Manualshelf

- Foundry Router User Guide

ManualsBrandsFoundry Networks ManualsNetwork RouterAR3201
12345678910
Contents
June 2004 © 2004 Foundry Networks, Inc. ix
GENERIC ROUTING ENCAPSULATION (GRE) ..............................................................................................14-7
CHAPTER 15
S
ECURITY FEATURES ................................................................................ 15-1
INTRODUCTION TO SECURITY ....................................................................................................................15-1
E
NABLING SECURITY FEATURES .........................................................................................................15-1
S
ECURING REMOTE ACCESS USING IPSEC VPN .......................................................................................15-2
A
CCESS METHODS .............................................................................................................................15-2
E
XAMPLE 1: SECURELY MANAGING THE FOUNDRY AR1204 OVER AN IPSEC TUNNEL ..........................15-3
E
XAMPLE 2: JOINING TWO PRIVATE NETWORKS WITH AN IP SECURITY TUNNEL .................................15-10
E
XAMPLE 3: JOINING TWO NETWORKS WITH AN IPSEC TUNNEL USING MULTIPLE IPSEC PROPOSALS .15-19
E
XAMPLE 4: SUPPORTING REMOTE USER ACCESS ............................................................................15-28
E
XAMPLE 5: CONFIGURING IPSEC REMOTE ACCESS TO CORPORATE LAN WITH MODE-CONFIGURATION
M
ETHOD ....................................................................................................................................15-37
C
ONFIGURING GRE ................................................................................................................................15-45
F
IREWALLS .............................................................................................................................................15-50
F
IREWALL CONFIGURATION EXAMPLES ..............................................................................................15-50
S
TOPPING DOS ATTACKS .................................................................................................................15-56
P
ACKET REASSEMBLY ......................................................................................................................15-57
NAT C
ONFIGURATIONS ....................................................................................................................15-57
NAT C
ONFIGURATION EXAMPLES .....................................................................................................15-58
S
ECURITY PROTOCOL DEFAULTS ............................................................................................................15-61
IPS
EC SUPPORTED PROTOCOLS AND ALGORITHMS ...........................................................................15-61
F
OUNDRY IKE AND IPSEC DEFAULTS ...............................................................................................15-62
F
IREWALL DEFAULT VALUES ...................................................................................................................15-63
T
UNNELING DEFAULT VALUES .................................................................................................................15-65