Using advanced features
222 Avaya VPNmanager Configuration Guide Release 3.7
To configure the security gateway to deny all non-VPN traffic through the
VPNmanager:
1. Move to the Configuration Console window. Select Devices.
2. From the Device>Contents column, select the security gateway you want to configure.
3. Click the Policies tab to bring it to the front.
4. From the drop-down list, select Packet Filtering, then click GO to open the Policy Manager
for Packet Filtering.
5. Click Advanced to display the Packet Filter Rule Advanced window.
6. Select the Deny all non VPN traffic radio button.
7. Click OK.
8. Click Save.
9. From the upper right-hand of the window, click the close button to return to the
Configuration Console window.
10. When you want to send the configuration to the security gateway, click Update Devices.
Virtual addresses
Once you enabled High Availability by selecting the check box, configure the public and private
Virtual Addresses.
The configured Virtual Addresses are shared among all members in the HA group. The public
Virtual Address is used as the tunnel end point while the private Virtual Address can be used as
the default route for the network behind the security gateway. Configuring the Virtual Addresses
in this manner ensures that any member in the HA group has the same configuration and that
this configuration does not change.
Advanced parameters
The Advanced Parameters are displayed by clicking the Advanced button.
Once configured, the Advanced Parameters are common to all members in the HA group.
Advertisement interval in seconds. - The time interval the passive member must detect
before it becomes the active member in the HA group. The passive member must detect the
elapsed time interval three times before it forces the election to become the active member. The
Advertisement Interval range is 1 to 255 seconds.
Missed Advertisements Before Becoming Active. - The missed advertisements before
becoming active value determines the number of advertisement intervals. At least one
advertisement must be received by the passive member from the active member. If the passive
member does not receive the advertisement, the passive member assumes that the active
Summary of Contents for 3.7
Page 1: ...VPNmanager Configuration Guide Release 3 7 670 100 600 Issue 4 May 2005...
Page 4: ......
Page 20: ...Preface 20 Avaya VPNmanager Configuration Guide Release 3 7...
Page 32: ...Overview of implementation 32 Avaya VPNmanager Configuration Guide Release 3 7...
Page 53: ...Preferences Issue 4 May 2005 53 Figure 16 Tunnel End Point Policy...
Page 54: ...Using VPNmanager 54 Avaya VPNmanager Configuration Guide Release 3 7...
Page 244: ...Using advanced features 244 Avaya VPNmanager Configuration Guide Release 3 7...
Page 292: ...Upgrading firmware and licenses 292 Avaya VPNmanager Configuration Guide Release 3 7...