Installation Guide
Page 5
... the Initial Hardware Setup 3-1 Preparing to Configure a New LanRover VPN Gateway/LanRover VPN Express . . . . 3-2 Setting Up a Basic Routing Mode Configuration on a New Device 3-4 Using Bridge Mode With the LanRover VPN Gateway/LanRover VPN Express . . . . . 3-8 Connecting the Device to the Network 3-12 Configuring Syslog for Troubleshooting 3-13 Installing Shiva VPN Manager 4-1 Overview to Installing Shiva VPN Manager 4-1 Installing Shiva VPN Manager 4-2 Adding a LanRover VPN Gateway/LanRover VPN Express with Shiva VPN Manager 4-4 Saving New Device Information to a Configuration File...
... the Initial Hardware Setup 3-1 Preparing to Configure a New LanRover VPN Gateway/LanRover VPN Express . . . . 3-2 Setting Up a Basic Routing Mode Configuration on a New Device 3-4 Using Bridge Mode With the LanRover VPN Gateway/LanRover VPN Express . . . . . 3-8 Connecting the Device to the Network 3-12 Configuring Syslog for Troubleshooting 3-13 Installing Shiva VPN Manager 4-1 Overview to Installing Shiva VPN Manager 4-1 Installing Shiva VPN Manager 4-2 Adding a LanRover VPN Gateway/LanRover VPN Express with Shiva VPN Manager 4-4 Saving New Device Information to a Configuration File...
Installation Guide
Page 9
... of the LanRover VPN Gateway/LanRover VPN Express • Upgrade instructions for your LanRover VPN Gateway/LanRover VPN Express to the network, and set up a basic routing mode or bridge mode configuration on a new LanRover VPN Gateway/LanRover VPN Express. 4. Before You Install This chapter lists the system hardware and software requirements for installing the LanRover VPN Gateway/LanRover VPN Express and gives an overview of each installation component. 2. 1 Purpose Overview Chapter and Appendix Contents Getting Started Getting Started The purpose of this manual and explains...
... of the LanRover VPN Gateway/LanRover VPN Express • Upgrade instructions for your LanRover VPN Gateway/LanRover VPN Express to the network, and set up a basic routing mode or bridge mode configuration on a new LanRover VPN Gateway/LanRover VPN Express. 4. Before You Install This chapter lists the system hardware and software requirements for installing the LanRover VPN Gateway/LanRover VPN Express and gives an overview of each installation component. 2. 1 Purpose Overview Chapter and Appendix Contents Getting Started Getting Started The purpose of this manual and explains...
Installation Guide
Page 11
... secure virtual private networks for Shiva VPN Client connections. The LanRover VPN Gateway/LanRover VPN Express goes further than one LanRover VPN Gateway or LanRover VPN Express can act either as an IP router or as a packet filter and a stateful inspection proxy. The LanRover VPN Gateway/LanRover VPN Express performs three major functions: • At the communications level, the LanRover VPN Gateway/ LanRover VPN Express can be used for load balancing and redundancy for VPN tunnels that is a hardware/ software security system that processes data packets as a bridge, work...
... secure virtual private networks for Shiva VPN Client connections. The LanRover VPN Gateway/LanRover VPN Express goes further than one LanRover VPN Gateway or LanRover VPN Express can act either as an IP router or as a packet filter and a stateful inspection proxy. The LanRover VPN Gateway/LanRover VPN Express performs three major functions: • At the communications level, the LanRover VPN Gateway/ LanRover VPN Express can be used for load balancing and redundancy for VPN tunnels that is a hardware/ software security system that processes data packets as a bridge, work...
Installation Guide
Page 12
..., or Windows NT TCP/IP stack. This provides desktop-to-gateway security within a network. The Shiva VPN Client allows you to centrally manage multiple LanRover VPN Gateway/LanRover VPN Express devices across multiple sites within a local area network or across any Internet service provider (ISP) and use the Shiva VPN Client to create a secure channel back to Shiva VPN Client users. All other LanRover VPN Gateway series products. It enables administrators to create and configure tunnels through which eliminates the need for expensive dial-in throughput over a software-only...
..., or Windows NT TCP/IP stack. This provides desktop-to-gateway security within a network. The Shiva VPN Client allows you to centrally manage multiple LanRover VPN Gateway/LanRover VPN Express devices across multiple sites within a local area network or across any Internet service provider (ISP) and use the Shiva VPN Client to create a secure channel back to Shiva VPN Client users. All other LanRover VPN Gateway series products. It enables administrators to create and configure tunnels through which eliminates the need for expensive dial-in throughput over a software-only...
Installation Guide
Page 15
... the LanRover VPN Gateway/ LanRover VPN Express command line in Chapter 3.) The hardware and software requirements for Shiva VPN Manager Release 6.7 include: • PC or PC-compatible desktop computer • Windows 95 (B) or OSR2, Windows 98, Windows NT 4.0, or Windows 2000 (Workstation or Server version with Service Pack 4, minimum, for Winsock 2.0 LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide 2-1 At least 32 MB of free disk space - At least 5 MB of RAM - You must include: • 16 MB of flash memory...
... the LanRover VPN Gateway/ LanRover VPN Express command line in Chapter 3.) The hardware and software requirements for Shiva VPN Manager Release 6.7 include: • PC or PC-compatible desktop computer • Windows 95 (B) or OSR2, Windows 98, Windows NT 4.0, or Windows 2000 (Workstation or Server version with Service Pack 4, minimum, for Winsock 2.0 LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide 2-1 At least 32 MB of free disk space - At least 5 MB of RAM - You must include: • 16 MB of flash memory...
Installation Guide
Page 17
... the installation process for your LanRover VPN Gateway/LanRover VPN Express: Complete preinstallation requirements Refer to the Installation Preparation Checklist in Chapter 2 Perform the initial hardware setup Refer to Chapter 3 Set up a basic routing mode configuration and connect the device to the network Install and configure the Shiva VPN Manager software Install and configure the Shiva VPN Client software Refer to Chapter 3 Refer to Chapter 4 Refer to Chapter 5 Installation Preparation Checklist (page 2-4) LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide 2-3
... the installation process for your LanRover VPN Gateway/LanRover VPN Express: Complete preinstallation requirements Refer to the Installation Preparation Checklist in Chapter 2 Perform the initial hardware setup Refer to Chapter 3 Set up a basic routing mode configuration and connect the device to the network Install and configure the Shiva VPN Manager software Install and configure the Shiva VPN Client software Refer to Chapter 3 Refer to Chapter 4 Refer to Chapter 5 Installation Preparation Checklist (page 2-4) LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide 2-3
Installation Guide
Page 18
.../LanRover VPN Express when the device is connected and the IP address of the following configurations: • One-Armed Router Configuration • In-Line Router Configuration • In-Parallel Configuration For more complete information on these devices are added to the Appendix, "Network Infrastructure Checklists," for the X.509 certificate LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide The checklists can be integrated into your existing network in a factory-default state ___If the LanRover VPN Gateway/LanRover VPN Express is behind your firewall...
.../LanRover VPN Express when the device is connected and the IP address of the following configurations: • One-Armed Router Configuration • In-Line Router Configuration • In-Parallel Configuration For more complete information on these devices are added to the Appendix, "Network Infrastructure Checklists," for the X.509 certificate LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide The checklists can be integrated into your existing network in a factory-default state ___If the LanRover VPN Gateway/LanRover VPN Express is behind your firewall...
Installation Guide
Page 23
... your setup script. 7. Run your terminal emulation program. 5. Check power supply voltage setting. 3. Establish an initial session between your PC and your device to the network. Configure Syslog for troubleshooting. 8. Connect your LanRover VPN Gateway/LanRover VPN Express. 6. Preparing to your LanRover VPN Gateway/LanRover VPN Express and your PC. 2. Turn on the LanRover VPN Gateway/LanRover VPN Express. 4. Physically connect the supplied DB-9 cable to Configure a New LanRover VPN Gateway/LanRover VPN Express (page 3-2) LanRover VPN Gateway/LanRover VPN Express Installation...
... your setup script. 7. Run your terminal emulation program. 5. Check power supply voltage setting. 3. Establish an initial session between your PC and your device to the network. Configure Syslog for troubleshooting. 8. Connect your LanRover VPN Gateway/LanRover VPN Express. 6. Preparing to your LanRover VPN Gateway/LanRover VPN Express and your PC. 2. Turn on the LanRover VPN Gateway/LanRover VPN Express. 4. Physically connect the supplied DB-9 cable to Configure a New LanRover VPN Gateway/LanRover VPN Express (page 3-2) LanRover VPN Gateway/LanRover VPN Express Installation...
Installation Guide
Page 24
... a console window with it is in a factory-default state, the only way to the COM port on which you must complete the following tasks: 1. Plug in your environment. 3. Connect the supplied DB-9 cable to have the console window. You run the setup script to the proper voltage used in the power cable. 4. Creating a Console Window To create a Console window: 1. Set power supply voltage. 3. Turn on your terminal emulation program. Make a note of the LanRover VPN Gateway/LanRover VPN Express...
... a console window with it is in a factory-default state, the only way to the COM port on which you must complete the following tasks: 1. Plug in your environment. 3. Connect the supplied DB-9 cable to have the console window. You run the setup script to the proper voltage used in the power cable. 4. Creating a Console Window To create a Console window: 1. Set power supply voltage. 3. Turn on your terminal emulation program. Make a note of the LanRover VPN Gateway/LanRover VPN Express...
Installation Guide
Page 27
.... LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide 3-5 Press Enter three times. Next, a name-and-state prompt similar to configure your new LanRover VPN Gateway/LanRover VPN Express. Running the Setup Script Setting Up a Basic Routing Mode Configuration on the screen: hostname:SAFE> 11. Wait 60 seconds. At the name-and-state prompt, enter enable. Click Save. You return to normal mode. In the File name field, select the file name you enter the password...
.... LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide 3-5 Press Enter three times. Next, a name-and-state prompt similar to configure your new LanRover VPN Gateway/LanRover VPN Express. Running the Setup Script Setting Up a Basic Routing Mode Configuration on the screen: hostname:SAFE> 11. Wait 60 seconds. At the name-and-state prompt, enter enable. Click Save. You return to normal mode. In the File name field, select the file name you enter the password...
Installation Guide
Page 28
... want to disable bridge mode and set the Manager Password, enter password. 3-6 For example, if you want to the Internet. To set the host name of dynamic routing table updates. To run the setup script on a device that provides a route to call the device. The LanRover VPN Gateway/LanRover VPN Express does not support Routing Information Protocol (RIP) or any other routing information must be configured statically using the command shell (through the console window) or Shiva VPN Manager. 9. Performing the Initial Hardware Setup Note...
... want to disable bridge mode and set the Manager Password, enter password. 3-6 For example, if you want to the Internet. To set the host name of dynamic routing table updates. To run the setup script on a device that provides a route to call the device. The LanRover VPN Gateway/LanRover VPN Express does not support Routing Information Protocol (RIP) or any other routing information must be configured statically using the command shell (through the console window) or Shiva VPN Manager. 9. Performing the Initial Hardware Setup Note...
Installation Guide
Page 32
... LanRover VPN Gateway/LanRover VPN Express device's ARP cache for an address that contain devices in its interfaces, then the LanRover VPN Gateway/LanRover VPN Express broadcasts a new ARP request out of your network traffic if the devices on the LanRover VPN Gateway/LanRover VPN Express. 2. The ARP request is going to an interface on the LanRover VPN Gateway/LanRover VPN Express. 2. When Bridge Mode Should Be Used A LanRover VPN Gateway/LanRover VPN Express should be connected between an existing 3-10 If a device responds to another interface. In router mode, the LanRover VPN...
... LanRover VPN Gateway/LanRover VPN Express device's ARP cache for an address that contain devices in its interfaces, then the LanRover VPN Gateway/LanRover VPN Express broadcasts a new ARP request out of your network traffic if the devices on the LanRover VPN Gateway/LanRover VPN Express. 2. The ARP request is going to an interface on the LanRover VPN Gateway/LanRover VPN Express. 2. When Bridge Mode Should Be Used A LanRover VPN Gateway/LanRover VPN Express should be connected between an existing 3-10 If a device responds to another interface. In router mode, the LanRover VPN...
Installation Guide
Page 40
... step 6 in the default directory. The software begins to the licensing information screens, click Next. 4. Then a window asks you if you would like to back up this section, you install Shiva VPN Manager on a regular basis. 4-2 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide Setup adds an icon to begin the installation procedure. 2. This directory contains the executable file and an encrypted binary file that stores the names and IP addresses...
... step 6 in the default directory. The software begins to the licensing information screens, click Next. 4. Then a window asks you if you would like to back up this section, you install Shiva VPN Manager on a regular basis. 4-2 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide Setup adds an icon to begin the installation procedure. 2. This directory contains the executable file and an encrypted binary file that stores the names and IP addresses...
Installation Guide
Page 42
...: Because a LanRover VPN Gateway/LanRover VPN Express can have many IP addresses, you do change the host name, click Commit to update the configuration. 5. This is the default user name from the setup script, and is case sensitive. In the Password field, enter password. 4-4 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide Enter the IP address of the device. In the File Menu, select Add Device. If you must enter an IP address on the device through the console window. Open the Shiva VPN Manager software. 2. In the...
...: Because a LanRover VPN Gateway/LanRover VPN Express can have many IP addresses, you do change the host name, click Commit to update the configuration. 5. This is the default user name from the setup script, and is case sensitive. In the Password field, enter password. 4-4 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide Enter the IP address of the device. In the File Menu, select Add Device. If you must enter an IP address on the device through the console window. Open the Shiva VPN Manager software. 2. In the...
Installation Guide
Page 53
... VPN Client Logon window appears. The General Tab appears. Note: Set up your computer, you are using a SecurID or RADIUS authenticated security profile. 4. Enter Peer IP and Peer Name in the window that you want the tunnel to apply to use. LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide 5-5 Enter your network administrator. 6. Note: The password is used only for the purpose of tunnel you make up networking, Ethernet, and so on your authentication...
... VPN Client Logon window appears. The General Tab appears. Note: Set up your computer, you are using a SecurID or RADIUS authenticated security profile. 4. Enter Peer IP and Peer Name in the window that you want the tunnel to apply to use. LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide 5-5 Enter your network administrator. 6. Note: The password is used only for the purpose of tunnel you make up networking, Ethernet, and so on your authentication...
Installation Guide
Page 66
... VPN Manager: 1. In the Start menu, select Settings, then select Control Panel. Note: When you how to the default directory for new installations was ICM, and the path name to ensure that , for example, any 7-2 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide The Add/Remove Programs Properties window appears. 4. Click Add/Remove. The path name to remove an existing version of the Shiva VPN Manager software is: Program Files\Intel\Shiva VPN Manager If you have been removed...
... VPN Manager: 1. In the Start menu, select Settings, then select Control Panel. Note: When you how to the default directory for new installations was ICM, and the path name to ensure that , for example, any 7-2 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide The Add/Remove Programs Properties window appears. 4. Click Add/Remove. The path name to remove an existing version of the Shiva VPN Manager software is: Program Files\Intel\Shiva VPN Manager If you have been removed...
Installation Guide
Page 68
... Logoff. Be sure to ensure that all files and entries have a previous version of Shiva VPN Client installed, the Release 6.75 or later Shiva VPN Client software detects the previous default directory and uses it instead of Shiva VPN Client, the new default installation directory is Shiva VPN Client. The software closes. 2. If Shiva VPN Client is automatically removed from the directory structure and registry. 7-4 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide The Add/Remove Programs Properties window appears. 4.
... Logoff. Be sure to ensure that all files and entries have a previous version of Shiva VPN Client installed, the Release 6.75 or later Shiva VPN Client software detects the previous default directory and uses it instead of Shiva VPN Client, the new default installation directory is Shiva VPN Client. The software closes. 2. If Shiva VPN Client is automatically removed from the directory structure and registry. 7-4 LanRover VPN Gateway/LanRover VPN Express Installation and Upgrade Guide The Add/Remove Programs Properties window appears. 4.
Installation Guide
Page 83
... LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide A-1 The Port Combinations table at the end of this appendix provides the ports you support on your LanRover VPN Gateway/LanRover VPN Express • A Port Combinations table to gather network information that is in front of authentication server. Checklist Router Checklists Firewall Checklists Internal Network Checklists Authentication Checklists Task You provide each router's manufacturer, model, operating system, IP address, and subnet mask. You provide authentication method and IP address of a LanRover...
... LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide A-1 The Port Combinations table at the end of this appendix provides the ports you support on your LanRover VPN Gateway/LanRover VPN Express • A Port Combinations table to gather network information that is in front of authentication server. Checklist Router Checklists Firewall Checklists Internal Network Checklists Authentication Checklists Task You provide each router's manufacturer, model, operating system, IP address, and subnet mask. You provide authentication method and IP address of a LanRover...
Installation Guide
Page 91
... LanRover VPN Gateway/LanRover VPN Express to a Data Service Unit/Channel Service Unit (DSU/ CSU device with a DCE interface, use a DCE adapter cable. • If you connect the LanRover VPN Gateway/LanRover VPN Express in frame relay bridge mode, it connects a frame relay device (having a DTE interface) with a DSU/CSU (having a DCE interface). LanRover VPN Gateway/ LanRover VPN Express (DTE) DSU/CSU (DCE) (DTE) Frame Relay Device (DCE) DTE Adapter Cable DCE Adapter Cable LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide A-9 The LanRover VPN Gateway/LanRover VPN...
... LanRover VPN Gateway/LanRover VPN Express to a Data Service Unit/Channel Service Unit (DSU/ CSU device with a DCE interface, use a DCE adapter cable. • If you connect the LanRover VPN Gateway/LanRover VPN Express in frame relay bridge mode, it connects a frame relay device (having a DTE interface) with a DSU/CSU (having a DCE interface). LanRover VPN Gateway/ LanRover VPN Express (DTE) DSU/CSU (DCE) (DTE) Frame Relay Device (DCE) DTE Adapter Cable DCE Adapter Cable LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide A-9 The LanRover VPN Gateway/LanRover VPN...
Installation Guide
Page 94
...; Authentication types • IP address and port for certificate authority (if applicable) Authentication Types Determine which authentication methods to -site connections. Security Type Version Certificate Authority N/A Challenge Phrases N/A SecurID Shiva Access Manager RADIUS NT Domain Other 1 Other 2 Remote Users Site-toSite A-12 LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide Network Infrastructure Checklists Authentication Checklists To set up authentication for remote users and site-to use a third-party authentication method, specify the version...
...; Authentication types • IP address and port for certificate authority (if applicable) Authentication Types Determine which authentication methods to -site connections. Security Type Version Certificate Authority N/A Challenge Phrases N/A SecurID Shiva Access Manager RADIUS NT Domain Other 1 Other 2 Remote Users Site-toSite A-12 LanRover VPN Gateway/LanRover Express Installation and Upgrade Guide Network Infrastructure Checklists Authentication Checklists To set up authentication for remote users and site-to use a third-party authentication method, specify the version...