Manualshelf

User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentANG-3000
381382383384385386387388389390
XSR Users Guide 349
Chapter 13 Configuration Examples
Configuring Security on the XSR
XSR(aaa-method-radius)#enable
XSR(aaa-method-radius)#group DEFAULT
XSR(aaa-method-radius)#address ip-address 10.120.112.179
XSR(aaa-method-radius)#key welcome
XSR(aaa-method-radius)#auth-port 1812
XSR(aaa-method-radius)#acct-port 1646
XSR(aaa-method-radius)#attempts 1
XSR(aaa-method-radius)#retransmit 1
XSR(aaa-method-radius)#timeout 5
XSR(aaa-method-radius)#qtimeout 0
Define the Internet as all possible IP addresses:
XSR(config)#ip firewall network internet 1.0.0.0/32 external
Define the public VPN interface (crypto map):
XSR(config)#ip firewall network vpngateway 141.154.196.106 mask
255.255.255.255 internal
Define the private VPN interface (traditionally the FastEthernet 1 interface):
XSR(config)#ip firewall network f1 96.96.96.7 mask
255.255.255.255 internal
Define three trusted networks in the enterprise:
XSR(config)#ip firewall network trusted84 10.120.84.0 mask
255.255.255.0 internal
XSR(config)#ip firewall network trusted96 96.96.96.0 mask
255.255.255.0 internal
XSR(config)#ip firewall network trusted112 10.120.112.0 mask
255.255.255.0 internal
Specify remote trusted networks from NEM and Client mode tunnels:
XSR(config)#ip firewall network remote172 172.16.0.0 mask
255.255.0.0 internal
XSR(config)#ip firewall network remote192 192.168.0.0 mask
255.255.0.0 internal
Define the local pool network used for tunnel IP addresses:
XSR(config)#ip firewall network vsn 10.120.70.0 mask
255.255.255.0 internal
Define two networks to be used by OSPF: