Nortel BSR222 Network Router Manuals

Manuals and User Guides for Nortel BSR222 Network Router. We have 4 Nortel BSR222 Network Router manuals available for free PDF download: Configuration, User Manual, Overview, Fundamentals

Nortel BSR222 Configuration (451 pages)

Business Secure Router

Brand: Nortel | Category: Network Router | Size: 8 MB

Table of Contents
3
Before You Begin
29
Preface

29
Chapter 1 Getting to Know Your Nortel Business Secure Router 222

33
- Introducing the Nortel Business Secure Router 222
  33
- Features
  33
  - Table 1 Feature Specifications
    33
  - Physical Features
    34
    
    4-Port Switch
    34
    
    Autonegotiating 10/100 Mb/S Ethernet LAN
    34
    
    Autosensing 10/100 Mb/S Ethernet LAN
    34
    
    Autonegotiating 10/100 Mb/S Ethernet WAN
    34
    
    Auxiliary Port
    35
    
    Time and Date
    35
    
    Reset Button
    35
  - Nonphysical Features
    35
    
    Ipsec VPN Capability
    35
    
    Nortel Contivity Client Termination
    35
    
    Certificates
    36
    
    Ssh
    36
    
    Https
    36
    
    IEEE 802.1X for Network Security
    36
    
    Firewall
    36
    
    Brute Force Password Guessing Protection
    37
    
    Content Filtering
    37
    
    Packet Filtering
    37
    
    Universal Plug and Play (Upnp)
    37
    
    Call Scheduling
    37
    
    Pppoe
    37
    
    PPTP Encapsulation
    38
    
    Dynamic DNS Support
    38
    
    IP Multicast
    38
    
    IP Alias
    38
    
    Central Network Management
    38
    
    Snmp
    39
    
    Network Address Translation (NAT)
    39
    
    Traffic Redirect
    39
    
    Port Forwarding
    39
    
    DHCP (Dynamic Host Configuration Protocol)
    39
    
    Full Network Management
    40
    
    Road Runner Support
    40
    
    Logging and Tracing
    40
    
    Upgrade Business Secure Router Firmware
    40
    
    Embedded FTP and TFTP Servers
    40
- Applications for the Nortel Business Secure Router 222
  41
  - Secure Broadband Internet Access and VPN
    41
  - Figure 1 Secure Internet Access and VPN Application
    41
- Hardware Setup
  42
Chapter 2 Introducing the Webgui

43
Chapter 3 Wizard Setup

51
Chapter 4 User Notes

67
Chapter 5 System Screens

77
- System Overview
  77
  - DNS Overview
    77
  - Private DNS Server
    77
- Configuring General Setup
  78
- Figure 13 Private DNS Server Example
  78
- Figure 14 System General Setup
  79
- Table 8 System General Setup
  79
- Dynamic DNS
  81
  - DYNDNS Wildcard
    81
- Configuring Dynamic DNS
  81
- Figure 15 DDNS
  82
- Table 9 DDNS
  82
- Configuring Password
  83
- Figure 16 Password
  84
- Table 10 Password
  84
- Predefined NTP Time Server List
  85
- Configuring Time and Date
  86
- Table 11 Default Time Servers
  86
- Figure 17 Time and Date
  87
- Table 12 Time and Date
  88
- Alg
  90
- Configuring ALG
  90
- Figure 18 ALG
  90
- Table 13 ALG
  91
Chapter 6 LAN Screens

93
- LAN Overview
  93
- DHCP Setup
  93
  - IP Pool Setup
    93
  - DNS Servers
    94
- Lan Tcp/Ip
  94
  - Factory LAN Defaults
    94
  - RIP Setup
    94
  - Multicast
    95
- Configuring IP
  96
- Figure 19 LAN IP
  96
- Table 14 LAN IP
  97
- Configuring Static DHCP
  100
- Figure 20 Static DHCP
  100
- Table 15 Static DHCP
  100
- Configuring IP Alias
  101
- Figure 21 IP Alias
  102
- Table 16 IP Alias
  102
- Nn47922
  102
Chapter 7 WAN Screens

105
- WAN Overview
  105
- TCP/IP Priority (Metric)
  105
- Configuring Route
  106
- Figure 22 WAN: Route
  106
- Table 17 WAN: Route
  106
- Configuring WAN ISP
  107
  - Ethernet Encapsulation
    107
  - Figure 23 Ethernet Encapsulation
    107
  - Pppoe Encapsulation
    108
  - Table 18 Ethernet Encapsulation
    108
  - Figure 24 Pppoe Encapsulation
    109
  - PPTP Encapsulation
    110
  - Table 19 Pppoe Encapsulation
    110
  - Figure 25 PPTP Encapsulation
    111
  - Table 20 PPTP Encapsulation
    111
  - Service Type
    112
  - Figure 26 RR Service Type
    113
  - Table 21 RR Service Type
    113
- Configuring WAN IP
  114
- Figure 27 WAN: IP
  115
- Table 22 WAN: IP
  116
- Configuring WAN MAC
  118
- Figure 28 MAC Setup
  118
- Traffic Redirect
  119
- Figure 29 Traffic Redirect WAN Setup
  119
- Configuring Traffic Redirect
  120
- Figure 30 Traffic Redirect LAN Setup
  120
- Figure 31 Traffic Redirect
  121
- Table 23 Traffic Redirect
  121
- Configuring Dial Backup
  122
- Figure 32 Dial Backup Setup
  123
- Table 24 Dial Backup Setup
  124
- Advanced Modem Setup
  127
  - AT Command Strings
    127
  - DTR Signal
    127
  - Response Strings
    127
- Configuring Advanced Modem Setup
  128
- Figure 33 Advanced Setup
  128
- Table 25 Advanced Setup
  129
Chapter 8 Network Address Translation (NAT) Screens

131
- NAT Overview
  131
  - NAT Definitions
    131
  - What NAT Does
    132
  - Table 26 NAT Definitions
    132
  - How NAT Works
    133
    
    Port Restricted Cone NAT
    133
    
    Figure 34 How NAT Works
    133
  - NAT Application
    134
  - Figure 35 Port Restricted Cone NAT
    134
  - NAT Mapping Types
    135
  - Figure 36 NAT Application with IP Alias
    135
- Using NAT
  136
  - SUA (Single User Account) Versus NAT
    136
  - Table 27 NAT Mapping Type
    136
- SUA Server
  137
- Configuring SUA Server
  139
- Figure 37 Multiple Servers Behind NAT Example
  139
- Figure 38 SUA/NAT Setup
  140
- Table 29 SUA/NAT Setup
  140
- Configuring Address Mapping
  141
- Figure 39 Address Mapping
  142
- Table 30 Address Mapping
  142
- Figure 40 Address Mapping Edit
  144
- Table 31 Address Mapping Edit
  144
- Trigger Port Forwarding
  145
- Configuring Trigger Port Forwarding
  147
- Figure 42 Trigger Port
  147
- Table 32 Trigger Port
  148
Chapter 9 Static Route Screens

149
- Static Route Overview
  149
- Configuring IP Static Route
  150
  - Figure 43 Example of Static Routing Topology
    150
  - Figure 44 Static Route Screen
    151
  - Table 33 IP Static Route Summary
    151
  - Configuring Route Entry
    152
  - Figure 45 Edit IP Static Route
    152
  - Table 34 Edit IP Static Route
    152
Chapter 10 Firewalls

155
- Firewall Overview
  155
- Types of Firewalls
  155
  - Packet Filtering Firewalls
    156
  - Application Level Firewalls
    156
  - Stateful Inspection Firewalls
    156
- Introduction to the Business Secure Router Firewall
  157
- Denial of Service
  158
  - Basics
    158
  - Figure 46 Business Secure Router Firewall Application
    158
  - Types of Dos Attacks
    159
  - Figure 47 Three-Way Handshake
    160
  - Figure 48 SYN Flood
    161
  - Figure 49 Smurf Attack
    162
  - Table 35 ICMP Commands that Trigger Alerts
    162
  - Table 36 Legal Netbios Commands
    162
- Stateful Inspection
  163
  - Table 37 Legal SMTP Commands
    163
  - Figure 50 Stateful Inspection
    164
  - Stateful Inspection Process
    164
  - Stateful Inspection and the Business Secure Router
    165
  - TCP Security
    166
  - UDP/ICMP Security
    167
  - Upper Layer Protocols
    167
- Guidelines for Enhancing Security with Your Firewall
  168
- Packet Filtering Vs. Firewall
  169
  - Packet Filtering
    169
    
    When to Use Filtering
    169
  - Firewall
    169
    
    When to Use the Firewall
    170
    
    Nn47922
    170
Chapter 11 Firewall Screens

171
- Access Methods
  171
- Firewall Policies Overview
  171
- Rule Logic Overview
  173
  - Rule Checklist
    173
  - Security Ramifications
    173
  - Key Fields for Configuring Rules
    174
    
    Action
    174
    
    Service
    174
    
    Source Address
    174
    
    Destination Address
    174
- Connection Direction Examples
  174
  - LAN to WAN Rules
    175
  - WAN to LAN Rules
    175
  - Figure 51 LAN to WAN Traffic
    175
- Configuring Firewall
  176
- Example Firewall Rule
  185
- Figure 57 Firewall Edit Rule Screen Example
  185
- Figure 58 Firewall Rule Edit IP Example
  186
- Figure 59 Edit Custom Port Example
  186
- Figure 60 Myservice Rule Configuration Example
  187
- Predefined Services
  188
- Figure 61 My Service Example Rule Summary
  188
- Table 42 Predefined Services
  189
- Alerts
  191
- Configuring Attack Alert
  192
  - Threshold Values
    192
  - Half-Open Sessions
    192
    
    TCP Maximum Incomplete and Blocking Period
    193
    
    Figure 62 Attack Alert
    194
    
    Table 43 Attack Alert
    194
Chapter 12 Content Filtering

197
- Introduction to Content Filtering
  197
- Restrict Web Features
  197
- Days and Times
  197
- Configure Content Filtering
  198
- Figure 63 Content Filter
  198
- Table 44 Content Filter
  199
Chapter 13 VPN

201
- Ipsec
  201
- Nortel Business Secure Router 222 VPN Functions
  201
- VPN Screens Overview
  202
  - Table 45 VPN Screens Overview
    202
  - Other Terminology
    203
    
    Encryption
    203
    
    Figure 64 Encryption and Decryption
    203
    
    Table 46 VPN Screens Overview
    203
    
    Data Confidentiality
    204
    
    Data Integrity
    204
    
    Data Origin Authentication
    204
  - VPN Applications
    204
- Ipsec Architecture
  204
- Ipsec Algorithms
  205
  - Figure 65 Ipsec Architecture
    205
  - AH (Authentication Header) Protocol
    206
  - ESP (Encapsulating Security Payload) Protocol
    206
  - Key Management
    207
  - Table 47 AH and ESP
    207
- Encapsulation
  208
  - Transport Mode
    208
  - Tunnel Mode
    208
  - Figure 66 Transport and Tunnel Mode Ipsec Encapsulation
    208
- Ipsec and NAT
  209
- Secure Gateway Address
  210
  - Table 48 VPN and NAT
    210
  - Dynamic Secure Gateway Address
    211
- Summary Screen
  211
- Figure 67 Ipsec Summary Fields
  211
- Figure 68 Summary
  212
- Table 49 Summary
  213
- Keep Alive
  214
- Nailed up
  214
- NAT Traversal
  215
  - Figure 69 NAT Router between VPN Switches
    215
  - NAT Traversal Configuration
    216
- Preshared Key
  216
- Configuring Contivity Client VPN Rule Setup
  216
- Figure 70 VPN Contivity Client Rule Setup
  217
- Table 50 VPN Contivity Client Rule Setup
  217
- Configuring Advanced Setup
  218
- Figure 71 VPN Contivity Client Advanced Rule Setup
  218
- Table 51 VPN Contivity Client Advanced Rule Setup
  219
- ID Type and Content
  220
- My IP Address
  222
- Configuring Branch Office VPN Rule Setup
  222
- Table 55 Mismatching ID Type and Content Configuration Example
  222
- Nn47922
  222
- Figure 72 VPN Branch Office Rule Setup
  223
- Table 56 VPN Branch Office Rule Setup
  224
- Configuring an IP Policy
  231
- Figure 73 VPN Branch Office - IP Policy
  231
- Table 57 VPN Branch Office - IP Policy
  232
- Port Forwarding Server
  236
- Configuring a Port Forwarding Server
  236
- Figure 74 VPN Branch Office - IP Policy - Port Forwarding Server
  237
- Table 58 VPN Branch Office - IP Policy - Port Forwarding Server
  237
- IKE Phases
  238
  - Figure 75 Two Phases to Set up the Ipsec SA
    238
  - Negotiation Mode
    239
  - Diffie-Hellman (DH) Key Groups
    240
  - Perfect Forward Secrecy (PFS)
    240
  - Preshared Key
    240
- Configuring Advanced Branch Office Setup
  241
- Figure 76 VPN Branch Office Advanced Rule Setup
  241
- Table 59 VPN Branch Office Advanced Rule Setup
  242
- SA Monitor
  244
- Figure 77 VPN SA Monitor
  245
- Table 60 VPN SA Monitor
  245
- Global Settings
  246
- Figure 78 VPN Global Setting
  247
- Table 61 VPN Global Setting
  247
- VPN Client Termination
  248
- Figure 79 VPN Client Termination
  249
- Table 62 VPN Client Termination
  250
- VPN Client Termination IP Pool Summary
  252
- Figure 80 VPN Client Termination IP Pool Summary
  253
- Table 63 VPN Client Termination IP Pool Summary
  253
- VPN Client Termination IP Pool Edit
  254
- Figure 81 VPN Client Termination IP Pool Edit
  254
- Table 64 VPN Client Termination IP Pool Edit
  254
- VPN Client Termination Advanced
  255
- Figure 82 VPN Client Termination Advanced
  256
- Table 65 VPN Client Termination Advanced
  257
Chapter 14 Certificates

261
- Certificates Overview
  261
  - Advantages of Certificates
    262
- Self-Signed Certificates
  262
- Configuration Summary
  263
- My Certificates
  263
- Figure 83 Certificate Configuration Overview
  263
- Figure 84 My Certificates
  264
- Table 66 My Certificates
  265
- Certificate File Formats
  266
- Importing a Certificate
  267
- Figure 85 My Certificate Import
  268
- Table 67 My Certificate Import
  268
- Creating a Certificate
  269
- Figure 86 My Certificate Create
  269
- Table 68 My Certificate Create
  270
- My Certificate Details
  272
- Figure 87 My Certificate Details
  273
- Table 69 My Certificate Details
  274
- Trusted Cas
  276
- Figure 88 Trusted Cas
  277
- Table 70 Trusted Cas
  277
- Importing a Trusted Ca's Certificate
  279
- Figure 89 Trusted CA Import
  279
- Table 71 Trusted CA Import
  279
- Trusted CA Certificate Details
  280
- Figure 90 Trusted CA Details
  281
- Table 72 Trusted CA Details
  282
- Trusted Remote Hosts
  284
- Figure 91 Trusted Remote Hosts
  285
- Table 73 Trusted Remote Hosts
  285
- Verifying a Certificate of a Trusted Remote Host
  286
- Importing a Certificate of a Trusted Remote Host
  288
- Figure 94 Trusted Remote Host Import
  288
- Trusted Remote Host Certificate Details
  289
- Table 74 Trusted Remote Host Import
  289
- Figure 95 Trusted Remote Host Details
  290
- Table 75 Trusted Remote Host Details
  291
- Directory Servers
  293
- Figure 96 Directory Servers
  293
- Add or Edit a Directory Server
  294
- Table 76 Directory Servers
  294
- Figure 97 Directory Server Add
  295
- Table 77 Directory Server Add
  295

Nortel BSR222 User Manual (349 pages)

Business Secure Router

Brand: Nortel | Category: Network Router | Size: 3 MB

Nortel BSR222 Overview (72 pages)

Small and Medium Business Solutions Overview and Configuration Guide

Brand: Nortel | Category: Network Hardware | Size: 1 MB

Nortel BSR222 Fundamentals (42 pages)

Business Secure Router

Brand: Nortel | Category: Network Router | Size: 1 MB

Nortel Categories

IP Phone

Telephone

Switch Software Server

More Nortel Manuals

Nortel BSR222 Network Router Manuals

Nortel BSR222 Configuration (451 pages)

Table of Contents

Preface

Chapter 1 Getting to Know Your Nortel Business Secure Router 222

Chapter 2 Introducing the Webgui

Chapter 3 Wizard Setup

Chapter 4 User Notes

Chapter 5 System Screens

Chapter 6 LAN Screens

Chapter 7 WAN Screens

Chapter 8 Network Address Translation (NAT) Screens

Chapter 9 Static Route Screens

Chapter 10 Firewalls

Chapter 11 Firewall Screens

Chapter 12 Content Filtering

Chapter 13 VPN

Chapter 14 Certificates

Nortel BSR222 User Manual (349 pages)

Table of Contents

Chapter 2 Introducing the SMT

Chapter 4 LAN Setup

Chapter 5 Internet Access

Chapter 6 Remote Node Setup

Chapter 8 Dial-In User Setup

Chapter 11 Filter Configuration

Chapter 12 SNMP Configuration

Chapter 13 System Security

Nortel BSR222 Overview (72 pages)

Table of Contents

Smaller Remote Site (Greenﬁeld and Infrastructure Replacement): Reference Topology

How to Get Help

New in this Release

Getting Started

Converged Small Site (Mixed-Vendor Environment): Reference Topology

Smaller Converged Site (Greenﬁeld and Infrastructure Replacement): Reference Topology

WAN Interconnected LAN Reference Topologies

Maintenance

Nortel BSR222 Fundamentals (42 pages)

Table of Contents

Preface

Chapter 1 Introducing the Business Secure Router

Chapter 2 Hardware Installation

Chapter 3 Setting up Your Computer IP Address

Chapter 4 Configuring Your Business Secure Router

Chapter 5 User Notes

Chapter 6 Troubleshooting

Related Products

Nortel Categories