1. Manuals
  2. Brands
  3. VPNet Manuals
  4. Gateway
  5. VSU 5000
  6. User manual

VPNet VSU 5000 User Manual

Vpnware service unit
Hide thumbs Also See for VSU 5000:
Table of Contents

Advertisement

Quick Links

Download this manual
VSU-5000
VPNware Service Unit

User Guide

VPNet Technologies, Inc.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the VSU 5000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for VPNet VSU 5000

Summary of Contents for VPNet VSU 5000

  • Page 1: User Guide

    VSU-5000 VPNware Service Unit User Guide VPNet Technologies, Inc.
  • Page 2 VSU-5000 User Guide Licenses, Warranties, Copyrights, and Trademarks THE SPECIFICATIONS REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

  • Page 3: Limited Warranty

    VSU-5000 User Guide Limited Warranty Hardware VPNet Technologies, Inc. (“VPNet”) warrants that for a period of one (1) year from the date of shipment from VPNet that the Hardware will be free from defects in material and workmanship under normal use. This limited warranty extends only to Customer as the original purchaser. Customer’s exclusive remedy and the entire liability of VPNet and its suppliers under this limited warranty will be, at VPNet or its service center's option, repair or replacement within ten (10) business days or refund of the Hardware if returned to the party supplying the Hardware to Customer, freight and...
  • Page 4 VSU-5000 User Guide LIABILITY ARISING OUT OF THE USE OF OR INABILITY TO USE THE PRODUCT EVEN IF VPNET OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall VPNet’s or its suppliers’ liability to Customer, whether in contract, tort (including negligence), or otherwise, exceed the price paid by the Customer.

  • Page 5: Table Of Contents

    Table of Contents Preface Security ............i Performance .
  • Page 6 Chapter 4 Troubleshooting Power Supply........... . 4-1 Chassis Cooling Fan .

  • Page 7: Security

    Preface This user guide provides installation and configuration information for the VSU-5000 VPNware Service Units. The VSU-5000 adds compression, encryption, authentication, and key management to public data links to ensure privacy and integrity of corporate data, and to enable the efficient and secure operation of virtual private networks (VPNs).

  • Page 8: Performance

    Data authenticity is assured by using MD5 or forged packets. All security mechanisms employed by the VSU-5000 conform to IPSec standards, in order to provide interoperability and broaden the use of VPN technology. Performance The VSU-5000 supports IP over 10BASE-T or 100BASE-T local area networks (LAN).

  • Page 9: Change History

    VSU-5000 User Guide Chapter 2, Installing the VSU-5000, provides VSU rack mounting instructions, an overview of the back panel, and a procedure for physical installation, including placement and connection to the network. Chapter 3, Preparing the VSU-5000 for Configuration, provides instructions for setting up VSU-5000 addressing and enabling remote connectivity for using the VPNmanager, VPNet’s VPN network management application.
  • Page 10 VSU-5000 User Guide...

  • Page 11: Preparing For Installation

    Chapter 1 Preparing for Installation This chapter includes safety, environmental, and equipment requirements, as well as guidance in planning the VSU-5000 installation. Safety Recommendations When using the VSU-5000, follow these safety guidelines: • • • • • NOTE: The VSU-5000 is enclosed in a tamper-evident case that meets U.S. NIST FIPS 140-1 Level Physical Security and may be replaced only by an authorized service technician.

  • Page 12: Power Supply Considerations

    Configuring Equipment Racks The VSU-5000 can be placed on a desktop or mounted in a rack. The location of the chassis and the layout of your equipment rack or wiring room are extremely important for proper system operation. Equipment placed too close together, inadequate ventilation, and inaccessible panels can cause system malfunctions and shutdowns, and can make system maintenance difficult.

  • Page 13: Environmental Requirements

    VSU-5000 User Guide Circuit Breaker (15A) Warning WARNING: This product relies on the building's installation for short-circuit (overcurrent) protection. Ensure that a fuse or circuit breaker no larger than 120 VAC, 15A U.S. (240 VAC, 10A international) is used on the phase conductor (all current-carrying conductors).

  • Page 14: Required Equipment

    Required Equipment The VSU-5000 shipping carton contains: To use the VSU-5000 in a typical VPN application, the customer must supply: • • • • • Quantity Part Description VSU-5000 VPN Service Unit VSU-5000 VPN Service Unit User Guide UTP Crossover Cable (for connection to a router, switch, or hub) Null Modem Cable (for connection to the VSU Console port) Power cord (110V) or Power cord (230V)

  • Page 15: Installing The Vsu-5000

    Chapter 2 Installing the VSU-5000 This chapter provides instructions for the physical installation of the VSU-5000, including rack mounting, placement, and connection to the network. Physical Installation The VSU-5000 can be placed on a desktop or mounted in a rack. Desktop To install on a desktop, allow sufficient depth in the rear for cabling and on the sides for ventilation flow.
  • Page 16 To attach the VSU-5000 to a standard 19-inch equipment rack: Figure 2-1 Figure 2-2 From one side of the VSU-5000, remove the two front side screws (Figure 2-1). Removing the Rack Mount Screws Using the flat-head screws provided with the bracket, attach the backet to the VSU-5000 (Figure 2-2).

  • Page 17: Overview Of Front Panel

    VSU-5000 User Guide Overview of Front Panel Figure 2-3 show the front panel view of the VSU-5000. Status Indicator Fault Indicator Figure 2-3 Console and Auxiliary Ports The auxiliary port on the VSU-5000 is used for factory testing only and has no function in normal operation.

  • Page 18: Ethernet Port Status Indicators

    Public and Private Ports The Public port provides an interface to the public network, while the Private port provides an interface to the private network. The Public and Private ports are Ethernet 10/100BASE-T compliant host ports. They accept category 3 or 5 UTP cabling terminated in an RJ-45 connector per IEEE 802.3 requirements for 100/10BASE-T.

  • Page 19: Connecting The Vsu-5000 To The Network

    VSU-5000 User Guide Connecting the VSU-5000 to the Network Figure 2-4 shows a typical network using the VSU-5000. Figure 2-4 Installing the VSU-5000 Private LAN VSU-5000 Crossover Cable Router DSU/CSU Public Network Example of Two VSU-5000 Hardware Installations Private LAN VSU-5000 Crossover Cable...
  • Page 20 Figure 2-5 Connect the gateway router to the VSU-5000. Using the supplied UTP crossover cable connect one end to the public port on the VSU-5000. Connect the other end of the UTP crossover cable to the router’s Ethernet port (Figure 2-5). Connect UTP Crossover Cable between the VSU-5000 Public Port and the Router Attaching a Router to the VSU-5000...

  • Page 21: Preparing The Vsu-5000 For Configuration

    Chapter 3 Preparing the VSU-5000 for Configuration Preparation Before the VSU-5000 can be incorporated into a Virtual Private Network (VPN), it must be configured through the VPNmanager. However, to enable communication between the VPNmanager and the VSU-5000, you must first assign an IP address, subnet mask, and default route to the VSU-5000.
  • Page 22 • • • • • When the VSU-5000 is powered on for the first time, the terminal screen should display the initial power on bootup screen shown in Figure 3-1. The SuperUser name. This is the name that is authorized to perform any kind of configuration request on a VSU.
  • Page 23 VSU-5000 User Guide Figure 3-1 Preparing the VSU-5000 for Configuration VPNet Service Unit Model XXXX 3DES ENCRYPTION Runtime System version x.x.xx, x/xx/2000 Copyright (C) 1996-2000 VPNet Technologies, Inc. All Rights Reserved. -- Month Day 2000, 17:06:01 --ethernet0: MAC Address 00:60:a1:00:23:f9 ethernet1: MAC Address 00:60:a1:00:23:fa ethernet2: MAC Address 00:60:a1:00:16:9a ethernet3: MAC Address 00:60:a1:00:16:9b...
  • Page 24 Preconfigure the VSU-5000 to communicate with the VPNmanager using the Quick Setup menu selection as described below: From the Main Menu, select 5) Quick Setup. VPNet Technologies - VSU XXXX- Main Menu 1) Configuration 2) Statistics 3) Utilities 4) Logout 5) Quick Setup Your choice [1-5]: 5 You will be prompted for the information required to set up the VSU.
  • Page 25 VSU-5000 User Guide Preparing the VSU-5000 for Configuration To prevent unauthorized users from accessing the VSU-5000 through the console port, enter and confirm the new VSU console password. VSU Console password may be up to 31 characters. Enter new VSU console password: ****** Confirm new VSU console password: ****** CAUTION: Do not forget this password.
  • Page 26 Non-VPN traffic mode: non-VPN traffic is currently forwarded. Non-VPN Traffic Configuration Menu 1) Permit all non-VPN traffic 2) Deny IP non-VPN traffic only 3) Deny all non-VPN traffic P) Previous menu Your choice [1-3]: Select a traffic mode from the Traffic Configuration Menu. Permit all non-VPN traffic - When checked (default), all non VPN traffic is allowed to pass through the VSU.
  • Page 27 VSU-5000 User Guide Preparing the VSU-5000 for Configuration Enter the current date and time. Date: 3-9-2000 Enter date [MM-DD-YYYY]: Time: 13:51:53 Enter time [HH:MM:SS]: This date and time setting are primarily used to ensure accurate timestamps when logging events. When changing either the date or time, all three parts of the date (MM-DD-YYYY) or time (HH:MM:SS) must be entered.

  • Page 28: Fips Mode

    FIPS Mode FIPS (Federal Information Processing Standards) Mode forces the VSU to operate in a FIPS 140-1 Level 2 compliant mode. It is recommended that this mode only be used if your organization’s policy requires FIPS 140-1 Level 2 certification for cryptographic devices. Note that in the FIPS mode (as dictated by the FIPS 140-1 requirements specification), the following are NOT supported: •...

  • Page 29: Fault Indication

    Chapter 4 Troubleshooting This chapter includes troubleshooting and replacement procedures for the VSU-5000 power supply module, cooling fan and dual-port Ethernet module. Power Supply The standard VSU-5000 includes a single power supply module. NOTE: The VSU-5000 is provisioned with one of two different power supply module types.

  • Page 30: Power Supply Removal And Replacement

    Power Supply Removal and Replacement Referring to Figure 4-1, perform the following steps to replace the power supply module: Figure 4-1 WARNING: Do not insert any object into the power supply slot, such as fingers, tools, etc., as dangerous voltages exist on the connectors. Unscrew the thumbscrew next to the hinged fan assembly on the back of the unit and swing the fan assembly open to expose the power supply modules.

  • Page 31: Fan Removal And Replacement

    VSU-5000 User Guide Alternate Power Supply Removal and Replacement Referring to Figure 4-2, perform the following steps to replace the power supply module: WARNING: Do not insert any object into the power supply slot, such as fingers, tools, etc., as dangerous voltages exist on the connectors. Chassis Cooling Fan The VSU-5000 includes a cooling fan on the rear panel to cool the chassis.

  • Page 32: Ethernet Interface Module

    Figure 4-2 Ethernet Interface Module The VSU-5000 includes a dual-port 10/100BASE-T Ethernet card, with the public and private interface ports paired on the card. Removal and Replacement The dual-port 10/100BASE-T Ethernet module is enclosed in the tamper-evident case and may be replaced only by an authorized service technician. Contact your customer service representative or VPNet technical support for instructions on getting the unit serviced.

  • Page 33: Appendix A Specifications

    APPENDIX A This appendix provides physical, environmental and electrical specifications for the VSU-5000, as well as standards compliance information. Physical Specifications Table 1-1 Specifications Specifications VSU-5000 Physical Specifications Parameter Dimensions Weight LAN Interface Management Interfaces Specification 17"W x 16"D x 3.5"H 43.2 cm x 35.6 cm x 8.9 cm (rack-mountable) 14.75 lbs, 6.7kg...

  • Page 34: Environmental Specifications

    Environmental Specifications Table 1-2 Electrical Specifications Table 1-3 CAUTION: Danger of explosion if memory backup battery is incorrectly replaced. Replace only with the same or equivalent type recommended by the manufacturer. Dispose of used batteries according to the manufacturer’s instructions. Note that the battery in this unit is a non-serviceable part. Environmental Specifications Parameter Temperature...

  • Page 35: Compliance Specifications

    VSU-5000 User Guide Compliance Specifications Table 1-4 Specifications Compliance Specifications Parameter Specification Safety UL, C-UL, CE, AS3260, CB SCHEME Certification EMI/RFI FCC Part 15, Class A EN55022 Class A EN50082-1 AS38548 VCCI Standards IEEE 802.3, Ethernet Compliance SKIP Compliance: RFC 1825 Security Architecture for the Internet Protocol RFC 1826 IP Authentication Header RFC 1827 IP Encapsulating Security Payload RFC 1828 IP Authentication using Keyed MD5...

  • Page 36: Additional Features

    Additional Features Table 1-5 Additional Features Parameter Specification Encryption DES and Triple DES hardware encryption. DES uses a 56-bit key; Triple DES uses three 56-bit independent keys for an effective key length of 112 bits. All weak and semi-weak keys are automatically discarded. Authentication Keyed MD5™...

  • Page 37: 10/100Base-T Utp Crossover Cable Pinouts

    APPENDIX B The 10/100BASE-T UTP Crossover Cable defined below is provided with the VSU-1100. 10/100BASE-T UTP Crossover Cable Pinouts 10/100BASE-T UTP Crossover Cable Pinouts Signal Name Male RJ-45 Male RJ-45...
  • Page 38 VSU-5000 User Guide 10/100BASE-T UTP Crossover Cable Pinouts...

  • Page 39: Vsu Acronyms

    VSU Acronyms GLOSSARY CBC – Cipher Block Chaining encryption DES – Data Encryption Standard encryption DNS – Domain Name Server (a distributed database system used to map host names to IP addresses and vice versa) DCE – Data Communication Equipment DSU/CSU –...
  • Page 40 PPP – Point to Point Protocol RADIUS – Remote Authentication Dial-In User Server RFC – Request For Comment SHA – Secure Hash Algorithm SKIP – Simple Key Management for Internet Protocol SNMP – Simple Network Management Protocol SSL – Secure Socket Layer TCP/IP –...
  • Page 41 Index authentication specification A-4 auxiliary port 2-3 back panel 2-3 auxiliary port 2-3 console port 2-3 LEDs 2-4 private port 2-4 public port 2-4 bootup screen 3-2 compliance specifications A-3 compression specification A-4 configuration preparation 3-1 configuring using quick setup menu 3-4 connections Ethernet LAN 2-6 router 2-6...
  • Page 42 safety 1-1 registration iii required tools 1-3 requirements environmental 1-3 router connections 2-6 safety recommendations 1-1 security i SHA1 i SKIP i software upgrade specification A-4 specifications A-1 authentication A-4 compliance A-3 compression A-4 electrical A-2 encryption A-4 environmental A-2 key management A-4 physical A-1 software upgrades A-4...

Table of Contents