xi
Configuring password control ····································································· 433
Overview ························································································································································ 433
FIPS compliance ············································································································································ 435
Password control configuration task list ········································································································· 436
Enabling password control ····························································································································· 436
Setting global password control parameters ·································································································· 437
Setting user group password control parameters ·························································································· 438
Setting local user password control parameters ···························································································· 438
Setting super password control parameters ·································································································· 439
Setting a local user password in interactive mode ························································································· 440
Displaying and maintaining password control ································································································ 440
Password control configuration example ······································································································· 440
Configuring HABP ······················································································· 443
Configuring an HABP server ·························································································································· 444
Configuring an HABP client ··························································································································· 444
Displaying and maintaining HABP ················································································································· 445
HABP configuration example ························································································································· 445
Configuring URPF ······················································································· 448
Overview ························································································································································ 448
Configuring URPF ·································································································································· 448
URPF features ······································································································································· 448
URPF work flow ····································································································································· 448
Network application ································································································································ 450
Configuring URPF ·········································································································································· 450
URPF configuration example ························································································································· 451
Network requirements ···························································································································· 451
Configuration procedure ························································································································· 451
Configuring WLAN client isolation ······························································· 452
Configuring group domain VPN ·································································· 453
Overview ························································································································································ 453
Group domain VPN structure ················································································································· 453
Group domain VPN establishment ········································································································· 454
KS redundancy ······································································································································· 455
Protocols and standards ························································································································ 456
Configuration restrictions and guidelines ······································································································· 456
Configuring the GDOI KS ······························································································································· 457
GDOI KS configuration task list ·············································································································· 457
Configuring basic settings for a GDOI KS group ···················································································· 457
Configuring GDOI KS redundancy ········································································································· 459
Specifying the source address for packets sent by the KS ···································································· 460
Configuring rekey parameters ················································································································ 460
Displaying and maintaining GDOI KS ···································································································· 461
Configuring the GDOI GM ······························································································································ 461
GDOI GM configuration task list ············································································································· 462
Configuring a GDOI GM group ··············································································································· 462
Configuring a GDOI IPsec policy ··········································································································· 463
Applying a GDOI IPsec policy to an interface ························································································ 464
Displaying and maintaining GDOI GM ··································································································· 464
Group domain VPN configuration example ···································································································· 465
Network requirements ···························································································································· 465
Configuration procedure ························································································································· 466
Verifying the configuration ······················································································································ 474
Troubleshooting group domain VPN ·············································································································· 479
IKE SA negotiation failure ······················································································································ 479
GM registration failure ···························································································································· 480
KS redundancy failure ···························································································································· 480
To Next Page
Loading...
