VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Manuel d'utilisateur Page 135
- Page / 162
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
VMware, Inc. 135
Appendix B vShield Edge VPN Configuration Examples
Phase 1: Main Mode Transactions
ThefollowingtransactionsoccurinsequencebetweenthevShieldEdgeandaCiscoVPNdeviceinMain
Mode.
1vShieldEdgetoCisco
proposal:encrypt3des‐cbc,sha,psk,group5(group2)
DPDenabled
2CiscotovShieldEdge
containsproposalchosenbyCisco
IftheCiscodevicedoesnotacceptanyoftheparametersthevShieldEdgesentinstepone,theCisco
devicesendsthemessagewithflagNO_PROPOSAL_CHOSENandterminatesthenegotiation.
3vShieldEdgetoCisco
DHkeyandnonce
4CiscotovShieldEdge
DHkeyandnonce
5vShieldEdgetoCisco(Encrypted)
includeID
(PSK)
6CiscotovShieldEdge(Encrypted)
includeID(PSK)
IftheCiscodevicefindsthatthePSKdoesnʹtmatch,theCiscodevicesendsamessagewithflag
INVALID_ID_INFORMATION;Phase1fails.
Phase 2: Quick Mode Transactions
ThefollowingtransactionsoccurinsequencebetweenthevShieldEdgeandaCiscoVPNdeviceinQuick
Mode.
1vShieldEdgetoCisco
vShieldEdgeproposesPhase2policytothepeer.Forexample:
Aug 26 12:16:09 weiqing-desktop pluto[5789]: "s1-c1" #2: initiating Quick Mode
PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using isakmp#1 msgid:d20849ac
proposal=3DES(3)_192-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_MODP1024}
2CiscotovShieldEdge
CiscodevicesendsbackNO_PROPOSAL_CHOSENifitdoesnotfindanymatchingpolicyfortheproposal.
Otherwise,theCIscodevicesendsthesetofparameterschosen.
3vShieldEdgetoCisco
Tofacilitatedebugging,youcanturnonIPSecloggingonthevShieldEdgeandenablecryptodebugon
Cisco(debug crypto isakmp <level>)
Configuring the vShield Edge VPN Parameters
AvShieldEdgesupportssite‐to‐siteIPSecVPNbetweenavShieldEdgeandremotesites.
To configure VPN on a vShield Edge
1InthevSphereClient,gotoInventory>Networking.
2 SelectaninternalportgroupthatisprotectedbyavShieldEdge.
3ClickthevShieldEdgetab.
- vShield Administration Guide 1
- 2 VMware, Inc 2
- Contents 3
- 4 VMware, Inc 4
- 11 vShieldAppManagement 61 5
- 12 FlowMonitoring 65 5
- 13 AppFirewallManagement 71 5
- Appendixes 6
- C Troubleshooting 149 7
- VMware, Inc. 8 8
- About This Book 9
- Support Offerings 10
- VMware Professional Services 10
- VMware, Inc. 11 11
- 12 VMware, Inc 12
- Overview of vShield 13
- 14 VMware, Inc 14
- VMware Tools 15
- 16 VMware, Inc 16
- VMware, Inc. 17 17
- Accessing the Online Help 18
- VMware, Inc. 19 19
- 20 VMware, Inc 20
- Management System Settings 21
- Identify DNS Services 22
- Identify a Proxy Server 23
- Back Up vShield Manager Data 24
- Field Description 25
- 26 VMware, Inc 26
- Zones Firewall Management 27
- Default Rules 28
- Create a Zones Firewall Rule 29
- Criteria Description 30
- Password: 31
- Delete a Zones Firewall Rule 32
- User Management 33
- Add a User 34
- Edit a User Account 34
- Delete a User Account 35
- 36 VMware, Inc 36
- Updating System Software 37
- Review the Update History 38
- VMware, Inc. 39 39
- Restore a Backup 40
- System Events and Audit Logs 41
- System Event Notifications 42
- Syslog Format 42
- View the Audit Log 43
- 44 VMware, Inc 44
- VMware, Inc. 45 45
- 46 VMware, Inc 46
- VMware, Inc. 47 47
- 48 VMware, Inc 48
- VMware, Inc. 49 49
- 50 VMware, Inc 50
- Manage NAT Rules 51
- Manage DHCP Service 52
- Manage VPN Service 53
- 54 VMware, Inc 54
- Manage Load Balancer Service 55
- Upgrade vShield Edge Software 56
- VMware, Inc. 57 57
- 58 VMware, Inc 58
- VMware, Inc. 59 59
- 60 VMware, Inc 60
- VMware, Inc. 61 61
- 62 VMware, Inc 62
- Restart a vShield App 63
- 64 VMware, Inc 64
- Flow Monitoring 65
- L4:TCPorUDP 66
- VMware, Inc. 67 67
- Chapter 12 Flow Monitoring 67
- Delete All Recorded Flows 68
- Editing Port Mappings 68
- Hide the Port Mappings Table 69
- 70 VMware, Inc 70
- App Firewall Management 71
- Create an App Firewall Rule 73
- 74 VMware, Inc 74
- Add a Security Group 75
- Delete an App Firewall Rule 77
- Using SpoofGuard 77
- SpoofGuard Screen Options 78
- Enable SpoofGuard 78
- Approve IP Addresses 78
- Edit an IP Address 79
- Delete an IP Address 79
- 80 VMware, Inc 80
- View vShield Endpoint Status 81
- Host Alarms 82
- SVM Alarms 82
- VM Alarms 83
- 84 VMware, Inc 84
- VMware, Inc. 85 85
- Audit Messages 86
- 88 VMware, Inc 88
- Command Line Interface 89
- CLI Syntax 90
- Moving Around in the CLI 90
- Getting Help within the CLI 91
- 92 VMware, Inc 92
- Command Reference 93
- CLI Mode Commands 94
- VMware, Inc. 95 95
- 96 VMware, Inc 96
- Configuration Commands 97
- 98 VMware, Inc 98
- VMware, Inc. 99 99
- 100 VMware, Inc 100
- VMware, Inc. 101 101
- 102 VMware, Inc 102
- VMware, Inc. 103 103
- Debug Commands 104
- VMware, Inc. 105 105
- 106 VMware, Inc 106
- VMware, Inc. 107 107
- 108 VMware, Inc 108
- Show Commands 109
- 110 VMware, Inc 110
- VMware, Inc. 111 111
- 112 VMware, Inc 112
- VMware, Inc. 113 113
- 114 VMware, Inc 114
- VMware, Inc. 115 115
- 116 VMware, Inc 116
- VMware, Inc. 117 117
- 118 VMware, Inc 118
- VMware, Inc. 119 119
- 120 VMware, Inc 120
- VMware, Inc. 121 121
- 122 VMware, Inc 122
- VMware, Inc. 123 123
- 124 VMware, Inc 124
- VMware, Inc. 125 125
- 126 VMware, Inc 126
- VMware, Inc. 127 127
- User Administration Commands 128
- USERNAME 129
- PASSWORD 129
- Terminal Commands 130
- Deprecated Commands 131
- 132 VMware, Inc 132
- Examples 133
- Terminology 134
- IKE Phase 1 and Phase 2 134
- VMware, Inc. 135 135
- 136 VMware, Inc 136
- Configure IKE Policy 137
- 138 VMware, Inc 138
- Using a Cisco ASA 5510 139
- 140 VMware, Inc 140
- Troubleshooting 141
- Phase 1 Policy Not Matching 142
- Phase 2 Not Matching 143
- PFS Mismatch 143
- PSK Not Matching 144
- VMware, Inc. 145 145
- 146 VMware, Inc 146
- VMware, Inc. 147 147
- 148 VMware, Inc 148
- 150 VMware, Inc 150
- Solution 151
- Validate the Data Path 152
- VMware, Inc. 153 153
- Appendix C Troubleshooting 153
- Load-Balancer Does Not Work 154
- VPN Does Not Work 155
- Thin Agent Logging 155
- 156 VMware, Inc 156
- VMware, Inc. 157 157
- 158 VMware, Inc 158
- VMware, Inc. 159 159
- 160 VMware, Inc 160
- VMware, Inc. 161 161
- 162 VMware, Inc 162
Produits connexes et manuels pour Logiciel de gestion du système VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API
(436 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.118 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels