Avaya 3.7 User Manual
Using advanced features
204 Avaya VPNmanager Configuration Guide Release 3.7
Port for dyna-policy download
If a VSU is configured to receive dyna-policies from a remote server instead of storing them
locally, it uses a specific port for listening to the remote server. The port uses the Secure
Sockets Layer (SSL) for protection, and its default number is 1443. The port number can be
changed if necessary.
locally, it uses a specific port for listening to the remote server. The port uses the Secure
Sockets Layer (SSL) for protection, and its default number is 1443. The port number can be
changed if necessary.
To change the port number:
1. From the Device>Contents column, select the VSU you want to configure.
2. Click the Advanced tab to bring it to the front.
3. From the Properties column, select Port for Dyna Policy Download to display the SSL
Port text box.
4. In the SSL Port text box, type in a port number.
5. Click Save.
6. When you want to send the configuration to the VSU, click Update Devices.
Port for Secure Authentication
Text field for the port number on which the VSU listens for a response from a VPNremote client
(over an SSL connection) after the client has been issued an authentication challenge (default
port = 2444). A response received on this port is then forwarded to the external LDAP or
RADIUS server for authentication.
(over an SSL connection) after the client has been issued an authentication challenge (default
port = 2444). A response received on this port is then forwarded to the external LDAP or
RADIUS server for authentication.
Private IP Address (VPNos 3.x)
Beginning with VPNos 4.5, private IP address is configurable as part of the interface
configuration on the Interfaces Tab.
configuration on the Interfaces Tab.
A VSU may have two IP addresses assigned to it. The private IP address is used and ARP is
set to “Bind one IP address to each port”, it is applied to the private port of the VSU, and the
public address is applied to the public port. If you specified a private IP address during the VSU
Console Quick Setup and the VPNmanager VSU Setup wizard, this address should match that
address.
set to “Bind one IP address to each port”, it is applied to the private port of the VSU, and the
public address is applied to the public port. If you specified a private IP address during the VSU
Console Quick Setup and the VPNmanager VSU Setup wizard, this address should match that
address.
A VSU does not need a private IP address to operate, but some networks may require that a
VSU use two addresses. For example, the VPNmanager Console may be running on a machine
that is on the private side of the VSU (having a single address). VPNmanager Console-to-VSU
communication then has to be routed to the public port of the VSU, which may not be a direct
path. The direct path would be to the private port.
VSU use two addresses. For example, the VPNmanager Console may be running on a machine
that is on the private side of the VSU (having a single address). VPNmanager Console-to-VSU
communication then has to be routed to the public port of the VSU, which may not be a direct
path. The direct path would be to the private port.