Avaya VSU 10000 Administrator's Manual
  1. Manuals
  2. Brands
  3. Avaya Manuals
  4. Gateway
  5. VSU 10000
  6. Administrator's manual
Avaya VSU 10000 Administrator's Manual

Avaya VSU 10000 Administrator's Manual

System
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
VSU10000 System
Administrator's Guide
Comcode 700213853
09-0060-00
Issue 1.0
December 2001

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the VSU 10000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Avaya VSU 10000

Summary of Contents for Avaya VSU 10000

  • Page 1 VSU10000 System Administrator’s Guide Comcode 700213853 09-0060-00 Issue 1.0 December 2001...
  • Page 3 Avaya. Customer agrees to implement reasonable security measures to protect such trade secrets and copyrighted material. Title to Software and documentation shall remain solely with Avaya.

  • Page 4: Limited Warranty

    Limited Warranty Hardware Avaya Inc. (“Avaya”) warrants that for a period of one (1) year from the date of shipment from Avaya that the Hardware will be free from defects in material and workmanship under normal use. This limited warranty extends only to Customer as the original purchaser. Customer’s exclusive remedy...
  • Page 5 AVAYA OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall Avaya’s or its suppliers’ liability to Customer, whether in contract, tort (including negligence), or otherwise, exceed the price paid by the Customer. The foregoing limitations shall apply even if the above-stated warranty fails of its essential purpose.
  • Page 6 VSU-10000 User Guide...

  • Page 7: Table Of Contents

    Table of Contents Licenses, Warranties, Copyrights, and Trademarks 1 Preface i How This Guide Is Organized ........1-i Change History.
  • Page 8 Chapter 4 Troubleshooting Power Supply........... . 4-1 Chassis Cooling Fan .

  • Page 9: How This Guide Is Organized

    Preface This user guide provides installation and configuration information for the Avaya VSU-10000 VPNware Service Units. How This Guide Is Organized Chapter 1, Preparing for Installation, includes safety, environmental, and equipment requirements, as well as guidance in planning a VSU-10000 installation.

  • Page 10: Change History

    Change History Contacting Technical Support Technical support is available to registered users of the VSU-10000. • • Version Date Changes 09-0058-00 December 2001 Initial release Phone Support Domestic, Toll free: (800) 237-0016 (24x7) International: 727-217-2425 Email: vpnsupport@avaya.com VSU-10000 User Guide...

  • Page 11: Introduction

    VSU-10000 supports Gigabit copper Ethernet connectivity over standard CAT-5 cables. Like other platforms in Avaya’s VPNware family, the VSU-10000 adds compression, encryption, authentication, and key management to public network data links to ensure privacy and integrity of corporate data, and to enable the efficient and secure operation of virtual private networks (VPNs).

  • Page 12: Plug-And-Play Installation

    VSU-10000 User Guide Security The VSU-10000 provides data stream privacy by employing cryptographic algorithms and keys powerful enough for the most sensitive business communications. It supports DES and Triple DES encryption, as well as the ISAKMP key management standard. SKIP is not supported in this product, nor is VPN Remote Client version 2.5.X.

  • Page 13: Vsu-10000 Components

    VSU-10000 User Guide A custom Management Information Base (MIB) for the VSU 10000 is also provided on the support CD ROM shipped with the unit. VSU-10000 Components Each of the major VSU-10000 components are shown in Figures 1-1 and 1-2 and described in Table 1-1.

  • Page 14: Redundant Power Supplies

    Table 1-1 Redundant Power Supplies The VSU-10000 includes redundant power supply modules. If one fails, the second power supply instantly takes over, without disrupting the operation of the unit. Concurrently, an audible alarm sounds, the green status LED indicator on the power supply subsystem goes off.

  • Page 15: Ethernet Ports

    VSU-10000 User Guide Both cooling fans are hot-swappable and can be replaced without powering down the VSU-10000. Refer to Chapter 4, Troubleshooting, for instructions on replacing a defective cooling fan. Ethernet Ports The VSU-10000 includes two single-port 10/100/1000BASE-T Ethernet cards. The status indication of the LEDs on each of the two Ethernet ports are shown in Figure 2-3.

  • Page 16: General Site Requirements

    SELV Circuit Warning WARNING: The Ethernet 10/100/1000BASE-T, serial, console, and auxiliary ports contain safety extra-low voltage (SELV) circuits. Do not connect to a telephone line. General Site Requirements This section describes the requirements your site must meet for safe installation and operation of your system.

  • Page 17: Required Equipment

    VSU-10000 User Guide Required Equipment The VSU-10000 shipping carton should contain: To install and use the VSU-10000 in a typical network, the customer must supply: • • • • • Required Tools The VSU-10000 chassis can be mounted in a standard 19-inch equipment rack. Rack mounting requires a Phillips-head screwdriver, the VSU rack mount bracket kit, and four screws to match the rack.

  • Page 18: Configuring Equipment Racks

    Configuring Equipment Racks The VSU-10000 can be placed on a desktop or shelf or mounted in a standard 19-inch equipment rack. The location of the chassis and the layout of your equipment rack or wiring room are extremely important for proper system operation.

  • Page 19: Chapter 2 Installing The

    Chapter 2 Installing the VSU-10000 This chapter provides instructions for the physical installation of the VSU-10000, including rack mounting, placement, and connection to the network. Installing the Power Supply Modules The VSU-10000 power supply modules are shipped outside the unit. To install the power supply modules, refer to Figure 2-1 and perform the following steps: Physical Installation The VSU-10000 can be placed on a desktop or mounted in a rack.

  • Page 20: Rack Mount

    Rack Mount The VSU-10000 ships with a VSU rack mount bracket kit, which includes two L-shaped brackets that attach to the sides of the VSU-10000 and to the front of the rack. To attach the VSU-10000 to a standard 19-inch equipment rack: Figure 2-1 Overview of Front Panel Figure 2-2 show the front panel view of the VSU-10000.

  • Page 21: Console And Auxiliary Ports

    VSU-10000 User Guide Status Indicator Fault Indicator Ports not used Figure 2-2 Console and Auxiliary Ports The auxiliary port on the VSU-10000 is used for factory testing only and has no function in normal operation. The console port accepts an RS-232 DB-9 connection from an asynchronous ASCII terminal or a PC running terminal emulation software.

  • Page 22: Ethernet Port Status Indicators

    Public and Private Ports The Public port provides an interface to the public network, while the Private port provides an interface to the private network. The Public and Private ports are Ethernet 10/100/1000BASE-T compliant host ports and auto-negotiate the connection speed. They accept category 5 UTP cabling terminated in an RJ-45 connector per IEEE 802.3 requirements for 10/ 100/1000BASE-T.

  • Page 23: Connecting The Vsu-10000 To The Network

    VSU-10000 User Guide Connecting the VSU-10000 to the Network Figure 2-4 shows a typical network using the VSU-10000. Figure 2-4 Installing the VSU-10000 Private LAN VSU-10000 Crossover Cable Router DSU/CSU Public Network Example of Two VSU-10000 Hardware Installations Private LAN VSU-10000 Crossover Cable...
  • Page 24 Figure 2-5 Connect the gateway router to the VSU-10000 (see CAT5e cable use note on page 2-4). Using the supplied UTP crossover cable connect one end to the public port on the VSU-10000. Connect the other end of the UTP crossover cable to the router’s Ethernet port (Figure 2-5).

  • Page 25: Preparing The Vsu-10000 For Configuration

    Chapter 3 Preparing the VSU-10000 for Configuration Preparation Before the VSU-10000 can be incorporated into a Virtual Private Network (VPN), it must be configured through the VPNmanager. However, to enable communication between the VPNmanager and the VSU-10000, you must first assign an IP address, subnet mask, and default route to the VSU-10000.
  • Page 26 • • • • • When the VSU-10000 is powered on for the first time, the terminal screen should display the initial power on bootup screen shown in Figure 3-1. The SuperUser password. This password authenticates the SuperUser name. The SuperUser password is case sensitive.
  • Page 27 VSU-10000 User Guide Figure 3-1 Preparing the VSU-10000 for Configuration VPNet Service Unit Model XXXX 3DES ENCRYPTION Runtime System version x.x.xx, x/xx/2001 Copyright (C) 1996-2001 VPNet Technologies, Inc. All Rights Reserved. -- Month Day 2001, 17:06:01 --ethernet0: MAC Address 00:60:a1:00:23:f9 ethernet1: MAC Address 00:60:a1:00:23:fa Checking Non Volatile RAM integrity...

  • Page 28: Quick Setup

    Quick Setup Preconfigure the VSU-10000 to communicate with the VPNmanager using the Quick Setup menu selection as described below: From the Main Menu, select 5) Quick Setup. VPNet Technologies - VSU XXXX- Main Menu (1) Configuration (2) Statistics (3) Utilities (4) Logout (5) Quick Setup Your choice [1-5]: 5...
  • Page 29 VSU-10000 User Guide Preparing the VSU-10000 for Configuration To prevent unauthorized users from accessing the VSU-10000 through the console port, enter and confirm the new VSU console password. This VSU’s superuser password is configured. Change superuser password? [yn] y VSU Console password may be up to 31 characters. Enter new VSU console password: ****** Confirm new VSU console password: ****** NOTE: If you forget the VSU console password and need console access, it...
  • Page 30 Both the superuser name and password may be up to 31 characters and are case-sensitive. The name and password will be required later when first setting up the VSU through the VPNmanager application. After the VSU has been initially set up, the VSU may use the VPNmanager Directory Server to authenticate a configuration request, at the Network Administrator’s option.
  • Page 31 VSU-10000 User Guide Your VSU-10000 is now prepared for configuration using the VPNmanager. The VSU initially passes all traffic between its Public and Private ports. This would be a good time to verify connectivity by pinging the VSU from machines on both the public and private network, and by passing traffic between public and private machines (assuming the non-VPN traffic handling mode was left at the default of Pass all non-VPN traffic).

  • Page 32: Fips Mode

    FIPS Mode FIPS (Federal Information Processing Standards) Mode forces the VSU to operate in a FIPS 140-1 Level 2 compliant mode. It is recommended that this mode only be used if your organization’s policy requires FIPS 140-1 Level 2 certification for cryptographic devices. Note that in the FIPS mode (as dictated by the FIPS 140-1 requirements specification), the following are NOT supported: •...

  • Page 33: Troubleshooting

    Chapter 4 Troubleshooting This chapter includes troubleshooting and replacement procedures for the VSU-10000 power supply modules, cooling fans and single-port Ethernet modules. Power Supply The standard VSU-10000 includes two power supply modules. Fault Indication If the power supply module fails, an audible alarm will sound and the green LED status indicator on the power supply subsystem extinguishes.

  • Page 34: Power Supply Removal And Replacement

    Power Supply Removal and Replacement Perform the following steps to replace the power supply module: Figure 4-1 WARNING: Do not insert any object into the power supply slot, such as fingers, tools, etc., as dangerous voltages exist on the connectors. If the power supply is defective, the green LED indicator on the power supply module will be OFF.

  • Page 35: Chassis Cooling Fan

    Removal and Replacement The single-port 10/100/1000BASE-T Ethernet modules are enclosed in the tamper-evident case and may be replaced only by an authorized service technician. Contact your customer service representative or Avaya technical support for instructions on getting the unit serviced. Troubleshooting Unscrew the two thumbscrews in the lower left and upper right corner of the fan, then pull the fan straight out of the unit.
  • Page 36 VSU-10000 User Guide Troubleshooting...

  • Page 37: Specifications

    APPENDIX A This appendix provides physical, environmental and electrical specifications for the VSU-10000, as well as standards compliance information. Physical Specifications Table 1-1 Specifications Specifications VSU-10000 Physical Specifications Parameter Dimensions Weight LAN Interface Management Interfaces Specification 17"W x 18"D x 3.5"H 43.2 cm x 50.8 cm x 8.9 cm (rack-mountable) 14.75 lbs, 6.7kg...

  • Page 38: Environmental Specifications

    Environmental Specifications Table 1-2 Electrical Specifications Table 1-3 CAUTION: Note that the battery in this unit is a non-serviceable part. Danger of explosion if memory backup battery is incorrectly replaced. Replace only with the same or equivalent type recommended by the manufacturer. Dispose of used batteries according to the manufacturer’s instructions.

  • Page 39: Compliance Specifications

    VSU-10000 User Guide Compliance Specifications Table 1-4 Specifications Compliance Specifications Parameter Specification Safety CSA, CE, AS3260, CB SCHEME Certification EMI/RFI FCC Part 15, Class A EN55022 Class A EN50082-1 AS38548 VCCI BSMI Standards IEEE 802.3, Ethernet Compliance IPSec Compliance: RFC 2401 Security Architecture for the Internet Protocol RFC 2402 IP Authentication Header RFC 2403 The Use of HMAC-MD5-96 within ESP and AH RFC 2404 The Use of HMAC-SHA-1-96 within ESP and AH...

  • Page 40: Additional Features

    Additional Features Table 1-5 Additional Features Parameter Specification Encryption DES and Triple DES hardware encryption. DES uses a 56-bit key; Triple DES uses three 56-bit independent keys for an effective key length of 168 bits. All weak and semi-weak keys are automatically discarded. Authentication Keyed MD5™...

  • Page 41: 10/100/1000Base-Tutp Crossover Cable Pinouts

    APPENDIX B The 10/100/1000BASE-T UTP Crossover Cable defined below is provided with the VSU-10000. 10/100/1000BASE-T UTP Crossover Cable Pinouts 10/100/1000BASE-T UTP Crossover Cable Pinouts Signal Name Male RJ-45 TPAP TPAN TPBP TPBN TPCP TPCN TPDP TPDN Male RJ-45...
  • Page 42 VSU-10000 User Guide 10/100/1000BASE-T UTP Crossover Cable Pinouts...

  • Page 43: Vsu Acronyms

    VSU Acronyms GLOSSARY CBC – Cipher Block Chaining encryption DES – Data Encryption Standard encryption 3DES – Triple Data Encryption Standard encryption DNS – Domain Name Server (a distributed database system used to map host names to IP addresses and vice versa) DCE –...
  • Page 44 PPP – Point to Point Protocol RADIUS – Remote Authentication Dial-In User Server RFC – Request For Comment SHA-1 – Secure Hash Algorithm-1 SNMP – Simple Network Management Protocol SSL – Secure Socket Layer TCP/IP – Transmission Control Protocol / Internet Protocol URL –...

Table of Contents