Administration Guide
Page 26
... you configure your network, make changes, as well your preferences for this scenario: The default configuration is allowed from the ISP. Review the WAN configuration and make any LAN devices. For more information, see Changing the Default User Name and Password, page 23). ...Consider the following first steps: 1. Cisco SA500 Series Security Appliances Administration Guide 26 With the default settings, the security appliance gets its WAN address dynamically from the Internet ...
... you configure your network, make changes, as well your preferences for this scenario: The default configuration is allowed from the ISP. Review the WAN configuration and make any LAN devices. For more information, see Changing the Default User Name and Password, page 23). ...Consider the following first steps: 1. Cisco SA500 Series Security Appliances Administration Guide 26 With the default settings, the security appliance gets its WAN address dynamically from the Internet ...
Administration Guide
Page 27
...can use your security appliance with your Cisco Smart Business Communications System (SBCS), install and configure your firewall rules. Cisco SA500 Series Security Appliances Administration Guide 27 See Scenario 9: Site-to support your devices. Review the LAN configuration and make any changes..., page 29. For more information, see Scenario 7: DMZ for Controlling Inbound and Outbound Traffic, page 29. 6. See Scenario 8: Cisco Smart Business Communications System Configuration, page 28. 4. Consider whether you are needed to -Site Networking and Remote Access, page 31. ...
...can use your security appliance with your Cisco Smart Business Communications System (SBCS), install and configure your firewall rules. Cisco SA500 Series Security Appliances Administration Guide 27 See Scenario 9: Site-to support your devices. Review the LAN configuration and make any changes..., page 29. For more information, see Scenario 7: DMZ for Controlling Inbound and Outbound Traffic, page 29. 6. See Scenario 8: Cisco Smart Business Communications System Configuration, page 28. 4. Consider whether you are needed to -Site Networking and Remote Access, page 31. ...
Administration Guide
Page 32
...the Site-to-Site VPN section of the Getting Started (Advanced) page, click the VPN Wizard link. Optionally, you can use other settings. Cisco SA500 Series Security Appliances Administration Guide 32 When the VPN Wizard appears, choose the Site-to-Site option and enter the other links on the... Getting Started (Advanced) page to review and modify the policies that were created by the Wizard. Getting Started Common Configuration Scenarios 1 IPsec VPN for Site-to-Site VPN For ...
...the Site-to-Site VPN section of the Getting Started (Advanced) page, click the VPN Wizard link. Optionally, you can use other settings. Cisco SA500 Series Security Appliances Administration Guide 32 When the VPN Wizard appears, choose the Site-to-Site option and enter the other links on the... Getting Started (Advanced) page to review and modify the policies that were created by the Wizard. Getting Started Common Configuration Scenarios 1 IPsec VPN for Site-to-Site VPN For ...
Administration Guide
Page 33
...) page and click Add Users to review and modify the policies that were created by users who have an IPsec VPN client on the PC, you can configure an IPsec VPN client tunnel for Remote Access with a VPN Client For remote access by the Wizard. Cisco SA500 Series Security Appliances Administration Guide...
...) page and click Add Users to review and modify the policies that were created by users who have an IPsec VPN client on the PC, you can configure an IPsec VPN client tunnel for Remote Access with a VPN Client For remote access by the Wizard. Cisco SA500 Series Security Appliances Administration Guide...
Administration Guide
Page 34
... for Browser-Based Remote Access, page 154. Return to the Getting Started (Advanced) page and click the Configure Users link to add your network resources. Cisco SA500 Series Security Appliances Administration Guide 34 For more information, see Configuring SSL VPN for different user groups, if needed. Getting Started Common Configuration Scenarios..., routes, and resources for this scenario: In the SSL VPN Remote Access section of your network resources, SSL VPN is a flexible and secure way to review the default settings for the user portal.
... for Browser-Based Remote Access, page 154. Return to the Getting Started (Advanced) page and click the Configure Users link to add your network resources. Cisco SA500 Series Security Appliances Administration Guide 34 For more information, see Configuring SSL VPN for different user groups, if needed. Getting Started Common Configuration Scenarios..., routes, and resources for this scenario: In the SSL VPN Remote Access section of your network resources, SSL VPN is a flexible and secure way to review the default settings for the user portal.
Administration Guide
Page 139
... Site-to your network from the IP address range used on the local LAN. For more information, see : www.vpnc.org/vpnstandards.html. Cisco SA500 Series Security Appliances Administration Guide 139 The VPN Wizard helps you to set up a tunnel to allow workers to connect to -Site VPN... a VPN Client This section describes how to save your entries. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. Configuring an IPsec VPN Tunnel for IPsec VPN, page 144. • To configure...
... Site-to your network from the IP address range used on the local LAN. For more information, see : www.vpnc.org/vpnstandards.html. Cisco SA500 Series Security Appliances Administration Guide 139 The VPN Wizard helps you to set up a tunnel to allow workers to connect to -Site VPN... a VPN Client This section describes how to save your entries. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. Configuring an IPsec VPN Tunnel for IPsec VPN, page 144. • To configure...
Administration Guide
Page 141
Configuring VPN Configuring an IPsec VPN Tunnel for Remote Access with the procedure Configuring the User Database for IPsec VPN, page 144. • To review or update the configured VPN policy click IPsec > VPN Policies. The length of configuration tasks for this VPN tunnel. Choose IP Address if you want ... the Local WAN's IP Address or Internet Name field. For more information, see Configuring the IKE Policies for the IPsec Remote Access VPN, page 142. - Cisco SA500 Series Security Appliances Administration Guide 141
Configuring VPN Configuring an IPsec VPN Tunnel for Remote Access with the procedure Configuring the User Database for IPsec VPN, page 144. • To review or update the configured VPN policy click IPsec > VPN Policies. The length of configuration tasks for this VPN tunnel. Choose IP Address if you want ... the Local WAN's IP Address or Internet Name field. For more information, see Configuring the IKE Policies for the IPsec Remote Access VPN, page 142. - Cisco SA500 Series Security Appliances Administration Guide 141
Administration Guide
Page 142
... unique identifier for remote access by remote workers, use this list when XAUTH is used in an IKE policy. Standard IPsec (XAuth) Cisco SA500 Series Security Appliances Administration Guide 142 Other options: Click the Edit button to add a user. Configuring VPN Configuring an IPsec VPN Tunnel... Users. Configuring the User Database for the IPsec Remote Access VPN If you are using the Cisco VPN Client, see Configuring the IKE Policies for Remote Access with a VPN Client 7 • To review or update the configured IKE policy, click IPsec > IKE Policies. STEP 2 Click Add to...
... unique identifier for remote access by remote workers, use this list when XAUTH is used in an IKE policy. Standard IPsec (XAuth) Cisco SA500 Series Security Appliances Administration Guide 142 Other options: Click the Edit button to add a user. Configuring VPN Configuring an IPsec VPN Tunnel... Users. Configuring the User Database for the IPsec Remote Access VPN If you are using the Cisco VPN Client, see Configuring the IKE Policies for Remote Access with a VPN Client 7 • To review or update the configured IKE policy, click IPsec > IKE Policies. STEP 2 Click Add to...
Administration Guide
Page 143
... Configuration of configuration tasks for IPsec VPN Remote Access. • Optionally, review and modify the default settings and policies. QuickVPN is specific only to which uses user authentication but the implementation is a propriety Cisco/Linksys client which the remote user will have access. STEP 5 Repeat as... you can be part of the LAN or VLAN IP addresses. • Subnet Mask: Enter the subnet mask for the local subnet. Cisco QuickVPN X-Auth is required with a VPN Client 7 - Configuring VPN Configuring an IPsec VPN Tunnel for Remote Access with IPsec clients such ...
... Configuration of configuration tasks for IPsec VPN Remote Access. • Optionally, review and modify the default settings and policies. QuickVPN is specific only to which uses user authentication but the implementation is a propriety Cisco/Linksys client which the remote user will have access. STEP 5 Repeat as... you can be part of the LAN or VLAN IP addresses. • Subnet Mask: Enter the subnet mask for the local subnet. Cisco QuickVPN X-Auth is required with a VPN Client 7 - Configuring VPN Configuring an IPsec VPN Tunnel for Remote Access with IPsec clients such ...
Administration Guide
Page 144
...server (by choosing the IPsec Host option in this page. to be sure to verify the identity of the peer, encryption algorithms, etc. Cisco SA500 Series Security Appliances Administration Guide 144 You can create an IKE policy from the User Database (see Configuring the User Database for users who... want to review and modify the settings that are created by the Wizard, click VPN on the menu bar, and then click IPsec > Basic Setting Defaults...
...server (by choosing the IPsec Host option in this page. to be sure to verify the identity of the peer, encryption algorithms, etc. Cisco SA500 Series Security Appliances Administration Guide 144 You can create an IKE policy from the User Database (see Configuring the User Database for users who... want to review and modify the settings that are created by the Wizard, click VPN on the menu bar, and then click IPsec > Basic Setting Defaults...
Administration Guide
Page 148
... only if the primary policy fails. You cannot enable, disable, edit, or delete the backup policies. NOTE Next Steps • To review or update the configured VPN policy click IPsec > VPN Policies. For more information, see Configuring the IKE Policies for IPsec VPN, page ... more information, see Configuring the IKE Policies for IPsec VPN, page 144. • To configure IPsec passthrough, click IPsec > Passthrough. Cisco SA500 Series Security Appliances Administration Guide 148 See Configuring the User Database for remote access VPN only), click IPsec > IPsec Users. These tables...
... only if the primary policy fails. You cannot enable, disable, edit, or delete the backup policies. NOTE Next Steps • To review or update the configured VPN policy click IPsec > VPN Policies. For more information, see Configuring the IKE Policies for IPsec VPN, page ... more information, see Configuring the IKE Policies for IPsec VPN, page 144. • To configure IPsec passthrough, click IPsec > Passthrough. Cisco SA500 Series Security Appliances Administration Guide 148 See Configuring the User Database for remote access VPN only), click IPsec > IPsec Users. These tables...
Administration Guide
Page 156
... can configure port forwarding to allow access to a limited set of Clientless SSL VPN to be sufficient for your own domains and groups. Cisco SA500 Series Security Appliances Administration Guide 156 Then, you could create two portal layouts for different user domains, you can start with Scenario Step... for the portal users. The security appliance is not inside the private network, users should not visit this step so that you can review the default settings and modify, as the User Type. As you create each portal layout, you would customize the banner message to specific...
... can configure port forwarding to allow access to a limited set of Clientless SSL VPN to be sufficient for your own domains and groups. Cisco SA500 Series Security Appliances Administration Guide 156 Then, you could create two portal layouts for different user domains, you can start with Scenario Step... for the portal users. The security appliance is not inside the private network, users should not visit this step so that you can review the default settings and modify, as the User Type. As you create each portal layout, you would customize the banner message to specific...
Administration Guide
Page 189
... 1) Immediate action needed. Syslog definition is LOG_ERR. Syslog definition is LOG_CRIT. Syslog definition is LOG_EMERG. Cisco SA500 Series Security Appliances Administration Guide 189 STEP 1 Click Administration> Logging > Logs Facility and Severity. STEP 3 Check the box for review. Syslog definition is LOG_WARNING. Critical (level 2) Critical conditions. Notification (level 5) Normal but significant condition. These...
... 1) Immediate action needed. Syslog definition is LOG_ERR. Syslog definition is LOG_CRIT. Syslog definition is LOG_EMERG. Cisco SA500 Series Security Appliances Administration Guide 189 STEP 1 Click Administration> Logging > Logs Facility and Severity. STEP 3 Check the box for review. Syslog definition is LOG_WARNING. Critical (level 2) Critical conditions. Notification (level 5) Normal but significant condition. These...
Administration Guide
Page 220
STEP 3 Verify your settings. STEP 2 Check or uncheck Automatically adjust for Daylight Savings Time. Cisco SA500 Series Security Appliances Administration Guide 220 Symptom: The time is January 1, 2000. Possible cause: The security appliance has not yet successfully reached a network time ... access settings. Troubleshooting Date and Time A Date and Time Symptom: Date shown is off by one hour. Recommended action: STEP 1 Click Administration > Time Zone. STEP 2 Review the settings for the date and time.
STEP 3 Verify your settings. STEP 2 Check or uncheck Automatically adjust for Daylight Savings Time. Cisco SA500 Series Security Appliances Administration Guide 220 Symptom: The time is January 1, 2000. Possible cause: The security appliance has not yet successfully reached a network time ... access settings. Troubleshooting Date and Time A Date and Time Symptom: Date shown is off by one hour. Recommended action: STEP 1 Click Administration > Time Zone. STEP 2 Review the settings for the date and time.