1. Manuals
  2. Brands
  3. VPNet Manuals
  4. Gateway
  5. VSU 100
  6. User manual

VPNet VSU 100 User Manual

Vpnware service unit
Hide thumbs Also See for VSU 100:
Table of Contents

Advertisement

Quick Links

VSU-100
VPNware Service Unit

User Guide

VPNet Technologies, Inc.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the VSU 100 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for VPNet VSU 100

Summary of Contents for VPNet VSU 100

  • Page 1: User Guide

    VSU-100 VPNware Service Unit User Guide VPNet Technologies, Inc.
  • Page 2 Licenses, Warranties, Copyrights, and Trademarks THE SPECIFICATIONS REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
  • Page 3 The following information is for FCC compliance of Class B devices: This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
  • Page 4 VSU-100 User Guide...

  • Page 5: Table Of Contents

    Table of Contents Preface How This Guide Is Organized ......... i Product Registration .
  • Page 6 VSU-100 User Guide...

  • Page 7: How This Guide Is Organized

    How This Guide Is Organized Product Registration Contacting Technical Support Preface This user guide provides installation and configuration information for the VSU-100 VPN Service Unit (VSU). Chapter 1, Introduction, includes a functional overview of the VSU-100 and its major components along with site requirements for safe installation and operation of the VSU-100.
  • Page 8 • • • FAX: +1 408-404-1414 Email: support@vpnet.com World Wide Web: http://www.vpnet.com VSU-100 User Guide...

  • Page 9: Functional Overview

    Chapter 1 Introduction Functional Overview The VSU-100 is a dedicated hardware-based VPN gateway that enables secure data communications over public IP networks such as the Internet for a small enterprise or small office environment. Designed to work with an existing IP-based WAN-access router, the VSU-100 provides all the services required to implement a virtual private network (VPN), including a network firewall, in one compact desktop enclosure.
  • Page 10 VSU-100 User Guide The VSU-100R adds remote access support for remote clients running VPNremote client software on their PCs. Both units support up to 100 ™ conncurrent IPSec sessions. Each has its own version of embedded operating system, VPNos. The VSU-100 VPNos can be field upgraded (optional) to the VSU-100R.

  • Page 11: Plug-And-Play Installation

    VSU-100 User Guide time compression performed by the VSU-100 eliminates packet fragmentation and produces fewer, smaller packets, which can significantly enhance network throughput and performance. Plug-and-Play Installation The VSU-100 can be placed in a variety of configurations on a 10/100BASE-T LAN to provide VPN functionality.

  • Page 12: General Site Requirements

    NOTE: The VSU-100 is enclosed in a FIPS 140-1 compliant tamper-evident case and may be opened only by an authorized service technician. The status indication of the LEDs on each of the two Ethernet ports are shown in Figure 1-3 below: Figure 1-3 General Site Requirements This section describes the requirements your site must meet for safe installation...

  • Page 13: Required Equipment

    VSU-100 User Guide Site Power Considerations Check the power at your site to ensure that you are receiving “clean” power (free of spikes and noise). Install a power conditioner if necessary. WARNING: This product relies on the building's installation for short-circuit (overcurrent) protection.
  • Page 14 VSU-100 User Guide Introduction...

  • Page 15: Installing The Vsu-100

    Chapter 2 Installing the VSU-100 This chapter provides instructions for Connecting the VSU-100 to the Network. Connecting the VSU-100 to the Network Figure 2-1 shows a typical network using the VSU-100. Private Figure 2-1 Installing the VSU-100 Private Port Public Port Typical VSU-100 Hardware Installation Public Network...
  • Page 16 The VSU-100 rear panel is shown in Figure 2-2. Figure 2-2 The console port accepts a female RS-232 DB-9 connection from an asynchronous ASCII terminal or a PC running terminal emulation software. The connection requires a null modem cable, (supplied) and is used to assign IP network configuration.
  • Page 17 VSU-100 User Guide Both Ethernet ports are 10/100BASE-T ports. They accept category 3, 4, or 5 UTP cabling terminated in an RJ-45 connector per IEEE 802.3 requirements for 10/100BASE-T. Perform the following steps to install the VSU-100 in a typical LAN: Figure 2-3 Installing the VSU-100 Connect the VSU-100 Public port to the public side of the LAN.
  • Page 18 VSU-100 User Guide Installing the VSU-100...

  • Page 19: Preparing The Vsu-100 For Configuration

    Chapter 3 Preparing the VSU-100 for Configuration Preparation Before the VSU-100 can be incorporated into a Virtual Private Network (VPN), it must be configured through the VPNmanager. However, to enable communication between the VPNmanager and the VSU-100, you must first assign an IP address, subnet mask, and default route to the VSU-100.
  • Page 20 • • • • • When the VSU-100 is powered on for the first time, the terminal screen should display the initial power on bootup screen shown in Figure 3-1. The SuperUser name. This is the name that is authorized to perform any kind of configuration request on a VSU.
  • Page 21 VSU-100 User Guide Figure 3-1 Preparing the VSU-100 for Configuration VPNet Service Unit Model XXXX 3DES ENCRYPTION Runtime System version x.x.xx, x/xx/2000 Copyright (C) 1996-2000 VPNet Technologies, Inc. All Rights Reserved. -- Month Day 2000, 17:06:01 --ethernet0: MAC Address 00:60:a1:00:23:f9 ethernet1: MAC Address 00:60:a1:00:23:fa ethernet2: MAC Address 00:60:a1:00:16:9a ethernet3: MAC Address 00:60:a1:00:16:9b...
  • Page 22 Preconfigure the VSU-100 to communicate with the VPNmanager using the Quick Setup menu selection as described below: From the Main Menu, select 5) Quick Setup. VPNet Technologies - VSU XXXX- Main Menu 1) Configuration 2) Statistics 3) Utilities 4) Logout 5) Quick Setup Your choice [1-5]: 5 You will be prompted for the information required to set up the VSU.
  • Page 23 VSU-100 User Guide Preparing the VSU-100 for Configuration To prevent unauthorized users from accessing the VSU-100 through the console port, enter and confirm the new VSU console password. VSU Console password may be up to 31 characters. Enter new VSU console password: ****** Confirm new VSU console password: ****** CAUTION: Do not forget this password.
  • Page 24 Non-VPN traffic mode: non-VPN traffic is currently forwarded. Non-VPN Traffic Configuration Menu 1) Permit all non-VPN traffic 2) Deny IP non-VPN traffic only 3) Deny all non-VPN traffic P) Previous menu Your choice [1-3]: Select a traffic mode from the Traffic Configuration Menu. Permit all non-VPN traffic - When checked (default), all non VPN traffic is allowed to pass through the VSU.
  • Page 25 VSU-100 User Guide Preparing the VSU-100 for Configuration Enter the current date and time. Date: 3-9-2000 Enter date [MM-DD-YYYY]: Time: 13:51:53 Enter time [HH:MM:SS]: This date and time setting are primarily used to ensure accurate timestamps when logging events. When changing either the date or time, all three parts of the date (MM-DD-YYYY) or time (HH:MM:SS) must be entered.

  • Page 26: Fips Mode

    FIPS Mode FIPS (Federal Information Processing Standards) Mode forces the VSU to operate in a FIPS 140-1 Level 2 compliant mode. It is recommended that this mode only be used if your organization’s policy requires FIPS 140-1 Level 2 certification for cryptographic devices. Note that in the FIPS mode (as dictated by the FIPS 140-1 requirements specification), the following are NOT supported: •...

  • Page 27: Appendix A Specifications

    Specifications APPENDIX A Packet Encryption • • • Packet Authentication • • User Authentication • • • Compression • VSU-100 User Guide DES encryption (56-bit key) Triple DES (EDE-CBC) encryption (168-bit key) Weak and semi-weak keys are automatically discarded Keyed MD5™ AH Message Digest Algorithm (RFC 1321) HMAC-MD5 and HMAC SHA-1 (RFC 2104) RADIUS servers (Ascend Access Control™, Security Dynamics ACE/Server Access Manager, BaySecure™...
  • Page 28 Specifications Key Management • • • • Firewall Integration • Network Address Translation (NAT) • • Protocol Support • • Digital Certificates • • System Management • • • • • Remote Client Support • VSU-100 User Guide IKE: Key updates configurable starting from 60 seconds (RFC 2409) SKIP: Keys updated every 30 seconds Manual All packet, traffic, and authenticating keys automatically generated...
  • Page 29 Specifications Compatibility • Fully compatible with all other VPNware Service Units and VPNremote Client Software for Windows 95/98/NT (using transport or tunnel mode) • ICSA-certified IPSec Dimensions • 7.75" W x 6.5" D x 1.9" H (19.68 cm x 16.5 cm x 4.8 cm) Weight •...
  • Page 30 Specifications Safety Certification • EMI/RFI • • VSU-100 User Guide UL, CSA, CE , CB Scheme FCC Part 15, Class B, CISPR 22/85A VCCI...

  • Page 31: Vsu Acronyms

    VSU Acronyms GLOSSARY CBC – Cipher Block Chaining encryption DES – Data Encryption Standard encryption DNS – Domain Name Server (a distributed database system used to map host names to IP addresses and vice versa) DCE – Data Communication Equipment DSU/CSU –...
  • Page 32 PPP – Point to Point Protocol RADIUS – Remote Authentication Dial-In User Server RFC – Request For Comment SHA – Secure Hash Algorithm SKIP – Simple Key Management for Internet Protocol SNMP – Simple Network Management Protocol SSL – Secure Socket Layer TCP/IP –...
  • Page 33 Index bootup screen 3-2 configuration preparation 3-1 configuring using quick setup menu 3-4 connections Ethernet LAN 2-3 router 2-3 console password 3-5 contacting VPNet 1-i date and time 3-7 default route 3-4 DES 1-2 email support 1-i environmental requirements 1-4 equipment provided by customer 1-5 provided by VPNnet 1-5...

Table of Contents