|
|
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
3DES-168/SHA SSL encryption algorithm 8-11
3DES-168 SSH encryption algorithm 8-14
A
accessing the CLI 14-1
access rights
administration 12-10
default Monitor administrator (CLI) 14-6
access settings, general, for administrators 12-13
add
event class 9-10
SNMP community 8-8
SNMP event destination 9-13
static route for IP routing 7-3
syslog server to receive events 9-16
Address Resolution Protocol (ARP) mapping table 13-54
administering the VPN 3002 12-1
administration_file_management 12-13
administrators
access rights 12-10
access settings, general 12-13
configuring 12-11
parameters saved in nonvolatile memory 12-11
password 12-11
predefined 12-11
properties and rights, changing 12-11
session idle timeout 12-13
ARP table 13-54
authentication
client, SSL (HTTPS only) 8-11
using digital certificates 12-18
B
Back and Home CLI choices 14-5
back panel display (monitoring) 13-11
backup configuration file
swapping 12-15
use in troubleshooting B-2
backup server list 6-4
backup servers
configuring 6-4
DNS and WINS servers 6-4
overview 6-4
Bad IP Address (error) B-10
bidirectional tunnel endpoint 6-1
bootcode
version and filename 13-9
boot configuration file, swapping 12-15
browser
Back or Forward button displays incorrect screen or incorrect data B-7
clear cache after software update 12-4
installing SSL certificate 1-3
navigation toolbar, don't use with Manager 1-2
requirements 1-1
built-in servers, configuring See management protocols 8-1
C
CA, See also Certificate Authority
CA certificates
definition 12-18
installing 12-49
cancelling an enrollment request 12-71
certificate
PEM-encoded 12-31
certificate, See also digital certificates
Certificate Authority
definition 12-18
certificate management 12-18
changing administrator properties and rights 12-11
clear event log 13-5
CLI
accessing 14-1
via console 14-1
via Telnet 14-2
Back and Home choices 14-5
choosing a menu item 14-3
configuration menu 14-7
entering values 14-3
errors B-10
help command 14-5
menu reference 14-7
navigating with shortcut numbers 14-4
prompt contains menu context 14-3
saving configuration file 14-6
shortcut numbers 14-4
starting 14-2
stopping 14-6
client authentication, SSL (HTTPS only) 8-11
client mode
definition 11-2
effect on backup server connection 6-5
See also PAT mode
Command Line Interface
See CLI
concentrator settings
required for Network Extension mode 11-4
required for PAT 11-3
CONFIG.BAK file
See backup configuration file
use in troubleshooting B-2
configuration
quick 2-1
system 4-1
VPN 3002 Hardware Client Manager 2-1
configuration files
automatic backup with file upload 12-16
changes with software update 12-2
handling at reboot or shutdown 12-6
handling during file upload 12-16
managing and viewing 12-14
saving with CLI 14-6
swap 12-15
useful for troubleshooting B-2
configuration menu, CLI 14-7
configuring
administrative access to the VPN 3002 12-10
backup servers 6-4
default gateways for IP routing 7-4
interfaces 3-1
private interface 3-4
public interface 3-6
remote server 6-3
static routes for IP routing 7-2
VPN Concentrator with CLI 14-1
connecting to VPN Concentrator
using HTTP 1-2
using HTTPS 1-16
console, accessing CLI via 14-1
crash
dump file B-2
crash, system
saves log file B-1
CRSHDUMP.TXTfile B-2D
data formats xiii
data initiation
VPN 3002 and central-site concentrator 11-6
date and time, configuring 10-3
Daylight-Saving Time (DST), enabling 10-3
default
event handling, configuring 9-5
gateways, configuring for IP routing 7-4
Monitor administrator access rights (CLI) 14-6
delete
digital certificate 12-33, 12-64
enrollment request 12-72
DES-40/SHA Export SSL encryption algorithm 8-11
DES-56/SHA SSL encryption algorithm 8-11
DES-56 SSH encryption algorithm 8-14
DHCP 7-9
configuring parameters on VPN 3002 7-6
statistics 13-33
digital certificates
CA 12-18
definition 12-18
enabling on the VPN 3002 12-32
fields 12-58
installing automatically via SCEP 12-19
IPSec LAN-to-LAN 6-7
managing 12-18
PKCS-10 request 12-45
renewal 12-61
root 12-18
saving in Flash memory 12-18
SCEP-enabled 12-19
troubleshooting 12-21
viewing and managing on VPN 3002 12-34
viewing details 12-56
X.509 12-18
disabling the public interface 3-6
display/PC monitor, recommended settings 1-2
DNS
backup server, configuring 6-4
servers, configuring 5-1
statistics 13-30
documentation
additional xi
cautions xii
notes xii
Domain Name Servers See DNS
downloading
backup server list from a VPN Concentrator 6-5
event log to PC 13-5
Dynamic Host Configuration Protocol See DHCP
E
encryption algorithms
SSH 8-14
SSL 8-11
enrolling
certificates 12-40
identity certificate via SCEP 12-46
enrollment request
cancelling 12-71
creating 12-40
deleting 12-72
PKCS-10 12-45
removing according to status 12-38
status table 12-38
viewing details 12-69
entering values with CLI 14-3
erasing the event log 13-5
error
an error has occurred ... B-7
bad IP address B-10
CLI B-10
insufficient authorization B-8
invalid login B-5
Manager unexpectedly logs out B-6
message displays B-7
no such interface supported (IE) B-9
not allowed B-8
not found B-9
out of range value B-10
passwords do not match B-10
session timeout B-5
VPN 3002 Hardware Client Manager B-5
Ethernet
interface
status and statistics 13-14
MIB-II statistics 13-56
event
class 9-1
configuring 9-5
configuring default handling 9-5
configuring for special handling
modify 9-10
configuring special handling 9-8
add 9-10
definition 9-1
severity level 9-3
trap destinations, configuring 9-12
event log
clear (erase) 13-5
definition 9-4
download to PC 13-5
get 13-5
live 13-6
save 13-5
saved on system crash or reboot B-1
saved on system failure or reboot 9-4
stored in nonvolatile memory 13-3
view 13-5
viewing 13-6
exiting from CLI 14-6
exporting an SSL certificate 12-66
F
file management on VPN 3002 12-14
file upload to VPN 3002 12-2, 12-16
filterable event log, monitoring 13-3
flash memory
managing files 12-14
temporary files in 12-16
format
data xiii
event log 13-5
syslog 9-6
fragmentation policy
IPSec 3-8
front panel display (monitoring) 13-11
G
gateways, default 7-4
general (default) event handling 9-5
general parameters, configuring 10-1
generating
SSH host key 12-68
SSL certificate 12-65
get event log 13-5
H
halting the VPN 3002 12-5
help, CLI 14-5
Home and Back CLI choices 14-5
host key
SSH 8-13
HTTP
configuring internal server 8-2
enabling 8-2
port number 8-3
statistics 13-25
using with Manager 1-2
HTTPS
configuring internal server 8-2
connecting using 1-16
definition 1-3
enabling 8-3
enabling on public interface for XML support 8-16
login screen 1-17
port number 8-3
I
ICMP
MIB-II statistics 13-51
PING 12-7
identification, configuring 10-2
identifying servers to the VPN 3002 5-1
identity certificates
definition 12-18
enrolling 12-40
installed on the VPN 3002 12-36
maximum allowed 12-18
idle timeout
administrator sessions 12-13
live event log overrides 13-6
IEEE standard 802.3, Ethernet networks 13-56
IKE proposals, valid for VPN3002 A-1
image, software
filenames 12-3
indicators, LED B-2
individual user authentication
login screen 1-19
installing
CA certificates 12-49
CA certificates, automatic method (using SCEP) 12-19
enrolled certificates 12-50
identity certificates, automatic method 12-22
SSL certificate
with Internet Explorer 1-4
with Netscape 1-9
Install SSL Certificate (screen) 1-4
interactive hardware client authentication
login screen 1-19
interfaces
configuring 3-1
Ethernet, configuring
MIB-II statistics 13-43
private, configuring 3-4
public, configuring 3-6
status 3-3
Internet Explorer, requirements 1-1
Invalid Login or Session Timeout (error) B-5
IP MIB-II statistics 13-48
IP routing
configuring 7-1
IPSec
attributes configurable on the central-site concentrator 6-2
configuring 6-2
statistics 13-19
IPSec fragmentation 3-8
IPSec over TCP 6-6
requirements 6-6
ITU (International Telecommunication Union) standards 12-56
J
JavaScript, requirements 1-2
L
lease period, DHCP 7-6
LED indicators
table B-2
live event log 13-6
Netscape requirements 13-6
log file
live event log 13-6
saving on system reboot 12-5
See also event log
logging in to the VPN Concentrator Manager 1-17
login
name, factory default (Manager) 1-17
password, factory default (Manager) 1-17
screen 1-3
HTTPS 1-17
HTTPS using Internet Explorer 1-8
HTTPS using Netscape 1-14
using CLI 14-2
using interactive hardware client authentication and individual user authentication 1-19
M
management protocols, configuring 8-1
Manager table of contents 1-26
Manager unexpectedly logs out (error) B-6
managing digital certificates on VPN 3002 12-34
managing VPN Concentrator with CLI 14-1
memory, SDRAM 13-9
menu
choosing a menu item in CLI 14-3
context in CLI prompt 14-3
menu reference, CLI 14-7
MIB-II
statistics 13-42
ARP table 13-54
Ethernet traffic 13-56
interfaces 13-43
IP traffic 13-48
SNMP 13-59
TCP/UDP 13-45
system object 10-2
Microsoft Internet Explorer script error message B-9
model number, system 13-9
modifying
event class 9-10
SNMP community 8-8
SNMP event trap destination 9-13
static route, for IP routing 7-3
syslog server to receive events 9-16
monitoring statistics 13-1
MTU 3-8
N
NAT (Network Address Translation)
definition 11-2
navigating
the VPN 3002 Hardware Client Manager 1-26
Netscape Navigator, requirements 1-1
Network Address Translation See NAT
Network Extension mode 11-3
effect on backup server connection 6-5
required settings on VPN Concentrator 11-4
nonvolatile memory 12-11
event log stored in 13-3
No such interface supported (error) B-9
Not Allowed (error) B-8
Not Found (error) B-9
O
options configurable only on central-site Concentrator 7-9
Out of Range value (error) B-10
P
password
administrator 12-11
factory default (Manager) 1-17
Passwords do not match (error) B-10
PAT mode
configuring 11-6
definition 11-2
enabling 11-7
many-to-one translation 11-6
required settings on VPN Concentrator 11-3
PC monitor/display, recommended settings 1-2
peer 6-2
PEM-encoded certificate 12-31
ping a host 12-7
PKCS-10
enrollment request 12-45
policy management 11-1
Port Address Translation mode See PAT mode
port number
HTTP 8-3
HTTPS 8-3
SNMP 8-6
SSH 8-14
syslog server 9-16
Telnet 8-5
Telnet over SSL 8-5
power, turning off 12-5
PPPoE 3-6
statistics 13-39
PPP over Ethernet See PPPoE
prerequisites, system administrator ix
preshared keys 6-7
private interface
configuring 3-4
private keys, saving in Flash memory 12-18
public interface
configuring 3-6
Public Key Certificate Syntax-10 See PKCS-10
Public Key Infrastructure (PKI) 6-7, 12-18
Q
Quick Configuration 2-1
R
RC4-128 SSH encryption algorithm 8-14
RC4-40/MD5 Export SSL encryption algorithm 8-11
reboot
handling configuration files 12-6
reloads the boot configuration file 12-15
system 12-5
re-enrolling a certificate 12-61
re-keying a certificate 12-61
remote server
configuring 6-3
renewing a DHCP lease 7-6
renewing digital certificates 12-61
requirements
browser 1-1
Internet Explorer 1-1
IPSec over TCP 6-6
JavaScript 1-2
Netscape Navigator 1-1
RFC 1650, Ethernet interface MIB objects 13-56
RFC 1907, SNMP version 2 MIB objects 13-59
RFC 2011, ARP table entries 13-54
RFC 2011, IP and ICMP MIB objects 13-48, 13-51
RFC 2012,TCP MIB objects 13-45
RFC 2013, UDP MIB objects 13-45
RFC 2459 12-56
root CA certificate 12-18
routing table (monitoring) 13-2
RRC4-128/MD5 SSL encryption algorithm 8-11
RSA key, SSH 8-13
S
SAVELOG.TXTfile 9-4, 12-5, B-1saving
configuration file with CLI 14-6
event log 13-5
log file on system reboot 9-4, 12-5
SCEP
enrolling an identity certificate 12-46
enrolling SSL certificate 12-47
installing CA certificates 12-19
installing identity certificates 12-22
SCEP-enabled certificate 12-19
troubleshooting 12-21
screen
login, using HTTPS 1-17
SDRAM memory 13-9
secure connection
See also tunnel
tunnel 6-1
Secure Shell protocol See SSH
Secure Sockets Layer See SSL 12-18
Security Associations (SAs) 6-2
self-signed certificates
CA certificates 12-18
SSL 12-18
server identity certificates 12-36
server key, SSH 8-13
servers
backup, configuring 6-4
backup, overview 6-4
configuring system access 5-1
remote, configuring 6-3
session idle timeout
live event log overrides 13-6
session key
SSH 8-13
Session Timeout (error) B-5
severity level, events 9-3
shutdown system 12-5
Simple Network Management Protocol See SNMP
SNMP
configuring internal server 8-6
enabling 8-6
event trap destinations, configuring 9-12
add 9-13
modify 9-13
MIB-II statistics 13-59
port number 8-6
traps, configuring "well-known" 9-8
traps, configuring for specific events 9-11
SNMP communities
adding 8-8
configuring 8-7
modifying 8-8
software image
updating on VPN 3002
procedure 12-2
stopping an image update 12-3
split tunneling
client (PAT) mode 11-3
Network Extension mode 11-4
SSH
configuring internal server 8-13
enable 8-14
enabling on public interface for XML support 8-16
encryption algorithms 8-14
host key 8-13
port number 8-14
RSA key 8-13
server key 8-13
server key regeneration 8-14
session key 8-13
statistics 13-35
SSH Host Key, generating 12-68
SSL
client authentication (HTTPS only) 8-11
configuring internal server 8-10
encryption algorithms 8-11
statistics 13-31
enrolling 12-40
enrolling via SCEP 12-47
exporting 12-66
installing in browser 1-3
installing with Internet Explorer 1-4
installing with Netscape 1-9
obtaining 12-31
viewing with Internet Explorer 1-8
viewing with Netscape 1-14
VPN Concentrator 1-3
standards
IEEE standard 802.3, Ethernet networks 13-56
ITU 12-56
RFC 1650, Ethernet interface MIB objects 13-56
RFC 1907, SNMP version 2 MIB objects 13-59
RFC 2011, ARP table entries 13-54
RFC 2011, IP and ICMP MIB objects 13-48, 13-51
RFC 2012,TCP MIB objects 13-45
RFC 2013, UDP MIB objects 13-45
RFC 2459 12-56
X.509 12-56
X.520 12-56
starting the CLI 14-2
static IP addres 3-7
static routes
adding 7-3
configuring for IP routing 7-2
modifying 7-3
statistics
devices behind the VPN 3002 Hardware Client 13-17
DHCP 13-33
DNS 13-30
HTTP 13-25
IPSec 13-19
MIB-II 13-42
ARP table 13-54
Ethernet 13-56
ICMP 13-51
interfaces 13-43
IP traffic 13-48
SNMP 13-59
TCP/UDP 13-45
PPPoE 13-39
public/private Ethernet interface 13-14
SSH 13-35
SSL 13-31
Telnet 13-28
user status 13-17
stopping
CLI 14-6
file upload to VPN 3002 12-3, 12-16
the VPN 3002 12-5
subordinate CA certificate 12-18
superuser See administrators
swap configuration files 12-15
syslog format, events 9-6
syslog server
configuring for events
add 9-16
modify 9-16
port number 9-16
syslog servers, configuring for events 9-14
system configuration 4-1
system identification, configuring 10-2
system reboot 12-5
reloads the boot configuration file 12-15
saving the log file 12-5
system shutdown 12-5
handling configuration files 12-6
system status
monitoring 13-8
private/public interface 13-14
T
table of contents, Manager 1-26
TCP/UDP MIB-II statistics 13-45
Telnet
accessing CLI 14-2
configuring internal server 8-4
enabling 8-4
port number 8-5
statistics 13-28
Telnet over SSL
configuring internal server 8-4
port number 8-5
time and date, configuring 10-3
timeout, administrator 12-13
live event log overrides 13-6
time zone, configuring 10-3
traceroute 12-9
traffic management, configuring 11-1
transmission mode, configuring Ethernet interface 3-5, 3-8
traps, configuring
"well-known" 9-8
destination systems 9-12, 9-13
general events 9-8
specific events 9-11
troubleshooting
crash dump file B-2
event log B-1
files created for B-1
information in event log 9-4
information in the event log 13-3
using configuration files B-2
tunnel
configuring protocols 6-2
endpoint 6-1
functional description 6-1
initiation 11-5
protocols 6-1
type (model number), system 13-9
U
UDP MIB-II traffic statistics 13-45
updating software on VPN 3002 12-2
upload files to VPN 3002 12-16
user status 13-17
using the CLI 14-3
using the VPN Concentrator Manager 1-1
V
valid IKE proposals A-1
viewing
digital certificate details 12-56
digital certificates on VPN 3002 12-34
enrollment request 12-69
event log 13-5
SSL certificates
with Internet Explorer 1-8
with Netscape 1-14
VPN 3002 status, sessions, statistics, and event logs 13-1
VPN 3002 Hardware Client Manager
errors B-5
navigating 1-26
organization 1-25
window 1-22
VPN Concentrator Manager
logging in 1-17
using 1-1
W
WINS
backup server, configuring 6-4
X
X.509
digital certificates 12-18
standards 12-56
X.520 standards 12-56
XML
configuring 8-15
enabling 8-16
Posted: Tue Apr 19 13:43:03 PDT 2005
All contents are Copyright © 1992--2005 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.