How To Configure The Headquarters Vpn Access Concentrator - Allied Telesis AlliedWare AR440S How To Configure

How to configure the headquarters VPN access
concentrator
Before you begin to configure your router, ensure that it is running the appropriate software
release, patch and GUI files and has no configuration.
Note:
VPNs, is available in
page
1. Configure general system and user settings
Name the router
Define a security officer.
Do not forget your "secoff" password.
Enable security mode so that VPN keys are stored securely, and other security features are
enabled.
Once security mode is enabled, you need to log in as a security officer to enter most
configuration-altering commands.
It is important to keep this security officer username and password secure, and to consider
proper handover of it in the event of IT staff changes.
Also, we recommend you leave a "manager" privilege user defined because this may provide
backup access if the security officer password is lost. Do not leave the manager password at
the factory default—change it to a password in keeping with your company's security policy.
When security mode is enabled, router configuration access times out after inactivity to
prevent unauthorised access. The default timeout is 60 seconds, but you may temporarily
raise it to 600 seconds if desired.
Page 8 | AlliedWare™ OS How To Note: VPNs for Corporate Networks
set inst=pref rel=<rel-file> pat=<patch-file> gui=<gui-file>
set conf=none
disable system security
restart reboot
A software QoS extension to this configuration, to prioritise VoIP traffic over the
"How to prioritise outgoing VoIP traffic from the headquarters router" on
31.
set system name=HQ
add user=secoff pass=<your-secoff-password> priv=securityofficer
lo=yes telnet=yes
enable system security
login secoff
password: <your-secoff-password>
set user=manager password=<your-company-policy-password>
set user securedelay=600