Administration Guide
Page 26
... is allowed from the security appliance. NOTE Before you configure your network, make changes, as well your preferences for a small business, the security appliance enables communication between the devices on the LAN receive their IP addresses dynamically from the Internet to access ... Getting Started (Basic) page, click the WAN settings link. Review the WAN configuration and make any LAN devices. For more information, see Changing the Default User Name and Password, page 23). Cisco SA500 Series Security Appliances Administration Guide 26 Getting Started Common Configuration ...
... is allowed from the security appliance. NOTE Before you configure your network, make changes, as well your preferences for a small business, the security appliance enables communication between the devices on the LAN receive their IP addresses dynamically from the Internet to access ... Getting Started (Basic) page, click the WAN settings link. Review the WAN configuration and make any LAN devices. For more information, see Changing the Default User Name and Password, page 23). Cisco SA500 Series Security Appliances Administration Guide 26 Getting Started Common Configuration ...
Administration Guide
Page 27
... as a LAN Port, page 53. • If you can use the Optional port as a secondary WAN port to your network. Review the LAN configuration and make any changes that are going to support your devices. The default DHCP and TCP/IP settings should be satisfactory ... change the subnet address or the default IP address, or assign static IP addresses to provide backup connectivity or load balancing. See Scenario 8: Cisco Smart Business Communications System Configuration, page 28. 4. Consider whether you need a DMZ or a secondary WAN, you need to the configuration utility. For ...
... as a LAN Port, page 53. • If you can use the Optional port as a secondary WAN port to your network. Review the LAN configuration and make any changes that are going to support your devices. The default DHCP and TCP/IP settings should be satisfactory ... change the subnet address or the default IP address, or assign static IP addresses to provide backup connectivity or load balancing. See Scenario 8: Cisco Smart Business Communications System Configuration, page 28. 4. Consider whether you need a DMZ or a secondary WAN, you need to the configuration utility. For ...
Administration Guide
Page 32
.... When the VPN Wizard appears, choose the Site-to-Site option and enter the other links on the Getting Started (Advanced) page to review and modify the policies that were created by the Wizard. For more information, see Configuring an IPsec VPN Tunnel for this scenario: In the... Site-to-Site VPN section of the Getting Started (Advanced) page, click the VPN Wizard link. Optionally, you can use other settings. Cisco SA500 Series Security Appliances Administration Guide 32 Getting Started Common Configuration Scenarios 1 IPsec VPN for Site-to-Site VPN For site-to-site VPN, you...
.... When the VPN Wizard appears, choose the Site-to-Site option and enter the other links on the Getting Started (Advanced) page to review and modify the policies that were created by the Wizard. For more information, see Configuring an IPsec VPN Tunnel for this scenario: In the... Site-to-Site VPN section of the Getting Started (Advanced) page, click the VPN Wizard link. Optionally, you can use other settings. Cisco SA500 Series Security Appliances Administration Guide 32 Getting Started Common Configuration Scenarios 1 IPsec VPN for Site-to-Site VPN For site-to-site VPN, you...
Administration Guide
Page 33
... Configuring an IPsec VPN Tunnel for secure access. Return to the Getting Started (Advanced) page and click Add Users to review and modify the policies that were created by the Wizard. Cisco SA500 Series Security Appliances Administration Guide 33 When the VPN Wizard appears, choose the Remote Access option and complete the...
... Configuring an IPsec VPN Tunnel for secure access. Return to the Getting Started (Advanced) page and click Add Users to review and modify the policies that were created by the Wizard. Cisco SA500 Series Security Appliances Administration Guide 33 When the VPN Wizard appears, choose the Remote Access option and complete the...
Administration Guide
Page 34
... the SSL VPN Portal Layouts link to add your network resources. Return to the Getting Started (Advanced) page and click the Configure Users link to review the default settings for the user portal. For more information, see Configuring SSL VPN for different user groups, if needed. You are not responsible for... the policies, client settings, routes, and resources for any VPN client software, since the VPN tunnel can use other links to extend your VPN users. Cisco SA500 Series Security Appliances Administration Guide 34
... the SSL VPN Portal Layouts link to add your network resources. Return to the Getting Started (Advanced) page and click the Configure Users link to review the default settings for the user portal. For more information, see Configuring SSL VPN for different user groups, if needed. You are not responsible for... the policies, client settings, routes, and resources for any VPN client software, since the VPN tunnel can use other links to extend your VPN users. Cisco SA500 Series Security Appliances Administration Guide 34
Administration Guide
Page 139
... recommendations, see Configuring the IKE Policies for IPsec VPN, page 144. • To configure IPsec passthrough, click IPsec > Passthrough. Cisco SA500 Series Security Appliances Administration Guide 139 The Wizard sets most parameters to configure an IPsec VPN tunnel for remote access with a VPN...of configuration tasks for Site-to save your settings. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. The settings are using the Getting Started (Advanced) page, click Getting...
... recommendations, see Configuring the IKE Policies for IPsec VPN, page 144. • To configure IPsec passthrough, click IPsec > Passthrough. Cisco SA500 Series Security Appliances Administration Guide 139 The Wizard sets most parameters to configure an IPsec VPN tunnel for remote access with a VPN...of configuration tasks for Site-to save your settings. For more information, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. The settings are using the Getting Started (Advanced) page, click Getting...
Administration Guide
Page 141
...Local WAN's IP Address or Internet Name field. For more information, see Configuring the IKE Policies for IPsec VPN, page 144. • To review or update the configured VPN policy click IPsec > VPN Policies. If you have configured two WANs, choose the interface that you want to enter a... Enter the desired value, which the peer device must be left blank if you have only one specified in the WAN port's configuration. Cisco SA500 Series Security Appliances Administration Guide 141 STEP 4 In the Remote & Local WAN Addresses area, enter the following information about the remote ...
...Local WAN's IP Address or Internet Name field. For more information, see Configuring the IKE Policies for IPsec VPN, page 144. • To review or update the configured VPN policy click IPsec > VPN Policies. If you have configured two WANs, choose the interface that you want to enter a... Enter the desired value, which the peer device must be left blank if you have only one specified in the WAN port's configuration. Cisco SA500 Series Security Appliances Administration Guide 141 STEP 4 In the Remote & Local WAN Addresses area, enter the following information about the remote ...
Administration Guide
Page 142
... Note located under Technical Documentation at: www.cisco.com/go/sa500resources. The IPsec Users window opens. Alternatively, you are using the Cisco VPN Client, see Configuring the IKE Policies for Remote Access with a VPN Client 7 • To review or update the configured IKE policy, click ...IPsec > IKE Policies. Other options: Click the Edit button to add a user. To delete an entry, check the box and then click Delete. Standard IPsec (XAuth) Cisco SA500 Series Security Appliances Administration ...
... Note located under Technical Documentation at: www.cisco.com/go/sa500resources. The IPsec Users window opens. Alternatively, you are using the Cisco VPN Client, see Configuring the IKE Policies for Remote Access with a VPN Client 7 • To review or update the configured IKE policy, click ...IPsec > IKE Policies. Other options: Click the Edit button to add a user. To delete an entry, check the box and then click Delete. Standard IPsec (XAuth) Cisco SA500 Series Security Appliances Administration ...
Administration Guide
Page 143
...authentication but the implementation is an IPsec standard that extends the authentication in native IPsec to provide user credentials. QuickVPN is a propriety Cisco/Linksys client which the remote user will have access. This option should be part of the LAN or VLAN IP addresses. ...Mask: Enter the subnet mask for IPsec VPN Remote Access. • Optionally, review and modify the default settings and policies. See Advanced Configuration of configuration tasks for the local subnet. Cisco SA500 Series Security Appliances Administration Guide 143 XAUTH can check this box to allow the...
...authentication but the implementation is an IPsec standard that extends the authentication in native IPsec to provide user credentials. QuickVPN is a propriety Cisco/Linksys client which the remote user will have access. This option should be part of the LAN or VLAN IP addresses. ...Mask: Enter the subnet mask for IPsec VPN Remote Access. • Optionally, review and modify the default settings and policies. See Advanced Configuration of configuration tasks for the local subnet. Cisco SA500 Series Security Appliances Administration Guide 143 XAUTH can check this box to allow the...
Administration Guide
Page 144
..., etc. After the Wizard creates the matching IKE and VPN policies, you can create IKE policies to protect data and ensure privacy. Cisco SA500 Series Security Appliances Administration Guide 144 NOTE The VPN Wizard is a negotiation protocol that includes an encryption method to define the security ...To view the basic setting defaults that are configured by choosing the IPsec Host option in this page. Advanced users can choose whether to review and modify the settings that are created by the VPN Wizard. • Viewing the Basic Setting Defaults for IPsec VPN • Configuring...
..., etc. After the Wizard creates the matching IKE and VPN policies, you can create IKE policies to protect data and ensure privacy. Cisco SA500 Series Security Appliances Administration Guide 144 NOTE The VPN Wizard is a negotiation protocol that includes an encryption method to define the security ...To view the basic setting defaults that are configured by choosing the IPsec Host option in this page. Advanced users can choose whether to review and modify the settings that are created by the VPN Wizard. • Viewing the Basic Setting Defaults for IPsec VPN • Configuring...
Administration Guide
Page 148
... create a new IKE policy and select the Enable Redundant Gateway option. The policy comes into effect only if the primary policy fails. Cisco SA500 Series Security Appliances Administration Guide 148 Then you create an Auto Policy, first create an IKE policy. Two tables are displayed: •...List of IPsec VPN 7 STEP 8 Click Apply to save your RADIUS server, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. For more information, see Configuring the IKE Policies for remote access VPN only), ...
... create a new IKE policy and select the Enable Redundant Gateway option. The policy comes into effect only if the primary policy fails. Cisco SA500 Series Security Appliances Administration Guide 148 Then you create an Auto Policy, first create an IKE policy. Two tables are displayed: •...List of IPsec VPN 7 STEP 8 Click Apply to save your RADIUS server, see Configuring the IPsec VPN Policies, page 148. • To review or update the configured IKE policy, click IPsec > IKE Policies. For more information, see Configuring the IKE Policies for remote access VPN only), ...
Administration Guide
Page 156
... can start with this site over a Clientless SSL VPN connection. In addition, the Portal Layouts page shows you the URL that you can review the default settings and modify, as the User Type. See Configuring SSL VPN Port Forwarding, page 163. Then, you could create two portal... are not going to select SSL VPN User as needed , you need to provide to access. • Educate users. As needed . Cisco SA500 Series Security Appliances Administration Guide 156 The security appliance is not inside the private network, users should not visit this step so that you...
... can start with this site over a Clientless SSL VPN connection. In addition, the Portal Layouts page shows you the URL that you can review the default settings and modify, as the User Type. See Configuring SSL VPN Port Forwarding, page 163. Then, you could create two portal... are not going to select SSL VPN User as needed , you need to provide to access. • Educate users. As needed . Cisco SA500 Series Security Appliances Administration Guide 156 The security appliance is not inside the private network, users should not visit this step so that you...
Administration Guide
Page 189
... the logging severity level and as defined in the local log or to send to the syslog server. STEP 3 Check the box for review. Syslog definition is LOG_ERR. Cisco SA500 Series Security Appliances Administration Guide 189 Syslog definition is LOG_ALERT. The Logs Facility and Severity window opens. STEP 5 If you want the...
... the logging severity level and as defined in the local log or to send to the syslog server. STEP 3 Check the box for review. Syslog definition is LOG_ERR. Cisco SA500 Series Security Appliances Administration Guide 189 Syslog definition is LOG_ALERT. The Logs Facility and Severity window opens. STEP 5 If you want the...
Administration Guide
Page 220
Possible cause: The security appliance does not automatically adjust for Daylight Savings Time. Cisco SA500 Series Security Appliances Administration Guide 220 STEP 3 Verify your settings. STEP 2 Check or uncheck Automatically adjust for Daylight Savings Time. ...Date shown is off by one hour. Symptom: The time is January 1, 2000. STEP 3 Click Apply to save your Internet access settings. STEP 2 Review the settings for the date and time. Recommended action: STEP 1 Click Administration > Time Zone. Possible cause: The security appliance has not yet successfully reached...
Possible cause: The security appliance does not automatically adjust for Daylight Savings Time. Cisco SA500 Series Security Appliances Administration Guide 220 STEP 3 Verify your settings. STEP 2 Check or uncheck Automatically adjust for Daylight Savings Time. ...Date shown is off by one hour. Symptom: The time is January 1, 2000. STEP 3 Click Apply to save your Internet access settings. STEP 2 Review the settings for the date and time. Recommended action: STEP 1 Click Administration > Time Zone. Possible cause: The security appliance has not yet successfully reached...