User Guide
Page 3
... browser 1-3 Connecting to the VPN 3002 using HTTPS 1-16 Logging in the VPN 3002 Hardware Client Manager 1-17 Configuring HTTP, HTTPS, and SSL parameters 1-18 Understanding the VPN 3002 Hardware Client Manager window 1-19 Organization of the VPN 3002 Hardware Client Manager 1-22 Navigating the VPN 3002 Hardware Client Manager 1-23 2 Configuration Configuration 2-1 3 Interfaces Configuration | Interfaces 3-1 Configuration | Interfaces | Private 3-3 Configuration | Interfaces | Public 3-5 4 System Configuration Configuration | System 4-1 VPN 3002 Hardware Client User Guide iii
... browser 1-3 Connecting to the VPN 3002 using HTTPS 1-16 Logging in the VPN 3002 Hardware Client Manager 1-17 Configuring HTTP, HTTPS, and SSL parameters 1-18 Understanding the VPN 3002 Hardware Client Manager window 1-19 Organization of the VPN 3002 Hardware Client Manager 1-22 Navigating the VPN 3002 Hardware Client Manager 1-23 2 Configuration Configuration 2-1 3 Interfaces Configuration | Interfaces 3-1 Configuration | Interfaces | Private 3-3 Configuration | Interfaces | Public 3-5 4 System Configuration Configuration | System 4-1 VPN 3002 Hardware Client User Guide iii
User Guide
Page 4
... | Management Protocols | SSL 8-9 Configuration | System | Management Protocols | SSH 8-12 9 Events Event class 9-1 Event severity level 9-4 Event log 9-5 Configuration | System | Events 9-6 Configuration | System | Events | General 9-6 Configuration | System | Events | Classes 9-8 Configuration | System | Events | Classes | Add or Modify 9-9 Configuration | System | Events | Trap Destinations 9-11 Configuration | System | Events | Trap Destinations | Add or Modify 9-12 Configuration | System | Events | Syslog Servers 9-13 iv VPN 3002 Hardware Client User Guide
... | Management Protocols | SSL 8-9 Configuration | System | Management Protocols | SSH 8-12 9 Events Event class 9-1 Event severity level 9-4 Event log 9-5 Configuration | System | Events 9-6 Configuration | System | Events | General 9-6 Configuration | System | Events | Classes 9-8 Configuration | System | Events | Classes | Add or Modify 9-9 Configuration | System | Events | Trap Destinations 9-11 Configuration | System | Events | Trap Destinations | Add or Modify 9-12 Configuration | System | Events | Syslog Servers 9-13 iv VPN 3002 Hardware Client User Guide
User Guide
Page 5
...10 General Configuration | System | General 10-1 Configuration | System | General | Identification 10-2 Configuration | System | General | Time and Date 10-3 11 Policy Management Client mode/PAT 11-1 Network Extension mode 11-2 Configuration | Policy Management 11-3 Configuration | Policy Management | Traffic Management 11-3 Configuration | Policy Management | Traffic Management | PAT 11-4 Configuration | Policy...Administration | Certificate Management | Certificates | Delete 12-27 13 Monitoring Monitoring 13-1 Monitoring | Routing Table 13-2 VPN 3002 Hardware Client User Guide v
...10 General Configuration | System | General 10-1 Configuration | System | General | Identification 10-2 Configuration | System | General | Time and Date 10-3 11 Policy Management Client mode/PAT 11-1 Network Extension mode 11-2 Configuration | Policy Management 11-3 Configuration | Policy Management | Traffic Management 11-3 Configuration | Policy Management | Traffic Management | PAT 11-4 Configuration | Policy...Administration | Certificate Management | Certificates | Delete 12-27 13 Monitoring Monitoring 13-1 Monitoring | Routing Table 13-2 VPN 3002 Hardware Client User Guide v
User Guide
Page 9
Tables Contents Table 9-1: VPN 3002 event classes 9-1 Table 9-2: VPN 3002 event severity levels 9-4 Table 9-3: Configuring "well-known" SNMP traps 9-7 VPN 3002 Hardware Client User Guide ix
Tables Contents Table 9-1: VPN 3002 event classes 9-1 Table 9-2: VPN 3002 event severity levels 9-4 Table 9-3: Configuring "well-known" SNMP traps 9-7 VPN 3002 Hardware Client User Guide ix
User Guide
Page 11
Organization This manual is not described here. Preface About this manual The VPN 3002 Hardware Client User Guide provides guidelines for configuring the Cisco VPN 3002, details on all the functions available in the VPN 3002 Hardware Client Manager, and instructions for a secure (HTTPS) connection. We also assume you are an experienced system administrator or network administrator with appropriate education and training, who ...
Organization This manual is not described here. Preface About this manual The VPN 3002 Hardware Client User Guide provides guidelines for configuring the Cisco VPN 3002, details on all the functions available in the VPN 3002 Hardware Client Manager, and instructions for a secure (HTTPS) connection. We also assume you are an experienced system administrator or network administrator with appropriate education and training, who ...
User Guide
Page 12
... managing X.509 digital certificates. The VPN Client User Guide explains how to install, configure, and use the VPN Client, which lets a remote client use the VPN Client command line interface, and how to configure the system, what software runs on the VPN 3002, and for secure connection to a private network through the VPN 3000 Concentrator. xii VPN 3002 Hardware Client User Guide Chapter 11, Policy Management explains how...
... managing X.509 digital certificates. The VPN Client User Guide explains how to install, configure, and use the VPN Client, which lets a remote client use the VPN Client command line interface, and how to configure the system, what software runs on the VPN 3002, and for secure connection to a private network through the VPN 3000 Concentrator. xii VPN 3002 Hardware Client User Guide Chapter 11, Policy Management explains how...
User Guide
Page 14
..., download and test software packages, and order Cisco learning materials and merchandise. Otherwise, you can self-register on Cisco.com to the TAC website: xiv VPN 3002 Hardware Client User Guide Registered users can resolve technical issues with Cisco. After you have a priority level 3 (... documentation, troubleshooting tips, and sample configurations from online tools. Customers and partners can submit technical comments electronically. Cisco.com provides a broad range of interactive, networked services that is available to Cisco information and resources at anytime, from...
..., download and test software packages, and order Cisco learning materials and merchandise. Otherwise, you can self-register on Cisco.com to the TAC website: xiv VPN 3002 Hardware Client User Guide Registered users can resolve technical issues with Cisco. After you have a priority level 3 (... documentation, troubleshooting tips, and sample configurations from online tools. Customers and partners can submit technical comments electronically. Cisco.com provides a broad range of interactive, networked services that is available to Cisco information and resources at anytime, from...
User Guide
Page 15
...Web reference site with definitions for Internet Engineering Task Force (IETF) Working Group drafts on Cisco product capabilities, product installation, or basic product configuration. Other references http://www.cisco.com/tac P3 and P4 level problems are defined as follows: • P3-Your ....) Kosiur, Dave. Encyclopedia of the above cases, use the Cisco TAC website to quickly find answers to your questions. www.ietf.org for computer, networking, and data communication terms. VPN 3002 Hardware Client User Guide xv In each of Networking. No workaround is available. •...
...Web reference site with definitions for Internet Engineering Task Force (IETF) Working Group drafts on Cisco product capabilities, product installation, or basic product configuration. Other references http://www.cisco.com/tac P3 and P4 level problems are defined as follows: • P3-Your ....) Kosiur, Dave. Encyclopedia of the above cases, use the Cisco TAC website to quickly find answers to your questions. www.ietf.org for computer, networking, and data communication terms. VPN 3002 Hardware Client User Guide xv In each of Networking. No workaround is available. •...
User Guide
Page 19
... configure, administer, monitor, and manage the VPN 3002 with the Manager: 1 The first time, connect to the VPN 3002 using a PC and browser on page 1-3. Note: You cannot use it . Browser requirements The VPN 3002 Hardware Client Manager requires either Microsoft Internet Explorer version 4.0 or higher, or Netscape Navigator / Communicator version 4.5-4.7. Check these settings: VPN 3002 Hardware Client User Guide 1-1 CHAPTER 1 Using the VPN 3002 Hardware Client Manager...
... configure, administer, monitor, and manage the VPN 3002 with the Manager: 1 The first time, connect to the VPN 3002 using a PC and browser on page 1-3. Note: You cannot use it . Browser requirements The VPN 3002 Hardware Client Manager requires either Microsoft Internet Explorer version 4.0 or higher, or Netscape Navigator / Communicator version 4.5-4.7. Check these settings: VPN 3002 Hardware Client User Guide 1-1 CHAPTER 1 Using the VPN 3002 Hardware Client Manager...
User Guide
Page 25
... your browser Figure 1-7: Internet Explorer Certificate Manager Import Wizard dialog box 7 Click Finish. You can now connect to the VPN 3002 using HTTP over SSL (HTTPS). 10 On the Manager SSL screen (Figure 1-2), click the link that says, After installing...certificate in your browser is configured, you to confirm the installation. Figure 1-8: Internet Explorer Root Certificate Store dialog box 8 To install the certificate, click Yes. Depending on the Certificate dialog box (Figure 1-4) to the VPN 3002 Hardware Client using SSL. VPN 3002 Hardware Client User Guide 1-7 This dialog box ...
... your browser Figure 1-7: Internet Explorer Certificate Manager Import Wizard dialog box 7 Click Finish. You can now connect to the VPN 3002 using HTTP over SSL (HTTPS). 10 On the Manager SSL screen (Figure 1-2), click the link that says, After installing...certificate in your browser is configured, you to confirm the installation. Figure 1-8: Internet Explorer Root Certificate Store dialog box 8 To install the certificate, click Yes. Depending on the Certificate dialog box (Figure 1-4) to the VPN 3002 Hardware Client using SSL. VPN 3002 Hardware Client User Guide 1-7 This dialog box ...
User Guide
Page 31
...Manager SSL screen (Figure 1-2), click the link that says, After installing the SSL certificate, click here to connect to the VPN 3002 Hardware Client using SSL. The VPN 3002 displays the HTTPS version of installed certificates; Installing the SSL certificate in the list of the Manager login screen. see a... may see Viewing certificates with Netscape below. Figure 1-21: Netscape Security Information Alert dialog box 8 Click Continue. VPN 3002 Hardware Client User Guide 1-13 "Nickname" is configured, you use a clearly descriptive name such as Cisco VPN 3002 10.10.147.2.
...Manager SSL screen (Figure 1-2), click the link that says, After installing the SSL certificate, click here to connect to the VPN 3002 Hardware Client using SSL. The VPN 3002 displays the HTTPS version of installed certificates; Installing the SSL certificate in the list of the Manager login screen. see a... may see Viewing certificates with Netscape below. Figure 1-21: Netscape Security Information Alert dialog box 8 Click Continue. VPN 3002 Hardware Client User Guide 1-13 "Nickname" is configured, you use a clearly descriptive name such as Cisco VPN 3002 10.10.147.2.
User Guide
Page 36
.../ HTTPS screen. 1 Using the VPN 3002 Hardware Client Manager Figure 1-27: Manager Main Welcome screen From here you can navigate the Manager using either the table of contents in the left frame, or the Manager toolbar in the top frame. To configure HTTP and HTTPS parameters, see the Configuration | System | Management Protocols | SSL screen. 1-18 VPN 3002 Hardware Client User Guide
.../ HTTPS screen. 1 Using the VPN 3002 Hardware Client Manager Figure 1-27: Manager Main Welcome screen From here you can navigate the Manager using either the table of contents in the left frame, or the Manager toolbar in the top frame. To configure HTTP and HTTPS parameters, see the Configuration | System | Management Protocols | SSL screen. 1-18 VPN 3002 Hardware Client User Guide
User Guide
Page 39
...] The administrator username you have changed the active configuration. Save Needed This reminder indicates that the Manager saves the new VPN 3002 Hardware Client User Guide 1-21 However, if you change the configuration, the reminder changes to Cisco's Technical Assistance Center (TAC). There is the same... as the boot configuration, but you finish, the application closes...
...] The administrator username you have changed the active configuration. Save Needed This reminder indicates that the Manager saves the new VPN 3002 Hardware Client User Guide 1-21 However, if you change the configuration, the reminder changes to Cisco's Technical Assistance Center (TAC). There is the same... as the boot configuration, but you finish, the application closes...
User Guide
Page 40
... this icon does not change the screen in the table of contents to the Cisco web site, www.cisco.com. Interfaces: Ethernet parameters. 1-22 VPN 3002 Hardware Client User Guide Main frame (Manager screen) The main frame displays the current VPN 3002 Hardware Client Manager screen. Quick Configuration: supplying the minimal parameters needed to refresh (update) the screen contents on screens where...
... this icon does not change the screen in the table of contents to the Cisco web site, www.cisco.com. Interfaces: Ethernet parameters. 1-22 VPN 3002 Hardware Client User Guide Main frame (Manager screen) The main frame displays the current VPN 3002 Hardware Client Manager screen. Quick Configuration: supplying the minimal parameters needed to refresh (update) the screen contents on screens where...
User Guide
Page 41
...Figure 1-30 shows all these topics. For Quick Configuration, see the VPN 3002 Hardware Client Getting Started manual. System: parameters for navigating the VPN 3002 Hardware Client Manager is a single column. Use the scroll controls to configure the system, what software runs on it, and managing its configuration files and digital certificates. • Monitoring: viewing... server access, IPSec tunneling protocol, built-in multiple columns, but the actual frame is the table of Contents VPN 3002 Hardware Client User Guide 1-23 Navigating the VPN 3002 Hardware Client Manager -
...Figure 1-30 shows all these topics. For Quick Configuration, see the VPN 3002 Hardware Client Getting Started manual. System: parameters for navigating the VPN 3002 Hardware Client Manager is a single column. Use the scroll controls to configure the system, what software runs on it, and managing its configuration files and digital certificates. • Monitoring: viewing... server access, IPSec tunneling protocol, built-in multiple columns, but the actual frame is the table of Contents VPN 3002 Hardware Client User Guide 1-23 Navigating the VPN 3002 Hardware Client Manager -
User Guide
Page 43
... system in Quick Configuration, the system is available for each section of the Manager. VPN 3002 Hardware Client User Guide 2-1 But to tailor the system to your needs, and to provide an appropriate level of the Manager lets you supply minimal parameters in detail. For more information, use and functionality as a VPN device. Cisco supplies default parameters that...
... system in Quick Configuration, the system is available for each section of the Manager. VPN 3002 Hardware Client User Guide 2-1 But to tailor the system to your needs, and to provide an appropriate level of the Manager lets you supply minimal parameters in detail. For more information, use and functionality as a VPN device. Cisco supplies default parameters that...
User Guide
Page 45
... active use, changes may affect tunnel traffic. see the Configuration | System | IP Routing screens. VPN 3002 Hardware Client User Guide 3-1 You configure two network interfaces for the interfaces. The VPN 3002 includes some IP routing functions: static routes, and DHCP. You configure static routes, the default gateway, and DHCP in the VPN 3002 Hardware Client Getting Started manual, the system supplied many default parameters...
... active use, changes may affect tunnel traffic. see the Configuration | System | IP Routing screens. VPN 3002 Hardware Client User Guide 3-1 You configure two network interfaces for the interfaces. The VPN 3002 includes some IP routing functions: static routes, and DHCP. You configure static routes, the default gateway, and DHCP in the VPN 3002 Hardware Client Getting Started manual, the system supplied many default parameters...
User Guide
Page 46
... table or click in the system. See Configuration | Interfaces | Private/Public. Dormant = (Red) Configured and enabled but waiting for DHCP to select the module on the back-panel image. or use the mouse pointer to assign an IP address. 3-2 VPN 3002 Hardware Client User Guide 3 Interfaces Figure 3-1: VPN 3002-8E Configuration | Interfaces screen To configure a module, either click the appropriate link...
... table or click in the system. See Configuration | Interfaces | Private/Public. Dormant = (Red) Configured and enabled but waiting for DHCP to select the module on the back-panel image. or use the mouse pointer to assign an IP address. 3-2 VPN 3002 Hardware Client User Guide 3 Interfaces Figure 3-1: VPN 3002-8E Configuration | Interfaces screen To configure a module, either click the appropriate link...
User Guide
Page 47
... | Private screen Caution: If you will have to the VPN 3002, you will break the connection, and you modify any . VPN 3002 Hardware Client User Guide 3-3 Subnet Mask The subnet mask configured on this interface. It displays the current parameters, if any parameters of the... Enabled To make the interface functional and online, check Enabled. this state lets you configure parameters for the Private Interface. Configuration | Interfaces | Private IP Address The IP address configured on this interface. Configuration | Interfaces | Private This screen lets you retain or change its...
... | Private screen Caution: If you will have to the VPN 3002, you will break the connection, and you modify any . VPN 3002 Hardware Client User Guide 3-3 Subnet Mask The subnet mask configured on this interface. It displays the current parameters, if any parameters of the... Enabled To make the interface functional and online, check Enabled. this state lets you configure parameters for the Private Interface. Configuration | Interfaces | Private IP Address The IP address configured on this interface. Configuration | Interfaces | Private This screen lets you retain or change its...
User Guide
Page 48
...: transmits and receives at the same time. 3-4 VPN 3002 Hardware Client User Guide 3 Interfaces If the interface is 255.255.255.0. For example, the IP address 192.168.12.34 is a Class C address, and the standard subnet mask is configured but not at the same time. You cannot change... this entry or change it. Otherwise, select the appropriate fixed speed. Note that the port on the VPN 3002 front panel. Be sure that 0.0.0.0 is the unique hardware MAC (Medium Access Control) address ...
...: transmits and receives at the same time. 3-4 VPN 3002 Hardware Client User Guide 3 Interfaces If the interface is 255.255.255.0. For example, the IP address 192.168.12.34 is a Class C address, and the standard subnet mask is configured but not at the same time. You cannot change... this entry or change it. Otherwise, select the appropriate fixed speed. Note that the port on the VPN 3002 front panel. Be sure that 0.0.0.0 is the unique hardware MAC (Medium Access Control) address ...