Efficient Networks Router family Command line interface Specifiche Pagina 187
- Pagina / 366
- Indice
- RISOLUZIONE PROBLEMI
- SEGNALIBRI
Valutato. / 5. Basato su recensioni clienti
Efficient Networks
®
Router family
Technical Reference Guide
Chapter 5: System Security
Efficient Networks
®
Page 5-49
File Format for the Diffie-Hellman Number File
The default values used to generate keys are listed at the end of this section. If you
want to use values other than the defaults, you can create your own Diffie-Hellman
number file. The file should follow these rules:
• The file should be 192 bytes, in binary format, consisting of two 96-byte
numbers, with the most significant byte in the first position. For example, the
number 0x12345678 would appear as 000000...0012345678.
• The first 96 bytes form the modulus. In the equation x' = g^x mod n, n is the
modulus. According to Diffie and Hellman, the modulus should be prime, and
(n-1)/2 should also be prime.
• The second 96 bytes form the generator, or g in the above equation. The
generator should be a primitive root mod n.
• The remaining pieces of the encryption key (x and y) are randomly generated
at connection time and change every time the device connects.
NOTE:
It is recommend that you consult an encryption expert to obtain cryptographically
sound generator and modulus pairs.
Default Modulus:
00000000: c9 b4 ed 33 ba 7f 00 9e - ce e0 83 5d a5 4c 19 25
00000010: e0 2d 99 44 e8 8d cd 16 - 02 0e 6c 26 6d 15 7c 95
00000020: 82 9a 8c 2b 19 d0 56 da - 9b 5b a9 cd cf fb 45 2b
00000030: c9 6a 3c 26 e5 b8 1a 25 - 07 b8 07 22 ed 15 8a 56
00000040: 8b f4 30 f2 28 fc 6b f1 - bf a4 3e 87 f0 be d6 1c
00000050: 33 92 b9 5e d1 b7 20 8c - 92 02 cb e5 26 45 02 1d
Default Generator:
00000000: 90 f0 09 78 cc 23 79 a8 - 6c 23 a8 65 e0 dc 0f 6d
00000010: fb a7 26 e8 63 0a 21 67 - 5a f8 0f 59 84 09 5c da
00000020: ef af af fc d2 5f 83 e2 - a7 27 05 34 17 94 1a 4f
00000030: b2 87 76 97 e7 48 43 db - 62 29 70 9e 7f eb 2c 6e
00000040: 5d 25 1d a1 65 f0 b4 e6 - 47 4d 25 23 0b 20 b9 93
00000050: 27 f0 56 12 5a 97 f6 c5 - 31 b6 19 fc 67 22 93 f5
- 5RXWHU)DPLO\ 1
- Efficient Networks 2
- Contents 10
- INTRODUCTION 13
- Document Conventions 14
- Page 1-4 Efficient Networks 16
- VPI Virtual Path Identifier 17
- WMI Web Management Interface 17
- Page 1-6 Efficient Networks 18
- PRODUCT OVERVIEW 19
- WAN Interfaces 20
- Virtual Connections 22
- Bridging 23
- Page 2-6 Efficient Networks 24
- System Interoperability 26
- Protocol Conformance 27
- IP Routing 28
- IPX Routing 28
- Encapsulation Options 29
- Page 2-12 Efficient Networks 30
- INSTALLATION AND SETUP 31
- Remote Routers 32
- Local Router 32
- Protocols to be Used 33
- IP Routing Network Protocol 33
- Page 3-4 Efficient Networks 34
- IPX Routing Network Protocol 36
- Bridging Network Protocol 38
- MAC Encapsulated Routing 42
- Configuring Your Computer 44
- Microsoft Windows 45
- Windows 98 45
- Step6 Click OK 46
- Windows NT 4 47
- Windows 2000 49
- Step5 Click Properties 50
- Step 7 Click OK 51
- Windows ME 52
- Windows XP 54
- Step 5 Click Properties 55
- Apple Macintosh 56
- Mac OS 9.x 56
- Mac OS X 58
- Page 3-30 Efficient Networks 60
- Installation 62
- Establishing a Connection 64
- Terminal Sessions 66
- Configuring the Router 70
- Configuration Tables 71
- Configuring PPP with Bridging 75
- Test IP Routing 81
- Test TCP/IP Routes 82
- Test IPX Routing 82
- Page 3-54 Efficient Networks 84
- SYSTEM MANAGEMENT 85
- DHCP Address Allocation 86
- DHCP Client Requests 87
- Adding a Subnetwork 88
- Setting the Lease Time 90
- Setting Option Values 92
- Managing BootP 94
- About BootP and DHCP 94
- Enable/Disable BootP 94
- Configuring BootP/DHCP Relays 96
- Defining Option Types 96
- Commands 96
- -> dhcp del 128 97
- -> dhcp clear all records 98
- BootP Service 99
- Relaying BootP Requests 100
- General NAT Rules 101
- Masquerading 102
- Client Configuration 102
- Server Configuration 103
- Failed to add server 104
- Server Request Hierarchy 106
- Classic NAT 107
- Host Remapping 107
- Router family 108
- Technical Reference Guide 108
- Page 4-24 Efficient Networks 108
- Selective NAT 109
- Creating Policies 109
- Page 4-26 Efficient Networks 110
- Viewing Policies 111
- Deleting Policies 111
- NetMeeting (H.323) with NAT 111
- Scenario 3: Address Remapping 112
- Key Enabled Features 113
- Page 4-30 Efficient Networks 114
- Key Rules 115
- -> key list 116
- -> key list -l 116
- Feature Status 117
- Feature Revocation 117
- Spanning Tree 118
- Boot Code Options 118
- Manual Boot Mode 120
- Option 1: Retry Start-Up 120
- Option 3: Boot from Network 121
- Page 4-38 Efficient Networks 122
- Option 6: Set Time and Date 123
- Routers with Four LEDs 124
- Routers with Six LEDs 126
- Software Kernel Upgrades 127
- CAUTION: 128
- Upgrading from the WAN 129
- -> sync 130
- Task Complete 130
- QoS Deployment Example 132
- -> qos on 133
- -> qos off 133
- Policies 134
- Policy Parameters 134
- Policy Status 136
- Listing Policies 136
- Moving Policies 136
- -> qos del all 137
- -> date <mm/dd/yy> 138
- -> time <hh:mm:ss> 138
- SYSTEM SECURITY 139
- User Authentication 140
- Username and Password 141
- Management Classes 141
- Access Privileges 142
- Templates 142
- Initial (Default) Setting 144
- User Lookup 144
- Procedures 144
- -> user set lookup radius 145
- -> user list lookup 145
- -> user list 146
- *********" 146
- -> user enable myname 147
- -> user disable myname 147
- Changing account access 148
- -> rad list secret 149
- Server Retries Configuration 150
- Server Retries Timer 150
- Radius Server Configuration 151
- Controlling Remote Management 153
- Validating Clients 154
- Example: 154
- Restricting Remote Access 155
- -> save 156
- -> reboot 156
- Authentication Process 158
- CHAP Authentication 159
- PAP Authentication 160
- Authentication Passwords 160
- IP Filtering 161
- Receive Filters 162
- Transmit Filters 162
- Output Filters 163
- Filter Actions 163
- IP Filter Commands 163
- ICMP Redirect 163
- Filter Examples 164
- Built-in Firewall Filters 165
- Page 5-28 Efficient Networks 166
- Page 5-30 Efficient Networks 168
- Page 5-32 Efficient Networks 170
- Stateful Firewall 172
- Page 5-36 Efficient Networks 174
- 64.12.11.1 -d out 175
- Listing Firewall Rules 176
- Deleting Firewall Rules 176
- Rule Modification 177
- Page 5-40 Efficient Networks 178
- Firewall Status 179
- Viewing Dropped Packets 179
- Message Logging 180
- Stateful Firewall and IPSec 180
- Denial of Service Attacks 180
- SYN Attack 181
- ICMP Flood Attack 181
- UDP Flood Attack 182
- Ping of death 182
- Land Attack 182
- Tiny Packet Attack 182
- Finger Bomb 183
- Ping Flood 183
- Encryption 184
- Sample Configuration 185
- Diffie-Hellman Encryption 185
- Configuration Commands 185
- Page 5-50 Efficient Networks 188
- Device or 189
- IKE Management 190
- Phase 1 IKE: 191
- Phase 2 IKE: 191
- Main Mode and Aggressive Mode 192
- Phase 1 IKE — Main Mode: 192
- Additional IKE Settings 193
- Security Associations (SAs) 193
- -> ike flush 194
- -> ike peers list 194
- IKE Proposal Commands 196
- IKE IPSec Proposal Commands 196
- <proposalname> 197
- Page 5-60 Efficient Networks 198
- IKE IPSec Policy Commands 199
- IKE Configuration Examples 200
- Main Mode Example 201
- Page 5-64 Efficient Networks 202
- ″ThisIsASecret12345;)″ 203
- Aggressive Mode Example 204
- (No fixed IP address) 204
- IPSec Commands 206
- SSH Protocol 208
- Conection 209
- Version Identification 209
- -> ssh list 210
- Requests (commands) 210
- -> ssh keygen 211
- Encryption Options 212
- Bridge Filtering 213
- Configure Bridge Filtering 214
- -> eth stop 215
- -> eth start 215
- -> eth restart 215
- -> eth ip addroute 216
- -> eth ip bindroute 216
- -> eth ip filter 216
- -> eth ip options 216
- Managing Routing Tables 217
- Managing Routes 217
- RIP Controls 218
- -> remote list 219
- -> eth list 219
- Dial Backup 221
- Configuring Dial Backup 222
- ISDN Phone Numbers 224
- -> system list 225
- Addresses to Ping 226
- -> system default modem 228
- 228
- Dial Setting 229
- VRRP Backup 230
- -> eth ip vrid 7 0:1 231
- -> eth list 0:1 232
- -> eth vrrp list 233
- Command Line Interface Guide 234
- Page 6-20 Efficient Networks 234
- Starting VRRP 235
- Disabling or Deleting VRRP 236
- Internet 237
- Page 6-24 Efficient Networks 238
- Advantages of Tunneling 240
- L2TP Concepts 241
- Definitions 241
- L2TP Client Illustration 241
- LAN/server 242
- Commands to configure tunnels 244
- Sample Configurations 245
- Page 6-32 Efficient Networks 246
- Page 6-34 Efficient Networks 248
- (DSL) 250
- 192.168.100.1 250
- (ISDN) 250
- Page 6-38 Efficient Networks 252
- Define the actual tunnel: 254
- PPPoE (PPP over Ethernet) 255
- PPPoE Client 256
- Page 6-44 Efficient Networks 258
- Managing PPPoE Sessions 259
- Flags ............... 1 260
- Transport (Layer-2) VPNs 261
- Virtual Circuits 261
- ATM or Frame Relay transport 261
- Network (Layer-3) VPNs 262
- Tunneling 262
- Technology Standards 263
- PPP (Point-to-Point Protocol) 263
- DES Encryption 263
- Page 6-50 Efficient Networks 264
- Location 265
- Service Provider-based VPNs 265
- Types of VPNs used 265
- LAN client to LAN server 266
- Secure VPN Option 267
- Page 6-54 Efficient Networks 268
- Page 6-56 Efficient Networks 270
- Page 6-58 Efficient Networks 272
- Page 6-60 Efficient Networks 274
- Page 6-62 Efficient Networks 276
- MONITORING SYSTEM 277
- PERFORMANCE 277
- Trap Generation 279
- Configuring SNMP 280
- Troubleshooting 282
- Step 3 Click Connect 284
- Page 7-12 Efficient Networks 288
- Telnet Access Problems 290
- Software Download Problems 290
- L2TP Tunnel Troubleshooting 291
- Page 7-16 Efficient Networks 292
- WEB MANAGEMENT INTERFACE 293
- Router Information Page 295
- Easy Setup 296
- Page8-6 Efficient Networks 298
- Page8-8 Efficient Networks 300
- RFC 1483 Networking 302
- Page8-12 Efficient Networks 304
- Page8-14 Efficient Networks 306
- Step3 Click Save and Reboot 308
- User Management 309
- Adding A User Account 310
- Deleting A User Account 311
- Editing A User Account 311
- Access Control Form 317
- Feature Activation 318
- Key Enabled Feature List Page 319
- Step2 Click Apply 321
- Step3 Click Apply 323
- Router Clock Page 326
- DCHP Configuration 327
- Page8-36 Efficient Networks 328
- Advanced Setup 332
- SNMP Configuration Page 333
- Page8-42 Efficient Networks 334
- Step2 Click Add IP Range 335
- SNMP Password Page 336
- Page8-46 Efficient Networks 338
- SSH Configuration 339
- Firewall Scripts 342
- QoS Configuration Page 344
- Step4 Click Apply 345
- QoS Policy Configuration page 346
- QoS Policy Parameters 347
- QoS Policy Deletion 347
- Step3 Select a delete option 348
- Step2 Click Create 350
- Step4 Click Save 350
- Step2 Click Modify/Display 351
- Firewall Rule Parameters 355
- Firewall Rule Deletion 356
- Step2 Click Execute 363
Prodotti e manuali riguardandi Networking Efficient Networks Router family Command line interface
(18 pagine)
(94 pagine)© 2020, manymanuals.it. Tutti i diritti riservati | 0.122 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commenti su questo manuale