1. Home
    2. /
  2. Manuals
    3. /
  3. Nokia
    4. /
  4. IP45
    5. /
  5. 47
Page 231 / 342 Scroll up to view Page 226 - 230
High-Availability over VPN
Nokia IP45 Security Platform User’s Guide v4.0
231
HA Coupled With BGP
Figure 10
HA Solution Coupled with BGP
This scenario supplements the single device HA solution cater to device failures at branch office
coupled with dedicated link between the Nokia IP45 security platforms on DMZ ports and
internal BGP to synchronize the route updates from central office on both the devices. The
dedicated links between both the Nokia IP45 devices is secured with IPSec VPN.
Nokia IP45 (R1) acts as the default virtual router for the branch office network, and is connected
to RO1 by using DSL or a cable connection (preferred path). If any service interruption occurs in
the R1 LAN, Nokia IP45 (R2) takes over as the default virtual router and forwards the branch
office traffic on the DMZ to RO1 securely. If the IP45 (R1) device fails, R2 becomes master and
dial-up is activated. Now R2 connects to RO2 and establishes a VPN connection. R2,and the
BGP peer (R4) located in RO2 establish a BGP connection over VPN, and the traffic from
branch office flows through this alternative path. As soon as IP45 (R1) detects the established
BGP session on the DSL connection, the dial-up connection to RO2 on R2 is discontinued.
Page 232 / 342
11
High-Availability
232
Nokia IP45 Security Platform User’s Guide v4.0
Page 233 / 342
Nokia IP45 Security Platform User’s Guide v4.0
233
12
Configuring Nokia IP45 Through
Out-of-Band Management
This chapter explains how to configure the Nokia IP45 security platform using out-of-band
management (OOB) and includes the following topics:
±
Configuring OOB from the Nokia IP45 Security Platform GUI
±
Secure Shell and HTTPS Access Through Out-of-Band Dial-In
±
Remote Configuration Mode in the Nokia IP45 Security Platform
Overview
The Nokia IP45 security platform supports remote management by using Out-Of-Band
management (OOB), where the IP45 device acts as a remote access server (RAS) and waits for
the incoming call. To use OOB, connect a modem to the AUX port of your device with dial-up
Internet connection.
Out Of Band management is useful in the cases where you cannot connect to your device locally
by using either LAN, WAN or DMZ ports. In these cases, you can use OOB to connect the
device for normal operations. Nokia IP45 supports ISDN terminal adaptor or analog modems for
modem dial-in.
You can dial into the device using a dial-up Internet connection, and use HTTPS, SSH, and
SNMP protocols to configure or monitor the device. By default, OOB is enabled (factory
defaults) in the IP45 security platform.
To connect a modem to the Nokia IP45 security platform
1.
Connect a modem to the AUX port of your IP45 device.
2.
Dial in to the device from a computer that is configured with the dial-up connection.
3.
Use the username and password already defined to log in.
Page 234 / 342
12
Configuring Nokia IP45 Through Out-of-Band Management
234
Nokia IP45 Security Platform User’s Guide v4.0
Configuring OOB from the Nokia IP45
Security Platform GUI
Configure the modem settings from the IP45 GUI before you use the OOB feature.
To configure the modem settings from the IP45 security platform GUI
1.
Choose Network from the main menu.
The Internet page opens.
2.
Click the Ports tab.
The Ports page opens.
3.
Click Setup next to Serial.
The Port Setup page opens.
4.
Select Standard from the Modem Type drop-down list.
Note
To select a Custom Modem, use the command-line interface. This option is not
supported in GUI.
5.
Enter a suitable string next to Initialization String.This string is used to access additional
modem features.
For example, to disable the modem speakers, enter the initialization string ATM 0.
Note
To find the suitable init string, see the user manual of your modem.
6.
Select Tone or Pulse from the Dial Mode drop-down list.
Page 235 / 342
Secure Shell and HTTPS Access Through Out-of-Band Dial-In
Nokia IP45 Security Platform User’s Guide v4.0
235
7.
Select the port speed in bps from the Port Speed drop-down list.
This speed defines the modem port speed. The values can be 9600, 19200, 38400, 57600,
115200, 230400, or 460800 bps.
8.
Check Answer incoming PPP calls, to answer the incoming PPP calls.
9.
Click Apply to save your modem settings.
10.
Click Test to verify whether your modem settings are working.
Note
You cannot configure all of the OOB parameters from the IP45 GUI. The parameters that
cannot be configured from the GUI, such as the address of the OOB interface, destination
address of the OOB interface, and set IP header compression, have default values. You can
only use the CLI to change these values.
Secure Shell and HTTPS Access Through Out-of-Band
Dial-In
You can access and configure the Nokia IP45 security platform by using SSH or HTTPS. When
you dial in to Nokia IP45 from a modem (see
“To connect a modem to the Nokia IP45 security
platform”
on page 233 for details), you can establish a normal SSH or HTTPS session.
For details on using the Secure Shell, see
“Telnet Access”
on page 201, and for details on using
HTTPS see
“Enabling HTTPS Web Access”
on page 206.
Note
Allow SSH and HTTPS access on Nokia IP45 before you establish the sessions from OOB
dial-in. For more details, see
“Configuring Virtual Servers”
on page 149.
Remote Configuration Mode in the Nokia IP45 Security
Platform
You can use remote configuration mode to configure and manage your IP45 security platform
from a remote location. In this mode, firewall allows access to SSH/HTTPS from OOB for a
time period of 30 minutes, irrespective of the current firewall filters.
To boot your Nokia IP45 in Remote Configuration Mode, hold the Reset button and connect the
power to the device. The default username and password for OOB are
admin
and
password
respectively, if the first time password is not set
In this mode, the device is set to factory defaults.

Rate

3.5 / 5 based on 2 votes.

Popular Nokia Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top