Before you use these scripts – Allied Telesis AlliedWare AR440S User Manual

Page 37 | AlliedWare™ OS How To Note: VPNs for Corporate Networks

Configuration scripts for headquarters and
branch offices

This section provides script-only versions of the three configurations described earlier in this
document. Scripts can provide a quicker way to configure your routers, through pre-editing
and downloading using TFTP or ZMODEM.

You can copy and paste the scripts below to an editor on your PC, modify addresses,
passwords and any other requirements for all your individual sites, and then use TFTP or
ZMODEM to transfer the files to your routers.

Please refer to the “Managing Configuration Files and Software Versions” chapter in the
Software Reference for more information about TFTP and ZMODEM.

Before you use these scripts

You need to do the following aspects of the security configuration by entering commands in
the command line instead of adding them to the scripts:

z

creating a security officer (this needs to be in the script as well)

add user=secoff pass=<your-secoff-password> priv=securityofficer

lo=yes telnet=yes

z

enabling system security

enable system security

z

logging in as security officer

login secoff

z

enabling the 3DES feature licence if it is not factory-enabled

enable feature=3des pass=<licence-number>

z

defining encryption keys for SSH and ISAKMP.

cre enco key=1 type=general value=<alphanumeric-preshared-key>

cre enco key=2 type=rsa length=1024 desc="host key" format=ssh

cre enco key=3 type=rsa length=768 desc="server key" format=ssh

Color coding

For your convenience, the scripts are color-coded:

headquarters

branch office 1

branch office 2