Server 1

14-17

Server 2

14-18

Client

14-18

Limitations

14-18

XSR VPN Features

14-18

VPN Configuration Overview

14-20

Master Encryption Key Generation

14-20

ACL Configuration Rules

14-21

Configuring ACLs

14-21

Selecting Policies: IKE/IPSec Transform-Sets

14-22

Security Policy Considerations

14-23

Configuring Policy

14-23

Creating Crypto Maps

14-24

Configuring Crypto Maps

14-24

Authentication, Authorization and Accounting Configuration

14-25

AAA Commands

14-26

Configuring AAA

14-26

PKI Configuration Options

14-27

Configuring PKI

14-28

PKI Certificate Enrollment Example

14-28

Interface VPN Options

14-31

VPN Interface Sub-Commands

14-32

Configuring a Simple VPN Site-to-Site Application

14-32

Configuring the VPN Using EZ-IPSec

14-34

EZ-IPSec Configuration

14-35

Configuration Examples

14-36

XSR with VPN - Central Gateway

14-36

GRE Tunnel for OSPF

14-40

Tunnel A: XSR-3250 VPN GRE Site-to-Site Tunnel

14-40

Tunnel B: XSR-1805 VPN GRE Site-to-Site Tunnel

14-42

XSR/Cisco Site-to-Site Example

14-44

Cisco Configuration

14-44

XSR Configuration

14-45

Interoperability Profile for the XSR

14-46

Scenario 1: Gateway-to-Gateway with Pre-Shared Secrets

14-46

Scenario 2: Gateway-to-Gateway with Certificates

14-49

Chapter 15: Configuring DHCP

Overview of DHCP

15-1

Features

15-1

DHCP Server Standards

15-2

How DHCP Works

15-2

DHCP Services

15-3

Persistent Storage of Network Parameters for Clients

15-3

Temporary or Permanent Network Address Allocation

15-3

Lease

15-3

Assigned Network Configuration Values to Clients: Options

15-3

Provisioning Differentiated Network Values by Client Class

15-4

BOOTP Legacy Support

15-4

Nested Scopes: IP Pool Subsets

15-4

Scope Caveat

15-5

Manual Bindings

15-5

xxiii

Page 25
Image 25
Enterasys Networks X-PeditionTM manual Configuring Dhcp