SEARCH
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PARTS:
Part 1
Part 2
Part 3
Part 4
Part 5
Part 6
Part 7
Prev | Current Page 62 | Next

Scott Empson and Hans Roth

"CCNP ISCW Portable Command Guide"


Step 15. Review and verify the IPsec VPN choices and click Finish when completed.
Step 16. To add user accounts, choose Configure > Additional Tasks.
Step 17. In the Additional Tasks pane, choose Router Access > User Accounts/View
and then click the Add button to display the window shown in Figure 4-7.
Figure 4-7 Adding VPN User to Router Local Database
Implementing the Cisco VPN Client 69
Step 18. Create VPN client usernames and passwords and assign a privilege level.
Click OK to add the user account to the local user database.
NOTE: Accept the default privilege level, 1, unless this user is required to
program the router at the command prompt or through the SDM GUI.
Implementing the Cisco VPN Client
Step 1. Install and start the Cisco VPN Client application.
Step 2. Click the New connection entry icon.
Step 3. Complete the fields as shown in Figure 4-8.
NOTE: The Host ?¬?eld is the IP address at the VPN terminating interface of the
router.
NOTE: The Group Authentication Name and Password must coincide with the
Group and Key entries on the router.
Figure 4-8 Cisco VPN Client Create New VPN Connection Entry Dialog Box
This page intentionally left blank
CHAPTER 5
Cisco Device
Hardening
This chapter provides information and commands concerning the following topics:
??? Disabling unneeded services and interfaces
??? Disabling commonly con?¬?gured management services
??? Disabling path integrity mechanisms
??? Disabling features related to probes and scans
??? Terminal access security
??? Gratuitous and proxy Address Resolution Protocol
??? Disabling IP directed broadcasts
??? Locking down routers with AutoSecure
??? Optional AutoSecure parameters
??? Locking down routers with Cisco SDM
??? Setting Cisco passwords and password security
??? Securing ROMMON
??? Setting a login failure rate
??? Setting timeouts
??? Setting multiple privilege levels
??? Con?¬?guring banner messages
??? Role-Based CLI
??? Secure con?¬?guration ?¬?les
??? Tips for using Cisco access control lists
??? Using ACLs to ?¬?lter network traf?¬?c to mitigate threats
??? Mitigating dedicated DoS (DDoS) attacks with ACLs
??? Con?¬?guring an SSH server for secure management and reporting
??? Con?¬?guring syslog logging
??? Con?¬?guring an SNMP managed node
??? Con?¬?guring NTP clients and servers
??? Con?¬?guration example: NTP
??? Con?¬?guring AAA on Cisco routers using CLI
??? Con?¬?guring AAA on Cisco routers using SDM
72 Disabling Unneeded Services and Interfaces
Disabling Unneeded Services and Interfaces
Router(config)#interface serial 0/0/0 Moves to interface
con?¬?guration mode
Router(config-if)#shutdown Logically disables the
interface
Router(config-if)#exit Returns to global
con?¬?guration mode
Router(config)#no ip bootp server Does not permit the router
to act as a BOOTP server
for other network devices
Router(config)#no cdp run Do not advertise CDP
information globally
between Cisco devices.


Pages:
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74
Practical Reporting with Ruby and Rails (page 291) Beginning PHP and MySQL E-Commerce: From Novice to Professional, Second Edition (page 249) Systems Engineering with SysML/UML: Modeling, Analysis, Design (page 50)