User Guide for CiscoView Device Manager for the Cisco WebVPN Services Module 1.1
Managing Global Settings
Download this chapter
Managing Global SettingsManaging Global Settings
Download the complete book
User Guide for CiscoView Device Manager for the Cisco WebVPN Services Module - Book PDFUser Guide for CiscoView Device Manager for the Cisco WebVPN Services Module - Book PDF (PDF - 3 MB)
give_us_feedback

Table Of Contents

Managing Global Settings

Network Settings

Address Pools

Viewing Address Pools

Adding Address Pools

Adding IP Address Pool Range

Editing Address Pools

Editing IP Address Pool Range

Deleting Address Pools

DNS

Viewing Global DNS Settings

Editing Global DNS Settings

Editing General DNS Settings

Editing DNS Global Settings

Viewing VRF DNS Settings

Adding VRF DNS Settings

Editing VRF DNS Settings

Deleting VRF DNS Settings

Adding IP Hosts

Editing IP Hosts

Removing IP Hosts

Static Routes

Viewing Static Routes

Adding Static Routes

Deleting Static Routes

Interfaces

Viewing Interfaces

Adding Interfaces

Editing Interfaces

Selecting a VRF for the Interface

Deleting Interfaces

VRF Instances

Viewing VRF Instances

Adding VRF Instances

Selecting Routed Interfaces

Editing VRF Instances

Adding and Deleting Interfaces in VRF

Deleting VRF Instances

Security

AAA

Viewing AAA Settings

Editing RADIUS Global Settings

Selecting an Interface

Adding VRF Source Interfaces

Editing VRF Source Interfaces

Deleting VRF Source Interfaces

Server Groups

Viewing Server Group Settings

Adding Server Groups

Editing Server Groups

Deleting Server Groups

Adding RADIUS Servers for the Server Group

Editing RADIUS Server Settings for the Server Group

Deleting a RADIUS Server in the Server Group

Authentication Lists

Viewing Authentication Lists

Adding Authentication Lists

Selecting a Method List

Editing Authentication Lists

Deleting Authentication Lists

Network ACLs

Viewing Network ACLs

Adding ACL Rules

Editing ACL Rules

Deleting ACL Rules

Adding Extended Rule Entries

Selecting the Protocol and Service

Editing Extended Rule Entries

Cloning Extended Rule Entries

Deleting Extended Rule Entries

Adding Standard Rule Entries

Editing Standard Rule Entries

Cloning Standard Rule Entries

Deleting Standard Rule Entries

Connection Policies

TCP Policies

Viewing TCP Policies

Adding TCP Policies

Editing TCP Policies

Deleting TCP Policies

Assigning a TCP Policy to Virtual Contexts

Assigning a TCP Policy to Virtual Gateways

SSL Policies

Viewing SSL Policies

Adding SSL Policies

Editing SSL Policies

Deleting SSL Policies

Assigning an SSL Policy to Virtual Contexts

Assigning an SSL Policy to Virtual Gateways

Time Ranges

Viewing Time Ranges

Adding Time Ranges

Editing Time Ranges

Deleting Time Ranges

Adding Periodic Entries

Editing Periodic Entries

Deleting Periodic Entries

What Are Global Settings and What Are They Used for?


Managing Global Settings

The Global Settings feature allows you to configure Network Settings, Security Features, Connection Policies and Time Ranges.

Managing Global Settings contains the following sections:

Network Settings

Security

Connection Policies

Time Ranges

Network Settings

This section includes the following:

Address Pools

DNS

Static Routes

Interfaces

VRF Instances

Address Pools

You can use this feature to configure static local IP Address Pools to be used in Tunnel Mode configuration. You can add, edit and delete Address Pools using this feature.

Viewing Address Pools

Adding Address Pools

Editing Address Pools

Deleting Address Pools

Viewing Address Pools

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane.

The Global Settings page is displayed.

Step 2 Select the object Address Pools from the Network Settings Group folder. The Address Pools page appears with the following information.

Field
Description

Pool Name

Name of the Pool.

Address Range

The IP Address range of Address Pools. You can configure multiple address ranges.

Cache Size

Cache Size for the address pool.

Group Name

Group Name for the address pool.


Click Add to add address pools.

Select an Address Pool and click Edit to edit address pools.

Select an Address Pool and click Delete to delete address pools.

Adding Address Pools

Step 1 Click Add in the Address Pools page. The Add Address Pools dialog box appears with the following fields.

Field
Description

Use Pool name as default.

Specifies that default be used as the Pool Name.

Pool Name

Name of the pool.

Group Name

Group Name for the address pool.

Cache Size

Cache Size for the address pool.

IP Address Range

Start IP Address

The first IP address of an IP address range. You can configure multiple address ranges.

End IP Address

The last IP address of an IP address range. You can configure multiple address ranges.


Step 2 Enter the appropriate values and Click OK to add Address Pool.

Adding IP Address Pool Range

Step 1 Click Add in the Add Address Pool or Edit Address Pool dialog box. The Add IP Pool Address Range dialog box appears with the following information.

Field
Description

Pool Name

Name of the address pool. You cannot edit the value in this field.

Start IP Address

The first IP address of an IP address range.You can configure multiple address ranges.

End IP Address

The last IP address of an IP address range. You can configure multiple address ranges.


Step 2 Enter the appropriate values and click OK.

Editing Address Pools

Step 1 Click Edit in the Address Pools page. The Edit Address Pools dialog box appears with the following fields.

Field
Description

Pool Name

Name of the pool. You cannot edit the values in this field.

Group Name

Group Name for the address pool. You cannot edit the values in this field.

Cache Size

Cache size for the address pool.

IP Address Range

Start IP Address

The first IP address of an IP address range. You can configure multiple address ranges.

End IP Address

The last IP address of an IP address range. You can configure multiple address ranges.


Step 2 Modify the appropriate values and click OK.

Editing IP Address Pool Range

Step 1 Click Edit in the Edit Address Pool or Add Address Pool dialog box. The Edit IP Address Pool Range dialog box appears with the following information.

Field
Description

Pool Name

Name of the address pool. You cannot edit the value in this field.

Start IP Address

The first IP address of an IP address range.You can configure multiple address ranges.

End IP Address

The last IP address of an IP address range. You can configure multiple address ranges.


Step 2 Modify the appropriate values and click OK.

Deleting Address Pools

Step 1 Select an Address Pool or multiple Address Pools and click Delete in the Address Pool page. The Delete IP Pools pop-up appears.

Step 2 Click Yes. The Address Pool or multiple Address Pools will be deleted.

DNS

You can view and edit Global DNS settings and view, add, edit and delete VRF DNS settings using this feature.

Viewing Global DNS Settings

Editing Global DNS Settings

Editing General DNS Settings

Editing DNS Global Settings

Viewing VRF DNS Settings

Adding VRF DNS Settings

Editing VRF DNS Settings

Deleting VRF DNS Settings

Viewing Global DNS Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane.

The Global Settings page is displayed.

Step 2 Select the object DNS Settings from the Network Settings Group folder. The DNS Settings page appears.

Step 3 Select the Global tab from the DNS page. The DNS page is displayed with the following information.

Field
Description
General

DNS Status

Whether DNS is enabled.

Round Robin Status

Whether round robin is enabled.

Timeout (secs)

Timeout for DNS queries in seconds. Range of values: 1-3600 seconds.

Retry Count

Retry count for DNS queries. Range of values: 0-100 seconds.

DNS Global

Domain Name

Defines a default domain name that the Cisco IOS software will use to complete unqualified hostnames.

Domain List

Defines a list of default domain names to complete unqualified hostnames.

Name Servers

Specifies one or more hosts that supply name information.

Hostname

Host name.

IP Addresses

IP addresses.


Editing Global DNS Settings

You can edit General DNS settings and DNS Global settings using this feature.

Editing General DNS Settings

Editing DNS Global Settings

Editing General DNS Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane.

The Global Settings page is displayed.

Step 2 Select the object DNS Settings from the Network Settings Group folder. The DNS Settings page appears.

Step 3 Select the Global tab in the DNS page and Click Edit in the General pane. The Edit DNS General dialog box appears with the following information.

Field
Description

DNS Status

Whether DNS is enabled.

Round Robin Status

Whether round robin is enabled.

Timeout(1-3600)secs

Timeout for DNS queries in seconds. Range of values: 1-3600 seconds.

Retry Count(0 - 100)

Retry count for DNS queries. Range of values: 0-100 seconds.


Step 4 Modify the appropriate values and click OK.

Editing DNS Global Settings

Step 1 Select the Global tab in the DNS page and Click Edit in the DNS Global pane. The Edit Global DNS dialog box appears with the following information.

Field
Description

Domain Name

Defines a default domain name that the Cisco IOS software will use to complete unqualified hostnames.

Domain List

Domain List Entry

A default domain name entry to complete unqualified hostnames.

Name Servers

Name Server

A host that supplies name information.

IP Hosts

HostName

Host name.

IP Addresses

IP addresses.


Step 2 Modify the values as appropriate and click OK.

Viewing VRF DNS Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object DNS Settings from the Network Settings Group folder. The DNS Settings page appears.

Step 3 Select the VRF tab from the DNS page. The VRF page is displayed with the following information.

Field
Description
VRF

VRF Name

Name of the VRF instance.

No. of Domain Lists

Number of domain lists for the VRF.

No of Name Servers

Number of name servers for the VRF.

No of Hostnames

Number of hostnames for the VRF.

VRF Details

VRF Name

Name of the VRF instance.

Domain Name

VRF specific domain name.

Domain Lists

VRF specific domain list.

Name Servers

VRF specific name server.

Hostname

Hostname of the VRF server.

IP Addresses

IP address of the VRF server.


Click Add to add a VRF.

Click Edit to edit VRF settings.

Click Delete to delete VRF settings.

Adding VRF DNS Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane.

The Global Settings page is displayed.

Step 2 Select the object DNS Settings from the Network Settings Group folder. The DNS Settings page appears.

Step 3 Select the VRF tab from the DNS page. The VRF page is displayed.

Step 4 Click Add on the VRF page. THe VRF DNS dialog box appears with the following information.

Field
Description

VRF Name

Name of the VRF instance.

Domain Name

VRF specific domain name.

Domain List

Domain List Entry

VRF specific domain list entry to be added to the Domain List.

Name Servers

Name Server

VRF specific name server IP address to be entry to be added to the Name Server List.

IP Hosts

Hostname

Hostname of the IP host.

IP Addresses

IP address of the IP host.


Step 5 Click OK.

Editing VRF DNS Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object DNS Settings from the Network Settings Group folder. The DNS Settings page appears.

Step 3 Select the VRF tab from the DNS page. The VRF page is displayed.

Step 4 Click Edit on the VRF page. THe VRF DNS dialog box appears with the following information.

Field
Description

VRF Name

Name of the VRF instance. You cannot edit the value in this field.

Domain Name

VRF specific domain name.

Domain List

Domain List Entry

VRF specific domain list entry to be added to the Domain List.

Name Servers

Name Server

VRF specific name server IP address to be entry to be added to the Name Server List.

IP Hosts

Hostname

Hostname of the IP host.

IP Addresses

IP address of the IP host.


Step 5 Click OK.

Deleting VRF DNS Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object DNS Settings from the Network Settings Group folder. The DNS Settings page appears.

Step 3 Select the VRF tab from the DNS page. The VRF page is displayed.

Step 4 Select a VRF DNS entry or multiple VRF DNS entries and click Delete in the VRF page. The Delete the DNS entries for VRF pop-up appears.

Step 5 Click Yes. The selected VRF DNS entry or entries will be deleted.

Adding IP Hosts

You can use the Add IP Host dialog box to add IP hosts and corresponding IP addresses in the Add VRF DNS, Edit VRF DNS or Edit Global DNS dialog boxes.

Step 1 Click Add in the IP hosts pane. The Add IP hosts dialog appears with the following information.

Field
Description

Hostname

Hostname of the IP host.

IP Address

IP address of the IP host.


Step 2 Enter the appropriate values and click Add.

The hostname and IP address will be added to the IP Address pane. You can add multiple IP addresses for a Hostname. Select an IP address and click Delete to delete an IP address you entered.

Step 3 Click OK.

The hostname and IP addresses will be added to the IP Hosts pane.

Editing IP Hosts

You can use the Edit IP Host dialog box to edit the corresponding IP addresses of IP hosts in the Add VRF DNS, Edit VRF DNS or Edit Global DNS dialog boxes.

Step 1 Select the IP Hostname you want to edit and Click Edit in the IP Hosts pane. The Edit IP Hosts dialog appears with the following information.

Field
Description

Hostname

Hostname of the IP host. The value in this field cannot be edited.

IP Address

IP address of the IP host.


Step 2 Enter the appropriate values and click Add.

The hostname and IP address will be added to the IP Address pane. You can add multiple IP addresses for a hostname. Select an IP address and click Delete to delete an IP address you entered.

Step 3 Click OK.

The hostname and IP addresses will be added to the IP Hosts pane.

Removing IP Hosts

You can remove IP hosts and corresponding IP addresses in the Add VRF DNS, Edit VRF DNS or Edit Global DNS dialog boxes.

Step 1 Select the IP host or IP hosts and corresponding IP addresses that you want to remove and click Remove in the IP Hosts pane.

Step 2 Click OK in the dialog box. The IP host or IP hosts and corresponding IP addresses are removed from the IP Hosts name.

Static Routes

You can view, add, and delete Static Routes using this feature.

Viewing Static Routes

Adding Static Routes

Deleting Static Routes

Viewing Static Routes

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object Static Routes from the Network Settings Group folder. The Static Routes page appears with the following information.

Field
Description

IP Address

IP address of static route.

Net Mask

Network mask for the IP address.

Next Hop

Next hop IP address.

Metric (1-255)

Distance metric for the static route. This is within the range 1-255.

VRF Name

VRF instance name.


Click Add to add a Static Route.

Click Delete to delete a Static Route.

Adding Static Routes

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane.

The Global Settings page is displayed.

Step 2 Select the object Static Routes from the Network Settings Group folder. The Static Routes page appears.

Step 3 Click Add in the Static Routes page. The Add Static Route dialog box appears with the following information.

Field
Description

IP Address

IP address of static route.

Net Mask

Network mask of static route.

Next Hop

Next hop IP address.

Metric (1-255)

Distance metric for the static route. This is within the range 1-255.

VRF Name

VRF instance name.


Step 4 Enter the appropriate values and click OK.

Deleting Static Routes

Step 1 Select a Static Route or multiple Static Routes from the Static Routes table and click Delete in the Static Routes page. The Delete Static Route pop-up appears.

Step 2 Click Yes. The selected Static Route or Static Routes will be deleted.

Interfaces

You can view, add, edit and delete interfaces using this feature.

Viewing Interfaces

Adding Interfaces

Editing Interfaces

Deleting Interfaces

Viewing Interfaces

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object Interfaces from the Network Settings Group folder. The Interfaces page appears with the following information.

Field
Description

Interface Name

Name of the interface.

VLAN

VLAN identifier.

IP Address

Subinterface IP address.

Net Mask

Subinterface network mask.

VRF

Name of the VRF associated with the VLAN.

Admin Status

Administrative status of the interface, either up or down.

Operational Status

Indicates the operational status of the interface.

A icon indicates that the interface is administratively down.

A icon indicates that the interface is operationally down.

A icon indicates that the interface is up.


Click Add to add interface.

Click Edit to edit interface.

Click Delete to delete interfaces.

Click Admin Status and select Up or Down to set administrative status of the interface.

For a Virtual Gateway, a non VRF-aware interface is needed in the same subnet as the Gateway. In a Virtual Context, if NAT range has been specified, you must ensure that an interface exists in the same subnet as the NAT range.

Adding Interfaces

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object Interfaces from the Network Settings Group folder. The Interfaces page appears.

Step 3 Click Add in the Interfaces page. The Add interface page appears with the following information.

Field
Description

WebVPN Interface

Name of the interface.

VLAN Number

VLAN identifier.

IP address

Subinterface IP address.

Network Mask

Subinterface network mask.

VRF Name

Name of VRF associated with the VLAN.

Administrative State

Administrative status of the interface, either up or down.


Step 4 Enter the appropriate values and click OK.

Editing Interfaces

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object, Interfaces, from the Network Settings Group folder. The Interfaces page appears.

Step 3 Click Edit in the Interfaces page. The Edit interface page appears with the following information.

Field
Description

WebVPN Interface

Name of the interface. You cannot edit the value in this field.

VLAN Number

VLAN identifier.

IP address

Subinterface IP address.

Network Mask

Subinterface network mask.

VRF Name

Name of VRF associated with the VLAN.

Administrative State

Administrative status of the interface, either up or down.


Step 4 Enter the appropriate values and click OK.

Note You cannot edit an interface used to launch CVDM.

If IP address is changed on an interface (or the interface is deleted) and:

if that interface had associated gateways, the IP address on those gateways will be cleared.

if that interface is the back-end interface for any virtual context NAT range, the NAT range will be rendered invalid.

if that interface was in the same subnet as the address pool used by any group policy inside a virtual context, that group policy might become unusable.

Selecting a VRF for the Interface

Step 1 Click the VRF Name ellipsis selector button in the Add or Edit Interface dialogs. The Select VRF dialog box appears.

Step 2 Select a VRF Name and click OK in the Select VRF dialog box.

Step 3 Click OK in the Add or Edit Interface dialog box.

Deleting Interfaces

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object, Interfaces, from the Network Settings Group folder. The Interfaces page appears.

Step 3 Select an Interface or multiple Interfaces from the Interfaces page and click Delete in the Interfaces page. The Delete Interface pop-up appears.

Step 4 Click Yes. The selected interface or interfaces will be deleted.

Note You cannot delete an interface used to launch CVDM.

VRF Instances

You can use a VRF instance to:

Configure VRF-aware interfaces

Configure a VRF-aware context (to isolate the routing lookup to different tables)

Configure VRF-aware domain resolution

Configure VRF-aware static routes

Configure VRF-aware AAA and server groups

Viewing VRF Instances

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object VRF Instances from the Network Settings Group folder. The VRF Instances page appears with the following information.

Field
Description

Name

Name of the VRF.

Route Designator

VRF route designator.

Description

Brief description of the VRF.

Interfaces in VRF

List of interfaces contained in the VRF.


Click Add to add VRF Instances.

Click Edit to edit VRF Instances

Click Delete to delete VRF Instances.

Adding VRF Instances

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object VRF Instances from the Network Settings Group folder. The VRF Instances page appears.

Step 3 Click Add on the VRF instances page. The Add VRF Instances dialog box appears with the following information.

Field
Description

VRF Name

The name of the VRF instance.

Route Designator

The route designator for the VRF.

Description

Brief description of the VRF.

Interfaces in VRF

Displays the interfaces associated with the VRF. To add or delete interfaces in VRF see Adding and Deleting Interfaces in VRF.


Step 4 Enter the appropriate values and click OK.

Selecting Routed Interfaces

To select Routed Interfaces for a VRF Instance:

Step 1 Click Add in the Interfaces in VRF panel in the Add VRF or Edit VRF dialog box. The Select Routed Interfaces dialog box appears.

Step 2 Select an interface from the Routed Interfaces dialog box and click OK.

Editing VRF Instances

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object VRF Instances from the Network Settings Group folder. The VRF Instances page appears.

Step 3 Click Edit on the VRF instances page. The Edit VRF Instances dialog box appears with the following information.

Field
Description

VRF Name

The name of the VRF. You cannot edit the value in this field.

Route Designator

The route designator for the VRF.

Description

Brief description of the VRF.

Interfaces in VRF

Displays the interfaces associated with the VRF. To add or delete interfaces in VRF see Adding and Deleting Interfaces in VRF.


Step 4 Modify the appropriate values and click OK.

Adding and Deleting Interfaces in VRF

To add Interfaces in VRF:

Step 1 Click Add to add an interface in the Interfaces in VRF pane of the Add VRF or Edit VRF dialog box. The Select Routed Interfaces dialog box appears with the list of routed interfaces.

Step 2 Select a routed interface from the Select Routed Interfaces dialog box and click OK. The selected routed interface will be added to the Interfaces in VRF pane of the Add VRF or Edit VRF dialog box.

To delete interfaces in VRF:

Step 1 Select an interface name in the Interfaces in VRF pane of the Add VRF or Edit VRF dialog box.

Step 2 Click Delete in the Interfaces in VRF pane.

Step 3 Click OK in the dialog box.

Deleting VRF Instances

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object VRF Instances from the Network Settings Group folder. The VRF Instances page appears.

Step 3 Select the VRF Instance or multiple VRF Instances you want to delete and click Delete on the VRF Instances page. The Delete VRF pop-up appears.

Step 4 Click Yes. The selected VRF Instance or Instances will be deleted.

Note If a VRF Instance is in use in a virtual context or it has some DNS entries etc., a warning message that the VRF is in use by the components that are using it will be displayed to the user. The VRF instance will be deleted only if you confirm that it can be deleted.

Security

You can configure AAA, Server Groups, Authentication Lists and Network ACLs using this feature.

AAA

Server Groups

Authentication Lists

Network ACLs

AAA

With CVDM-WebVPNSM, you can implement and configure authentication on your WebVPN module.

Note AAA will be enabled only if enable password is set on the device. If AAA is not already enabled, then the AAA screen will display a link to enable AAA. Click on the link to enable AAA. All AAA functionality can be performed only after AAA is enabled.

Viewing AAA Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object AAA from the Security Group folder. The AAA page appears with the following information.

Field
Description
RADIUS Global Settings

Source Interface

IP address of the source interface.

Timeout

Number of seconds that a router should attempt to contact this server before going on to another server.

Key

Key used when contacting the RADIUS server.

VRF Source Interfaces

VRF Name

Name of the VRF instance.

Source Interface

The source interface for the VRF.


Click Edit on the RADIUS Global Settings pane to edit RADIUS Global settings.

Click Add on the VRF Source Interfaces pane to add Source interface for a VRF.

Editing RADIUS Global Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object AAA from the Security Group folder. The AAA page appears.

Step 3 Click Edit on the Global RADIUS Settings pane.

Field
Description

Source Interface

Interface that will serve as the source interface for all AAA servers configured on the WebVPN module.

Timeout

Enter the number of seconds that the router should attempt to contact this server before going on to another server.

Key

Enter the key used when contacting the RADIUS server.

Confirm Key

Re-enter the key used when contacting the RADIUS server.


Step 4 Modify the values as appropriate and click OK.

Selecting an Interface

Step 1 Click Edit in the RADIUS Global Settings pane of the AAA page. The Edit RADIUS Setting dialog box appears.

Step 2 Click the Source Interface ellipsis button. The Select an Interface dialog box appears.

Step 3 Select an interface and click OK. The selected interface is added to the Source Interface field. in the Edit RADIUS settings dialog box.

Adding VRF Source Interfaces

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object AAA from the Security Group folder. The AAA page appears.

Step 3 Click Add in the VRF Source Interfaces pane. The Add Source Interface for a VRF dialog appears with the following information.

Field
Description

VRF

VRF name.

Source Interface

The source interface for the VRF.


Step 4 Enter the appropriate values and click OK.

Editing VRF Source Interfaces

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object AAA from the Security Group folder. The AAA page appears.

Step 3 Click Edit in the VRF Source Interfaces pane. The Edit Source Interface for a VRF dialog appears with the following information.

Field
Description

VRF

VRF name. You cannot edit the value in this field.

Source Interface

The source interface for the VRF.


Step 4 Modify the appropriate values and click OK.

Deleting VRF Source Interfaces

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object AAA from the Security Group folder. The AAA page appears.

Step 3 Select a Source interface or multiple Source Interfaces and click Delete in the VRF Source Interfaces pane. The Delete Entries pop-up appears.

Step 4 Click Yes. The selected VRF Source Interface or Interfaces will be deleted.

If a VRF is deleted and:

VRF had some DNS entries, they become invalid.

If there were any static routes for this VRF, they get removed.

VRF has some associated AAA server group entries, they become invalid.

VRF was used by a virtual context, the context becomes operationally down.

Server Groups

You can view, add, edit and delete server groups using this feature. You can also add RADIUS servers to the server group, edit RADIUS server settings and delete RADIUS servers in the server group.

Viewing Server Group Settings

Adding Server Groups

Editing Server Groups

Deleting Server Groups

Adding RADIUS Servers for the Server Group

Editing RADIUS Server Settings for the Server Group

Deleting a RADIUS Server in the Server Group

Viewing Server Group Settings

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object Server Groups from the Security Group folder. The Server Groups page appears with the following information.

Fields
Description
Server Groups

Server Group Name

Name of the server group.

Servers in Group

Servers in a server group.

VRF Name

VRF Name associated with the server group.

RADIUS Servers in the Server Group

IP Address

IP address of the server.

Authentication Port

The server port used for authentication requests.

Accounting Port

The server port used for accounting requests.

Private Server

Private RADIUS server.

Key

Enter the key used when contacting the RADIUS server.

Timeout

The number of seconds that the router should attempt to contact this server before going on to the next server in the group list.

The default is 5 seconds. Valid values range from 1 to 1000 seconds.

Type

RADIUS server. Only RADIUS server is supported.


Adding Server Groups

Step 1 Click Setup in the taskbar and Global Settings in the left-most pane. The Global Settings page is displayed.

Step 2 Select the object Server Groups from the Security Group folder. The Server Groups page appears.

Step 3 Click Add. The Add AAA server group dialog box appears with the following fields.

Field
Description

Server Group Name

Name of the server group.

VRF

VRF associated with the server group.

RADIUS Server(s) in the group

IP Address

IP address of the server.

Authentication Port

The server port used for authentication requests.

Accounting Port

The server port used for accounting requests.

Private Server

</