User`s guide
Table Of Contents
- Ascend Customer Service
- How to use this guide
- What you should know
- Documentation conventions
- How to use the on-board software
- Manual set
- Configuring WAN Connections
- Configuring IP Routing
- Introduction to IP routing on the Pipeline
- Managing the routing table
- Parameters that affect the routing table
- Static and dynamic routes
- Configuring static routes
- Specifying default routes on a per-user basis
- Enabling the Pipeline to use dynamic routing
- Route preferences
- Viewing the routing table
- Fields in the routing table
- Removing down routes to a host
- Identifying Temporary routes in the routing table
- Configuring IP routing connections
- Ascend Tunnel Management Protocol (ATMP)
- IP Address Management
- Connecting to a local IP network
- BOOTP Relay
- DHCP services
- Dial-in user DNS server assignments
- Local DNS host address table
- Network Address Translation (NAT) for a LAN
- Configuring IPX Routing
- How the Pipeline performs IPX routing
- Adding the Pipeline to the local IPX network
- Working with the RIP and SAP tables
- Configuring IPX routing connections
- Configuring the Pipeline as a Bridge
- Defining Filters and Firewalls
- Setting Up Pipeline Security
- Pipeline System Administration
- Pipeline 75 Voice Features
- IDSL Implementations
- APP Server utility
- About the APP Server utility
- APP Server installation and setup
- Configuring the Pipeline to use the APP server
- Using App Server with Axent SecureNet
- Creating banner text for the password prompt
- Installing and using the UNIX APP Server
- Installing and using the APP Server utility for DO...
- Installing and using the APP Server utility for Wi...
- Installing APP Server on a Macintosh
- Troubleshooting
- Upgrading system software
- What you need to upgrade system software
- Displaying the software load name
- The upgrade procedure
- Untitled
Setting Up Pipeline Security
Connection security
Pipeline User’s Guide Preliminary January 30, 1998 7-11
5
Close and save the profile.
Connection security
Connection security has two levels: caller authentication regulating authorized
access, and network security preventing unauthorized wide-area network access.
All authentication relies on the Pipeline finding a matching profile to verify
information presented by the caller.
• Authentication mechanisms
– Password authentication, such as PAP, CHAP, or MS-CHAP, requires a
name and password from the caller. Additionally, CHAP encrypts the
password data.
– Calling-line ID (CLID) authentication verifies that the call is coming
from the expected phone number.
– Called number (Called #) is similar to authentication by CLID, but it
authenticates on the number called into rather than the number
originating the call. In the Connection profile, the Called # parameter is
almost identical to the Dial # parameter, but uses a number without a
trunk group or dialing prefix prepended.
– Callback authentication instructs the Pipeline to hang up and call back
before performing password authentication. Callback provides the
highest level of control, assuring that incoming calls are coming from a
known user or network.
Note:
Any form of authentication requires a configured profile. See
“Requiring profiles for incoming connections” on page 7-7 for details
on configuring the Pipeline to always require a matching profile,
regardless of whether authentication is enforced.
• Network security
– Filters are one of the most effective methods of protecting your site from
unwanted WAN access. Filters are described briefly in this chapter; see
Chapter 6, “Defining Filters and Firewalls,” for full details.