Filter
Top Products
Page 16 | AlliedWare™ OS How To Note: VPNs for Corporate Networks
branch office
1
How to configure the AR440S router at branch office
1
Before you begin to configure your router, ensure that it is running the appropriate software
release, patch and GUI files and has no configuration.
set inst=pref rel=<rel-file> pat=<patch-file> gui=<gui-file>
set conf=none
disable system security
restart reboot
Note: A software QoS extension to this configuration, to prioritise VoIP traffic over the
VPNs, is available in "How to prioritise outgoing VoIP traffic from the branch office
1
router" on page 33.
Name the router
set system name=Branch1
Define a security officer.
add user=secoff pass=<your-secoff-password> priv=securityofficer
lo=yes telnet=yes
Do not forget your “secoff” password.
Enable security mode so that VPN keys are stored securely, and other security features are
enabled.
enable system security
Once security mode is enabled, you need to log in as a security officer to enter most
configuration-altering commands.
login secoff
password: <your-secoff-password>
It is important to keep this security officer username and password secure, and to consider
proper handover of it in the event of IT staff changes.
Also, we recommend you leave a “manager” privilege user defined because this may provide
backup access if the security officer password is lost. Do not leave the manager password at
the factory default—change it to a password in keeping with your company's security policy.
set user=manager password=<your-company-policy-password>
When security mode is enabled, router configuration access times out after inactivity to
prevent unauthorised access. The default timeout is 60 seconds, but you may temporarily
raise it to 600 seconds if desired.
set user securedelay=600
1. Configure general system and user settings