manualshive.com logo in svg

Allied Telesis AR 300 AT-AR300 AT-AR300, Release Manual

The Allied Telesis AR 300 AT-AR300 is a powerful network router designed for reliable and secure connectivity. For detailed setup and configuration instructions, you can easily download the free Release Manual from manualshive.com. Get the most out of your device with this comprehensive manual.

Share
Download
background image

S i m p ly   c o n n e c t i n g   t h e   wo r l d

Software Release 2.3.1

For Rapier Switches,
AR300 and AR700 Series Routers, and
AR800 Series Modular Switching Routers

Introduction ...................................................................................................... 2
Hardware Platforms  .......................................................................................... 2

Rapier i Series ............................................................................................. 2
Hot Swapping Network Service Modules  .................................................... 3

Software Features  ............................................................................................. 5
NSM Hot Swap Software Support  ..................................................................... 6
Domain Name Server Enhancements ................................................................. 7

DNS Caching .............................................................................................. 7
Server Selection .......................................................................................... 8
Automatic Nameserver Configuration ......................................................... 9

Telnet Server Port Number  ................................................................................ 9
Triggers for Ethernet Interfaces  ......................................................................... 9
ENCO Channels  .............................................................................................. 10
IP Security (IPsec) Source Interface and Enhancements ..................................... 11
OSPF on Demand ............................................................................................ 12
Paladin Firewall Enhancements ........................................................................ 14

Interface-based NAT  ................................................................................. 14
Rule-based NAT ........................................................................................ 14
Time Limited Rules  ................................................................................... 15
New Command Syntax .............................................................................  15
Web Redirection with Reverse NAT Rules  .................................................. 18
Further Examples ...................................................................................... 19
SHOW Output ..........................................................................................  21

Paladin Firewall HTTP Application Gateway (Proxy)  .......................................... 21

Firewall HTTP Proxies and Firewall Policies ................................................. 22
HTTP Filters  .............................................................................................. 22
Firewall Policy Debugging ......................................................................... 25

VRRP Port Monitoring  ..................................................................................... 26
Border Gateway Protocol 4 (BGP-4) ................................................................. 28

Internet Protocol (IP) ................................................................................. 29

IP and Interface Counters ................................................................................ 29
Telephony (PBX) Functionality .......................................................................... 33
Bandwidth Limiting ......................................................................................... 34
Errata: Telnet Server  ........................................................................................ 34

DISABLE TELNET SERVER  .......................................................................... 34
ENABLE TELNET SERVER  ........................................................................... 35
SHOW TELNET ..........................................................................................  35

Installation ...................................................................................................... 35

Summary of Contents for AR 300 AT-AR300 AT-AR300

Page 1: ...Security IPsec Source Interface and Enhancements 11 OSPF on Demand 12 Paladin Firewall Enhancements 14 Interface based NAT 14 Rule based NAT 14 Time Limited Rules 15 New Command Syntax 15 Web Redirect...

Page 2: ...has been made to ensure that the information contained within this document and the features and changes described are accurate Allied Telesyn International can not accept any type of liability for e...

Page 3: ...ards can be hot swapped into the same bay The software configurations of the interfaces on the hot swapped cards are preserved across the hot swap so that modules configured to interfaces on the cards...

Page 4: ...Follow these steps to hot swap an NSM or PICs in an NSM 4PIC into an empty NSM bay 1 Check that the NSM or PIC bay is empty 2 Check that the NSM bay is ready for hot swap Look at the Swap and In use...

Page 5: ...0 Series routers Commands to reset interface and IP MIB counters to zero and changes to the display of MIB counters IP and Interface Counters on page 29 An extended range of telephony functions on AR3...

Page 6: ...ommands relating to interfaces on hot inserted cards until the router or switch is restarted These interfaces must be configured manually The router or switch does not update the MAC address of any ho...

Page 7: ...es out entries after a specified period of up to 60 minutes When a domain or host is requested the cache is searched for a matching entry If a match is found a response is sent to the requesting PC or...

Page 8: ...s not specified the name servers will be used as the default name servers All DNS requests that do not match another specified domain will be sent to the default name servers This is equivalent to spe...

Page 9: ...eset Telnet Server Port Number The listen port for the Telnet server is now configurable so that it can be changed from the default value 23 The LISTENPORT parameter has been added to the SET TELNET c...

Page 10: ...ompression encryption authentication or Diffie Hellman key exchange A decoding channel is used for decompression decryption or authentication With Software Release 2 3 1 the number of channels availab...

Page 11: ...C POSTION pos RADDRESS ANY ipadd ipadd RMASK ipadd RNAME ANY system name RPORT ANY port OPAQUE SRCINTERFACE interface TRANSPORTPROTOCOL ANY EGP ESP GRE ICMP OPAQUE OSPF RSVP TCP UDP protocol UDPHEARTB...

Page 12: ...t multi access NBMA networks are declared as demand circuits i e more than one router has the network configured as a demand circuit routing update traffic is reduced but the periodic sending of Hello...

Page 13: ...ing OSPF on demand For more information see the Open Shortest Path First OSPF chapter of your switch or router s Software Reference The latest Software Reference can be downloaded from the support sit...

Page 14: ...e sites For examples of their use see Web Redirection with Reverse NAT Rules on page 18 and Further Examples on page 19 As in previous releases the Paladin Firewall requires a special feature licence...

Page 15: ...will be active from the creation of the rule and will be deleted after the time specified has expired All entries created from this rule will be destroyed once the rule expires Rules defined with a TT...

Page 16: ...y allows traffic that matches the rule Care should be taken when defining the rule so only the desired traffic will be permitted through the firewall The GBLIP parameter specifies a single IP address...

Page 17: ...The NATMASK parameter specifies an IP address mask that will be used to translate IP addresses from one subnet to another The MASK parameter must only be specified when the rule action is NAT and the...

Page 18: ...everse NAT Rules The implementation of reverse NAT allows the firewall to perform Web Redirection A NAT rule can be created which redirects HTTP traffic and sends it to one particular web server defin...

Page 19: ...t rule number until a match is found A low number will ensure that the allow rule will be applied if appropriate rather than any of the other rules ADD FIREWALL POLICY ISP RULE 5 INTERFACE vlan1 ACTIO...

Page 20: ...private subnet 10 1 2 0 use the command ADD FIREWALL POLICY zone1 RULE 11 ACTION NAT NATTYPE STANDARD INT eth1 PROTOCOL all GBLIP 210 25 4 0 IP 10 1 2 0 NATMASK 255 255 255 0 REMOTEIP 210 25 4 1 210...

Page 21: ...all HTTP Application Gateway Proxy A new Firewall HTTP proxy Application Gateway will filter outbound HTTP sessions based on the URLs requested and block the setting of all cookies or cookies requeste...

Page 22: ...cter _ filename is the name of a file on the router These commands add or delete the contents of a HTTP filter file from the HTTP filter of the specified firewall policy The HTTP filter file contains...

Page 23: ...han a similar entry with deny Finally keywords in the file have the least precedence They are only applied to sections of the URL not part of the closest fitting URL entry Figure 6 contains an example...

Page 24: ...g a in front of the keyword indicates that the string must appear at the end of the URL for the URL to be denied The following entry would match www anything com this is an example but not www example...

Page 25: ...passing through the HTTP proxy is enabled If PROXY is specified the display of general information about firewall proxies is enabled The DEBUG parameter is not retained over a reboot SHOW FIREWALL PO...

Page 26: ...ach time a VLAN port fails or is disabled Table 6 New parameters in the output of the SHOW FIREWALL POLICY COUNTER command Parameter Meaning HTTP Proxy Filter File Name of a text file containing a lis...

Page 27: ...the PORTMONITORING parameter is set to ON the STEPVALUE parameter may also be specified The default is OFF The STEPVALUE parameter specifies the value by which the priority of the VR should be decrem...

Page 28: ...DD BGP AGGREGATE ADD BGP CONFEDERATIONPEER ADD BGP IMPORT ADD BGP NETWORK ADD BGP PEER DELETE BGP AGGREGATE DELETE BGP CONFEDERATIONPEER DELETE BGP IMPORT DELETE BGP NETWORK DELETE BGP PEER DISABLE BG...

Page 29: ...The latest Software Reference can be downloaded from the support site at www alliedtelesyn co nz documentation documentation html IP and Interface Counters Software Release 2 3 1 allows you to reset a...

Page 30: ...If an option is not specified or ALL is specified all the IP counters are displayed The output displayed with the option ARP is shown in Figure 7 on page 30 and Table 8 on page 30 The output displayed...

Page 31: ...itiates a SLIP or PPP connection The interface will disappear when the user logs off when the router is restarted or when the IP module is reset with the RESET IP command An inactive interface is a pe...

Page 32: ...NMP community name inBadCommunityUses The total number of SNMP PDUs delivered to the SNMP agent that represented an SNMP operation not allowed by the SNMP community name in the PDU inASNParseErrs The...

Page 33: ...quest packets received by the router inGetResponses The number of SNMP Get Response packets received by the router inTraps The number of SNMP trap message packets received by the router outPkts The nu...

Page 34: ...value 64 127000 in kbps is rounded down to the nearest 64kbps if below 1000 otherwise it is rounded down to the nearest 1000 or 1 Mbps For Gigabit ports the input value 8 1016 in Mbps is rounded down...

Page 35: ...OFF YES NO other options SET USER login name LOGIN TRUE FALSE ON OFF YES NO other options SET USER LOGIN TRUE FALSE ON OFF YES NO other options TELNET Module Configuration Telnet Server Enabled Telne...

Page 36: ...sed both for PAP and CHAP authentication and to login and access the command line Usernames with LOGIN set to FALSE can only be used for PAP and CHAP authentication After upgrading from 2 0 x or 2 1 x...

Reviews:

No comments

Related manuals for AR 300 AT-AR300 AT-AR300

NEC Univerge SV8100 System Configuration Manual preview
Univerge SV8100
Brand: NEC Pages: 44
Sagem 2604 Quick Installation Manual preview
2604
Brand: Sagem Pages: 19
Makita RF1101 Parts Breakdown preview
RF1101
Brand: Makita Pages: 2
3Com TokenLink Velocity 3C319 Release Note preview
TokenLink Velocity 3C319
Brand: 3Com Pages: 2
H3C H3C S7500E-X Command Reference Manual preview
H3C S7500E-X
Brand: H3C Pages: 16
H3C SR6600 SPE-FWM Configuration Manual preview
SR6600 SPE-FWM
Brand: H3C Pages: 24
NavigateWorx NR300 User Manual preview
NR300
Brand: NavigateWorx Pages: 71
IEI Technology PUZZLE-IN003B User Manual preview
PUZZLE-IN003B
Brand: IEI Technology Pages: 86
Dahua Technology Lite N42B1P Series Quick Start Manual preview
Lite N42B1P Series
Brand: Dahua Technology Pages: 14
VCS VideoJet 100 Manual preview
VideoJet 100
Brand: VCS Pages: 118
C&H Active Module Carrier VX402C-64 User Manual preview
Active Module Carrier VX402C-64
Brand: C&H Pages: 32
Keithley 7011-C Instruction Manual preview
7011-C
Brand: Keithley Pages: 98
Dust Networks SmartMesh IA-510 D2511 Manager'S Manual preview
SmartMesh IA-510 D2511
Brand: Dust Networks Pages: 30
Draytek Vigor 2700G Specifications preview
Vigor 2700G
Brand: Draytek Pages: 2
Genie IP8ESP User Manual preview
IP8ESP
Brand: Genie Pages: 6
IBM 8677 - BladeCenter Rack-mountable - Power Supply Planning And Installation Manual preview
8677 - BladeCenter Rack-mountable - Power Supply
Brand: IBM Pages: 126
Qlogic Storage Networking (Unified Fabric Pilot) Installation Manual preview
Storage Networking (Unified Fabric Pilot)
Brand: Qlogic Pages: 76
Buffalo AirStation WZR-1166DHP Quick Setup Manual preview
AirStation WZR-1166DHP
Brand: Buffalo Pages: 2

Brands by name

Popular brands

Load more brands