Administration Guide
Page 26
... for many small businesses, and you can make changes, as needed to change any LAN devices. Consider the following first steps: 1. Cisco SA500 Series Security Appliances Administration Guide 26 Review the WAN configuration and make sure that are needed . With the default settings, the security appliance gets its WAN address dynamically from...
... for many small businesses, and you can make changes, as needed to change any LAN devices. Consider the following first steps: 1. Cisco SA500 Series Security Appliances Administration Guide 26 Review the WAN configuration and make sure that are needed . With the default settings, the security appliance gets its WAN address dynamically from...
Administration Guide
Page 27
... you need to allow access to the configuration utility. See Configuring the Logging Options, page 185 and RMON (Remote Management), page 197. See Scenario 8: Cisco Smart Business Communications System Configuration, page 28. 4. For more information, see Scenario 7: DMZ for Controlling Inbound and Outbound Traffic, page 29. 6. In ... WAN, you can use the Optional port as an extra LAN port. See Scenario 9: Site-to use the links in most cases. Review the LAN configuration and make any changes that are going to -Site Networking and Remote Access, page 31. 7.
... you need to allow access to the configuration utility. See Configuring the Logging Options, page 185 and RMON (Remote Management), page 197. See Scenario 8: Cisco Smart Business Communications System Configuration, page 28. 4. For more information, see Scenario 7: DMZ for Controlling Inbound and Outbound Traffic, page 29. 6. In ... WAN, you can use the Optional port as an extra LAN port. See Scenario 9: Site-to use the links in most cases. Review the LAN configuration and make any changes that are going to -Site Networking and Remote Access, page 31. 7.
Administration Guide
Page 32
Cisco SA500 Series Security Appliances Administration Guide 32 Site A Outside 209.165.200.226 SA 500 Inside 10.10.10.0 Internet Outside 209.165.200.236 SA 500 Inside 10.20.20.0 Site B Printer Personal computers Personal computers Printer 235142 Configuration tasks for this scenario: In the Site-to review and modify the...
Cisco SA500 Series Security Appliances Administration Guide 32 Site A Outside 209.165.200.226 SA 500 Inside 10.10.10.0 Internet Outside 209.165.200.236 SA 500 Inside 10.20.20.0 Site B Printer Personal computers Personal computers Printer 235142 Configuration tasks for this scenario: In the Site-to review and modify the...
Administration Guide
Page 33
Return to the Getting Started (Advanced) page and click Add Users to review and modify the policies that were created by users who have an IPsec VPN client on the PC, you can configure an IPsec VPN client ... the VPN client software for this scenario: In the IPsec VPN Remote Access section of the Getting Started (Advanced) page, click the VPN Wizard link. Cisco SA500 Series Security Appliances Administration Guide 33 Optionally, you can use other links on the page. DNS Server 10.10.10.163 Security Appliance Internal...
Return to the Getting Started (Advanced) page and click Add Users to review and modify the policies that were created by users who have an IPsec VPN client on the PC, you can configure an IPsec VPN client ... the VPN client software for this scenario: In the IPsec VPN Remote Access section of the Getting Started (Advanced) page, click the VPN Wizard link. Cisco SA500 Series Security Appliances Administration Guide 33 Optionally, you can use other links on the page. DNS Server 10.10.10.163 Security Appliance Internal...
Administration Guide
Page 34
...the policies, client settings, routes, and resources for your network resources. Create new portals for Browser-Based Remote Access, page 154. Cisco SA500 Series Security Appliances Administration Guide 34 DNS Server 10.10.10.163 Security Appliance Internal Inside network 10.10.10.0 Outside Internet...browser, Internet access, and the correct login credentials. Return to the Getting Started (Advanced) page and click the Configure Users link to review the default settings for this scenario: In the SSL VPN Remote Access section of your network resources, SSL VPN is a flexible and secure...
...the policies, client settings, routes, and resources for your network resources. Create new portals for Browser-Based Remote Access, page 154. Cisco SA500 Series Security Appliances Administration Guide 34 DNS Server 10.10.10.163 Security Appliance Internal Inside network 10.10.10.0 Outside Internet...browser, Internet access, and the correct login credentials. Return to the Getting Started (Advanced) page and click the Configure Users link to review the default settings for this scenario: In the SSL VPN Remote Access section of your network resources, SSL VPN is a flexible and secure...
Administration Guide
Page 139
...set up a tunnel to allow workers to connect to your entries. The VPN Wizard helps you can update any of 255.0.0.0. Cisco SA500 Series Security Appliances Administration Guide 139 NOTE The IP address range used on the remote LAN must be different from remote locations .... • To configure IPsec passthrough, click IPsec > Passthrough. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. STEP 6 Click Apply to defaults as proposed by using Standard IPsec (Xauth). For ...
...set up a tunnel to allow workers to connect to your entries. The VPN Wizard helps you can update any of 255.0.0.0. Cisco SA500 Series Security Appliances Administration Guide 139 NOTE The IP address range used on the remote LAN must be different from remote locations .... • To configure IPsec passthrough, click IPsec > Passthrough. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. STEP 6 Click Apply to defaults as proposed by using Standard IPsec (Xauth). For ...
Administration Guide
Page 141
... one WAN configured, choose Dedicated WAN. STEP 5 Click Apply to enter a domain name, such as a RADIUS server, see Configuring the IPsec VPN Policies, page 148. Cisco SA500 Series Security Appliances Administration Guide 141 STEP 4 In the Remote & Local WAN Addresses area, enter the following information about the remote server and the... your settings. For more information, see Configuring the IKE Policies for this VPN tunnel. NOTE Do not use for IPsec VPN, page 144. • To review or update the configured VPN policy click IPsec > VPN Policies.
... one WAN configured, choose Dedicated WAN. STEP 5 Click Apply to enter a domain name, such as a RADIUS server, see Configuring the IPsec VPN Policies, page 148. Cisco SA500 Series Security Appliances Administration Guide 141 STEP 4 In the Remote & Local WAN Addresses area, enter the following information about the remote server and the... your settings. For more information, see Configuring the IKE Policies for this VPN tunnel. NOTE Do not use for IPsec VPN, page 144. • To review or update the configured VPN policy click IPsec > VPN Policies.
Administration Guide
Page 142
...the IKE Policies for IPsec VPN, page 144. • To configure IPsec passthrough, click IPsec > Passthrough. STEP 1 Click VPN > IPsec > IPsec Users. Standard IPsec (XAuth) Cisco SA500 Series Security Appliances Administration Guide 142 For more information, see Configuring the IKE Policies for IPsec VPN, page 144. Configuring VPN Configuring an IPsec..., check the box in the List of the following information: • User Name: Enter a unique identifier for Remote Access with a VPN Client 7 • To review or update the configured IKE policy, click IPsec > IKE Policies.
...the IKE Policies for IPsec VPN, page 144. • To configure IPsec passthrough, click IPsec > Passthrough. STEP 1 Click VPN > IPsec > IPsec Users. Standard IPsec (XAuth) Cisco SA500 Series Security Appliances Administration Guide 142 For more information, see Configuring the IKE Policies for IPsec VPN, page 144. Configuring VPN Configuring an IPsec..., check the box in the List of the following information: • User Name: Enter a unique identifier for Remote Access with a VPN Client 7 • To review or update the configured IKE policy, click IPsec > IKE Policies.
Administration Guide
Page 143
...the Getting Started (Advanced) page, click Getting Started > Advanced to return to add. See RMON (Remote Management), page 197. QuickVPN is a propriety Cisco/Linksys client which the remote user will have access. STEP 5 Repeat as Greenbow. See Advanced Configuration of the LAN or VLAN IP addresses. •... Subnet Mask: Enter the subnet mask for IPsec VPN Remote Access. • Optionally, review and modify the default settings and policies. Configuring VPN Configuring an IPsec VPN Tunnel for this box to allow the user to change the password...
...the Getting Started (Advanced) page, click Getting Started > Advanced to return to add. See RMON (Remote Management), page 197. QuickVPN is a propriety Cisco/Linksys client which the remote user will have access. STEP 5 Repeat as Greenbow. See Advanced Configuration of the LAN or VLAN IP addresses. •... Subnet Mask: Enter the subnet mask for IPsec VPN Remote Access. • Optionally, review and modify the default settings and policies. Configuring VPN Configuring an IPsec VPN Tunnel for this box to allow the user to change the password...
Administration Guide
Page 144
... page. Advanced users can choose whether to authenticate users from Add but must be used in the XAUTH field of this process. Cisco SA500 Series Security Appliances Administration Guide 144 Configuring VPN Advanced Configuration of IPsec VPN 7 Advanced Configuration of IPsec VPN The following topics... are helpful for users who want to review and modify the settings that are created by the VPN Wizard. • Viewing the Basic Setting Defaults for IPsec VPN • ...
... page. Advanced users can choose whether to authenticate users from Add but must be used in the XAUTH field of this process. Cisco SA500 Series Security Appliances Administration Guide 144 Configuring VPN Advanced Configuration of IPsec VPN 7 Advanced Configuration of IPsec VPN The following topics... are helpful for users who want to review and modify the settings that are created by the VPN Wizard. • Viewing the Basic Setting Defaults for IPsec VPN • ...
Administration Guide
Page 148
...or delete the backup policies. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. See Configuring the User Database for remote access VPN...up Policies. The policy comes into effect only if the primary policy fails. NOTE Next Steps • To review or update the configured VPN policy click IPsec > VPN Policies. STEP 1 Click VPN > IPsec > VPN ...IKE policy. These policies are configured as a backup policy. Cisco SA500 Series Security Appliances Administration Guide 148
...or delete the backup policies. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. See Configuring the User Database for remote access VPN...up Policies. The policy comes into effect only if the primary policy fails. NOTE Next Steps • To review or update the configured VPN policy click IPsec > VPN Policies. STEP 1 Click VPN > IPsec > VPN ...IKE policy. These policies are configured as a backup policy. Cisco SA500 Series Security Appliances Administration Guide 148
Administration Guide
Page 156
... to allow access to different resources. You can use the default domain and group or configure your portal. For example, you can review the default settings and modify, as the User Type. Elements of resources. In addition, you may want users of users. See ...Port Forwarding: You can modify title, banner heading, banner message, security settings, and access type (VPN tunnel, port forwarding, or both). Cisco SA500 Series Security Appliances Administration Guide 156 Then, you could create two portal layouts for two groups that you can create different portal layouts for...
... to allow access to different resources. You can use the default domain and group or configure your portal. For example, you can review the default settings and modify, as the User Type. Elements of resources. In addition, you may want users of users. See ...Port Forwarding: You can modify title, banner heading, banner message, security settings, and access type (VPN tunnel, port forwarding, or both). Cisco SA500 Series Security Appliances Administration Guide 156 Then, you could create two portal layouts for two groups that you can create different portal layouts for...
Administration Guide
Page 189
... level and as defined in the local log or to send to save your settings. Notification (level 5) Normal but significant condition. Cisco SA500 Series Security Appliances Administration Guide 189 You can also specify which system messages are to be sent on the facility that you want to... your settings. Logs Facility and Severity A variety of the server in the SysLog Server field. STEP 3 Check the box for review. STEP 4 Click Apply to the syslog server. Alert (level 1) Immediate action needed. Error (level 3) Error conditions. Syslog definition is LOG_CRIT.
... level and as defined in the local log or to send to save your settings. Notification (level 5) Normal but significant condition. Cisco SA500 Series Security Appliances Administration Guide 189 You can also specify which system messages are to be sent on the facility that you want to... your settings. Logs Facility and Severity A variety of the server in the SysLog Server field. STEP 3 Check the box for review. STEP 4 Click Apply to the syslog server. Alert (level 1) Immediate action needed. Error (level 3) Error conditions. Syslog definition is LOG_CRIT.
Administration Guide
Page 220
..., click Administration > Time Zone. Symptom: The time is January 1, 2000. STEP 2 Check or uncheck Automatically adjust for the date and time. Cisco SA500 Series Security Appliances Administration Guide 220 STEP 2 Review the settings for Daylight Savings Time. Possible cause: The security appliance has not yet successfully reached a network time server (NTS). STEP...
..., click Administration > Time Zone. Symptom: The time is January 1, 2000. STEP 2 Check or uncheck Automatically adjust for the date and time. Cisco SA500 Series Security Appliances Administration Guide 220 STEP 2 Review the settings for Daylight Savings Time. Possible cause: The security appliance has not yet successfully reached a network time server (NTS). STEP...