Installing an asa 310-fips, Installing an asa 310-fips in a new cluster – Nortel Networks NN46120-104 User Manual
Page 58
58
Initial Setup
Installing an ASA 310-FIPS
The ASA 310-FIPS model is an where the ordinary SSL accelerator
card has been replaced by the HSM (Hardware Security Module) SSL
accelerator card. For more information about the ASA 310-FIPS model,
see
“Introducing the ASA 310-FIPS” (page 27)
.
After having installed the first ASA 310-FIPS, additional ASA 310-FIPS
units can be added to the same cluster by specifying the Management
IP (MIP) address that identifies the cluster. For more information about
adding an ASA 310-FIPS to an existing cluster, see
310-FIPS to an Existing Cluster” (page 63)
Before installing or adding an ASA 310-FIPS, make sure that you
have fully understood the concept of iKeys. You might also want to
decide the labeling scheme you want to use for identifying which iKey
is used to initialize a certain HSM card, and also label two of the black
cluster-specific iKeys "CODE-SO" and "CODE-USER" respectively in
advance. For more information about the concept of iKeys and the ASA
310-FIPS model in general, see
“Introducing the ASA 310-FIPS” (page
. You should also decide a password scheme because you will define
passwords not only for the admin user, but also for the HSM-SO iKeys,
the HSM-USER iKeys, and possibly a secret passphrase (when selecting
FIPS mode).
Installing an ASA 310-FIPS in a New Cluster
When you log in as the admin user after having started the ASA 310-FIPS
the first time, the Setup menu is displayed.
Step
Action
1
Choose new from the Setup menu to install the ASA
310-FIPS as the first member in a new cluster.
[Setup Menu]
join
- Join an existing iSD cluster
new
- Initialize iSD as a new installation
boot
- Boot menu
info
- Information menu
exit
- Exit
[global command, always
available]
>> Setup# new
Setup will guide you through the initial configuration
of the iSD.
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.