User's Manual

viii
308625-14.00 Rev 00
Configuring NAT Synchronization Peers .......................................................................2-65
Adding NAT Synchronization Peers .......................................................................2-65
Enabling and Disabling NAT Synchronization Peers ..............................................2-67
Deleting NAT Synchronization Peers .....................................................................2-69
Chapter 3
Configuring RIPSO on an IP Interface
RIPSO Concepts and Terminology .................................................................................3-1
Security Label Format ..............................................................................................3-2
Inbound IP Datagrams .............................................................................................3-4
Forwarded IP Datagrams .........................................................................................3-4
Originated IP Datagrams ..........................................................................................3-5
Unlabeled IP Datagrams ..........................................................................................3-5
Enabling and Disabling RIPSO .......................................................................................3-6
Specifying the IP Datagram Type for Stripping Security Options ....................................3-7
Specifying the Outbound Datagram Type Requiring Security Labels .............................3-8
Specifying the Inbound Datagram Type Requiring Security Labels ................................3-9
Setting the Security Level for IP Datagrams .................................................................3-10
Choosing Authority Flags in Outbound Datagrams ......................................................3-11
Choosing Authority Flags in Inbound Datagrams .........................................................3-12
Supplying Implicit Labels for Unlabeled Inbound Datagrams .......................................3-13
Enabling and Disabling Default Labels for Unlabeled Outbound Datagrams ................3-14
Enabling and Disabling Error Labels for Outbound ICMP Error Datagrams .................3-15
RIPSO Example ...........................................................................................................3-16
Chapter 4
Connecting the Router to a Blacker Front End
Blacker Front End (BFE) Concepts and Terminology .....................................................4-1
BFE Addressing ..............................................................................................................4-3
Configuring BFE Support ...............................................................................................4-4