Sign In
Upload
Manuals
Brands
Avaya Manuals
Gateway
3070-VM
Avaya 3070-VM Manuals
Manuals and User Guides for Avaya 3070-VM. We have
1
Avaya 3070-VM manual available for free PDF download: User Manual
Avaya 3070-VM User Manual (274 pages)
VPN gateway
Brand:
Avaya
| Category:
Gateway
| Size: 2.61 MB
Table of Contents
User Guide April
3
Table of Contents
5
Chapter 1: Preface
13
Who Should Use this Book
13
Related Documentation
13
Product Names
14
How this Book Is Organized
14
Users Guide
14
Appendices
15
Customer Service
16
Getting Product Training
16
Getting Help from a Distributor or Reseller
16
Getting Technical Documentation
16
Getting Technical Support from the Avaya Web Site
16
Chapter 2: New in this Release
17
Features
17
Ipsec Two Factor Authentication for Avaya VPN Gateway
17
Android L2Tp/Ipsec Support
17
AES 256 Support for Ipsec
18
Java RDP Upgrade Support
18
Net Direct Mac os X Support
18
Secure Portable Office (SPO) Support
18
Other Changes
19
Chapter 3: Introducing the VPN Gateway
21
SSL Acceleration
21
Vpn
21
Software Features
22
Web Portal
22
Transparent Mode Access
23
Bandwidth Management
23
User Authentication
23
User Authorization
24
Client Security
24
Accounting and Auditing
24
Networking
25
Secure Service Partitioning
25
Branch Office Tunnels
25
Portal Guard
26
SSL Acceleration
26
Scalability and Redundancy
26
Certificate and Key Management
27
Public Key Infrastructure
27
Supported Key and Certificate Formats
27
Supported Handshake Protocols
28
Hash Algorithms
28
Cipher Suites
28
Management
28
Statistics
28
Virtual Desktop
28
Secure Portable Office (SPO) Client
29
Chapter 4: Introducing the ASA 310-FIPS
31
HSM Overview
31
Extended Mode Vs. FIPS Mode
32
FIPS140-1 Level 3 Security
32
The Concept of Ikey Authentication
33
Types of Ikeys
33
Wrap Keys for ASA 310-FIPS Clusters
33
Available Operations and Ikeys Required
34
Additional HSM Information
35
Chapter 5: Initial Setup
37
Clusters
37
New and Join
37
Configuration Is Replicated Among Master Avgs
37
Clustering over Multiple Subnets
38
IP Address Types
38
Host IP Address
38
Management IP Address (MIP)
38
Virtual IP Address (VIP)
38
Portal IP Address
39
Real Server IP Address (RIP)
39
Ports
39
Interfaces
40
One-Armed Configuration
40
Two-Armed Configuration
40
Configuration at Boot up
41
The Setup Menu
41
Installing an AVG in a New Cluster
42
Setting up a One-Armed Configuration
42
Setting up a Two-Armed Configuration
44
Complete the New Setup
46
Settings Created by the VPN Quick Setup Wizard
49
Joining a VPN Gateway to an Existing Cluster
51
Setting up a One-Armed Configuration
51
Setting up a Two-Armed Configuration
53
Complete the Join Setup
55
Installing an ASA 310-FIPS
56
Installing an ASA 310-FIPS in a New Cluster
56
Adding an ASA 310-FIPS to an Existing Cluster
61
Reinstalling the Software
66
Chapter 6: Upgrading the AVG Software
69
Performing Minor/Major Release Upgrades
69
Activating the Software Upgrade Package
71
Chapter 7: Managing Users and Groups
75
User Rights and Group Membership
75
Adding a New User
76
Adding Users through RADIUS
80
Changing a Users Group Assignment
80
Changing a Users Password
82
Changing Your Own Password
82
Changing Another Users Password
83
Deleting a User
84
Chapter 8: Certificates and Client Authentication
87
Generating and Submitting a CSR Using the CLI
87
Adding Certificates to the AVG
92
Copy-And-Paste Certificates
93
Copy-And-Paste Private Key
96
Using TFTP/FTP/SCP/SFTP to Add Certificates and Keys
98
Update Existing Certificate
100
Create a New Certificate
100
Configure a Virtual SSL Server to Require a Client Certificate
101
Generating Client Certificates
103
Export Client Certificate
107
Transmit Private Key and Certificate to User
108
Managing Revocation of Client Certificates
108
Revoking Client Certificates Issued by an External CA
108
Revoking Client Certificates Issued Within Your Own Organization
109
Creating Your Own Certificate Revocation List
111
Automatic CRL Retrieval
112
Client Certificate Support
115
Signing Csrs
116
Generate Test Certificate
117
General Commands
118
Show Certificate Information
118
Show Subject Information
118
Check if Key and Certificate Match
119
Show Key Size
119
Show Key Information
119
Chapter 9: Virtual Desktop
121
Running the Virtual Desktop on Client Computers
121
Licensing Vdesktop
121
Launch Vdesktop from Portal
122
Virtual Desktop Operations
122
Chapter 10: The Command Line Interface
123
Connecting to the VPN Gateway
123
Establishing a Console Connection
123
Establishing a Telnet Connection
124
Establishing a Connection Using SSH (Secure Shell)
125
Accessing the AVG Cluster
126
CLI Vs. Setup
128
Command Line History and Editing
128
Idle Timeout
129
Chapter 11: Troubleshooting the AVG
131
Cannot Connect to VPN Gateway through Telnet or SSH
131
Verify the Current Configuration
131
Enable Telnet or SSH Access
132
Check the Access List
132
Check the IP Address Configuration
132
Cannot Add an AVG to a Cluster
133
Cannot Contact the MIP
134
Check the Access List
134
Add Interface 1 IP Addresses and MIP to Access List
135
The AVG Stops Responding
135
Telnet or SSH Connection to the Management IP Address
135
Console Connection
136
A User Password Is Lost
136
Administrator User Password
136
Operator User Password
136
Root User Password
137
Boot User Password
137
An ASA 310-FIPS Stops Processing Traffic
137
Resetting HSM Cards on the ASA 310-FIPS
139
An ASA 310-FIPS Cluster Must be Reconstructed Onto New Devices
141
A User Fails to Connect to the VPN
144
Aaa
145
Dns
146
Ike
146
Ipsec
147
Ippool
147
Ssl
148
Upref
148
Smb
149
Ftp
149
Netdirect
150
Netdirect_Packet
150
User Unable to Connect to the VPN Gateway through the Net Direct Client
151
Cannot Download the Net Direct Zipped File from Client PC
153
System Diagnostics
153
Installed Certificates and Virtual SSL Servers
153
Network Diagnostics
154
Active Alarms and the Events Log File
155
Error Log Files
156
Unable to Download Net Direct from VPN Server
156
Appendix A: Supported Ciphers
157
Cipher List Formats
158
Modifying a Cipher List
159
Supported Cipher Strings and Meanings
159
User Guide April
162
Appendix B: the SNMP Agent
163
Supported Mibs
163
Snmpv2-MIB
164
Snmp-Mpd-Mib
165
Snmp-Framework-Mib
165
The SNMP-TARGET MIB
165
Snmp-Notification-Mib
165
Snmp-View-Based-Acm-Mib
165
Snmp-User-Based-Sm-Mib
166
S5-Eth-Multiseg-Topology-Mib
166
Synoptics-Root-Mib
166
S5-Tcs-Mib
166
S5-Root-Mib
166
If-Mib
167
Ip-Mib
167
Ip-Forward-Mib
167
Entity-Mib
167
Disman-Event-Mib
168
Alteon-Isd-Platform-Mib
168
Alteon-Isd-Ssl-Mib
168
Alteon-Ssl-Vpn-Mib
169
Ianaiftype-MIB
169
Supported Traps
169
Appendix C: Syslog Messages
171
List of Syslog Messages
171
Operating System (OS) Messages
171
System Control Process Messages
173
Traffic Processing Messages
176
Startup Messages
181
Configuration Reload Messages
182
AAA Subsystem Messages
183
Ipsec Subsystem Messages
185
Syslog Messages in Alphabetical Order
189
Appendix D: License Information
213
Appendix E: HSM Security Policy
219
Rainbow Technologies Cryptoswift ® HSM Cryptographic Accelerator
219
Scope
219
Applicable Documents
220
Overview
220
Capabilities
221
Physical Security
223
Module Interfaces
223
USB (Universal Serial Bus) Interface
223
Status LED (Light Emitting Diode) Interface
223
Serial Interface
224
PCI Interface
224
Backup Battery Interface
224
PCI Power Interface
224
Components
224
Bulk Crypto
224
Power Management and Tamper Detect
225
Fastmap Processor
225
Flash
225
Sram
225
Real Time Clock/Battery Powered RAM (RTC/BBRAM)
225
Programmable Logic Device (PLD)
226
USB (Universal Serial Bus) Controller
226
Universal Asynchronous Receiver Transmitter (UART)
226
33Mhz Clock
226
Definition of Security Relevant Data Items
226
Roles and Services
227
Roles
227
Authentication
228
Initialization
228
User Creation
228
Services
229
Key Management
234
Key Generation
234
Key Storage
234
Key Entry and Output
234
Key Distribution
234
Key Destruction
235
Key Archiving
235
Modes
236
FIPS 140-1 Mode
236
Non-FIPS 140-1 Mode
236
Self-Tests
236
Conclusion
237
Appendix F: Definition of Key Codes
239
Syntax Description
239
Allowed Special Characters
239
Redefinable Keys
240
Example of a Key Code Definition File
241
Appendix G: SSH Host Keys
243
Methods for Protection
243
The VPN Gateway
243
Appendix H: Adding User Preferences Attribute to Active Directory
245
Install All Administrative Tools (Windows 2000 Server)
245
Register the Schema Management Dll (Windows Server 2003)
245
Add the Active Directory Schema Snap-In (Windows 2000 Server and Windows Server 2003)
246
Create a Shortcut to the Console Window
248
Permit Write Operations to the Schema (Windows 2000 Server)
249
Create a New Attribute (Windows 2000 Server and Windows Server 2003)
249
Create New Class
250
Add Isduserprefs Attribute to Avayassloffload Class
251
Add the Avayassloffload Class to the User Class
252
Appendix I: Using the Port Forwarder API
255
General
255
Creating a Port Forwarder
255
Demo Application
256
Creating a Port Forwarder Authenticator
258
Adding a Port Forwarder Logger
260
Connecting through a Proxy
262
Monitoring the Port Forwarder
263
Status
263
Statistics
264
Glossary
267
Advertisement
Advertisement
Related Products
Avaya 3050-VM
Avaya 3090-VM
Avaya IP Office 3.0
Avaya 3000 series
Avaya ONE-X Quick Edition 3.0.0
Avaya 3000 VA
Avaya IP Office 3.2 6400 Series
Avaya ERS 3549GTS
Avaya 375 Series
Avaya IP Office 3.2 2402
Avaya Categories
IP Phone
Telephone
Server
Switch
Gateway
More Avaya Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL