Deutsch dropdown-ico

Bedienungsanleitung Cisco Systems PIX515E

42 Seiten 2.61 mb
Download

Zur Seite of 42

Summary
  • Cisco Systems PIX515E - page 1

    Quick Start Guide Cisco PIX 515E Firewall 1 Chec k Items Included 2 Install the PIX 515E 3 Configure the PIX 51 5E 4 Example Configurations 5 Optional Maintenance and Upgrade P rocedures ...

  • Cisco Systems PIX515E - page 2

    2 About the Cisco PIX 515E Firewall The Cisco PIX 515E delivers en terprise-class security for small-to-medium business and enterprise networks, in a modular , purpose-built appliance. Its versatile one-rack unit (1RU) design supports up to 6 10/100 Fast Ethernet interfaces, making it a n excellent choice for businesses requiring a cost-effective, ...

  • Cisco Systems PIX515E - page 3

    3 1 Check Items Included End User License and Software Warranty PIX 515E Getting Started Guide Safety and Compliance Guide PIX 515E PC terminal adapter (74-0495-01) Documentation Blue console cable (72-1259-01) Y ellow Ethernet cable (72-1482-01) Cisco PIX Security Appliance Product CD DO NOT INSTALL INTERFACE CARDS WITH POWER APPLIED L in k F D X ...

  • Cisco Systems PIX515E - page 4

    4 2 Install the PIX 515E Follow these steps to install the PIX 515E: Step 1 Install th e rubber feet onto the five, round, recessed ar eas on the bottom of the chassis . Note The chassis is also rack-mountable. For rack -mounting and failover instructions, refer to the Cisco PIX Firewall Hardware Installation Guide . Step 2 Use the yellow Ethernet ...

  • Cisco Systems PIX515E - page 5

    5 3 Configure the PIX 515E The PIX 515E comes with a factory-default configur ation that meets the needs of most small and me d iu m bu s i ne s s networking environments. A defaul t DHCP server address pool is included for hosts on th e i ns id e in te rf ac e. The factory-default configur ation on the PIX 515E protects you r inside network from u ...

  • Cisco Systems PIX515E - page 6

    6 Step 4 T o access the Startup Wizard, use the PC connected to the switch or hub and enter the URL https://192.168.1.1/startup.html into your Internet browser . Note Remember to add the “ s ” in “ https ” or the connection fails. HTTPS (HTTP over SSL) provides a secure connection between y our browser and the PIX 515E. Step 5 Leave both th ...

  • Cisco Systems PIX515E - page 7

    7 Step 1 Manage IP Pools fo r Network Translations For an inside HTTP client (10.10.10.10) to access the web server on the DMZ network (30.30.30.30), it is necessary to define an IP pool (30.30.30.50–30. 30.30.60) for the DMZ interface. Similarly , an IP pool for the outside interface (209.165.156.10) is requ ired for the inside HTTP client to co ...

  • Cisco Systems PIX515E - page 8

    8 c. Select the T ransl ation Rules tab. d. Click the Manage Pools button and a new window appears, all owing you to add or edit global address pools. Note For most configurations, global pools are adde d to the less secure, or public, interfaces. In the Manage Global Address Po ols window: a. Select the dmz interface. b. Click the Add button. In t ...

  • Cisco Systems PIX515E - page 9

    9 b. Click the Range radio button to enter the IP address range. c. Because the range o f IP addresses for the DMZ interface i s 30.30.30.50– 30.30.30.60 , enter these values in the two fields. d. Enter a unique Pool ID (in this case, enter 200 ). e. Click the OK button to go back to the Man age Global Address Pools window . Note Y ou can also se ...

  • Cisco Systems PIX515E - page 10

    10 When the new window comes up: a. Select outside from th e Interface drop-down menu. b. Click the Port Address T ransl ation (P A T) using the IP address of the interface radio button. c. Assign the same Pool ID for this pool as in Step d a bove (200). d. Click the OK button. Once the pools are configured, confirm their values before applying the ...

  • Cisco Systems PIX515E - page 11

    11 Step 2 Configure Address Trans lations on Private Networks Network Address T ranslation (NA T) replaces the so urce IP ad dresses of network traffic traversing between two PIX interfaces. This tr anslation prevents the private address space s from being exposed on public networ ks and permits routing through t he public networks. Port Addre ss T ...

  • Cisco Systems PIX515E - page 12

    12 b. Right click in the gray area below the Manage Pools button a nd select Add . c. In the new window , select the inside interface. d. Enter the IP address of the client (10.10.10.10). e. Select 255.255.255.255 from the Mask drop-down menu. Note Y ou can sele ct the inside host by clicking on the Browse bu tton. f. Select the DMZ interface on wh ...

  • Cisco Systems PIX515E - page 13

    13 Note Enter the entire network range (10.10.10.0) or select the network using the Browse button and select the Pool ID if there are multiple HTTP clients. ...

  • Cisco Systems PIX515E - page 14

    14 j. Click the OK button. k. Click the Proceed button. Check the displayed configu ration for accuracy . l. Click the Apply butt on to configure the PIX Firewall. Repeat the steps to configure inte rface P A T between the inside and outside interfaces. T he procedure remains the same, except the interface on whic h the translation is required is n ...

  • Cisco Systems PIX515E - page 15

    15 Step 3 Configure Ext ernal Identity for the DMZ Web Server The DMZ server is easily accessible by al l hosts on the Internet. This configuration requires tran slating the DMZ server IP address so that it appears to be located on the Internet, enabling outside HTTP clients to access it unaware of the firewall. Complete the following steps to map ...

  • Cisco Systems PIX515E - page 16

    16 The configurations should display as show n below: ...

  • Cisco Systems PIX515E - page 17

    17 Step 4 Provide HTTP Access to the DMZ Web Server In addition to configuring address translations, you must configure the PIX 515E to allow the specific traffic types from the public networks. T o configure access lists for HTTP tra ffic originating from any client on the Internet to the DMZ web server , complete the following: a. Click the Confi ...

  • Cisco Systems PIX515E - page 18

    18 The Edit Rule window opens up, allowin g you to select the ACL rules to permit/deny traffic. a. Under Action, select permit from the drop-down menu to allow traffic throu gh the firewall. b. Under Source Host/Network, click the IP Address radio button. c. Select outsid e from th e Interface drop-down menu. ...

  • Cisco Systems PIX515E - page 19

    19 d. Enter the Source Host/Network information (0.0.0.0 for any host or network). e. Under Destination Host/Network, click th e IP Address radio button. f. Select dmz from the Interface drop-down menu. g. Enter 30.30.30.30 in the IP address box. h. Select 255.255.255.255 from the Mask drop-down menu. Note Alternatively , you can select the Ho sts/ ...

  • Cisco Systems PIX515E - page 20

    20 The configurations should display as show n below: The HTTP clients on the private and public netw orks can now securely access the DMZ web server . Site-to-Site VPN Configuration Site-to-site VPN (V irtual Private Networking) features provided by the PIX 515E enable businesses to securely exte nd their networ ks across low-co st pub lic Interne ...

  • Cisco Systems PIX515E - page 21

    21 PDM provides an easy-to-use VPN Wizard that can quickly guide you through the process of configuring a site-to-site VPN in fi ve simple steps. The illustration below sho ws an example VPN tunnel between two PIX 515E, and will be referenced in the following steps. Step 1 Start the VPN Wizard Use PDM to configure PIX 1. In the main PDM page, sel e ...

  • Cisco Systems PIX515E - page 22

    22 Step 2 Configure the VPN Peer a. Enter the Peer IP Address (PIX 2) and select an authentication key (for example,“CisCo”), which is shared for IPSec negotiations between both PIX 515E units. Note T o configure PIX 2, enter the IP address fo r PIX 1 (1.1.1.1) and the same Pre-shared Key (CisCo). b. T o use X.509 certificates for authenticatio ...

  • Cisco Systems PIX515E - page 23

    23 ...

  • Cisco Systems PIX515E - page 24

    24 Step 3 Configure the IKE Policy This step is comprised of two windows: 1. Configure the IKE negotiation parameters. In most case s, the defaul t values are suf ficient to establish secure VPN tunnels between two peers. a. Select the Encryption (DES/3DES/AES), Authentication algorithms (MD5/SHA), and the Diffie-Hellman group (1/2/5) used by the P ...

  • Cisco Systems PIX515E - page 25

    25 2. Configure the IPSec parameters. a. In the second window , select the Encryption algorithm (DES/3D ES/AES) and Authentication algorithm (MD5/SHA). Confirm all values before continuing to the next window . Note When configuring PIX 2, enter the exact same values for each of the options that you selected for PIX 1. Encryption and algorithm mi sm ...

  • Cisco Systems PIX515E - page 26

    26 Step 4 Configure Internal Traffic This step is comprised of two window s: 1. Select network traffic on the local PI X 515E encrypted through the VPN tunnel. a. Select the Local Host/Network based on the IP Address, Name, or Group. Note Use the Browse button to select from preconfigured groups. Add or remove networks dynamically from the selected ...

  • Cisco Systems PIX515E - page 27

    27 2. Select traffic permitted fr om the remote PIX Firewall. a. In the second window , select VPN traffic for re mote network configuration. For PIX 1, the remote network is Network B ( 20.20.20.0) so traffic encrypted from this tunnel is permitted through the tunnel. Note When configuring PIX 2, ensure that the va lues are correctly entered. The ...

  • Cisco Systems PIX515E - page 28

    28 Step 5 View and Enable VPN Commands If you enabled preview comman ds, you w ill see this page: T o enable preview command s: a. In the main PDM page, select Options. b. Select Preferenc es and check the Preview commands before sending to firewall box. Check the configuration to ensure that all values are entered correctly . Click the Send button ...

  • Cisco Systems PIX515E - page 29

    29 Establishing Site-to-Site VP Ns with other Cisco Products For information on configuring VPN between a PIX 515 E and other pro ducts such as a Cisco router that runs Cisco IOS software, and Cisco VPN 30 00 Concentrators, go to the following links: http://www .cisco.com/warp/customer/471/pix_router_dyn.html http://www .cisco.com/warp/public/471/A ...

  • Cisco Systems PIX515E - page 30

    30 Enter these commands and follow th ese steps to use the ac tivation key: Restore the Default Configuration T o restore your default configuration back to the factory-default values, enter the fo llowing CLI commands by completing the following steps: Command Description Step 1 show version Shows the PIX Firewall softwa re version, hardware confi ...

  • Cisco Systems PIX515E - page 31

    31 Refer to the following website for detailed command information and configu ration examples: http://www .cisco.com/univercd/cc/td/doc/produc t/iaabu/pix/pix_ sw/v_63/cmdref/index.htm The Cisco T AC website is availa ble to all customers who need tec hnical assistance. T o access the T A C website, go to: http://www .cisco.com/tac Step 6 dhcpd le ...

  • Cisco Systems PIX515E - page 32

    32 Alternative Ways to Access the PIX 515E Y ou can access the CL I for administration using the console port on the PIX Firewall. T o do so, you must run a serial terminal emulator on a PC or worksta tion . Step 1 Connect the blue console cable so tha t you have a DB-9 connector on one end as required by the serial port for your computer , and the ...

  • Cisco Systems PIX515E - page 33

    33 • If your PIX 515E has one or two sin gle-port Ethernet circuit boards installed in the auxiliary assembly on the left of the unit a t the rear , the circuit boards are numbered top to bottom so that the top circuit board is Ethernet 2 and the bottom circuit board is Ethernet 3. (Using more than one Ethernet circuit board requires the PIX 515E ...

  • Cisco Systems PIX515E - page 34

    34 Step 3 Connect the inside, outside, or perimeter network cables to the interface ports. Starting from the top left, the connectors are Ethernet 2 , Ethernet 3, Ethernet 4, and Ethernet 5. Th e maximum number of allowed interfaces is six with an unrestricted license. Note Do not add a single-port circuit board in the extra slot below the four -po ...

  • Cisco Systems PIX515E - page 35

    35 T able 2 PIX 515E Real P anel LEDs LED Color Status Description 100 Mbps Green On 100-Mbps 100BaseTX communication. If the light is off, the port is using 10-Mb ps data exchange. ACT Green Flashing Shows that data is passing on the network to which the connector is attached. LINK Green On Shows that the connection uses full-duplex data exchang e ...

  • Cisco Systems PIX515E - page 36

    36 6 Obtaining Documentation Cisco provides several ways to obtai n document ation, technical assistance, and other technical resources. These sections ex pl ain how to obtain technica l information from Cisco Systems. Cisco.com Y ou can access the most current Cisco documentation on the W orld Wide W eb at this URL: http://www .cisco.com/univercd/ ...

  • Cisco Systems PIX515E - page 37

    37 Y ou can order Cisco documentation i n these ways: • Registered Cisco.com users (Cis co direct custom ers) can order Cisco product documentation from the Networking Pr oducts MarketPlace: http://www .cisco.com/en/US/partner/ordering/index.shtml • Nonregistered Cisco.com users can order document ation through a local account representa tive b ...

  • Cisco Systems PIX515E - page 38

    38 Opening a TAC Case Using the online T AC Case Open T ool is the fastest way to open P3 and P 4 cases. (P3 and P4 cases a re those in which your network is minimally impaired or for which y ou require product information.) After you describe your situation, the T AC Case Open T ool automatically recommends resources for an immediate solution. If ...

  • Cisco Systems PIX515E - page 39

    39 9 Obtaining Additional Publications and Information Information about Cisco products, technologies, and network solutions is available from various online and printed sources. • The Cisco Product Catalog describes the networki ng products offered by Cisco Systems, as well as ordering and customer support services. Ac cess the Cisco Product Cat ...

  • Cisco Systems PIX515E - page 40

    40 ...

  • Cisco Systems PIX515E - page 41

    Corporate Headquarters Cisco Systems, Inc. 170 W est T asman Drive San Jose, CA 95134-1706 USA www .cisco.com T el: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Head quarters Cisco Systems Internat ional BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cis co.com T el: 31 0 20 35 7 1000 Fax: 31 0 2 ...

  • Cisco Systems PIX515E - page 42

    42 ...

Produzent Cisco Systems Kategorie Riding Toy

Dokumente, die wir vom Produzenten des Geräts Cisco Systems PIX515E erhalten, können wir in mehrere Gruppen teilen. Unteranderem in:
- technische Zeichnungen Cisco Systems
- Bedienungsanleitungen PIX515E
- Produktkarten Cisco Systems
- Informationsbroschüren
- oder Energieetiketten Cisco Systems PIX515E
Jede von ihnen ist wichtig, jedoch finden wir die wichtigsten Informationen für den Nutzer des Geräts in der Bedienungsanleitung Cisco Systems PIX515E.

Die Dokumentengruppe, die als Bedienungsanleitungen bezeichnet wird, wird ebenfalls in detaillierte Arten geteilt, solche wie: Montageanleitungen Cisco Systems PIX515E, Wartungsanleitungen, Kurzanleitungen oder Benutzeranleitungen Cisco Systems PIX515E. Abhängig vom Bedarf, sollten Sie das Dokument finden, das Sie brauchen. In unserem Service können Sie sich die populärste Bedienungsanleitung des Produkts Cisco Systems PIX515E ansehen.

Ähnliche Bedienungsanleitungen

Die komplette Bedienungsanleitung des Geräts Cisco Systems PIX515E, wie sollte sie aussehen?
Die Bedienungsanleitung, auch bezeichnet als Benutzerhandbuch, oder einfach nur „Anleitung”, ist ein technisches Dokument, das dem Benutzer bei der Nutzung von Cisco Systems PIX515E hilfreich sein soll. Die Bedienungsanleitungen werden in der Regel von technischen Schriftstellern geschrieben, aber in einer Sprache, die für alle Nutzer von Cisco Systems PIX515E verständlich ist.

Eine gänzliche Bedienungsanleitung von Cisco Systems sollte einige Grundelemente enthalten. Ein Teil von ihnen ist nicht so wichtig, wie z.B.: die Titelseite oder Autorenseiten. Die restlichen von ihnen jedoch, sollten Informationen liefern, die für den Nutzer von enormer Wichtigkeit sind.

1. Einführung und Hinweise, wie man sich in einer Bedienungsanleitung von Cisco Systems PIX515E bewegt - Am Anfang jeder Bedienungsanleitung sollten wir Hinweise bezüglich der Nutzungsart eines bestimmten Ratgebers finden. In ihr sollten sich Informationen über die Lokalisierung des Inhaltsverzeichnisses von Cisco Systems PIX515E befinden, FAQ oder über oft auftretende Probleme – also Stellen, die von den Benutzern in jeder Bedienungsanleitung am meisten gesucht werden
2. Inhaltsverzeichnis - Index aller Ratschläge bezüglich Cisco Systems PIX515E, die wir im aktuellen Dokument finden
3. Ratschläge zur Nutzung der Grundfunktionen des Geräts Cisco Systems PIX515E - die uns die ersten Schritte während der Nutzung von Cisco Systems PIX515E erleichtern sollten
4. Troubleshooting - geordneter Tätigkeitslauf, der uns bei der Diagnose und als nächstes bei der Lösung wichtiger Probleme mit Cisco Systems PIX515E hilft
5. FAQ - häufig gestellte Fragen
6. Kontaktdaten Informationen darüber, wo man Kontakt zum Produzenten / Service von Cisco Systems PIX515E im bestimmten Land suchen kann, wenn es nicht gelingt, das Problem selbst zu lösen.

Haben Sie eine Frage bezüglich Cisco Systems PIX515E?

Nutzen Sie das untere Formular

Wenn Sie mit Hilfe der gefundenen Bedienungsanleitung Ihr Problem mit Cisco Systems PIX515E nicht gelöst haben, stellen Sie eine Frage, indem Sie das untere Formular nutzen. Wenn einer der Nutzer ein ähnliches Problem mit Cisco Systems PIX515E hatte, ist es möglich, dass er mit Ihnen die Lösung teilen möchte.

Text vom Bild übertragen

Captcha
Neues Bild

Kommentare (0)