Filter
Top Products
Configuring the router > Perform initial security configuration on the router
Page 4 | AlliedWare™ OS How To Note: VPNs with Windows 2000 clients, without NAT-T
Configuring the router
This section contains a script file for running IPSec encapsulating L2TP on a Head Office AR400
series router, configured to support IPSec remote PC clients.
Using this script involves the following steps:
1. "Perform initial security configuration on the router", on this page.
2. Make a copy the script, which starts on page 5. Name it (for example) vpn.cfg.
3. Personalise IP addresses, passwords etc in the script, so that they apply to your network.
Placeholders for these are indicated in the script by text within < >.
4. Load the script onto the router using ZMODEM or TFTP.
5. "Set the router to use the configuration" on page 7.
6. Restart the router or activate the script.
Perform initial security configuration on the router
Before loading the configuration, you need to do the following steps.
1. Define a security officer.
add user=secoff password=<your-password> priv=securityofficer
This command must be in the configuration script as well.
2. Enable system security. Unless you do this, rebooting the router destroys encryption keys.
enable system security
3. Log in as the security officer.
login secoff
4. Generate a random key.
create enco key=1 type=general value=<alphanumeric-string>
Note the value of the string you have entered so that you can load it on the PC clients. This
shared key will be used to encrypt ISAKMP negotiation.