DOCSLIB.ORG

Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide, Release 5.1.X First Published: 2013-09-02 Last Modified: 2014-04-01

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide, Release 5.1.X First Published: 2013-09-02 Last Modified: 2014-04-01 Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide, Release 5.1.x First Published: 2013-09-02 Last Modified: 2014-04-01 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-30398-07 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http:// www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) © 2014 Cisco Systems, Inc. All rights reserved. CONTENTS Preface Preface xvii Changes to This Document xvii Obtaining Documentation and Submitting a Service Request xviii CHAPTER 1 New and Changed Feature Information in Cisco IOS XR Release 5.1.x 1 New and Changed IP Addresses and Services Features 1 CHAPTER 2 Implementing Access Lists and Prefix Lists 7 Prerequisites for Implementing Access Lists and Prefix Lists 8 Restrictions for Implementing Access Lists and Prefix Lists 8 Hardware Limitations 10 Information About Implementing Access Lists and Prefix Lists 10 Access Lists and Prefix Lists Feature Highlights 10 Purpose of IP Access Lists 10 How an IP Access List Works 11 IP Access List Process and Rules 11 Helpful Hints for Creating IP Access Lists 12 Source and Destination Addresses 12 Wildcard Mask and Implicit Wildcard Mask 12 Transport Layer Information 12 IP Access List Entry Sequence Numbering 12 Sequence Numbering Behavior 13 IP Access List Logging Messages 13 Extended Access Lists with Fragment Control 14 Policy Routing 16 Comments About Entries in Access Lists 16 Access Control List Counters 16 Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide, Release 5.1.x OL-30398-07 iii Contents BGP Filtering Using Prefix Lists 17 How the System Filters Traffic by Prefix List 17 Information About Implementing ACL-based Forwarding 18 ACL-based Forwarding Overview 18 ABF-OT 18 IPv6 ACL Based Forwarding Object Tracking 18 IPSLA support for Object tracking 18 ACL Counters Using SNMP 19 How to Implement Access Lists and Prefix Lists 19 Configuring Extended Access Lists 19 Applying Access Lists 22 Controlling Access to an Interface 22 Controlling Access to a Line 23 Configuring Prefix Lists 24 Configuring Standard Access Lists 26 Copying Access Lists 28 Sequencing Access-List Entries and Revising the Access List 29 Copying Prefix Lists 31 Sequencing Prefix List Entries and Revising the Prefix List 32 How to Implement ACL-based Forwarding 33 Configuring ACL-based Forwarding with Security ACL 33 Implementing IPSLA-OT 35 Enabling track mode 35 Configuring track type 36 Configuring tracking type (line protocol) 36 Configuring track type (list) 37 Configuring tracking type (route) 37 Configuring tracking type (rtr) 38 Configuring Pure ACL-Based Forwarding for IPv6 ACL 39 ACL-Chaining 40 ACL-Chaining Overview 40 Restrictions for Common ACL 41 Configuring an Interface to accept Common ACL 41 ACL Scale Enhancements 42 ACL Scale Enhancements: Backward Compatibility 42 Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide, Release 5.1.x iv OL-30398-07 Contents Configuring a Network Object-Group 43 Configuring a Port Object-Group 44 Configuring ACL with Object-Groups 45 Atomic ACL Updates By Using the Disable Option 47 Modifying ACLs when Atomic ACL Updates are Disabled 48 Configuring ACL Counters for SNMP Query 50 Configuration Examples for Implementing Access Lists and Prefix Lists 51 Resequencing Entries in an Access List: Example 51 Adding Entries with Sequence Numbers: Example 52 Adding Entries Without Sequence Numbers: Example 52 Atomic ACL Updates By Using the Disable Option 53 Modifying ACLs when Atomic ACL Updates are Disabled 53 IPv6 ACL in Class Map 55 Configuring IPv6 ACL QoS - An Example 56 IPv4/IPv6 ACL over BVI interface 58 Configuring IPv4 ACL over BVI interface - An Example 59 Configuring ABFv4/v6 over IRB/BVI interface 59 Configuring ABFv4 over IRB/BVI interface: Example 62 Configuring ABFv6 over IRB/BVI interface: Example 62 Configuring an Interface to accept Common ACL - Examples 63 Configuring ACL Counters for SNMP Query: Example 64 Additional References 65 CHAPTER 3 Configuring ARP 67 Prerequisites for Configuring ARP 67 Restrictions for Configuring ARP 68 Information About Configuring ARP 68 IP Addressing Overview 68 Address Resolution on a Single LAN 69 Address Resolution When Interconnected by a Router 69 ARP and Proxy ARP 69 ARP Cache Entries 70 Direct Attached Gateway Redundancy 70 Additional Guidelines 71 How to Configure ARP 71 Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide, Release 5.1.x OL-30398-07 v Contents Defining a Static ARP Cache Entry 71 Enabling Proxy ARP 72 Enabling Local Proxy ARP 73 Configuring DAGR 74 Configuring ARP purge-delay 76 Configuring ARP timeout 77 Configure Learning of Local ARP Entries 78 Configuration Examples for ARP Configuration on Cisco IOS XR Software 79 Creating a Static ARP Cache Entry: Example 79 Enabling Proxy ARP: Example 80 80 Enabling DAGR and Configuring a DAGR Group: Example 80 Displaying the Operational State of DAGR Groups: Example 80 Additional References 80 CHAPTER 4 Implementing Cisco Express Forwarding 83 Prerequisites for Implementing Cisco Express Forwarding 83 Information About Implementing Cisco Express Forwarding Software 84 Key Features Supported in the Cisco Express Forwarding Implementation 84 Benefits of CEF 84 CEF Components 85 Border Gateway Protocol Policy Accounting 85 Reverse Path Forwarding (Strict and Loose) 86 Per-Flow Load Balancing 87 BGP Attributes Download 88 How to Implement CEF 88 Verifying CEF 88 Configuring BGP Policy Accounting 89 Verifying BGP Policy Accounting 94 Configuring a Route Purge Delay 96 Configuring Unicast RPF Checking 96 Configuring Modular Services Card-to-Route Processor Management Ethernet Interface Switching 97 Configuring Per-Flow Load Balancing 98 Configuring 3-Tuple Hash Algorithm 98 Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide, Release 5.1.x vi OL-30398-07 Contents Configuring BGP Attributes Download 99 Configuring BGP Attributes Download 99 IPv6 Routing over IPv4 MPLS TE Tunnels 100 Restrictions for Implementing IPv6 routing over IPv4 MPLS TE tunnels 100 Configuring tunnel as IPV6 Forwarding-Adjacency 100 Configuring tunnel as IPV6 interface 101 Configuration Examples for Implementing CEF on Routers Software 101 Configuring BGP Policy Accounting: Example 102 Verifying BGP Policy Statistics: Example 105 Configuring Unicast RPF Checking: Example 116 Configuring the Switching of Modular Services Card to Management Ethernet Interfaces on the Route Processor: Example 116 Configuring Per-Flow Load Balancing: Example 116 Configuring BGP Attributes Download: Example 117 Additional References 117 CHAPTER 5 Implementing the Dynamic Host Configuration Protocol 119 Prerequisites for Configuring DHCP Relay Agent 120 Information About DHCP Relay Agent 120 Secure ARP 121 How to Configure and Enable DHCP Relay Agent 121 Configuring and Enabling the DHCP Relay Agent 121 Configuring a DHCP Relay Profile 122 Enabling DHCP Relay Agent on an Interface 123 Disabling DHCP Relay on an
Load more

Recommended publications
  • Cisco Remote Expert Mobile Release Notes 11.6(1)
    Cisco Remote Expert Mobile Release Notes, Release 11.6 (1) First Published: August 2017 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • Release Notes for Cisco Anyconnect VPN Client, Release 2.4
    Release Notes for Cisco AnyConnect VPN Client, Release 2.4 Published: October 14, 2009 OL-20842-02 This document includes the following sections: • Introduction • New Supported Platforms • New Feature Overviews • New Guidelines • System Requirements • Caveats • Notices/Licensing • Related Documentation Introduction The Cisco AnyConnect VPN Client provides remote users with secure VPN connections to the Cisco ASA 5500 Series Adaptive Security Appliance using the Secure Socket Layer (SSL) protocol and the Datagram TLS (DTLS) protocol. AnyConnect provides remote end users with the benefits of a Cisco SSL VPN client, and supports applications and functions unavailable to a clientless, browser-based SSL VPN connection. It runs on Microsoft Windows, Windows Mobile, Linux, and Mac OS X, and supports connections to IPv6 resources over an IPv4 network tunnel. You can upload the client to the security appliance to automatically download to remote users when they log in, or you can download and install it on the endpoint. You can configure the security appliance to uninstall AnyConnect from the endpoint after the connection terminates, or it can remain on the remote PC for future SSL VPN connections. In addition to the Cisco Adaptive Security Appliance 5500 Series, Cisco IOS supports AnyConnect. For more information, see the Cisco IOS SSL VPN Data Sheet. Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © 2009 Cisco Systems, Inc. All rights reserved. New Feature Overviews New Supported Platforms AnyConnect Client 2.4 runs on the following new platforms: • Microsoft Windows 7 (32-bit and 64-bit). See “System Requirements.” • Mac OS X 10.6 and 10.6.1 (both 32-bit and 64-bit).
    [Show full text]
  • Analiza in Primerjava Tehnologij Za Razvoj Spletnih Aplikacij
    Univerza v Mariboru, Fakulteta za elektrotehniko, računalništvo in informatiko Alois Paulin Analiza in primerjava tehnologij za razvoj spletnih aplikacij Diplomska naloga Maribor, september 2008 ANALIZA IN PRIMERJAVA TEHNOLOGIJ ZA RAZVOJ SPLETNIH APLIKACIJ Ključne besede: internet, spletne tehnologije, informatika, RIA, Ajax, XML UDK: 004.455:004.738.4(043.2) Povzetek: Pri snovanju spletnih aplikacij je zahtevan poseben poudarek pri izboru tehnologij, na katerih bo aplikacija zgrajena. Razpoložljiv nabor je odvisen od tehničnih pogojev izvajalnega okolja na strani strežnika in odjemalca, osnovnih vsebinskih zahtev, ter nenazadnje od znanja razpoložljivih kadrov. V našem delu smo ustvarili pregled nad tehnologijami za razvoj spletnih aplikacij, tako tistimi, ki so bile v uporabi v preteklosti, danes aktualnimi in tehnologijami, ki se razvijajo za prihodnost. Osredotočili smo se pri tem na tehnologije »odprtih standardov«, ki jih ponuja W3C. Tendence uporabe spletnih tehnologij gredo jasno v smer proizvajanja obilnih spletnih aplikacij (RIA), posledično smo izvedli primerjavo tehnoloških paketov, kot jih ponujajo različni proizvajalci za obvladovanje tega področja. Primerjali smo jih na podlagi kriterijev, ki vplivajo na odločitve za izbor tehnologij v praksi – torej tako iz vidika uporabnosti, kot tudi podprtosti tehnologije. V praktični analizi smo izdelali RIA aplikacijo za poslovanje mladinske organizacije, ki gradi na tehnologijah odprtih standardov, pri tem pa prišli do sklepa, da te tehnologije niso še dovolj široko podprte. ANALYSIS AND COMPARSION OF WEB TECHNOLOGIES Keywords: internet, web technologies, informatics, RIA, Ajax, XML Abstract: When it comes to developing web applications, the major concern regards the technologies, which are used to create a rich user experience. Our decision which one to chose str. 2/84 depends on available infrastructure, both client‐ and server‐side, as well as on basic content‐ dependent needs and the know‐how of our human resources.
    [Show full text]
  • Enterprise Chat and Email Browser Settings Guide, Release 12.0(1) for Unified Contact Center Enterprise
    Enterprise Chat and Email Browser Settings Guide, Release 12.0(1) For Unified Contact Center Enterprise First Published: January 11, 2019 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA https://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED "AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • Cascading Style Sheets
    Web Design in a Nutshell, 3rd Edition By Jennifer Niederst Robbins ............................................... Publisher: O'Reilly Pub Date: February 2006 Print ISBN-10: 0-596-00987-9 Print ISBN-13: 978-0-59-600987-8 Pages: 826 Table of Contents | Index Are you still designing web sites like it's 1999? If so, you're in for a surprise. Since the last edition of this book appeared five years ago, there has been a major climate change with regard to web standards. Designers are no longer using (X)HTML as a design tool, but as a means of defining the meaning and structure of content. Cascading Style Sheets are no longer just something interesting to tinker with, but rather a reliable method for handling all matters of presentation, from fonts and colors to the layout of the entire page. In fact, following the standards is now a mandate of professional web design. Our popular reference, Web Design in a Nutshell, is one of the first books to capture this new web landscape with an edition that's been completely rewritten and expanded to reflect the state of the art. In addition to being an authoritative reference for (X)HTML and Cascading Style Sheets, this book also provides an overview of the unique requirements of designing for the Web and gets to the nitty-gritty of JavaScript and DOM Scripting, web graphics optimization, and multimedia production. It is an indispensable tool for web designers and developers of all levels. The third edition covers these contemporary web design topics: Structural layer: HTML 4.01 and XHTML 1.0 (9 chapters), including an alphabetical reference of all elements, attributes and character entities Presentation layer: Ten all-new chapters on Cascading Style Sheets, Level 2.1, including an alphabetical reference of all properties and values.
    [Show full text]
  • Business Information Server Developing ICE Applications for Mobile Devices
    Business Information Server Developing ICE Applications for Mobile Devices Tool Suggestions White Paper 1 The Unisys Business Information Server (BIS) provides scripting capabilities that you can use in creating applications for your specific environment. This document provides BIS Internet Commerce Enabler (ICE) tool suggestions and code examples by Unisys developers for developing and updating applications for use on mobile devices. 2 Table of Contents General Overview 4 How to Use This Document 4 Tool Definitions 5 Development Tool Suggestions 6 Choosing Browser Development Tools 6 Using Full Code 6 Debugging BIS Script or BIS JavaScript 6 IdentifyingJSONErrors 6 Tracking HTTP Traffic 6 Developing Web Content for Mobile Devices 7 Coding BIS ICE Examples 7 Example 1 8 Simple List 9 Targeting a Mobile Device 10 Enhanced Content 10 Example 2 12 Using DataTables to Produce a Table in a Web Page 12 Example 3 14 Moving to JSON and Ajax for DataTables 14 Using JSON to Define a Table 15 Checking JSON Content 17 Example 4 18 Continuing with Development 20 Summary 21 Appendix 1: Example 1 ICE Script 22 Appendix 2: Example 2 ICE Script 25 Appendix 3: Example 3 ICE Script 28 Appendix 4: Example 4 ICE Script 30 Appendix 5: Configuring Fiddler2 as a Proxy for Mobile Devices 32 3 General Overview The demand for Web content on desktop and mobile devices has pushed many businesses to extend the Web-based services they provide to their customer market. Designing content for the Web is challenging because of the variety of Web browsers and devices available. Unisys provides a solution to this problem in this document.
    [Show full text]
  • Release Notes for Cisco Anyconnect VPN Client, Release 2.3.Nnn
    Release Notes for Cisco AnyConnect VPN Client, Release 2.3.nnn Revised: October 04, 2009, OL-18325-16 Introduction These release notes are for the following Cisco AnyConnect VPN Client releases: • 2.3.2016 • 2.3.254 • 2.3.185 The AnyConnect client provides remote users with secure VPN connections to the Cisco ASA 5500 Series Adaptive Security Appliance using the Secure Socket Layer (SSL) protocol and the Datagram TLS (DTLS) protocol. The AnyConnect client provides remote end users running Microsoft Windows Vista, Windows Mobile, Windows XP or Windows 2000, Linux, or Macintosh OS X, with the benefits of a Cisco SSL VPN client, and supports applications and functions unavailable to a clientless, browser-based SSL VPN connection. In addition, the AnyConnect client supports connecting to IPv6 resources over an IPv4 network tunnel. This release supports the SSL and DTLS protocol. This release does not include IPsec support. The client can be loaded on the security appliance and automatically downloaded to remote users when they log in, or it can be manually installed as an application on PCs by a network administrator. After downloading, it can automatically uninstall itself after the connection terminates, or it can remain on the remote PC for future SSL VPN connections. The client includes the ability to create user profiles that are displayed in the user interface and define the names and addresses of host computers. These release notes describe new features, limitations and restrictions, open and resolved caveats, and related documentation. They also include procedures you should follow before loading this release. The section Usage Notes on page 47 describes interoperability considerations and other issues you should be aware of when installing and using the AnyConnect client.
    [Show full text]
  • Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide, Release 5.1.X First Published: 2013-09-01 Last Modified: 2014-04-01
    Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide, Release 5.1.x First Published: 2013-09-01 Last Modified: 2014-04-01 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • Chapter 3 CASE STUDIES: the SYSTEM
    3 CASE STUDIES: THE SYSTEM INFORMATION IN THIS CHAPTER • Security and SAM Hives • System Hive • Software Hive • BCD Hive Introduction When I sat down to write this book, I was aware that for most folks, providing spreadsheets, tables, and lists of Registry keys and values would not be an entirely effective means of com- municating and sharing information about Registry analysis. In fact, after writing the first edition of Windows Forensic Analysis (Syngress Publishing, published in 2007, a.k.a., WFA), it was pretty clear to me that listing Registry keys and files wasn’t as effective as providing examples of Registry analysis, and of how all of these could be used together. When I began writing the second edition of WFA, I specifically included a chapter on just “case studies,” in hopes of demonstrating how I and others have used various data sources from a Windows system, in incident response and forensic analysis scenarios, to gather information and build an overall picture to solve the challenges we were fac- ing. Talking with others, I can see how this can be an effective approach … leaving someone with stacks of lumber and roof- ing shingles and some tools and nails does not help his or her build a house. However, showing someone how a house can be built, with some of the various places where modifications can be made, is more of a “teach a man to fish” approach, and it can lead to more involvement in Registry analysis, in particular, and Windows forensic analysis as a whole. Windows Registry Forensics.
    [Show full text]
  • Mobile and Remote Access Through Cisco Expressway Deployment Guide (X14.0.2)
    Mobile and Remote Access Through Cisco Expressway Deployment Guide (X14.0.2) First Published: 2021-07-22 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 © 2021 Cisco Systems, Inc. All rights reserved. CONTENTS CHAPTER 1 MRA Overview 1 About Mobile and Remote Access 1 Core Components 2 Protocol Summary 3 Jabber Client Connectivity Without VPN 3 Deployment Scenarios 4 MRA with Standalone Network Elements 5 MRA with Clustered Network 5 MRA with Multiple Clustered Networks 6 Unsupported Deployments 7 Unsupported Expressway Combinations 10 Capacity Information 10 CHAPTER 2 MRA Requirements and Prerequisites 11 Mobile and Remote Access Ports 11 Network Infrastructure Requirements 11 IP Addresses 11 Network Domain 11 DNS 12 SRV Records 13 Public DNS (External Domains) 13 Local DNS (Internal Domains) 13 Firewall Configuration 14 Bandwidth Restrictions 15 Unified Communications Requirements 15 Product Versions 15 Mobile and Remote Access Through Cisco Expressway Deployment Guide (X14.0.2) iii Contents Unified CM Requirements 16 IM and Presence Service Requirements 17 Certificate Requirements 17 Endpoint Requirements 20 MRA-Compatible Clients 20 MRA-Compatible Endpoints 21 EX, MX, and SX Series Endpoints (Running TC Software) 23 Considerations for Android-based DX650, DX80, and DX70 Devices and Supported IP Phone 7800 and 8800 models 23 Which MRA Features are Supported 24 Limitations and Feature Support 24 UC Feature Support and
    [Show full text]
  • Release Notes for Cisco Anyconnect VPN Client, Release 2.4
    Release Notes for Cisco AnyConnect VPN Client, Release 2.4 Updated: January 4, 2010 OL-20842-05 This document includes the following sections: • Introduction • Retain VPN on Windows Logoff Feature Introduced in AnyConnect 2.4.1012 • Supported Platforms Introduced in AnyConnect 2.4.0202 • Features Introduced in AnyConnect 2.4.0202 • Avoid Wireless-Hosted-Network Guideline Introduced in AnyConnect 2.4.1012 • Guidelines in AnyConnect 2.4.0202 and Previous Releases • System Requirements • AnyConnect Support Policy • Caveats • Notices/Licensing • Related Documentation Introduction The Cisco AnyConnect VPN Client provides remote users with secure VPN connections to the Cisco ASA 5500 Series Adaptive Security Appliance using the Secure Socket Layer (SSL) protocol and the Datagram TLS (DTLS) protocol. AnyConnect provides remote end users with the benefits of a Cisco SSL VPN client, and supports applications and functions unavailable to a clientless, browser-based SSL VPN connection. It runs on Microsoft Windows, Windows Mobile, Linux, and Mac OS X, and supports connections to IPv6 resources over an IPv4 network tunnel. You can upload the client to the security appliance to Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © 2010 Cisco Systems, Inc. All rights reserved. Retain VPN on Windows Logoff Feature Introduced in AnyConnect 2.4.1012 automatically download to remote users when they log in, or you can download and install it on the endpoint. You can configure the security appliance to uninstall AnyConnect from the endpoint after the connection terminates, or it can remain on the remote PC for future SSL VPN connections. In addition to the Cisco Adaptive Security Appliance 5500 Series, Cisco IOS supports AnyConnect.
    [Show full text]
  • Release Notes for Cisco Secure Desktop, Release 3.1
    Release Notes for Cisco Secure Desktop, Release 3.1 October 2006 Contents These release notes include the following sections: • Introduction, page 1 • Requirements, page 2 • New Features and Enhancements, page 3 • Administrator Guidelines, page 4 • Client Guidelines, page 5 • Caveats, page 7 Introduction These release notes describe the new features in Cisco® Secure Desktop 3.1, enhancements, changes to existing features, limitations and restrictions (“caveats”), and fixes. Read these release notes carefully prior to installing, upgrading, and configuring CSD. Corporate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © 2006 Cisco Systems, Inc. All rights reserved. Requirements Requirements The following sections identify the platforms, browsers, clients, and applications that the CSD requires or supports. Platforms This release of CSD requires interoperability with a platform running one of the following releases: • Cisco VPN 3000 Series Concentrator, Release 4.7.1 or later • Cisco WebVPN Services Module, Release 1.2 or later, installed in a Cisco Catalyst® 6500 Series switch. Supported Browsers CSD supports the following browsers on the client: • Internet Explorer 6.0 • Netscape 7.x • Mozilla 1.7.x • Firefox 1.0.x1 To administer CSD, you need one of the following browsers: • Internet Explorer 6.0 SP2 • Netscape 7.x • Mozilla 1.7.x • Firefox 1.0.x Mac & Linux Cache Cleaner Client Requirements The Cache Cleaner for Macintosh & Linux requires that Java be installed, enabled, and working properly under the browser in use on the client. The Mac & Linux Cache Cleaner cleans only the default location of Netscape, Mozilla, or Safari. The home directory must not contain any folder or file named .cachedlg.zip.
    [Show full text]