Secure Computing SG570 Manual de usuario Pagina 111
- Pagina / 341
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
GRE Tunnel Name: to_slough
Remote External Address: 10.254.0.1
Local External Address: 10.254.0.2
Firewall Class: LAN
Click Finish to add the interface. Edit the bridge interface that you added at the
beginning of these steps. Check Bridged for the GRE interface you have just added,
and select a Firewall Class of LAN. Click Finish.
At the Slough end, click Packet Filtering, click the Custom Firewall Rules, tab and add
this custom firewall rule:
iptables -I OUTPUT ! -o IPSec+ -d 10.254.0.2 -j DROP
Click Update.
At the Brisbane end, click Packet Filtering, click the Custom Firewall Rules tab, and
add this custom firewall rule:
iptables -I OUTPUT ! -o IPSec+ -d 10.254.0.1 -j DROP
Click Update.
GRE troubleshooting
Symptom: Cannot ping a host on the other side of the GRE tunnel.
Ensure that there is a route set up on the GRE tunnel to the remote network.
Ensure that there is a route on the remote GRE endpoint to the network at this end of
the GRE tunnel.
Check that there is a GRE interface created on the device. To do this, go into
Advanced Networking and scroll to the bottom. There should be an interface called
greX. greX is the same as the Interface Name specified in the table of current GRE
tunnels.
Also ensure that the required routes have been set up on the GRE interface. This
might not occur if you have the same route specified on different GRE tunnels, or on
different network interfaces.
Ensure that the remote GRE endpoint is reacheable. Do this by using the ping utility
on the Advanced Networking page.
Symptom: Cannot ping the remote GRE end point.
105
Network Setup
- Secure Computing SnapGear™ 1
- User Manual 1
- Contents 3
- Document Conventions 6
- 1. Introduction 7
- Front panel LEDs 11
- Front panel 11
- Rear panel 12
- Specifications 12
- Bridged mode 13
- Secure by default 14
- Introduction 16
- 2. Getting Started 17
- Unpack the SnapGear unit 18
- Set up the PCs on your LAN 35
- SG PCI Appliance Quick Setup 40
- Automatic configuration 43
- Manual configuration 45
- Backup/restore configuration 48
- 3. Network Setup 49
- Direct Connection 52
- Firewall class 53
- Ethernet configuration 53
- Interface aliases 54
- Manually assign settings 58
- Connection (dial on demand) 59
- Cable Modem 60
- Dialout and ISDN 61
- Dial-in 62
- Connecting a dial-in client 65
- Internet Failover 69
- Edit connection parameters 70
- Internet Load Balancing 74
- Enabling load balancing 75
- High Availability 76
- Enabling high availability 78
- DMZ Network 79
- Configuring a DMZ connection 80
- Services on the DMZ network 80
- Guest Network 81
- Wireless 83
- Basic wireless settings 84
- Security 85
- Wireless security 86
- WEP security method 86
- WEP with 802.1X 87
- WPA-Enterprise 88
- ACL (Access Control List) 88
- Connecting wireless clients 93
- Bridging 97
- Adding a bridge interface 98
- Edit bridge configuration 99
- Adding VLANs 101
- Editing VLANs 102
- Removing VLANs 102
- Port Based VLANs 103
- Adding port based VLANs 105
- GRE Tunnels 107
- GRE over IPSec 108
- Adding a GRE interface 108
- GRE troubleshooting 111
- Static routes 112
- Policy routes 112
- Route management 113
- Hostname 121
- Workgroup/domain 121
- Administrative contact 121
- Device location 121
- DNS proxy 122
- Dynamic DNS 123
- Static hosts 123
- DHCP Server 124
- DHCP addresses 125
- Address list 125
- Reserving IP addresses 127
- DHCP status 127
- DHCP Proxy 128
- Web Cache 129
- Storage 130
- Local storage 130
- Network storage share 131
- ICAP client 134
- Advanced 135
- QoS Traffic Shaping 136
- QoS autoshaper 137
- QoS traffic shaping 137
- Configuring the SIP proxy 140
- 4. Firewall 141
- Administration services 142
- Web Management 143
- SSL/HTTPS (Secure HTTP) 144
- Upload SSL certificates 145
- Create SSL certificates 145
- Customizing the Firewall 146
- Definitions 146
- Service groups 147
- Addresses 148
- Interfaces 149
- Packet Filtering 150
- Rate limiting 152
- Custom firewall rules 154
- Port forwarding 155
- Source NAT 160
- 1-to-1 NAT 163
- Masquerading 164
- Configuring the UPnP Gateway 165
- Connection Tracking 167
- Intrusion Detection 169
- IDB Configuration 170
- Dummy services 171
- Snort and IPS configuration 173
- Enabling access control 177
- User authentication 179
- Browser setup 180
- Web lists 182
- Content filtering 185
- Content or Webwasher? 185
- Webwasher 186
- Content 187
- Antivirus 188
- Enable antivirus 189
- Network share 190
- POP email 193
- Scan all POP email 193
- SMTP email 196
- PPTP and L2TP 200
- PPTP VPN Server 200
- Add a PPTP user account 202
- Windows XP PPTP client setup 205
- L2TP VPN Server 208
- Add an IPSec tunnel 210
- Add an L2TP user account 212
- PPTP and L2TP VPN Client 215
- Quick Setup 218
- Set Up the Branch Office 221
- Tunnel settings page 222
- Local endpoint settings 225
- Other options 226
- Phase 1 settings 230
- Phase 2 settings page 232
- Enable IPSec 233
- Local endpoint settings page 234
- Phase 1 settings page 235
- Tunnel List 236
- NAT Traversal Support 239
- Dynamic DNS Support 239
- Certificate Management 239
- The OpenSSL application 240
- Extracting certificates 240
- Creating certificates 241
- Create a CA certificate 241
- Add certificates 243
- IPSec Failover 244
- IPSec Troubleshooting 253
- Port Tunnels 256
- Tunnel server 257
- Tunnel client 258
- USB Mass Storage Devices 260
- Share the storage device 261
- Set access permissions 261
- Join a Windows workgroup 263
- USB Printers 267
- Set up the print spool 268
- Printer Troubleshooting 273
- 7. System 275
- Network time 276
- Adding an NTP peer 276
- Backup/Restore Configuration 277
- Remote backup/restore 278
- Local backup/restore 278
- Text save/restore 279
- Administrative users 280
- Local Users 282
- TACACS+ 284
- Management 285
- Diagnostics 288
- Local syslog 289
- Remote syslog 289
- Email delivery 290
- Network tests 291
- Packet Capture 291
- Reboot and Reset 292
- Flash upgrade 293
- Netflash 294
- Flash upgrade via HTTP 294
- Flash upgrade via TFTP 294
- Configuration Files 295
- Support 296
- Technical support report 297
- Appendix A – Terminology 298
- Appendix B – System Log 305
- Creating Custom Log Rules 307
- Rate Limiting 310
- Boot Log Messages 311
- Practices and Precautions 312
- Failed Upgrade 314
- Appendix E – System Clock 318
- Appendix F – Null Modem 319
- Administration 319
- Troubleshooting 320
- Appendix G – Command Line 321
- Interface (CLI) 321
© 2020, manymanuals.es. Todos los derechos reservados | 0.123 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales