Multitech Routefinder rf650vpn User manual

RF650VPN

Internet Security Appliance

Quick Start Guide

82013251 Revision B

RouteFinderVPN Model RF650VPN

This publication may not be reproduced, in whole or in part, without prior expressed written permission from

Multi-Tech Systems, Inc. makes no representations or warranties with respect to the contents hereof and

specifically disclaims any implied warranties of merchantability or fitness for any particular purpose.

Furthermore, Multi-Tech Systems, Inc. reserves the right to revise this publication and to make changes from

time to time in the content hereof without obligation of Multi-Tech Systems, Inc. to notify any person or

organization of such revisions or changes.

Record of Revisions

Revision Date Description

A 9/5/01 Manual released for RouteFinder software version 1.92.

B1/8/02 Manual revised for RouteFinder software version 2.00.

Patents

This Product is covered by one or more of the following U.S. Patent Numbers: 5.301.274; 5.309.562;

5.355.365; 5.355.653; 5.452.289; 5.453.986. Other Patents Pending.

TRADEMARKS

Trademarks of Multi-Tech Systems, Inc.: Multi-Tech, the Multi-Tech logo and RouteFinder.

Windows is a registered trademark of Microsoft Corporation in the United States and other countries.

All products or technologies are the trademarks or registered trademarks of their respective holders.

Multi-Tech Systems, Inc.

2205 Woodale Drive

Mounds View, Minnesota 55112

(763) 785-3500 or (800) 328-9717

Fax 763-785-9874

Tech Support (800) 972-2439

Internet Address: http://www.multitech.com

Contents

Chapter 1 – Introduction and Description

Introduction ......................................................................................... 7

Product Description .............................................................................. 7

About this Manual and Related Manuals ................................................ 7

Front Panel........................................................................................... 8

Back Panel............................................................................................ 9

Ship Kit Contents.................................................................................. 10

Chapter 2 – Installation

Introduction ......................................................................................... 11

Address Table....................................................................................... 12

Safety Warnings ................................................................................... 13

Unpacking............................................................................................ 13

Hardware Installation Procedure ........................................................... 14

Cabling Procedure................................................................................. 14

Software Configuration ........................................................................ 15

Configure the RF650VPN as a Firewall................................................ 17

Configure the RF650VPN as a PPTP Server for VPN Remote Cient Access........ 22

Configure the RF650VPN as an IPSec VPN Gateway............................ 23

IPSec VPN Gateway LAN to LAN Configuration ................................... 28

Chapter 3 - Application Examples

Introduction ......................................................................................... 29

Firewall and NAT................................................................................... 29

Firewall, NAT and DMZ.......................................................................... 30

Firewall, NAT and DNAT Virtual Server.................................................. 31

Firewall, NAT and PPTP Client Remote Access........................................ 32

Firewall, NAT and IPSec Client Remote Access ...................................... 33

Firewall, NAT and IPSec LAN to LAN...................................................... 34

Firewall, NAT and SMTP Proxy .............................................................. 36

Chapter 4 - Service, Warranty and Tech Support

Introduction ......................................................................................... 37

Limited Warranty.................................................................................. 37

On-line Warranty Registration............................................................... 37

Recording RouteFinder Information....................................................... 38

Contacting Tech Support via E-mail....................................................... 38

Service ................................................................................................ 39

Multi-Tech on the Internet.................................................................... 39

Ordering Accessories ............................................................................ 40

Appendixes

Appendix A - Windows PPTP Client Setup .................. 41

Appendix B - SSH IPSec Client Setup.......................... 57

Appendix C - Regulatory Information......................... 69

Appendix D - License Agreements ...................................... 73

PN 82013251

Chapter 1 – Introduction and Description

Introduction

Welcome to Multi-Tech’s new RouteFinder, the RF650VPN. The RouteFinder Internet security

appliance is an integrated VPN gateway/firewall designed to maximize network security without

compromising network performance. It uses data encryption, user authentication and the Internet

to securely connect telecommuters, remote offices, customers or suppliers to the corporate office

while avoiding the cost of private leased lines or dial-up charges. The browser-based interface

eases VPN configuration and management. The VPN functionality is based on IPSec and PPTP

protocols and uses Triple DES 168-bit encryption to ensure that your information remains private.

The RouteFinder firewall security utilizes Stateful Packet Inspection, and provides optional email

anti-virus protection.

Product Description

The RF650VPN is a 1U rackmountable hardware/software solution that provides advanced

network firewall (Stateful Packet Inspection and NAT), application firewall (DMZ, proxies, filter,

optional virus protection), VPN gateway (IPSec, PPTP, 3DES, authentication), and full router

capabilities. The RouteFinder’s three 10/100 Ethernet ports can provide connectivity to the

user’s network, Internet access via router, DSL, cable or dedicated line, and DMZ.

The RouteFinder’s DMZ port permits connecting of Voice over IP gateways, like MultiVOIPs, and

public servers such as email and web to be safely connected. And its full-featured router

hardware allows the entire network to share an Internet link by connecting to an existing cable

modem, DSL modem or router.

The browser-based interface eases VPN configuration and management. The VPN functionality is

based on the IPSec and PPTP protocols and uses Triple DES 168-bit encryption to ensure that

your information remains private. In addition, the RF650VPN includes firewall security utilizing

Stateful Packet Inspection, and provides optional e-mail anti-virus protection. The optional virus

update feature includes protection against new virus types and security gaps with automatically

transferred updates.

About this Manual and Related Manuals

This Quick Start Guide manual contains four chapters and four appendixes, and is intended to

provide the experienced system administrator the information needed to quickly get the

RouteFinder up and running. The full User Guide manual is provided on the RouteFinder

RF650VPN System CD in Acrobat (.PDF) format. It provides additional operating,

troubleshooting, upgrade, regulatory agency, FAQs, and other RouteFinder information. It can be

viewed, printed, and searched (Ctl-F) effectively from Acrobat Reader 4 or 5. The Acrobat Reader

is provided on the System CD as well.

Please address comments about this manual to the Multi-Tech Publications Dept. Related

manuals may include add-on product documentation for options such as the IPSec SSH client, the

E-mail Anti-Virus Upgrade, etc.

Note: This document contains links to Internet sites which are owned and operated by third

parties. Multi-Tech Systems, Inc. is not responsible for the content of any such third-party site.

RF650VPN Quick Start Guide

Front Panel

The RF650VPN has 16 front panel LEDs to provide operating status.

The RF650VPN Front panel

The front panel LEDs are described below.

LED Description

LAN LEDs

LINK The LINK LED indicates link integrity for the LAN Ethernet port. If the Ethernet link

is valid at either 10 Mbps or 100Mbps, the Link LED is lit. If the Ethernet link is invalid, the

LINK LED is off.

ACT The ACT (Activity) LED indicates either transmit or receive activity on the LAN

Ethernet port. When activity is present on the LAN Ethernet port, theACT LED is lit. When

no activity is present on the LAN Ethernet port, the ACT LED is off.

100MB The 100MB LED indicates the speed of the LAN Ethernet port. The 100MB LED is

lit if the LAN Ethernet port is linked at 100Mbps. The 100MB LED is off at 10 Mbps.

WAN LEDs

LINK The LINK LED indicates link integrity for the WAN Ethernet port. If the link is valid

in either 10 Mbps or 100 Mbps, the LINK LED is on; if the WAN Ethernet link is invalid, the

LINK LED is off.

ACT The ACT (Activity) LED indicates either transmit or receive activity on the WAN

Ethernet port. When activity is present, the ACT LED is on; when no activity is present, the

ACT LED is off.

100MB The 100MB LED indicates the speed of the WAN Ethernet port. The100MB LED is

lit if the WAN Ethernet port is linked at 100 MBps. The 100MB LED is off at 10 Mbps.

DMZ LEDs

LINK The LINK LED indicates link integrity for the DMZ Ethernet port. If the link is valid

at either 10 Mbps or 100 Mbps, the LINK LED is lit. If the DMZ Ethernet port link is invalid,

the LINK LED is off.

ACT The ACT (Activity) LED indicates either transmit or receive activity on the DMZ

Ethernet port. When activity is present, the ACT LED is lit. When no DMZ Ethernet port

activity is present, the ACT LED is off.

100MB The 100MB LED indicates the speed of the DMZ Ethernet port. The 100MB LED is

lit if the DMZ Ethernet port is linked at 100 Mbps. The 100MB LED is off if the DMZ Ethernet

port is linked at 10 Mbps.

Modem LEDs (DCD, RD, DTR, TD): These LEDs are not used.

System LEDs

HDD ACT The HDD ACT (Hard Disk Drive Activity) LED lights when the RF650VPN hard disk

drive is accessed.

ALERT The ALERT LED is not used.

POWER The POWER LED is off when the RF650VPN is in a reset state. When the POWER

LED is lit, the RF650VPN is not in a reset state.

PN 82013251

Back Panel

The RF650VPN back panel has a fan, a power plug, the Power Switch (| / o), an RJ-11 (LINE) jack,

a DB-9 (com1) jack, a DB-15 High-density DSUB (video) jack, two USB (Revision 1.1 compliant)

jacks, an RJ-45 (optional DMZ) jack, an RJ-45 (WAN) jack, and an RJ-45 (LAN) jack.

The RF650VPN back panel is illustrated and described below.

The RF650VPN Back panel

The back panel components are described in detail in the Cabling Procedure section in Chapter 2

of this manual.

Ship Kit Contents

The RF650VPN is shipped with the following:

•one RF650VPN

•one Power Cord

•one printed Quick Start Guide manual

•two Rack Mounting Brackets and four mounting screws

•one RF650VPN System CD with License key

If any of these items are missing, contact Multi-Tech Systems or your dealer or distributor.

Inspect the contents for signs of any shipping damage. If damage is observed, do not power up

the RF650VPN; contact Multi-Tech’s Tech Support for advice.

RF650VPN Quick Start Guide

Typical Applications

The RF650VPN combines VPN, firewall, and optional e-mail antivirus protection subscription in one

box. The RF650VPN is a cost-effective, manageable way for a small- to medium-sized business to

add Remote User VPN, Branch Office VPN, and/or Firewall Security applications to their network.

Remote User VPN. The client-to-LAN VPN application replaces traditional dial-in remote access

by allowing a remote user to connect to the corporate LAN through a secure tunnel over the

Internet. The advantage is that a remote user can make a local call to an Internet Service

Provider, without sacrificing the company’s security, as opposed to a long distance call to the

corporate remote access server.

Branch Office VPN. The LAN-to-LAN VPN application sends network traffic over the branch office

Internet connection instead of relying on dedicated leased line connections. This can save

thousands of dollars in line costs and reduce overall hardware and management expenses.

Firewall Security. As businesses shift from dial-up or leased line connections to always-on

broadband Internet connections, the network becomes more vulnerable to Internet hackers.

The RouteFinder provides a full-featured firewall based on Stateful Packet Inspection technology

and the NAT protocol to provide security from intruders attempting to access the office LAN.

The RF650VPN plugs in at the Internet connection of each office and provides three independent

network interfaces (LAN, WAN and DMZ) that separate the protected office network from the

Internet while providing an optional public network for hosting Web, e-mail or ftp servers.

Each network interface is independently monitored and visually displayed on the front of the

RouteFinder.

Other manuals for RouteFinder RF650VPN

Table of contents

Popular Security System manuals by other brands

Polon-Alfa

Polon-Alfa 4000 Installation and maintenance manual

Nexcom

Nexcom NViS 14162 Series user manual

Eminent

Eminent EM8670 Quick install

urmet domus

urmet domus alpha 1060 INSTALLATION AND USE BOOKLET

SmartPool

SmartPool YardGuard YG03 manual

DSC

DSC PC5964 Mounting instructions

Secure

Secure USAB-1 operating instructions

B&B

B&B 480 SERIES Operation & maintenance manual

ADEMCO

ADEMCO VISTA-20P Series Installation and setup guide

Inner Range

Inner Range Concept 2000 user manual

Johnson Controls

Johnson Controls PENN Connected PC10 Install and Commissioning Guide

Aeotec

Aeotec Siren Gen5 quick start guide

Swann

Swann SW-P-MC2 Specifications

Ecolink

Ecolink Siren+Chime user manual

EDM

EDM Solution 6+6 Wireless-AE installation manual

Siren

Siren LED GSM operating manual

Detection Systems

Detection Systems 7090i Installation and programming manual

FRIEDLAND

FRIEDLAND MA10 Installation and operating instructions

Multitech RouteFinder RF650VPN User manual

Popular Security System manuals by other brands