Troubleshooting guide

3 — NE user and device security

Alcatel-Lucent 5620 Service Aware Manager 3-23

5620 SAM

System Administrator Guide

21 Click on the following child tabs, as required, to view the DoS violations.

• Per MAC Source Violations

• Per IP Source Violations

• Link Specific Port Violations

• Network Interface Violations

• SAP Violations

• SDP Violations

22 Click on the VPRN Network Exceptions tab to configure rate limits for VPRN

network exceptions.

23 Configure the required parameters.

24 Save your changes and close the NE System Security (Edit) form.

25 Close the NE System Security form.

Procedure 3-13 To configure and manage PKI site security on an NE

Perform this procedure to create the required DSA or RSA keypair and CA request on an

NE to enable PKI security between peers, and to manage keys, certificates, and CRLs.

PKI encryption is required for functions such as IPsec, which use X.509 certificate-based

authentication. The following devices support PKI encryption:

• 7450 ESS

• 7750 MG

• 7750 SR

1 Choose Administration→Security→NE PKI Authentication→Site Public Key

Infrastructure from the 5620 SAM main menu. The Select Site form opens.

2 Choose a managed NE and click OK. The Site Security Public Key Infrastructure

(Edit) form opens.

3 Configure the required parameters.

4 Click Apply to save the changes.

5 Perform the following steps to generate a PKI keypair that is stored in a file on an

NE compact flash drive.

i Choose Admin Certificate→Generate Keypair from the More Actions button

menu. The Admin Certificate Generate Keypair form opens.

ii Configure the required parameters.

iii Click Execute. The keypair is generated and stored.

iv Close the form.

Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01