Enterasys ANG-3000 Uživatelská příručka Strana 296
- Strana / 414
- Tabulka s obsahem
- ŘEŠENÍ PROBLÉMŮ
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
262 XSR User’s Guide
VPN Configuration Overview Chapter 11
Configuring the Virtual Private Network
XSR(config-crypto-m)#set transform-set esp-3des-sha
XSR(config-crypto-m)#match address 40
XSR(config-crypto-m)#set peer 192.168.45.12
XSR(config-crypto-m)#no set security-association level per-host
Authentication, Authorization and Accounting Configuration
The XSR’s AAA implementation configures all authentication, authorization
and accounting characteristics of users (Remote Access) and peer gateways
(Site-to-Site). These characteristics include:
Usernames and passwords for authentication
Associated group name for authorization of network services
IP addressing, including:
– Virtual addresses from a local IP pool
– DNS (primary and secondary) for remote access clients
– WINS (primary and secondary) for remote access clients
Compression settings for remote access clients and site-to-site tunnels
Encryption settings for PPTP remote access clients
Configuration for standardized Authentication methods, that is,
RADIUS. In addition to all the necessary values for communicating
securely with a RADIUS server, the XSR allows you to specify a backup
RADIUS server for authentication failover.
AAA Commands
The following AAA commands are provided by the XSR:
Configures authentication for users and groups with
aaa user and aaa
group
commands as well as the following sub-commands:
–
policy specifies SSH, Tel net , Firewall or VPN service for users
–
dns-server and wins server configure the IP addresses of
primary and secondary DNS and WINS servers to distribute to
remote access users and connecting XSRs.
–
ip pool associates a globally defined IP address pool (set with ip
local pool
) with a user group. When a remote access user or
XSR connects, an IP address is distributed from this pool. Be
aware that if an AAA user is configured to use a static IP address
which belongs to a local IP pool, you must exclude that address
from the local pool.
–
l2tp/pptp compression commands enable compression on
L2TP and PPTP sessions, respectively, and
pptp encrypt mppe
configures Microsoft Point-to-Point Encryption on a PPTP link.
- XSR-1805 1
- User’s Guide 1
- APPROVED 3
- TE-2002/195 3
- Industry Canada Notices 4
- Product Safety 4
- Class A ITE Notice 4
- VCCI Notice 5
- BSMI (EMC) Statement - Taiwan 5
- Australian Telecom 6
- Enterasys Networks, Inc 6
- PROGRAM LICENSE AGREEMENT 6
- DECLARATION OF CONFORMITY 9
- Table of Contents 11
- Chapter 5 – Configuring IP 15
- Chapter 6 – Configuring PPP 17
- Chapter 12 – Configuring DHCP 27
- About This Guide 31
- CTRL+ALT+DEL) 33
- Getting Help 34
- 2 XSR User’s Guide 36
- Chapter 1 36
- Managing the XSR 39
- Connecting via Telnet 40
- Connecting via SSH 41
- Table 1 CLI Session Limits 42
- XSR User’s Guide 9 43
- XSR(config)# 45
- XSR User’s Guide 13 47
- Table 4 CLI Syntax 48
- 16 XSR User’s Guide 50
- XSR User’s Guide 17 51
- This adds serial port 2/1:1 54
- This adds serial port 2/1:2 54
- XSR User’s Guide 21 55
- Managing XSR Interfaces 57
- Managing Message Logs 59
- Performing Fault Management 60
- Using the Real-Time Clock 60
- XSR User’s Guide 27 61
- SWITCHCORD 62
- ELAN 1 ELAN 2 COM 62
- Bulk Configuration Management 63
- Managing the Software Image 65
- XSR User’s Guide 33 67
- XSR User’s Guide 35 69
- XSR User’s Guide 37 71
- XSR User’s Guide 39 73
- Shaping Trap Traffic 75
- Network Management Tools 76
- Fault Report 77
- Auto-discovery 77
- Statistics 77
- Alarm Management (Traps) 77
- Software Image Download 78
- Managing LAN/WAN Interfaces 79
- Configuring the LAN 80
- MIB Statistics 81
- Overview of WAN Interfaces 82
- WAN Features 82
- Configuring the WAN 83
- Configuring T1/E1 Interfaces 85
- T1/E1 Subsystem Configuration 86
- XSR User’s Guide 53 87
- Troubleshooting T1/E1 Links 88
- T1/E1 Alarm Analysis 91
- 58 XSR User’s Guide 92
- T1/E1 Error Events Analysis 94
- 64 XSR User’s Guide 98
- interface loopback 98
- ARP and Proxy ARP 99
- BOOTP/DHCP Relay 100
- Broadcast 100
- XSR User’s Guide 67 101
- command 102
- XSR User’s Guide 69 103
- IP Interface 104
- Secondary IP 104
- Table 7 105
- XSR User’s Guide 106
- Chapter 5 General IP Features 107
- Configuring IP 107
- 74 XSR User’s Guide 108
- General IP Features Chapter 5 108
- Traceroute 109
- IP Routing Protocols 110
- Triggered-on-Demand RIP 111
- 80 XSR User’s Guide 114
- XSR User’s Guide 81 115
- Static Routes 116
- Routing Priorities 116
- Default Network 117
- Network Address Translation 118
- 86 XSR User’s Guide 120
- 88 XSR User’s Guide 122
- IETF MIBs Supported 127
- Configuring RIP Examples 128
- XSR User’s Guide 95 129
- Configuring OSPF Example 130
- Configuring NAT Examples 131
- Internet 133
- Configuring VRRP Example 134
- Router XSRb 135
- Configuring PPP 137
- Link Control Protocol (LCP) 138
- Authentication 139
- 106 XSR User’s Guide 140
- PPP Features Chapter 6 140
- Link Quality Monitoring (LQM) 141
- Multilink PPP (MLPPP) 141
- IP Control Protocol (IPCP) 142
- Chapter 6 PPP Features 143
- 110 XSR User’s Guide 144
- 112 XSR User’s Guide 146
- XSR User’s Guide 113 147
- Configuring BAP 148
- XSR User’s Guide 115 149
- XSR User’s Guide 117 151
- XSR2 Configuration 152
- Configuring Frame Relay 153
- 120 XSR User’s Guide 154
- Overview Chapter 7 154
- Frame Relay Features 155
- Multi-Protocol Encapsulation 156
- Address Resolution 156
- XSR User’s Guide 123 157
- 124 XSR User’s Guide 158
- XSR User’s Guide 125 159
- Sub-interface Support 162
- User Interfaces 162
- Displaying Statistics 163
- Frame Relay 164
- Central Sites 164
- Branch Sites 164
- Charlotte 165
- On the Charlotte XSR, enter: 167
- On the Denver XSR, enter: 167
- Configuring Dialer Services 169
- 136 XSR User’s Guide 170
- XSR User’s Guide 137 171
- Time of Day feature 172
- Typical Use for Dial Services 172
- Ethernet Backup 172
- Implementing Dial Services 173
- Dialer Profiles 174
- Dialer Interface 174
- Dialer Strings 175
- Dialer Pool 175
- Addressing Dialer Resources 175
- Configuring Encapsulation 175
- ISDN Callback 176
- 2/2 - shared between them 178
- 146 XSR User’s Guide 180
- Sample Dialer Configuration 181
- Configuring ISDN Callback 182
- XSR User’s Guide 149 183
- Overview of Dial Backup 184
- Sequence of Backup Events 184
- Link Failure Backup Example 186
- XSR User’s Guide 153 187
- Sample Configuration 188
- Answering Incoming ISDN Calls 192
- Incoming Call Mapping Example 193
- XSR User’s Guide 161 195
- Configuring DoD/BoD 196
- Chapter 8 Configuring DoD/BoD 197
- XSR User’s Guide 165 199
- XSR User’s Guide 171 205
- XSR User’s Guide 177 211
- Bandwidth-on-Demand 213
- Backup Configuration 215
- XSR User’s Guide 183 217
- XSR User’s Guide 185 219
- Digital Network (ISDN) 221
- BRI Features 222
- PRI Features 222
- Understanding ISDN 223
- B-Channels 224
- D-Channel 224
- D-Channel Standards 225
- ISDN Equipment Configurations 226
- Bandwidth Optimization 227
- Security 228
- Call Monitoring 228
- ISDN Configuration 229
- 196 XSR User’s Guide 230
- ISDN Configuration Chapter 9 230
- XSR User’s Guide 197 231
- PRI Configuration Model 232
- 200 XSR User’s Guide 234
- More Configuration Examples 235
- ISDN BRI 236
- BRI Leased Line 236
- BRI Leased PPP 236
- BRI Leased Frame Relay 237
- 204 XSR User’s Guide 238
- 206 XSR User’s Guide 240
- Code Cause 241
- Overview 243
- Features 244
- Mechanisms to Provide QoS 244
- IP Precedence bits 245
- XSR User’s Guide 213 247
- Queuing and Services 248
- XSR User’s Guide 215 249
- Describing Traffic Policing 251
- XSR User’s Guide 219 253
- 220 XSR User’s Guide 254
- Per Interface Configuration 255
- 222 XSR User’s Guide 256
- XSR(config)#class-map class1 256
- XSR(config)#class-map class2 256
- XSR User’s Guide 223 257
- XSR User’s Guide 225 259
- VPN Overview 261
- VPN Overview Chapter 11 262
- Chapter 11 VPN Overview 263
- 230 XSR User’s Guide 264
- Defining VPN Encryption 266
- Digital Signatures 267
- Certificates 268
- CA Hierarchies 269
- Certificate Chains 270
- Pending Mode 272
- DF Bit Functionality 273
- VPN Applications 274
- Site-to-Site Networks 275
- VPN Applications Chapter 11 278
- Using OSPF Over a VPN Network 280
- Chapter 11 VPN Applications 281
- INTERNET 282
- Server 2 287
- Server 1 287
- XSR VPN Features 288
- VPN Configuration Overview 289
- Master Key Generation 290
- ACL Configuration Rules 291
- XSR User’s Guide 259 293
- Creating Crypto Maps 295
- XSR User’s Guide 263 297
- PKI Configuration Options 298
- XSR User’s Guide 265 299
- Interface VPN Options 304
- Central Site 305
- Branch Office 305
- Chooses Diffie-Hellman group 306
- EZ-IPSec Configuration 309
- Remote Access 311
- XSR User’s Guide 279 313
- XSR User’s Guide 281 315
- XSR User’s Guide 283 317
- XSR Configuration 319
- 290 XSR User’s Guide 324
- Hightest is the root CA of 325
- Sales, CN=Scep 326
- XSR User’s Guide 293 327
- 294 XSR User’s Guide 328
- Sys,OU=Sales, CN=Scep 328
- Configuring DHCP 329
- How DHCP Works 331
- DHCP Services 332
- BOOTP Legacy Support 333
- Pool (subnet) 334
- Client Class 334
- Scope Caveat 335
- Manual Bindings 335
- DHCP CLI Commands 336
- Chapter 12 DHCP CLI Commands 337
- DHCP Set Up Overview 338
- Configuration Steps 339
- Enable the DHCP Server 340
- Manual Binding Example 341
- BOOTP Client Support Example 342
- DHCP Option Examples 343
- Access Control Lists 346
- Packet Filtering 346
- LANd Attack 346
- Smurf Attack 347
- Fraggle Attack 347
- Spoofed Address Check 347
- SYN Flood Attack Mitigation 347
- Spurious State Transition 348
- General Security Precautions 349
- AAA Services 350
- Chapter 13 AAA Services 351
- AAA Services Chapter 13 352
- Firewall Feature Set Overview 355
- 322 XSR User’s Guide 356
- Types of Firewalls 357
- 324 XSR User’s Guide 358
- XSR User’s Guide 325 359
- 326 XSR User’s Guide 360
- XSR User’s Guide 327 361
- 328 XSR User’s Guide 362
- Firewall CLI Commands 364
- XSR User’s Guide 333 367
- Firewall Limitations 369
- 336 XSR User’s Guide 370
- XSR User’s Guide 337 371
- Pre-configuring the Firewall 372
- Configuration Examples 373
- Internal 374
- ANY_EXTERNAL allow 375
- 10.10.10.1 376
- PPPoE/NAT/Firewall 376
- XSR User’s Guide 343 377
- XSR with Firewall and VPN 378
- SSR-PS-8 379
- XSR User’s Guide 347 381
- XSR User’s Guide 349 383
- XSR User’s Guide 351 385
- Accounting 386
- Configuring Simple Security 387
- System Limits 389
- 360 XSR User’s Guide 390
- Alarms and Events 392
- Appendix A Alarms and Events 393
- Module Message Description 393
- Alarms and Events Appendix A 394
- 376 XSR User’s Guide 406
- 378 XSR User’s Guide 408
- 380 XSR User’s Guide 410
- 382 XSR User’s Guide 412
© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.029 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce