User`s guide
Table Of Contents
- Ascend Customer Service
- How to use this guide
- What you should know
- Documentation conventions
- How to use the on-board software
- Manual set
- Configuring WAN Connections
- Configuring IP Routing
- Introduction to IP routing on the Pipeline
- Managing the routing table
- Parameters that affect the routing table
- Static and dynamic routes
- Configuring static routes
- Specifying default routes on a per-user basis
- Enabling the Pipeline to use dynamic routing
- Route preferences
- Viewing the routing table
- Fields in the routing table
- Removing down routes to a host
- Identifying Temporary routes in the routing table
- Configuring IP routing connections
- Ascend Tunnel Management Protocol (ATMP)
- IP Address Management
- Connecting to a local IP network
- BOOTP Relay
- DHCP services
- Dial-in user DNS server assignments
- Local DNS host address table
- Network Address Translation (NAT) for a LAN
- Configuring IPX Routing
- How the Pipeline performs IPX routing
- Adding the Pipeline to the local IPX network
- Working with the RIP and SAP tables
- Configuring IPX routing connections
- Configuring the Pipeline as a Bridge
- Defining Filters and Firewalls
- Setting Up Pipeline Security
- Pipeline System Administration
- Pipeline 75 Voice Features
- IDSL Implementations
- APP Server utility
- About the APP Server utility
- APP Server installation and setup
- Configuring the Pipeline to use the APP server
- Using App Server with Axent SecureNet
- Creating banner text for the password prompt
- Installing and using the UNIX APP Server
- Installing and using the APP Server utility for DO...
- Installing and using the APP Server utility for Wi...
- Installing APP Server on a Macintosh
- Troubleshooting
- Upgrading system software
- What you need to upgrade system software
- Displaying the software load name
- The upgrade procedure
- Untitled
Setting Up Pipeline Security
Recommended security measures
7-2 Preliminary January 30, 1998 Pipeline User’s Guide
• Activate the Full Access security level.
After you change the password, activate the Full Access security level for
your own use in performing the rest of these basic security measures. (For
instructions, see “Activating the Full Access security level” on page 7-4.)
• Make the default security level very restrictive.
The Pipeline provides terminal services via Telnet. Any user who Telnets to
the unit is assigned the default security level, which is initially without
restrictions. You should turn off all privileges in the Default security profile.
(For instructions, see “Making the Default security level restrictive” on page
7-4.)
• Assign a Telnet password.
Until you assign a Telnet password, any local user who has the Pipeline
unit’s IP address can Telnet into it. Once you assign the password, all
incoming Telnet sessions (from the local network or across the WAN) will be
prompted to enter that password. (For instructions, see “Assigning a Telnet
password” on page 7-5.)
• Change the SNMP community strings.
The Pipeline supports SNMP traps, which allows it to send alarms, report on
call details, and send other management information to an SNMP
management station without being polled. The Pipeline default read and
write community strings should be changed to prevent unauthorized access
to the Pipeline by an SNMP management station. (For instructions, see
“Changing the SNMP read and write community string” on page 7-5.)
• Require profiles for incoming connections.
The Pipeline unit’s Answer profile can be used to build unrestricted
connections (connections for which no name or password is required).
Although some sites allow this type of connection, many do not. You should
restrict incoming connections to those with a configured profile. (For
instructions, see “Requiring profiles for incoming connections” on page 7-
7.)
• Turn off ICMP Redirects.
To secure the Pipeline unit’s IP routes, you should configure the unit to
ignore ICMP (Internet Control Message Protocol) Redirect packets. (For
instructions, see “Turning off ICMP redirects” on page 7-7.)