Avaya 3070-VM Manuals

Manuals and User Guides for Avaya 3070-VM. We have 1 Avaya 3070-VM manual available for free PDF download: User Manual

Avaya 3070-VM User Manual (274 pages)

VPN gateway

Brand: Avaya | Category: Gateway | Size: 2.61 MB

User Guide April
3
Table of Contents
5
Chapter 1: Preface

13
- Who Should Use this Book
  13
- Related Documentation
  13
- Product Names
  14
- How this Book Is Organized
  14
  - Users Guide
    14
  - Appendices
    15
- Customer Service
  16
Chapter 2: New in this Release

17
- Features
  17
- Other Changes
  19
Chapter 3: Introducing the VPN Gateway

21
- SSL Acceleration
  21
- Vpn
  
  21
  - Software Features
    22
    
    Web Portal
    22
    
    Transparent Mode Access
    23
    
    Bandwidth Management
    23
    
    User Authentication
    23
    
    User Authorization
    24
    
    Client Security
    24
    
    Accounting and Auditing
    24
    
    Networking
    25
    
    Secure Service Partitioning
    25
    
    Branch Office Tunnels
    25
    
    Portal Guard
    26
    
    SSL Acceleration
    26
    
    Scalability and Redundancy
    26
    
    Certificate and Key Management
    27
    
    Public Key Infrastructure
    27
    
    Supported Key and Certificate Formats
    27
    
    Supported Handshake Protocols
    28
    
    Hash Algorithms
    28
    
    Cipher Suites
    28
    
    Management
    28
    
    Statistics
    28
    
    Virtual Desktop
    28
    
    Secure Portable Office (SPO) Client
    29
Chapter 4: Introducing the ASA 310-FIPS

31
- HSM Overview
  31
- Extended Mode Vs. FIPS Mode
  32
  - FIPS140-1 Level 3 Security
    32
- The Concept of Ikey Authentication
  33
- Additional HSM Information
  35
Chapter 5: Initial Setup

37
- Clusters
  37
- IP Address Types
  38
  - Host IP Address
    38
  - Management IP Address (MIP)
    38
  - Virtual IP Address (VIP)
    38
  - Portal IP Address
    39
  - Real Server IP Address (RIP)
    39
- Ports
  39
- Interfaces
  40
  - One-Armed Configuration
    40
  - Two-Armed Configuration
    40
- Configuration at Boot up
  41
  - The Setup Menu
    41
- Installing an AVG in a New Cluster
  42
- Joining a VPN Gateway to an Existing Cluster
  51
- Installing an ASA 310-FIPS
  56
  - Installing an ASA 310-FIPS in a New Cluster
    56
  - Adding an ASA 310-FIPS to an Existing Cluster
    61
- Reinstalling the Software
  66
Chapter 6: Upgrading the AVG Software

69
- Performing Minor/Major Release Upgrades
  69
  - Activating the Software Upgrade Package
    71
Chapter 7: Managing Users and Groups

75
- User Rights and Group Membership
  75
- Adding a New User
  76
  - Adding Users through RADIUS
    80
- Changing a Users Group Assignment
  80
- Changing a Users Password
  82
  - Changing Your Own Password
    82
  - Changing Another Users Password
    83
- Deleting a User
  84
Chapter 8: Certificates and Client Authentication

87
Chapter 9: Virtual Desktop

121
- Running the Virtual Desktop on Client Computers
  121
  - Licensing Vdesktop
    121
  - Launch Vdesktop from Portal
    122
  - Virtual Desktop Operations
    122
Chapter 10: The Command Line Interface

123
- Connecting to the VPN Gateway
  123
- Accessing the AVG Cluster
  126
- CLI Vs. Setup
  128
- Command Line History and Editing
  128
- Idle Timeout
  129
Chapter 11: Troubleshooting the AVG

131
- Cannot Connect to VPN Gateway through Telnet or SSH
  131
  - Verify the Current Configuration
    131
  - Enable Telnet or SSH Access
    132
  - Check the Access List
    132
  - Check the IP Address Configuration
    132
- Cannot Add an AVG to a Cluster
  133
- Cannot Contact the MIP
  134
  - Check the Access List
    134
  - Add Interface 1 IP Addresses and MIP to Access List
    135
- The AVG Stops Responding
  135
  - Telnet or SSH Connection to the Management IP Address
    135
  - Console Connection
    136
- A User Password Is Lost
  136
  - Administrator User Password
    136
  - Operator User Password
    136
  - Root User Password
    137
  - Boot User Password
    137
- An ASA 310-FIPS Stops Processing Traffic
  137
- Resetting HSM Cards on the ASA 310-FIPS
  139
- An ASA 310-FIPS Cluster Must be Reconstructed Onto New Devices
  141
- A User Fails to Connect to the VPN
  144
  - Aaa
    145
  - Dns
    146
  - Ike
    146
  - Ipsec
    147
  - Ippool
    147
  - Ssl
    148
  - Upref
    148
  - Smb
    149
  - Ftp
    149
  - Netdirect
    150
  - Netdirect_Packet
    150
- User Unable to Connect to the VPN Gateway through the Net Direct Client
  151
- Cannot Download the Net Direct Zipped File from Client PC
  153
- System Diagnostics
  153
Appendix A: Supported Ciphers

157
- Cipher List Formats
  158
- Modifying a Cipher List
  159
- Supported Cipher Strings and Meanings
  159
- User Guide April
  162
Appendix B: the SNMP Agent

163
- Supported Mibs
  163
  - Snmpv2-MIB
    164
  - Snmp-Mpd-Mib
    165
  - Snmp-Framework-Mib
    165
  - The SNMP-TARGET MIB
    165
  - Snmp-Notification-Mib
    165
  - Snmp-View-Based-Acm-Mib
    165
  - Snmp-User-Based-Sm-Mib
    166
  - S5-Eth-Multiseg-Topology-Mib
    166
  - Synoptics-Root-Mib
    166
  - S5-Tcs-Mib
    166
  - S5-Root-Mib
    166
  - If-Mib
    167
  - Ip-Mib
    167
  - Ip-Forward-Mib
    167
  - Entity-Mib
    167
  - Disman-Event-Mib
    168
  - Alteon-Isd-Platform-Mib
    168
  - Alteon-Isd-Ssl-Mib
    168
  - Alteon-Ssl-Vpn-Mib
    169
  - Ianaiftype-MIB
    169
- Supported Traps
  169
Appendix C: Syslog Messages

171
- List of Syslog Messages
  171
  - Operating System (OS) Messages
    171
  - System Control Process Messages
    173
  - Traffic Processing Messages
    176
  - Startup Messages
    181
  - Configuration Reload Messages
    182
  - AAA Subsystem Messages
    183
  - Ipsec Subsystem Messages
    185
- Syslog Messages in Alphabetical Order
  189
Appendix D: License Information

213
Appendix E: HSM Security Policy

219
- Rainbow Technologies Cryptoswift ® HSM Cryptographic Accelerator
  219
- Scope
  219
- Applicable Documents
  220
- Overview
  220
- Capabilities
  221
- Physical Security
  223
- Module Interfaces
  223
  - USB (Universal Serial Bus) Interface
    223
  - Status LED (Light Emitting Diode) Interface
    223
  - Serial Interface
    224
  - PCI Interface
    224
  - Backup Battery Interface
    224
  - PCI Power Interface
    224
- Components
  224
  - Bulk Crypto
    224
  - Power Management and Tamper Detect
    225
  - Fastmap Processor
    225
  - Flash
    225
  - Sram
    225
  - Real Time Clock/Battery Powered RAM (RTC/BBRAM)
    225
  - Programmable Logic Device (PLD)
    226
  - USB (Universal Serial Bus) Controller
    226
  - Universal Asynchronous Receiver Transmitter (UART)
    226
  - 33Mhz Clock
    226
- Definition of Security Relevant Data Items
  226
- Roles and Services
  227
  - Roles
    227
  - Authentication
    228
  - Initialization
    228
  - User Creation
    228
  - Services
    229
- Key Management
  234
  - Key Generation
    234
  - Key Storage
    234
  - Key Entry and Output
    234
  - Key Distribution
    234
  - Key Destruction
    235
  - Key Archiving
    235
- Modes
  236
  - FIPS 140-1 Mode
    236
  - Non-FIPS 140-1 Mode
    236
- Self-Tests
  236
- Conclusion
  237
Appendix F: Definition of Key Codes

239
- Syntax Description
  239
  - Allowed Special Characters
    239
  - Redefinable Keys
    240
  - Example of a Key Code Definition File
    241
Appendix G: SSH Host Keys

243
- Methods for Protection
  243
- The VPN Gateway
  243
Appendix H: Adding User Preferences Attribute to Active Directory

245
Appendix I: Using the Port Forwarder API

255
- General
  255
- Creating a Port Forwarder
  255
- Demo Application
  256
- Creating a Port Forwarder Authenticator
  258
- Adding a Port Forwarder Logger
  260
- Connecting through a Proxy
  262
- Monitoring the Port Forwarder
  263
  - Status
    263
  - Statistics
    264
Glossary

267

Avaya Categories

IP Phone

Telephone Server

Switch Gateway

More Avaya Manuals

Avaya 3070-VM Manuals

Avaya 3070-VM User Manual (274 pages)

Table of Contents

Chapter 1: Preface

Chapter 2: New in this Release

Chapter 3: Introducing the VPN Gateway

Vpn

Chapter 4: Introducing the ASA 310-FIPS

Chapter 5: Initial Setup

Chapter 6: Upgrading the AVG Software

Chapter 7: Managing Users and Groups

Chapter 8: Certificates and Client Authentication

Chapter 9: Virtual Desktop

Chapter 10: The Command Line Interface

Chapter 11: Troubleshooting the AVG

Appendix A: Supported Ciphers

Appendix B: the SNMP Agent

Appendix C: Syslog Messages

Appendix D: License Information

Appendix E: HSM Security Policy

Appendix F: Definition of Key Codes

Appendix G: SSH Host Keys

Appendix H: Adding User Preferences Attribute to Active Directory

Appendix I: Using the Port Forwarder API

Glossary

Related Products

Avaya Categories