Cisco 7100 Series Especificaciones Pagina 27
- Pagina / 112
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Before You Begin 2-5
Considerations
— Think about access control before you connect a console port to the network in any
way, including attaching a modem to the port. Be aware that a break on the console
port might give total control of the firewall, even with access control configured.
— Apply access lists and password protection to all virtual terminal ports. Use access
lists to limit who can Telnet into your router.
— Do not enable any local service (such as Simple Network Management Protocol
[SNMP] or Network Time Protocol [NTP]) that you do not plan to use. Cisco
Discovery Protocol (CDP) and NTP are on by default, and you should turn these off
if you do not need them.
To turn off CDP, enter the no cdp run global configuration command. To turn off
NTP, enter the ntp disable interface configuration command on each interface not
using NTP.
IfyoumustrunNTP,configure NTP onlyon required interfaces,and configure NTP
to listen only to certain peers.
Any enabled service could present a potential security risk. A determined, hostile
party might be able to find creative ways to misuse the enabled services to access
the firewall or the network.
For local services that are enabled, protect against misuse. Protect by configuring
the services to communicate only with specific peers, and protect by configuring
access lists to deny packets for the services at specific interfaces.
— Protect against spoofing: protect the networks on both sides of the firewall from
being spoofed from the other side. You could protect against spoofing by
configuring input access lists at all interfaces to pass only traffic from expected
source addresses, and to deny all other traffic.
You should also disable source routing. For IP, enter the no ip source-route global
configuration command. Disabling source routing at all routers can also help
prevent spoofing.
You should also disable minor services. For IP, enter the no service
tcp-small-servers and no service udp-small-servers global configuration
commands.
— Prevent the firewall from being used as a relay by configuring access lists on any
asynchronous Telnet ports.
- Cisco 7100 Series VPN 1
- Configuration Guide 1
- Preface vii 3
- Audience 4
- Organization 5
- Related Documentation 6
- Preface xi 7
- Conventions 8
- Cisco Connection Online 9
- Documentation CD-ROM 10
- Using Cisco IOS Software 11
- Getting Help 12
- Finding Command Options 13
- • controller t1 1 13
- Understanding Command Modes 18
- Summary of Main Command Modes 19
- Router(config-if)# 20
- Router(config-subif)# 20
- Saving Configuration Changes 21
- Saving Configuration Changes 22
- Before You Begin 23
- Considerations 25
- Before You Begin 2-5 27
- Assumptions 29
- Intranet VPN Business 31
- Scenario 31
- Scenario Description 32
- Step 1—Configuring the Tunnel 34
- Step 1—Configuring the Tunnel 35
- Step 3—Configuring Encryption 41
- Configuring IKE Policies 43
- Creating Policies 44
- • RSA signatures method: 45
- Configuring Preshared Keys 46
- Verifying IKE Policies 48
- Configuring IPSec 49
- Creating Crypto Access Lists 51
- Verifying Crypto Access Lists 51
- Defining Transform Sets 52
- Step 3—Configuring Encryption 54
- Verifying Transform Sets 55
- Creating Crypto Map Entries 58
- Verifying Crypto Map Entries 59
- To verify the configuration: 65
- Extranet VPN Business 73
- 67890 address 172.17.2.4 83
- Tunnel mode 88
- Transport mode 88
- Configuring Crypto Maps 89
- Configuring Crypto Maps 93
Relacionado con productos y manuales para Redes Cisco 7100 Series
Redes Cisco VPN 3000 Manual de usuario
(25 paginas)
(25 paginas)
Redes Cisco MCS 7835 Series Manual de usuario
(9 paginas)
(9 paginas)
Redes Cisco 1802W Manual de usuario
(40 paginas)
(40 paginas)
Redes Cisco 4500M Guía de instalación
(32 paginas)
(32 paginas)
Redes Cisco 7120-4T1 - 7120 Router Especificaciones
(24 paginas)
(24 paginas)
Redes Cisco VPN 3000 Guía de usuario
(502 paginas)
(502 paginas)
Redes Cisco EF3116 Manual de usuario
(8 paginas)
(8 paginas)
Redes Cisco 826 Manual de usuario
(8 paginas)
(8 paginas)
Redes Cisco 1861 Manual de usuario
(13 paginas)
(13 paginas)
Redes Cisco TES301 Manual de usuario
(52 paginas)
(52 paginas)
Redes Cisco MGBSX1 Manual de usuario
(16 paginas)
(16 paginas)
Redes Cisco 1005 - 1005 Router Manual de usuario
(10 paginas)
(10 paginas)
Redes Cisco PA-2FE-TX Especificaciones
(60 paginas)
(60 paginas)
Redes Cisco 880 Series Manual de usuario
(18 paginas)
(18 paginas)
Redes Cisco 2520-RF - 2520 Router Especificaciones
(116 paginas)
(116 paginas)
Redes Cisco EPC3825 Manual de usuario
(8 paginas)
(8 paginas)
Redes Cisco DPC3008 Guía de usuario
(44 paginas)
(44 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.077 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales