USER’S GUIDE

Below is an example of a configuration used to verify multi-level security over an IP WAN UnNumbered interface. It uses IP addresses specific to the example. Substitute the IP address of your network when you perform the multi-level security verification steps. It also uses the “ping” command. The “ping” command sends a packet to a specified host, waits for a response, and reports success or failure. Substitute the equivalent command on your network.

Remote

Device

ISDN

Telnet Port 100.0.0.1 to ACE 7003

192.100.1.1

100.0.0.3

Ace Server

100.0.0.2

 

 

Client PC

Service

192.100.1.2

 

Server

 

The steps to verify multi-level security are:

1.Determine if the client PC can ping the Service Server. On the Client PC, type: ping 100.0.0.2 <return>

If the ping is successful, then continue with the next step.

If the client PC CANNOT ping to the Service Server, refer to IP Routing over a WAN UnNumbered Interface Connection in the Problem Diagnosis chapter.

2.Reconfigure the definition of the remote device in the device database to enable User Level Authentication. Attempt to ping the Service Server again. On the client PC, type:

ping 100.0.0.2 <return>

If the ping is successful, disconnect the call. Ensure that User Level Authentication is enabled for the remote device, then try the ping again. The ping should fail.

If the client PC CANNOT ping to the Service Server, then continue with the next step.

3.Telnet from the client PC into the central site. For example, telnet to 100.0.0.1, port 7003. Follow the normal user level authentication process.

4.Once again, determine if the client PC can ping the Service Server. On the Client PC, type: ping 100.0.0.2 <return>

If the ping is successful, then multi-level security is operational.

If the client PC CANNOT ping to the Service Server, refer to Multi-Level Security in the Problem Diagnosis chapter.

358 CyberSWITCH

Page 358
Image 358
Cabletron Systems CSX1000, CSX1200 manual Ping 100.0.0.2 return