Panasonic 7 User Manual

Chapter 4 Configuring user tunnels 79

•

Maximum password age is the time after which the login password
expires. The Maximum Password Age range is from 0 (no password
expiration) to 180 days (6 months). Default is 30 days. Users receive a
warning that the password will expire each time they log in for two days

prior to the expiration date. They also receive three warnings before

access is denied. (If your clients are using a Microsoft Dial-up

Networking connection instead of the Nortel Connection Manager, then

they are not be notified of a password expiration or be given the

opportunity to change the password prior to expiration. You should not

use this feature unless you also plan to distribute the Connection Manager.

•

Minimum password length can be from 3 to 16 alphanumeric characters.
If you set the minimum length to eight characters, then the remote user
must use at least eight characters as the login password. Default is 16
characters.

•

Alpha-numeric passwords forces remote users to log in with a

combination of alphabetic (A to Z) and numeric (1 to 9) characters. Nortel
does not recommend using all alphabetic characters because this makes it
easier for hackers to decode. The default is Disabled.

9

Enter the amount of Idle Timeout time a connection can be idle (no data has
been transmitted or received through the connection for the specified amount

of time). When the idle timeout expires, the session is terminated. This option

helps prevent allocation of resources on the Nortel VPN Router for sessions
that are no longer active. The default Idle Timeout is 00:15:00 minutes; the
range is 00:00:00 to 23:59:59. The maximum number of days is 29. A setting

of 00:00:00 specifies no Idle Timeout. All sessions check their configuration

at startup time. Therefore, if you change the time of the idle timeout during a
session, the change only affects new sessions and not any existing ones.

10 Set the Maximum number of failed login attempts to lock out an account.

11 For Access Network Name, specify a source IP address that restricts user

access. Users may tunnel into the Nortel VPN Router only if they are

tunneling from a source IP network defined by the access network. If they
tunnel from a network outside the defined access network, the tunnel is
refused. Access Network Names must be previously defined on the Profiles >

Networks window to appear in the list. Use the link to create an access
network if one does not exist.

12 Packet filters control the type of access allowed for users in a group, based on

various parameters, including Protocol ID, Direction, IP addresses, Source,

Nortel VPN Router Configuration — Basic Features