Manuals / Enterasys Networks / Computer Equipment / Network Card

Enterasys Networks Network Card manual Intelligent Client Routing

Models: Network Card

1 276

Download 276 pages 57.43 Kb

Page 43

Chapter 3	Before You Begin
Configuring an ANG-3000/7000

Aurorean Learned

Routes:

Network A

10.10.10.3

X, Y, Z

Virtual Subnet

10.10.10.0

Network B

ANG1

ANG2

INTERNET

Network X

Network C

10.10.10.2

Network Y

Learned

Learned

Routes:

Routes:

Site-to-Site Tunnel

A, B, C

Network Z

X, Y, Z

Figure 13 Virtual Subnets for Site-to-Site and Remote Access Tunnels

For instructions on creating virtual subnets for IP address and IPX network number allocation, refer to “Virtual Subnetting” on page 50.

Intelligent Client Routing

Enterasys Networks’ Intelligent Client Routing feature provides you with a measure of control over a Aurorean Client user’s access to the Internet. When enabled (this feature is enabled by default), Intelligent Client Routing allows remote clients to browse the Internet directly, outside of the tunnel. For example, if a remote client tries to browse the Internet while tunneled into the corporate network, packets bound for any destination within the Internet are sent down the tunnel into the ANG and then back out the network’s Internet gateway.

When Intelligent Client Routing is enabled, the ANG exports routes over the tunnel to the client. Based on this information, the client determines if the destination address can only be reached over the tunnel or can be reached directly on the Internet. Figure 14 contrasts how packets that are destined for an Internet server are routed with the Intelligent Client Routing feature enabled or disabled.

If you allocate a non-routable IP address to a remote client from a virtual subnet, you may need to enable Intelligent Client Routing to allow the remote client to browse the Internet.

RiverMaster Administrator’s Guide

31

Image 43

Enterasys Networks Network Card Intelligent Client Routing, Virtual Subnets for Site-to-Site and Remote Access Tunnels

Contents

RiverMaster Administrator’s Guide Office Table of Contents Configuring an ANG-3000/7000 Setting Up Aurorean Services Adding POPs for Corporate ISPs 114 Managing Users & GroupsGenerating Reports Index About This Guide Contents of the GuideAbout This Guide Related Documents Conventions Used in this GuideXii Hardware Requirements System RequirementsUpgrading a Previous Release Installing the ApplicationInstallation Steps Software RequirementsInstalling the Application When the Welcome window appears, click Next to continueStarting the Application for the First Time To start RiverMaster, perform the following steps First-Time Setup InformationSelect APS Window Do one of the followingRiverMaster Login Window RiverMaster Main Interface Removing RiverMaster Files Removing RiverMaster FilesLocate the RiverMaster program folder Default location for this folder is C\Program Files\Delete the RiverMaster folder Restart your computer RiverMaster Overview Getting Started with RiverMasterCurre Logging into RiverMaster Logging into RiverMasterLogging into RiverMaster Checking Server Status Problem Summary & Users LoggedChecking Server Status Aurorean Network Gateway Status Information Aurorean Network Gateway StatisticsAurorean Network Gateway Statistics Aurorean Policy Server StatisticsService Function If Stopped Aurorean Policy Server ServicesFTP Aurorean Policy Server Services Setting Up a Aurorean Virtual Network the First Time Setting Up a Aurorean Virtual Network the First TimeAdd user accounts to each group as described in Chapter Setting Up a Aurorean Virtual Network the First Time Page Configuring an ANG-3000/7000 Before You Begin Configuration PulloutBefore You Begin Allocating IP/IPX Addresses to Remote Clients Before You Begin Remote Client Virtual Subnet Usage Configuring an ANG-3000/7000 Intelligent Client Routing Virtual Subnets for Site-to-Site and Remote Access TunnelsIntelligent Client Routing Enabled Intelligent Client Routing DisabledGateway NAT ServerAurorean NetworkSite-to-Site Tunnels Site-to-Site ConfigurationAutoLink Recovery Primary Aurorean System General Aurorean Network Gateway Settings General Aurorean Network Gateway SettingsGeneral Aurorean Network Gateway Settings DNS server addresses tab page appears as shown in Figure Click the DNS tabWins Server Addresses Click the Wins tabNAT Server Address Click the NAT tabPrimary addresses cannot be modified in this window Viewing Aurorean Alternate Address InformationClick Apply to save your changes Aurorean Alternate Address Info window appears as shownTunnel Protocols Tunnel ProtocolsTunnel Protocols window appears as shown in Figure Tunnel Protocol General SettingsTunnel Protocol Authentication Settings Click the Authentication tabParameter Explanation Click the Encryption tab Do one of the followingTunnel Protocol Encryption Settings Tunnel Parameter Explanation Protocol Click the Compression tabTunnel Protocol Compression Settings Enable or disable Mppc as requiredVirtual Subnetting Virtual SubnettingIP Subnetting Sample IP subnet window is shown in FigureClick Add Click Remove to delete any configured virtual subnetsAdd An IP Virtual Subnet window appears as seen in Figure Sample IPX virtual networks window is shown in Figure IPX Virtual NetworksIPX Subnet Configuration for Remote Clients Routing RoutingRIP Configuration window should appear as shown in Figure Setting Routing Protocol ParametersRIP Routing Protocol Configuration Parameter Meaning Fixed Value Repeat and for each gateway required Do one of the followingOspf Routing Protocol Configuration Ospf Configuration window appears as shown in FigureRouting Interfaces Adding or Removing a Routing Protocol for an Interface Adding a Routing Protocol Choose the version of RIP to use on this interface RIP Interface Configuration window appears as shownDo one of the following Ospf Interface Configuration window appears as shown To enable Ospf on an interface, perform the following stepsStatic parameter tab page is displayed as shown in Figure Do one of the followingRouting Click Add Remote Server Display Adding a Remote ServerAdd Remote Server window appears as shown in Figure Click Add Remote ServerAdd Remote Tunnel window appears as shown in Figure Choose the tunneling protocol IPSec or Pptp Click AddAdding a Remote Server Changing Server and Tunnel Properties Select Enabled or Disabled in the Enabled State fieldRemote Tunnel Properties window appears as shown in Figure Adding a Remote Server Page Setting Up Aurorean Services Radius Authentication Servers Authorization Plug-in OptionsPlug-in Planning Problem Notification Private/Public Keys for IPSec AuthenticationTrace Levels Trace Messages Display Adding an Authorization Plug-InShows the Configuration pullout Enterasys AuthenticationClick here to update the plug-in Optionally, specify a value in the Num Threads field Radius AuthorizationAdding an Authorization Plug-In Chapter Optionally, specify a value in the Num Threads field Server Type Recommended Value Create New Plug-in window will appear as shown in Figure SecurID AuthorizationAdding an Authorization Plug-In Chapter Click Create Specify SecurID Configuration File WindowChapter Generating Private/Public Keys Chapter Creating a Mailing List Using the Notification Service to Send E-MailChapter Adding an Address to a Mailing List Using the Notification Service to Send E-Mail Chapter ANG Tunnel Management Service Window Setting Trace LevelsBacking Up the Database Click Set to enable the Trace LevelStarting a Database Backup Click Start on Backup Database Click on Indus River AccessBacking Up the Database Window similar to will appear100 101 Controlling Remote User Dialing & Access102 TollSaver Database103 Corporate Dial-Up Access104 Corporate105 Creating POP Packages106 Creating POP Packages107 Build Completed Window108 Adding Corporate ISPs109 ISP Properties display will appear as show in Figure Click the ISP Properties tab110 Script files are not uploaded without the .SCP extension Select the Access Method as follows111 112 Adding Corporate ISPs113 Adding POPs for Corporate ISPs Adding POPs for Corporate ISPs114 115 Pull-down options appear as shown in below116 This field is currently not implemented117 Script window appears as shown in FigurePage 119 Managing Users & Groups120 Manage Users & Groups Pullout121 Group Policies122 Aurorean Client Installation Kits123 Contents of a Aurorean Client Installation Kit124 Client Synchronization125 126 Creating a New Group Creating a New GroupGroup Notices Open the Manage Users and Groups pullout128 Manage Users and Groups Pullout Group View129 130 Policy Explanation131 Password Policies132 Credit Card Policies133 Tunnel PoliciesSample User view is shown in Figure Adding Users to a Group134 135 Corporate User Name field, type a name for the userDepartment field automatically defaults to the group name Password field, type a unique password136 137 Modifying User & Group Information138 Removing Users & Groups139 Creating an Aurorean Client Installation KitCreating an Aurorean Client Installation Kit Sample Group view is shown in Figure140 Build Client Install Kit WindowSet the Install Kit Options as follows Default Aurorean installation kit file name is141 142 Advanced Kit Options Window143 144 Kit Complete MessageControlling Client Synchronization Controlling Client Synchronization145 146 Viewing Group PoliciesBuilding Core Data Files Open the Configuration pullout Click the Update tab147 148 Build Core Data Files Display149 Uploading Software Synchronization Files150 Upload Software Synchronization Files Display151 Click Upload to copy the file you chose onto the APS152 Setting Up Group NoticesSetting Up Group Notices Group Notice display appears as shown in Figure153 Chapter Managing Users & GroupsGroup pull-down screen appears as shown in Figure Click the arrow in the Group field and select a group154 Message you write is limited to 256 characters. See Figure Write your notice in the text box155 Page Current Message Activity Monitoring System Activity157 Monitoring System Activity To view message activity, perform the following stepsOpen the View System Activity pullout Sample message activity view is shown in Figure159 System Activity Display160 161 Message ID Message Type Detailed Description162 Text163 Tunnelid164 Advanced Message Viewer165 Advanced Message View Setup Example166 Message Type Explanation167 168 Advanced Message Viewer Results Example169 Printing MessagesRiverMaster Options window displays as shown in Figure RiverMaster Options170 171 RiverMaster Options Window172 173 Viewing Tunnel ActivityTunnel Statistics window appears similar to Figure Viewing Tunnel ActivityValue Meaning Trends to Look For Describes the types of statistics you can choose174 175 176 Using Snmp to Gather StatisticsGenerating Reports Report ContentsHeading Explanation Report Contents178 179 Network Gateway Report180 Network Gateway Report ValuesNetwork Gateway Report Max Tunnels GRE/IPSEC Display182 Client Anomaly Report183 Client Report184 Client Session Report Values185 Conn SpeedClient Session Summary Report Displays a typical Client Session Summary Report187 Accounting Report188 Displays a typical Accounting Summary ReportDrill-down Accounting Detail Report Accounting Summary Report190 Downloading, Viewing and Exporting ReportsChoose from daily, weekly, monthly or custom options Downloading, Viewing and Exporting Reports191 192 Report Viewing Window193 Printing Reports194 Exporting ReportsExport window appears as shown in Figure Select Disk file in the Destination field195 If you want this export format Go to196 Choose Export File Window197 Exporting Records Window198 Export To Directory window appears as shown in Figure199 Number and Date Format Dialog box appears as shown200 Enter Odbc Table Name dialog box appears as shown201 Select Workbook WindowFormat Options Dialog Box Lines Per Page Dialog Box203 Exporting Reports to a Microsoft Exchange FolderChoose Profile Window Select Exchange Folder in the Destination field and click OK205 Select a folder window appears as shown in Figure206 Click on a folder to store the report and click OK207 Exporting Reports Using MapiExport is now complete Send Mail window appears as shown in Figure208 209 Glossary210 AutoLink Recovery211 Generic Routing Encapsulation GRE212 Network Administrator213 Point-to-Point Tunneling Protocol Pptp214 Remote Client/User215 TollSaver DatabasePage 217 ANG-3000/7000 Preconfiguration Stored on a Floppy Disk218 Adding Remote GatewaysAdd Remote ANG window appears as shown in Figure Adding Remote Gateways219 Add Remote ANG Window220 Configuring ANG IP AddressesUnder Remote Gateways, click Configure Remote Gateway Remote ANG Configuration screen appears as shown in Figure221 Configuring Tunnel ProtocolsEnter values in the open fields as follows Click Next222 Configuring Tunnel Protocols223 Click on the Authentication tab224 Click the Encryption tab Do one of the following225 Compression properties screen appears as shown in Figure Click the Compression tab226 227 Enable or disable Mppc as required228 Configuring Virtual Subnets229 Configuring Routing Protocols Configuring Routing Protocols230 231 232 Ospf Properties233 Configuring Routing Interfaces Configuring Routing Interfaces234 235 236 Configuring RIP for the Interface237 Set the RIP Route Importing/Exporting options as follows Configuring Ospf on an Interface238 239 Creating Static Routes240 Appendix B241 Creating Remote Connections Creating Remote Connections242 243 Remote Connection Configuration Window244 Tunnel Values section, enter a User Name245 246 Loading the Floppy Disk Loading the Floppy Disk247 248 Remove the floppy diskLicense Grant Enterasys Networks License Agreement249 AppendixC Warranty250 251 Infringement IndemnificationLimitation of Liability Appendix C252 TerminationInternational Provisions Applicable Law253 Government Commercial Computer Software254 Technical SupportSupport from Authorized Resellers Support from Enterasys NetworksNumerics Symbols255 256 IndexNew 190-208257 113 109111 110259 48, 224260 Radius261 203-206262 UDP263