Ascend Pipeline Guide de l'utilisateur Page 213
- Page / 321
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Setting Up Pipeline Security
Pipeline Security profiles
Pipeline User’s Guide Preliminary January 30, 1998 7-7
Requiring profiles for incoming connections
There are many authentication measures you can set for incoming connections.
At the most basic level, you can configure the Pipeline to reject all incoming calls
that don’t have a Connection profile.
To require configured profiles for all incoming connections:
1
Open the Ethernet > Answer profile.
2
Specify that a matching profile is required for incoming calls.
For example:
Profile Reqd=Yes
3
Close and save the profile.
(For more information about securing incoming connections, see “Connection
security” on page 7-11.)
Turning off ICMP redirects
Internet Control Message Protocol (ICMP) was designed to dynamically find the
most efficient IP route to a destination. ICMP Redirect packets are one of the
oldest route discovery methods on the Internet and one of the least secure. It is
possible to create counterfeit ICMP Redirects and change the way a device routes
packets. If the Pipeline is routing IP, you should turn off ICMP redirects.
To configure the Pipeline to ignore ICMP redirect packets, do the following:
1
Open the Ethernet > Mod Config profile.
2
Turn off ICMP redirects.
For example:
ICMP Redirects=Ignore
3
Close and save the profile.
Pipeline Security profiles
When the Pipeline is shipped from the factory, its security privileges are open to
enable you to configure and set it up without any restrictions. (For recommended
- Pipeline User’s Guide 1
- Ascend Customer Service 3
- Contents 5
- About This Guide 16
- Documentation conventions 17
- Manual set 19
- Configuring WAN Connections 20
- Link encapsulation 21
- Nailed groups 22
- How calls are initiated 23
- How calls are answered 24
- Data compression options 25
- The Answer profile 26
- Connection profiles 28
- Session options 30
- Telco options 31
- Encapsulation options 32
- MP, MPP, and MP+ connections 34
- Monitoring DBA 37
- Example MP+ configuration 38
- BACP connections 40
- Nailed MPP connections 42
- Inverse ARP for Frame Relay 49
- Configuring IP Routing 51
- Host-to-router connections 52
- Router-to-router connections 53
- Subnet mask notation 54
- RIP-v2 and RIP-v1 routing 59
- Interface-based routing 60
- Managing the routing table 64
- Static and dynamic routes 66
- Configuring static routes 66
- Configuring the default route 69
- If you are using RIP-v1 71
- Route preferences 74
- Viewing the routing table 75
- Fields in the routing table 77
- 10.8.9.10 82
- 10.2.3.1 82
- Host with ISDN 82
- Example router connection 83
- Foreign and home agents 87
- IP Address Management 90
- IP Adrs=10.2.3.1 92
- Gateway=10.0.0.17 93
- Active=Yes 93
- Dest=0.0.0.0/0 93
- Metric=1 93
- Private=Yes 93
- Enabling DNS on the Pipeline 96
- Generating UDP checksums 96
- BOOTP Relay 98
- Configuring DHCP services 100
- DHCP services 101
- Setting up a DHCP server 103
- Setting up DHCP spoofing 103
- Local DNS host address table 106
- Creating the local DNS table 108
- Editing the local DNS table 109
- Translation table size 113
- Multiple-address NAT 114
- NAT for Frame Relay 117
- Well-known ports 121
- Configuring IPX Routing 122
- Extensions to standard IPX 124
- Required settings 126
- IPX Route profiles 127
- IPX SAP filters 128
- Dial Query 129
- Watchdog spoofing 130
- Automatic SPX spoofing 130
- IPX in the Answer profile 132
- IPX SAP proxy servers 135
- Managing IPX SAP filters 142
- Applying an IPX SAP filter 144
- Ethernet 146
- About IPX bridging 156
- Enabling bridging 158
- Managing the bridge table 159
- Static bridge-table entries 160
- 10.2.3.4/24 168
- 10.2.3.75/24 168
- 10.2.3.8/24 168
- 10.2.3.100/24 168
- Introduction to filters 170
- Predefined call filters 174
- Overview of Filter profiles 175
- Defining IP filter conditions 179
- Example filters 181
- NetWare Call filter 190
- IP Call filter 195
- AppleTalk Call filter 195
- When packets are not captured 197
- Displaying packets 198
- Example 2 199
- Example 3 200
- Example 4 201
- Example 5 202
- Secure Access Firewalls 203
- Filter persistence 205
- Setting Up Pipeline Security 207
- Recommended security measures 208
- Assigning a Telnet password 211
- Pipeline Security profiles 213
- Default security level 214
- Security profile passwords 214
- Security privileges 214
- Using the Full Access profile 215
- Connection security 217
- Authentication protocols 218
- Callback security 221
- Expect callback support 222
- Using security cards 223
- Requesting PAP-TOKEN mode 225
- Requesting CACHE-TOKEN 226
- Setting system values 233
- Syslog messages 236
- Using DO commands 239
- Resetting the Pipeline 244
- Terminal server commands 246
- IpAddress: ttt.ttt.ttt.ttt 250
- Pipeline 75 Voice Features 251
- Ordering voice features 253
- Caller ID supported 256
- Using Call Waiting 256
- Using Call Hold 257
- Call conferencing 258
- EAZ Terminal ID for Germany 260
- IDSL Implementations 261
- Making voice calls over IDSL 264
- APP Server utility 265
- C:\NOVELL\LSL.COM 273
- C:\NOVELL\XXXODI.COM 273
- C:\ASCEND\APPSRVDS.EXE 273
- C:\ASCEND\ 274
- Troubleshooting 278
- General problems 279
- 100 terminal 281
- ISDN BRI interface problems 284
- Bridge/router problems 286
- Check the installation 287
- Configuration problems 288
- Upgrading system software 291
- Network Interfaces 292
- The upgrade procedure 293
- Activating a Security Profile 294
- Before you begin 296
- Glossary 304
- Broadcast packets 305
- VT-100 terminal emulation 307
© 2020, manymanuals.fr. Tous droits réservés | 0.018 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels