background image

Contivity 221 configuration tasks

19

9

In the My Certificates node, select a certificate issued by a
certification authority.

10

Click the Properties tab of the certificate. On the Basic page,
the certificate name, properties, the certification path, and other
certificate information appears.

11

In the My Certificates node, select a certificate request.

12

Click the Properties tab of the certificate request. On the Basic
page, the certificate name, properties, the certification path, and
other useful certificate information appears.

13

In the Certificates node, select Trusted Remote Host Certificate.

14

In the Directory Servers node, select a directory service. See

Figure 9 "Contivity 221 Directory Services" (page 19)

.

Figure 9
Contivity 221 Directory Services

15

Click the Properties tab of the directory service.

16

On the Basic page, enter the necessary information in the Directory
Service Setting 
and Login Setting boxes.

17

In the Contivity 221 device, select and expand the VPN node.

18

Click the Properties tab of a branch office connection.

CCM

Using Contivity Configuration Manager to Configure Contivity 221

317747-B

01.01

Standard

Release 2.3

March 2006

Copyright © 2006, Nortel Networks

Nortel Networks Confidential

.

Summary of Contents for Contivity 221

Page 1: ...CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B ...

Page 2: ...ocument without notice Nortel Networks Inc does not assume any liability that may occur due to the use or application of the product s or circuit layout s described herein Portions of the code in this software product may be Copyright 1988 Regents of the University of California All rights reserved Redistribution and use in source and binary forms of such portions are permitted provided that the a...

Page 3: ...ng between Nortel Networks and Customer Software is provided AS IS without any warranties conditions of any kind NORTEL NETWORKS DISCLAIMS ALL WARRANTIES CONDITIONS FOR THE SOFTWARE EITHER EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON INFRINGEMENT Nortel Networks is not obligated to provide sup...

Page 4: ... Agreement is governed by the laws of the country in which Customer acquires the Software If the Software is acquired in the United States then this License Agreement is governed by the laws of the state of New York ...

Page 5: ...r Remote Management 9 Contivity 221 configuration tasks 9 Configuring 802 1x over Ethernet 10 Configuring Bandwidth Management 13 Configuring Certificate Management 17 Configuring Contivity Client Global Setting for VPN 20 Configuring IPSec Tunnel Nail Up 21 Configuring Multi user Configuration 23 Configuring SSH HTTPS for Remote Management 25 CCM Using Contivity Configuration Manager to Configure...

Page 6: ...6 Contents CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 7: ...ments Configuring and Troubleshooting the Contivity 221 SOHO Internet Security Gateway Contivity 221 SOHO Internet Security Gateway Quick Start Guide Contivity Configuration Manager 2 2 User Guide Contivity Configuration Manager Wizards How to get help This section explains how to get help for Nortel products and services How to get help This section explains how to get help for Nortel products an...

Page 8: ... obtain the phone number for your region www nortel com callus Getting help from a specialist by using an Express Routing Code To access some Nortel Technical Solutions Centers you can use an Express Routing Code ERC to quickly route your call to a specialist in your Nortel product or service To locate the ERC for your product or service go to www nortel com erc Getting help through a Nortel distr...

Page 9: ...ty Association SA lifetime expires When the Contivity 251 restarts it automatically renegotiates any nailed up tunnels In effect the IPSec tunnel becomes an always on connection after the tunnel is initiated Multi user Configuration With this Contivity 221 feature you can manage multiple users through the import and export of user information SSH HTTPS for Remote Management Secure Shell SSH is a s...

Page 10: ...e 25 See the following sections for detailed explanations of these tasks See previous versions of this document for an explanation of legacy configuration tasks Configuring 802 1x over Ethernet To configure 802 1x over Ethernet Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 Select 802 1x and click the Properties tab 3 Click the 802 1x tab then enter the ap...

Page 11: ...Local User Database page 12 6 On the Local User Database page enter the appropriate name and password for the database 7 Select the appropriate Active check boxes for the databases See Figure 2 Contivity 221 AuthServer Local User Database page 12 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel...

Page 12: ...e Figure 3 Contivity 221 AuthServer RADIUS page 13 10 On the RADIUS page enter the appropriate information in the Authentication Server and the Accounting Server sections See Figure 3 Contivity 221 AuthServer RADIUS page 13 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 13: ...about Bandwidth Management To configure Bandwidth Management Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 Select Bandwidth Management and click the Properties tab See Figure 4 Contivity 221 Bandwidth Management page 14 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel...

Page 14: ...ement node select the LAN Root Class element 7 Click the LAN Root Class Properties tab 8 Click the Properties tab then select the Class Configuration tab See Figure 5 Contivity 221 Class Configuration page 15 The Class Name and Bandwidth Budget fields contain the values specified in the Bandwidth Management Properties tab CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 ...

Page 15: ... click the Palette tab Double click Class Set up 10 Click the Properties tab then click the Class Configuration tab 11 Configure the Class Name and Bandwidth Budget fields as required See Figure 6 Contivity 221 LAN Class Configuration page 16 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Net...

Page 16: ...ck the Filter Configuration tab 13 To enable the Bandwidth Filter select the Enable Bandwidth Filter check box See Figure 7 Contivity 221 LAN Filter Configuration page 17 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 17: ... My Certificates Trusted Certificates and Trusted Remote Host Certificates To configure Certificate Management Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 Select Certificates and expand it 3 In the Certificates node select the Trusted CAs node 4 In the Trusted CAs node import a trusted CA certificate by using the Certificate Create wizard For more infor...

Page 18: ...rd to import a certificate issued by a certification authority or to create a self signed certificate or a certificate request See Contivity Configuration Manager Wizards 8 Select the Properties tab of the self signed certificate On the Basic page the certificate name properties the certification path and other certificate information appears If more than one self signed certificate exists you can...

Page 19: ...e information appears 13 In the Certificates node select Trusted Remote Host Certificate 14 In the Directory Servers node select a directory service See Figure 9 Contivity 221 Directory Services page 19 Figure 9 Contivity 221 Directory Services 15 Click the Properties tab of the directory service 16 On the Basic page enter the necessary information in the Directory Service Setting and Login Settin...

Page 20: ...xtracted from the selected certificate 21 From the Remote ID Type list select one of the following IP DNS E mail Subject Name and Any See Figure 10 Contivity 221 VPN Authentication Method page 20 End Configuring Contivity Client Global Setting for VPN The Contivity Client Global Setting features provides configuration support for client global settings for VPNs You can use this feature to configur...

Page 21: ...ing 4 In the MAC Address Allowed box enter the MAC address End Configuring IPSec Tunnel Nail Up See Configuring Basic Features for the Contivity Secure IP Services Gateway 311642 L for more information about Nail Up control tunnels To configure IPSec Tunnel Nail Up Step Action 1 In the CCM navigation pane select and expand the Contivity 221 device node 2 Select VPN and expand it CCM Using Contivit...

Page 22: ... 22 Figure 12 Contivity 221 Nailed Up option for branch office connection 6 For all IP Policies of the branch office connection on the IP Policy page select the Enable Control Ping check box If you chose Enable Control Ping you must specify which IP is the endpoint of the control ping See Figure 13 Contivity 221 Control Ping page 23 CCM Using Contivity Configuration Manager to Configure Contivity ...

Page 23: ... Configuration Step Action 1 In the CCM navigation pane select the Contivity 221 device 2 Click the Properties tab 3 Click the Import tab then enter the appropriate information in the boxes See Figure 14 Contivity 221 Properties Import page 24 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Ne...

Page 24: ...t tab then enter the appropriate information in the boxes See Figure 15 Contivity 221 Properties Export page 24 Figure 15 Contivity 221 Properties Export CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 25: ...mote Management To configure SSH HTTPS for Remote Management Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 In the Contivity 221 device node select the Properties tab of the Remote Management element 3 On the Properties page click the SSH tab See Figure 17 Contivity 221 SSH for Remote Management page 26 CCM Using Contivity Configuration Manager to Configur...

Page 26: ... the server port number 6 For Secured Client IP Address select either All or Selected 7 Click the WWW tab 8 Select and enter the appropriate information in the boxes lists and check boxes See Figure 18 Contivity 221 HTTPS for Remote Management page 27 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks N...

Page 27: ... 27 Figure 18 Contivity 221 HTTPS for Remote Management End CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 28: ...nfiguration Manager to Configure Contivity 221 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 29: ......

Page 30: ...ing Contivity Configuration Manager to Configure Contivity 221 Copyright 2006 Nortel Networks All Rights Reserved Publication 317747 B Document status Standard Document version 01 01 Document date March 2006 ...

Reviews: