Manuals / Enterasys Networks / Computer Equipment / Network Card

Enterasys Networks Network Card manual Click the Encryption tab Do one of the following, 224

Models: Network Card

1 276

Download 276 pages 57.43 Kb

Page 236

Configuring Tunnel Protocols	Appendix B
	ANG-3000/7000 Preconfiguration Stored on a Floppy Disk

	Table 18 IPsec Authentication Parameters

Parameter	Explanation

None	Disables the Signature Algorithm for IPSec packets; individual
	packets are no longer signed and verified during transmission.

HMAC-SHA	Enables hashing message authentication codes (HMAC) that are
	generated using the SHA cryptographic hashing function. HMAC-
	SHA is generally regarded as stronger, more secure cryptographic
	function than HMAC-MD5.

HMAC-MD5	Enables hashing message authentication codes (HMAC) that are
	generated using the Rivest MD5 message digest algorithm hashing
	function. While not as strong cryptographically as HMAC-SHA,
	HMAC-MD5 provides better performance.

Time Period	Interval after which a new key is generated. Default value: 60
	minutes.

Data	Lifetime volume (in kilobytes) of the key after which a new key is
Transferred	generated. Default value: Disabled.

4Click the Encryption tab.

5Do one of the following:

–To set IPSec encryption parameters, choose IPSec from the Protocol menu. IPSec encryption parameters are shown in Figure 125. Select the IPSec Encryption Algorithm that determines how IPSec packets exchanged between Aurorean Network Gateways are encrypted.

–To set PPTP encryption parameters, choose PPTP from the Protocol menu. PPTP encryption parameters are shown in Figure 125. Select the Microsoft Point-to-Point Encryption (MPPE) algorithm that determines how PPTP packets exchanged between ANGs are encrypted.

224	RiverMaster Administrator’s Guide

Image 236

Enterasys Networks Network Card manual Click the Encryption tab Do one of the following, 224

Contents

RiverMaster Administrator’s Guide Office Table of Contents Configuring an ANG-3000/7000 Setting Up Aurorean Services Managing Users & Groups Adding POPs for Corporate ISPs 114Generating Reports Index Contents of the Guide About This GuideAbout This Guide Conventions Used in this Guide Related DocumentsXii System Requirements Hardware RequirementsInstalling the Application Installation StepsSoftware Requirements Upgrading a Previous ReleaseWhen the Welcome window appears, click Next to continue Installing the ApplicationStarting the Application for the First Time First-Time Setup Information To start RiverMaster, perform the following stepsDo one of the following Select APS WindowRiverMaster Login Window RiverMaster Main Interface Removing RiverMaster Files Removing RiverMaster FilesDelete the RiverMaster folder Restart your computer Default location for this folder is C\Program Files\Locate the RiverMaster program folder Getting Started with RiverMaster RiverMaster OverviewCurre Logging into RiverMaster Logging into RiverMasterLogging into RiverMaster Checking Server Status Problem Summary & Users LoggedChecking Server Status Aurorean Network Gateway Statistics Aurorean Network Gateway Status InformationAurorean Policy Server Statistics Aurorean Network Gateway StatisticsAurorean Policy Server Services Service Function If StoppedFTP Aurorean Policy Server Services Setting Up a Aurorean Virtual Network the First Time Setting Up a Aurorean Virtual Network the First TimeAdd user accounts to each group as described in Chapter Setting Up a Aurorean Virtual Network the First Time Page Configuring an ANG-3000/7000 Before You Begin Configuration PulloutBefore You Begin Allocating IP/IPX Addresses to Remote Clients Before You Begin Remote Client Virtual Subnet Usage Configuring an ANG-3000/7000 Virtual Subnets for Site-to-Site and Remote Access Tunnels Intelligent Client RoutingIntelligent Client Routing Disabled Intelligent Client Routing EnabledNAT Server AuroreanNetwork GatewaySite-to-Site Configuration Site-to-Site TunnelsAutoLink Recovery Primary Aurorean System General Aurorean Network Gateway Settings General Aurorean Network Gateway SettingsGeneral Aurorean Network Gateway Settings Click the DNS tab DNS server addresses tab page appears as shown in FigureClick the Wins tab Wins Server AddressesClick the NAT tab NAT Server AddressViewing Aurorean Alternate Address Information Click Apply to save your changesAurorean Alternate Address Info window appears as shown Primary addresses cannot be modified in this windowTunnel Protocols Tunnel ProtocolsTunnel Protocol General Settings Tunnel Protocols window appears as shown in FigureClick the Authentication tab Tunnel Protocol Authentication SettingsClick the Encryption tab Do one of the following Parameter ExplanationTunnel Protocol Encryption Settings Click the Compression tab Tunnel Parameter Explanation ProtocolEnable or disable Mppc as required Tunnel Protocol Compression SettingsVirtual Subnetting IP SubnettingSample IP subnet window is shown in Figure Virtual SubnettingAdd An IP Virtual Subnet window appears as seen in Figure Click Remove to delete any configured virtual subnetsClick Add IPX Virtual Networks Sample IPX virtual networks window is shown in FigureIPX Subnet Configuration for Remote Clients Routing RoutingSetting Routing Protocol Parameters RIP Configuration window should appear as shown in FigureRIP Routing Protocol Configuration Repeat and for each gateway required Do one of the following Parameter Meaning Fixed ValueOspf Configuration window appears as shown in Figure Ospf Routing Protocol ConfigurationRouting Interfaces Adding or Removing a Routing Protocol for an Interface Adding a Routing Protocol RIP Interface Configuration window appears as shown Choose the version of RIP to use on this interfaceDo one of the following To enable Ospf on an interface, perform the following steps Ospf Interface Configuration window appears as shownDo one of the following Static parameter tab page is displayed as shown in FigureRouting Click Add Adding a Remote Server Remote Server DisplayClick Add Remote Server Add Remote Server window appears as shown in FigureAdding a Remote Server Choose the tunneling protocol IPSec or Pptp Click AddAdd Remote Tunnel window appears as shown in Figure Select Enabled or Disabled in the Enabled State field Changing Server and Tunnel PropertiesRemote Tunnel Properties window appears as shown in Figure Adding a Remote Server Page Setting Up Aurorean Services Authorization Plug-in Options Radius Authentication ServersPlug-in Planning Private/Public Keys for IPSec Authentication Problem NotificationTrace Levels Adding an Authorization Plug-In Trace Messages DisplayEnterasys Authentication Shows the Configuration pulloutClick here to update the plug-in Radius Authorization Optionally, specify a value in the Num Threads fieldAdding an Authorization Plug-In Chapter Optionally, specify a value in the Num Threads field Server Type Recommended Value SecurID Authorization Create New Plug-in window will appear as shown in FigureAdding an Authorization Plug-In Chapter Specify SecurID Configuration File Window Click CreateChapter Generating Private/Public Keys Chapter Using the Notification Service to Send E-Mail Creating a Mailing ListChapter Adding an Address to a Mailing List Using the Notification Service to Send E-Mail Chapter Setting Trace Levels ANG Tunnel Management Service WindowClick Set to enable the Trace Level Backing Up the DatabaseClick on Indus River Access Starting a Database Backup Click Start on Backup Database100 Window similar to will appearBacking Up the Database Controlling Remote User Dialing & Access 101TollSaver Database 102Corporate Dial-Up Access 103Corporate 104Creating POP Packages 105Creating POP Packages 106Build Completed Window 107Adding Corporate ISPs 108109 110 Click the ISP Properties tabISP Properties display will appear as show in Figure 111 Select the Access Method as followsScript files are not uploaded without the .SCP extension Adding Corporate ISPs 112113 114 Adding POPs for Corporate ISPsAdding POPs for Corporate ISPs Pull-down options appear as shown in below 115This field is currently not implemented 116Script window appears as shown in Figure 117Page Managing Users & Groups 119Manage Users & Groups Pullout 120Group Policies 121Aurorean Client Installation Kits 122Contents of a Aurorean Client Installation Kit 123Client Synchronization 124125 126 Creating a New Group Group NoticesOpen the Manage Users and Groups pullout Creating a New GroupManage Users and Groups Pullout Group View 128129 Policy Explanation 130Password Policies 131Credit Card Policies 132Tunnel Policies 133134 Adding Users to a GroupSample User view is shown in Figure Corporate User Name field, type a name for the user 135136 Password field, type a unique passwordDepartment field automatically defaults to the group name Modifying User & Group Information 137Removing Users & Groups 138Creating an Aurorean Client Installation Kit Creating an Aurorean Client Installation KitSample Group view is shown in Figure 139Build Client Install Kit Window 140141 Default Aurorean installation kit file name isSet the Install Kit Options as follows Advanced Kit Options Window 142143 Kit Complete Message 144145 Controlling Client SynchronizationControlling Client Synchronization Viewing Group Policies 146147 Open the Configuration pullout Click the Update tabBuilding Core Data Files Build Core Data Files Display 148Uploading Software Synchronization Files 149Upload Software Synchronization Files Display 150Click Upload to copy the file you chose onto the APS 151Setting Up Group Notices Setting Up Group NoticesGroup Notice display appears as shown in Figure 152Chapter Managing Users & Groups 153154 Click the arrow in the Group field and select a groupGroup pull-down screen appears as shown in Figure 155 Write your notice in the text boxMessage you write is limited to 256 characters. See Figure Page 157 Monitoring System ActivityCurrent Message Activity To view message activity, perform the following steps Open the View System Activity pulloutSample message activity view is shown in Figure Monitoring System ActivitySystem Activity Display 159160 Message ID Message Type Detailed Description 161Text 162Tunnelid 163Advanced Message Viewer 164Advanced Message View Setup Example 165Message Type Explanation 166167 Advanced Message Viewer Results Example 168Printing Messages 169170 RiverMaster OptionsRiverMaster Options window displays as shown in Figure RiverMaster Options Window 171172 Viewing Tunnel Activity Tunnel Statistics window appears similar to FigureViewing Tunnel Activity 173174 Describes the types of statistics you can chooseValue Meaning Trends to Look For 175 Using Snmp to Gather Statistics 176Report Contents Generating Reports178 Report ContentsHeading Explanation Network Gateway Report 179Network Gateway Report Values 180Max Tunnels GRE/IPSEC Display Network Gateway ReportClient Anomaly Report 182Client Report 183Client Session Report Values 184Conn Speed 185Displays a typical Client Session Summary Report Client Session Summary ReportAccounting Report 187Displays a typical Accounting Summary Report 188Accounting Summary Report Drill-down Accounting Detail ReportDownloading, Viewing and Exporting Reports Choose from daily, weekly, monthly or custom optionsDownloading, Viewing and Exporting Reports 190191 Report Viewing Window 192Printing Reports 193Exporting Reports Export window appears as shown in FigureSelect Disk file in the Destination field 194If you want this export format Go to 195Choose Export File Window 196Exporting Records Window 197Export To Directory window appears as shown in Figure 198Number and Date Format Dialog box appears as shown 199Enter Odbc Table Name dialog box appears as shown 200Select Workbook Window 201Lines Per Page Dialog Box Format Options Dialog BoxExporting Reports to a Microsoft Exchange Folder 203Select Exchange Folder in the Destination field and click OK Choose Profile WindowSelect a folder window appears as shown in Figure 205Click on a folder to store the report and click OK 206Exporting Reports Using Mapi 207208 Send Mail window appears as shown in FigureExport is now complete Glossary 209AutoLink Recovery 210Generic Routing Encapsulation GRE 211Network Administrator 212Point-to-Point Tunneling Protocol Pptp 213Remote Client/User 214TollSaver Database 215Page ANG-3000/7000 Preconfiguration Stored on a Floppy Disk 217Adding Remote Gateways Add Remote ANG window appears as shown in FigureAdding Remote Gateways 218Add Remote ANG Window 219Configuring ANG IP Addresses Under Remote Gateways, click Configure Remote GatewayRemote ANG Configuration screen appears as shown in Figure 220Configuring Tunnel Protocols Enter values in the open fields as followsClick Next 221Configuring Tunnel Protocols 222Click on the Authentication tab 223Click the Encryption tab Do one of the following 224225 226 Click the Compression tabCompression properties screen appears as shown in Figure Enable or disable Mppc as required 227Configuring Virtual Subnets 228229 230 Configuring Routing ProtocolsConfiguring Routing Protocols 231 Ospf Properties 232233 234 Configuring Routing InterfacesConfiguring Routing Interfaces 235 Configuring RIP for the Interface 236237 238 Configuring Ospf on an InterfaceSet the RIP Route Importing/Exporting options as follows Creating Static Routes 239Appendix B 240241 242 Creating Remote ConnectionsCreating Remote Connections Remote Connection Configuration Window 243Tunnel Values section, enter a User Name 244245 246 247 Loading the Floppy DiskLoading the Floppy Disk Remove the floppy disk 248249 Enterasys Networks License AgreementLicense Grant 250 WarrantyAppendixC Infringement Indemnification Limitation of LiabilityAppendix C 251Termination International ProvisionsApplicable Law 252Government Commercial Computer Software 253Technical Support Support from Authorized ResellersSupport from Enterasys Networks 254255 SymbolsNumerics Index 256257 190-208New 109 111110 11348, 224 259Radius 260203-206 261UDP 262263