index

Symbols

Numerics

index

Symbols

: /bits subnet masks D -3

Numerics

: 100BaseT, setting 4 -2
: 10BaseT, setting 4 -2
: 3DES 7 -2

A

ACE/Server, configuration 9 -9

address range D -5

AnnexA 4 -6

AnnexD 4 -6

AppleTalk

: Frame Relay 13 -2
: routing 13 -1

apply command 2 -4

ARP, using inverse 4 -5

authentication

: SecurID 9 -8
: tunnel 7 -1
: VPN user list 9 -2
: VPN users 9 -1

Axent Defender

: concentrator configuration 9 -4
: overview 9 -3
: server configuration 9 -7

B

: bits subnet masks D -3

C

: description 11 -2
: requesting a server certificate 11 -9

cable length, DS3 4 -3

caution, description xii

Certificate Authority

: description 11 -2
: requesting a server certificate 11 -9

certificate generator. See CG

certificates

details 11 -12

installing on concentrator 11 -10

overview 11 -2

PEM format 11 -10

removing 11 -11

root

: creating on CG 11 -4
: distributing from CG 11 -5

server

: CG's own 11 -6
: request 11 -7

verifying 11 -11

Certificates section 11 -3

enabling 11 -3

root certificate

: creating 11 -4
: distributing 11 -5

server certificate

: CG's own 11 -6
: requesting 11 -9

Class A addresses D -1

Class B addresses D -1

Class C addresses D -1

clock

: DS3 4 -3
: HSSI 4 -2

command hierarchy C -5

command line

: accessing 2 -1
: privileges C -1
: prompts C -2

command types C -4

comments, in a configuration C -7

compression, PPP 4 -7

concentrator name, setting 3 -1

configuration

: copying A -2
: erasing B -3
: examples 15 -1
: formatting C -5
: name A -3
: size A -2

configuration, erasing B -3

configure command C -4

connections

: console 2 -2
: maximum VPN 1 -2
: Telnet 2 -2

console

: connection 2 -2
: toggle logging messages 3 -4

Console port 2 -2

conventions

: document xii
: syntax C -1

CRC

: DS3 4 -3
: HSSI 4 -2

D

data, inverted for DS3 4 -4

data rate, DS3 4 -4

default

: gateway 6 -4
: IP address 2 -3
: password 2 -2
: section values 3 -6

Defender. See Axent Defender

deleting a keyword 2 -6

DES 7 -2

details, certificates 11 -12

device name, setting 3 -1

Diffie-Hellman group 7 -2

digital certificates. See certificates

DLCIs, mapping to network addresses 4 -5

DNS

: concentrator 3 -2
: VPN group 8 -3

document conventions xii

domain name server

: concentrator 3 -2
: VPN group 8 -3

Domain Name Server section 3 -2

dotted decimal subnet masks D -3

downloading

: software A -1
: text configuration A -2

DS3

: cable length 4 -3
: clock 4 -3
: CRC 4 -3
: invert data 4 -4
: rate 4 -4

DS3 Interface section 4 -3

dynamic routing protocols 6 -5

E

edit config command C -4

embedded software, installing A -1

enabled mode C -1

erasing

: configuration B -3
: OS and configuration B -3

Ethenet Interface section 4 -1

Ethernet

: duplex 4 -2
: protocol 4 -2

example configurations 15 -1

F

failure, software B -1

features 1 -1

firewall, configuring for VPN 5 -4

firmware, installing A -1

Flash memory

: erasing configuration B -3
: erasing OS and configuration B -3

format

: PEM 11 -10
: PKCS #7 11 -5
: syntax C -3
: text configuration C -5
: X.509 11 -5

Frame Relay

: AppleTalk 13 -2
: DLCIs, mapping to network addresses 4 -5
: IPX 12 -2
: maintenance protocol 4 -6
: point-to-point 6 -2
: setting for link 4 -4
: unnumbered 6 -2

Frame Relay section 4 -5

full duplex, setting 4 -2

G

: gateway 6 -4
: General section 3 -1
: generic partner for LAN-to-LAN tunnels 10 -6
: GRE tunnels 10 -4
: groups, VPN 8 -1

H

half duplex, setting 4 -2

hosts, subnet masks for D -3

HSSI

: clock 4 -2
: CRC 4 -2

HSSI Interface section 4 -2

I

IARP, using 4 -5

ICMP requests, VPN-only port 5 -1

IKE

Phase 1 7 -1

Phase 2

: LAN-to-LAN tunnel 10 -4
: VPN groups 8 -4

IKE Policy section 7 -1

installing

: certificates on concentrator 11 -10
: software A -1
: text configuration A -2

interfaces

: DS3 4 -3
: Ethernet 4 -1
: HSSI 4 -2
: primary 6 -2
: sub-interfaces 6 -1

interoperating with third party equipment for LAN-to-LAN tunnels 10 -7

introduction 1 -1

inverse ARP, using 4 -5

inverted data, DS3 4 -4

dynamic routing protocols

: OSPF 6 -7
: RIP 6 -6

routing 6 -2

IP address

: classes D -1
: default 2 -3
: overview D -1
: private D -2
: RADIUS assignment 9 -7
: range with subnet mask D -5
: remote tunnel users 8 -2, 8 -3
: setting 6 -3

IP multicast address, SMDS 4 -8

IPsec

: gateway 5 -4
: LAN-to-LAN tunnel 10 -1

IP section 6 -2

IPX

: Frame Relay 12 -2
: RADIUS address assignment 9 -7
: remote users network 8 -3
: routing 12 -1

K

: key exchange 7 -2
: keyword, deleting 2 -6

L

LAN-to-LAN tunnels

: generic partner 10 -6
: GRE 10 -4
: IPsec 10 -1
: overview 10 -1
: protocols 10 -9
: third party equipment 10 -7

levels, logging 3 -5

link

: parameters 4 -4
: type 4 -4

LMI 4 -6

logging

: enabling 3 -4
: levels 3 -5
: toggle console 3 -4

Logging section 3 -4

M

maintenance protocol 4 -6

management 1 -3

management commands C -4

mapping DLCIs to network addresses 4 -5

maximum

: VPN connections 1 -2
: VPN groups 8 -1

MD5 7 -2

memory

: erasing configuration B -3
: erasing OS and configuration B -3

modes, privileges C -1

multicast address, SMDS 4 -8

N

: normal mode C -1
: note, description xii

O

: OS, erasing B -3
: OSPF, configuring 6 -7

P

password

: allowing default B -3
: default 2 -2
: setting 3 -1

PEM format 11 -10

ping 5 -1

PKCS #7 certificates 11 -5

PKI certificates. See certificates

port

: sub-interfaces 6 -1
: VPN-only 5 -1

PPP

: compression 4 -7
: setting for link 4 -4
: unnumbered 6 -2

PPP section 4 -7

primary interface 6 -2

private networks D -2

privileges C -1

prompts C -2

protocols

: dynamic routing 6 -5
: LAN-to-LAN tunnels 10 -9
: tunneling 1 -1
: VPN remote access 1 -2

R

RADIUS

: concentrator configuration 9 -4
: IP address assignment 9 -7
: IPX address assignement 9 -7
: overview 9 -3
: server configuration 9 -7
: shared secret 9 -7

rate, DS3 4 -4

recovery B -1

removing certificates 11 -11

requesting a server certificate 11 -7

RIP, configuring 6 -6

root certificate

: creating on CG 11 -4
: distributing from CG 11 -5
: installing on concentrator 11 -10

routes

: dynamic 6 -5
: static 6 -8

routing

: AppleTalk 13 -1
: dynamic protocols 6 -5
: IP 6 -2
: IPX 12 -1

runtime commands C -4

S

save command 2 -5

saving 2 -4

section, default values 3 -6

SecurID

: concentrator configuration 9 -8
: overview 9 -8
: server configuration 9 -9

Sequenced Predictor CCP 4 -7

server certificate

: CG's own 11 -6
: installing on concentrator 11 -10
: requesting from a CG 11 -9
: verifying 11 -11

SHA 7 -2

shared secret, RADIUS 9 -7

site-to-site tunnels. See LAN-to-LAN tunnels

SMDS

: IP multicast address 4 -8
: setting for link 4 -4
: station address 4 -8

SMDS section 4 -8

software

: erasing B -3
: failure B -1

Stac compression 4 -7

Static Frame Relay 4 -6

static routes 6 -8

station address 4 -8

sub-interfaces 6 -1

subnet masks

: /bits D -3
: address range D -5
: dotted decimal D -3
: number of hosts D -3
: overview D -2

switch settings B -2

syntax

: conventions C -1
: formatting C -3

T

Telnet to concentrator 2 -2

Test switch settings B -2

text configuration

: copying A -2
: formatting C -5
: name A -3

TFTP

: configuration file A -3
: software A -1

third party equipment, interoperating for LAN-to-LAN tunnels 10 -7

time, setting 3 -2

Time Server section 3 -2

traceroute 5 -1

traffic, VPN 5 -1

troubleshooting B -1

tunneling

: authentication 7 -1
: protocols 1 -1

Tunnel Partner section 10 -2

U

: unnumbered link 6 -2
: user list 9 -2

V

VPN

: connections 1 -2
: groups 8 -1
: overview 1 -4
: protocols 1 -2
: traffic 5 -1
: tunnel authentication 7 -1
: user authentication 9 -1
: user list 9 -2

vpn5002_8.cfg configuration file A -3

VPN Group section 8 -1

VPN-only port

: ICMP requests 5 -1
: using 5 -1

VPN User section 9 -2

W

: WAN link parameters 4 -4
: write command 2 -4

X

: X.509 root certificate 11 -5

Table of Contents

index