Chapter 6 Configuring branch office tunnels 135Nortel VPN Router Configuration — Basic Features• The Profiles > Filters window must have the filters that you want to use forthe branch office connection. For the example, the local Nortel VPN Routeruses a filter of permit only dns/http, and the remote Nortel VPN Router usespermit all.Sample branch office procedureTo create a dynamic peer-to-peer branch office tunnel over ISDN with local/peerauthentication that includes MS-ChapV2 and RC4-40 encryption, enabledcompression and a permit all filter:1 Launch the Web browser and enter the IP of the Nortel VPN Router.2 Enter the user name and password.3 Select Profiles > Branch Office.4 In Groups section, click Add. The Add Group window appears.5 Enter a name and then select your group from the group pull down menu.Click OK. The Branch Office window returns.6 In the Connections section, click on Add. The Add Connection windowappears.7 Enter the connection name (up to 128 characters).8 If this is to be a Control Tunnel, select Enabled.9 Select Tunnel Type: PPTP and Connection Type: Peer to Peer. Click OK.10 On the Connection Configuration window:a Select the Local IP from the Endpoints and enter the remote IP that thisPPTP tunnel will connect to.b In the Authentication section, enter a local UID and the remote peer UIDand password (must match the remote tunnel).c Select the MS-CHAP V2 authentication and RC4-40 encryption.d Enable Compression and Compression Stateless Mode.e Select Dynamic from the IP Configuration menu, and keep the RIP andOSPF defaults.f Click on OK.11 Configure the other end of the tunnel with the same information.