Casio ACS V6000 IPSecVPN, To change the policy for a default chain, To add a rule, To edit a rule

Page 30

Chapter 3: Accessing a Virtual Console Server via the Web Manager 25

NOTE: Spaces are not allowed in the chain name.

6.Add one or more rules to complete the chain configuration.

To change the policy for a default chain:

NOTE: User-defined chains cannot be edited. To rename a user-added chain, delete it and create a new one.

1.Select Network - Firewall.

2.Select either IPv4 Filter Table or IPv6 Filter Table as needed.

3.Select the checkbox next to the name of the chain you want to change (FORWARD, INPUT, OUTPUT).

4.Click Change Policy and select Accept or Drop from the drop-down menu.

5.Click Save.

To add a rule:

1.Select Network - Firewall.

2.Select either IPv4 Filter Table or IPv6 Filter Table as needed.

3.From the chain list, click the name of the chain to which you want to add a rule.

4.Click Add and configure the rule as needed, then click Save.

To edit a rule:

1.Select Network - Firewall.

2.Select either IPv4 Filter Table or IPv6 Filter Table as needed.

3.From the chain list, click the name of the chain with the rule you want to edit.

4.Select the rule you want to edit and click Edit.

5.Modify the rule as needed and click Save.

IPSec(VPN)

Virtual Private Network (VPN) enables a secure communication between the virtual console server and a remote network by utilizing a gateway and creating a secured connection between the virtual console server and the gateway. The IPSec protocol is used to construct the secure tunnel and provides encryption and authentication services at the IP level of the protocol stack.

NOTE: IPSec(VPN) is not supported with IPv6.

When Network - IPSec(VPN) is selected, the IPSec(VPN) screen is displayed.

Image 30

Contents ACS Page ACS B L E of C on TE N TS Iii ACS v6000 Installation/Administration/User Guide Features and Benefits Access optionsWeb Manager IPv4 and IPv6 supportFlexible users and groups VPN based on IPSec with NAT traversal AuthenticationSecurity Packet filteringData logging, notifications, alarms and data buffering Auto discoveryTo create the virtual machine using the vSphere client ACS v6000 virtual console server requirementsPage Using Telnet or SSH To close a Telnet session To use Telnet to connect to a device through a serial port# telnet hostname IPaddress To use SSH to connect to a device through a serial portTo close an SSH session ACS v6000 Installation/Administration/User Guide Web Manager Overview for Administrators To log into the web managerWizard Mode Wizard Screen To configure network parameters To configure licensesTo configure Ports To configure users and change the default user passwords Expert ModeAccess To view and connect to devices using the web managerSystem Tools SystemSecurity profiles To configure the Security Profile To configure DSView 3 software security settingsSelect System Security Security Profile Date and Time Help and LanguageVM Settings InformationUsage To configure a vCenter To add an association by DatacenterVCenter To power control targets using the web manager NetworkLicense Devices SettingsTo configure a network device IPv4 and IPv6 static routesFirewall Configuring the firewallHosts To add a hostProtocol options To add a chainTo add a rule To change the policy for a default chainIPSecVPN To edit a rulePayload or AH Authentication Header Snmp Configuration To configure SnmpClick Network Snmp Serial ports To enable or disable one or more serial portsPorts Select Ports Serial PortsCAS Ctrl-X Parameter Description To copy/clone the configuration of one port to other ports CAS ProfileAuto discovery To configure the input/output strings used by auto answer Select Probe Strings or Match StringsSelect Ports CAS Profile Auto Answer To configure a pool of CAS ports Pool of CAS portsClick Ports Pool of CAS Ports Authentication Pool of CAS Ports Parameters Parameter DescriptionTo set authentication for the console server Appliance authenticationAuthentication servers To configure a Radius authentication serverTo configure an Ldapsad authentication server To configure a TACACS+ authentication serverSelect Authentication Authentication Servers TACACS+ Select Authentication Authentication Servers LdapsadTo configure a DSView authentication server To configure a Kerberos authentication serverTo configure an NIS authentication server Users Accounts and User GroupsLocal accounts To add new usersAdmin group To configure password rulesClick Users Local Accounts Password Rules User groupsTo view admin Appliance Access Rights User group Appliance-admin groupShell-login-profile Managing user groupsTo configure a login profile for a user group Check the Enable Log-In Profile boxTo remove members from a user group To add access to serial ports for a user group To assign appliance access rights for custom user groupsTo configure a group in a TACACS+ authentication server To configure a group in a Radius authentication serverEvent Notifications Event ListEvent Destinations To configure Data Buffering Data BufferingSelect Events and Logs Data Buffering Monitoring To configure Appliance LoggingActive Sessions Appliance LoggingSelect Change Password Change PasswordTo change your own password Web Manager Overview for Regular UsersACS v6000 Installation/Administration/User Guide Appendix a BootP Configuration Retrieval ConfigurationTo resolve an issue Appendix B Technical SupportFor Technical Support