Black Box LR1102A-T1/E1 User Manual
Black box lr11xx series router configurations
Black Box LR11xx Series Router Configurations
CUSTOMER
SUPPORT
INFORMATION
Order toll-free in the U.S. 24 hours, 7 A.M. Monday to midnight Friday: 877-877-BBOX
FREE technical support, 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746
Mail order: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018
Web site: www.blackbox.com • E-mail: i[email protected]
May 2004
LR1102A-T1/E1
LR1104A-T1/E1
LR1112A-T1/E1
LR1114A-T1/E1
This manual is related to the following products:
Table of contents
Document Outline
- Contents
- DHCP Relay
- Configuring Internet Group Management Protocol
- Filtering IP Traffic
- Configuring Security
- 4.1 IPSec Configurations
- 4.2 Example 1: Managing the Black Box LR1104A Securely Over an IPSec Tunnel
- Step 10.1: Configure firewall policies to allow IKE negotiation through untrusted interface (appl...
- Step 10.2: Configure firewall policies to allow desired services through untrusted interface to m...
- Step 10.3: Display firewall policies in the internet map (applicable only if firewall license is ...
- Step 10.4: Display firewall policies in the internet map in detail (applicable only if firewall l...
- 4.3 Example 2: Single Proposal: Tunnel Mode Between Two Black Box Security Gateways
- Step 8.1: Configure firewall policies to allow IKE negotiation through untrusted interface (appli...
- Step 8.2: Display firewall policies in the internet map (applicable only if firewall license is e...
- Step 8.3: Display firewall policies in the internet map in detail (applicable only if firewall li...
- Step 8.4: Configure firewall policies to allow transit traffic from remote LAN to the local LAN (...
- Step 8.5: Display firewall policies in the corp map (applicable only if firewall license is enabled)
- Step 8.6: Display firewall policies in the corp map in detail (applicable only if firewall licens...
- 4.4 Example 3: Multiple IPSec Proposals: Tunnel Mode Between Two Black Box Security Gateways
- 4.5 Example 4: IPSec remote access to corporate LAN using user group method
- Step 1: As in Step1 of Example 1
- Step 2: As in Step2 of Example 1
- Step 3: As in Step3 of Example 1
- Step 4: Configure dynamic IKE policy for a group of mobile users
- Step 5: Display dynamic IKE policies
- Step 6: Display dynamic IKE policies in detail
- Step 7: Configure dynamic IPSec policy for a group of mobile users
- Step 8: Display dynamic IPSec policies
- Step 9: Display dynamic IPSec policies in detail
- Step 10: Configure radius server (applicable only if client authentication is configured in dynam...
- Step 11: Configure firewall policies to allow IKE negotiation through untrusted interface (applic...
- Step 12: Display firewall policies in the internet map (applicable only if firewall license is en...
- Step 13: Display firewall policies in the internet map in detail (applicable only if firewall lic...
- Step 14: Configure firewall policies for a group of mobile users to allow access to the local LAN...
- Step 15: Display firewall policies in the corp map (applicable only if firewall license is enabled)
- Step 16: Display firewall policies in the corp map in detail (applicable only if firewall license...
- 4.1 Example 5: IPSec remote access to corporate LAN using mode configuration method
- Step 1: As in Step1 of Example 1
- Step 2: As in Step2 of Example 1
- Step 3: As in Step3 of Example 1
- Step 4: Configure dynamic IKE policy for a group of mobile users
- Step 5: Display dynamic IKE policies
- Step 6: Display dynamic IKE policies in detail
- Step 7: Configure dynamic IPSec policy for a group of mobile users
- Step 8: Display dynamic IPSec policies
- Step 9: Display dynamic IPSec policies in detail
- Step 10: Configure firewall policies to allow IKE negotiation through untrusted interface (applic...
- Step 11: Display firewall policies in the internet map (applicable only if firewall license is en...
- Step 12: Display firewall policies in the internet map in detail (applicable only if firewall lic...
- Step 13: Configure firewall policies for a group of mobile users to allow access to the local LAN...
- Step 14: Display firewall policies in the corp map (applicable only if firewall license is enabled)
- Step 15: Display firewall policies in the corp map in detail (applicable only if firewall license...
- IPSec Specifications
- Forwarding IP Traffic
- 6.1 IP Multiplexing
- 6.1.1 Packet Forwarding Modes
- 6.1.2 Proxy ARP and Packet Forwarding
- 6.1.3 Addressing in IP Multiplexing Networks
- 6.1.4 Single Subnet
- 6.1.5 Split Subnet
- 6.1.6 Secondary Addressing – POP Only
- 6.1.7 Secondary Addressing – 30 Bit
- 6.1.8 Secondary Addressing – 29 Bit
- 6.1.9 Pros and Cons of Different IP Addressing Schemes
- 6.1.10 Routing Considerations for IP Multiplexing
- 6.1 IP Multiplexing
- IP Multiplexing HDLC Configurations
- IP Multiplexing PPP and MLPPP Configurations
- Configuring PPP, MLPPP, and HDLC
- Configuring Firewalls
- 10.1 Firewalls
- 10.2 Firewall Configuration Examples
- 10.2.1 Basic Firewall Configuration
- Step 1:Configure the Ethernet interfaces and the WAN interfaces with IP addresses:
- Step 2: Create the security zones CORP and DMZ and attach interfaces:
- Step 3: Verify that the interfaces are attached to the security zones:
- Step 4: Create policies for Security Zone CORP that:
- Step 5: Verify the firewall policy for Security Zone CORP:
- Step 6: Verify that the HTTP filter object in Security Zone CORP is created as configured.
- Step 7: Create policies for Security Zone DMZ that:
- Step 8:Verify the firewall policy for Security Zone DMZ
- Step 9: Verify that the FTP filter objects for Security Zone DMZ are created as configured:
- Step 10: Create a default route out of the WAN
- Step 11:Verify the system configuration by displaying the running configuration.
- 10.2.1 Stopping DoS Attacks
- 10.2.2 Packet Reassembly
- 10.2.1 Basic Firewall Configuration
- 10.3 NAT Configurations
- 10.4 NAT Configuration Examples
- Multipath Multicast Configurations
- Configuring NAT
- NAT Configuration Examples
- Remote Access VPNs
- Networking with Routing Information Protocol
- Configuring Static Routes
- Configuring Open Shortest Path First Routing
- Configuring Generic Routing Encapsulation
- Configuring OSPF and Frame Relay
- Configuring Protocol Independent Multicasting Routing
- mtrace Configuration
- Configuring Quality of Service Routing
- Virtual LAN Tagging
- Managing Redundant connections
- WAN Interface Configurations
- Virtual LAN Forwarding
- Mutlilink Frame Relay
- Configuring Frame Relay and Multilink Frame Relay