SR1001 Web UI User GuideNortel Secure Routers 1001 and 1001S

Software Release 8.3.5

Part No. 322007-A

March 2006

4655 Great America Parkway

Santa Clara, CA 95054


2/42

SR1001 Web UI User Guide

Version 8.3.5

Copyright © 2006 Nortel Networks. All rights reserved.

The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendationsin this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take fullresponsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel

Networks.

The software described in this document is furnished under a license agreement and may be used only in accordance with the terms of thatlicense. The software license agreement is included in this document.

Trademarks

*Nortel, Nortel Networks, the Nortel logo, the Globemark, Unified Networks, and BayStack are trademarks of Nortel Networks.

Adobe and Adobe Reader are trademarks of Adobe Systems Incorporated.

Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation.

The asterisk after a name denotes a trademarked item.

Restricted rights legend

Use, duplication, or disclosure by the United States Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rightsin Technical Data and Computer Software clause at DFARS 252.227-7013.

Notwithstanding any other license agreement that may pertain to, or accompany the delivery of, this computer software, the rights of theUnited States Government regarding its use, reproduction, and disclosure are as set forth in the Commercial Computer Software-RestrictedRights clause at FAR 52.227-19.

Statement of conditions

In the interest of improving internal design, operational function, and/or reliability, Nortel Networks reserves the right to make changes tothe products described in this document without notice.

Nortel Networks does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) describedherein.

Portions of the code in this software product may be Copyright © 1988, Regents of the University of California. All rights reserved.Redistribution and use in source and binary forms of such portions are permitted, provided that the above copyright notice and this

paragraph are duplicated in all such forms and that any documentation, advertising materials, and other materials related to such distributionand use acknowledge that such portions of the software were developed by the University of California, Berkeley. The name of theUniversity may not be used to endorse or promote products derived from such portions of the software without specific prior written

permission.

SUCH PORTIONS OF THE SOFTWARE ARE PROVIDED “AS IS” AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES,INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR APARTICULAR PURPOSE.

In addition, the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on useand disclosure (that may incorporate by reference certain limitations and notices imposed by third parties).

Nortel Networks software license agreement

This Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nortel Networks Corporation andits subsidiaries and affiliates (“Nortel Networks”). PLEASE READ THE FOLLOWING CAREFULLY. YOU MUST ACCEPT THESE

LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOURACCEPTANCE OF THIS LICENSE AGREEMENT. If you do not accept these terms and conditions, return the Software, unused and in theoriginal shipping container, within 30 days of purchase to obtain a credit for the full purchase price.

“Software” is owned or licensed by Nortel Networks, its parent or one of its subsidiaries or affiliates, and is copyrighted and licensed, notsold. Software consists of machine-readable instructions, its components, data, audio-visual content (such as images, text, recordings or

pictures) and related licensed materials including all whole or partial copies. Nortel Networks grants you a license to use the Software onlyin the country where you acquired the Software. You obtain no rights other than those granted to you under this License Agreement. You areresponsible for the selection of the Software and for the installation of, use of, and results obtained from the Software.

1. Licensed Use of Software. Nortel Networks grants Customer a nonexclusive license to use a copy of the Software on only onemachine at any one time or to the extent of the activation or authorized usage level, whichever is applicable. To the extent Software is


3/42


Version 8.3.5

furnished for use with designated hardware or Customer furnished equipment (“CFE”), Customer is granted a nonexclusive license to useSoftware only on such hardware or CFE, as applicable. Software contains trade secrets and Customer agrees to treat Software as confidentialinformation using the same care and discretion Customer uses with its own similar information that it does not wish to disclose, publish ordisseminate. Customer will ensure that anyone who uses the Software does so only in compliance with the terms of this Agreement.Customer shall not a) use, copy, modify, transfer or distribute the Software except as expressly authorized; b) reverse assemble, reversecompile, reverse engineer or otherwise translate the Software; c) create derivative works or modifications unless expressly authorized; or d)sublicense, rent or lease the Software. Licensors of intellectual property to Nortel Networks are beneficiaries of this provision. Upon

termination or breach of the license by Customer or in the event designated hardware or CFE is no longer in use, Customer will promptlyreturn the Software to Nortel Networks or certify its destruction. Nortel Networks may audit by remote polling or other reasonable means todetermine Customer’s Software activation or usage levels. If suppliers of third party software included in Software require Nortel Networksto include additional or different terms, Customer agrees to abide by such terms provided by Nortel Networks with respect to such third

party software.

2. Warranty. Except as may be otherwise expressly agreed to in writing between Nortel Networks and Customer, Software is provided“AS IS” without any warranties (conditions) of any kind. NORTEL NETWORKS DISCLAIMS ALL WARRANTIES (CONDITIONS)FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OFMERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel

Networks is not obligated to provide support of any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties,and, in such event, the above exclusions may not apply.

3. Limitation of Remedies. IN NO EVENT SHALL NORTEL NETWORKS OR ITS AGENTS OR SUPPLIERS BE LIABLE FORANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS OF, OR DAMAGE TO,CUSTOMER’S RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR

CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS), WHETHER IN CONTRACT, TORT OR OTHERWISE(INCLUDING NEGLIGENCE) ARISING OUT OF YOUR USE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS, ITS AGENTSOR SUPPLIERS HAVE BEEN ADVISED OF THEIR POSSIBILITY. The foregoing limitations of remedies also apply to any developerand/or supplier of the Software. Such developer and/or supplier is an intended beneficiary of this Section. Some jurisdictions do not allowthese limitations or exclusions and, in such event, they may not apply.

4. General

a. If Customer is the United States Government, the following paragraph shall apply: All Nortel Networks Software available underthis License Agreement is commercial computer software and commercial computer software documentation and, in the eventSoftware is licensed for or on behalf of the United States Government, the respective rights to the software and softwaredocumentation are governed by Nortel Networks standard commercial license in accordance with U.S. Federal Regulations at 48C.F.R. Sections 12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).

b. Customer may terminate the license at any time. Nortel Networks may terminate the license if Customer fails to comply with theterms and conditions of this license. In either event, upon termination, Customer must either return the Software to Nortel

Networks or certify its destruction.

c. Customer is responsible for payment of any taxes, including personal property taxes, resulting from Customer’s use of theSoftware. Customer agrees to comply with all applicable laws including all applicable export and import laws and regulations.

d. Neither party may bring an action, regardless of form, more than two years after the cause of the action arose.

e. The terms and conditions of this License Agreement form the complete and exclusive agreement between Customer and Nortel Networks.

f. This License Agreement is governed by the laws of the country in which Customer acquires the Software. If the Software isacquired in the United States, then this License Agreement is governed by the laws of the state of New York.

How to get help

This section explains how to get help for Nortel products and services.

Getting help from the Nortel web site

The best way to get technical support for Nortel products is from the Nortel Technical Support web site:

www.nortel.com/support

This site provides quick access to software, documentation, bulletins, and tools to address issues with Nortel products. More specifically, thesite enables you to:

• download software, documentation, and product bulletins

• search the Technical Support web site and the Nortel Knowledge Base for answers to technical issues

http://www.nortel.com/supporthttp://www.nortel.com/support


4/42


Version 8.3.5

• sign up for automatic notification of new software and documentation for Nortel equipment

• open and manage technical support cases

Getting help through a Nortel distributor or reseller

If you purchased a service contract for your Nortel product from a distributor or authorized reseller, contact the technical support staff forthat distributor or reseller.

Getting help over the phone from a Nortel Solutions Center

If you do not find the information you require on the Nortel Technical Support web site, and have a Nortel support contract, you can also gethelp over the phone from a Nortel Solutions Center.

In North America, call 1-800-4NORTEL (1-800-466-7835).

Outside North America, go to the following web site to obtain the phone number for your region:

www.nortel.com/callus

Getting help from a specialist by using an Express Routing Code

An Express Routing Code (ERC) is available for many Nortel products and services. When you use an ERC, your call is routed to atechnical support person who specializes in supporting that product or service. To locate the ERC for your product or service, go to:

www.nortel.com/erc


5/42


Version 8.3.5

T ABLE OF C ONTENTS

1 ABOUT THIS GUIDE

Organization....................................................................................................................................... 1

Conventions ....................................................................................................................................... 1

Notices ........................................................................................................................................... 2

Documentation................................................................................................................................... 3

About the Nortel Secure Router Documentation CD..................................................................... 3

Navigation.................................................................................................................................. 3

Printing Documents.................................................................................................................... 3

Related Nortel Guides.................................................................................................................... 3

2 STARTING THE WEBUI

Overview............................................................................................................................................ 5

Main Tabs ...................................................................................................................................... 7

Common Functions........................................................................................................................ 7

Common Elements......................................................................................................................... 8

Error Messages and Prompts.......................................................................................................... 8

3 THE GUIDED SETUP CONFIGURATION WIZARD

Basic Setup......................................................................................................................................... 10

Virtual Private Network (VPN) Setup ............................................................................................... 11Firewall Setup .................................................................................................................................... 12

4 CONFIGURATION

LAN ................................................................................................................................................... 14

WAN .................................................................................................................................................. 15

T1/T3.................................................................................................................................................. 16

Serial .................................................................................................................................................. 18

PPPoE................................................................................................................................................. 19

Routing............................................................................................................................................... 20

Security .............................................................................................................................................. 21

Setting Up Zones............................................................................................................................ 21

Configuring VPNs.......................................................................................................................... 21

Remote Access............................................................................................................................... 22

Configuring Security Objects......................................................................................................... 22

Schedules ................................................................................................................................... 22

Application Filters...................................................................................................................... 22

Configuring Firewalls .................................................................................................................... 24


6/42


Version 8.3.5

5 ADMINISTRATION

Administration....................................................................................................................................26

User Administration.......................................................................................................................26

Boot Administration....................................................................................................................... 27

Save/Reboot ...................................................................................................................................28

Host name.......................................................................................................................................28

Date ................................................................................................................................................28

Licenses..........................................................................................................................................29

Services Administration................................................................................................................. 29

Ping.................................................................................................................................................30

File System Administration............................................................................................................30


7/42


Version 8.3.5

F IGURES

1 WebUI Welcome Screen............................................................................................................ 6

2 Status Screen.............................................................................................................................. 7

3 Guided Setup Tab....................................................................................................................... 9

4 The Three basic set up steps ...................................................................................................... 10

5 Site-to-Site VPN Setup Screen .................................................................................................. 11

6 Firewall Setup Screen (showing Inbound Policy)...................................................................... 12

7 The Configuration Main Screen................................................................................................. 13

8 LAN Configuration.................................................................................................................... 14

9 WAN Interface Settings............................................................................................................. 15

10 WAN Bundle Details ................................................................................................................. 15

11 T1 Interfaces .............................................................................................................................. 16

12 T1 Settings ................................................................................................................................. 16

13 T3 Interfaces .............................................................................................................................. 16

14 T3 Details................................................................................................................................... 17

15 Serial interfaces.......................................................................................................................... 18

16 V.35 Settings.............................................................................................................................. 18

17 V.35 Configuration .................................................................................................................... 18

18 PPPoE interfaces........................................................................................................................ 19

19 PPPoE Settings........................................................................................................................... 19

20 Static Routes .............................................................................................................................. 20

21 Configuring Zones ..................................................................................................................... 21

22 Configuring IKE Site-to-Site VPN Parameters ......................................................................... 21

23 Configuring Security Objects—NAT Pool Example................................................................. 22

24 Configuring Schedules Example................................................................................................ 22

25 Application Filter—HTTP Filter Example ............................................................................... 23

26 Configuring Firewalls—Outbound Policy Example .................................................................. 24

27 Administration Tab .................................................................................................................... 26

28 Administration Window............................................................................................................. 27

29 Existing Users ............................................................................................................................ 27

30 Boot Parameters Window .......................................................................................................... 27

31 Save/Reboot Window ................................................................................................................ 28

32 Hostname Window..................................................................................................................... 28

33 Current Data and Time Window ................................................................................................ 29

34 Licenses Window....................................................................................................................... 29

35 Services Window ....................................................................................................................... 30

36 Ping Window.............................................................................................................................. 30

37 File System Window.................................................................................................................. 31


8/42


Version 8.3.5


9/42


Version 8.3.5

T ABLES

1 Guide Organization: Chapters..................................................................................................... 1

2 Text Conventions ........................................................................................................................ 1


10/42


11/42


Version 8.3.5

1

1 A BOUT T HIS GUIDE

A Web user interface is available on the Nortel Secure Router 1001 and is supported on Version 8.3.5

or higher.

The WebUI does not replace the CLI. You must still perform the basic configuration described in the

Install Guide. Furthermore, the WebUI does not enable you to do advanced configurations. However,

the WebUI allows new or inexperienced users to create basic router and security configurations

quickly and effectively.

OrganizationThe following tables describe the content and organization of this guide.

ConventionsThis guide uses the following typographical conventions:

Table 1 Guide Organization: Chapters

Chapter Description

1 About This Guide—defines the user audience, and describes the organization of this guide, use

of special notices, and other Nortel user guides.

2 Starting the WebUI—describes how to access the WebUI and log onto the router. It also

describes the opening screen.

3 Guided Setup—describes wizard-like configuration process best suited to network

administrators who are new to the router.

4 Configuration —describes the configuration options for the SR1001. This chapter is targeted at

those network administrators who are familiar with the Nortel CLI and routers.

5 Administration—describes basic administrative tasks that can be performed with the WebUI.

Table 2 Text Conventions

Font Description

boldface font Used for commands that you enter, words that you type, or keyboard keys that you press.

screen font Used to display a screen capture.


12/42

2 CHAPTER 1About This Guide Conventions


Version 8.3.5

Notices Notice paragraphs alert you about issues that require your attention. The following paragraphs describe the

types of notices used in this guide.

NOTE: Notes provide tips and useful information regarding the installation and operation of SR1001s.

ESD: ESD notices provide information about how to avoid discharge of static electricity and subsequent

damage to SR1001s.

CAUTION: Caution notices provide information about how to avoid possible service disruption or

damage to SR1001s.

WARNING: Warning notices provide information about how to avoid personal injury when working

with SR1001s.


13/42

3


Version 8.3.5

Documentation

Nortel user guides, which are provided in portable document format (PDF), are included on the

Nortel Secure Router Documentation CD-ROM that ships with the Models 1001, 1001S, 1002, and

1004 router. The PDF files are also available on the Nortel website: www.nortel.com

To view PDF files, Adobe Acrobat® Reader® 4.0, or newer, must be installed on your workstation.

If you do not have the Adobe Acrobat Reader installed on your system, you can obtain it free from

the Adobe website: www.adobe.com.

About the Nortel Secure Router Documentation CD

This product ships with a CD that includes the following documentation:

SR1001 Quick Start Guide

SR1001 Installation Guide

SR1001 Command Reference Guide

SR1001 Routing Guide

SR1001 Configuration Guide


Supported standard and enterprise MIBs

Feature summaries

SNMP trap descriptions with default configurations

Navigation

Upon inserting the Nortel Secure Router Documentation CD into your CD-ROM drive. Click a link

to open a pdf version of the target document. If you do not have Adobe Acrobat (version 4.0, or later)

or Acrobat Reader installed on your PC, click the Adobe button on the navigation screen to go to the

Adobe website, where you can download a free copy of the Acrobat Reader application.

If a browser session is not opened, click “Start\Run,” enter the drive letter of your CD-ROM drive in

the “Open” entry box, and click “OK.”

Printing Documents

To print any pdf document on the CD, follow this procedure.

1 Open the desired document by clicking the document link in the CD navigation window.

2 Click the “Printer” icon on the Adobe Acrobat tool bar.

3 In the “Windows Print” dialog box, select a local default printer in the “Printers” drop down

selection box.

4 Click “OK.”

Related Nortel GuidesIn addition to this guide, the following list includes other available Nortel documentation:

Release Notes

Printed release notes provide the latest information. If release notes are provided with your

product, follow these instructions in addition to those provided in other documentation.

SR1001 Quick Start Guide

This guide is a condensed version of the SR1001 Installation Guide and is intended for installers

and network administrators familiar with the SR1001.

SR1001 Installation Guide

http://www.adobe.com/http://www.adobe.com/http://www.adobe.com/


14/42


15/42


Version 8.3.5

5

2S TARTING THE W EBUI

This chapter provides information about accessing the Web user interface (WebUI) for the SR1001.

OverviewThe Web Graphical User Interface (GUI, or WebUI) allows web-based security and basic router

configuration. The traditional command line interface (CLI) is still available (as discussed in your router

Installation Guide).

To open the web user interface, you must have: Version 8.3.5 or higher router software on the SR1001

The router IP address

The administrator username and password

If you are configuring this router for the first time, you must assign the IP address and other basic

configuration values through the CLI as described in the SR1001 Installation Guide.

NOTE: Before you try to connect to your router, make sure you can ping its IP address. If you

are not able to ping the router, you will not be able to connect to the WebUI.

1 Point your web browser at the router IP address by entering:

http://ipaddress of your route.r.

(In this release, the web browser must be Internet Explorer 5.5 or higher. Also, secure HTTP

(HTTPS) is not supported in this release.)

NOTE: You must enable cookies in your browser.

The Welcome screen appears as shown in Figure 1. Basic information about the WebUI is available

on the screen.


16/42

6 CHAPTER 2Starting the WebUI Overview


Version 8.3.5

Figure 1 WebUI Welcome Screen

2 Enter the user name and password (as configured through the CLI) and click Login.

NOTE: Users cannot log in using the WebUI (or Telnet) if the password has not already been

configured. Use the configure password command from the CLI to set the password.

The main screen displays as shown in Figure 2.


17/42

7


Version 8.3.5

Figure 2 Status Screen

The Status screen shows the basic information about your router as well as the status of your LAN

interfaces, WAN bundle status, firewall, and VPN activity.

NOTE: For the best screen viewing, Nortel recommends setting the screen resolution to

1024x768.

Main Tabs

The four main tabs allow you to access Status, Guided Setup, Configuration, and Administration from

every page. Choose Guided Setup which is a wizard-like configuration tool to help you set up VPN,

Firewall, and basic routing specifications. Use this tab if you are new to SR1001s, or if you do not have

expert-level experience configuring advanced networking options.

Or you can choose Configuration which allows you to create the basic configuration manually, and add

more complex configuration specifications.

If you create your basic router configuration using the Guided Setup tab, you can always use the

Configuration tab to make modifications.

Use the Administration tab to set up your router.

Common FunctionsOn all the interface screens, you will be able to click Help. Help > User Manual provides you with

additional information on a field or the location of a setting. Help > Support Information provides

contact information for getting support with your Nortel products. Help > Technical Support displays

and saves information about your router which is useful to technical support personnel. You will be

prompted to save this information in Flash or on a local PC. You can then send this data to Nortel

Technical Support for further analysis.


18/42

8 CHAPTER 2Starting the WebUI Overview


Version 8.3.5

Click Alarms to configure the slot (for example, the serial module) on which to capture alarms and to set

the refresh interval. Click Events Log to see any logs which have been recorded.

You can also click Telnet to convert your HTTP or HTTP browser-based connection to a Telnet session.

When you want to leave the WebUI, click Logout.

Common Elements

Every page displays the navigation bar which provides the current position and path and are like bread

crumbs that allow you to get back to where you started as needed.

Click titles to see more detailed status information.

You will see model information in the upper left hand portion of each screen. For example, in Figure 2 the

installed modules are 1 BRI and 1 T1.

Error Messages and PromptsIf you try to save a configuration that is not complete or is not valid, the system will prompt you to correct

the error. However, you are not prompted to fix an error or invalid configuration until you try to apply it.

The system does not prompt you entry by entry.

NOTE: If a field in the WebUI is a required field, the WebUI will prompt you to provide the

necessary information before it can proceed.

WARNING: If you reset the date or time from the WebUI, the date and time are reset on the

SR1001. This will cause your HTTP service, which hosts your WebUI, to timeout and you will

have to login again.


19/42


Version 8.3.5

9

3

T HE GUIDED S ETUP

C ONFIGURATION W IZARD

The Guided Setup tab helps you create a basic but powerful and secure configuration for your

router. This is a practical approach to take if you are not experienced in router configurations.

The Guided Setup page is shown in Figure 3.

Figure 3 Guided Setup Tab

Notice that tips and hints are included on the lower left portion of the screen.

NOTE: You must make your VPN and Firewall selections here, BEFORE you start to create

your Virtual Private Network (VPN) Setup on page 11 or Firewall Setup on page 12.


20/42

10 CHAPTER 3The Guided Setup Configuration Wizard Basic Setup


Version 8.3.5

To start configuring your router, select the Guide you want and click Apply Settings. In this

case, the Basic Setup LAN configuration/Bundle creation/Default gateway radio button is

selected and the Basic Settings screen displays as shown in Figure 4.

Basic Setup

The basic setup screen divides configuration flow into three steps.

Figure 4 The Three basic set up steps

Fill in the fields starting with Step 1. If you make a mistake, click Reset Settings to reset the

screen to the saved settings. Click Cancel to return to the previous screen without saving any

changes. When you are finished, click Apply Settings.

If you need help on a particular field, click Help. Refer to the diagram on the left panel of the

screen for a visual explanation of what each step accomplishes.


21/42

1


Version 8.3.5

Virtual Private Network (VPN) Setup

After you have configured your router with a basic IP configuration, you are returned to the

main Guided Setup screen. If you want to configure your router for VPN then click Zone

Setup select a zone or create a new one from the pull down menu for each interface. When youare finished, click Apply Settings to apply your zone configuration. You are returned to the

main Guided Setup screen.

To configure your VPN (after selecting VPN type on Figure 3), in the VPN section of the

Guided Setup screen, click the Create Site-to-Site GRE Virtual Private Network radio

button, then click Apply Settings. The VPN Setup screen displays as shown in Figure 5.

Figure 5 Site-to-Site VPN Setup Screen


screen. Click Cancel to return to the previous screen without saving any changes. When you are

finished, click Apply Settings.




22/42

12 CHAPTER 3The Guided Setup Configuration Wizard Firewall Setup


Version 8.3.5

Firewall Setup

After you have configured your VPN configuration, click Zone Setup in the Firewall Setup

section of the Guided Setup screen. Zone Setup allows you to set the environment for your

Ethernet and WAN bundle interfaces.

NOTE: If you configured Zone Setup in the VPN setup section, you do not need to repeat zone

setup here. The values you set in the VPN setup section apply here as well.

To configure your firewall, (after selecting firewall policy on Figure 3) in the Firewall section

of the Guided Setup screen, click either Create Inbound Firewall Policy or Create Outbound

Firewall Policy radio button. Then click Apply Settings. The VPN Setup screen displays as

shown in Figure 6 (which shows an Inbound Firewall Policy screen.

Figure 6 Firewall Setup Screen (showing Inbound Policy)


screen. Click Cancel to return to the previous screen without saving any changes. When you are

finished, click Apply Settings.




23/42


Version 8.3.5

1

4C ONFIGURATION

This chapter describes how to configure the router and users, and change the factory default

configuration.

The Configuration tab is designed for experienced network administrators. All other users should refer to

the Guided Setup tab (see “The Guided Setup Configuration Wizard”).

To begin manually configuring or modifying your router configuration, click the Configuration tab to

display the main configuration screen shown in Figure 7.

Figure 7 The Configuration Main Screen

While this tab has no wizard properties it is laid out in a logical, top to bottom order starting with LAN,

WAN, Routing, Security, and finishing with Administration configurations. Each of these sections is

discussed below. Explanations appear on screen for each section and online help is available (click Help).


24/42

14 CHAPTER 4Configuration LAN


Version 8.3.5

LANTo see or modify LAN interface settings, click the link for LAN under the Categories section on the left

panel of the screen. The interface settings display as shown in Figure 8.

Figure 8 LAN Configuration

Click Apply Settings to save any changes. Click Reset Settings to reset the screen to its originalsettings, or click Cancel to close the screen and return to the main Configuration screen without saving

any changes.


25/42

1


Version 8.3.5

WANTo see or modify existing WAN bundle or WAN interface settings, expand the link for WAN under the

Categories section on the left panel of the screen. The bundle interface settings display as shown in

Figure 9.

To create a new bundle, click New to display the Bundle screen. To delete a bundle, click the Delete box

for that bundle.

Figure 9 WAN Interface Settings


any changes.

To display details about a bundle, click it to display the setting details as shown in Figure 10.

Figure 10 WAN Bundle Details


26/42

16 CHAPTER 4Configuration T1/T3


Version 8.3.5

T1/T3To see existing T1 or T3 bundle interface settings, expand the link for WAN under the Categories section

on the left panel of the screen. The T1 interface settings display as shown in Figure 9.

Figure 11 T1 Interfaces

Click Apply Settings to save any changes. Click Reset Settings to reset the screen to its original settings,

or click Cancel to close the screen and return to the main Configuration screen without saving anychanges.

To display details of a particular interface, click the appropriate entry.

Figure 12 T1 Settings


The following screens show the T3 interface details.

Figure 13 T3 Interfaces


27/42

1


Version 8.3.5


Figure 14 T3 Details

The T3 interface details display. You can edit the configuration and click Apply Settings or reset it to

default by clicking Reset Settings.


28/42

18 CHAPTER 4Configuration Serial


Version 8.3.5

SerialTo see existing serial bundle interface settings, expand the link for WAN under the Categories section on

the left panel of the screen. The Serial interface settings display as shown in Figure 15.

Figure 15 Serial interfaces


or click Cancel to close the screen and return to the main Configuration screen without saving any

changes.


Figure 16 V.35 Settings


The following screens show the V.35 interface details.

Figure 17 V.35 Configuration


29/42

1


Version 8.3.5

PPPoETo see existing PPPoE bundle interface settings, expand the link for WAN under the Categories section on

the left panel of the screen. The Serial interface settings display as shown in Figure 18.

Figure 18 PPPoE interfaces



changes.


Figure 19 PPPoE Settings



30/42

20 CHAPTER 4Configuration Routing


Version 8.3.5

RoutingTo see or modify route settings, expand the link for Routing under the Categories section on the left panel

of the screen. The route settings display as shown in Figure 20.

To create a new route, click New to display the Routing screen. To delete a route, click the Delete box for

that route. To see route details, click the routing entry.

NOTE: In this release, only Static routing is supported from the WebUI. To configure dynamic

routing, use the Command Line Interface.

Figure 20 Static Routes


any changes.


31/42

2


Version 8.3.5

SecurityThe security categories allow you to set zones, VPN, Security objects, and Firewall values.

Setting Up ZonesA security zone is a configuration that allows administrators to create unique rules for each zone. These

rules determine how one zone communicates with another, but these rules have no effect on traffic within

a zone.

Each zone can be created to perform specific tasks, and administrators can assign the resources and

privileges to allow these tasks to be performed.

Figure 21 Configuring Zones

Configuring VPNs

To configure a VPN, expand the Security category, then expand the VPN selection. You can configure

site-to-site and remote access policies. For example, Figure 22 shows the IKE policy configuration

window. Within each area, you can view the policies in place. You can edit a policy by selecting the policy

name. You can create a new policy by clicking New.

Figure 22 Configuring IKE Site-to-Site VPN Parameters


any changes.


32/42

22 CHAPTER 4Configuration Security


Version 8.3.5

Remote AccessTo allow access to remote users, select Security and expand VPN, then select Remote Access.

Configuring Security Objects

To configure security objects for a VPN, expand the Security category, then expand the Security Objectsselection. Here you can configure schedules, NAT pools, and application files. Figure 23 shows the NAT

pool configuration window.

Figure 23 Configuring Security Objects—NAT Pool Example

Schedules

Schedules are used to control when a zone will be able to perform a task. For example, administrators can

set a schedule as to when the firewall security zone is active. To configure schedules, expand Security

Objects. Select New to create a schedule.

Figure 24 Configuring Schedules Example

Application Filters

To create HTTP, SMTP, or FTP filters, expand Application Filters. Select the appropriate filter type.

Figure 25 shows an example of HTTP filters.


33/42

2


Version 8.3.5

Figure 25 Application Filter—HTTP Filter Example


34/42

24 CHAPTER 4Configuration Security


Version 8.3.5

Configuring Firewalls

To configure firewall policies, expand the Security category, then expand the Firewall selection. You can

configure firewall policies for outbound and inbound traffic. Figure 26 shows outbound policy window.

To create a new firewall policy, click New to display the Firewall screen. To delete a route, click the

Delete box for that route.

Figure 26 Configuring Firewalls—Outbound Policy Example

Click a policy to view or edit it. Click Apply Settings to save your changes, click Reset Settings toreturn to the original screen settings, or click Cancel to close the screen and return to the Configuration

screen without saving any changes.


35/42


Version 8.3.5

2

5 A DMINISTRATION

This chapter describes how to administer the router and users.

The Administration tab is designed for experienced network administrators. .

Click the Administration tab to display the main administration screen shown in Figure 28.


36/42

26 CHAPTER 5Administration Administration


Version 8.3.5

Administration

Figure 27 Administration Tab

Use the Administration category to:

Change passwords

Reset dates

Check the status of the boot configuration

Change the hostname or the date and time

Reboot the router

Enable or disable protocols such as TFTP, DHCP, and SNMP.

Perform connection tests by launching pings

Manage the file system

User Administration

The User Administration screen is shown in Figure 28.


37/42

2


Version 8.3.5

Figure 28 Administration Window


any changes.

The existing users are shown in Figure 29:

Figure 29 Existing Users

Boot Administration

The Boot Administration screen, which displays the router boot parameter settings, is shown in Figure 28.

Figure 30 Boot Parameters Window


any changes.


38/42



Version 8.3.5

Save/Reboot

The Save/Reboot screen is shown in Figure 28. To save the configuration to onboard Flash, click Save

configuration to local Flash. To reboot the router, click Reboot the device.

Figure 31 Save/Reboot Window


any changes.

Host name

The Host name screen, which shows the name configured for this device, is shown in Figure 28.

Figure 32 Hostname Window


any changes.

Date

The Date screen, which displays the current time and date set on the router, is shown in Figure 28. To

change the time and date, enter the appropriate values in the time and date fields.


39/42

2


Version 8.3.5

Figure 33 Current Data and Time Window


any changes.

Licenses

The Licenses screen is shown in Figure 34. Use this screen to install your licenses. You will need the

license key to install each license successfully.

Figure 34 Licenses Window


any changes.

Services Administration

The Services Administration screen is shown in Figure 28. Use this screen to set the various protocols to

be supported on this router.


40/42



Version 8.3.5

Figure 35 Services Window


any changes.

Ping

The Ping screen is shown in Figure 28. Use this screen to send ICMP packets to the specified device.

NOTE: Sending and ping and receiving ping responses (shown in the Response field) will halt all

other traffic for the duration of the ping test

.

Figure 36 Ping Window


any changes.

File System Administration

The File System Administration screen is shown in Figure 28. Use this screen to manage the files in Flash.

To remove a file from Flash and recover the space occupied, click the checkbox next to the file to be

deleted and click Apply Settings. Deleted files cannot be undeleted.


41/42

3


Version 8.3.5

Figure 37 File System Window



changes.


42/42


Date post:	06-Jul-2018
Category:	Documents
Upload:	victor-gandica
View:	213 times
Download:	0 times