Bedienungsanleitung Cisco Systems VPN 3002

282 Seiten 3.5 mb
Download

Zur Seite of 282

Summary
  • Cisco Systems VPN 3002 - page 1

    Corporate He adquarters Cisco System s, Inc . 170 West Ta sman Drive San Jos e, CA 95134 -1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 VPN 3 0 02 Hardware Clien t Reference R ele ase 3 .5 No vem ber 200 1 Text Pa rt Num ber: OL -1893-01 ...

  • Cisco Systems VPN 3002 - page 2

    THE SPECIFICATIONS AND INFORMATION REG ARDING THE PRODUCT S IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOU T NOTICE. ALL STATEMENTS , INFORMATION, AND RECOMM ENDATIONS IN THIS MANUA L ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANT Y OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FUL L RESPONSIBILITY F OR THEIR APPLICATION OF ANY PR OD ...

  • Cisco Systems VPN 3002 - page 3

    iii VPN 3000 Serie s Concentrato r Reference V olume I: Configu ration 78-13782-01 CONTEN TS Preface ix Prereq uisites ix Organi zation ix Relat ed Do cume ntatio n xi Document ation conven tions xii Obtain ing Documentati on xiii Obta in ing technic al assis tance xiv Using the VPN 300 2 Hardware Clie nt Manager 1-1 VPN 300 2 Hardware Cl ient Br o ...

  • Cisco Systems VPN 3002 - page 4

    Cont ents iv VPN 3000 Seri es Concentrato r Reference V olume I: Configu ration 78-13782-01 Servers 5-1 Config uration | Syste m | Serve rs 5-1 Config uration | Syste m | Serve r s | DNS 5-1 Tunneling 6-1 Config uration | Syste m | Tunnel ing Protocol s 6-2 Config uration | Syste m | Tunnel ing Protocol s | IPSec 6-2 IP Routing 7-1 Config uration | ...

  • Cisco Systems VPN 3002 - page 5

    Content s v VPN 3000 Serie s Concentrator Referenc e Volume I: Conf igurati on 78-13782-01 Config uration | Syste m | Event s | Classes | Add or Modify 9-10 Config uration | Sys te m | Event s | Trap Destin at ions 9-1 2 Config uration | Sys te m | Event s | Trap Destin at ions | Add or Modif y 9-13 Config uration | Syste m | Event s | Syslog Serve ...

  • Cisco Systems VPN 3002 - page 6

    Cont ents vi VPN 3000 Seri es Concentrato r Reference V olume I: Configu ration 78-13782-01 Adminis t rat io n | Certificat e Management | Enroll | Cert if icat e T ype | PKCS10 12-39 Adminis tratio n | Certif icate Management | Enrollment or Renewal | Requ est Gene rat ed 12-40 Adminis t rat ion | Cert ificat e Management | Enrol l | Ident ity Cer ...

  • Cisco Systems VPN 3002 - page 7

    Content s vii VPN 3000 Serie s Concentrator Referenc e Volume I: Conf igurati on 78-13782-01 Monitor ing | Stat istic s | PPPoE 13-36 Monito ring | Statis tics | MIB-II 13 -39 Monito ring | Statis tics | MIB-II | Int erfac es 13-40 Monito ring | Statis tics | MIB- II | TC P/UDP 13 -42 Monito ring | Statis tics | MIB-II | IP 13-45 Monito ring | Stat ...

  • Cisco Systems VPN 3002 - page 8

    Cont ents viii VPN 3000 Seri es Concentrato r Reference V olume I: Configu ration 78-13782-01 ...

  • Cisco Systems VPN 3002 - page 9

    ix VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 Preface The VPN 300 2 H ardwar e Clie nt Re ference pr ovide s gui del ine s f or co nfi guri ng the Ci sco VPN 30 02, details on all the func tions availab le in the VPN 3002 Hardware Client Man ager , and instructions for using th e V PN 3 002 Co mm and L i ne I nter fac e. Prerequisites W e a s ...

  • Cisco Systems VPN 3002 - page 10

    x VPN 3002 Hardwar e Client Referenc e OL-1893-01 Preface Organization Chap ter 5 Servers Explains how t o con fig ure the V PN 3 002 to communica te with DNS servers to convert hostnames to IP addr es ses. Chap ter 6 Tu n n e l in g Explain s how to conf igure I PSec. Chap ter 7 IP Routing Explains how to c onfi gu re st atic rout es , de fa ult g ...

  • Cisco Systems VPN 3002 - page 11

    xi VPN 3002 Hardware C lient Referen ce OL-1893-01 Pre face Related Docu mentat ion Related Documentation Refer to t he follow ing doc uments for fu rther inf ormati on about Cisco VPN 3000 Seri es appl ications an d products . VPN 3002 Hardwa re Clie nt Docu mentation The VPN 300 2 Har dware Client Getting Start ed manua l pr ovid es info rma tion ...

  • Cisco Systems VPN 3002 - page 12

    xii VPN 3002 Hardwar e Client Referenc e OL-1893-01 Preface Docum ent ation con ve ntions version s on the Cisco w eb site, cl ick the Suppor t icon on t he toolbar a t the top of the VPN Co ncentra tor Manager, Hardware Client Manager, or Client window . T o open t he docum entation , you ne ed Ac robat ® Reader 3.0 or later; ve rsion 4.5 is inc ...

  • Cisco Systems VPN 3002 - page 13

    xiii VPN 3002 Hardware C lient Referen ce OL-1893-01 Pre face Obtaining Docu mentation Data Formats As you configure and manage the system, enter data in the following formats unless the instruct io ns indi cate ot herwise: Obtaining Documentation The follow ing sec tions provi de sources fo r obtaining doc umen tation from Ci sco System s. World W ...

  • Cisco Systems VPN 3002 - page 14

    xiv VPN 3002 Hardwar e Client Referenc e OL-1893-01 Preface Obtain in g technica l assistan ce Ordering docu mentation Cisco do cumentati on is availab le in the follow ing ways: • Register ed Cisco D irect C ustom ers c an o rde r Ci sco Pr odu ct doc umen tat ion from t he N etwo rking Products Ma rketPlace : http://www .cisco.com/cg i-bin/orde ...

  • Cisco Systems VPN 3002 - page 15

    xv VPN 3002 Hardware C lient Referen ce OL-1893-01 Pre face Obtaining technical assistance Customers a nd partn ers can self-reg ister on Cisco.com to obt ain addit ional pers onalized i nforma tion and services. Registere d u sers can order p roducts, c he ck on the status of an order, access technical support, and view ben efits specific to their ...

  • Cisco Systems VPN 3002 - page 16

    xvi VPN 3002 Hardwar e Client Referenc e OL-1893-01 Preface Obtain in g technica l assistan ce ...

  • Cisco Systems VPN 3002 - page 17

    C HAPTER 1-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 1 Using the VPN 3002 Hardwa re Client Manager The VPN 3002 Har dware Client Manager is an HTML-based int erface that lets you config ure, admini ste r , monit or, and manage the VPN 3002 w it h a sta nd ard w eb bro ws er . T o use it, y ou c on nect to the VP N 30 02, us ing a PC and b ...

  • Cisco Systems VPN 3002 - page 18

    1-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Connecting t o the VPN 3002 Us ing HTT P Java Sc ript and C o okies Be sure Java Script and Cookies a re enabl ed in the b rowser . Refer t o the docu mentatio n for y our browser for in struct ions. Navigat ion Toolb a r Do not use the br ow ...

  • Cisco Systems VPN 3002 - page 19

    1-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Installing the SSL Certificate in Your Browser Figur e 1 -1 VPN 3002 Hardw are Client Ma nage r Login Sc r een T o contin ue usin g H TTP for the wh ole sessi on, sk ip to “ L ogging i nto the VP N 3002 Hardw are Clien t Manager . ” I ...

  • Cisco Systems VPN 3002 - page 20

    1-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Installing the SSL Certificat e in Your Brows er Follow these steps to inst all and use the SSL certificat e for the first time. W e provide separate instru cti ons fo r Int erne t Exp lo rer an d N et sca pe Navi ga tor wh en th ey div erge. ...

  • Cisco Systems VPN 3002 - page 21

    1-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Installing the SSL Certificate in Your Browser Figur e 1 -3 Inter net Explor er File Do wnload Dialog Box 3. Click the Open this file from its curr ent locat ion ra dio but ton, then cl ick OK . The browser displays th e Certificate dial ...

  • Cisco Systems VPN 3002 - page 22

    1-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Installing the SSL Certificat e in Your Brows er Figur e 1 -5 Inter net Explor er Certifi c at e Manag er Impor t Wizard Dialog Bo x 5. Click Next to cont inue. The w iza rd op ens t he n ex t di alo g box a ski ng yo u t o sel ect a ce rti f ...

  • Cisco Systems VPN 3002 - page 23

    1-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Installing the SSL Certificate in Your Browser Figur e 1 -7 Inter net Explor er Certifi c at e Manag er Impor t Wizard Dialog Bo x 7. Click Fi nish . The wiza rd open s the Root Cer tifica te Store di alog box ask ing you to confir m the ...

  • Cisco Systems VPN 3002 - page 24

    1-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Installing the SSL Certificat e in Your Brows er Figur e 1 -1 0 Int er net Explore r Secur ity Alert Dialog Bo x 11. Click OK . The VPN 300 2 Hardw are Client displa ys the HTT PS version of the Manager log in screen. Figur e 1 -1 1 VPN 3002 ...

  • Cisco Systems VPN 3002 - page 25

    1-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Installing the SSL Certificate in Your Browser Figur e 1-1 2 Int er net Explor er 4.0 Cer tifica te P ro pert ies Scr een Click any of the Field items to see Det ails. Click Close when fin ished. Second , you c an v iew al l the certif ic ...

  • Cisco Systems VPN 3002 - page 26

    1-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Installing the SSL Certificat e in Your Brows er Reinstallation Y ou need to inst all the SSL certifica te from a given VPN 3002 only once . If you try to reinstall it, Net scape displays the note in Fi gure 1-14 . Cl ick OK and ju st con ne ...

  • Cisco Systems VPN 3002 - page 27

    1-11 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Installing the SSL Certificate in Your Browser Figur e 1 -16 Netsca pe New Cer tificate A uthorit y Scr een 2 2. Click Next> to proc eed. Netscap e displays the next New Cer tificat e Authori ty screen , which le ts you exami ne detai ...

  • Cisco Systems VPN 3002 - page 28

    1-12 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Installing the SSL Certificat e in Your Brows er Figur e 1 -18 Netsca pe New Cer tificate A uthorit y Scr een 4 4. Y ou mus t check at leas t the first bo x, Accept t his Cert ificate A uthority for Cert ifying network sites . Click Next > ...

  • Cisco Systems VPN 3002 - page 29

    1-13 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Installing the SSL Certificate in Your Browser Figur e 1 -20 Netsca pe New Cer tificate A uthorit y Scr een 6 6. In the Nickname field, enter a descript ive name for this certifica te. “ N ickname ” is s omething of a misnome r . W e ...

  • Cisco Systems VPN 3002 - page 30

    1-14 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Installing the SSL Certificat e in Your Brows er Figur e 1 -22 VPN 3002 Hardw are Cli ent Manag er Login Sc r een Using HT TPS (Netscape) The browser maintains the HT TPS state until you close it or acce ss an unsecured site; in the lat ter ...

  • Cisco Systems VPN 3002 - page 31

    1-15 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Installing the SSL Certificate in Your Browser Figur e 1 -23 Netscape Se cur ity Info Wi ndo w Click V iew Certif icate t o see details of the specific certi f icate in use. Figur e 1 -24 Netsca pe V iew Cer tificate Scr een Click OK whe ...

  • Cisco Systems VPN 3002 - page 32

    1-16 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Connecting t o the VPN 3002 Us ing HTT PS Figur e 1 -25 Netsca pe Cert ificat es Signer s List Select a cert ificate, then click Edit, V erify , or Delete . Click OK wh en fini sh ed . Connecting to the VPN 3002 Using HTTPS When you ha ve in ...

  • Cisco Systems VPN 3002 - page 33

    1-17 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Logging in to the VPN 3002 Hardware Client Ma nager Figur e 1 -26 VPN Hardw are Clie nt Manag er HTTP S Login Scr een Logging into th e VPN 3002 Hardwa re Client Manage r Logging int o the V PN 3 002 H ardw a re Cli ent Ma na ger is t he ...

  • Cisco Systems VPN 3002 - page 34

    1-18 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Logging into the VPN 300 2 Hardw are Client M anage r Figur e 1 -27 Manag er Main W elcome Scr een From here yo u can nav igate the Mana ger using either the table of cont ents in th e left frame, or t he Manage r toolb ar in the top fr ame. ...

  • Cisco Systems VPN 3002 - page 35

    1-19 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Interactive Hardware Client and Individual User Authentication Interactive Hardware Client an d Individual Use r Authentication Intera ctive ha rdware client a nd individu al user au then ticatio n provi de securi ty by requi ring ma nua ...

  • Cisco Systems VPN 3002 - page 36

    1-20 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Logging In Wi th Int era ctive Hardw are Client and Individual Us er Authen ticat ion Figur e 1 -28 VPN 3002 Hardw are Cli ent Manag er Login Scr een Step 1 Click the Connection Login Status butt on. The Connec tion/ Login Stat us screen dis ...

  • Cisco Systems VPN 3002 - page 37

    1-21 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Logging In With Interactive Hardware Client and Individual User Authentication Figu re 1 - 30 VP N 30 02 In teractive A uth entic atio n Screen Step 1 Enter the u ser na me a nd passw ord f or the VP N 3 002 . Step 2 Click Connect . If y ...

  • Cisco Systems VPN 3002 - page 38

    1-22 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Logging In Wi th Int era ctive Hardw are Client and Individual Us er Authen ticat ion Figur e 1 -32 Individual User A uthentication Scr een Step 1 Enter the us erna me and pa sswor d f or t his VPN 3002 u s er . Step 2 Click Logi n . If the ...

  • Cisco Systems VPN 3002 - page 39

    1-23 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Understan ding the VPN 3002 Har dware Clien t Manager Wi ndow Understandin g the VPN 3002 Hardware Client Manager Windo w The VPN 3 002 Har dw are Cli ent Mana ge r wi ndow on you r b rowse r con s ist s of thre e fr am es — top, lef t ...

  • Cisco Systems VPN 3002 - page 40

    1-24 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Unders tanding th e VPN 3 002 Hardw are Client Manager Window Titl e ba r The title b ar at th e t op o f the bro wser window i nc lude s the VPN 30 02 device na me o r I P a ddre ss in br ac ket s, for e xa mpl e, [ 10. 10. 4.6]. Status bar ...

  • Cisco Systems VPN 3002 - page 41

    1-25 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Understan ding the VPN 3002 Har dware Clien t Manager Wi ndow Save Click the Save icon to save the active configurat io n and make it the boot configura tion. In this state, the reminde r indicates that the acti ve config urat ion is the ...

  • Cisco Systems VPN 3002 - page 42

    1-26 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Unders tanding th e VPN 3 002 Hardw are Client Manager Window Open or expanded Click th e open/exp ande d icon to close subordinat e sections an d titles. Clicking on this icon does not c hange the screen in the main frame. Main frame (Manag ...

  • Cisco Systems VPN 3002 - page 43

    1-27 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 1 Using th e VPN 3 00 2 H ard ware Client M ana ger Organiz ation of the VPN 3002 Hardware Client Ma nager Organization of the VPN 3002 Hard ware Client Manager The VPN 300 2 Hardw are Clien t Manager consists of thre e major sec tions and man y subsection s: • Configuratio n: setting a ...

  • Cisco Systems VPN 3002 - page 44

    1-28 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 1 Using the V PN 3002 Hardware Client Ma nager Naviga ting the VPN 3002 Hardw are Client Manage r Navigating the VPN 3002 Hardware Client Man ager Y our prima ry tool fo r naviga ting the V PN 3002 H ardware C lient Man ager is th e table of contents in the left f rame. F igure 1-3 5 sh ...

  • Cisco Systems VPN 3002 - page 45

    C HAPTER 2-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 2 Configuration Configuring th e VPN 3 002 means settin g all the p arameters tha t govern its u se and f unctionality a s a VPN devic e. Cisco supplies default param eters that cover typical installations and uses; afte r you supply minimal parameters in Q uick Configuratio n, the syste ...

  • Cisco Systems VPN 3002 - page 46

    2-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Cha p ter 2 Co nf i gur at i on Configur ation ...

  • Cisco Systems VPN 3002 - page 47

    C HAPTER 3-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 3 Interfaces This sec tion of th e VPN 3002 Hardware Client Manag er applies f unctions that are inte rface-spec ific, rather than s ystem-wi d e. Y ou confi gure two ne twork interfa ces for th e VPN 3002 to oper ate as a VPN device: the priv ate inter face and the public interface. I f ...

  • Cisco Systems VPN 3002 - page 48

    3-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 3 Interface s Configur ation | Interfaces Figu re 3-1 VP N 30 02 Con fig uration | Inter faces S creen T o configur e a module , either click the appropri ate link in th e statu s table; or use the mous e pointe r to select the module on t he back-pa nel image , and click anywhere in th e ...

  • Cisco Systems VPN 3002 - page 49

    3-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 3 Interface s Configuration | Interfaces Status The oper ational statu s of this interface: • UP (green) = Configured , enabled, and operat ional; rea dy to pass d ata t raf fic. • DOWN (red) Configu red but disab led or discon necte d. • Te s t i n g = In test mode; no regular da ta ...

  • Cisco Systems VPN 3002 - page 50

    3-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 3 Interface s Configur ation | Interfaces | Pri va te Configuration | In terfaces | Priva te This screen lets y ou c o nfigur e par am ete rs fo r the p r ivate i n terfac e. It disp lay s th e c urr en t para meter s , if any . Figur e 3-2 Con figur ation | Int erface s | Pr iva te S cre ...

  • Cisco Systems VPN 3002 - page 51

    3-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 3 Interface s Configuration | Interfaces | Private Subnet Mask Enter the subnet mask for th is inter face, using d otted de cimal no tation (fo r example 255.2 55.255.0) . The Manager automatic ally supplies a stan dar d subnet mask appropr iate for the IP address you just enter ed. For ex ...

  • Cisco Systems VPN 3002 - page 52

    3-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 3 Interface s Configur ation | Interfaces | Pub lic Configuration | In terfaces | Public This scre en lets you select a conne ction me thod — DHCP , PPPoE, or static IP addressing — for the pu blic interfac e. It also allows you to disab le the public interfa ce. Figur e 3-3 Con figur ...

  • Cisco Systems VPN 3002 - page 53

    3-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 3 Interface s Confi guratio n | Interf aces | Public PPPoE User Name If you have selecte d PPPoE, enter a v alid PPPoE username. PPPoE Password If you have selecte d PPPoE, enter the PPPoE password for the username you enter ed above. Verify PPPoE Password If you have selected PPPoE, enter ...

  • Cisco Systems VPN 3002 - page 54

    3-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 3 Interface s Configur ation | Interfaces | Pub lic Duplex If you ar e using sta tic IP addr es sin g, c lick t he dr op- down me nu but ton an d sel ect the int erfa ce transmission mode : • Auto = Let the VPN 3002 automati cally detect an d set the appropriate tra nsmission mode, eithe ...

  • Cisco Systems VPN 3002 - page 55

    C HAPTER 4-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 4 System Configuration System co nfigurat ion mean s configur ing parame ters for syste m-wide functions in the VPN 3002. Configuration | System This se cti on of t he Ma na ger let s you c onf igur e para me ters fo r: • Servers : id entifying servers for DNS in formation for the VPN ...

  • Cisco Systems VPN 3002 - page 56

    4-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 4 System Configuration Configur ation | System ...

  • Cisco Systems VPN 3002 - page 57

    C HAPTER 5-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 5 Servers Configuring server s means identifying DNS serv ers to the VPN 3002 so it can communi cate with them correc tly . DNS ser vers con vert host names to I P addresse s. The V P N 3002 f unc tions as a client o f these servers. Configuration | System | Servers This se cti on of the ...

  • Cisco Systems VPN 3002 - page 58

    5-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 5 Se rv e rs Configur ation | Syst em | Se rvers | DN S Figur e 5-2 Con figur ation | S ystem | Serv ers | DNS Scr een Enabled T o use D NS f unct ions, check Enabled (the defa ult ). T o disa ble DN S, cle ar the box. Domain Enter th e name of th e regist ered domai n of the ISP for the V ...

  • Cisco Systems VPN 3002 - page 59

    5-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 5 Servers Confi guratio n | System | Servers | DNS Timeout Period Enter the initial time in seconds to wait for a response to a DNS query before sendi ng the query to the next serve r . Minimum is 1, de fault is 2, maxi mum is 3 0 seconds. This t ime doubl es with each re try cy cle throug ...

  • Cisco Systems VPN 3002 - page 60

    5-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 5 Se rv e rs Configur ation | Syst em | Se rvers | DN S ...

  • Cisco Systems VPN 3002 - page 61

    C HAPTER 6-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 6 Tunneling T unnel ing is t he h eart of virt u al pri vat e ne twork in g. Tunnels make it p ossibl e t o use a p ubl ic T CP/IP networ k, such as the Internet , to crea te secure con nections between re mote use rs and a priv ate corpor ate network. The secur e connec tion is called a ...

  • Cisco Systems VPN 3002 - page 62

    6-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 6 Tunneling Configur ation | System | Tunn eling Protocol s Configuration | System | Tunne ling Protocol s This section let s you configure the IPSec tunn eling protocol. Click IPSec on the Tunneling Protoco ls screen . Figur e 6-1 Con figur ation | S ystem | T unneling Pr otocol s Scr e e ...

  • Cisco Systems VPN 3002 - page 63

    6-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 6 Tunnel ing Config uration | Syste m | Tunnel ing Pr otocols | IPS ec – DES-56 – 3DES-168 • Extended Auth entication (XAu th) • Mode Co nf igurat ion (a lso k nown a s I SAKM P C onf igura tion M etho d) • T u nnel Enc aps ulatio n M ode Figur e 6-2 Con figur ation | S ystem | T ...

  • Cisco Systems VPN 3002 - page 64

    6-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 6 Tunneling Configur ation | System | Tunn eling Protocol s | IPSe c Note If you a re using host names, it is w ise to have ba ckup DNS an d WINS serve rs on a separa te networ k from tha t of the prima ry DN S an d WINS se rve rs. Othe rwi se, i f client s behi nd the VP N 3002 ob tain DN ...

  • Cisco Systems VPN 3002 - page 65

    6-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 6 Tunnel ing Config uration | Syste m | Tunnel ing Pr otocols | IPS ec The VPN 3 002 in Farg o first tries to reach Sa n Jose. If the initial I KE packet for th at connection (1) t imes out (8 seconds), it tri es to connect to Austin (2). Should this negot iation also time out, it tries to ...

  • Cisco Systems VPN 3002 - page 66

    6-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 6 Tunneling Configur ation | System | Tunn eling Protocol s | IPSe c About IPSec over T CP IPSec over TCP en capsulate s encrypted data traf fic within TCP pack ets. This featu re enables th e VPN 3002 to op erate i n an envi ronment in which st andard E ncapsula ting Secu rity Proto col ( ...

  • Cisco Systems VPN 3002 - page 67

    6-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 6 Tunnel ing Config uration | Syste m | Tunnel ing Pr otocols | IPS ec Password In the Group Pa ssword field, e nter a unique password for this group. Th is is the gro up password config ured on t he VPN Concentra tor t o w hich thi s VPN 300 2 conn ec ts. Mi ni mum is 4, maxi mu m is 3 2 ...

  • Cisco Systems VPN 3002 - page 68

    6-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 6 Tunneling Configur ation | System | Tunn eling Protocol s | IPSe c ...

  • Cisco Systems VPN 3002 - page 69

    C HAPTER 7-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 7 IP Routing The V PN 300 2 inclu des a n I P r outi ng subs yste m wi th stat ic rout ing , d efau lt gat ewa ys, a nd DH CP . T o route packets , the subs ystem uses static ro utes and th e default gateway . If y ou do not conf igure th e default gateway , the subsyst em drops pa ckets ...

  • Cisco Systems VPN 3002 - page 70

    7-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 7 IP Routing Configurati on | System | IP Routin g | Stat ic Routes Configuration | System | IP Ro uting | Static Routes This se cti on of t he Ma nage r lets you c onf igur e stati c ro ut es fo r IP rou tin g. Figur e 7 -2 Configur ation | S ystem | IP Routin g | Static Rout es Scree n S ...

  • Cisco Systems VPN 3002 - page 71

    7-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 7 IP Routing Configuration | System | IP Routing | Static Routes | Add or M odify Configuration | System | IP Ro uting | Static Routes | Add or Mo dify These Ma nager scr eens let you : • Add : Configure and add a new static, or manual, rout e to the IP rout ing table. • Modify : Mod i ...

  • Cisco Systems VPN 3002 - page 72

    7-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 7 IP Routing Configur ati on | System | IP Routin g | Default Gat ew ay s Destination Click a ra dio butt on to select the outb ound des tination fo r these pack ets. Y ou can select on ly one destinatio n: either a specific r outer/g ateway , or a VPN 3 002 interfac e. Destination Router ...

  • Cisco Systems VPN 3002 - page 73

    7-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 7 IP Routing Configuration | System | IP Routing | Default Gateways Default Gateway Enter the IP addr es s of the defa ult gat ewa y or ro uter. Use dot ted deci mal not at ion; for e xampl e, 192.168. 12.77. Thi s address must not be the same as the IP address conf igured on any VPN 3002 ...

  • Cisco Systems VPN 3002 - page 74

    7-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 7 IP Routing Configur ati on | System | IP Routin g | DHCP Configuration | System | IP Routing | DHCP This sc reen le ts you con figu re D HC P (D ynami c H os t Con figu ratio n Pr otoc ol) serve r para met ers t hat apply to DHCP serve r functions within th e VPN 3002. The DHCP server fo ...

  • Cisco Systems VPN 3002 - page 75

    7-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 7 IP Routing Config uratio n | System | IP Routi ng | DHCP Opti ons Apply/Ca ncel T o apply the set tings for DHCP para meters, and to in clude your setting s in the active c onfiguration, cli ck Apply . The Manager returns to the Configura tion | System | IP Routing screen. Reminder: T o ...

  • Cisco Systems VPN 3002 - page 76

    7-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 7 IP Routing Configur ati on | System | IP Routin g | DHCP Options | Add or Modif y T o remove a co nfigure d DHCP op tion, se lect the option fro m the list a nd click Delete . Ther e is no confir m ation or undo. The Manager refreshes the scree n and shows the rema ining DHCP options in ...

  • Cisco Systems VPN 3002 - page 77

    7-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 7 IP Routing Configuration | System | IP Routing | DHCP Options | Add or M odify Nonconfigurable DHCP Options Y ou cannot conf igure the fo llowing DHCP Options: • Subnet Ma sk (option 1) • Router (o pt ion 3) • Domain N ame Server (option 6 ) • Dom ain N ame (opti on 15) • NetBi ...

  • Cisco Systems VPN 3002 - page 78

    7-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 7 IP Routing Configur ati on | System | IP Routin g | DHCP Options | Add or Modif y ...

  • Cisco Systems VPN 3002 - page 79

    C HAPTER 8-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 8 Management Protocols The VPN 3 002 Hardware Client incl udes various b uilt-in server s, using v arious proto cols, that let you perform typical network and syste m manage ment fun ctions. Thi s secti on explain s how you confi gure and en able th ose se rv er s. Configuration | System ...

  • Cisco Systems VPN 3002 - page 80

    8-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configurati on | System | Mana gem e nt Protocols | HTTP/HTTPS Configuration | System | Manage ment Protocols | HTTP/HTTPS This screen lets you configure and enable the VPN 3002 HTTP/HTT PS server: Hypertext T ransfer Protoco l and HTTP ove r SSL (Secur e Sockets ...

  • Cisco Systems VPN 3002 - page 81

    8-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Config uratio n | System | Management Prot ocols | HTT P/HTTPS Enable HTT PS Check the bo x to enab le the HTTPS se rver . The box is ch ecked by d efault. HT TPS, also know n as HTTP over SSL, le ts y ou use the Ma nage r over an enc ry pted conn ec ti on. Enable ...

  • Cisco Systems VPN 3002 - page 82

    8-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configur ati on | System | Mana gement Proto col s | Telnet Figur e 8-3 Con figur ation | S ystem | Manag ement Pr ot ocols Scr een Configuration | System | Manage ment Protoc ols | Telnet This screen lets y ou configure and enable the VPN 3002 T elnet termi nal e ...

  • Cisco Systems VPN 3002 - page 83

    8-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Confi guration | Syste m | Manageme nt Protoco ls | Tel net Enable Te lnet/SSL Check t h e box to ena ble T elnet over SSL. Th e box is checke d by de fault . T elnet/SSL uses T elnet over a secu re, encry pted conn ection. Telnet Port Enter th e port n umber t hat ...

  • Cisco Systems VPN 3002 - page 84

    8-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configur ation | System | Mana gement Proto col s | SNMP Configuration | System | Manage ment Protoc ols | SNMP This sc reen l et s yo u con fig ure and e nabl e t he SN MP (Sim ple N etwor k Mana geme nt Protoc ol) a gent . When enab led, you c an use an SNMP ma ...

  • Cisco Systems VPN 3002 - page 85

    8-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Configuration | System | Manageme nt Protoco ls | SNM P C ommunities Reminder: T o save the active configuration and make it the boot configura tion, click the Save Needed icon at th e top of the Manage r window . T o disc ard your settings, click Can cel . T he Ma ...

  • Cisco Systems VPN 3002 - page 86

    8-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configur ation | System | Mana gement Proto col s | SNMP Commu nities Community Strings The Commu nity Strings list shows SNMP commu nity stri ngs that have been co nfigure d. If no strings have been config ured, the list shows -- Empty -- . Add/Mo dify/Delete T o ...

  • Cisco Systems VPN 3002 - page 87

    8-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Configuration | System | Manageme nt Protoco ls | SNM P C ommunities Figur e 8-1 0 Configur ation | Sys tem | Ma nag ement Pr otocols | SN MP Communitie s | Add Screen Community String Enter th e SNMP commu nity str ing. Maxi mum 31 charact ers, case - sensiti ve. ...

  • Cisco Systems VPN 3002 - page 88

    8-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configurati on | System | Mana gem e nt Protocols | SSL Configuration | System | Manage ment Protoc ols | SSL This scr een lets you c onfigure t he VPN 3002 SSL (Secure Sock ets Layer ) protocol se rver . These se ttings apply to bo th HTTPS and T e lnet over SSL ...

  • Cisco Systems VPN 3002 - page 89

    8-11 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Configur ation | System | Ma nagement Protocol s | SSL Figur e 8-12 Configur ation | Sys tem | Ma nagement Pr otocols | SSL Scr een Encryption A lgorithms Check the boxes for t he encr yption al gorithms that the VPN 3002 SSL server c an negoti ate with a client a ...

  • Cisco Systems VPN 3002 - page 90

    8-12 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configurati on | System | Mana gem e nt Protocols | SSL SSL Vers ion Click the d rop-do wn m en u but ton and sel ec t the SSL ve rs ion to use . SSL V ersion 3 h as mo re sec urity options than V e rsion 2, an d TLS (Transport Laye r Securit y) V e rsion 1 has m ...

  • Cisco Systems VPN 3002 - page 91

    8-13 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Confi guratio n | Syst em | Managem ent Pr otocols | S SH Figur e 8-13 Configur ation | Sys tem | Manag ement Pr otocols Sc r een Configuration | System | Manage ment Protoc ols | SSH This sc reen le ts you con figu re t he V PN 3002 SSH (S ecur e She ll ) prot oc ...

  • Cisco Systems VPN 3002 - page 92

    8-14 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configurati on | System | Mana gem e nt Protocols | SSH Enable SS H Check th e box to enab le the SSH server . T he box is ch ecked by de fault . Disabli ng the SSH server provi des addit ional securit y by preven ting SSH access . Enable SS H on Public Check the ...

  • Cisco Systems VPN 3002 - page 93

    8-15 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Confi guratio n | Syst em | Managem ent Pr otocols | S SH Apply / C ancel T o appl y your SSH settings, and to inclu de your settings in the active conf iguration, click Apply . The Manager ret urns t o the C onf igura ti on | Syst em | M ana geme nt Pr otoc ols s ...

  • Cisco Systems VPN 3002 - page 94

    8-16 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configur ation | System | Mana gement Proto col s | XML Configuration | System | Manage ment Protoc ols | XML This scree n lets you configure the VPN 300 2to support an XML-ba sed interface. En abling XML manage ment (t he d ef au lt co ndi ti on) a ll ows the VP ...

  • Cisco Systems VPN 3002 - page 95

    8-17 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 8 Manage ment Protoco ls Confi gurati on | System | Manageme nt Protoco ls | XML HTTPS IP Address Enter t he I P a ddres s fr om whi ch to a llow HTT PS ac cess on the VPN 30 02 pub lic in terfa ce. HTTPS Wildcard-mask Enter the wildca rd mask for the HTTPS IP address. Note En ter a wildc ...

  • Cisco Systems VPN 3002 - page 96

    8-18 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 8 Managemen t Protocol s Configur ation | System | Mana gement Proto col s | XML ...

  • Cisco Systems VPN 3002 - page 97

    C HAPTER 9-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 9 Events An event is any sig nifican t occurr ence within or af fecting t he VPN 300 2 such as an alarm, trap, error conditi on, netw ork proble m, task c ompleti on, thresh old breac h, or stat us chan ge. The VPN 3002 records events in an event log, which is st ored in nonvolatile memo ...

  • Cisco Systems VPN 3002 - page 98

    9-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Event Class EVENTM IB Event MIB changes* FSM Finite St ate Ma ch ine sub system ( for d eb uggin g)* F TPD F TP da emon su bsyst em GENERA L NTP sub system and oth er ge nera l e vents HARDW AREMON Hardware mo nitori ng (fans, tempe rature , voltages, etc .) HTTP HTTP subsy stem ...

  • Cisco Systems VPN 3002 - page 99

    9-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Event Seve rity Level Note Th e Cisco-sp ecific event clas ses provide informa tion that is me aningful only to Cisco e ngineeri ng or suppor t perso nne l. Als o, the DB G and D E CODE eve nt s requir e signif icant sy st em resourc es and might se riou sly d egra de pe rf orma n ...

  • Cisco Systems VPN 3002 - page 100

    9-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Event Log Event Log The VPN 3002 records events in an event log, which is stored in nonvo latile memory . Thus the event log persists ev en if the syst em is power ed off. For troublesho oting any syst e m difficulty , or just to exa mine details of system acti vity , consult the ...

  • Cisco Systems VPN 3002 - page 101

    9-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Configuration | System | Events Configuration | System | Events This sect ion of the Ma nager l ets you conf igure how the VPN 30 02 handle s events. Events provide inform ation fo r system moni toring, auditing , manage ment, ac count ing, and trou blesh ooting. Figur e 9-1 Con f ...

  • Cisco Systems VPN 3002 - page 102

    9-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Configur ati on | System | Even ts | G ene ral Syslog Fo rmat Click the Sy slog Form at dro p-dow n menu bu tto n and c hoose th e f orm at for a ll eve nts se nt to U NIX syslog serv ers. Cho ices a re: • Original = Original VPN 3 002 even t format with info rmation on o ne li ...

  • Cisco Systems VPN 3002 - page 103

    9-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Config uratio n | Syst em | Event s | General The Origin al severitie s and the Cisco IOS sever ities dif fer . Orig inal severitie s number f rom 1-13. (Fo r the meaning o f each Original sev erity , see T ab le 9-2 on page 9-3 .) Cisco IOS sev erities number from 0 – 7. Ta b l ...

  • Cisco Systems VPN 3002 - page 104

    9-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Configur ati on | System | Even ts | Classes Severity to Trap Click the drop-d own menu button and select the ran ge of event severity levels to send to an SNMP network manageme nt system (NMS) by default. Event messages sent to SNMP systems are called “ traps. ” The choi c e ...

  • Cisco Systems VPN 3002 - page 105

    9-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Confi gurati on | System | Events | Cla sses Figur e 9-3 Con figuration | S ystem | Eve nts | Classe s Scr een T o configu re defaul t event handli ng, click t he highlight ed link tha t says “ Click her e to configur e gen eral event paramete rs . ” Configur ed Ev ent C las s ...

  • Cisco Systems VPN 3002 - page 106

    9-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Configur ati on | System | E ven ts | Classe s | Add or Modify Configuration | System | Events | Classes | Add or Modify These scr eens let you: Add: Configure and add the spe cial handling of a specif ic event class. Modify: Modify the special handling of a specif ic event clas ...

  • Cisco Systems VPN 3002 - page 107

    9-11 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Config uratio n | System | Events | Classes | Add or Modify Severity to Console Click th e drop-dow n menu bu tton and se lect the ra nge of ev ent severi ty leve ls to display on the con sole. The ch oices are : None, 1, 1-2, 1-3,..., 1-13. Th e default is 1-3 ; if you choo se t ...

  • Cisco Systems VPN 3002 - page 108

    9-12 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Configur ati on | System | Even ts | Trap Desti nat ions Configuration | System | Events | T rap Destinations This sectio n of t he Mana ge r lets you con figur e SNM P networ k ma nage ment system s as de stina tio ns of even t tra ps. Ev ent m ess ages s ent to SNMP syst ems a ...

  • Cisco Systems VPN 3002 - page 109

    9-13 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Config uratio n | System | E vents | T rap Destin ations | Add or Modify T o remove an SN MP tra p dest inati on tha t ha s been c onfi gur ed, sel ect th e dest ina tion from t he list an d click Delet e . Ther e is no confi rmation or und o. The Manage r refres hes t he scre en ...

  • Cisco Systems VPN 3002 - page 110

    9-14 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Configur ati on | System | Even ts | Sysl og Servers Port Enter the UD P p ort num ber by w hich you ac cess t he de sti natio n SNM P se rv er . U se a d eci mal numb er from 0 to 6553 5. The de fault is 162 , which is the well-kn own port numbe r for SNMP traps. Add or Apply/C ...

  • Cisco Systems VPN 3002 - page 111

    9-15 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Config uratio n | Syst em | Event s | Syslog Serv ers Syslog Se rvers The Sysl og Servers list s ho ws th e UNI X sy s lo g se rv er s that h a ve been config u red a s re cip ien ts of ev en t messages. Y ou ca n con figure a m aximum of f ive syslog se rver s. If n o syslog ser ...

  • Cisco Systems VPN 3002 - page 112

    9-16 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Configur ati on | System | Even ts | Sy sl og Servers | A dd or M odify Configuration | System | Events | Syslog Servers | Add or Modify These Ma nager scr eens let you : Add : Conf ig ur e an d ad d a UNIX sys lo g ser ve r as a rec ipi ent of event messa ge s. Y ou can config ...

  • Cisco Systems VPN 3002 - page 113

    9-17 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 9 Events Con f igur atio n | S yst em | E vent s | Sysl og S er vers | Add or M od ify Add or Apply/C ancel T o add this server to the list o f syslog server s, click Add . O r to ap ply your changes to thi s syslog se rver, click Apply . Both actions include your en try in the active con ...

  • Cisco Systems VPN 3002 - page 114

    9-18 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 9 Even ts Configur ati on | System | Even ts | Sy sl og Servers | A dd or M odify ...

  • Cisco Systems VPN 3002 - page 115

    C HAPTER 10-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 10 General General config uration paramet ers include VPN 3002 environ ment items: system identifica tion, time, and date . Configuration | System | General This secti on of the Ma nager l ets you conf igure gene ral VPN 3002 parame ters. • Identi fication : system na me, co ntact per ...

  • Cisco Systems VPN 3002 - page 116

    10-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 10 General Configur ati on | System | Gen eral | Identificat io n Configuration | System | General | Identification This scree n lets y ou configure system identif ication p arameters t hat are stor ed in the standard MIB-II system obje ct. Network ma nageme nt systems us ing SNMP can re ...

  • Cisco Systems VPN 3002 - page 117

    10-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 10 General Configur ation | System | General | Time and Date Configuration | System | General | Time and Dat e This screen lets you set the time and date on the VPN 3002. Setting the correct tim e is very important so th at l ogg ing inf orm at ion is acc ur ate . Figur e 1 0-3 Configur a ...

  • Cisco Systems VPN 3002 - page 118

    10-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 10 General Configur ati on | System | Gen eral | Time and Dat e Reminder: T o save the active configuration and make it the boot configura tion, click the Save Need ed icon at the top of the Manage r window . T o discar d your set tings, c lick Cancel . The M anager returns to the Conf i ...

  • Cisco Systems VPN 3002 - page 119

    C HAPTER 11-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 11 Policy Management The VPN 300 2 works in eit her of two mode s: Client mode or Networ k Extensi on mode. Policy ma nage ment o n the VPN 30 02 includ es deci din g w het her y ou wa nt t he V PN 3002 t o use Cl ie nt Mode o r Ne tw ork E xten si on mod e. Thi s sect ion lets you e na ...

  • Cisco Systems VPN 3002 - page 120

    11-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 11 Policy Mana gement Netwo rk Extensi on M ode The net work and ad dresses on th e privat e side of the V PN 3002 ar e hidden , and ca nnot be acce ssed direct ly . VPN 3000 Series VPN Concentrator Settings Required for PAT For the VPN 300 2 to use P A T , these ar e the require ments f ...

  • Cisco Systems VPN 3002 - page 121

    11-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 11 Policy Mana gem e nt Networ k Extensi on Mode Network Extension Mode with Split Tunneling Y ou alwa ys assi g n the VPN 30 02 to a clie nt gr oup on the cen tral- site VPN Co ncen tr ato r . If yo u ena ble split tunneling for that grou p, IPSec operates on all traffic that travels thr ...

  • Cisco Systems VPN 3002 - page 122

    11-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 11 Policy Mana gement Netwo rk Extensi on M ode Tunnel Initiation The VPN 3 002 always initiat es the tun nel to th e central-site VPN Concentrator . The central- site VPN Concent rator cannot ini tiate a tunn el to a VPN 3002 . The V PN 3002 cr eates on ly one IPSec tunnel to the centr ...

  • Cisco Systems VPN 3002 - page 123

    11-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 11 Policy Mana gem e nt Config uration | Po licy Manag ement T able 1 1 -1 D ata Initiation: VPN 3002 and Centr al-Site VPN Conce ntrat or Configuration | Policy Managemen t The Con fi gura tion | Polic y Ma na geme nt s cr een int roduc es thi s sec tio n o f th e Man ager . Figur e 1 1 ...

  • Cisco Systems VPN 3002 - page 124

    11-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 11 Policy Mana gement Configur ati on | Policy Manag ement | Traffi c M anageme nt | PAT PAT T o configure P A T (Por t Address T ransl ation) cli ck PAT . Configuration | Policy Managemen t | Traffic Management | PAT The Con figu ratio n | Polic y Mana geme nt | Traffic Manage me nt | P ...

  • Cisco Systems VPN 3002 - page 125

    11-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 11 Policy Mana gem e nt Confi gurati on | Poli cy Manage ment | Traf fic Man agement | PAT | Ena ble PAT Enable d Check the box to ena ble Client Mode (P A T), or clear it to enable Netwo rk Extensio n Mode. Note Re member that to use Net work Ext ension Mo de, you mu st configur e an IP ...

  • Cisco Systems VPN 3002 - page 126

    11-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapt er 11 Policy Mana gement Configur ati on | Policy Manag ement | Traffi c M anageme nt | PAT | Enable ...

  • Cisco Systems VPN 3002 - page 127

    C HAPTER 12-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 12 Administration Admin istering th e V PN 3002 inv ol ves a ctiv itie s tha t k eep t he syst em op erat iona l a nd se cu re. Configur ing the sys tem se ts the p ar amete rs that go vern its use a nd func tiona lity a s a V PN dev ice , but administration involves higher level ac tiv ...

  • Cisco Systems VPN 3002 - page 128

    12-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Soft wa re Update Figur e 12-1 A dmin istr ation Scre en Administration | Software Update This sect ion of the Ma nager l ets you upda te the VP N 3002 exec utable syst em softwa re. Th is proces s uploads the fil e to the VPN 3002, which then verif ie ...

  • Cisco Systems VPN 3002 - page 129

    12-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Software Update Figur e 12-2 A dministr ation | Softw are Updat e Scr een Current So ftware Re vision The n ame, ver sion numbe r , and date of the softwa re imag e curr ently ru nning o n the system. Browse... Enter the comp lete pathname of th e new i ...

  • Cisco Systems VPN 3002 - page 130

    12-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Soft wa re Update Software Update Prog ress This windo w shows th e pr ogres s of t he so ftw are up load . It re fr esh es the num be r of by tes tra nsf erre d at 10-second intervals. Figur e 12-3 A dministr ation | Softw are U pdate P rogr ess Windo ...

  • Cisco Systems VPN 3002 - page 131

    12-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Admi ni s trati on | S ystem Rebo o t Figur e 12-5 A dministr ation | Softw are U pdate E r r or Scr een Administration | System Re boot This scre en lets you re boot or shut down (halt ) the VPN 30 02 with variou s options. W e strongly recommend t hat yo u shut down t ...

  • Cisco Systems VPN 3002 - page 132

    12-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Syst em Reb oot Figur e 12-6 A dmin istr ation | Syst em Reboo t Scr e en Action Click a r adio but ton to selec t t he de sired a c tion. Y o u ca n sele ct only on e act ion. • Reboot = Reboot the V PN 3 002. Re boo ting termi nat es al l session s ...

  • Cisco Systems VPN 3002 - page 133

    12-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administr ation | Pi ng • Reboot ignoring the Configuration file = Rebo ot using all the factory defa ults; that is, start the system as if it had no CONFIG file. Y ou will need to go through all th e Quick Configuratio n steps describe d in t he VP N 30 02 Ge ttin g ...

  • Cisco Systems VPN 3002 - page 134

    12-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Ping Addres s/Hostn ame to Pin g Enter the IP addr es s or h ostna me o f the syste m you wa nt to t est. (If you co nfi gured a DN S se r ver, you can ente r a hostna me; othe rwise, en ter an IP add ress.) Maximum is 6 4 character s. Ping/Cance l To ...

  • Cisco Systems VPN 3002 - page 135

    12-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administr a tion | Access Rights Administration | Access Rights This se cti on of t he Ma nage r lets you c onfi gur e an d c on trol ad mi nistra ti ve acc ess t o t he V PN 30 02. • Administrato rs : confi gure admi n istrat or u ser na mes, passw or ds, a nd right ...

  • Cisco Systems VPN 3002 - page 136

    12-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Administrati on | Access Right s | Administrato rs Administrator The VP N 3002 has three prede fined ad ministra tors: • admin = System administrator with access to, and rights to change, all areas. This is the only administr ator enabled by default ; in other words, ...

  • Cisco Systems VPN 3002 - page 137

    12-11 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administratio n | Access Rights | Access Setti ngs Administration | Access Rights | Access Settings This screen lets you co nfigure general optio ns for administrator access to the Manager . Figur e 12-12 A dministr ation | A ccess Rig hts | A ccess Set tings Scr een S ...

  • Cisco Systems VPN 3002 - page 138

    12-12 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini stration | F il e Ma nagemen t Administration | File Management This sect ion of the M anager lets you manage files in VPN 300 2 Flash mem ory . (Flash mem ory acts like a disk.) Th ese files inc lude CONF IG, CONF IG.BA K, saved log fil es, and cop ies of any of ...

  • Cisco Systems VPN 3002 - page 139

    12-13 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administ ration | File Man agement | Swap Conf ig Files Swap Config Files Swap Confi g Files lets you swap the boot co nfigura tion fil e with the backu p configu ratio n file. When you sele ct this optio n, the Admi nistration | File Managemen t | Swap Co nfig Files w ...

  • Cisco Systems VPN 3002 - page 140

    12-14 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | File Ma nagemen t | Conf ig File Upload Administration | File Management | Config File Upload This scr een let s yo u use HT TP (Hy pe rte xt Transfer Prot ocol ) to tra nsfe r a c on figu ra tion fi le fr om your PC, or a sy stem acc essi ble from yo ...

  • Cisco Systems VPN 3002 - page 141

    12-15 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | File Management | Config File Upload Figur e 12-16 A dministr ation | File Manag ement | File Uploa d Prog ress Windo w When the upl oad is finishe d, or if the uploa d is cance lled, the pr ogress win dow clos es. File Upload S uccess The Manage r dis ...

  • Cisco Systems VPN 3002 - page 142

    12-16 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Certificat e Ma nagemen t Certificate Manag ement Digital certifica tes are a form of digital identific ation used for auth entication. Certific ate Autho rities (CAs) issue them in the conte xt of a Public Key Infrastructure (PKI), which uses public-key /private-key en ...

  • Cisco Systems VPN 3002 - page 143

    12-17 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Certificate Management If you have trouble en rolling or installin g digital certif icates via SCEP , enable both the CLIENT an d CER T event classes to a ssist in trou bleshooting . Digital c ertificat es indi cate the tim e fr ame during w hich they a re valid. T her ...

  • Cisco Systems VPN 3002 - page 144

    12-18 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Certificat e Ma nagemen t Step 2 Click Click he re t o install a CA certif icate . Note The Click h er e to install a CA certificate option is o nly av ail ab le f rom th is w indo w wh en n o CA cert ificates a re instal led on th e VPN 300 2. If yo u do n ot see thi s ...

  • Cisco Systems VPN 3002 - page 145

    12-19 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Certificate Management Installing CA Certificates M anually Note If you install a CA certificate using the ma nual method, you cannot use this CA later to request identity or SSL cer tificates with SCEP . If you want to be able to use SCEP to request certifica tes, obt ...

  • Cisco Systems VPN 3002 - page 146

    12-20 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Certificat e Ma nagemen t Enrolling and Installing Identity Certificates When you generate a re quest for an identity cer tificate, you need to provide the foll owing informati o n. Ti p Che c k to be s ure t h at y ou have thi s info rm ati on befo re you be gin. T abl ...

  • Cisco Systems VPN 3002 - page 147

    12-21 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Certificate Management V erif y Challen ge Passw ord - No Y es Re-enter the ch allenge password. Key Size - Y es Y es The algorithm for generating the p ublic-key /priva te-key pair , and the key siz e. If you a re request ing an SSL certific ate, of i f you are reques ...

  • Cisco Systems VPN 3002 - page 148

    12-22 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Certificat e Ma nagemen t Enrolling and Installing Id entity Certificates Automaticall y Using SCEP Follow these steps for eac h identity certif icate you want to obtain: Step 1 Displa y the Adminis tration | Certifi cate Management sc reen. (Se e Figure 12- 19 .) Step ...

  • Cisco Systems VPN 3002 - page 149

    12-23 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Certificate Management Figur e 12-25 A dministr a tion | Certific ate Man a gement | Enr oll | Identity Certific ate | SCE P Scree n Step 5 Fill in the fields and click Enr oll . (Fo r informat ion on the fiel ds on this scree n, see T able 1 2-1 .) T he VPN 3002 se nd ...

  • Cisco Systems VPN 3002 - page 150

    12-24 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Certificat e Ma nagemen t Figur e 12-26 A dministr ation | Certific ate Manag ement | Enr ollment | Request G enera ted Scr een Step 6 Click Go to Cert ificate M anage ment . The Mana ger displa ys the Admini strati on | Certifi cate Managemen t screen. Y our new identi ...

  • Cisco Systems VPN 3002 - page 151

    12-25 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Certificate Management Figur e 12-27 Admin is tr ation | Certific ate Man a g ement | Enr oll | Identity Certificat e | PKCS1 0 Scree n Step 5 Fill in the fields and click Enr oll . (Fo r informat ion on the fiel ds on this scree n, see T able 1 2-1 .) T he Manager di ...

  • Cisco Systems VPN 3002 - page 152

    12-26 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Certificat e Ma nagemen t Step 7 Using the e nrollm ent requ est you just gen erate d, retrie ve an ident ity cert ificate from your CA and download it to yo ur PC accord ing to the procedures outlined by the CA. Step 8 Using t he Manag er , display the Admin istrati on ...

  • Cisco Systems VPN 3002 - page 153

    12-27 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Certificate Management Figur e 12-31 A dministr ation | Certific ate Manag ement | Insta ll | Identity Cer tificate Scr een Step 12 Choose either installation meth od: Cut & Paste T ext or Upload F ile f rom W o rkst ation Step 13 The Ma nage r di spla ys a sc reen ...

  • Cisco Systems VPN 3002 - page 154

    Obtaining SSL Certificates If you us e a secure connec tion betwe en your b rowser and t he VPN 3002, th e VPN 300 2 requ ires an SSL certif ica te. Y ou only ne ed o ne SSL cer tifi cate on yo ur VPN 30 02. When you initial ly boot the VPN 3002 , a self-signed SSL cer tificate is au to mati cally generated. Bec ause a self-signe d certificate is s ...

  • Cisco Systems VPN 3002 - page 155

    12-29 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Certificate Management Enabling Digital Certificates on the VPN 3002 Note Be fore yo u ena ble d igita l ce rti ficat es on t he VPN 300 2, you m ust o btain a t l east one C A a n d one identity c ertificate. If you do n ot have a CA and an identity certificate instal ...

  • Cisco Systems VPN 3002 - page 156

    12-30 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Certificat e Ma nagemen t Deleting Digital Certificates Delete d igital cer tificates i n the following order : 1. Identity or SSL ce rtificate s 2. Subordina te certificates 3. Root cert ificates Note Y ou c annot de lete a c ertificat e if it i s in use b y an SA , if ...

  • Cisco Systems VPN 3002 - page 157

    12-31 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management Administration | Certificate Man agement This section of the Manager shows outstanding enro llment requests and all th e certificate s installed on the VP N 30 02, and it le ts yo u mana ge the m. The l inks at t he top of t his ...

  • Cisco Systems VPN 3002 - page 158

    12-32 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi fi cat e Managem e nt Certificate Authorities Tabl e This tabl e shows root and subord inate CA c ertifica tes instal led on the V PN 3002. Fields These f ields app ear in the Certificate Authorities table: Identity Certificates Table This table ...

  • Cisco Systems VPN 3002 - page 159

    12-33 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management SSL Certificate Table [ Generate ] This t able show s the SSL se rv er c ert ifica te insta lled on the VP N 30 02. The sy stem can h ave only on e SSL server certificat e installed: eit her a self -signed cer tificate or one iss ...

  • Cisco Systems VPN 3002 - page 160

    12-34 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi fi cat e Managem e nt Fields These fie ld s app ear in th e Certific ate Authorit ies, Ident ity Certifica tes, or SSL Certifica te tables: Field Con tent Subject/I ssuer The Common N ame ( CN) or Organizat ional Uni t (OU) (if p resent) , plus ...

  • Cisco Systems VPN 3002 - page 161

    12-35 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management Enrollment S tatus Ta ble This table tracks the status of active en rollment request s . The VPN 3002 sup ports one (inst alled) id entity certifi cate a nd one ( outstan di ng) enr ollment request . If you curr ently have a n id ...

  • Cisco Systems VPN 3002 - page 162

    12-36 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi fi cat e Managem e nt Status • In Prog ress = The reques t has been creat ed, bu t the requ este d certi ficate has not yet been installe d. This value is u sed only f or PKCS10 (manual ) enro llmen t requests . • Polling = The CA d id not i ...

  • Cisco Systems VPN 3002 - page 163

    12-37 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Enroll Administration | Certificate Man agement | Enro ll Choos e whether you ar e creatin g an enrollme nt reques t for an ident ity certifi cate or an SSL certif icate. Figur e 12-35 A dministr ation | Certific ate Man agemen ...

  • Cisco Systems VPN 3002 - page 164

    12-38 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi ficat e Manag em e nt | Enroll | Cer tifi cat e Type Administration | Certificate Man agement | Enro ll | Certificate Ty p e Choose the m ethod fo r enrolling the (id entity or SSL ) certific ate. Figur e 12-36 Administr ation | Cer tificat e Ma ...

  • Cisco Systems VPN 3002 - page 165

    12-39 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Enroll | C ertificate Type | P KCS10 Administration | Certificate Man agement | Enro ll | Certificate Ty p e | PKCS10 T o gene rate an enrollmen t request for an SSL or identity ce rtificate, you nee d to provide informati on a ...

  • Cisco Systems VPN 3002 - page 166

    12-40 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certifi cat e Managem e nt | Enrollmen t or Renewal | Req ues t Gen erat ed Administration | Certificate Man agement | Enrollment or Renewal | Request Generated The Ma nager displays th is scre en whe n the syst em has successful ly genera ted a c ert ...

  • Cisco Systems VPN 3002 - page 167

    12-41 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Enroll | Identity Certificate | SCEP Go to Certificate Installation If you want to install the cer tificate you ha ve just enrolled, click Go to Certificate Installation . The Manager displ ays the Adm ini stration | Certi fic ...

  • Cisco Systems VPN 3002 - page 168

    12-42 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Administ ration | Certificat e Managem e nt | Enroll | SSL Certificate | SCEP Enroll / Cancel T o gene rate the certifica te request and install the identity certifica te on the VPN 3002, click Enr oll . The Manager displays the Admin istration | Certif icate Management ...

  • Cisco Systems VPN 3002 - page 169

    12-43 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Enroll | SSL Certificate | SCEP Fields For an expla nation of ea ch of the fields on this screen, s ee T able 12- 1 o n pa ge 12 -20 . Enroll T o generate th e certifica te request and insta ll the SSL c e rtificate on the VPN ...

  • Cisco Systems VPN 3002 - page 170

    12-44 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi fi cat e Managem e nt | Install Administration | Certificate Man agement | Install Choose the type of certific ate you want to install. Figur e 12-41 A dministr ation | Certific ate Man agement | Insta ll Scr e en Install CA Certificate If you w ...

  • Cisco Systems VPN 3002 - page 171

    12-45 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Install | Certificate Obtained via Enrollment Administration | Certificate Man agement | Install | Certi ficate Obtained v ia Enrollment Once you have en rolled a certifica te, you can install it. Thi s screen allows you to ins ...

  • Cisco Systems VPN 3002 - page 172

    12-46 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certifi cat e Managem e nt | Install | Certi fi cat e Type Administration | Certificate Man agement | Install | Certi ficate Ty p e Choose the method you want to use to install the certific ate. Figur e 12-43 Admin istration | Certificat e Manageme nt ...

  • Cisco Systems VPN 3002 - page 173

    12-47 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Install | CA Certificate | SCEP Administration | Certificate Man agement | Install | CA Certificate | SCEP In this sc reen, pro vide infor mation about the ce rtificate au thority in order to retrieve and instal l a CA certifi ...

  • Cisco Systems VPN 3002 - page 174

    12-48 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certifi cat e Managem e nt | Install | Certi fi cat e Type | Cut and Pa ste Text Administration | Certificate Man agement | Install | Certi ficate Ty p e | Cut and Paste Text T o inst all the certifica te using the manual met hod, cut and paste the ce ...

  • Cisco Systems VPN 3002 - page 175

    12-49 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Install | Certificate Type | Upload File from Workstation Administration | Certificate Man agement | Install | Certi ficate Ty p e | Upload File from Workstation If you wa nt t o inst al l a cer tif ica te stor ed on y our PC, ...

  • Cisco Systems VPN 3002 - page 176

    12-50 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certifi cat e Managem e nt | View Administration | Certificate Man agement | View The Mana ger displa ys this scre en of certi fica te detail s when you cl ick Vi e w for a certific ate on the Admin istrati on | Certi fic ate Ma nagem e nt | Cert ifi ...

  • Cisco Systems VPN 3002 - page 177

    12-51 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certific ate Management | View Certificate Fields A certific ate contains some or all of the follo wing fields: Field Conte nt Subject The p erson or sys tem tha t uses the certifica te. For a CA root c ertificate, the Subject and Issuer are th e same. ...

  • Cisco Systems VPN 3002 - page 178

    12-52 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certifi cat e Managem e nt | View Back T o return to the Administr ation | Certif icate Ma nagement scree n, click Ba ck. SHA1 Thumbpr int A 160- bit SHA-1 hash of the complete certifica te con tents, show n as a 20-byt e string. T his valu e is uni q ...

  • Cisco Systems VPN 3002 - page 179

    12-53 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Configure CA Certificate Administration | Certificate Man agement | Configure CA Certificate This screen lets you co nfigure this CA certific ate to be able to issue identity cer tificates vi a SCEP . Figur e 12-48 Admin istrat ...

  • Cisco Systems VPN 3002 - page 180

    12-54 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi ficat e Manag em e nt | Renewal Polling Limit Enter the number of times the VPN 3002 sho uld re-send an enr ollment request if th e CA does not issue the ce rtifica te imme diately . T he mi nimum nu mber of re-send s is 0; t he ma ximum n umber ...

  • Cisco Systems VPN 3002 - page 181

    12-55 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Renewal Certificate This fi el d displ ays t h e ty pe o f c e rtifi c ate tha t y ou ar e re -e nrol li ng or re -k ey ing. Renewa l Type Specify the type of request: • Re-enro llm en t = Use th e sam e ke y pair as th e ex ...

  • Cisco Systems VPN 3002 - page 182

    12-56 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi fi cat e Managem e nt | Activa te or Re-Subm it | Stat us Administration | Certificate Man agement | Activate or Re-Submit | Status This st atus screen appea rs after you act ivate or re-s ubmit an enroll ment reque st. It displ ays the status o ...

  • Cisco Systems VPN 3002 - page 183

    12-57 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | Delete Administration | Certificate Man agement | Delete The Man ager display s this conf irmation scr een when y ou click Delete fo r a certific ate on the Administratio n | Certi ficate Manag ement scre en. The scr een shows ...

  • Cisco Systems VPN 3002 - page 184

    12-58 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certifi cat e Managem e nt | View En rollment Request Yes / No T o delete this certificate, click Ye s . Note Th er e is n o u ndo . The Mana ger retur ns to the Adm inistrat ion | Certif icate Ma nageme nt screen a nd shows the remaining certifi cate ...

  • Cisco Systems VPN 3002 - page 185

    12-59 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Administration | Certificate Management | View Enrollment Req uest Enrollment R equest Fie lds An enro llment re quest contain s some or all of th e follow ing fields : Field Conte nt Subject The pers on or syste m that uses the cer tificate. Issuer The CA or other ent ...

  • Cisco Systems VPN 3002 - page 186

    12-60 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini st ration | Certi fi cat e Managem e nt | Cancel Enrollm ent R eque st Back Click Back to display the Administr ation | Certificate Management scree n. Administration | Certificate Man agement | Cancel Enrollment Request This scre en show s you the detai ls of th ...

  • Cisco Systems VPN 3002 - page 187

    12-61 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 12 Adminis tration Admini stratio n | Certif icate Manageme nt | Delet e Enrollment Request Fields For a descriptio n of t he fields in th is enro llment req uest, see the “ En rollment Request Field s ” section on page 12-5 9 . Yes / No T o cance l this enrollment r equest, click Ye ...

  • Cisco Systems VPN 3002 - page 188

    12-62 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 12 Administration Admini stration | Cer tificate M anag ement | De lete En rollment Reque st Fields For a descriptio n of t he fields in th is enro llment req uest, see the “ Enrollm ent Re quest Fiel ds ” section on page 12-5 9 . Yes / No T o delete this enrollment request , click Y ...

  • Cisco Systems VPN 3002 - page 189

    C HAPTER 13-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 13 Monitoring The VPN 3002 tracks m any stati stics and the status of many items essential to system admin istration and manageme nt. This se ction of the Mana ger lets y ou view a ll those st atus item s and statist ics. Y ou can even see the state of LEDs th at show the st atus of har ...

  • Cisco Systems VPN 3002 - page 190

    13-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Ro uti ng Table Monitoring | Routing Tab le This screen shows the VPN 3002 rou ting table at the time the scre en displays. Figur e 13-2 Monit or ing | Routing T able Scr een . Refr esh T o update t he scree n and its data, cl ick Refr esh . Th e date and tim ...

  • Cisco Systems VPN 3002 - page 191

    13-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monit oring | Fil tera ble Event Log Monitoring | Filterable Event Log This screen shows the events in the current event log, lets you filter and display events by various criter ia, and lets you manage the even t log file . For troublesh ooting any system di fficulty , or ...

  • Cisco Systems VPN 3002 - page 192

    13-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Filterable Ev en t Log Select Filter Options Y ou can selec t any or all of the following opti ons for filtering and displaying the even t log. After selectin g th e option (s), cl ick a ny one of the fo ur Pa ge bu t tons. The Man ager r efres hes the scree ...

  • Cisco Systems VPN 3002 - page 193

    13-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monit oring | Fil tera ble Event Log Event Log Format Each en try (recor d) in the even t log consists o f eight or nin e fields: Sequence Date Time Severity Class/Number Repeat (IPAddress) String (The IP A ddress field only ap pear s in certain ev ents. ) For exam ple: 3 1 ...

  • Cisco Systems VPN 3002 - page 194

    13-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito ring | Live Ev ent Log Monitoring | Live Event Log This scr een shows events in the cur rent event log and au tomatically update s the display ever y 5 seconds. The eve nts might tak e a fe w seconds to load when y ou fir st open the screen. Note for Netscape users: ...

  • Cisco Systems VPN 3002 - page 195

    13-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitorin g | Live Event Log Figur e 13-4 Monit or ing | Live Event Log Scr een Pause Disp lay/Resume Display T o pause the d isplay , click Paus e Disp lay . While paused , the screen does not di splay new events, th e button changes to Resume Display , and the timer count ...

  • Cisco Systems VPN 3002 - page 196

    13-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Sy st em St atus Monitoring | System Status This screen sh ows the status of sev eral sof tware and ha rdware variab les at t he time t he scree n displays. From this scre en you can al so display the status of the IPSec t unnel SAs, tunn el durat ion, plus f ...

  • Cisco Systems VPN 3002 - page 197

    13-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monit oring | S ystem Sta tus Refresh T o update the screen and its data, click Refresh . The date and tim e indicate when the scre en was last update d. VPN Clien t Type The type , or model number, of this VPN 3002 ha rdware client. Bootco de Rev The ve rsio n na m e, n um ...

  • Cisco Systems VPN 3002 - page 198

    13-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Sy st em St atus Tunnel Es tablished to The IP ad dre ss of t he VPN C o ncen tr ato r t o w hic h t his V PN 3002 co nne cts . Duration The length of time that this t unnel has bee n up. Security Ass ociations This t abl e de scr ibe s the fol low ing att r ...

  • Cisco Systems VPN 3002 - page 199

    13-11 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Moni t orin g | Syst em Stat us | P ri v ate/Pu blic I n terf ac e Ot her Additional in formation about this SA, inclu ding mode. Front Panel The fron t panel im age is a n inactiv e link. Back Pane l The back panel image includes active links fo r the VPN 3002 private and ...

  • Cisco Systems VPN 3002 - page 200

    13-12 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | System Status | Private/Public Interface Restore T o restore the screen contents to their actual statistical values, click Restor e . Th is i con di spla ys on l y if you previously clicked the Reset ico n . Refresh T o update the screen and its data, click ...

  • Cisco Systems VPN 3002 - page 201

    13-13 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Moni t orin g | Syst em Stat us | P ri v ate/Pu blic I n terf ac e Rx Unicast The n umb er of uni cast packe ts that we re receiv ed by thi s interf ace sinc e the VP N 3002 wa s l ast boote d or reset. Unicast pack ets are those addressed to a sing le host. Tx Unicast The ...

  • Cisco Systems VPN 3002 - page 202

    13-14 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Moni tori ng | User Stat us Monitoring | User Status This se ction di splays st atist ic s for de vice s be hind the VP N 30 02 Har dware Cli ent . Figur e 13-7 Monit or ing | User S tatus scr e en Refresh T o update the screen and its data, click Ref res h . The da te and ...

  • Cisco Systems VPN 3002 - page 203

    13-15 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitor ing | Stat isti cs Monitoring | Statistics This se cti on of th e Mana ge r show s stati sti cs fo r traffic an d a ctiv ity on t he V PN 3002 si nce it wa s last booted or r eset, and for c urrent tun neled sessions, plu s statistics in standa rd M IB-II ob jects ...

  • Cisco Systems VPN 3002 - page 204

    13-16 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Stat is tics | IPSec Monitoring | Statistics | IPSec This screen shows sta tistics for IPSec activity , including the cur rent IPSec tunnel, on the VPN 3002 sinc e it was la st booted o r reset. T hese statisti cs conform to the I ETF draft for the I PSec Flo ...

  • Cisco Systems VPN 3002 - page 205

    13-17 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | IPSec Refresh T o update the screen and its data, click Ref res h . The da te and time indic ate when t h e scree n was la st update d. IKE (Phase 1) Statistics This table pr ovides IPSec Ph ase 1 ( IKE: Internet Key Exchang e) glo bal statis tics ...

  • Cisco Systems VPN 3002 - page 206

    13-18 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Stat is tics | IPSec Received Notifies The cumul ative total of notify packe ts received by all currently a nd previo usly activ e IKE tun nels. A notif y pa ck et is an inf o rm ati o nal pack et th at is sent in resp on s e to a ba d pa cket or to indicate ...

  • Cisco Systems VPN 3002 - page 207

    13-19 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | IPSec Phase-2 SA Delete Requests Sent The cumulativ e tot al of r eque sts to d ele te IPSe c Phase -2 Se cu rit y Assoc iati ons se nt by a ll c urr ently and previously active IKE tunnel s . Initiated Tunnels The cumulative to tal of IKE tunnels ...

  • Cisco Systems VPN 3002 - page 208

    13-20 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Stat is tics | IPSec IPSec (Phas e 2) Sta tistics This t abl e pro vi des I PSec Pha se 2 globa l sta tisti cs. D uring I PSec Ph ase 2, t he tw o p eers ne gotia te Security Associat io ns that govern traf fic within the tunnel. Active Tu nnels The num ber o ...

  • Cisco Systems VPN 3002 - page 209

    13-21 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | IPSec Sent Packets Dropped The cumulative to tal of packets droppe d during send processing by all curren tly and previous ly active IPSec Phase- 2 tunnel s. This numbe r should be ze ro; if not, check for a networ k problem , check th e even t lo ...

  • Cisco Systems VPN 3002 - page 210

    13-22 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Stat istics | HTTP System Capability Failures The tot al number of syst em capa city fail ures that occurre d during pr ocessing of all curre ntly and previo usly activ e IPSec Ph ase-2 tunn els. Th ese fail ur es indica te tha t the system has run out of m ...

  • Cisco Systems VPN 3002 - page 211

    13-23 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitor ing | Stati stics | HTTP Reset T o reset, or s tart anew , the screen contents, click Reset . The system tem porari ly resets a co unter fo r the chosen statist ics without a f fecting the operation of the dev ice. Y ou can then view statistical in formation wit ho ...

  • Cisco Systems VPN 3002 - page 212

    13-24 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Stat istics | HTTP HTTP Ses sions This se ction pr ovid es i nfo rmat ion abou t H TTP sessi ons on t he V PN 3 002 sinc e i t wa s la st bo ote d o r reset. Login Name The name o f th e admi nis tra t ive u ser f or the H TT P se ss ion . IP Address The IP ...

  • Cisco Systems VPN 3002 - page 213

    13-25 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monito ring | Statis tics | Telnet Monitoring | Statistics | Telnet This sc reen show s statis tics for T elnet ac tivity on the V PN 3002 since i t was la st boote d or re set, and f or current T elnet sessions. T o configure t he VPN 3002 T elnet serve r , see the Confi ...

  • Cisco Systems VPN 3002 - page 214

    13-26 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Stat istics | Telnet Attempted Sessions The tota l number of attempts to establish T elnet sessio ns on the VPN 3002 since it was last b ooted or reset. Successful Sessions The total num ber of T elnet sessions succes sfully est ablishe d on the VPN 3002 si ...

  • Cisco Systems VPN 3002 - page 215

    13-27 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | DNS Monitoring | Statistics | DNS This screen shows statistics for DNS (Domain Name System) activity on the VPN 3002 since it was last booted or r eset. T o configur e the VPN 3002 t o commun icate wit h DNS se rvers, see the Configu ration | Sy s ...

  • Cisco Systems VPN 3002 - page 216

    13-28 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Stat is tics | SSL Timeouts The num ber of DNS queries t hat failed becaus e there was no resp onse from th e server . Server Un reac hable The num ber of DNS queries that failed be caus e, accord ing to the V PN 3002 rou ting tabl e, the addr ess of the serv ...

  • Cisco Systems VPN 3002 - page 217

    13-29 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitor ing | Stati stics | SSL Refresh T o update the screen and its data, click Ref res h . The da te and time indic ate when t h e scree n was la st update d. Unencrypted Inbound Octets The num ber of octet s (bytes) of inboun d traffic outpu t by the decry ption en gin ...

  • Cisco Systems VPN 3002 - page 218

    13-30 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Stat istics | DHCP Monitoring | Statistics | DHCP This sc reen sh ows st at istic s f or D HCP ( Dy nami c H ost Confi gurat ion Pr otoc ol) serv er act ivity o n th e VPN 3002 since it w as last boot ed or re set. Each row of the table sh ows data for each I ...

  • Cisco Systems VPN 3002 - page 219

    13-31 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | DHCP Timeouts The n umber o f DHCP qu eries that f ailed b ecause there was no respon se from the s erver . Pool Start The IP ad dres s at th e star t of the DH CP IP ad dres s pool. Pool End The IP ad dress at the en d of the DHC P IP address poo ...

  • Cisco Systems VPN 3002 - page 220

    13-32 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Stat is tics | SSH Monitoring | Statistics | SSH This sc reen sh ows st at istic s f or SSH ( Sec ure She ll) p rot ocol tr affic on t he V PN 3002 si nce it was la st booted or r eset. T o configure SSH, see Configur ation | System | Mana gement Prot ocols | ...

  • Cisco Systems VPN 3002 - page 221

    13-33 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | SSH Packets S ent/Rec eived The total num ber of SSH pac kets sent/re ceived since the VPN 3002 wa s last booted or re set. Active Sessions The numbe r of curr ently acti ve SSH sessio ns. Maximum Sessions The maxi mum numbe r of simulta neous ly ...

  • Cisco Systems VPN 3002 - page 222

    13-34 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Stat istics | NAT Monitoring | Statistics | NAT This screen sh ows statistics f or NA T (Network Add ress Translation) activity on the VPN 3002 since it was last booted or reset. Figur e 13-16 Monit or ing | Statistics | N A T sc ree n Reset T o reset, or st ...

  • Cisco Systems VPN 3002 - page 223

    13-35 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | NAT Translations Active The numbe r of curr ently acti ve NA T sessions. Translations Peak The ma xim um num ber of NA T session s t hat were sim ult aneou sly a ct ive on the V PN 3002 si nce it w as last booted or reset. Translations Total The t ...

  • Cisco Systems VPN 3002 - page 224

    13-36 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitoring | Stat istics | PPPoE • NetBIOS over TCP Proxy • NetBIO S over UDP Proxy • NetBIO S Datagram Service Translated Bytes/Packets The to tal numb er of tr anslat ed byt es and packets for th e NA T session. Monitoring | Statistics | PPPoE This screen shows sta ...

  • Cisco Systems VPN 3002 - page 225

    13-37 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | PPPoE User Name The username for the PPPoE session. Session ID The ID for the se ssion assigned by the IS P . The Session ID combined with the Access Co ncentrator MAC Address (see below) uni quely identifies the PPPoE session. PPPoE Acc ess Conc ...

  • Cisco Systems VPN 3002 - page 226

    13-38 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitoring | Stat istics | PPPoE PADT Rx The number of PPPoE Act ive Discovery T erm inate packets received. PADT Tx The number of PPPoE Act ive Discovery T erminate packets sent. Generic Error s R x The number of errors received during the PPPoE session. Malformed Pa cket ...

  • Cisco Systems VPN 3002 - page 227

    13-39 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | MIB-II Monitoring | Statistics | MIB-II This section of the Manage r lets you view statistics that are record ed in standard MIB-II obje cts on the VPN 3002. MI B-II (Man agement In forma tion Base, version 2) ob jects ar e variables that contai n ...

  • Cisco Systems VPN 3002 - page 228

    13-40 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Mon i tor in g | St atis tics | MIB -II | I nter fa ces Monitoring | Statistics | MIB-II | Interfaces This screen sho ws statistics in MIB-II objects for VPN 3002 in terfaces since the system was last booted or rese t. Figur e 13-19 Monit or ing | Statistics | M IB-II | In ...

  • Cisco Systems VPN 3002 - page 229

    13-41 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | MIB-II | Interfaces • Disabled = co nfigure d by disable d. • DOWN(DOWN/DHCP , DOWN/PPPoE) = configured but down. • T estin g = in te st mode; no regular d ata traf fic can pass. • Dormant = con figured and enable d but waiting for an exte ...

  • Cisco Systems VPN 3002 - page 230

    13-42 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Statistics | MIB -II | TCP /UDP Monitoring | Statistics | MIB-II | TCP/UDP This scree n shows statisti cs in MIB-II obj ects for TCP and UDP traff ic on the VPN 3002 si nce it was last booted or reset. RFC 2012 defin es TCP MIB object s, and RFC 2013 defines ...

  • Cisco Systems VPN 3002 - page 231

    13-43 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | MIB-II | TCP/UDP TCP Segmen ts Trans mitted The to tal numbe r of segm e nts se nt, i ncl udin g t hos e o n curr en tly es tabli shed c on ne ction s but exc ludi n g those contai n ing only retransmitted b ytes. Segment is the of ficial TCP nam ...

  • Cisco Systems VPN 3002 - page 232

    13-44 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Statistics | MIB -II | TCP /UDP TCP Estab lished Res ets The numbe r of establi shed TC P connecti ons that abru ptly closed, bypassing gra ceful term inatio n. TCP Current Established The n umber of TCP co nnections that ar e curr ently establi shed or are g ...

  • Cisco Systems VPN 3002 - page 233

    13-45 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | MIB-II | IP Monitoring | Statistics | MIB-II | IP This screen shows statistic s in MIB-II objec ts for IP traffic on the VP N 30 02 since it was last boo ted or reset. R FC 2 011 defines IP MI B o bjects. Figur e 13-21 Monit or ing | Statistics | ...

  • Cisco Systems VPN 3002 - page 234

    13-46 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Mon i tor in g | St atis tics | MIB -II | I P Packets R eceived (T otal) The tot al numbe r of IP data pack ets rece ived b y the VPN 30 02, incl uding tho se recei ved with errors. Packets R eceived (He ader Errors) The num ber of IP data pa ckets re ceive d and dis carde ...

  • Cisco Systems VPN 3002 - page 235

    13-47 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | MIB-II | IP Outbound P ackets with No Route The numbe r of outbound IP data packets di sca rded becaus e no route cou l d be found to transm i t them to their de stinat ion. Thi s number includ es any packets that th e VPN 3002 c ould no t route b ...

  • Cisco Systems VPN 3002 - page 236

    13-48 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Mon i tor in g | St atis tics | MIB -II | I CMP Monitoring | Statistics | MIB-II | ICMP This screen shows statistics in MIB-II objects for ICMP traffic on the VPN 3002 since it was last booted or rese t. RFC 2 011 defines ICM P MI B obj ect s. Figur e 13-22 Monit or ing | ...

  • Cisco Systems VPN 3002 - page 237

    13-49 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | MIB-II | ICMP Errors Received/Transmitted The num ber o f ICMP me ssages tha t the VP N 3002 r eceived bu t deter mined to have IC MP-specif ic err ors (bad IC MP chec ksu ms, bad l ength, etc.). The num ber of I CMP messa ges tha t the VPN 3002 d ...

  • Cisco Systems VPN 3002 - page 238

    13-50 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Mon i tor in g | St atis tics | MIB -II | I CMP Timestamp Requests Received/Transmitted The n umber of ICM P T imestam p (req uest) messa ges receiv ed/sent. T imestamp messages m easure t he propagati on delay between network entitie s by including the originati ng time i ...

  • Cisco Systems VPN 3002 - page 239

    13-51 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monit oring | S tatist ics | MIB-II | ARP Table Monitoring | Statistics | MIB-II | ARP Table This sc reen sh ows e ntrie s in the A ddre ss R esolut ion Protoc ol mappi ng t able sinc e t he VP N 3 002 wa s last booted or reset. ARP matches IP addresses with physical MAC a ...

  • Cisco Systems VPN 3002 - page 240

    13-52 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monitorin g | Statistics | MIB-II | ARP Tab le Interface The VPN 300 2 network i nterface on which this ma pping appli es: • Priva te Inte rface • Public Interf ace Physical Ad dress The hardw ired M AC (Media Access Contr ol) addre ss of a physica l networ k interfac ...

  • Cisco Systems VPN 3002 - page 241

    13-53 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitor ing | Stati stics | MIB-II | Eth ernet Monitoring | Statistics | MIB-II | Ethernet This screen shows statistic s in MIB-II objec ts for Ether net interface t raf fic on the VPN 3002 since i t was last boote d or rese t. I EEE sta ndar d 80 2.3 descr ibe s Ethe rne ...

  • Cisco Systems VPN 3002 - page 242

    13-54 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Monito rin g | Statistics | MIB -II | Ethe rnet Alignment Err or s The nu mber of f rames rece ived on th is interfac e that a re not a n integral n umber of bytes in length and do not pass the FCS (Fra me Check Sequence; used for error detec tion) check . FCS Errors The n ...

  • Cisco Systems VPN 3002 - page 243

    13-55 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitor ing | Stati stics | MIB-II | Eth ernet Excessive Collisions The number of frames f or which tr ansmission on this interface failed due to excessive collisions. MAC Errors: Transmit The number of frames for which transmission on this inter face faile d due to a n in ...

  • Cisco Systems VPN 3002 - page 244

    13-56 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Mon i tor in g | St atis tics | MIB -II | S NMP Monitoring | Statistics | MIB-II | SNMP This scr een shows sta tistics i n MIB-II objects fo r SNMP tra ffic on the VPN 3002 sin ce it was last booted or reset . RFC 1 907 def ines SN MP version 2 MIB obje cts. T o configur e ...

  • Cisco Systems VPN 3002 - page 245

    13-57 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 13 Monitorin g Monitoring | Statistics | MIB-II | SNMP Bad Commun ity Strin g The tota l number of SNMP message s received th at used an SNM P commu ni ty string the VPN 3002 did not recognize . See Configuration | System | Mana gement Protocols | SNMP Communities to configure permitte d ...

  • Cisco Systems VPN 3002 - page 246

    13-58 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 13 Monitorin g Mon i tor in g | St atis tics | MIB -II | S NMP ...

  • Cisco Systems VPN 3002 - page 247

    C HAPTER 14-1 VPN 3002 Hard ware Clie nt Refe rence OL-1893-01 14 Using the Command-Line Interface The VP N 3002 Hard ware Cli ent comm and-li ne inter face (C LI) is a men u- and co mman d-line-b ased config uration, administr ation, an d monitoring syst em built int o the VPN 300 2. Y ou use it via the syste m conso le or a T elnet (or T elnet ov ...

  • Cisco Systems VPN 3002 - page 248

    14-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 14 Using the Command -Line Int erface Star t ing th e Com m and- l ine In ter face 3. Press Ent er on t he PC keyb oard un til you see the login p rompt. (Y ou mig ht see a password promp t and er ror m essage s as you p ress E nte r; i gn ore th em a nd stop a t the log i n prom pt .) Lo ...

  • Cisco Systems VPN 3002 - page 249

    14-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 14 Using the Com m and -Line Interfac e Using the Command-line Interface Using the Command-lin e Interface This se cti on e xpla ins how to : • Choo se menu it ems. • Enter val ues f or pa rame te rs and o ptio ns. • Specify con figured ite ms by number or na me. • Navi gate qui c ...

  • Cisco Systems VPN 3002 - page 250

    14-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 14 Using the Command -Line Int erface Using t he Comm and-line I nterface Navigat ing Quic kly There ar e two ways t o move quic kly throu gh the comma nd-lin e interfa ce: shortc ut numbe rs, and the Back/ Home opti ons. Bot h ways work only when yo u are at a menu, n ot when you are at ...

  • Cisco Systems VPN 3002 - page 251

    14-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 14 Using the Com m and -Line Interfac e Using the Command-line Interface As a sh ortc ut, yo u ca n ju st e nter 2.4.1.1 at th e Main-> prom pt, and mov e direc tly to the M odify Admi nist rato rs menu : 1) Configuration 2) Administration 3) Monitoring 4) Save changes to Config file 5 ...

  • Cisco Systems VPN 3002 - page 252

    14-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 14 Using the Command -Line Int erface Using t he Comm and-line I nterface Saving the Configuration File Configurat ion and administratio n entries take ef fect immediate ly and are included in the active , or running , config urat ion. Howe ver, i f you reboo t the VPN 3002 with out savin ...

  • Cisco Systems VPN 3002 - page 253

    14-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 14 Using the Com m and -Line Interfac e Menu Refer e nce Menu Refere nce This section shows all the menus in the firs t three levels below the main menu. (There are ma ny additional menus be low the third level; and with in the first three levels, there are some non-menu paramete r settin ...

  • Cisco Systems VPN 3002 - page 254

    14-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 14 Using the Command -Line Int erface Menu Re ference 1.2.1 or 1.2.2 Configuration > Interface Configurat ion > Configure the Private/Publ ic Interface 1) Enable/Disable 2) Set IP Address 3) Set Subnet Mask 4) Select Ethernet Speed 5) Select Duplex 6) Back Private/Public Interface - ...

  • Cisco Systems VPN 3002 - page 255

    14-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 14 Using the Com m and -Line Interfac e Menu Refer e nce 1.3.5 Configuration > System Management > Event Configurat ion 1) General 2) Classes 3) Trap Destinations 4) Syslog Servers 5) Back Event -> _ 1.3.6 Configuration > System Management > General Config 1) System Identif ...

  • Cisco Systems VPN 3002 - page 256

    14-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 14 Using the Command -Line Int erface Menu Re ference 2.2 Administration > System Reboot 1) Cancel Scheduled Reboot/Shutdown 2) Schedule Reboot 3) Schedule Shutdown 4) Back Admin -> _ 2.2.2 Administration > System Reboot > Schedule Reboot 1) Save active Configuration and use ...

  • Cisco Systems VPN 3002 - page 257

    14-11 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 14 Using the Com m and -Line Interfac e Menu Refer e nce 2.4.2 Administration > Access Rights > Access Settings 1) Set Session Timeout 2) Set Session Limit 3) SertConfig File Encryption 4) Back Admin -> _ 2.5 Administration > File Management List of Files ------------- CONFIG ...

  • Cisco Systems VPN 3002 - page 258

    14-12 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 14 Using the Command -Line Int erface Menu Re ference 2.6.3 Administration > Certifica te Management > Certificate A uthorities Certificate Authorities . . . 1) View Certificate 2) Delete Certificate 4) Back Certificates -> _ 2.6.4 Administration > Certifica te Management > ...

  • Cisco Systems VPN 3002 - page 259

    14-13 VPN 3002 Hardware C lient Referen ce OL-1893-01 Chapter 14 Using the Com m and -Line Interfac e Menu Refer e nce 3.1 Monitoring > Routing Table Routing Table . . ’q’ to Quit, ’<SPACE>’ to Continue -> . . 1) Refresh Routing Table 2) Clear Routing Table 3) Back Routing -> _ 3.2 Monitoring > Event Log 1) Configure Log v ...

  • Cisco Systems VPN 3002 - page 260

    14-14 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Chapter 14 Using the Command -Line Int erface Menu Re ference 3.4 Monitoring > User Status Authenticated Users ------------------- Username IP Address MAC Address Login Time Duration ------------------------------------------------------------------------------- 1) Refresh User Status 2) Log ...

  • Cisco Systems VPN 3002 - page 261

    A-1 VPN 3002 Hardwar e Client Ref erence OL-1893-01 APPENDIX A T roubleshooting an d Sy stem Errors Appendix A descri bes files f or trou bleshooti ng the V PN 3002 and LED indica tors on the system. It also describe s com mon e rrors tha t mi ght o ccur whil e c onfig urin g a nd us in g th e syste m, a nd how to c orre ct them. Files for Troubles ...

  • Cisco Systems VPN 3002 - page 262

    A- 2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Appendi x A Troubl eshoot ing and Sys tem Errors LED Indi c at o rs crash, we ask that you sen d this file wh en you cont act T AC for ass istan ce. T o view the CRSHDUMP .TXT fil e, see Admini stra tion | Fi le Ma nage ment | V iew , an d cl ick on View Saved Log Crash Dump File . Configuration ...

  • Cisco Systems VPN 3002 - page 263

    A-3 VPN 3002 Hardware C lient Referen ce OL-1893-01 Append ix A Troubles hooting an d Sys tem Errors System Erro rs VPN 30 02 Rear LED s The LEDs on the r ear of the VPN 30 02 indicate the status of the private and public interface s. System Errors If you hav e conf igure d the VP N 3 002, and y ou ar e una ble to c onn ect t o or pa ss data to the ...

  • Cisco Systems VPN 3002 - page 264

    A- 4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Appendi x A Troubl eshoot ing and Sys tem Errors Settings on the VPN Concent rator Settings on the VPN Con centrator If your VPN 3002 exper ience s connect ivity probl ems, ch eck the con figurat ion of the VPN Conce ntrator . Step 1 Config ure the conn ection as a Clien t, not LA N-to-LA N. Step ...

  • Cisco Systems VPN 3002 - page 265

    A-5 VPN 3002 Hardware C lient Referen ce OL-1893-01 Append ix A Troubles hooting an d Sys tem Errors VPN 3002 Hardware C lient Manage r Errors Step 4 If you ar e using N etwor k Exte nsion m ode , c onf igure a de fa ult ga te way or a st at ic rou te to th e p riva te network of the VP N 3 002 . Refe r to Ch ap ter 8, “ IP Rou ting, ” in the V ...

  • Cisco Systems VPN 3002 - page 266

    A- 6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Appendi x A Troubl eshoot ing and Sys tem Errors VPN 3002 Hardw are Client Manage r Errors Manager L ogs Out The Mana ger un expect edly lo gs out. T able A -2 Inv alid Login or Se ssion Time out Scr e en Probl e m Possible Cause Solution Y ou ente red an inva lid admi nistrator login-n am e a nd ...

  • Cisco Systems VPN 3002 - page 267

    A-7 VPN 3002 Hardware C lient Referen ce OL-1893-01 Append ix A Troubles hooting an d Sys tem Errors VPN 3002 Hardware C lient Manage r Errors Incorrect Display The Man ager di splays an inc orrect screen o r data when you click on the browse r back o r forwar d button. Error Message The Mana ger displa ys a screen with the me ssage: “ Error /An ...

  • Cisco Systems VPN 3002 - page 268

    A- 8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Appendi x A Troubl eshoot ing and Sys tem Errors VPN 3002 Hardw are Client Manage r Errors Not Allowed Message The Mana ger displa ys a screen with the me ssage: “ Not Allo wed / Y ou do not have sufficient authori zation to ac cess the specif ied page. ” (se e Fi gur e A- 3 ). Figur e A -3 N ...

  • Cisco Systems VPN 3002 - page 269

    A-9 VPN 3002 Hardware C lient Referen ce OL-1893-01 Append ix A Troubles hooting an d Sys tem Errors VPN 3002 Hardware C lient Manage r Errors Not Found The Mana ger displa ys a screen with the me ssage: “ Not Foun d/An error has occu rred whil e attempti ng to access the specified pag e. ” The screen in cludes additio nal information that iden ...

  • Cisco Systems VPN 3002 - page 270

    A-10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 Appendi x A Troubl eshoot ing and Sys tem Errors Command -line Interface Errors Command-line Interfac e Errors Thes e errors may occur while using the men u-base d command-l ine interf ace fr om a c onsole or T elnet session. T able A -9 Command-Li ne Int erf ace Er rors Error Problem Possib le C ...

  • Cisco Systems VPN 3002 - page 271

    IN- 1 VPN 3002 Hardware Clie nt Reference OL-1893-01 INDEX Numerics 3DES-168 /SHA SSL en crypti on algor ithm 8-11 3DES-168 SSH e ncry ption a lgorithm 8-14 A acce ssing the CLI 14-1 acces s righ ts administration 12-9 default Mon ito r adm i nistra tor (CL I) 14-6 access sett ings, general, for admi nistrators 12-11 add even t cla ss 9-10 SNMP com ...

  • Cisco Systems VPN 3002 - page 272

    Index IN-2 VPN 3002 Hardwar e Client Referenc e OL-1893-01 cancel ling an e nrollment req uest 12-60 certifi cate PEM-en coded 12-28 Certifica te Authority (CA) definition 12-16 certif icate ma nageme nt 12-16 certifi cate request fields 12-20 certifi cates See also digital cert ificates chan ging admi nist rat or prop er tie s a nd r ig hts 12-9 C ...

  • Cisco Systems VPN 3002 - page 273

    Index IN- 3 VPN 3002 Hardware Clie nt Reference OL-1893-01 cras h, syst em saves log file A-1 CRSHDUMP.TXT file A-1 D data forma ts xiii data init iation VPN 3002 an d centra l-site c oncent rator 11-5 date an d t im e, conf i guri ng 10-3 Dayligh t-Sa ving Tim e (DST ), enabl ing 10-3 default even t ha nd lin g, co nfig uri ng 9-5 gateways, conf i ...

  • Cisco Systems VPN 3002 - page 274

    Index IN-4 VPN 3002 Hardwar e Client Referenc e OL-1893-01 cancel ling 12-60 crea ting 12-37 deleting 12-61 PKCS-10 12-24, 12-40 removi ng accord ing to status 12-35 status table 12-35 time limit 12-17 viewing detail s 12-58 entering v alues wi th CLI 14-3 eras ing th e ev ent lo g 13-5 erro r an erro r has oc curred ... A-7 bad IP address A-10 CLI ...

  • Cisco Systems VPN 3002 - page 275

    Index IN- 5 VPN 3002 Hardware Clie nt Reference OL-1893-01 generati ng SSL server certif icate 12-33 get event log 13-5 H halting the VPN 30 02 12-5 help, CLI 14-5 Home an d Back CLI ch oices 14-5 host key SSH 8-13 HTTP configurin g internal server 8-2 enab ling 8-2 port nu mb er 8-3 statistics 13-22 using wi th M ana ger 1-2 HTTPS configurin g int ...

  • Cisco Systems VPN 3002 - page 276

    Index IN-6 VPN 3002 Hardwar e Client Referenc e OL-1893-01 attribute s configurable on the central-site conc entr ator 6-2 config uring 6-2 statistics 13-16 IPSec ov er T CP 6-5 requir ements 6-6 ITU (Inter national Telec o mmunication Unio n) standards 12-50 J Java Script, re quirement s 1-2 L lease p eriod, DHCP 7-6 LED indi cators table A-2 live ...

  • Cisco Systems VPN 3002 - page 277

    Index IN- 7 VPN 3002 Hardware Clie nt Reference OL-1893-01 required set tings o n VPN Conc entra tor 11-3 nonvola tile m e mory 12-10 even t log stor ed in 13-3 No such interface suppo rted (error) A- 9 Not Allowed (err or) A-8 Not Fou nd (e rr or) A- 9 O options configurab le only on central-si te Conc entrator 7- 9 Out of Rang e valu e (erro r) A ...

  • Cisco Systems VPN 3002 - page 278

    Index IN-8 VPN 3002 Hardwar e Client Referenc e OL-1893-01 browser 1-1 Intern et Expl orer 1-1 IPSec ov er T CP 6-6 Ja vaScr ipt 1-2 Nets cape Navi gator 1-1 RFC 1650, Eth ernet inter face MIB obj ects 13-53 RFC 1907, SNMP versi on 2 MIB objects 13-56 RFC 2011, ARP table entries 13-51 RFC 2011, IP and ICM P MIB objec ts 13-45, 13-48 RFC 2012,TCP MI ...

  • Cisco Systems VPN 3002 - page 279

    Index IN- 9 VPN 3002 Hardware Clie nt Reference OL-1893-01 updating on V PN 3002 proc edure 12-2 stopping an i mage updat e 12-3 version info 12-3, 13-9 split tunneling client (P AT) mo de 11-1 Network E xte nsion mo de 11-3 SSH configurin g internal server 8-13 enab le 8-14 enabling on pub lic interface f or XML support 8-17 encr yptio n al gorit ...

  • Cisco Systems VPN 3002 - page 280

    Index IN- 10 VPN 3002 Hardwar e Client Referenc e OL-1893-01 superuse r See administra tors swap configura tion files 12-13 syslog form at, eve nts 9-6 syslog serv er config uri ng f or ev en ts add 9-16 modify 9-16 port nu mber 9-16 syslog serv ers, configu ring f or ev ents 9-14 system configuratio n 4-1 system iden tifica tion, configurin g 10-2 ...

  • Cisco Systems VPN 3002 - page 281

    Index IN-11 VPN 3002 Hardware Clie nt Reference OL-1893-01 even t log 13-5 SSL cer tificates with Internet Explorer 1-8 with Netscape 1-14 VPN 3002 status, session s, statistics, and event logs 13-1 VPN 3002 Hard ware Cli ent Manager erro rs A-5 navigat ing 1-28 or ganiz ation 1-27 window 1-23 VPN Conce ntrat or Manag er logging i n 1-17 using 1-1 ...

  • Cisco Systems VPN 3002 - page 282

    Index IN- 12 VPN 3002 Hardwar e Client Referenc e OL-1893-01 ...

Produzent Cisco Systems Kategorie Home Safety Product

Dokumente, die wir vom Produzenten des Geräts Cisco Systems VPN 3002 erhalten, können wir in mehrere Gruppen teilen. Unteranderem in:
- technische Zeichnungen Cisco Systems
- Bedienungsanleitungen VPN 3002
- Produktkarten Cisco Systems
- Informationsbroschüren
- oder Energieetiketten Cisco Systems VPN 3002
Jede von ihnen ist wichtig, jedoch finden wir die wichtigsten Informationen für den Nutzer des Geräts in der Bedienungsanleitung Cisco Systems VPN 3002.

Die Dokumentengruppe, die als Bedienungsanleitungen bezeichnet wird, wird ebenfalls in detaillierte Arten geteilt, solche wie: Montageanleitungen Cisco Systems VPN 3002, Wartungsanleitungen, Kurzanleitungen oder Benutzeranleitungen Cisco Systems VPN 3002. Abhängig vom Bedarf, sollten Sie das Dokument finden, das Sie brauchen. In unserem Service können Sie sich die populärste Bedienungsanleitung des Produkts Cisco Systems VPN 3002 ansehen.

Ähnliche Bedienungsanleitungen

Die komplette Bedienungsanleitung des Geräts Cisco Systems VPN 3002, wie sollte sie aussehen?
Die Bedienungsanleitung, auch bezeichnet als Benutzerhandbuch, oder einfach nur „Anleitung”, ist ein technisches Dokument, das dem Benutzer bei der Nutzung von Cisco Systems VPN 3002 hilfreich sein soll. Die Bedienungsanleitungen werden in der Regel von technischen Schriftstellern geschrieben, aber in einer Sprache, die für alle Nutzer von Cisco Systems VPN 3002 verständlich ist.

Eine gänzliche Bedienungsanleitung von Cisco Systems sollte einige Grundelemente enthalten. Ein Teil von ihnen ist nicht so wichtig, wie z.B.: die Titelseite oder Autorenseiten. Die restlichen von ihnen jedoch, sollten Informationen liefern, die für den Nutzer von enormer Wichtigkeit sind.

1. Einführung und Hinweise, wie man sich in einer Bedienungsanleitung von Cisco Systems VPN 3002 bewegt - Am Anfang jeder Bedienungsanleitung sollten wir Hinweise bezüglich der Nutzungsart eines bestimmten Ratgebers finden. In ihr sollten sich Informationen über die Lokalisierung des Inhaltsverzeichnisses von Cisco Systems VPN 3002 befinden, FAQ oder über oft auftretende Probleme – also Stellen, die von den Benutzern in jeder Bedienungsanleitung am meisten gesucht werden
2. Inhaltsverzeichnis - Index aller Ratschläge bezüglich Cisco Systems VPN 3002, die wir im aktuellen Dokument finden
3. Ratschläge zur Nutzung der Grundfunktionen des Geräts Cisco Systems VPN 3002 - die uns die ersten Schritte während der Nutzung von Cisco Systems VPN 3002 erleichtern sollten
4. Troubleshooting - geordneter Tätigkeitslauf, der uns bei der Diagnose und als nächstes bei der Lösung wichtiger Probleme mit Cisco Systems VPN 3002 hilft
5. FAQ - häufig gestellte Fragen
6. Kontaktdaten Informationen darüber, wo man Kontakt zum Produzenten / Service von Cisco Systems VPN 3002 im bestimmten Land suchen kann, wenn es nicht gelingt, das Problem selbst zu lösen.

Haben Sie eine Frage bezüglich Cisco Systems VPN 3002?

Nutzen Sie das untere Formular

Wenn Sie mit Hilfe der gefundenen Bedienungsanleitung Ihr Problem mit Cisco Systems VPN 3002 nicht gelöst haben, stellen Sie eine Frage, indem Sie das untere Formular nutzen. Wenn einer der Nutzer ein ähnliches Problem mit Cisco Systems VPN 3002 hatte, ist es möglich, dass er mit Ihnen die Lösung teilen möchte.

Text vom Bild übertragen

Kommentare (0)