Installation Guide
Page 6
... 30 Accessing Network Voyager Reference Information 31 Using Network Voyager to Monitor an IP300 Series Appliance . 32 Using Nokia Horizon Manager 33 4 Installing and Replacing Network Interface Cards 35 Deactivating Configured Interfaces 36 Removing, Installing, and Replacing NICs 36 Before You Start 37 Configuring and Activating Interfaces 43 Monitoring Network Interface Cards 43 5 Connecting PMC Network Interface Cards 45 Four-Port and Two-Port 10/100 Mbps Ethernet Interface, PMC . . 46 Ethernet PMC NIC Features 46 Connectors and Cables 47 Two-Port V2 Gigabit Ethernet Card, PMC...
... 30 Accessing Network Voyager Reference Information 31 Using Network Voyager to Monitor an IP300 Series Appliance . 32 Using Nokia Horizon Manager 33 4 Installing and Replacing Network Interface Cards 35 Deactivating Configured Interfaces 36 Removing, Installing, and Replacing NICs 36 Before You Start 37 Configuring and Activating Interfaces 43 Monitoring Network Interface Cards 43 5 Connecting PMC Network Interface Cards 45 Four-Port and Two-Port 10/100 Mbps Ethernet Interface, PMC . . 46 Ethernet PMC NIC Features 46 Connectors and Cables 47 Two-Port V2 Gigabit Ethernet Card, PMC...
Installation Guide
Page 7
... Installing a Flash-Memory PC Card 78 Storing System Logs on the Flash-Memory PC Card 78 Transferring Files with the Flash-Memory PC Card 79 8 Using the Boot Manager 81 Variables 82 Viewing the Variables and Other System Parameters 84 Setting the Variables 86 Other Commands 88 Booting the System 89 Using the Boot Manager to Install IPSO 89 Protecting the Boot Manager with a Password 90 Installing the Boot Manager 91 Upgrading the Boot Manager 92 9 Troubleshooting 95 General Troubleshooting Information 95 Troubleshooting Routing Problems 105 A Technical Specifications...
... Installing a Flash-Memory PC Card 78 Storing System Logs on the Flash-Memory PC Card 78 Transferring Files with the Flash-Memory PC Card 79 8 Using the Boot Manager 81 Variables 82 Viewing the Variables and Other System Parameters 84 Setting the Variables 86 Other Commands 88 Booting the System 89 Using the Boot Manager to Install IPSO 89 Protecting the Boot Manager with a Password 90 Installing the Boot Manager 91 Upgrading the Boot Manager 92 9 Troubleshooting 95 General Troubleshooting Information 95 Troubleshooting Routing Problems 105 A Technical Specifications...
Installation Guide
Page 17
... the IP300 Series Appliance Nokia IP300 Series Security Platform Installation Guide 9 This chapter provides an overview of IProuting functions and protocols, including RIPv1/RIPv2, IGRP, OSPF and BGP4 for unicast traffic, and DVMRP for separate intranet and access routers in the documentation. The integrated router functionality eliminates the need to use of firewall, VPN, and intrusion detection security applications. As network devices, these appliances is the same...
... the IP300 Series Appliance Nokia IP300 Series Security Platform Installation Guide 9 This chapter provides an overview of IProuting functions and protocols, including RIPv1/RIPv2, IGRP, OSPF and BGP4 for unicast traffic, and DVMRP for separate intranet and access routers in the documentation. The integrated router functionality eliminates the need to use of firewall, VPN, and intrusion detection security applications. As network devices, these appliances is the same...
Installation Guide
Page 19
... About the Nokia IP300 Series Flash-Based Appliance Both the IP355 and the IP385 share the same one-rack unit (1 RU) size. The Nokia IP355 and IP385 flash-based appliances support the same cards as IP350 and IP380 appliances. Both flash-based appliances have a maximum memory size of 1GB. About the Nokia IP300 Series Flash-Based Appliance Table 3 Specifications for logging (PCMCIA slot) 1 GB Optional encryption No Yes accelerator card Nokia IP300 Series Security Platform Installation Guide 11
... About the Nokia IP300 Series Flash-Based Appliance Both the IP355 and the IP385 share the same one-rack unit (1 RU) size. The Nokia IP355 and IP385 flash-based appliances support the same cards as IP350 and IP380 appliances. Both flash-based appliances have a maximum memory size of 1GB. About the Nokia IP300 Series Flash-Based Appliance Table 3 Specifications for logging (PCMCIA slot) 1 GB Optional encryption No Yes accelerator card Nokia IP300 Series Security Platform Installation Guide 11
Installation Guide
Page 20
...-port Fiber Gigabit Ethernet NICs Gigabit Ethernet NICs Optional disk No No Nokia IPSO version 3.9 3.9 Check Point (Enforcement Module support only) Check Point NGX R60 Check Point NGX R60 Managing the IP300 Series Appliance You can manage the IP300 Series appliance by using one of the following interfaces: Nokia Network Voyager-an SSL-secured, Web-based element management interface to Nokia IP security platforms. Network Voyager is preinstalled on page 30. The IPSO command-line interface (CLI)-an SSHv2-secured interface that you can manage, monitor, and configure...
...-port Fiber Gigabit Ethernet NICs Gigabit Ethernet NICs Optional disk No No Nokia IPSO version 3.9 3.9 Check Point (Enforcement Module support only) Check Point NGX R60 Check Point NGX R60 Managing the IP300 Series Appliance You can manage the IP300 Series appliance by using one of the following interfaces: Nokia Network Voyager-an SSL-secured, Web-based element management interface to Nokia IP security platforms. Network Voyager is preinstalled on page 30. The IPSO command-line interface (CLI)-an SSHv2-secured interface that you can manage, monitor, and configure...
Installation Guide
Page 21
... LEDs Modem (AUX) port PMC interfaces Reset switch PCMCIA slots Console port Built-in Ethernet ports (10/100 Mbps) Nokia IP300 Series Security Platform Installation Guide 13 About the IP300 Series Appliance The following figures show component locations for the Nokia IP300 Series appliance. With Horizon Manager, you are using. Nokia Horizon Manager-a secure GUI-based software image management application. Horizon Manager can securely install and upgrade the Nokia IPSO operating system, plus hardware and thirdparty applications such as Check Point FireWall-1 for Nokia...
... LEDs Modem (AUX) port PMC interfaces Reset switch PCMCIA slots Console port Built-in Ethernet ports (10/100 Mbps) Nokia IP300 Series Security Platform Installation Guide 13 About the IP300 Series Appliance The following figures show component locations for the Nokia IP300 Series appliance. With Horizon Manager, you are using. Nokia Horizon Manager-a secure GUI-based software image management application. Horizon Manager can securely install and upgrade the Nokia IPSO operating system, plus hardware and thirdparty applications such as Check Point FireWall-1 for Nokia...
Installation Guide
Page 23
... assignment information for Nokia supported network interface cards. About the IP300 Series Appliance Note Nokia recommends the use Nokia-approved accessories. The IP300 Series appliance includes two PMC (PCI mezzanine card) expansion slots for console connections. For more information, see "Four-Port and Two-Port 10/100 Mbps Ethernet Interface, PMC" on page 56. The Nokia Global Support Services group can only provide support for Nokia products that use of shielded twisted-pair cables and connectors...
... assignment information for Nokia supported network interface cards. About the IP300 Series Appliance Note Nokia recommends the use Nokia-approved accessories. The IP300 Series appliance includes two PMC (PCI mezzanine card) expansion slots for console connections. For more information, see "Four-Port and Two-Port 10/100 Mbps Ethernet Interface, PMC" on page 56. The Nokia Global Support Services group can only provide support for Nokia products that use of shielded twisted-pair cables and connectors...
Installation Guide
Page 34
... and Cables" on page 18. If the fans are running , or if the power LED does not illuminate, contact your Nokia service provider as listed in "Nokia Contact Information" on to the power strip or wall receptacle you press the switch. You can also connect the remaining LAN interface wires at least one network interface to use as described in Chapter 3, "Performing the Initial Configuration." After...
... and Cables" on page 18. If the fans are running , or if the power LED does not illuminate, contact your Nokia service provider as listed in "Nokia Contact Information" on to the power strip or wall receptacle you press the switch. You can also connect the remaining LAN interface wires at least one network interface to use as described in Chapter 3, "Performing the Initial Configuration." After...
Installation Guide
Page 35
... how to use the DHCP client for initial configuration, see the Read Me First document. It includes the following sections: Using a Console Connection to Perform the Initial Configuration Accessing Nokia Network Voyager Using Nokia Horizon Manager For information about how to perform the initial configuration manually by using a console connection. Nokia IP300 Series Security Platform Installation Guide 27 3 Performing the Initial Configuration The first time you to configure the network settings and provides access to the admin account...
... how to use the DHCP client for initial configuration, see the Read Me First document. It includes the following sections: Using a Console Connection to Perform the Initial Configuration Accessing Nokia Network Voyager Using Nokia Horizon Manager For information about how to perform the initial configuration manually by using a console connection. Nokia IP300 Series Security Platform Installation Guide 27 3 Performing the Initial Configuration The first time you to configure the network settings and provides access to the admin account...
Installation Guide
Page 61
... Installation Guide 53 Figure 19 Two-Port Gigabit Ethernet NIC, Fiber Link LEDs (green or yellow) Activity LEDs (yellow) Ports Connectors and Cables To connect the two-port Gigabit Ethernet NIC to Nokia IP security platforms. Specifically, you use a multimode, fiber-optic cable with an LC connector for the two-port fiber-optic Gigabit Ethernet NIC you set the port speed and full-duplex mode with Nokia Network Voyager, the Web-based element management interface to other network components, use in the IP300 Series appliance. Two-Port Gigabit Ethernet Card, PMC, Fiber The two-port...
... Installation Guide 53 Figure 19 Two-Port Gigabit Ethernet NIC, Fiber Link LEDs (green or yellow) Activity LEDs (yellow) Ports Connectors and Cables To connect the two-port Gigabit Ethernet NIC to Nokia IP security platforms. Specifically, you use a multimode, fiber-optic cable with an LC connector for the two-port fiber-optic Gigabit Ethernet NIC you set the port speed and full-duplex mode with Nokia Network Voyager, the Web-based element management interface to other network components, use in the IP300 Series appliance. Two-Port Gigabit Ethernet Card, PMC, Fiber The two-port...
Installation Guide
Page 63
Nokia IP300 Series Security Platform Installation Guide 55 The following topics are covered: Installing a PCMCIA Modem Replacing a Hard-Disk Drive Replacing or Upgrading Memory Installing an Encryption Accelerator Card Replacing the Battery For instructions on how to add or replace user serviceable items other than network interface cards in this chapter. Limit service of networking equipment before attempting to service an IP300 Series appliance. 6 Installing and Replacing Other Components This chapter provides information on adding or replacing ...
Nokia IP300 Series Security Platform Installation Guide 55 The following topics are covered: Installing a PCMCIA Modem Replacing a Hard-Disk Drive Replacing or Upgrading Memory Installing an Encryption Accelerator Card Replacing the Battery For instructions on how to add or replace user serviceable items other than network interface cards in this chapter. Limit service of networking equipment before attempting to service an IP300 Series appliance. 6 Installing and Replacing Other Components This chapter provides information on adding or replacing ...
Installation Guide
Page 65
Connect the modem to a remote system on the Network Access and Services link in which you can remove and replace. Replacing a Hard-Disk Drive The IP350 and IP380 appliances each include one hard-disk drive, which the device is not already installed, insert the PCMCIA modem into either the top or bottom PCMCIA slot until the modem clicks into place. Nokia IP300 Series Security Platform Installation Guide 57 If the modem is used. Note Back up and restore procedures, see...
Connect the modem to a remote system on the Network Access and Services link in which you can remove and replace. Replacing a Hard-Disk Drive The IP350 and IP380 appliances each include one hard-disk drive, which the device is not already installed, insert the PCMCIA modem into either the top or bottom PCMCIA slot until the modem clicks into place. Nokia IP300 Series Security Platform Installation Guide 57 If the modem is used. Note Back up and restore procedures, see...
Installation Guide
Page 89
The boot manager allows you to reflect your own needs, or you first receive your IP300 Series appliance, the boot manager uses factory-default parameters (kernel, boot device, and so on Nokia IP300 Series Security Platform Installation Guide 81 You can change these parameters on ) for the boot process. The boot manager maintains the default values of these defaults to perform a number of IPSO (the operating system) Obtaining system information Performing various...
The boot manager allows you to reflect your own needs, or you first receive your IP300 Series appliance, the boot manager uses factory-default parameters (kernel, boot device, and so on Nokia IP300 Series Security Platform Installation Guide 81 You can change these parameters on ) for the boot process. The boot manager maintains the default values of these defaults to perform a number of IPSO (the operating system) Obtaining system information Performing various...
Installation Guide
Page 98
... password. 90 Nokia IP300 Series Security Platform Installation Guide At the boot manager command prompt, enter: BOOTMGR[0]>install If you used the passwd command to protect this command with a Password To prevent accidental or unauthorized access to your password before allowing you for your IP300 Series appliance hard disk, you access to the install command in boot manager, not access to set a password 1. Reboot the IP300 Series appliance. Use the password command to IPSO. To install a new copy of the IPSO kernel 1. At the boot manager command prompt enter: BOOTMGR...
... password. 90 Nokia IP300 Series Security Platform Installation Guide At the boot manager command prompt, enter: BOOTMGR[0]>install If you used the passwd command to protect this command with a Password To prevent accidental or unauthorized access to your password before allowing you for your IP300 Series appliance hard disk, you access to the install command in boot manager, not access to set a password 1. Reboot the IP300 Series appliance. Use the password command to IPSO. To install a new copy of the IPSO kernel 1. At the boot manager command prompt enter: BOOTMGR...
Installation Guide
Page 104
... the instructions for no parity, 9600 bps. Solution Obtain a valid password or set the password to Perform the Initial Configuration" on page 28. Login Prompt Appears, But Password Not Accepted Problem Entered wrong password. 9 Troubleshooting Problem Not connected with a null-modem cable. Solution Verify that you are using a null-modem cable. For pinout information, see "Using a Console Connection to a default value. 96 Nokia IP300 Series Security Platform Installation Guide Problem Wrong terminal settings. Problem Defective IP300 Series appliance or file...
... the instructions for no parity, 9600 bps. Solution Obtain a valid password or set the password to Perform the Initial Configuration" on page 28. Login Prompt Appears, But Password Not Accepted Problem Entered wrong password. 9 Troubleshooting Problem Not connected with a null-modem cable. Solution Verify that you are using a null-modem cable. For pinout information, see "Using a Console Connection to a default value. 96 Nokia IP300 Series Security Platform Installation Guide Problem Wrong terminal settings. Problem Defective IP300 Series appliance or file...
Installation Guide
Page 107
... Using the Ethernet Port, But Console Access Works Problem Using the wrong Ethernet cable. Solution Your NIC might be with the slot on page 46. Solution Use a crossover Ethernet cable if you are connecting directly to verify the interface configuration and fix it if necessary. Do Not See Interfaces that Should be Present Problem Local IP300 Series appliance ports do not appear. Nokia IP300 Series Security Platform Installation Guide 99 Contact the appropriate Nokia customer support...
... Using the Ethernet Port, But Console Access Works Problem Using the wrong Ethernet cable. Solution Your NIC might be with the slot on page 46. Solution Use a crossover Ethernet cable if you are connecting directly to verify the interface configuration and fix it if necessary. Do Not See Interfaces that Should be Present Problem Local IP300 Series appliance ports do not appear. Nokia IP300 Series Security Platform Installation Guide 99 Contact the appropriate Nokia customer support...
Installation Guide
Page 110
... also enable several types of the network interface card. ping various hosts on clients. Enter the following command: ipsctl ifphys:logical interface:max_rxlabel 102 Nokia IP300 Series Security Platform Installation Guide Solution Verify that the client is not enabled on the interfaces in Network Voyager, you have IP connectivity; Problems Interfacing to receive local traffic only one hop away. For information about how to use . Problem Remote and local devices are not in the supported VC...
... also enable several types of the network interface card. ping various hosts on clients. Enter the following command: ipsctl ifphys:logical interface:max_rxlabel 102 Nokia IP300 Series Security Platform Installation Guide Solution Verify that the client is not enabled on the interfaces in Network Voyager, you have IP connectivity; Problems Interfacing to receive local traffic only one hop away. For information about how to use . Problem Remote and local devices are not in the supported VC...
Installation Guide
Page 115
... logged in OSPF routing. Note You can access the document page by pressing Doc. Nokia IP300 Series Security Platform Installation Guide 107 Problem Attached devices do not support OSPF. For information about how to use ICLID to display OSPF details. Under routing options in Network Voyager. For more information about how to view routing information. Solution Ensure that the appliance supports and exchange routes with OSPF, or set a default or static route...
... logged in OSPF routing. Note You can access the document page by pressing Doc. Nokia IP300 Series Security Platform Installation Guide 107 Problem Attached devices do not support OSPF. For information about how to use ICLID to display OSPF details. Under routing options in Network Voyager. For more information about how to view routing information. Solution Ensure that the appliance supports and exchange routes with OSPF, or set a default or static route...
Installation Guide
Page 128
... flash-based appliances 11 flash-memory card disabling 78 transferring files 79 flash-memory PC cards 77 four-port Ethernet network interface card 46 G Gigabit Ethernet network interface cards 50, 53 connectors 53 H halt command 88 hard-disk drive, replacing 57 height 111 help command 88 I ICLID command 105 install command 89 installing network interface cards 36 PCMCIA modem 56 interfaces specifications 112 IP routing 9 IP300Series appliances, monitoring 18 IP355 appliances 11 IP385 appliances 11 IPsec 72 IPSO command-line interface 12 IPSO version 11 IPSO, booting 89 L LC connector 53 LEDs...
... flash-based appliances 11 flash-memory card disabling 78 transferring files 79 flash-memory PC cards 77 four-port Ethernet network interface card 46 G Gigabit Ethernet network interface cards 50, 53 connectors 53 H halt command 88 hard-disk drive, replacing 57 height 111 help command 88 I ICLID command 105 install command 89 installing network interface cards 36 PCMCIA modem 56 interfaces specifications 112 IP routing 9 IP300Series appliances, monitoring 18 IP355 appliances 11 IP385 appliances 11 IPsec 72 IPSO command-line interface 12 IPSO version 11 IPSO, booting 89 L LC connector 53 LEDs...
Installation Guide
Page 129
... 24 mounting screws 24 multicast traffic 9 multimode, fiber-optic cable 53 N network interface cards 10, 12 cable output connector 112 cable type 112 deactivating 36 four-port Ethernet 46 front panel location 13 installing 35, 36 two-port Ethernet 47 two-port Gigabit Ethernet, fiber 53 two-port V2 Gigabit Ethernet, copper 50 types supported 15 network interfaces, connecting 26 Network Voyager 12 accessing 30 configuring VPN tunnels 72 Nokia Horizon Manager 13 Nokia IPSO version 11, 12 null-modem cable 28 O opening Network Voyager 30 operating temperature range...
... 24 mounting screws 24 multicast traffic 9 multimode, fiber-optic cable 53 N network interface cards 10, 12 cable output connector 112 cable type 112 deactivating 36 four-port Ethernet 46 front panel location 13 installing 35, 36 two-port Ethernet 47 two-port Gigabit Ethernet, fiber 53 two-port V2 Gigabit Ethernet, copper 50 types supported 15 network interfaces, connecting 26 Network Voyager 12 accessing 30 configuring VPN tunnels 72 Nokia Horizon Manager 13 Nokia IPSO version 11, 12 null-modem cable 28 O opening Network Voyager 30 operating temperature range...