User Guide

60 Chapter 2 Initial setup

320818-A

The action to be performed when the TunnelGuard check fails depends on

your selection in step f on page 59.

Settings created by the quick setup wizard

The quick setup wizard creates the following basic Nortel SNAS 4050 settings:

1 A Nortel SNAS 4050 domain (Domain 1). A Nortel SNAS 4050 domain

encompasses all switches, authentication servers, and remediation servers

associated with that Nortel SNAS 4050.

2 A virtual SSL server. A portal IP address, or pVIP, is assigned to the virtual

SSL server. Clients connect to the pVIP in order to access the portal.

3 A test certificate has been installed and mapped to the Nortel SNAS 4050

portal.

4 The authentication method is set to Local database.

5 One test user is configured. You were prompted to set a user name and

password during the quick setup wizard (in this example, user name and

password are both set to

tg). The test user belongs to a group called

tunnelguard. There are two profiles within the group:

tg_passed and

tg_failed. Each profile has a client filter and a linkset associated with it.

Create default tunnel guard user [no]: yes

Using 'restricted' action for TunnelGuard failure.

User name: tg

User password: tg

Creating client filter 'tg_passed'.

Creating client filter 'tg_failed'.

Creating linkset 'tg_passed'.

Creating linkset 'tg_failed'.

Creating group 'tunnelguard' with secure access.

Creating extended profile, full access when tg_passed

Enter green vlan id [110]: <VID>

Creating extended profile, remediation access when

tg_failed

Enter yellow vlan id [120]: <VID>

Creating user 'tg' in group 'tunnelguard'.

Initializing system......ok

Setup successful. Relogin to configure.