Avaya Business Secure Router 222 Configuration - Basics Manual de usuario Pagina 240
- Pagina / 451
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
240 Chapter 13 VPN
NN47922-500
Main Mode ensures the highest level of security when the communicating parties
are negotiating authentication (phase 1). It uses 6 messages in three round trips:
SA negotiation, Diffie-Hellman exchange, and an exchange of nonces (a nonce is
a random number). This mode features identity protection (your identity is not
revealed in the negotiation).
Aggressive Mode is quicker than Main Mode because it eliminates several steps
when the communicating parties are negotiating authentication (phase 1).
However the trade-off is that faster speed limits its negotiating power and it also
does not provide identity protection. It is useful in remote access situations where
the address of the initiator is not known by the responder and both parties want to
use preshared key authentication.
Preshared key
A preshared key identifies a communicating party during a phase 1 IKE
negotiation. It is called preshared because you have to share it with another party
before you can communicate with the party over a secure connection.
Diffie-Hellman (DH) Key Groups
Diffie-Hellman (DH) is a public-key cryptography protocol that allows two
parties to establish a shared secret over an unsecured communications channel.
Diffie-Hellman is used within IKE SA setup to establish session keys. 768-bit
(Group 1 - DH1), 1 024-bit (Group 2 – DH2) and 1 536-bit (Group 5 - DH5)
Diffie-Hellman groups are supported. Upon completion of the Diffie-Hellman
exchange, the two peers have a shared secret, but the IKE SA is not authenticated.
For authentication, use preshared keys.
Perfect Forward Secrecy (PFS)
Enabling PFS means that the key is transient. The key is thrown away and
replaced by a brand new key using a new Diffie-Hellman exchange for each new
IPSec SA setup. With PFS enabled, if one key is compromised, previous and
subsequent keys are not compromised, because subsequent keys are not derived
from previous keys. The (time consuming) Diffie-Hellman exchange is the
trade-off for this extra security.
- Business Secure Router 1
- Copyright © Nortel 2005–2006 2
- Trademarks 2
- Contents 3
- Chapter 2 4
- Chapter 3 5
- Chapter 4 5
- Chapter 5 6
- Chapter 6 6
- Chapter 13 10
- Chapter 14 11
- Chapter 18 13
- Chapter 22 15
- Appendix A 15
- Appendix B 16
- 28 Tables 28
- Before you begin 29
- Text conventions 29
- Related publications 30
- Hard copy technical manuals 30
- How to get Help 31
- 32 Preface 32
- Chapter 1 33
- Router 222 33
- Physical features 34
- Nonphysical features 35
- Firewall 36
- Dynamic DNS support 38
- IP Multicast 38
- IP Alias 38
- Central Network Management 38
- Traffic Redirect 39
- Port Forwarding 39
- Full network management 40
- Road Runner support 40
- Logging and tracing 40
- Embedded FTP and TFTP Servers 40
- Hardware Setup 42
- Introducing the WebGUI 43
- Figure 2 Login screen 44
- Figure 6 MAIN MENU Screen 48
- Figure 7 Contact Support 49
- Wizard setup 51
- Wizard setup: Screen 2 52
- Ethernet 53
- 54 Chapter 3 Wizard setup 54
- Chapter 3 Wizard setup 55 55
- Chapter 3 Wizard setup 57 57
- Wizard setup: Screen 3 58
- IP address and Subnet Mask 59
- DNS Server address assignment 60
- WAN MAC address 60
- Chapter 3 Wizard setup 61 61
- 62 Chapter 3 Wizard setup 62
- Figure 12 Wizard 3 62
- Table 7 Wizard 3 62
- Chapter 3 Wizard setup 63 63
- 64 Chapter 3 Wizard setup 64
- Basic Setup Complete 65
- 66 Chapter 3 Wizard setup 66
- User Notes 67
- Security 70
- Advanced Router Configuration 71
- 72 Chapter 4 User Notes 72
- Termination) 73
- Emulation) 73
- 74 Chapter 4 User Notes 74
- Chapter 4 User Notes 75 75
- 76 Chapter 4 User Notes 76
- System screens 77
- Configuring General Setup 78
- Chapter 5 System screens 79 79
- 80 Chapter 5 System screens 80
- Dynamic DNS 81
- Configuring Dynamic DNS 81
- 82 Chapter 5 System screens 82
- Figure 15 DDNS 82
- Table 9 DDNS 82
- Configuring Password 83
- 84 Chapter 5 System screens 84
- Figure 16 Password 84
- Table 10 Password 84
- Chapter 5 System screens 85 85
- Configuring Time and Date 86
- Chapter 5 System screens 87 87
- Figure 17 Time and Date 87
- 88 Chapter 5 System screens 88
- Table 12 Time and Date 88
- Chapter 5 System screens 89 89
- Configuring ALG 90
- Chapter 5 System screens 91 91
- Table 13 ALG 91
- 92 Chapter 5 System screens 92
- LAN screens 93
- LAN TCP/IP 94
- Multicast 95
- Configuring IP 96
- Chapter 6 LAN screens 97 97
- Table 14 LAN IP 97
- 98 Chapter 6 LAN screens 98
- Chapter 6 LAN screens 99 99
- Configuring Static DHCP 100
- Configuring IP Alias 101
- 102 Chapter 6 LAN screens 102
- NN47922-500 102
- Figure 21 IP Alias 102
- Table 16 IP Alias 102
- Chapter 6 LAN screens 103 103
- 104 Chapter 6 LAN screens 104
- Chapter 7 105
- WAN screens 105
- Configuring Route 106
- Configuring WAN ISP 107
- PPPoE Encapsulation 108
- Chapter 7 WAN screens 109 109
- PPTP Encapsulation 110
- Chapter 7 WAN screens 111 111
- Table 20 PPTP Encapsulation 111
- Service type 112
- Chapter 7 WAN screens 113 113
- Figure 26 RR Service type 113
- Table 21 RR Service Type 113
- Configuring WAN IP 114
- Chapter 7 WAN screens 115 115
- Figure 27 WAN: IP 115
- 116 Chapter 7 WAN screens 116
- Table 22 WAN: IP 116
- Chapter 7 WAN screens 117 117
- Configuring WAN MAC 118
- Traffic redirect 119
- Configuring Traffic Redirect 120
- Chapter 7 WAN screens 121 121
- Figure 31 Traffic Redirect 121
- Table 23 Traffic Redirect 121
- Configuring Dial Backup 122
- Chapter 7 WAN screens 123 123
- Figure 32 Dial Backup Setup 123
- 124 Chapter 7 WAN screens 124
- Table 24 Dial Backup Setup 124
- Chapter 7 WAN screens 125 125
- 126 Chapter 7 WAN screens 126
- Advanced Modem Setup 127
- 128 Chapter 7 WAN screens 128
- Figure 33 Advanced Setup 128
- Chapter 7 WAN screens 129 129
- Table 25 Advanced Setup 129
- 130 Chapter 7 WAN screens 130
- Chapter 8 131
- What NAT does 132
- How NAT works 133
- NAT application 134
- NAT mapping types 135
- Using NAT 136
- SUA Server 137
- Configuring SUA Server 139
- Figure 38 SUA/NAT setup 140
- Table 29 SUA/NAT setup 140
- Configuring Address Mapping 141
- Figure 39 Address Mapping 142
- Table 30 Address Mapping 142
- Trigger Port Forwarding 145
- Figure 42 Trigger Port 147
- Table 32 Trigger Port 148
- Chapter 9 149
- Static Route screens 149
- Configuring IP Static Route 150
- Configuring Route entry 152
- Chapter 10 155
- Firewalls 155
- Packet Filtering firewalls 156
- Application level firewalls 156
- Chapter 10 Firewalls 157 157
- Denial of Service 158
- Types of DoS attacks 159
- 160 Chapter 10 Firewalls 160
- Chapter 10 Firewalls 161 161
- Figure 48 SYN flood 161
- • ICMP vulnerability 162
- ICMP types trigger an alert: 162
- Stateful inspection 163
- Stateful inspection process 164
- Chapter 10 Firewalls 165 165
- TCP security 166
- UDP/ICMP security 167
- Upper layer protocols 167
- 168 Chapter 10 Firewalls 168
- Packet filtering vs. firewall 169
- When to use the firewall 170
- Chapter 11 171
- Firewall screens 171
- Rule logic overview 173
- Connection direction examples 174
- WAN to LAN rules 175
- LAN to WAN rules 175
- Configuring firewall 176
- Configuring firewall rules 180
- Configuring custom ports 184
- Example firewall rule 185
- Predefined services 188
- Configuring attack alert 192
- Figure 62 Attack alert 194
- Table 43 Attack alert 194
- Chapter 12 197
- Content filtering 197
- Configure Content Filtering 198
- Table 44 Content filter 199
- VPN screens overview 202
- Security Association 203
- Other terminology 203
- IPSec architecture 204
- IPSec algorithms 205
- 206 Chapter 13 VPN 206
- Key management 207
- Encapsulation 208
- IPSec and NAT 209
- Secure Gateway Address 210
- Summary screen 211
- 212 Chapter 13 VPN 212
- Figure 68 Summary 212
- IP Policies 212
- Chapter 13 VPN 213 213
- Table 49 Summary 213
- Keep Alive 214
- Nailed Up 214
- NAT Traversal 215
- Preshared key 216
- Chapter 13 VPN 217 217
- Configuring Advanced Setup 218
- Chapter 13 VPN 219 219
- ID Type and content 220
- ID type and content examples 221
- My IP Address 222
- Chapter 13 VPN 223 223
- 224 Chapter 13 VPN 224
- Chapter 13 VPN 225 225
- 226 Chapter 13 VPN 226
- Chapter 13 VPN 227 227
- 228 Chapter 13 VPN 228
- Chapter 13 VPN 229 229
- 230 Chapter 13 VPN 230
- Configuring an IP Policy 231
- 232 Chapter 13 VPN 232
- Chapter 13 VPN 233 233
- 234 Chapter 13 VPN 234
- Chapter 13 VPN 235 235
- Port forwarding server 236
- Chapter 13 VPN 237 237
- IKE phases 238
- Negotiation Mode 239
- Perfect Forward Secrecy (PFS) 240
- Chapter 13 VPN 241 241
- 242 Chapter 13 VPN 242
- Chapter 13 VPN 243 243
- SA Monitor 244
- Chapter 13 VPN 245 245
- Figure 77 VPN SA Monitor 245
- Table 60 VPN SA Monitor 245
- Global settings 246
- Chapter 13 VPN 247 247
- Table 61 VPN Global Setting 247
- VPN Client Termination 248
- Chapter 13 VPN 249 249
- 250 Chapter 13 VPN 250
- Chapter 13 VPN 251 251
- 252 Chapter 13 VPN 252
- Chapter 13 VPN 253 253
- 254 Chapter 13 VPN 254
- Chapter 13 VPN 255 255
- 256 Chapter 13 VPN 256
- Chapter 13 VPN 257 257
- 258 Chapter 13 VPN 258
- Chapter 13 VPN 259 259
- 260 Chapter 13 VPN 260
- Certificates 261
- Self-signed certificates 262
- Configuration summary 263
- My Certificates 263
- 264 Chapter 14 Certificates 264
- Figure 84 My Certificates 264
- Chapter 14 Certificates 265 265
- Table 66 My Certificates 265
- Certificate file formats 266
- Importing a certificate 267
- 268 Chapter 14 Certificates 268
- Creating a certificate 269
- 270 Chapter 14 Certificates 270
- Chapter 14 Certificates 271 271
- My Certificate details 272
- Chapter 14 Certificates 273 273
- 274 Chapter 14 Certificates 274
- Chapter 14 Certificates 275 275
- Trusted CAs 276
- Chapter 14 Certificates 277 277
- Figure 88 Trusted CAs 277
- Table 70 Trusted CAs 277
- 278 Chapter 14 Certificates 278
- Chapter 14 Certificates 279 279
- Figure 89 Trusted CA import 279
- Table 71 Trusted CA import 279
- 280 Chapter 14 Certificates 280
- Chapter 14 Certificates 281 281
- 282 Chapter 14 Certificates 282
- Table 72 Trusted CA details 282
- Chapter 14 Certificates 283 283
- Trusted remote hosts 284
- Chapter 14 Certificates 285 285
- 286 Chapter 14 Certificates 286
- Chapter 14 Certificates 287 287
- 288 Chapter 14 Certificates 288
- Chapter 14 Certificates 289 289
- 290 Chapter 14 Certificates 290
- Chapter 14 Certificates 291 291
- 292 Chapter 14 Certificates 292
- Directory servers 293
- Secure Router can access 294
- Chapter 14 Certificates 295 295
- 296 Chapter 14 Certificates 296
- Chapter 15 297
- Bandwidth management 297
- Bandwidth classes and filters 298
- FTP 64 Kb/s 64 Kb/s 299
- H.323 64 Kb/s 64 Kb/s 299
- SIP 64 Kb/s 64 Kb/s 299
- Configuring summary 300
- Configuring class setup 301
- Chapter 16 309
- IEEE 802.1x 309
- EAP Authentication overview 310
- Configuring 802.1X 311
- 312 Chapter 16 IEEE 802.1x 312
- Figure 105 802.1X 312
- Table 85 802.1X 312
- Chapter 16 IEEE 802.1x 313 313
- 314 Chapter 16 IEEE 802.1x 314
- Chapter 17 315
- Authentication server 315
- Edit Local User Database 317
- Current split networks 320
- Current split networks edit 321
- Configuring RADIUS 323
- Figure 110 RADIUS 324
- Table 90 RADIUS 324
- Remote management screens 327
- Remote management and NAT 328
- System timeout 328
- Introduction to HTTPS 329
- Configuring WWW 330
- Figure 112 WWW 331
- Table 91 WWW 331
- HTTPS example 332
- Logon screen 336
- Secure Router models 338
- SSH overview 341
- How SSH works 342
- Configuring SSH 343
- Figure 123 SSH 344
- Table 92 SSH 344
- Example 1: Microsoft Windows 345
- Example 2: Linux 346
- Secure FTP using SSH example 347
- Configuring TELNET 349
- Configuring FTP 350
- Configuring SNMP 351
- Supported MIBs 353
- SNMP Traps 353
- REMOTE MANAGEMENT: SNMP 354
- Configuring DNS 355
- Configuring Security 356
- Figure 134 Security 357
- Table 98 Security 357
- Chapter 19 359
- UPnP implementation 360
- Configuring UPnP 360
- Chapter 19 UPnP 361 361
- Figure 135 Configuring UPnP 361
- Table 99 Configuring UPnP 361
- Displaying UPnP port mapping 362
- Installing UPnP in Windows Me 363
- Installing UPnP in Windows XP 364
- Chapter 19 UPnP 365 365
- 366 Chapter 19 UPnP 366
- Chapter 19 UPnP 367 367
- 368 Chapter 19 UPnP 368
- Figure 145 Service settings 368
- WebGUI easy access 369
- Local Network 370
- WebGUI logon screen displays 370
- Chapter 20 371
- Logs Screens 371
- 372 Chapter 20 Logs Screens 372
- Figure 150 View Log 372
- Table 101 View Log 372
- Configuring Log settings 373
- 374 Chapter 20 Logs Screens 374
- Figure 151 Log settings 374
- Chapter 20 Logs Screens 375 375
- Table 102 Log settings 375
- Configuring Reports 376
- Chapter 20 Logs Screens 377 377
- Figure 152 Reports 377
- Viewing Web site hits 378
- Chapter 20 Logs Screens 379 379
- Viewing Protocol/Port 380
- Viewing LAN IP address 381
- 382 Chapter 20 Logs Screens 382
- Reports specifications 383
- 384 Chapter 20 Logs Screens 384
- Chapter 21 385
- Call scheduling screens 385
- Call scheduling 385
- Call scheduling edit 387
- Maintenance 391
- 392 Chapter 22 Maintenance 392
- Figure 159 System Status 392
- Table 110 System Status 392
- System statistics 393
- DHCP Table screen 394
- F/W Upload screen 395
- 396 Chapter 22 Maintenance 396
- Figure 162 Firmware upload 396
- Table 113 Firmware Upload 396
- Chapter 22 Maintenance 397 397
- Configuration screen 398
- Backup configuration 399
- Restore configuration 400
- Restart screen 401
- 402 Chapter 22 Maintenance 402
- Figure 170 Restart screen 402
- Troubleshooting 403
- Problems with the LAN LED 404
- Problems with Internet Access 405
- Problems with the password 406
- Problems with the WebGUI 407
- Permissions 408
- Figure 173 Internet options 410
- Internet Explorer JavaScript 411
- JAVA (Sun) 414
- Netscape Pop-up Blockers 415
- Allowing Pop-ups 416
- Figure 181 Popup Windows 417
- Figure 182 Popup Windows 418
- Figure 183 Allowed Sites 419
- Figure 184 Advanced 420
- Log Descriptions 423
- Table 128 Attack Logs 425
- Table 129 Access Logs 426
- Table 130 ACL Setting Notes 431
- Table 131 ICMP Notes 431
- VPN/IPSec Logs 432
- VPN Responder IPSec Log 433
- Table 136 PKI Logs 438
- Log Commands 442
- Displaying Logs 443
- Log Command Example 444
Relacionado con productos y manuales para Routers Avaya Business Secure Router 222 Configuration - Basics
Routers Avaya BayRS 15.4.0.0 Manual de usuario
(130 paginas)
(130 paginas)
Routers Avaya Cable Manual de usuario
(202 paginas)
(202 paginas)
Routers Avaya BayRS Router Software Version 11.03 and Site Manager Software Version 5.03 aviso
(58 paginas)
(58 paginas)
Routers Avaya 1603SW-I Manual de instalación
(74 paginas)
(74 paginas)
Routers Avaya Configuring OSI Services Manual de usuario
(124 paginas)
(124 paginas)
Routers Avaya BayRS Version 13.00 (Japanese) aviso
(64 paginas)
(64 paginas)
Routers Avaya BayRS and BCC Version 15.5.1.1 Fixed Anomalies (316151-15.5.1.1 Rev 00) Manual de usuario
(5 paginas)
(5 paginas)
Routers Avaya Configuring Remote Access for AN and Passport ARN Routers Manual de usuario
(142 paginas)
(142 paginas)
Routers Avaya BCM50 Manual de usuario
(82 paginas)
(82 paginas)
Routers Avaya BCM50 Manual de usuario
(26 paginas)
(26 paginas)
Routers Avaya BCM50 Manual de instalación
(335 paginas)
(335 paginas)
Routers Avaya BCM50e Manual de usuario
(311 paginas)
(311 paginas)
Routers Avaya Cable Manual de usuario
(194 paginas)
(194 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.033 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales