Manuals / RuggedCom / Computer Equipment / Network Router

RuggedCom RX1100, RX1000 manual Gauntlet Status Menu, Upgrading Gauntlet

Models: RX1000 RX1100

1 284

Download 284 pages 36.63 Kb

Page 243

Chapter 26 – Maintaining The Router

Gauntlet

net

fw

TCP

any

10000

The order of rules is significant. Rules inserted before this set will not be protected by Gauntlet. Any rule appearing after the gauntlet chain rules will automatically be ignored. Consult with RuggedCom support for assistance. If you want to grant SSH access to the router, replace "10000" in the last rule with "22,10000".

When adding these rules via Webmin, for those rules where you select "Gauntlet" from the "Action" pulldown list, be sure to leave the "log to syslog level" set to "<Don't log>". If you manually edit the "/etc/shorewall/rules" file then do not specify any loglevel in your Gauntlet rules.

5.Ensure that the firewall is enabled in the Bootup and Shutdown Menu and apply the firewall configuration to effect the changes.

Note: You must ensure that the firewall is configured and enabled when using the Gauntlet Security Appliance.

Gauntlet Status Menu

Gauntlet integrates tightly with the firewall, opening it for communications between vetted clients and critical assets on a demand basis.

Figure 206: Gauntlet Security Appliance Menu

The status menu provides a list of validated open connections.

Upgrading Gauntlet

During an upgrade, the Gauntlet daemon may be required to restart. During the upgrade all existing Gauntlet protected connections will be closed.

RuggedCom

241

Image 243

RuggedCom RX1100, RX1000 manual Gauntlet Status Menu, Upgrading Gauntlet

Contents

RuggedRouter Ruggedrouter User Guide Who Should Use This User Guide How To Use This User GuideAbout this User Guide Applicable Firmware RevisionQuick Start Recommendations Document ConventionsBasic Web Based Configuration Additional Configuration About this User Guide Table Of Contents Table Of Contents RuggedRouter User Guide 100 114 144 Page Table Of Contents Page 241 Page Table Of Figures RuggedRouter Setup Main MenuScheduled Commands Displaying a Command T1/E1 Network Interfaces After Interface Creation Adsl Link Statistics Show Public Key Link Backup Status 162 Raw Socket Menu IRIGB/IEEE1588 General Configuration menu 230 255 IAS Window Edit Profile 282 Default Configuration Setting Up And Administering The RouterAccess Methods Accounts And Password ManagementFrom the Console Port Accessing The RuggedRouter Command PromptRuggedRouter Setup Shell Configuring PasswordsConfiguring IP Address Information Setting The HostnameConfiguring Radius Authentication Enabling And Disabling The SSH and Web Server Radius Server Configuration menuEnabling And Disabling The Gauntlet Security Appliance Configuring The Date, Time And TimezoneRuggedRouter Hardware Information Menu Displaying Hardware InformationSelecting a configuration to reload Restoring a ConfigurationStructure of the Web Interface Using a Web Browser to Access the Web InterfaceRuggedRouter Web Interface SSL Certificate WarningsRuggedRouter Web Interface Main Menu Window LED Status Panel Using The LED Status PanelLED Name Description Obtaining Chassis InformationWebmin Configuration Webmin Configuration MenuIP Access Control Change Help Server Ports And AddressesLogging Webmin Configuration Menu, LoggingWebmin Configuration Menu, Authentication AuthenticationWebmin Events Log Webmin Events LogThis page intentionally blank Bootup And Shutdown Configuring The SystemScheduled Commands Change Password CommandScheduled Commands Displaying a Command Webmin Scheduled Cron Jobs Scheduled Cron JobsSystem Time System HostnameNetwork Configuration Configuring NetworkingDummy Interface Core SettingsDefault Route Table Configured Static RoutesRouting And Gateways Manually Entered Static Routes Static Multicast Routing Static Multicast RoutingEnd To End Backup DNS ClientHost Addresses Page Current Routing & Interface Table Configuring End To End BackupLED Designations Configuring Ethernet InterfacesEthernet Interface Fundamentals Vlan Interface FundamentalsRuggedRouter Functions Supporting VLANs PPPoE On Native Ethernet Interfaces FundamentalsEthernet Interfaces EthernetEditing a Network Interface Editing Currently Active InterfacesEdit Boot Time Interfaces Virtual InterfacesVirtual Lan Interfaces List PPPoE Interfaces PPPoE On Native Ethernet InterfacesEditing a PPPoE Interface Edit PPPoE InterfaceCurrent Routes & Interface Table PPP LogsConfiguring Frame Relay/PPP And T1/E1 T1/E1 FundamentalsFrame Relay T1/E1 Location Of Interfaces And LabelingIncluded With T1E1 Strategy For Creating Interfaces T1/E1 Network InterfacesNaming Of Logical Interfaces Editing a T1/E1 InterfaceE1 Settings T1 SettingsFrame Relay Link Parameters Editing a Logical Interface Frame RelayFrame Relay DLCIs Editing a Logical Interface PPPLink Statistics T1/E1 StatisticsFrame Relay Statistics Frame Relay Interface StatisticsPPP Link Statistics PPP Interface StatisticsT1/E1 Loopback Menu T1/E1 LoopbackUpgrading Firmware Upgrading SoftwareT3 Fundamentals Configuring Frame Relay/PPP And T3T3 Network Interfaces T3 ConfigurationEdit T3 Interface Editing a T3 InterfaceT3 Statistics Upgrading Software Page DDS Fundamentals Configuring Frame Relay/PPPDDS Network Interfaces DDS ConfigurationEdit Logical Interface Frame Relay, single Dlci DDS Link Statistics DDS StatisticsFrame Relay And PPP Interface Statistics DDS LoopbackPage Configuring PPPoE/Bridged Mode On PPPoE/Bridged Mode FundamentalsAdsl Fundamentals Authentication, Addresses and DNS Servers PPPoE MTU IssuesBridged Mode Adsl Configuration Adsl Network InterfacesEditing a Logical Interface PPPoE Edit Logical Interface Bridged Editing a Logical Interface BridgedAdsl Link Statistics Adsl StatisticsCurrent Routes & Interface Table Modem Fundamentals Configuring PPP and ModemPPP Mode Fundamentals When the Modem ConnectsModem Main Menu Modem ConfigurationBlind dial Modem PPP Client Modem PPP Client ConnectionsModem Incoming Call Logs Modem PPP ServerPPP Logs Modem PPP LogsPPP Connection Logs Modem PPP Connection LogsPage Linux netfilter, iptables And The Shoreline Firewall Configuring The FirewallFirewall Fundamentals Stateless vs Stateful FirewallsNetwork Address Translation Port Forwarding Shorewall Quick SetupShoreWall Terminology And Concepts ZonesInterfaces Policy HostsInterface Subnet Address Protocol Ports Masquerading And SnatReject RulesRoute Based Virtual Private Networking Configuring The Firewall And VPNVirtual Private Networking To a DMZ Policy Based Virtual Private NetworkingStarting Shorewall Firewall Menu Firewall Main MenuShorewall Firewall Menu Network Interfaces Network ZonesEditing a Firewall Network Interfaces Firewall Zone Hosts Network Zone HostsMasquerading Default PoliciesEditing a Masquerading Rule Firewall RulesStatic NAT Static NATCreating a Static NAT Entry Actions When StoppedPage Page Policy Vs Route Based VPNs Configuring An IPsec VPNVPN Fundamentals IPsec ModesPublic Key And Pre-shared Keys Supported Encryption ProtocolsOther Configuration Supporting IPSec X509 CertificatesNAT Traversal IPsec and Router Interfaces Openswan Configuration ProcessVPN Main Menu Before Key Generation VPN Main MenuPage IPsec VPN Configuration After Connections Have Been Created Server ConfigurationPreshared Keys Public KeyList Certificates VPN ConnectionsIPsec VPN Connection Details Page Export Configuration Left/Right Systems SettingsIPsec Status Showing IPsec StatusSelect a Certificate Authority IPSec X.509 Roaming Client ExampleVPN Networking Parameters Client Configuration Router IPSec ConfigurationGenerate X.509 Certificates Ethernet Port Configuration Firewall IPSec ConfigurationPage Configuring Dynamic Routing Quagga, RIP and OspfRIP Fundamentals Network Areas Ospf FundamentalsKey Ospf And RIP Parameters Link State AdvertisementsRedistributing Routes Active/Passive Interface DefaultRouter-ID Hello Interval and Dead IntervalLink Detect Configuring Ospf Link CostsOspf Authentication RIP AuthenticationAdministrative Distances Ospf And Vrrp Example Network Area And SubnetsVrrp Operation Dynamic Routing Enable ProtocolsCore Core Global ParametersCore Interface Parameters View Core Configuration Ospf Global Parameters OspfPage Ospf Interfaces Ospf InterfacesView Ospf Configuration Ospf Network AreasOspf Status RIP Global Parameters RIP Global ParametersRIP Key Chains RIP InterfacesRIP Networks RIP NetworksRIP Status View RIP ConfigurationPage Configuring Link Backup Link Backup FundamentalsPath Failure Discovery Link Backup Main Menu Link Backup ConfigurationUse Of Routing Protocols And The Default Route Edit Link Backup Configuration Link Backup Logs Link Backup StatusTest Link Backup Page Page Vrrp Fundamentals Configuring VrrpProblem With Static Routing Vrrp SolutionVrrp Example Page Vrrp Main Menu Vrrp ConfigurationVrrp Instance Editing a Vrrp InstanceVrrp Instances Status Viewing Vrrp Instances StatusFilters Configuring Traffic PrioritizationTraffic Prioritization Fundamentals Priority QueuesIncluded With Traffic Prioritization TOS PrioritizationPrioritization Example Interface Prioritization Menu Traffic Prioritization Main MenuPrioritization Queues Prioritization FiltersPrioritization Transmit Queue Length Prioritization Statistics Prioritization StatisticsGRE Fundamentals Configuring Generic Routing EncapsulationGRE Main Menu GRE Configuration MenuPage Network Utilities Main Menu Network UtilitiesTraceroute Menu Ping MenuHost Menu Trace MenuTcpdump a Network Interface Serial Trace a Serial Server Port Frame Relay Link Layer Trace a WAN InterfaceInterface Statistics Menu Interface Statistics MenuCurrent Routing & Interface Table Current Routing & Interface TableInterface Status Page Serial IP Port Features Configuring Serial ProtocolsBroadcast RTU Polling Serial Protocols ApplicationsCharacter Encapsulation RTU PollingMessage Packetization Serial Protocols Concepts And IssuesHost And Remote Roles Use Of Port RedirectorsSerial Protocols Main Menu Use of Turnaround DelaysPort Settings Menu Assign Protocols MenuRawSocket Menu Page Serial Protocols Statistics Menu Protocol Specific Packet Error StatisticsSerial Protocols Trace Menu Serial Protocols Trace MenuIs provided Serial Protocols Sertrace UtilityPage Configuring Goose Tunnels IEC61850 Goose FundamentalsLayer 2 Tunnel Daemon Details Layer 2 Tunnels Main Menu Layer 2 Tunnels Main MenuGoose Tunnels Menu General Configuration MenuActivity Trace Menu Goose Statistics MenuPage Page Dhcp Client Options Configuring The Dhcp serverDhcp Fundamentals Dhcp Network OrganizationsPage Option 82 Support with Disable NAK Single Network With Static IP Assignment Example Dhcp Scenarios And ConfigurationsSingle Network With Option82 Clients On One Switch Single Network With Dynamic IP AssignmentPage Page Dhcp Server Menu Dhcp Server Main MenuDhcp Shared Network Configuration Dhcp Shared Network ConfigurationDhcp Subnet Configuration Dhcp Subnet ConfigurationDhcp Host Configuration Dhcp Group ConfigurationDhcp Pool Configuration Dhcp Pool ConfigurationNTP Fundamentals Configuring NTPNTP Sanity Limit NTP And The Precision Time Protocol CardIncluded With NTP Generic Options NTP Server Main MenuPeers Configuration Servers ConfigurationViewing The NTP Log Viewing The NTP StatusViewing The GPS Log Viewing The GPS StatusConfiguring SSH SSH FundamentalsIncluded With SSH SSH Server SSH Main MenuNetworking Access ControlPage PTP Master Election Configuring Irigb And IEEE1588IEEE1588 Fundamentals PTP Network RolesIrigb Fundamentals Synchronizing NTP from IEEE1588Irigb Output Formats GPS Cable compensation Reference ClocksHow The Router Selects a Reference Clock IRIGB/IEEE1588 Main Menu General ConfigurationIEEE1588 Configuration Irigb ConfigurationIEEE1588 Status Irigb StatusIrigb Log Page Snort Rules Configuring The Snort IDSSnort Fundamentals Which Interfaces To MonitorGlobal Configuration Snort IDS Main MenuPerformance And Resources Network Settings RulesetsRule Lookup by SID Alerts & Logging PreProcessorsEdit Config File Maintaining The Router Alert SystemAlert Menu Alert Configuration Menu Alert ConfigurationAlert Definition Configuration Alert Filter ConfigurationChange Alert Definition Page Gauntlet Security What And How Gauntlet ProtectsGauntlet And The Firewall Upgrading Gauntlet Gauntlet Status MenuSystem Backup And Restore Backup And RestoreGeneral Configuration Setup Archive History Archive BackupArchive Difference Tool Archive RestoreArchive Differences List Show Difference for selected file between two targets Snmp ConfigurationSnmp Configuration Main Menu System ConfigurationNetwork Addressing Configuration Access Control page, Snmp V1 and V2c 250 RuggedCom Trap Configuration page, Trap Options Trap ConfigurationRuggedRouter supports the following MIBs MIB SupportRadius Authentication Edit Radius Server Parameters Radius Authentication ConfigurationOutgoing Mail Parameter Description Chassis ParametersSystem Logs Syslog Factory DefaultsChanging a Syslog entry to remote log Remote LoggingRuggedRouter Software Fundamentals Upgrade SystemAutomatic Upgrade When a Software Upgrade Requires a RebootChange Repository Server Upgrade to RX1100Upgrading All Packages Automatic UpgradingPre-upgrade/Post-upgrade scripts Installing a New PackageUpload/Download menu Uploading And Downloading FilesSecurity Actions Security ConsiderationsPage Appendix a Setting Up a Repository Initial Repository SetupRepository Server Requirements Setting Up The Routers Upgrading The RepositoryAn Alternate Approach Upgrading Considerations Appendix B Downgrading Router Software Apache Default Web Appendix C Installing Apache Web Server On WindowsPage Installing IIS Appendix D Installing IIS Web Server On WindowsAppendix E Radius Server Configuration Windows Internet Authentication ServiceFreeRadius Edit Profile window, Click Add... button 276 RuggedCom RuggedCom 277 Dhcp IndexGoose NTP SSH Vrrp