Advanced router configuration, Setting up the router when the system has a server – Nortel Networks BSR222 User Manual

Chapter 5 User Notes

35

Nortel Business Secure Router 222 — Fundamentals

Both RIP-1 and RIP-2

Advanced Router Configuration

The following notes are intended to help with advanced router configuration.

Setting up the router when the system has a server

1

If you are using a Full-Feature NAT configuration, first, do the following...

a

In SUA/NAT / Address Mapping, add a 'Server' rule, specifying the
'Public' IP address of the server.

2

For both SUA-Only and Full-Feature NAT configurations, do the following...

a

In SUA/NAT : SUA Server, add server private IP address and port
number(s) to the SUA/NAT Server table.

b

In FIREWALL, add a WAN-to-LAN rule

c

If the service is not in the list of available services, add it as a 'Custom
Port'.

d

Add the rule, selecting the service, and entering the server IP address as
the destination IP address.

Connecting two sites to establish a virtual private network

The recommended method to do this is through a branch-to-branch IPSec tunnel.

1

In VPN / Summary, add a new tunnel by editing an unused rule. Create an
Active, Branch Office tunnel.

a

Select 'Nailed Up' if the tunnel should not be closed while not in use.

b

Enter the authentication information, with either a pre-shared key or an
imported certificate.

c

Enter the IP Address assigned to the router WAN port. This should be a
static address, or a dynamic DNS name, and the IP address of the remote
router.

d

Select the encryption and authentication algorithms.

e

Add an IP policy, by specifying the IP address ranges of the local and
remote hosts that will use the tunnel.