Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for VPNet VSU 2000
Summary of Contents for VPNet VSU 2000
-
Page 1: User Guide
VSU-2000 VPNware Service Unit User Guide VPNet Technologies, Inc. - Page 2 VSU-2000 User Guide Licenses, Warranties, Copyrights, and Trademarks THE SPECIFICATIONS REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
-
Page 3: Limited Warranty
VSU-2000 User Guide Limited Warranty Hardware VPNet Technologies, Inc. (“VPNet”) warrants that for a period of one (1) year from the date of shipment from VPNet that the Hardware will be free from defects in material and workmanship under normal use. This limited warranty extends only to Customer as the original purchaser. Customer’s exclusive remedy and the entire liability of VPNet and its suppliers under this limited warranty will be, at VPNet or its service center's option, repair or replacement within ten (10) business days or refund of the Hardware if returned to the party supplying the Hardware to Customer, freight and... - Page 4 VSU-2000 User Guide LIABILITY ARISING OUT OF THE USE OF OR INABILITY TO USE THE PRODUCT EVEN IF VPNET OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall VPNet’s or its suppliers’ liability to Customer, whether in contract, tort (including negligence), or otherwise, exceed the price paid by the Customer.
-
Page 5: Table Of Contents
Table of Contents Preface How This Guide Is Organized ......... i Change History. - Page 6 APPENDIX A Specifications APPENDIX B 10/100BASE-T UTP Crossover Cable Pinouts Glossary VSU Acronyms VSU-2000 User Guide...
-
Page 7: How This Guide Is Organized
Preface This user guide provides installation and configuration information for the VSU-2000 VPNware Service Unit (VSU). How This Guide Is Organized Chapter 1, Introduction, includes a functional overview of the VSU-2000 and its major components along with site requirements for safe installation and operation of the VSU-2000. -
Page 8: Change History
Change History Product Registration To register the VSU-2000, navigate to Wide Web. Contacting Technical Support Technical support is available to registered users of the VSU-2000. • • • • Version Date Changes 09-0045-01 August 2000 Initial Release 09-0045-02 January 2001 Chapter 3 - Modified VSU Quick Setup section, Added FIPS Mode and General Firmware Upgrade Imformation... -
Page 9: Introduction
Chapter 1 Introduction Functional Overview The VSU-2000 is a VPN gateway to create virtual private networks (VPNs) within a small to medium sized business/branch office. Designed to provide the convenience of a virtual private network gateway and a firewall all in one compact rack-mountable enclosure, the VSU-2000 provides a cost-effective solution to quick and easy VPN deployment. -
Page 10: Plug-And-Play Installation
VSU-2000 User Guide The VSU-2000 supports a full suite of VPN services including: ICSA-certified IPSec-based encryption, data compression, packet and user authentication, IKE and SKIP key management, Network Address Translation (NAT), routing, and a network firewall (packet filtering). Security The VSU-2000 provides data stream privacy by employing cryptographic algorithms and keys powerful enough for the most sensitive business communications. -
Page 11: Vsu-2000 Components
VSU-2000 User Guide extranets. The VSU-2000 provides support for the RADIUS protocol, enabling VPNs that support hundreds of remote users and a variety of mechanisms for remote user authentication. VSU-2000 Components Each of the major VSU-2000 components are shown in Figures 1-2 and 1-3. Console Port Figure 1-2 Figure 1-3... -
Page 12: Status Indicators
Status Indicators The status indication LEDs on each of the two Ethernet ports and the Unit Status Indicators are defined in Figure 1-4. When LAN traffic is detected on the public port, the LAN status indicator will blink. When VPN traffic is detected on the private port, the VPN status indicator will blink. -
Page 13: Required Equipment
VSU-2000 User Guide Table 1-1 Additional VSU-2000 specifications are included in Appendix A. Site Power Considerations Check the power at your site to ensure that you are receiving “clean” power (free of spikes and noise). Install a power conditioner if necessary. WARNING: This product relies on the building's installation for short-circuit (overcurrent) protection. -
Page 14: Configuring Equipment Racks
• • Configuring Equipment Racks The VSU-2000 can be placed on a desktop, shelf, or mounted in a standard 19-inch equipment rack. The location of the unit and the layout of your equipment rack or wiring room are extremely important for proper system operation. -
Page 15: Installing The Vsu-2000
Chapter 2 Installing the VSU-2000 Rackmount Installation The VSU-2000 ships with a VSU rackmount bracket kit, which includes two L-shaped brackets that attach to the sides of the VSU-2000 and to the front of a standard 19-inch equipment rack. Referring to Figure 2-1, perform the following procedure to install the VSU-2000 to a standard 19-inch equipment rack: NOTE: Rack screws are not provided with the VSU. - Page 16 VSU-2000 User Guide Figure 2-1 Installing the Rackmount Brackets Installing the VSU-2000...
-
Page 17: Connecting The Vsu-2000 To The Network
VSU-2000 User Guide Connecting the VSU-2000 to the Network Figure 2-2 shows a typical network using the VSU-2000. Figure 2-2 Installing the VSU-2000 Private LAN Hub, Switch, Router Private Port VSU-2000 Public Port Router Public Network Typical VSU-2000 Hardware Installation... - Page 18 The VSU-2000 front panel is shown in Figure 2-3. Connect Cables between the VSU-2000 Public Port and the Router Connect Cable between the VSU-2000 Private Port and the Private LAN Figure 2-3 The console port accepts an RS-232 DB-9 connection from an asynchronous ASCII terminal or a PC running terminal emulation software.
- Page 19 VSU-2000 User Guide Perform the following steps to install the VSU-2000 in a typical LAN: Installing the VSU-2000 Connect the VSU-2000 to the router on the public (encrypted) side of the LAN using the supplied UTP crossover cable. Connect the VSU-2000 to the private (unencrypted) side of the LAN. Using a standard straight-through 10/100BASE-T UTP cable, connect one of its RJ-45 connectors to the VSU-2000 private port and the second one to the hub or switch on the private LAN.
- Page 20 VSU-2000 User Guide Installing the VSU-2000...
-
Page 21: Preparing The Vsu-2000 For Configuration
Chapter 3 Preparing the VSU-2000 for Configuration Preparation Before the VSU-2000 can be incorporated into a Virtual Private Network (VPN), it must be configured through the VPNmanager. However, to enable communication between the VPNmanager and the VSU-2000, you must first assign an IP address, subnet mask, and default route to the VSU-2000. - Page 22 • • • • • When the VSU-2000 is powered on for the first time, the terminal screen should display the initial power on bootup screen shown in Figure 3-1. The SuperUser name. This is the name that is authorized to perform any kind of configuration request on a VSU.
- Page 23 VSU-2000 User Guide Figure 3-1 Preparing the VSU-2000 for Configuration VPNet Service Unit Model XXXX 3DES ENCRYPTION Runtime System version x.x.xx, x/xx/2000 Copyright (C) 1996-2000 VPNet Technologies, Inc. All Rights Reserved. -- Month Day 2000, 17:06:01 --ethernet0: MAC Address 00:60:a1:00:23:f9 ethernet1: MAC Address 00:60:a1:00:23:fa ethernet2: MAC Address 00:60:a1:00:16:9a ethernet3: MAC Address 00:60:a1:00:16:9b...
- Page 24 Preconfigure the VSU-2000 to communicate with the VPNmanager using the Quick Setup menu selection as described below: From the Main Menu, select 5) Quick Setup. VPNet Technologies - VSU XXXX- Main Menu 1) Configuration 2) Statistics 3) Utilities 4) Logout 5) Quick Setup Your choice [1-5]: 5 You will be prompted for the information required to set up the VSU.
- Page 25 VSU-2000 User Guide Preparing the VSU-2000 for Configuration To prevent unauthorized users from accessing the VSU-2000 through the console port, enter and confirm the new VSU console password. VSU Console password may be up to 31 characters. Enter new VSU console password: ****** Confirm new VSU console password: ****** CAUTION: Do not forget this password.
- Page 26 Non-VPN traffic mode: non-VPN traffic is currently forwarded. Non-VPN Traffic Configuration Menu 1) Permit all non-VPN traffic 2) Deny IP non-VPN traffic only 3) Deny all non-VPN traffic P) Previous menu Your choice [1-3]: Select a traffic mode from the Traffic Configuration Menu. Permit all non-VPN traffic - When checked (default), all non VPN traffic is allowed to pass through the VSU.
- Page 27 VSU-2000 User Guide Preparing the VSU-2000 for Configuration Enter the current date and time. Date: 3-9-2000 Enter date [MM-DD-YYYY]: Time: 13:51:53 Enter time [HH:MM:SS]: This date and time setting are primarily used to ensure accurate timestamps when logging events. When changing either the date or time, all three parts of the date (MM-DD-YYYY) or time (HH:MM:SS) must be entered.
-
Page 28: Fips Mode
FIPS Mode FIPS (Federal Information Processing Standards) Mode forces the VSU to operate in a FIPS 140-1 Level 2 compliant mode. It is recommended that this mode only be used if your organization’s policy requires FIPS 140-1 Level 2 certification for cryptographic devices. Note that in the FIPS mode (as dictated by the FIPS 140-1 requirements specification), the following are NOT supported: •... -
Page 29: Appendix A Specifications
Specifications APPENDIX A Packet Encryption • • • Packet Authentication • • User Authentication • • • • • • VSU-2000 User Guide DES encryption (56-bit key) Triple DES (EDE-CBC) encryption (168-bit key) Weak and semi-weak keys are automatically discarded Keyed MD5™... - Page 30 Specifications Compression • Key Management • • • Firewall Integration • • Network Address Translation (NAT) • • Protocol Support • • Digital Certificates • • System Management • • • • • VPNremote Client Support • VSU-2000 User Guide Stac™...
- Page 31 Specifications Compatibility • Fully compatible with all other VPNware Service Units and VPNremote Client Software for Windows 95/98/NT (using transport or tunnel mode) • ICSA-certified IPSec Dimensions • 17.0" W x 16.0" D x 1.75" H (43.2 cm x 38.0 cm x 4.4 cm) •...
- Page 32 Specifications Operating Environment • • • Safety Certification • EMI/RFI • • VSU-2000 User Guide Temperature: 32° to 104° F, 0 to 40°C Relative Humidity: 5 to 90% (non-condensing) Altitude: 0-12,000 feet, 3660 meters UL, CSA, CE, CB Scheme FCC Part 15, Class A, CISPR 22/85A VCCI...
- Page 33 10/100BASE-T UTP APPENDIX B Crossover Cable Pinouts The 10/100BASE-T UTP Crossover Cable defined below is provided with the VSU-2000. VSU-2000 User Guide Signal Name Male RJ-45 Male RJ-45...
- Page 34 10/100BASE-T UTP Crossover Cable Pinouts VSU-2000 User Guide...
-
Page 35: Vsu Acronyms
VSU Acronyms GLOSSARY CBC – Cipher Block Chaining encryption DES – Data Encryption Standard encryption DNS – Domain Name Server (a distributed database system used to map host names to IP addresses and vice versa) DCE – Data Communication Equipment DSU/CSU –... - Page 36 PPP – Point to Point Protocol RADIUS – Remote Authentication Dial-In User Server RFC – Request For Comment SHA – Secure Hash Algorithm SKIP – Simple Key Management for Internet Protocol SNMP – Simple Network Management Protocol SSL – Secure Socket Layer TCP/IP –...
- Page 37 Index bootup screen 3-2 configuration preparation 3-1 configuring using quick setup menu 3-4 connections Ethernet LAN 2-5 router 2-5 console password 3-5 contacting VPNet 1-ii date and time 3-6 default route 3-4 DES 1-2 email support 1-ii environmental requirements 1-4 equipment provided by customer 1-5 provided by VPNnet 1-5...
Need help?
Do you have a question about the VSU 2000 and is the answer not in the manual?
Questions and answers