manualshive.com logo in svg

Carrier Access Adit 3200, Reference Manual

The Carrier Access Adit 3200 provides seamless connectivity with its cutting-edge features. Amp up productivity with the help of our user-friendly and comprehensive manual. Visit our manualshive.com to download the free Quick Start Manual and begin unlocking the full potential of your Adit 3200 today!

Share
Download
background image

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI

4-37

 

Security

Firewall Implementation

Firewall Implementation

The Adit provides very powerful NAT and firewall capabilities. This section provides some of the 
underlying implementation details so that users who are familiar with the low-level action of firewalls 
will know what behaviors to expect from the Adit.   Users who do not need this level of detail can skip 
this section.

Network Connection Configuration

The Network Connection setup screens contain three configuration items for each IP interface that 
influence the NAT and firewall behavior of the Adit. These include the 

Network Type

Routing Mode

and 

Internet Connection Firewall

 settings, described below.

Network Type

Normally the user does not need to change the network type from the default setting applied when 
the network connection is created. The effects of each setting are as follows:

LAN

A network connection designated as type LAN is used for private LAN hosts. This is usually 
the local network containing hosts that are directly managed by the local administrator. From 
the firewall perspective, hosts on the LAN connections are considered inherently trusted, unless 
designated otherwise by the administrator. When NAPT routing mode is enabled on other 
WAN network connections, hosts that are in the directly connected subnets of any LAN 
network connection will have NAPT applied against sessions that are initiated from the LAN 
network toward the WAN network.

WAN

A network connection designated as type WAN is used for the interface that provides a path to 
the Internet. From the firewall perspective, hosts on the WAN interfaces are considered 
inherently untrusted, unless designated otherwise by the administrator. WAN interfaces are 
typically secured by enabling the Internet Connection Firewall and often using NAPT routing 
mode if connected to the Internet.

DMZ

A network connection designated as type DMZ is used for an interface that contains servers that 
provide public access. Packets between a DMZ network interface and a WAN network interface 
are passed by default, unless explicitly blocked by user configured rules (see the processing 
sequence tables in 

Firewall Processing Sequence on page  4-39

). This designation, with its 

inherent insecurity, should not typically be needed by most users. There are other ways to 
expose servers to the public hosts that are more secure and better suited to mixing both servers 
and private hosts on the same interface.

Summary of Contents for Adit 3200

Page 1: ...Adit 3000 Series and Multi Service Router MSR Card GUI REFERENCE MANUAL Part Number 770 0169 BB Product Release Adit 3000 Series 1 6 MSR Card 2 0 April 2008 ...

Page 2: ...ise any part of this manual or software supplied with the Adit 3000 series or MSR products for any purpose other than the purchaser s personal use without the express written permission of Turin Networks Inc The Turin Networks logo and Adit are registered trademarks of Turin Networks Inc All other brand or product names are trademarks or registration trademarks of their respective companies or org...

Page 3: ...e a remote risk of electric shock from lightning Do not use the telephone to report a gas leak in the vicinity of the leak Use only the power cord and batteries indicated in this manual Do not dispose of batteries in a fire They may explode Check with local codes for possible special disposal instructions Refer to the installation section of this manual for a safe and proper installation procedure...

Page 4: ...R WILL CAUSE DEATH OR SEVERE PERSONAL INJURY IF THE HAZARD IS NOT AVOIDED CAUTION A CAUTION NOTICE INDICATES THE POSSIBILITY OF INTERRUPTING NETWORK SERVICE IF THE HAZARD IS NOT AVOIDED WARNING A WARNING NOTICE INDICATES THE POSSIBILITY OF EQUIPMENT DAMAGE IF THE HAZARD IS NOT AVOIDED NOTE A Note indicates information to help you understand how to perform a procedure or how the system works Notes ...

Page 5: ...s for Managing Lists 1 5 Home 1 6 Network Map 1 7 Quick Setup 1 10 Internet Connection 1 11 Network Connections 1 20 Main Window 1 20 Security 1 22 Voice over IP 1 23 Advanced 1 25 System Monitoring 1 26 Logout 1 28 2 Advanced Overview 2 2 ARP 2 3 Certificates 2 4 Digital Certificates 2 4 X 509 Certificate Format 2 5 Obtaining and Loading an X 509 Certificate 2 6 Registering the CA s Certificate 2...

Page 6: ...2 33 Network Objects 2 34 PPTP Point to Point Tunneling Protocol 2 36 RADIUS Client 2 37 Configuring RADIUS 2 37 Remote Administration 2 38 Restart 2 39 Restore Defaults 2 40 Routing 2 41 Static Routing 2 41 RIP 2 46 OSPF 2 47 Scheduler Rules 2 52 Simple Network Management Protocol 2 55 Configuring the Adit s SNMP Agent 2 55 System Settings 2 57 Defining an Outgoing Mail Server 2 60 Technical Info...

Page 7: ...tocol L2TP 3 37 Internet Protocol Security IPSec 3 38 OSPF Configuration on the Network Connection 3 40 4 Security Overview 4 2 General 4 4 Security Levels 4 5 Access Control 4 6 Adding an Access Control Rule 4 7 Modifying an Access Control Rule 4 9 Creating a User Defined Rule 4 10 Local Servers 4 13 Adding a Local Server 4 14 Modifying a Local Server 4 16 DMZ Host 4 17 Designating a Local Comput...

Page 8: ...tem Log 5 6 T1 Log Adit 3000 Only 5 7 SIP Log 5 8 PRI Log 5 9 T1 Performance Adit 3000 Only 5 10 Alarms 5 11 System 5 12 6 Voice Over IP Overview 6 2 IP Telephony 6 3 Configuring the Digit Map 6 6 Advanced Button 6 9 Redundancy Button 6 12 Phone Settings 6 14 Phone Book 6 19 Line Monitoring 6 22 Trunk Settings 6 25 Channel Configuration 6 30 Trunk Monitoring 6 32 Trunk Registration 6 35 Adding a P...

Page 9: ...in this manual The web based GUI provides a user friendly interface for setup of the unit This interface provides a Quick Setup option for the unit as well as specific features for advanced setup NOTE Throughout this manual examples primarily reflect the Adit 3000 series Where differences exist for the MSR card these differences are noted In this Chapter Overview of Supported Products Accessing th...

Page 10: ... to replace hardware The Adit 3200 s advanced VoIP aware routing engine provides wire speed throughput even when all security features have been enabled Adit 3500 Trunk Gateway The Adit 3500 integrates the features of a trunk gateway high performance router and stateful firewall with flexible WAN options It replaces multiple elements at the customer premises that typically provide routing security...

Page 11: ...owser on your PC from the same LAN as the Adit 3000 or MSR 2 Enter the Adit 3000 or MSR card s IP address or name in the address bar The default IP address is http 192 168 1 1 The Login screen appears 3 Log in to the unit by entering the user name and password The default user name is admin The default password is admin 123 NOTE For security purposes the user name and password should be changed fr...

Page 12: ... windows for a topic selected from the Navigation Pane or items that have been selected through a shortcut button Other helpful features Address Bar along the top Displays the current path to the information displayed in the window below Network Map Button Provides a shortcut to the Network Map See Network Map on page 1 7 Network Button Displays the Network List Question Mark Button Provides a sho...

Page 13: ...work connections Security Allows you to configure the Firewall and regulate communication between the Internet and the network Voice Over IP Allows you to configure VoIP features Note This feature is not supported on the Adit 3200 Advanced Allows you to control network parameters DHCP server DNS and perform administrative functions including changing passwords and upgrading the system System Monit...

Page 14: ...e Home window displays the Network Map which shows the various elements in the network Note This window is modified as the configuration changes Local network computers Firewall Adit 3000 or MSR External network interface Internet connection Internal network interface Ethernet etc ...

Page 15: ... WAN connection Opens the Quick Setup window Firewall Opens the Security setup window Note that the height of the wall corresponds to the security level currently selected Ethernet Local Area Network LAN connection Opens the LAN Ethernet Properties window A computer host connected in the network Opens the Host Information window see the following section Note This icon appears only when the host i...

Page 16: ...on Host Displays the Host Name IP Address Displays the Host IP Address Subnet Mask Displays the Subnet Mask of the Host IP Address Network Connection Displays the type of Network Connection Lease Type Displays the type of lease Local Servers Displays the Local Server Ping Test This button will test the connectivity through a Ping test See the following section on Test Connectivity Windows Shared F...

Page 17: ...ctivity The Test Connectivity button brings up the Diagnostics window This window will automatically ping the Host IP Address and display the results NOTE This window can also be accessed through Advanced Diagnostics See Diagnostics on page 2 16 for detailed information on this window ...

Page 18: ...nnecting to the Internet Technical information regarding the properties of your Internet connection should be provided by your Internet Service Provider ISP For example your ISP should inform you whether you connect to the Internet using a static or dynamic IP address and what protocols such as PPTP you use to communicate over the Internet The Quick Setup window appears upon initial login or it ca...

Page 19: ... connection types the window displays a different set of field options See the following sections for information on each of these connection types and the associated options Manual IP Address Ethernet Connection Automatic IP Address Ethernet Connection Point to Point Protocol over DS0 Serial Multilink Point to Point Protocol over DS0 Multilink Point to Point Tunneling Protocol PPTP No Internet Co...

Page 20: ...t Connection with a specific IP Address Field Definition IP Address Enter the IP Address for the Ethernet connection of this device Subnet Mask Enter the Subnet Mask for the IP Address above Default Gateway Enter the Default Gateway address for this device Primary DNS Server Enter the Primary DNS Service address Secondary DNS Server Enter the Secondary DNS Service address ...

Page 21: ... 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 1 13 Web Based Management Quick Setup Automatic IP Address Ethernet Connection With this selection the device uses DHCP to find and set an address for this connection ...

Page 22: ...nnects from Adit 600 resources T1 lines or WAN capable cards must be made before setting up the WAN link All DS0s cross connected to the WAN link must be of type Data Use the connect msr command to cross connect resources to the MSR card See the Adit 600 User Manual for more information Field Definition Login User Name Enter the user name for this unit Login Password Enter the password for this un...

Page 23: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 1 15 Web Based Management Quick Setup ...

Page 24: ...ss connects from Adit 600 resources T1 lines or WAN capable cards must be made before setting up the WAN link All DS0s cross connected to the WAN link must be of type Data Use the connect msr command to cross connect resources to the MSR card See the Adit 600 User Manual for more information Field Definition Login User Name Enter the user name for this unit Login Password Enter the password for th...

Page 25: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 1 17 Web Based Management Quick Setup ...

Page 26: ...y an open network the Point to Point Tunneling Protocol PPTP is used to ensure that messages transmitted from one VPN node to another are secure With PPTP users can dial in to their corporate network via the Internet Field Definition Login User Name Enter the User name for this unit Login Password Enter the password for this unit IP Address Enter the IP Address for the Ethernet connection of this ...

Page 27: ...the Internet connection on the device Administrator The following section appears on all Quick Setup windows located at the bottom of the window Field Definition Adit 3000 s or Adit MSR s Hostname Display set the current the Host Name for this device E Mail Enter an E Mail address to be used for monitoring and alert purposes ...

Page 28: ...The Network Connection window allows the user to create and configure network connections For the Adit 3000 the basic connections for this system are preconfigured Additional connections can be set up with the New Connection option For detailed information on Network Connections see Chapter 3 Network Connections Adit 3500 ...

Page 29: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 1 21 Web Based Management Network Connections Adit MSR ...

Page 30: ...gement Security Security The Adit 3000 and MSR include comprehensive and robust security services Stateful Packet Inspection Firewall User authentication protocols Password protection mechanisms For detailed information on security features see Chapter 4 Security ...

Page 31: ...efits and quality of digital voice The Adit 3104 3500 and MSR enable you to place and receive calls over the Internet using a standard telephone set connected to the Adit For detailed information on VoIP features see Chapter 6 Voice Over IP NOTE This feature is not supported by the Adit 3200 WARNING ANY CHANGES TO THE VOIP SETTINGS WILL RESTART THE VOIP TASK AND WILL CAUSE ANY ACTIVE CALLS TO BE D...

Page 32: ...1 24 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Web Based Management Voice over IP ...

Page 33: ...s section of the Management Console is intended primarily for more advanced users Some changes to settings within this section could adversely affect the operation of the Adit and the network and should be made with caution For detailed information on Advanced features see Chapter 2 Advanced ...

Page 34: ...ment System Monitoring System Monitoring The System Monitoring window displays important system information that can be used to monitor and troubleshoot the system Connection status alarms system information and logs are all accessible through this window Adit 3500 ...

Page 35: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 1 27 Web Based Management System Monitoring Adit MSR ...

Page 36: ...1 28 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Web Based Management Logout Logout The Logout feature logs the user out of the system and returns to the Login window ...

Page 37: ...ess Distribution DHCP IPSec IP Security NAT FW Connections Network Objects PPTP Point to Point Tunneling Protocol RADIUS Client Remote Administration Restart Restore Defaults Routing Scheduler Rules Simple Network Management Protocol System Settings Technical Information Upgrade From a Local Computer Users VLAN Configuration ...

Page 38: ...anced Overview Overview This section of the Management Console is intended primarily for more advanced users Some changes to settings within this section could adversely affect the operation of the system and the network and should be made with caution ...

Page 39: ...solution Protocol window displays the current ARP table There are display options eth 1 When checked displays the LAN Ethernet ARP eth 2 When checked displays the WAN Ethernet ARP Clear Clears those entries related with the interface s from the display Refresh Refreshes the ARP table ...

Page 40: ...is intercepted by the owner of the counterfeit key can fall in the wrong hands Digital certificates provide a means for establishing whether a public key truly belongs to the supposed owner It is a digital form of credentials It has information on it that identifies you and an authorized statement to the effect that someone else has confirmed your identity Digital certificates are used to foil att...

Page 41: ... and any associated key parameters Serial number of the certificate the entity that created the certificate is responsible for assigning it a unique serial number to distinguish it from other certificates it issues Certificate holder s unique identifier this name is intended to be unique across the Internet and consists of multiple subsections Certificate s validity period the certificate s start ...

Page 42: ...sign the information and send the whole package the certificate request to the CA The CA then performs some due diligence in verifying that the information you provided is correct and if so generates the certificate and returns it You might think of an X509 certificate as looking like a standard paper certificate with a public key taped to it It has your name and some information about you on it p...

Page 43: ...ertificates 2 On the Adit 3000 or Adit MSR s Local tab select the Create Certificate Request button 3 Fill in your current information and select the Generate button Note It may take a minute or so to get the certificate and you may need to refresh the window ...

Page 44: ...2 8 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced Certificates 4 Copy and store the exact contents of the certificate to a file and send it to a CA for signing ...

Page 45: ...nd MSR Card Rel 2 0 GUI 2 9 Advanced Certificates 5 Select the Close button The Certificates window appears listing the certificate as Unsigned 6 After receiving the signed certificate from the CA select Load Certificate ...

Page 46: ...0 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced Certificates 7 Paste the signed certificate 8 Select the Load button The Certificates window appears displaying the name and issuer of the certificate ...

Page 47: ...3000 Rel 1 6 and MSR Card Rel 2 0 GUI 2 11 Advanced Certificates Registering the CA s Certificate After receiving the signed certificate from the CA 1 Select the CA s tab on the Advanced Certificates window ...

Page 48: ... 0 GUI Advanced Certificates 2 Select Load Certificate and paste the CA s certificate into the window 3 Select the Load button to register the signed Certificate The Certificates window appears displaying the name and issuer of the certificate ...

Page 49: ...o configure the date and time parameters for the unit NOTE By default Time of Day management for the MSR is provided by the Adit 600 controller Use the settings in this window for the MSR only if you are using NTP or another time service and need to manually adjust the time due to a loss of contact with the server ...

Page 50: ...ving Time as necessary 4 To configure the current date select the Clock Set button Enter the current system date and time then click OK 5 Configure Automatic Time Update bottom of window as desired Field Definition Enabled Check box to enable Daylight Saving Time Start Set the date and time when Daylight Saving starts End Set the date and time when Daylight Saving ends Offset Set the Daylight Savi...

Page 51: ...ime update Time of Day Retrieves the time from the TOD server defined in the Time Server field below Network Time Protocol Retrieves the time from the network Network Time Server defined in the Time Server field below Update Every Range 1 480 hours Time Server Select New Entry and enter the IP Address or domain name of the Time Server Status Displays the current status of the Automatic Time Update...

Page 52: ... 1 6 and MSR Card Rel 2 0 GUI Advanced Diagnostics Diagnostics The Diagnostics window allows the user to test network connectivity using the following methods Ping an IP address and view the statics Perform a Traceroute ...

Page 53: ...iagnostics 2 Enter the IP address in the Ping Destination field 3 Select the Go button The results of the Ping will be displayed Performing a Traceroute 1 Select Advanced Diagnostics 2 Enter the IP address in the Traceroute Destination field 3 Select the Go button The results of the Traceroute will be displayed ...

Page 54: ...al features of the Adit s DNS Shares a common database of domain names IP addresses with the DHCP server Supports multiple subnets within the LAN simultaneously Automatically appends a domain name to unqualified names Allows new domain names to be added to the database using the Adit s Web based Management Permits a computer to have multiple host names Permits a host name to have multiple IPs if a...

Page 55: ...9 Advanced DNS Static Entries Adding a New Entry to the DNS Table 1 Select Advanced DNS Static Entries 2 Select New DNS Entry 3 Enter the computer s Host Name and IP Address 4 Select OK The new DNS entry is displayed in the DNS Static Entries table ...

Page 56: ... Table 1 Select Advanced DNS Static Entries 2 Select an entry on the list to modify 3 The DNS Entry window appears Modify the Host Name and IP Address as needed 4 Select OK The modified DNS entry is displayed in the DNS Static Entries table NOTE An entry can be deleted by selecting the Action Delete button ...

Page 57: ...n Dynamically assigning addresses extends the usable pool of available IP addresses while maintaining a constant domain name Each time the IP address provided by your ISP changes the DNS database will change accordingly to reflect the change in IP address In this way even though a domain name s IP address will change often your domain name will still be accessible To be able to use the Dynamic DNS...

Page 58: ...uently update the DDNS parameters manually since this may cause unneccessary traffic on the DDNS servers User Name Enter your Dyndns user name Password Enter you Dyndns password Host Name Enter a subdomain name and select a suffix from the domain combo box to define your host name The Name may not contain spaces Only letters digits dash underscore _ or a dot These special characters _ may not appe...

Page 59: ...ific period of time and simultaneously designates this IP address as taken At this point the host is configured with an IP address for the duration of the lease The host can choose to renew an expiring lease or let it expire If it chooses to renew a lease it will also receive current information about network services as it did with the original lease allowing it to update its network configuratio...

Page 60: ...s addresses to LAN clients DHCP Relay Responsible for forwarding the requests and responses negotiating between the DHCP clients and the server DHCP Server Start IP Address The IP address range defines the number of hosts that may be connected to the network in this subnet Start defines the first IP address that may be assigned in this subnet End IP Address End IP address defines the last IP addre...

Page 61: ...Address Distribution DHCP Provide Host Name if Not Specified by Client If the DHCP client does not have a host name the Adit will assign the client a default name DHCP Relay New IP Address Opens a new window for entering an IP address Field Definition Continued ...

Page 62: ...dit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced IP Address Distribution DHCP Defining a New Connection with a Fixed IP Address 1 Select Advanced IP Address Distribution 2 Select the Connection List button ...

Page 63: ...st information in the following fields 5 Select OK to save the configuration The DHCP Connections window will display the Static Connection Field Definition Host Name Enter the host name for this connection IP Address Enter a fixed IP address to assign to the computer MAC Address Enter the MAC address of the computer s network card ...

Page 64: ...tandard for securing IP communications by encrypting and or authenticating all IP packets IPSec provides security at the network level The Internet Protocol Security IPSec window allows display modification of IPSec settings General IPSec settings Key management settings Log settings Advanced IPSec Connection settings ...

Page 65: ...cked Range 0 2147483647 seconds Anti Replay Enable anti replay protection Anti Replay is a security service where the receiver can reject old or duplicate packets to protect itself against replay attacks IPSec provides this optional service by use of a sequence number combined with the use of data authentication PIX Firewall IPSec provides this service whenever it provides the data authentication ...

Page 66: ...anagement 1 Select Advanced IPSec 2 Select the Settings button 3 The Settings window displays the Adit s public key If necessary you can copy the public key from this window Field Definition Recreate Key button Recreate the public key Refresh button Refresh the public key displayed ...

Page 67: ... type of information to be displayed in the IPSec Log NOTE The IPSec log is displayed in the System Log System Monitoring System Log Events can also be forwarded to another location 1 Select Advanced IPSec 2 Select the Log Settings button 3 Select the check boxes next to the information you would like recorded in the IPSec log Click OK ...

Page 68: ...nd MSR Card Rel 2 0 GUI Advanced IPSec IP Security Creating a New Secured Connection 1 Select New Connection on the Internet Protocol Security IPSec window 2 Follow the instructions provided in the series of screens presented ...

Page 69: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 2 33 Advanced NAT FW Connections NAT FW Connections The NAT Firewall Connections table displays all active NAT and Firewall connections ...

Page 70: ...cts window will create a Network Object which is a set of host names IP address or MAC addresses Network Objects allow security rules to be applied to a distinct LAN subset 1 Select Advanced Network Objects 2 Select New Entry 3 Name the Network Object in the Description field 4 Select New Entry under Items ...

Page 71: ...ing fields 6 Click OK The newly created Network Object appears in the Network Objects table Field Definition Network Object Type IP Address Enter the IP address of the Network Object MAC Address Enter the MAC address of the Network Object Host Name enter the Host Name of the Network Object ...

Page 72: ... Card Rel 2 0 GUI Advanced PPTP Point to Point Tunneling Protocol PPTP Point to Point Tunneling Protocol The Adit can be configured as a Point to Point Tunneling Protocol Server PPTP Server accepting PPTP client connection requests ...

Page 73: ...zed to connect to the LAN If the RADIUS server accepts the client the server responds by exchanging data with the Adit including security keys for subsequent encrypted sessions Configuring RADIUS 1 Select Advanced RADIUS Client 2 Set the following fields Field Definition Enable RADIUS Client Enables RADIUS client authentication Server IP Enter the RADIUS server s IP address Server Port Enter the R...

Page 74: ...or communicating with your network Therefore the system is safe from hackers who may try to intrude on the network and damage it However you may wish to enable certain services that grant remote users administrative privileges in your network Configuring Remote Administration Services 1 Select Advanced Remote Administration 2 Select the services you wish to enable 3 Select OK ...

Page 75: ...0 Rel 1 6 and MSR Card Rel 2 0 GUI 2 39 Advanced Restart Restart This option allows the user to reboot the Adit 3000 or MSR card Restarting the System 1 Select Advanced Restart 2 Select OK to reboot the system ...

Page 76: ...PORTANT All Web based management settings and parameters will be restored to their default values including Administrator password and all user specified passwords IP address for configuration access After the restore defaults function is complete the Adit will reboot Restoring Default Settings 1 Select Advanced Restore Defaults 2 Select OK to restore the defaults ...

Page 77: ...configuration options for the following Static Routing RIP OSPF Static Routing Select Advanced Routing to view the routing table rules This window displays the following Static Routing Displays all static routes This table provides access to create modify and delete routes Routing Table Displays the current routing table ...

Page 78: ...2 42 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced Routing Adding a New Route 1 Select Advanced Routing 2 Select New Route ...

Page 79: ...etwork address or default route The destination for a default route is 0 0 0 0 Netmask The Network mask is used in conjunction with the destination to determine when a route is used Gateway Enter the gateway IP address Metric A measurement of the preference of a route Typically the lowest metric is the most preferred route If multiple routes exist to a given destination network the route with the ...

Page 80: ...l 1 6 and MSR Card Rel 2 0 GUI Advanced Routing Editing a Route 1 Select Advanced Routing 2 Select a Route listed on the Routing Table click on the name or select the edit icon 3 Modify settings as needed and select OK ...

Page 81: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 2 45 Advanced Routing Deleting a Route 1 Select Advanced Routing 2 Select Action Delete icon to remove the Route listed on the table ...

Page 82: ...2 46 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced Routing RIP Select Advanced Routing and click on the RIP tab The RIP window allows you to enable RIP routing ...

Page 83: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 2 47 Advanced Routing OSPF Select Advanced Routing and click on the OSPF tab The OSPF window allows you to enable OSPF routing ...

Page 84: ...ers Sets the OSPF Global Parameters Compatible RFC 1583 Enables the method used to calculate summary route costs per RFC 1583 Router ID Null Do not use a fixed router ID Input Router ID Define a fixed router ID to be used Enter a router IP address OSPF Area Configure the OSPF Area Parameters Area ID Specify IP Address Enter the Area ID IP address Specify a Number Enter the Area ID number Stub Area...

Page 85: ...tion Enable Simple Authentication Authentication on the OSPF Area Message Digest Enable Message Digest Authentication on the Area Network Address Table Displays the current OSPF neighbors New Entry Select this option to open a configuration window to enter OSPF neighbors See the following section for detailed information Field Definition Continued ...

Page 86: ...0 1 Select Advanced Router 2 Select the OSPF tab 3 Enable OSPF by checking the Open Shortest Path First OSPF checkbox 4 Set Enable Compatible RFC 1583 if required 5 Set Router ID as needed 6 Define the Area ID with the Area number or Area IP Address Note 0 0 0 0 is not accepted in this field 7 Define the Area as Stub if required 8 Define the Area Authentication as required 9 Select New Entry ...

Page 87: ...Rel 2 0 GUI 2 51 Advanced Routing 10 Enter the Network IP Address of the Neighbor to add to the OSPF Network 11 Enter an IP address mask that includes don t care bits 12 Select OK The new address appears in the Network Address Table ...

Page 88: ...duler Rules To create a scheduling rule 1 Select Advanced Scheduler Rules 2 Select New Scheduler Entry 3 Enter a name for the rule in the Name field maximum of 64 characters 4 Under Rule Activity Setting indicate whether the rule will be active or inactive at the scheduled time ...

Page 89: ...I 2 53 Advanced Scheduler Rules 5 Select New Time Segment Entry to define the day s of the week to apply the rule to Note At a minimum one day must be selected 6 Under Hours Range select New Time Segment Entry to define the Start and End time ...

Page 90: ...2 54 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced Scheduler Rules 7 Select OK for each window until at the Scheduler Rules table The new rule appears in the table ...

Page 91: ...ation regarding the properties of the Adit s SNMP agent should be provided by your ISP Note SNMP community strings are passwords used in SNMP messages between the management system and the Adit 1 Select Advanced Simple Network Management Protocol 2 Set the SNMP parameters as provided by the ISP Field Definition Enable SNMP Agent Enables the SNMP on this unit Read Only Community Name A read only co...

Page 92: ...e management station notifying the manager about important events or serious conditions When SNMP traps are enabled the fields expand Field Definition Any Address No restriction to remote access Specify an IP Address Requires an IP address Specify a Subnet Requires an IP address and Subnet Field Definition Enable Check to enable the SNMP traps Version SNMP v1 SNMP version 1 SNMP v2c SNMP version 2...

Page 93: ...ced System Settings to view and modify general system settings As shown in the screen shots on the following pages the system settings differ slightly between the Adit 3000 and MSR For example the MSR does not support the Clock Source fields and T1 Logging is replaced by LCC Link Cross Connect Logging ...

Page 94: ...2 58 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced System Settings Adit 3500 ...

Page 95: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 2 59 Advanced System Settings Adit MSR ...

Page 96: ...il example e mail notification require an outgoing SMTP server to be defined 1 Enter the host name of your outgoing SMTP server in the Server field 2 Enter a from e mail address in the From E mail Address field Each e mail requires a from address Some outgoing servers refuse to forward e mail without a valid from address for anti spam considerations ...

Page 97: ...iew technical information about the system including software version numbers and contact information As shown in the following screen shots the technical information differs slightly between the Adit 3000 and MSR For example the MSR technical information includes the boot version memory size and slot position in the Adit 600 chassis Adit 3500 ...

Page 98: ...2 62 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced Technical Information Adit MSR ...

Page 99: ...riables of a configuration and loading it onto the original or other Adits WARNING ALL PASSWORDS ON THE SYSTEM WILL BE RESET TO DEFAULT VALUES WHEN THE REPLACE WITH THE NEW CONFIG FILE OPTION IS SELECTED Field Definition Save Configuration File The system walks you through the saving of the configuration Load Configuration File The system opens a new window and asks you to locate a configuration f...

Page 100: ...er This feature allows the user to easily upgrade the Adit software Upgrading the Software 1 Select Advanced Upgrade From a Local Computer 2 Select the Browse button and select the upgrade file example adit3000_1_6 rmt 3 Select OK to download the file 4 If the download was successful select OK to upgrade the system ...

Page 101: ... Rel 1 6 and MSR Card Rel 2 0 GUI 2 65 Advanced Users Users Use this feature to view add edit and delete users on the device and to configure e mail notification NOTE Do not add more that 25 users to the system ...

Page 102: ...me The user s full name User Name The name this user will enter as user name to access this network New Password The password for this user Retype New Password Retype password to confirm Permissions Administrator Privileges Full access to system Operator Privileges Access to all but user management Monitor Privileges Read only access Remote Access by PPTP see Advanced PPTP Point to Point Tunneling...

Page 103: ...t 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 2 67 Advanced Users Editing a User 1 Select Advanced Users 2 Select the Action Edit icon of an existing User 3 Modify fields as needed 4 Select the OK button to save ...

Page 104: ...lect Advanced Users 2 If you have not already done so configure the Outgoing Mail Server Select Configure Mail Server which opens the System Settings window See System Settings on page 2 57 for information on setting the Mail Server 3 Enter the user s e mail address in the Address field 4 Select the System and Security levels Error Warning or Information from the pulldown menus Note Warning includ...

Page 105: ...ork VLAN also provides the following benefits to an Enterprise network Reduced Equipment Cost Eliminates the need for expensive routers Simple Administration Moving an end user is nearly effortless as the user will be in the same VLAN segment regardless of the physical location Added Security VLANs can be utilized as a firewall Broadcast messages are within the VLAN and are visible only to the VLA...

Page 106: ...2 70 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced VLAN Configuration Configuring a VLAN 1 Select Advanced VLAN Configuration 2 Select Enable VLAN dot1q Tagging in all Ports 3 Select New Entry ...

Page 107: ...VID VLAN ID number for the VLAN Range is 2 4094 5 Set the Priority level if needed Range is 7 0 6 Select the VLAN Members Ethernet or VoIP of this VLAN by checking the associated box Each port can be a member of up to 4 VLANs Ports are identified as port number sub interface 7 Select OK ...

Page 108: ...2 72 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced VLAN Configuration Configuring the VLAN Port Setting 1 Select Advanced VLAN Configuration 2 Select the VLAN port to configure ...

Page 109: ...able VLAN dot1q tagging This checkbox enables VLAN tagging on this port Default is disabled unchecked Enable VLAN protocol filtering This checkbox enables frame filtering on this port Default is disabled the frame will go through the normal forwarding bridging process PVID Port VLAN ID Priority VLAN priority setting Range is 0 7 0 2 low 3 6 medium 7 high ...

Page 110: ...2 74 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Advanced VLAN Configuration ...

Page 111: ... 3000 Only Connections that Require Configuration Multilink Serial PPPoDS0 New Connection Point to Point Protocol over DS0 Serial Multilink Point to Point Protocol over DS0 Multilink Point to Point Tunneling Protocol PPTP Point to Point Tunneling Protocol Server PPTP Server Layer Two Tunneling Protocol L2TP Internet Protocol Security IPSec OSPF Configuration on the Network Connection ...

Page 112: ...ber of T1s on the configured system and creates the appropriate T1 Ethernet and Serial connections 3104 3200 3500 Types Configuration Existing default Connections X X X T1 1 WAN T1 X T1 2 WAN T1 T1 2 is used as the trunk and is configured for PRI Ni2 signaling switching X T1 3 WAN T1 X T1 4 WAN T1 X X X Ethernet 1 LAN Ethernet X X X Ethernet 2 WAN Ethernet disabled X X X Serial 1 PPPoT1 WAN PPPoT1...

Page 113: ...t 1 LAN Ethernet by default Can be configured for WAN usage Ethernet 2 WAN Ethernet by default Can be configured for LAN usage The following types of connections can be created with the New Connection option Point to Point Protocol over DS0 Serial Connect to the Internet using a PPP tunnel over HDLC Multilink Point to Point Protocol over DS0 Multilink Connect to the Internet using a MLPPP tunnel o...

Page 114: ...3 4 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Network Connections Overview ...

Page 115: ... these connections will all be reset to this original configuration Ethernet 1 NOTE For the MSR DHCP is disabled by default For the Adit 3000 Ethernet 1 is automatically configured as the DHCP server The Ethernet 1 Properties window displays the current settings of the connection This connection is set up as a default and can be enabled or disabled but cannot be deleted Ethernet 1 Ethernet 2 Seria...

Page 116: ...d and half duplex 10T FD 10 Mbps speed and full duplex 10T HD 10 Mbps speed and half duplex Internet Protocol For the Adit 3000 this name is a link to the Advanced IP Address Distribution DHCP window Obtain an IP Address Automatically Sets the connection to use DHCP to obtain an IP address Override Subnet Mask Set specific mask DHCP Option Auto Provision Enable DHCP auto provisioning Rx TOS Markin...

Page 117: ...he DHCP Relay Server DHCP Options Opens a window that configures the DHCP options per RFC 2132 See Configuring DHCP Options on page 3 8 Routing This name is a link to the Advanced Routing window Routing Mode Displays the current routing mode Device Metric Value of Metric of IP network on this interface in Routing Table Range is 0 255 Default Route Check to enable default route Proxy ARP Ethernet A...

Page 118: ...he Configure Ethernet 1 window select DHCP Server for IP Address Distribution 2 Select the DHCP Options field 3 Select New Entry 4 At the DHCP Option Number pulldown field select one of the following 66 TFTP Server Name 67 Boot File Name 5 On the Data field enter the IP address or host name 6 Select OK The information appears in the DHCP Options table ...

Page 119: ...0 GUI 3 9 Network Connections Preconfigured Connections Ethernet 2 The Ethernet 2 Properties window displays the current settings of the connection This connection is set up as a default and can be enabled or disabled but cannot be deleted ...

Page 120: ...speed and duplex for the interface Default 100T FD 100 Mbps speed and full duplex 100T HD 100 Mbps speed and half duplex 10T FD 10 Mbps speed and full duplex 10T HD 10 Mbps speed and half duplex Internet Protocol Obtain an IP Address Automatically Sets the connection to use DHCP to obtain an IP address Override Subnet Mask Set specific mask DHCP Option Auto Provision Enable DHCP auto provisioning ...

Page 121: ...the Advanced Routing window Routing Mode Display edit the routing mode Route Routing is used if public is visible on both sides NAPT Default NAPT is used if doing private IPs on the Ethernet side or if you want to hide specific publics on the internal side SIP ALG Note This field only applies when the Routing Mode is set to NAPT This field allows the customer to turn off the SIP ALG on external in...

Page 122: ... and can be enabled disabled deleted or modified from this window This is a preconfigured connection on the Adit 3000 however this is the only preconfigured connection that can be deleted and a new Serial 1 connection can be created based on a different T1 See New Connection Window on page 3 28 for information on creating this connection Note See Serial PPPoDS0 on page 3 21 for information on thes...

Page 123: ...asic information on the T1 Name T1 1 T1 2 T1 3 or T1 4 are default names they can be modified Device Name T1 1 T1 2 T1 3 or T1 4 Status Network LAN WAN Connection Type T1 Transmit Status Receive Status The T1 Properties window has two additional buttons Log The Log button links to the System Monitoring T1 Log window See T1 Log Adit 3000 Only on page 5 7 for detailed information Performance The Per...

Page 124: ... Superframe ESF framing D4 To D4 Superframe SF framing Line Coding Alternate Mark Inversion line coding AMI Binary 8 Zero Substitution line coding B8ZS Default Loop Code Detection Enable detection of CSU loop codes Enable detection of NIU loop codes Off Default Facilities Data Link None Disable FDL output messages Default T1 403 FDL Enable T1 403 FDL performance messages fdlPMMsg Enable FDL Perfor...

Page 125: ...Default is 0 Range is 0 15 Errored Seconds Defect Threshold ES Default is 0 Range is 0 86400 Default is 0 Range is 0 900 Line Code Violations Defect Threshold LCV Default is 0 Range is 0 133401600 Default is 0 Range is 0 1389600 Line Errored Seconds Defect Threshold LES Default is 0 Range is 0 86400 Default is 0 Range is 0 900 Path Code Violation Defect Threshold PCV Default is 0 Range is 0 133401...

Page 126: ...t Require Configuration The following connection types must be configured using the New Connection selection Multilink Serial PPPoDS0 NOTE For the Adit 3000 you must first deleted the pre configured Serial 1 connection before adding either of these connection types For the MSR there is no pre configured Serial 1 connection ...

Page 127: ...ction on page 3 27 Once the connection is configured you can select the connection to view its properties modify its settings or disable enable it A sample Multilink Properties window for the Adit MSR is shown below Note that the Underlying Devices are LCCs For the Adit 3000 the Underlying Devices are T1s If necessary you can modify the multilink connection by selecting the Settings button The Con...

Page 128: ...3 18 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Network Connections Connections that Require Configuration ...

Page 129: ...igh Speed Serial Configuration window See Underlying Device High Speed Serial Configuration Adit 3000 Only on page 3 25 Adit MSR Lists the LCC s in this connection PPP QOS Interleaving Enables Interleaving The QoS Interleaving is used when there are QoS considerations with voice or data Packets are split with a low ToS precedence Link Fragmentation Sets the threshold byte size of the packet for In...

Page 130: ...ific DNS server address to use Secondary DNS Server Enter a secondary DNS server address to use Routing Routing Mode Displays the current routing mode Route Routing is used if public is visible on both sides NAPT NAPT is used if doing private IPs on the Ethernet side or if you want to hide specific publics on the internal side SIP ALG This field allows the customer to turn off the SIP ALG on exter...

Page 131: ...nnection on page 3 27 For the Adit 3000 Serial 1 is a preconfigure connection You can select the connection to view its properties modify its settings or disable enable it A sample Serial Properties window for the Adit MSR is shown below Note that the Underlying Device is a Link Cross Connect LCC For the Adit 3000 the Underlying Device is a T1 If necessary you can modify the serial connection by s...

Page 132: ...3 22 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Network Connections Connections that Require Configuration ...

Page 133: ...onnection PPP Note These fields do not display when The Internet Protocol field is set to unnumbered On Demand Attempts to connect only when packets are sent Time Between Reconnect Attempt Sets the interval of time between reconnect attempts Range is 0 99999 seconds Default is 30 seconds Restart Timer Range is 1 65535 seconds Default is 3 seconds PPP Authentication Login User Name Enter Login User...

Page 134: ...ide SIP ALG This field allows the customer to turn off the SIP ALG on external interfaces Checked the SIP ALG will be switched off Unchecked the SIP ALG will not work Device Metric Value of Metric of IP network on this interface in the Routing Table Range is 0 255 with a default of 20 Default Route Check to enable default route Routing Protocol None Disable the routing protocol on this interface O...

Page 135: ...g Device High Speed Serial Configuration Adit 3000 Only To configure the individual channels in the Serial 1 PPPoT1 or Multilink connection select the T1 name listed in the Underlying Device field The High Speed Serial Configuration window is shown on the following page Use this window to set the channel assignments ...

Page 136: ...00 Rel 1 6 and MSR Card Rel 2 0 GUI Network Connections Connections that Require Configuration Field Definition Assignment Data Sets the channel type to Data Unassigned Puts the channel out of service down Default ...

Page 137: ...hrough each option NOTE For information on modifying these connections after setup see Connections that Require Configuration on page 3 16 Point to Point Protocol over DS0 Serial Multilink Point to Point Protocol over DS0 Multilink Point to Point Tunneling Protocol PPTP Point to Point Tunneling Protocol Server PPTP Server Layer Two Tunneling Protocol L2TP Internet Protocol Security IPSec ...

Page 138: ...3 28 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Network Connections New Connection New Connection Window ...

Page 139: ...resources T1 lines or WAN capable cards must be made before setting up the WAN link All DS0s cross connected to the WAN link must be of type Data Use the connect msr command from the Adit 600 controller to cross connect resources to the MSR card See the Adit 600 User Manual for more information 1 Select Network Connections New Connection 2 Select Point to Point Protocol over DS0 Serial then select...

Page 140: ...ctions New Connection 5 Select Next 6 The Connection Summary window displays the current configuration Select 3Finish if information is correct Select Back to modify the configuration Select X Cancel to stop this setup and return to the Network Connections window ...

Page 141: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 3 31 Network Connections New Connection 7 The new Serial connection appears on the Network Connections window ...

Page 142: ...ources T1 lines or WAN capable cards must be made before setting up the WAN link All DS0s cross connected to the WAN link must be of type Data Use the connect msr command from the Adit 600 controller to cross connect resources to the MSR card See the Adit 600 User Manual for more information 1 Select Network Connections New Connection 2 Select Multilink Point to Point Protocol over DS0 Multilink t...

Page 143: ... The Connection Summary window displays the current configuration Select 3Finish if information is correct Select Back to modify the configuration Select X Cancel to stop this setup and return to the Network Connections window 7 The new Multilink connection appears on the Network Connections window ...

Page 144: ...he Internet 1 Select Network Connections New Connection 2 Select Point to Point Tunneling Protocol PPTP then select Next 3 Configure the Client Connection Properties 4 Select Next 5 Select 3Finish Field Definition Host Name or IP Address of Destination Enter the Remote Server Host Name or IP Address Login User Name Enter the User Name for the above server Login Password Enter the Password for the ...

Page 145: ... VPN connections to your home network from other locations 1 Select Network Connections New Connection 2 Select Point to Point Tunneling Protocol Server PPTP Server then select Next 3 Add a User by selecting New User See Adding a User on page 2 66 for more information 4 Select Next 5 The Start and End Remote Address Range are automatically supplied Modify the addresses if needed ...

Page 146: ...3 36 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Network Connections New Connection 6 Select Next 7 Select 3Finish ...

Page 147: ...ling Protocol L2TP then select Next 3 Configure the L2TP client connection properties 4 Select Next 5 Select 3Finish Field Definition Host Name or IP Address of Destination Enter the Remote Server Host Name or IP Address Shared Secret Enter a shared secret key with a maximum of 30 characters Use IPSec Checkbox enables Internet Protocol Security Login User Name Enter the User Name for the above ser...

Page 148: ...hentication 1 Select Network Connections New Connection 2 Select Internet Protocol Security IPSec then select Next Note There are multiple options at each window The displays vary depending on selections made on the previous window 3 Select the type of IPSec connection Network to Network or Network to Host and select Next Note The following example assumes a selection of Network to Network There a...

Page 149: ...ess and Remote Subnet This example displays the most options 5 Configure the IPSec connection properties 6 Select Next 7 Select 3Finish Field Definition Remote Tunnel Endpoint Address Enter the Remote Server IP Address Remote Subnet Remote Subnet IP Address Enter the remote subnet IP Address Remote Subnet Mask Enter the subnet mask for the above subnet address Shared Secret Enter a shared secret k...

Page 150: ... the following network connections Ethernet 1 Ethernet 2 Serial Multilink NOTE The following example uses the Ethernet 1 network connection Configuration is the same for the Ethernet 2 Serial 1 and Multilink connections To configure OSPF on a network connection 1 Select Network Connections and select the Ethernet 1 connection name to open the Ethernet 1 Properties window 2 Select the Settings butt...

Page 151: ...Rel 2 0 GUI 3 41 Network Connections OSPF Configuration on the Network Connection 3 At the Configure Ethernet 1 window select OSPF from the Routing Protocols pulldown menu Click on the OSPF Configuration link under the pulldown menu ...

Page 152: ...F on page 2 47 for information about configuring OSPF area authentication Interface Parameter Retransmit Interval Defines the interval of time between link state advertisement retransmissions for adjacencies belonging to the interface Range is 1 65536 seconds with a default of 5 Transmit Delay Defines the estimated time to transmit a link state update packet on the interface Range is 1 65535 secon...

Page 153: ...the Network Connection Interface Cost Defines the cost of sending a packet on this interface Range is 1 65535 with a default of 0 Interface Priority Defines the router priority which determines the designated router for this network Enter an ID for this key Range is 1 255 with a default of 1 ...

Page 154: ...3 44 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Network Connections OSPF Configuration on the Network Connection ...

Page 155: ... 4 Security In this Chapter Overview General Access Control Local Servers DMZ Host Port Triggering Remote Administration IP Hostname Filtering Advanced Filtering NAT Bypass Security Log Firewall Implementation ...

Page 156: ...rotection mechanisms The firewall provides both the security and flexibility that users seek and is preconfigured to provide optimum security It supports advanced filtering designed to allow comprehensive control over the firewall s behavior The user can define specific input and output rules control the order of logically similar sets of rules and make a distinction between rules that apply to WA...

Page 157: ...able at the Security window General Access Control Local Servers DMZ Host Port Triggering Remote Administration IP Hostname Filtering Advanced Filtering NAT Bypass Security Log In addition the following section provides firewall implementation details for users who need more in depth information Firewall Implementation ...

Page 158: ...irewall receives whether originating from the Internet or from a computer in the network must be checked against the set of firewall rules to determine whether the request should be allowed to pass through the firewall If the request is permitted to pass all subsequent data associated with this request session will also be allowed to pass regardless of its direction For example when you point your...

Page 159: ... the Local Servers DMZ host and Remote Access screens Limited Only commonly used services such as Web browsing and e mail are permitted These services include Telnet FTP HTTP HTTPS DNS IMAP POP3 Ping and SNMP Typical Default Blocked No access to network from Internet except as configured in the local Servers DMZ host and Remote Access screens Unrestricted All services are permitted except as confi...

Page 160: ... from accessing certain services on the Internet For example you might prohibit one computer from surfing the Web another from transferring files using FTP or the whole network from receiving incoming e mails Access controls work by placing restrictions on the types of requests that may pass from the network out to the Internet and thus may block traffic flowing in both directions ...

Page 161: ...ocked 2 Select a Network Object from the Applied To pulldown menu located at the top of the window or select New to define a new Network Object that will be displayed in the pulldown menu See Network Objects on page 2 34 for more information Note The pulldown menu is only available when more than one Network Object has been created 3 Scheduled Availability To set this to a setting other that Alway...

Page 162: ...of these windows will appear here NOTE To block a service that is not included in the list select New User Defined Service then define and save the service See Creating a User Defined Rule on page 4 10 for more information 5 Select OK to save the rule The rule appears in the Access Control table with a checkbox The rule can be enabled disabled without affecting the rule Service table is referenced...

Page 163: ...ing an Access Control Rule Rules can be enabled disabled by checking unchecking the rule listed on the Security window Rules can be modified by selecting the Edit button for the rule and modifying the configuration Rules can be deleted by selecting the Delete button for the rule ...

Page 164: ...y Access Control Creating a User Defined Rule 1 At the Add Access Control Rule window select the New User Defined Service field 2 Name the service and give a description if needed 3 Select a Server Port from the list or select New Server Ports to create one ...

Page 165: ...ts and Destination Ports Any Applies to any port Single Enter specific port range 0 65535 Range Enter Range of ports range 0 65535 ICMP Internet Control Message Protocol ICMP allows router to send error and control messages about packet processing on IP networks Note ICMP is part of the TCP IP protocol suite ICMP message to send Echo Reply Network Unreachable Host Unreachable Protocol Unreachable ...

Page 166: ...ervice The new service is listed with a checkbox in the table AH Authentication Header Protocol A protocol used in IPSec that authenticates a packet IP header and payload content If a packet is modified during transmission the recipient is notified Other Covers protocols not listed above This option requires a Protocol Number to be entered Range is 0 65535 Field Definition Continued ...

Page 167: ...cation on one of your PCs simply select Net2Phone from the list and enter the local IP address of that computer in the Local Host field All Net2Phone related data arriving at the Adit from the Internet will be forwarded to the specified computer Similarly if you want to grant Internet users access to servers inside your network you must identify each service that you want to provide and the PC tha...

Page 168: ...o accesses the Adit via HTTP you can do the following Define a Local Host for the HTTP service with the PC s IP or hostname Specify 8080 in the Forwarded Port field All incoming HTTP traffic will be forwarded to the PC running the web server on port 8080 NOTE If an Internet application or a service that you wish to provide is not in the list you can easily add it Adding a Local Server To add a a n...

Page 169: ... New and specify the schedule on the Schedule Rule Edit window For information confguring the schedule see Scheduler Rules on page 2 52 5 Select the service you would like to provide Note The Service table is used by multiple windows the standard services and the User Defined services created on any of these windows appear here 6 Select OK to save The new Local Server is listed in the table NOTE T...

Page 170: ...er A Local Server can be enabled disabled by simply checking unchecking the server listed on the Security window A Local Server can be modified by selecting the Edit button for the server and modifying the configuration A Local Server can be deleted by selecting the Delete button for the server ...

Page 171: ...o matching Local Servers or Remote Administration matches When the DMZ Host configuration is applied packets are redirected from the Adit WAN IP address to the DMZ host s IP address Note The DMZ Host is only active if the firewall is enabled on the WAN interface regardless of whether the WAN interface routing type is set for NAPT or Routing WARNING A DMZ HOST IS NOT PROTECTED BY THE FIREWALL AND M...

Page 172: ...puter as a DMZ Host To designate a local computer as a DMZ host enter the IP address of the computer at the Security DMZ Host window You can enable disable the DMZ host at any time by checking unchecking the checkbox next to the host NOTE Only one LAN computer can be a DMZ host at any time ...

Page 173: ...ou using TCP on port 3333 to start the gaming session In such a case you must use port forwarding since this scenario conflicts with the following default firewall settings The firewall blocks inbound traffic by default The server replies to the Adit s IP and the connection is not NATed back to your host In order to solve this you need to define a Port Triggering entry that allows inbound TCP traf...

Page 174: ... 0 GUI Security Port Triggering Setting up Port Triggering To set up port triggering 1 Select New Entry on the Security Port Triggering window 2 Select a previously defined service under User Defined Services or select New User Defined Service ...

Page 175: ...vice Description b Under Server Ports select a configured port from the list or create a new port by select ing New Server Ports see Configure the Service port protocol on page 4 11 c Under Opened Ports select a configured port from the list or create a new port by select ing New Opened Ports see Configure the Service port protocol on page 4 11 ...

Page 176: ...ect OK The new triggering service is listed in the table e Select the checkbox next to the new service and select OK The new triggering service is enabled and available for selection You can enable disable the service at any time by selecting un selecting the checkbox 4 Select OK ...

Page 177: ... traveling It also enables your ISP to change settings or help you troubleshoot functionality or communication issues from a remote location Remote access is blocked by default to ensure the security of your network However you can use the Security Remote Administration window to selectively enable a variety of remote administration services as necessary WARNING ENABLING REMOTE ADMINISTRATION ACCE...

Page 178: ...d a secure protocol Using Primary Telnet Port 23 Using Secondary Telnet Port 8023 Note If a local server is configured to use port 23 select port 8023 to avoid conflicts Using Secure Telnet over SSL Port 992 Allow Incoming Access to the Web Management Using Primary HTTP Port 80 Using Secondary HTTP Port 8080 Using Primary HTTPS Port 443 Using Secondary HTTPS Port 8443 Allow SNMP Control and Diagno...

Page 179: ...t to block specific IP addresses or hostnames so that they can not be accessed from computers in the network Moreover restrictions can be applied to a comprehensive automatically updated list of sites to which access is not recommended The IP Hostname Filtering window displays a list of all restricted IP addresses or hostnames ...

Page 180: ...ndow 2 Enter an IP Address or Hostname 3 Applied To To set this to a setting other than Entire LAN select New and define a set of Network Objects that will be restricted For information on configuring a Network Object see Network Objects on page 2 34 4 Scheduled Availability To set this to a setting other than Always select New and define the schedule For information on configuring schedule rules ...

Page 181: ...ct OK to add the Address to the Restricted list 6 If the site is successfully located the Status on the IP Hostname Filtering window will transition from Resolving to Active Restricted access to the site can be enabled disabled at any time with the checkbox next to the address hostname ...

Page 182: ...applied against packets at any interface before applying any other configured firewall settings See Firewall Implementation on page 4 37 for actual sequence Ethernet 1 Rules Interface specific rules are applied against packets at that particular interface immediately after applying the Initial rules See Firewall Implementation on page 4 37 for actual sequence Note The list of connections varies de...

Page 183: ...ed Filtering Adding an Advanced Filtering Rule To add a new advanced filtering rule 1 Select Security Advanced Filtering 2 Select the rule set to modify for example in the Input Rule Sets select Initial Rules 3 On the Configure Initial Rules window select New Entry ...

Page 184: ...0 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Security Advanced Filtering 4 On the Add Advanced Filter window define the filter see field definitions below Service table is referenced from multiple windows ...

Page 185: ...n IP addresses defined above Reject Deny access to packets that match the criteria defined and send an ICMP error or a TCP reset to the origination peer Accept Allow access to packets that match the criteria defined The data transfer session will be handled using Stateful Packet Inspection SPI meaning that other packets matching this rule will be automatically allowed access Accept Packet Allow ac...

Page 186: ...el 1 6 and MSR Card Rel 2 0 GUI Security Advanced Filtering 5 Select OK to save and enable the rule The rule is listed in the Configure Initial Rules table You can disable enable the rule at any time using the checkbox ...

Page 187: ...ect the New Entry or select the edit icon for an existing entry and enter modify the network address and mask NOTE Do not enter 0 0 0 0 0 0 0 0 for NAT bypass This is interpreted as exclude all networks For the same result it is recommended that you disable NAPT on the WAN interface 3 Click OK to enable the rule You can disable enable the rule at any time using the checkbox Field Definition Underl...

Page 188: ... that it is a trusted host Accepted Host trusted A reply from a previously challenged WAN host This client becomes a trusted host Accepted Internal traffic All packets are allowed to move freely from one LAN host to another Blocked Policy violation This access request violates the Firewall s security policy Blocked IP Fragment If the Firewall is configured to block all IP fragments this message is...

Page 189: ...2 0 GUI 4 35 Security Security Log Changing the Security Log Settings To change the settings for the Security Log 1 Select Security Security Log 2 Select Settings 3 Modify the settings as necessary see the following table then select OK ...

Page 190: ...ion of the Echo or Chargen DOS attacks Multicast Broadcast Detection of the multicast or broadcast packets arriving at the WAN interface Spoofed Connection Detection of IP address spoofing attacks Packet Illegal Options Detection of IP packets with disallowed IP options lsrr ssrr rr timestamp or error options UDP Flood Detection of a UDP Flood attack ICMP Replay Detection of an ICMP Replay DOS att...

Page 191: ...ons are considered inherently trusted unless designated otherwise by the administrator When NAPT routing mode is enabled on other WAN network connections hosts that are in the directly connected subnets of any LAN network connection will have NAPT applied against sessions that are initiated from the LAN network toward the WAN network WAN A network connection designated as type WAN is used for the ...

Page 192: ...ssions initiated from public hosts on the WAN if they are directed to the Adit s own IP address and there is a matching Local Server or DMZ Host configuration Internet Connection Firewall The Internet Connection Firewall setting enables or disables firewall processing on the interface If enabled all of the packets arriving or departing through this interface are examined against the configured fir...

Page 193: ...translation are translated before passing the packet up to the IP stack Step Test Action 1 Insecure IP options loose source route strict source route record route time stamp or invalid IP option DROP 2 Invalid IP fragments DROP 3 Match existing sessions this matches ongoing sessions and applies NAPT where appropriate PASS 4 Packets generated by the firewall itself e g TCP RST packets PASS 5 User c...

Page 194: ...wn to the driver Step Test Action 1 Insecure IP options loose source route strict source route record route time stamp or invalid IP option DROP 2 Invalid IP fragments DROP 3 Match existing sessions this matches ongoing sessions and applies NAPT where appropriate PASS 4 Packets generated by the firewall itself e g TCP RST packets PASS 5 User configured Advanced Filtering Output Rule Sets Initial R...

Page 195: ...CHAPTER 5 System Monitoring In this Chapter Overview Connections Traffic System Log T1 Log Adit 3000 Only SIP Log PRI Log T1 Performance Adit 3000 Only Alarms System ...

Page 196: ...erview The System Monitoring window displays information that can be used for monitoring and troubleshooting the system As shown in the following figures the types of information provided through the System Monitoring window differs between the Adit 3000 and Adit MSR Adit 3500 ...

Page 197: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 5 3 System Monitoring Overview Adit MSR ...

Page 198: ...5 4 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI System Monitoring Connections Connections The Connections tab displays all the connections their status and other information specific to each connection ...

Page 199: ...y monitoring traffic within the local network and between the local network and the Internet Select the Traffic tab to view the current statistical information about data received from and transmitted to the Internet WAN and about data received from and transmitted to computers in the local network LAN ...

Page 200: ...5 6 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI System Monitoring System Log System Log The System Log displays a list of the most recent activity that has taken place on the network ...

Page 201: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 5 7 System Monitoring T1 Log Adit 3000 Only T1 Log Adit 3000 Only The T1 Log displays all T1 related alarms and events for the Adit 3000 ...

Page 202: ... Fill Method Define the method of loading the buffer Circular Buffer the buffer will store a continuous stream of data by starting again at the beginning of the buffer after reaching the end Default Fill Until Full the buffer will fill until it is full The user will have to clear the log manually Logging Level Defines how the logs are displayed Detailed Display detailed information of the log Non ...

Page 203: ...ure the PRI log size Range is 1 50KB with a default of 50KB Buffer Fill Method Define the method of loading the buffer Circular Buffer the buffer will store a continuous stream of data by starting again at the beginning of the buffer after reaching the end Default Fill Until Full the buffer will fill until it is full The user will have to clear the log manually Display Number of Lines Per Message ...

Page 204: ...Rel 1 6 and MSR Card Rel 2 0 GUI System Monitoring T1 Performance Adit 3000 Only T1 Performance Adit 3000 Only The T1 1 through T1 4 Performance tabs display the performance statistics for each of the Adit 3000 s T1s ...

Page 205: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 5 11 System Monitoring Alarms Alarms The Alarms tab displays the system alarms their severity and the time at which each event occured ...

Page 206: ...5 12 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI System Monitoring System System The System tab displays the amount of time that has passed since the system was last started or reset ...

Page 207: ...APTER 6 Voice Over IP NOTE This feature is not available on the Adit 3200 In this Chapter Overview IP Telephony Phone Settings Phone Book Line Monitoring Trunk Settings Trunk Monitoring Trunk Registration ...

Page 208: ... phones over a single broadband connection providing the benefits and quality of digital voice The Adit enables you to place and receive calls over the Internet using a standard telephone set connected to the Adit WARNING ANY CHANGES TO THE VOIP SETTINGS WILL RESTART THE VOIP TASK AND WILL CAUSE ANY ACTIVE CALLS TO BE DROPPED ...

Page 209: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 6 3 Voice over IP IP Telephony IP Telephony Use the IP Telephony tab to configure VoIP dialing parameters signaling protocols and codecs ...

Page 210: ...t is used to handle digit map elements containing a T Range is 1 10 seconds Long Timeout Digit Map Timeout Long Timeout if it is exceeded will terminate the dialing sequence Range is 4 60 seconds Gateway IP Address Gateway IP Address The IP address to be used as the source IP for VoIP services when it matches one of the up or running interfaces IP addresses otherwise the VoIP source IP address is ...

Page 211: ...ort where SIP requests are to be sent Range is 1024 65535 with a default of 5060 Use SIP Outbound Proxy Select to enable and enter the IP address of the SIP Outbound Proxy An outbound proxy is one to which all outgoing SIP requests are sent Port Enter SIP Outbound Proxy port Range is 1024 65535 default of 5060 Codecs Supported Codecs Allows the user to select which codecs are to be enabled and pro...

Page 212: ...ecific dialing behavior A dial plan allows the phone to identify that an entered number is complete and the call should be initiated If the phone digit map is not defined properly a SIP call may be initiated before the user is done dialing To configure the digit map 1 Select Voice over IP 2 Select the IP Telephony tab 3 Select FXS Digit Map ...

Page 213: ...el 1 6 and MSR Card Rel 2 0 GUI 6 7 Voice over IP IP Telephony 4 Select New Entry to create a new Digit Map pattern or select the Edit icon to modify an existing one 5 Enter the new digit map pattern and select OK ...

Page 214: ...her a short timeout or by the user pressing the key character Note The is not considered part of the number if it is at the end of the dial string Character String Definition digit 1 9 special keypad character a b c or d wildcard digit x or which represents any numerical digit super wildcard or which indicates 0 or more digits of the previous type short timeout character T range element rrr where ...

Page 215: ...3000 Rel 1 6 and MSR Card Rel 2 0 GUI 6 9 Voice over IP IP Telephony Advanced Button The Advanced button at the bottom of the IP Telephony window opens a window for configuring the Advanced VoIP SIP settings ...

Page 216: ...lways sent 180 with or without SDP The 180 Ringing message is a provisional or informational response used to indicate that the INVITE message has been received by the user agent and that alerting is taking place 183 Always sent 183 with or without SDP The 183 Session Progress response indicates that information about the call state is present in the message body media information Note Both 180 an...

Page 217: ... T 38 Signaling NSE Only NSE Named Service Event will be the only method tried NSE Preferred NSE preferred will be the first method tried with an attempt to the alternate SDP method if it fails Default SDP Only SDP Session Description Protocol will be the only method tried SDP Preferred SDP preferred will be the first method tried with an attempt to the alternate NSE method if it fails T 38 Error ...

Page 218: ...Voice over IP IP Telephony Redundancy Button The Redundancy button at the bottom of the IP Telephony window opens a window for configuring VoIP proxy redundancy Note This window is modified upon selection of the Global Redundancy Configuration field ...

Page 219: ...elected in the Global Redundancy Configuration field Primary Proxy Enter Primary Outbound Proxy address Note This field appears only when User is selected in the Global Redundancy Configuration field Secondary Proxy Enter Secondary Outbound Proxy address Note This field appears only when User is selected in the Global Redundancy Configuration field Filter Packets from Unknown SIP Servers Select ch...

Page 220: ...tings Phone Settings Use the Phone Settings tab to configure each line for VoIP NOTE When connecting analog lines to the PBX impedance settings can be used to match impedance between the analog interfaces Consult the PBX Key System or connecting equipment manual Adit 3500 ...

Page 221: ...1 6 and MSR Card Rel 2 0 GUI 6 15 Voice over IP Phone Settings Adit MSR NOTE To display all available lines on the MSR select Display All Lines To display only cross connected lines select Display Cross Connect Lines ...

Page 222: ... Voice over IP Phone Settings Configuring Phone Settings 1 Select the Phone Settings tab on the Voice over IP window 2 Select the Action icon for the line to configure 3 Set the Line Settings as desired See the following table for field definitions ...

Page 223: ...x Mode None A Fax call would be treated as a normal voice call Default Bypass Causes the line to transmit in G 711 mode with silence suppression disabled on detection of Fax tone Modem SuperG3 Fax Mode None A Modem call would be treated as a normal voice call Default Bypass Causes the line to transmit in G 711 mode with echo cancellation and silence suppression disabled on detection of Modem tone ...

Page 224: ...y disconnects Calling Features Call Waiting Enables disables the Call Waiting capability for this line Call Waiting Caller ID Enables disables the Call Waiting Caller ID for this line Block Outgoing Caller ID Enables disables blocking of Caller ID on SIP calls made from this line Authentication Authentication Select to enable Authentication on the line Authentication User ID The User ID to be used...

Page 225: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 6 19 Voice over IP Phone Book Phone Book Use the Phone Book tab to define the Speed Dial settings You can define a maximum of 50 entries ...

Page 226: ...d Rel 2 0 GUI Voice over IP Phone Book Configuring Phone Book Settings 1 Select Voice over IP Phone Book tab 2 Select New Entry Note This window modifies as the Destination field is changed See the following table for field definitions ...

Page 227: ...phone number after the stripping process has been applied This field is empty by default User ID Enter a User ID with a maximum of 20 characters Local Line Will send an INVITE to a local line Call setup information does not leave the system Line Select the line from the pulldown menu Direct Call Will send an INVITE to the User ID and IP address supplied in the Speed Dial configuration for this ent...

Page 228: ...6 22 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Voice over IP Line Monitoring Line Monitoring The Line Monitoring tab displays current information for each line Adit 3500 ...

Page 229: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 6 23 Voice over IP Line Monitoring Adit MSR ...

Page 230: ... been selected SIP Proxy Indicates if SIP proxy is selected or not Line Specific FXS line User ID Displays the User ID Phone Status Displays the Phone status Idle dialing in progress ringing call in progress etc Registration Status Displays registration status Registered or failed RTP RX TX Lost Packets Packets received transmitted dropped Jitter ms Milliseconds of Jitter incurred on the call Over...

Page 231: ...1 6 and MSR Card Rel 2 0 GUI 6 25 Voice over IP Trunk Settings Trunk Settings NOTE The Trunk Settings tab is only available on the Adit 3500 and Adit MSR Use the Trunk Settings tab to configure settings for the trunk ...

Page 232: ... Rel 2 0 GUI Voice over IP Trunk Settings Configuring Trunk Settings To configure the trunk 1 Select the Voice Over IP Trunk Settings tab 2 Select the Trunk The Trunk Settings window appears See the following table for field definitions ...

Page 233: ...ty in signaling protocol or link selection between the controller and MSR card x is defined as above Note When you select the connection s name the Channel Configuration appears See the Channel Configuration on page 6 30 Interface Type Displays the interface type Network Trunk Signaling Sets the signaling type of the trunk PRI Primary Rate Interface CAS Channel Associated Signaling Signaling Type ...

Page 234: ... line to transmit in G 711 mode with silence suppression disabled on detection of Modem tone Silence Suppression Enable or disable silence suppression for voice calls for one or more voice channels Jitter Buffer Static Maintain a static average delay 2x the packet time Default Dynamic Perform dynamic delay adjustment to minimize delay Voice Processing Transmit Gain Set the gain on the transmit sid...

Page 235: ...d name is a link to the Digit Map configuration window See Configuring the Digit Map on page 6 6 New Entry See Call Destination window below Line Number 1 30 for the dial pattern Destination Identifies the destination of the incoming phone call Strip The number of digits to be stripped off from the left most digits in the phone number Possible usages include stripping off the area code or the 3 di...

Page 236: ... the communication assignment for each channel in the trunk For the Adit 3500 you can change the channel assignments at this window For the Adit MSR the assignments are fixed To view the Channel Configuration window select one of the connections listed in the Connection field on the the Voice Over IP Trunk Settings tab Adit 3500 shown below ...

Page 237: ...e over IP Trunk Settings Field Definition Assignment in out Allows comminution in both directions Default in Allows communication in the IN direction only out Allows communication in the OUT direction only unassigned Puts the channel out of service down ...

Page 238: ...d Rel 2 0 GUI Voice over IP Trunk Monitoring Trunk Monitoring NOTE The Trunk Monitoring tab is only available on the Adit 3500 and Adit MSR The Trunk Monitoring window displays current status and statistics for trunk channels Adit 3500 ...

Page 239: ...Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI 6 33 Voice over IP Trunk Monitoring Adit MSR ...

Page 240: ...mber of LAPD FRMR Frame Reject status response frames received This is the number of framing errors on this interface TotalIncomingCalls Displays the number of Incoming Calls CompletedIncomingCalls Displays the number of Incoming Connected Calls TotalOutgoingCalls Displays the number of Outgoing Calls CompletedOutgoingCalls Displays the number of Outgoing Connected Calls Channel The ID of the PRI ...

Page 241: ...ble the trunk group phone registration feature Line Displays the line number The checkbox allows this line to be disabled unchecked without having to delete the configuration Number Displays the defined phone number User Name Displays the defined user name Description Displays the description Status Displays the current status Action The two icons allow the user to edit or delete the line New Entr...

Page 242: ...6 36 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Voice over IP Trunk Registration Adding a PBX Phone Line To add a new PBX phone line 1 Select New Entry from the Voice Over IP Trunk Registration window ...

Page 243: ...number for this line Number of Lines Enter the number of lines to enter they will be sequential following the number entered above Authentication Single User Name Authentication will be with the user name Phone Number Authentication will be with the phone number entered User Name Enter a User Name with a maximum of 65 characters Password Enter a password associated with the User Name with a maximu...

Page 244: ...6 38 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Voice over IP Trunk Registration 3 Select OK to enter the number and return to the Trunk Registration window ...

Page 245: ...enge Handshake Authentication Protocol CID Caller ID CIDR Classless Inter Domain Routing CLASS Custom Local Area Signaling Service CLEI Common Language Equipment Identification CLI Command Line Interface CO Central Office CPD Calling Party Disconnect CPE Customer Provided Equipment CRC Cyclic Redundancy Check CRV Call Reference Value CSU Channel Service Unit dB decibel DCS Digital Signal Processor...

Page 246: ...MF Dual Tone Multi Frequency ES Errored Seconds ESF Extended Superframe FDL Facilities Data Link FXS Foreign Exchange Station GS Ground Start HDB3 High Density Bipolar 3 IP Internet Protocol IPX Internet Packet eXchange ISDN Integrated Services Digital Network LAN Local Area Network LAPD Link Access Procedure on the D channel status LBO Line Build Out LLC Logical Link Control LMI Local Management ...

Page 247: ...ath First PAP Password Authentication Protocol PHY Physical specifications POTS Plain Old Telephone Service PPP Point to Point Protocol PRI Primary Rate Interface PVC Permanent Virtual Circuit QoS Quality of Service RADIUS Remote Authentication Dial In Service SABME Set Asynchronous Balanced Mode Extended SDP Session Description Protocol SIP Session Initiation Protocol STP Spanning Tree Protocol T...

Page 248: ... Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Glossary UAS User Agent Server VC Virtual Channel VLAN Virtual Local Area Network VPN Virtual Private Network WAN Wide Area Network WINS Windows Internet Naming Service ...

Page 249: ...f header and information fields allocated to services on demand The term asynchronous applies as each cell is presented to the network on a start stop basis in other words asynchronously authentication The process of identifying an individual usually based on a username and password combination although the process can be many more steps In security systems authentication is distinct from authoriz...

Page 250: ...h device impact and are damaged when they meet on the physical media command line The command line is where you enter MS DOS commands compander Companding is the process of compressing the amplitude range of a signal for economical transmission and then expanding them back to their original form at the receiving end Demilitarized Zone DMZ A collection of computers that are shielded from both the t...

Page 251: ... header payload and trailer Frame Reject FRMR The FRMR response frame is sent to report the receiver of a frame cannot successfully process that frame and that the error condition is not correctable by sending the offending frame again Foreign Exchange A Central Office trunk which has access to a distant central office Dial Tone is returned from that distant Central Office and a location can be re...

Page 252: ... effective interface with the Internet The Internet itself is made up of thousands of LANs and WANs all using TCP IP to provide information services to millions of users A worldwide network of networks that all use the TCP IP communications protocol and share a common address space Internet Protocol IP Internet Protocol the method by which most Internet activity takes place Members with access to ...

Page 253: ...fied at the Media Access Control layer in the network architecture Management Information Base MIB A data base of objects with attributes and values representing the manageable components of a network device Used in SNMP There are industry standardized MIBs and proprietary MIBs mapping In network operations the logical association of one set of values such as addresses on one network with quantiti...

Page 254: ...twork Time Protocol developed to maintain a common sense of time among Internet hosts around the world Many systems on the Internet run NTP and have the same time relative to Greenwich Mean Time Non Return to Zero NRZ A binary encoding scheme in which ones and zeros are represented by opposite and alternating high and low voltages and where there is no return to a zero reference voltage between en...

Page 255: ...1 544 Mb sec and 2 048 Mb sec respectively protocol Procedure or set of rules PVC Permanent Virtual Circuit A PVC is a permanent channel connection between two ATM devices PVC s allow network transmissions to be started without having to first establish a connection with the end point ATM device When a PVC is constructed the end points of the connection will agree upon a path in which data will tr...

Page 256: ...ing instant messaging and other types of real time communication on the internet signal A generated electrical impulse that is a change in voltage to trigger an event Simple Network Management Protocol SNMP SNMP is the most common method by which network managements applications can query a management agent using a supported MIB Management Information Base SNMP operates at the OSI application laye...

Page 257: ...sefulness of a dedicated private network at a price savings VC MUX Virtual Channel Multiplexer Wide Area Network WAN A private long distance network that uses leased lines to connect computers or LANs A wide area network is a linking of computers not physically attached through conventional network connectivity Usually the WAN connection is a dedicated or high grade dial up phone link It is often ...

Page 258: ...Glossary 14 Adit 3000 Rel 1 6 and MSR Card Rel 2 0 GUI Glossary ...

Page 259: ...rnet Connection 1 13 C Certificates 2 4 Channel Configuration 6 30 configuration file 2 63 Connections 5 4 Connections that Require Configuration 3 16 Multilink 3 17 PPPoDS0 Serial 3 12 3 21 D date 2 13 Diagnostics 2 16 DMZ 4 37 DMZ Host 4 17 DNS Static Entries 2 18 Dynamic DNS 2 21 E edit a user 2 67 e mail notification 2 68 Ethernet 1 3 5 Ethernet 2 3 9 F filtering 4 28 Firewall 4 37 DMZ 4 37 LA...

Page 260: ...rial 3 29 Point to Point Tunneling Protocol 3 34 Point to Point Tunneling Protocol Server 3 35 No Internet Connection 1 19 O OSPF Network Connection Configuration 3 40 Routing Configuration 2 47 Outbound Firewall Processing 4 40 output rule sets 4 28 P Performance Button 3 15 Phone Book 6 19 Phone Settings tab 6 14 ping 1 9 Point to Point Protocol over DS0 Serial 1 14 3 29 Point to Point Tunneling...

Page 261: ...ectivity 1 9 time 2 13 traceroute 2 17 Traffic 5 5 Trunk Monitoring 6 32 Trunk Registration 6 35 Trunk Settings 6 25 Channel Configuration 6 30 U Upgrade from a Local Computer 2 64 user add 2 66 configure 2 65 edit 2 67 Users 2 65 V VLAN Configuration 2 69 Voice over IP 1 23 6 1 IP Telephony 6 3 Line Monitoring 6 22 Overview 6 2 Phone Book 6 19 Phone Settings 6 14 Trunk Monitoring 6 32 Trunk Regis...

Page 262: ...8 Restart 2 39 Restore Defaults 2 40 Routing 2 41 Scheduler Rules 2 52 Security 1 22 Simple Network Management Protocol 2 55 System Monitoring 1 26 System Settings 2 57 Technical Information 2 61 Upgrade from a Local Computer 2 64 Users 2 65 VLAN Configuration 2 69 Voice over IP 1 23 ...

Reviews:

No comments

Related manuals for Adit 3200

THOMSON TG605s Cli Reference Manual preview
TG605s
Brand: THOMSON Pages: 974
NetComm NL20 Quick Start Manual preview
NL20
Brand: NetComm Pages: 20
CastleNet CBV383Z4S-N300 User Manual preview
CBV383Z4S-N300
Brand: CastleNet Pages: 29
ZyXEL Communications HLA3105 User Manual preview
HLA3105
Brand: ZyXEL Communications Pages: 2
ZIEHL-ABEGG NETcon D-G-64NE Operating Instructions Manual preview
NETcon D-G-64NE
Brand: ZIEHL-ABEGG Pages: 27
YZ Systems YZ Connect User Manual preview
YZ Connect
Brand: YZ Systems Pages: 25
NetComm HS1100 User Manual preview
HS1100
Brand: NetComm Pages: 212
Innoband 8520-R1 User Manual preview
8520-R1
Brand: Innoband Pages: 131
Gree ME30-44/D2 B Owner'S Manual preview
ME30-44/D2 B
Brand: Gree Pages: 24
Cisco Catalyst 8200 Series Quick Start Manual preview
Catalyst 8200 Series
Brand: Cisco Pages: 8
Cisco DPC3825 Installation Manual preview
DPC3825
Brand: Cisco Pages: 4
Paradyne WIRELESS DATA GATEWAY Installation And Operation Manual preview
WIRELESS DATA GATEWAY
Brand: Paradyne Pages: 66
QNAP TS-109 User Manual preview
TS-109
Brand: QNAP Pages: 168
Multitech MULTIVOIP MVP-410ST Cabling Manual preview
MULTIVOIP MVP-410ST
Brand: Multitech Pages: 8
Multitech MultiVOIP 100 MVP120 Quick Start Manual preview
MultiVOIP 100 MVP120
Brand: Multitech Pages: 48
Multitech Conduit MTCDT-L4E1 Hardware Manual preview
Conduit MTCDT-L4E1
Brand: Multitech Pages: 28
APconnections NETEQUALIZER NE 3000 User Manual preview
NETEQUALIZER NE 3000
Brand: APconnections Pages: 120
Alcatel-Lucent OmniAccess 780 Specifications preview
OmniAccess 780
Brand: Alcatel-Lucent Pages: 4

Brands by name

Popular brands

Load more brands