Français dropdown-ico

3D Innovations 3.0.1 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

Aller à la page of

Les manuels d’utilisation similaires

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation 3D Innovations 3.0.1. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel 3D Innovations 3.0.1 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation 3D Innovations 3.0.1 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation 3D Innovations 3.0.1 devrait contenir:
- informations sur les caractéristiques techniques du dispositif 3D Innovations 3.0.1
- nom du fabricant et année de fabrication 3D Innovations 3.0.1
- instructions d'utilisation, de réglage et d’entretien de l'équipement 3D Innovations 3.0.1
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage 3D Innovations 3.0.1 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles 3D Innovations 3.0.1 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service 3D Innovations en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées 3D Innovations 3.0.1, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif 3D Innovations 3.0.1, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation 3D Innovations 3.0.1. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    B-1 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 APPENDIX B Site-to-Site VPN User Interface Reference The pages that you access by selecting Site-T o-Site VPN Manager from the T ools menu, or clicking the Site-T o-Site VPN Manager button on the toolbar , help you conf igure site-to-site VPNs. Note Y ou can also conf igure site-to-site VPN[...]

  • Page 2

    Appendix B Site-to-Site VPN User Interface Reference Site-to-Site VPN Manager Window B-2 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Site-to-Site VPN Manager Window Use the Site-to-Site VPN Manager window to: • V ie w all av ailable VPN topologies. • Create, edit, and delete VPN topologies. • V ie w detailed information about each [...]

  • Page 3

    B-3 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site-to-Site VPN Manager Window VPN Summary Page Use the VPN Summary page to view information about a selected VPN topology . This includes information about the type of VPN topology , its de vices, the assigned technology , and specif ic[...]

  • Page 4

    Appendix B Site-to-Site VPN User Interface Reference Site-to-Site VPN Manager Window B-4 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Navigation Path Open the Site-to-Site VPN Manager W indow , page B-2 , select a topology in the VPNs selector , then select VPN Summary in the Policies selector . Note • The VPN Summary page opens when yo[...]

  • Page 5

    B-5 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site-to-Site VPN Manager Window Primary Hub A vailable if the VPN topology type is hub-and-spoke. The name of the primary hub in the hub-and-spoke topology . Failo ver Hubs A vailable if the VPN topology type is hub-and-spoke. The name of[...]

  • Page 6

    Appendix B Site-to-Site VPN User Interface Reference Site-to-Site VPN Manager Window B-6 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Routing Protocol A vailable only if the selected technology is GRE, GRE Dynamic IP , or DMVPN. The routing protocol and autonomous system (or process ID) number used in the secured IGP for conf iguring a GR[...]

  • Page 7

    B-7 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site-to-Site VPN Manager Window Peers Page Use the Peers page to view the endpoints def ined for a VPN topology , including the internal and external VPN interf aces and protected networks assigned to the de vices in the topology . The in[...]

  • Page 8

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-8 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Create VPN Wizard Security Manager supports three basic types of topologies with which you can create a site-to-site VPN. Use the Create VPN wizard to create a hub-and-spoke, point-to-point, or full mesh VPN topology acr[...]

  • Page 9

    B-9 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard The following pages describe the steps in the Create VPN wizard: • Name and T echnology Page, page B-9 • De vice Selection Page, page B-10 • Endpoints Page, page B-13 • High A vailability Page, page B-34 Navigati[...]

  • Page 10

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-10 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Related Topics • Create VPN W izard, page B-8 • Editing a VPN T opology , page 9-24 • Understanding IPSec T echnologies and Policies, page 9-8 • Def ining a Name and IPSec T echnology , page 9-12 Field Reference[...]

  • Page 11

    B-11 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Note When editing the device selection for a VPN topology , the Device Selection tab is used. The elements of the tab (except for the b uttons) are identical to those that appear on the Device Selection page. F or more [...]

  • Page 12

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-12 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Field Reference T able B-5 Cr eate VPN wizar d > Device Selection Pag e Element Description A vailable De vices Lists all devices that can be included in your selected VPN topology , that support the IPSec technology[...]

  • Page 13

    B-13 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Endpoints Page Use the Endpoints page of the Create VPN wizard to view the de vices in your VPN topology , and def ine or edit their external or internal interf aces and protected networks. Note When editing a VPN topol[...]

  • Page 14

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-14 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Field Reference T able B-6 Cr eate VPN wizar d > Endpoints Pag e Element Description Role The role of the device—hub, spok e, or peer . Device The name of the device. VPN Interface The primary or backup VPN interfa[...]

  • Page 15

    B-15 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Protected Networks The protected networks that are def ined for the selected de vice. Depending on the selection in the Show list, the interface roles, or the interfaces that match each interface role, for the protected[...]

  • Page 16

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-16 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Edit Endpoints Dialog Box Use the Edit Endpoints dialog box to: • Edit the VPN interfaces and protected networks def ined for devices. • Conf igure a dial backup interface to use as a fallback link for a primary VPN[...]

  • Page 17

    B-17 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard • Clicking OK on any tab in the dialog box sa ves your def initions on all the tabs. Navigation Path Y ou can access the Edit Endpoints dialog box from the Endpoints P age, page B-13 (or tab). Then select a device in [...]

  • Page 18

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-18 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 becomes unav ailable. Y ou can only conf igure a backup interface on a Cisco IOS security router , which is a spoke in the VPN topology . For more information, see Understanding Dial Backup, page 9-27 . Navigation Path [...]

  • Page 19

    B-19 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Connection T ype Note This element is only available in a hub-and-spok e VPN topology , if the hub is an ASA or PIX 7.0 de vice and the selected technology is regular IPSec. T o conf igure the ASA hub during an SA negot[...]

  • Page 20

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-20 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 T unnel Source A vailable for a hub when the selected technology is GRE or DMVPN. T o def ine the tunnel source address to be used by the GRE or DMVPN tunnel on the spoke side, click one of the follo wing radio buttons:[...]

  • Page 21

    B-21 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Defining VPN Services Module (VPNSM) or VPN SPA Settings When you select a Catalyst 6500/7600 device in the Endpoints table for editing, the VPN Interface tab of the Edit Endpoints dialog box provides settings for conf [...]

  • Page 22

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-22 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Note • Before you def ine the VPNSM or VPN SP A settings, you must import your Catalyst 6500/7600 device to the Security Manager in ventory and disco ver its interfaces. For more information, see Procedure for Conf ig[...]

  • Page 23

    B-23 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Slot From the list of av ailable slots, select the VPNSM blade slot number to which the inside VLAN interface is connected, or the number of the slot in which the VPN SP A blade is inserted. For more information, see Ad[...]

  • Page 24

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-24 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Protected Networks Tab Use the Protected Networks tab on the Edit Endpoints dialog box to edit the protected networks that are def ined on a selected de vice in the Endpoints table. Y ou can specify the protected netw o[...]

  • Page 25

    B-25 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Related Topics • Edit Endpoints Dialog Box, page B-16 • Def ining the Endpoints and Protected Networks, page 9-18 Field Reference T able B-9 Edit Endpoints Dialog Bo x > Protect ed Networ ks T ab Element Descript[...]

  • Page 26

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-26 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 FWSM Tab Note The FWSM tab is only av ailable in a hub-and-spoke VPN topology , when the selected hub is a Catalyst 6500/7600 device. Use the FWSM tab on the Edit Endpoints dialog box to def ine the settings that enable[...]

  • Page 27

    B-27 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Note Before def ining the FWSM settings, you must import your Catalyst 6500/7600 de vice to the Security Manager in ventory . Then open Cisco Catalyst Device Manager (Cisco CDM), and discov er the FWSM conf igurations o[...]

  • Page 28

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-28 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 VRF Aware IPSec Tab Use the VRF-A ware IPSec tab on the Edit Endpoints dialog box to conf igure a VRF-A ware IPSec polic y on a hub in your hub-and-spoke VPN topology . When you select the row in the Endpoints table tha[...]

  • Page 29

    B-29 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard • Deployment may fail if the IPSec Aggre gator is conf igured with the same keyring CLI command as the e xisting preshared key (ke yring) command, and is not referenced by any other command. In this case, Security Man[...]

  • Page 30

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-30 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Enable VRF Settings When selected, enables the conf iguration of VRF settings on the selected hub for the selected hub-and-spoke topology . Note T o remove VRF settings that were def ined for the VPN topology , deselect[...]

  • Page 31

    B-31 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Interface T owards Provider Edge A vailable only when a 2-Box solution is selected. The VRF forwarding interface on the IPSec Aggre gator towards the PE device. Note If the IPSec Aggregator (hub) is a Catalyst VPN servi[...]

  • Page 32

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-32 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Dial Backup Settings Dialog Box Use the Dial Backup Settings dialog box to def ine optional settings for conf iguring a dial backup policy for your site-to-site VPN. These settings are av ailable for IPSec, GRE, GRE Dyn[...]

  • Page 33

    B-33 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Mandatory settings for dial backup are conf igured in the VPN Interface tab on the Edit Endpoints dialog box. See VPN Interface T ab, page B-17 . Note Y ou must conf igure the dialer interface settings before dial backu[...]

  • Page 34

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-34 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 High Availability Page Use the High A vailability page to def ine a group of hubs as an HA group. Note When editing a VPN topology , the High A vailability tab is used. The elements of the tab (except for the b uttons) [...]

  • Page 35

    B-35 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard Related Topics • Endpoints Page, page B-13 • Conf iguring High A vailability in Y our VPN T opology , page 9-51 • Create VPN W izard, page B-8 Field Reference T able B-13 Cr eate VPN wizar d > High A v ailabili[...]

  • Page 36

    Appendix B Site-to-Site VPN User Interface Reference Create VPN Wizard B-36 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Hold T ime The duration in seconds (within the range of 2-255) that a standby hub will wait to recei ve a hello message from the activ e hub before concluding that the hub is down. Standby Group Number (Inside) The stan[...]

  • Page 37

    B-37 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Site to Site VPN Policies Y ou can access site-to-site VPN policies by selecting T ools > Site-T o-Site VPN Manager , or clicking the Site-T o-Site VPN Manager button on the toolbar , and then selecting the r[...]

  • Page 38

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-38 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 On the IKE Proposal page, you can view the parameters of the selected IKE proposal, select a dif ferent one from a list of predef ined IKE proposals, or create a new one. Navigation Path Open the Site-to-Site VP[...]

  • Page 39

    B-39 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies IPSec Proposal Page Use the IPSec Proposal page to edit the IPSec policy def initions for your VPN topology . For more information about IPSec Proposals, see Understanding IPSec T unnel Policies, page 9-63 . Not[...]

  • Page 40

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-40 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Navigation Path Open the Site-to-Site VPN Manager W indow , page B-2 , select a topology in the VPNs selector , then select IPSec Proposal in the Policies selector . Note Y ou can also open the IPSec Proposal pa[...]

  • Page 41

    B-41 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies T ransform Sets The transform set(s) to use for your tunnel policy . Transform sets specify which authentication and encryption algorithms will be used to secure the traff ic in the tunnel. Note T ransform sets [...]

  • Page 42

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-42 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Modulus Group A vailable if Enable Perfect Forw ard Secrecy is selected. Select the required Diff ie-Hellman key deri vation algorithm from the Modulus Group list box. Security Manager supports Diff ie-Hellman g[...]

  • Page 43

    B-43 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Enable Re verse Route Supported on ASA de vices, PIX 7.0 de vices, and Cisco IOS routers except 7600 de vices, and when the selected technology is IPSec. Select this check box if you want to enable the RRI featu[...]

  • Page 44

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-44 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 VPN Global Settings Page Use the VPN Global Settings page to def ine global settings for IKE, IPSec, N A T , and fragmentation, that apply to devices in your VPN topology . The following tabs are a vailable on t[...]

  • Page 45

    B-45 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies • Conf iguring VPN Global Settings, page 9-73 Field Reference T able B-16 VPN Global Settings P age > ISAKMP/IPSec Settings T ab Element Description ISAKMP Settings Enable Keepali ve Enable —When selected[...]

  • Page 46

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-46 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 SA Requests System Limit Supported on routers running IOS version 12.3(8)T and later , except 7600 routers. The maximum number of SA requests allowed before IKE starts rejecting them. Y ou can enter a v alue in [...]

  • Page 47

    B-47 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Xauth T imeout A vailable when Easy VPN is the selected technology , and the selected device is a Cisco IOS router or Catalyst 6500/7600 de vice. The number of seconds the device w aits for a response from the e[...]

  • Page 48

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-48 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 NAT Settings Tab Use the N A T Settings tab of the VPN Global Settings page to def ine the N A T settings that will be conf igured on the devices in your VPN topology . Note If you want to bypass N A T conf igur[...]

  • Page 49

    B-49 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Field Reference T able B-1 7 VPN Global Settings P age > NA T Set tings T ab Element Description Enable N A T T rav ersal When selected, enables you to conf igure N A T trav ersal on a device. Y ou use N A T [...]

  • Page 50

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-50 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 General Settings Tab Use the General Settings tab of the VPN Global Settings page to def ine fragmentation settings including maximum transmission unit (MTU) handling parameters. Navigation Path Open the VPN Glo[...]

  • Page 51

    B-51 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Field Reference T able B-1 8 VPN Global Settings P age > General Set tings T ab Element Description Fragmentation Settings Fragmentation Mode Supported on Cisco IOS routers and Catalyst 6500/7600 devices. Fra[...]

  • Page 52

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-52 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 DF Bit Supported on Cisco IOS routers, Catalyst 6500/7600 devices, PIX 7.0 and ASA devices. A Don't Fragment (DF) bit within an IP header determines whether a de vice is allowed to fragment a pack et. For m[...]

  • Page 53

    B-53 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Preshared Key Page Use the Preshared K ey page to vie w or edit the parameters for a preshared key policy . For information about Preshared K ey policies, see Understanding Preshared Ke y Policies, page 9-74 . N[...]

  • Page 54

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-54 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Navigation Path Open the Site-to-Site VPN Manager W indow , page B-2 , select a topology in the VPNs selector , then select Preshared K ey in the Policies selector . Note Y ou can also open the Preshared K ey pa[...]

  • Page 55

    B-55 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Regenerate K ey (Only in Next Deployment) Only a vailable if Auto Generate is selected. Select this check box if you want Security Manager to generate a new k ey for the next deployment to the de vice(s). This i[...]

  • Page 56

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-56 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Negotiation Method Main Mode Address Select this negotiation method for e xchanging key information, if the IP address of the devices is kno wn. Negotiation is based on IP address. Main mode provides the highest[...]

  • Page 57

    B-57 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Public Key Infrastructure Page Use the Public K ey Infrastructure page to select the CA server that will be used to create a Public Ke y Infrastructure (PKI) policy , for generating enrollment requests for CA ce[...]

  • Page 58

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-58 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Related Topics • Conf iguring Public Ke y Infrastructure Policies, page 9-84 • W orking with PKI Enrollment Objects, page 8-153 Field Reference T able B-20 Public Ke y Infrastr uctur e (PKI) Pag e Element De[...]

  • Page 59

    B-59 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies GRE Modes Page Use the GRE Modes page to def ine the routing and tunnel parameters, that enable you to conf igure IPSec tunneling with GRE, GRE Dynamic IP , and DMVPN policies. The elements that are displayed on[...]

  • Page 60

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-60 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Navigation Path Open the Site-to-Site VPN Manager W indow , page B-2 , select a topology in the VPNs selector , then select GRE Modes in the Policies selector . Note Y ou can also open the GRE Modes page from Po[...]

  • Page 61

    B-61 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies AS Number A vailable only if you selected the EIGRP routing protocol. The number that will be used to identify the autonomous system (AS) area to which the EIGRP packet belongs. The range is 1-65535. The default[...]

  • Page 62

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-62 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Delay A v ailable only if you selected the EIGRP routing protocol. The throughput delay for the primary route interface, in microseconds. The range of the tunnel delay time is 1-16777215. The default is 1000. Fa[...]

  • Page 63

    B-63 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies T unnel Parameters T ab T unnel IP Click one of the follo wing radio buttons to specify the GRE or GRE Dynamic IP tunnel interface IP address: • Use Physical Interface —T o use the pri vate IP address of the[...]

  • Page 64

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-64 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Enable IP Multicast Select to enable multicast transmissions across your GRE tunnels. IP multicast deliv ers application source traff ic to multiple recei vers without burdening the source or the recei vers, whi[...]

  • Page 65

    B-65 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies T able B-22 describes the elements on the GRE Modes page for conf iguring a DMVPN policy . T able B-22 GRE Modes P age > DMVPN Policy Element Description Routing Parameters T ab Routing Protocol Select the re[...]

  • Page 66

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-66 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Hello Interval A v ailable only if you selected the EIGRP routing protocol. The interval between hello pack ets sent on the interface, from 1 to 65535 seconds. The default is 5 seconds. Hold T ime A vailable onl[...]

  • Page 67

    B-67 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Failo ver Cost A v ailable if you selected the OSPF or RIPv2 routing protocol. The cost of sending a packet on the secondary (failo ver) route interface. Y ou can enter a value in the range 1-65535. The default [...]

  • Page 68

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-68 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Server Load Balance When selected, enables the conf iguration of load balancing on a Cisco IOS router that serves as a hub in a multiple hubs conf iguration. Server load balancing optimizes performance in a mult[...]

  • Page 69

    B-69 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Easy VPN IPSec Proposal Page Use the Easy VPN IPSec Proposal page to create or edit the IPSec policy def initions for your Easy VPN server . For more information, see Conf iguring an IPSec Proposal for Easy VPN,[...]

  • Page 70

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-70 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Navigation Path Open the Site-to-Site VPN Manager W indow , page B-2 , select a topology in the VPNs selector , then select Easy VPN IPSec Proposal in the Policies selector . Note Y ou can also open the Easy VPN[...]

  • Page 71

    B-71 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Enable RRI Supported on Cisco IOS routers, PIX 7.0 and ASA devices. When selected (the default), enables Re verse Route Injection (RRI) on the crypto map (static or dynamic) for the support of VPN clients. Rev e[...]

  • Page 72

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-72 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Group Policy Lookup/AAA Authorization Method Supported on Cisco IOS routers only . The AAA authorization method list that will be used to def ine the order in which the group policies are searched. Group policie[...]

  • Page 73

    B-73 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies User Group Policy Page Use the User Group Policy page to create or edit a user group polic y on your Easy VPN server . For more information about user group policies in Easy VPN, see Conf iguring a User Group Po[...]

  • Page 74

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-74 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Tunnel Group Policy (PIX 7.0/ASA) Page Use the T unnel Group Policy (PIX 7.0/ASA) page to create or edit tunnel group policies on your Easy VPN server . An Easy VPN tunnel group policy can be conf igured only on[...]

  • Page 75

    B-75 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Navigation Path Open the Site-to-Site VPN Manager W indow , page B-2 , select a topology in the VPNs selector , then select T unnel Group Policy (PIX 7.0/ASA) in the Policies selector . Note Y ou can also open t[...]

  • Page 76

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-76 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Group Policy The group policy to be applied to the tunnel group. A group polic y is a collection of user-oriented attrib ute/value pairs stored either internally on the device or e xternally on a RADIUS/LDAP ser[...]

  • Page 77

    B-77 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Accounting Server Group The name of the accounting server group (LOCAL if the tunnel group is conf igured on the local device). Y ou can click Select to open a dialog box that lists all a vailable AAA server gro[...]

  • Page 78

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-78 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Tunnel Group Policy > IPSec Tab Use the IPSec tab of the T unnel Group Policy (PIX 7.0/ASA) page to specify IPSec and IKE parameters for the tunnel group policy . Navigation Path Open the T unnel Group Policy[...]

  • Page 79

    B-79 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Field Reference T able B-26 Easy VPN Serv er > T unnel Group P olicy (PIX 7 .0/ASA) P age > IPSec T ab Element Description Preshared K ey The value of the preshared key for the tunnel group. The maximum le[...]

  • Page 80

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-80 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Tunnel Group Policy > Advanced Tab Use the Adv anced tab of the PIX7.0/ASA T unnel Group Policy page to specify interface-specif ic information for your tunnel group. Authorization Settings Use Entire DN as t[...]

  • Page 81

    B-81 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Navigation Path Open the T unnel Group Policy (PIX 7.0/ASA) Page, page B-74 , then click the Advanced tab . Y ou can also open the Adv anced tab by clicking it from any other tab on the T unnel Group Policy (PIX[...]

  • Page 82

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-82 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Tunnel Group Policy > Client VPN Software Update Tab Use the Client VPN Software Update tab of the PIX7.0/ASA T unnel Group Policy page to view or edit the client type, VPN Client revisions, and image URL for[...]

  • Page 83

    B-83 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies Related Topics • T unnel Group Policy (PIX 7.0/ASA) Page, page B-74 • Conf iguring a T unnel Group Policy for Easy VPN, page 9-107 Field Reference Client Connection Characteristics Page Use the Client Connec[...]

  • Page 84

    Appendix B Site-to-Site VPN User Interface Reference Site to Site VPN Policies B-84 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Navigation Path Open the Site-to-Site VPN Manager W indow , page B-2 , select a topology in the VPNs selector , then select Client Connection Characteristics in the Policies selector . Note Y ou can also open th[...]

  • Page 85

    B-85 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference VPN Topologies Device View Page VPN Topologies Device View Page Device vie w provides an easy way to vie w and edit the structure of your VPN topologies at the device le vel. Use this page to vie w the VPN topology (topologies) to which [...]

  • Page 86

    Appendix B Site-to-Site VPN User Interface Reference VPN Topologies Device View Page B-86 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Edit VPN Policies button Click to edit the VPN policies def ined for a selected VPN topology . The VPN Summary page opens, displaying information about the VPN topology , including its def ined policies. N[...]

  • Page 87

    B-87 User Guide for Cisco Security Manager 3.0.1 OL-8214-02 Appendix B Site-to-Site VPN User Interface Reference VPN Topologies Device View Page[...]

  • Page 88

    Appendix B Site-to-Site VPN User Interface Reference VPN Topologies Device View Page B-88 User Guide for Cisco Security Manager 3.0.1 OL-8214-02[...]