Using advanced features
234 Avaya VPNmanager Configuration Guide Release 3.7
8. In the Traceroute Criteria area, select Initiate Traceroute when criteria are met, and
complete the following:
a. In the Number of Failed Hosts field, enter the number of hosts from the configured keep
alive hosts that can fail to receive keep alive responses. If multiple hosts are configured
and all hosts are critical, enter 1. If any one of the configured hosts failed to respond,
network path failover occurs.
b. In the Consecutive “No”Responses field, enter the number of consecutive connectivity
checks without a keep alive response before traceroute is initiated. The default is 10.
c. In the Target Host area, select the host type.
l
First Failed Host. The network host IP address specified in the keep alive host list.
Traceroute will be initiated to the first failed host from the configured keep alive host
list that meets the traceroute criteria.
l
Host IP. The network host IP address to monitor connectivity.Traceroute will be
initiated on the specified host IP address.
d. Click Save.
Policy Manager - My Certificates
If you are creating VPNs that use certificates for authentication and security, use the Policy
Manager for My Certificates to install signed certificates into specific VSU.
After one or more certificates have been installed, see
IKE Certificate Usage on page 240
about
configuring a target for a signed certificate, and
Issuer certificates
on page 238 about installing
issuer certificates on a target.
About VSU certificates
VSUs use public-key certificates based on CCITT Recommendation X.509. Within the
framework of the recommendation, each certificate includes a Rivest, Shamir, and Adleman
(RSA) Public-Key Cryptography Standard (PKCS) Number 10 for authentication.
A VSU can store up to nine certificates. One is a default certificate which is only used for the
SSL connection between the VSU and the VPNmanager Console. The remaining eight
certificates are My Certificates and are statically stored in the flash memory of the VSU. The
default certificate is issued by Avaya Inc..
Note:
Note:
The default certificate has a six year period of validity, which starts at the factory
when it’s put into the VSU. Reprogramming the flash is the only way to change
the default certificate.
Summary of Contents for 3.7
Page 1: ...VPNmanager Configuration Guide Release 3 7 670 100 600 Issue 4 May 2005...
Page 4: ......
Page 20: ...Preface 20 Avaya VPNmanager Configuration Guide Release 3 7...
Page 32: ...Overview of implementation 32 Avaya VPNmanager Configuration Guide Release 3 7...
Page 53: ...Preferences Issue 4 May 2005 53 Figure 16 Tunnel End Point Policy...
Page 54: ...Using VPNmanager 54 Avaya VPNmanager Configuration Guide Release 3 7...
Page 244: ...Using advanced features 244 Avaya VPNmanager Configuration Guide Release 3 7...
Page 292: ...Upgrading firmware and licenses 292 Avaya VPNmanager Configuration Guide Release 3 7...