Nortel Networks NN46120-104 Manual do Utilizador Página 158
- Página / 300
- Índice
- RESOLUÇÃO DE PROBLEMAS
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
158 Troubleshooting the NVG
AnASA 310-FIPS Cluster Must be Reconstructed
onto New Devices
If your cluster of ASA 310-FIPS devices has been damaged beyond repair
(by fire, for example) you can reconstruct the complete cluster, including
certificates, private keys, and wrap keys. However, this requires that you
have access to the following:
•
A new set of ASA 310-FIPS devices, replacing the cluster of damaged
devices.
• A backup configuration file, saved to an FTP/TFTP/SCP/SFTP server
as a precautionary measure by using the /cfg/ptcfg command in
the former cluster. For more information about the ptcfg command,
see the "Configuration Menu " chapter in the Command Reference.
• The black CODE-SO and CODE-USER iKeys that were used when
the now damaged cluster of ASA 310-FIPS devices was first created.
The black CODE iKeys are needed to transfer the wrap key used
in the former cluster onto the HSM cards in the new ASA 310-FIPS
devices, as well as for decrypting private key information in the backup
configuration file.
• The secret passphrase that was defined in the former cluster when first
initialized (Provided your former cluster was running in FIPS mode).
To reconstruct the cluster configuration, certificates, private keys, and wrap
keys used in the former cluster onto a new set of ASA 310-FIPS devices,
follow these steps:
Step Action
1 Install the first ASA 310-FIPS in a new cluster by following the
instructions on “ Installing an ASA 310-FIPS” (page 58) up to and
including Step 5.
Note: When asked to use FIPS or Extended Security Mode,
select the same mode that was used in the former cluster.
2 When both HSM cards have been initialized, you will be
asked if you want to use new or existing HSM-CODE iKeys.
Type existing and press ENTER.
Nortel VPN Gateway
User Guide
NN46120-104 02.01 Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.
- User Guide 1
- Licensing 2
- Contents 3
- Who Should Use This Book 8
- Related documentation 9
- Product Names 10
- How This Book Is Organized 11
- 12 Preface 12
- Typographic Conventions 13
- How to Get Help 14
- Introducing the VPN Gateway 15
- SSL Acceleration 16
- Hardware Platforms 18
- Feature List 19
- Transparent Mode Access 20
- User Authentication 20
- User Authorization 20
- Client Security 21
- Accounting and Auditing 21
- Networking 21
- Secure Service Partitioning 21
- Branch Office Tunnels 22
- Portal Guard 22
- Scalability and Redundancy 23
- Public Key Infrastructure 23
- Introducing the ASA 310-FIPS 27
- HSM Overview 28
- Extended Mode vs. FIPS Mode 29
- Types of iKeys 30
- Additional HSM Information 33
- Initial Setup 35
- Clusters 36
- IP Address Types 37
- 38 Initial Setup 38
- Interfaces 39
- Switch 2424-SSL 40
- Configuration at Boot Up 41
- Complete the New Setup 46
- Initializing system......ok 49
- Basic VPN Setup 50
- Default Network 50
- Default Services 51
- 52 Initial Setup 52
- Complete the Join Setup 56
- Complete the Join Setup 57 57
- ......ok 57
- Setup successful 57
- Installing an ASA 310-FIPS 58
- ( new setup, continued) 59
- Reinstalling the Software 70
- Upgrading the NVG Software 73
- 74 Upgrading the NVG Software 74
- 78 Upgrading the NVG Software 78
- Managing Users and Groups 79
- 80 Managing Users and Groups 80
- Adding a New User 81
- • tunnelguard 82
- Adding Users through RADIUS 85
- Changing a Users Password 88
- Deleting a User 91
- Adding Certificates to the NVG 99
- Copy-and-Paste Certificates 100
- >> Certificate 1# apply 101
- Changes applied successfully 101
- Copy-and-Paste Private Key 102
- Nortel VPN Gateway 104
- NN46120-104 02.01 Standard 104
- 14 April 2008 104
- /cfg/cur cert command 106
- Update Existing Certificate 107
- Certificate 108
- Generating client certificates 110
- Create a New Certificate 111 111
- >> Certificate 1# 112
- Valid for days [365]: 112
- Key size (512/1024) [512]: 112
- Export Client Certificate 114
- >> Main# cfg/cert 116
- Automatic CRL Retrieval 120
- Client certificate support 123
- Signing CSRs 124
- 5 Apply the changes 125
- Generate Test Certificate 126
- Automatic CRL Retrieval 127 127
- General Commands 128
- Show Key Size 129
- Show Key Information 129
- Virtual Desktop 131
- 132 Virtual Desktop 132
- Launch Vdesktop from Portal 133
- Virtual Desktop Operations 134
- The Command Line Interface 135
- Connecting to the VPN Gateway 136
- Running Telnet 137
- Running an SSH Client 138
- Accessing the NVG Cluster 140
- CLI vs. Setup 142
- Idle Timeout 144
- Troubleshooting the NVG 145
- Enable Telnet or SSH Access 146
- Check the Access List 146
- 148 Troubleshooting the NVG 148
- Cannot Contact the MIP 149
- 150 Troubleshooting the NVG 150
- The NVG Stops Responding 151
- A User Password is Lost 152
- Boot User Password 153 153
- Alteon iSD SSL 153
- Software version 7.1 153
- Boot User Password 155 155
- 158 Troubleshooting the NVG 158
- 164 Troubleshooting the NVG 164
- 166 Troubleshooting the NVG 166
- 168 Troubleshooting the NVG 168
- 170 Troubleshooting the NVG 170
- System Diagnostics 172
- Error Log Files 174
- 176 Troubleshooting the NVG 176
- Appendix 177
- Supported Ciphers 177
- 178 Supported Ciphers 178
- Supported Ciphers (cont’d.) 178
- Cipher List Formats 179
- Modifying a Cipher List 180
- The SNMP Agent 183
- Supported MIBs 184
- SNMP-VIEW-BASED-ACM-MIB 185 185
- Limitations 186
- DISMAN-EVENT-MIB 187 187
- 188 The SNMP Agent 188
- Supported Traps 189
- Syslog Messages 191
- List of Syslog Messages 192
- ALARM 193 193
- Alarm Severity Syslog Level 193
- CRITICAL ALERT 193
- • Name: isd_down 194
- • Name: single_master 194
- • Name: log_open_failed 194
- ALARM 195 195
- 196 Syslog Messages 196
- ERROR 197 197
- 198 Syslog Messages 198
- ERROR 199 199
- 200 Syslog Messages 200
- INFO 201 201
- 202 Syslog Messages 202
- AAA Subsystem Messages 203 203
- Log functionality 204
- WARNING 205 205
- 206 Syslog Messages 206
- INFO 207 207
- 208 Syslog Messages 208
- INFO 209 209
- 210 Syslog Messages 210
- INFO 211 211
- 212 Syslog Messages 212
- INFO 213 213
- 214 Syslog Messages 214
- INFO 215 215
- 216 Syslog Messages 216
- INFO 217 217
- 218 Syslog Messages 218
- INFO 219 219
- 220 Syslog Messages 220
- INFO 221 221
- 222 Syslog Messages 222
- License Information 223
- 224 License Information 224
- 226 License Information 226
- 228 License Information 228
- 230 License Information 230
- 232 License Information 232
- HSM Security Policy 233
- 2.0 Applicable Documents 234
- 3.0 Overview 234
- 4.0 Capabilities 235
- 5.0 Physical Security 237
- 7.1 Module Interfaces 237
- 7.1 Components 238
- 240 HSM Security Policy 240
- 9.0 Roles and Services 241
- 9.4 User Creation 242
- 9.5 Services 242
- 9.0 Roles and Services 243 243
- 244 HSM Security Policy 244
- 9.0 Roles and Services 245 245
- 246 HSM Security Policy 246
- 9.0 Roles and Services 247 247
- 10.0 Key Management 248
- 10.2 Key Storage 249
- 10.3 Key Entry and Output 249
- 10.4 Key Distribution 249
- 11.0 Modes 250
- 12.0 Self-Tests 251
- 13.0 Conclusion 252
- Definition of Key Codes 253
- Syntax Description 254
- Redefinable Keys 255
- SSH host keys 257
- Methods for Protection 258
- The VPN Gateway 259
- 260 SSH host keys 260
- Active Directory 261
- 5 Click Add 263
- Create New Class 266
- Create New Class 267 267
- Create New Class 269 269
- Using the Port Forwarder API 271
- Creating a Port Forwarder 273
- Demo Application 274
- Create New Class 275 275
- Example 277 277
- Example 281 281
- Connecting Through a Proxy 282
- Monitoring the Port Forwarder 283
- Glossary 285
- 286 Glossary 286
- 288 Glossary 288
- 290 Glossary 290
- 292 Glossary 292
- 294 Glossary 294
Manuais e produtos relacionados com Software Nortel Networks NN46120-104
Software Nortel Networks 608(WL) Manual do Utilizador
(222 páginas)
(222 páginas)
Software Nortel Networks BCM50 Manual do Utilizador
(352 páginas)
(352 páginas)
Software Nortel Networks 40M2420 Manual do Utilizador
(382 páginas)
(382 páginas)
Software Nortel Networks 8672ATME Manual do Utilizador
(162 páginas)
(162 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.073 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais