Avaya SG5, SG5X, and SG200 Security Gateway Hardware Installation Guide 670-100-102 Issue 2 March 2004
Copyright 2004, Avaya Inc. All Rights Reserved Notice Every effort was made to ensure that the information in this document was complete and accurate at the time of release. However, information is subject to change. Warranty Avaya Inc. provides a limited warranty on this product. Refer to your sales agreement to establish the terms of the limited warranty.
To prevent intrusions to your telecommunications equipment, you and your peers should carefully program and configure: • Your Avaya-provided telecommunications systems and their interfaces • Your Avaya-provided software applications, as well as their underlying hardware/software platforms and interfaces • Any other equipment networked to your Avaya products.
Avaya further asserts that Avaya handset-equipped terminal equipment described in this document complies with Paragraph 68.316 of the FCC Rules and Regulations defining Hearing Aid Compatibility and is deemed compatible with hearing aids. Copies of SDoCs signed by the Responsible Party in the U. S. can be obtained by contacting your local sales representative and are available on the following Web site: http://www.avaya.
Table of Content About this book 7 Contacting technical support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Chapter 1 Introduction 9 Functional overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Appendix A Specifications Physical specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Environmental specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Electrical specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Compliance specifications . . . . . . . . . . . . . . . . . . . . . . . .
About this book Avaya SG5, SG5X, and SG200 is the new name for Avaya VSU5, VSU5X, and VSU 500 Security Gateways. Our documentation reflects these new names as of June, 2003. This guide describes the Avaya SG5, the SG5X, and the SG200 Security Gateways and how to install and preconfigure these devices. It is recommended that you read the entire installation guide before installing the security gateway.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Documentation The security gateway documentation includes both the Hardware Installation Guide and the Security Gateway Configuration Guide for VPNos. You can down load these guides from http://support.avaya.com. Navigate to Product Documentation, VPN and Security.
Chapter 1 Introduction Functional overview The Avaya SG5, SG5X, and SG200 security gateways are VPN gateways to virtual private networks (VPNs) for small business and home office users. The security gateway allows users to connect securely to their corporate networks and intranets through always-on connections such as DSL and cable modems.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Figure 1 SG200 security gateway Security The VSU provides data stream privacy by employing cryptographic algorithms and keys powerful enough for the most sensitive business communications. It supports DES and 3DES encryption, as well as the IKE key management standards. Data authenticity is assured by using MD5™ or SHA-1 hashing algorithms to reject altered or forged packets.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Plug-and-play installation The security gateway can be placed anywhere in a 10/100BASE-T LAN to provide VPN functionality. Native support for IP ensures that the security gateway interoperates transparently with the broadest range of intranet and other network applications.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Hardware components Figure 2 displays the back panel components on each of the security gateways.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Available ports The SG5 includes two 10/100BASE-T Ethernet ports that includes a public and private interface port. The SG5X includes one 10/100BASE-T Ethernet port on the public interface, and 7 10/100BASE-T Ethernet ports on the private interface. The SG200 includes two 10/100BASE-T Ethernet ports that includes a public and private interface port, RS-232 console port, and a PC Card Netgear (PCMCIA) expansion port.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide 14 Introduction March 2004
Chapter 2 Installing the security gateway General requirements This section describes the requirements your site must meet for safe installation and operation of your system. Ensure that you are properly prepared before beginning installation. Environmental requirements The security gateway is intended for use in a normal home office environment. For more extreme conditions, verify that temperature, humidity, and power conditions meet the specifications indicated in Table 2.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Power considerations Be sure that the power where the security gateway will be used is “clean” power (free of spikes and noise). Install a power conditioner if necessary. WARNING: This product relies on the building’s installation for shortcircuit (overcurrent) protection. Ensure that a fuse or circuit breaker no larger than 120 VAC, 15A U.S. (240 VAC, 10A international) is used on the phase conductor (all current-carrying conductors).
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Installing the security gateway Figure 3 shows a typical network using the SG5 security gateway.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Figure 4 shows a typical network using the SG5X security gateway.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Figure 5 shows a typical network using the SG200 security gateway.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Figure 6 Security gateway rear panel connectors Connect Cable between the SG5/5X Private Port and Hub or Workstation Connect Cable between the SG5/5X Public Port and the DSL/Cable Modem Connect Cable between the SG200 Private Port and Hub or Workstation Connect Cable between the SG200 Public Port and the DSL/Cable Modem 20 Installing the security gateway March 2004
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide The public port provides an Ethernet interface to the public network (through a DSL or cable modem), while the private port(s) connect to your local network, (typically through a hub in the case of the SG5). All Ethernet ports are 10/100BASE-T compliant host ports. They accept category 3, 4, or 5 UTP cabling terminated in an RJ-45 connector per IEEE 802.3 requirements for 10BASE-T.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide 22 Installing the security gateway March 2004
Chapter 3 Setting up the security gateway for configuration This chapter describes how to set up the security gateway addressing and remote connectivity capabilities in preparation for remote configuration using the VPNmanager software. This preliminary configuration is performed using a browser on your workstation connected to the security gateway’s Private Port.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Service provider provisioning Your Connection Type Before you begin, you will need to determine if your existing installation uses static IP addresses, dynamic addressing (DHCP), or PPPoE from your service provider. Typically, DSL connections use PPPoE and cable modems use DHCP. Your network administrator can provide you with the information you will need to complete a Quick Setup.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Connecting to the private port of the security gateway From the workstation’s control panel, select your TCP/IP network component for your Ethernet controller. In the IP Address window select “enable the setting” to “Obtain an IP address automatically” . Restart your workstation if the operating system asks you to do so.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide To connect to the security gateway 1. From a workstation on the private side of the security gateway, open your browser and type into the location field one of the following: • https://sg.private • https://192.168.1.1 (security gateway default address) 2. Click Yes to accept the security alert message. The security gateway Login window is displayed. Figure 8 Security gateway login screen 3.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Figure 9 Quick setup dialog In the IP Configuration area, select one of the following IP Config Modes. • Static Addressing. If you are going to use static addressing on the public port, click the Static Addressing radio button and enter your IP address, network mask, and default route information. • DHCP. If you plan to use DHCP, the public port automatically obtains its address from a DHCP server.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide 8. In the Centralized Management area, if VPNmanager is used, enter the Super User name superuser and Password enter password. Superuser and password are the default Super User name and Password for Centralized Management. If the Super User and Password are changed, be sure to change the defaults to a secure user name and password and make note of the change as this information is required to send updates from VPNmanager. 9.
Appendix A Specifications This appendix provides physical, environmental and electrical specifications for the security gateway, as well as standards compliance information. Physical specifications Table 3 Physical specifications Parameter SG5 SG5X SG200 Dimensions 6.0" W x 5.0" D x 1.5" H (15.24 x 12.7 x 3.82cm) 7.75" W x 6.5" D x 1.9" H (19.6 x 16.5 x 4.8 cm) 7.75" W x 6.5" D x 2.5" H (19.6 x 16.5 x 6.4 cm) Weight 10 ounces (283.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Environmental specifications Table 4 Environmental specifications Parameter Operating Specification Temperature 32-104°F, 0-40°C Relative Humidity 5-90%, non-condensing Altitude 0-12,000 feet, 0-3,660 meters Electrical specifications Table 5 Electrical specifications Parameter SG5 SG5X SG200 90-264 VAC 90-264 VAC 90-264 VAC Input Frequency 50-60 Hz 50-60 Hz 50-60 Hz AC input current 2.3A max. (100-240VAC) 2.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Compliance specifications Table 6 March 2004 Compliance specifications Parameter Specification Safety Certification CSA, CE, CB SCHEME, EN, C-Tick Mark EMI/RFI FCC Part 15, Class B, EN55022 Class B EN50082-1 VCCI BSMI Standards Compliance IEEE 802.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Additional features Table 7 32 Specifications Additional features Parameter Specification Encryption DES and 3DES encryption. DES uses a 56-bit key; 3DES uses three 56-bit independent keys for an effective key length of 168 bits. All weak and semi-weak keys are automatically discarded.
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide Index A L authentication specification 32 LAN connections log out 28 Login 26 C CE marks 4 compliance specifications 31 configuring static addressing,DHCP,PPPoE connections Ethernet LAN 21 router 21 contacting technical support 7 N network zones table by security gateway 27 Password 26 phone support 7 physical specification 29 plug-and-play installation 11 POST, error codes 24 Power On Self-Test 24 Q 8 Quick Setup E electrica
Avaya SG5, SG5X, & SG200 Security Gateway Hardware Installation Guide specifications 29 authentication 32 compliance 31 electrical 30 encryption 32 environmental 30 key management 32 physical 29 software upgrades 32 standards electromagnetic compatibility System Requirements 16 3 T technical support triple DES 10 7 W world wide web support 7 Z zones network type of 13 34 Index March 2004