Sign In
Upload
Manuals
Brands
Avaya Manuals
Software
VPNmanager
Avaya VPNmanager Manuals
Manuals and User Guides for Avaya VPNmanager. We have
1
Avaya VPNmanager manual available for free PDF download: Configuration Manual
Avaya VPNmanager Configuration Manual (326 pages)
Release 3.7
Brand:
Avaya
| Category:
Software
| Size: 3.14 MB
Table of Contents
Table of Contents
5
Issue
15
Preface
15
Vpnmanager Overview
15
What Products Are Covered
15
Intranet and Extranet Support
16
Network-Wide Visibility and Control
16
No Special Consoles Required
16
Secure VPN Configuration
16
Complementary to SNMP Management Tools
17
How this Book Is Organized
17
Related Documentation
17
Using Vpnmanager Help
17
Contacting Technical Support
19
Chapter 1: Overview of Implementation
21
Components of the Avaya Security Solution
21
Security Gateways
21
Vpnremote Client Software
22
Vpnmanager Software
22
Overview of the VPN Management Hierarchy
23
Preparing to Configure Your Network
24
Security Gateway
24
Static Routes
26
IP Groups
26
Remote Users and User Groups
26
Vpn
26
Security Policies
27
Firewall Policies
27
Denial of Service
27
Qos
28
Voip
28
Additional Features
29
Nat
29
Snmp
29
Syslog
30
Client IP Address Pooling
30
SSL for Directory Server
30
Sequence to Configure Your VPN
30
Chapter 2: Using Vpnmanager
33
About Vpnmanager Administrators
33
Role Based Management
33
Log into the Vpnmanager Console
35
Add a Policy Server
35
Open Domain
36
Navigating the Main Window
36
File Menu
37
Edit Menu
39
View Menu
39
Tools Menu
40
Help Menu
40
Toolbar
40
VPN View Pane
42
Network Diagram View
42
Tiled View
43
Tree View
43
Alarm Monitoring Pane
44
Configuration Console Window
44
Configuration Console Menu Bar
45
File Menu
45
Edit Menu
45
View Menu
46
Tools Menu
46
Toolbar
47
Contents Pane
47
Details Pane
47
Update Devices
47
Preferences
48
General Tab
48
Dyna Policy Defaults (User)
49
Dyna Policy Defaults (Global)
49
Dyna Policy Authentication
50
Advanced
51
Remote Client
51
Alarm/Monitoring
52
TEP Policy
52
Chapter 3: Setting up the Network
55
New VPN Domain
55
Configuring a Security Gateway
57
Creating a New Security Gateway
57
Using Device Tabs to Configure the Security Gateway
59
General Tab
60
Memo Tab
62
DNS Tab
63
Configuring the DNS Tab for Security Gateways at 4.3 or Later
63
Configuring the DNS Tab for VSU at Vpnos 4.2 or Earlier
65
Interfaces Tab
66
Options for IP Addressing for Interface Zones
70
Static Addressing
70
DHCP Addressing
70
Point-To-Point Protocol over Ethernet (Pppoe) Client
71
Local DHCP Server
71
DHCP Relay
73
Static
73
Changing Network Interfaces
73
Private Port Tab
76
Adding an IP Device Configuration
77
DHCP Relay
78
None
79
Device Users Tab
79
Network Object Tab
80
Routing
81
Default Gateway for VPN Traffic (Vpnos 3.X)
83
Policies Tab, NAT Services
85
About NAT Types for Vpnos 4.31
85
Configuring NAT (Vpnos 4.31)
86
About NAT Types for Vpnos 3.X
88
NAT Applications
88
Accessing the Internet from Private Networks
89
Setting up VPN with Overlapping Private Addresses
90
Using NAT to Support Multiple Gateway Configurations
92
Interface for Vpnos 4.2
93
Add NAT Rule (Vpnos 4.2 or Earlier)
94
Original
94
Tunnel NAT Rules
95
Chapter 4: Configuring IP Groups
97
About IP Groups
97
Creating a New IP Group
97
New IP Group
98
IP Group - General Tab
98
Add IP Group Member
100
Configuring an IP Group
101
Configuring an IP Group that Connects to an Extranet
102
Delete
103
Memo
104
Chapter 5: Configuring Remote Access Users
105
Default Client Configuration
105
Using Dyna-Policy
106
Configuring a Global Dyna-Policy
107
Dyna-Policy Defaults (User) Tab
107
VPN Configuration Files on Remote User's Computer
108
Disable Split Tunneling
108
Dyna-Policy Defaults (Global) Tab
108
Dyna-Policy Authentication Tab
109
Local Authentication
110
RADIUS Authentication
110
LDAP Authentication
110
Dynamic Vpns (Vpnos 3.X)
110
Remote Client Tab
111
Client DNS Resolution Redirection
111
Client DNS Resolution Redirection
112
Remote Client Inactivity Connection Time-Out (Vpnos 3.X)
112
Send Syslog Messages
112
Configure a Default CCD with Global Dyna-Policy
113
Creating New User Object
114
Default User
115
About Creating Individual Dynamic-Policy
115
User - General Tab
115
Memo Tab
116
Dyna-Policy Tab
116
Actions Tab
117
Configuring a Remote User Object
118
Information for Vpnremote Client Users
119
Using Local Authentication
120
Using RADIUS Authentication (Vpnos 3.X and Vpnos 4.31)
120
Using LDAP Authentication (Vpnos 3.X Only)
120
Using Policy Manager for User Configuration
120
Client IP Address Pool Configuration
120
Add Client IP Address Pool
121
Add Client DNS
121
Add Client WINS
122
To Configure the Client IP Configuration
122
Configuring Client Attributes
122
Creating a Message
122
Enforce Brand Name
123
RADIUS/ACE Services
124
Enable RADIUS/ACE
124
Settings
125
RADIUS Concepts
125
The RADIUS Protocol
126
Add (RADIUS/ACE Server)
126
Authenticating (Secret) Password
126
RADIUS Server Data
126
To Add a RADIUS Server
127
Chapter 6: Configuring User Groups
129
New User Group
129
User Group - General Tab
130
User Group - Memo Tab
130
User Group - Actions Tab
131
Configuring a User Group
131
Chapter 7: Configuring VPN Objects
133
Types of VPN Objects
133
SKIP Vpns
133
IKE Vpns
134
VPN Packet Processing Modes
134
Default VPN Policy
135
Creating a New VPN Object
136
Creating a Default VPN
136
Creating a Designated VPN
137
Using the VPN Tabs
138
General Tab
138
General Tab with IKE
138
General Tab with SKIP
139
Memo Tab
139
Members-Users Tab
140
Members-IP Groups Tab
140
Security (IKE) Tab
141
Pre-Shared Secret
144
Security (Ipsec)
144
Ipsec Proposals
145
Add Ipsec Proposal
146
Actions Tab
148
VPN Configuration
148
Export
148
Rekey Site-To-Site VPN
149
Rekey
149
Advanced VPN Tab
149
Configuring a SKIP VPN
150
Configuring an IKE VPN
152
Enabling CRL Checking
156
Exporting a VPN Object to an Extranet
158
VPN Object Export Checklist
159
Export Procedure
160
Importing a VPN Object from an Extranet
161
Rekeying a VPN Object
162
Chapter 8: Establishing Security
163
Firewall Rules Set up
163
Levels of Firewall Policy Management
163
Firewall Rules
164
Domain Level Firewall Rules
164
Device Level Firewall Rules
166
Priority of Firewall Rules Versus NAT Rules
167
Setting up Firewall Rules for FTP
167
FTP and Firewall/Nat Operation
167
Security Gateways and FTP
168
Firewall Templates
169
Predefined Templates
170
User Defined Templates
170
Services
172
Device Group
173
Denial of Service
173
Voice over IP
175
Using the IP Trunking Call Model
175
Using the LRQ Required Checkbox of the IP Trunking Call Model
176
Using the Gatekeeper Routed Call Model
178
Add Gatekeeper Settings
179
Qos Policy and Qos Mapping
180
Qos Policy
180
Qos Mapping
184
Packet Filtering
184
What Can be Filtered
185
Packet Filtering and NAT
185
Advanced
186
Permit/Deny Non-VPN Traffic Radio Buttons
186
Add Packet Filtering Policy
187
From/Where
188
To Where
189
The Filtering Policy in Progress
189
Locating this Filtering Policy
189
Running the Packet Filtering Policy Wizard
189
Running the Policy Manager for Packet Filtering
190
Starting and Stopping Filtering Services
190
Managing the ACL
190
Configuring Advanced Filtering Options
191
Marking Packets for Differentiated Services (Qos)
192
About Differentiated Services
193
How a VSU Marks Packets
193
Types of Marking Rules
194
How to Create a Packet Marking Rule
194
Packet Filtering Firewall
196
Add Firewall Policy
197
Chapter 9: Using Advanced Features
199
Device Advanced
199
Arp
200
Path MTU Discovery
201
NAT Traversal
203
Port for Dyna-Policy Download
204
Port for Secure Authentication
204
Private IP Address (Vpnos 3.X)
204
Send Device Names
205
Superuser Password (Vpnos 3.X)
206
Tunnel Persistence
207
TEP Policy
209
Servers
210
Add Servers
210
Managing the Server List
211
Resilient Tunnel
212
Tunnel Switching
213
Creating a Resilient Tunnel
214
Add Resilient Tunnel
215
Prerequisites
215
Managing the Resilient Tunnel List
216
Stopping and Starting Resilient Tunnel Services
217
Primary End-Point Service
217
Secondary End-Point Service
217
Failover TEP
218
Configuring Failover TEP
219
Advanced Action
219
Switch Flash
220
Reset Password
220
Disable FIPS
220
High Availability
221
Virtual Addresses
222
Advanced Parameters
222
Members
223
Configuring High Availability
224
Creating a High Availability Group
224
Updating a High Availability Group Using Update Device
225
Deleting a High Availability Group
225
Failover
226
Failover Reconnect
229
Converged Network Analyzer Test Plug
230
Keep Alive
232
Policy Manager - My Certificates
234
About VSU Certificates
234
Creating and Installing a Signed Certificate
235
Switching Certificates Used by Vpnmanager Console
237
Issuer Certificates
238
About Issuer Certificates
238
Installing an Issuer Certificate
239
IKE Certificate Usage
240
About Certificate Usage (Exchange)
241
Assigning a Target for a Certificate
241
Chapter 10: Monitoring Your Network
245
Using SNMP to Monitor the Device
245
Adding Admin Users for Snmpv3
247
VPN Active Sessions
247
Syslog Services
248
Add Syslog Policy
249
Using Monitor
250
Enterprise MIB
250
Monitoring Wizard
250
Define Custom
267
Monitoring Wizard (Presentation)
268
Presentation
268
Monitoring Alarms
268
Alarm Types
269
Report Wizard
270
Generating the Report
272
Device Diagnostics
273
Chapter 11: Device Management
275
Using the Management Tab
275
Setting up SSH and Telnet
275
Changing Device Administrator's Passwords
276
Using the Connectivity Tab
277
Check Connectivity by Ping
278
Check Connectivity by Proxy Ping
279
Using the Device Actions Tab
279
Update Configuration
280
Reset Device Time
280
Reboot Device
280
Re-Setup Device
281
Import Device Configuration
281
Ethernet Speed
282
Redundancy
283
Network Interface Status
283
Switching
284
Importing and Exporting VPN Configurations to a Device
284
Export VPN
284
Exporting RADIUS
285
Chapter 12: Upgrading Firmware and Licenses
287
Centralized Firmware Management
287
Device - Upgrade Tab
288
Upgrading a Security Gateway's Firmware
289
License
290
Encryption Strength
291
Remote Access (VSU-100 Only)
291
Appendix A: Using SSL with Directory Server
293
When to Configure Your Vpnmanager for SSL
293
Installing the Issuer's Certificate in the Policy Server and the Vpnmanager Console
294
Windows NT and Windows 2000 Computers
294
Solaris os Computers
295
Installing the Issuer's Certificate into a Security Gateway
295
Appendix B: Firewall Rules Template
297
General
297
Public Zone Firewall Templates
298
Private Zone Firewall Templates
303
Semi-Private Zone Firewall Templates
305
DMZ Zone Firewall Templates
309
Management Zone Security
311
Converged Network Anaylyzer Template
311
Glossary
313
Index
319
Advertisement
Advertisement
Related Products
Avaya Compact Contact Center V5
Avaya VPNremote
Avaya VPN Gateway
Avaya VPNremote 4600 Series
Avaya Voicemail
Avaya VSP 4000 Series
Avaya VSP 4850 GTS DC
Avaya VSP 4000
Avaya VSP 8404 AC PS No PC GSA
Avaya Virtual Services Platform 7000 Series
Avaya Categories
IP Phone
Telephone
Server
Switch
Gateway
More Avaya Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL