Enterasys Networks CSX7000 Manuel d'utilisateur Page 426

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 729
  • Table des matières
  • MARQUE LIVRES
  • Noté. / 5. Basé sur avis des utilisateurs
Vue de la page 425
USER’S GUIDE
426 CyberSWITCH
MULTI-LEVEL SECURITY
To verify device and user level security to the CyberSWITCH, the WAN lines that are connected to
the system must be available for use, and IP, AppleTalk, or bridging options must be properly
initialized. The remote devices must be operational and available to initiate ISDN WAN
connections. The remote device must be configured on a device database, with User Level
Authentication initially disabled. A client PC on the LAN of the remote device must a user ID and
password for a user level database on an off-node server. Both databases must be enabled and
available.
Below is an example of a configuration used to verify multi-level security over an IP WAN
UnNumbered interface. It uses IP addresses specific to the example. Substitute the IP address of
your network when you perform the multi-level security verification steps. It also uses the “ping”
command. The “ping” command sends a packet to a specified host, waits for a response, and
reports success or failure. Substitute the equivalent command on your network.
To verify multi-level security:
1. Determine if the client PC can ping the Service Server. On the Client PC, type:
ping 100.0.0.2
<return>
If the ping is successful, then continue with the next step.
If the client PC CANNOT ping to the Service Server, refer to IP Routing over a WAN
UnNumbered Interface Connection in the Verifying Routing Protocols chapter.
2. Reconfigure the definition of the remote device in the device database to enable User Level
Authentication. Attempt to ping the Service Server again. On the client PC, type:
ping 100.0.0.2
<return>
If the ping is successful, disconnect the call. Ensure that User Level Authentication is enabled
for the remote device, then try the ping again. The ping should fail.
If the client PC CANNOT ping to the Service Server, then continue with the next step.
ISDN
CSX5500
100.0.0.1
192.100.1.1
Remote
Device
Client PC
192.100.1.2
Ace Server
Service
Server
100.0.0.3 100.0.0.2
Telnet Port
to ACE 7003
Vue de la page 425
1 2 ... 421 422 423 424 425 426 427 428 429 430 431 ... 728 729

Commentaires sur ces manuels

Pas de commentaire