User Guide
Page 5
...| Access Settings 12-10 Administration | File Management 12-11 Administration | File Management | View 12-12 Administration | File Management | Swap Config Files 12-13 Administration | File Management | Config File Upload 12-13 Administration | Certificate Management 12-15 Administration | Certificate Management | Enrollment 12-17 Administration | Certificate Management | Enrollment |... | Certificates | View 12-24 Administration | Certificate Management | Certificates | Delete 12-27 13 Monitoring Monitoring 13-1 Monitoring | Routing Table 13-2 VPN 3002 Hardware Client User Guide v
...| Access Settings 12-10 Administration | File Management 12-11 Administration | File Management | View 12-12 Administration | File Management | Swap Config Files 12-13 Administration | File Management | Config File Upload 12-13 Administration | Certificate Management 12-15 Administration | Certificate Management | Enrollment 12-17 Administration | Certificate Management | Enrollment |... | Certificates | View 12-24 Administration | Certificate Management | Certificates | Delete 12-27 13 Monitoring Monitoring 13-1 Monitoring | Routing Table 13-2 VPN 3002 Hardware Client User Guide v
User Guide
Page 83
... description (event source) (*Cisco-specific event class) AUTH Authentication* AUTHDBG Authentication debugging* AUTHDECODE Authentication protocol decoding* AUTOUPDATE Autoupdate subsystem* BKPLN WAN backplane driver* CAPI Cryptography subsystem* CERT Digital certificates subsystem CONFIG Configuration subsystem* DHCP DHCP subsystem DHCPDBG DHCP debugging* DHCPDECODE DHCP decoding* DM Data Movement subsystem* VPN 3002 Hardware Client User Guide 9-1 The VPN 3002 records events in...
... description (event source) (*Cisco-specific event class) AUTH Authentication* AUTHDBG Authentication debugging* AUTHDECODE Authentication protocol decoding* AUTOUPDATE Autoupdate subsystem* BKPLN WAN backplane driver* CAPI Cryptography subsystem* CERT Digital certificates subsystem CONFIG Configuration subsystem* DHCP DHCP subsystem DHCPDBG DHCP debugging* DHCPDECODE DHCP decoding* DM Data Movement subsystem* VPN 3002 Hardware Client User Guide 9-1 The VPN 3002 records events in...
User Guide
Page 109
..., access, and sessions. - VPN 3002 Hardware Client User Guide 12-1 Access Settings: set options for VPN 3002 shutdown and reboot. • Ping: use and functionality as a VPN device, but administration involves higher ... to configure the system, and what software runs on the VPN 3002. - Enrollment: create a certificate request to send to the VPN 3002. • Certificate Management: install and manage digital certificates.... functions on the VPN 3002. • Software Update: upload and update the VPN 3002 software image. • System Reboot: set administrative session idle...
..., access, and sessions. - VPN 3002 Hardware Client User Guide 12-1 Access Settings: set options for VPN 3002 shutdown and reboot. • Ping: use and functionality as a VPN device, but administration involves higher ... to configure the system, and what software runs on the VPN 3002. - Enrollment: create a certificate request to send to the VPN 3002. • Certificate Management: install and manage digital certificates.... functions on the VPN 3002. • Software Update: upload and update the VPN 3002 software image. • System Reboot: set administrative session idle...
User Guide
Page 110
...do not perform any new Cisco-supplied configurable selections. Software image files ship on the system; To run the new software image, you update the VPN 3002 executable system software. Updating the image overwrites the stored image file in the Manager window. 12-2 VPN 3002 Hardware Client User Guide Caution: You...the active location, which then verifies the integrity of the Manager lets you must be accessible by the workstation you to the CONFIG file until you reboot with the new image, the system updates the active configuration in the active location; This process uploads ...
...do not perform any new Cisco-supplied configurable selections. Software image files ship on the system; To run the new software image, you update the VPN 3002 executable system software. Updating the image overwrites the stored image file in the Manager window. 12-2 VPN 3002 Hardware Client User Guide Caution: You...the active location, which then verifies the integrity of the Manager lets you must be accessible by the workstation you to the CONFIG file until you reboot with the new image, the system updates the active configuration in the active location; This process uploads ...
User Guide
Page 113
... and verifies the software image, executes system diagnostics, and initializes the system. You can log back in while the VPN3002 is the default selection.) VPN 3002 Hardware Client User Guide 12-5 A reboot takes about 60-75 seconds. (This is in the Manager when the system reboots or halts, it overwrites any ... of the system. If a delayed reboot or shutdown is pending, the Manager also displays a message that name. See Configuration | System | Events | General, Administration | Config File Management, and Monitoring | Filterable Event Log for the reboot to select the desired action.
... and verifies the software image, executes system diagnostics, and initializes the system. You can log back in while the VPN3002 is the default selection.) VPN 3002 Hardware Client User Guide 12-5 A reboot takes about 60-75 seconds. (This is in the Manager when the system reboots or halts, it overwrites any ... of the system. If a delayed reboot or shutdown is pending, the Manager also displays a message that name. See Configuration | System | Events | General, Administration | Config File Management, and Monitoring | Filterable Event Log for the reboot to select the desired action.
User Guide
Page 114
... terminate (don't allow new sessions) = Reboot or shutdown as soon as the last session terminates, and don't allow any existing CONFIG file, and it had no CONFIG file. i.e., start the system as you click Apply. (This is , bring the system to reboot or shutdown. When to Reboot...for the system to a halt so you click Apply, based on this Cancel button does not cancel a scheduled reboot or shutdown.) 12-6 VPN 3002 Hardware Client User Guide To cancel your settings on system time. The default is the default selection.) Reboot ignoring the Configuration file = Reboot using the ...
... terminate (don't allow new sessions) = Reboot or shutdown as soon as the last session terminates, and don't allow any existing CONFIG file, and it had no CONFIG file. i.e., start the system as you click Apply. (This is , bring the system to reboot or shutdown. When to Reboot...for the system to a halt so you click Apply, based on this Cancel button does not cancel a scheduled reboot or shutdown.) 12-6 VPN 3002 Hardware Client User Guide To cancel your settings on system time. The default is the default selection.) Reboot ignoring the Configuration file = Reboot using the ...
User Guide
Page 117
..., not in to, and use the VPN 3002 Hardware Client Manager. Any changes take effect as soon as supplied by default; VPN 3002 Hardware Client User Guide 12-9 Thus, these settings are special users who can use , the VPN 3002 Hardware Client Manager as you change administrator properties and...change , all areas. Note: The VPN3002 saves Administrator parameter settings from this is the only administrator enabled by Cisco. • config = Configuration administrator with access rights to Quick Configuration and monitoring management options only. • monitor = Monitor ...
..., not in to, and use the VPN 3002 Hardware Client Manager. Any changes take effect as soon as supplied by default; VPN 3002 Hardware Client User Guide 12-9 Thus, these settings are special users who can use , the VPN 3002 Hardware Client Manager as you change administrator properties and...change , all areas. Note: The VPN3002 saves Administrator parameter settings from this is the only administrator enabled by Cisco. • config = Configuration administrator with access rights to Quick Configuration and monitoring management options only. • monitor = Monitor ...
User Guide
Page 119
...encrypt entries such as passwords, keys, and user information. Encrypt Config File To encrypt sensitive entries in VPN 3002 flash memory. (Flash memory acts like a disk.) Figure 12-13: Administration | Config File Management screen VPN 3002 Hardware Client User Guide 12-11 Administration | File Management This section of... for administrative sessions. To cancel your settings in the active configuration, click Apply. The CONFIG file is , when you manage config files and view crash dump files in the CONFIG file, check the box (default). To use clear text for this period, the Manager...
...encrypt entries such as passwords, keys, and user information. Encrypt Config File To encrypt sensitive entries in VPN 3002 flash memory. (Flash memory acts like a disk.) Figure 12-13: Administration | Config File Management screen VPN 3002 Hardware Client User Guide 12-11 Administration | File Management This section of... for administrative sessions. To cancel your settings in the active configuration, click Apply. The CONFIG file is , when you manage config files and view crash dump files in the CONFIG file, check the box (default). To use clear text for this period, the Manager...
User Guide
Page 120
...pop-up menu presents choices whose exact wording depends on this option, the Administration | File Management | Swap Config Files window displays. 12 Administration View Files View Files lets you swap the boot configuration file with the backup... configuration file. When you select this option, the Administration | File Management | Config File Upload window displays. Figure 12-14: Administration | File Management | View screen View (Save) To view a file,... PC that is the same as above. 12-12 VPN 3002 Hardware Client User Guide
...pop-up menu presents choices whose exact wording depends on this option, the Administration | File Management | Swap Config Files window displays. 12 Administration View Files View Files lets you swap the boot configuration file with the backup... configuration file. When you select this option, the Administration | File Management | Config File Upload window displays. Figure 12-14: Administration | File Management | View screen View (Save) To view a file,... PC that is the same as above. 12-12 VPN 3002 Hardware Client User Guide
User Guide
Page 121
... the file on the VPN 3002. This function provides special handling for a filename and location. VPN 3002 Hardware Client User Guide 12-13 When you click OK, the system automatically goes to the VPN 3002 flash memory. The Manager returns to that screen. See the Administration | Access Rights | Administrators screen. Administration | File Management | Swap Config Files Delete Save Target...
... the file on the VPN 3002. This function provides special handling for a filename and location. VPN 3002 Hardware Client User Guide 12-13 When you click OK, the system automatically goes to the VPN 3002 flash memory. The Manager returns to that screen. See the Administration | Access Rights | Administrators screen. Administration | File Management | Swap Config Files Delete Save Target...
User Guide
Page 122
...using MS-DOS syntax; The Manager returns to the VPN 3002, click Upload. You can also click the Browse button to stop a file upload that is cancelled, the progress window closes. 12-14 VPN 3002 Hardware Client User Guide The Manager opens the File Upload Progress ...window. File Upload Progress This window shows the progress of the file on your entries on the Administration | Config File Management | View Config Files screen. Figure 12-17: Administration...
...using MS-DOS syntax; The Manager returns to the VPN 3002, click Upload. You can also click the Browse button to stop a file upload that is cancelled, the progress window closes. 12-14 VPN 3002 Hardware Client User Guide The Manager opens the File Upload Progress ...window. File Upload Progress This window shows the progress of the file on your entries on the Administration | Config File Management | View Config Files screen. Figure 12-17: Administration...
User Guide
Page 123
... a hierarchy of a Public Key Infrastructure (PKI), which uses public-key / private-key encryption to the Administration | Config File Management | File Upload screen. VPN 3002 Hardware Client User Guide 12-15 File Upload Error The Manager displays this screen to confirm that the file upload was not successful...must have been interrupted or cancelled. CAs are a form of files-to go to verify their authenticity. The systems on the VPN 3002. • Certificates: view, delete, configure revocation checking, and generate certificates. Figure 12-18: Administration | File Management | ...
... a hierarchy of a Public Key Infrastructure (PKI), which uses public-key / private-key encryption to the Administration | Config File Management | File Upload screen. VPN 3002 Hardware Client User Guide 12-15 File Upload Error The Manager displays this screen to confirm that the file upload was not successful...must have been interrupted or cancelled. CAs are a form of files-to go to verify their authenticity. The systems on the VPN 3002. • Certificates: view, delete, configure revocation checking, and generate certificates. Figure 12-18: Administration | File Management | ...
User Guide
Page 124
...reachable network host; Save them as trusted or signing certificates). The VPN3002 can use the public-key / private-key pairs to : 12-16 VPN 3002 Hardware Client User Guide See also Configuration | System | Management Protocols | HTTP/HTTPS and Telnet, and Configuration | System | Management Protocols | SSL. ...not visible under Administration | Config File Management. If you to click Save Needed to store them in a secure area of flash memory. They do not open them or install them , and they use it is essential that the time on the VPN 3002 requires these steps: 1...
...reachable network host; Save them as trusted or signing certificates). The VPN3002 can use the public-key / private-key pairs to : 12-16 VPN 3002 Hardware Client User Guide See also Configuration | System | Management Protocols | HTTP/HTTPS and Telnet, and Configuration | System | Management Protocols | SSL. ...not visible under Administration | Config File Management. If you to click Save Needed to store them in a secure area of flash memory. They do not open them or install them , and they use it is essential that the time on the VPN 3002 requires these steps: 1...
User Guide
Page 174
... = an invalid mapping. There is no confirmation or undo. You cannot delete static mappings. 13-38 VPN 3002 Hardware Client User Guide 13 Monitoring Interface The VPN 3002 network interface on the VPN 3002. IP Address The IP address that maps to Modify Config under General Access Rights. Public Interface. Action / Delete To remove a dynamic, or learned, mapping from...
... = an invalid mapping. There is no confirmation or undo. You cannot delete static mappings. 13-38 VPN 3002 Hardware Client User Guide 13 Monitoring Interface The VPN 3002 network interface on the VPN 3002. IP Address The IP address that maps to Modify Config under General Access Rights. Public Interface. Action / Delete To remove a dynamic, or learned, mapping from...
User Guide
Page 180
...SSL access To access the CLI via a Telnet or Telnet/SSL client: 1 Enable the Telnet or Telnet/SSL server on the VPN 3002. (They are both enabled by logging in. Entries are the same...Cisco Systems VPN 3002 Hardware Client Command Line Interface Copyright (C) 1998-2001 Cisco Systems, Inc. 1) Configuration 2) Administration 3) Monitoring 4) Save changes to the VPN 3002 using these parameters: Host Name or Session Name = The IP address on the Manager. 2 Start the Telnet or Telnet/SSL client, and connect to Config file 5) Help Information 6) Exit Main -> _ 14-2 VPN 3002 Hardware Client...
...SSL access To access the CLI via a Telnet or Telnet/SSL client: 1 Enable the Telnet or Telnet/SSL server on the VPN 3002. (They are both enabled by logging in. Entries are the same...Cisco Systems VPN 3002 Hardware Client Command Line Interface Copyright (C) 1998-2001 Cisco Systems, Inc. 1) Configuration 2) Administration 3) Monitoring 4) Save changes to the VPN 3002 using these parameters: Host Name or Session Name = The IP address on the Manager. 2 Start the Telnet or Telnet/SSL client, and connect to Config file 5) Help Information 6) Exit Main -> _ 14-2 VPN 3002 Hardware Client...
User Guide
Page 182
...) 1) Administrators 2) Access Settings 3) Back Admin -> 1 Administrative Users Username Enabled admin Yes config No isp No 1) Modify Administrator 2) Back Admin -> 1 14-4 VPN 3002 Hardware Client User Guide Using shortcut numbers When you become familiar with the structure of the CLI-which parallels the HTML-based VPN 3002 Hardware Client Manager-you are at a value entry. Both ways work only when...
...) 1) Administrators 2) Access Settings 3) Back Admin -> 1 Administrative Users Username Enabled admin Yes config No isp No 1) Modify Administrator 2) Back Admin -> 1 14-4 VPN 3002 Hardware Client User Guide Using shortcut numbers When you become familiar with the structure of the CLI-which parallels the HTML-based VPN 3002 Hardware Client Manager-you are at a value entry. Both ways work only when...
User Guide
Page 183
...just enter h or H to move home to the main menu. VPN 3002 Hardware Client User Guide 14-5 Admin -> config The prompt always shows the current context in the name of the administrator you want to modify, for example, config. Using the CLI > Which Administrator to Modify Admin -> As ...menu level, you can just enter b or B to move directly to the Modify Administrators menu: 1) Configuration 2) Administration 3) Monitoring 4) Save changes to Config file 5) Help Information 6) Exit Main -> 2.4.1.1 > Which Administrator to Modify Admin -> Note: At this prompt, you must type in the menu ...
...just enter h or H to move home to the main menu. VPN 3002 Hardware Client User Guide 14-5 Admin -> config The prompt always shows the current context in the name of the administrator you want to modify, for example, config. Using the CLI > Which Administrator to Modify Admin -> As ...menu level, you can just enter b or B to move directly to the Modify Administrators menu: 1) Configuration 2) Administration 3) Monitoring 4) Save changes to Config file 5) Help Information 6) Exit Main -> 2.4.1.1 > Which Administrator to Modify Admin -> Note: At this prompt, you must type in the menu ...
User Guide
Page 184
...prompt. For Data entry -- Cisco Systems. Help information for the Command Line Interface From any changes. Current values are included in '[ ]'s. At the prompt, enter 4 for Save changes to Config file. 1) Configuration 2) Administration 3) Monitoring 4) Save changes to Config file 5) Help Information 6) ... 'H' or 'h' for Home back to the main menu. To save changes to the system configuration (CONFIG) file, navigate to the CONFIG file and redisplays the main menu. 14-6 VPN 3002 Hardware Client User Guide Just hit 'Enter' to accept value. 1) View Help Again 2) Back Help -> ...
...prompt. For Data entry -- Cisco Systems. Help information for the Command Line Interface From any changes. Current values are included in '[ ]'s. At the prompt, enter 4 for Save changes to Config file. 1) Configuration 2) Administration 3) Monitoring 4) Save changes to Config file 5) Help Information 6) ... 'H' or 'h' for Home back to the main menu. To save changes to the system configuration (CONFIG) file, navigate to the CONFIG file and redisplays the main menu. 14-6 VPN 3002 Hardware Client User Guide Just hit 'Enter' to accept value. 1) View Help Again 2) Back Help -> ...
User Guide
Page 185
...keyboard shortcuts-may change with the CLI depends on administrator access rights. Please check familiar shortcuts carefully when using a new release. VPN 3002 Hardware Client User Guide 14-7 For example, here is the main menu for more information. To keep this chapter at the main menu ...prompt takes you see -), rather than a number, in each heading are the keyboard shortcut to Config file 5) Help Information 6) Exit Main -> _ The default Monitor administrator can configure with new software versions. See Administration | Access Rights | ...
...keyboard shortcuts-may change with the CLI depends on administrator access rights. Please check familiar shortcuts carefully when using a new release. VPN 3002 Hardware Client User Guide 14-7 For example, here is the main menu for more information. To keep this chapter at the main menu ...prompt takes you see -), rather than a number, in each heading are the keyboard shortcut to Config file 5) Help Information 6) Exit Main -> _ The default Monitor administrator can configure with new software versions. See Administration | Access Rights | ...
User Guide
Page 186
... 5) Help Information 6) Exit Main -> _ 1 Configuration 1) Quick Configuration 2) Interface Configuration 3) System Management 4) Policy Management 5) Back Config -> _ 1.1 Configuration > Quick Configuration See the VPN 3002 Hardware Client Getting Started guide for complete information about Quick Config. 1.2 Configuration > Interface Configuration This table shows current IP addresses. . . 1) Configure the Private Interface 2) Configure the Public Interface 3) Back Interfaces -> _ 1.2.1 or 1.2.2 Configuration > Interface Configuration...
... 5) Help Information 6) Exit Main -> _ 1 Configuration 1) Quick Configuration 2) Interface Configuration 3) System Management 4) Policy Management 5) Back Config -> _ 1.1 Configuration > Quick Configuration See the VPN 3002 Hardware Client Getting Started guide for complete information about Quick Config. 1.2 Configuration > Interface Configuration This table shows current IP addresses. . . 1) Configure the Private Interface 2) Configure the Public Interface 3) Back Interfaces -> _ 1.2.1 or 1.2.2 Configuration > Interface Configuration...