Patton electronic 2635, 2621 manual Configuring Security Policies

Page 73

Models 2603, 2621, and 2635 Getting Started Guide

7 • Security

 

 

Figure 46. Define ‘ppp-0’ interface as External

Configuring Security Policies

Continue the previous example by defining security policies. We will add only one Firewall policy, called etoi, signifying an external-to-internal policy between the external and internal interfaces.

1.Go to the last section on the Security Interface Configuration webpage called ‘Policies, Triggers and Intru- sion Detection.’ Click on the hyperlink Security Policy Configuration... (See figure 47.)

Figure 47. Security Policy Configuration hyperlink

2.Click on the hyperlink New Policy... (See figure 48.)

Figure 48. New Policy link to configuration webpage

3.Select the parameters so the policy is defined as follows: Between interfaces of types: external internal Validators will allow traffic.

Click on Apply.

Configuring the security interfaces

73

Image 73
Contents IPLink Series High Speed Routers Mailsupport@patton.com Summary Table of Contents Contents Models 2603, 2621, and 2635 Getting Started Guide Remote Site Configuration Central site configuration EMC Ethernet Cable 123 Adapter Models 2603, 2621, and 2635 Getting Started Guide List of Figures Models 2603, 2621, and 2635 Getting Started Guide List of Tables Audience About this guideStructure Safety when working with electricity PrecautionsImpaired functioning General observations Factory default parametersGeneral conventions Typographical conventions used in this documentGeneral Information Chapter contentsGeneral attributes IPLink Series High Speed Routers overviewProtocol support EthernetPPP Support WAN InterfacesSecurity Logging or Smtp on events POST, Post errors, PPP/DHCP, IPFront Panel Status LEDs and Console Port Console port Rear panel connectors and switchesOn the rear panel from left to right are the following Ethernet port outlined in green Power connectorGeneral Information Product Overview Introduction Sync Serial Application Applications OverviewInitial Configuration Interface cable installation Hardware installationWhat you will need RJ-48C pinout diagram Initial Configuration Ethernet connector Interface connector RJ-45 DB-15 Case being opened with a screwdriver Ethernet connector Interface connector RJ-45 DB-25 DCE Installing the AC power cordInitial Configuration Do the following Installing the Ethernet cableIP address has now been successfully changed IP address modificationWeb Operation and Configuration PC ConfigurationModel 2603 home Model 2635 home Ethernet LAN Port Ethernet Port LAN ConnectionsBasic Ethernet port attributes Configurable Ethernet parameters Serial Port Configuration Serial Interface WAN Serial Port ConfigurationVariables T1/E1 Interface Configuration Web Interface ConfigurationWeb Configuration , enter username See figure Configuring the IPLink Series 2603 for T1 OperationConfiguring the IPLink Series 2603 for E1 Operation Line Options Fractional T1Serial Port Configuration PPP Bridged WAN ServicesWAN Services PPP Configuration WAN Service ConfigurationPPP Bridged Leave User name and Password blank. Click on Create Remote site configuration PPP RoutedPPP Routed Configuration menu Click on CreateEdit IP address of WAN port Click the Update buttonPPP link status LMI Management Frame Relay links Username blank Password blank Click on the Create buttonLMI Configuration Web Configuration Methods Dlci Number Use Frame Relay ConfigurationFrame Relay bridged creation Frame Relay bridgedCentral site configuration Relay Frame Relay RoutedDescription FR routed Frame Relay Channel Routed configuration IP route for Frame Relay routed application Cost Interface frame-0WAN Services Security Configuring the router Click on Create a new serviceClick on the Create a new Ip route... hyperlink Valid gateway route Configuring the security interfacesSecurity configuration home Click on the hyperlink New Policy... See figure Configuring Security PoliciesFirewall Portfilters Enabling the FirewallDeleting a security Policy You can now ping between the two networks Security TriggersConfiguring TCP port filter for FTP Adding trigger for FTP data transfer Attack Name Protocol Attacking Host Blacklisted? Intrusion Detection System IDSSecurity Enabling NAT Introduction to NATGlobal address pool and reserved map Click on Add Global Address Pool button Dhcp and DNS Configuration Services and features normally associated with each other NAT Dhcp ServerDhcp Server web Dhcp server configuration web Parameters for the Dhcp Server subnetNext section see figure 58. has three parameters IP Addresses to be available on this subnetDNS server option information Example based on default range of IP address poolAdditional option information Default gateway option informationDhcp Relay Configuration of the Dhcp RelayDhcp Relay webpage Configuring the DNS Relay DNS RelayDNS Relay configuration webpage IP Services Next command disables the WEB server IP ServicesWEB Server CLI ConfigurationAssociated Ports for the different System IP Services System Configuration Authentication web page showing default superuser AuthenticationAccess the configuration and status of the alarms AlarmAlarm & Alarm Error Log configuration Remote AccessBackup/Restore UpdateSave Restart Website SettingsSnmp Daemon Error LogSnmp Daemon configuration System ToolsSntp Client Configuration Configuring the Sntp Client Sntp Client Mode Configuration ParametersSntp Client General Configuration Parameters System Clock SettingConfiguration of the internal system calendar clock System Status Port Connection Status System StatusMAC address the MAC address of the Ethernet port LAN StatusWAN Status Hardware StatusStatus LEDs Contacting Patton for assistance Contact information Warranty coveragePatton support headquarters in the USA Returns for credit Out-of-warranty serviceReturn for credit policy RMA numbersEMC Appendix a Compliance informationRadio and TV Interference FCC Part ComplianceCE Declaration of Conformity FCC Part 68 Acta Statement Model 2603 onlyIndustry Canada Notice 2603 Model only Appendix B Specifications Ethernet General CharacteristicsSync Serial Interface T1/E1 InterfacePPP Support Protocol SupportManagement Power and Power Supply Specifications DimensionsAC universal power supply VDC power supplyAppendix C Cable Recommendations Adapter Ethernet CableAppendix D IPLink Physical Connectors RJ-45 shielded 10/100 Ethernet port Assuming the MDI-X switch is in the out positionRJ-45 non-shielded RS-232 console port EIA-561 Serial port 35 M/34 and DB-25 ConnectorPin No Circuit Signal Name Direction 21 DB-15 ConnectorPin No Signal E1/T1 RJ-48C ConnectorAppendix E Command Line Interface CLI Operation CLI Terminology Using the ConsoleProduces a list of numbered transport objects Local VT-100 emulationThen Another example shows when the user must provide a parameterSetting user passwords Administering user accountsEnter the new password twice as prompted Adding new usersControlling login access Changing user settingsControlling user access For example, to change the security level for fred, enter
Related manuals
Manual 133 pages 54.65 Kb