Nortel 252 用户指南
Chapter 5 User Notes 37
Nortel Business Secure Router 252 — Fundamentals
Both RIP-1 and RIP-2
Advanced Router Configuration
The following notes are intended to help with advanced router configuration.
Setting up the router when the system has a server
1
If you are using a Full-Feature NAT configuration, first, do the following...
a
In SUA/NAT / Address Mapping, add a 'Server' rule, specifying the
'Public' IP address of the server.
'Public' IP address of the server.
2
For both SUA-Only and Full-Feature NAT configurations, do the following...
a
In SUA/NAT : SUA Server, add server private IP address and port
number(s) to the SUA/NAT Server table.
number(s) to the SUA/NAT Server table.
b
In FIREWALL, add a WAN-to-LAN rule
c
If the service is not in the list of available services, add it as a 'Custom
Port'.
Port'.
d
Add the rule, selecting the service, and entering the server IP address as
the destination IP address.
the destination IP address.
Connecting two sites to establish a virtual private network
The recommended method to do this is through a branch-to-branch IPSec tunnel.
1
In VPN / Summary, add a new tunnel by editing an unused rule. Create an
Active, Branch Office tunnel.
Active, Branch Office tunnel.
a
Select 'Nailed Up' if the tunnel should not be closed while not in use.
b
Enter the authentication information, with either a pre-shared key or an
imported certificate.
imported certificate.
c
Enter the IP Address assigned to the router WAN port. This should be a
static address, or a dynamic DNS name, and the IP address of the remote
router.
static address, or a dynamic DNS name, and the IP address of the remote
router.
d
Select the encryption and authentication algorithms.
e
Add an IP policy, by specifying the IP address ranges of the local and
remote hosts that will use the tunnel.
remote hosts that will use the tunnel.