Page 1
Nortel Business Secure Router 252 — Fundamentals BSR252 Business Secure Router Document Number: NN47923-301 Document Version: 1.2 Date: May 2007...
Page 2
The information in this document is proprietary to Nortel. Trademarks Nortel, Nortel (Logo), the Globemark, and This is the way, This is Nortel (Design mark) are trademarks of Nortel. Microsoft, MS, MS-DOS, Windows, and Windows NT are registered trademarks of Microsoft Corporation.
Internet Connection with PPPoA ........28 Nortel Business Secure Router 252 — Fundamentals...
Page 4
Adding IP telephony to a multi-site network ......38 Configuring the router to act as a Nortel VPN Server (Client Termination) . . . 39 Configuring the router to connect to a Nortel VPN Server (Client Emulation) .
Page 5
Table 1 Internet Account Information Worksheet Table 2 Front panel details Table 3 Rear panel details Nortel Business Secure Router 252 — Fundamentals...
Preface This Quick Start Guide provides instructions for installing and configuring your Nortel Business Secure Router 252 as an Office Gateway for your network. After completing this guide, you can access the Internet securely through your Nortel Business Secure Router 252.
Related publications For more information about using the Nortel Business Secure Router 252, refer to the following publication: • Nortel Business Secure Router 252 - Basics (NN47923-500) Hard-copy technical manuals You can print selected technical manuals and release notes free, directly from the Internet.
Preface How to get help If you purchased a service contract for your Nortel product from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller for assistance. If you purchased a Nortel service program, contact Nortel Technical Support. To obtain contact information online, go to www.nortel.com/cgi-bin/comments/...
Chapter 1 Introducing the Business Secure Router The Nortel Business Secure Router 252 is the ideal secure gateway for all data passing between the Internet and the LAN. By integrating Network Address Translation (NAT), firewall and Virtual Private Network (VPN) capability, the Nortel Business Secure Router 252 is a complete security solution that protects your Intranet and efficiently manages data traffic on your network.
Page 12
12 Chapter 1 Introducing the Business Secure Router NN47923-301...
ESD. Avoid touching the connectors on the router, particularly when it is in use. Note: Please use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord. Nortel Business Secure Router 252 — Fundamentals...
14 Chapter 2 Hardware installation 2.1 Front panel Table 2 Front panel details LABEL DESCRIPTION Step 1: 1-4 Connect a computer to one of these ports with an Ethernet cable. These ports are auto-negotiating (can connect at 10 or 100Mb/s) and auto-sensing (automatically adjusts to the type of Ethernet cable you use, straight-through or crossover).
LEDs. The power LED blinks while performing system testing and then stays on if the testing is successful. The Ethernet port LEDs turn on if the ports are properly connected. Refer to Configuring and Troubleshooting the Nortel Business Secure Router 252 for more detailed LED descriptions.
Windows NT/2000/XP or Macintosh OS 7 and later operating systems. Instructions are provided here for configuring Windows 2000, NT and XP operating systems. Refer to Nortel Business Secure Router 252 Configuration — Basics (NN47923-500) and Nortel Business Secure Router 252 Configuration —...
Page 18
18 Chapter 3 Setting up your computer IP address Nortel recommends that you do not use a static IP address in the same range as the Business Secure Router DHCP server address pool (192.168.1.2 to 192.168.1.127 by default). Click Advanced. Remove any previously installed gateways in the IP Settings tab and click OK to go back to the Internet Protocol TCP/IP Properties screen.
192.168.1.254), with subnet mask 255.255.255.0, in order to communicate with the Business Secure Router. Refer to Nortel Business Secure Router 252 Configuration — Basics (NN47923-500) and Nortel Business Secure Router 252 Configuration — Advanced (NN47923-501) for detailed IP address configuration for other Windows and Macintosh computer operating systems.
Page 20
20 Chapter 3 Setting up your computer IP address NN47923-301...
Configuring your Business Secure Router Choose one of these methods to access and configure the Business Secure Router. This guide shows you how to use the WebGUI wizard only. See Nortel Business Secure Router 252 Configuration — Basics (NN47923-500) and Nortel Business Secure Router 252 Configuration —...
Page 22
22 Chapter 4 Configuring your Business Secure Router Nortel recommends you change the default password! Enter a new password, retype it to confirm it and click Apply. Alternatively click Ignore to proceed to the main menu if you do not want to change the password now.
Page 23
Click ENTER to display the Login screen again and then log back on. This idle timeout timer is one of the many Business Secure Router features that you can edit using the WebGUI. Nortel Business Secure Router 252 — Fundamentals...
24 Chapter 4 Configuring your Business Secure Router 4.2 Using the wizard to configure for internet access Select WIZARD to display the first wizard screen. NN47923-301...
Page 25
Click Next. The second wizard screen varies depending on what mode and encapsulation type you use. All screens shown are with routing mode. Configure the fields and click Next to continue. Nortel Business Secure Router 252 — Fundamentals...
26 Chapter 4 Configuring your Business Secure Router Internet Connection with PPPoE If your ISP provides the name of your PPPoE service provider, enter it in the Service Name field. Enter the user name and password exactly as your ISP gives you. Select Obtain an IP Address Automatically if you have a dynamic WAN IP address;...
In the ENET ENCAP Gateway field, enter the gateway IP address given by your ISP. From the Network Address Translation drop-down list box, select SUA Only, Full Feature or None. Nortel Business Secure Router 252 — Fundamentals...
28 Chapter 4 Configuring your Business Secure Router Internet Connection with PPPoA Refer to “Internet Connection with PPPoE” on page 26 for field descriptions. Verify the settings in the screen shown next. This screen varies depending on what mode and encapsulation type you use. To change the LAN information on the Business Secure Router, click Change LAN Configurations.
Page 29
Chapter 4 Configuring your Business Secure Router 29 If you want to change your Business Secure Router LAN settings, click Change LAN Configuration to display the screen as shown next Nortel Business Secure Router 252 — Fundamentals...
Page 30
30 Chapter 4 Configuring your Business Secure Router Enter the IP address of your Business Secure Router in dotted decimal notation in the LAN IP Address field. For example, 192.168.1.1 (factory default). Note: If you change the Business Secure Router's LAN IP address, you must use the new IP address if you want to access the WebGUI again.
Page 31
To test the connection from the Business Secure Router to the ISP and the connected LAN device(s), click Start Diagnose. Otherwise click Finish to go back to the Site Map screen. Nortel Business Secure Router 252 — Fundamentals...
32 Chapter 4 Configuring your Business Secure Router 4.3 Test your internet connection Launch your web browser and go to www.nortel.com. You do not need a dial-up program such as Dial-Up Networking. Internet access is just the beginning. Refer to the Nortel Business Secure Router 252 Configuration — Basics (NN47923-500) and Nortel Business Secure Router 252 Configuration —...
WebGUI again. Alternatively, the administrator can log in using a TelNet session, if TelNet access has been enabled in the Remote Management menu. Nortel Business Secure Router 252 — Fundamentals...
34 Chapter 5 User Notes Clicking Sound The Business Secure Router will click once every two minutes until an ADSL line is connected. Firewall Address Range Validation In the firewall rules, the router does not confirm when given an address range, that the second address is higher than the first.
Page 35
If a VPN Client user account is de-activated, deleted, or changed, and that user is currently connected, the connection is not automatically dropped. To drop the connection, the administrator needs to disconnect the user using the 'Disconnect' function in the VPN/SA Monitor GUI. This is consistent with other Nortel Contivity products. User Name Restrictions User names are limited to a maximum length of 63 characters.
36 Chapter 5 User Notes When defining a Client Termination account for another Business Secure Router that will connect using Contivity Client Emulation, the following configuration is required: • Encryption must be Triple DES with SHA1 integrity, or Triple DES with MD5 integrity.
DNS name, and the IP address of the remote router. d Select the encryption and authentication algorithms. Add an IP policy, by specifying the IP address ranges of the local and remote hosts that will use the tunnel. Nortel Business Secure Router 252 — Fundamentals...
38 Chapter 5 User Notes Repeat these steps at the other end of the branch. Note: If VPN Client Termination is used on these sites, the client termination address range will need to be included in the tunnel policies in order for the VPN clients to see the other site.
Chapter 5 User Notes 39 Create a tunnel between the sites, as described above. Create an H.323 trunk between the BCM50s, as per the BCM50 User Guide. Configuring the router to act as a Nortel VPN Server (Client Termination) Under VPN / Client Termination, Enable Client Termination.
40 Chapter 5 User Notes Note: In DHCP Server mode, the BCM50 IP address will be the lowest address in the pool. Create the appropriate Firewall rules to add BCM50 access. Go to FIREWALL / Summary, and create two WAN-to-LAN firewall rules: One rule allowing access from allowed remote computer IP addresses, to the BCM50 IP address, for service type HTTPS(TCP:443) One rule allowing access from allowed remote computer IP addresses, to the...
“Preventing heavy data traffic from impacting telephone calls”. Provision the IP set with the corporate call server address. On the PC, install Contivity Client Software, and configure it with the PC user account information. Nortel Business Secure Router 252 — Fundamentals...
42 Chapter 5 User Notes Inter-Operability With Third-Party Routers VPN Connections With Cisco Routers When establishing a VPN Client tunnel or Branch Office Tunnel between the Business Secure Router and a Cisco router, the following configuration rules should be followed: Ensure that the WAN IP of the BSR222/252 router and the Cisco router are not in the same subnet.
IP address with Windows 2000, NT and XP operating systems. Refer to Configuring and Troubleshooting the Nortel Business Secure Router 252 for detailed IP address configuration for Windows 95, 98, Me and Macintosh and Linux computer operating systems.
44 Chapter 6 Troubleshooting Problem: You cannot get a WAN IP address from the ISP The ISP provides the WAN IP address after authenticating the username and password, the MAC address, or the host name. Find out the verification method used by your ISP.