Sign In
Upload
Manuals
Brands
Cisco Manuals
Software
IOS XR 3.5
Cisco IOS XR 3.5 Manuals
Manuals and User Guides for Cisco IOS XR 3.5. We have
1
Cisco IOS XR 3.5 manual available for free PDF download: Configuration Manual
Cisco IOS XR 3.5 Configuration Manual (254 pages)
System Security Configuration Guide
Brand:
Cisco
| Category:
Software
| Size: 2.68 MB
Table of Contents
Table of Contents
3
Contents
5
Information about Implementing Certification Authority
14
Supported Standards for Certification Authority Interoperability
14
Certification Authorities
15
Prerequisites for Implementing Certification Authority
14
Restrictions for Implementing Certification Authority
14
How to Implement CA Interoperability
17
Configuring a Router Hostname and IP Domain Name
18
Generating an RSA Key Pair
19
Declaring a Certification Authority and Configuring a Trusted Point
20
Authenticating the CA
22
Requesting Your Own Certificates
23
Configuring Certificate Enrollment Using Cut-And-Paste
24
Configuration Examples for Implementing Certification Authority Interoperability
26
Configuring Certification Authority Interoperability: Example
26
Additional References
28
Related Documents
28
Standards
28
Mibs
29
Rfcs
29
Technical Assistance
29
Where to Go Next
28
Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
31
Prerequisites
32
Information about Implementing IKE Security Protocol Configurations for Ipsec Networks
32
Supported Standards
33
Concessions for Not Enabling IKE
34
IKE Policies
34
ISAKMP Identity
38
ISAKMP Profile Overview
38
Mask Preshared Keys
39
Preshared Keys Using a AAA Server
39
Internet Key Exchange Mode Configuration
40
Banner, Auto-Update, and Browser-Proxy
41
Pushing a Configuration URL through a Mode-Configuration Exchange
41
Internet Key Exchange Extended Authentication
42
Call Admission Control
42
Information about IP Security VPN Monitoring
43
Information about IKE for the Cisco Ipsec VPN SPA on Cisco IOS XR Software
44
Ipsec Dead Peer Detection Periodic Message Option
44
How to Implement IKE Security Protocol Configurations for Ipsec Networks
44
Enabling or Disabling IKE
44
Configuring IKE Policies
46
Defining Group Policy Information for Mode Configuration
48
Configuring a Banner
52
Configuring Auto-Upgrade
52
Configuring a Browser Proxy
53
Configuring a Browser-Proxy Map to a Group
54
Configuring the Pushing of a Configuration URL through a Mode-Configuration Exchange
55
Manually Configuring RSA Keys
56
Configuring ISAKMP Preshared Keys in ISAKMP Keyrings
60
Configuring Call Admission Control
62
Configuring Crypto Keyrings
66
Configuring IP Security VPN Monitoring
69
How to Implement IKE for Locally Sourced and Destined Traffic
70
Configuring the ISAKMP Profile for Locally Sourced and Destined Traffic
70
How to Implement IKE for Cisco Ipsec VPN Spas on Cisco IOS XR Software
74
Configuring a Periodic Dead Peer Detection Message
74
Configuring the ISAKMP Profile for Service Interfaces
76
Configuration Examples for Implementing IKE Security Protocol
80
Configuring a Service-Ipsec Interface with a Dynamic Profile: Example
80
Creating IKE Policies: Example
80
Configuring Easy VPN with a Local AAA: Example
82
Configuring VRF-Aware: Example
83
Additional References
85
Related Documents
85
Standards
85
Mibs
86
Rfcs
86
Technical Assistance
86
Implementing Keychain Management on Cisco IOS XR Software
87
Restrictions for Implementing Keychain Management
87
Information about Implementing Keychain Management
88
Lifetime of a Key
88
How to Implement Keychain Management
88
Configuring a Keychain
89
Configuring a Tolerance Specification to Accept Keys
90
Configuring a Key Identifier for the Keychain
91
Configuring the Text for the Key String
93
Determining the Valid Keys
94
Configuring the Keys to Generate Authentication Digest for the Outbound Application Traffic
96
Configuring the Cryptographic Algorithm
97
Configuration Examples for Implementing Keychain Management
99
Configuring Keychain Management: Example
99
Additional References
100
Related Documents
100
Standards
100
Mibs
101
Rfcs
101
Technical Assistance
101
Implementing Ipsec Network Security on Cisco IOS XR Software
103
Prerequisites for Implementing Ipsec Network Security
104
Restrictions for Implementing Ipsec Network Security
105
Restrictions for Implementing Ipsec Network with a Cisco Ipsec VPN SPA
105
Information about Implementing Ipsec Networks
106
Crypto Profiles
106
Crypto Access Lists
107
Dynamic Crypto Profiles
107
Global Lifetimes for Ipsec Security Associations
108
Transform Sets
108
Manual Ipsec Security Associations
109
Perfect Forward Secrecy
109
Checkpointing
110
DF Bit Override Functionality with Ipsec Tunnels
110
Ipsec Antireplay Window
110
Ipsec NAT Transparency
111
Ipsec Security Association Idle Timers
111
Prefragmentation for Cisco Ipsec VPN Spas
111
Reverse-Route Injection
112
Cisco Ipsec Vpn Spa Overview
113
Displaying the Spa Hardware Type
113
Ipsec-SNMP Support
113
Setting Global Lifetimes for Ipsec Security Associations
117
Creating Crypto Access Lists
118
Defining Transform Sets
120
Configuring Crypto Profiles
121
Configuring the Df Bit for the Encapsulating Header in Ipsec Tunnels
126
Configuring the Ipsec Antireplay Window: Expanding and Disabling
127
Configuring Ipsec Nat Transparency
130
Configuring Ipsec Security Association Idle Timers
132
Disabling Prefragmentation for Cisco Ipsec Vpn Spas
136
Configuring Reverse-Route Injection in a Crypto Profile
139
Configuring Ipsec Failure History Table Size
140
Applying Crypto Profiles to Tunnel-Ipsec Interfaces
142
Applying Crypto Profiles to Crypto Transport
143
How to Implement Ipsec Network Security for Vpns
144
Configuring Ipsec Virtual Interfaces
145
Configuring the Default Path Maximum Transmission Unit for the Sa
151
Configuring a Static Profile and Attaching to a Tunnel-Ipsec Interface: Example
152
Configuring a Static Profile and Attaching to Transport: Example
154
Configuring Ipsec for a Vrf-Aware Service-Ipsec Interface: Example
154
Configuring a Service-Gre Interface: Example
157
Prerequisites to Implementing Secure Shell
162
Restrictions for Implementing Secure Shell
162
Information about Implementing Secure Shell
163
Sftp Feature Overview
163
Ssh Client
163
Ssh Server
163
Aaa Feature
164
Configuring Ssh
164
How to Implement Secure Shell
164
Configuring the Ssh Client
166
Configuration Examples for Implementing Secure Shell
168
Configuring Secure Shell: Example
168
Implementing Secure Socket Layer on Cisco Ios Xr Software
171
Prerequisites for Implementing Secure Socket Layer
172
Information about Implementing Secure Socket Layer
172
Purpose of Certification Authorities
172
How to Implement Secure Socket Layer
173
Configuring Secure Socket Layer
173
Configuration Examples for Implementing Secure Socket Layer
176
Configuring Secure Socket Layer: Example
176
Prerequisites for Configuring Aaa Services
181
Information about Configuring Aaa Services
181
User, User Groups, and Task Groups
182
User Groups
183
Restrictions for Configuring Aaa Services
181
Password Types
189
Task-Based Authorization
190
Task Ids for TACACS+ and RADIUS Authenticated Users
191
XML Schema for AAA Services
193
About RADIUS
194
How to Configure Aaa Services
195
Configuring Task Groups
196
Configuring User Groups
198
Configuring Users
200
Configuring Router to Radius Server Communication
202
Configuring Radius Dead-Server Detection
206
Configuring Per Vrf Aaa
208
Configuring a Tacacs+ Server
210
Configuring Radius Server Groups
213
Configuring Tacacs+ Server Groups
215
Configuring Aaa Method Lists
216
Applying Method Lists for Applications
228
Configuring Login Parameters
232
Configuration Examples for Configuring Aaa Services
233
Configuring Aaa Services: Example
233
Restrictions for Implementing Management Plane Protection
240
Information about Implementing Management Plane Protection
240
Control Plane Protection Overview
240
Inband Management Interface
240
Management Plane
240
Benefits of the Management Plane Protection Feature
241
Management Plane Protection Feature
241
How to Configure a Device for Management Plane Protection
241
Configuring a Device for Management Plane Protection
242
Configuring Management Plane Protection: Example
244
Advertisement
Advertisement
Related Products
Cisco XO
Cisco IOS XR 3.4
Cisco IOS Release 12.0(7)XK1
Cisco IOS 11.0 BT
Cisco XR 12406
Cisco XR 12416
Cisco XR 12410
Cisco XR 12000
Cisco XR 12404
Cisco XR 12816
Cisco Categories
Switch
IP Phone
Network Router
Wireless Access Point
Conference System
More Cisco Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL