Resumo do conteúdo contido na página número 1
VPN 3002 Hardware Client
Reference
Release 3.5
November 2001
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Text Part Number: OL-1893-01
Resumo do conteúdo contido na página número 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE
Resumo do conteúdo contido na página número 3
CONTENTS Preface ix Prerequisites ix Organization ix Related Documentation xi Documentation conventions xii Obtaining Documentation xiii Obtaining technical assistance xiv Using the VPN 3002 Hardware Client Manager 1-1 VPN 3002 Hardware Client Browser Requirements 1-1 Connecting to the VPN 3002 Using HTTP 1-2 Installing the SSL Certificate in Your Browser 1-3 Connecting to the VPN 3002 Using HTTPS 1-16 Configuring HTTP, HTTPS, and SSL Parameters 1-16 Logging into the VPN 3002 Hardware Client M
Resumo do conteúdo contido na página número 4
Contents Servers 5-1 Configuration | System | Servers 5-1 Configuration | System | Servers | DNS 5-1 Tunneling 6-1 Configuration | System | Tunneling Protocols 6-2 Configuration | System | Tunneling Protocols | IPSec 6-2 IP Routing 7-1 Configuration | System | IP Routing 7-1 Configuration | System | IP Routing | Static Routes 7-2 Configuration | System | IP Routing | Static Routes | Add or Modify 7-3 Configuration | System | IP Routing | Default Gateways 7-4 Configuration | System | IP Routing
Resumo do conteúdo contido na página número 5
Contents Configuration | System | Events | Classes | Add or Modify 9-10 Configuration | System | Events | Trap Destinations 9-12 Configuration | System | Events | Trap Destinations | Add or Modify 9-13 Configuration | System | Events | Syslog Servers 9-14 Configuration | System | Events | Syslog Servers | Add or Modify 9-16 General 10-1 Configuration | System | General 10-1 Configuration | System | General | Identification 10-2 Configuration | System | General | Time and Date 10-3 Policy Manag
Resumo do conteúdo contido na página número 6
Contents Administration | Certificate Management | Enroll | Certificate Type | PKCS10 12-39 Administration | Certificate Management | Enrollment or Renewal | Request Generated 12-40 Administration | Certificate Management | Enroll | Identity Certificate | SCEP 12-41 Administration | Certificate Management | Enroll | SSL Certificate | SCEP 12-42 Administration | Certificate Management | Install 12-44 Administration | Certificate Management | Install | Certificate Obtained via Enrollment 12-45 A
Resumo do conteúdo contido na página número 7
Contents Monitoring | Statistics | PPPoE 13-36 Monitoring | Statistics | MIB-II 13-39 Monitoring | Statistics | MIB-II | Interfaces 13-40 Monitoring | Statistics | MIB-II | TCP/UDP 13-42 Monitoring | Statistics | MIB-II | IP 13-45 Monitoring | Statistics | MIB-II | ICMP 13-48 Monitoring | Statistics | MIB-II | ARP Table 13-51 Monitoring | Statistics | MIB-II | Ethernet 13-53 Monitoring | Statistics | MIB-II | SNMP 13-56 Using the Command-Line Interface 14-1 Accessing the Command-line Interface
Resumo do conteúdo contido na página número 8
Contents VPN 3000 Series Concentrator Reference Volume I: Configuration viii 78-13782-01
Resumo do conteúdo contido na página número 9
Preface The VPN 3002 Hardware Client Reference provides guidelines for configuring the Cisco VPN 3002, details on all the functions available in the VPN 3002 Hardware Client Manager, and instructions for using the VPN 3002 Command Line Interface. Prerequisites We assume you have read the VPN 3002 Hardware Client Getting Started manual and have followed the minimal configuration steps in Quick Configuration. That section of the VPN Hardware Client Manager is not described here. We also assu
Resumo do conteúdo contido na página número 10
Preface Organization Chapter Title Description Chapter 5 Servers Explains how to configure the VPN 3002 to communicate with DNS servers to convert hostnames to IP addresses. Chapter 6 Tunneling Explains how to configure IPSec. Chapter 7 IP Routing Explains how to configure static routes, default gateways, and DHCP parameters and options. Chapter 8 Management Protocols Explains how to configure built-in VPN 3002 servers that provide management functions:, HTTP and HTTPS, Telnet, SNMP, SNMP
Resumo do conteúdo contido na página número 11
Preface Related Documentation Related Documentation Refer to the following documents for further information about Cisco VPN 3000 Series applications and products. VPN 3002 Hardware Client Documentation The VPN 3002 Hardware Client Getting Started manual provides information to take you from unpacking and installing the VPN 3002, through configuring the minimal parameters to make it operational (called Quick Configuration). This manual is online only. The VPN 3002 Hardware Client Quick Star
Resumo do conteúdo contido na página número 12
Preface Documentation conventions versions on the Cisco web site, click the Support icon on the toolbar at the top of the VPN Concentrator ® Manager, Hardware Client Manager, or Client window. To open the documentation, you need Acrobat Reader 3.0 or later; version 4.5 is included on the Cisco VPN 3000 Concentrator software distribution CD-ROM and on the VPN Client software distribution CD-ROM. Other References Other useful references include: • Cisco Systems, Dictionary of Internetworking
Resumo do conteúdo contido na página número 13
Preface Obtaining Documentation Data Formats As you configure and manage the system, enter data in the following formats unless the instructions indicate otherwise: Type of Data Format IP Addresses IP addresses use 4-byte dotted decimal notation (for example, 192.168.12.34); as the example indicates, you can omit leading zeros in a byte position. Subnet Masks and Subnet masks use 4-byte dotted decimal notation (for example, Wildcard Masks 255.255.255.0). Wildcard masks use the same notation
Resumo do conteúdo contido na página número 14
Preface Obtaining technical assistance Ordering documentation Cisco documentation is available in the following ways: Registered Cisco Direct Customers can order Cisco Product documentation from the Networking Products MarketPlace: http://www.cisco.com/cgi-bin/order/order_root.pl Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store: http://www.cisco.com/go/subscription Nonregistered Cisco.com users can order documentation through a local a
Resumo do conteúdo contido na página número 15
Preface Obtaining technical assistance Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco. To access Cisco.com, go to the following website: http://www.cisco.com Technical Assistance Center The Cisco TAC website is available to all customers who need technical assistance with
Resumo do conteúdo contido na página número 16
Preface Obtaining technical assistance VPN 3002 Hardware Client Reference xvi OL-1893-01
Resumo do conteúdo contido na página número 17
CH APTER 1 Using the VPN 3002 Hardware Client Manager The VPN 3002 Hardware Client Manager is an HTML-based interface that lets you configure, administer, monitor, and manage the VPN 3002 with a standard web browser. To use it, you connect to the VPN 3002, using a PC and browser on the same private network with the VPN 3002. The Manager uses the standard web client / server protocol, HTTP (Hypertext Transfer Protocol), which is a cleartext protocol. However, you can also use the Manager in
Resumo do conteúdo contido na página número 18
Chapter 1 Using the VPN 3002 Hardware Client Manager Connecting to the VPN 3002 Using HTTP JavaScript and Cookies Be sure JavaScript and Cookies are enabled in the browser. Refer to the documentation for your browser for instructions. Navigation Toolbar Do not use the browser navigation toolbar buttons Back, Forward, or Refresh/Reload with the VPN 3002 Hardware Client Manager unless instructed to do so. To protect access security, clicking Refresh/Reload automatically logs out the Mana
Resumo do conteúdo contido na página número 19
Chapter 1 Using the VPN 3002 Hardware Client Manager Installing the SSL Certificate in Your Browser Figure 1-1 VPN 3002 Hardware Client Manager Login Screen To continue using HTTP for the whole session, skip to “Logging into the VPN 3002 Hardware Client Manager.” Installing the SSL Certificate in Your Browser The Manager provides the option of using HTTP over SSL with the browser. SSL creates a secure session between your browser (VPN 3002 hardware client) and the VPN Concentrator (serv
Resumo do conteúdo contido na página número 20
Chapter 1 Using the VPN 3002 Hardware Client Manager Installing the SSL Certificate in Your Browser Follow these steps to install and use the SSL certificate for the first time. We provide separate instructions for Internet Explorer and Netscape Navigator when they diverge. Step 1 Connect to the VPN 3002 using HTTP as above. Step 2 On the login screen, click the Install SSL Certificate link. The Manager displays the Install SSL Certificate screen and automatically begins to download and