Multi-level security, Multi-level security 426 – Enterasys Networks CSX6000 User Manual

Page 426

Advertising
background image

USER’S GUIDE

426 CyberSWITCH

M

ULTI

-L

EVEL

S

ECURITY

To verify device and user level security to the CyberSWITCH, the WAN lines that are connected to
the system must be available for use, and IP, AppleTalk, or bridging options must be properly
initialized. The remote devices must be operational and available to initiate ISDN WAN
connections. The remote device must be configured on a device database, with User Level
Authentication initially disabled. A client PC on the LAN of the remote device must a user ID and
password for a user level database on an off-node server. Both databases must be enabled and
available.

Below is an example of a configuration used to verify multi-level security over an IP WAN
UnNumbered interface. It uses IP addresses specific to the example. Substitute the IP address of
your network when you perform the multi-level security verification steps. It also uses the “ping”
command. The “ping” command sends a packet to a specified host, waits for a response, and
reports success or failure. Substitute the equivalent command on your network.

To verify multi-level security:
1.

Determine if the client PC can ping the Service Server. On the Client PC, type:

ping 100.0.0.2

<return>

If the ping is successful, then continue with the next step.

If the client PC CANNOT ping to the Service Server, refer to

IP Routing over a WAN

UnNumbered Interface Connection

in the Verifying Routing Protocols chapter.

2.

Reconfigure the definition of the remote device in the device database to enable User Level
Authentication. Attempt to ping the Service Server again. On the client PC, type:

ping 100.0.0.2

<return>

If the ping is successful, disconnect the call. Ensure that User Level Authentication is enabled
for the remote device, then try the ping again. The ping should fail.

If the client PC CANNOT ping to the Service Server, then continue with the next step.

ISDN

CSX5500

100.0.0.1

192.100.1.1

Remote

Device

Client PC

192.100.1.2

Ace Server

Service

Server

100.0.0.3

100.0.0.2

Telnet Port

to ACE 7003

Advertising
This manual is related to the following products:

Cabletron CyberSWITCH CSX5500, CSX7000

Popular Brands
Popular manuals