Appliance Installation Guide

Similar documents
Optimum Business SIP Trunk Set-up Guide

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

Steps for Basic Configuration

Barracuda Link Balancer

Installation of the On Site Server (OSS)

SSL-VPN 200 Getting Started Guide

Barracuda Link Balancer Administrator s Guide

IntraVUE Plug Scanner/Recorder Installation and Start-Up

How To - Deploy Cyberoam in Gateway Mode

OUTDOOR IR NETWORK CAMERA Series

SOHO 6 Wireless Installation Procedure Windows 95/98/ME with Internet Explorer 5.x & 6.0

Internet Filtering Appliance. User s Guide VERSION 1.2

Quick Start Guide. WRV210 Wireless-G VPN Router with RangeBooster. Cisco Small Business

Chapter 1 Installing the Gateway

Savvius Insight Initial Configuration

Networking Guide Redwood Manager 3.0 August 2013

Deployment Guide: Transparent Mode

Multi-Homing Security Gateway

3.5 EXTERNAL NETWORK HDD. User s Manual

Easy Setup Guide for the Sony Network Camera

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Using Cisco UC320W with Windows Small Business Server

N300 WiFi Range Extender WN2000RPT User Manual

Application Notes for Configuring Yealink T-22 SIP Phones to interoperate with Avaya IP Office - Issue 1.0

1 You will need the following items to get started:

Quick Installation Guide

DNS-312H Network Attached Storage

Chapter 10 Troubleshooting

DVG-2101SP VoIP Telephone Adapter

Configuring PA Firewalls for a Layer 3 Deployment

SATO Network Interface Card Configuration Instructions

Chapter 8 Router and Network Management

Using SonicWALL NetExtender to Access FTP Servers

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

Configuring Infoblox DHCP

VoIP Intercom and Cisco Call Manager Server Setup Guide

6.0. Getting Started Guide

MN-700 Base Station Configuration Guide

V310 Support Note Version 1.0 November, 2011

1. Hardware Installation

emerge 50P emerge 5000P

ASUS WL-5XX Series Wireless Router Internet Configuration. User s Guide

Chapter 3 LAN Configuration

IP Phone Configuration and Troubleshooting Guide

If you have any problems, please contact our technical support team at , or

Preparing the Computers for TCP/IP Networking

COPYRIGHT & TRADEMARKS FCC STATEMENT EC DECLARATION OF CONFORMITY (EUROPE) SAFETY NOTICES

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, :32 pm Pacific

Chapter 6 Using Network Monitoring Tools

Acellus Lab Cart. User s Manual. Version 4B. Acellus Corporation Copyright 2010 Acellus Corporation. All Rights Reserved.

Network Monitoring User Guide Pulse Appliance

ZULTYS. Optimum Business Trunking and the Zultys MX250 IP PBX Configuration Guide

ALOHA Load Balancer Quickstart guide

Installing and Configuring vcloud Connector

Chapter 6 Using Network Monitoring Tools

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

BroadCloud Adtran Total Access Quick Start Guide

BROADBAND INTERNET ROUTER USER S MANUAL. Version Page 1 of 13 -

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

Cisco CallManager configuration for BLU-103

Cisco Expressway Basic Configuration

CPEi 800/825 Series. User Manual. * Please see the Introduction Section

Deploying Windows Streaming Media Servers NLB Cluster and metasan

NXT Controller Manual IP Assignment in WAN Environments Application Note

CYAN SECURE WEB APPLIANCE. User interface manual

SIP Trunking using Optimum Business SIP Trunk Adaptor and the Cisco Call Manager Express Version 8.5

F-Secure Messaging Security Gateway. Deployment Guide

Cisco AnyConnect Secure Mobility Solution Guide

Network Setup Guide. 1 Glossary. 2 Operation. 1.1 Static IP. 1.2 Point-to-Point Protocol over Ethernet (PPPoE)

Chapter 9 Monitoring System Performance

How to add a SIP server How to register a handset

Quick Installation Guide Network Management Card

eprism Security Suite

While every effort was made to verify the following information, no warranty of accuracy or usability is expressed or implied.

Prestige 623R-T. Quick Start Guide. ADSL Dual-link Router. Version 3.40

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

6.40A AudioCodes Mediant 800 MSBG

Chapter 8 Advanced Configuration

AlienVault. Unified Security Management (USM) x Initial Setup Guide

HOMEROOM SERVER INSTALLATION & NETWORK CONFIGURATION GUIDE

Configuration Notes 283

Configuring a BEC 7800TN Wireless ADSL Modem

Fonality. Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V p13 Configuration Guide

Application Note Startup Tool - Getting Started Guide

Dominion KX II-101-V2

How To Check If Your Router Is Working Properly

Unified Access Point Administrator's Guide

Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing

CCT vs. CCENT Skill Set Comparison

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs

PePWave Surf Series PePWave Surf Indoor Series: Surf 200, AP 200, AP 400

Virtual Appliance Setup Guide

Release Notes. Pre-Installation Recommendations... 1 Platform Compatibility... 1 Known Issues... 2 Resolved Issues... 2 Troubleshooting...

Network Storage System with 2 Bays

Installing and Configuring vcloud Connector

Qvis Security Technical Support Field Manual LX Series

NeoGate TA Series Installation Guide

How To Industrial Networking

Internet Access to a DVR365

Mobility System Software Quick Start Guide

Transcription:

Appliance Installation Guide Naming Conventions NAMING CONVENTIONS This document applies to the products shown below. If the product you have is not listed, refer to the appropriate Appliance Installation document. A hardcopy document appropriate to the hardware is shipped with the appliance. Softcopy versions of the Appliance Installation Guides for all hardware versions are downloaded through the Configuration Wizard. Use the appliance SKU tag located on the back side metal casing to identify which product you have (see the Product Name column below). Table 1 Endpoint Compliance System Naming Conventions Product Name Appliance Label Product Descriptor Appliance SKU Number ECS E-200-C Control Server E-200-C NAC Control Server SYS-G-BFN360-ECS-E-200-CR The Configuration Wizard is used during installation to initially configure Host information on the appliance(s). The Wizard is used to enter the basic information (Host Name, IP Address, Subnet Mask, and Gateway) required to connect the appliance to the network. Configuring basic networking information requires working through to Step 5 of this document. Once the appliance is connected to the network additional configuration details such as DNS, NTP/Time Zone, and VLAN information are entered and the Configuration Wizard completed. If VLAN configuration details (Layer 2 network) or Routes and Scopes contexts (Layer 3 network) are unknown at time of initial configuration, just select the type of network (Layer 2 or Layer 3) and click Next. Click Next on the Registration, Remediation, Dead End, VPN, Authentication, Isolation, and Shared Media screens. On the Summary page you must click Apply to write the configuration details to the appropriate files on the appliance. If the Results page shows a successful configuration, the Reboot or Shutdown button must be clicked as appropriate to complete the configuration process. If there are any errors go back and make corrections as required. The VLAN or Routes and Scopes information can be configured at a later time by re-running the Configuration Wizard on the NAC Control Server appliance. The Configuration Wizard can be used at any time to reconfigure or add additional VLAN or Routes and Scopes information to the appliance(s). To re-run the Configuration Wizard see Step 5 - Connect to the Network below and re-enter the URL as shown. License Key Note: The Configuration Wizard uses a common naming scheme when referencing the different appliance types. See Naming Conventions for details on Product Names and Descriptors of the appliances. This product requires a unique License Key to boot and run the application. The License Key contains the license count, license time, and high availability options. Each individual appliance will have its own unique key. Contact customer support or your sales representative to obtain the key for the appliance. Note: If no key has been entered, contact customer support or your sales representative to obtain it. Please have the MAC Address of the appliance ready when you call for assistance with the license key. The MAC Address is located on the shipping label and on the back metal casing of the appliance. 20080418 Page 1

Hardware Setup DO NOT CONNECT THE APPLIANCE(S) TO THE NETWORK AT THIS TIME. The front bezel release mechanism is located on the right-hand side of the bezel when facing the front of the appliance. A laptop or other PC will be connected to the appliance for initial configuration through eth1. This interface is configured to provide DHCP services during the initial installation procedures. Once the Configuration Wizard has been completed and the appliance has been either rebooted or shutdown the DHCP service used for installation is disabled. Please note that the Configuration Wizard is available for further configuration if necessary through the network connection on eth0 after the appliance has been rebooted or shutdown and restarted. The locations of the eth0 and eth1 interfaces are shown below. The ports will be labeled eth0 and eth1 or have port numbers etched into the metal. Please note that the port etched with number 1 is eth0 and the port etched with number 2 is eth1. Be certain to connect the cable to the correct ethernet port. LED indicators located on the front of the appliance will light to indicate the connection established. LED 1 is lit when eth0 has established connection. LED 2 is lit when eth1 has established connection. See Ethernet Connections for more information. See Naming Conventions for information on Product Names and Descriptors. Ethernet Connections ETHERNET CONNECTIONS Each ethernet connection is used for different purposes during Initial Configuration and During Normal Operations. The following table provides details on the options for each appliance and ethernet connection. Table 2 Ethernet Connections Appliance Ethernet Port Usage Options - During Initial (Basic Network) Configuration NAC Control Server eth1 ConfigWizard DHCP Service - disabled once appliance is rebooted (or shutdown and restarted). Management - until the initial ip address, mask, default gateway, and host name are configured. Appliance Ethernet Port Usage Options - During Normal Operations (After Basic Network Configuration Complete) NAC Control Server eth0 Management NAC Control Server eth1 Either DHCP Detection or Not Used HARDWARE 1. Unpack and power up the appliance(s) as described in the Hardware Setup Guide. DO NOT connect the appliance(s) to the network at this time. Note: The power supply fan goes on when the appliance is first plugged in. However, the power button must be pushed to power on the appliance. 2. The appliances have labels that will identify the appliance type. Take note regarding which appliance is being configured. 20080418 Page 2

E-50 / E-100-C CONNECTION 1. Connect a PC to eth1 of the NAC Control Server appliance using either a straight-thru or crossover ethernet cable. Eth1 serves DHCP in the 192.168.1.x range with the appliance itself having an IP address of 192.168.1.1. 2. On the PC, bring up a web browser and navigate to http://192.168.1.1:8080/configwizard/index.jsp. Note: It may take a few minutes before this URL is accessible. Please be patient. USER VALIDATION The Configuration Wizard requires the user to enter the User Name and Password credentials to gain access. 1. User Name = config 2. Password = See the hardcopy that came with the appliance, the softcopy that was downloaded during initial configuration, or contact Customer Support. 3. Once these have been entered, click OK. 20080418 Page 3

LICENSE KEY VALIDATION 1. Select the radio button for the type of system being configured - NAC Control Server. See Naming Conventions to determine which system type to select. 2. If a key is already in the text area, click OK. 3. If no key has been entered, contact customer support or your sales representative to obtain a license key. HOST CONFIGURATION The initial Basic Network screen displays the product name and the type of system being configured. 1. When configuring the NAC Control Server enter the values for Host Name (use the short name rather than Fully Qualified Domain Name), IP Address, Subnet Mask, and Default Gateway. This network information will be applied to eth0 on the appliance. WARNING! Do not use nac, isolation, registration, remediation, remotereg, remotescan, vpn, authentication, hub, or deadend as the Host Name for the appliance. These names are reserved for system use. 2. Click the Apply button. 3. Review the information in the results page. If there are errors or omissions, click the Back button on the browser and make changes as needed. 20080418 Page 4

E-100-A / E-200-A CONFIGURATION INSTRUCTIONS For configuration instructions refer to the appliance installation document that came with the NAC Application Server hardware. Connect to the Network CONNECT TO NETWORK / COMPLETE BASIC NETWORK CONFIGURATION 1. Disconnect the PC. 2. Connect eth0 of the NAC Control Server to the network. Eth0 is the management interface for the appliance. If a management VLAN exists, please connect eth0 to a management VLAN network port. 3. Bring up a web browser and point it to the IP Address (assigned in step 3c) of the NAC Control Server using one of the following specific URLs: http://<nac Control Server IP Address>:8080/configWizard/index.html http://<host Name of the appliance>:8080/configwizard/index.html 4. Enter the User Name and Password (see step 3a), then click OK. 5. Click OK on the License Key screen. 6. Download the documentation needed to configure and administer the product. These files are in the pdf format and require a pdf viewer to read them. Click the Download button and save the files. Click OK when done. 20080418 Page 5

7. Verify the data shown on the Basic Network screen, make any changes as necessary, add any additional information. If a NAC Application Server is part of the configuration, the SSH Password should also be changed for this appliance. In the DNS section, enter the Primary and Secondary DNS, the Domain Name Suffix, and Production DNS IP Address(es). The Primary, Secondary, and Domain Name Suffix are used by the appliance. The Production DNS is used to direct clients to public update sites during registration and remediation as determined by the policy enforcement requirements. The DNS Secondary IP Address field is optional. NTP and Time Zone settings are used to keep the appliance date and time up-to-date. The NTP Server can be an IP Address or a name such as time.apple.com. The NAC Application Server section will only be available if your license key is for a NAC Application Server. All other fields should be filled in with the appropriate data. 8. Click Next. 20080418 Page 6

Select Network Type The Configuration Wizard allows you to select the type of network you are configuring. Select either a Layer 2 802.1Q trunking setup with single scope per VLAN/isolation network or a Layer 3 routed network with multiple scopes for each isolation network. 1. Click the radio button next to the type of network being configured. 2. Click Next. 20080418 Page 7

Layer 2 Network - VLAN Configuration VLANs are the basic networking construct used to limit network access. When implementing network access control there should be at least one non-production VLAN. In the Configuration Wizard this is the Isolation VLAN. If there is the need to separate clients based on state (known vs. unknown, out-of-compliance, etc.) then multiple VLANs should be configured. In the Configuration Wizard these additional VLANS are the Registration, Remediation, Dead End, VPN, Authentication, Isolation, and Shared Media VLANs. If no VLANs will be configured at this time, just click Next on the Registration, Remediation, Dead End, VPN, Authentication, Isolation, and Shared Media screens. These can be configured at a later time by re-running the Configuration Wizard. Note: The Configuration Wizard is run on the NAC Server or NAC Control Server appliances and dynamically writes all necessary files to the NAC Application Server. No direct configuration of VLANs on the NAC Application Server is required. Table 3 Layer 2 Network - Context Names Context Registration Remediation Dead End VPN Authentication Isolation Shared Media Description This context is used during initial client registration. This isolates unregistered clients from the production network This context is used for clients that have failed policy scans. This isolates at risk clients from the production network. This context is used for clients that have limited or no network connectivity. This isolates at risk clients from the production network This context is used for clients that connect to the network through VPN services. This context is used when the NAC Application Server appliance is acting as a captive portal serving DHCP. This context can be used to isolate all clients connecting to the network and redirect them to the appropriate isolation web pages. In the Isolation VLAN the state of the client (known vs. unknown, out-of-compliance, etc.) determines the access control information presented to the client via the web browser or persistent agent. When this context is used configuring of the other VLAN contexts (Registration, Remediation, Dead End, VPN, Authentication, or Shared Media) is optional. The Isolation VLAN can be used along with the Registration, Remediation, Dead End, VPN, Authentication, and/or Shared Media VLANs as yet another non-production network. This context is used for clients that will connect through devices managed by Access Point Management which provides the ability to manage clients connected to hubs or simple access points using DHCP as a means to control or restrict client access. See the Configuration Guide for additional information about the Access Point Management Plugin. 20080418 Page 8

CONFIGURING CONTEXTS (VLANS) The configuration views for the Registration, Remediation, Dead End, VPN, Authentication, and Isolation contexts are similar. The Shared Media context configuration view contains sections for both authorized and unauthorized clients. Samples of the Registration and the Shared Media views are shown below. For each context being configured: 1. If the context will NOT be used, click Next to proceed to the next configuration screen. 2. If the context will be configured, check the box next to Context Name (Registration, Remediation, etc.) and fill in the required information. See the Glossary for definitions of the fields if needed. 3. Click Next. 20080418 Page 9

SUMMARY 1. Review the data on the Summary View to confirm the settings that were configured. Important: Confirm that the check boxes are selected for the contexts you are configuring. If they have not been selected, click the Back button to back up through the configuration screens and check the box(es) as required. Then click the Next button as needed to return to the Summary view. 2. Click Apply. The Configuration Wizard will write the data to the appropriate files on the appliances. This process may take several minutes to complete. When completed, the Results page will appear. Figure 1: Summary of Layer 2 Network VLAN Configuration Continued on next page 20080418 Page 10

20080418 Page 11

Layer 3 Network - Routes and Scopes Configuration The Layer 3 Routes and Scopes selection allows the appliance to be set up in a routed environment as opposed to an 802.1Q VLAN environment. This means that instead of trunking VLANs on eth1, eth1 is instead connected to a single VLAN on an untagged port. Network traffic is then routed to the clients rather than the clients connecting on the local Isolation VLANs. Multiple scopes are allowed for each of the contexts (Registration, Remediation, Dead End, VPN, Authentication, Isolation, and Shared Media). Within these scopes multiple ranges in the lease pool are also permitted. Additionally, static routes may be added through the Configuration Wizard. If no contexts will be configured at this time, just click Next on the Registration, Remediation, Dead End, VPN, Authentication, Isolation, and Shared Media screens. These can be configured at a later time by re-running the Configuration Wizard. Note: The Configuration Wizard is run on the NAC Server or NAC Control Server appliances and dynamically writes all necessary files to the NAC Application Server. No direct configuration of VLANs on the NAC Application Server is required. Table 4 Layer 3 Network - Context Names Context Registration Remediation Dead End VPN Authentication Isolation Shared Media Description This context is used during initial client registration. This isolates unregistered clients from the production network This context is used for clients that have failed policy scans. This isolates at risk clients from the production network. This context is used for clients that have limited or no network connectivity. This isolates at risk clients from the production network This context is used for clients that connect to the network through VPN services. This context is used when the NAC Application Server appliance is acting as a captive portal serving DHCP. This context can be used to isolate all clients connecting to the network and redirect them to the appropriate isolation web pages. In the Isolation context the state of the client (known vs. unknown, out-of-compliance, etc.) determines the access control information presented to the client via the web browser or persistent agent. When this context is used configuring of the other contexts (Registration, Remediation, Dead End, VPN, Authentication, or Shared Media) is optional. The Isolation context can be used along with the Registration, Remediation, Dead End, VPN, Authentication, and/or Shared Media contexts as yet another non-production network. This context is used for clients that will connect through devices managed by Access Point Management which provides the ability to manage clients connected to hubs or simple access points using DHCP as a means to control or restrict client access. See the Configuration Guide for additional information about the Access Point Management Plugin. 20080418 Page 12

CONFIGURING CONTEXTS (SCOPES) The configuration views for the Registration, Remediation, Dead End, VPN, Authentication, and Isolation scope contexts are similar. The Shared Media context configuration view contains sections for both authorized and unauthorized clients. Sample Registration and the Shared Media context views are shown below. For each context being configured: 1. If the context will NOT be used, click Next to proceed to the next configuration screen. 2. If the context will be configured, check the box next to the Context Name (Registration, Remediation, etc.) and enter the Interface IP Address, Mask, Domain Suffix, and Lease Time. See the Glossary for definitions of the fields if needed. 3. Click Add to add Scopes or Modify to change existing scope information for this context. 4. Enter the Scope Name, Default Gateway, and Mask. 5. In the Lease Pools section, click Add to add the lease pool information for the scope. a. Enter the IP Addresses for Start and End of the lease pool range, then click Add. b. Repeat as necessary for additional lease pools for this scope. 6. Repeat step 5 as necessary to add additional scopes and lease pools. 20080418 Page 13

7. For the Shared Media context, enter the Interface IP Address and Mask. 8. Enter the Shared Media Scopes and Lease Pool information. Click Add/Modify to add or modify scopes and their associated lease pools. 9. Enter the Domain information in both the Authenticated and Unauthenticated sections. 10. Click Next when finished. 20080418 Page 14

CONFIGURING ROUTES Once the configuration views for the Registration, Remediation, Dead End, VPN, Authentication, Isolation, and Shared Media contexts have been completed, additional routes may be entered. When a client connects on eth1 from a remote network, the return packet will use the Default Gateway unless a network route is added. The route should use the same outbound interface as the inbound packet. The contexts created in Configuring Contexts (Scopes) should route back to the clients via eth1. If the default gateway is out eth0, then routes should be created for the dhcp scopes to use the eth1 gateway. IMPORTANT: When re-running the Configuration Wizard, the routes that were entered through the configuration wizard will already be in the view. If any routes that were not entered through the configuration wizard currently exist in the system routes file, these can be read into the Routes list on this view by clicking the Read File button. The number of routes in the file is listed next to the button. Clicking this button will overwrite any routes currently shown in the view. For each route being configured: 1. On the Basic Network Routes screen click Add. 2. Enter the Network IP Address, Mask, and Gateway, then click Add. See the Glossary for definitions of the fields if needed. Example: When eth1 IP is 10.1.0.2 and the eth1 gateway is 10.1.0.1 for DHCP scope 192.168.10.0/24 add the following route: Network 192.168.10.0 Mask 255.255.255.0 Gateway 10.1.0.1 3. Repeat step 2 if necessary to add additional routes. IMPORTANT: Any routes entered into the list on this view will be written to the system routes file when the Apply button is clicked on the Summary view. IF THE LIST IS BLANK - ALL routes (if any currently exist in the system routes file) with the exception of the Default Gateway will be removed from the system routes file. 4. When finished, click Next. 20080418 Page 15

SUMMARY 1. Review the data on the Summary View to confirm the settings that were configured. Important: Confirm that the check boxes are selected for the contexts you are configuring. If they have not been selected, click the Back button to back up through the configuration screens and check the box(es) as required. Then click the Next button as needed to return to the Summary view. 2. Click Apply. The Configuration Wizard will write the data to the appropriate files on the appliances. This process may take several minutes to complete. When completed, the Results page will appear. Figure 2: Summary of Layer 3 Network Scopes/Routes Configuration Continued on next page 20080418 Page 16

20080418 Page 17

Results 1. Review the Results. If any errors were encountered this will be noted at the top of the Results. 2. Scroll down through the results and note any errors or warnings. Make any changes and apply them until a successful configuration is written. 3. Click Reboot to continue with the installation and begin network modeling and policy creation. OR Click Shutdown to turn off the appliance. 4. If the appliance has been Shutdown, it may be moved at this time if necessary. Production DHCP services and all other services will be started when the appliance is turned on again. Re-run the Configuration Wizard at a later time to continue with configuration of VLANs or adjust previous settings. 5. Contact customer support for any unresolved issues. Finish 1. Once the results of the configuration are satisfactory, use one of the following URLs to access the system s graphical user interface: http://<nac Control Server IP Address>:8080/ or http://<host Name of the appliance>:8080/ or https://<nac Control Server IP Address>:8443/ or https://<host Name of the appliance>:8443/ 2. Please see the Configuration Guide that was downloaded in Step 5 - Connect to the Network for additional steps required to begin using Endpoint Compliance System. 20080418 Page 18

Glossary Configuration Parameter Authoritative DNS Default Gateway Host Name Interface IP Address IP Address Lease Pool End Lease Pool Start Definition The IP Address of the Authoritative DNS Primary and/or Secondary servers. This is entered in the Shared Media Authenticated VLAN settings. The Default Gateway IP Address for the appliance being configured. A default gateway is the device that passes traffic from the local subnet to devices on other subnets. When configuring the VLANs this is the Default Gateway IP Address for the interface for the respective context (Registration, Remediation, Dead End, Virtual Private Network, Authentication, or Shared Media). The Host Name for the appliance being configured. Note: Do not use nac, isolation, registration, remediation, remotereg, remotescan, vpn, authentication, hub, or deadend as the Host Name for the appliance. These names are reserved for system use. The IP Address for the interface for the respective context (Registration, Remediation, Dead End, Virtual Private Network, Authentication, Shared Media, or Isolation). The IP Address for the appliance being configured. The ending IP Address for the pool of addresses for the respective context (Registration, Remediation, Dead End, Virtual Private Network, Authentication, Shared Media, or Isolation). The starting IP Address for the pool of addresses for the respective context (Registration, Remediation, Dead End, Virtual Private Network, Authentication, Shared Media, or Isolation). Lease Time (sec) The time in seconds that the IP Address will be leased. Recommended lease times: Registration, Remediation, Authentication, Isolation, Dead End, and VPN = 300; Shared Media/Hub Authenticated = 3600, and Shared Media/Hub Unauthenticated = 60. Mask NAC Control Server NTP Server Primary IP Address Production DNS IP Address Secondary IP Address SSH Password Suffix Time Zone VLAN ID The Subnet Mask for the appliance being configured. A subnet is a logical grouping of connected network devices; the mask defines the boundaries of the subnet. When configuring the VLANs this is the Subnet Mask for the interface for the respective context (Registration, Remediation, Dead End, Virtual Private Network, Authentication, Shared Media, or Isolation). E-200-C The name or IP Address of the NTP Server being used to synchronize the time on the appliance. i.e. time.apple.com The IP address of the Primary DNS Server. This is used in the basic IP network configuration for the appliance. The IP Address of the Production DNS server. This DNS is used when the captive portal configuration allows for the resolution of specific hosts. The IP address of the Secondary DNS Server. This is used in the basic IP network configuration for the appliance. The SSH password is used to access the appliance via SSH. The password for the admin user is changed by clicking the checkbox and entering a new password in both the change and confirm fields. When a pair of appliances is being configured the SSH password is changed for each appliance separately. Enter the new password in both panels on the Basic Network screen. The Domain Suffix. For example, xyz.com or xyz.edu. When configuring the VLANs the suffix should help to identify the respective context (Registration, Remediation, Dead End, Virtual Private Network, Authentication, Shared Media, or Isolation). For example, YourDomain-reg.com would identify it as the Registration context. These should not be existing domain suffixes in the current network. The Time Zone in which the appliance is installed. Choose from the drop-down list. The VLAN ID for the interface for the respective context (Registration, Remediation, Dead End, Virtual Private Network, Authentication, Shared Media, or Isolation). Button Help Definition Used to access Help specific to the Configuration Wizard. << Back Return to the previous screen in the Configuration Wizard. Reset Next >> Resets the information on the page to the currently stored configuration. Moves to the next screen in the Configuration Wizard. 20080418 Page 19

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information