Руководство Пользователя для Nortel 251
Contivity 251 configuration tasks
9
Certificate Management
The Contivity 251 uses certificates (also called digital IDs) to authenticate
users. Certificates are based on public-private key pairs. Certificates
provide a way to exchange public keys for use in authentication.
users. Certificates are based on public-private key pairs. Certificates
provide a way to exchange public keys for use in authentication.
IPSec Tunnel Nail Up
This feature ensures that the Contivity 251 automatically renegotiates an
IPSec tunnel when the IPSec Security Association (SA) lifetime expires.
When the Contivity 251 restarts, it automatically renegotiates any nailed-up
tunnels. In effect, the IPSec tunnel becomes an always on connection after
the tunnel is initiated.
IPSec tunnel when the IPSec Security Association (SA) lifetime expires.
When the Contivity 251 restarts, it automatically renegotiates any nailed-up
tunnels. In effect, the IPSec tunnel becomes an always on connection after
the tunnel is initiated.
SSH/HTTPS for Remote Management
Secure Shell (SSH) is a secure communication protocol that combines
authentication and data encryption to provide secure encrypted
communication between two hosts over an unsecured network. Hypertext
Transfer Protocol over SSL (HTTPS) is a web protocol that encrypts and
decrypts web pages. The Contivity 251 device supports these protocols
for remote management purposes.
authentication and data encryption to provide secure encrypted
communication between two hosts over an unsecured network. Hypertext
Transfer Protocol over SSL (HTTPS) is a web protocol that encrypts and
decrypts web pages. The Contivity 251 device supports these protocols
for remote management purposes.
Contivity 251 user notes
In certain cases, an object may be colored red to indicate that it is a
duplicate even after the duplicated line is deleted. Because the line is in red,
it is not exported to the device. To correct this situation so that the line can
be exported, modify the duplicate object, select another object to remove
the red, and then change the object back to the desired value.
duplicate even after the duplicated line is deleted. Because the line is in red,
it is not exported to the device. To correct this situation so that the line can
be exported, modify the duplicate object, select another object to remove
the red, and then change the object back to the desired value.
The order of the SUA/NAT address mapping rules in the Contivity 251 device
is important because they are processed in numeric order. Both CCM and
Contivity 251 provide for gaps in the rules specifications, so that you can
insert rules between other rules in the table. CCM expands on this capability
by providing the ability to Copy a rule from one place in the table and Paste
it to overwrite another rule in the table. Note that, when using this CCM
capability, you need to write over other existing rules in the table; hence,
leaving gaps within the table makes rearranging rules easier. (Q00857737)
is important because they are processed in numeric order. Both CCM and
Contivity 251 provide for gaps in the rules specifications, so that you can
insert rules between other rules in the table. CCM expands on this capability
by providing the ability to Copy a rule from one place in the table and Paste
it to overwrite another rule in the table. Note that, when using this CCM
capability, you need to write over other existing rules in the table; hence,
leaving gaps within the table makes rearranging rules easier. (Q00857737)
Note: Do not enter special characters, such as ", into any text fields in
CCM. CCM does not accept special characters in text fields.
CCM. CCM does not accept special characters in text fields.
Contivity 251 configuration tasks
The CCM client must be connected to the CCM server to perform the
configuration tasks described in this guide. To perform configuration
operations on the Contivity devices in the network, the CCM server requires
TCP/IP connectivity to the Contivity 251 device. Any other sessions to the
Contivity 251 device should be logged out before attempting to access the
Contivity 251 device with CCM.
configuration tasks described in this guide. To perform configuration
operations on the Contivity devices in the network, the CCM server requires
TCP/IP connectivity to the Contivity 251 device. Any other sessions to the
Contivity 251 device should be logged out before attempting to access the
Contivity 251 device with CCM.
CCM
Using Contivity Configuration Manager to Configure Contivity 251
318128-B
01.01
Standard
Release 2.3
March 2006
Copyright © 2006, Nortel Networks
Nortel Networks Confidential
.