SSL VPN Reinstallation

Similar documents
DGS-3630-Series Switches

Using the Offline Diagnostic Monitor Menu

D-Link (Europe) Ltd. 4 th Floor Merit House Edgware Road London HA7 1DP U.K. Tel: Fax:

Aruba Quick Start Guide

S38 Basic Configuration

Configuring Host Router and Cisco Analog Video Gateway Module Interfaces

Managing Controller Software and Configurations

Product Family: Networking Hardware Number: AN-NH-012

Cisco Prime Network Analysis Module (Cisco Prime NAM) for Nexus 1110 Installation and Configuration Guide

Cisco Branch Routers Series Network Analysis Module (NME-NAM-120S) Installation and Configuration Note, 4.2

Configuring the Cisco NAM 2220 Appliance

Management Software AT-S79. User s Guide. For use with the AT-GS950/16 and AT-GS950/24 Smart Switches. Version Rev.

Initial Configuration on ML-Series Card

Getting Started. Getting Started with Your Platform Model. Factory Default Configurations CHAPTER

Bring-up the Router. Boot the Router

What this Guide Covers. Additional Info. 1. Linux based Servers. 2. Windows Servers. 3. GoldLite and Virtual Servers. 4. Other servers. 5.

User and System Administration

Create a pfsense router for your private lab network template

Configuring the SMA 500v Virtual Appliance

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Installing the Operating System or Hypervisor

Using the Web-Browser and CLI Interfaces

Initial Configuration

GSS Administration and Troubleshooting

How to open ports in the DSL router firmware version 2.xx and above

Reinstalling the Operating System on the Dell PowerVault 745N

IPMI Configuration Guide

Release Notes. Network Resource Manager 1.0 NRM 1.0

Bring-up the Router. Boot the Router

Reimage Procedures. Firepower 2100 Series Software Reimage and Disaster Recovery

Installing or Upgrading ANM Virtual Appliance

Maintaining the System Software

Working with Configuration Files

Deploying Cisco UCS Central

Installing the Server Operating System or Hypervisor

Ethernet Switch Setup for Q-SYS HP 1910 and 1920 Series (Gigabit only)

Platform Compatibility... 1 Known Issues... 1 Resolved Issues... 2 Deploying the SRA Virtual Appliance... 3 Related Technical Documentation...

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

Brother HL-5370DW Configuration

XenMobile 10 Cluster installation. Here is the task that would be completed in order to implement a XenMobile 10 Cluster.

Configuration Guide. Upgrading AOS Firmware L1-29.1D July 2011

NetVanta Series (with 56K/64K Network Interface Module)

DES-3528/52 Series Firmware Release Notes

Start Up and Shutdown Procedures (Unix)

AOS-W 6.4. Quick Start Guide. Install the Switch. Initial Setup Using the WebUI Setup Wizard

Managing Services Modules

Using the SSM Administration Console

TFC-1600MM Media Conversion System. Management Configuring Guide

No Service Password-Recovery

VERTICAL HORIZON VH-2402S FAST ETHERNET SWITCH MANAGEMENT GUIDE

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Assigning the Switch IP Address and Default Gateway

Sidewinder. Hardware Guide Models S1104, S2008, S3008. Revision E

NetVanta Series (with E1/FE1 or E1/FE1 with G.703 Drop Network Interface Module)

Firmware Management. Overview of Firmware. This chapter includes the following sections:

Troubleshooting Cisco APIC-EM Single and Multi-Host

Lenovo RackSwitch G8272. Release Notes. For Networking OS 8.2

SonicOS Release Notes

Managing Virtual Machines

Configure the Cisco DNA Center Appliance

Configuring the Fabric Interconnects

Reset the Admin Password with the ExtraHop Rescue CD

Nortel Secure Router 2330/4134 Commissioning. Release: 10.2 Document Revision: NN

Configuring the Cisco TelePresence System

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS Quick Installation Guide

ZyWALL 10W. Internet Security Gateway. Quick Start Guide Version 3.62 December 2003

Upgrading from TrafficShield 3.2.X to Application Security Module 9.2.3

Configuring Virtual Service Blades

RELEASE NOTES: Web OS Great America Parkway Santa Clara, CA Phone Nortel

Switch Configuration Example for Q-SYS Platform HP 1910 and HP 1920

Chassis Display Tasks

Lab 6.2.7a Managing Switch Operating System Files

DATALIGHT Switch 12+4-Port 1000

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

Lenovo Flex System SI Gb System Interconnect Module. Release Notes. for Networking OS 8.2

Configure the Cisco DNA Center Appliance

**Note that this must be run from a PC on the same network segment as the NetBotz device, and the NetBotz device MUST be connected to the network.

28-Port 10/100/1000Mbps with. 4 Shared SFP Managed Gigabit Switch WGSW / WGSW-28040P. Quick Installation Guide

Peplink SD Switch User Manual. Published on October 25th, 2018

ACE Live on RSP: Installation Instructions

SuperLumin Nemesis. Getting Started Guide. February 2011

Getting Started. Access the Console for the Command-Line Interface. Access the Appliance Console

Configuring the WT-4 for ftp (Infrastructure Mode)

Using the Cisco NCS Command-Line Interface

Using the Web Graphical User Interface

Chapter 1 Getting Started with Switch Management

Dominion SX Release Notes

Initial Configuration for the Switch

Deployment of a new M-Lab site

Installing the Cisco Unified Videoconferencing 3545 MCU

Table of Contents 1 Commands for Access Controller Switch Interface Board 1-1

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Upgrading the Software

Lenovo RackSwitch G8272. Release Notes. For Cloud Network Operating System 10.3

How to upgrade the firmware

48-Port 10/100/1000Base-T with 4 Shared SFP. Managed Gigabit Switch WGSW Quick Installation Guide

Lab Configuring an ISR with SDM Express

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS / XGS Quick Installation Guide

48-Port 10/100Mbps + 4 Gigabit TP / 2 SFP. Managed Switch WGSW Quick Installation Guide

CCNA 1 Chapter 2 v5.0 Exam Answers %

Transcription:

SSL VPN Reinstallation This software reinstallation procedure describes how to reinstall the software onto a previously formatted and programmed hard disk drive (HDD) on the Contivity SSL VPN 1000 card. You can also use this procedure when the CLI cannot be started during an admin login session. You must already have a software image on the HDD that it is capable of booting successfully. You will know it has booted successfully if you can login as root. Note: You cannot use this procedure to load a software image onto a blank HDD. Equipment requirements You need the following to reinstall an SSL software image onto the Contivity SSL VPN 1000 card: Contivity 1740, 2700 or 5000 system with Contivity Secure IP Services Gateway Version 5.00 or later Contivity gateway console cable Nortel P/N 301507-A or equivalent Terminal or PC with a serial port and terminal emulation software FTP server with an SSL boot image on it Network cables and equipment to connect the 10/100M Private LAN interface of the Contivity gateway to the FTP server Configuration procedure 1 If not already installed, install the SSL VPN card in Slot 1 of the Contivity gateway. 2 Connect the Contivity console cable to the console port and to the terminal or serial port of the PC. 3 Configure the terminal for 9600 Baud, 8-N-1, VT100 mode. 4 Connect the 10/100M private LAN interface of the Contivity gateway to the same network as the FTP server. 5 Power on the Contivity gateway and configure the Private LAN interface, if necessary. 6 Use the SSL VPN software CD to load the SSL boot image onto the FTP server. The boot image will have a.img filename extension.

Reinstallation process Allow the Contivity switch and SSL VPN card to complete their boot processes. (The boot process for the switch is typically longer.) 1 From the switch console, login as username=admin, default password=setup. 2 Then type the following: L - Enter Command Line Interface display mode. You see the CES> prompt. Enable - Enable privileged command mode Setup - Default password for privileged command mode. The prompt changes to CES#. Show ssl-vpn - Display status of SSL-VPN card. Verify that the card is in the uninitialized state. Ssl-vpn-cli reinstall <Management_IP_addr> - Begin reinstallation process, where <Management_IP_addr> is the IP address of the management interface of the SSL VPN card. 3 Login as username=boot, password=forgetme (case-sensitive). You are prompted for the same IP address that you used in Step 2, a subnet mask, a gateway IP address (Management IP address of the Contivity gateway), FTP server IP address, service type (FTP or TFTP) and filename of the software image on the server. The SSL VPN card will download the image and install it. Then it will reboot. After it has finished rebooting, you can login to verify that the new image is active.

Sample procedure SSL VPN Reinstallation Here is a sample screen capture from a card that was unable to start the CLI from the admin logon. The reinstallation was needed to restore normal operation to the card. In this example, an anonymous FTP server hosted the new software image. All typed commands are shown in bold. After the reinstallation and verification, the entire system was properly shutdown. Welcome to the Contivity Secure IP Services Gateway Copyright (c) 1999-2004 Nortel Networks, Inc. Version: V05_00.045 Creation date: Mar 24 2004, 21:06:20 Date: 05/13/2004 Unit Serial Number: 15786 Please enter the administrator's user name: admin Please enter the administrator's password: setup Main Menu: System is currently in NORMAL mode. 1) Interfaces 2) Administrator 3) Default Private Route Menu 4) Default Public Route Menu 5) Create A User Control Tunnel(IPsec) Profile 6) Restricted Management Mode FALSE 7) Allow HTTP Management TRUE 8) Firewall Options 9) Shutdown B) System Boot Options P) Configure Serial Port C) Controlled Crash L) Command Line Interface R) Reset System to Factory Defaults E) Exit, Save and Invoke Changes Please select a menu choice (1-9,B,P,C,L,R,E): L CES>enable Password: setup CES#show ssl-vpn Nortel Networks SSL-VPN Accelerator in slot 1 Administrative State: Enabled Status : Uninitialized : SSL-VPN requires initialization. Note: Card is Uninitialized. CSFW Implied Rules : Enabled One Time Password : Enabled Management Address : 0.0.0.0 Interface Address : 0.0.0.0 SSL-VPN VIP Ports : Attempt to login to the SSL VPN card: CES#ssl-vpn-cli login Exit character is '^]'. login: admin Password: admin

Unable to start CLI - reinstall required. Note: Card requires software reinstallation. Closed connection. Begin software reinstallation procedure: CES#ssl-vpn-cli reinstall 47.17.153.55 <-- SSL VPN Management Address Exit character is '^]'. login: boot Password: ForgetMe *** Reinstall Upgrade Procedure *** If you proceed beyond this point, all traffic processing will be shut down, and the active network configuration will be reset, requiring a reboot to restore any current setup. However, no permanent changes will be made until the boot image has been downloaded. Continue (y/n)? [y]: <Enter> Enter VLAN tag id (or zero for no VLAN tag) [0]: <Enter> Enter IP address for this isd: 47.17.153.55 <-- SSL VPN Management Address Enter network mask [255.255.255.0]: 255.255.255.0 <-- Contivity Private LAN Subnet Mask Enter gateway IP address [none]: 47.17.153.53 <-- Contivity Management Address Select TFTP (t) or FTP (f) [t]: f Enter FTP server address: 47.17.152.204 Enter file name of boot image: SSL-4.2.1.7-boot.img Enter FTP Username [anonymous]: <Enter> Password [boot@localhost.isd]: <Enter> Checking for connectivity... Downloading boot image... Installing new boot image... Done Restarting... Closed connection. You will need to wait approximately one minute for the SSL VPN card to reboot. During this time, the status of the card will be shown as "Unreachable" from the Contivity console. Eventually, the status will change to "Unitialized": CES#show ssl-vpn Nortel Networks SSL-VPN Accelerator in slot 1 Administrative State: Enabled Status : Uninitialized : SSL-VPN requires initialization. Note: Card has rebooted. CSFW Implied Rules : Enabled One Time Password : Enabled Management Address : 0.0.0.0 Interface Address : 0.0.0.0 SSL-VPN VIP Ports : Verify that you can login to the SSL VPN card: CES#ssl-vpn-cli login Exit character is '^]'. login: admin Password: admin Alteon isd SSL Hardware platform: Contivity Software version: 4.2.1.7 ------------------------------------------------------------ [Setup Menu] join - Join an existing isd cluster new - Initialize isd as a new installation

SSL VPN Reinstallation boot info exit - Boot menu - Information menu - Exit [global command, always available] SSL >> Setup# exit Session terminated. Note: Exit the SSL VPN session to return to the Contivity console. Closed connection. Properly shutdown the Contivity switch: CES#exit CES>exit Main Menu: System is currently in NORMAL mode. 1) Interfaces 2) Administrator 3) Default Private Route Menu 4) Default Public Route Menu 5) Create A User Control Tunnel(IPsec) Profile 6) Restricted Management Mode FALSE 7) Allow HTTP Management TRUE 8) Firewall Options 9) Shutdown B) System Boot Options P) Configure Serial Port C) Controlled Crash L) Command Line Interface R) Reset System to Factory Defaults E) Exit, Save and Invoke Changes Please select a menu choice (1-9,B,P,C,L,R,E): 9 - Shutdown Menu 1) Shutdown 2) Shutdown and Restart R) Return to the Main Menu Please select a menu choice (1, 2, R): 1 -- Confirm: Shutdown system in 10 seconds? (Y or N): y System shutting down... Serial Menu Task Terminating... [End of procedure]

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback