Carrier Access MSR/Adit 3K GUI General IPSec Settings

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI 2-29

Advanced

IPSec (IP Security)

General IPSec Settings

Field Definition

Block Unauthorized IP When an IP address fails to register with IPSec connection, it can be blocked

for a set amount of time by the firewall.

Enabled Checked box enables the blocking of unauthorized IP access.

Maximum number or

authentication failures

Maximum number of failures before a block takes effect.

Range 0 - 2147483647 failures.

Block Period Sets the number of seconds for the IP address to be blocked.

Range 0 - 2147483647 seconds.

Anti-Replay

Enable anti-replay

protection

Anti-Replay is a security service where the receiver can reject old or

duplicate packets to protect itself against replay attacks. IPSec provides this

optional service by use of a sequence number combined with the use of data

authentication. PIX Firewall IPSec provides this service whenever it provides

the data authentication service, except in the following:

The service is not available for manually established security associations

(security associations established by manual configuration and not by IKE).

Connections

New Connection Creates a new secured connection. The user is guided through a series of

windows to configure this connection.

Contents

Main Page P Safety Information CAUTION! NOTE: Preface Notices DANGER! CAUTION! WARNING! NOTE: TABLE OF CONTENTS Preface 1 2 Page 3 4 5 6 Glossary Index Web Based Management Overview of Supported Products Adit 3104 IP Business Gateway Adit 3200 Business Router Adit 3500 Trunk Gateway Multi-Service Router (MSR) Card (for the Adit 600 Platform) Accessing the GUI NOTE: Page Navigation Pane Icons Action Icons (for Managing Lists) Home Network Map LAN WAN Host Information Window Page Quick Setup Web Based Management Internet Connection Connection Type Page Page Page Page NOTE: Page Page Page Network Connections Page Security Web Based Management Voice over IP NOTE: WARNING! Page Page Page Page Page Advanced Page ARP Certificates Digital Certificates X.509 Certificate Format Obtaining and Loading an X.509 Certificate Page Page Page Page Page Page Page Setting the Date and Time Page Page Page DNS Static Entries Viewing the DNS Table Page Modifying an Entry in the DNS Table Dynamic DNS Using Dynamic DNS 1. Select Advanced/ Dynamic DNS. 2. Specify the Dynamic DNS operating parameters: 3. Select Apply or OK to save the configuration. Advanced IP Address Distribution (DHCP) Summary of Services NOTE: Editing DHCP Server Settings Page Page Page IPSec (IP Security) General IPSec Settings Key Management Log Settings Page Page Network Objects Page Page RADIUS Client Configuring RADIUS Remote Administration Page Restore Defaults Restoring Default Settings Routing Static Routing Page Page Page Page Page Page OSPF Field Definitions When the Open Shortest Past First (OSPF) option is enabled, the window displays additional fields: Page Page Page Scheduler Rules Page Page Simple Network Management Protocol Configuring the Adits SNMP Agent Page Page Page Page Defining an Outgoing Mail Server Technical Information Page Advanced Configuration File WARNING! Upgrade From a Local Computer Upgrading the Software Page Adding a User Page Configuring E-mail Notification for Users VLAN Configuration Page Page Page Page Page Network Connections Adit 3000 Connections Adit MSR Connections Page Preconfigured Connections Ethernet 1 Configuring Ethernet 1 Internet Protocol DNS Static Entries Network Connections NOTE: IP Address Distribution Routing Internet Connection Configuring DHCP Options Page Configuring Ethernet 2 Network Connections NOTE: IP Address Distribution Additional IP Addresses Routing Serial 1 (Adit 3000 Only) T1 1 - T1 4 (Adit 3000 Only) Configuring a T1 (1-4) T1 Configuration Network Connections Log Button See, System Monitoring/T1 Log (Adit 3000 Only) on page 5-7. Performance Button See, System Monitoring/T1 Performance (Adit 3000 Only) on page 5-10. Connections that Require Configuration Multilink Page The following are field definitions for the Configure Multilink 1 window: PPP PPP Authentication PPP Encryption NOTE: Serial (PPPoDS0) Page The following are field definitions for the Configure Serial 1 window: PPP - PPP Authentication PPP Encryption Internet Protocol DNS Static Entries Routing Internet Connection Additional IP Addresses Page Page New Connection Page Network Connections Point-to-Point Protocol over DS0 (Serial) NOTE: Page Page Multilink Point-to-Point Protocol over DS0 (Multilink) NOTE: Page Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling Protocol Server (PPTP Server) Page Layer Two Tunneling Protocol (L2TP) Internet Protocol Security (IPSec) Page OSPF Configuration on the Network Connection NOTE: Page 4. Set the OSPF interface parameters as needed: Page Page Security Page Page General Security NOTE: Security Levels Access Control Page NOTE: Modifying an Access Control Rule Page 4. Configure the Service port protocol: Page Local Servers NOTE: Adding a Local Server Security NOTE: Modifying a Local Server Security DMZ Host WARNING! Page Port Triggering Page Page Page Security Remote Administration WARNING! Configuring Remote Administration Page Adding an Address/Hostname to the Restricted List Page Advanced Filtering Input and Output Rule Sets Page Page Page Page Security NAT Bypass Adding/Modifying a NAT Bypass Rule NOTE: Security Log The following are the events and event types that are automatically recorded in the Security Log: Page Security Log Settings Security Firewall Implementation Network Connection Configuration Network Type LAN WAN Routing Mode NAPT Route Internet Connection Firewall Security Firewall Processing Sequence Inbound Firewall Processing Outbound Firewall Processing System Monitoring Page Page Page Page Page Page System Monitoring SIP Log The SIP Log displays all SIP related alarms and events. System Monitoring PRI Log The PRI Log displays all PRI related alarms and events. Page Page Page Voice Over IP WARNING! Page Dialing Parameters Digit Map FXS Digit Map Gateway IP Address VoIP Signaling Protocol UDP - User Datagram Protocol. Proxy Servers Codecs Configuring the Digit Map Page Digit Map Pattern Page Page Page Page Page Phone Settings Page Page Identification Packet Processing None - A Modem call would be treated as a normal voice call. Bypass - Causes the line to transmit in G.711 mode, with echo Static - Maintain a static average delay, through the jitter buffer. Page Page Page Phone Book Destination Page Page The following table defines the fields displayed in the Line Monitoring window: Page Page Page Identification Packet Processing more voice channels. Voice Processing Calling Features Digit Map New Entry - See Call Destination window below. Page Page Page Page The following table defines the fields displayed in the Trunk Monitoring window: Voice over IP Trunk Registration NOTE: The Trunk Registration tab displays all configured PBX phone lines. Page Page Page G Page Page Page Page Page Page Page Page Page Page Page Page Page I