Manual Cisco Systems OL-16066-01

268 pages 1.4 mb

Download

Go to site of 268

Prev Next

Summary

Cisco Systems OL-16066-01 - page 1

K-1 User Guide for Cisco Security Manager 3.2 OL-16066-01 APPENDIX K Router Platform User Interface Reference The main pages a vail able in Cisco Security Manager for conf iguring and managing platform-specif ic policies on Ci sco IOS routers are d iscussed in the follo wing topics: N A T policies: • N A T Policy Page, page K-3 Interface policies ...
Cisco Systems OL-16066-01 - page 2

Appendix K Router Platform User Interface Reference K-2 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • CPU Policy Page, page K-107 • Device Access policies: – HTTP Policy Page, page K-110 – Console Policy Page, page K-117 – VTY Policy Page, page K-12 9 – Secure Shell Policy Page, page K- 147 – SNMP Policy Page, page K-149 ? ...
Cisco Systems OL-16066-01 - page 3

K-3 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NAT Policy Page Ti p Use the Policy Management page in the Securit y Manager Administ ration windo w to control which r outer platform p olicy p ages are a v ailable in Secu rity Manager . For more information, see Polic y Management Pag ...
Cisco Systems OL-16066-01 - page 4

Appendix K Router Platform User Interface Reference NAT Policy Page K-4 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Navigation Path Go to the NA T Polic y Page, page K-3 , then click the Interface Specifi cation tab . Related Topics • N A T Page—Static Rules T ab, page K-6 • N A T Page —Dynamic Rules T ab, page K-12 • N A T Pa ...
Cisco Systems OL-16066-01 - page 5

K-5 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NAT Policy Page Field Reference Edit Interfaces Dialog B ox—NAT Outside Interfaces When you conf igure a translation rules polic y on a Cisco IOS router , use the Edit Interfaces dial og box to specify which inte rfaces will act as the ...
Cisco Systems OL-16066-01 - page 6

Appendix K Router Platform User Interface Reference NAT Policy Page K-6 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference NAT Page—Static Rules Tab Use the N A T Static Rules tab to create, edit, and delete static address translation rules. For more information, see Def inin g Static NA T Rules, page 1 5-8 . Navigation Path ...
Cisco Systems OL-16066-01 - page 7

K-7 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NAT Policy Page Field Reference Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading ...
Cisco Systems OL-16066-01 - page 8

Appendix K Router Platform User Interface Reference NAT Policy Page K-8 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • Defining Static N A T Rules, pa ge 15-8 • Disabling the Alias Opt ion for Attached Subnets, page 15-15 • Disabling the P ayload Option for Over lapping Networks, page 15-15 • Basic Interface Sett i ...
Cisco Systems OL-16066-01 - page 9

K-9 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NAT Policy Page T ranslated Address The type of address translation to perform: • Specify IP—The IP address that acts as the translated address. Enter an address or the name of a network/ host object in the T ranslated IP/Network f i ...
Cisco Systems OL-16066-01 - page 10

Appendix K Router Platform User Interface Reference NAT Policy Page K-10 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Port Redirection Applies o nly when Static Port is the selected static rule type. Redirect Port—When se lected, specifie s port informatio n for the inside de vice in the translation. This enables you to use the same pu ...
Cisco Systems OL-16066-01 - page 11

K-11 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NAT Policy Page Adv anced Applies only when using the T ran slated IP option for address translation. Defines ad vanced options: • No Alias—When selected , prohibits an alias from being created for the global address. The alias opti ...
Cisco Systems OL-16066-01 - page 12

Appendix K Router Platform User Interface Reference NAT Policy Page K-12 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 NAT Page—Dynamic Rules Tab Use the N A T Dynamic Rules tab to crea te, edit, and delete dynamic address translation rules. A dynamic add ress translation rule dynamically maps ho sts to addresses, using eith er the glob ...
Cisco Systems OL-16066-01 - page 13

K-13 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NAT Policy Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, pag ...
Cisco Systems OL-16066-01 - page 14

Appendix K Router Platform User Interface Reference NAT Policy Page K-14 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-7 NA T Dynamic Rule Dialo g Bo x Element Description T raff ic Flo w Access List —The ex tended A CL that sp ecif ies the traf fic requiring dynamic translation. Enter the name of an A CL object ...
Cisco Systems OL-16066-01 - page 15

K-15 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NAT Policy Page NAT Page—Timeouts Tab Use the N A T T imeouts tab to vie w or modify the def a ult timeout v alues for P A T (ov erload) translatio ns. Thes e timeouts cause a dynamic transl ation to e xpire after a defin e d period o ...
Cisco Systems OL-16066-01 - page 16

Appendix K Router Platform User Interface Reference NAT Policy Page K-16 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • Specifying N A T Timeouts, page 15-19 • N A T Page—Int erface Specif ication T ab, page K-3 • N A T Page—Static Rules T ab, page K-6 • N A T Page —Dynamic Rules T ab, page K-12 Field Referen ...
Cisco Systems OL-16066-01 - page 17

K-17 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Router Interfaces Page Router Interfaces Page Use the Router Interfaces page to vi ew , create, edit, and delete interf ace definitions (physical and v irtual) on a selected Cisco IOS router . The Router Interfaces page displays interfa ...
Cisco Systems OL-16066-01 - page 18

Appendix K Router Platform User Interface Reference Router Interfaces Page K-18 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column ...
Cisco Systems OL-16066-01 - page 19

K-19 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Router Interfaces Page Note Unlike other rout er policies, the Interf aces policy cannot be shared among multiple de vices. The Advanced Settings polic y , howe ver , may be shared. See Local Policies vs. Shared Policies, page 7-4 . Nav ...
Cisco Systems OL-16066-01 - page 20

Appendix K Router Platform User Interface Reference Router Interfaces Page K-20 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Subinterf a ce ID Applies only to su binterfaces. The ID number of the subinterface. IP The source of the IP address for the interface: • Static IP—Defines a static IP addres s and subnet mask for the interface ...
Cisco Systems OL-16066-01 - page 21

K-21 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Router Interfaces Page Layer T y pe The OSI layer at which the interface is defined: • Unkno wn—The layer is unknown. • Layer 2—The data link laye r , which contains the protocols th at control the physical la yer (Layer 1 ) and ...
Cisco Systems OL-16066-01 - page 22

Appendix K Router Platform User Interface Reference Router Interfaces Page K-22 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Speed Applies only to Fast Ethernet and Gigabit Ethernet interfaces. The speed of the interface: • 10—10 me gabits per second ( 10Base-T networks ). • 100—100 meg abits per second (100Base-T networks). This ...
Cisco Systems OL-16066-01 - page 23

K-23 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Router Interfaces Page VLAN ID Ap plies only to subi nterfaces with encapsulation t ype DO T1Q. The VLAN ID associated with this subinterface. The VLAN ID spe cifies where 802.1Q tagged packets are sent and received on this subinterface ...
Cisco Systems OL-16066-01 - page 24

Appendix K Router Platform User Interface Reference Router Interfaces Page K-24 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Interface Auto Name Generator Dialog Box Use the Interface Auto Name Generator dialog box to have Securi ty Manager generate a name for the interface based on the interface typ e and its location in the router . Na ...
Cisco Systems OL-16066-01 - page 25

K-25 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Advanced Interfa ce Settings Page Field Reference Advanced Interface Settings Page Use the Advanced Interface Settings pa ge to view , create , edit, and delete adv a nced interf ace definitions (physical and v irtual) on a selected Cis ...
Cisco Systems OL-16066-01 - page 26

Appendix K Router Platform User Interface Reference Advanced Interface Settings Page K-26 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Navigation Path • ( De vice view ) Select Interfaces > Settings > Adv anced Settings from the Policy selector . • ( Polic y vie w ) Select Router Interfaces > Settings > Advanced Settings ...
Cisco Systems OL-16066-01 - page 27

K-27 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Advanced Interfa ce Settings Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Head ...
Cisco Systems OL-16066-01 - page 28

Appendix K Router Platform User Interface Reference Advanced Interface Settings Page K-28 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-13 Adv anced Interf ace Settings Dialog Bo x Element Description Interface The interface on which the adv anced settin gs are defined. Enter the na me of an interface or interface ...
Cisco Systems OL-16066-01 - page 29

K-29 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Advanced Interfa ce Settings Page TCP Maximum Segment Size The maximum segment size (MSS) of TCP SYN pac kets that pass through this interface. V alid values range from 500 to 1460 b ytes. If you do not specify a v alue, the MSS is dete ...
Cisco Systems OL-16066-01 - page 30

Appendix K Router Platform User Interface Reference Advanced Interface Settings Page K-30 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Cisco Discovery Protocol settings Enable CDP When selected, the Cisco D iscov e ry Protocol (CDP) is enabl ed on this interface. This the def a ult. When deselected, CDP is di sabled on this interf ace. C ...
Cisco Systems OL-16066-01 - page 31

K-31 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Advanced Interfa ce Settings Page ICMP Messages settings Enable Redirect Messages When selected, enables the sendi ng of Internet Control Message Protocol (ICMP) redirect messages if the device is forced to resend a packet through the s ...
Cisco Systems OL-16066-01 - page 32

Appendix K Router Platform User Interface Reference Advanced Interface Settings Page K-32 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Additional settings Enable V irtual Fragment Reassembly (VFR) When selected, virtual f ragmentation reassembly (VFR) is enab led on this interface. When deselected, disabl es VFR. This is the default. VFR ...
Cisco Systems OL-16066-01 - page 33

K-33 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Advanced Interfa ce Settings Page Enable Directed Broadcasts When selected, directed broadcast pack ets are “exploded” as a link-layer broadcast when th is interface is direc tly connected to the destination subnet. When deselected, ...
Cisco Systems OL-16066-01 - page 34

Appendix K Router Platform User Interface Reference AIM-IPS Interface Settings Page K-34 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 AIM-IPS Interface Settings Page Use the AIM-IPS Interface Setting s page to def ine the settings on the Ci sco Intrusion Pre vention System Adv anced Integr ation Module. Y ou can install AIM-IPS in Cisco ...
Cisco Systems OL-16066-01 - page 35

K-35 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence AIM-IPS Interfa ce Settings Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Headi ...
Cisco Systems OL-16066-01 - page 36

Appendix K Router Platform User Interface Reference Dialer Policy Page K-36 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • Basic Interface Sett ings on Cisco IOS Routers, page 15-20 Field Reference Dialer Policy Page Use the Dialer page to de fine the re lationship b etween physical Basic Rate Interface (BRI) and virtual ...
Cisco Systems OL-16066-01 - page 37

K-37 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Dialer Policy Page • ( Polic y vie w ) Select Router Interfaces > Settin gs > Dialer from the Policy T ype selector . Right-click Dial er to create a policy , or select an existing policy from th e Shar ed Policy selector . Rela ...
Cisco Systems OL-16066-01 - page 38

Appendix K Router Platform User Interface Reference Dialer Policy Page K-38 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, p ...
Cisco Systems OL-16066-01 - page 39

K-39 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Dialer Policy Page • Basic Interface Sett ings on Cisco IOS Routers, page 15-20 • Understanding Interface Ro le Objects, page 9-132 Field Reference T able K-1 7 Dialer Pr ofile Dial og Box Element Description Name A descripti ve nam ...
Cisco Systems OL-16066-01 - page 40

Appendix K Router Platform User Interface Reference Dialer Policy Page K-40 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Dialer Physical Interface Dialog Box Use the Dialer Physical Interface dialog box to add or edit th e properties that associate physical BRI interf aces with dialer interfaces. Note Use FlexConf igs to define other typ ...
Cisco Systems OL-16066-01 - page 41

K-41 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Dialer Policy Page Field Reference T able K-18 Dialer Ph ysical Interf ace Dialog Box Element Description ISDN BRI The physical BRI interface associat ed with the dialer interface. Enter the name of an interface or interface role, or cl ...
Cisco Systems OL-16066-01 - page 42

Appendix K Router Platform User Interface Reference ADSL Policy Page K-42 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 ADSL Policy Page Use the ADSL page to create, e dit, and delete ADSL definitions on the A TM interfaces of the ro uter . For more in formation, see Def ining ADSL Settings, page 15-40 . Navigation Path • ( De vice view ...
Cisco Systems OL-16066-01 - page 43

K-43 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence ADSL Policy Page Related Topics • PVC Policy Page, page K-54 • SHDSL Policy Page, page K-47 • ADSL on Cisco IOS Routers, page 15 -38 • Chapter K, “Router Platform User Interface R eference” Field Reference T able K-19 ADSL P ...
Cisco Systems OL-16066-01 - page 44

Appendix K Router Platform User Interface Reference ADSL Policy Page K-44 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, pag ...
Cisco Systems OL-16066-01 - page 45

K-45 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence ADSL Policy Page Field Reference T able K-20 ADSL Settings Dialog Box Element Description A TM Interface The A TM interface on which ADSL settings are defined. Enter the name of an interface or interface role, or click Select to disp la ...
Cisco Systems OL-16066-01 - page 46

Appendix K Router Platform User Interface Reference ADSL Policy Page K-46 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Interface Card (continued) • 857 ADSL—Cisco 857 Integrated Service Ro uter with an ADSL interface. • 876 ADSL—Cisco 876 Integrated Services Ro uter with an ADSL interface. • 877 ADSL—Cisco 877 Integrated Serv ...
Cisco Systems OL-16066-01 - page 47

K-47 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SHDSL Policy Page SHDSL Policy Page Use the SHDS L page to crea te, edit, and de lete DSL co ntroller de finitions on the router . For more infor mation, see Defining SHDSL Controllers, page 15-44 . Navigation Path • ( De vice view ) ...
Cisco Systems OL-16066-01 - page 48

Appendix K Router Platform User Interface Reference SHDSL Policy Page K-48 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • ( Polic y vie w ) Select Router Interfaces > Settings > DSL > SHDSL from the Policy T ype s elector . Rig ht-click SHDSL to create a policy , or select an existing p olicy from the Shared Polic y selector . ...
Cisco Systems OL-16066-01 - page 49

K-49 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SHDSL Policy Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, p ...
Cisco Systems OL-16066-01 - page 50

Appendix K Router Platform User Interface Reference SHDSL Policy Page K-50 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Shutdo wn When sele cted, the DSL controller is in shutdown state. Ho wever , its defini tion is not deleted. When deselected, the DS L controller is en abled. This is the default. Configure A TM mode When selected, set ...
Cisco Systems OL-16066-01 - page 51

K-51 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SHDSL Policy Page Line Mode The line mode us ed by the controller: • auto—The controller operates in th e same mode as the other line termination (2-wire li ne 0, 2-wire line 1, or 4-wire enhanced). This is the default for CPE line ...
Cisco Systems OL-16066-01 - page 52

Appendix K Router Platform User Interface Reference SHDSL Policy Page K-52 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Line Rate Doe s not apply wh en the Line Mo de is defined as Auto. The DSL line rate (in kbps) a vailable f or the SHDSL port: • auto—The controller selects t he line rate. This is av ailable only in 2-wire mode. ? ...
Cisco Systems OL-16066-01 - page 53

K-53 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SHDSL Policy Page Controller Auto Name Generator Dialog Box Use the Contro ller Auto Name Generator dial og box to ha ve Security Manager generate a name for the DSL controll er based on its locat ion in the router . Navigation Path Go ...
Cisco Systems OL-16066-01 - page 54

Appendix K Router Platform User Interface Reference PVC Policy Page K-54 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 PVC Policy Page Use the PVC page to create, edit, and dele te permanen t vi rtual connections (PVCs) on the rout er . PVCs allow direct and perman ent conn ections be tween sites to provide a service th at is similar to a ...
Cisco Systems OL-16066-01 - page 55

K-55 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page Field Reference Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Headin ...
Cisco Systems OL-16066-01 - page 56

Appendix K Router Platform User Interface Reference PVC Policy Page K-56 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 PVC Dialog Box Use the PVC dialog box to configure A T M permanent virtual circuits (PVCs). Navigation Path Go to the PVC Policy Page, page K -54 , then click the Add or Edit bu tton beneath the table. Related Topics • ...
Cisco Systems OL-16066-01 - page 57

K-57 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page Interface Card The type of W AN interface card in stalled on the router or the rout er type: • [blank]—The interf ace card type is not def ined. • WIC-1ADSL—A 1-port AD SL W AN inte rface c ard that provides ADSL ...
Cisco Systems OL-16066-01 - page 58

Appendix K Router Platform User Interface Reference PVC Policy Page K-58 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Interface Card (continued) • NM-1A-E3—A 1-port A T M network module wi th an E3 link. • 857 ADSL—Cisco 857 Integrated Service Ro uter with an ADSL interface. • 876 ADSL—Cisco 876 Integrated Services Ro uter wi ...
Cisco Systems OL-16066-01 - page 59

K-59 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page PVC Dialog Box—Settings Tab Use the Settings tab of the PVC dialog b ox to configure the basic settings of the PVC, including: • ID settings. • Encapsulation settings. • Whether ILMI and In verse ARP are enabled. ...
Cisco Systems OL-16066-01 - page 60

Appendix K Router Platform User Interface Reference PVC Policy Page K-60 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-26 PV C Dialog Bo x—Settings T ab Element Description PVC ID settings VPI The virtual path identifier of the PVC. In co njunction with the VCI, identif ies the next destination of a cell as it p ...
Cisco Systems OL-16066-01 - page 61

K-61 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page Encapsulatio n settings T ype Does not apply when the Manage me nt PVC (ILMI) check box is enabled. The A TM adaptation la yer (AAL) and en capsulation type to use on the PVC: • [blank]—The encapsulation type is not ...
Cisco Systems OL-16066-01 - page 62

Appendix K Router Platform User Interface Reference PVC Policy Page K-62 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 V irtual T emplate The virtual template used fo r PPP ove r A TM on this PVC. Enter the name of a virtual template interface or interface role, or click Select to display an Object Select ors, page F-593 . If the interfac ...
Cisco Systems OL-16066-01 - page 63

K-63 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page PVC Dialog Box—QoS Tab Use the QoS t ab of the PVC di alog box to co nfigure the A TM traf fi c shaping and other quality-of-service setti ngs of the PVC, includin g: • The limit on pack ets placed on transmission ri ...
Cisco Systems OL-16066-01 - page 64

Appendix K Router Platform User Interface Reference PVC Policy Page K-64 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Navigation Path Go to the PVC Dialog Box, p age K-56 , then click th e QoS tab . Related Topics • PVC Dialog Box—Setting s T ab, page K-59 • PVC Dialog Box—Pro tocol T ab, page K-67 • PVC Adv anced Settings Dial ...
Cisco Systems OL-16066-01 - page 65

K-65 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page T raff ic Shaping setting s T raff ic Shaping The type of service to def ine on the PVC: • [null]—The bit rate is not def ined. • ABR—A vailable Bi t Rate. A best-effor t service suitable for applications that do ...
Cisco Systems OL-16066-01 - page 66

Appendix K Router Platform User Interface Reference PVC Policy Page K-66 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 UBR The follo wing field is disp layed wh en UBR is se lected as the Bit Rate: • PCR—The peak cell rate for output in k ilobits per second (kbps). Cells in excess of th e PCR may be discarded. UBR+ The follo wing fiel ...
Cisco Systems OL-16066-01 - page 67

K-67 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page PVC Dialog Box—Protocol Tab Use the Protocol tab of the PVC di alog box to add, edit, or d elete the protocol mappings conf igured for the PVC. Y ou ma y configured st atic mappings or In verse ARP (broadcast or nonbro ...
Cisco Systems OL-16066-01 - page 68

Appendix K Router Platform User Interface Reference PVC Policy Page K-68 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference Define Mapping Dialog Box Use the Defi ne Mapping dialog box to con figure t h e IP protocol mappings to use on the A TM PVC. Mappings are required b y the PVC to disco ver which IP addr ess is reachable a ...
Cisco Systems OL-16066-01 - page 69

K-69 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page Field Reference PVC Advanced Settings Dialog Box Use the PVC Adv anced Settings dialog box to conf igure F5 Operation, Administration, an d Maintenance (O AM) fu nctionality on an A TM PVC. O AM is used to detect connect ...
Cisco Systems OL-16066-01 - page 70

Appendix K Router Platform User Interface Reference PVC Policy Page K-70 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 For more information, see Def ining O AM Management on A TM PVCs, page 15-56 . Navigation Path Go to the PVC Dialog Box, p age K-56 , then click Adv ance d . Related Topics • PVC Policy Page, page K-54 Field Reference P ...
Cisco Systems OL-16066-01 - page 71

K-71 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page Note The settings def ined in this tab are depe ndent on the sett ings def ined in the O AM-PVC tab . See PVC Advanced S e ttings Dial og Box—OA M-PVC T ab, page K-73 . Navigation Path Go to the PVC Adv anced Settings ...
Cisco Systems OL-16066-01 - page 72

Appendix K Router Platform User Interface Reference PVC Policy Page K-72 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 AIS-RDI setting s Enable AIS-RDI Detection When selecte d, alarm ind ication sign al (AIS) cells and remote defect indication (RDI) cells ar e used to report connecti vity failures at the A TM layer of the PVC. When desel ...
Cisco Systems OL-16066-01 - page 73

K-73 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page PVC Advanced Settings Dialog Box—OAM-PVC Tab Use the O AM-PVC tab of the PVC Advanced Settings dialog box to en able loopback cells and connectivity checks (C Cs) on the PVC. These fu nctions test the connecti vity of ...
Cisco Systems OL-16066-01 - page 74

Appendix K Router Platform User Interface Reference PVC Policy Page K-74 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • PVC Dialog Box, pag e K-56 Field Reference T able K-32 PV C Adv anced Settings Dialog Bo x—OAM-PV C T ab Element Description O AM settings Enable O AM Manage ment When selected, O AM loopback cell gen ...
Cisco Systems OL-16066-01 - page 75

K-75 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PVC Policy Page Direction Applies o nly when CC management is en abled. The direction in which CC cel ls are transmitted: • both—CC cells are tran smitted in both directio ns. • sink—CC cells are transmitted toward the router t ...
Cisco Systems OL-16066-01 - page 76

Appendix K Router Platform User Interface Reference PPP/MLP Policy Page K-76 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 PPP/MLP Policy Page Use the PPP/MLP page to create, edit, a nd delete PPP connections on the router . For more information, see Def ining PPP Connections, page 15-61 . Navigation Path • ( De vice view ) Select Inter ...
Cisco Systems OL-16066-01 - page 77

K-77 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PPP/MLP Policy Page Field Reference Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column He ...
Cisco Systems OL-16066-01 - page 78

Appendix K Router Platform User Interface Reference PPP/MLP Policy Page K-78 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 PPP Dialog Box Use the PPP dialog box to conf igure PPP co nnections on the router . When you configure a PPP connect ion, you can defi ne the type of authentication and authorization to perform and def ine multilink ...
Cisco Systems OL-16066-01 - page 79

K-79 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PPP/MLP Policy Page Field Reference T able K-34 PPP Dialog Bo x Element Description Interface The interface on which PPP encapsul ation is enabled. Enter the name of an interface or interf ace role, or click Select to display an Object ...
Cisco Systems OL-16066-01 - page 80

Appendix K Router Platform User Interface Reference PPP/MLP Policy Page K-80 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 PPP Dialog Box—PPP Tab Use the PPP tab of the PPP dialog box to def ine the types of authentication and authorization to perform on t he PPP connection. Navigation Path Go to the PPP Dialog Box, page K-78 , then cli ...
Cisco Systems OL-16066-01 - page 81

K-81 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PPP/MLP Policy Page Protocol The authentication protocols t o use: • CHAP—Challenge-Handshak e Authentication Protocol. • P AP—Password Authentica tion Protoco l. • MS-CHAP—V ersion 1 of the Microsoft v ersion of CHAP (RFC 2 ...
Cisco Systems OL-16066-01 - page 82

Appendix K Router Platform User Interface Reference PPP/MLP Policy Page K-82 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Authenticate Using AAA authenticati on settings for the PPP connection: • PPP Default List—Def ines a default lis t of methods to be queried when authenticating a user for PPP . Ente r the names of one or more AAA ...
Cisco Systems OL-16066-01 - page 83

K-83 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PPP/MLP Policy Page CHAP Authentication sett ings Hostname By default, th e router uses i ts hostname to id entify itself to the peer . If required, you can enter a dif ferent host name to use for all C HAP challenges and responses. F o ...
Cisco Systems OL-16066-01 - page 84

Appendix K Router Platform User Interface Reference PPP/MLP Policy Page K-84 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 PPP Dialog Box—MLP Tab Use the MLP tab of the PPP dialog box to def ine Multilink PPP (MLP) parameters for the selected PPP connection. Navigation Path Go to the PPP Dialog Box, page K-78 , then click t he MLP tab . ...
Cisco Systems OL-16066-01 - page 85

K-85 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence PPP/MLP Policy Page Multilink Group Applies only to serial, Group-Async, an d multilink interfaces. Restricts the physical link to the sel ected multilink- group interface. Enter the name of a multilink interfac e or interface role, or ...
Cisco Systems OL-16066-01 - page 86

Appendix K Router Platform User Interface Reference PPP/MLP Policy Page K-86 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Endpoint T ype The identifier u sed by the ro uter when transmitting p ackets on the MLP bund le: • [null]—Ne gotiation is conducted without u sing an endp oint discriminator . (No CLI command is generated.) • H ...
Cisco Systems OL-16066-01 - page 87

K-87 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence AAA Policy Page AAA Policy Page Use the AAA page to def ine the default authentication , authorization, and accounting methods to use on the router . Y ou do this b y conf iguring method lists, which define which m ethods to u se and th ...
Cisco Systems OL-16066-01 - page 88

Appendix K Router Platform User Interface Reference AAA Policy Page K-88 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • VTY Policy Page, page K-12 9 • Chapter K, “Router Platform User Interface R eference” Field Reference AAA Page—Authentication Tab Use the Authentication tab of th e AAA page to defin e the methods used to auth ...
Cisco Systems OL-16066-01 - page 89

K-89 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence AAA Policy Page • Understanding Method Lists, pag e 15-69 • AAA Server G roup Dialog Box, page F-12 • Predefined AAA Authenticati on Server Groups, page 9-15 Field Reference T able K-38 AAA P a ge—A uthentication T ab Element De ...
Cisco Systems OL-16066-01 - page 90

Appendix K Router Platform User Interface Reference AAA Policy Page K-90 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 AAA Page—Authorization Tab Use the Authorization tab o f the AAA page to def ine the type of authorization services to enable on the de vice and the methods to use for each type. Security Manager supports the fo llo win ...
Cisco Systems OL-16066-01 - page 91

K-91 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence AAA Policy Page Prioritized Method List Defi nes a sequential list of methods to be queried when autho rizing a user . Enter the names of one or more AAA serv er group objects (up to four), or click Select to display an Object Selectors ...
Cisco Systems OL-16066-01 - page 92

Appendix K Router Platform User Interface Reference AAA Policy Page K-92 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Command Authorization Dialog Box Use the Command Authorization d ialog box to def ine which methods to use when authorizing the EXEC comman ds that are associated wit h a gi ven pri vilege le vel. This enables you to auth ...
Cisco Systems OL-16066-01 - page 93

K-93 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence AAA Policy Page AAA Page—Accounting Tab Use the Accounting tab of the AAA page to def ine the type of accounting ser v ices to enable on the device a nd the methods to use for each type. Security Manager supports the follo wing types ...
Cisco Systems OL-16066-01 - page 94

Appendix K Router Platform User Interface Reference AAA Policy Page K-94 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Note Y ou can use the method lists def ined in this polic y on the console and VTY lines that are used to communicate with the device. See Console Policy Page, page K-117 and VTY Line Dialog Box—Authentication T ab, pag ...
Cisco Systems OL-16066-01 - page 95

K-95 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence AAA Policy Page Prioritized Method List Defines a se quential list of method s to be queried when creating connection accounting records for a user . Enter th e names of one or more AAA server group objects (up to fo ur), or click Selec ...
Cisco Systems OL-16066-01 - page 96

Appendix K Router Platform User Interface Reference AAA Policy Page K-96 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Command Accounting Dialog Box Use the Command Accounting dialog box to def ine which methods to use when recording information about the EXEC commands that are ex ecuted for a given pri vilege le vel. Each accoun ting rec ...
Cisco Systems OL-16066-01 - page 97

K-97 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence AAA Policy Page Field Reference T able K-42 Command Accounting Dialog Box Element Description Pri vilege Level The pri vilege le vel for which you w ant to define a command accounti ng list. V alid va lues range from 0 to 15. Generate A ...
Cisco Systems OL-16066-01 - page 98

Appendix K Router Platform User Interface Reference Accounts and Credential s Policy Pag e K-98 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Accounts and Credential s Policy Page Use the Accounts and Credentials page to define the enable password or enable secret password assigned to the router . In addition, you can def ine a list of us ...
Cisco Systems OL-16066-01 - page 99

K-99 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Accounts and Cr edential s Policy Page Field Reference T able K-43 Accounts and Cr edentials P age Element Description Enable Secret Password The enable secret passwo rd for entering pri vileged EXEC mo de on the router . This option of ...
Cisco Systems OL-16066-01 - page 100

Appendix K Router Platform User Interface Reference Accounts and Credential s Policy Pag e K-100 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column ...
Cisco Systems OL-16066-01 - page 101

K-101 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Accounts and Cr edential s Policy Page Navigation Path Go to the Accounts and Credential s Policy P age, page K-98 , then click the Add or Edit b utton beneath the table. Related Topics • Defin i ng Accounts and Credential Policies, ...
Cisco Systems OL-16066-01 - page 102

Appendix K Router Platform User Interface Reference Bridging Policy Page K-102 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Bridging Policy Page Use the Bridging page t o define bri dge groups that can perform integrat ed routing and bridging on the router . For more information, see Defining Bridge Groups , page 15-78 . Navigation Path ...
Cisco Systems OL-16066-01 - page 103

K-103 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Bridging Policy Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eature ...
Cisco Systems OL-16066-01 - page 104

Appendix K Router Platform User Interface Reference Clock Policy Page K-104 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference Clock Policy Page Use the Clock page to conf igure the time zone in which t he router is located and the settings for Dayl ight Sa ving T ime (DST). For more information, see T ime Zone Settings on Ci s ...
Cisco Systems OL-16066-01 - page 105

K-105 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Clock Policy Page Ti p Y ou can conf igure the local t ime on the router b y defining an NTP pol icy or by configuring the cloc k set command using the CLI. Navigation Path • ( De vice view ) Select Platf o rm > Device Admin > ...
Cisco Systems OL-16066-01 - page 106

Appendix K Router Platform User Interface Reference Clock Policy Page K-106 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Additional Set b y Date fields Start The date and time when DST be gins: • Date—Click the calendar icon to select the start date. • Hour—Select the start hour . • Minute—Select the start minute. End The dat ...
Cisco Systems OL-16066-01 - page 107

K-107 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence CPU Policy Page CPU Policy Page Use the CPU page to conf igure settings related to router CPU utilization, including the thresho lds for sending log messages, th e size of the CPU history table, and whether to enable automatic CPU Hog ...
Cisco Systems OL-16066-01 - page 108

Appendix K Router Platform User Interface Reference CPU Policy Page K-108 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference Ta b l e K - 4 8 C P U P a g e Element Description CPU Utilization Statistics Settings related to the history table for CPU utilization statistics: • History T able Entry Limit—The pe rcentage of CPU ...
Cisco Systems OL-16066-01 - page 109

K-109 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence CPU Policy Page CPU Interrupt Utilization The thresholds for CPU int errupt utilizati on that trigger notifications: • Enable CPU Interrupt Utilization—When select ed, CPU interrupt utilization thresholds are enabled. Wh en deselec ...
Cisco Systems OL-16066-01 - page 110

Appendix K Router Platform User Interface Reference HTTP Policy Page K-110 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 HTTP Policy Page Use the HTTP page to configure HTTP and HTTPS access on the router . Y ou can configure HTTP policies on a Cisco IOS router from the follo wing tabs on the HTTP policy page: • HTTP Page—Setup T ab, ...
Cisco Systems OL-16066-01 - page 111

K-111 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence HTTP Policy Page HTTP Page—Setup Tab Use the Setup tab of the HTTP page t o enable HTTP and HTTP over Secure Socket Lay er (HTTP ov er SSL or HTTPS) on the router . Y ou can optionally l imit access to these protocols to the addre ss ...
Cisco Systems OL-16066-01 - page 112

Appendix K Router Platform User Interface Reference HTTP Policy Page K-112 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 HTTP Page—AAA Tab Use the AAA tab of the HTTP page to define the auth entication and auth orization methods to perform on users who att empt to access the router using HTTP or HTTPS. Navigation Path Go to the HTTP Pol ...
Cisco Systems OL-16066-01 - page 113

K-113 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence HTTP Policy Page Related Topics • HTTP Page—Setup T ab, page K-111 • HTTP and HTTPS on Cisc o IOS Routers, page 15-83 Field Reference T able K-50 HTTP P age—AAA T ab Element Description Authenticate Using The type of authentica ...
Cisco Systems OL-16066-01 - page 114

Appendix K Router Platform User Interface Reference HTTP Policy Page K-114 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Prioritized Method List Applies only wh en the Enable De vice Login Authentication ch eck box is selected. Defines a sequ ential list of methods to b e queried when authenticating a user . Enter the names of one or more ...
Cisco Systems OL-16066-01 - page 115

K-115 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence HTTP Policy Page Prioritized Method List Applie s only when the En able CLI/EXEC Operations Authorization check box is selected. Defines a sequ ential list of methods to be queried when author izing a user to open an EXEC (CLI) session ...
Cisco Systems OL-16066-01 - page 116

Appendix K Router Platform User Interface Reference HTTP Policy Page K-116 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Command Authorization Override Dialog Box Use the Command Authorizat ion Override dialog box to def ine which methods to use when authorizing the EXEC commands that are associated with a giv en pri vilege. This enables ...
Cisco Systems OL-16066-01 - page 117

K-117 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Console Policy Page Console Policy Page Use the Console page to configure access to the route r ov er th e console port. Y ou can config ure console policies on a Cisco IOS router from the follo wing tabs on the Console policy page: ? ...
Cisco Systems OL-16066-01 - page 118

Appendix K Router Platform User Interface Reference Console Policy Page K-118 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Console Page—Setup Tab Use the Setup tab of the Console page to def ine the basic parameters of the console port. This includes the password for acce ssing the port, the privileg e lev el assigned to users, the pro ...
Cisco Systems OL-16066-01 - page 119

K-119 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Console Policy Page Pri v ilege Le vel The privile ge level assigned to users connected to the console port. V alid va lues range from 0 to 15: • 0—Grants access to these commands only: disable , enable , exit , help , and logout . ...
Cisco Systems OL-16066-01 - page 120

Appendix K Router Platform User Interface Reference Console Policy Page K-120 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Output Protocols The protocols that you can use for outgoing connections on t he console port: • All—All supported proto cols are permitted. Supported pro t ocols include LA T , MOP , N A SI, P AD, rlogin, SSH, T ...
Cisco Systems OL-16066-01 - page 121

K-121 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Console Policy Page Console Page—Authentication Tab Use the Authentication tab of the Console page to define the A AA authentication methods to perform on users who att empt to access the console port. Navigation Path Go to the Conso ...
Cisco Systems OL-16066-01 - page 122

Appendix K Router Platform User Interface Reference Console Policy Page K-122 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-53 Console Pag e—Authentication T ab Element Description Authenticate Using Authentication settings f or the console port: • None—Authenticatio n is not perf ormed . This is the default ...
Cisco Systems OL-16066-01 - page 123

K-123 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Console Policy Page Console Page—Authorization Tab Use the Authorization t ab of the Con sole page to def ine the EXEC and command authorization metho ds to perform on users who access the console por t. Note Y ou must enable A AA se ...
Cisco Systems OL-16066-01 - page 124

Appendix K Router Platform User Interface Reference Console Policy Page K-124 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Prioritized Method List Applies only when Custom Method List is selecte d as the EXEC me thod. Defines a sequential list of methods to be queried when authorizin g a user . Enter the names of one or more AAA serv er ...
Cisco Systems OL-16066-01 - page 125

K-125 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Console Policy Page Console Page—Accounting Tab Use the Accounting tab of the Console pa ge to define the EXEC, connection, and command accounting met hods to perform on user s who access the console port. Note Y ou must enable A AA ...
Cisco Systems OL-16066-01 - page 126

Appendix K Router Platform User Interface Reference Console Policy Page K-126 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Generate Accounting Records for Applies only when Custom Method List is sele cted as the EX EC method. Defines when the de vice s ends an accoun ting notice to the accounting se rver: • Start and Stop—Generates a ...
Cisco Systems OL-16066-01 - page 127

K-127 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Console Policy Page Connection Ac counting settings Perform Connection Accounting Using The accounting method to use for recording infor mation about outbound connections made o ver the console l ine: • None—Accounting is not perfo ...
Cisco Systems OL-16066-01 - page 128

Appendix K Router Platform User Interface Reference Console Policy Page K-128 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Prioritized Method List Applies only when Custom Metho d List is select ed as the connection method. Defines a sequential list of m ethods to be queried w hen creating accounting methods for a user . Enter the names ...
Cisco Systems OL-16066-01 - page 129

K-129 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page VTY Policy Page Use the VTY page to conf igure up to 16 VTY lines for remo te access to the rout er . In addition t o configuring individual lines, you can configure a g roup of line s that share the same def inition. F ...
Cisco Systems OL-16066-01 - page 130

Appendix K Router Platform User Interface Reference VTY Policy Page K-130 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Line The relati ve line number of the VTY line. This f ield may also contain multiple VTY lines con figured as a contiguous group. Line/Line G roup Parameters Input Protocols The protocols that you can use for i n coming ...
Cisco Systems OL-16066-01 - page 131

K-131 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, pa ...
Cisco Systems OL-16066-01 - page 132

Appendix K Router Platform User Interface Reference VTY Policy Page K-132 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 VTY Line Dialog Box—Setup Tab Use the Setup tab of the VTY Line di alog box to def ine the basic parameters of the VTY line. This includes the pa ssword for accessing the line, the privile g e le vel assigned to users, ...
Cisco Systems OL-16066-01 - page 133

K-133 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page Ending VTY Line Number Applies only when conf iguring a group of lines. The relati ve line number of the last VTY line in the group. Note When you conf igure a group of lines, all t he lines in the group must fall withi ...
Cisco Systems OL-16066-01 - page 134

Appendix K Router Platform User Interface Reference VTY Policy Page K-134 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Exec T imeout The amount of time (in seconds ) that the EXEC command interprete r waits to detect user input on the li ne. If no input is detected, the line is disconnected. V alid v alues range from 0 to 2147483. The de ...
Cisco Systems OL-16066-01 - page 135

K-135 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page Output Protocols The protocols that you can use for outgoi ng connections on this line: • All—All supported proto cols are permitted. Supported pro t ocols include LA T , MOP , N A SI, P AD, rlogin, SSH, T elnet, an ...
Cisco Systems OL-16066-01 - page 136

Appendix K Router Platform User Interface Reference VTY Policy Page K-136 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 VTY Line Dialog Box—Authentication Tab Use the Authentication tab o f the VTY Line dialog box to def ine the authentication methods to perform on us ers who attempt to access the selected VTY line or group of lines. Na ...
Cisco Systems OL-16066-01 - page 137

K-137 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page VTY Line Dialog Box—Authorization Tab Use the Authorization tab o f the VTY Line dialog box to def ine the EXEC and command authorization met hods to perfo rm on users who access the selected VTY line or group of line ...
Cisco Systems OL-16066-01 - page 138

Appendix K Router Platform User Interface Reference VTY Policy Page K-138 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • Console Page—Auth e ntication T ab, page K-121 Field Reference T able K-60 VTY Line Dial og Box—A uthor ization T ab Element Description EXEC Authorization setti ngs Authorize EXEC Operation s Using The authoriza ...
Cisco Systems OL-16066-01 - page 139

K-139 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page VTY Line Dialog Box—Accounting Tab Use the Accounting tab of th e VTY Line dialog box to def ine the EXEC, connection, and command accounting meth ods to perform on users who access the selected VTY line or gro up of ...
Cisco Systems OL-16066-01 - page 140

Appendix K Router Platform User Interface Reference VTY Policy Page K-140 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-61 VTY Line Di alog Bo x—Accounti ng T ab Element Description EXEC Accounting settings Perform EXEC Accounting Using The accounting method to use for recording basic infor mation about user EXE ...
Cisco Systems OL-16066-01 - page 141

K-141 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page Prioritized Method List Applies only when Custom Method List is selecte d as the EXEC me thod. Defines a sequential list of m ethods to be queried w hen creating accounting methods for a user . Enter the names of one or ...
Cisco Systems OL-16066-01 - page 142

Appendix K Router Platform User Interface Reference VTY Policy Page K-142 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Generate Accounting Records for Applies only when Custom M ethod List is selected as the connec tion method. Defines when the de vice s ends an accoun ting notice to the accounting se rver: • Start and Stop—Generates ...
Cisco Systems OL-16066-01 - page 143

K-143 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page Command Authorization Dialog Box—Line Access Use the Command Authorization d ialog box to def ine which methods to use when authorizing the EXEC command s that are a ssociated with a gi ven privile ge. This enables yo ...
Cisco Systems OL-16066-01 - page 144

Appendix K Router Platform User Interface Reference VTY Policy Page K-144 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-62 Command A uthor ization Dialog Bo x—Line Access Element Description Pri v ilege Le vel The privile ge lev el for which you w a nt to def ine a command authorization list. V alid v alues rang ...
Cisco Systems OL-16066-01 - page 145

K-145 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence VTY Policy Page Command Accounting Dialog Box—Line Access Use the Command Accounting dialog box to def ine which methods to use when recording information about the EXEC commands that are ex ecuted for a given priv ilege. Each accoun ...
Cisco Systems OL-16066-01 - page 146

Appendix K Router Platform User Interface Reference VTY Policy Page K-146 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Generate Accounting Records for Applies only when Custom Method List is selecte d. Defines when the de vice s ends an accoun ting notice to the accounting se rver: • Start and Stop—Generates accounting records at the ...
Cisco Systems OL-16066-01 - page 147

K-147 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Secure Shell Policy Page Secure Shell Policy Page Use the Secure Shell page to change the defaul t SSH settings on the router and to def ine additional opt ional settings, if required. For more information, see Optio nal SSH Settings o ...
Cisco Systems OL-16066-01 - page 148

Appendix K Router Platform User Interface Reference Secure Shell Policy Page K-148 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-64 Secure Shell P age Element Description SSH V ersion The version of SSH to use when connecting to th e router: • 1 and 2—SSH v ersion 1 and SSH v e rsion 2. This is the d e fault. ...
Cisco Systems OL-16066-01 - page 149

K-149 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SNMP Policy Page SNMP Policy Page Use the SNMP page to configure the para meters necessary to send traps from the router to a designated SNMP host. Th ese traps are unsolicited messages that notify the SNMP host of i mportant e vents o ...
Cisco Systems OL-16066-01 - page 150

Appendix K Router Platform User Interface Reference SNMP Policy Page K-150 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • ( Polic y vie w ) Select Router Platform > Device Admin > De vice A ccess > SNMP from the Polic y T ype selector . Right-click SNMP to create a policy , or select an existi ng policy from the Sha red Policy ...
Cisco Systems OL-16066-01 - page 151

K-151 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SNMP Policy Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, p ...
Cisco Systems OL-16066-01 - page 152

Appendix K Router Platform User Interface Reference SNMP Policy Page K-152 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • SNMP Policy Page, page K-149 • T rap Receiver Dialog Box, page K-153 • SNMP T raps Dialog Box, page K-155 • Defining SNMP Agent Properties, pa ge 15-102 • SNMP on Cisco IOS Routers, page 15-10 ...
Cisco Systems OL-16066-01 - page 153

K-153 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SNMP Policy Page Trap Receiver Dialog Box Use the Tr ap Receiv e r dialog box to de fine the SNMP hosts that recei ve traps generate d by the router . This incl udes defining the version of SNMP to use. Navigation Path Go to the SNMP P ...
Cisco Systems OL-16066-01 - page 154

Appendix K Router Platform User Interface Reference SNMP Policy Page K-154 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Community String Applies only when v ersion 1 or version 2 c is selected. The password required to access the SNMP host. Enter the string again in the Conf irm field. Note W e recommend that you use one of the st rings ...
Cisco Systems OL-16066-01 - page 155

K-155 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SNMP Policy Page SNMP Traps Dialog Box Use the SNMP Tr aps dialog box to select the e vents in the router that should generate SNMP traps. Ti p Y ou can conf igure SNMP traps not includ ed in this dialog box b y defining FlexConf igs. ...
Cisco Systems OL-16066-01 - page 156

Appendix K Router Platform User Interface Reference SNMP Policy Page K-156 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference Ta b l e K - 6 8 S N M P Tr a p s D i a l o g B o x Element Description Standard SNMP T raps Enables or disables stan dard SNMP traps. Options are: • Cold start—Sends a trap when the rout er reinitia ...
Cisco Systems OL-16066-01 - page 157

K-157 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence SNMP Policy Page Other T raps Enables or disables addit ional SNMP traps. Options are: • Syslog—Sends syslog mess ages to the SNMP host. • TTY—Sends Cisco-specif ic notifications when a T ransmission Control Protocol (TCP) conn ...
Cisco Systems OL-16066-01 - page 158

Appendix K Router Platform User Interface Reference DNS Policy Page K-158 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 DNS Policy Page Use the DNS policy page to def ine the local IP host table and the Domain Name System (DNS) servers that the router shou ld use for tran slating ho stnames to I P addresses. Y ou can also prevent the rout ...
Cisco Systems OL-16066-01 - page 159

K-159 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence DNS Policy Page IP Host Dialog Box Use the IP Host dia log box to configure the h ost table on th e router . This is the table of static, local mappings that the ro uter uses to translate hostnames to IP addresses. If the router does n ...
Cisco Systems OL-16066-01 - page 160

Appendix K Router Platform User Interface Reference Hostname Policy Page K-160 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Hostname Policy Page Use the Hostn ame page to define the hostname an d domain name assigned to the router . For more infor mation, see Def ining Hostname Policies, page 15-107 . Navigation Path • ( Device vie w ) ...
Cisco Systems OL-16066-01 - page 161

K-161 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Memory Policy Page Memory Policy Page Use the Memory page to def ine settings related to router memory , including: • The amount of time to retain th e memory log. • The thresholds for a vailable processor and I/O memory . • The ...
Cisco Systems OL-16066-01 - page 162

Appendix K Router Platform User Interface Reference Memory Policy Page K-162 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference Ta b l e K - 7 2 M e m o r y P a g e Element Description Maintain Memory Log The number of hours that the router shoul d maintain the log containing the history of memo ry consumption on th e device. V ...
Cisco Systems OL-16066-01 - page 163

K-163 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Secure Device Provisioning Policy Pag e Secure Device Provisioning Policy Page Secure De vice Prov isioning (SDP) poli cies (formerly known as Easy Secure Dev i ce Deployment or EzSDD) enable you to conf igure a Cisco IOS router as a r ...
Cisco Systems OL-16066-01 - page 164

Appendix K Router Platform User Interface Reference Secure Device Prov isioning Policy Page K-164 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • Chapter K, “Router Platform User Interface R eference” • Secure De vice Prov isioning W orkflo w , page 15-112 • Understanding AAA Serv er Group Objects, page 9-15 • Understanding PK ...
Cisco Systems OL-16066-01 - page 165

K-165 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Secure Device Provisioning Policy Pag e Petitioner Authentication The CA server that au thentica tes the iden tity of the p etitioner: • Local CA Server—Se lect this op tion when the r outer itself is already config ured to act as ...
Cisco Systems OL-16066-01 - page 166

Appendix K Router Platform User Interface Reference Secure Device Prov isioning Policy Page K-166 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Bootstrap Conf iguration The source of the bootst rap config uration to provide to the petitioner fo r first-t ime configuration: • Non-Security Manager URL—Used when the bootstrap configurati ...
Cisco Systems OL-16066-01 - page 167

K-167 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence DHCP Policy Page DHCP Policy Page Use the DHCP policy page to define a DHCP ser ver policy on the selected rou ter . This includes specifying the address pools used by the DHCP serv er when assigning addresses to requesting clien ts. F ...
Cisco Systems OL-16066-01 - page 168

Appendix K Router Platform User Interface Reference DHCP Policy Page K-168 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Delete but ton Deletes the sel ected DHCP database age nts. Excluded IPs Excluded IPs or IP Ranges The IP addresses and/or address ra nges to exclude from DHCP . These addresses are not assigned by the DHCP serv er to D ...
Cisco Systems OL-16066-01 - page 169

K-169 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence DHCP Policy Page Option 66 The IP address of the TFTP server required by IP phones for configuration, as def ined using DHCP optio n 66. Add b utton Opens the IP Pool Dialog Box, pa ge K-171 . From here you can def ine a DHCP IP addres ...
Cisco Systems OL-16066-01 - page 170

Appendix K Router Platform User Interface Reference DHCP Policy Page K-170 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, pa ...
Cisco Systems OL-16066-01 - page 171

K-171 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence DHCP Policy Page IP Pool Dialog Box Use the IP Poo l dialog box to define one or mo re address p ools, which the DHCP server uses to assign dynamic addresses to DHCP c lients. Y ou must define at least one address pool, unless you ha v ...
Cisco Systems OL-16066-01 - page 172

Appendix K Router Platform User Interface Reference DHCP Policy Page K-172 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Network The IP address and subnet mask of the IP pool. This subnet contains the range of av ailable IP addresses that th e DHCP server may assign to clients. Enter an address and mask or the nam e of a network/host ob j ...
Cisco Systems OL-16066-01 - page 173

K-173 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence DHCP Policy Page Domain Name The domain name for DH CP clients using this IP poo l. This name places these clients in the general grouping o f networks that mak e up the domain. Import All When sel e cted, enables remote DHCP serv ers ...
Cisco Systems OL-16066-01 - page 174

Appendix K Router Platform User Interface Reference NTP Policy Page K-174 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 NTP Policy Page Use the NTP page to def i ne one or more NTP serv ers that the router can use for time synchronization . This includes enab ling authenti cation, if required, and defining a global source int erface fo r ...
Cisco Systems OL-16066-01 - page 175

K-175 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NTP Policy Page • Understanding Interface Ro le Objects, page 9-132 Field Reference T able K-77 NTP P age Element Description Source Interface The sourc e address for all pack ets sent to an NTP server . This setting might be necessa ...
Cisco Systems OL-16066-01 - page 176

Appendix K Router Platform User Interface Reference NTP Policy Page K-176 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatures, pag ...
Cisco Systems OL-16066-01 - page 177

K-177 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence NTP Policy Page Field Reference T able K-78 NTP Server Dialog Bo x Element Description IP Address The IP address of the NTP serv er . Enter an address or the name of a network/host object, or click Sel ect to disp lay an Object Selecto ...
Cisco Systems OL-16066-01 - page 178

Appendix K Router Platform User Interface Reference NTP Policy Page K-178 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Preferred When selected, this NTP server is preferred over other N TP servers of similar accuracy . If this server is used fo r synchronization, the time of fset used to correct the local clock is calculated from this se ...
Cisco Systems OL-16066-01 - page 179

K-179 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence 802.1x Policy Page 802.1x Policy Page Use the 802.1x policy page to create poli cies that limit VPN access to authorized users. Authenticated traf fic is allo wed to pass through a designated physical interface on the router . Unau the ...
Cisco Systems OL-16066-01 - page 180

Appendix K Router Platform User Interface Reference 802.1x Policy Page K-180 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-79 802.1x Pag e Element Description AAA Serv er Group The RADIUS AAA serv er group that authenti cates the cred entials of users trying to access a VPN tunnel. Enter t h e name of a AAA server ...
Cisco Systems OL-16066-01 - page 181

K-181 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence 802.1x Policy Page Interface The trusted, physical interf ace that provides VPN ac cess to authentica ted traff ic. Enter the name of an interf ace or interface role, or click Select to display an Object Selectors, page F-59 3 . If the ...
Cisco Systems OL-16066-01 - page 182

Appendix K Router Platform User Interface Reference 802.1x Policy Page K-182 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Client reauthenticatio n period timeout Applies only when the Enable client re authentication chec k box is selected. The number of seconds between client reauthentication at tempts. V alid va lues range from 1 to 655 ...
Cisco Systems OL-16066-01 - page 183

K-183 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Network Admission Control Policy Pag e Network Admission Control Policy Page Network Adm ission Control (N A C) policies enable Cisco IOS routers acting as network access devices (N ADs) to enforce access privile ges w hen an endpoint ...
Cisco Systems OL-16066-01 - page 184

Appendix K Router Platform User Interface Reference Network Admission Control Policy Page K-184 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Navigation Path Go to the Network Adm ission Control Policy P age, page K-183 , then click the Setup tab . Related Topics • Def ining N A C Setup Parameter s , page 15-138 • Network Admission Co ...
Cisco Systems OL-16066-01 - page 185

K-185 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Network Admission Control Policy Pag e Allo w Clientless When selecte d, enables de vice s that do not ha ve the Cisco T rust Agent (CT A) installed to be authen ticated through the use of a username and password conf igured on the A C ...
Cisco Systems OL-16066-01 - page 186

Appendix K Router Platform User Interface Reference Network Admission Control Policy Page K-186 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Network Admission Control Page—Interfaces Tab Use the Network Ad mission Contro l Interf aces tab to select and configure the router interfaces on wh ich to perform N A C. This includes configurin ...
Cisco Systems OL-16066-01 - page 187

K-187 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Network Admission Control Policy Pag e Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Colum ...
Cisco Systems OL-16066-01 - page 188

Appendix K Router Platform User Interface Reference Network Admission Control Policy Page K-188 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-82 NAC Int erface Configur ation Dialog Box Element Description Interface The interf ace that will perform N A C on connecting de vices. Enter the name of an interface or in ...
Cisco Systems OL-16066-01 - page 189

K-189 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Network Admission Control Policy Pag e Network Admission Control Page—Identities Tab Use the Network Admissio n Control Identities tab to view , create, edit, and delete N AC iden tity profiles and ident ity actions. Identity pro fil ...
Cisco Systems OL-16066-01 - page 190

Appendix K Router Platform User Interface Reference Network Admission Control Policy Page K-190 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column ...
Cisco Systems OL-16066-01 - page 191

K-191 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Network Admission Control Policy Pag e Related Topics • N AC Id entity Action Dialog Box, page K-191 • Defin ing NA C Identity P arameters, page 15-143 Field Reference NAC Identity Acti on Dialog Box Use the N AC I dentity Action d ...
Cisco Systems OL-16066-01 - page 192

Appendix K Router Platform User Interface Reference Logging Setup Policy Page K-192 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • Defin ing NA C Identity P arameters, page 15-143 • Understanding Access Control List Objects, page 9-30 Field Reference Logging Setup Policy Page Use the Logging Setup page to en able logging and def ine ...
Cisco Systems OL-16066-01 - page 193

K-193 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Logging Setup Policy Page Note W e strongly recommend that you defi ne an NTP policy on all router s on which logging is enabled in orde r to create accurate timesta mps for each log message. For more information, see NTP Policy P age, ...
Cisco Systems OL-16066-01 - page 194

Appendix K Router Platform User Interface Reference Logging Setup Policy Page K-194 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Source Interface The sourc e address for all out going log messages sent to a syslog server . This setting may be necessary wh en the syslog serv er cannot respond to the address from which the log message or i ...
Cisco Systems OL-16066-01 - page 195

K-195 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Logging Setup Policy Page Logging Buf fer Defines wh ether log messages are sa ved locally to a b uffer on the d evice. • Enable Buffer—When s ele cted, log messages are saved to a b uffer on the de vice. This is the default. When ...
Cisco Systems OL-16066-01 - page 196

Appendix K Router Platform User Interface Reference Logging Setup Policy Page K-196 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Rate Limit Limits the rate of log messages sent to the syslog ser ver . • Enable Rate Limit—When selected, t he rate limit is enabled. When deselected, the rate limit is disabled. • Messages per Sec.—Th ...
Cisco Systems OL-16066-01 - page 197

K-197 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Syslog Servers Policy Page Syslog Servers Policy Page Use the Syslog Servers page to create, ed it, and delete serv ers that collect log messages from the router . For more information, see Def ining Syslog Serv ers, page 15-149 . Note ...
Cisco Systems OL-16066-01 - page 198

Appendix K Router Platform User Interface Reference Syslog Servers Policy Page K-198 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F e ...
Cisco Systems OL-16066-01 - page 199

K-199 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page Related Topics • Defin ing Syslog Servers, page 15-149 • Logging on Cisco IOS Routers, page 15-144 • Understanding Netw ork/Ho st Objects, page 9-144 Field Reference Quality of Service Policy Page U ...
Cisco Systems OL-16066-01 - page 200

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-200 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 • ( Polic y vie w ) S elect Router Platf orm > Quality of Service from the Policy T ype selector . Right-click Qual ity of Service to create a polic y , or select an existing p olicy from the Shared P ...
Cisco Systems OL-16066-01 - page 201

K-201 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page Sustained Burst Applies only when you enable hierarchical shaping on this interf ace. The normal burst size allo wed on this interface, in milliseconds. Excess Burst Applies only when you enable hierarchi ...
Cisco Systems OL-16066-01 - page 202

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-202 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading ...
Cisco Systems OL-16066-01 - page 203

K-203 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page QoS Policy Dialog Box Use the QoS Policy dialog box to select an in terface on which you want to define QoS parameters. In addition, you can use th is dialog bo x to configure a singl e set of shaping par ...
Cisco Systems OL-16066-01 - page 204

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-204 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Direction The direction of the traf fic on which to conf igure QoS: • Output—T raff ic that exits the interface. • Input—T r af fic that en ters the interface. Hierarchic al Shaping settings Enable ...
Cisco Systems OL-16066-01 - page 205

K-205 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page QoS Class Dialog Box Use the QoS Class dial og box to create or edit a QoS class on a selected interface or control plan e of a Cisco IOS router . Y ou can def ine up to 16 classes on a single interface a ...
Cisco Systems OL-16066-01 - page 206

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-206 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Note QoS is applied to packets on a first-match basis. The router e x amines the table of QoS classes starting from the top and appl ies the properties of the first class whose matching criteria matches th ...
Cisco Systems OL-16066-01 - page 207

K-207 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page Field Reference Note When you confi gure a QoS polic y on the control plane, only the Matchin g tab and Policing tab ar e av ailable. T able K-91 QoS Class Dialog Bo x Element Description Set as Default C ...
Cisco Systems OL-16066-01 - page 208

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-208 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 QoS Class Dialog Box—Matching Tab Use the Matching tab of the QoS Class dialog box to def ine which traff ic over t he selected interface is considered to be part of th is class. Note When you defin e th ...
Cisco Systems OL-16066-01 - page 209

K-209 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page Protocol One or more protocols i ncluded in this class map. Click Add to display a selector . Select one or more items from the A v ailable Protocols list, then click >> to add them to t he Selected ...
Cisco Systems OL-16066-01 - page 210

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-210 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Edit ACLs Dialog Box—QoS Classes When configuring a QoS policy on a Cisc o IOS router , use the Edit A CLs dial og box to specify which A CLs should be i ncluded in the matching criteria fo r the selecte ...
Cisco Systems OL-16066-01 - page 211

K-211 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page QoS Class Dialog Box—Marking Tab Use the Marking tab of the QoS Class dialog box to cl as sify packets. T raffic policers and shapers use these classifi cations to ensure adherenc e to the contracted le ...
Cisco Systems OL-16066-01 - page 212

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-212 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 QoS Class Dialog Box—Queui ng and Congesti on Avoidance Tab Use the Queuing and Congest ion A voidance tab of the QoS Class dialog box t o perform Class-Based W eighted Fair Queu ing (CBWFQ) on the outpu ...
Cisco Systems OL-16066-01 - page 213

K-213 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page • Def ining QoS on the Contr ol Plane, page 15-168 • Quality of Service Polic y Page, page K-199 Field Reference T able K-95 QoS Class Dialog Box—Queuin g and Cong estion A voidan ce T ab Element De ...
Cisco Systems OL-16066-01 - page 214

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-214 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 QoS Class Dialog Box—Policing Tab Use the Policing tab of the QoS Class d ialog box to configure rate limits on th e traff ic in a selected QoS cla ss. Excess traff ic is either dropped or transmitted wi ...
Cisco Systems OL-16066-01 - page 215

K-215 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page • Quality of Service Polic y Page, page K-199 Field Reference T able K-96 QoS Class Dialog Bo x—Policing T ab Element Description Enable Policing Whe n selected, enab les you to configure Class-Based ...
Cisco Systems OL-16066-01 - page 216

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-216 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Excess Burst The excess bu rst size, which determines ho w large traf fic bursts can be before all traf fic exceeds the rate limit. In the token b ucket algorithm, it represents the full size of the second ...
Cisco Systems OL-16066-01 - page 217

K-217 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Quality of Service Policy Page QoS Class Dialog Box—Shaping Tab Use the Shaping tab of the QoS Cl ass dialog box to control the rate of outp ut traff ic for the sele cted QoS class. Shapin g typically delays excess traf fic b y using ...
Cisco Systems OL-16066-01 - page 218

Appendix K Router Platform User Interface Reference Quality of Service Policy Page K-218 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 T ype The type of shaping to perform: • A verage—Limits the data rate for each interv al to the sustained burst rate (also kno wn as the committed burst rate o r Bc), achie ving an av erage rate no hig ...
Cisco Systems OL-16066-01 - page 219

K-219 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence BGP Routing Policy Page BGP Routing Policy Page Border Gate way Protocol (BGP) is an e xterior gatew ay protocol (EGP) that performs routing between mu ltiple autonomou s systems or domains and exchanges routing and reachab ility infor ...
Cisco Systems OL-16066-01 - page 220

Appendix K Router Platform User Interface Reference BGP Routing Policy Page K-220 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • Chapter K, “Router Platform User Interface R eference” BGP Page—Setup Tab Use the BGP Setup tab to def ine the number of the autonomous system (AS) in which the selected rou ter is locate ...
Cisco Systems OL-16066-01 - page 221

K-221 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence BGP Routing Policy Page Networks The networks associated with the BGP rout e. Enter one or more netw ork addresses or network /host objects, or click Select to display an Object Selectors, page F-593 . If the networ k you want is not l ...
Cisco Systems OL-16066-01 - page 222

Appendix K Router Platform User Interface Reference BGP Routing Policy Page K-222 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Neighbors Dialog Box Use the Neighbors dialog box to def ine the internal and ex ternal neighbors of the selected router . Navigation Path Go to the BGP Page—Setup T ab, page K-220 , then click the Add or Edit ...
Cisco Systems OL-16066-01 - page 223

K-223 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence BGP Routing Policy Page BGP Page—Redistribution Tab Use the BGP Redistrib ution tab to view , create, edit, and delete redistrib ution settings when performing redistribution into a BGP autonomo u s system (AS). Note Y ou m ust defin ...
Cisco Systems OL-16066-01 - page 224

Appendix K Router Platform User Interface Reference BGP Routing Policy Page K-224 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eatu ...
Cisco Systems OL-16066-01 - page 225

K-225 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence BGP Routing Policy Page Field Reference T able K-1 0 1 BGP Redistr ibution Mapping Dial og Bo x Element Description Protocol to Redistrib ute The routing protocol that i s being redistrib uted: • Static—Redistrib utes IP or OSI sta ...
Cisco Systems OL-16066-01 - page 226

Appendix K Router Platform User Interface Reference EIGRP Routing Policy Page K-226 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 EIGRP Routing Policy Page Enhanced Interior G ate way Routing Prot ocol (EIGRP) is a scalab le interior gate way protocol that pro v ides extremely quick con ver gence times with minimal network traffic. Y ou c ...
Cisco Systems OL-16066-01 - page 227

K-227 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence EIGRP Routing Policy Page Field Reference Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Co ...
Cisco Systems OL-16066-01 - page 228

Appendix K Router Platform User Interface Reference EIGRP Routing Policy Page K-228 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • Defin ing EIGRP Routes, page 15-185 • Supported IP Address F ormats, page 9-145 • Understanding Netw ork/Ho st Objects, page 9-144 Field Reference T able K-1 03 EIGRP Setup Dialog Bo x El ...
Cisco Systems OL-16066-01 - page 229

K-229 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence EIGRP Routing Policy Page Edit Interfaces Dialog Box—EIGRP Passive Interfaces When you conf igure an EIGRP routing policy on a Cisco IOS ro uter , use the Edit Interfaces dial og box to specify which inte rfaces wi ll not send update ...
Cisco Systems OL-16066-01 - page 230

Appendix K Router Platform User Interface Reference EIGRP Routing Policy Page K-230 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Note Y ou c an access the EIGRP Interfaces tab only after defining at least one EIGRP autonomous system in the Setup tab . See EIGRP P age—Setup T ab, page K-226 . Navigation Path Go to the EIGRP Routing Poli ...
Cisco Systems OL-16066-01 - page 231

K-231 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence EIGRP Routing Policy Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F e ...
Cisco Systems OL-16066-01 - page 232

Appendix K Router Platform User Interface Reference EIGRP Routing Policy Page K-232 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 EIGRP Page—Redistribution Tab Use the EIGRP Redistrib ution tab to create, edit, and delete EIGRP redistributio n mappings. Navigation Path Go to the EIGRP Routing Policy P age, page K-226 , then clic k the R ...
Cisco Systems OL-16066-01 - page 233

K-233 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence EIGRP Routing Policy Page Field Reference Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Co ...
Cisco Systems OL-16066-01 - page 234

Appendix K Router Platform User Interface Reference EIGRP Routing Policy Page K-234 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 EIGRP Redistribution Mapping Dialog Box Use the EIGRP Redistrib ution Mapping dialog box to add or edit the properties of an EIGRP redistribution mapping. Navigation Path Go to the EIGRP Page—Redi stribution ...
Cisco Systems OL-16066-01 - page 235

K-235 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence EIGRP Routing Policy Page Protocol to Redist ribute (continued) • OSPF—Redistrib utes a different OSPF pr ocess. Y ou can define a single mapping for each process. Select a process from the displayed list, t hen select one or more ...
Cisco Systems OL-16066-01 - page 236

Appendix K Router Platform User Interface Reference OSPF Interface Policy Page K-236 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 OSPF Interface Policy Page Use the OSPF Interface page to vie w , crea te, edit, and delete interface-specif ic OSPF settings. For more information, see Def ining OSPF Interface Settings, page 15-200 . Navigat ...
Cisco Systems OL-16066-01 - page 237

K-237 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF In terface Po licy Pag e Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading ...
Cisco Systems OL-16066-01 - page 238

Appendix K Router Platform User Interface Reference OSPF Interface Policy Page K-238 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 OSPF Interface Dialog Box Use the OSPF Interface dialog box to add or edit the properties of OSPF interfaces. Navigation Path Go to the OSPF Interface Policy P age, page K-236 , then click the Add or Edi t but ...
Cisco Systems OL-16066-01 - page 239

K-239 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF In terface Po licy Pag e Authentication T ype—The authentication ty pe used by the selected interface: • MD5—Uses the MD5 hash algori thm fo r authenticatio n. This is the default. • Clear T ext—Uses a clear te xt passwo ...
Cisco Systems OL-16066-01 - page 240

Appendix K Router Platform User Interface Reference OSPF Interface Policy Page K-240 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Priority The default priority of the interface. The priority is us ed to determine whic h routers become the designated router (DR) and backup designated router (BDR) for that seg ment. The higher the number , ...
Cisco Systems OL-16066-01 - page 241

K-241 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF In terface Po licy Pag e Retransmit Interv al The interv al between LSA retransmissions (in seco nds) ov er the selected interface. The default is 5 seconds. V alid v alu es range from 1 to 65535 second s. Note W e recommend that ...
Cisco Systems OL-16066-01 - page 242

Appendix K Router Platform User Interface Reference OSPF Interface Policy Page K-242 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Conf igure Network Ty p e When selected, enables you to sele ct a network type that dif fers from the default medium used by the interface. When desele cted, the network type is eq ui valent to the def ault me ...
Cisco Systems OL-16066-01 - page 243

K-243 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF Process Policy Page OSPF Process Policy Page OSPF is an interior gate way routing prot ocol that uses link states instead of distance vectors for path selection. O SPF propagates link-state adv ertisements (LSAs) instead of routin ...
Cisco Systems OL-16066-01 - page 244

Appendix K Router Platform User Interface Reference OSPF Process Policy Page K-244 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Navigation Path Go to the OSPF Process Policy P age, page K-243 , then click the Setup tab . Related Topics • Defining OSPF Process Setti ngs, page 15-193 • OSPF Process Page—Area T ab, page K-247 • OSPF ...
Cisco Systems OL-16066-01 - page 245

K-245 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF Process Policy Page OSPF Setup Dialog Box Use the OSPF Setup dialog box to add or edit an OSPF process. Navigation Path Go to the OSPF Process Page—Setup T ab, page K-243 , then clic k the Add or Edit but ton beneath the table. ...
Cisco Systems OL-16066-01 - page 246

Appendix K Router Platform User Interface Reference OSPF Process Policy Page K-246 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Edit Interfaces Dialog B ox—OSPF Passive Interfaces When you configure an OSPF routing polic y on a Cisco IOS router, use the Edit Interfaces dial og box to specify which inte rfaces wi ll not send updates to ...
Cisco Systems OL-16066-01 - page 247

K-247 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF Process Policy Page OSPF Process Page—Area Tab Use the OSPF Area tab to create, edit, an d delete the ar eas an d networks cont ained in each OSPF process. This in cludes selecting the type of authent ication used by each ar ea. ...
Cisco Systems OL-16066-01 - page 248

Appendix K Router Platform User Interface Reference OSPF Process Policy Page K-248 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F eat ...
Cisco Systems OL-16066-01 - page 249

K-249 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF Process Policy Page OSPF Process Page—Redistribution Tab Use the OSPF Process Redistribu tion ta b to create, edit, and delete OSPF redistrib ution mappings. This includes def ining the maximum number of routes that can be redis ...
Cisco Systems OL-16066-01 - page 250

Appendix K Router Platform User Interface Reference OSPF Process Policy Page K-250 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-1 16 OSPF Pr ocess Redistr ibution T ab Element Description OSPF Redistrib ution Mapping T able Filter Enables you to f ilter the information displayed i n the table. For more informatio ...
Cisco Systems OL-16066-01 - page 251

K-251 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF Process Policy Page Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F ea ...
Cisco Systems OL-16066-01 - page 252

Appendix K Router Platform User Interface Reference OSPF Process Policy Page K-252 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-1 17 OSPF Redistr ibution Mapping Dialog Box Element Description Process ID The OSPF process into which other routes are being redistrib uted. Y ou must select a process ID number fro m ...
Cisco Systems OL-16066-01 - page 253

K-253 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence OSPF Process Policy Page Protocol to Redist ribute (continued) • OSPF—Redistrib utes a different OSPF pr ocess. Y ou can define a single mapping for each process. Select a process from the displayed list, t hen select one or more m ...
Cisco Systems OL-16066-01 - page 254

Appendix K Router Platform User Interface Reference OSPF Process Policy Page K-254 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 OSPF Max Prefix Mapping Dialog Box Use the OSPF Max Prefix Ma pping dialog box to add or edit the maximum number of routes that can be re distrib u ted into an OSPF process. Navigation Path Go to the OSPF Proces ...
Cisco Systems OL-16066-01 - page 255

K-255 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence RIP Routing Policy Page RIP Routing Policy Page RIP is a distance-v ector routing protocol th at uses h o p count as the metric for path selection. Security Man ager supports RIP v ersion 2 only , which includes support for neighbor au ...
Cisco Systems OL-16066-01 - page 256

Appendix K Router Platform User Interface Reference RIP Routing Policy Page K-256 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Related Topics • Def ining RIP Setup P arameters, page 15-210 • RIP Page—Aut hentication T ab, page K-257 • RIP Page—Redistrib ution T ab, page K-260 • Supported IP Address F ormats, page 9-145 • Un ...
Cisco Systems OL-16066-01 - page 257

K-257 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence RIP Routing Policy Page Edit Interfaces Dialog Box—RIP Passive Interfaces When you conf igure a RIP routing policy o n a Cisco IOS router , use the Edit Interfaces dial og box to specify which inte rfaces wi ll not send updates to th ...
Cisco Systems OL-16066-01 - page 258

Appendix K Router Platform User Interface Reference RIP Routing Policy Page K-258 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Navigation Path Go to the RIP Routing Polic y Page, page K-255 , then cl ick the A uthentication tab . Related Topics • Def ining RIP Interf ace Authentication Set tings, page 15-211 • RIP Page—Setup T ab, ...
Cisco Systems OL-16066-01 - page 259

K-259 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence RIP Routing Policy Page RIP Authentication Dialog Box Use the RIP Authentication dialog box to add or edit the neighbo r authentication properties of RIP interfaces. Navigation Path Go to the RIP Page—Authenti cation T ab, page K-257 ...
Cisco Systems OL-16066-01 - page 260

Appendix K Router Platform User Interface Reference RIP Routing Policy Page K-260 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 RIP Page—Redistribution Tab Use the RIP Redistrib u tion tab to vie w , create, edit, and delete redistribution settings when performi ng redistrib ution into an RIP routing domain. Note Y ou must de fine RIP s ...
Cisco Systems OL-16066-01 - page 261

K-261 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence RIP Routing Policy Page Field Reference RIP Redistribution Mapping Dialog Box Use the RIP Redistrib ution Mapping dialog box to ad d or edit the properties of an RIP redistrib ution mapping. Navigation Path Go to the RIP Page—Redistr ...
Cisco Systems OL-16066-01 - page 262

Appendix K Router Platform User Interface Reference RIP Routing Policy Page K-262 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Field Reference T able K-124 RIP Redistr ibution Mapping Dial og Box Element Description Protocol to Redistrib ute The routing protocol that i s being redistrib uted: • Static—Redistributes static routes. Y o ...
Cisco Systems OL-16066-01 - page 263

K-263 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Static Routing Policy Page Static Routing Policy Page Use the Static Routing page to create, ed it, and delete static routes. For more informatio n, see Def ining Static Routes, page 15-215 . Navigation Path • ( De vice view ) Select ...
Cisco Systems OL-16066-01 - page 264

Appendix K Router Platform User Interface Reference Static Routing Policy Page K-264 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Ti p T o choose which co lumns to display in the t a ble, right-click a column h eader , then select Show Columns . F or more information about table disp lay options, see T able Columns and Column Heading F e ...
Cisco Systems OL-16066-01 - page 265

K-265 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Static Routing Policy Page Related Topics • Def ining Static Routes, page 15- 215 • Static Routing on Cisco IOS Routers, page 15-215 Field Reference T able K-126 Static Routing Dialog Bo x Element Description Destination Network Ad ...
Cisco Systems OL-16066-01 - page 266

Appendix K Router Platform User Interface Reference Static Routing Policy Page K-266 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Forw arding (Ne xt Hop) The method of forward ing data to the destinati on network: • Forwarding Interf a ce—The router interf ace that forwards packets to the remote network. Enter the name of an inte rfa ...
Cisco Systems OL-16066-01 - page 267

K-267 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 Appendix K Router Platform User Interface Refer ence Static Routing Policy Page OK bu tton Saves you r changes locally on the cli ent and closes the dialog box. Note T o save your changes to the Security Manager serv er so that they are not lost when you lo g out or close your client, cl ...
Cisco Systems OL-16066-01 - page 268

Appendix K Router Platform User Interface Reference Static Routing Policy Page K-268 User Guide for Cisco S ecurity Manager 3 .2 OL-16066-01 ...

Manufacturer Cisco Systems Category Network Router

Documents that we receive from a manufacturer of a Cisco Systems OL-16066-01 can be divided into several groups. They are, among others:
- Cisco Systems technical drawings
- OL-16066-01 manuals
- Cisco Systems product data sheets
- information booklets
- or energy labels Cisco Systems OL-16066-01
All of them are important, but the most important information from the point of view of use of the device are in the user manual Cisco Systems OL-16066-01.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Cisco Systems OL-16066-01, service manual, brief instructions and user manuals Cisco Systems OL-16066-01. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Cisco Systems OL-16066-01.

Similar manuals

A complete manual for the device Cisco Systems OL-16066-01, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Cisco Systems OL-16066-01 by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Cisco Systems OL-16066-01.

A complete Cisco Systems manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Cisco Systems OL-16066-01 - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Cisco Systems OL-16066-01, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Cisco Systems OL-16066-01, that we can find in the current document
3. Tips how to use the basic functions of the device Cisco Systems OL-16066-01 - which should help us in our first steps of using Cisco Systems OL-16066-01
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Cisco Systems OL-16066-01
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Cisco Systems OL-16066-01 in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Cisco Systems OL-16066-01?

Use the form below

If you did not solve your problem by using a manual Cisco Systems OL-16066-01, ask a question using the form below. If a user had a similar problem with Cisco Systems OL-16066-01 it is likely that he will want to share the way to solve it.

Manual Cisco Systems OL-16066-01

Summary

Cisco Systems OL-16066-01 - page 1

Cisco Systems OL-16066-01 - page 2

Cisco Systems OL-16066-01 - page 3

Cisco Systems OL-16066-01 - page 4

Cisco Systems OL-16066-01 - page 5

Cisco Systems OL-16066-01 - page 6

Cisco Systems OL-16066-01 - page 7

Cisco Systems OL-16066-01 - page 8

Cisco Systems OL-16066-01 - page 9

Cisco Systems OL-16066-01 - page 10

Cisco Systems OL-16066-01 - page 11

Cisco Systems OL-16066-01 - page 12

Cisco Systems OL-16066-01 - page 13

Cisco Systems OL-16066-01 - page 14

Cisco Systems OL-16066-01 - page 15

Cisco Systems OL-16066-01 - page 16

Cisco Systems OL-16066-01 - page 17

Cisco Systems OL-16066-01 - page 18

Cisco Systems OL-16066-01 - page 19

Cisco Systems OL-16066-01 - page 20

Cisco Systems OL-16066-01 - page 21

Cisco Systems OL-16066-01 - page 22

Cisco Systems OL-16066-01 - page 23

Cisco Systems OL-16066-01 - page 24

Cisco Systems OL-16066-01 - page 25

Cisco Systems OL-16066-01 - page 26

Cisco Systems OL-16066-01 - page 27

Cisco Systems OL-16066-01 - page 28

Cisco Systems OL-16066-01 - page 29

Cisco Systems OL-16066-01 - page 30

Cisco Systems OL-16066-01 - page 31

Cisco Systems OL-16066-01 - page 32

Cisco Systems OL-16066-01 - page 33

Cisco Systems OL-16066-01 - page 34

Cisco Systems OL-16066-01 - page 35

Cisco Systems OL-16066-01 - page 36

Cisco Systems OL-16066-01 - page 37

Cisco Systems OL-16066-01 - page 38

Cisco Systems OL-16066-01 - page 39

Cisco Systems OL-16066-01 - page 40

Cisco Systems OL-16066-01 - page 41

Cisco Systems OL-16066-01 - page 42

Cisco Systems OL-16066-01 - page 43

Cisco Systems OL-16066-01 - page 44

Cisco Systems OL-16066-01 - page 45

Cisco Systems OL-16066-01 - page 46

Cisco Systems OL-16066-01 - page 47

Cisco Systems OL-16066-01 - page 48

Cisco Systems OL-16066-01 - page 49

Cisco Systems OL-16066-01 - page 50

Cisco Systems OL-16066-01 - page 51

Cisco Systems OL-16066-01 - page 52

Cisco Systems OL-16066-01 - page 53

Cisco Systems OL-16066-01 - page 54

Cisco Systems OL-16066-01 - page 55

Cisco Systems OL-16066-01 - page 56

Cisco Systems OL-16066-01 - page 57

Cisco Systems OL-16066-01 - page 58

Cisco Systems OL-16066-01 - page 59

Cisco Systems OL-16066-01 - page 60

Cisco Systems OL-16066-01 - page 61

Cisco Systems OL-16066-01 - page 62

Cisco Systems OL-16066-01 - page 63

Cisco Systems OL-16066-01 - page 64

Cisco Systems OL-16066-01 - page 65

Cisco Systems OL-16066-01 - page 66

Cisco Systems OL-16066-01 - page 67

Cisco Systems OL-16066-01 - page 68

Cisco Systems OL-16066-01 - page 69

Cisco Systems OL-16066-01 - page 70

Cisco Systems OL-16066-01 - page 71

Cisco Systems OL-16066-01 - page 72

Cisco Systems OL-16066-01 - page 73

Cisco Systems OL-16066-01 - page 74

Cisco Systems OL-16066-01 - page 75

Cisco Systems OL-16066-01 - page 76

Cisco Systems OL-16066-01 - page 77

Cisco Systems OL-16066-01 - page 78