Administration of the Avaya G350 Media Gateway - Avaya Support
Administration of the Avaya G350 Media Gateway - Avaya Support Administration of the Avaya G350 Media Gateway - Avaya Support
FIPSConsiderationsThe following rules apply in FIPS-approved mode:●●●●●●●●●●●●●●●●●●●SSHv2 service must be shut downMedia encryption must be shut downH.248 signalling must be shut downThe Announcement FTP server shall not be used for upload/download G350 executablefiles or for file transfer of security related dataASG services logon must be shut downASG BP login must be shut downSNMPv3 authentication and encryption services must be shut downModem connections to the Console and USB ports must be shut downCHAP authentication services must be shut downTelnet service must be confined to IPSEC encrypted tunnelSNMP service must be confined to IPSEC encrypted tunnelTFTP/FTP configuration upload/download service must be confined to IPSEC encryptedtunnelFTP configuration upload/download service must be confined to IPSEC encrypted tunnelSCP client service must be shut downUsage of Diffie-Hellman Group 1 for IKE key negotiation must be suppressedUsage of MD5 for IKE must be suppressedUsage of MD5 for ESP authentication operation in IPSEC must be suppressedMode change of bypass tables using SNMP MIB interface must be suppressedConfiguration channel between ICC/LSP (S8300) and Gateway (MGP) must besuppressed322 Administration of the Avaya G350 Media Gateway
Appendix A: Traps and MIBsThis appendix contains the following sections:●●G350 traps — a list of all G350 traps.G350 MIBs — a list of all G350 MIBs.G350 trapsThe following table provides a list of all G350 traps with important information about each trap:NameParameters(MIB variables)ClassMsgFacilitySeverityTrap Name/MnemonicFormatDescriptioncoldStart STD Boot Warning coldStart Agent Up withPossible Changes(coldStart Trap)enterprise:$E ($e)args($#):$*warmStart STD Boot Warning warmStart Agent Up with NoChanges(warmStart Trap)enterprise:$E ($e)args($#):$*A coldStart trap indicatesthat the entity sending theprotocol is reinitializingitself in such a way as topotentially cause thealteration of either theagent’s configuration orthe entity’simplementation.A warmStart trapindicates that the entitysending the protocol isreinitializing itself in sucha way as to keep both theagent configuration andthe entity’simplementation intact.LinkUpifIndex,ifAdminStatus,ifOperStatusSTD System Warning LinkUp Agent Interface Up(linkUp Trap)enterprise:$E ($e)on interface $1A linkUp trap indicatesthat the entity sending theprotocol recognizes thatone of the communicationlinks represented in theagent’s configuration hascome up.The data passed with theevent is1) The name and value ofthe ifIndex instance forthe affected interface.The name of the interfacecan be retrieved via ansnmpgetof.1.3.6.1.2.1.2.2.1.2.INST, where INST is theinstance returned with thetrap.1 of 9Issue 3 January 2005 323
- Page 272 and 273: Configuring policySimulating packet
- Page 274 and 275: Configuring policy-based routingPol
- Page 276 and 277: Configuring policy-based routingCon
- Page 278 and 279: Configuring policy-based routing●
- Page 280 and 281: Configuring policy-based routingMod
- Page 282 and 283: Configuring policy-based routingEdi
- Page 284 and 285: Configuring policy-based routingIn
- Page 286 and 287: Configuring policy-based routingThe
- Page 288 and 289: Setting synchronizationIf, for any
- Page 290 and 291: FIPSFigure 26: Image of the cryptog
- Page 292 and 293: FIPSSupported algorithmsThe cryptog
- Page 294 and 295: FIPSSecurity levelThe cryptographic
- Page 296 and 297: FIPSTable 14: Roles and required id
- Page 298 and 299: FIPSTable 15: Critical security par
- Page 300 and 301: FIPSCSP access rights within roles
- Page 302 and 303: FIPSTable 18 shows Role and Service
- Page 304 and 305: FIPSTable 18: Role and service acce
- Page 306 and 307: FIPSPassword guidelinesBelow are ge
- Page 308 and 309: FIPS2. Define the PMI (Primary Mana
- Page 310 and 311: FIPS10. Physically disconnect all n
- Page 312 and 313: FIPS18. To configure all interfaces
- Page 314 and 315: FIPS●Use the snmp-server user use
- Page 316 and 317: FIPS●●TFTPSNMPExample:G350-001(
- Page 318 and 319: FIPSG350-N(super)# ip crypto-list 9
- Page 320 and 321: FIPSError statesTable 19 describes
- Page 324 and 325: Traps and MIBsNameParameters(MIB va
- Page 326 and 327: Traps and MIBsNameParameters(MIB va
- Page 328 and 329: Traps and MIBsNameParameters(MIB va
- Page 330 and 331: Traps and MIBsNameParameters(MIB va
- Page 332 and 333: Traps and MIBsMIB FileIP-FORWARD-MI
- Page 334 and 335: Traps and MIBsObjectOIDgenOpResetSu
- Page 336 and 337: Traps and MIBsThe following table p
- Page 338 and 339: Traps and MIBsObject OIDipCidrRoute
- Page 340 and 341: Traps and MIBsObject OIDgenMemUtili
- Page 342 and 343: Traps and MIBsObject OIDdsx1Circuit
- Page 344 and 345: Traps and MIBsThe following table p
- Page 346 and 347: Traps and MIBsObject OIDipOutDiscar
- Page 348 and 349: Traps and MIBsObject OIDsnmpOutBadV
- Page 350 and 351: Traps and MIBsThe following table p
- Page 352 and 353: Traps and MIBsObject OIDdistributio
- Page 354 and 355: Traps and MIBsObject OIDrs232SyncPo
- Page 356 and 357: Traps and MIBsObject OIDifInUnknown
- Page 358 and 359: Traps and MIBsObject OIDdsx1Fdl 1.3
- Page 360 and 361: Traps and MIBsThe following table p
- Page 362 and 363: Traps and MIBsObject OIDipPolicyCon
- Page 364 and 365: Traps and MIBsObject OIDipPolicyCom
- Page 366 and 367: Traps and MIBsThe following table p
- Page 368 and 369: Traps and MIBsObject OIDchGroupList
- Page 370 and 371: Traps and MIBsObject OIDgenGroupLog
Appendix A: Traps and MIBsThis appendix contains <strong>the</strong> following sections:●●<strong>G350</strong> traps — a list <strong>of</strong> all <strong>G350</strong> traps.<strong>G350</strong> MIBs — a list <strong>of</strong> all <strong>G350</strong> MIBs.<strong>G350</strong> trapsThe following table provides a list <strong>of</strong> all <strong>G350</strong> traps with important information about each trap:NameParameters(MIB variables)ClassMsgFacilitySeverityTrap Name/MnemonicFormatDescriptioncoldStart STD Boot Warning coldStart Agent Up withPossible Changes(coldStart Trap)enterprise:$E ($e)args($#):$*warmStart STD Boot Warning warmStart Agent Up with NoChanges(warmStart Trap)enterprise:$E ($e)args($#):$*A coldStart trap indicatesthat <strong>the</strong> entity sending <strong>the</strong>protocol is reinitializingitself in such a way as topotentially cause <strong>the</strong>alteration <strong>of</strong> ei<strong>the</strong>r <strong>the</strong>agent’s configuration or<strong>the</strong> entity’simplementation.A warmStart trapindicates that <strong>the</strong> entitysending <strong>the</strong> protocol isreinitializing itself in sucha way as to keep both <strong>the</strong>agent configuration and<strong>the</strong> entity’simplementation intact.LinkUpifIndex,ifAdminStatus,ifOperStatusSTD System Warning LinkUp Agent Interface Up(linkUp Trap)enterprise:$E ($e)on interface $1A linkUp trap indicatesthat <strong>the</strong> entity sending <strong>the</strong>protocol recognizes thatone <strong>of</strong> <strong>the</strong> communicationlinks represented in <strong>the</strong>agent’s configuration hascome up.The data passed with <strong>the</strong>event is1) The name and value <strong>of</strong><strong>the</strong> ifIndex instance for<strong>the</strong> affected interface.The name <strong>of</strong> <strong>the</strong> interfacecan be retrieved via ansnmpget<strong>of</strong>.1.3.6.1.2.1.2.2.1.2.INST, where INST is <strong>the</strong>instance returned with <strong>the</strong>trap.1 <strong>of</strong> 9Issue 3 January 2005 323