Avaya 3.7 User Manual
Using advanced features
232 Avaya VPNmanager Configuration Guide Release 3.7
!
Important:
Important:
When the default RTP test port value is modified, you must create a new CNA
service to use the new RTP test destination port. If the security gateway is
configured to allow CNA traffic, be sure to update the firewall rule to use the new
CNA service.
service to use the new RTP test destination port. If the security gateway is
configured to allow CNA traffic, be sure to update the firewall rule to use the new
CNA service.
6. In the CNA Hive(s) area, click Add to enter the CNA hive configuration information. The
CNA hive information includes the following:
●
CNA hive name
The CNA hive name identifies the CNA hive deployment. The CNA hive can have a
maximum of 25 hives configured with each hive containing a maximum of 5 CNA units.
maximum of 25 hives configured with each hive containing a maximum of 5 CNA units.
●
CNA unit port
The CNA unit port for registration is the value of the CNA registration port. The value for
the CNA registration port ranges from 1 to 65535. The default value is 50002.
the CNA registration port ranges from 1 to 65535. The default value is 50002.
7. In the CNA Unit(s) for registration area, enter the CNA registration unit IP address of the
security gateway in the network. Use the Move To Top button to adjust the hive priority. Click
OK.
OK.
The first hive configured in the CNA Unit(s) for registration area is pushed down to devices
running VPNos 4.5. Adjust the CNA hive configuration priority to include devices running
VPNos 4.5 in the first configured hive.
running VPNos 4.5. Adjust the CNA hive configuration priority to include devices running
VPNos 4.5 in the first configured hive.
8. In the Apply above configuration to these devices in the domain area, select the device in
the list and click Add. The Select Devices window appears.
9. Confirm that the appropriate device(s) is select to receive the CNA test plug configuration.
Click OK.
10. Click Save to save this configuration.
Keep Alive
The Keep Alive feature allows the security gateway to send keep alive packets (ICMP) to the
configured host at every configured interval in the network. Keep alive hosts can be configured
anywhere in the network. This feature also allows traceroute capability when the traceroute
criteria are met allowing network administrators to trace network path failures.
configured host at every configured interval in the network. Keep alive hosts can be configured
anywhere in the network. This feature also allows traceroute capability when the traceroute
criteria are met allowing network administrators to trace network path failures.
Keep alive packets can be sent to configured hosts that are in a protected networks and
unprotected networks; therefore, these packets can be encrypted or clear traffic based on the
VPN policy on the device.
unprotected networks; therefore, these packets can be encrypted or clear traffic based on the
VPN policy on the device.