Manuals / Enterasys Networks / Computer Equipment / Network Card

Enterasys Networks Network Card manual Primary Aurorean System

Models: Network Card

1 276

Download 276 pages 57.43 Kb

Page 48

Before You Begin

Primary

Aurorean

System

Aurorean

Network Gateway

Chapter 3

Configuring an ANG-3000/7000

	Aurorean Client	Secondary
		Secondary
		Aurorean
INTERNET		System
INTERNET	Aurorean
	Network Gateway

Trusted network

Aurorean

Policy

External

Server

Primary & Secondary

Authorization

Server

RiverMaster

Primary RM session

Secondary RM session

Aurorean

Policy

Server

Figure 17 Auto Link Recovery Architecture

If the primary Aurorean Virtual Network system fails or is unreachable due to Internet congestion, corporate ISP outage, or router malfunction, the secondary Aurorean Virtual Network system provides continued VPN service to remote users and branch offices.

From the standpoint of network topology, both Aurorean Virtual Network systems share the same Management domain name although they are physically discrete. Also, a RiverMaster management application serving each Aurorean Virtual Network system is accessible at and operates from a single Windows NT/2000 computer. The Aurorean Virtual Network system pairs can handle authentication through a shared database if an external service such as RADIUS or SecurID is used. ALR also supports Enterasys authentication via the APS database although this requires that user information be manually replicated in each Aurorean Virtual Network system. For more detailed information, refer to the AutoLink Recovery Application Note.

36	RiverMaster Administrator’s Guide

Image 48

Enterasys Networks Network Card manual Primary Aurorean System

Contents

RiverMaster Administrator’s Guide Office Table of Contents Configuring an ANG-3000/7000 Setting Up Aurorean Services Managing Users & Groups Adding POPs for Corporate ISPs 114Generating Reports Index Contents of the Guide About This GuideAbout This Guide Conventions Used in this Guide Related DocumentsXii System Requirements Hardware RequirementsInstalling the Application Installation StepsSoftware Requirements Upgrading a Previous ReleaseWhen the Welcome window appears, click Next to continue Installing the ApplicationStarting the Application for the First Time First-Time Setup Information To start RiverMaster, perform the following stepsDo one of the following Select APS WindowRiverMaster Login Window RiverMaster Main Interface Removing RiverMaster Files Removing RiverMaster FilesDefault location for this folder is C\Program Files\ Locate the RiverMaster program folderDelete the RiverMaster folder Restart your computer Getting Started with RiverMaster RiverMaster OverviewCurre Logging into RiverMaster Logging into RiverMasterLogging into RiverMaster Problem Summary & Users Logged Checking Server StatusChecking Server Status Aurorean Network Gateway Statistics Aurorean Network Gateway Status InformationAurorean Policy Server Statistics Aurorean Network Gateway StatisticsAurorean Policy Server Services Service Function If StoppedFTP Aurorean Policy Server Services Setting Up a Aurorean Virtual Network the First Time Setting Up a Aurorean Virtual Network the First TimeAdd user accounts to each group as described in Chapter Setting Up a Aurorean Virtual Network the First Time Page Configuring an ANG-3000/7000 Configuration Pullout Before You BeginBefore You Begin Allocating IP/IPX Addresses to Remote Clients Before You Begin Remote Client Virtual Subnet Usage Configuring an ANG-3000/7000 Virtual Subnets for Site-to-Site and Remote Access Tunnels Intelligent Client RoutingIntelligent Client Routing Disabled Intelligent Client Routing EnabledNAT Server AuroreanNetwork GatewaySite-to-Site Configuration Site-to-Site TunnelsAutoLink Recovery Primary Aurorean System General Aurorean Network Gateway Settings General Aurorean Network Gateway SettingsGeneral Aurorean Network Gateway Settings Click the DNS tab DNS server addresses tab page appears as shown in FigureClick the Wins tab Wins Server AddressesClick the NAT tab NAT Server AddressViewing Aurorean Alternate Address Information Click Apply to save your changesAurorean Alternate Address Info window appears as shown Primary addresses cannot be modified in this windowTunnel Protocols Tunnel ProtocolsTunnel Protocol General Settings Tunnel Protocols window appears as shown in FigureClick the Authentication tab Tunnel Protocol Authentication SettingsClick the Encryption tab Do one of the following Parameter ExplanationTunnel Protocol Encryption Settings Click the Compression tab Tunnel Parameter Explanation ProtocolEnable or disable Mppc as required Tunnel Protocol Compression SettingsVirtual Subnetting IP SubnettingSample IP subnet window is shown in Figure Virtual SubnettingClick Remove to delete any configured virtual subnets Click AddAdd An IP Virtual Subnet window appears as seen in Figure IPX Virtual Networks Sample IPX virtual networks window is shown in FigureIPX Subnet Configuration for Remote Clients Routing RoutingSetting Routing Protocol Parameters RIP Configuration window should appear as shown in FigureRIP Routing Protocol Configuration Repeat and for each gateway required Do one of the following Parameter Meaning Fixed ValueOspf Configuration window appears as shown in Figure Ospf Routing Protocol ConfigurationRouting Interfaces Adding or Removing a Routing Protocol for an Interface Adding a Routing Protocol RIP Interface Configuration window appears as shown Choose the version of RIP to use on this interfaceDo one of the following To enable Ospf on an interface, perform the following steps Ospf Interface Configuration window appears as shownDo one of the following Static parameter tab page is displayed as shown in FigureRouting Click Add Adding a Remote Server Remote Server DisplayClick Add Remote Server Add Remote Server window appears as shown in FigureChoose the tunneling protocol IPSec or Pptp Click Add Add Remote Tunnel window appears as shown in FigureAdding a Remote Server Select Enabled or Disabled in the Enabled State field Changing Server and Tunnel PropertiesRemote Tunnel Properties window appears as shown in Figure Adding a Remote Server Page Setting Up Aurorean Services Authorization Plug-in Options Radius Authentication ServersPlug-in Planning Private/Public Keys for IPSec Authentication Problem NotificationTrace Levels Adding an Authorization Plug-In Trace Messages DisplayEnterasys Authentication Shows the Configuration pulloutClick here to update the plug-in Radius Authorization Optionally, specify a value in the Num Threads fieldAdding an Authorization Plug-In Chapter Optionally, specify a value in the Num Threads field Server Type Recommended Value SecurID Authorization Create New Plug-in window will appear as shown in FigureAdding an Authorization Plug-In Chapter Specify SecurID Configuration File Window Click CreateChapter Generating Private/Public Keys Chapter Using the Notification Service to Send E-Mail Creating a Mailing ListChapter Adding an Address to a Mailing List Using the Notification Service to Send E-Mail Chapter Setting Trace Levels ANG Tunnel Management Service WindowClick Set to enable the Trace Level Backing Up the DatabaseClick on Indus River Access Starting a Database Backup Click Start on Backup DatabaseWindow similar to will appear Backing Up the Database100 Controlling Remote User Dialing & Access 101TollSaver Database 102Corporate Dial-Up Access 103Corporate 104Creating POP Packages 105Creating POP Packages 106Build Completed Window 107Adding Corporate ISPs 108109 Click the ISP Properties tab ISP Properties display will appear as show in Figure110 Select the Access Method as follows Script files are not uploaded without the .SCP extension111 Adding Corporate ISPs 112113 Adding POPs for Corporate ISPs Adding POPs for Corporate ISPs114 Pull-down options appear as shown in below 115This field is currently not implemented 116Script window appears as shown in Figure 117Page Managing Users & Groups 119Manage Users & Groups Pullout 120Group Policies 121Aurorean Client Installation Kits 122Contents of a Aurorean Client Installation Kit 123Client Synchronization 124125 126 Creating a New Group Group NoticesOpen the Manage Users and Groups pullout Creating a New GroupManage Users and Groups Pullout Group View 128129 Policy Explanation 130Password Policies 131Credit Card Policies 132Tunnel Policies 133Adding Users to a Group Sample User view is shown in Figure134 Corporate User Name field, type a name for the user 135Password field, type a unique password Department field automatically defaults to the group name136 Modifying User & Group Information 137Removing Users & Groups 138Creating an Aurorean Client Installation Kit Creating an Aurorean Client Installation KitSample Group view is shown in Figure 139Build Client Install Kit Window 140Default Aurorean installation kit file name is Set the Install Kit Options as follows141 Advanced Kit Options Window 142143 Kit Complete Message 144Controlling Client Synchronization Controlling Client Synchronization145 Viewing Group Policies 146Open the Configuration pullout Click the Update tab Building Core Data Files147 Build Core Data Files Display 148Uploading Software Synchronization Files 149Upload Software Synchronization Files Display 150Click Upload to copy the file you chose onto the APS 151Setting Up Group Notices Setting Up Group NoticesGroup Notice display appears as shown in Figure 152Chapter Managing Users & Groups 153Click the arrow in the Group field and select a group Group pull-down screen appears as shown in Figure154 Write your notice in the text box Message you write is limited to 256 characters. See Figure155 Page Monitoring System Activity Current Message Activity157 To view message activity, perform the following steps Open the View System Activity pulloutSample message activity view is shown in Figure Monitoring System ActivitySystem Activity Display 159160 Message ID Message Type Detailed Description 161Text 162Tunnelid 163Advanced Message Viewer 164Advanced Message View Setup Example 165Message Type Explanation 166167 Advanced Message Viewer Results Example 168Printing Messages 169RiverMaster Options RiverMaster Options window displays as shown in Figure170 RiverMaster Options Window 171172 Viewing Tunnel Activity Tunnel Statistics window appears similar to FigureViewing Tunnel Activity 173Describes the types of statistics you can choose Value Meaning Trends to Look For174 175 Using Snmp to Gather Statistics 176Report Contents Generating ReportsReport Contents Heading Explanation178 Network Gateway Report 179Network Gateway Report Values 180Max Tunnels GRE/IPSEC Display Network Gateway ReportClient Anomaly Report 182Client Report 183Client Session Report Values 184Conn Speed 185Displays a typical Client Session Summary Report Client Session Summary ReportAccounting Report 187Displays a typical Accounting Summary Report 188Accounting Summary Report Drill-down Accounting Detail ReportDownloading, Viewing and Exporting Reports Choose from daily, weekly, monthly or custom optionsDownloading, Viewing and Exporting Reports 190191 Report Viewing Window 192Printing Reports 193Exporting Reports Export window appears as shown in FigureSelect Disk file in the Destination field 194If you want this export format Go to 195Choose Export File Window 196Exporting Records Window 197Export To Directory window appears as shown in Figure 198Number and Date Format Dialog box appears as shown 199Enter Odbc Table Name dialog box appears as shown 200Select Workbook Window 201Lines Per Page Dialog Box Format Options Dialog BoxExporting Reports to a Microsoft Exchange Folder 203Select Exchange Folder in the Destination field and click OK Choose Profile WindowSelect a folder window appears as shown in Figure 205Click on a folder to store the report and click OK 206Exporting Reports Using Mapi 207Send Mail window appears as shown in Figure Export is now complete208 Glossary 209AutoLink Recovery 210Generic Routing Encapsulation GRE 211Network Administrator 212Point-to-Point Tunneling Protocol Pptp 213Remote Client/User 214TollSaver Database 215Page ANG-3000/7000 Preconfiguration Stored on a Floppy Disk 217Adding Remote Gateways Add Remote ANG window appears as shown in FigureAdding Remote Gateways 218Add Remote ANG Window 219Configuring ANG IP Addresses Under Remote Gateways, click Configure Remote GatewayRemote ANG Configuration screen appears as shown in Figure 220Configuring Tunnel Protocols Enter values in the open fields as followsClick Next 221Configuring Tunnel Protocols 222Click on the Authentication tab 223Click the Encryption tab Do one of the following 224225 Click the Compression tab Compression properties screen appears as shown in Figure226 Enable or disable Mppc as required 227Configuring Virtual Subnets 228229 Configuring Routing Protocols Configuring Routing Protocols230 231 Ospf Properties 232233 Configuring Routing Interfaces Configuring Routing Interfaces234 235 Configuring RIP for the Interface 236237 Configuring Ospf on an Interface Set the RIP Route Importing/Exporting options as follows238 Creating Static Routes 239Appendix B 240241 Creating Remote Connections Creating Remote Connections242 Remote Connection Configuration Window 243Tunnel Values section, enter a User Name 244245 246 Loading the Floppy Disk Loading the Floppy Disk247 Remove the floppy disk 248Enterasys Networks License Agreement License Grant249 Warranty AppendixC250 Infringement Indemnification Limitation of LiabilityAppendix C 251Termination International ProvisionsApplicable Law 252Government Commercial Computer Software 253Technical Support Support from Authorized ResellersSupport from Enterasys Networks 254Symbols Numerics255 Index 256190-208 New257 109 111110 11348, 224 259Radius 260203-206 261UDP 262263