User`s guide
Table Of Contents
- Ascend Customer Service
- How to use this guide
- What you should know
- Documentation conventions
- How to use the on-board software
- Manual set
- Configuring WAN Connections
- Configuring IP Routing
- Introduction to IP routing on the Pipeline
- Managing the routing table
- Parameters that affect the routing table
- Static and dynamic routes
- Configuring static routes
- Specifying default routes on a per-user basis
- Enabling the Pipeline to use dynamic routing
- Route preferences
- Viewing the routing table
- Fields in the routing table
- Removing down routes to a host
- Identifying Temporary routes in the routing table
- Configuring IP routing connections
- Ascend Tunnel Management Protocol (ATMP)
- IP Address Management
- Connecting to a local IP network
- BOOTP Relay
- DHCP services
- Dial-in user DNS server assignments
- Local DNS host address table
- Network Address Translation (NAT) for a LAN
- Configuring IPX Routing
- How the Pipeline performs IPX routing
- Adding the Pipeline to the local IPX network
- Working with the RIP and SAP tables
- Configuring IPX routing connections
- Configuring the Pipeline as a Bridge
- Defining Filters and Firewalls
- Setting Up Pipeline Security
- Pipeline System Administration
- Pipeline 75 Voice Features
- IDSL Implementations
- APP Server utility
- About the APP Server utility
- APP Server installation and setup
- Configuring the Pipeline to use the APP server
- Using App Server with Axent SecureNet
- Creating banner text for the password prompt
- Installing and using the UNIX APP Server
- Installing and using the APP Server utility for DO...
- Installing and using the APP Server utility for Wi...
- Installing APP Server on a Macintosh
- Troubleshooting
- Upgrading system software
- What you need to upgrade system software
- Displaying the software load name
- The upgrade procedure
- Untitled
Setting Up Pipeline Security
Pipeline Security profiles
Pipeline User’s Guide Preliminary January 30, 1998 7-7
Requiring profiles for incoming connections
There are many authentication measures you can set for incoming connections.
At the most basic level, you can configure the Pipeline to reject all incoming calls
that don’t have a Connection profile.
To require configured profiles for all incoming connections:
1
Open the Ethernet > Answer profile.
2
Specify that a matching profile is required for incoming calls.
For example:
Profile Reqd=Yes
3
Close and save the profile.
(For more information about securing incoming connections, see “Connection
security” on page 7-11.)
Turning off ICMP redirects
Internet Control Message Protocol (ICMP) was designed to dynamically find the
most efficient IP route to a destination. ICMP Redirect packets are one of the
oldest route discovery methods on the Internet and one of the least secure. It is
possible to create counterfeit ICMP Redirects and change the way a device routes
packets. If the Pipeline is routing IP, you should turn off ICMP redirects.
To configure the Pipeline to ignore ICMP redirect packets, do the following:
1
Open the Ethernet > Mod Config profile.
2
Turn off ICMP redirects.
For example:
ICMP Redirects=Ignore
3
Close and save the profile.
Pipeline Security profiles
When the Pipeline is shipped from the factory, its security privileges are open to
enable you to configure and set it up without any restrictions. (For recommended