Efficient Networks Router family Command line interface Specifiche Pagina 197
- Pagina / 366
- Indice
- RISOLUZIONE PROBLEMI
- SEGNALIBRI
Valutato. / 5. Basato su recensioni clienti
Efficient Networks
®
Router family
Technical Reference Guide
Chapter 5: System Security
Efficient Networks
®
Page 5-59
Defines the name of a new IKE IPSec proposal.
-> ike ipsec proposals add <proposalname>
Defines the name of a new IKE IPSec proposal.
-> ike ipsec proposals delete <proposalname>
Deletes an existing IKE IPSec proposal.
-> ike ipsec proposals list
Lists the IKE IPSec proposals.
The followings proposals set commands specify the contents of the proposals
exchanged.
NOTE:
The next three commands (set espenc, set espauth, and set ahauth) determine the
encapsulation method (AH or ESP) used and the authentication and/or encryption
requested by the proposal.
You cannot request both AH and ESP encapsulation in the same proposal. (It is
possible for a connection to use two proposals, one that requests AH and the other
that requests ESP.)
In any one proposal, you can request any one of the following:
• AH authentication
• ESP encryption
• ESP authentication
• ESP encryption and authentication
-> ike ipsec proposals set espenc <des | 3des | null | none>
<proposalname>
Determines whether ESP encryption is requested and, if it is requested, the encryption
method used.
• DES - Use ESP encapsulation and 56-bit encryption
• 3DES - Use ESP encapsulation and 168-bit encryption (if 3DES is enabled
in the router; see Software Option Keys.)
• NULL - No encryption, but use ESP encapsulation. Headers are inserted as
though the data was encrypted. This allows verification of the source, but
sends the data in the clear, increasing throughput.
• NONE - No encryption and no ESP encapsulation. (If you select this option,
the encapsulation method must be requested by a set espauth or set ahauth
command.)
- 5RXWHU)DPLO\ 1
- Efficient Networks 2
- Contents 10
- INTRODUCTION 13
- Document Conventions 14
- Page 1-4 Efficient Networks 16
- VPI Virtual Path Identifier 17
- WMI Web Management Interface 17
- Page 1-6 Efficient Networks 18
- PRODUCT OVERVIEW 19
- WAN Interfaces 20
- Virtual Connections 22
- Bridging 23
- Page 2-6 Efficient Networks 24
- System Interoperability 26
- Protocol Conformance 27
- IP Routing 28
- IPX Routing 28
- Encapsulation Options 29
- Page 2-12 Efficient Networks 30
- INSTALLATION AND SETUP 31
- Remote Routers 32
- Local Router 32
- Protocols to be Used 33
- IP Routing Network Protocol 33
- Page 3-4 Efficient Networks 34
- IPX Routing Network Protocol 36
- Bridging Network Protocol 38
- MAC Encapsulated Routing 42
- Configuring Your Computer 44
- Microsoft Windows 45
- Windows 98 45
- Step6 Click OK 46
- Windows NT 4 47
- Windows 2000 49
- Step5 Click Properties 50
- Step 7 Click OK 51
- Windows ME 52
- Windows XP 54
- Step 5 Click Properties 55
- Apple Macintosh 56
- Mac OS 9.x 56
- Mac OS X 58
- Page 3-30 Efficient Networks 60
- Installation 62
- Establishing a Connection 64
- Terminal Sessions 66
- Configuring the Router 70
- Configuration Tables 71
- Configuring PPP with Bridging 75
- Test IP Routing 81
- Test TCP/IP Routes 82
- Test IPX Routing 82
- Page 3-54 Efficient Networks 84
- SYSTEM MANAGEMENT 85
- DHCP Address Allocation 86
- DHCP Client Requests 87
- Adding a Subnetwork 88
- Setting the Lease Time 90
- Setting Option Values 92
- Managing BootP 94
- About BootP and DHCP 94
- Enable/Disable BootP 94
- Configuring BootP/DHCP Relays 96
- Defining Option Types 96
- Commands 96
- -> dhcp del 128 97
- -> dhcp clear all records 98
- BootP Service 99
- Relaying BootP Requests 100
- General NAT Rules 101
- Masquerading 102
- Client Configuration 102
- Server Configuration 103
- Failed to add server 104
- Server Request Hierarchy 106
- Classic NAT 107
- Host Remapping 107
- Router family 108
- Technical Reference Guide 108
- Page 4-24 Efficient Networks 108
- Selective NAT 109
- Creating Policies 109
- Page 4-26 Efficient Networks 110
- Viewing Policies 111
- Deleting Policies 111
- NetMeeting (H.323) with NAT 111
- Scenario 3: Address Remapping 112
- Key Enabled Features 113
- Page 4-30 Efficient Networks 114
- Key Rules 115
- -> key list 116
- -> key list -l 116
- Feature Status 117
- Feature Revocation 117
- Spanning Tree 118
- Boot Code Options 118
- Manual Boot Mode 120
- Option 1: Retry Start-Up 120
- Option 3: Boot from Network 121
- Page 4-38 Efficient Networks 122
- Option 6: Set Time and Date 123
- Routers with Four LEDs 124
- Routers with Six LEDs 126
- Software Kernel Upgrades 127
- CAUTION: 128
- Upgrading from the WAN 129
- -> sync 130
- Task Complete 130
- QoS Deployment Example 132
- -> qos on 133
- -> qos off 133
- Policies 134
- Policy Parameters 134
- Policy Status 136
- Listing Policies 136
- Moving Policies 136
- -> qos del all 137
- -> date <mm/dd/yy> 138
- -> time <hh:mm:ss> 138
- SYSTEM SECURITY 139
- User Authentication 140
- Username and Password 141
- Management Classes 141
- Access Privileges 142
- Templates 142
- Initial (Default) Setting 144
- User Lookup 144
- Procedures 144
- -> user set lookup radius 145
- -> user list lookup 145
- -> user list 146
- *********" 146
- -> user enable myname 147
- -> user disable myname 147
- Changing account access 148
- -> rad list secret 149
- Server Retries Configuration 150
- Server Retries Timer 150
- Radius Server Configuration 151
- Controlling Remote Management 153
- Validating Clients 154
- Example: 154
- Restricting Remote Access 155
- -> save 156
- -> reboot 156
- Authentication Process 158
- CHAP Authentication 159
- PAP Authentication 160
- Authentication Passwords 160
- IP Filtering 161
- Receive Filters 162
- Transmit Filters 162
- Output Filters 163
- Filter Actions 163
- IP Filter Commands 163
- ICMP Redirect 163
- Filter Examples 164
- Built-in Firewall Filters 165
- Page 5-28 Efficient Networks 166
- Page 5-30 Efficient Networks 168
- Page 5-32 Efficient Networks 170
- Stateful Firewall 172
- Page 5-36 Efficient Networks 174
- 64.12.11.1 -d out 175
- Listing Firewall Rules 176
- Deleting Firewall Rules 176
- Rule Modification 177
- Page 5-40 Efficient Networks 178
- Firewall Status 179
- Viewing Dropped Packets 179
- Message Logging 180
- Stateful Firewall and IPSec 180
- Denial of Service Attacks 180
- SYN Attack 181
- ICMP Flood Attack 181
- UDP Flood Attack 182
- Ping of death 182
- Land Attack 182
- Tiny Packet Attack 182
- Finger Bomb 183
- Ping Flood 183
- Encryption 184
- Sample Configuration 185
- Diffie-Hellman Encryption 185
- Configuration Commands 185
- Page 5-50 Efficient Networks 188
- Device or 189
- IKE Management 190
- Phase 1 IKE: 191
- Phase 2 IKE: 191
- Main Mode and Aggressive Mode 192
- Phase 1 IKE — Main Mode: 192
- Additional IKE Settings 193
- Security Associations (SAs) 193
- -> ike flush 194
- -> ike peers list 194
- IKE Proposal Commands 196
- IKE IPSec Proposal Commands 196
- <proposalname> 197
- Page 5-60 Efficient Networks 198
- IKE IPSec Policy Commands 199
- IKE Configuration Examples 200
- Main Mode Example 201
- Page 5-64 Efficient Networks 202
- ″ThisIsASecret12345;)″ 203
- Aggressive Mode Example 204
- (No fixed IP address) 204
- IPSec Commands 206
- SSH Protocol 208
- Conection 209
- Version Identification 209
- -> ssh list 210
- Requests (commands) 210
- -> ssh keygen 211
- Encryption Options 212
- Bridge Filtering 213
- Configure Bridge Filtering 214
- -> eth stop 215
- -> eth start 215
- -> eth restart 215
- -> eth ip addroute 216
- -> eth ip bindroute 216
- -> eth ip filter 216
- -> eth ip options 216
- Managing Routing Tables 217
- Managing Routes 217
- RIP Controls 218
- -> remote list 219
- -> eth list 219
- Dial Backup 221
- Configuring Dial Backup 222
- ISDN Phone Numbers 224
- -> system list 225
- Addresses to Ping 226
- -> system default modem 228
- 228
- Dial Setting 229
- VRRP Backup 230
- -> eth ip vrid 7 0:1 231
- -> eth list 0:1 232
- -> eth vrrp list 233
- Command Line Interface Guide 234
- Page 6-20 Efficient Networks 234
- Starting VRRP 235
- Disabling or Deleting VRRP 236
- Internet 237
- Page 6-24 Efficient Networks 238
- Advantages of Tunneling 240
- L2TP Concepts 241
- Definitions 241
- L2TP Client Illustration 241
- LAN/server 242
- Commands to configure tunnels 244
- Sample Configurations 245
- Page 6-32 Efficient Networks 246
- Page 6-34 Efficient Networks 248
- (DSL) 250
- 192.168.100.1 250
- (ISDN) 250
- Page 6-38 Efficient Networks 252
- Define the actual tunnel: 254
- PPPoE (PPP over Ethernet) 255
- PPPoE Client 256
- Page 6-44 Efficient Networks 258
- Managing PPPoE Sessions 259
- Flags ............... 1 260
- Transport (Layer-2) VPNs 261
- Virtual Circuits 261
- ATM or Frame Relay transport 261
- Network (Layer-3) VPNs 262
- Tunneling 262
- Technology Standards 263
- PPP (Point-to-Point Protocol) 263
- DES Encryption 263
- Page 6-50 Efficient Networks 264
- Location 265
- Service Provider-based VPNs 265
- Types of VPNs used 265
- LAN client to LAN server 266
- Secure VPN Option 267
- Page 6-54 Efficient Networks 268
- Page 6-56 Efficient Networks 270
- Page 6-58 Efficient Networks 272
- Page 6-60 Efficient Networks 274
- Page 6-62 Efficient Networks 276
- MONITORING SYSTEM 277
- PERFORMANCE 277
- Trap Generation 279
- Configuring SNMP 280
- Troubleshooting 282
- Step 3 Click Connect 284
- Page 7-12 Efficient Networks 288
- Telnet Access Problems 290
- Software Download Problems 290
- L2TP Tunnel Troubleshooting 291
- Page 7-16 Efficient Networks 292
- WEB MANAGEMENT INTERFACE 293
- Router Information Page 295
- Easy Setup 296
- Page8-6 Efficient Networks 298
- Page8-8 Efficient Networks 300
- RFC 1483 Networking 302
- Page8-12 Efficient Networks 304
- Page8-14 Efficient Networks 306
- Step3 Click Save and Reboot 308
- User Management 309
- Adding A User Account 310
- Deleting A User Account 311
- Editing A User Account 311
- Access Control Form 317
- Feature Activation 318
- Key Enabled Feature List Page 319
- Step2 Click Apply 321
- Step3 Click Apply 323
- Router Clock Page 326
- DCHP Configuration 327
- Page8-36 Efficient Networks 328
- Advanced Setup 332
- SNMP Configuration Page 333
- Page8-42 Efficient Networks 334
- Step2 Click Add IP Range 335
- SNMP Password Page 336
- Page8-46 Efficient Networks 338
- SSH Configuration 339
- Firewall Scripts 342
- QoS Configuration Page 344
- Step4 Click Apply 345
- QoS Policy Configuration page 346
- QoS Policy Parameters 347
- QoS Policy Deletion 347
- Step3 Select a delete option 348
- Step2 Click Create 350
- Step4 Click Save 350
- Step2 Click Modify/Display 351
- Firewall Rule Parameters 355
- Firewall Rule Deletion 356
- Step2 Click Execute 363
Prodotti e manuali riguardandi Networking Efficient Networks Router family Command line interface
(18 pagine)
(94 pagine)© 2020, manymanuals.it. Tutti i diritti riservati | 0.031 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commenti su questo manuale