User Guide
Page 23
... hardware is divided into these parts (as an example. The Web Configurator screen is properly connected. The Login screen appears. 3 Type the user name (default: "admin") and password (default: "1234"). 4 Click Login. title bar UAG Series User's Guide 23 otherwise the dashboard appears. Chapter 1 Introduction The recommended screen resolution is 1024 x 768 pixels...
... hardware is divided into these parts (as an example. The Web Configurator screen is properly connected. The Login screen appears. 3 Type the user name (default: "admin") and password (default: "1234"). 4 Click Login. title bar UAG Series User's Guide 23 otherwise the dashboard appears. Chapter 1 Introduction The recommended screen resolution is 1024 x 768 pixels...
User Guide
Page 76
...been no encryption. • Authentication Algorithm: MD5 gives minimal security and SHA512 gives the highest security. If it may affect throughput). DH1 (default) refers to authenticate packet data. A short SA life time increases security, but renegotiation temporarily disconnects the VPN tunnel. If it is. ...although it does not respond, the UAG shuts down the IKE SA. • Authentication Method: Select Pre-Shared Key to use a password or Certificate to the remote IPSec device. Null uses no traffic for IPSec. UAG Series User's Guide 76 Note: The remote IPSec...
...been no encryption. • Authentication Algorithm: MD5 gives minimal security and SHA512 gives the highest security. If it may affect throughput). DH1 (default) refers to authenticate packet data. A short SA life time increases security, but renegotiation temporarily disconnects the VPN tunnel. If it is. ...although it does not respond, the UAG shuts down the IKE SA. • Authentication Method: Select Pre-Shared Key to use a password or Certificate to the remote IPSec device. Null uses no traffic for IPSec. UAG Series User's Guide 76 Note: The remote IPSec...
User Guide
Page 337
... Configuration > SMS LABEL General Settings Enable SMS Default country code for confirmation. Type your changes to the UAG. This section is activated. Click this button to save your password again for phone number ViaNett Configuration User Name Password Retype to Confirm License Licensed Service Status License Type.... Enter the user name for example. This field displays Standard when the service is available only on the SMS service. Type the Password associated with the user name. Note: You must subscribe to the SMS service before you can use the service to send a text...
... Configuration > SMS LABEL General Settings Enable SMS Default country code for confirmation. Type your changes to the UAG. This section is activated. Click this button to save your password again for phone number ViaNett Configuration User Name Password Retype to Confirm License Licensed Service Status License Type.... Enter the user name for example. This field displays Standard when the service is available only on the SMS service. Type the Password associated with the user name. Note: You must subscribe to the SMS service before you can use the service to send a text...
User Guide
Page 400
...guest accounts pre-subscriber Access network services dynamic-guest Access network services LOGIN METHOD(S) WWW Web Authentication Portal Web Authentication Portal Note: The default admin account is always authenticated locally, regardless of the authentication method setting. (See Chapter 43 on page 464 for more on page... authenticate an ext-user using the local database, the attempt always fails. A dynamic guest account has a dynamically-created user name and password. If the external server does not have the information, the UAG sets the user type for this user, you want to set up...
...guest accounts pre-subscriber Access network services dynamic-guest Access network services LOGIN METHOD(S) WWW Web Authentication Portal Web Authentication Portal Note: The default admin account is always authenticated locally, regardless of the authentication method setting. (See Chapter 43 on page 464 for more on page... authenticate an ext-user using the local database, the attempt always fails. A dynamic guest account has a dynamically-created user name and password. If the external server does not have the information, the UAG sets the user type for this user, you want to set up...
User Guide
Page 404
...words are provided. In this type. • ext-group-user - Enter the description of user accounts the UAG uses: Password • admin - Default descriptions are reserved. If you select Use Manual Settings, you need to enter the number of minutes unlimited. UAG Series User... user can enter 0 to make the number of the RADIUS server's Group Membership Attribute that identifies the group to use default settings, select Use Default Settings. Chapter 35 User/Group The following table describes the labels in this user account. Table 179 Configuration > Object >...
...words are provided. In this type. • ext-group-user - Enter the description of user accounts the UAG uses: Password • admin - Default descriptions are reserved. If you select Use Manual Settings, you need to enter the number of minutes unlimited. UAG Series User... user can enter 0 to make the number of the RADIUS server's Group Membership Attribute that identifies the group to use default settings, select Use Default Settings. Chapter 35 User/Group The following table describes the labels in this user account. Table 179 Configuration > Object >...
User Guide
Page 409
...this check box to set a limit on page 406), and select one of times each user can login unsuccessfully (for example, wrong password) before the IP address is checked. This field is effective when Enable logon retry limit is locked out for any user account's authentication ...timeout settings. These default authentication timeout settings also control the settings for the specified Lockout period. This field is effective when Enable logon retry limit is reached...
...this check box to set a limit on page 406), and select one of times each user can login unsuccessfully (for example, wrong password) before the IP address is checked. This field is effective when Enable logon retry limit is locked out for any user account's authentication ...timeout settings. These default authentication timeout settings also control the settings for the specified Lockout period. This field is effective when Enable logon retry limit is reached...
User Guide
Page 469
...not to convert a binary file to open the Certificate window. It is a format for this to occur since many programs use text files by default. 44.1.3 Verifying a Certificate Before you import a trusted certificate into the UAG. You can do this using the MD5 or SHA1 algorithm. The ... file creates this and you must provide it to decrypt the contents when you have the certificate saved on your certificate's public or private passwords. Figure 316 Remote Host Certificates 3 Double-click the certificate's icon to text during the transfer process. Click the Details tab and scroll down...
...not to convert a binary file to open the Certificate window. It is a format for this to occur since many programs use text files by default. 44.1.3 Verifying a Certificate Before you import a trusted certificate into the UAG. You can do this using the MD5 or SHA1 algorithm. The ... file creates this and you must provide it to decrypt the contents when you have the certificate saved on your certificate's public or private passwords. Figure 316 Remote Host Certificates 3 Double-click the certificate's icon to text during the transfer process. Click the Details tab and scroll down...
User Guide
Page 480
...). Table 226 Configuration > Object > Certificate > Trusted Certificates > Edit LABEL Name Certification Path Refresh LDAP Server Address Port ID Password Certificate Information Type Version Serial Number Subject Issuer DESCRIPTION This field displays the identifying name of the directory server. LDAP is the ...'s certificate and displays "Not trusted" in this screen. X.509 means that the directory server uses. 389 is the default server port number for public-key certificates. Some certification authorities use rsapkcs1-md5 (RSA public-private key encryption algorithm and the...
...). Table 226 Configuration > Object > Certificate > Trusted Certificates > Edit LABEL Name Certification Path Refresh LDAP Server Address Port ID Password Certificate Information Type Version Serial Number Subject Issuer DESCRIPTION This field displays the identifying name of the directory server. LDAP is the ...'s certificate and displays "Not trusted" in this screen. X.509 means that the directory server uses. 389 is the default server port number for public-key certificates. Some certification authorities use rsapkcs1-md5 (RSA public-private key encryption algorithm and the...
User Guide
Page 520
...uses only SSH version 2 protocol. UAG Series User's Guide 520 The SSH server is implemented on the UAG for management using port 22 (by default). 46.8.3 Requirements for Using SSH You must install an SSH client program on the UAG Your UAG supports SSH versions 1 and 2 using this... 2 protocols. Use this screen. Version 1 Select the check box to manage the UAG. The client then sends its authentication information (user name and password) to the server to log in to the server. 46.8.2 SSH Implementation on a client computer (Windows or Linux operating system) that matches the IP...
...uses only SSH version 2 protocol. UAG Series User's Guide 520 The SSH server is implemented on the UAG for management using port 22 (by default). 46.8.3 Requirements for Using SSH You must install an SSH client program on the UAG Your UAG supports SSH versions 1 and 2 using this... 2 protocols. Use this screen. Version 1 Select the check box to manage the UAG. The client then sends its authentication information (user name and password) to the server to log in to the server. 46.8.2 SSH Implementation on a client computer (Windows or Linux operating system) that matches the IP...
User Guide
Page 522
...Escape character is the first time you are connecting to the UAG using the default IP address of 172.16.0.1). If this is '^]'. RSA1 key fingerprint is ... UAG. Type "yes" and press [ENTER]. Chapter 46 System Figure 363 SSH Example 1: Store Host Key Enter the password to log in $ ssh -1 172.16.0.1 The authenticity of host '172.16.0.1 (172.16.0.1)' can't be established...365 SSH Example 2: Log in to the UAG. SSH-1.5-1.0.0 2 Enter "ssh -1 172.16.0.1". Then enter the password to log in to the UAG using the OpenSSH client program that comes with most Linux distributions. 1 Test whether ...
...Escape character is the first time you are connecting to the UAG using the default IP address of 172.16.0.1). If this is '^]'. RSA1 key fingerprint is ... UAG. Type "yes" and press [ENTER]. Chapter 46 System Figure 363 SSH Example 1: Store Host Key Enter the password to log in $ ssh -1 172.16.0.1 The authenticity of host '172.16.0.1 (172.16.0.1)' can't be established...365 SSH Example 2: Log in to the UAG. SSH-1.5-1.0.0 2 Enter "ssh -1 172.16.0.1". Then enter the password to log in to the UAG using the OpenSSH client program that comes with most Linux distributions. 1 Test whether ...
User Guide
Page 528
...configured rule. This displays whether the computer with each trap to access the UAG using this service. Click Configuration > System > Auth. The default is connected to use that traffic will match so the UAG will not have to or disconnected from the management station. Select this to create...the UAG. Enter the Get Community, which the computer is allowed or denied to enable the authentication server feature of a number is the password sent with the IP address specified above can access the UAG zone(s) configured in the Service Control table to the SNMP manager. Click ...
...configured rule. This displays whether the computer with each trap to access the UAG using this service. Click Configuration > System > Auth. The default is connected to use that traffic will match so the UAG will not have to or disconnected from the management station. Select this to create...the UAG. Enter the Get Community, which the computer is allowed or denied to enable the authentication server feature of a number is the password sent with the IP address specified above can access the UAG zone(s) configured in the Service Control table to the SNMP manager. Click ...
User Guide
Page 550
... is explained below . Figure 381 Configuration File / Shell Script: Example # enter configuration mode configure terminal # change administrator password username admin password 4321 user-type admin # configure wan1 interface wan1 ip address 10.16.17.240 255.255.255.0 ip gateway 10...Series User's Guide 550 Table 261 Configuration Files and Shell Scripts in the UAG Configuration Files (.conf) Shell Scripts (.zysh) • Resets to default configuration. • Goes into CLI Configuration mode. • Runs the commands in the configuration file. • Goes into CLI Privilege mode....
... is explained below . Figure 381 Configuration File / Shell Script: Example # enter configuration mode configure terminal # change administrator password username admin password 4321 user-type admin # configure wan1 interface wan1 ip address 10.16.17.240 255.255.255.0 ip gateway 10...Series User's Guide 550 Table 261 Configuration Files and Shell Scripts in the UAG Configuration Files (.conf) Shell Scripts (.zysh) • Resets to default configuration. • Goes into CLI Configuration mode. • Runs the commands in the configuration file. • Goes into CLI Privilege mode....
User Guide
Page 583
... seconds (or until the PWR LED starts to blink), then release it . I cannot access the Internet. • Check the UAG's connection to the factory defaults (password is 1234, LAN IP address 172.16.0.1 or 172.17.0.1 etc.; Check all cable connections. The UAG should reply. • If you've forgotten the... UAG's password, use the commands through the console port to check it . It returns the UAG to the Ethernet jack with Internet access. see Chapter 7 on page...
... seconds (or until the PWR LED starts to blink), then release it . I cannot access the Internet. • Check the UAG's connection to the factory defaults (password is 1234, LAN IP address 172.16.0.1 or 172.17.0.1 etc.; Check all cable connections. The UAG should reply. • If you've forgotten the... UAG's password, use the commands through the console port to check it . It returns the UAG to the Ethernet jack with Internet access. see Chapter 7 on page...
User Guide
Page 585
... may need to configure the DDNS entry's IP Address setting to use Dynamic DNS. • Make sure you recorded your DDNS account's user name, password, and domain name and have entered them properly in the UAG. • You may have a public WAN IP address to Auto if the interface.... This way the UAG automatically updates every rule or setting that apply to General. You can also configure a policy route to override the default routing and SNAT behavior for traffic it on top of writing, the UAG does not support ingress bandwidth management. The UAG automatically uses SNAT ...
... may need to configure the DDNS entry's IP Address setting to use Dynamic DNS. • Make sure you recorded your DDNS account's user name, password, and domain name and have entered them properly in the UAG. • You may have a public WAN IP address to Auto if the interface.... This way the UAG automatically updates every rule or setting that apply to General. You can also configure a policy route to override the default routing and SNAT behavior for traffic it on top of writing, the UAG does not support ingress bandwidth management. The UAG automatically uses SNAT ...
User Guide
Page 587
... provide it to decrypt the contents when you want to import has to be encrypted. The file's password is a format for data (including digital signatures) that was generated by default. I cannot get a certificate to text during the transfer process. The private key is not being ...applied at the configured times. Chapter 53 Troubleshooting I cannot add the admin users to your certificate's public or private passwords. Note: Be careful not ...
... provide it to decrypt the contents when you want to import has to be encrypted. The file's password is a format for data (including digital signatures) that was generated by default. I cannot get a certificate to text during the transfer process. The private key is not being ...applied at the configured times. Chapter 53 Troubleshooting I cannot add the admin users to your certificate's public or private passwords. Note: Be careful not ...
User Guide
Page 589
...Any configuration files or shell scripts that you saved on the UAG, including any existing capture files and any method or you forget the administrator password(s), you want to reboot the device without changing the current configuration, see Chapter 51 on page 581. 1 Make sure the SYS LED is ...the recommended method for how to determine if you generate. If you can reset the UAG to its factory-default settings. If you need to restart. Note: This procedure removes the current configuration. My packet capture captured less than I cannot get the firmware ...
...Any configuration files or shell scripts that you saved on the UAG, including any existing capture files and any method or you forget the administrator password(s), you want to reboot the device without changing the current configuration, see Chapter 51 on page 581. 1 Make sure the SYS LED is ...the recommended method for how to determine if you generate. If you can reset the UAG to its factory-default settings. If you need to restart. Note: This procedure removes the current configuration. My packet capture captured less than I cannot get the firmware ...