Page 56 / 65 Scroll up to view Page 51 - 55
SmartRG™ Residential Gateways
P a g e
| 56
C o n f i d e n t i a l
S m a r t R G © 2 0 1 2
header by encapsulating it in an additional IP header. The outer IP header remains
unprotected.
5.
Enter the IP address of the tunnel’s remote IPSec gateway.
6.
Select either a single IP address or a subnet of IP addresses for the local end of the IPSec
tunnel.
7.
Enter either the single local IP address or the local subnet definition.
8.
Select either a single IP address or a subnet of IP addresses for the remote end of the
IPSec tunnel.
9.
Enter either the single remote IP address or the remote subnet definition.
10.
Select the Key Exchange Method. Keys can be exchanged manually (set identically on both
ends) or
automatically using “Internet Key Exchange” (IKE).
This example assumes the
selection of IKE.
11.
Select the Authentication Method. A
uthentication can be performed either with a “Pre
-
Shared Key” or a certificate.
This example assumes the selection of a Pre-Shared Key.
12.
Enter the Pre-Shared Key value. Both character and hexadecimal values are acceptable
(e.g. 0x123abc456def789 or VPN@tunnel_123)
13.
Enable/Disable Perfect Forward Secrecy. PFS ensures the same key will not be generated
again forcing a new Diffie-Hellman key exchange. This prohibits hackers from snooping a
present transmission to decipher a key and then use that key to observe future data
transmissions.
14.
Set the Phase 1 Advanced IKE Settings (establish a secure, authenticated channel):
a.
Select the Mode: “Main” mode is more secure but adds delay. “Aggressive” mode is
faster but less secure.
b.
Select the Encryption Algorithm: AES-256 is the most secure.
c.
Select the Integrity Algorithm: MD5 is a one way hash with a 128 bit digest. SHA1 is
a one way hash with a 160 bit digest.
d.
Select the Diffie-Hellman Group for Key Exchange. Diffie-Hellman is a cryptography
protocol enabling two devices to establish a shared secret via unsecured channels.
More bits provide greater security but come with increased time for key
computation.
e.
Specify the Key Life Time. Keys will be renewed after this interval.
15.
Set the Phase 2 Advanced IKE Settings (generate keys and negotiate the IPSec Security
Association):
a.
Repeat steps 14b-14e.
16.
Click
Apply/Save.
Page 57 / 65
Managing Your SmartRG™ Gateway
S m a r t R G © 2 0 1 2
C o n f i d e n t i a l
P
a
g
e
| 57
Managing Your SmartRG
Gateway
Save, Restore or Default Configurations
To save the existing gateway configuration to your hard drive:
1.
Select
Management -> Settings -> Backup.
2.
Click Backup xxx Settings.
NOTE
Two types of settings are available for backup:
-
Running Settings: settings governing the gateway’s operation at the present time
-
Default Settings: settings restored at the time of a factory default
You have the ability to create your own custom default settings.
To restore a previously saved gateway configuration as the gateway’s
running
settings:
1.
Select
Management -> Settings -> Update.
2.
Click the Choose File
button (under the “Update working settings” section) and browse to
find the saved config file on your hard drive (e.g. mySmartRGRunningConfig.conf)
3.
Click Update Working Settings.
To restore a previously saved gateway configuration as the gateway’s
default
settings:
1.
Select
Management -> Settings -> Update.
2.
Click the Choose File
button (under the “Update Default Broadband Router settings”
section) and browse to find the saved config file on your hard drive (e.g.
mySmartRGDefaultConfig.conf)
3.
Click Update Settings.
To restore the gateway to default settings:
1.
Select
Management -> Settings -> Restore Defaults.
2.
Click Restore Default Settings.
Page 58 / 65
SmartRG™ Residential Gateways
P a g e
| 58
C o n f i d e n t i a l
S m a r t R G © 2 0 1 2
Update Software
To update the gateway’s software:
1.
Select
Management -> Update Software.
2.
Browse to find the new gateway software on your hard drive (ex:
CA_2.4.3.7_24282_SR500N_fs_kernel
)
3.
Click Update Software.
NOTE
The software update process takes approximately 2 minutes to complete. Do NOT power
cycle the gateway until the software update process has completed.
Page 59 / 65
Managing Y
our SmartRG™ Gateway
S m a r t R G © 2 0 1 2
C o n f i d e n t i a l
P
a
g
e
| 59
Configure Time Settings
To set the gateway’s time zone and NTP server settings:
1.
Select
Management -> Internet Time.
2.
Select your time zone from the drop down list.
3.
(Optional) Select the first, second … NTP servers from the drop down lists. (A custom NTP
server can be configured by selecting “Other” from the drop down list and entering the
custom URL.)
Figure 46 Time Zone and NTP Server Settings
4.
Click Apply/Save.
Page 60 / 65
SmartRG™ Residential Gateways
P a g e
| 60
C o n f i d e n t i a l
S m a r t R G © 2 0 1 2
Configure Access Controls (HTTP, Telnet, SSH, etc.)
To enable/disable gateway management services such as HTTP, Telnet and SSH:
1.
Select
Management -> Access Control -> Services.
Figure 47 Enabling/Disabling HTTP, Telnet, SSH... Access
2.
Enable/disable LAN and/or WAN access to the various management services as desired .
3.
Click Save/Apply.
NOTE
For security reasons it is strongly recommended that WAN access to all services be
disabled accept during deployment or when troubleshooting.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top