User`s guide
Table Of Contents
- Ascend Customer Service
- How to use this guide
- What you should know
- Documentation conventions
- How to use the on-board software
- Manual set
- Configuring WAN Connections
- Configuring IP Routing
- Introduction to IP routing on the Pipeline
- Managing the routing table
- Parameters that affect the routing table
- Static and dynamic routes
- Configuring static routes
- Specifying default routes on a per-user basis
- Enabling the Pipeline to use dynamic routing
- Route preferences
- Viewing the routing table
- Fields in the routing table
- Removing down routes to a host
- Identifying Temporary routes in the routing table
- Configuring IP routing connections
- Ascend Tunnel Management Protocol (ATMP)
- IP Address Management
- Connecting to a local IP network
- BOOTP Relay
- DHCP services
- Dial-in user DNS server assignments
- Local DNS host address table
- Network Address Translation (NAT) for a LAN
- Configuring IPX Routing
- How the Pipeline performs IPX routing
- Adding the Pipeline to the local IPX network
- Working with the RIP and SAP tables
- Configuring IPX routing connections
- Configuring the Pipeline as a Bridge
- Defining Filters and Firewalls
- Setting Up Pipeline Security
- Pipeline System Administration
- Pipeline 75 Voice Features
- IDSL Implementations
- APP Server utility
- About the APP Server utility
- APP Server installation and setup
- Configuring the Pipeline to use the APP server
- Using App Server with Axent SecureNet
- Creating banner text for the password prompt
- Installing and using the UNIX APP Server
- Installing and using the APP Server utility for DO...
- Installing and using the APP Server utility for Wi...
- Installing APP Server on a Macintosh
- Troubleshooting
- Upgrading system software
- What you need to upgrade system software
- Displaying the software load name
- The upgrade procedure
- Untitled
Setting Up Pipeline Security
Using filters to secure the network
7-16 Preliminary January 30, 1998 Pipeline User’s Guide
6
Close and save the profile.
Expect callback support
If Ping or Telnet attempt to reach a far end that is using callback security, it
causes a problem. Ping and telnet try continuously to open a connection and
reject the return callback because the process is already trying to establish a
connection.
To remedy the situation, set Expect Callback to Yes. This puts the number of any
far end that does not connect (for any reason) on a list that disallows calls to that
destination for 90 seconds. This gives the far end an opportunity to complete the
callback.
Note:
Expect Callback should only be set to Yes in dialout profiles.
Set Expect Callback to Yes by doing the following:
1
Open Ethernet
>
Connections
>
any profile
>
Telco Options.
2
Set Exp Callback to Yes.
Now if an outgoing connect from that profile fails (for any reason), you will be
forced to wait 90 seconds before attempting to connect again.
Using filters to secure the network
Network security is related to packets coming in from any wide-area network
(WAN) connection. The most direct method of securing the network is with
filters.
Note:
For recommendations about ICMP Redirect packets, see “Recommended
security measures” on page 7-1.
Network security filters are data filters, which may be applied to incoming or
outgoing data streams, or both. Data filters can prevent certain packets from
reaching the local network or going out from the local network to the WAN. For
example, you can use data filters to drop packets addressed to particular hosts, or
prevent certain types of packets from reaching the local network.