Nortel BSR222 Fundamentals
  1. Manuals
  2. Brands
  3. Nortel Manuals
  4. Network Router
  5. BSR222
  6. Fundamentals
Nortel BSR222 Fundamentals

Nortel BSR222 Fundamentals

Business secure router
Hide thumbs Also See for BSR222:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
Nortel Business Secure Router 222 — Fundamentals
BSR222
Business Secure Router
Document Number: NN47922-301
Document Version: 1.4
Date: May 2007

Advertisement

Table of Contents
loading

Related Manuals for Nortel BSR222

Summary of Contents for Nortel BSR222

  • Page 1 Nortel Business Secure Router 222 — Fundamentals BSR222 Business Secure Router Document Number: NN47922-301 Document Version: 1.4 Date: May 2007...
  • Page 2 Copyright © Nortel 2005–2006 All rights reserved. The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty.

  • Page 3: Table Of Contents

    Contents Preface ............7 Before you begin .
  • Page 4 WAN IP address assignment ........29 4.3 Test your internet connection .
  • Page 5 Table 1 Internet account information worksheet Table 2 Front panel details Table 3 Rear panel details Nortel Business Secure Router 222 — Fundamentals...
  • Page 6 NN47922-301...

  • Page 7: Preface

    Preface This Quick Start Guide provides instructions for installing and configuring your Nortel Business Secure Router 222 as an Office Gateway for your network. After completing this guide, you can access the Internet securely through your Nortel Business Secure Router 222. Before you begin This Quick Start Guide is intended for network managers who are installing the Nortel Business Secure Router 222 for the first time.

  • Page 8: Related Publications

    ENET PPPoA PPPoE TCP/IP Related publications For more information about using the Nortel Business Secure Router 222, refer to the following publication: • Configuring and Troubleshooting the Nortel Business Secure Router 222 (317517-A) NN47922-301 domain name server Ethernet Internet Protocol Internet Service Provider local area network logical link control...

  • Page 9: Hard-Copy Technical Manuals

    Hard-copy technical manuals You can print selected technical manuals and release notes free, directly from the Internet. Go to www.nortel.com/documentation. Find the product for which you need documentation. Then locate the specific category and model or version for your hardware or software product. Use *Adobe Reader* to open the manuals and release notes, search for the sections you need, and print them on most standard printers.

  • Page 10: Ac Power Adapter Specifications

    AC Power Adapter Specifications Use only power supplies listed in the user instructions. Phihong, Model PSA21R-180 Note: Not to remove the plug and plug into a wall outlet by itself; always attach the plug to the power supply first before insert into the wall. Leader, Model MU18-2180100-XX (XX can be A1, A2, A3, B2 or C5 for the different plugs used) NN47922-301...

  • Page 11: Introducing The Business Secure Router

    Chapter 1 Introducing the Business Secure Router The Nortel Business Secure Router 222 is the ideal secure gateway for all data passing between the Internet and the LAN. By integrating Network Address Translation (NAT), firewall and Virtual Private Network (VPN) capability, the Nortel Business Secure Router 222 is a complete security solution that protects your Intranet and efficiently manages data traffic on your network.
  • Page 12 12 Chapter 1 Introducing the Business Secure Router NN47922-301...

  • Page 13: Hardware Installation

    Chapter 2 Hardware installation Caution: To keep the Business Secure Router operating at optimal internal temperature, keep the bottom, sides, and rear clear of obstructions and away from the exhaust of other equipment. Caution: AC Power Adapter Specifications Only use the approved Phihong Model PSA21R-180 power supply with this device.

  • Page 14: Front Panel

    2.1 Front panel Table 2 Front panel details LABEL Step 1: 1-4 Step 2 NN47922-301 DESCRIPTION Connect a computer to one of these ports with an Ethernet cable. These ports are auto-negotiating (can connect at 10 or 100Mb/s) and auto-sensing (automatically adjusts to the type of Ethernet cable you use, straight-through or crossover).

  • Page 15: Rear Panel

    2.2 Rear panel Table 3 Rear panel details LABEL DESCRIPTION Step 3 Connect the included power adaptor (use only this adapter) to this power socket. POWER After you have made the connections, connect the power cable to a power supply and look at the front panel LEDs.
  • Page 16 16 Chapter 2 Hardware installation NN47922-301...

  • Page 17: Setting Up Your Computer Ip Address

    Chapter 3 Setting up your computer IP address The BSR222 is already set up to assign your computer an IP address. Use this section to set up your computer to receive an IP address or assign it a static IP address in the 192.168.1.34 to 192.168.1.254 range with a subnet mask of...
  • Page 18 Nortel recommends that you do not use a static IP address in the same range as the Business Secure Router DHCP server address pool (192.168.1.2 to 192.168.1.33 by default). Click Advanced. Remove any previously installed gateways in the IP Settings tab and click OK to go back to the Internet Protocol TCP/IP Properties screen.

  • Page 19: Checking Your Computer Ip Address

    Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). If you know your DNS server IP addresses, click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
  • Page 20 20 Chapter 3 Setting up your computer IP address NN47922-301...

  • Page 21: Configuring Your Business Secure Router

    Chapter 4 Configuring your Business Secure Router Choose one of these methods to access and configure the Business Secure Router. This guide shows you how to use the WebGUI wizard only. See Nortel Business Secure Router 222 Configuration — Basics (NN47922-500) and Nortel Business Secure Router 222 Configuration —...
  • Page 22 22 Chapter 4 Configuring your Business Secure Router Nortel recommends you change the default password! Enter a new password, retype it to confirm it and click Apply. Alternatively click Ignore to proceed to the main menu if you do not want to change the password now. NN47922-301...
  • Page 23 Click Apply in the Replace Factory Default Certificate screen to create a certificate using your Business Secure Router MAC address, which will be specific to this device. The WebGUI MAIN MENU screen appears. • Select WIZARD if you want help configuring your Business Secure Router for the first time.

  • Page 24: Using The Wizard To Configure For Internet Access

    24 Chapter 4 Configuring your Business Secure Router 4.2 Using the wizard to configure for internet access Select WIZARD to display the first wizard screen. NN47922-301...
  • Page 25 System Name is for identification purposes. Enter the name of your computer in the System Name field, to easily identify your computer. The Domain Name entry defines the domain name that is passed on to the DHCP clients on the LAN. If you leave this field blank, the domain name obtained by DHCP from the ISP is used.

  • Page 26: Internet Connection With Ethernet

    26 Chapter 4 Configuring your Business Secure Router Internet connection with ethernet This variation is shown when the WAN port is used as a regular Ethernet. Choose either Standard or a Road Runner ISP version. You need your User Name, Password and Login Server IP Address for some Road Runner ISP versions.

  • Page 27: Internet Connection With Pppoe

    Chapter 4 Configuring your Business Secure Router 27 Internet connection with PPPoE Point-to-Point Protocol over Ethernet (PPPoE) also functions as a dial-up connection. Therefore, you also need a username and password and possibly the PPPoE service name (from ISP). Select Nailed-Up Connection when you want your connection active all the time. The Business Secure Router tries to bring up the connection automatically if it is disconnected.

  • Page 28: Internet Connection With Pptp

    28 Chapter 4 Configuring your Business Secure Router Internet connection with PPTP Choose PPTP if your service provider uses a DSL terminator with PPTP log on. The Business Secure Router must have a static IP address in this case. You need a log on name, associated password, the PPTP server IP address, and a connection Type the subnet mask assigned to you by your ISP (if given).

  • Page 29: Wan Ip Address Assignment

    Chapter 4 Configuring your Business Secure Router 29 Click Next to continue. Fill in the fields and click Finish to save and complete the wizard setup. WAN IP address assignment Select Get automatically from ISP if your ISP did not assign you a fixed IP address.

  • Page 30: Test Your Internet Connection

    30 Chapter 4 Configuring your Business Secure Router System DNS servers Select From ISP if your ISP dynamically assigns DNS server information (and the Business Secure Router's WAN IP address). The right field displays the (read-only) DNS server IP address that the ISP assigns. If you chose From ISP, but the Business Secure Router has a fixed WAN IP address, From ISP changes to None after you click Apply.

  • Page 31: User Notes

    Chapter 5 User Notes General Notes There are some router functions that, although performing as expected, might cause some confusion. These are summarized below. General Default Address Mapping Rules When First Enable NAT Full Feature. When NAT Full Feature is first enabled, two address mapping rules are added to the address mapping table.

  • Page 32: Firewall

    Clicking Sound The Business Secure Router will click once every two minutes until an ADSL line is connected. Firewall Address Range Validation In the firewall rules, the router does not confirm when given an address range, that the second address is higher than the first. If this type of address range is entered, the range is ignored.
  • Page 33 If a VPN Client user account is de-activated, deleted, or changed, and that user is currently connected, the connection is not automatically dropped. To drop the connection, the administrator needs to disconnect the user using the 'Disconnect' function in the VPN/SA Monitor GUI. This is consistent with other Nortel Contivity products.

  • Page 34: Security

    When defining a Client Termination account for another Business Secure Router that will connect using Contivity Client Emulation, the following configuration is required: • Encryption must be Triple DES with SHA1 integrity, or Triple DES with MD5 integrity. • IKE Encryption must be Triple DES with Diffie-Hellman Group 2. •...

  • Page 35: Advanced Router Configuration

    Both RIP-1 and RIP-2 Advanced Router Configuration The following notes are intended to help with advanced router configuration. Setting up the router when the system has a server If you are using a Full-Feature NAT configuration, first, do the following... In SUA/NAT / Address Mapping, add a 'Server' rule, specifying the 'Public' IP address of the server.

  • Page 36: Adding Ip Telephony To A Multi-Site Network

    Repeat these steps at the other end of the branch. Note: If VPN Client Termination is used on these sites, the client termination address range will need to be included in the tunnel policies in order for the VPN clients to see the other site. Adding IP telephony to a multi-site network Scenario 1: A BCM50 in the primary site acting as the gateway for both sites...

  • Page 37: Configuring The Router To Act As A Nortel Vpn Server (Client Termination)

    Create a tunnel between the sites, as described above. Create an H.323 trunk between the BCM50s, as per the BCM50 User Guide. Configuring the router to act as a Nortel VPN Server (Client Termination) Under VPN / Client Termination, Enable Client Termination. b Select authentication type and the encryption algorithms supported.

  • Page 38: Setting Up The Router For Guest Access

    Note: In DHCP Server mode, the BCM50 IP address will be the lowest address in the pool. Create the appropriate Firewall rules to add BCM50 access. Go to FIREWALL / Summary, and create two WAN-to-LAN firewall rules: One rule allowing access from allowed remote computer IP addresses, to the BCM50 IP address, for service type HTTPS(TCP:443) One rule allowing access from allowed remote computer IP addresses, to the BCM50 IP address, for custom port TCP:5989...

  • Page 39: Setting Up A Remote Office With A Unistim Ip Telephone

    Determine your actual WAN up-stream bandwidth by connecting to a web site such as http://myvoipspeed.visualware.com/. On BANDWIDTH MANAGEMENT / Summary, activate WAN bandwidth management, and fill in your actual uplink speed in the WAN Speed field.. On BANDWIDTH MANAGEMENT / Class Setup, add a WAN subclass, and reserve sufficient bandwidth based on the number of telephones, for Protocol ID 17 (UDP Traffic).

  • Page 40: Inter-Operability With Third-Party Routers

    Business Secure Router and a Cisco router, the following configuration rules should be followed: Ensure that the WAN IP of the BSR222/252 router and the Cisco router are not in the same subnet. Configure the connection to use DES Encryption and MD5 Authentication.

  • Page 41: Chapter 6 Troubleshooting

    Chapter 6 Troubleshooting Problem: None of the LEDs turn on when you turn on the Business Secure Router Make sure that you have the correct power adapter connected to the Business Secure Router and that it is plugged in to an appropriate power source. Check all cable connections.

  • Page 42: Problem: You Cannot Get A Wan Ip Address From The Isp

    42 Chapter 6 Troubleshooting Problem: You cannot get a WAN IP address from the ISP The WAN IP is provided after the ISP verifies the MAC address, hostname or user Find out the verification method used by your ISP and configure the corresponding fields.

This manual is also suitable for:

222

Table of Contents