Avaya 3.7 Manuel D’Utilisation
Overview of implementation
24 Avaya VPNmanager Configuration Guide Release 3.7
An IP Group contains the IP addresses that belong to a specific LAN. Any device connected to
the LAN can use these addresses. A VPN can have many IP Groups so addresses can be
consolidated to meet the needs of an organization.
the LAN can use these addresses. A VPN can have many IP Groups so addresses can be
consolidated to meet the needs of an organization.
The security gateway is configured to provide VPN gateway functionally and firewall coverage.
VPNmanager security management includes creating domain-level firewall rules and
device-level firewall rules. VPNmanager provides multiple firewall templates that can be used
as a general rule set or as a starting point for creating a customized firewall template. You can
apply these templates at the domain level for all security gateways, for a specific security
gateway (device-level), or for a defined device group.
device-level firewall rules. VPNmanager provides multiple firewall templates that can be used
as a general rule set or as a starting point for creating a customized firewall template. You can
apply these templates at the domain level for all security gateways, for a specific security
gateway (device-level), or for a defined device group.
Preparing to configure your network
Before you use VPNmanager to build your VPN and establish your VPN security policies, you
need to know how the VPN should be implemented. This section gives a overview of what
information you should know before you begin.
need to know how the VPN should be implemented. This section gives a overview of what
information you should know before you begin.
The following are functions or tasks that need to be addressed:
●
How the security gateway will be configured for your network
●
Which remote users will be configured on a security gateway
●
What IP addresses to configure and group
●
What type of security policies you want to implement
●
What VPN services to use
●
What advanced features, such as VoIP, Failover, or SNMP will be implemented
Security gateway
The security gateway is preconfigured with default settings for the media interface zones and
Network Address Translation (NAT). You may need to change default configuration for your
specific network environment.
Network Address Translation (NAT). You may need to change default configuration for your
specific network environment.
Up to six media interfaces can be configured with different zone interfaces. The number of
zones that can be configured depends on the security gateway model (
zones that can be configured depends on the security gateway model (
). Ethernet0 and
Ethernet1 are present in all models and are assigned to the public and the private zones. The
media interfaces that remain are unused and can be configured as required.
media interfaces that remain are unused and can be configured as required.
●
Public zone. Public zone provides connection to the Internet, usually by way of a wide
area network (WAN).
area network (WAN).
●
Private zone. Private zone is used to provide connection to your private local area
network (LAN) or to your corporate LAN.
network (LAN) or to your corporate LAN.