Nortel Networks Nortel Secure Network Access Switch 4050 Instrukcja Użytkownika Strona 798
- Strona / 922
- Spis treści
- ROZWIĄZYWANIE PROBLEMÓW
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
798 Chapter 17 Configuration example
320818-A
Generate and activate the SSH key for communication with the network access
devices:
>> Main# cfg/domain 1/sshkey/generate
Generating new SSH key, this operation takes a few
seconds... done.
Apply to activate.
>> NSNAS SSH key# apply
Create a test SRS rule and specify it for the tunnelguard group:
>> Group 1# /cfg/domain 1/aaa/tg/quick
In the event that the TunnelGuard checks fails on a client,
the session can be teardown, or left in restricted mode
with limited access.
Which action do you want to use for TunnelGuard
failure? (teardown/restricted) [restricted]:
Do you want to create a tunnelguard test user? (yes/no)
[yes]: no
Using existing tg_passed filter
Using existing tg_failed filter
Using existing tg_passed linkset
Using existing tg_failed linkset
Adding test SRS rule srs-rule-test
This rule check for the presence of the file
C:\tunnelguard\tg.txt
Using existing tg_passed filter
Use 'diff' to view pending changes, and 'apply' to commit
>> TG#../group 1/tgsrs srs-rule-test
>> Group 1# apply
Adding the network access devices
This example adds the Ethernet Routing Switch 8300 manually, and uses the
quick switch wizard to add the Ethernet Routing Switch 5510. In both cases, the
example assumes that the switch is not reachable when it is added, and the switch
public SSH key is therefore not automatically retrieved by the Nortel SNAS 4050.
- Nortel Secure Network Access 1
- Switch 4050 User Guide 1
- Trademarks 2
- Restricted rights legend 2
- Statement of conditions 2
- Licensing 3
- Contents 5
- 24 Contents 24
- Text conventions 27
- Related information 28
- How to get help 29
- 30 Preface 30
- Chapter 1 31
- Elements of the NSNA solution 32
- Supported users 32
- Role of the Nortel SNAS 4050 33
- Nortel SNAS 4050 functions 34
- Nortel SNA VLANs and filters 34
- Groups and profiles 35
- Authentication methods 36
- Chapter 1 Overview 37 37
- Communication channels 38
- About SSH 38
- Nortel SNAS 4050 clusters 39
- 40 Chapter 1 Overview 40
- One-armed configuration 41
- Two-armed configuration 41
- 42 Chapter 1 Overview 42
- Chapter 1 Overview 43 43
- 44 Chapter 1 Overview 44
- Chapter 1 Overview 45 45
- 46 Chapter 1 Overview 46
- Chapter 1 Overview 47 47
- 48 Chapter 1 Overview 48
- Chapter 2 49
- Initial setup 49
- About the IP addresses 51
- Chapter 2 Initial setup 61 61
- Extended profile details 61
- Joining a cluster 63
- Chapter 2 Initial setup 67 67
- Figure 3 69
- 70 Chapter 2 Initial setup 70
- Chapter 3 71
- > 77
- Manually adding a switch 78
- Figure 5 87
- The SSH Key menu displays 88
- /cfg/domain #/switch #/ena 91
- Add a Switch 92
- Add a Switch fields 92
- Table 4 95
- Mapping VLANs by domain 97
- Adding VLANs to a domain 98
- Removing VLANs from a domain 99
- Mapping VLANs by switch 100
- Adding VLANs to a switch 101
- Removing VLANs from a switch 102
- 320818-A 104
- Key Generation screen 105
- Switch SSH Key fields 106
- Figure 13 107
- Table 8 108
- Switch SSH Key screen 109
- Figure 15 112
- Table 11 114
- Switch Configuration screen 116
- Chapter 4 117
- Configuring the domain 117
- /cfg/domain 118
- Roadmap of domain commands 119
- <domain ID> 122
- Figure 17 Creating a domain 123
- The Trace menu displays 137
- SSL is enabled by default 142
- NSNAS-Portal-ID) 149
- Figure 19 152
- Add a Secure Access Domain 153
- Figure 21 155
- 6 Click Next 158
- Field Description 159
- Domain Quick Wizard – Server 160
- Domain Quick Wizard – Switch 161
- Figure 28 164
- Table 19 165
- Table 20 166
- Table 21 167
- Table 22 170
- Table 23 173
- Figure 31 174
- Table 24 175
- Figure 32 176
- Table 25 177
- Table 26 180
- Figure 34 182
- HTTP Redirect fields 183
- Figure 36 187
- 2 Click Add 187
- Figure 37 187
- Chapter 5 191
- Overview 192
- Default group 193
- Linksets 194
- TunnelGuard SRS rule 194
- Extended profiles 195
- Before you begin 196
- Figure 38 200
- Figure 40 205
- Figure 41 207
- Adding a group 210
- Adding a Group screen 211
- Add a Group fields 211
- Modifying a group 212
- Group Configuration fields 213
- Adding a client filter 214
- Adding a Client Filter screen 215
- 4 Click Apply 216
- Modifying a client filter 217
- Table 34 218
- Adding an extended profile 220
- Modifying an extended profile 222
- Mapping linksets to a group 224
- Adding linksets to a group 225
- Mapping linksets to a profile 227
- Adding a Linkset screen 228
- Add a Linkset fields 228
- AAA Configuration screen 230
- AAA Configuration fields 231
- Table 39 231
- Chapter 6 233
- Configuring authentication 233
- 1/aaa/group <group ID> 244
- The RADIUS menu displays 246
- The LDAP menu displays 253
- Figure 60 270
- Configuration 274
- Table 41 275
- Figure 63 276
- Table 42 277
- Radius Servers 279
- Adding a RADIUS server 280
- Removing a RADIUS server 281
- Next steps 282
- Modifying LDAP configuration 284
- Table 45 286
- Figure 68 287
- Table 46 288
- LDAP Servers 291
- Adding an LDAP server 292
- Removing an LDAP server 293
- Managing LDAP macros 294
- LDAP Macros 295
- Adding LDAP macros 296
- Reordering LDAP macros 297
- Removing LDAP macros 297
- Adding the Local method 299
- Populating the database 301
- Add a Local User 302
- Add a Local User fields 302
- Importing a database 304
- Modifying local users 307
- Figure 78 308
- Table 54 311
- Exporting the database 312
- Authentication Server Order 315
- Chapter 7 317
- TunnelGuard SRS Builder 317
- Configuring SRS rules 318
- Menu commands 319
- TunnelGuard Rule menu 321
- Tool menu 321
- SRS definition toolbar 322
- SRS Components table 323
- Customizing a component 324
- Memory snapshot 325
- SRS Rule list 326
- Available Expression list 326
- Rule Expression Constructor 326
- The New SRS window 328
- Selecting file on disk 331
- Creating logical expressions 333
- The New SRS Rule window 336
- Registry-based rules 338
- Supported integer operands 339
- Table 67 340
- Creating a registry entry 341
- Registry-based File/Module 342
- Manually creating SRS entries 343
- Create new OnDisk SRS Entry 344
- File age check 347
- Adding comments 348
- The Rule Comment window 349
- Deleting a TunnelGuard rule 350
- Deleting an expression 350
- Making API calls 351
- Chapter 8 353
- CLI configuration examples 360
- Old: is empty 362
- /cfg/cert) 364
- Changing passwords 366
- Changing your own password 366
- 2 Access the User Menu 368
- 4 Type the 368
- 5 Apply the changes 368
- Deleting a user 369
- User Table 371
- Adding new user accounts 372
- Add a User fields 373
- Figure 98 374
- Table 70 375
- Change Your Password 376
- Change Your Password fields 377
- Figure 100 378
- Change User Password fields 379
- Figure 101 380
- Adding a user group 382
- Removing a user group 383
- Chapter 9 385
- Exclude List 387
- Table 75 388
- Portal display 389
- Default appearance 390
- Language localization 392
- Linksets and links 394
- Autorun linksets 394
- Planning the linksets 395
- Automatic JRE upload 397
- Windows domain logon script 398
- Command Parameter 399
- /cfg/lang 403
- The Portal menu displays 406
- Enabling DNS capture 417
- DNS Capture screen 418
- DNS Capture fields 418
- Add DNS Domain 419
- Add DNS Domain fields 419
- Pre-defined Languages 421
- Viewing predefined languages 422
- Import/Export Definition 423
- Figure 110 425
- Language fields 426
- Configuring content 427
- Table 82 428
- Importing banners 430
- Import Banner fields 431
- Figure 113 432
- Color Settings fields 433
- Basics screen 435
- Basics fields 436
- Table 85 436
- Importing custom content 437
- Import Content fields 438
- Table 86 438
- Exporting custom content 439
- Export Content fields 440
- Creating a linkset 441
- Add a Linkset 442
- Modifying a linkset 443
- Linkset Configuration fields 444
- Links tab 446
- Figure 120 446
- Add a Portal Link — External 447
- Add a Portal Link fields 447
- Add a Portal Link — FTP 449
- Figure 123 451
- Table 92 452
- Figure 124 453
- FTP link Configuration fields 454
- Re Order Links screen 455
- Re Order Links fields 455
- Chapter 10 457
- Configuring system settings 457
- /cfg/sys 459
- Roadmap of system commands 460
- The System menu displays 464
- Viewing host information 469
- Managing NTP servers 476
- Managing DNS servers 479
- About RADIUS auditing 488
- Configuring RADIUS auditing 489
- Figure 126 496
- System Configuration fields 497
- Figure 128 499
- Host fields 500
- Global Licenses 501
- Table 97 502
- Figure 130 503
- Table 98 504
- Figure 131 505
- BEGIN LICENSE and 506
- END LICENSE lines 506
- Install New License 507
- Interfaces 508
- Adding a host interface 509
- Table 100 512
- 0 (zero) 513
- Interface fields (continued) 513
- Removing a host interface 514
- Figure 136 515
- Managing static routes 517
- Adding a static route 518
- Removing a static route 519
- Figure 140 520
- Figure 141 521
- Port fields 522
- Table 102 522
- Adding interface ports 524
- Removing interface ports 524
- Adding an access list entry 526
- Removing an Access List entry 527
- Date & Time 528
- Date & Time fields 529
- Adding an NTP server 530
- Removing an NTP server 531
- Figure 147 532
- Table 107 533
- Managing syslog servers 534
- Adding a new syslog server 535
- Adding a DNS server 538
- Managing RSA servers 540
- Adding an RSA server 541
- Removing the RSA node secret 542
- RSA Server 543
- RSA Server fields 543
- Importing sdconf.rec 544
- Figure 155 545
- Import sdconf.rec fields 546
- SRS Control Settings 547
- Add SSH Key fields 548
- Showing SSH keys 549
- SSH Keys – Hosts 551
- SSH Keys Hosts field 552
- Add SSH Key 553
- NSNAS-SSL-Audit-Trail) 555
- Figure 160 557
- Table 116 558
- Audit Servers 559
- Adding a new Audit Server 560
- Configuration tab 563
- Figure 163 563
- Table 118 564
- Radius Server Table 565
- Add Radius Server 566
- Add Radius Server fields 566
- Chapter 11 569
- Managing certificates 569
- Key and certificate formats 571
- Creating certificates 573
- Updating certificates 574
- Figure 166 582
- Figure 170 593
- Parameter Description 594
- Certificates screen 598
- Add a Certificate Component 599
- Figure 174 601
- Table 125 602
- Import Certificate screen 604
- Figure 176 606
- Display Certificates fields 607
- Figure 177 608
- Table 128 609
- Viewing configuration details 610
- Figure 178 611
- Table 129 611
- Viewing general information 612
- Figure 179 613
- Table 130 613
- Table 130 Info fields 614
- Figure 180 615
- Table 131 615
- Table 131 Subject fields 616
- Chapter 12 617
- Configuring SNMP 617
- /cfg/sys/adm/snmp 618
- Roadmap of SNMP commands 619
- The SNMPv2-MIB menu displays 621
- Figure 181 632
- Table 132 633
- Adding SNMP targets 635
- Figure 183 636
- SNMP Target fields 637
- Managing SNMP targets 638
- Removing SNMP targets 639
- Adding SNMPv3 users 641
- Figure 186 642
- Table 135 643
- Managing SNMPv3 users 644
- Table 136 645
- Removing SNMPv3 users 646
- Managing monitor events 647
- Adding monitor events 648
- Add a Monitor fields 649
- Removing monitor events 650
- Boolean monitors 650
- Table 138 651
- Threshold monitors 652
- Table 139 653
- Existence monitors 654
- Managing notification events 655
- Adding notification events 656
- Add a Notification Event 657
- Removing notification events 658
- Chapter 13 659
- The Events menu displays 666
- Figure 194 669
- Figure 195 671
- Table 142 671
- Figure 196 673
- Table 143 674
- Figure 197 675
- Table 144 676
- Figure 198 677
- Switch Distribution fields 678
- Figure 199 679
- Table 146 679
- Licenses tab 681
- Figure 200 681
- Table 147 682
- Domain Licenses tab 683
- Figure 201 683
- Per Domain Licenses fields 684
- Sessions screen 685
- Table 149 686
- Figure 203 687
- Ending active user sessions 688
- 3 Click KickOut 689
- Table 151 689
- Number of Sessions screen 690
- Number of Sessions fields 690
- Viewing alarms using the SREM 691
- Figure 206 692
- Table 153 693
- Download Alarms tab 694
- Figure 207 694
- Table 154 695
- Figure 208 696
- Figure 209 697
- Table 155 697
- The Hosts table 699
- Viewing License statistics 701
- Viewing RADIUS statistics 702
- Table 157 703
- Figure 213 704
- Table 158 704
- Viewing LDAP statistics 705
- Table 159 706
- The Statistics table 707
- Figure 218 713
- Table 162 713
- The Ethernet Interface table 717
- Viewing Rx statistics 718
- Viewing Tx statistics 720
- Chapter 14 723
- Table 166 731
- The Boot menu displays 733
- Dump fields 738
- 3 Click Dump 738
- Table 167 738
- Figure 224 739
- Start/Stop Trace fields 740
- Table 168 740
- Check Configuration 741
- Backup & Restore 742
- Backup & Restore fields 743
- Image List 744
- Activating a software image 747
- Figure 230 749
- Download Image fields 750
- Reboot/Delete ISD Options 751
- Figure 232 753
- Table 172 753
- Figure 233 754
- Table 173 755
- Chapter 15 757
- /boot/software/cur command 760
- Reinstalling the software 763
- Chapter 16 769
- The Command Line Interface 769
- Requirements 771
- Procedure 771
- Running Telnet 773
- Running an SSH client 774
- User access levels 776
- CLI Main Menu or Setup 777
- Idle timeout 777
- Chapter 17 779
- Configuration example 779
- Table 176 780
- Creating a new DHCP scope 783
- Naming the new DHCP scope 784
- Figure 239 785
- Figure 240 786
- Figure 241 787
- Specifying the DNS server 788
- Enabling SSH 791
- Creating port-based VLANs 791
- Configuring the VoIP VLANs 791
- Configuring the NSNA ports 792
- Enabling NSNA globally 792
- Setting the switch IP address 793
- Configuring SSH 794
- Performing initial setup 796
- Completing initial setup 797
- Add the switch manually: 799
- Switch 8300: 799
- Mapping the VLANs 800
- Appendix A 803
- CLI reference 803
- Using the CLI 804
- CLI shortcuts 807
- Command abbreviation 808
- Tab completion 808
- IP addresses 810
- Network masks 810
- Variables 811
- CLI Main Menu 812
- CLI command reference 812
- Appendix A CLI reference 813 813
- Information menu 814
- Statistics menu 815
- Configuration menu 816
- Boot menu 835
- Maintenance menu 836
- Chapter 18 837
- Troubleshooting 837
- Enable Telnet or SSH access 838
- Check the Access List 838
- Cannot contact the MIP 841
- Console connection 843
- A user password is lost 844
- Trace tools 845
- System diagnostics 847
- Error log files 849
- Appendix B 851
- Syslog messages 851
- About alarm messages 854
- parameter is listed first 855
- Table 193 855
- About event messages 856
- Start-up messages 860
- AAA subsystem messages 861
- is enabled 862
- Table 201 862
- NSNAS subsystem messages 863
- Table 202 864
- NSNAS — INFO (Sheet 2 of 2) 865
- /cfg/sys/cur 869
- Appendix C 875
- Supported MIBs 875
- 876 Appendix C Supported MIBs 876
- Supported MIBs (Sheet 1 of 3) 876
- Appendix C Supported MIBs 877 877
- Supported MIBs (Sheet 2 of 3) 877
- 878 Appendix C Supported MIBs 878
- Supported MIBs (Sheet 3 of 3) 878
- Supported traps 879
- 880 Appendix C Supported MIBs 880
- Appendix D 881
- Supported ciphers 881
- Table 207 Supported ciphers 882
- Appendix E 883
- Directory 883
- (Windows 2000 Server) 886
- Create a new attribute 887
- Create the new class 888
- Appendix F 891
- Creating the DHCP options 892
- The DHCP Management Console 893
- Figure 246 894
- 4 Click Add 894
- The Option Type dialog box 895
- Information options 896
- Figure 248 897
- Setting up the IP Phone 899
- Appendix G 901
- Creating a logon script 902
- Assigning the logon script 903
- Assigning a logon script 904
- Appendix H 905
- GNU General Public License 906
- Bouncy Castle license 910
Powiązane produkty i podręczniki dla Oprogramowanie Nortel Networks Nortel Secure Network Access Switch 4050
(390 strony)© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.038 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji