Advertising

Advertising

IP40 Version 1.0 Appliance User's
Guide
N450916001 Rev A
October 2003

Advertising

   Also See for Nokia IP40

   Summary of Contents for Nokia IP40

  • Page 1

    IP40 Version 1.0 Appliance User’s Guide N450916001 Rev A October 2003...

  • Page 2

    IMPORTANT NOTE TO USERS This software and hardware is provided by Nokia Inc. as is and any express or implied warranties, including, but not limited to, implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall Nokia, or its affiliates, subsidiaries or suppliers be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, procurement of substitute goods or services;...

  • Page 3

    Nokia Customer Support Web Site: https://support.nokia.com/ Email: tac.support@nokia.com Americas Europe Voice: 1-888-361-5030 or Voice: +44 (0) 125-286-8900 1-613-271-6721 Fax: 1-613-271-8782 Fax: +44 (0) 125-286-5666 Asia-Pacific Voice: +65-67232999 Fax: +65-67232897 021216 Nokia IP40 User Guide...

  • Page 4

    Nokia IP40 User Guide...

  • Page 5: Table Of Contents

    Setting up Nokia IP40 with an Apple Computer ......35 Connecting the Nokia IP40 to the Network ......35 Installing Your Network .

  • Page 6: Table Of Contents

    Connecting to the Internet using IP40 ....... . . 57...

  • Page 7: Table Of Contents

    Setting Up the Security Policy in IP40 ....... . .

  • Page 8: Table Of Contents

    Resetting the IP40 to Factory Defaults ....... . . 121...

  • Page 9: Table Of Contents

    Setting up the Nokia IP40 Satellite X ....... . 149...

  • Page 10: Table Of Contents

    Viewing Firmware Status ......... . 174 Resetting the IP40 to factory defaults ....... . 174 Running Diagnostics .

  • Page 11: In This Guide

    Nokia IP40, see the Nokia IP40 Quick Start Guide and the IP40 Online Help that is part of the graphical user interface (GUI) in the device. Installation and maintainance should be performed by experienced technicians or Nokia- approved service providers only.

  • Page 12: Conventions This Guide Uses

    Event Log, Active Computers, Active Connections, and VPN Tunnels. Chapter 13, “Working with VPNs,” explains how to configure a VPN by using the IP40. Chapter 14, “Using Managed Services,” describes methods for enabling and using subscription services such as Web filtering, email antivirus, and automatic and manual updates.

  • Page 13: Command-line Conventions

    Conventions This Guide Uses Command-Line Conventions This section defines the elements of commands that are available in Nokia products. You might encounter one or more of the following elements on a command-line path. Table 1 Command-Line Conventions Convention Description command...

  • Page 14: Text Conventions, Menu Items

    • Indicates an external book title reference. • Indicates a variable in a command: delete interface if_name Menu Items Nokia IP40 menu items in procedures are separated by the greater than sign. Nokia IP40 User Guide...

  • Page 15: Related Documentation

    Related Documentation For example, Start > Programs > Nokia > Security indicates that you first click Start, then choose the Programs menu command, then choose Nokia, and finally choose Security Related Documentation In addition to this guide, documentation for this product includes the following: Nokia IP40 Quick Start Guide—Provides a description of the system features and an...

  • Page 16

    Nokia IP40 User Guide...

  • Page 17: Introduction, About The Nokia Ip

    Point FireWall-1 Stateful Inspection technology, inspects and filters all incoming and outgoing traffic, blocking all unauthorized traffic. The IP40 is a hardware appliance and is easy to install. It allows you to share your Internet connection among several computers, other network devices and enables advanced home and office networking, besides providing protection for your entire network.

  • Page 18: Nokia Ip40 Tele 8, Nokia Ip40 Tele, Nokia Ip40 Satellite 16, Satellite 32, Satellite Unlimited

    Introduction Nokia IP40 Tele 8 The IP40 Tele 8 is for home telecommuters and work extenders who also need VPN client access. The IP40 Tele 8 supports both firewall and VPN client capabilities over an eight-node network. The appliance supports VPN client capabilities for users to connect to the central office from their home with firewall protection, extending the enterprise network to the employees’...

  • Page 19: Firewall

    About the Nokia IP40 Table 3 Nokia IP40 Satellite Feature Nokia IP40 Tele 8 (16/32/Unlimited) DHCP client Backup Internet connection, static NAT, static routes Firewall Table 4 Nokia IP40 Satellite Feature Nokia IP40 Tele 8 (16/32/Unlimited) Based on Check Point...

  • Page 20

    IPSEC VPN site-to-site gateway IPSEC VPN remote access client VPN pass through X.509 certificates SecuRemote server RADIUS support DAIP with VPN certificates Backup VPN gateways SmartCenter Connector (SSC) NG AI support Bypass NAT Route all traffic Nokia IP40 User Guide...

  • Page 21: Management

    About the Nokia IP40 Table 5 Nokia IP40 Satellite Feature Nokia IP40 Tele8 (16/32/Unlimited) Multiple PPP connections Active tunnels Management Table 6 Nokia IP40 Satellite Feature Nokia IP40 Tele 8 (16/32/Unlimited) Web-based management Access to IP40 through OOB, SSH and SNMP...

  • Page 22: Security Services

    Introduction Security Services Table 7 Nokia IP40 Satellite Feature Nokia IP40 Tele 8 (16/32/Unlimited) Firewall security updates Software updates Web filtering Email antivirus protection Dynamic DNS service (available with SMP) VPN management Centralized logging Customized security policy Protocol support for...

  • Page 23: Diagnostics And Maintenance, Nokia Ip40 Package Contents

    A country specific power cord for universal power supply An Ethernet-crossover cable, labeled Crossover An RS-232 console (null modem) cable The IP40 CD. The IP40 CD includes the following documents needec to set up and use the device: Quickstart Guide...

  • Page 24: Network Requirements, Appliance Overview, Ip40 Rear Panel

    Navigator 4.7 or higher. Appliance Overview The following sections provide an overview of your device’s rear and front panels. IP40 Rear Panel All physical connections (network and power) to the IP40 are made through the rear panel. Nokia IP40 User Guide...

  • Page 25

    Appliance Overview Figure 1 Rear View of Nokia IP40 CONSOLE AUXILIARY POWER 00409 The items on the rear panel of the IP40 are explained in Table 1. Table 9 Rear Panel of the IP40 Label Description Power A power jack used for supplying power to the device.

  • Page 26: Ip40 Front Panel

    Introduction IP40 Front Panel You can monitor the IP40 operations by viewing the LEDs on the front panel. Figure 2 Front Panel of Nokia IP40 00418 The items on the front panel of the IP40 are explained in Table 2.

  • Page 27: Installing The Nokia Ip40, Installing The Nokia Ip, Before You Install The Nokia Ip

    Installing the Nokia IP40 Installing the Nokia IP40 This chapter describes how to set up and install the Nokia IP40 in a networking environment. The chapter covers the following topics: “Before You Install the Nokia IP40” on page 27 “Setting Up Nokia IP40 with Microsoft Windows 98 or Millennium Operating Systems”...

  • Page 28

    Installing the Nokia IP40 To check for TCP/IP Installation 1. Choose Start > Settings > Control Panel. The Control Panel window appears. 2. Double click the Network icon. The Network window appears. 3. In the Network window, check if TCP/IP appears in the network components list and if it is already configured with the Ethernet card installed on your computer.

  • Page 29

    5. Restart your computer if prompted. To make TCP/IP Settings If you are connecting the IP40 to an existing LAN, consult your network manager/system administrator for the correct configuration. 1. In the Network window, double-click the TCP/IP Service for the Ethernet card on your computer.

  • Page 30

    Installing the Nokia IP40 2. Click the Gateway tab and remove any installed gateways. 3. Click the DNS Configuration tab and click Disable DNS radio button. 4. Click the IP Address tab, and click Obtain an IP address automatically radio button.

  • Page 31: Setting Up Nokia Ip40 With Microsoft Windows Xp And 2000 Operating Systems

    Before You Install the Nokia IP40 Note Nokia recommends that you use DHCP to assign IP addresses instead of assigning a static IP address to your computer. To assign a static IP address, select Specify an IP address and enter an IP address in the range of 192.168.10.129 to 254. Enter 255.255.255.0 as the Subnet Mask.

  • Page 32

    Installing the Nokia IP40 2. Double click the Network and Dial-up Connections icon (Network Connections icon from Windows XP). The Network and Dial-up Connections window appears. 3. Right-click the Local Area Connection icon and select Properties from the drop-down menu.

  • Page 33

    Before You Install the Nokia IP40 4. Check for TCP/IP in the Component list and whether it is configured with the Ethernet card installed on your computer. If TCP/IP does not appear in the Components list, install it as described in the following section.

  • Page 34

    2. Select Obtain an IP address automatically. Note Nokia recommends that you use DHCP to assign IP addresses instead of assigning a static IP address to your computer. To assign a static IP address, select Specify an IP address and...

  • Page 35: Setting Up Nokia Ip40 With An Apple Computer, Connecting The Nokia Ip40 To The Network

    1. Click Obtain DNS server address automatically. 2. Click OK to save the new settings. Your computer is now ready to access your IP40. Setting up Nokia IP40 with an Apple Computer Use the following procedure to set up the TCP/IP protocol: To make TCP/IP settings 1.

  • Page 36: Installing Your Network

    Installing the Nokia IP40 Installing Your Network Plan your network and the location of the IP40, then install your network. To install the network 1. Connect the LAN cable: Connect one end of the Ethernet cable to the LAN port at the back of the unit.

  • Page 37: Getting Started, First Time Login

    Note The IP40 ships without a password defined. If you are logging in for the first time, you will be prompted to define the password by entering it twice. If you have already logged in before, enter the username and password you previously defined.

  • Page 38: Configuring Nokia Ip40 For Internet Connection

    Setup on the navigation bar and click Password. Configuring Nokia IP40 for Internet Connection This section provides information on making the initial settings for your IP40 using the Setup Wizard and connecting to Internet. To connect to Internet from Nokia IP40 1.

  • Page 39: Making Initial Nokia Ip40 Settings, Setting The Nokia Ip40 Time

    Making Initial Nokia IP40 Settings For more information Chapter 5, “Configuring the IP40 for Internet Connection.” Note Refer to Chapter 5 for information on connecting to the Internet. Making Initial Nokia IP40 Settings Once you exit the Internet Connection Method wizard, you will be prompted for setting the device time.

  • Page 40

    If you select Your computer’s clock, the IP40 is automatically updated with the time settings of your computer. b. If you click Keep the current time, the IP40 retains its current time settings. No changes to the time settings are made.

  • Page 41: Registering With Nokia Support Site

    Click on Finish to exit the Set Time Wizard Registering with Nokia Support Site. You can register with Nokia Support Site once you have made your time settings. The following dialog box appears once you have exited the Set Time Wizard.

  • Page 42: Connecting To A Central Management Server

    Check Point Smart Center, Smart Center Pro, or Security Management Platform server. If your IP40 is centrally managed by any of these servers be sure "I wish to connect to a service center" is checked and enter the IP address of the central management server in the "Specified IP"...

  • Page 43: Logging On To The Nokia Ip40, Logging On To The Nokia Ip

    The Nokia IP40 initial login page appears. 2. Enter the password directly for the IP40 Tele 8 license. For the IP40 Satellite X licenses, enter the username and password. If you are logging on for the first time, you should use admin as the username.

  • Page 44: Accessing The Ip40 Securely, Logging Off

    2. The IP40 GUI welcome page appears. Logging Off Logging off terminates the IP40 session. To connect to the IP40 again, enter the password. To log out of IP40, perform one of the following procedures: If you are connected locally, click Logout.

  • Page 45: Understanding The Web Based Gui Of Ip40, Understanding The Web Based Gui Of Ip

    For information on connecting to your device through HTTPS, refer to the section below. Understanding the Web based GUI of IP40 Once you have logged on to IP40 using HTTP or HTTPS, you can configure the IP40 in two ways:...

  • Page 46: Using The Nokia Ip40 Web User Interface, Gui Map

    Figure 3 shows the main components of the GUI. The following table gives the name and functionality of each button in Nokia IP40 GUI. Note The Tele 8 license of IP40 does not support all the features mentioned in the table below. Refer to “Nokia IP40 Features”...

  • Page 47

    Understanding the Web based GUI of IP40 Table 12 Navigation Bar Main Tab Secondary Tabs Description Welcome Displays Welcome and configuration information Reports Event Log Displays the last 100 events in three different categories - Blue, Red, Orange and Green.

  • Page 48

    Allows you to view and edit list of configured VPN sites VPN Login Enables you to manually login to a VPN site Certificate Allows you to control certificates for site-to-site VPN usage Help Online Help Logout Logs you out of IP40 Nokia IP40 User Guide...

  • Page 49: Accessing The Nokia Ip40, Accessing The Nokia Ip, Connection Methods, Configuration Methods

    Typically your device’s WAN port is connected to your Internet Service Provider (ISP), while the LAN port is connected to your computer, or to a hub, in case you are using IP40 between your computer network and the outside world. You can connect your computer to the console port of your IP40 to manage the device using CLI.

  • Page 50: Connecting The Nokia Ip40 To A Computer By Using The Console Port

    Connecting the Nokia IP40 to a computer by Using the Console Port Your IP40 has a console serial port. Connect the RS-232 cable (that is shipped along with the appliance) from the serial port of your computer to the console port of IP40. You can then manage the device using a terminal emulation program such as HyperTerminal.

  • Page 51: Using Telnet To Connect To The Nokia Ip40

    5. The login prompt is displayed by default. The IP40 ships without a password defined. If you are logging in for the first time, you will be prompted to define the password by entering it twice. If you have logged in before, enter the username and password you previously defined.

  • Page 52

    If you device IP address is 192.168.10.1, your screen will appear as follows: 3. Click OK, and and the telnet command window appears with a login prompt 4. Once you enter your user name and password, you will be able to manage your IP40 using simple commands 5.

  • Page 53: Enabling And Disabling Telnet Access To The Nokia Ip40

    Managing large scale deployments of the Nokia IP40 Enabling and Disabling Telnet Access to the Nokia IP40 You can use the following command from the IP40 CLI to enable or disable telnet access to the device: set acl service telnet The Telnet service is enabled by default.

  • Page 54: Nokia Horizon Manager, Smartcenter Large Scale Manager

    Nokia Horizon Manager You can manage Nokia IP40 using Nokia Horizon Manager. Nokia Horizon Manager is a software application designed to manage and configure a large number of Nokia security platforms (devices) that reside on a corporate enterprise, managed service provider (MSP), or hosted applications service provider network (ASP).

  • Page 55

    Managing large scale deployments of the Nokia IP40 Configure and fine-tune Sofaware management services like Web filtering, email antivirus and software updates. Nokia IP40 User Guide...

  • Page 56

    Accessing the Nokia IP40 Nokia IP40 User Guide...

  • Page 57: Connecting To The Internet Using Ip40, Connecting To The Internet Using Ip

    You must configure the Internet connection on initial operation and after all reset to defaults operations. Using the Setup Wizard The Setup Wizard can be used to configure the Internet connection for IP40. The Setup Wizard guides you through the configuration process step by step. To configure the Internet connection using Setup Wizard 1.

  • Page 58

    Connecting to the Internet using IP40 2. Click on the Setup Wizard button at the bottom of the screen. The Setup Wizard window appears. 3. Click Next to proceed. The Internet Connection Method screen appears. You can choose between three modes of broadband connection:...

  • Page 59: Direct Lan Connection, Cable Connection Settings

    Refer to Chapter 3, “Getting Started,” for information on configuring device time, registering with Nokia Support Center and subscribing to additional services using the Setup Wizard. 2. Follow the instructions until the wizard is done, and then click Finish You are now connected to the Internect using a direct LAN connection.

  • Page 60: Mac Cloning, Dsl Connection Settings

    Internet connection can be established. The Nokia IP40 takes the place of the computer behind the Cable modem and the local user can use MAC Cloning to enter the original computer MAC address without contacting the ISP for changing that information.

  • Page 61

    2. Click Next. Note Most DSL providers use PPPoE. If you are uncertain about which connection method to use, contact your DSL provider. To connect using PPPoE connection method If you select PPPoE, the PPPoE Configuration window appears. Nokia IP40 User Guide...

  • Page 62

    Connecting to the Internet using IP40 In the PPPoE dialog box enter the following, 1. Your Username, Password and confirm the Password. 2. The service name. This is optional. 3. Click Next. The system attempts to connect to the Internet through the DSL connection. At the end of the connection process, the Connected message appears.

  • Page 63: Manually Configuring The Internet Setting

    2. Follow the instructions until the wizard is done, and then click Finish. Manually Configuring the Internet Setting You can manually configure the advanced features in the IP40 using Advanced Setup. To configure the Internet connection 1. Proceed as per steps 1 and 2 in “Using the Setup Wizard.”...

  • Page 64: Lan Connection

    1. Enter the Host name. This field is optional. If a service center requires it, the Host Name will be provided by them. 2. If you do not want the IP40 to obtain an IP address automatically using DHCP, do the following: a.

  • Page 65

    1. Enter your Username and Password and confirm the Password. 2. Enter the service name as given by your service center. Note If your service center did not provide you with a service name, leave this text box empty. Nokia IP40 User Guide...

  • Page 66: Cloning A Mac Address

    Connecting to the Internet using IP40 You can set the maximum transmission unit size (MTU). Nokia recommends that you leave this field empty. However, to modify the default MTU, consult with your service center. 3. If you are not using automatic configuration of DNS servers, do the following: a.

  • Page 67: Viewing Internet Connection Information

    You can view information on your Internet connections in terms of status, duration and activity. To view Internet connection information 1. Click Network in the main menu, and click the Internet tab The Internet page appears. The following information is displayed: Nokia IP40 User Guide...

  • Page 68: Enabling/disabling The Internet Connection

    Connecting to the Internet using IP40 Table 13 Field Description Status Indicates the connection’s status Duration Indicates the connection duration, if active. The duration is given in the format hh:mm:ss, where: hh=hours mm=minutes ss=seconds IP Address Your IP address Enabled Indicates whether or not the connection is enabled.

  • Page 69: Using Quick Internet Connection/disconnection, Configuring A Backup Internet Connection

    Use the Edit buttons against Primary and Secondary Connection types for configuring a backup Internet connection. To physically connect multiple WAN devices to the IP40, a switch connected to the WAN port is required with multiple devices connected to that switch.

  • Page 70

    Connecting to the Internet using IP40 Nokia IP40 User Guide...

  • Page 71: Managing Your Local Area Network, Configuring Network Settings, Enabling And Disabling The Dhcp Server

    If you change the network settings to incorrect values and are unable to correct the error, reset the IP40 to its factory default settings. To reset the IP40 to its factory default settings, choose Setup > Firmware > Factory Defaults. You can also press the reset button at the back of the device.

  • Page 72: Changing Ip Addresses

    Use DHCP to disable the Obtain IP address automatically setting in the TCP/IP settings. Changing IP Addresses You can change the IP address of your IP40. You can also change the entire range of IP addresses in your network using the IP40 Satellite X licenses. You might want to do this if, for...

  • Page 73: Enabling/disabling Hide Nat, Configuring A Dmz Network

    Network Address Translation (NAT) enables you to share a single IP address among several computers. Note NAT can only be disabled in IP40 Satellite X licenses. NAT is enabled by default. If NAT is disabled, you need to buy an IP address range. To enable NAT 1.

  • Page 74: Using Static Nat

    2. Go to the DMZ Network Settings area 3. If desired, enable or disable Hide NAT 4. In the IP40 DMZ IP text box, enter the IP address of the DMZ network’s default gateway Note The DMZ network must not overlap the LAN network 5.

  • Page 75: Adding And Editing Static Nat Mappings

    Note IP40 supports Proxy ARP (Address Resolution Protocol). When an external source attempts to communicate with a computer which has static NAT enabled, the IP40 automatically replies to ARP queries with its own MAC address, thereby enabling communication. As a result, the Static NAT Internet IP addresses appear to external sources to be real computers connected to the WAN interface.

  • Page 76

    Click this option to map a range of Internet IP addresses to a range of local range computer IP addresses of the same size You mist then fill in the Map this WAN IP range and To this Internal IP range fields Nokia IP40 User Guide...

  • Page 77: Viewing And Deleting Static Nat Mappings, Using Static Routes

    “Up”, or reachable, or not. To add a static route 1. Click Network in the main menu, and click the Static Routes tab. The Static Routes page appears, with a listing of existing static routes. Nokia IP40 User Guide...

  • Page 78

    Managing Your Local Area Network 2. Click New Route. The Edit Route page appears. 3. Complete the fields using information given in the table below 4. Click Apply The new static route is saved. Nokia IP40 User Guide...

  • Page 79

    1. Click Network in the main menu, and click the Static Routes tab The Static Routes page appears, with a listing of existing static routes 2. In the desired route row, click the Delete icon A confirmation message appears. 3. Click OK. The route is deleted. Nokia IP40 User Guide...

  • Page 80

    Managing Your Local Area Network Nokia IP40 User Guide...

  • Page 81: Setting Up The Security Policy In Ip40, Setting Up The Security Policy In Ip

    Setting Up the Security Policy in IP40 This chapter describes how to set up the Nokia IP40 security policy. It includes the following topics: “Setting the Firewall Security Level” on page 81 “Configuring Virtual Servers” on page 82 “Creating Firewall Rules”...

  • Page 82: Configuring Virtual Servers

    Setting Up the Security Policy in IP40 2. To set the security level, drag the slider. The IP40 security level changes accordingly. Note You may experience a temporary break in the service. Configuring Virtual Servers Note If you do not intend to host any public Internet servers (Web server, mail server and so on) in your network, you can skip this section.

  • Page 83: Customing Your Security Policy, Creating Firewall Rules

    Customing your security policy 3. In the Allow column, select the check box of the desired service or application. If you are using IP40 Satellite X, the appropriate check box in the VPN Only column is enabled. 4. To allow only connections made through a VPN, select the VPN Only check box.

  • Page 84: Allow And Block Rules

    Setting Up the Security Policy in IP40 By default, in the Medium security level, the IP40 blocks all connection attempts from the Internet (WAN) to the LAN, and allows all outgoing connection attempts from the LAN to the Internet (WAN).

  • Page 85

    Customing your security policy Note In IP40 Tele 8, the Allow Rules page does not contain a VPN Only column, and the Block Rules page does not contain an Also VPN column. 4. Complete the fields using the information in table below.

  • Page 86

    Setting Up the Security Policy in IP40 7. Click Finish. The new rule appears in the Firewall Rules page. Table 16 Firewall Rule Fields In this field... Do this... Any Service Click this option to specify that the rule should apply to any service...

  • Page 87: Deleting Rules, Defining An Exposed Host

    The rule is deleted. Defining an Exposed Host The IP40 allows you to define an exposed host, which is a computer that is not protected y the firewall. This is useful for setting up a public server. It will allow unlimited incoming and outgoing connections between the Internet and the exposed host computer.

  • Page 88

    Setting Up the Security Policy in IP40 The selected computer is now defined as an exposed host. Nokia IP40 User Guide...

  • Page 89: Configuring Network Access, Changing Your Password

    You can change your password at any time. The method for changing password varies depending on the IP40 configuration you are using. The default username for Nokia IP40 Tele 8 Configuration is admin. You can change the password for this user.

  • Page 90

    Use 5 to 25 characters (letters or numbers) for the new password. 3. Click Apply. Your changes are saved. In Nokia IP40 Satellite X, you can define multiple users and perform the following tasks: Changing Your Password Adding Users Viewing and Editing Users...

  • Page 91: Adding Users, Viewing And Editing Users

    4. Click Apply. Your changes are saved. Adding Users You can perform this task only with IP40 Satellite X. The number of IP40 users you can add is limited according to your software. To add a user 1. In the Navigation Bar, click Users.

  • Page 92

    The default level is No Access. The “admin” user’s Administrator Level (Read/Write) cannot be changed. VPN Remote Allows the user to connect to this IP40 using Access their VPN client. For further information on setting up VPN remote access, see Chapter 13, “Working with VPNs.”...

  • Page 93: Deleting Users, Setting Up Remote Vpn Access For Users, Using Radius Authentication

    You can use RADIUS to authenticate both IP40 users and VPN clients trying to connect to the IP40. When a user accesses the IP40 GUI and tries to log on, the IP40 sends the entered user name and password to the RADIUS server. The server then checks whether the RADIUS database contains a matching user name and password pair.

  • Page 94

    Shared Secret Type the shared secret to use for secure communication with the RADIUS server Administrator Select the level of access to the IP40 portal to assign to all users Level authenticated by the RADIUS server. The levels are: • No Access: The user cannot access the IP40 •...

  • Page 95: Secure Shell, Secure Shell Description, Configuring Ssh

    IP40 1.0 supports SSH 2.0. The SSH feature in IP40 will provide secure remote access to the device. In addition, SCP is also supported to enable secure upgrade of the device, downloading of public keys and HTTPS certificates and Import/Export features.

  • Page 96: Enabling/disabling Ssh Service, Ssh Authentication Methods

    There are two SSH authentication methods: Password Authentication — Password authentication is set up by default. In this method, you can connect to the SSH server running on IP40 from the SSH client installed on your machine, after entering your password.

  • Page 97: Using Ssh Client, Configuring Advanced Secure Shell Server Options, Configuring Server Authentication Of Users

    Secure Shell Using SSH Client You first need to have an SSH client to connect to the SSH server running on IP40. Install an SSH client if you do not have one already. You can use the SSH client to connect to the IP40 using password authentication or public key authentication.

  • Page 98: Configuring And Managing Ssh Key Pairs, Managing Authorized Keys

    Use the following commands to view host keys. show ssh hostkey Managing Authorized Keys Use the following commands to add authorized keys. add ssh authkeys <dsa/rsa> user admin <openssh-format/ssh2-format> file Use the following commands to delete authorized keys. Nokia IP40 User Guide...

  • Page 99: Secure Socket Layer, Enabling Https Web Access

    Enabling HTTPS Web Access You can enable HTTPS remote access, so that IP40 users can securely access the IP40 portal from the Internet, by accessing the URL https://X.X.X.X:981, where X.X.X.X is the IP40 Internet IP address.

  • Page 100

    1. Enter https://<external IP address of IP40>:981 in the address bar of your browser. (Note that the URL starts with https, not http.) If you are accessing the IP40 for the first time, the security certificate in the IP40 is not yet known to the browser, so a Security Alert appears.

  • Page 101: Generating A Self-signed Certificate And Private Key, Installing A Certificate And Private Key

    <cert-file path | cert-request-file path> key-file path Refer to IP40 CLI Reference Guide for additional information. Installing a Certificate and Private Key Use the following commands to copy a certificate and its associated private key in the /var/etc/ https_ssl_cert_server.crt and /var/etc/https_ssl_server.key files.

  • Page 102

    Configuring Network Access Nokia IP40 User Guide...

  • Page 103: Configuring And Monitoring Using Snmp, Snmp Description, Snmp Configuration From The Nokia Ip

    SNMP is the protocol that enables this interaction. SNMP Configuration from the Nokia IP40 You can use the Nokia IP40 GUI portal and the command-line interface to set, change and view parameters for SNMP. Setting up SNMP access to the Nokia IP40 You should specifically allow or disallow SNMP manager software running outside your network from monitoring the IP40.

  • Page 104: Configuring The Snmp Parameters

    If you select Internal Network, then SNMP access to the IP40 is allowed only from computers in your internal network or LAN; if you select IP Address Range, you can specify a range of IP addresses from where SNMP access is allowed to your IP40 and so on. Configuring the SNMP Parameters Once you set the SNMP access rules, you can configure the SNMP parameters from the Nokia IP40 GUI.

  • Page 105: Configuring Snmp Parameters From The Command-line Interface

    IP address of the device from where a trap is generated. Use the command ‘set snmp trappduAgent ip_address’ from the IP40 CLI for setting the trapPduAgent. You cannot set the trapPduAgent from the IP40 GUI portal. Refer to the IP40 CLI Reference Guide for more information.

  • Page 106

    - snmp trappduagent trapreceiver - snmp Trapreceiver traps - SNMP Traps Refer to the Nokia IP40 CLI Reference Guide for additional and detailed information on using the set and show commands to set and view the SNMP parameters. Nokia IP40 User Guide...

  • Page 107: Configuring The Nokia Ip40 Through Out Of Band Management

    The Nokia IP40 supports supports remote management using Out of Band Management (OOB). To use OOB, a modem is connected to the AUX port of your appliance. The IP40 acts as a Remote Access Server (RAS) and waits for the incoming call. An administrator can dial in to the device using a dial-up interface, and use HTTPS, SSH, or SNMP protocols to monitor or configure the device.

  • Page 108

    8. Click on the Test button to verify whether your modem settings are working fine. Note You cannot configure all the OOB parameters from the IP40 GUI. The parameters which cannot be configured from GUI such as address of the OOB interface, destination address of the OOB interface and set IP header compression have default values.

  • Page 109: Configuring The Nokia Ip40 For Oob From The Cli

    Secure Shell and HTTPS Access through Out of Band Dial-in You can access the Nokia IP40 using Secure Shell (SSH) or HTTPS and configure the device. Once you dial in to the Nokia IP40 from a modem (Refer to “To connect a modem to the Nokia IP40”...

  • Page 110: Upgrading The Firmware Through Out Of Band Dial-in (failsafe Mode), Booting In To Failsafe Mode

    Booting in to Failsafe Mode The IP40 goes in to the failsafe mode when the main kernel gets corrupted. If the main kernel gets corrupted, the IP40 loads a failsafe kernel to the RAM. For the device to function properly, it must be upgraded with a new firmware.

  • Page 111

    Special Deployment Mode in the Nokia IP40 The default user name and password for OOB are admin and password respectively if the first- time password is not set. Using this special mode, you can manage the device remotely using OOB for half an hour irrespective of current firewall filters.

  • Page 112

    Configuring the Nokia IP40 through Out of Band Management Nokia IP40 User Guide...

  • Page 113: Configuring Device Functions, Host Name Configuration, Date And Time Configuration

    Refer to IP40 CLI Reference Guide for more information on setting the host name. Date and Time Configuration You can use the Set Time Wizard from Setup > Tools > Set Time to set the date and time for your IP40.

  • Page 114: System Logging Configuration, Network Utilities

    Guide. System Logging Configuration The Nokia IP40 supports local event logging, which can be viewed from Reports > Event Log. Up to 100 events can be logged here. An external syslog server can also be configured using the following method.

  • Page 115: Managing Configuration

    Ping Traceroute WHOIS To use the network utilities from the Nokia IP40 GUI 1. Click Setup from the main menu, and select the Tools tab. The tools page appears. 2. Select Ping, traceroute or WHOIS from the drop-down menu next to IP tools, depending on the tool you want to use.

  • Page 116: Exporting The Ip40 Configuration

    Exporting the IP40 Configuration You can export the IP40 configuration to a *.cfg file, and use this file to backup and restore IP40 settings, as needed. The configuration file includes all your settings. Exporting the IP40 Configuration 1.

  • Page 117: Importing The Ip40 Configuration

    Importing the IP40 Configuration In order to restore the configuration of your appliance from a configuration file, you must import the file: To import the IP40 configuration 1. Click Setup in the main menu, and click the Tools tab The Tools page appears.

  • Page 118: Firmware Upgrade

    Firmware Upgrade You can upgrade the IP40 to a new firmware version of the product. If you are subscribed to Software Updates, firmware updates are performed automatically. These updates include new product features and protection against new security threats.

  • Page 119: Firmware Upgrade In Failsafe Mode, Installing Your Product Key

    Installing Your Product Key Your IP40 is identified by the product key that is obtained when you purchase the device. You can purchase and upgrade to any of the other versions of the IP40. To install a product key 1.

  • Page 120

    4. Select Product Key. 5. In the Product Key field, enter the new product key. 6. Click Next. The Installed New Product Key dialog box appears. 7. To register your IP40, check I want to register my product. Nokia IP40 User Guide...

  • Page 121: Resetting The Ip40 To Factory Defaults

    Resetting the IP40 to Factory Defaults You can reset the IP40 to its default settings. When you reset your IP40, it reverts to the state it was originally in when you purchased it, and your firmware reverts to the version that shipped with the IP40.

  • Page 122: To Reset The Ip40 To Factory Defaults Using The Reset Button

    To reset the IP40 to factory defaults using the Reset button Restore Defaults button is inside a hole on the back panel of the IP40. To press the button, use a large flat tipped object, such as a thick papaer clip. Pressing the Restore Defaults button for 7 seconds restores all IP40 settings back to factory defaults.

  • Page 123: Viewing Reports, Viewing The Event Log

    Viewing Reports This chapter provides an overview of the reports you can view from the Nokia IP40 GUI, and how to view them. This chapter includes the following topics: “Viewing the Event Log” on page 123 “Viewing Active Computers” on page 124 “Viewing Active Connections”...

  • Page 124: Viewing Active Computers

    IP address of the attacking machine. The IP40 queries the Internet WHOIS server, and a window displays the name of the entity to whom the IP address is registered and their contact information. This information is useful in tracking down external attacks.

  • Page 125: Viewing Active Connections

    If you exceed the maximum number of computers allowed by your license, a warning message appears, and the computers over the node limit are marked in red. These computers might not be able to access the Internet through the IP40. Note To increase the number of computers that your license allows, you must upgrade your product.

  • Page 126: Viewing Vpn Tunnels

    Click the Refresh button to refresh the display. To view information on the destination machine, click on its IP address. The IP40 queries the Internet WHOIS server, and a window displays the name of the entity to whom the IP address is registered and their contact information.

  • Page 127: Viewing Diagnostics Summary

    You can refresh the table by refreshing the browser. Viewing Diagnostics Summary You can view the diagnostics summary for your device from IP40 GUI. The diagnostics summary provides useful information about your device, such as Node Limit, Network Status, Primary Network Status, Secondary Network Status, My Network Status, Setup State, Users State, Security and Subscription Services.

  • Page 128

    Viewing Reports 4. You can use the scroll bar on your IP40 Diagnostics Window for viewing more information on your IP40. Nokia IP40 User Guide...

  • Page 129: Working With Vpns

    The IP40 Tele 8, Satellite X licenses provide VPN functionality. The IP40 Tele 8 acts as a VPN client and can establish secure VPN tunnels to your office VPN gateway. The IP40 Satellite X can act as a VPN client, a VPN server, or a VPN gateway.

  • Page 130

    Check Point NG AI (RAS Community) Satellite (Gateway) Satellite (Gateway) Satellite (Gateway) VPN-1, Check Point v4.1, NG, FP1, FP2, FP3, NG AI Satellite Check Point NG AI LSM (DAIP Object) Satellite Check Point NG AI (Star Community) Satellite Windows 2000 Nokia IP40 User Guide...

  • Page 131: Remote Access Vpns, Configuring A Remote Access Vpn Site

    1. Click VPN in the main menu, and click the VPN Sites tab. 2. Click the New Site button at the bottom of the page. 3. The IP40 VPN site wizard appears. If you select Remote Access VPN, the VPN Network Configuration dialog box appears.

  • Page 132: Configuring A Site To Site Vpn Gateway

    “Completing Site Creation” on page 134. Note This Configuration is supported for IP40 Tele 8 license or in case of IP40 Satellite X when VPN Server is Disabled Configuring a Site to Site VPN Gateway If you selected site-to-site VPN, the VPN Network Configuration dialog box appears.

  • Page 133

    This shared secret is a string used to identify the VPN sites to each other. The secret can contain spaces and special characters. e. Click Next. 5. If the Route All Traffic option is selected You are ready to complete your VPN site. Refer to “Completing Site Creation” on page 134 to continue. Nokia IP40 User Guide...

  • Page 134: Completing Site Creation, Setting Up The Nokia Ip40 Satellite X As A Vpn Server

    Setting Up the Nokia IP40 Satellite X as a VPN Server Using IP40 Satellite X, you can make your network remotely available to authorized users by setting up your IP40 as a VPN server. To set up your IP40 as a VPN server 1.

  • Page 135: Deleting A Vpn Site, Logging On To A Vpn Site

    If you chose manual login, log on to a VPN site every time you want to access the VPN site. You can log on to a VPN site either through the Nokia IP40 GUI or the my.vpn page. When you log on, a VPN tunnel is established.

  • Page 136: Logging On From The Nokia Ip40 Gui

    You can use a single username and password for each VPN destination gateway. Logging On from the Nokia IP40 GUI To log on to a VPN site from the IP40 GUI, do the following: 1. Click VPN. The VPN Sites page appears, with a list of VPN sites.

  • Page 137: Logging On Through My.vpn, Logging Off A Vpn Site

    If the IP40 is configured to automatically download the network configuration, the IP40 downloads the network configuration. If when adding the VPN site you specified a network configuration, the IP40 attempts to create a tunnel to the VPN site. The VPN Login Status box appears. The Status field tracks the progress of the connection.

  • Page 138: Securemote To Satellite X (vpn Client To Gateway)

    To log off a VPN site 1. In the VPN Login Status box, click Close. All open tunnels from the IP40 to the VPN site are closed, and the VPN Login Status box closes. Note Closing the browser or dismissing the VPN Login Status box also terminates the VPN session within a short time.

  • Page 139: Setting Up Ip40 Satellite X, Setting Up Securemote

    If you are using the IP40 in a standalone mode, add the license manually. Adding VPN Sites by Using the Nokia IP40 Tele 8 Using the Nokia IP40 Tele 8, you can define only remote access VPN sites. To define site-to-site VPN gateways, you must have IP40 Satellite X.

  • Page 140

    Note Downloading the network configuration is only possible if you are connecting to a Check Point VPN-1 or Nokia IP40 Satellite X VPN Gateway. Specify Configuration 7. If you chose Specify Configuration in the preceding procedure, a dialog box appears.

  • Page 141

    11. Click Next.The VPN Site Created screen appears. 12. Click Finish. 13. Select the VPN Login tab, Login if you need to authenticate each time a VPN tunnel is created. Note Automatic Login feature will not be available for IP40 Tele 8 License. Nokia IP40 User Guide...

  • Page 142: Adding Vpn Sites By Using Ip40 Satellite X

    Working with VPNs Download Configuration If you chose Download Configuration in Adding VPN sites by using IP40 Tele 8, a dialog box appears. 1. Click Next, the Network Topology will be downloaded from the specified VPN gateway. The VPN Login page appears.

  • Page 143: Ip40tele To Ip40 Satellite X (vpn Client To Gateway)

    The Nokia IP40 Tele 8 functions in VPN client mode, in which connection is initiated only by the VPN client. IP40 Tele 8 uses only a manual mode VPN connection. To select the VPN gateway to which you want to establish a VPN connection, go to http://my.vpn.

  • Page 144: Setting Up Ip40 Tele 8

    IP40 Tele 8 to Check Point v4.1/ NG/ FP1/ FP2/FP3/NG AI The IP40 Tele 8 can be used as a VPN client to establish a VPN connectivity with a Check Point server using version 4.1, NG, FP1, FP2, FP3 or NG AI.

  • Page 145

    VPN connection, go to http://my.vpn. Setting up IP40 Tele 8 To configure a VPN Tunnel between an IP40 Tele 8 and Check Point FP3, on IP40 Tele 8 (VPN client) add a VPN site. Setting up Check Point NG AI Configure a Safe@gateway dynamic object on the Check Point SmartBoard.

  • Page 146: No-nat Mode, Nat Mode

    IP addresses. Note You can only use No-NAT mode with IP40 Satellite X. The Figure below shows a site-to-site VPN in No-NAT mode. Both VPN peers are considered site-to-site VPN gateways, and traffic is directly established from the source host to the destination host.

  • Page 147: Installing Vpn Certificates

    Point SmartCenter NG AI using Check Point Large Scale Manager and the dynamically configured IP40 using DAIP. The certificate created on the Check Point NG AI can be uploaded on to the IP40 Satellite X. To upload VPN Certificates and to create a Dynamic VPN Site using Check Point 1.

  • Page 148: Defining Backup Vpn Gateway

    Working with VPNs To delete the Certificate from your IP40 device 1. On the Navigation Bar, click Services > Connect. The Subscription Services Wizard appears. 2. Uncheck I wish to Connect to the Service Center Option 3. Click Next 4. Click Finish 5.

  • Page 149: Satellite X To Satellite X (vpn Gateway To Gateway)

    To set up the IP40 Satellite X 1. Specify the IP address of IP40 Satellite X on the remote IP40 Satellite X. 2. Enter the Shared Secret (a password that is known to both of the IP40 Satellite X devices). Nokia IP40 User Guide...

  • Page 150: Satellite X To Vpn-1 (site-to-site Vpn), Satellite X To Vpn-1 (site-to-site Vpn)

    2. Enter the Shared Secret (a password that is known to both the IP40 Satellite X devices.) Satellite X to VPN-1 (Site-to-Site VPN) The IP40 Satellite X to VPN-1 or Check Point v4.1, NG, FP1, FP2 , FP3 or NG AI configuration enables you to establish site-to-site VPN connections between an IP40 Satellite X site-to-site VPN gateway and a VPN-1 site-to-site VPN gateway.

  • Page 151: Ip40 Satellite X To Check Point Fp3/daip, Setting Up Check Point Fp

    For information on setting up VPN-1, refer to the Check Point Virtual Private Networks. IP40 Satellite X to Check Point FP3/DAIP The IP40 Satellite X can be used as a VPN server to establish a VPN connectivity with Check Point FP3 server using Check Point FP3 DAIP object.

  • Page 152: Ip40 Satellite X To Check Point Smartcenter Fp3/ng Ai

    Configure the IP40 Satellite X for VPN connection with SmartCenter FP3. 1. Specify the IP address of IP40 Satellite X on the VPN-1 server. 2. Enter the Shared Secret (a password that is known to both the IP40 Satellite X and the VPN- 1 Server).

  • Page 153: Setting Up The Nokia Ip40 Satellite X, Ip40 Satellite X To Windows

    2. Enter the IP address of the Check Point NG AI Management station The Connecting screen appears. 3. Enter the Gateway ID and Registration Key which is used while creating the IP40 Dynamic Object on the LSM 4. The Connecting Screen appears.

  • Page 154

    Working with VPNs For more information on how to configure the Windows 2000 server, refer SofaWare’s Configuring Windows 2000/ XP IPSec to Site-to-Site VPN. Nokia IP40 User Guide...

  • Page 155: Using Managed Services, Starting Your Subscription Services

    To start your subscription 1. Click Services in the main menu, and click the Account tab. The Account page appears. 2. In the Service Account area, click Connect. The Setup Wizard opens, with the Subscription Services dialog box displayed. Nokia IP40 User Guide...

  • Page 156

    If the Service Center requires authentication, a second Service Center Login dialog box appears. Do the following: a. Enter your gateway ID and registration key in the appropriate fields, as given to you by your service provider. b. Click Next The Connecting... screen appears. Nokia IP40 User Guide...

  • Page 157

    The Done screen appears with a success message. 7. Click Finish. The following things happen: If a new firmware is available, the IP40 downloads it. This may take several minutes. Once the download is complete, the IP40 restarts using the new firmware. The Welcome page appears.

  • Page 158: Viewing Services Information From Account Page, Refreshing Your Service Center Connection

    Using Managed Services The services to which you are subscribed are now available on your IP40 and listed as such on the Account page. See “Viewing Services Information” section for more information. Viewing Services Information from Account Page The Account page displays the following information about your subscription: Table 21 Account Page Fields This field...

  • Page 159: Configuring Your Account, Disconnecting From Your Service Center

    Starting your Subscription Services 2. In the Service Account area, click Refresh. The IP40 reconnects to the Service Center. Your service settings are refreshed. Configuring your Account This option allows you to access your Service Center Web site, which may offer additional configuration options for your account.

  • Page 160: Sofaware Security Management Portal

    The following things happen: You are disconnected from the Service Center. The Services to which you were subscribed are no longer available on your IP40 Sofaware Security Management Portal The SofaWare Management Center (SMC) is a web-based application for managing and configuring the SofaWare Security Management Portal (SMP).

  • Page 161: Web Filtering, Selecting Categories For Blocking

    Web Filtering is enabled/disabled for all internal network computers Selecting Categories for Blocking You can define which types of Web sites should be considered appropriate for your family or office members., by selecting the categories. Categories marked with a check mark will remain Nokia IP40 User Guide...

  • Page 162

    3. To re-enable the service, click Resume, either in the popup window, or on the Web Filtering page. The service is re-enabled for all internal network computers. If you clicked Resume in the Web Filtering page, the button changes to Snooze. Nokia IP40 User Guide...

  • Page 163: Virus Scanning, Enabling/disabling Email Antivirus

    To enable/disable Email Antivirus 1. Click Services in the main menu, and click the Email Antivirus tab. The Email Antivirus page appears. 2. Drag the On/Off lever upwards or downwards. Email Antivirus is enabled/disabled for all internal network computers. Nokia IP40 User Guide...

  • Page 164: Selecting Protocols For Scanning, Temporarily Disabling Email Antivirus

    1. Click Services in the main menu, and click the Email Antivirus tab. The Email Antivirus page appears. 2. Click Snooze. Email Antivirus is temporarily disabled for all internal network computers. The Snooze button changes to Resume. The Email Antivirus Off popup window opens. Nokia IP40 User Guide...

  • Page 165: Automatic And Manual Updates, Checking For Software Updates When Locally Managed

    If you are subscribed to Software Updates, you can check for new security and software updates. Checking for Software Updates when Locally Managed If your IP40 is locally managed, you can set it to automatically check for software updates, or you can set it so that software updates must be checked for manually.

  • Page 166: Checking For Software Updates When Remotely Managed

    When the Software Updates service is set to Automatic, you can still manually check for updates. 3. To set the IP40 so that software updates must be checked for manually, drag the Automatic/ Manual level downwards. The IP40 does not check for software updates automatically.

  • Page 167: Smartcenter Lsm

    Using NHM for accessing and managing your IP40 From IP40 GUI 1. From your IP40 GUI, click on Setup > Management. 2. Choose IP Address Range next to SSH, and specify the IP address of Nokia Horizon Manager. 3. Click Apply.

  • Page 168

    Using Managed Services http://my.firewall/vpntopo.html 3. You can verify that the tunnel is open by sending packets from IP40 to the VPN-1 GW. Check Point Side 1. Enable LSM: In the command prompt, type “LSMenabler on” and reset the FW services.

  • Page 169: Troubleshooting, Frequently Asked Questions

    I cannot access the Internet. What should I do? Check for the following: Check if the PWR LED is active. If not, check the power connection to the IP40. Check if the WAN LED is on. If not check the network cable to the modem and make sure the modem is turned on.

  • Page 170

    Every time I start Internet Explorer, the application searches for an Internet connection. This is unnecessary, since I am connected through the IP40. What should I do? For Internet Explorer, versions 5 and 6, do the following: 1.

  • Page 171

    I have forgotten my password. What should I do? Reset the IP40 to factory defaults using the Reset button as detailed in “Resetting the IP40 to factory defaults.” Note that this will erase all your settings.

  • Page 172

    Set the router to direct all incoming connections to the external IP address of IP40. Keep in mind that if you use the IP40 behind another NAT device, you may lose some of the advantages of the IP40, such as broad application support and high performance.

  • Page 173

    PKCS#12 format encoding I cannot connect to the Check Point SmartCenter FP3 VPN site using IP40 Satellite 10 or Satellite 25 configured using VPN Communities. What should I do? Check for the following error messages in Report >Event Log:...

  • Page 174: Viewing Firmware Status, Running Diagnostics

    121 for more information. Running Diagnostics You can view technical information about IP40 hardware, firmware, license, network status, and subscription services. This information is useful for troubleshooting. You can copy and paste it into the body an email and send it to technical support.

  • Page 175

    Frequently Asked Questions 5. To close the window, click Close. Nokia IP40 User Guide...

  • Page 176

    Troubleshooting Nokia IP40 User Guide...

  • Page 177: A Specifications, Technical Specifications, Safety Precautions

    Read the installation and operation procedures provided in this User Guide. Failure to follow the instructions may result in damage to equipment and / or personal injuries. Before cleaning the IP40, unplug the power cord. Use only a soft cloth dampened with water for cleaning.

  • Page 178

    Specifications Do not route the cable sin a walkway or in a location that will crimp the cables. Nokia IP40 User Guide...

  • Page 179: B Warranty

    Software to provide managed services provided that each copy of the Software is used solely on behalf of and for the benefit of a single client on the single piece of equipment provided by Nokia. An MSP may discontinue use of the Software on behalf of one client and use the Software to provide managed services to another single client.

  • Page 180

    Software error. Furthermore, the above warranty does not apply to any portion of the product supplied by a third party. In no event does Nokia warrant that the Software is error-free or that the Customer will be able to operate it without problems or service interruptions.

  • Page 181

    Upon termination, Customer shall cease all use of the Software and shall destroy or return to Nokia the original(s) and all copies of the Software and documentation made or furnished hereunder. Customer may terminate the License at any time by destroying all copies of the Software and documentation.

  • Page 182

    Warranty expenses incurred by the non-breaching party in connection with the enforcement of any provisions of this Agreement. If the Software is licensed to a U.S. Governmental user, the following shall apply. The Software and documentation licensed in this agreement are “commercial items” and are deemed to be “commercial computer software”...

  • Page 183: C End User License Agreement

    You in Your purchase order, or request for License Key, if the Product purchased by You does not come with a License Key then the Licensed Configuration shall be the minimum configuration allowed by the user manual of SofaWare S-Box, and upon which the licensing fee was based. Nokia IP40 User Guide...

  • Page 184

    (or permit others to) decipher, reverse translate, decompile, disassemble or otherwise reverse engineer or attempt to reconstruct or discover any source code or underlying ideas or algorithms or file formats or programming or interoperability interfaces of Nokia IP40 User Guide...

  • Page 185

    Agreement infringes any patent, copyright, or other ownership rights of a third party. You agree to provide SofaWare with written notice of any such claim within ten (10) days of Your notice thereof and provide reasonable assistance in its defense. SofaWare has sole discretion and Nokia IP40 User Guide...

  • Page 186

    SofaWare's export regulation information page (www.sofaware.com or www.s-box.com) for specific information. You agree that You will not ship, transfer, or export the Product into any country, or make available or use the Product in any manner, prohibited by law. Nokia IP40 User Guide...

  • Page 187

    Agreement, and no license to the Product is granted to any government requiring different terms. 9.4 Questions? Should You have any questions concerning this Agreement contact the manufacturer at SofaWare Technologies Ltd., 3 Hilazon St., Ramat-Gan, Israel 52522. Nokia IP40 User Guide...

  • Page 188

    End User License Agreement Nokia IP40 User Guide...

  • Page 189: D Compliance Information

    “The product complies with the requirements of the Low Voltage Directive 73/23/EEC and the EMC Directive 89/ 336/EEC.” Alan Hutchinson Quality Engineer Mountain View, California European contact:Greg Shortell Nokia Telecommunications 2 Heathrow Blvd, 284 Bath Road Heathrow, Middlesex UB7 ODQ England Nokia IP40 User Guide...

  • Page 190: Compliance Statement, Fcc Notice (us)

    Connect the computer into an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio/TV technician for help. Caution Caution: Any changes or modifications not expressly approved by the grantee of this device could void the user’s authority to operate the equipment. Nokia IP40 User Guide...

  • Page 191

    FCC Notice (US) Nokia IP40 User Guide...

  • Page 192

    Compliance Information Nokia IP40 User Guide...

  • Page 193

    IP30 Satellite in NAT and No-NAT Modes 153 specifications IP30 Satellite to Check Point FP3 151 compliance 190 IP30 Satellite to Check Point SmartCenter FP3 152 emissions 190 IP30 Satellite to Windows 2000 147 Nokia IP40 User Guide Index - 193...

  • Page 194

    Using VPN Certificates 138 Viewing, Active Computers 124 Viewing, Active Connections 125 Viewing, Event Log 123 Viewing, Firmware Status 174 Viewing, Reports 123 Viewing, VPN Tunnels 126 Windows 98 27 Windows, 2000 31 Windows, XP 31 Index - 194 Nokia IP40 User Guide...

Comments to this Manuals

Symbols: 0
Latest comments: