Nokia Ipso ip350 User manual

IP350 and IP380

Appliance Installation

Guide

Part No. N450709003 Rev A

Published September 2004

All manuals and user guides at all-guides.com

all-guides.com

2 IP350 and IP380 Appliance Installation Guide

Rights reserved under the copyright laws of the United States.

RESTRICTED RIGHTS LEGEND

Use, duplication, or disclosure by the United States Government is subject to restrictions as set

forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at

DFARS 252.227-7013. Notwithstanding any other license agreement that may pertain to, or

accompany the delivery of, this computer software, the rights of the United States Government

regarding its use, reproduction, and disclosure are as set forth in the Commercial Computer

Software-Restricted Rights clause at FAR 52.227-19.

IMPORTANT NOTE TO USERS

This software and hardware is provided by Nokia Corporation as is and any express or implied

warranties, including, but not limited to, implied warranties of merchantability and fitness for a

particular purpose are disclaimed. In no event shall Nokia, or its affiliates, subsidiaries or

suppliers be liable for any direct, indirect, incidental, special, exemplary, or consequential

damages (including, but not limited to, procurement of substitute goods or services; loss of use,

data, or profits; or business interruption) however caused and on any theory of liability, whether in

contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use

of this software, even if advised of the possibility of such damage. Nokia reserves the right to

make changes without further notice to any products herein.

TRADEMARKS

Nokia is a registered trademark of Nokia Corporation.Other products mentioned in thisdocument

are trademarks or registered trademarks of their respective holders.

All manuals and user guides at all-guides.com

IP350 and IP380 Appliance Installation Guide 3

Nokia Contact Information

Corporate Headquarters

Regional Contact Information

Nokia Customer Support

Web Site http://www.nokia.com

Telephone 1-888-477-4566 or

1-650-625-2000

Fax 1-650-691-2170

Mail

Address Nokia Inc.

313 Fairchild Drive

Mountain View, California

94043-2215 USA

Americas Nokia Internet Communications

313 Fairchild Drive

Mountain View, CA 94043-2215

USA

Tel: 1-877-997-9199

Outside USA and Canada: +1 512-437-7089

email: ipsecurity.na@nokia.com

Europe,

Middle East,

and Africa

Nokia House, Summit Avenue

Southwood, Farnborough

Hampshire GU14 ONG UK

Tel: UK: +44 161 601 8908

Tel: France: +33 170 708 166

email: ipsecurity.emea@nokia.com

Asia-Pacific 438B Alexandra Road

#07-00 Alexandra Technopark

Singapore 119968

Tel: +65 6588 3364

email: ipsecurity.apac@nokia.com

Web Site: https://support.nokia.com/

Email: tac.support@nokia.com

Americas Europe

Voice: 1-888-361-5030 or

1-613-271-6721 Voice: +44 (0) 125-286-8900

Fax: 1-613-271-8782 Fax: +44 (0) 125-286-5666

Asia-Pacific

Voice: +65-67232999

Fax: +65-67232897

021216

All manuals and user guides at all-guides.com

4 IP350 and IP380 Appliance Installation Guide

All manuals and user guides at all-guides.com

IP350 and IP380 Appliance Installation Guide 5

Contents

About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

In This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Conventions This Guide Uses . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Command-Line Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Text Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

About the Nokia IP350 and IP380 IP Security Appliances. . . . . . . 17

Memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Encryption Acceleration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Managing the IP350 and IP380 Appliance. . . . . . . . . . . . . . . . . . . 18

Appliance Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Ethernet Management Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Built-in Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Built-in AUX Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Status LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Site Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

2 Installing the Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Rack Mounting the Appliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Connecting Power and Turning the Power On. . . . . . . . . . . . . . . . 29

Connecting Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

All manuals and user guides at all-guides.com

6 IP350 and IP380 Appliance Installation Guide

3 Performing the Initial Configuration . . . . . . . . . . . . . . . . . . . . . 33

Using a Console Connection to Perform the Initial Configuration . 34

Accessing Nokia Network Voyager . . . . . . . . . . . . . . . . . . . . . . . . 36

Accessing Voyager Reference Information. . . . . . . . . . . . . . . . . 37

Using Voyager to Monitor an IP350 or 380 Appliance . . . . . . . . 38

Using Nokia Horizon Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

4 Installing and Replacing Network Interface Cards . . . . . . . . . 39

Deactivating Configured Interfaces . . . . . . . . . . . . . . . . . . . . . . . . 40

Removing, Installing, and Replacing NICs. . . . . . . . . . . . . . . . . . . 40

Configuring and Activating Interfaces . . . . . . . . . . . . . . . . . . . . . . 46

Monitoring Network Interface Cards. . . . . . . . . . . . . . . . . . . . . . . . 47

5 Connecting PMC Network Interface Cards . . . . . . . . . . . . . . . . 49

Dual-Port 10/100 Ethernet Interface, PMC . . . . . . . . . . . . . . . . . . 49

Ethernet PMC NIC Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Ethernet NIC Connectors and Cables. . . . . . . . . . . . . . . . . . . . . 50

6 Installing and Replacing Other Components . . . . . . . . . . . . . . 53

Installing a PCMCIA Modem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Replacing a Hard-Disk Drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Replacing or Upgrading Memory . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Before You Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

Adding or Replacing DIMMs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Installing an Encryption Accelerator Card . . . . . . . . . . . . . . . . . . . 66

Before You Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Installing the Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Configuring Software to Use Hardware Acceleration . . . . . . . . . 71

7 Using the Boot Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Viewing the Variables and Other System Parameters . . . . . . . . 76

All manuals and user guides at all-guides.com

all-guides.com

IP350 and IP380 Appliance Installation Guide 7

Setting the Variables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Other commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Booting the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Using the Boot Manager to Install IPSO. . . . . . . . . . . . . . . . . . . . . 82

Protecting the Boot Manager with a Password . . . . . . . . . . . . . . . 83

Installing the Boot Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Upgrading the Boot Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

8 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

General Troubleshooting Information. . . . . . . . . . . . . . . . . . . . . . . 87

Troubleshooting Routing Problems . . . . . . . . . . . . . . . . . . . . . . . . 97

A Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Physical Dimensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Space Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

NIC Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

B Compliance Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Declaration of Conformity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

Compliance Statements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

FCC Notice (US) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

All manuals and user guides at all-guides.com

8 IP350 and IP380 Appliance Installation Guide

All manuals and user guides at all-guides.com

IP350 and IP380 Appliance Installation Guide 9

Figures

Figure 1 Component Locations Front View . . . . . . . . . . . . . . . . . 19

Figure 2 Component Locations Rear View . . . . . . . . . . . . . . . . . 20

Figure 3 Ethernet Management Ports Details . . . . . . . . . . . . . . . 20

Figure 4 Pin Assignments for Console Connection . . . . . . . . . . . 22

Figure 5 Pin Assignments for Modem Connection . . . . . . . . . . . 23

Figure 6 Appliance Status LEDs . . . . . . . . . . . . . . . . . . . . . . . . . 24

Figure 7 Mounting Screws Location . . . . . . . . . . . . . . . . . . . . . . 28

Figure 8 Adjustable Mounting Brackets . . . . . . . . . . . . . . . . . . . . 28

Figure 9 Back Panel Power Switch . . . . . . . . . . . . . . . . . . . . . . . 29

Figure 10 Voyager Reference Access Points . . . . . . . . . . . . . . . 37

Figure 11 Dual-Port Ethernet NIC Front Panel Details . . . . . . . . 50

Figure 12 Output Connector for the Ethernet Cable . . . . . . . . . . 51

Figure 13 Ethernet Crossover-Cable Pin Connections . . . . . . . . 52

Figure 14 Hard-Disk Drive Location . . . . . . . . . . . . . . . . . . . . . . 55

Figure 15 DIMM Socket Locations . . . . . . . . . . . . . . . . . . . . . . . 60

All manuals and user guides at all-guides.com

10 IP350 and IP380 Appliance Installation Guide

All manuals and user guides at all-guides.com

IP350 and IP380 Appliance Installation Guide 11

About this Guide

This manual provides information for the installation and use of the Nokia

IP350 and IP380 appliance. Installation and maintenance should be performed

by experienced technicians or Nokia-approved service providers only.

This preface provides the following information:



In This Guide



Conventions This Guide Uses



Related Documentation

In This Guide

This guide is organized into the following chapters and appendixes:



Chapter 1, “Overview” presents a general overview of the IP350 and

IP380 appliances.



Chapter 2, “Installing the Appliance” explains how to rack-mount the

appliance and how to physically connect it to a network and power.



Chapter 3, “Performing the Initial Configuration” explains how to make

the appliance available on the network.



Chapter 4, “Installing and Replacing Network Interface Cards” explains

how to install, monitor, and replace network interface cards (NICs).



Chapter 5, “Connecting PMC Network Interface Cards” explains how to

connect to and use each of the supported NICs.

All manuals and user guides at all-guides.com

all-guides.com

12 IP350 and IP380 Appliance Installation Guide



Chapter 6, “Installing and Replacing Other Components” explains how to

install or replace PCMCIA modems, memory, the hard-disk drive, and an

encryption accelerator card (IP380 only).



Chapter 7, “Using the Boot Manager” explains how to use the boot

manager, which is part of the IPSO software.



Chapter 8, “Troubleshooting” discusses problems you might encounter

and proposes solutions to these problems.



Appendix A, “Technical Specifications” gives technical specifications

such as interface characteristics.



Appendix B, “Warranty and Software License” contains Nokia warranty

and software license information.



Appendix C, “General Public Licensed Software” provides information

about publicly licensed software that comes with the appliance.



Appendix B, “Compliance Information” includes compliance and

regulatory information.



Appendix E, “Glossary” provides a glossary of acronyms used in this

document.

Conventions This Guide Uses

The following sections describe the conventions this guide uses, including

notices, text conventions, and command-line conventions.

Notices

Warning

Warnings advise the user that bodily injury might occur because of a

physical hazard.

All manuals and user guides at all-guides.com

Conventions This Guide Uses

IP350 and IP380 Appliance Installation Guide 13

Caution

Cautions indicate potential equipment damage, equipment

malfunction, loss of performance, loss of data, or interruption of

service.

Note

Notes provide information of special interest or recommendations.

Command-Line Conventions

This section defines the elements of commands that are available in Nokia

Internet Communications products. You might encounter one or more of the

following elements on a command-line path.

Table 1 Command-Line Conventions

Convention Description

command This required element is usually the product name or other

short word that invokes the product or calls the compiler or

preprocessor script for a compiled Nokia product. It might

appear alone or precede one or more options. You must

spell a command exactly as shown and use lowercase

letters.

Italics Indicates avariable in a command that you must supply. For

example:

delete interface if_name

Supply an interface name in place of the variable. For

example:

delete interface nic1

All manuals and user guides at all-guides.com

14 IP350 and IP380 Appliance Installation Guide

angle brackets < > Indicates arguments for which you must supply a value:

retry-limit <1–100>

Supply a value. For example:

retry-limit 60

Square brackets [ ] Indicates optional arguments.

delete [slot slot_num]

For example:

delete slot 3

Vertical bars, also

called a pipe (|) Separates alternative, mutually exclusive elements.

framing <sonet | sdh>

To complete the command, supply the value. For example:

framing sonet

framing sdh

-flag A flag is usually an abbreviation for a function, menu, or

option name, or for a compiler or preprocessor argument.

You must enter a flag exactly as shown, including the

preceding hyphen.

.ext A filename extension, such as .ext, might follow a variable

that represents a filename. Type this extension exactly as

shown, immediatelyafter the name of the file. The extension

might be optional in certain products.

Table 1 Command-Line Conventions (continued)

Convention Description

All manuals and user guides at all-guides.com

Conventions This Guide Uses

IP350 and IP380 Appliance Installation Guide 15

Text Conventions

Table 2 describes the text conventions this guide uses.

( . , ; + * - / ) Punctuation and mathematical notations are literal symbols

that you must enter exactly as shown.

' ' Single quotation marks are literal symbols that you must

enter as shown.

Table 1 Command-Line Conventions (continued)

Convention Description

Table 2 Text Conventions

Convention Description

monospace font

Indicates command syntax, or represents computer or

screen output, for example:

Log error 12453

bold monospace font Indicates text you enter or type, for example:

# configure nat

Key names Keys that you press simultaneously are linked by a

plus sign (+):

Press Ctrl + Alt + Del.

Menu commands Menu commands are separated by a greater than

sign (>):

Choose File > Open.

All manuals and user guides at all-guides.com

16 IP350 and IP380 Appliance Installation Guide

Related Documentation

The IP350 and IP380 documentation set consists of Release Notes for the

Nokia software release you are running, the IP350 and IP380 Appliance

Installation Guide (this document), a Voyager inline help feature, and the

Voyager Reference Guide (online).

You can find the IP350 and IP380 Appliance Installation Guide in PDF on the

World Wide Web support site (https://support.nokia.com/).

You can access inline help and the Voyager Reference Guide from Voyager.

To access inline help for a specific subject, click the Help button next to the

subject.

Access the Voyager Reference Guide for tasks, examples, and more

information by clicking the Doc button.

You can order Check Point documentation from Nokia or download it from

the Nokia support site at https://support.nokia.com/.

The words enter and type Enter indicates you type something and then press

the Return or Enter key.

Do not press the Return or Enter key when an

instruction says type.

Italics •Emphasizes a point or denotes new terms at the

place where they are defined in the text.

•Indicates an external book title reference.

•Indicates a variable in a command:

delete interface

if_name

Table 2 Text Conventions (continued)

Convention Description

All manuals and user guides at all-guides.com

all-guides.com

IP350 and IP380 Appliance Installation Guide 17

1Overview

This chapter provides an overview of the IP350 and IP380 appliances and the

requirements for using those appliances. The following topics are covered:



About the Nokia IP350 and IP380 IP Security Appliances



Managing the IP350 and IP380 Appliance



Site Requirements



Software Requirements



Managing the IP350 and IP380 Appliance

About the Nokia IP350 and IP380 IP Security

Appliances

The Nokia IP350 and IP380 IP security appliances combine the power of

Nokia IPSO software with your choice of firewall, VPN, and intrusion

detection security applications. Both platforms share the same one-rack unit

(1 RU) size and support the same selection of network interface cards.

Memory

The IP350 appliance supports from 256 MB to 512 MB of memory.

The IP380 appliance supports from 256 MB to 1 GB of memory and provides

approximately twice the throughput of the IP350.

All manuals and user guides at all-guides.com

1Overview

18 IP350 and IP380 Appliance Installation Guide

Encryption Acceleration

Both the IP350 and IP380 appliances provide built-in hardware-based

encryption acceleration. The IP380 appliance also supports an optional

encryption accelerator card to further enhance VPN performance.

This guide provides documentation for both the IP350 and IP380 appliances.

Most of the information for how to use these two appliances is the same.

Where differences exist, they are noted in the documentation.

The Nokia IP350 and IP380 appliances are ideally suited for growing

companies and satellite offices that want high-performance IP routing

combined with the industry-leading Check Point VPN-1/FireWall-1 enterprise

security suite. The small size of the IP350 and IP380 appliance makes them

ideal for installations that need to conserve space.

As network devices, the IP350 and IP380 appliances support a comprehensive

suite of IP-routing functions and protocols, including RIPv1/RIPv2, IGRP,

OSPF and BGP4 for unicast traffic, and DVMRP for multicast traffic. The

integrated router functionality eliminates the need for separate intranet and

access routers in security applications.

Managing the IP350 and IP380 Appliance

You can manage the IP350 and IP380 appliances by using one of the

following interfaces:



Nokia Network Voyager—an SSL-secured, Web-based element

management interface to Nokia IP security platforms. Voyager is

preinstalled on the IP350 and IP380 appliance and enabled through the

IPSO operating system. With Voyager, you can manage, monitor, and

configure the IP350 and IP380 appliance from any authorized location

within the network by using a standard Web browser.

For information about how to access Voyager and the related reference

materials, see “Accessing Nokia Network Voyager” on page 36.



The IPSO command-line interface (CLI)—an SSHv2-secured interface

that enables you to easily configure Nokia IP security platforms

All manuals and user guides at all-guides.com

Appliance Overview

IP350 and IP380 Appliance Installation Guide 19

from the command line. Everything that you can accomplish with

Voyager—manage, monitor, and configure the IP350 and IP380

appliance—you can also do with the CLI.

For information about how to access the CLI, see the Nokia CLI

Reference Guide for IPSO v3.6 or later.



Nokia Horizon Manager—a secure GUI-based software image

management application. With Horizon Manager, you can securely install

and upgrade the Nokia proprietary IPSO operating system, plus hardware

and third-party applications such as Check Point FireWall-1 and

RealSecure for Nokia. Horizon Manager can perform installations and

upgrades on up to 2,500 Nokia IP security platforms, offering

administrators the most rapid and dependable upgrade to Check Point NG.

For information about how to obtain Horizon Manager, see “Nokia

Contact Information” on page 3.

Appliance Overview

The following figures show component locations for the IP350 and IP380.

Figure 1 Component Locations Front View

00248a

Built-in Ethernet ports

(10/100 Mbps)

PMC interfaces

Status LEDs Modem (AUX) port

PCMCIA slotsReset switch Console port

All manuals and user guides at all-guides.com

1Overview

20 IP350 and IP380 Appliance Installation Guide

Figure 2 Component Locations Rear View

Ethernet Management Ports

The Ethernet management ports are located on the front of the appliance.

Figure 3 shows the layout of the Ethernet management ports and link LEDs.

Note

The Ethernet management ports are intended for management purposes.

These ports do not provide the same performance as Ethernet cards in

the PMC slots.

Figure 3 Ethernet Management Ports Details

Caution

Cables that connect to the Ethernet ports must be IEEE 802.3

compliant to prevent potential data loss.

00249

Power plugPower switch

00120

Activity LED (yellow)

Link LED (green)

RJ-45 connector

All manuals and user guides at all-guides.com

Other manuals for IPSO IP350

This manual suits for next models

Table of contents

Other Nokia Security System manuals

Nokia

Nokia EM5400 User manual

Nokia

Nokia IP561 User manual

Nokia

Nokia IP560 - Hard Disk Drive Based User manual

Nokia

Nokia IP200 Series User manual

Nokia

Nokia IP40 - Satellite Unlimited - Security... User manual

Nokia

Nokia IP60 - Security Appliance User manual

Nokia

Nokia IP300 Series User manual

Nokia

Nokia IP150 User manual

Nokia

Nokia 6 User manual

Nokia

Nokia IP1220 - Security Appliance User manual

Nokia

Nokia IP1200 Series User manual

Popular Security System manuals by other brands

Ecco

Ecco EB7930 Series Installation and operation instructions

Wheelock

Wheelock SAFEPATH SCSP-15SP Installation, testing, operation and maintenance manual

DIVERSITECH

DIVERSITECH UA-1 installation instructions

FBII

FBII XL4612RM owner's manual

Velleman

Velleman PEM7DW user manual

Security Labs

Security Labs SLM452 quick start guide

ADE

ADE Accenta G3 operating instructions

Venner

Venner DruGuardian operating manual

Ness

Ness 5000 Series installation manual

DSC

DSC PC55O instruction manual

RSIalarm

RSIalarm videofied SE600 Installation guidelines

Super Circuits

Super Circuits SY703XX Installation and setup guide

Honeywell

Honeywell L5200 Series user guide

Riken Keiki

Riken Keiki RM-5000 Series User Manual for Communication

Lorex

Lorex SILVANIA SY15F6584 instruction manual

Fluke

Fluke 1060AM-NM-LRVAR Operators Operator's manual

Pittway

Pittway SYSTEM SENSOR SpectrAlert H12 Installation and maintenance instructions

Pittway

Pittway Notifier AM2020 manual

Nokia IPSO IP350 User manual

Popular Security System manuals by other brands