DOCSLIB.ORG

CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.13 Americas Headquarters Cisco Systems, Inc

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.13 Americas Headquarters Cisco Systems, Inc CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.13 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version. Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R) © 2021 Cisco Systems, Inc. All rights reserved. CONTENTS PREFACE About This Guide xix Document Objectives xix Related Documentation xix Document Conventions xix Communications, Services, and Additional Information xxi PART I Site-to-Site and Client VPN 23 CHAPTER 1 IPsec and ISAKMP 1 About Tunneling, IPsec, and ISAKMP 1 IPsec Overview 2 ISAKMP and IKE Overview 2 Licensing for IPsec VPNs 3 Guidelines for IPsec VPNs 4 Configure ISAKMP 4 Configure IKEv1 and IKEv2 Policies 4 IKE Policy Keywords and Values 6 Enable IKE on the Outside Interface 9 Disable IKEv1 Aggressive Mode 10 Configure an ID Method for IKEv1 and IKEv2 ISAKMP Peers 10 INVALID_SELECTORS Notification 11 Configure IKEv2 Pre-shared Key in Hex 11 Enable or Disable Sending of IKE Notification 11 Configure IKEv2 Fragmentation Options 12 AAA Authentication With Authorization 13 Enable IPsec over NAT-T 13 CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.13 iii Contents Enable IPsec with IKEv1 over TCP 15 Configure Certificate Group Matching for IKEv1 16 Configure IPsec 18 Define Crypto Maps 18 Example of LAN-to-LAN Crypto Maps 21 Set Public Key Infrastructure (PKI) Keys 26 Apply Crypto Maps to Interfaces 27 Use Interface ACLs 27 Change IPsec SA Lifetimes 29 Change VPN Routing 30 Create Static Crypto Maps 30 Create Dynamic Crypto Maps 35 Provide Site-to-Site Redundancy 37 Managing IPsec VPNs 38 Viewing an IPsec Configuration 38 Wait for Active Sessions to Terminate Before Rebooting 38 Alert Peers Before Disconnecting 39 Clear Security Associations 39 Clear Crypto Map Configurations 40 CHAPTER 2 L2TP over IPsec 41 About L2TP over IPsec/IKEv1 VPN 41 IPsec Transport and Tunnel Modes 42 Licensing Requirements for L2TP over IPsec 43 Prerequisites for Configuring L2TP over IPsec 43 Guidelines and Limitations 43 Configuring L2TP over Eclipse with CLI 45 Creating IKE Policies to Respond to Windows 7 Proposals 48 Configuration Example for L2TP over IPsec 49 Feature History for L2TP over IPsec 50 CHAPTER 3 High Availability Options 53 High Availability Options 53 VPN and Clustering on the FXOS Chassis 53 CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.13 iv Contents VPN Load Balancing 54 Failover 54 VPN Load Balancing 54 About VPN Load Balancing 54 VPN Load-Balancing Algorithm 55 VPN Load-Balancing Group Configurations 55 Frequently Asked Questions About VPN Load Balancing 56 Licensing for VPN Load Balancing 57 Prerequisites for VPN Load Balancing 58 Guidelines and Limitations for VPN Load Balancing 58 Configuring VPN Load Balancing 59 Configure the Public and Private Interfaces for VPN Load Balancing 60 Configure the VPN Load Balancing Group Attributes 61 Configuration Examples for VPN Load Balancing 63 Viewing VPN Load Balancing Information 64 CHAPTER 4 General VPN Parameters 65 Guidelines and Limitations 65 Configure IPsec to Bypass ACLs 66 Permitting Intra-Interface Traffic (Hairpinning) 66 NAT Considerations for Intra-Interface Traffic 67 Setting Maximum Active IPsec or SSL VPN Sessions 68 Use Client Update to Ensure Acceptable IPsec Client Revision Levels 68 Implement NAT-Assigned IP to Public IP Connection 70 Displaying VPN NAT Policies 71 Configure VPN Session Limits 72 Show License Resource Allocation 72 Show License Resource Usage 73 Limit VPN Sessions 73 Using an Identify Certificate When Negotiating 73 Configure the Pool of Cryptographic Cores 74 Configure Dynamic Split Tunneling 74 Configure the Management VPN Tunnel 75 Viewing Active VPN Sessions 76 CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.13 v Contents Viewing Active AnyConnect Sessions by IP Address Type 76 Viewing Active Clientless SSL VPN Sessions by IP Address Type 77 Viewing Active LAN to LAN VPN Sessions by IP Address Type 78 About ISE Policy Enforcement 78 Configure RADIUS Server Groups for ISE Policy Enforcement 79 Example Configurations for ISE Policy Enforcement 82 Troubleshooting Policy Enforcement 82 Configure Advanced SSL Settings 83 Persistent IPsec Tunneled Flows 87 Configure Persistent IPsec Tunneled Flows Using CLI 89 Troubleshooting Persistent IPsec Tunneled Flows 89 Is the Persistent IPsec Tunneled Flows Feature Enabled? 89 Locating Orphaned Flows 90 CHAPTER 5 Connection Profiles, Group Policies, and Users 91 Overview of Connection Profiles, Group Policies, and Users 91 Connection Profiles 92 General Connection Profile Connection Parameters 93 IPsec Tunnel-Group Connection Parameters 94 Connection Profile Connection Parameters for SSL VPN Sessions 95 Configure Connection Profiles 96 Maximum Connection Profiles 97 Default IPsec Remote Access Connection Profile Configuration 97 IPsec Tunnel-Group General Attributes 98 Configure Remote-Access Connection Profiles 98 Specify a Name and Type for the Remote Access Connection Profile 99 Configure Remote-Access Connection Profile General Attributes 99 Configure Double Authentication 103 Configure Remote-Access Connection Profile IPsec IKEv1 Attributes 105 Configure IPsec Remote-Access Connection Profile PPP Attributes 107 Configure LAN-to-LAN Connection Profiles 109 Default LAN-to-LAN Connection Profile Configuration 109 Specify a Name and Type for a LAN-to-LAN Connection Profile 109 Configure LAN-to-LAN Connection Profile General Attributes 110 CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.13 vi Contents Configure LAN-to-LAN IPsec IKEv1 Attributes 110 Configure Connection Profiles for Clientless SSL VPN Sessions 113 Configure General Tunnel-Group Attributes for Clientless SSL VPN Sessions 113 Configure Tunnel-Group Attributes for Clientless SSL VPN Sessions 116 Customize Login Windows for Users of Clientless SSL VPN Sessions 121 About Tunnel Groups for Standards-based IKEv2 Clients 122 Standards-based IKEv2 Attribute Support 123 DAP Support 123 Tunnel Group Selection for Remote Access Clients 123 Authentication Support for Standards-based IKEv2 Clients 124 Add Multiple Certificate Authentication 125 Configure the query-identity Option for Retrieval of EAP Identity 126 Configure Microsoft Active Directory Settings for Password Management 128 Use Active Directory to Force the User to Change Password at Next Logon 128 Use Active Directory to Specify Maximum Password Age 129 Use Active Directory to Enforce Minimum Password Length 129 Use Active Directory to Enforce Password Complexity 129 Configure the Connection Profile for RADIUS/SDI Message Support for the AnyConnect Client 130 Configure the Security Appliance to Support RADIUS/SDI Messages 130 Group Policies 132 Modify the Default Group Policy 133 Configure Group Policies 135 Configure an External Group Policy 135
Load more

Recommended publications
  • Microsoft DNS
    1 a. Domain Name Service (DNS) encompassing Microsoft DNS From Wikipedia, the free encyclopedia Jump to: navigation, search Microsoft DNS is the name given to the implementation of domain name system services provided in Microsoft Windows operating systems. Contents [hide] 1 Overview 2 DNS lookup client o 2.1 The effects of running the DNS Client service o 2.2 Differences from other systems 3 Dynamic DNS Update client 4 DNS server o 4.1 Common issues 5 See also 6 References 7 External links [edit] Overview The Domain Name System support in Microsoft Windows NT, and thus its derivatives Windows 2000, Windows XP, and Windows Server 2003, comprises two clients and a server. Every Microsoft Windows machine has a DNS lookup client, to perform ordinary DNS lookups. Some machines have a Dynamic DNS client, to perform Dynamic DNS Update transactions, registering the machines' names and IP addresses. Some machines run a DNS server, to publish DNS data, to service DNS lookup requests from DNS lookup clients, and to service DNS update requests from DNS update clients. The server software is only supplied with the server versions of Windows. [edit] DNS lookup client Applications perform DNS lookups with the aid of a DLL. They call library functions in the DLL, which in turn handle all communications with DNS servers (over UDP or TCP) and return the final results of the lookup back to the applications. 2 Microsoft's DNS client also has optional support for local caching, in the form of a DNS Client service (also known as DNSCACHE). Before they attempt to directly communicate with DNS servers, the library routines first attempt to make a local IPC connection to the DNS Client service on the machine.
    [Show full text]
  • AWS Site-To-Site VPN User Guide AWS Site-To-Site VPN User Guide
    AWS Site-to-Site VPN User Guide AWS Site-to-Site VPN User Guide AWS Site-to-Site VPN: User Guide Copyright © Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. AWS Site-to-Site VPN User Guide Table of Contents What is Site-to-Site VPN ..................................................................................................................... 1 Concepts ................................................................................................................................... 1 Working with Site-to-Site VPN ..................................................................................................... 1 Site-to-Site VPN limitations ......................................................................................................... 2 Pricing ...................................................................................................................................... 2 How AWS Site-to-Site VPN works ........................................................................................................ 3 Site-to-Site VPN Components .....................................................................................................
    [Show full text]
  • CLI Book 2: Cisco ASA Series Firewall CLI Configuration Guide, 9.12 Americas Headquarters Cisco Systems, Inc
    CLI Book 2: Cisco ASA Series Firewall CLI Configuration Guide, 9.12 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • In the United States Bankruptcy Court for the District of Delaware
    Case 21-10457-LSS Doc 237 Filed 05/13/21 Page 1 of 2 IN THE UNITED STATES BANKRUPTCY COURT FOR THE DISTRICT OF DELAWARE Chapter 11 In re: Case No. 21-10457 (LSS) MOBITV, INC., et al., Jointly Administered Debtors.1 Related Docket Nos. 73 and 164 NOTICE OF FILING OF SUCCESSFUL BIDDER ASSET PURCHASE AGREEMENT PLEASE TAKE NOTICE that, on April 7, 2021, the United States Bankruptcy Court for the District of Delaware (the “Bankruptcy Court”) entered the Order (A) Approving Bidding Procedures for the Sale of Substantially All Assets of the Debtors; (B) Approving Procedures for the Assumption and Assignment of Executory Contracts and Unexpired Leases; (C) Scheduling the Auction and Sale Hearing; and (D) Granting Related Relief [Docket No. 164] (the “Bidding Procedures Order”).2 PLEASE TAKE FURTHER NOTICE that, pursuant to the Bidding Procedures Order, the Debtors conducted an auction on May 11-12, 2021 for substantially all of the Debtors’ assets (the “Assets”). At the conclusion of the auction, the Debtors, in consultation with their advisors and the Consultation Parties, selected the bid submitted by TiVo Corporation (the “Successful Bidder”) as the Successful Bid. PLEASE TAKE FURTHER NOTICE that, on May 12, 2021, the Debtors filed the Notice of Auction Results [Docket No. 234] with the Bankruptcy Court. PLEASE TAKE FURTHER NOTICE that attached hereto as Exhibit A is the Asset Purchase Agreement dated May 12, 2021 (the “Successful Bidder APA”) between the Debtors and the Successful Bidder. PLEASE TAKE FURTHER NOTICE that a hearing is scheduled for May 21, 2021 at 2:00 p.m.
    [Show full text]
  • Vyatta-VPN 6.5R1 V01.Pdf
    VYATTA, INC. | Vyatta System VPN REFERENCE GUIDE Introduction to VPN IPsec Site‐to‐Site VPN Virtual Tunnel Interfaces Remote Access VPN OpenVPN Vyatta Suite 200 1301 Shoreway Road Belmont, CA 94002 vyatta.com 650 413 7200 1 888 VYATTA 1 (US and Canada) COPYRIGHT Copyright © 2005–2012 Vyatta, Inc. All rights reserved. Vyatta reserves the right to make changes to software, hardware, and documentation without notice. For the most recent version of documentation, visit the Vyatta web site at vyatta.com. PROPRIETARY NOTICES Vyatta is a registered trademark of Vyatta, Inc. Hyper‐V is a registered trademark of Microsoft Corporation. VMware, VMware ESX, and VMware server are trademarks of VMware, Inc. XenServer, and XenCenter are trademarks of Citrix Systems, Inc. All other trademarks are the property of their respective owners. RELEASE DATE: October 2012 DOCUMENT REVISION. 6.5R1 v01 RELEASED WITH: 6.5R1 PART NO. A0‐0222‐10‐0016 iii Contents Quick List of Commands . xi List of Examples . xvi Preface . xvii Intended Audience . xviii Organization of This Guide . xviii Document Conventions . xix Vyatta Publications . xx Chapter 1 Introduction to VPN . 1 Types of VPNs . 2 Supported Solutions . 3 Site‐to‐Site with IPsec . 3 Virtual Tunnel Interface. 4 Remote Access Using PPTP . 4 Remote Access Using L2TP and IPsec. 5 Site‐to‐Site and Remote Access Using OpenVPN . 5 Comparing VPN Solutions. 6 PPTP. 7 L2TP/IPsec. 7 Pre‐shared keys (L2TP/IPsec) . 8 X.509 certificates (L2TP/IPsec) . 8 VPNs and NAT . 8 Chapter 2IPsec Site‐to‐Site VPN. 9 IPsec Site‐to‐Site VPN Configuration . 10 IPsec Site‐to‐Site VPN Overview.
    [Show full text]
  • Cisco Catalyst 6500 Series/7600 Series ASA Services Module Data
    Data Sheet Cisco® Catalyst® 6500 Series/7600 Series ASA Services Module Product Overview The Cisco® Catalyst® 6500 Series/7600 Series ASA Services Module delivers superior technology that seamlessly integrates with Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers to provide unmatched security, reliability, and performance. Based on the Cisco ASA platform, the most widely deployed firewall in the industry, the ASA Services Module supports the highest throughput, five times the concurrent connections, and twice as many connections per second as competitive network security modules, to meet the growing needs of today’s most dynamic organizations - all in a single blade architecture. The ASA Services Module makes it easy to add full firewall capabilities to an existing infrastructure by sliding a blade into an empty slot in an existing Catalyst 6500 Series switch or Cisco 7600 Series router - no additional rack space, cabling, power, or physical interface is required (Figure 1). It also works in tandem with other modules in the chassis to deliver robust security throughout the entire chassis, effectively making every port a security port. By using the data center’s existing infrastructure to deliver network security services, the ASA Services Module delivers superior return on investment (ROI) and greatly simplifies maintenance and management. Figure 1. Cisco Catalyst 6500 Series/7600 Series ASA Services Module Features and Benefits The ASA Services Module helps data centers increase effectiveness and efficiency in protecting their networks and applications. The module delivers exceptional protection of a Cisco Catalyst 6500 or Cisco 7600 Series investment and helps to reduce the total cost of network ownership - all while lowering operating costs and addressing intangible opportunity costs.
    [Show full text]
  • Vyos Documentation Release Current
    VyOS Documentation Release current VyOS maintainers and contributors Jun 04, 2019 Contents: 1 Installation 3 1.1 Verify digital signatures.........................................5 2 Command-Line Interface 7 3 Quick Start Guide 9 3.1 Basic QoS................................................ 11 4 Configuration Overview 13 5 Network Interfaces 17 5.1 Interface Addresses........................................... 18 5.2 Dummy Interfaces............................................ 20 5.3 Ethernet Interfaces............................................ 20 5.4 L2TPv3 Interfaces............................................ 21 5.5 PPPoE.................................................. 23 5.6 Wireless Interfaces............................................ 25 5.7 Bridging................................................. 26 5.8 Bonding................................................. 27 5.9 Tunnel Interfaces............................................. 28 5.10 VLAN Sub-Interfaces (802.1Q)..................................... 31 5.11 QinQ................................................... 32 5.12 VXLAN................................................. 33 5.13 WireGuard VPN Interface........................................ 37 6 Routing 41 6.1 Static................................................... 41 6.2 RIP.................................................... 41 6.3 OSPF................................................... 42 6.4 BGP................................................... 43 6.5 ARP................................................... 45 7
    [Show full text]
  • Brocade Vyatta Network OS Remote Access Ipsec VPN Configuration Guide, 5.2R1
    CONFIGURATION GUIDE Brocade Vyatta Network OS Remote Access IPsec VPN Configuration Guide, 5.2R1 Supporting Brocade 5600 vRouter, VNF Platform, and Distributed Services Platform 53-1004736-01 24 October 2016 © 2016, Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, and MyBrocade are registered trademarks of Brocade Communications Systems, Inc., in the United States and in other countries. Other brands, product names, or service names mentioned of Brocade Communications Systems, Inc. are listed at www.brocade.com/en/legal/ brocade-Legal-intellectual-property/brocade-legal-trademarks.html. Other marks may belong to third parties. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government. The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or entity with respect to the accuracy of this document or any loss, cost, liability, or damages arising from the information contained herein or the computer programs that accompany it. The product described by this document may contain open source software covered by the GNU General Public License or other open source license agreements.
    [Show full text]
  • Cisco ASA Series Firewall ASDM Configuration Guide, 7.10 Americas Headquarters Cisco Systems, Inc
    ASDM Book 2: Cisco ASA Series Firewall ASDM Configuration Guide, 7.10 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • French ANSSI
    CRYPTOGRAPHIC ITEM - Updated on July 2021 EXPORT Please check on-line for latest version. DECLARATION NUMBER (SUPPLY, IMPORT FILE NUMBER AUTHORIZATION EXPIRATION DATE Latest Version: Click here & EU TRANSFER) NUMBER ANSSI AES New Instructions (AES NI) 0903111 0903111 0903111 N/A N/A BEFDSR41W (Linksys) 0302053 0302053 N/A N/A BEFW11S4 (Linksys) 0302056 0302056 N/A N/A Bridged telnet application 0104032 0104032 N/A N/A Cisco - Linksys AExxxx-EU Wireless-N USB adapter version 1.0 1202088 1202088 N/A N/A Cisco - Linksys Powerline Wireless Network Extender v1.0 1112659 1112659 N/A N/A Cisco - Linksys RE1xxx Wireless-N Range Extender v1.0 1111600 1111600 N/A N/A Cisco - Linksys Wireless-N Ethernet Bridge v1.0 1111601 1111601 N/A N/A Cisco - Linksys X Series Advanced Wireless-N ADSL2+Modem 1110507 1110507 N/A N/A Routers versions X2xxx and X3xxx 1.0 Cisco ISR Family 20060151 20060151 20060151 20060151 Cisco 200E Series Smart Switch 1209615 1209615 N/A N/A Cisco 59xx Series Embedded Services Router (ESR) 18090374 18090374 18090374 8-Dec-2023 Cisco 5xx Wireless Express Access Point. Ver. 0 and what follows 0708295 0708295 N/A N/A Cisco 5xxx series Wireless Controller 17090492 17090492 17090492 10-Dec-2022 Cisco 7920 Wifi IP Phone 0307221 0307221 N/A N/A Cisco 79xx IP Phone family 0810548 0810548 N/A N/A Cisco 86x series ISR, 88x series ISR and IOS software for Cisco 86x 0906239 0906239 N/A N/A and 88x ISR routers. Cisco Advanced Malware Protection (AMP) for FirePOWER ver.
    [Show full text]
  • Master's Thesis Template
    DEGREE PROGRAMME IN WIRELESS COMMUNICATIONS ENGINEERING MASTER’S THESIS Wireless Backhaul in Future Cellular Communication Author Munim Morshed Supervisor Mika Ylianttila Second Examiner Jari Iinatti (Technical Advisor Jaakko Leinonen) August 2018 Morshed Munim. (2018) Wireless Backhaul for Future Cellular Communication. University of Oulu, Degree Programme in Wireless Communications Engineering. Master’s Thesis, 64 p. ABSTRACT In 5G technology, huge number of connected devices are needed to be considered where the expected throughput is also very ambitious. Capacity is needed and thus used frequencies are expected to get higher (above 6 GHz even up to 80 GHz), the Cell size getting smaller and number of cells arising significantly. Therefore, it is expected that wireless backhaul will be one option for Network operators to deliver capacity and coverage for high subscriber density areas with reduced cost. Wireless backhaul optimization, performance and scalability will be on the critical path on such cellular system. This master’s thesis work includes connecting a base station by using the wireless backhaul by introducing a VPN in the proposed network. We find the bottleneck and its solution. The network is using 3.5 GHz wireless link instead of LAN wire for backhaul link between the EnodeB and the core network (OpenEPC). LTE TDD band 42 acting as a Wireless Backhaul (Link between EnodeB and Band 42 CPE Router). The status and attachment procedure are observed from different nodes of the openEPC and from the VPN machine. Step by step we have established a tunnel between the CPE device and the VPN server using PPTP and L2TP with IPSec tunneling protocol.
    [Show full text]
  • MOBITV, INC., Et Al., Debtors.1 Chapter 11 Case No. 21
    Case 21-10457-LSS Doc 292 Filed 05/21/21 Page 1 of 37 IN THE UNITED STATES BANKRUPTCY COURT FOR THE DISTRICT OF DELAWARE Chapter 11 In re: Case No. 21-10457 (LSS) MOBITV, INC., et al., Jointly Administe red 1 Debtors. Related Docket Nos. 73 and 164 ORDER (A) APPROVING THE SALE OF SUBSTANTIALLY ALL OF THE DEBTORS’ ASSETS FREE AND CLEAR OF ALL LIENS, CLAIMS, INTERESTS, AND ENCUMBRANCES AND (B) APPROVING THE ASSUMPTION AND ASSIGNMENT OF EXECUTORY CONTRACTS AND UNEXPIRED LEASES Upon the motion [Docket No. 73] (the “Sale Motion”)2 of the above-captioned debtors and debtors in possession (together, the “Debtors”) in these chapter 11 cases (the “Chapter 11 Cases”) for entry of an order (the “Sale Order”) (a) authorizing the sale of substantially all of the Debtors’ assets free and clear of all liens, claims, interests, and other encumbrances, other than assumed liabilities, to the party submitting the highest or otherwise best bid, (b) authorizing the assumption and assignment of certain executory contracts and unexpired leases, and (c) granting certain related relief, all as more fully described in the Sale Motion; and the Court having entered an order [Docket No. 164] (the “Bidding Procedures Order”) approving the Bidding Procedures; and the Debtors having conducted an Auction on May 11-12, 2021 pursuant to the Bidding Procedures and Bidding Procedures Order; and the Debtors having determined that the bid submitted by TiVo Corporation, 1 The Debtors in these chapter 11 cases and the last four digits of each Debtor’s U.S. tax identification number are as follows: MobiTV, Inc.
    [Show full text]