Manuals / Nokia / Cell Phone / Cell Phone

Nokia IPSO 4.0 manual Managing User RSA and DSA Identities, To manage user identities, 310

Models: IPSO 4.0

1 510

Download 510 pages 5.58 Kb

Page 310

8

4.(Optional) To generate an RSA host key (to use with SSHv2), select the key size, listed in bits, from the Generate New RSA v2 Host Key drop-down list.

5.Click Apply.

6.(Optional) To generate a DSA host key (to use with SSHv2), select the key size, listed in bits, from the Generate New DSA Host Key drop-down list.

The recommend value is 1024 bits.

7.Click Apply.

8.Click Save to make your changes permanent.

Note

Re-creating keys might cause problems with some clients, because the server use a key different from the one it used before. You can reconfigure the client to accept the new key.

Managing User RSA and DSA Identities

This procedure describes how to manage the public and private-key pairs of given users on your application platform.

To manage user identities

1.Click SSH Key Pairs under Configuration > Security and Access > Secure Shell (SSH) in the tree view.

2.Click the View/Create Identity Keys for User ‘user name’ link for the appropriate user.

3.(Optional) To create an RSA identity to use with SSHv1, select the key length in the Generate key of size field in the Generate New RSA v1 Identity for user name.

4.Enter the passphrase in the Enter password field, and then again to verify it.

5.(Optional) To create an RSA identity to use with SSHv2, select the key length in the Generate key of size field in the Generate New RSA v2 Identity for user name.

6.Enter the passphrase in the Enter password field and then again to verify it.

7.(Optional) To create a DSA identity to use with SSHv2, select the key length in the Generate key of size field in the Generate New DSA Identity for user name.

8.Enter the passphrase in the Enter password field and then again to verify it.

9.Click Apply.

10.Click Save to make your changes permanent.

310	Nokia Network Voyager for IPSO 4.0 Reference Guide

Image 310

Nokia IPSO 4.0 manual Managing User RSA and DSA Identities, To manage user identities, 310

Contents

Nokia Network Voyager For Ipso Reference Guide Nokia Network Voyager for Ipso 4.0 Reference Guide Restricted Rights LegendHttps//support.nokia.com Tac.support@nokia.com Nokia Network Voyager for Ipso 4.0 Reference Guide Contents Nokia Network Voyager Ipso 4.0 Reference Guide Configuring System Functions Nokia Network Voyager Ipso 4.0 Reference Guide Configuring Clustering Virtual Router Redundancy Protocol VrrpNokia Network Voyager Ipso 4.0 Reference Guide Configuring Snmp Configuring IPv6Managing Security and Access Configuring Routing Nokia Network Voyager Ipso 4.0 Reference Guide Nokia Network Voyager Ipso 4.0 Reference Guide Configuring Traffic Management Configuring Router Services Monitoring System Configuration and HardwareIndex About the Nokia Network Voyager Reference Guide About the Nokia Network Voyager Reference Guide Text Conventions Conventions This Guide UsesText Conventions Convention DescriptionRelated Documentation Menu ItemsSoftware Overview Nokia Network Voyager for Ipso 4.0 Reference GuideLogging Off Logging In to Network VoyagerTo open Nokia Network Voyager To log in without exclusive configuration lock Obtaining a Configuration LockTo log in with exclusive configuration lock To override a configuration lockReloading Pages Accessing Documentation and HelpNavigating in Network Voyager To clear the memory and disk cache„ Nokia support site https//support.nokia.com To open a new window to view helpViewing Hardware and Software Information for Your System To view the asset management summaryConfiguring Interfaces Interface OverviewIP2250 Management Ports Configuring Network DevicesType Prefix Configuring IP Addresses Physical Interface Logical InterfaceInterface Status Interface Status Indicators Configuring Tunnel InterfacesIndicator Description Ethernet Interfaces Configuring Ethernet InterfacesPhysical Interface Configuration Parameters Parameter DescriptionTo configure an Ethernet interface Link AggregationManaging Link Aggregation Using Snmp Configuring Switches for Link AggregationLink Aggregation on the IP2250 Static Link AggregationFirewall Synchronization Traffic Configuring the Remaining Management Ports Production Traffic ADP I/O Ports OnlyTo set up link aggregation in Network Voyager Configuring Link AggregationPhysical Interface Configuration To physically configure the interfaces you will aggregateGroup Configuration To configure link aggregation groupsDeleting Aggregation Groups Logical ConfigurationGigabit Ethernet Interfaces Gigabit Ethernet Interface ParametersTo configure a Gigabit Ethernet interface MTUTo configure PPPoE Configuring PPPoEPoint-to-Point Over Ethernet Nokia Network Voyager for Ipso 4.0 Reference Guide To create PPPoE logical interfaces To change configuration profilesTo delete configuration profiles To delete PPPoE logical interfacesConfiguring MSS Clamping Virtual LAN InterfacesTo configure a Vlan Interface To delete a Vlan InterfaceVlan Example Topology To define the maximum number of VLANsTo configure an Fddi Interface Fddi InterfacesTo change the duplex setting of an Fddi interface To change the IP address of an Fddi interfaceTo configure an Isdn physical interface Isdn InterfacesTo configure an Isdn logical interface to place calls Nokia Network Voyager for Ipso 4.0 Reference Guide Nokia Network Voyager for Ipso 4.0 Reference Guide To configure an Isdn interface to receive calls Configuring Calling Line-Identification Screening To add an incoming numberTo configure an interface to place and receive calls To remove an incoming numberDial-on-Demand Routing DDR Lists To delete a DDR list To create a DDR listTo add a new rule to a DDR list To modify a rule Example DDR ListTo apply or remove a DDR list to/from an interface Isdn Network Configuration Example To configure the IP330 to place an outgoing call To configure the IP650 to handle an incoming callSample Call Traces Trace for connecting a call from the Nokia IP330 is To set level of messages logged Isdn TroubleshootingLogging To view the message logTracing Troubleshooting Cause CodesTo trace Isdn traffic using tcpdump Isdn Cause Code FieldsIsdn Cause Values Cause Cause Description DiagnosticsCause Values See Isdn Cause Values table Information-element identifiers is missing Isdn Bearer-Capable Values Value DescriptionTo configure a Token Ring interface Token Ring InterfacesTo deactivate a Token Ring interface To change a Token Ring interfaceToken Ring Example Fddi To configure an ATM interface Point-to-Point Link over ATMTo change the VPI/VCI of an ATM interface To change the IP Address of an ATM interface To change the IP MTU of an ATM interfaceATM Example FddiTo configure an ATM logical IP subnet LIS interface To configure the ATM interface on Nokia Platform aIP over ATM IPoA To change the VPI/VCIs of an ATM LIS Interface To change the IP Address of an ATM LIS interface IPoA Example ATMTo configure a serial interface for Cisco Hdlc Serial V.35 and X.21 InterfacesTo configure a Serial Interface for PPP To configure a serial interface for frame relay Nokia Network Voyager for Ipso 4.0 Reference Guide Serial Interface Example To configure a T1 Interface for Cisco Hdlc To configure the serial interface on Nokia Platform aT1with Built-In CSU/DSU Interfaces Nokia Network Voyager for Ipso 4.0 Reference Guide To configure a T1 Interface for PPP Nokia Network Voyager for Ipso 4.0 Reference Guide To configure a T1 interface for frame relay Nokia Network Voyager for Ipso 4.0 Reference Guide T1 Interface Example To configure the serial interface on Nokia Platform a To configure an E1 interface for Cisco Hdlc E1 with Built-In CSU/DSU InterfacesNokia Network Voyager for Ipso 4.0 Reference Guide To configure an E1 interface for PPP Nokia Network Voyager for Ipso 4.0 Reference Guide To configure an E1 interface for frame relay 100Nokia Network Voyager for Ipso 4.0 Reference Guide 101 102 Hssi Interfaces To configure an Hssi interface for Cisco HdlcNokia Network Voyager for Ipso 4.0 Reference Guide 103 To configure an Hssi interface for PPP 104To configure an Hssi interface for frame relay Nokia Network Voyager for Ipso 4.0 Reference Guide 105106 Unnumbered Interfaces Configuring Unnumbered InterfacesTo configure an unnumbered interface Nokia Network Voyager for Ipso 4.0 Reference Guide 107To change an unnumbered interface to a numbered interface 108To configure a static route over an unnumbered interface Nokia Network Voyager for Ipso 4.0 Reference Guide 109Ospf over Unnumbered Interfaces Using Virtual Links Configuring Ospf over Unnumbered Interface110 To change the keepalive interval for Cisco Hdlc Cisco Hdlc ProtocolNokia Network Voyager for Ipso 4.0 Reference Guide 111 To change the keepalive interval in PPP Point-to-Point ProtocolTo change the IP address in Cisco Hdlc 112To change the IP address in PPP To change the keepalive maximum failures in PPPNokia Network Voyager for Ipso 4.0 Reference Guide 113 To change the Dlci in frame relay Frame Relay ProtocolTo change the keepalive interval in frame relay 114To change the interface type in frame relay To change the LMI parameters in frame relayNokia Network Voyager for Ipso 4.0 Reference Guide 115 To remove a frame relay interface To change the active status monitor setting in frame relayTo change the IP address in frame relay 116To change the IP Address of a loopback interface Loopback InterfacesTo add an IP Address to a Loopback Interface Nokia Network Voyager for Ipso 4.0 Reference Guide 117To create a GRE tunnel Configuring GRE TunnelsGRE Tunnels 118Nokia Network Voyager for Ipso 4.0 Reference Guide 119 To change IP TOS value of a GRE tunnel 120GRE Tunnel Example Nokia Network Voyager for Ipso 4.0 Reference Guide 121HA GRE Tunnel Example High Availability GRE Tunnels122 Nokia Network Voyager for Ipso 4.0 Reference Guide 123 124 To create a Dvmrp tunnel Dvmrp TunnelsNokia Network Voyager for Ipso 4.0 Reference Guide 125 To change the local or remote addresses of a Dvmrp tunnel Dvmrp Tunnel Example126 Nokia Network Voyager for Ipso 4.0 Reference Guide 127 To change ARP global parameters ARP Table Entries128 To add a proxy ARP entry To add a static ARP entryNokia Network Voyager for Ipso 4.0 Reference Guide 129 Configuring ARP for ATM Interfaces To view and delete dynamic ATM ARP entries To add a static ATM ARP entryTo delete a static ATM ARP entry Nokia Network Voyager for Ipso 4.0 Reference Guide 131Limitations Transparent Mode132 Transparent Mode Processing Details Nokia Network Voyager for Ipso 4.0 Reference Guide 133Configuring Transparent Mode in VPN Environments 134Example of Transparent Mode Nokia Network Voyager for Ipso 4.0 Reference Guide 135Configuring Transparent Mode 136To delete a transparent mode group Creating and Deleting Transparent Mode GroupsTo create a transparent mode group Nokia Network Voyager for Ipso 4.0 Reference Guide 137To enable or disable a transparent mode group Enabling or Disabling a Transparent Mode Group138 Enabling or Disabling Vrrp for a Transparent Mode Group Monitoring Transparent Mode GroupsTransparent Mode and Check Point NGX Configuring AntispoofingRouting Traffic through the VTI Virtual Tunnel Interfaces Fwvpn for Route-Based VPNUnnumbered VTIs 140Nokia Network Voyager for Ipso 4.0 Reference Guide 141 To create a virtual tunnel interface Creating Virtual Tunnel InterfacesVrrp Support To create the VPN communityNokia Network Voyager for Ipso 4.0 Reference Guide 143 To create the virtual tunnel interface 144Configuring Dhcp Nokia Network Voyager for Ipso 4.0 Reference Guide 145To configure the Dhcp client interface Configuring Dhcp Client InterfacesDhcp Client Configuration To enable the Dhcp client processTo configure the Dhcp server process Configuring the Dhcp ServerNokia Network Voyager for Ipso 4.0 Reference Guide 147 To enable the Dhcp server process Dhcp Server Configuration148 To change the Dhcp service Changing Dhcp ServiceTo disable the Dhcp server process Adding Dhcp Address PoolsAssigning a Fixed-IP Address to a Client To enable and existing IP address poolEnabling or Disabling Dhcp Address Pools To assign a fixed-IP address to a clientCreating Dhcp Client Templates Nokia Network Voyager for Ipso 4.0 Reference Guide 151152 To configure Dynamic Domain Name System Ddns Configuring Dynamic Domain Name System ServiceConfiguring Dynamic Domain Name System Zones Nokia Network Voyager for Ipso 4.0 Reference Guide 153To configure DNS Configuring the Domain Name ServiceConfiguring Disk Mirroring To create a mirror setTo delete a mirror set Using an Optional Disk Flash-Based Systems OnlyNokia Network Voyager for Ipso 4.0 Reference Guide 155 Mail Relay To install and configure PC card flash memoryTo configure the system to store log files on the PC card To remove an optional diskTo configure mail relay for your firewall Configuring Mail RelayTo configure failure notification System Failure NotificationTo send mail from the firewall Setting the System TimeSending Mail 158To add a static host entry Configuring Host AddressesTo set system time once Nokia Network Voyager for Ipso 4.0 Reference Guide 159Accepting Log Messages Configuring System LoggingConfiguring Logging on Disk-Based Systems Logging to a Remote SystemTo send syslog messages to a remote system Configuring Logging on Flash-Based SystemsNokia Network Voyager for Ipso 4.0 Reference Guide 161 Configuring Logging to Remote Log Servers 162Configuring Logging to an Optional Disk Configuring Audit LogsNokia Network Voyager for Ipso 4.0 Reference Guide 163 To set the system configuration audit log 164Remote Core Dump Server on Flash-Based Systems Nokia Network Voyager for Ipso 4.0 Reference Guide 165To change the hostname Managing Configuration SetsChanging the Hostname 166To delete unwanted configuration database files To create a factory default configuration fileTo switch a currently active database Scheduling JobsTo delete scheduled jobs Backing Up and Restoring Files168 To delete local backup files Creating Backup FilesTo create a backup file manually Nokia Network Voyager for Ipso 4.0 Reference Guide 169To configure scheduled backups Transferring Backup FilesConfiguring Automatic Transfers To cancel a regularly scheduled backupTo manually transfer archive files to a remote server Transferring Backup Files ManuallyNokia Network Voyager for Ipso 4.0 Reference Guide 171 To restore files Restoring Files from Locally Stored Backup Files172 Deleting Images Managing Nokia Ipso ImagesChanging Current Image To select a new current imageTo delete an Nokia Ipso image Installing New Images174 To test an image before activating it Testing a New ImageNokia Network Voyager for Ipso 4.0 Reference Guide 175 Downgrading Nokia Ipso Images Rebooting a ClusterUpgrading Nokia Ipso Images for a Cluster 176Configuring Monitor Reports Nokia Network Voyager for Ipso 4.0 Reference Guide 177Restrictions for Flash-Based Platforms Installing and Enabling PackagesManaging Packages Monitor Report ParametersTo install a package Nokia Network Voyager for Ipso 4.0 Reference Guide 179To enable or disable a package Advanced System TuningTuning the TCP/IP Stack To delete a packageTo set the TCP MSS Router Alert IP OptionNokia Network Voyager for Ipso 4.0 Reference Guide 181 182 How Vrrp Works Vrrp OverviewNokia Network Voyager for Ipso 4.0 Reference Guide 183 Simple Vrrp Configuration 184Vrrp Configuration with Internal and External VRIDs Vrrp Configuration with Simultaneous BackupUnderstanding Monitored-Circuit Vrrp Configuring Vrrp186 Priority Selecting Configuration ParametersNokia Network Voyager for Ipso 4.0 Reference Guide 187 Hello Interval Authentication188 Priority Delta Backup AddressNokia Network Voyager for Ipso 4.0 Reference Guide 189 Vmac Mode 190Before you Begin Global Vrrp SettingsVrrp Configuration Parameters Nokia Network Voyager for Ipso 4.0 Reference Guide 191Configuring Monitored-Circuit Vrrp 192To add a virtual router Nokia Network Voyager for Ipso 4.0 Reference Guide 193To delete a virtual router Configuring Monitored-Circuit Vrrp using the Full MethodTo change the configuration of an existing virtual router 194Additional Vrrp Parameters Used in Full Method Nokia Network Voyager for Ipso 4.0 Reference Guide 195To add or back up a virtual router using VRRPv2 Configuring VRRPv2196 Configuring Check Point NGX for Vrrp Nokia Network Voyager for Ipso 4.0 Reference Guide 197Configure settings under the 3rd party configuration tab 198Configuration Rule for Check Point NGX FP1 Configuring Vrrp Rules for Check Point NGXNokia Network Voyager for Ipso 4.0 Reference Guide 199 Source Destination Service Action Configuration Rules for Check Point NGX FP2 and LaterConfiguring Rules if You Are Using Ospf or Dvmrp 200Link Aggregation IP2250 Systems Only CLI commands for VrrpMonitoring Vrrp StateStats Location202 To enable or disable Monitor Firewall state Troubleshooting VrrpGeneral Configuration Considerations To enable traces for VrrpFirewall Policies Access Control Lists204 VRRPv2 in Switched Environments Switched EnvironmentsMonitored-Circuit Vrrp in Switched Environments Nokia Network Voyager for Ipso 4.0 Reference Guide 205206 IP Clustering Description Using Flash-Based PlatformsNokia Network Voyager for Ipso 4.0 Reference Guide 207 Example Cluster 208Cluster Management Nokia Network Voyager for Ipso 4.0 Reference Guide 209Cluster Terminology 210Cluster member a cluster node that is not the master Nokia Network Voyager for Ipso 4.0 Reference Guide 211Clustering Modes 212Nokia Network Voyager for Ipso 4.0 Reference Guide 213 Network Environment Considerations for Clustering214 Other Considerations Nokia Network Voyager for Ipso 4.0 Reference Guide 215Clustering IP2250 Platforms 216Upgrading Ipso in a Cluster Nokia Network Voyager for Ipso 4.0 Reference Guide 217Upgrading from Ipso For All UpgradesUpgrading from Ipso 3.7 or Later 218Enabling Cluster Management Nokia Network Voyager for Ipso 4.0 Reference Guide 219To create and configure a cluster Creating and Configuring a ClusterConfiguration Overview Creating a ClusterConfiguring the Work Assignment Method Selecting the Cluster ModeNokia Network Voyager for Ipso 4.0 Reference Guide 221 To include an interface in the cluster Configuring an Interface222 Supporting Non-Check Point Gateways and Clients Configuring Firewall MonitoringNokia Network Voyager for Ipso 4.0 Reference Guide 223 Using IP Pools Configuring VPN Tunnels224 Using IP Pools When Only Check Point Gateways Are Involved Nokia Network Voyager for Ipso 4.0 Reference Guide 225Configuring IP pools in Cluster Voyager Configuring Join-Time Shared Features226 What if Settings Conflict? What is Sharable?Nokia Network Voyager for Ipso 4.0 Reference Guide 227 Configuring Features for Sharing 228After You Create a Cluster Adding a Node to a ClusterMaking the Cluster Active Nokia Network Voyager for Ipso 4.0 Reference Guide 229Recommended Procedure 230Joining a System to a Cluster Managing a ClusterNokia Network Voyager for Ipso 4.0 Reference Guide 231 To start Cluster Voyager Using Cluster Voyager232 Cluster Administrator Users If You Forget the cadmin PasswordNokia Network Voyager for Ipso 4.0 Reference Guide 233 Monitoring a Cluster Configuring the Failure IntervalConfiguring the Performance Rating 234Managing Join-Time Shared Features Nokia Network Voyager for Ipso 4.0 Reference Guide 235Installing Ipso Images 236Nokia Network Voyager for Ipso 4.0 Reference Guide 237 Removing a Node from a Cluster 238Synchronizing the Time on Cluster Nodes Changing Cluster Interface ConfigurationsDeleting a Cluster Configuration Assigning the Time ZoneNTP Server Outside the Cluster Configuring NTP240 Using the Master Node as the NTP Server Configuring NGX for ClusteringNokia Network Voyager for Ipso 4.0 Reference Guide 241 242 Clustering Example Three Nodes Nokia Network Voyager for Ipso 4.0 Reference Guide 243Configuring the Cluster in Voyager 244Configuring the Internal and External Routers Nokia Network Voyager for Ipso 4.0 Reference Guide 245Clustering Example With Non-Check Point VPN 246Nokia Network Voyager for Ipso 4.0 Reference Guide 247 248 Snmp Overview Nokia Network Voyager for Ipso 4.0 Reference Guide 249250 Source FunctionNokia Network Voyager for Ipso 4.0 Reference Guide 251 UDP-MIBSnmp Proxy Support for Check Point MIB 252Using cpsnmpstart Using the Check Point MIBNokia Network Voyager for Ipso 4.0 Reference Guide 253 Enabling Snmp and Selecting the Version To enable or disable Snmp254 To set an Snmp agent address Configuring the System for SnmpSetting an Agent Address Nokia Network Voyager for Ipso 4.0 Reference Guide 255256 Configuring TrapsTypes of Snmp Traps Type of Trap DescriptionNokia Network Voyager for Ipso 4.0 Reference Guide 257 258 Setting the Trap PDU Agent Address Configuring Trap ReceiversEnabling or Disabling Trap Types To configure location and contact information Interpreting Error MessagesConfiguring Location and Contact Information Error status code MeaningVariable-bindings Element Description GetRequestNokia Network Voyager for Ipso 4.0 Reference Guide 261 Value Field Set DescriptionGetBulkRequest Configuring SNMPv3GetNextRequest 262Security Related Options Used in Request Messages Request MessagesManaging Snmp Users Nokia Network Voyager for Ipso 4.0 Reference Guide 263To add an Snmp user 264To delete a USM user Nokia Network Voyager for Ipso 4.0 Reference Guide 265266 IPv6 Overview Nokia Network Voyager for Ipso 4.0 Reference Guide 267Interfaces To configure IPv6 logical interfaces268 To delete an IPv6 address To disable IPv6 on an interfaceTo configure neighbor discovery Nokia Network Voyager for Ipso 4.0 Reference Guide 269IPv6 and IPv4 Compatibility Configuring IPv6 in IPv4 TunnelsTo configure IPv6 in IPv4 tunnels 270To configure IPv6 to IPv4 Configuring IPv6 to IPv4Configuring IPv6 over IPv4 To configure IPv6 over IPv4To configure IPv4 in IPv6 tunnels Configuring IPv4 in IPv6 TunnelsConfiguring an IPv6 Default or Static Route To configure an IPv6 default or static routeConfiguring RIPng Routing ConfigurationConfiguring OSPFv3 Creating IPv6 Aggregate RoutesRedistributing Aggregate Routes in RIPng Creating Redistributed RoutesRedistributing Static Routes into RIPng 274Redistributing Interface Routes into RIPng Configuring ICMPv6 Router DiscoveryRouter Discovery Nokia Network Voyager for Ipso 4.0 Reference Guide 275276 Vrrp for IPv6 Configuring Vrrp for IPv6Nokia Network Voyager for Ipso 4.0 Reference Guide 277 Creating a Virtual Router for an IPv6 Interface Using VRRPv3 278Nokia Network Voyager for Ipso 4.0 Reference Guide 279 To set the virtual MAC address Setting a Virtual MAC Address for a Virtual Router280 Removing a Virtual Router in VRRPv3 Changing the IP Address List of a Virtual Router in VRRPv3Nokia Network Voyager for Ipso 4.0 Reference Guide 281 Creating a Virtual Router in Monitored Circuit Mode for IPv6 282Nokia Network Voyager for Ipso 4.0 Reference Guide 283 Traffic Management 284To enable FTP, TFTP, or Telnet access Security and Access ConfigurationNokia Network Voyager for Ipso 4.0 Reference Guide 285 286 To change the current user’s password Managing PasswordsNokia Network Voyager for Ipso 4.0 Reference Guide 287 Managing User Accounts To change another user’s password288 Nokia Network Voyager for Ipso 4.0 Reference Guide 289 Adding and Deleting UsersUser Account Attributes Attribute DescriptionTo remove a user Managing and Using S/KeyTo add a user 290To use the S/Key Using S/KeyTo configure S/Key Nokia Network Voyager for Ipso 4.0 Reference Guide 291Disabling S/Key To disable S/KeyManaging Groups 292To add or edit a group Role-Based AdministrationNokia Network Voyager for Ipso 4.0 Reference Guide 293 To add or edit a role Managing Roles294 To delete a role Assigning Roles and Access Mechanisms to UsersTo assign roles and access mechanisms to users Nokia Network Voyager for Ipso 4.0 Reference Guide 295Creating Cluster Administrator Users 296Network Services Configuring Network Access and ServicesNetwork Access Configuration Options Service DescriptionModem Configuration Parameters Configuring a Modem on COM2, COM3, or COM4To enable network access options and services 298To configure a modem on COM2, COM3, or COM4 Nokia Network Voyager for Ipso 4.0 Reference Guide 299Country Codes for Ositech Five of Clubs Card II Configuring Nokia Network Voyager AccessCountry Codes for Ositech Five of Clubs Card 300To configure Web access for Nokia Network Voyager Configuring Basic Nokia Network Voyager OptionsNokia Network Voyager for Ipso 4.0 Reference Guide 301 To generate a certificate and its associated private key Generating and Installing SSL/TLS CertificatesGenerating an SSL/TLS Certificate and Keys 302To install the certificate and its associated private key Installing the SSL/TLS CertificateNokia Network Voyager for Ipso 4.0 Reference Guide 303 Secure Shell SSH Troubleshooting SSL/TLS Configuration304 To configure SSH Initial SSH ConfigurationNokia Network Voyager for Ipso 4.0 Reference Guide 305 To configure advanced options Configuring Advanced Options for SSH306 Nokia Network Voyager for Ipso 4.0 Reference Guide 307 Configuring Secure Shell Authorized Keys 308Changing Secure Shell Key Pairs To configure authorized keysTo configure key pairs Nokia Network Voyager for Ipso 4.0 Reference Guide 309To manage user identities Managing User RSA and DSA Identities310 To tunnel Http over SSH Network Voyager Session ManagementTunneling Http Over SSH Nokia Network Voyager for Ipso 4.0 Reference Guide 311To set the session timeout interval Configuring Session TimeoutsTo enable or disable session management Enabling Enabling or Disabling Session ManagementTo create an AAA configuration Authentication, Authorization, and Accounting AAACreating an AAA Configuration Nokia Network Voyager for Ipso 4.0 Reference Guide 313Creating a Service Profile Creating a Service Module EntryCreating an Authentication Profile Nokia Network Voyager for Ipso 4.0 Reference Guide 315 Authentication Profile TypesType Module Description To create an account profile Creating an Accounting Profile316 317 318 Creating a Service Module ExampleProfile Controls Control DescriptionService Auth. Mgmt Acct. Mgmt Session Mgmt Configuring RadiusNokia Network Voyager for Ipso 4.0 Reference Guide 319 320 Configuring TACACS+ Nokia Network Voyager for Ipso 4.0 Reference Guide 321To delete an authentication server Deleting an AAA Authentication Server Configuration322 To change an AAA configuration Changing an AAA ConfigurationChanging the Service Profile To add an authentication profileService Authentication Management Creating a Stacked Service Module324 To add an accounting profile Changing a Service Module ConfigurationChanging an Authentication Profile Configuration To add a session profileChanging a Session Profile Configuration Changing an Accounting Profile Configuration326 To delete an AAA configuration Deleting an AAA ConfigurationDeleting an Item in a Service Profile Entry Encryption AccelerationEnabling Encryption Accelerator Cards To enable the card for a Check Point VPNIPSec Tunnels Ipso Implementation Monitoring Cryptographic AccelerationTransport and Tunnel Modes Nokia Network Voyager for Ipso 4.0 Reference Guide 329Protocol Negotiation and Key Management Building VPN on ESP330 Nokia Network Voyager for Ipso 4.0 Reference Guide 331 IPSec RFCs Using PKIIPSec Implementation in Ipso 332Miscellaneous Tunnel Requirements Nokia Network Voyager for Ipso 4.0 Reference Guide 333Platform Support Phase 1 ConfigurationIPSec Parameters 334Creating an IPSec Policy Choosing IPv4 or IPv6 General ConfigurationTo chose IPv4 or IPv6 general configuration pages Nokia Network Voyager for Ipso 4.0 Reference Guide 335To select a trusted CA certificate Proposal and FiltersTrusted CA Certificates 336Device Certificates Nokia Network Voyager for Ipso 4.0 Reference Guide 337To enroll and install a device certificate 338Advanced IPSec Nokia Network Voyager for Ipso 4.0 Reference Guide 339To complete creating an IPSec policy Putting It All Together340 To create an IPSec tunnel rule Creating an IPSec Tunnel RuleNokia Network Voyager for Ipso 4.0 Reference Guide 341 To create a transport rule Transport Rule342 Nokia Network Voyager for Ipso 4.0 Reference Guide 343 IPSec Tunnel Rule Example To configure Nokia Platform344 Nokia Network Voyager for Ipso 4.0 Reference Guide 345 IPSec Transport Rule Example Configure Nokia PlatformTo configure Nokia Platform 1 Ipso 346Nokia Network Voyager for Ipso 4.0 Reference Guide 347 To remove an IPSec tunnel Configure PC1Removing an IPSec Tunnel 348To set TCP flag combinations Miscellaneous Security SettingsNokia Network Voyager for Ipso 4.0 Reference Guide 349 350 Routing Protocols Routing OverviewNokia Network Voyager for Ipso 4.0 Reference Guide 351 RIP 352Route Maps Nokia Network Voyager for Ipso 4.0 Reference Guide 353Types of Areas 354High Availability Support for Ospf Area Border RoutersNokia Network Voyager for Ipso 4.0 Reference Guide 355 Clustering Configuring Ospf356 Stub Area Parameters Configuring Ospf Areas and Global SettingsOspf Area Configuration Parameters Nokia Network Voyager for Ipso 4.0 Reference Guide 357Nssa Not So Stubby Area Parameters 358To configure a virtual link Configuring Virtual LinksTo configure Ospf Nokia Network Voyager for Ipso 4.0 Reference Guide 359Configuring Global Settings 360Global Settings for Ospf Nokia Network Voyager for Ipso 4.0 Reference Guide 361Configuration Parameters for Ospf Interfaces Configuring Ospf Interfaces362 To configure an Ospf interface Nokia Network Voyager for Ipso 4.0 Reference Guide 363Configuring Ospf Example 364Network Mask Nokia Network Voyager for Ipso 4.0 Reference Guide 365Auto Summarization Virtual IP Address Support for Vrrp366 RIP 1 Configuration Options Available from Network Voyager Configuring RIPTo configure RIP Nokia Network Voyager for Ipso 4.0 Reference Guide 367Configuring RIP Timers 368Enabling RIP 1 on an Interface Configuring Auto-SummarizationRIP Example Nokia Network Voyager for Ipso 4.0 Reference Guide 369Enabling RIP 2 on an Interface 370PIM Dense-Mode Configuring Virtual IP Support for VrrpPIM Support for IP Clustering Nokia Network Voyager for Ipso 4.0 Reference Guide 371PIM Sparse-Mode 372PIM and Check Point SecureXL Configuring Dense-Mode PIMConfiguring Check Point VPN-1 Pro/Express Nokia Network Voyager for Ipso 4.0 Reference Guide 373Disabling PIM 374Setting Advanced Options for Dense-Mode PIM Optional Nokia Network Voyager for Ipso 4.0 Reference Guide 375Configuring Sparse-Mode PIM 376Configuring High-Availability Mode Nokia Network Voyager for Ipso 4.0 Reference Guide 377378 Nokia Network Voyager for Ipso 4.0 Reference Guide 379 Configuring a PIM-SM Static Rendezvous Point 380Setting Advanced Options for Sparse-Mode PIM Optional Nokia Network Voyager for Ipso 4.0 Reference Guide 381382 Debugging PIM Command ShowsNokia Network Voyager for Ipso 4.0 Reference Guide 383 To log information about errors and events 384Igrp Nokia Network Voyager for Ipso 4.0 Reference Guide 385386 Generation of Exterior Routes Nokia Network Voyager for Ipso 4.0 Reference Guide 387Igrp Aggregation Configuring IgrpAliased Interfaces 388Igrp Example To enable Igrp on an interfaceNokia Network Voyager for Ipso 4.0 Reference Guide 389 Dvmrp 390Configuring Dvmrp Timers Configuring DvmrpNokia Network Voyager for Ipso 4.0 Reference Guide 391 Igmp 392Configuring Igmp Nokia Network Voyager for Ipso 4.0 Reference Guide 393Static Routes 394To setting the rank for static routes To configure a default or static routeNokia Network Voyager for Ipso 4.0 Reference Guide 395 To add and configure many static routes at the same time 396Adding and Managing Static Routes Example To create a static default routeTo create a static route non-default Creating/Removing Static RoutesTo create a backup static route Backup Static RoutesTo disable a static route Route AggregationTo remove aggregate routes To create aggregate routesNokia Network Voyager for Ipso 4.0 Reference Guide 399 Route Aggregation Example 400Rank Assignments Preference DefaultRoute Rank Nokia Network Voyager for Ipso 4.0 Reference Guide 401To set route rank Routing Protocol Rank Example402 Support for BGP-4++ To configure the routing preferencesNokia Network Voyager for Ipso 4.0 Reference Guide 403 BGP Path Attributes BGP Sessions Internal and External404 Nokia Network Voyager for Ipso 4.0 Reference Guide 405 Path Attribute DefinitionBGP Interactions with IGPs BGP Multi-Exit Discriminator406 Communities Inbound BGP Route FiltersRedistributing Routes to BGP Nokia Network Voyager for Ipso 4.0 Reference Guide 407408 Route ReflectionCommunity attribute Description Confederations Nokia Network Voyager for Ipso 4.0 Reference Guide 409Ebgp Multihop Support 410Route Dampening TCP MD5 AuthenticationNokia Network Voyager for Ipso 4.0 Reference Guide 411 BGP Support for Virtual IP for Vrrp 412Tables BGP Support for IP ClusteringBGP Memory Requirements Nokia Network Voyager for Ipso 4.0 Reference Guide 413Example Memory Size414 BGP Neighbors Example To configure Ibgp on Nokia Platform aNokia Network Voyager for Ipso 4.0 Reference Guide 415 To configure Ibgp on Nokia Platform C To configure Ibgp on Nokia Platform B416 To configure Ebgp on Nokia Platform D To configure Ebgp on Nokia Platform aTo configure Ebgp on Nokia Platform C Nokia Network Voyager for Ipso 4.0 Reference Guide 417Verification To configuring Ebgp on Nokia Platform EPath Filtering Based on Communities Example 418BGP Multi Exit Discriminator Example To configure Default MED for Nokia Platform DNokia Network Voyager for Ipso 4.0 Reference Guide 419 To configure MED Values for all peers of AS200 420Changing the Local Preference Value Example Nokia Network Voyager for Ipso 4.0 Reference Guide 421To set the local preference value for an Ibgp peer To configure an Ibgp peer for Nokia Platform BTo configure the static routes required for an Ibgp session 422BGP Confederation Example Configuring Nokia Platform CNokia Network Voyager for Ipso 4.0 Reference Guide 423 Configuring Platform B 424Nokia Network Voyager for Ipso 4.0 Reference Guide 425 Route Reflector Example Configuring Platform B as Route Reflector426 Configuring Platform D as Ibgp Peer of Platform B Configuring Platform C as Ibgp Peer of Platform BNokia Network Voyager for Ipso 4.0 Reference Guide 427 BGP Community Example Configuring BGP Route Inbound Policy on Platform BConfiguring Redistribution of BGP Routes on Platform B 428Follow the steps in the Redistributing Ospf to BGP Example Nokia Network Voyager for Ipso 4.0 Reference Guide 429Configuring a Static Route on Platform a Configuring a Loopback Address on Platform aConfiguring a Loopback Address on Platform B Ebgp Load Balancing Example Scenario #1Configuring an Ebgp Peer on Platform B Configuring a Static Route on Platform BConfiguring an Ebgp Peer on Platform a Nokia Network Voyager for Ipso 4.0 Reference Guide 431Ebgp Load Balancing Example Scenario #2 Configuring Ospf on Platform aConfiguring Ospf on Platform B 432Adjusting BGP Timers Example Nokia Network Voyager for Ipso 4.0 Reference Guide 433Configuring BGP Route Redistribution on Nokia Platform B TCP MD5 Authentication ExampleConfiguring TCP MD5 Authentication on Nokia Platform a 434BGP Route Dampening Example Field Default value Units of measurementNokia Network Voyager for Ipso 4.0 Reference Guide 435 BGP-4++ Example BGP Path Selection436 To configure configure a BGP4 session over IPv6 transport Nokia Network Voyager for Ipso 4.0 Reference Guide 437Route Redistribution 438Nokia Network Voyager for Ipso 4.0 Reference Guide 439 BGP Route Redistribution Example To configure BGP route redistribution on Nokia Platform DRedistributing Routes to RIP and Igrp To redistribute a single routeRedistributing RIP to Ospf Example Nokia Network Voyager for Ipso 4.0 Reference Guide 441442 Redistributing Ospf to BGP Example Nokia Network Voyager for Ipso 4.0 Reference Guide 443To redistribute Ospf to BGP through Nokia Platform a Redistributing Routes with Ospf444 Inbound Route Filters To configure IGP inbound filtersNokia Network Voyager for Ipso 4.0 Reference Guide 445 BGP Route Inbound Policy Example 446Nokia Network Voyager for Ipso 4.0 Reference Guide 447 Aspath Regular Expressions BGP AS Path Filtering Example448 Traffic Shaping Description Traffic Management OverviewPacket Filtering Description Nokia Network Voyager for Ipso 4.0 Reference Guide 449Traffic Queuing Description Configuring Access Control Lists450 To apply or remove an ACL to or from an interface To create or delete an ACLNokia Network Voyager for Ipso 4.0 Reference Guide 451 Configuring ACL Rules 452To add a new rule to an ACL Modifying a RuleNokia Network Voyager for Ipso 4.0 Reference Guide 453 ACL Rule Attributes 454Configuring Aggregation Classes Nokia Network Voyager for Ipso 4.0 Reference Guide 455To associate an aggregation class with a rule To create an Aggregation Class456 Configuring Queue Classes Nokia Network Voyager for Ipso 4.0 Reference Guide 457To create or delete a queue class To set or modify queue class configuration values458 Create a QoS descriptor Configuring ATM QoSTo associate a queue class with an interface Nokia Network Voyager for Ipso 4.0 Reference Guide 459To dissociate an ATM QoS Descriptor from an existing PVC To delete an ATM QoS descriptor460 Configuring Common Open Policy Server Nokia Network Voyager for Ipso 4.0 Reference Guide 461Configuring Security Parameters for a Cops Client ID Configuring a Cops Client ID and Policy Decision Point462 Assigning Roles to Specific Interfaces Nokia Network Voyager for Ipso 4.0 Reference Guide 463Deleting a Client ID To disable and delete a Client IDActivating and Deactivating the Cops Client 464Example Rate Shaping Nokia Network Voyager for Ipso 4.0 Reference Guide 465Example Expedited Forwarding 466Nokia Network Voyager for Ipso 4.0 Reference Guide 467 To test the configuration 468BOOTP/DHCP Relay Nokia Network Voyager for Ipso 4.0 Reference Guide 469Bootp configuration parameters Configuring BOOTP/DHCP RelayTo enable Bootp relay on an Interface 470IP Broadcast Helper To disable Bootp relay on an interfaceIP Broadcast helper configuration parameters Nokia Network Voyager for Ipso 4.0 Reference Guide 471To configure IP broadcast helper 472Router Discovery Overview Configuring Router DiscoveryNokia Network Voyager for Ipso 4.0 Reference Guide 473 Router discover configuration parameters To enable router discovery services474 Network Time Protocol NTP To disable router discovery servicesNokia Network Voyager for Ipso 4.0 Reference Guide 475 To configure NTP Configuring NTP476 Nokia Network Voyager for Ipso 4.0 Reference Guide 477 478 CPU-Memory Live Utilization Viewing System Utilization StatisticsNokia Network Voyager for Ipso 4.0 Reference Guide 479 Monitoring Process Utilization Disk and Swap Space480 Nokia Network Voyager for Ipso 4.0 Reference Guide 481 Ipso Process ManagementProcess Description 482 Generating Monitor ReportsReports Report DescriptionTo display reports Monitoring System HealthNokia Network Voyager for Ipso 4.0 Reference Guide 483 Monitoring System Logs 484Viewing Cluster Status and Members Nokia Network Voyager for Ipso 4.0 Reference Guide 485Displaying the Kernel Forwarding Table Displaying Route SettingsViewing Routing Protocol Information 486Hardware Monitoring Displaying Interface SettingsNokia Network Voyager for Ipso 4.0 Reference Guide 487 To display routing daemon status using iclid Using the iclid ToolIclid Commands 488Nokia Network Voyager for Ipso 4.0 Reference Guide 489 490 Nokia Network Voyager for Ipso 4.0 Reference Guide 491 492 Nokia Network Voyager for Ipso 4.0 Reference Guide 493 Preventing Full Log Buffers and Related Console Messages 494If you are using FireWall-1 NG If you are using FireWall-1Nokia Network Voyager for Ipso 4.0 Reference Guide 495 496 Index Nokia Network Voyager for Ipso 4.0 Reference Guide IndexBios CPU DSA Http Httpd Managing NGX Nssa RIP RSA TACACS+ Deleting virtual router Index