background image

80

dua1611-5aaa04.book  Page 80  Friday, November 29, 2002  8:56 PM

Summary of Contents for SUPERSTACK 3 WEBCACHE 3000

Page 1: ...1 5AAA04 Published November 2002 SuperStack 3 Webcache User Guide SuperStack 3 Webcache 1000 3C16115 SuperStack 3 Webcache 3000 3C16116 SuperStack 3 Web Site Filter 3C16118 dua1611 5aaa04 book Page 1...

Page 2: ...any legend provided on any licensed program or documentation contained in or delivered to you in conjunction with this User Guide Unless otherwise indicated 3Com registered trademarks are registered...

Page 3: ...ets and Using a Subnet Mask 27 Domain Name System 28 Domain Name System Syntax 28 Default Router 29 Web Caching Overview 30 Current and Expired Content 32 Revalidating HTTP Content 32 Deployment Modes...

Page 4: ...l 62 Power Socket 63 Console Port 63 WAN Port 63 LAN Port 63 WAN and LAN Port LEDs 64 Choosing a Suitable Site 65 Rack Mounting the Webcache 65 The Power up Sequence 69 Powering up the Webcache 69 Che...

Page 5: ...THE WEB INTERFACE Management Software Interfaces 88 Logging in as a Default User 88 Accessing the Web Interface 89 Understanding the Web Interface 91 The Toolbar 92 The Navigation Tree 94 The Informat...

Page 6: ...g 119 Creating a Parent Cache Exclusion List 119 Saving the Parent Cache Exclusion List 121 Clearing the Parent Cache Exclusion List 122 Configuring ICP Caching 123 Adding ICP Peers 124 Deleting ICP P...

Page 7: ...Filter 151 Setting Up Filtering Policies 152 Testing a URL 154 Websense Enterprise Filtering 155 Acquiring the Websense Enterprise Filtering Software 155 Installing the Websense Enterprise Filtering...

Page 8: ...w List or Deny List 173 Clearing the Allow List or Deny List 173 Keyword Blocking 174 Setting Up Keyword Blocking Lists 174 Editing the Keyword Blocking List 174 Loading Entries From a File into the K...

Page 9: ...heduled Tasks 200 Using the 3Com Web Scheduler Browser Client 201 Configuring the Webcache for the 3Com Web Scheduler Browser Client 201 Installing the 3Com Web Scheduler Browser Client 202 VI MONITOR...

Page 10: ...ning a Syslog Server 231 Viewing the System Log 232 VII MANAGING THE WEBCACHE SOFTWARE 16 CONFIGURATION MANAGEMENT Saving and Restoring Configurations 236 Saving a Configuration 237 Restoring a Config...

Page 11: ...Pinging Other Devices 262 Displaying IP Summary Information 263 Tracing IP Addresses 263 Displaying and Changing Security Information 264 Securing the Management Interface 264 Changing the Admin Passw...

Page 12: ...ichtige Sicherheitsinformationen 292 B CABLE SPECIFICATIONS AND PIN OUTS Cable Specifications 295 Pin outs 296 Null Modem Cable 296 PC AT Serial Cable 296 Modem Cable 297 RJ 45 Pin Assignments 297 C T...

Page 13: ...0 321 Configuring WCCP for a Service Group 321 Configuring WCCP Multicast 322 Example Configurations 322 Monitoring WCCP 323 Configuring WCCP Version 2 0 Within a Single Subnet 324 Enabling Cisco Exp...

Page 14: ...m 337 Entertainment 337 Games 338 General News 338 Glamour and Intimate Apparel 338 Hobbies 338 Investment 339 Job Search 339 Motor Vehicles 339 Personals and Dating 339 Real Estate 339 Shopping 340 S...

Page 15: ...END USER SOFTWARE LICENSE AGREEMENT 3COM END USER WEB SITE FILTER PRODUCT LICENSE AGREEMENT GNU GENERAL PUBLIC LICENSE VERSION 2 JUNE 1991 REGULATORY NOTICES dua1611 5aaa04 book Page 15 Friday Novemb...

Page 16: ...dua1611 5aaa04 book Page 16 Friday November 29 2002 8 56 PM...

Page 17: ...or installing configuring and managing the network It assumes a basic working knowledge of local area network LAN and wide area network WAN operations If release notes are shipped with your product an...

Page 18: ...ply the appropriate values for the placeholders that appear in angle brackets Example To change your password use the following syntax system password password In this example you must supply a passwo...

Page 19: ...ing new features modifications and known problems There are other publications you may find useful such as Documentation accompanying 3Com Network Supervisor This is supplied on the CD ROM that accomp...

Page 20: ...ond to comments and questions about 3Com product documentation at this e mail address Questions related to technical support or sales should be directed in the first instance to your network supplier...

Page 21: ...I GETTING STARTED Chapter 1 Web Caching Concepts and Deployment Chapter 2 Installing the Webcache dua1611 5aaa04 book Page 21 Friday November 29 2002 8 56 PM...

Page 22: ...22 dua1611 5aaa04 book Page 22 Friday November 29 2002 8 56 PM...

Page 23: ...ers the following topics What is the Webcache The Webcache and 3Com Network Supervisor Before You Begin Network Configuration Concepts Web Caching Overview Deployment Modes Overview Choosing a Deploym...

Page 24: ...s Smoother Traffic Flow Traffic surges can stress your network and server The Webcache can help smooth out network traffic and reduce delays in serving Web content As more users request the same Web c...

Page 25: ...ork Supervisor also detects mis configurations of the Webcache and Switch for example if a Switch 4400 is not directly connected to the Webcache Before You Begin To install the Webcache and set it up...

Page 26: ...nsparent and Inline Cache modes Network Configuration Concepts The following sections explain certain key concepts of configuring your network which you must understand in order to set up the Webcache...

Page 27: ...t follow when entering an IP address or IP address range Individual IP addresses must be valid 0 0 0 0 is disallowed Values above 255 255 255 255 are disallowed IP address ranges must be valid A range...

Page 28: ...correct IP address e g 128 118 2 23 allowing the two devices to communicate with each other To enable the Domain Name System you must setup one or more DNS servers on your network If you are uncertai...

Page 29: ...acter You cannot enter a domain containing a space character Each part of the domain name known as a label must be less than 64 characters The host name plus the domain name must not exceed 255 charac...

Page 30: ...t router exists on your network leave the field blank Web Caching Overview In a network without a Webcache all Web requests from browsers on client machines must travel across the expensive WAN to the...

Page 31: ...enough to serve see Current and Expired Content on page 32 the Webcache immediately serves it to the client machine This is a cache hit as shown in Figure 2 Figure 2 A Cache Hit 4 If the content is n...

Page 32: ...cache is expired the Webcache revalidates it A revalidation is a query to the origin server that asks if the content is unchanged The result of a revalidation can be The content is still current the...

Page 33: ...k and redirected to the Webcache Proxy Relay caching the Webcache is connected directly to a SuperStack 3 Firewall which acts as a Proxy Forwarder Web requests are intercepted by the Firewall and the...

Page 34: ...ployment An overview of the Proxy cache deployment mode See page 45 Manual Configuration The Web browser on each client machine is configured to explicitly direct its Web requests to the Webcache See...

Page 35: ...a Deployment Mode The flow chart shown in Figure 4 is a guide to choosing the most suitable deployment mode for the Webcache in your network Figure 4 Choosing a Deployment Mode dua1611 5aaa04 book Pa...

Page 36: ...irects all Web requests to the Webcache The Web browser on each client machine is unaware that it is communicating with the Webcache Therefore no configuration of the Web browser on each client machin...

Page 37: ...client machines that are inside your network can access the systems and resources within it and prevents client machines or malicious users from bypassing the Webcache This reduces the need for more c...

Page 38: ...units in the stack which update their internal databases accordingly The master unit designates a polling unit this can be the master unit or another unit in the stack The polling unit must have an IP...

Page 39: ...s them untagged to the Webcache The traffic between any two pairs of IP addresses must always be redirected through the same Webcache Only HTTP traffic is eligible for redirection The port to which th...

Page 40: ...tagged to the Webcache The traffic between any two pairs of IP addresses must always be redirected through the same Webcache Only HTTP traffic is eligible for redirection The port on the Switch 4924 o...

Page 41: ...lancer can be configured to redirect Web requests on TCP port 80 to a Webcache for a particular service or to load balance between multiple Webcaches based on standard load balancing algorithms For fu...

Page 42: ...WCCP or be directly connected to a dedicated router interface on a 3 interface router Do not use a hub as the Webcache may see traffic that is not destined for it Configure Webcache redirection on th...

Page 43: ...isco router to operate with multiple Webcaches in your network You need to specify the IP address of the router in the Web interface of each Webcache For further information see Configuring WCCP V1 on...

Page 44: ...w Webcache into the WCCP V2 environment Improving the Security of Your Network You can also enable password authentication between the routers and the Webcaches If enabled the Webcache provides a pass...

Page 45: ...The Firewall does not perform any health checking to ensure that the Webcache is operational If the Webcache fails the Firewall continues to direct Web requests to the Webcache causing a loss of clien...

Page 46: ...isadvantages The Web browser configuration must be changed on each client machine that you want to access the Webcache If the Webcache fails access to the Web is lost because each client machine has b...

Page 47: ...ly migrate the client machines in your network from a pure Proxy Cache configuration to a pure Transparent Cache configuration by changing the Web browsers to Transparent Cache mode as required Manual...

Page 48: ...cache The PAC file can be stored either on the Webcache or a network server and the Web browser is set to read the PAC file when it is opened The PAC file is read once when the Web browser is first op...

Page 49: ...on a server in your network or on the Webcache The Web Proxy Auto Discovery WPAD protocol is not supported by Netscape Navigator Configuring WPAD To configure WPAD you need to Set up a WPAD server Co...

Page 50: ...ebcache as the WPAD server you need to create a DNS record which resolves wpad your domain name to the Webcache s IP address For further information about the Domain Name System see Domain Name System...

Page 51: ...OK 7 Close Internet Explorer Testing WPAD To confirm that WPAD is working successfully 1 Open Internet Explorer and log in to the Web interface 2 Click Device on the Toolbar 3 Select Caching Access Lo...

Page 52: ...ows 2000 Server has the capability to manage Web browser configurations through the its domain management tools Other vendors include Hewlett Packard Intel and Tivoli Inline Cache Deployment Figure 13...

Page 53: ...ache The peak packet rate that can be sustained is therefore lower than using a Layer 4 device resulting in reduced performance Parent Caching Parent Caching allows you to explicitly configure a hiera...

Page 54: ...be forwarded across the network to the parent Webcaches and then back again rather than being retrieved directly from the local server All client machines and Web sites that you specify in the Cache B...

Page 55: ...5 shows a local Branch Office and a remote central Head Office All requests for the Internet are routed through the Head Office site before reaching the World Wide Web because the Head Office site con...

Page 56: ...ching ICP Caching is an open standard protocol allowing multiple proxy caches to cooperate and appear as a single larger Webcache It originally appeared at a time when there was very little storage ca...

Page 57: ...with Parent Caching ICP Caching uses a connectionless protocol UDP IP if your network is busy and a packet containing caching information is lost it will not be retransmitted Consequently caching lat...

Page 58: ...58 CHAPTER 1 WEB CACHING CONCEPTS AND DEPLOYMENT dua1611 5aaa04 book Page 58 Friday November 29 2002 8 56 PM...

Page 59: ...s from the Webcache 1000 3000 or carrying out any maintenance procedures you must read the safety information provided in Appendix A of this guide AVERTISSEMENT Consignes de s curit Avant d installer...

Page 60: ...stable Brackets 2 x Front Plates 16 x Screws You must use the rails and screws supplied with the Rack Mounting Kit Damage caused to the Webcache by using incorrect rails and screws invalidates your wa...

Page 61: ...Self test LED Cache Storage Status green ok yellow failed green 100 Mbps yellow 10 Mbps Link Status Cache Storage Status LED s 3 1 2 Cache Storage Status 3 2 Link Status Activity Link Status LED s LAN...

Page 62: ...he is active and caching is occurring Off The cache is not active This is normal behavior for an idle Webcache Power Self test LED Green The Webcache is powered up and operating normally Green flashin...

Page 63: ...t For further information see Inline Cache Deployment on page 52 The WAN port should be left disconnected if the Webcache is not being deployed in an Inline Cache configuration LAN Port The LAN port i...

Page 64: ...lems Indicated by LEDs on page 277 Table 5 LED Behavior The Link Speed LED does not change its state if the link is broken It remains in its current state until a new link is established Therefore Gre...

Page 65: ...ou provide a minimum of 25 mm 1 in clearance Air temperature around the Webcache does not exceed 40 C 104 F If the Webcache is installed in a 19 inch rack or closed assembly its local air temperature...

Page 66: ...nvalidates your warranty A Rack Mounting Kit is supplied with the Webcache which contains the items shown in Figure 19 The rack mounting rails and rack mounting brackets are attached to the Webcache T...

Page 67: ...ounting brackets on both sides of the Webcache 3 Use an adjustable bracket to secure a rack mounting rail to the rear of your rack as shown in Figure 21 To do this a Slide the adjustable bracket onto...

Page 68: ...unting rail as shown in Figure 22 b Tighten the screws with a suitable screwdriver Figure 22 Fitting a Rack Mounting Rail to the Front of the Rack 5 Slide the rack mounting brackets on the sides of th...

Page 69: ...outlet 3 The Webcache automatically powers up which takes approximately 60 90 seconds During power up all of the LEDs light and the Power Self test LED flashes green When the Webcache has powered up...

Page 70: ...see Deployment Modes Overview on page 32 CAUTION 3Com recommends you set up the Webcache for management in a test network environment before you introduce it into your live network For further inform...

Page 71: ...tting Started Wizard Settings on page 309 Setting Up Using the Web Interface You can setup the Webcache for management via the Web interface by using a Web browser on a management workstation that is...

Page 72: ...o display the Web interface correctly use one of the following Web browsers Microsoft Internet Explorer v4 0 Microsoft Internet Explorer v5 0 Microsoft Internet Explorer v5 5 Microsoft Internet Explor...

Page 73: ...e listens as part of the URL of the Webcache i e http 192 168 1 253 8081 3 When the browser has located the Webcache a user name and password screen is displayed as shown in Figure 26 Figure 26 User n...

Page 74: ...the IP address of the Webcache If you are unsure how to do this check the documentation supplied with the Telnet facility To connect the Webcache to the test network The client machine must be in the...

Page 75: ...Cable Specifications and Pin outs appendix on page 295 You must use a VT52 or VT100 ANSI compatible terminal emulator To connect the cable a Attach the female connector on the cable to the male conne...

Page 76: ...nd the login sequence starts again 4 Access the Getting Started wizard which allows you to quickly configure the basic setup information for the Webcache At the Top level menu enter gettingStarted 5 T...

Page 77: ...ices installed when you purchase it You can install an additional cache storage device in the third bay of the Webcache 3000 This improves the performance of the Webcache in the following ways Reduced...

Page 78: ...78 CHAPTER 2 INSTALLING THE WEBCACHE dua1611 5aaa04 book Page 78 Friday November 29 2002 8 56 PM...

Page 79: ...ING THE WEBCACHE Chapter 3 Using the CLI Interface Chapter 4 Using the Web Interface Chapter 5 Securing Access to the Webcache Management Interfaces dua1611 5aaa04 book Page 79 Friday November 29 2002...

Page 80: ...80 dua1611 5aaa04 book Page 80 Friday November 29 2002 8 56 PM...

Page 81: ...way it works The following topics are covered The Webcache 1000 3000 has a Command Line Interface that allows you to manage certain features from a terminal You may want to use the Command Line Interf...

Page 82: ...Interface through the console port 1 Connect the terminal or terminal emulator to the console port If you are connecting directly to the console port you need a standard null modem cable If you are c...

Page 83: ...are unsure how to do this check the documentation supplied with the Telnet facility Logging In To the Command Line Interface To log in to the Command Line Interface take the following steps 1 Set up y...

Page 84: ...the Command Line Interface automatically After the exit the first key that you press returns you to the login sequence Understanding the Command Line Interface Once you log in to the Command Line Int...

Page 85: ...Webcache Security menu This menu contains commands that allow you to view and change security related information for the Webcache and the network System menu This menu contains commands that allow yo...

Page 86: ...s For example to enter the security menu and change the password for the admin user enter se pa password from the Top level menu To abort a command Press Esc to return to the Top level menu Displaying...

Page 87: ...herefore the overall performance of your network It allows you to make full use of the features offered by the Webcache and to change and monitor the way it works The following topics are covered Mana...

Page 88: ...om recommends that you change the default password to prevent unauthorized access to your Webcache See Chapter 5 for further information Logging in as a Default User If you manage the Webcache using t...

Page 89: ...browser by default You will only need to enable them if you have changed your browser settings Also the Web interface has been optimized for PC screens with the desktop area set to 800 by 600 pixels...

Page 90: ...n If the user name and password screen is not displayed see Solving Web Interface Problems on page 277 4 Enter your user name and password For further information see Logging in as a Default User on p...

Page 91: ...he Banner It contains three buttons which allow you to select different views in the View Area See The Toolbar below The Navigation Tree This is always displayed on the left side of the browser window...

Page 92: ...9 Device Summary Enclosure Summary Caching Summary Caching Statistics Summary Content Filtering Summary Cache Storage Summary Device This view allows you to configure the physical and networking aspec...

Page 93: ...y Content Filtering Statistics Performance This view shows graphs of the caching and filtering statistics of the Webcache as well as the error rate generated by the sites being cached The following wi...

Page 94: ...top level options displayed as shown in Figure 32 Operations that you can perform to manage your Webcache are grouped into folders within the Navigation Tree The options displayed depend on the view y...

Page 95: ...cates that the next level of the Navigation Tree hierarchy is currently expanded Click the symbol to collapse the next level This only affects the Navigation Tree no changes are made to the Informatio...

Page 96: ...evant to the view are displayed If the Performance View is selected the Performance Graphs are displayed If the Help View is currently selected specification guidelines for running the Web interface a...

Page 97: ...the Webcache 1000 because cache storage devices cannot be added or removed Console Port Hotspot The Console Port on the rear panel mimic is a hotspot Click the port to open a pop up menu that contain...

Page 98: ...nt caching mode This is also indicated by the Port Activity LED on the rear panel of the Webcache being Off The icon if shown without a Red border indicates that the cache storage device is present an...

Page 99: ...nd Caching views The Caching Summary table shows the Deployment Mode Proxy Port Transparent Ports WCCP status and the method and status of Access Logging Caching Statistics Summary Appears in Summary...

Page 100: ...he cache storage device is present and operating normally Failed The cache storage device has failed Add in Progress The cache storage device is being prepared for use by the Webcache The Cache Storag...

Page 101: ...window Click On line Help from the navigation tree or the Online Help button to open the Table of Contents of the Online Help system in a new browser window Click Product Registration to register the...

Page 102: ...102 CHAPTER 4 USING THE WEB INTERFACE dua1611 5aaa04 book Page 102 Friday November 29 2002 8 56 PM...

Page 103: ...MENT INTERFACES This chapter contains information about ensuring that the Webcache is secure It covers the following topics Passwords Management Interface Setup Password Recovery dua1611 5aaa04 book P...

Page 104: ...the Getting Started wizard which automatically runs when you first access the Webcache s Web interface You must enter the following information in either the Getting Started wizard or the Password Con...

Page 105: ...to a Web browser where xxx xxx xxx xxx is the IP address of the Webcache You can hide your Webcache from casual browsers by unchecking the Make Web Interface Available on TCP port 80 box on the Setup...

Page 106: ...administer the Webcache from your computer If this occurs you need to use the console port to access the Command Line Interface and use the Security Management commands to change the restriction to t...

Page 107: ...Use the password recovery method outlined below to define a new password for the admin username 1 Access the Command Line Interface and enter the username recover and password recover to place the Web...

Page 108: ...TO THE WEBCACHE MANAGEMENT INTERFACES 4 Enter enable to leave password recovery enabled or enter disable to turn it off You are now logged in as the default admin user dua1611 5aaa04 book Page 108 Fr...

Page 109: ...III CONFIGURING THE WEBCACHE Chapter 6 Configuring Deployment Modes Chapter 7 Static Routes Chapter 8 System Time dua1611 5aaa04 book Page 109 Friday November 29 2002 8 56 PM...

Page 110: ...110 dua1611 5aaa04 book Page 110 Friday November 29 2002 8 56 PM...

Page 111: ...uring WCCP V2 Configuring Proxy Relay with the SuperStack 3 Firewall Configuring Proxy Cache Mode Creating a Proxy Auto configuration File Configuring Inline Cache Mode Configuring Parent Caching Conf...

Page 112: ...o the Web interface 2 Click Caching on the Toolbar 3 Select Set Caching Mode The Set the Webcache Deployment Mode screen is displayed 4 Ensure that Enable Transparent Mode is checked and click OK to s...

Page 113: ...Enable WCCP 7 Select WCCP V2 0 8 In the Router IP Address List or Multicast Address field enter either A comma separated list of up to 10 Cisco routers that support WCCP V2 which will form a service...

Page 114: ...rs for WCCP using the Cisco Command Line Interface see the Default Settings for the Webcache appendix on page 307 For further information see WCCP Version 2 on page 43 Configuring Proxy Relay with the...

Page 115: ...ter the proxy relay TCP port number that you selected in step 1c port 8080 by default d Click Update to save your changes 3 No configuration is necessary on the client machines The Firewall will inter...

Page 116: ...ou want to configure Web browsers to bypass the Webcache for plain host names These are typically domain names which do not contain dots commonly used for Intranet sites e g http intranet 6 You can en...

Page 117: ...of the Webcache PAC file in the Address field in either of the following formats http nnn nnn nnn nnn 8082 or http nnn nnn nnn nnn config proxy pac where nnn nnn nnn nnn is the IP address or DNS name...

Page 118: ...oolbar 3 Select Set Caching Mode The Set the Webcache Deployment Mode screen is displayed 4 Ensure that Enable Inline Mode is checked 5 In the Transparent Inline Mode Ports field enter a comma separat...

Page 119: ...h Webcache will be listening for network traffic in the Proxy Port field For further information see Parent Caching on page 53 Creating a Parent Cache Exclusion List You can create a list of the domai...

Page 120: ...n an entry in the list and click Remove To delete all entries at once click Remove All Loading Entries From a File Into the Parent Cache Exclusion List To load a list of Web sites IP addresses and IP...

Page 121: ...st can contain a maximum of 900 entries If loading the file results in more than 900 entries in the Parent Cache Exclusion List all subsequent entries after the limit has been reached will not be load...

Page 122: ...an use the Clear Exclude List screen to delete all the current entries in the Parent Cache Exclusion List To clear the Parent Cache Exclusion List 1 Log in to the Web interface 2 Click Caching on the...

Page 123: ...ebcache will respond to incoming ICP requests from other cache devices but will never initiate any If the Webcache does not have the requested content it will go directly to the origin server or to a...

Page 124: ...uests Adding ICP Peers To add ICP peers 1 Log in to the Web interface 2 Click Caching on the Toolbar 3 Select ICP Control Edit ICP Peers in the Navigation Tree 4 Enter the IP address of another cache...

Page 125: ...Control Edit ICP Peers in the Navigation Tree 4 Select the peer that you want to delete form the table at the bottom of the window 5 Click Remove to delete the listed peers or Remove All to delete all...

Page 126: ...126 CHAPTER 6 CONFIGURING DEPLOYMENT MODES dua1611 5aaa04 book Page 126 Friday November 29 2002 8 56 PM...

Page 127: ...epts of static routing and how to configure static routes on the Webcache It covers the following topics What are Static Routes Static Routes Example Advantages of Static Routes Configuring Static Rou...

Page 128: ...address of the router for that network Static Routes Example Static routes are essential in the following scenario The Webcache is deployed in Transparent mode with a SuperStack 3 Switch 4400 For fur...

Page 129: ...quired This overhead could amount to a significant portion of network bandwidth on a low speed dial up link In a network with 200 network segments every 30 seconds as required by the RIP specification...

Page 130: ...eate the static route All of the currently defined static routes are displayed in the list at the bottom of the screen If you want to remove an entry from the list click on an entry in the list and cl...

Page 131: ...ache It contains the following topics Configuring the System Time Network Time Protocol Configuring the System Time Using the Network Time Protocol Configuring the System Time Manually System Time and...

Page 132: ...chronize the time of client machines and servers with other well known highly accurate servers or reference time sources It maintains a consistent Coordinated Universal Time UTC within your network wh...

Page 133: ...m 2 servers are in turn connected to a stratum 1 server and are therefore less accurate but greater in number Stratum 3 servers are connected to stratum 2 servers and so on up to an imposed limit of 1...

Page 134: ...er that has proven to be the most reliably available to serve NTP requests Configuring the System Time Manually To manually configure the system time of the Webcache you must enter the following infor...

Page 135: ...following system time changes affect the Performance Graphs in this way The system time is manually configured The system time is changed from Network Time Protocol to Manual Time Configuration or vi...

Page 136: ...136 CHAPTER 8 SYSTEM TIME dua1611 5aaa04 book Page 136 Friday November 29 2002 8 56 PM...

Page 137: ...IV CONTROLLING AND MONITORING WEB ACCESS Chapter 9 Monitoring Web Access Chapter 10 Using Content Filtering dua1611 5aaa04 book Page 137 Friday November 29 2002 8 56 PM...

Page 138: ...138 dua1611 5aaa04 book Page 138 Friday November 29 2002 8 56 PM...

Page 139: ...the access of the users of your network through the Webcache to the Internet It covers the following topics Access Logging Filter Logging Storing the Log Files Viewing the Access Log Analyzing the Acc...

Page 140: ...imply un check the Enable Web Access Logging box from the Setup Access Log screen and click OK The Squid format is the most widely supported by log analysis tools If you are using WebTrends Firewall S...

Page 141: ...ath within the FTP server to which you want to save the log files The directory can only contain alphanumeric and or _ characters and can only be up to 32 characters in length If you are using a Windo...

Page 142: ...ache is deployed in Proxy mode multiple entries for the pages in the Web interface itself will be made in the Access Log This is standard behavior for the Webcache as it is seeing the requests for the...

Page 143: ...etscape Web and Proxy Servers beginning with version 2 0 Viewing the Filter Log The View Filter Log command displays the last 256 entries registered by the Filter Log To view the Filter Log 1 Log in t...

Page 144: ...144 CHAPTER 9 MONITORING WEB ACCESS dua1611 5aaa04 book Page 144 Friday November 29 2002 8 56 PM...

Page 145: ...following topics Introducing Content Filtering 3Com Web Site Filter Websense Enterprise Filtering Manual Content Filtering Default Rule Filter Logging Web Client Blocking Filter Exclusions Setting Up...

Page 146: ...ring and Manual Content Filtering 3Com Web Site Filtering is a subscription based service that downloads a list of millions of categorized Web sites to your Webcache from a 3Com server on the Internet...

Page 147: ...r list containing millions of Web sites each assigned to appropriate categories that might be deemed unsuitable for business use The latest Web Site Filter can be downloaded on a user scheduled regula...

Page 148: ...en it will be denied To stop the site from being denied remove it from the Deny List 4 Keyword Blocking The Webcache checks all the entries in the Keyword Blocking list against the URL of the Web site...

Page 149: ...tivate the 30 day trial Web Site Filter will be displayed in the Web browser window Activating the Web Site Filter When you register the Webcache you may activate a 30 day free subscription to the 3Co...

Page 150: ...ce Device Summary table 5 Click Register After a short while a message confirming the activation of the 30 day trial Web Site Filter will be displayed in the Web browser window You may now download th...

Page 151: ...cept the terms of the 3Com Web Site Filter Licence Before the 3Com Web Site Filter can be enabled you must accept the terms of the license 8 Click Done after reading the licence to close window 9 Sele...

Page 152: ...l Estate and Travel For further information about these categories and their meaning see Appendix J More than one Category Set can exist at the same time and can be enforced at different times of the...

Page 153: ...ional categories during core work hours To set up the Policy Schedule using the Web interface 1 Log in to the Web interface 2 Click Content Filter on the Toolbar 3 Select Webcache Filtering 3Com Web S...

Page 154: ...e Web interface 2 Click Content Filter on the Toolbar 3 Select Webcache Filtering 3Com Web Site Filter Test a URL in the Navigation Tree 4 Enter the URL that you want to test 5 Click Test If the URL i...

Page 155: ...See Default Rule on page 159 for more information about the Default Rule 3 Websense Enterprise Server The Webcache asks the Websense Enterprise Server if the Web site should be filtered See below for...

Page 156: ...e applied to all web requests if the Websense Enterprise Server is unavailable Choose Deny All to deny access to all Web sites or Allow All to allow access to all Web sites 9 Click Next and then Finis...

Page 157: ...lusion The Webcache checks to see if the client is on the Filter Exclusion list For authorized clients further rules will be bypassed and the clients granted access to the Website See Filter Exclusion...

Page 158: ...lied to all web requests that are not covered by the Allow and Deny Lists see Setting Up Allow Lists and Deny Lists on page 169 or Keyword Blocking see Setting Up Keyword Blocking Lists on page 174 Ch...

Page 159: ...ered denied This will stop users accessing questionable material as all sites that have not been specifically allowed will be filtered This will prevent your users from accessing any Web sites at all...

Page 160: ...re logged in the Filter Log Setting Blocking and Logging Behavior You can set up the blocking and logging behavior of the Webcache using the same Setup Filtering Wizard that is used to set the filteri...

Page 161: ...ble Web Client Blocking you can create a list of the static IP addresses or IP address ranges of client machines that you are allowing or denying access to the Web through the Webcache If the client m...

Page 162: ...s 10 1 2 0 255 and user group B to use another subnet defined as 10 1 3 0 255 If you want to prevent everyone except group B from accessing the Web you would set the Web Client Blocking to Deny all ex...

Page 163: ...e Edit List screen Loading an existing list of IP addresses or IP address ranges from an external text file in the Load List From File screen A combination of the above methods Manually Entering an IP...

Page 164: ...by examining the Access Log see Monitoring Web Access on page 139 Loading Entries From a File Into the Web Client Blocking List To load a list of Web clients into the Web Client Blocking List 1 Log in...

Page 165: ...bsequent entries after the limit has been reached will not be loaded into the List You must also follow all of the rules listed in IP Address Rules on page 27 Saving the Web Client Blocking List You c...

Page 166: ...o must be exempt from content filtering If you configure the Webcache to use a Websense Enterprise server for content filtering then the Filter Exclusion List will be disabled Setting Up Filter Exclus...

Page 167: ...0 entries you must use the Load List From File feature that allows you to load and manage 900 entries If you load more that 900 entries all entries after the 900th will be discarded 5 If you want to r...

Page 168: ...on a separate line Each line in the file must not exceed 75 characters in length Blank lines are ignored There must be no spaces at the beginning of a line The list can contain a maximum of 900 entrie...

Page 169: ...ing modes To set up Allow Deny lists using the Web interface 1 Log in to the Web interface 2 Click Content Filter on the Toolbar 3 Select Webcache Filtering Allow Deny Lists Setup Allow Deny in the Na...

Page 170: ...st You cannot enter a URL into an Allow or Deny list you must enter a domain or IP address For example http mysite com goodurl html is incorrect The site should be entered as mysite com You can enter...

Page 171: ...ot enter a URL into an Allow or Deny list you must enter a domain or IP address For example http mysite com badurl html is incorrect The site should be entered as mysite com You can enter a maximum of...

Page 172: ...a complete list of entries in an external file that you want to use to overwrite the list on the Webcache You should choose to merge with the current list if you have a list of entries in an external...

Page 173: ...in to the Web interface 2 Click Content Filter on the Toolbar 3 Select Webcache Filtering Allow Deny Lists Save List To File in the Navigation Tree 4 Select the list that you want to save Choose Save...

Page 174: ...1 Log in to the Web interface 2 Click Content Filter on the Toolbar 3 Select Webcache Filtering Keyword Blocking Setup Keywords in the Navigation Tree 4 Select Enable Keyword Blocking to deny access...

Page 175: ...e loading or select Merge with Current Keyword Blocking List to merge the two lists together You should choose to replace the current list if you have a complete list of entries in an external file th...

Page 176: ...filename and location to store the saved list Saving a list may take a few seconds to complete depending on the number of entries being saved Clearing the Keyword Blocking List You can use the Clear...

Page 177: ...s 4 If you want to view your changes before saving them to check that your text or HTML is correct click Preview 5 Click OK to save the text or HTML code that you have entered There is a default optio...

Page 178: ...178 CHAPTER 10 USING CONTENT FILTERING dua1611 5aaa04 book Page 178 Friday November 29 2002 8 56 PM...

Page 179: ...V CONTROLLING CACHING Chapter 11 Controlling How Web Sites Are Cached Chapter 12 Preloading Content dua1611 5aaa04 book Page 179 Friday November 29 2002 8 56 PM...

Page 180: ...180 dua1611 5aaa04 book Page 180 Friday November 29 2002 8 56 PM...

Page 181: ...11 CONTROLLING HOW WEB SITES ARE CACHED This chapter contains information about Cache Control Clearing the Cache Cache Bypass dua1611 5aaa04 book Page 181 Friday November 29 2002 8 56 PM...

Page 182: ...Content Filtering as described in Chapter 10 and are also recorded in the Access Log Setting Up Cache Control To set up Cache Control using the Web interface 1 Log in to the Web interface 2 Click Cac...

Page 183: ...the list 7 Repeat step 4 to step 6 for each Web site that you want to prevent from being cached or pin in the cache If you want to remove an entry from the list click on an entry in the list and click...

Page 184: ...Control List with the list of Web sites in the file that you are loading or select Merge with the Current Cache Control List to merge the two lists together You should choose to replace the current l...

Page 185: ...ing the Cache Control List You can save the current Cache Control List to an external text file This allows you to modify and then load the file back onto the Webcache using the Load List From File co...

Page 186: ...ation linking domain names to IP addresses The next time the Webcache needs to query a Web server it will request the address of the web server from another DNS server Use this option if a Web site ha...

Page 187: ...correct at time of publication Cache Bypass allows you to prevent the Webcache from being involved in requests to those particular Web sites All requests to the Web sites that you include in the Cache...

Page 188: ...ng each type of list is the same Each list contains the IP addresses or IP address ranges of the client machines or Web sites that you want to bypass and both list types are created in the following w...

Page 189: ...he Toolbar 3 Select Cache Bypass Load List From File in the Navigation Tree 4 Select the specific Cache Bypass list that you want to load the file into by clicking Load Into Web Client Bypass List or...

Page 190: ...be loaded into the List You must also follow all of the rules listed in IP Address Rules on page 27 Saving the Cache Bypass Lists You can save the current Cache Bypass Lists to an external text file...

Page 191: ...t in the Navigation Tree 4 Select the specific Cache Bypass list that you want to clear by clicking Clear the Client Bypass List or Clear the Web Site Bypass List or both 5 Click OK to clear the list...

Page 192: ...192 CHAPTER 11 CONTROLLING HOW WEB SITES ARE CACHED dua1611 5aaa04 book Page 192 Friday November 29 2002 8 56 PM...

Page 193: ...he before they are requested by clients browsing the Web It is split into the following sections Introduction Setting up Content Preload Preloading a Site Checking the Status of Scheduled Tasks Using...

Page 194: ...n Cache Control then it will never be cached even if Content Preload gives it a Cache Lifetime Advantages and Disadvantages of Preloading Content Preloading content results in a faster response time f...

Page 195: ...ad feature can be configured so that it minimizes the impact on the amount of bandwidth used by your users The preload tasks can be scheduled to run individually at specific times This allows you to p...

Page 196: ...3Com Web Scheduler Browser Client box is checked Enabling the Web Scheduler Browser Client allows users who do not have the administration password to set up Preload Tasks using Internet Explorer If y...

Page 197: ...ng None will preload only the Starting URL and the images contained on the page Selecting 1 will preload not only the Starting URL and its images but each page linked from it You may recurse up to fiv...

Page 198: ...e Webcache will ignore the new schedule and complete the current schedule The preload task will then attempt to run again at the next scheduled start time Temporarily Disabling a Scheduled Task To dis...

Page 199: ...5 Click Remove To delete all the tasks click Remove All and confirm the action at the popup There is no need to highlight a task first 6 Click OK to return to the Web interface Checking the Status of...

Page 200: ...oad task 1 Log in to the Web interface 2 Click Caching on the toolbar 3 Select Content Preload Preload Tasks Preload Status to see the Preload Task Status window 4 Highlight a task and click View Deta...

Page 201: ...ler Browser Client The 3Com Web Scheduler Browser Client is a browser plug in that allows designated users to create view amend preload tasks without accessing the Web interface of the Webcache When u...

Page 202: ...CD in the drive of the client machine allow it to autostart and select Install 3Com Web Scheduler Browser Client from the menu If your CD does not autostart the Web Scheduler Browser Client can be in...

Page 203: ...he 3Com Web Scheduler Options window will pop up 4 In the Connection tab of the window enter the IP address of the Webcache and the Preload Account Password as set up in Configuring the Webcache for t...

Page 204: ...204 CHAPTER 12 PRELOADING CONTENT dua1611 5aaa04 book Page 204 Friday November 29 2002 8 56 PM...

Page 205: ...VI MONITORING THE WEBCACHE Chapter 13 Monitoring System Events Chapter 14 Performance Monitoring Chapter 15 System Diagnostics dua1611 5aaa04 book Page 205 Friday November 29 2002 8 56 PM...

Page 206: ...206 dua1611 5aaa04 book Page 206 Friday November 29 2002 8 56 PM...

Page 207: ...ntains information about the system events that can occur on the Webcache 1000 3000 It covers the following topics System Events Email Notification SNMP Traps Automatic System Events dua1611 5aaa04 bo...

Page 208: ...ble Email Notification to ensure that you have the most detailed information about the operation of the Webcache Configuring Email Notification To configure Email Notification using the Web interface...

Page 209: ...Domain Name field you can enter the Unix realm or Windows domain that the SMTP user belongs to or leave the field blank For further information about how SMTP Authentication operates on the Webcache s...

Page 210: ...hentication You can enable SMTP Authentication for Email Notification or Email Graphs by checking Enable SMTP Authentication and specifying an SMTP Username and SMTP Password The SMTP server will atte...

Page 211: ...n the Webcache s System Log for further information see System Log on page 230 Specifying Realms and Domains If you enable SMTP Authentication you can optionally enter the Windows domain or Unix realm...

Page 212: ...the Web interface 2 Click Device on the Toolbar 3 Select System Management Events SNMP Traps in the Navigation Tree The SNMP Trap Destination Setup screen is displayed 4 Enter the IP address of the ne...

Page 213: ...ebcache To change the Public and Private community strings using the Web interface 1 Log in to the Web interface 2 Click Device on the Toolbar 3 Select System Management Community in the Navigation Tr...

Page 214: ...system error This is a critical failure Contact 3Com Technical Support The Webcache has failed and is not attempting to reboot itself Fan Speed Warning Fan speed warning The PSU Chassis fan is out of...

Page 215: ...wer from the Webcache immediately Temperature OK N A The motherboard temperature in the Webcache has returned to normal The temperature of the specified component motherboard has returned to normal Yo...

Page 216: ...een authenticated successfully Content Preload Warning The content preload for job name has not completed before its next scheduled start time The content preload for job name has not completed before...

Page 217: ...her 30 days The content filtering license for the Webcache has expired The Webcache will continue to filter using the last downloaded list for a further 30 days The licence is about to expire Renew wi...

Page 218: ...218 CHAPTER 13 MONITORING SYSTEM EVENTS dua1611 5aaa04 book Page 218 Friday November 29 2002 8 56 PM...

Page 219: ...f the Webcache 1000 3000 It covers the following topics Performance Monitoring Viewing Performance Graphs Viewing Caching Performance Graphs Viewing System Performance Graphs Viewing I O Performance G...

Page 220: ...fits of the Webcache to other people within your organization Viewing Performance Graphs The Performance graphs show detailed information about different aspects of the Webcache They are divided into...

Page 221: ...ull hits However some Web sites do not allow full caching so even though the number of revalidated hits is high it does not necessarily mean that there is a problem A high hit rate indicates a more ef...

Page 222: ...uire several seconds or more suggest that there may be a problem with the Webcache disk If you suspect this check the Disk Status LEDs on the Webcache Throughput The amount of traffic in kilobits per...

Page 223: ...in one operation so this will not reflect the number of items written to and read from the cache file Disk Blocks The number of blocks of data read from and written to the caching disk s per second Ne...

Page 224: ...m as swap space Cache Storage Usage The percentage of the caching disk s currently in use Space is cleared on the caching disk s only when it is needed The Webcache does not contain any cached article...

Page 225: ...essfully configure Email Performance Graphs if you do not enter a valid email address A valid email address is a fully specified address containing a domain name for example webcache 3com com The part...

Page 226: ...see SMTP Authentication on page 210 You can send a test email to the SMTP server immediately by clicking Send Now You may want to do this to test that the Email Graphs settings are correct The Webcac...

Page 227: ...about troubleshooting the configuration and network connectivity of the Webcache 1000 3000 It covers the following topics System Diagnostics Pinging Other Devices Tracing IP Addresses System Log dua16...

Page 228: ...server is contactable and working correctly The problem is therefore a connectivity issue between the Webcache and the origin web server Performing a Ping To ping a device using the Web interface 1 Lo...

Page 229: ...e IP address or Domain Name Server name of the device that you want to trace Click TraceRoute 5 The Webcache sends a trace route request to the specified device and a message similar to the following...

Page 230: ...een is displayed 4 You can choose to save the contents of the System Log onto a single management station in your network that has syslog analysis tools This is of particular benefit if you are workin...

Page 231: ...g a Syslog Server The CD ROM contains a freeware application called 3CDaemon that allows you to configure a Syslog and TFTP server on a Microsoft Windows server You can use the 3CDaemon syslog server...

Page 232: ...he Navigation Tree The System Log screen is displayed The last 256 lines of the System Log are displayed with the most recent information shown at the bottom of the log Click Refresh to update the inf...

Page 233: ...VII MANAGING THE WEBCACHE SOFTWARE Chapter 16 Configuration Management Chapter 17 Software Upgrades dua1611 5aaa04 book Page 233 Friday November 29 2002 8 56 PM...

Page 234: ...234 dua1611 5aaa04 book Page 234 Friday November 29 2002 8 56 PM...

Page 235: ...on about saving and restoring the configuration settings of the Webcache 1000 3000 It covers the following topics Saving and Restoring Configurations Saving a Configuration Restoring a Configuration d...

Page 236: ...the configuration was saved The Restore Configuration operation restores the system configuration from the file to the Webcache It checks that the system configuration being restored was created on t...

Page 237: ...ou can use a matching configuration file to restore the settings Saving a Configuration To save the current system configuration of the Webcache using the Web interface 1 Log in to the Web interface 2...

Page 238: ...Configuration screen is displayed 4 In the Configuration Filename field enter the network path and filename of the saved system configuration file that you want to restore You can click Browse to sear...

Page 239: ...pgrading and installing the management software of the Webcache 1000 3000 It covers the following topics Software Upgrades Software Downgrades Detecting a Software Upgrade Performing a Software Upgrad...

Page 240: ...orm a software upgrade by downloading and locating the software upgrade file yourself The configuration of the Webcache is preserved after a software upgrade has been performed you do not have to re c...

Page 241: ...ebcache A software downgrade should only be performed as an emergency recovery procedure During a software downgrade all settings apart from IP and DNS information will be lost and you will have to re...

Page 242: ...atic Software Upgrade Detection The Webcache notifies you of the availability of new software versions via an SNMP trap and email notification for further information see Automatic System Events on pa...

Page 243: ...e documentation supplied with the package for instructions 3Com Network Supervisor cannot be used to perform software downgrades It can only upgrade the software on the Webcache Performing an Automati...

Page 244: ...is to upgrade the Webcache to the new software version now Upgrade Later Select this to upgrade the Webcache to the new software version at a later time You will be reminded about the upgrade when you...

Page 245: ...If you do not accept the terms of the License select Decline The software upgrade will be ended 11 The Finish screen is displayed again Click Next to start the software upgrade 12 The software upgrade...

Page 246: ...mage file and the new software image file that you are upgrading to Ensure that the software image is the one that you want to upgrade to Click Next 7 The Software License Terms screen is displayed Yo...

Page 247: ...boot to exit the Upgrade Software wizard and reboot the Webcache This will complete the software upgrade The Device View is displayed in the Web interface If you have downgraded the software the Getti...

Page 248: ...248 CHAPTER 17 SOFTWARE UPGRADES dua1611 5aaa04 book Page 248 Friday November 29 2002 8 56 PM...

Page 249: ...VIII COMMAND LINE INTERFACE Chapter 18 Command Line Interface dua1611 5aaa04 book Page 249 Friday November 29 2002 8 56 PM...

Page 250: ...250 dua1611 5aaa04 book Page 250 Friday November 29 2002 8 56 PM...

Page 251: ...or over your network via Telnet This chapter describes how to access and use the Command Line Interface It covers the following topics A Quick Guide to the Commands Getting Started Displaying and Cha...

Page 252: ...s protocol ipConfig Specifies IP management configuration protocol ping Pings other devices on your network protocol summary Displays IP summary information protocol traceRoute Traces the network hops...

Page 253: ...me can be up to 80 characters long The following prompt is displayed Enter system location 4 Enter a physical location for the Webcache The location name can be up to 80 characters long The following...

Page 254: ...ayed Enter Third DNS Server 0 0 0 0 14 Enter a valid Domain Network System DNS Server IP address The following prompt and a list of timezones is displayed Enter the index of timezone 12 15 Enter the i...

Page 255: ...the Webcache The Webcache is rebooted at the end of the Getting Started command if you chose to set the system time for further information see Rebooting the Webcache on page 268 Enter no if you do n...

Page 256: ...e Command Line Interface at the Top level menu enter logout If a period of inactivity lasts longer than 30 minutes the Webcache will automatically log you out After the exit the first key that you pre...

Page 257: ...configure the WAN port The following prompt is displayed Set autonegotiation enable disable enable 4 Enter either enable if you want to enable autonegotiation on the port or disable if you want to dis...

Page 258: ...ommand on the Protocol menu to configure the IP and Domain Name System settings of the Webcache This command allows you to configure the IP address subnet mask default gateway IP address host name dom...

Page 259: ...address The following prompt is displayed Enter Second DNS Server 0 0 0 0 10 Enter a valid Domain Network System DNS Server IP address The following prompt is displayed Enter Third DNS Server 0 0 0 0...

Page 260: ...r IP address The following prompt is displayed Enter Second DNS Server 0 0 0 0 7 Enter a valid Domain Network System DNS Server IP address The following prompt is displayed Enter Third DNS Server 0 0...

Page 261: ...displayed Enter IP address 196 168 100 1 2 Enter a valid IP address The following prompt is displayed Enter Subnet mask 255 255 255 0 3 Enter a valid subnet mask The following prompt is displayed Ente...

Page 262: ...ING a device 1 At the Top level menu enter protocol ping The following prompt is displayed Enter destination IP address DNS Name 2 Enter the IP address or Domain Name Server name of the device that yo...

Page 263: ...s from the Webcache to a device on an IP network This feature is useful for testing that the Webcache is installed and set up correctly and that your network connections are working You can perform a...

Page 264: ...network environments block trace route traffic on the network The TraceRoute request may therefore fail even if the network device is operating normally Displaying and Changing Security Information Yo...

Page 265: ...resses an IP range or a combination of both For example if you enter 192 168 1 5 192 168 1 6 192 168 1 7 you will have allowed only these three addresses access to the Web interface of the web You cou...

Page 266: ...mation Re enter the password If you press Return without entering a password the password is set to no password 3 A message is displayed informing you that the password has been successfully changed E...

Page 267: ...initialize command on the Control menu To initialize the Webcache 1 At the Top level menu enter system control initialize The following prompt is displayed WARNING This command initializes the system...

Page 268: ...imulates a power off on cycle The Telnet session to the Webcache will be terminated The Webcache takes about approximately 60 90 seconds to reboot While the Webcache is being rebooted you cannot commu...

Page 269: ...contact name 2 Enter a system contact for the Webcache The name can be up to 80 characters long Specifying Location Details You can specify physical location details for the Webcache using the locati...

Page 270: ...own in the example below The following read only fields are displayed System Name Displays the descriptive name or system name for the Webcache For information about assigning a new name see Specifyin...

Page 271: ...set initialized or powered up Software Version Displays the version number of the management software currently installed on the Webcache Hardware Version Displays the version number of the Webcache h...

Page 272: ...272 CHAPTER 18 COMMAND LINE INTERFACE dua1611 5aaa04 book Page 272 Friday November 29 2002 8 56 PM...

Page 273: ...IX PROBLEM SOLVING Chapter 19 Problem Solving dua1611 5aaa04 book Page 273 Friday November 29 2002 8 56 PM...

Page 274: ...274 dua1611 5aaa04 book Page 274 Friday November 29 2002 8 56 PM...

Page 275: ...Webcache via the Console Line Accessing the Webcache via Telnet Solving Problems Indicated by LEDs Solving Web Interface Problems Solving Command Line Interface Problems Solving Webcache Performance P...

Page 276: ...e login sequence still does not display reset the Webcache For further information see Rebooting the Webcache on page 268 If this does not work initialize the Webcache For further information see Init...

Page 277: ...Microsoft Internet Explorer v5 0 Microsoft Internet Explorer v5 5 Microsoft Internet Explorer v6 0 Netscape Communicator v4 5 Problem Suggested Solution The Power Self test LED does not light Check th...

Page 278: ...move the use of the Webcache as a proxy Using a browser on a client machine whose IP address is not blocked by Web Client Blocking to access the Web Interface Using a browser on a client machine whose...

Page 279: ...tem is set to Small Fonts 96 dpi If it is set to Large Fonts the Web interface will not display correctly URL not found messages are displayed when the Contacts Home Page Library or Support icons in t...

Page 280: ...P requests A Software Upgrade Download Failed SNMP trap and e mail notification will be issued if configured to inform you of the failure for further information see Automatic System Events on page 21...

Page 281: ...configure browsers try setting the browser settings manually to avoid the overhead of PAC files If you are using the Web Proxy Auto Discovery WPAD protocol to configure the browsers on client machines...

Page 282: ...the Toolbar 3 Select Caching Cache Bypass Setup Cache Bypass in the Navigation Tree 4 Uncheck Enable Cache Bypass You can implement client machine bypass capability using the Cisco router to perform...

Page 283: ...Power Self Test LED on the front panel is Yellow or Off This possibly indicates a system error If so contact 3Com support personnel The Power Self Test LED on the front panel is flashing Yellow An in...

Page 284: ...ng information via a Web based application This process may take several minutes to complete depending on the amount of Call Logging information to be retrieved When there is a SuperStack 3 Webcache d...

Page 285: ...ns Appendix D Technical Support Appendix E Default Settings for the Webcache Appendix F Replacing and Installing Cache Storage Devices Appendix G Cisco WCCP Commands Appendix H Log Formats Appendix I...

Page 286: ...286 dua1611 5aaa04 book Page 286 Friday November 29 2002 8 56 PM...

Page 287: ...T Les avertissements pr sentent des consignes que vous devez respecter pour garantir votre s curit personnelle Vous devez respecter attentivement toutes les consignes Nous vous demandons de lire atten...

Page 288: ...e mains cord must be HAR or BASEC marked and be of type HO3VVF3gO 75 minimum Europe The supply plug must comply with CEE 7 7 SCHUKO The supply plug must comply with CE123 16 VII USA and Canada The cor...

Page 289: ...plies are of IT type this unit must be powered by 230V 2P T via an isolation transformer ratio 1 1 with the secondary connection point labelled Neutral connected directly to earth ground Imp dance la...

Page 290: ...respecter les normes europ ennes de s curit AVERTISSEMENT Cordon lectrique Il doit tre agr dans le pays d utilisation Royaume Uni La prise secteur doit tre conforme aux normes BS1363 tripolaire 13 amp...

Page 291: ...re et avec raccordement direct la terre masse AVERTISSEMENT Points d acc s RJ 45 Ceux ci sont prot g s par des prises de donn es Ils ne peuvent pas tre utilis s comme prises de t l phone conventionnel...

Page 292: ...ecker Dies muss von dem Land in dem es benutzt wird gepr ft werden VORSICHT Der Betrieb dieses Ger ts erfolgt unter den SELV Bedingungen Sicherheitskleinstspannung gem IEC 950 Diese Vereinigtes K nigr...

Page 293: ...einen geerdeten Trenner mit einem bersetzungsverh ltnis 1 1 mit 230 V 2P T betrieben werden dabei mu der zweite Anschlu punkt die Bezeichnung Neutral tragen Imp dance la terre VORSICHT RJ 45 Porte Die...

Page 294: ...294 APPENDIX A SAFETY INFORMATION dua1611 5aaa04 book Page 294 Friday November 29 2002 8 56 PM...

Page 295: ...One of five grades of Twisted Pair TP cabling defined by the EIA TIA 586 standard Category 5 can be used in Ethernet 10BASE T and Fast Ethernet networks 100BASE TX and can transmit data at speeds of...

Page 296: ...inal Cable connector 25 pin male female only required if screen always required required for handshake Screen DTR TxD RxD CTS Ground DSR RTS DCD Screen DCD RxD TxD DTR Ground DSR RTS CTS Shell 4 3 2 8...

Page 297: ...ta Bidirectional Data A 2 Transmit Data Bidirectional Data A 3 Receive Data Bidirectional Data B 4 Not assigned Bidirectional Data C 5 Not assigned Bidirectional Data C 6 Receive Data Bidirectional Da...

Page 298: ...298 APPENDIX B CABLE SPECIFICATIONS AND PIN OUTS dua1611 5aaa04 book Page 298 Friday November 29 2002 8 56 PM...

Page 299: ...1 2 2 2 30 and 2 32 Operational testing paras 2 1 2 2 2 30 and 2 13 Safety Agency Certifications UL 1950 EN60950 CSA 22 2 No 950 IEC 60950 NOM 019 SCFI AS NZS 60950 EMC Emissions ICES 003 Class A FCC...

Page 300: ...FC 1517 MIB II RFC 1213 Interface MIB RFC 1573 Remote Monitoring MIB RFC 1757 Terminal Emulation Telnet RFC 854 Protocols Used for Administration UDP RFC 768 IP RFC 791 ICMP RFC 792 TCP RFC 793 ARP RF...

Page 301: ...publication For the most recent information 3Com recommends that you access the 3Com Corporation World Wide Web site Online Technical Services 3Com offers worldwide product support 24 hours a day 7 d...

Page 302: ...3com com Username anonymous Password your Internet e mail address You do not need a user name and password with Web browser software such as Netscape Navigator and Microsoft Internet Explorer Support...

Page 303: ...gion use the appropriate URL or e mail address from the list below Asia Pacific Rim From this region e mail apr_technical_support 3com com Europe Middle East and Africa From this region enter the URL...

Page 304: ...3 0825 809 622 01805 404 747 06800 14466 1800 509359 1800 943 2632 199 161346 Luxembourg Netherlands Norway Poland Portugal South Africa Spain Sweden Switzerland U K 800 29880 0900 777 7737 815 33 047...

Page 305: ...er http www 3com com support en_US repair or calling or faxing one of the numbers listed in Table 13 below 3 When you receive a replacement Webcache register the product at http www 3com com register...

Page 306: ...0 241 3901 Latin America Antigua Argentina Aruba Bahamas Barbados Belize Bermuda Bonaire Brazil Cayman Chile Colombia Costa Rica Curacao Ecuador Dominican Republic 1 800 988 2112 0 810 444 3COM 1 800...

Page 307: ...o negotiation in full duplex Console Port 9600 Baud 8 data bits no parity 1 stop bit no flow control IP Address 192 168 1 253 non broadcast address Subnet Mask 255 255 255 0 Domain Name System DNS Ser...

Page 308: ...work Management Protocol SNMP Enabled but requires configuration Network Time Protocol NTP Disabled Web Browser Auto Configuration Disabled Upgrade Notification Enabled Upgrade Detection Download Enab...

Page 309: ...erver room Contact The name of the person who is responsible for the Webcache Can be up to 255 characters long none Joe Brown IP Address A unique IP address for the Webcache 192 168 1 253 192 168 1 25...

Page 310: ...m DNS servers in your network none 192 168 25 0 Timezone The timezone in which the Webcache will operate GMT 05 00 Eastern Time US GMT London Dublin Edinburgh continued NTP IP Addresses The IP address...

Page 311: ...Cisco routers using WCCP For further information see Web Cache Communication Protocol WCCP on page 41 Proxy Mode N A Caching Port Numbers Up to ten TCP port numbers on which the Webcache will listen f...

Page 312: ...312 APPENDIX E DEFAULT SETTINGS FOR THE WEBCACHE dua1611 5aaa04 book Page 312 Friday November 29 2002 8 56 PM...

Page 313: ...in the Webcache 3000 It covers the following topics Replacing a Failed Cache Storage Device Installing an Additional Cache Storage Device WARNING You can only replace and install Cache Storage Device...

Page 314: ...er Removing the Failed Cache Storage Device To remove a cache storage device from the Webcache 3000 1 Log in to the Web interface 2 Click Device on the Toolbar 3 Select System Storage Remove Disk in t...

Page 315: ...el of the Webcache as shown in Figure 37 Figure 37 Opening the Front Panel 8 Each cache storage device is mounted in a tray Unclip the arms at the front of the tray and pull the tray forwards out of t...

Page 316: ...ed in a tray Insert the tray into bay 1 or 2 in the Webcache and push it forwards firmly until it stops 4 Push in the arms on the front of the tray to click them into place 5 Close the front panel of...

Page 317: ...drive and insert it into the mounting tray in the third bay A list of approved hard drives can be found at http www 3com com sswebcache CAUTION You must purchase and install a hard drive that 3Com ha...

Page 318: ...rmation see Device Mimic on page 96 12 Select Cache Storage Disk 3 from the options in the Select the Cache Storage Device list Click Add 13 The Webcache automatically starts preparing the new cache s...

Page 319: ...also need to configure the Cisco routers using the Cisco Command Line Interface Configuring WCCP Version 1 0 Configuring WCCP Version 2 0 For further information about configuring the Webcache for WC...

Page 320: ...Engines 1 Number of routers 1 Total Packets Redirected 0 Redirect access list none Total Packets Denied Redirect 0 Total Packets Unassigned 0 Group access list none Total Messages Denied to Group 0 To...

Page 321: ...groups Configuring WCCP for a Service Group To enable or disable WCCP version 2 0 for a specific service group on a Cisco router enter the following settings in the Cisco Command Line Interface 1 Ent...

Page 322: ...en 224 8 and address 239 255 255 255 3 Enter the following command wccp service id group listen This is for the interface receiving the multicast packets Example Configurations Turning on HTTP process...

Page 323: ...n client machines servers or client server pairs The following example shows any request coming from 10 1 1 1 or going to 12 1 1 1 will bypass the cache while all other requests will be serviced norma...

Page 324: ...b connectivity Enabling Cisco Express Forwarding CEF Cisco s Express Forwarding CEF is an alternative routing technology available on the following Cisco routers correct at time of publishing Cisco 70...

Page 325: ...pe Common Format is the most basic of the Access Log formats supported by the Webcache The information that it provides is not very detailed and it can only be used by some log analysis packages Netsc...

Page 326: ...ng time The client request timestamp date and time of the client request in seconds since January 1 1970 elapsed The transfer time total transfer time in milliseconds client The client host IP the IP...

Page 327: ...Squid Meaning Table 17 Netscape Common Format logging fields Netscape Common Meaning host The client host IP the IP address of the client s host machine usr The client authenticated user name result o...

Page 328: ...response length bytes from server to proxy creql The client request transfer length request body length bytes from client to proxy sreql The proxy request transfer length request body length bytes fro...

Page 329: ...The client request header length request header length bytes from client to proxy prspl The proxy response header length response header length bytes from proxy to client preql The proxy request heade...

Page 330: ...d the log record This is represented as an IP address or a client machine name fw 192 168 1 253 fw Webcache 3000 1 pri The priority of the event Legal values are 0 emergency 1 alert 2 critical 3 error...

Page 331: ...d arg 3com com logo gif result For HTTP requests this is the standard result code such as 200 for success 304 for returned from cache etc result 200 result 304 result 404 ref For incoming web records...

Page 332: ...uctivity See Appendix J for a description of the categories policy Reserved for future use method The HTTP method used by the client e g GET POST host The Hostname field in the HTTP request In transpa...

Page 333: ...Example 2 router1 192 168 1 255 26 027ms H 27 156ms H 44 902ms H In this example H is displayed after every network hop for the system router1 indicating that the system is unreachable For further in...

Page 334: ...334 APPENDIX I TRACE ROUTE SYMBOLS dua1611 5aaa04 book Page 334 Friday November 29 2002 8 56 PM...

Page 335: ...animals or other inanimate objects used in a sexual manner Erotic stories and textual descriptions of sexual acts Sexually exploitative or sexually violent text or graphics Bondage fetishes and genit...

Page 336: ...sites discussing number running virtual casinos and offshore gambling ventures sports picks and betting pools Violence This includes Web Sites portraying describing or advocating physical assault aga...

Page 337: ...A cult sets itself outside of society News historical or press incidents that may include the above criteria except in graphic examples and are not blocked Productivity Categories The 3Com Web Site Fi...

Page 338: ...cludes Lingerie negligee or swimwear modeling Supermodel fan pages Fashion clothing and glamour magazines or catalogues Beauty and cosmetics Fitness models and sports celebrities Modeling information...

Page 339: ...or sales tips and parts catalogues Auto trading photos discussion of vehicles including motorcycles boats cars trucks and RVs Journals and magazines on vehicle modification repair or customization On...

Page 340: ...ce Web sites National international college professional scores and schedules Virtual sports leagues and teams Sports related online magazines or newsletters Travel This includes Airlines and online f...

Page 341: ...so supports auto negotiation the link can automatically configure itself to the optimum setup bandwidth The information capacity measured in bits per second that a channel can transmit The bandwidth o...

Page 342: ...by an earlier rule The default rule can be Allow All or Deny All DNS Domain Name System This system maps a numerical Internet Protocol IP address to a more meaningful and easy to remember name When yo...

Page 343: ...ing protocol between a host server and a gateway to the Internet IETF Internet Engineering Task Force An organization responsible for providing engineering solutions for TCP IP networks In the network...

Page 344: ...nitor the Webcache s performance Netscape log format A standard Access Log format Using the Netscape log format you can analyze Webcache Access Log files with off the shelf log analysis tools NTP Netw...

Page 345: ...ol The current IETF standard protocol for managing devices on an TCP IP network Squid log format A standard Access Log format Using the Squid log format you can analyze Webcache Access Log files with...

Page 346: ...hat communicate as if they are on the same physical LAN WAN Wide Area Network A communications network that covers a wide area A WAN can cover a large geographic area and may contain several LANs with...

Page 347: ...Discovery This protocol enables the Web browser on client machines to automatically find and load proxy configuration information from a server without user intervention dua1611 5aaa04 book Page 347...

Page 348: ...348 GLOSSARY dua1611 5aaa04 book Page 348 Friday November 29 2002 8 56 PM...

Page 349: ...rent 36 Cache Bypass 186 creating lists 188 saving the lists 190 setting up 188 Cache Control 182 creating a list 182 setting up 182 cache storage device adding 316 additional 317 failure 314 installi...

Page 350: ...ebsense Enterprise 155 content lifetime preloading content 197 Content Preload 195 controlling Web access 139 conventions notice icons about this guide 18 text about this guide 18 Coordinated Universa...

Page 351: ...IP address 26 default 71 74 obtaining 27 rules 27 L LAN port 63 77 Hotspot 97 LEDs 64 LEDs color 69 front panel 61 activity 62 cache storage status 61 link status 61 power self test 62 LAN port 64 ope...

Page 352: ...e pin outs 296 performance graphs caching 220 abort and error rate 222 bandwidth saving 220 filtering block rate 223 hit and miss latencies 222 hit rate 221 request rate 221 throughput 222 I O 223 dis...

Page 353: ...mple Network Management Protocol SNMP 212 siting the Webcache 65 SMTP authentication 210 SMTP Client license 358 SNMP 212 community string 268 community strings 212 SNMP traps 212 software upgrades 24...

Page 354: ...AD 49 Web Cache Communication Protocol WCCP 41 Web Client Blocking 161 Web client blocking creating a list 163 saving the list 185 190 Web content current 32 expired 32 fresh 32 stale 32 Web interface...

Page 355: ...es of the Software and Documentation to the party or you must destroy any copies not transferred Except as set forth above you may not assign or transfer your rights under this Agreement Modification...

Page 356: ...E FILTER PRODUCT DO NOT CLICK ON THE I AGREE OR SIMILAR BUTTON AND IF YOU HAVE RECEIVED ACCESS TO THE PRODUCT ON PHYSICAL MEDIA RETURN THE ENTIRE PRODUCT UNUSED TO THE SUPPLIER WHERE YOU OBTAINED IT L...

Page 357: ...the Product will meet your requirements or work in combination with any hardware or software products provided by third parties that the operation of the Product will be uninterrupted or error free or...

Page 358: ...f software have been modified by 3Com The source code for the above is available from 3Com on request Copyright C 1989 1991 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307...

Page 359: ...is derived from the Program or any part thereof to be licensed as a whole at no charge to all third parties under the terms of this License c If the modified program normally reads commands interacti...

Page 360: ...cense would not permit royalty free redistribution of the Program by all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would...

Page 361: ...License as published by the Free Software Foundation either version 2 of the License or at your option any later version This program is distributed in the hope that it will be useful but WITHOUT ANY...

Page 362: ...receiver n Plug the equipment into a different outlet so that equipment and receiver are on different branch circuits If necessary the user should consult the dealer or an experienced radio television...

Reviews: