Presentation is loading. Please wait.

Presentation is loading. Please wait.

Connect2TI Upgrade Using Broadband at Home Updated February 28, 2005 Charise Bell / Rondo Estrello Remote Connectivity Customer Care Client Services &

Similar presentations


Presentation on theme: "Connect2TI Upgrade Using Broadband at Home Updated February 28, 2005 Charise Bell / Rondo Estrello Remote Connectivity Customer Care Client Services &"— Presentation transcript:

1 Connect2TI Upgrade Using Broadband at Home Updated February 28, 2005 Charise Bell / Rondo Estrello Remote Connectivity Customer Care Client Services & Support, ITS

2 2 Introduction  Connect2TI Pilot Upgrade –iPassConnect 3.3 –Cisco VPN Client 4.6 –CyberArmor software firewall (replaced ZoneAlarm Pro)  Broadband at Home –Hardware firewall (router) –Software installation

3 3 RAS How Connect2TI Works 1.iPassConnect includes dial access directly to TI (RAS) RAS numbers are listed first, if available. Look for $0.00/hr.

4 4 RAS Internet iPass How Connect2TI Works 1.iPassConnect also organizes how you connect to the Internet

5 5 RAS VPN Tunnel Internet iPass How Connect2TI Works 2. Cisco Systems VPN Client Virtual Private Networking software creates an encrypted tunnel for data to TI's network

6 6 RAS VPN Tunnel Internet iPass How Connect2TI Works 3. CyberArmor a software firewall that provides another layer of security

7 7 iPass brings the Internet  iPass works with Internet Service Providers (ISPs)  Connect to the Internet  iPass manages billings –Charges hit cost center the same way your calling card calls do

8 8 Problem with access

9 9 Internet Explorer and TI’s auto-proxy  Proxy used to get to the Internet when connected to TI network  Auto-proxy uses proxy as needed  Is set when the browser opens  Using CTRL-N to create a new browser window inherits the proxy settings  “Change Proxy Settings” utility on ESD.itg.ti.com Tools, Internet Options, Connections (tab). LAN settings: Close browser when moving from Intranet to Internet

10 10 Setting up VPN over Broadband at Home

11 11 Connect2TI (VPN) from Home  Hardware router –Security settings –Wireless  Software –VPN client –CyberArmor –iPassConnect (not required) –Symantec AntiVirus

12 12 Home Broadband – Hardware Firewall (Router)  Router required at home –Print installation instructions –Gather ISP information –Turn off wireless cards –Wait seconds for router to save settings –Cisco Aironet 350 card works at TI sites and at home

13 13 Router Basics Installing a Router for use with Connect2TI / VPN For basic information about wireless networking and routers, see Security Requirements  A router is required equipment for any computer on home broadband that will be connecting to the TI network. –“Always on” connection –Hides IP address  Some cable or DSL modems include router functions (ex: 2Wire). If you have a combination broadband modem/router, an additional router will not be required  Any brand of router is acceptable with: –Network Address Translation (NAT) –IPSec passthrough  IT Security documentation:

14 14 Help Desk Support Help Desk Support for Routers at TI  Approximately 30 minutes of router support  With Internet access working  Available on a "best effort" basis  Documentation for NetGear and Linksys routers  Check website before calling

15 15 Pre-installation Before you connect the router  Have a working Internet connection –Call ISP for help –Help Desk cannot help with router unless Internet was working before you started  Uninstall ISP software –Some ISPs require PPPoE (Point to Point Protocol over Ethernet) –Router will provide PPPoE services Most routers are configured to work "out of the box." Some settings must be changed in the configuration step to comply with TI Information Security requirements

16 16 Know your ISP – Fill out this form Document information required for the router to work with ISP  PPPoE (usually used with DSL rather than cable) Does your ISP use PPPoE (PPP over Ethernet)? If yes, you may need to input your username and password –Username (typically your address): ____________________ –Password: ________________________  Did the ISP provide a static IP address? (Ex.: ) If no, you are using DHCP, which is commonly used with cable and most DSL services If yes, a. What is the IP address: _____________________ b. What is the subnet mask: _____________________ c. What is the gateway: _____________________ d. What are the DNS servers: ______________________

17 17 Know Your ISP – Fill out this form Document information required for the router to work with ISP  Does the ISP require a MAC address (also known as physical address)? If yes, find the computer’s physical address by using the ipconfig utility from the command prompt. [Start, Run, type in cmd, OK. At the prompt, enter ipconfig /all. Look for Physical Address.] _____-_____-_____-_____-_____-_____  If the ISP requires a host name, what is it? _______________

18 18 Installing the Router Follow the manufacturer's instructions:  Cable the router between the broadband modem and the computer  If your broadband modem does not have a router built in, it must have an Ethernet connection ( RJ45) to your computer  DO NOT attempt to configure your router wirelessly

19 19 Configuring the router  Use your Internet browser to connect to the router's configuration pages –D-Link and NetGear routers use –Linksys routers use  The router will have an initial username and password, which you must change later –Linksys Username: [leave blank] Password: admin –D-Link Username: admin Password: [leave blank] –NetGear Username: admin Password: password

20 20 Setup Wizard  Run the configuration wizard, using information about your ISP gathered earlier

21 21 Setup Wizard

22 22 IT Security Requirements  Then, test your connection –Open a new browser to –Make sure your browser is using auto-proxy or no proxy  Once your connection to the Internet is working, go back to the router configuration pages, one by one, and change the configuration to match IT Security Requirements: –Enable Network Address Translation (NAT) –Disable UPnP services, if supported –Block all WAN requests –Enable IPSEC passthrough –Disable SPI, if supported –Disable PPTP passthrough –Disable Multicast passthrough –Disable Remote Management –Disable remote upgrade –Enabling WEP (for wireless), using a 128-bit key is a security requirement. Don't set the WEP key just yet. –Disable SSID broadcast, if supported by router. This hides your router from those nearby (your neighbors, for instance)

23 23 Enable NAT NAT is automatically enabled already

24 24 Disable UPnP services

25 25 Block all WAN requests  Respond to ping unchecked

26 26 Enable IPSEC passthrough  Automatically enabled

27 27 Disable SPI, if supported

28 28 Disable PPTP passthrough

29 29 Disable Multicast passthrough Commonly used for streaming media. IGMP is part of multicast Ask security to remove from list?

30 30 Disable Remote Management

31 31 Disable remote upgrade

32 32 Enable WEP –Enabling WEP (for wireless), using a 128-bit key is a security requirement. Don't set the WEP key just yet.

33 33 Disable SSID broadcast

34 34 Set SSID and WEP key – Wireless only  Test your connection to the Internet again  If your Internet connection is working, go back to the router configuration pages and set the SSID  Test

35 35 Set WEP Key last  The WEP key is needed for all wireless computers attached to your home network, including your TI laptop. Carefully write down the new WEP key and type/insert it into the Wireless Network settings for your wireless card. –Instructions for Cisco Aironet Client Utility (ACU) –Instructions for internal wireless card  Test your connection to the Internet again  At this point, your router should be configured and fully operational Instructions Instructions : for use with Cisco Aironet 350 cards Wirelessforhome-wzc.htmWirelessforhome-wzc.htm : Wirelessforhome-wzc.htm for use with internal WLAN cards

36 36 Software Installation

37 37 Home Broadband - Software Software installation at home  Download from the Internet – my.ti.com, Computer Services, Remote Connectivity (VPN)  Turn off Windows firewall –Control Panel, Network Connections, Properties, Advanced tab  Connect2TI 2.33 installs –iPassConnect 2.40 –Cisco VPN Client (A) –CyberArmor  Symantec AntiVirus –Intranet: ESD – esd.itg.ti.com –Home version available from Remote Connectivity website –Keep virus signatures up to date! Note: SBC Yahoo! installs Visual IP Insight, which must be removed before Connect2TI software is installed.

38 38 Configuring CyberArmor for home networks  How to allow other computers on your network to get access to the VPN computer when not connected to VPN  Find the instructions on Trey’s website.

39 39 Tips & Tricks

40 40 Problem with access If you see: But you can ping mercury.ext.ti.com (CMD window) You have Internet access Your browser is using the wrong proxy setting

41 41 Internet Explorer and TI’s auto-proxy  Proxy used to get to the Internet when connected to TI network  Auto-proxy uses proxy as needed  Is set when the browser opens  Using CTRL-N to create a new browser window inherits the proxy settings  “Change Proxy Settings” utility on ESD.itg.ti.com Tools, Internet Options, Connections (tab). LAN settings: Close browser when moving from Intranet to Internet

42 42 Getting Help  Call the Central Help Desk if you need help –CHD phone numbers are in iPassConnect under Help, Technical Support  Ask CHD to call iPass if problem isn’t immediately resolved

43 43 Update the Phonebook  Update your phonebook before traveling  While LAN connected, select –the Settings menu –Update iPassConnect –Phonebook  Phonebook is updated at least every two weeks

44 44 Wired Troubleshooting  Turn off Cisco Aironet 350 card  Ensure that both network cable plugs are snugly inserted into wall and notebook (or card)  If your location is not listed in iPassConnect, use Home Broadband directions  Turn off proxy in browser to test Internet connection. Turn proxy back on when connected to TI.  Retype userID and password in iPassConnect: Options / User info  Call HELP or for assistance from Central Help Desk. More help is available at Computer Services, Remote Connectivity, Support Information

45 45 Wireless Troubleshooting  Turn ON Wireless card (lights are blinking)  Turn off proxies in browser to test Internet connection. Turn proxies back on when connected to TI.  Retype userID and password in iPassConnect: Options / User info  If your location is not listed in iPassConnect, use Home Broadband directions  If the card associates with a poor signal, move around until you find a location with at least a fair signal  If first attempt using iPassConnect fails, on subsequent attempts, use Cisco VPN Client instead  Call HELP or for assistance from Central Help Desk

46 46 Join the Connect2TI Upgrade Pilot Still have questions? Contact Remote Connectivity Customer Care Charise Bell / Rondo Estrello

47 47 Wireless Troubleshooting  Turn ON Cisco Aironet 350 card (lights are blinking)  Turn off proxies in browser to test Internet connection. Turn proxies back on when connected to TI.  Retype userID and password in iPassConnect: Options / User info  Use iPass profile in Cisco ACU if location is listed in iPassConnect  If your location is not listed in iPassConnect, use Home Broadband directions: edit Cisco ACU Public profile to make sure the SSID is correct.  If your card will not associate using either iPass or Public profiles (Cisco ACU), turn off Zone Alarm and try again  If the card associates with a poor signal, move around until you find a location with at least a fair signal  If first attempt using iPassConnect fails, on subsequent attempts, use Cisco VPN Client instead  Call HELP or for assistance from Central Help Desk

48 You are now ready to use Connect2TI over Broadband at Home Still have questions? See FAQs on my.ti.com Computer Services Remote Connectivity (VPN) Additional help is available at or HELP


Download ppt "Connect2TI Upgrade Using Broadband at Home Updated February 28, 2005 Charise Bell / Rondo Estrello Remote Connectivity Customer Care Client Services &"

Similar presentations


Ads by Google