Section |
Page |
Contents |
3 |
Home Page |
37 |
Creating a New Connection |
43 |
Creating a New Connection |
43 |
New Connection Reference |
44 |
Create Connection |
44 |
Additional Procedures |
45 |
How Do I Configure a Static Route? |
46 |
How Do I View Activity on My LAN Interface? |
46 |
How Do I Enable or Disable an Interface? |
47 |
How Do I View the IOS Commands I Am Sending to the Router? |
47 |
How Do I Launch the Wireless Application from Cisco SDM? |
48 |
How Do I Configure an Unsupported WAN Interface? |
48 |
How Do I Enable or Disable an Interface? |
49 |
How Do I View Activity on My WAN Interface? |
49 |
How Do I Configure NAT on a WAN Interface? |
50 |
How Do I Configure NAT on an Unsupported Interface? |
51 |
How Do I Configure a Dynamic Routing Protocol? |
51 |
How Do I Configure Dial-on-Demand Routing for My ISDN or Asynchronous Interface? |
52 |
How Do I Edit a Radio Interface Configuration? |
53 |
LAN Wizard |
55 |
Ethernet Configuration |
56 |
LAN Wizard: Select an Interface |
56 |
LAN Wizard: IP Address and Subnet Mask |
57 |
LAN Wizard: Enable DHCP Server |
57 |
LAN Wizard: DHCP Address Pool |
58 |
DHCP Options |
58 |
LAN Wizard: VLAN Mode |
59 |
LAN Wizard: Switch Port |
60 |
IRB Bridge |
61 |
BVI Configuration |
62 |
DHCP Pool for BVI |
62 |
IRB for Ethernet |
63 |
Layer 3 Ethernet Configuration |
63 |
802.1Q Configuration |
64 |
Trunking or Routing Configuration |
64 |
Configure Switch Device Module |
64 |
Configure Gigabit Ethernet Interface |
65 |
Summary |
65 |
802.1x Authentication |
67 |
LAN Wizard: 802.1x Authentication (Switch Ports) |
67 |
Advanced Options |
68 |
LAN Wizard: RADIUS Servers for 802.1x Authentication |
70 |
Edit 802.1x Authentication (Switch Ports) |
72 |
LAN Wizard: 802.1x Authentication (VLAN or Ethernet) |
73 |
802.1x Exception List |
74 |
802.1x Authentication on Layer 3 Interfaces |
75 |
Edit 802.1x Authentication |
76 |
How Do I ... |
77 |
How Do I Configure 802.1x Authentication on More Than One Ethernet Port? |
77 |
Configuring WAN Connections |
79 |
Configuring an Ethernet WAN Connection |
79 |
Ethernet WAN Connection Reference |
80 |
WAN Wizard Interface Welcome Window |
80 |
Select Interface |
81 |
IP Address: Ethernet without PPPoE |
81 |
Encapsulation: PPPoE |
82 |
Summary |
83 |
Advanced Options |
83 |
Configuring a Serial Connection |
84 |
Serial Connection Reference |
85 |
IP Address: Serial with Point-to-Point Protocol |
85 |
IP Address: Serial with HDLC or Frame Relay |
86 |
Authentication |
87 |
Configure LMI and DLCI |
88 |
Configure Clock Settings |
89 |
Configuring a DSL Connection |
91 |
DSL Connection Reference |
92 |
IP Address: ATM or Ethernet with PPPoE/PPPoA |
92 |
IP Address: ATM with RFC 1483 Routing |
93 |
Encapsulation Autodetect |
94 |
PVC |
96 |
Configuring an ISDN Connection |
98 |
ISDN Connection Reference |
98 |
ISDN Wizard Welcome Window |
99 |
IP Address: ISDN BRI or Analog Modem |
99 |
Switch Type and SPIDs |
100 |
Dial String |
101 |
Configuring an Aux Backup Connection |
102 |
Aux Backup Connection Reference |
102 |
Aux Backup Welcome Window |
103 |
Backup Configuration |
103 |
Backup Configuration: Primary Interface and Next Hop IP Addresses |
104 |
Backup Configuration: Hostname or IP Address to Be Tracked |
105 |
Configuring an Analog Modem Connection |
105 |
Analog Modem Connection Reference |
106 |
Analog Modem Welcome |
106 |
Configuring a Cable Modem Connection |
107 |
Cable Modem Connection Reference |
107 |
Cable Modem Connection Wizard Welcome |
108 |
Select Interface |
108 |
Summary |
108 |
Edit Interface/Connection |
111 |
Connection: Ethernet for IRB |
115 |
Connection: Ethernet for Routing |
116 |
Existing Dynamic DNS Methods |
117 |
Add Dynamic DNS Method |
117 |
Wireless |
119 |
Association |
119 |
NAT |
121 |
Edit Switch Port |
122 |
Application Service |
123 |
General |
124 |
Select Ethernet Configuration Type |
126 |
Connection: VLAN |
127 |
Subinterfaces List |
127 |
Add or Edit BVI Interface |
128 |
Add or Edit Loopback Interface |
128 |
Connection: Virtual Template Interface |
129 |
Connection: Ethernet LAN |
129 |
Connection: Ethernet WAN |
130 |
Connection: Ethernet Properties |
132 |
Connection: Ethernet with No Encapsulation |
134 |
Connection: ADSL |
135 |
Connection: ADSL over ISDN |
138 |
Connection: G.SHDSL |
140 |
Connection: Cable Modem |
144 |
Configure DSL Controller |
145 |
Add a G.SHDSL Connection |
147 |
Connection: Serial Interface, Frame Relay Encapsulation |
150 |
Connection: Serial Interface, PPP Encapsulation |
153 |
Connection: Serial Interface, HDLC Encapsulation |
155 |
Add or Edit GRE Tunnel |
156 |
Connection: ISDN BRI |
158 |
Connection: Analog Modem |
161 |
Connection: (AUX Backup) |
163 |
Authentication |
165 |
SPID Details |
166 |
Dialer Options |
167 |
Backup Configuration |
169 |
Delete Connection |
170 |
Connectivity Testing and Troubleshooting |
172 |
Wide Area Application Services |
177 |
Configuring a WAAS Connection |
178 |
WAAS Reference |
179 |
NM WAAS |
180 |
Integrated Service Engine |
182 |
WCCP |
183 |
Central Manager Registration |
184 |
Create Firewall |
185 |
Basic Firewall Configuration Wizard |
188 |
Basic Firewall Interface Configuration |
188 |
Configuring Firewall for Remote Access |
189 |
Advanced Firewall Configuration Wizard |
189 |
Advanced Firewall Interface Configuration |
189 |
Advanced Firewall DMZ Service Configuration |
190 |
DMZ Service Configuration |
191 |
Application Security Configuration |
192 |
Domain Name Server Configuration |
193 |
URL Filter Server Configuration |
193 |
Select Interface Zone |
193 |
ZPF Inside Zones |
194 |
Voice Configuration |
194 |
Summary |
195 |
SDM Warning: SDM Access |
197 |
How Do I... |
199 |
How Do I View Activity on My Firewall? |
199 |
How Do I Configure a Firewall on an Unsupported Interface? |
201 |
How Do I Configure a Firewall After I Have Configured a VPN? |
201 |
How Do I Permit Specific Traffic Through a DMZ Interface? |
202 |
How Do I Modify an Existing Firewall to Permit Traffic from a New Network or Host? |
203 |
How Do I Configure NAT on an Unsupported Interface? |
203 |
How Do I Configure NAT Passthrough for a Firewall? |
204 |
How Do I Permit Traffic Through a Firewall to My Easy VPN Concentrator? |
204 |
How Do I Associate a Rule with an Interface? |
206 |
How Do I Disassociate an Access Rule from an Interface |
206 |
How Do I Delete a Rule That Is Associated with an Interface? |
207 |
How Do I Create an Access Rule for a Java List? |
207 |
How Do I Permit Specific Traffic onto My Network if I Don’t Have a DMZ Network? |
208 |
Firewall Policy |
211 |
Edit Firewall Policy/ACL |
211 |
Choose a Traffic Flow |
213 |
Examine the Traffic Diagram and Choose a Traffic Direction |
214 |
Make Changes to Access Rules |
216 |
Make Changes to Inspection Rules |
220 |
Add App-Name Application Entry |
222 |
Add rpc Application Entry |
222 |
Add Fragment application entry |
223 |
Add or Edit http Application Entry |
224 |
Java Applet Blocking |
225 |
Cisco SDM Warning: Inspection Rule |
226 |
Cisco SDM Warning: Firewall |
227 |
Edit Firewall Policy |
227 |
Add a New Rule |
231 |
Add Traffic |
232 |
Application Inspection |
233 |
URL Filter |
234 |
Quality of Service |
234 |
Inspect Parameter |
234 |
Select Traffic |
234 |
Delete Rule |
235 |
Application Security |
237 |
Application Security Windows |
237 |
No Application Security Policy |
239 |
E-mail |
240 |
Instant Messaging |
241 |
Peer-to-Peer Applications |
242 |
URL Filtering |
243 |
HTTP |
244 |
Header Options |
245 |
Content Options |
246 |
Applications/Protocols |
248 |
Timeouts and Thresholds for Inspect Parameter Maps and CBAC |
249 |
Associate Policy with an Interface |
252 |
Edit Inspection Rule |
252 |
Permit, Block, and Alarm Controls |
253 |
Site-to-Site VPN |
255 |
VPN Design Guide |
255 |
Create Site to Site VPN |
255 |
Site-to-Site VPN Wizard |
258 |
View Defaults |
259 |
VPN Connection Information |
260 |
IKE Proposals |
262 |
Transform Set |
265 |
Traffic to Protect |
267 |
Summary of the Configuration |
268 |
Spoke Configuration |
269 |
Secure GRE Tunnel (GRE-over-IPSec) |
270 |
GRE Tunnel Information |
270 |
VPN Authentication Information |
271 |
Backup GRE Tunnel Information |
272 |
Routing Information |
273 |
Static Routing Information |
274 |
Select Routing Protocol |
276 |
Summary of Configuration |
277 |
Edit Site-to-Site VPN |
277 |
Add new connection |
280 |
Add Additional Crypto Maps |
280 |
Crypto Map Wizard: Welcome |
281 |
Crypto Map Wizard: Summary of the configuration |
282 |
Delete Connection |
282 |
Ping |
283 |
Generate Mirror... |
283 |
Cisco SDM Warning: NAT Rules with ACL |
284 |
How Do I... |
285 |
How Do I Create a VPN to More Than One Site? |
285 |
After Configuring a VPN, How Do I Configure the VPN on the Peer Router? |
287 |
How Do I Edit an Existing VPN Tunnel? |
288 |
How Do I Confirm That My VPN Is Working? |
289 |
How Do I Configure a Backup Peer for My VPN? |
290 |
How Do I Accommodate Multiple Devices with Different Levels of VPN Support? |
290 |
How Do I Configure a VPN on an Unsupported Interface? |
291 |
How Do I Configure a VPN After I Have Configured a Firewall? |
292 |
How Do I Configure NAT Passthrough for a VPN? |
292 |
Easy VPN Remote |
295 |
Creating an Easy VPN Remote Connection |
296 |
Create Easy VPN Remote Reference |
297 |
Create Easy VPN Remote |
298 |
Configure an Easy VPN Remote Client |
299 |
Easy VPN Remote Wizard: Network Information |
299 |
Easy VPN Remote Wizard: Identical Address Configuration |
300 |
Easy VPN Remote Wizard: Interfaces and Connection Settings |
301 |
Easy VPN Remote Wizard: Server Information |
303 |
Easy VPN Remote Wizard: Authentication |
305 |
Easy VPN Remote Wizard: Summary of Configuration |
307 |
Administering Easy VPN Remote Connections |
308 |
Editing an Existing Easy VPN Remote Connection |
309 |
Creating a New Easy VPN Remote Connection |
309 |
Deleting an Easy VPN Remote Connection |
310 |
Resetting an Established Easy VPN Remote Connection |
310 |
Connecting to an Easy VPN Server |
311 |
Connecting other Subnets to the VPN Tunnel |
311 |
Administering Easy VPN Remote Reference |
312 |
Edit Easy VPN Remote |
312 |
Add or Edit Easy VPN Remote |
317 |
Add or Edit Easy VPN Remote: General Settings |
319 |
Network Extension Options |
322 |
Add or Edit Easy VPN Remote: Easy VPN Settings |
322 |
Add or Edit Easy VPN Remote: Authentication Information |
324 |
Add or Edit Easy VPN Remote: Easy VPN Client Phase III Authentication |
327 |
Add or Edit Easy VPN Remote: Interfaces and Connections |
329 |
Add or Edit Easy VPN Remote: Identical Addressing |
331 |
Easy VPN Remote: Add a Device |
333 |
Enter SSH Credentials |
333 |
XAuth Login Window |
334 |
Other Procedures |
334 |
How Do I Edit an Existing Easy VPN Connection? |
334 |
How Do I Configure a Backup for an Easy VPN Connection? |
335 |
Easy VPN Server |
337 |
Creating an Easy VPN Server Connection |
337 |
Create an Easy VPN Server Reference |
339 |
Create an Easy VPN Server |
340 |
Welcome to the Easy VPN Server Wizard |
340 |
Interface and Authentication |
340 |
Group Authorization and Group Policy Lookup |
341 |
User Authentication (XAuth) |
342 |
User Accounts for XAuth |
343 |
Add RADIUS Server |
344 |
Group Authorization: User Group Policies |
345 |
General Group Information |
346 |
DNS and WINS Configuration |
347 |
Split Tunneling |
347 |
Client Settings |
348 |
Choose Browser Proxy Settings |
351 |
Add or Edit Browser Proxy Settings |
352 |
User Authentication (XAuth) |
353 |
Client Update |
354 |
Add or Edit Client Update Entry |
355 |
Cisco Tunneling Control Protocol |
356 |
Summary |
357 |
Browser Proxy Settings |
357 |
Editing Easy VPN Server Connections |
359 |
Edit Easy VPN Server Reference |
359 |
Edit Easy VPN Server |
360 |
Add or Edit Easy VPN Server Connection |
361 |
Restrict Access |
362 |
Group Policies Configuration |
362 |
IP Pools |
365 |
Add or Edit IP Local Pool |
365 |
Add IP Address Range |
366 |
Enhanced Easy VPN |
367 |
Interface and Authentication |
367 |
RADIUS Servers |
368 |
Group Authorization and Group User Policies |
370 |
Add or Edit Easy VPN Server: General Tab |
371 |
Add or Edit Easy VPN Server: IKE Tab |
372 |
Add or Edit Easy VPN Server: IPSec Tab |
374 |
Create Virtual Tunnel Interface |
376 |
DMVPN |
377 |
Dynamic Multipoint VPN |
377 |
Dynamic Multipoint VPN (DMVPN) Hub Wizard |
378 |
Type of Hub |
379 |
Configure Pre-Shared Key |
379 |
Hub GRE Tunnel Interface Configuration |
380 |
Advanced Configuration for the Tunnel Interface |
381 |
Primary Hub |
382 |
Select Routing Protocol |
383 |
Routing Information |
383 |
Dynamic Multipoint VPN (DMVPN) Spoke Wizard |
385 |
DMVPN Network Topology |
385 |
Specify Hub Information |
386 |
Spoke GRE Tunnel Interface Configuration |
386 |
Cisco SDM Warning: DMVPN Dependency |
387 |
Edit Dynamic Multipoint VPN (DMVPN) |
388 |
General Panel |
390 |
NHRP Panel |
391 |
NHRP Map Configuration |
392 |
Routing Panel |
393 |
How Do I Configure a DMVPN Manually? |
395 |
VPN Global Settings |
397 |
VPN Global Settings |
397 |
VPN Global Settings: IKE |
399 |
VPN Global Settings: IPSec |
400 |
VPN Global Settings: Easy VPN Server |
401 |
VPN Key Encryption Settings |
402 |
IP Security |
405 |
IPSec Policies |
405 |
Add or Edit IPSec Policy |
407 |
Add or Edit Crypto Map: General |
409 |
Add or Edit Crypto Map: Peer Information |
410 |
Add or Edit Crypto Map: Transform Sets |
411 |
Add or Edit Crypto Map: Protecting Traffic |
413 |
Dynamic Crypto Map Sets |
415 |
Add or Edit Dynamic Crypto Map Set |
415 |
Associate Crypto Map with this IPSec Policy |
416 |
IPSec Profiles |
416 |
Add or Edit IPSec Profile |
417 |
Add or Edit IPSec Profile and Add Dynamic Crypto Map |
418 |
Transform Set |
419 |
Add or Edit Transform Set |
422 |
IPSec Rules |
424 |
Internet Key Exchange |
427 |
Internet Key Exchange (IKE) |
427 |
IKE Policies |
428 |
Add or Edit IKE Policy |
430 |
IKE Pre-shared Keys |
432 |
Add or Edit Pre Shared Key |
433 |
IKE Profiles |
434 |
Add or Edit an IKE Profile |
435 |
Public Key Infrastructure |
439 |
Certificate Wizards |
439 |
Welcome to the SCEP Wizard |
440 |
Certificate Authority (CA) Information |
441 |
Advanced Options |
442 |
Certificate Subject Name Attributes |
442 |
Other Subject Attributes |
444 |
RSA Keys |
445 |
Summary |
446 |
CA Server Certificate |
447 |
Enrollment Status |
447 |
Cut and Paste Wizard Welcome |
447 |
Enrollment Task |
448 |
Enrollment Request |
448 |
Continue with Unfinished Enrollment |
449 |
Import CA certificate |
450 |
Import Router Certificate(s) |
450 |
Digital Certificates |
451 |
Trustpoint Information |
453 |
Certificate Details |
453 |
Revocation Check |
453 |
Revocation Check, CRL Only |
454 |
RSA Keys Window |
454 |
Generate RSA Key Pair |
455 |
USB Token Credentials |
456 |
USB Tokens |
457 |
Add or Edit USB Token |
458 |
Open Firewall |
460 |
Open Firewall Details |
461 |
Certificate Authority Server |
463 |
Create CA Server |
463 |
Prerequisite Tasks for PKI Configurations |
464 |
CA Server Wizard: Welcome |
465 |
CA Server Wizard: Certificate Authority Information |
465 |
Advanced Options |
467 |
CA Server Wizard: RSA Keys |
469 |
Open Firewall |
470 |
CA Server Wizard: Summary |
470 |
Manage CA Server |
471 |
Backup CA Server |
473 |
Manage CA Server Restore Window |
473 |
Restore CA Server |
473 |
Edit CA Server Settings: General Tab |
474 |
Edit CA Server Settings: Advanced Tab |
475 |
Manage CA Server: CA Server Not Configured |
475 |
Manage Certificates |
475 |
Pending Requests |
475 |
Revoked Certificates |
477 |
Revoke Certificate |
478 |
CiscoIOS SSLVPN |
479 |
CiscoIOS SSLVPN links on Cisco.com |
480 |
Creating an SSL VPN Connection |
480 |
Create an SSL VPN Connection Reference |
481 |
Create SSL VPN |
482 |
Persistent Self-Signed Certificate |
484 |
Welcome |
485 |
SSL VPN Gateways |
485 |
User Authentication |
486 |
Configure Intranet Websites |
488 |
Add or Edit URL |
488 |
Customize SSL VPN Portal |
489 |
SSL VPN Passthrough Configuration |
489 |
User Policy |
490 |
Details of SSL VPN Group Policy: Policyname |
490 |
Select the SSL VPN User Group |
491 |
Select Advanced Features |
491 |
Thin Client (Port Forwarding) |
491 |
Add or Edit a Server |
492 |
Full Tunnel |
493 |
Locating the Install Bundle for Cisco SDM |
494 |
Enable Cisco Secure Desktop |
496 |
Common Internet File System |
497 |
Enable Clientless Citrix |
497 |
Summary |
498 |
Editing SSL VPN Connections |
498 |
Editing SSL VPN Connection Reference |
499 |
Edit SSL VPN |
500 |
SSL VPN Context |
501 |
Designate Inside and Outside Interfaces |
503 |
Select a Gateway |
503 |
Context: Group Policies |
504 |
Group Policy: General Tab |
504 |
Group Policy: Clientless Tab |
505 |
Group Policy: Thin Client Tab |
507 |
Group Policy: SSL VPN Client (Full Tunnel) Tab |
507 |
Advanced Tunnel Options |
509 |
DNS and WINS Servers |
511 |
Context: HTML Settings |
511 |
Select Color |
513 |
Context: NetBIOS Name Server Lists |
513 |
Add or Edit a NBNS Server List |
513 |
Add or Edit an NBNS Server |
514 |
Context: Port Forward Lists |
514 |
Add or Edit a Port Forward List |
514 |
Context: URL Lists |
514 |
Add or Edit a URL List |
515 |
Context: Cisco Secure Desktop |
515 |
SSL VPN Gateways |
515 |
Add or Edit a SSL VPN Gateway |
516 |
Packages |
517 |
Install Package |
518 |
Additional Help Topics |
518 |
CiscoIOS SSLVPN Contexts, Gateways, and Policies |
518 |
Learn More about Port Forwarding Servers |
524 |
Learn More About Group Policies |
525 |
Learn More About Split Tunneling |
526 |
How do I verify that my CiscoIOS SSLVPN is working? |
527 |
How do I configure a CiscoIOS SSLVPN after I have configured a firewall? |
528 |
How do I associate a VRF instance with a CiscoIOS SSLVPN context? |
528 |
SSL VPN Enhancements |
529 |
SSL VPN Reference |
529 |
SSL VPN Context: Access Control Lists |
529 |
Add or Edit Application ACL |
530 |
Add ACL Entry |
531 |
Action URL Time Range |
532 |
Add or Edit Action URL Time Range Dialog |
533 |
Add or Edit Absolute Time Range Entry |
534 |
Add or Edit Periodic Time Range Entry |
535 |
VPN Troubleshooting |
537 |
VPN Troubleshooting |
537 |
VPN Troubleshooting: Specify Easy VPN Client |
539 |
VPN Troubleshooting: Generate Traffic |
540 |
VPN Troubleshooting: Generate GRE Traffic |
541 |
Cisco SDM Warning: SDM will enable router debugs... |
542 |
Security Audit |
543 |
Welcome Page |
546 |
Interface Selection Page |
546 |
Report Card Page |
547 |
Fix It Page |
547 |
Disable Finger Service |
548 |
Disable PAD Service |
549 |
Disable TCP Small Servers Service |
549 |
Disable UDP Small Servers Service |
550 |
Disable IP BOOTP Server Service |
550 |
Disable IP Identification Service |
551 |
Disable CDP |
551 |
Disable IP Source Route |
552 |
Enable Password Encryption Service |
552 |
Enable TCP Keepalives for Inbound Telnet Sessions |
553 |
Enable TCP Keepalives for Outbound Telnet Sessions |
553 |
Enable Sequence Numbers and Time Stamps on Debugs |
553 |
Enable IP CEF |
554 |
Disable IP Gratuitous ARPs |
554 |
Set Minimum Password Length to Less Than 6 Characters |
554 |
Set Authentication Failure Rate to Less Than 3 Retries |
555 |
Set TCP Synwait Time |
555 |
Set Banner |
556 |
Enable Logging |
556 |
Set Enable Secret Password |
557 |
Disable SNMP |
557 |
Set Scheduler Interval |
558 |
Set Scheduler Allocate |
558 |
Set Users |
559 |
Enable Telnet Settings |
559 |
Enable NetFlow Switching |
559 |
Disable IP Redirects |
560 |
Disable IP Proxy ARP |
560 |
Disable IP Directed Broadcast |
561 |
Disable MOP Service |
562 |
Disable IP Unreachables |
562 |
Disable IP Mask Reply |
562 |
Disable IP Unreachables on NULL Interface |
563 |
Enable Unicast RPF on Outside Interfaces |
564 |
Enable Firewall on All of the Outside Interfaces |
564 |
Set Access Class on HTTP Server Service |
565 |
Set Access Class on VTY Lines |
565 |
Enable SSH for Access to the Router |
566 |
Enable AAA |
566 |
Configuration Summary Screen |
567 |
Cisco SDM and Cisco IOS AutoSecure |
567 |
Security Configurations Cisco SDM Can Undo |
569 |
Undoing Security Audit Fixes |
570 |
Add or Edit Telnet/SSH Account Screen |
570 |
Configure User Accounts for Telnet/SSH Page |
571 |
Enable Secret and Banner Page |
572 |
Logging Page |
573 |
Routing |
575 |
Add or Edit IP Static Route |
577 |
Add or Edit an RIP Route |
579 |
Add or Edit an OSPF Route |
579 |
Add or Edit EIGRP Route |
581 |
Network Address Translation |
583 |
Network Address Translation Wizards |
583 |
Basic NAT Wizard: Welcome |
584 |
Basic NAT Wizard: Connection |
584 |
Summary |
585 |
Advanced NAT Wizard: Welcome |
585 |
Advanced NAT Wizard: Connection |
586 |
Add IP Address |
586 |
Advanced NAT Wizard: Networks |
586 |
Add Network |
587 |
Advanced NAT Wizard: Server Public IP Addresses |
587 |
Add or Edit Address Translation Rule |
588 |
Advanced NAT Wizard: ACL Conflict |
589 |
Details |
590 |
Network Address Translation Rules |
590 |
Designate NAT Interfaces |
594 |
Translation Timeout Settings |
594 |
Edit Route Map |
595 |
Edit Route Map Entry |
596 |
Address Pools |
597 |
Add or Edit Address Pool |
598 |
Add or Edit Static Address Translation Rule: Inside to Outside |
599 |
Add or Edit Static Address Translation Rule: Outside to Inside |
602 |
Add or Edit Dynamic Address Translation Rule: Inside to Outside |
605 |
Add or Edit Dynamic Address Translation Rule: Outside to Inside |
608 |
How Do I . . . |
610 |
How do I Configure Address Translation for Outside to Inside |
610 |
How Do I Configure NAT With One LAN and Multiple WANs? |
611 |
Cisco IOS IPS |
613 |
Create IPS |
614 |
Create IPS: Welcome |
615 |
Create IPS: Select Interfaces |
615 |
Create IPS: SDF Location |
615 |
Create IPS: Signature File |
616 |
Create IPS: Configuration File Location and Category |
617 |
Add or Edit a Config Location |
618 |
Directory Selection |
619 |
Signature File |
619 |
Create IPS: Summary |
620 |
Create IPS: Summary |
620 |
Edit IPS |
621 |
Edit IPS: IPS Policies |
622 |
Enable or Edit IPS on an Interface |
625 |
Edit IPS: Global Settings |
626 |
Edit Global Settings |
628 |
Add or Edit a Signature Location |
629 |
Edit IPS: SDEE Messages |
630 |
SDEE Message Text |
631 |
Edit IPS: Global Settings |
634 |
Edit Global Settings |
635 |
Edit IPS Prerequisites |
636 |
Add Public Key |
637 |
Edit IPS: Auto Update |
637 |
Edit IPS: SEAP Configuration |
639 |
Edit IPS: SEAP Configuration: Target Value Rating |
640 |
Add Target Value Rating |
641 |
Edit IPS: SEAP Configuration: Event Action Overrides |
641 |
Add or Edit an Event Action Override |
643 |
Edit IPS: SEAP Configuration: Event Action Filters |
644 |
Add or Edit an Event Action Filter |
646 |
Edit IPS: Signatures |
648 |
Edit IPS: Signatures |
654 |
Edit Signature |
658 |
File Selection |
661 |
Assign Actions |
662 |
Import Signatures |
663 |
Add, Edit, or Clone Signature |
665 |
Cisco Security Center |
667 |
IPS-Supplied Signature Definition Files |
667 |
Security Dashboard |
668 |
IPS Migration |
671 |
Migration Wizard: Welcome |
671 |
Migration Wizard: Choose the IOS IPS Backup Signature File |
672 |
Signature File |
672 |
Java Heap Size |
672 |
Network Module Management |
675 |
IDS Network Module Management |
675 |
IDS Sensor Interface IP Address |
677 |
IP Address Determination |
678 |
IDS NM Configuration Checklist |
679 |
IDS NM Interface Monitoring Configuration |
681 |
Network Module Login |
681 |
Feature Unavailable |
681 |
Switch Module Interface Selection |
681 |
Quality of Service |
683 |
Creating a QoS Policy |
683 |
Create a QoS Policy Reference |
684 |
Create QoS Policy |
684 |
QoS Wizard |
685 |
Interface Selection |
685 |
Queuing for Outbound Traffic |
686 |
Add a New Traffic Class |
687 |
Policing for Outbound Traffic |
689 |
QoS Policy Generation |
689 |
QoS Configuration Summary |
690 |
Editing QoS Policies |
691 |
Edit QoS Policy Reference |
692 |
Edit QoS Policy |
692 |
Add Class for the New Policy |
695 |
Add Service Policy to Class |
696 |
Associate or Disassociate the QoS Policy |
697 |
Add or Edit a QoS Class |
697 |
Edit Match DSCP Values |
700 |
Edit Match Protocol Values |
701 |
Add Custom Protocols |
701 |
Edit Match ACL |
701 |
Configure Policing |
701 |
Configure Shaping |
702 |
Configure Queuing |
703 |
Network Admission Control |
705 |
Create NAC Tab |
705 |
Other Tasks in a NAC Implementation |
706 |
Welcome |
707 |
NAC Policy Servers |
708 |
Interface Selection |
710 |
NAC Exception List |
711 |
Add or Edit an Exception List Entry |
711 |
Choose an Exception Policy |
712 |
Add Exception Policy |
713 |
Agentless Host Policy |
714 |
Configuring NAC for Remote Access |
714 |
Modify Firewall |
715 |
Details Window |
715 |
Summary of the configuration |
716 |
Edit NAC Tab |
717 |
NAC Components |
718 |
Exception List Window |
718 |
Exception Policies Window |
719 |
NAC Timeouts |
719 |
Configure a NAC Policy |
721 |
How Do I... |
722 |
How Do I Configure a NAC Policy Server? |
722 |
How Do I Install and Configure a Posture Agent on a Host? |
722 |
Router Properties |
723 |
Device Properties |
723 |
Date and Time: Clock Properties |
724 |
Date and Time Properties |
725 |
NTP |
726 |
Add or Edit NTP Server Details |
727 |
SNTP |
728 |
Add an NTP Server |
729 |
Logging |
730 |
SNMP |
731 |
Netflow |
732 |
Netflow Talkers |
732 |
Router Access |
733 |
User Accounts: Configure User Accounts for Router Access |
733 |
Add or Edit a Username |
734 |
View Password |
736 |
vty Settings |
737 |
Edit vty Lines |
737 |
Configure Management Access Policies |
739 |
Add or Edit a Management Policy |
741 |
Management Access Error Messages |
742 |
SSH |
744 |
DHCP Configuration |
745 |
DHCP Pools |
745 |
Add or Edit DHCP Pool |
747 |
DHCP Bindings |
748 |
Add or Edit DHCP Binding |
749 |
DNS Properties |
750 |
Dynamic DNS Methods |
750 |
Add or Edit Dynamic DNS Method |
751 |
ACL Editor |
753 |
Useful Procedures for Access Rules and Firewalls |
755 |
Rules Windows |
755 |
Add or Edit a Rule |
759 |
Associate with an Interface |
762 |
Add a Standard Rule Entry |
763 |
Add an Extended Rule Entry |
765 |
Select a Rule |
768 |
Port-to-Application Mapping |
771 |
Port-to-Application Mappings |
771 |
Add or Edit Port Map Entry |
773 |
Zone-Based Policy Firewall |
775 |
Zone Window |
776 |
Add or Edit a Zone |
777 |
Zone-Based Policy General Rules |
777 |
Zone Pairs |
779 |
Add or Edit a Zone Pair |
779 |
Add a Zone |
780 |
Select a Zone |
781 |
Authentication, Authorization, and Accounting |
783 |
Configuring AAA |
784 |
AAA Screen Reference |
784 |
AAA Root Screen |
785 |
AAA Servers and Server Groups |
786 |
AAA Servers |
786 |
Add or Edit a TACACS+ Server |
787 |
Add or Edit a RADIUS Server |
788 |
Edit Global Settings |
789 |
AAA Server Groups |
790 |
Add or Edit AAA Server Group |
791 |
Authentication and Authorization Policies |
792 |
Authentication and Authorization |
792 |
Authentication NAC |
793 |
Authentication 802.1x |
794 |
Add or Edit a Method List for Authentication or Authorization |
795 |
Router Provisioning |
799 |
Secure Device Provisioning |
799 |
Router Provisioning from USB |
800 |
Router Provisioning from USB (Load File) |
800 |
SDP Troubleshooting Tips |
800 |
Cisco Common Classification Policy Language |
803 |
Policy Map |
803 |
Policy Map Windows |
803 |
Add or Edit a QoS Policy Map |
805 |
Associate a Policy Map to Interface |
805 |
Add an Inspection Policy Map |
807 |
Layer 7 Policy Map |
807 |
Application Inspection |
807 |
Configure Deep Packet Inspection |
808 |
Class Maps |
808 |
Associate Class Map |
809 |
Class Map Advanced Options |
809 |
QoS Class Map |
810 |
Add or Edit a QoS Class Map |
811 |
Add or Edit a QoS Class Map |
811 |
Select a Class Map |
811 |
Deep Inspection |
811 |
Class Map and Application Service Group Windows |
811 |
Add or Edit an Inspect Class Map |
814 |
Associate Parameter Map |
814 |
Add an HTTP Inspection Class Map |
815 |
HTTP Request Header |
815 |
HTTP Request Header Fields |
816 |
HTTP Request Body |
817 |
HTTP Request Header Arguments |
817 |
HTTP Method |
818 |
Request Port Misuse |
818 |
Request URI |
818 |
Response Header |
819 |
Response Header Fields |
820 |
HTTP Response Body |
821 |
HTTP Response Status Line |
821 |
Request/Response Header Criteria |
822 |
HTTP Request/Response Header Fields |
822 |
Request/Response Body |
823 |
Request/Response Protocol Violation |
824 |
Add or Edit an IMAP Class Map |
824 |
Add or Edit an SMTP Class Map |
824 |
Add or Edit a SUNRPC Class Map |
825 |
Add or Edit an Instant Messaging Class Map |
825 |
Add or Edit a Point-to-Point Class Map |
825 |
Add P2P Rule |
826 |
Add or Edit a POP3 Class Map |
826 |
Parameter Maps |
827 |
Parameter Map Windows |
827 |
Add or Edit a Parameter Map for Protocol Information |
827 |
Add or Edit a Server Entry |
828 |
Add or Edit Regular Expression |
828 |
Add a Pattern |
829 |
Build Regular Expression |
830 |
Regular Expression Metacharacters |
832 |
URL Filtering |
835 |
URL Filtering Window |
836 |
Edit Global Settings |
836 |
General Settings for URL Filtering |
837 |
Local URL List |
839 |
Add or Edit Local URL |
840 |
Import URL List |
841 |
URL Filter Servers |
841 |
Add or Edit a URL Filter Server |
842 |
URL Filtering Precedence |
843 |
Configuration Management |
845 |
Manually Editing the Configuration File |
845 |
Config Editor |
846 |
Reset to Factory Defaults |
847 |
This Feature Not Supported |
850 |
More About.... |
851 |
IP Addresses and Subnet Masks |
851 |
Host and Network Fields |
853 |
Available Interface Configurations |
854 |
DHCP Address Pools |
855 |
Meanings of the Permit and Deny Keywords |
856 |
Services and Ports |
856 |
More About NAT |
863 |
Static Address Translation Scenarios |
863 |
Dynamic Address Translation Scenarios |
866 |
Reasons that Cisco SDM Cannot Edit a NAT Rule |
867 |
More About VPN |
868 |
Cisco.com Resources |
868 |
More about VPN Connections and IPSec Policies |
869 |
More About IKE |
871 |
More About IKE Policies |
872 |
Allowable Transform Combinations |
873 |
Reasons Why a Serial Interface or Subinterface Configuration May Be Read-Only |
874 |
Reasons Why an ATM Interface or Subinterface Configuration May Be Read-Only |
875 |
Reasons Why an Ethernet Interface Configuration May Be Read-Only |
876 |
Reasons Why an ISDN BRI Interface Configuration May Be Read-Only |
877 |
Reasons Why an Analog Modem Interface Configuration May Be Read-Only |
878 |
Firewall Policy Use Case Scenario |
879 |
DMVPN Configuration Recommendations |
879 |
Cisco SDM White Papers |
881 |
Getting Started |
883 |
What’s New in this Release? |
884 |
Cisco IOS Versions Supported |
886 |
Viewing Router Information |
887 |
Overview |
888 |
Interface Status |
892 |
Firewall Status |
895 |
Zone-Based Policy Firewall Status |
896 |
VPN Status |
898 |
IPSec Tunnels |
898 |
DMVPN Tunnels |
900 |
Easy VPN Server |
901 |
IKE SAs |
903 |
SSL VPN Components |
904 |
SSL VPN Context |
905 |
User Sessions |
905 |
URL Mangling |
906 |
Port Forwarding |
906 |
CIFS |
906 |
Full Tunnel |
907 |
User List |
907 |
Traffic Status |
909 |
Netflow Top Talkers |
909 |
Top Protocols |
909 |
Top Talkers |
910 |
QoS |
911 |
Application/Protocol Traffic |
913 |
NAC Status |
914 |
Logging |
915 |
Syslog |
915 |
Firewall Log |
918 |
Application Security Log |
920 |
SDEE Message Log |
921 |
IPS Status |
923 |
IPS Signature Statistics |
924 |
IPS Alert Statistics |
925 |
802.1x Authentication Status |
926 |
File Menu Commands |
927 |
Save Running Config to PC |
927 |
Deliver Configuration to Router |
927 |
Write to Startup Config |
928 |
Reset to Factory Defaults |
928 |
File Management |
928 |
Rename |
931 |
New Folder |
931 |
Save SDF to PC |
932 |
Exit |
932 |
Unable to perform squeeze flash |
932 |
Edit Menu Commands |
935 |
Preferences |
935 |
View Menu Commands |
937 |
Home |
937 |
Configure |
937 |
Monitor |
937 |
Running Config |
938 |
Show Commands |
938 |
Cisco SDM Default Rules |
939 |
Refresh |
940 |
Tools Menu Commands |
941 |
Ping |
941 |
Telnet |
941 |
Security Audit |
941 |
USB Token PIN Settings |
942 |
Wireless Application |
943 |
Update Cisco SDM |
943 |
CCO Login |
944 |
Help Menu Commands |
947 |
Help Topics |
947 |
Cisco SDM on CCO |
947 |
Hardware/Software Matrix |
947 |
About this router... |
948 |