MultiTech RF560VPN Setup for PPTP Checklist

                    

This checklist documents the setup of a RF560VPN configured for a tunnel using the PPTP protocol

Client: ______________________

Computer Name_______________

Site Name_______________

OS: 

• Win XP Pro
• Win2k Pro
• Other: ______________________

Route Finder Info

SN__________________________

Product/Model #______________________

Firmware version _____________________

Private LAN MAC Address ______________________

Public MAC Address ______________________

NOTE: This document reflects a procedural change effective 10/07/2002

(all Windows XP Pro machines)

to use a password of perf on the Administrator account.

Machines built before this date

(Windows 2000 Pro and NT/4 machines) had no password on the Administrator account.

Connect devices

• Connect the WAN port on RF560 device to the Cable or DSL modem. This is the incoming signal
• (Optional) Connect the Serial port on the VPN device to the Dial-Up or ISDN modem
• The four LAN ports can be connected either:Straight to the PC’sOr to a hub or switch which then feeds to the server and PC’s
• Connect the 5VD port to the power supply, and power the unit up

Configure Server to setup RF560 unit

• From the server:

(computer that will share files)

Start > Run – CMD to open a command prompt

• Enter ipconfig to check settings
• If adapter is not set to 192.168.2.x, you need to run ipconfig /release   and then ipconfig /renew to reset adapter
• Configure TCP/IP using one of the following choices, depending on your current Operating System

Configure Windows NT/4

• Start > Settings > Control PanelDouble click Network icon
• At top of Network dialog box, click Protocols tab
• Select TCP/IP Protocol, then click Bindings tab
• Set Show Bindings for drop down box to all adapters,
• Double click your NIC adapter and verify that TCP/IP is listed as bound
• Click Protocols tab
• Select TCP/IP Protocol, then click Properties
• Click Obtain IP address from DHCP server, then OK

Configure Win2K Pro or XP Pro PC

• Start > Settings Control PanelDouble click on Network and Dial-up Connections
• Right click on Local Area Connection, then left click on Properties
• Select Internet Protocol [TCP/IP], you NIC should then display in the Connect Using box
• Click Properties, click Obtain IP address from DHCP server
• Click OK

Ping device

AT a PC, Start > Run > cmd to open a prompt. IPCONFIG at the prompt to ensure you are on the same network

Configure RouteFinder w/ Setup Wizard

• At a PC, open a web browser with an address of: http://192.168.2.1. This is the default address of the RouteFinder
• At Enter Network Password window, enter a user name of admin with a blank password (we will change password later). Click OK
• On Main Menu, click Setup Wizard button at top of screen. The button will turn blue to indicate screen is active.

Time Zone Settings

• Select Time Zone: __________ then Next

Device IP Settings

• Recommended settings:

use 192.168.2.1

NetMask of 255.255.255.0

IP address:                ____.____.____.____

IP subnet mask:

____.____.____.____

then Next

ISP Settings

The choices are:

• Connect to Cable ISP - This choice is selected for Cable, xDSL, dial-up, or ISDN modem when using a dynamic ip.
• Static IP Settings ISP - This choice is selected for Cable, xDSL, dial-up, or ISDN modem when using a static ip.

IP assigned by your ISP:

____.____.____.____

IP Subnet Mask:

____.____.____.____

ISP Gateway Address:

(Use WAN address of main loc)

• PPPoE Settings – This choice should be selected for a location using PPoE. PPoE is a common protocol used with DSL

User Name: _______________

Password: ________________

Idle Time: (no idle timeout)___

Connection Type:

Always (default) / On Demand

• PPTP Settings – This setting is not recommended. It is used in a European environment.
• Telstra Settings – This choice Is undefined at this time

ISP Additional Settings (optional)

If the ISP requires manual input of settings, please record them here:

• Your ISP requires these

DNS1:

____.____.____.____

DNS2:

____.____.____.____

• Your ISP requires a Host Name

Host Name: ___________

Domain Name: __________

• Your ISPP requires WAN MAC

WAN Ethernet MAC Address:

   ___.___.___.___.___.___

then Next

Modem Settings (Optional)

If a dialup modem is used as backup for DSL/Cable, or if a straight dialup modem is used, please record these settings here:

• Dialup Modem When Cable/xDSL is not connected

ISP Phone Number:

____.____.____

User Name:

____________

Password:

____________

Idle Time: (30 min) ____

Connection Type:

• Trigger on Demand
• Manually

External IP:

____.____.____.____

Baudrate: (115200) ____

Pre-Initial String: (AT) ____

Initial String: (AT S0=1)____

Dialup String: (ATDT) ____

then Next

VPN Settings

Use this screen to input LAN-to-LAN VPN settings and/or Client-to-LAN VPN settings. There are two options here.

IPSec Settings and PPTP Settings.

We will be using PPTP Settings.

• Click PPTP Settings from list on left side of screen
• Check the box for Enable PPTP
• PPTP pool – This selects addresses that will be used for PPTP. These addresses must be reserved from being used at the DHCP server.

from: xx.xx.xx.(190)____

     to: xx.xx.xx.(200)____

• Check the box for NetBIOS Enable

This will allow the client to see resources in Network Neighborhood

• DNS Server – Set these if using a DNS server on your local LAN.

____.____.____.___

____.____.____.___

• WINS Server – Set these if using a WINS server on your local LAN.

____.____.____.____

____.____.____.____

• User Authentication:

PAP / CHAP / (MSCHAP) _______

• Encryption Strength: None/(128)___
• Use RADIUS Authentication Remote Authentication Dial-In User Service

Default for this is unchecked.

This would be checked if using a local windows server dedicated to RADIUS authentication.

• Checked
• (Unchecked)

Radius Port: (1645)______

RADIUS Server IP:

____.____.____.___

Secret: ________________

(Secret  password, retype to verify)

• Use Local Client List:

Check this to have local client list used by program

• (Checked)
• Unchecked

• Click the New button NOTE: A new user will need to be configured for each remote client location login.

• Administration Client reserved for Perfection Support use

• Username – perfvpn800 - The Support Technician will need to enter this to login.
• Password – soft766q - The Support Technician remote client will need to enter this to login.
• Password Verification –

repeat soft766q

• Assign IP Address to the user – Default is to leave this box unchecked.

NOTE: Checking this box and entering a pre-assigned address will allow more granularity in security logs. This address must be reserved at the DHCP server.

IP address:  _________________

Click Save

• Client at Location 2

• Username – The remote client will need to enter this to login.

_________________

• Password - The remote client will need to enter this to login. _________________
• Password Verification – repeat
• Assign IP Address to the user – Default is to leave this box unchecked.

NOTE: Checking this box and entering a pre-assigned address will allow more granularity in security logs. This address must be reserved at the DHCP server.

IP address:  _________________

• Click Save

• Client at Location 3

• Username – The remote client will need to enter this to login.

_________________

• Password - The remote client will need to enter this to login. _________________
• Password Verification – repeat
• Assign IP Address to the user – Default is to leave this box unchecked.

NOTE: Checking this box and entering a pre-assigned address will allow more granularity in security logs. This address must be reserved at the DHCP server.

IP address:  _________________

Click Save

• Client at Location 4

• Username – The remote client will need to enter this to login.

_________________

• Password - The remote client will need to enter this to login. _________________
• Password Verification – repeat
• Assign IP Address to the user – Default is to leave this box unchecked.

NOTE: Checking this box and entering a pre-assigned address will allow more granularity in security logs. This address must be reserved at the DHCP server.

IP address:  _________________

Click Save

• Click Next
• Click Save and Restart
• NOTE: If you had changed the IP address of the RF560VPN unit, you will need to reset the IP address at the local desktop in order to maintain connectivity. Either:
• Change IP address manually
• At a command prompt perform an ipconfig /release and an ipconfig /renew

Configure DHCP Server Settings

• On the RouteFinder configuration web page, click on the Advanced Settings button in the top tool bar
• Click on DHCP Server Settings on the left tool bar
• Uncheck the Enable DHCP Server Functions button. By default we will not use the DHCP server on the RF560.
• IP Address Pool Range - This sets the addresses that will be available for the DHCP server to let out.

from: xx.xx.xx.____

     to: xx.xx.xx.____

• WINS Server Address – if you are using a WINS server on your local LAN
• IP Address Reservation – you may reserve addresses to not be included in the DHCP IP address pool here.
• Click Submit
• Save and Restart

Configure Remote User Privileges (optional)

NOTE: Remote access is NOT recommended. However, use this section to configure remote access if used.

• On the main page, click on Advanced Settings in the top tool bar
• Click Administration Settings on left
• Set the password to perfection
• Click Submit
• Check the button, Allow remote user to configure the device
• Leave Remote Administration Host IP at 0.0.0.0
• Uncheck Allow Remote User to Ping The Device
• Click Submit
• To log  system messages, under System Log: Check the box for System Log Function and enter the Log Server IP Address (this provides list of all system messages)

____.____.____.____

• Click Submit
• Save and Restart.

Check Device Status

• At Main Menu, click on Device Status. The line between RouteFinder and Cable/xDSL Modem should be solid. A broken line indicates a problem. This screen will auto-refresh every 20 seconds or so.
• On left side, click on VPN Status. Status should be Active and two States (P1:M and P2:Q) should be established. If State is not Active, you may click on Drop to reset.

Run System Diagnostics

• From Main Menu, click System Tools
• Click System Diagnostics from left side to perform a checkup
• Review settings
• To exit, select another option from left of screen

Save Settings to File

• From Main Menu, click System Tools
• Click Save Settings
• Click Save File
• Browse to :__________________

Logout

• Click Logout on left side of screen to logout

Load Default Settings

NOTE: This section is for reference only

• From Main Menu, click System Tools > Load Default Settings > Start
• This will load default settings and overwrite all previous settings

Reset Device

NOTE: For reference only! All settings will be reset to factory defaults! Hold reset button in until status LED’s of device blink. (this should be for at least 3 seconds) Then release reset button.

Troubleshooting

• Be careful of old legacy routers that are still on the network. Some may not pass PPTP properly. The SMC 7004ABR may be guilty of this.
• On legacy routers still used on network, check the MTU (packet size). It is usually set to 1500. If connection becomes unstable, lower this setting may stabilize the connection.