cc/td/doc/product/vpn/vpn3000/3_6
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
R
S
T
U
V
W
X
Z

Index


A

access hours, configuring     15-3

add     15-4

modify     15-4

accounting record attributes, RADIUS     5-16

accounting servers

configuring     5-16

modify     5-18

add

access hours     15-4

address pool     6-6

email recipient of events     10-32

event class     10-17

filter (traffic management)     15-39

filter rule (traffic management)     15-15

IPSec LAN-to-LAN connection     7-14

NAT rule     15-54

network list     15-9

NTP host     5-29

OSPF area     8-12

security association (traffic management)     15-29

security association to rule on filter     15-45

SMTP server for events     10-29

SNMP community     9-13

SNMP event destination     10-22

static route for IP routing     8-5

syslog server to receive events     10-25

user on internal server (user management)     14-107

address management, configuring     6-2

address pools

configuring     6-5

add     6-6

modify     6-6

alarm thresholds, power, configuring     3-6

Are You There (AYT) firewall policy     14-24, 14-28, 14-63, 14-67

assignment of IP addresses, configuring     6-3

assign rules to filter (traffic management)     15-42

authentication parameters

changing group delimiter     11-6

global     11-6

order of checking     14-2

authentication servers

configuring     5-2

internal     5-11

modify     5-5

NT Domain     5-7

RADIUS     5-5

SecurID     5-9, 14-88

internal     14-1

testing     5-13, 14-91

autodiscovery, network     7-11, 7-20

automatic software update, See client update     12-1

automatic switchover (redundancy)     8-18

B

bandwidth management

bandwidth aggregation     15-65

bandwidth policing     15-64, 15-66

bandwidth reservation     15-64

burst size     15-66

configuring     15-66

enabling on interface     3-20, 15-63, 15-66

in LAN-to-LAN configuration     15-66, 15-67

overview of     15-64

policing rate     15-66

policy

assigning to group     14-103, 15-66

assigning to interface     3-21, 15-66

assigning to LAN-to-LAN     7-20, 15-66

specifying the link rate     3-20, 15-66

bandwidth policies

configuring     15-63

banner for IPSec clients, configuring     14-17, 14-58

base group, configuring (user management)     14-4

base group global preshared secret     14-14

bibliography     xiii

browser

installing SSL certificate     1-5

navigation toolbar, do not use with Manager     1-3

Netscape Navigator, problems with     1-3

requirements     1-2

built-in servers, configuring

See management protocols     9-1

burst size     15-66

C

Central Protection Policy (CPP)     14-24, 14-28, 14-63, 14-67, 15-15

certificate group matching     15-71

defining rules     15-71

fields     15-74

policy     15-77

configuring     15-71

rules

adding     15-72, 15-74

assigning to groups     15-74

deleting     15-72

enabling     15-74

modifying     15-72, 15-74

reordering     15-72

change security association on rule     15-47

Cisco Secure ACS RADIUS server     14-1

Cisco VPN Client

IPSec attributes     7-9, 15-24

IPSec support     14-8, 14-50, 14-113

route advertisement     8-22

supports Mode Configuration     14-15, 14-56

client firewall     14-24, 14-63

and split tunneling     14-24, 14-63

Are You There (AYT) policy     14-24, 14-28, 14-63, 14-67

Central Protection Policy (CPP)     14-24, 14-28, 14-63, 14-67, 15-15

configuring rules for firewall filters     14-24, 14-63, 15-15, 15-17, 15-19, 15-22

custom     14-27, 14-66

local     14-24, 14-63

supported products     14-26, 14-65

vendor and product codes     14-27, 14-66

Zone Labs Integrity Server     14-24, 14-28, 14-63, 14-67

client update     12-1

enabling     12-3

image files     12-2

compression

IPComp     14-14, 14-56

MPPC     14-37, 14-39, 14-76, 14-78

configuration section of Manager     2-1

connecting to VPN Concentrator

using HTTP     1-4

using HTTPS     1-20

conventions

documentation     xii

typographic     xii

copy

filter (traffic management)     15-39

filter rule (traffic management)     15-15

IKE proposal     7-30

network list     15-9

crash, system, saves log file     10-8

D

data

formats     xv

date and time, configuring     11-3

Daylight-Saving Time, enabling     11-4

default

event handling, configuring     10-7

filter rules

table     15-12

using     15-11

filters

table     15-37

using     15-36

gateways, configuring for IP routing     8-7

IKE proposals, table     7-27

security associations, table     15-26, 15-27

tunnel gateway, configuring     8-7

delete

filter rule (traffic management)     15-23

group (user management)     14-42

internal authentication server     5-12

security association (traffic management)     15-35

user on internal server (user management)     14-106

DHCP

functions within the VPN Concentrator, configuring     8-14

servers, configuring     5-22

modify     5-24

digital certificates

in IPSec LAN-to-LAN     7-17

display settings     1-3

DNS

configuring for group     14-49

servers, configuring     5-20

documentation

additional     xii

conventions     xii

E

email recipients of events, configuring     10-30

add     10-32

Ethernet interfaces

See also interfaces

event classes

configuring for special handling     10-15

add     10-17

modify     10-17

table     10-1

event log     10-5

capacity     10-5

deleting from flash memory     10-7

file size     10-8

save     10-7

saved at system reboot     10-8

saved if system crashes     10-8

saving in flash memory     10-7

saving via FTP     10-8, 10-13

events

configuring default handling     10-7

configuring handling     10-6

configuring special handling     10-15

section of Manager     10-1

event severity levels, table     10-4

event trap destinations, configuring     10-20

Extended Authentication, IPSec     14-13, 14-55

F

filter     15-1

add (traffic management)     15-39

add security association to rule on     15-45

assign rules to (traffic management)     15-42

configuring (traffic management)     15-36

configuring on base group     14-7

configuring on group     14-48

configuring on interface

Ethernet     3-12

configuring on user     14-112

copy (traffic management)     15-39

default

table     15-37

using     15-36

modify (traffic management)     15-39

filter rules     15-1

add (traffic management)     15-15

configuring     15-11

copy (traffic management)     15-15

default

table     15-12

using     15-11

delete (traffic management)     15-23

modify (traffic management)     15-15

filters

firewall     15-15

firewall     14-24, 14-63

firewall, client     14-63

See client firewall     14-63

firewall, client, See client firewall     14-24

flash memory

saving log files in     10-7

formats

data     xv

fragmentation policy

IPSec     3-13, 7-19

FTP

configuring internal server     9-2

using to save log files     10-8, 10-13

G

gateways, default     8-7

general parameters, configuring     11-1

global authentication parameters     11-6

groups, configuring, user management     14-41

delete     14-42

modify external     14-80

modify internal     14-43

H

hold down routes

adding to routing table     8-22

HTTP

configuring internal server     9-4

using with Manager     1-4

HTTPS

configuring internal server     9-4

connecting using     1-20

login screen     1-20

I

IKE keepalives     14-12, 14-54

IKE proposals

active     7-28

add     7-30

configuring     7-26

copy     7-30

modify     7-30

copy     7-30

default, table     7-27

inactive     7-28

in IPSec LAN-to-LAN     7-18

in security association     15-24

modify     7-30

IKE security association

See security associations

inheritance, of group and user parameters     1-3

installing SSL certificate

with Internet Explorer     1-6

with Netscape     1-13

Install SSL Certificate (screen)     1-5

interfaces

configuring     3-2

Ethernet, configuring     3-9

OSPF     3-17

RIP     3-15

speed     3-12

transmission mode     3-12

filter

Ethernet     3-12

public     3-11, 7-13, 15-53

section of Manager     3-1

status     3-4

internal authentication server

configuring     5-11

deleting     5-12

maximum groups and users     14-1

Internet Explorer, requirements     1-2

IP addresses

configuring assignment of     6-3

IPComp data compression     14-14, 14-56

IP routing

configuring     8-2

section of Manager     8-1

IPSec

banner for clients     14-17, 14-58

Cisco VPN Client     7-9, 14-8, 14-50, 14-113, 15-24

configuring     7-9

base group     14-8, 14-9

group (internal)     14-50, 14-51

user (internal server)     14-113, 14-114

data compression     14-14, 14-56

discussion     7-9

fragmentation policy     3-13, 7-19

Mode Configuration     14-15, 14-56

rules     15-6

security associations

See security associations

XAuth     14-13, 14-55

IPSec LAN-to-LAN

automatic parameters     7-15, 7-25, 15-18

configuring     7-11

add connection     7-14

no public interfaces screen     7-13

parameters for redundant systems     8-18

Done (screen)     7-25

rules that apply IPSec     15-18

using network lists     7-16, 7-20, 7-23

IPSec NAT-T     7-19

IPSec over TCP     7-34

IPSec through NAT

configuring

base group     14-17

J

JavaScript, requirements     1-2

K

keepalives, See IKE keepalives     14-54

L

L2TP

configuring

base group     14-8, 14-35

group (internal)     14-50, 14-74

user (internal server)     14-113, 14-116

configuring system-wide parameters     7-6

data compression     14-39, 14-78

L2TP over IPSec

configuring

base group     14-8

group (internal)     14-50

user (internal server)     14-113

default security association to use     14-10, 14-52, 14-115

do not use Mode Configuration     14-15, 14-56

IKE proposal required     7-28

no IPSec user authentication     14-13, 14-55

Windows 2000 client support     7-1, 14-8, 14-50, 14-113

LAN-to-LAN

See IPSec LAN-to-LAN

load balancing     13-1

and VRRP     8-18, 13-1

configuring     13-4

cluster     13-5

device     13-6

preliminary steps     13-2

device priority     13-6

defaults     13-6

virtual cluster     13-1

virtual cluster master     13-1

local LAN access for VPN client     14-21, 14-60

log files

See event log

logging in the VPN Concentrator Manager     1-21

login

name

factory default (Manager)     1-21

password, factory default (Manager)     1-21

screen     1-4

HTTPS     1-20

Internet Explorer     1-10

Netscape     1-17

M

management protocols, configuring     9-1

Manager table of contents     1-23

MIB-II

system object     11-2

Mode Configuration, IPSec     14-15, 14-56

and split tunneling     14-15, 14-56

Cisco VPN Client supports     14-15, 14-56

modify

access hours     15-4

accounting server     5-18

address pool     6-6

authentication server     5-5

DHCP server     5-24

event class     10-17

filter (traffic management)     15-39

filter rule (traffic management)     15-15

group (external) (user management)     14-80

group (internal) (user management)     14-43

IKE proposal     7-30

NAT rule     15-54

network list     15-9

NTP host     5-29

OSPF area     8-12

security association (traffic management)     15-29

SMTP server for events     10-29

SNMP community     9-13

SNMP event trap destination     10-22

static route, for IP routing     8-5

syslog server to receive events     10-25

user on internal server (user management)     14-107

monitor / display settings     1-3

movianVPN client support     7-18, 7-32, 14-10, 14-52, 14-115, 15-31, 15-34

MPPC data compression     14-37, 14-39, 14-76, 14-78

MTU     3-12

N

NAT

configuring     15-49

enable     15-50

no public interfaces screen     15-53

NAT rules, configuring     15-51

add     15-54

modify     15-54

NAT-T (NAT Traversal)     7-19, 7-35

NAT transparency     7-34

navigating

the VPN Concentrator Manager     1-23

Netscape Navigator

problems with     1-3

requirements     1-2

network autodiscovery     7-11, 7-20

network lists     15-1

configuring     15-7

add     15-9

automatic generation     15-10

copy     15-9

modify     15-9

IPSec LAN-to-LAN     7-16, 7-20, 7-23

network time, configuring

See NTP     5-26

No Public Interfaces screen

IPSec LAN-to-LAN     7-13

NAT     15-53

NT Domain, configuring authentication server     5-7

NTP, configuring     5-26

hosts (servers)     5-28

add     5-29

modify     5-29

synchronization     5-27

O

organization of the VPN Concentrator Manager     1-22

OSPF     3-1, 3-2

configuring

on Ethernet interface     3-17

system-wide parameters     8-9

with reverse route injection     8-21

OSPF areas, configuring     8-11

add     8-12

modify     8-12

P

password

factory default (Manager)     1-21

policing rate     15-66

policy management

configuring     15-2

section of Manager     15-1

power thresholds, configuring     3-6

PPTP

configuring

base group     14-8, 14-35

group (internal)     14-50, 14-74

user (internal server)     14-113, 14-116

configuring system-wide parameters     7-3

data compression     14-37, 14-76

pre-shared secret     14-14

product codes for client firewalls     14-27, 14-66

R

RADIUS

accounting, configuring     5-16

accounting record attributes     5-16

Cisco Secure ACS RADIUS server     14-1

Class attribute format to authenticate group name     14-41

configuring, authentication server     5-5

reboot system

saves log file     10-8

redundancy

configuring, system     8-18

references (bibliography)     xiii

requirements

browser     1-2

Internet Explorer     1-2

JavaScript     1-2

Netscape Navigator     1-2

reverse route injection      7-20

RIP     3-1, 3-2

configuring on Ethernet interface     3-15

with network autodiscovery     7-20

with reverse route injection     8-21

routes, adding to routing table

network autodiscovery     7-20

reverse route injection      7-20

RRI See reverse route injection

RSA Security     5-9, 14-88

rules     15-1

add security association to, on filter     15-45

assign to filter (traffic management)     15-42

change security association on     15-47

filter, configuring     15-11

rules, NAT, configuring     15-51

add     15-54

modify     15-54

S

SAs See security associations

SAVELOG.TXT file     10-8

screen

login     1-4

login, using HTTPS     1-20

SDI     5-9, 14-88

SecurID     5-9, 14-88

SecurID, configuring authentication server     5-9, 14-88

security associations     15-1

add to rule on filter     15-45

change on rule     15-47

configuring     15-24

add     15-29

delete     15-35

modify     15-29

default, table     15-26, 15-27

IKE proposals in     15-24

negotiation phases     15-24

servers, configuring system access to     5-1

sessions

maximum permitted     11-5

changing     11-5

SMTP servers, configuring for events     10-27

add     10-29

modify     10-29

SNMP

configuring internal server     9-10

event trap destinations, configuring     10-20

add     10-22

modify     10-22

traps, configuring "well-known"     10-12

SNMP communities, configuring     9-12

add     9-13

modify     9-13

software update, automatic     12-1

enabling     12-3

image files     12-2

speed, configuring Ethernet interface     3-12

split tunneling     14-21, 14-60

and firewalls     14-24, 14-63

split tunneling, IPSec

requires Mode Configuration     14-15, 14-56

split tunneling network list     14-22, 14-61

SSH

configuring internal server     9-18

host key     9-18

server key     9-18

server key regeneration     9-19

session key     9-18

SSL

client authentication     9-16

configuring internal server     9-14

SSL certificate     9-14

installing in browser     1-5

installing with Internet Explorer     1-6

installing with Netscape     1-13

viewing with Internet Explorer     1-11

viewing with Netscape     1-18

VPN Concentrator     1-5

static routes, configuring for IP routing     8-3

add     8-5

modify     8-5

strip realm     14-8

switchover, automatic (redundancy)     8-18

syslog servers, configuring for events     10-24

add     10-25

modify     10-25

system configuration section of Manager     4-1

system identification, configuring     11-2

T

table of contents, Manager     1-23

Telnet

configuring internal server     9-8

Telnet over SSL

configuring internal server     9-8

shareware client     9-8

TFTP

and automatic software update     12-1

configuring internal server     9-6

The     8-21

time and date, configuring     11-3

time zone, configuring     11-3

traffic management, configuring     15-6

transmission mode, configuring Ethernet interface     3-12

traps, configuring

"well-known"     10-12

destination systems     10-20, 10-22

general events     10-12

specific events     10-19

troubleshooting

consult event log     10-5

tunnel default gateway, configuring     8-7

tunneling protocols

configuring     7-2

section of Manager     7-1

typographic conventions     xii

U

user attributes, default

See base group     14-4

user management

configuring     14-3

section of Manager     14-1

users, configuring on internal server (user management)     14-105

add     14-107

delete     14-106

modify     14-107

V

vendor codes for client firewalls     14-27, 14-66

viewing SSL certificates

with Internet Explorer     1-11

with Netscape     1-18

virtual cluster     13-1

configuration     13-5

IP address     13-1

master     13-1

VPN 3002 Hardware Client

route advertisement     8-22

software update     12-1

VPN Concentrator Manager

logging in     1-21

navigating     1-23

organization of     1-22

sidebar (figure)     1-23

VRRP

configuring     8-18

W

welcome text for IPSec clients, configuring     14-17, 14-58

wildcard masks     7-21, 7-24, 15-10, 15-19

Windows 2000 client

and Mode Configuration     14-15, 14-56

configure transport mode     15-31

L2TP over IPSec support     7-1, 14-8, 14-50, 14-113

PPTP support     14-8, 14-50, 14-113

WINS, configuring for group     14-49

wireless support See movianVPN client support     7-32

X

XAuth     14-13, 14-55

XML

configuring as system management protocol     9-20

Z

Zone Labs Integrity Server     14-24, 14-28, 14-63, 14-67


hometocprevnextglossaryfeedbacksearchhelp
Posted: Fri Apr 18 17:56:55 PDT 2003
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.