manualshive.com logo in svg

Digital Equipment Digital NetRider, Owner'S Manual

The Digital Equipment Digital NetRider Owner's Manual is a comprehensive guide designed to help users maximize the potential of their device. Packed with step-by-step instructions and detailed illustrations, this manual is available for free download at manualshive.com, ensuring easy access to the information you need to operate your NetRider effectively.

Share
Download
background image

Managing Kerberos

22-6  Managing Access Server Security

Managing Kerberos

Introduction

This section describes Kerberos security features and explains how to configure and 
manage these features on the access server. 

To use the procedures in this section, you must:

Ensure that the access server can communicate with a host running Kerberos V4 
software.

Connect and test the devices.

Enable privileged status.

Configure the port and device characteristics to match.

Reference

Refer to the access server hardware documentation for information about connecting 
device cables. This section assumes that you have a basic understanding of Kerberos. 
Refer to Digital's Guide to Kerberos for more information.

Configuration Prerequisites

This section describes the prerequisites for configuring the Kerberos security features 
on an access server. 

Kerberos Host Requirements 

To use Kerberos authentication, the access server must be able to communicate 
over the network with a host that functions as a Kerberos V4 key distribution 
center (KDC). The key distribution center is an ULTRIX or UNIX host that runs 
Kerberos software and contains a database of valid user names and passwords. 
The access server does not authenticate using the Kerberos V5 protocol.

To operate with the highest level of security, the access server must be registered 
with all KDCs within the Kerberos realms in which user authentication will take 
place. A realm refers to a group of hosts that share a common administrative 
domain for purposes of user authentication.

Each realm has one master KDC that contains a write-enabled database. The 
master KDC propagates its database to any slave KDCs in the same realm.

A basic mode of operation is also available in which the access server does not 
need to be registered in any of the realms. This mode of operation is less secure, 
but easier to configure.

Summary of Contents for Digital NetRider

Page 1: ...GITAL NetRider Network Access Server Management Part Number AA PW5VE TE June 1997 Revision Update Information This is a revised document Software and Version DECserver Network Access Software Version 2 2 ...

Page 2: ...tion OSF 1 is a registered trademark of Open Software Foundation Inc PostScript is a registered trademark of Adobe Systems Inc SecurID is a registered trademark of Security Dynamics Technologies Inc SCO is a trademark of Santa Cruz Operations Inc Sun is a registered trademark of Sun Microsystems Inc UNIX is a registered trademark in the United States and other countries licensed exclusively throug...

Page 3: ...4 Accessing Online Help 1 4 Storage of Configuration Settings and Changes in Memory 1 5 Memory Types 1 5 Power Loss 1 5 Commands to Display and Change Configuration Settings 1 6 Introduction 1 6 Types of Commands That Operate on Configuration Settings 1 6 2 Management Tools Overview 2 1 Introduction 2 1 In This Chapter 2 1 Access Server Commands 2 2 Introduction 2 2 Levels of Access Server Command...

Page 4: ...cteristics of the Telnet Remote Console Port 2 12 Access Server Manager 2 13 Description 2 13 Functions 2 13 Related Information 2 13 3 User Interface Overview 3 1 Introduction 3 1 In This Chapter 3 1 Command Groups and Menus 3 2 Description 3 2 Using Command Groups 3 3 Creating a Command Group 3 3 Executing a Command Group 3 4 Displaying a Command Group 3 4 Purging a Command Group 3 4 Using Menus...

Page 5: ...ommands 4 5 DELETE Command 4 5 LIST and SHOW Commands 4 6 CONNECT and USE Commands 4 6 DSVCONFIG 4 9 Introduction 4 9 DECserver Configuration Procedure 4 9 DSVCONFIG Menu 4 9 Using a BOOTP TFTP Server 4 10 Introduction 4 10 IP Address Configuration Via BOOTP 4 10 Remote Connection Password 4 11 Upline Dumping 4 12 Introduction 4 12 Upline Dumps with MOP Hosts 4 12 Upline Dumps with BOOTP TFTP Host...

Page 6: ...e 5 7 Booting from the Network 5 8 Loading the Software Image 5 8 Determining Boot Protocols 5 8 Reference 5 8 Booting Using Console Commands 5 9 Introduction 5 9 Procedure 5 9 Boot Command Options 5 10 6 Configuring LAT Characteristics Overview 6 1 In This Chapter 6 1 LAT Characteristics 6 2 Preparing to Change LAT Characteristics 6 2 LAT Characteristic Summary 6 2 Displaying LAT Characteristics ...

Page 7: ...racteristic 6 12 Introduction 6 12 Access SERVER NUMBER Values 6 12 Changing the Access SERVER NUMBER 6 12 PASSCHECK Characteristic 6 13 Introduction 6 13 Changing the PASSCHECK Characteristics 6 13 PASSCHECK Characteristic Example 6 13 QUEUE LIMIT Characteristic 6 14 Introduction 6 14 Special QUEUE LIMIT Values 6 14 Changing the QUEUE LIMIT 6 14 RETRANSMIT LIMIT Characteristic 6 15 Introduction 6...

Page 8: ...rs 7 13 Assigning DNS Server Addresses Automatically 7 15 Configuring a List of Internet Gateway Addresses 7 16 Introduction 7 16 Displaying a List of Gateway Addresses 7 16 Configuring a Default Gateway 7 16 Defining Networks Available Through a Specific Gateway 7 17 Defining Subnets Available Through a Specific Gateway 7 17 Defining Hosts Available Through a Specific Gateway 7 17 Configuring a L...

Page 9: ...sses 7 32 Displaying WINS Characteristics 7 32 8 Managing AppleTalk Overview 8 1 Introduction 8 1 In This Chapter 8 1 Configuring AppleTalk on an Access Server 8 2 Introduction 8 2 AppleTalk Address Format 8 2 Enabling AppleTalk 8 2 Disabling AppleTalk 8 3 Setting AppleTalk Address Cache Size 8 3 Displaying AppleTalk Characteristics 8 5 Commands 8 5 Displaying AppleTalk Characteristics Example 8 5...

Page 10: ...d 9 2 Basic Device Characteristic Summary 9 2 Displaying Basic Device Characteristics 9 4 Command 9 4 Displaying Port Characteristics Example 9 4 Configuring the ACCESS Characteristic 9 5 Description 9 5 Command 9 5 Defining the ACCESS Characteristic Example 9 5 Matching the Port and Device Characteristics 9 6 Introduction 9 6 AUTOBAUD 9 6 CHARACTER SIZE 9 7 PARITY 9 7 SPEED 9 8 STOP BITS 9 8 TYPE...

Page 11: ...9 Introduction 10 9 Determining When to Use a Signal Set 10 9 Specifying SIGNAL CHECK 10 10 Introduction 10 10 Specifying DTRWAIT 10 11 Description 10 11 Enabling DTRWAIT Example 10 11 Specifying RING 10 12 Description 10 12 Specifying ALTERNATE SPEED 10 13 Description 10 13 Specifying DIALUP 10 14 Description 10 14 Sample Modem Configurations 10 15 Introduction 10 15 Configuring a Dial In Modem o...

Page 12: ...Displaying Access Server Queue Entries 11 8 SHOW QUEUE ALL Display Example 11 9 Removing Entries from the Access Server Queue 11 9 Configuring Port Characteristics 11 10 Configuring an Interactive Device for Telnet Sessions 11 11 Introduction 11 11 Configuring a Device on Port 6 for Internet Hosts Example 11 11 Reference 11 12 Configuring a Session Management TD SMP Terminal 11 13 Introduction 11 ...

Page 13: ... for Local User Accounts 11 28 SHOW LIST MONITOR USERACCOUNT Display 11 29 Service Permissions Access 11 30 User Account Command Parameters 11 31 Access Command Variables 11 32 Managing Users 11 33 Providing a Contact Name and Access Server Location 11 33 Specifying Preferred Service for LAT or Telnet Resources 11 33 Specifying the Port USERNAME 11 34 Specifying Keys to Switch Between Sessions 11 ...

Page 14: ...ter As a LAT Service 12 7 Configuring a Modem As a LAT Service 12 8 Configuring a Printer As a LAT Service 12 9 Setting Up a LAT Remote Print Queue on an OpenVMS Host 12 9 Setting Up a LAT Remote Print Queue on an ULTRIX System 12 11 Configuring a Printer with Unannounced Availability 12 13 Introduction 12 13 Configuring a Printer with Unannounced Availability 12 13 Verifying the LAT Service 12 15...

Page 15: ... on a UNIX System 13 10 Configuring a Telnet Listener 13 11 Introduction 13 11 Configuring Telnet Server Session Characteristics 13 12 Introduction 13 12 Mapping Event Indications to Keyboard Characters 13 12 Specifying Newline Characteristics 13 13 Specifying Character Size 13 13 Managing Your Access Server As a Telnet Listener Node 13 15 Introduction 13 15 Displaying Telnet Listeners 13 15 Displ...

Page 16: ...roduction 15 5 How an Access Server Port Obtains the SLIP Host Internet Address 15 5 Managing the Maximum Transmission Unit 15 7 Introduction 15 7 Changing the MTU 15 7 Relationship of the TCP Maximum Segment Size and the MTU 15 7 Fragmentation 15 7 Configuring a Port So That a PC Can Function as a Terminal or SLIP Host 15 8 Introduction 15 8 Configuring a Dedicated SLIP Port 15 9 Introduction 15 ...

Page 17: ...6 3 Supported MIB Variables 16 3 Configuring the Access Server for SNMP Access 16 5 Enabling and Disabling SNMP 16 5 Displaying Information About SNMP 16 5 Default Community Name PUBLIC 16 5 Configuring a Community Name for Access by Any NMS 16 6 Configuring a Community Name with an Address 16 6 Configuring Community Names to Send TRAP Messages 16 7 Sample SNMP Configuration 16 8 Disabling TRAP Me...

Page 18: ...splaying Port Characteristics 17 24 Displaying Port Counters 17 25 Displaying Port Status 17 27 Displaying Port Summary 17 29 SHOW LIST MONITOR PORT SUMMARY Display Fields 17 30 18 Configuring and Managing 3270 Terminal Emulation TN3270 Overview 18 1 Introduction 18 1 Supported ASCII Terminals 18 2 Definition 18 2 Definition and Description of a Keyboard Map 18 3 3278 Keyboards 18 3 Server Specifi...

Page 19: ...M 18 17 TN3270 Commands That Free NVRAM Space 18 17 Limiting NVRAM Usage 18 18 Commands to Manage TN3270 Terminal Emulation 18 19 Introduction 18 19 TN3270 Access Server Characteristics 18 19 TN3270 Port Characteristics 18 20 SHOW Commands 18 21 19 Configuring and Managing Point to Point Protocol PPP Ports Overview 19 1 Introduction 19 1 Prerequisites 19 1 In This Chapter 19 1 Enabling PPP on an A...

Page 20: ...are 20 6 Novell Workstation Software 20 6 Novell Utilities for Local Execution 20 6 Setting Up the Network Access Server 20 7 Enabling IPX 20 7 Configuring the Port for an Attached Device 20 7 Configuring the Port for the Login Method 20 8 Configuring the Port for Login to the Local Prompt 20 8 Configuring the Port Dedicated to PPP 20 9 Configuring the Port for PPP IPXCP Data Link 20 9 Summary of ...

Page 21: ... in the IPX Status Display 20 24 Displaying IPX Counters 20 25 Use the SHOW IPX COUNTERS command 20 25 IPX Counters Display 20 25 IPX Counters Display Fields 20 25 Displaying IPX Routes 20 28 Using the SHOW IPX ROUTES Command 20 28 IPX Routes Display 20 28 IPX Routes Display Fields 20 28 Resetting Counters 20 29 Using the ZERO Command 20 29 ZERO Command Options 20 29 21 Managing Dial Services Over...

Page 22: ...ve Dial Back 21 15 Interactive Dial Back Dial Service Example 21 15 Framed Dial Requests 21 16 Introduction 21 16 Changing PPP Characteristics Examples 21 16 Guidelines 21 16 22 Managing Access Server Security Overview 22 1 Introduction 22 1 In This Chapter 22 1 Security Type Descriptions 22 2 Introduction 22 2 Kerberos 22 2 RADIUS 22 2 SecurID 22 3 User Accounts 22 3 Common Terminology Across Sec...

Page 23: ...ss Server Security 22 27 Introduction 22 27 Defining the Realm 22 27 Determining Security Configuration 22 28 Displaying RADIUS SECURID and KERBEROS Characteristics 22 28 Displaying Security Summary 22 30 Showing the Authentication Counters 22 31 Showing the User Port Authorization Profile 22 31 Showing Security Counters 22 31 Managing Dial Up Access Security with AUTOLINK and AUTOLINK Authenticat...

Page 24: ...Session Disconnect Events 23 9 Password Fail Events 23 9 SNMP Community Fail Events 23 9 Password Modified Events 23 10 User Privilege Level Modified Events 23 10 SNMP Community Modified Events 23 10 Managing Accounting 23 11 Introduction 23 11 Defining the Accounting Log Size 23 11 Changing the Accounting Threshold 23 12 Changing the Accounting Console 23 12 Displaying Accounting Characteristics ...

Page 25: ...xxv A Cable and Adapter Recommendations Cable and Adapter Hardware A 1 Cable and Adapter Table A 1 Reference A 2 Glossary Index ...

Page 26: ......

Page 27: ...ccess server TSM Users If you have the optional network management product Terminal Server Manager TSM software review the documentation for the product before you read this manual and other access server documents This product affects the way you install and manage access servers Note that TSM software is available only for OpenVMS load hosts Using This Manual This manual details the tasks you pe...

Page 28: ...e command keywords to the first three characters or to the minimum unique abbreviation lowercase italics Lowercase italics in command syntax indicates variables for which either the user or the network access server supplies a value Braces in the command syntax indicate that you must choose one of the enclosed options Do not type the braces Brackets in the command syntax indicate that the enclosed...

Page 29: ... a VAXcluster system including the procedure to configure the system for remote printing ULTRIX Guide to System Environment Setup Provides the procedure to configure the ULTRIX system environment including the procedure to configure print systems DECserver Network Access Software Installation Describes how to install the network access software on Microsoft Windows 95 or Windows NT OpenVMS DIGITAL...

Page 30: ...ITAL By Mail USA and Puerto Rico DIGITAL EQUIPMENT CORPORATION P O Box CS2008 Nashua New Hampshire 03061 Place prepaid orders from Puerto Rico with the local DIGITAL subsidiary 809 754 7575 By Mail Canada DIGITAL EQUIPMENT of CANADA LTD 940 Belfast Road Ottawa Ontario Canada K1G 4C2 Attn A SG Business Manager Internationally DIGITAL EQUIPMENT CORPORATION Attn A SG Business Manager c o local DIGITA...

Page 31: ...d System set your modem to 8 bits no parity 1 stop bit and dial 508 486 5777 U S Outside of the U S dial access code 1 508 486 5777 WWW The Digital Equipment Corporation Network Products Business Home Page on the World Wide Web is at the following addresses Attn Documentation Project Manager FAX 508 486 5655 E mail doc_quality lkg mts dec com North America http www networks digital com Europe http...

Page 32: ......

Page 33: ...stem administrators who configure and manage the access server End users of network services and applications In This Chapter This chapter includes the following topics Configuration Tasks for System Administrators Management Tasks for System Administrators User Tasks Storage of Configuration Settings and Changes in Memory Commands to Display and Change Configuration Settings ...

Page 34: ...r is configured and operational with factory set defaults you may need to customize the configuration for your use For a list of defaults associated with each category of configuration settings refer to the chapters listed in the previous table To Configure Refer to User interface Chapter 3 Network access server on the network Chapter 6 Devices on a port Chapter 9 Interactive devices Chapter 11 LA...

Page 35: ...ch task To Manage Refer to LAT network communications Chapter 12 TCP IP network communications Chapter 7 SLIP port reconfiguration Chapter 15 SNMP communities Chapter 16 Network access server maintenance Chapter 17 Management of load hosts Chapter 4 Configuring the user interface Chapter 3 Configuring LPD printers Chapter 14 Managing point to point protocol hosts Chapter 19 Managing IPX Chapter 20...

Page 36: ...g to network resources and managing sessions For a description of these tasks refer to the Specifying the Telnet Client Session Profile section in Chapter 11 Accessing Online Help The tutorial for online help also describes user tasks To start the tutorial enter the following command on your access server Local HELP TUTORIAL ...

Page 37: ...s configuration settings in two types of memory Permanent data is stored in nonvolatile random access memory NVRAM Operational data is stored in volatile random access memory VRAM Power Loss An initialization or power loss has no effect on NVRAM When an initialization or power loss occurs the access server overwrites the current settings in VRAM with those from NVRAM ...

Page 38: ...o make changes to a given port these changes take place the next time that a user logs in to the port If you use the DEFINE command to make changes to access server settings these changes take effect the next time you initialize or plug in the server Reference The Network Access Server Command Reference describes the syntax range of values and defaults for all these types of commands Use the Comma...

Page 39: ...ls for managing the access server These tools are Access server commands Help Console port Remote console port Access Server Manager a PC based management tool In This Chapter This chapter contains the following topics Access Server Commands Help Console Port Remote Console Port Access Server Manager ...

Page 40: ...of Access Server Commands The access server has four levels of commands as listed in the following table Command Level Provides Access to Commands to Enable and Disable Privileged All access server commands SET PRIVILEGED Nonprivileged A subset of privileged commands Default Limited view All nonprivileged commands except those that show or list LAT nodes LAT services and various Internet databases...

Page 41: ...NGE and SHOW LIST MONITOR groups 1 VRAM is the server s volatile operational database Command Result DEFINE Changes NVRAM nonvolatile random access memory The system must be reinitialized for the changes to take effect SET Changes VRAM 1 CHANGE Changes both NVRAM and VRAM SHOW Displays current status or information about various options from the access server operational database MONITOR Displays ...

Page 42: ... to its defaults by plugging the unit in while holding the reset button More than one port at a time can be privileged Therefore you should not reveal the privileged password Example Enabling Privileged Commands This example shows how to use the SET PRIVILEGED command to enable privileged commands on a port after accessing the access server Local SET PRIVILEGED Password not echoed Local Example Ch...

Page 43: ...isplays a screen that explains how to use the tutorial HELP Command The HELP command provides reference information for the level of commands enabled on the port that you are using Example Accessing Online Help Information The following example shows how to display the online help for the SET command and the PORT characteristic Local HELP A list of topics displays here Topic SET SET SET changes ch...

Page 44: ...s Server Problem Solving manual Example SHOW SERVER Command The following example shows how to display the current port number for the console port The value in for the Console Port characteristic in the display is the current port number Local SHOW SERVER Network Access SW Vx x for DSxxx xx BLxx xx ROM Vx x x Uptime 0 00 16 18 Address 08 00 2B 26 AA 99 Name WWDOCMC Number 0 Identification Circuit...

Page 45: ...ibes the four utilities you can use to connect to the remote console port on the access server Feature Description Local switch character Tilde Personal computer file transfers Unsupported SET DEFINE CHANGE PORT characteristics Available for all ports except for the remote console port Number of sessions supported 1 at a time Connection Utility Host Type Protocol Network Control Program NCP OpenVM...

Page 46: ...console can be created Network Control Program NCP NCP enables you to connect to the remote console port from an OpenVMS DECnet node that is on the same Ethernet as the access server The node must be running DECnet Phase IV software but does not need to be a LAT service node or a load host for your access server Usage Considerations Consider the following when using NCP Do not confuse the SERVICE ...

Page 47: ...ess CTRL D when finished ACCESS not echoed Network Access SW Vx x for DSxxx xx BLxx xx ROM Vx x x Uptime 0 00 16 38 c Copyright 1993 Digital Equipment Corporation All Rights Reserved Please type HELP if you need assistance Enter username MANAGER Local Use of SET HOST MOP from a DECnet OSI OpenVMS Node MOP enables you to connect to the remote console port from an DECnet OSI OpenVMS node that is on ...

Page 48: ... 08 00 2B 26 AE 32 Press CTRL to disconnect CTRL to send break ACCESS not echoed Network Access SW Vx x for DSxxx xx BLxx xx ROM Vx x x Uptime 0 00 16 41 c Copyright 1993 Digital Equipment Corporation All Rights Reserved Please type HELP if you need assistance Enter username SWINSTALLER Local Use of CCR from an ULTRIX DECnet Node Console Carrier Request CCR enables you to connect to the remote con...

Page 49: ...gital Equipment Corporation All Rights Reserved Please type HELP if you need assistance Enter username MANAGER Local Telnet Remote Console If the access server has an Internet address you can configure it to accept a Telnet remote console connection Once you configure the Internet address and Telnet remote console port the access server accepts and establishes a Telnet remote console connection to...

Page 50: ...emote console port available to any of the TCP ports used by the access server Telnet listener feature Number of TCP ports configured to function as a remote console port More than 1 allowed Maintenance password Not required In environments where both MOP and Telnet are used to access the remote console setting a maintenance password for MOP does not affect Telnet Access server login password Requ...

Page 51: ... to Download firmware from a PC load host to the access server Download IP address configuration information to the access server Configure the access server network protocols Configure ports for remote access and terminal server functions Configure modems attached to a DECserver port Configure access server security Configure access server dialer services Make a Telnet console connection to an ac...

Page 52: ......

Page 53: ...command group defines a set of commands that a specified group of users can access and execute A menu provides a customized selection of commands that a specified group of users can select on the terminal screen Both command groups and menus can help the access server user avoid repetitive typing In This Chapter This chapter contains the following topics Command Groups and Menus Using Command Grou...

Page 54: ...y feature Since command groups and menus both have an associated port list you can control which users can access them Command groups and menus can also enable nonprivileged users to access a subset of privileged commands Even if command groups and menus contain privileged commands they are available to any nonprivileged user logged in to a port in the associated port list ...

Page 55: ...PORT P1 LOCK ENABLE Local CHANGE COMMAND GROUP SERVICE_A LINE 20 CHANGE PORT P1 DEFAULT PROTOCOL LAT Local CHANGE COMMAND GROUP SERVICE_A LINE 30 CONNECT LAT P2 The command group defined in this example does the following for the specified port 1 Enables lock 2 Sets the default protocol to LAT 3 Connects to the LAT service specified Step Action 1 Use the CHANGE COMMAND GROUP command to specify a c...

Page 56: ... example below shows how to display the SERVICE_A command group Local SHOW COMMAND GROUP SERVICE_A Command Group SERVICE_A Enabled on Ports 2 3 5 Line 10 CHANGE PORT P1 LOCK ENABLE Line 20 CHANGE PORT P1 DEFAULT PROTOCOL LAT Line 30 CONNECT LAT P2 Purging a Command Group Use the PURGE COMMAND GROUP command to purge a command group Use this command to delete a line from a command group delete an en...

Page 57: ... CHANGE MENU command See section Defining Menu Choices in this chapter Example SHOW MENU Command The following example shows how to display a list of menus Local SHOW MENU MAIN HOSTS SERVICES Entering Menu Mode To use any menu enabled on the current port use the nonprivileged ENTER MENU command If you are a privileged user the ENTER MENU command enables you to use any menu available on the access ...

Page 58: ...ult Menu The following example show how to assign the default menu HOSTS to port 2 Local DEFINE PORT 2 DEFAULT MENU HOSTS Menu Windows Menus are divided into two windows The menu choices window appears in lines 1 through 20 The directions and user input window appears in lines 22 through 24 The current selection appears in reverse video To make a selection use the up and down arrow keys to highlig...

Page 59: ...User Interface 3 7 Using Menus Figure Windows on Access Server Menus The following figure shows a typical access server menu ...

Page 60: ...ou can display and modify the default menu using the same commands that you use for any other menu You may find it convenient to use the main menu as a starting point and an example for creating new menus For example to create a new menu entitled SERVICES based on the main menu enter the following command Local CHANGE MENU SERVICES FROM MAIN In effect the command above copies the main menu and giv...

Page 61: ...displays on the screen Defining Menu Choices For each menu choice line you can define One line of display text A server command which can Specify up to 8 optional input parameters Be a DO command A prompt string for each specified input parameter A default string for each specified input parameter ...

Page 62: ...ss the Return key or type a host name or address before pressing the Return key If you press the Return key without typing a host name or address the access server executes the CONNECT TELNET command with the default string CONNECT TELNET 16 195 1 1 If you type a host name or IP address and then press the Return key the access server executes the CONNECT TELNET command with the specified name or a...

Page 63: ...If the port is privileged it is also possible to exit from the menu by entering Ctrl C while the menu is displayed This prevents you from being trapped if you accidentally create and enter a menu without a LEAVE MENU or LOGOUT command Using Menus to Set Up a Captive Port A system manager can use the menus feature to set up a captive port such that users can execute commands from within the menus o...

Page 64: ...u Lines and Entire Menus Use the PURGE MENU command to delete a string from a menu line an entire menu line an entire menu or all menus from the access server database Example Commands to Purge Entire Menus and Menu Lines The following example shows the commands to purge specific menu lines and entire menus Local PURGE MENU MAIN LINE 5 Local PURGE MENU HOSTS ...

Page 65: ... chapter describes the command procedures that you use to manage hosts that load the access server software image on a LAT network In This Chapter This chapter contains the following topics DSV CONFIGURE DSVCONFIG Using a BOOTP TFTP Server Upline Dumping Terminal Server Manager TSM ...

Page 66: ...RE DECnet Phase IV DECnet OSI MDS OpenVMS DSV CONFIGURE DSV CONFIG DECnet Phase IV DECnet OSI MOP ULTRIX DSVCONFIG etc add_DECserver TCP IP BOOTP TFTP UNIX DIGITAL UNIX Using a BOOTP TFTP Server etc list_DECserver TCP IP BOOTP TFTP UNIX DIGITAL UNIX Using a BOOTP TFTP Server etc rem_DECserver TCP IP BOOTP TFTP UNIX DIGITAL UNIX Using a BOOTP TFTP Server etc upd_DECserver TCP IP BOOTP TFTP UNIX DIG...

Page 67: ...ion about installing DSV CONFIGURE refer to the installation guide provided with the access server software Backward Compatibility of DSV CONFIGURE DSV CONFIGURE supports both DECnet Phase IV and DECnet OSI Phase V Upon installation DSV CONFIGURE automatically converts databases created by DSVCONFIG to the data format required by DSV CONFIGURE Executing DSV CONFIGURE The procedure DSV CONFIGURE CO...

Page 68: ...information about one or all servers SHOW Synonym for LIST CONNECT Connect to a server via remote console USE Synonym for connect HELP Displays summary of valid commands EXIT Exit this procedure ADD Command To add an access server to the system use the following command format ADD SERVER server name The following table describes the command syntax After you enter the ADD command DSV CONFIGURE disp...

Page 69: ...and for DECnet Phase IV If you use DECnet Phase IV the required DECnet address prompt has a default of the first unused address in area 13 You no longer need to enter an external SHOW NODE 13 command prior to adding an access server MODIFY and SET Commands The MODIFY and SET commands operate in a manner similar to the ADD command These commands provide defaults for each prompt The defaults are the...

Page 70: ...display information about an access server The syntax of the LIST command is identical to that for the ADD command with one exception server name can be a wildcard character Example LIST Command for DSV CONFIGURE The following example shows the data that the LIST and SHOW commands display In this example the DECnet address would also display if this were a DECnet Phase IV node DSV LIST SERVER _Ser...

Page 71: ...Dave Local SHOW USER Port Username Status Service 3 Connected 10 User 10 Connected 11 TELNET Local Mode Local Ctrl Example CONNECT Command for DSV CONFIGURE on a DECnet Phase IV System The following example shows how to use CCR and DSV CONFIGURE to connect to a remote console port from a DECnet Phase IV system From a user s perspective the only difference between DECnet OSI and DECnet Phase IV is ...

Page 72: ...8 Managing Load Hosts Context Sensitive Help for DSV CONFIGURE DSV CONFIGURE provides context sensitive help At any prompt other than the Local prompt after a CONNECT USE command type a question mark for an explanation ...

Page 73: ... part of the access server software For information about installing DSVCONFIG and adding a new access server refer to the installation guide provided with the access server software DECserver Configuration Procedure When the DSVCONFIG menu displays DSVCONFIG Menu The following figure shows the DSV CONFIG menu Menu of Options 1 List known DECservers 2 Add a DECserver 3 Swap an existing DECserver 4...

Page 74: ...ther the DECserver operating software is loading from FLASH RAM or via a load host using the MOP protocol The factory default settings for this feature now send a BOOTP request on the network in order to obtain one if the DECserver unit does not have an IP address defined in NVRAM Customers who do not wish to run IP on their DECserver and therefore may wish to disable this feature may issue the DE...

Page 75: ...bled for remote or dynamic access may have its remote password feature individually enabled or disabled This feature is useful for both reverse LAT services or Telnet listeners DNAS uses the remote password in addition to the LAT service password when the LAT service is password protected When a host initiates a login to a remote password protected port on the server the server displays the prompt...

Page 76: ...cimal number is the Ethernet address for the load host that received the most recent upline dump If the dump host is running DECnet software you can convert the Ethernet address of the dump host to the DECnet node address of the dump host A formula for this conversion appears in the DECnet documentation for the operating system of the dump host When you use the Add option of DSV CONFIGURE or DSVCO...

Page 77: ...me extended LAN TSM is not included in the access server software and must be purchased separately Reference For more information about TSM refer to the Terminal Server Manager Installation and Use manual For TSM Users If you use TSM do not use DSV CONFIGURE or NCP to update the DECnet database By not using DSV CONFIGURE and NCP with TSM you can avoid accidentally overwriting access server informa...

Page 78: ......

Page 79: ... the access server to the factory set defaults you need to reboot the access server and press the appropriate switch on the hardware unit For details about this procedure refer to the hardware documentation provided with the access server In This Chapter This chapter contains the following topics Preparing LAT Services for Initialization Preparing Telnet Listeners for Initialization Initializing t...

Page 80: ...number of requests that it contains Step Action 1 Enter the following command to disable queuing on the access server Local SET SERVER QUEUE LIMIT 0 2 Disable additional connections to local services For example the following command disables the service LASER Local SET SERVICE LASER CONNECTIONS DISABLED 3 Check that the queue is empty before starting the initialization procedure by entering one o...

Page 81: ...itialize Step Action 1 Disable further Telnet connections The network access server fails to execute the SET TELNET LISTENER CONNECTIONS DISABLED command if a session exists on the specified listener Example The following command disables Telnet connections on TCP port 2005 Local SET TELNET LISTENER 2005 CONNECTIONS DISABLED 2 Log out the port Example The following command logs out port 5 Local LO...

Page 82: ...e Port section in Chapter 2 for additional information about the remote console port Default Mode for the INITIALIZE Command To use the INITIALIZE command in its default mode of operation enter the following Local INITIALIZE In this mode of operation the following steps occur Step Action 1 If the access server has Flash capabilities and the image name stored in NVRAM matches the image name stored ...

Page 83: ... server has Flash capabilities you can specify initialization from the image stored in Flash RAM by using the following command Local INITIALIZE FROM FLASHRAM Updating Flash RAM If a access server has Flash capabilities you can update the image stored in Flash RAM with an image from a network load host Use the following command Local INITIALIZE FROM ETHERNET UPDATE FLASHRAM This command causes the...

Page 84: ...nitializes the access server in the default mode and performs an extended test INITIALIZE DIAGNOSE Option Tests The following table shows the tests that are available as part of the INITIALIZE DIAGNOSE option Specifying the DISABLE OPTION with INITIALIZE Using the DISABLE option with INITIALIZE loads the software image but disables the use of the CONNECT command and the AUTOCONNECT function The fo...

Page 85: ...nds do not have any automatic warning or delay options However you can warn users about an impending initialization by using the access server BROADCAST command NCP Reference For more information about NCP refer to the documentation provided with the host system NCP Initialization Commands Description LOAD Ensures that the host at which you issue the command is the node that performs the load TRIG...

Page 86: ...nce the access server searches for a load host The access server tries both MOP and BOOTP protocols in a factory defined order The boot sequence includes a wait period after passing through all the boot protocols Once the access server finds a load host it records the protocol and load host in its permanent database The software is then downline loaded from the load host Reference For more informa...

Page 87: ...ng steps Step Action 1 During the boot sequence of the access server initialization process press Ctrl B two times consecutively on the port defined as the console port The boot process stops and the access server returns the following console prompt 2 At the prompt you can enter H to invoke help Entering H provides help text to describe the interactive boot mode commands available The Boot Comman...

Page 88: ...rsw This command instructs the access server to look for image TFTP SERVERSW first in Flash RAM then from the network If you want lowercase letters you have to use quotation marks For example b tftp serversw B This command and the quotation marks explicit null name instruct the access server to search for any image in Flash RAM If the access server is unable to find an image in Flash RAM then it l...

Page 89: ...work load host defines this software and is typically based on the Ethernet MAC address of the access server H Thiscommand displays the help text that describes the interactive boot mode commands I This command initializes the access server using the default boot parameters The access server performs all normal self tests R This command resets the factory settings and initializes the access server...

Page 90: ......

Page 91: ...laying LAT Characteristics ANNOUNCEMENTS Characteristic CIRCUIT TIMER Characteristic IDENTIFICATION Characteristic KEEPALIVE TIMER Characteristic MULTICAST TIMER Characteristic ACCESS SERVER NAME Characteristic NODE LIMIT Characteristic Access SERVER NUMBER Characteristic NODE LIMIT Characteristic Access SERVER NUMBER Characteristic PASSCHECK Characteristic QUEUE LIMIT Characteristic RETRANSMIT LI...

Page 92: ...fy a LAT characteristic use the SET DEFINE CHANGE command for the appropriate characteristic The following table summarizes the access server LAT characteristics Characteristic Default Range Refer to Section ANNOUNCEMENTS Enabled ANNOUNCEMENTS Characteristic CIRCUIT TIMER 80 milliseconds 30 to 200 CIRCUIT TIMER Characteristic IDENTIFICATION None IDENTIFICATION Characteristic KEEPALIVE TIMER 20 sec...

Page 93: ...ECK Characteristic QUEUE LIMIT 100 0 to 200 QUEUE LIMIT Characteristic RESPONDER Disabled RESPONDER Characteristic RETRANSMIT LIMIT 8 4 to 120 RETRANSMIT LIMIT Characteristic SERVICE GROUPS 0 ENABLED 1 to 255 DISABLED 0 to 255 Service Groups Characteristic Default Range Refer to Section ...

Page 94: ...y that appears when you use the SHOW SERVER command Local SHOW SERVER Network Access SW Vx x for DSxxx xx BLxx xx ROM Vx x x Uptime 0 00 44 34 Address 08 00 2B 26 AA 99 Name WWDOCMC Number 0 Identification Circuit Timer 80 Password Limit 3 Console Port 1 Prompt Local Inactivity Timer 30 Queue Limit 100 Keepalive Timer 20 Retransmit Limit 8 Multicast Timer 30 Session Limit 64 Node Limit 200 Softwar...

Page 95: ...he access server sends LAT multicast messages about local services over the Ethernet The access server does not send any announcements if no local services are defined Configure Announcements Example The following example shows how to enable and disable the announcements characteristic Local CHANGE ANNOUNCEMENTS ENABLED Local CHANGE ANNOUNCEMENTS DISABLED ...

Page 96: ...circuit timer use the command shown in the following example Local CHANGE SERVER CIRCUIT TIME milliseconds Increasing the CIRCUIT TIMER As you increase the circuit timer value the LAT protocol overhead decreases on the access server service node and network A slower terminal response time however is the trade off for any increased circuit timer value Decreasing the CIRCUIT TIMER If you reduce the ...

Page 97: ...dentification string use the following command Local CHANGE SERVER IDENTIFICATION newID Removing an Identification String To remove an identification string specify a null string by using the following command Local CHANGE SERVER IDENTIFICATION The null string is the default identification string Identification String in a Login Procedure Display The following example shows how the identification ...

Page 98: ...ble If the service node fails to respond the access server can time out the virtual circuit Keepalive Timer Default Values The keepalive timer value is a trade off between fast circuit down detection and unnecessary network traffic The factory set default value of 20 seconds represents a good compromise For a heavily loaded Ethernet use a value from 60 to 180 For applications that require quick no...

Page 99: ...eristic determines the interval at which a service node sends service announcements Multicast Timer Default Values You can specify a value from 10 to 180 seconds The default value is 30 seconds Changing Multicast Timer Values Example The following example shows how to change the multicast timer value Local CHANGE SERVER MULTICAST TIMER 50 ...

Page 100: ...riodically multicasts the name over the local area network Default Access Server Name The default access server name is LAT_ethernet address This value is the 12 digit hexadecimal Ethernet address of the access server This address does not contain hyphens Changing the ACCESS SERVER NAME Use the DEFINE SET CHANGE SERVER NAME command to change this characteristic The following example shows how to c...

Page 101: ... its node database The range is from 1 to 2000 and the default is 200 You can also specify a node limit of NONE This keyword indicates that the only limit is the available memory of the access server Changing the Access Server NODE LIMIT Use the DEFINE SET CHANGE SERVER NODE LIMIT command to change this characteristic The following example shows how to change the node limit to 300 Local CHANGE SER...

Page 102: ...s SERVER NUMBER Values This number is a value from 0 to 32 767 The default is 0 When the access server offers a service it periodically multicasts the number over the network Changing the Access SERVER NUMBER Use the DEFINE SET CHANGE SERVER NUMBER command to change this characteristic The following command shows how to change the access server number to 35 Local CHANGE SERVER NUMBER 35 ...

Page 103: ...ce With PASSCHECK disabled HIC requests are not required to supply a password With PASSCHECK enabled HIC requests are required to supply a password Changing the PASSCHECK Characteristics The factory default for the PASSCHECK characteristic is DISABLED To change this characteristic use the DEFINE SET CHANGE SERVER PASSCHECK command PASSCHECK Characteristic Example The following example shows how to...

Page 104: ...ss server ports The range is from 0 to 200 and the default is 100 Special QUEUE LIMIT Values Two values have special meaning The value 0 disables the queue The keyword NONE places no limit on connection requests Changing the QUEUE LIMIT To change queue limit characteristic use the DEFINE SET CHANGE SERVER QUEUE LIMIT command The following example shows how to change the queue limit to NONE Local C...

Page 105: ...he access server attempts automatic failover RETRANSMIT LIMIT Values The retransmit limit range is from 4 to 120 If traffic load is heavy or the network experiences noise problems set the value higher than the default value of 8 On the other hand if rapid error detection is important you may want to specify a lower value Changing the RETRANSMIT LIMIT Characteristic To change the RETRANSMIT LIMIT c...

Page 106: ...ams Therefore V5 1 and V5 2 nodes are allowed to respond to Solicit Information datagrams for slave nodes that cannot respond for themselves The RESPONDER characteristic determines whether the access server may act as an agent for other nodes By configuring one or more access servers to act as responders the other access servers can operate with a node limit of 1 and still be assured access to LAT...

Page 107: ... SERVER command to determine the current setting When the feature is enabled RESPONDER is displayed as one of the enabled characteristics Along with enabling the RESPONDER characteristic you must set the access server group codes so that they intersect those of all the nodes offering the service Enabling or disabling the RESPONDER characteristic has no affect on the access server ability to respon...

Page 108: ...hanging Access Server Service Groups Use one of the following commands To enable service groups on the access server use the following command Local CHANGE SERVER SERVICE GROUPS group list ENABLED To assign ports to a service group use the following command Local CHANGE PORT port list AUTHORIZED GROUPS group list EN ABLED Changing Service Groups Examples The following example shows how to enable s...

Page 109: ... of gateway addresses List of ARP entries TCP keepalive timer 3 Configure domain name characteristics In addition you can configure the access server to automatically learn IP information from other types of servers on the network In This Chapter This chapter contains the following topics Configuring the Internet Address and Subnet Mask Configuring Domain Name System DNS Characteristics Configurin...

Page 110: ...7 2 TCP IP Network Characteristics Learning IP Information From a DHCP Server Assigning WINS Server Addresses ...

Page 111: ...the network instead of configuring all of the IP information on the access server manually See the following sections in this chapter Learning IP Information From a BOOTP Server Learning IP Information From a DHCP Server Setting the Internet Address Before the access server can operate on a TCP IP network you must assign a Class A B or C Internet address To assign the address on the access server ...

Page 112: ...mentation for your load host Changing the Subnet Mask To change the subnet mask use the CHANGE INTERNET SUBNET MASK command The following example shows how to change the subnet mask to 255 255 255 0 Local CHANGE INTERNET SUBNET MASK 255 255 255 0 Changing the Subnet Mask to the Default Value To return the subnet mask to its default value after changing it do the following Supernetted IP Addresses ...

Page 113: ... Internet Address and Subnet Mask supernetting you can give a Class C subnet mask a range of 255 255 0 0 to 255 255 255 254 This allows you to address a block of Class C IP addresses as a domain or a single destination address with more than 254 hosts ...

Page 114: ...subnet mask use the SHOW LIST MONITOR INTERNET command Internet Address and Subnet Mask Display Example The following example shows how to display the current Internet address and subnet mask for the access server Local SHOW INTERNET State Enabled Internet Address 195 1 1 1 Subnet Mask 255 255 255 0 DHCP Enabled TCP Keepalive Timer Disabled TCP Keepalive Retry 8 Local ...

Page 115: ...re a list of commonly used Internet hosts Configure a list of Internet name servers Displaying DNS Characteristics To display the access server characteristics for the DNS use the SHOW LIST INTERNET NAME RESOLUTION command Internet DNS Character Display Example The following example shows how to display the characteristics for the Internet DNS Local SHOW INTERNET NAME RESOLUTION NetBIOS WINS Name ...

Page 116: ...e display includes from DHCP at the end of the line Resolution Host Limit Maximum number of host names that can be entered using the SET DEFINE CHANGE INTERNET HOST command Note that this parameter is currently not functional Resolution Mode DNS data retrieval preference LOCAL REMOTE ORDERED STUB or SLAVE See the Name Resolution Modes table in this chapter Resolution Time Limit Minimum time in sec...

Page 117: ...esponses 0 OK Answers 3 Fail Answers 0 Total Queries 2 FORMERR Answers 0 Duplicate Queries 0 The following table describes the information in the previous example Field Description Input Packets Number of packets entering the access server from the DNS server Output Packets Number of packets exiting the access server into the DNS server Total Responses Total number of responses received by the acc...

Page 118: ...ould not understand the query from the access server Truncated Responses Number of incomplete truncated responses from the DNS server This is not necessarily an error condition Fail Answers Number of fail answers received This condition could be caused by a number of events including 1 Unable to find a name server to send particular query 2 Unable to find the Internet address of a particular name ...

Page 119: ... server does not append the default name resolution domain or any part of that domain Step Action 1 Define the default name resolution domain as follows Local CHANGE INTERNET NAME RESOLUTION DOMAIN FINANCE ACME COM 2 Enter the following connect command Local CONNECT SALES 3 In this situation the access server automatically appends the default name resolution domain to SALES The access server behav...

Page 120: ... Mode The name resolution mode describes where the access server searches for host name and address information To change the name resolution mode use the command shown in the following example Local CHANGE INTERNET NAME RESOLUTION MODE LOCAL Name Resolution Modes The following table lists and describes the name resolution modes Mode When the access server attempts to resolve a host name or addres...

Page 121: ...Also they may include the hosts you are likely to define with CHANGE INTERNET HOST Undesirable conflicts may result Configuring a List of Internet Name Servers This section describes how to configure a list of Internet local and root name servers that the access server commonly uses Configuring a Root Name Server A root name server is a name server at the top level domain To enter a root name serv...

Page 122: ...ven domain are in general a superset of those explicitly entered with the CHANGE INTERNET NAMESERVER command The access server primes the cache for the server s default domain by sending queries to the configured name servers The queries request the names of all authoritative name servers for the default domain The access server may not be able to reach a learned name server because of subnet acce...

Page 123: ...ble describes how the access server determines which name servers to assign to the PPP client Pass Description 1 a The access server goes through a list of learned name servers and searches for name servers that are on its network by using the access server s subnet mask and have a positive time to live ttl b The access server goes through a list of locally configured name servers and searches for...

Page 124: ...ses Display Example The following example shows how to display a list of Internet gateway addresses available to the access server for routing network traffic Local SHOW INTERNET GATEWAY Gateway 16 20 0 3 Host 16 30 22 35 Gateway 16 20 48 56 Network 16 30 0 0 Mask 255 255 0 0 Gateway 16 20 98 245 Network Any Gateway 16 20 48 48 Network 17 0 0 0 Mask 255 0 0 0 Configuring a Default Gateway The acce...

Page 125: ...he DEFINE SET CHANGE INTERNET GATEWAY command with the NETWORK and MASK keywords Subnet Definition Through a Specific Gateway Example The following example shows how to define a subnet through a specific gateway Local CHANGE INTERNET GATE 195 1 1 72 NETWORK 197 5 7 0 MASK 255 255 255 0 You can define multiple subnets that can be reached through the same gateway address You must enter a separate co...

Page 126: ...net ARP Entries The following example shows a typical display list of ARP entries Local SHOW INTERNET ARP ENTRY Internet Address Ethernet Address Status 16 20 0 96 AA 00 04 00 21 10 16 20 0 173 08 00 2B 04 41 9B 16 20 0 96 AA 00 04 00 3B 11 6 20 48 48 AA 00 05 08 3B 20 No Purge Defining an ARP Entry To define an ARP entry in the list of entries use the DEFINE SET CHANGE INTERNET ARP ENTRY command ...

Page 127: ...d the first keepalive probe after establishing a TCP connection with an idle remote host The range is from 1 to 1440 one day and the default is 120 2 hours Timer Set Example The following example shows how to set the TCP keepalive timer to wait one minute before sending the first keepalive timer Local CHANGE INTERNET TCP KEEPALIVE TIMER 1 Disabling the Timer By default the TCP keepalive timer is e...

Page 128: ...RETRY 10 Displaying Timer Characteristics Use the SHOW LIST INTERNET command to display the TCP keepalive timer characteristics Timer Characteristics Display The following shows an example of the display If you disable the timer the value for the Keepalive Timer field is DISABLED Local SHOW INTERNET State Enabled Internet Address 195 1 1 1 Subnet Mask 255 255 255 0 DHCP Enabled TCP Keepalive Timer...

Page 129: ...xample shows a typical Internet counters display Local SHOW INTERNET COUNTERS TCP Segments 146 Transmitted 58 Bytes Transmitted 182 Data 0 Bytes Data 182 Data Retransmitted 0 Bytes Data Retransmitted 0 Other 88 Bytes Received 9894 Received 144 Segments Discarded 0 Internet Connections 0 IP Packets Transmitted 146 Requested 2 IP Packets Received 144 Accepted 0 IP Fragments Received 0 Established 2 ...

Page 130: ...ber of TCP segments received by the access server Segments Discarded Number of received TCP segments that were discarded due to errors These errors can include bad checksum and invalid length of TCP header Bytes Transmitted Total number of bytes of data transmitted in TCP segments including bytes retransmitted The following counters are a breakdown of this total Bytes Data Total number of bytes of...

Page 131: ...o no physical port available Closed Number of connections closed by a user or remote host Dropped Number of connections dropped because of a reset from the remote host unsuccessful retransmission keepalive timeout protocol error or aborted by Telnet due to lack of available physical ports ICMP Messages The following counters contain statistics on ICMP messages Transmitted Total number of ICMP mess...

Page 132: ...tions Transmitted Total number of UDP datagrams transmitted by the network access server Received Total number of UDP datagrams received by the network access server Dropped Total number of USDP datagrams dropped by the network access server because of an error in the UDP header checksum fails or length is incorrect Field Description ...

Page 133: ...OTP server to load the software image on your access server the access server learns the IP configuration information during the boot operation If you use MOP to load the software image on your access server the access server learns the IP configuration information after initialization If you disable INTERNET the access server does not learn its IP address and no IP functions work You can enable I...

Page 134: ...te the Ethernet address with a subnet mask and default gateway Reference The DNAS installation instructions provide details about configuring a BOOTP server 2 Ensure that the access server does not have an IP address stored in NVRAM Use the following command Local LIST INTERNET If the display shows an Internet address clear it using the following command Local DEFINE INTERNET ADDRESS NONE 3 Ensure...

Page 135: ...ess server acts as a DHCP client or proxy By default the DHCP setting on the access server is ENABLED If you do not have a DHCP server on your network disable DHCP See the Enabling and Disabling DHCP section in this chapter BOOTP and DHCP Differences DHCP is an extension of BOOTP however using a DHCP server to obtain IP information differs from using a BOOTP server in the following ways Using a BO...

Page 136: ...s the following IP configuration parameters from a DHCP server Default gateway Domain name Domain Name System DNS servers Windows Internet Naming Service WINS servers The following occurs when the access server acts as a DHCP client The access server writes the information it learns from the BOOTP server to NVRAM The access server does not write the information it learns from the DHCP server to NV...

Page 137: ...P addresses to a DHCP server on behalf of the remote client if You do not configure an IP address on the ports configured for remote access You do not specify an IP address using RADIUS authentication The remote client is not configured with an IP address for its PPP session When the access server receives the IP address from the DHCP server it assigns the address to the remote client The followin...

Page 138: ...ut also want the access server to function in the event that a DCHP server is not available you can define default values for some of the DHCP learned IP information in NVRAM using DEFINE commands Follow the procedures in this chapter for setting the IP address subnet mask DNS values WINS values and gateways You can also use the Access Server Manager to set these values See the Access Server Manag...

Page 139: ...lows dial up clients to receive WINS configuration information automatically from the access server when establishing a remote PPP connection The access server provides the remote client with the addresses of WINS primary and secondary servers that it finds in its RAM Operation The access server receives WINS server addresses in one of the following ways From a DHCP server on the network if the DH...

Page 140: ...ARY command for this purpose WINS Address Example The following example shows how to set primary and secondary WINS server addresses on the access server Local CHANGE INTERNET WINS PRIMARY 12 30 34 10 Local CHANGE INTERNET WINS SECONDARY 12 150 25 5 Displaying WINS Characteristics Use the SHOW LIST INTERNET NAME RESOLUTION command to view the WINS server addresses stored in the access server s VRA...

Page 141: ...acteristics section in this chapter for a description of the DNS characteristics shown in the example If a DHCP server provides the WINS servers and Domain Name information the display includes from DHCP at the end of each line of information and the name of the DHCP server at the end of the display Field Description Primary The Internet address or host name for the primary WINS server Secondary T...

Page 142: ......

Page 143: ...nd manage the AppleTalk protocol suite on an access server In This Chapter This chapter contains the following topics Configuring AppleTalk on an Access Server Displaying AppleTalk Characteristics Displaying AppleTalk Counters Displaying AppleTalk Status Displaying AppleTalk Routes Displaying AppleTalk ARP Entries ...

Page 144: ...f two fields a network number and a node number A network number can be in the range 1 to 65534 A node number can be in the range 1 to 254 The network and node numbers are separated by a period Enabling AppleTalk By default AppleTalk is not enabled on an access server In order for the access server to act as an AppleTalk node on the network a privileged user has to enable AppleTalk explicitly with...

Page 145: ...uch Name error message Setting AppleTalk Address Cache Size An access server with AppleTalk enabled tries to acquire unused AppleTalk addresses for any potential hosts attached to the access server with asynchronous lines It saves these addresses in a cache and defends them if any other host on the network tries to use them When a host attaches to the access server via an asynchronous port the acc...

Page 146: ...simultaneous Appletalk session requests If the value of n is set too high the access server can acquire too many addresses exhausting the supply available for the rest of the network The access server serializes address acquisition attempts which typically require about 2 seconds each If the access server pre acquires too few addresses the value of n is too low some client AppleTalk session initia...

Page 147: ...shows how to display the latest values configured by the DEFINE APPLETALK commands Local LIST APPLETALK CHARACTERISTICS AppleTalk Characteristics Server LAT_08002B24F24F State Enabled Cache Size 2 Fields in the AppleTalk Characteristics Display The following table describes the fields in the AppleTalk Characteristics display Field Description State Indicates whether AppleTalk is enabled the next t...

Page 148: ...sponses 0 DDP In Receives 5510 Out Requests 19 In Local Datagrams 1 Forwarded Requests 0 Too Short Errors 0 Out Shorts 0 Too Long Errors 0 Out Longs 19 No Protocol Handlers 0 Out No Routes 0 Checksum Errors 0 Hop Count Errors 0 Short DDP Errors 0 Broadcast Errors 0 NBP Lookups Received 1850 Lookup Replies 13 In Errors 0 RTMP Router Lost 0 In Errors 0 ZIP In GetNetInfo Response 1 Out GetNetInfo Req...

Page 149: ...P made an attempt to forward these packets Too Short Errors The number of DDP datagrams dropped because their data length was less than the length specified in the DDP header or because their length was less than that of a DDP header Too Long Errors The number of DDP datagrams dropped because their data length exceeded the length specified in the DDP header or because their length was greater than...

Page 150: ...ot their final destination and their hop count would exceed 15 if forwarded NBP Lookups Received The number of NBP Lookup Requests the access server has received Lookup Replies The number of NBP Lookup Replies the access server has sent In Errors The number of invalid NBP datagrams received RTMP Router Lost The number of times the access server lost contact with every AppleTalk router on its Ether...

Page 151: ...P probes or responses can indicate network problems This happens when the access server is too overloaded to respond to AARP requests When there are unsent probes other AppleTalk nodes can acquire AppleTalk addresses used by the access server or its clients There can be connectivity problems when there are unsent responses ...

Page 152: ...1 78 Network 401 401 Name Object LAT_08002B24F24F Type DECserver 700 08 Zone LKG Littleton MA Cache 2 Attached Hosts 0 Last Error no error Fields in the AppleTalk Status Display The following table describes the fields that appear in the AppleTalk Status display Field Value Description State The status of the access server AppleTalk implementation Off AppleTalk is not operating Acquiring The acces...

Page 153: ...ate Name The full AppleTalk name of the access server consists of object type zone Object The unique name of the access server for example LAT 08002B24F24F You can configure this parameter with the SET DEFINE CHANGE SERVER NAME command Type The type of device for example DECserver 700 08 This parameter cannot be configured Zone The zone to which the access server belongs This is a learned paramete...

Page 154: ...ynch7 29 12348 144 12346 132 Up Asynch3 116 Fields in the AppleTalk Routes Display The following table describes the fields in the AppleTalk routes display Field Value Description Destination The route destination This can be either an AppleTalk network number range or an AppleTalk host address A host address indicates a route to a host attached to the access server by means of an asynchronous lin...

Page 155: ... exists in the routing table but is not being used Interface The interface the access server uses to route packets to the destination Seconds Since Last Validated This will be the time since The first RTMP data packet announcing the route arrived for a network destination with a status of Up A connection was established for a host destination with a status of Up The most recent RTMP data packet an...

Page 156: ...isplay the entries in the AppleTalk ARP cache Local SHOW APPLETALK ARP ENTRIES AppleTalk ARP Entries Server LAT_08002B26AE00 ATalk Address Ethernet Address Status Interface 12345 132 08 00 2B 26 AE 00 Local Ethernet 12345 28 08 00 2B 26 AE 00 Acquired Ethernet 12346 7 08 00 2B 26 AE 00 Local Asynch3 12347 18 08 00 2B 26 AE 00 Local Asynch12 12347 2 resolving Remote Ethernet 12344 3 AA 00 04 11 21 ...

Page 157: ...ater use by an attached AppleTalk host It is also possible that the address has already been used by one or more attached hosts but has been returned to the address cache Interface The interface with which the address is associated The access server s own AppleTalk address as well as any remote or acquired addresses are always associated with the Ethernet This field identifies the asynchronous lin...

Page 158: ......

Page 159: ...These devices include Standard DIGITAL video terminals such as the VT100 and VT220 Printers Modems PCs Computers Nonstandard terminals In This Chapter This chapter contains the following topics Configuring Basic Device Characteristics Displaying Basic Device Characteristics Configuring the ACCESS Characteristic Matching the Port and Device Characteristics Configuring the FLOW CONTROL Characteristi...

Page 160: ...mand To configure or modify a basic device characteristic use the SET CHANGE MODIFY command for the appropriate characteristic Basic Device Characteristic Summary The following table summarizes the basic device characteristics and refers you to related information in this chapter Characteristic Default Allowed Values Refer to Section ACCESS Local Local Remote Dynamic None Configuring the ACCESS Ch...

Page 161: ...BREAK LOGOUT OUTPUT FLOW CONTROL Enabled Enabled Disabled FLOW CONTROL Direction PARITY None Even Odd Mark None PARITY SPEED 9600 75 110 134 150 300 600 1200 1800 2000 2400 4800 9600 19200 38400 57600 115200 SPEED STOP BITS Dynamically set 1 2 STOP BITS TYPE ANSI Hardcopy Softcopy ANSI TYPE Characteristic Default Allowed Values Refer to Section ...

Page 162: ...C Character Size 8 Input Speed 9600 Flow Control XON Output Speed 9600 Parity None Signal Control Disabled Stop Bits Dynamic Signal Select CTS DSR RTS DTR Access Local Local Switch None Backwards Switch None Name PORT_5 Break Local Session Limit 4 Forwards Switch None Type ANSI Default Protocol LAT Default Menu None Autolink Timer One 12 Two 10 Preferred Service None Authorized Groups 25 Current G...

Page 163: ...and To set the ACCESS characteristic for a port use the DEFINE SET CHANGE PORT command with the ACCESS keyword Defining the ACCESS Characteristic Example The following example shows how to set the access characteristic for port 5 to remote Local DEFINE PORT 5 ACCESS REMOTE Characteristic Device Type Examples Local default Interactive Terminals Remote Noninteractive Computers printers Dynamic Both ...

Page 164: ... these characteristics do not match the device does not operate correctly The characteristics that must match are AUTOBAUD CHARACTER SIZE PARITY STOP BITS SPEED TYPE AUTOBAUD The AUTOBAUD characteristic determines if a port automatically detects a device s speed parity and character size when you log in AUTOBAUD Settings The following table lists the AUTOBAUD settings and the types of devices asso...

Page 165: ...server supports character sizes of 7 or 8 bits and the default is 8 bits Refer to the operator s guide for the port device to determine appropriate character size If you enable autobaud the access server automatically adjusts the character size Example Setting the CHARACTER SIZE The following example shows how to set the character size Local CHANGE PORT 5 CHARACTER SIZE 7 PARITY The PARITY charact...

Page 166: ...g Different Input and Output Speeds for a Port The following example shows how to specify different input and output speeds for a port Local CHANGE PORT 5 INPUT SPEED 2400 Local CHANGE PORT 5 OUTPUT SPEED 1200 STOP BITS The STOP BITS characteristic indicates the number of bits that mark the end of a character transmission By default the access server dynamically sets up the STOP BITS characteristi...

Page 167: ...sts device types available for each port of the access server Example Changing the device TYPE The following example shows how to change the device type Local CHANGE PORT 5 TYPE HARDCOPY Device Type Applies to Hardcopy Printers Softcopy Non ANSI video terminals ANSI default Most video terminals such as the VT100 This causes the screen to clear before each display and enables command line recall ...

Page 168: ...anage FLOW CONTROL between the port and the host Flow Control Types The types of FLOW CONTROL that you can configure are XON XOFF DSR CTS No Flow Control Flow Control Direction XON XOFF When the access server use XON XOFF FLOW CONTROL on a port it sends An XON character to start the data transfer between the port and the attached device An XOFF character to stop the data transfer between the port ...

Page 169: ...OL The following example shows how to enable DSR FLOW CONTROL on a port Local CHANGE PORT 5 FLOW CONTROL DSR CTS CTS is a form of FLOW CONTROL used with null modem DTE devices The access server only transmits data to an attached device when the device asserts DTS CTS FLOW CONTROL operates as follows If the access server receives data too quickly from the port device the access server deasserts RTS...

Page 170: ...fers to the data flow from the attached device to the access server Output FLOW CONTROL refers to the data flow from the access server to the attached device By default the access server enables FLOW CONTROL in both directions Example Enabling Input FLOW CONTROL The following command shows how to enable input FLOW CONTROL on port 5 of an access server Local CHANGE PORT 5 INPUT FLOW CONTROL ENABLED...

Page 171: ...mentation for your terminal server For more information about DTR and DSR signals refer to Configuring DTR and DSR Signals in Chapter 10 By default for DSRLOGOUT is disabled Example Enabling DSRLOGOUT The following command shows how to enable DSRLOGOUT on port 5 Local CHANGE PORT 5 DSRLOGOUT ENABLED Specifying LONGBREAK LOGOUT The LONGBREAK LOGOUT characteristic causes access server to logout a po...

Page 172: ...TIVITY TIMER characteristic Example Enabling INACTIVITY LOGOUT The following example shows how to enable INACTIVITY LOGOUT on port 5 Local CHANGE PORT 5 INACTIVITY LOGOUT ENABLED Specifying the INACTIVITY TIMER The INACTIVITY TIMER characteristic specifies the timeout period for all ports You use the INACTIVITY TIMER characteristic when you enable the INACTIVITY LOGOUT characteristic The range for...

Page 173: ...se these signals such as modems computers and printers In This Chapter This chapter contains the following topics DTE DCE Device Configuration Determining the Supported Modem Signals Modem Signals Description Specifying MODEM CONTROL and SIGNAL CONTROL Specifying SIGNAL SELECT Specifying SIGNAL CHECK Specifying DTRWAIT Specifying RING Specifying ALTERNATE SPEED Specifying DIALUP Sample Modem Confi...

Page 174: ... access server appears as a data terminal equipment DTE device to a dial in modem connected as a port device and as a data communication equipment DCE device to a personal computer or terminal If the port access characteristic is set to REMOTE the access server appears as a DCE device to the port device such as a computer system interface If the port access characteristic is set to remote the acce...

Page 175: ...ss servers and the modem signals that each type supports To determine the type of access server that you have refer to the software product description SPD for your access server Network Access Server Type Modem Signals Supported Full MODEM CONTROL Example DECserver 700 08 access server Request To Send RTS Clear To Send CTS Data Set Ready DSR Data Terminal Ready DTR Data Carrier Detect DCD Speed M...

Page 176: ...dem Signals Set 2 Data Signal Rate Selector DSRS RING Indicator RI Data Carrier Detect DCD Data Terminal Ready DTR DSR DTR support Example DECserver 90TL access server Data Set Ready DSR Data Terminal Ready DTR Network Access Server Type Modem Signals Supported ...

Page 177: ... the port device to indicate that the port device is ready to exchange further control signals with the access server Data Terminal Ready DTR Asserted by the access server to indicate that the access server is ready to exchange further control signals with the port device to initiate the exchange of data DTR is accompanied by RTS and DSRS Data Carrier Detect DCD Monitored by the access server and ...

Page 178: ...lector DSRS Asserted by the access server to indicate the speed at which the modem should initiate communications On a port configured for a multispeed modem where both SPEED and ALTERNATE SPEED are specified DSRS indicates the higher of the two speeds Modem Signal Description ...

Page 179: ...L CONTROL disabled you can enable the access server to log out a port when the attached device is turned off by enabling port characteristic DSRLOGOUT see Specifying DSRLOGOUT in Chapter 9 or LONGBREAK LOGOUT see Specifying LONGBREAK LOGOUT in Chapter 9 Computer Interface For computer interface connections you need to enable MODEM CONTROL or SIGNAL CONTROL and configure the host to use the modem s...

Page 180: ...able MODEM CONTROL on port 5 Local DEFINE PORT 5 MODEM CONTROL ENABLED Local LOGOUT PORT 5 Example Enabling SIGNAL CONTROL The following example shows how to enable SIGNAL CONTROL on port 11 Local DEFINE PORT 11 SIGNAL CONTROL ENABLED Local LOGOUT PORT 11 Normally you should disable SIGNAL CHECK when MODEM CONTROL or SIGNAL CONTROL is enabled ...

Page 181: ...ECT characteristic to RI DCD DSRS DTR If the modem speed is 9600 baud or above configure the port SIGNAL SELECT characteristic to CTS DSR RTS DTR NOTE A maximum supported baud rate of 9600 on a modem is a guideline for signal set selection The signals used are a factor of modem technology not the actual baud rate for data tranfer Enabling CTS RTS flow control for access servers with attached modem...

Page 182: ... not look for modem signals and data might be lost The factory set default for SIGNAL CHECK is disabled Example Enabling SIGNAL CHECK The following example shows how to enable SIGNAL CHECK on port 7 Local CHANGE PORT 7 SIGNAL CHECK ENABLED You should enable SIGNAL CHECK for ports with printers attached If SIGNAL CHECK is disabled data loss can occur when the device is turned off However you should...

Page 183: ...T is enabled the access server can delay the assertion of DTR until a connection is detected from a modem when an interactive user logs in or when the access server receives a connection to the port from the network With DTRWAIT enabled the access server supports autoanswering equipment on a modem control port Upon detecting the RI signal from the modem the access server asserts DTR and RTS which ...

Page 184: ...22R or equivalent cable that crosses the DSRS signal of the access server over to the RI pin on the device For information on this cable refer to the access server hardware documentation When the port RING characteristic is set to enabled and MODEM CONTROL or SIGNAL CONTROL is enabled the access server asserts and deasserts DSRS once every 2 seconds This continues until either the access server de...

Page 185: ...sserts the DSRS signal along with DTR and RTS when receiving a connection DSRS indicates that the higher primary speed should be used The access server monitors the SMI signal to determine whether to use the higher or lower speed When SMI is asserted the access server selects the higher speed when SMI is deasserted the communications selects the lower speed The modem connected to the access server...

Page 186: ... the access server sends DIALUP notification to service nodes With DIALUP disabled the default the access server does not notify the service nodes If you do not enable DIALUP the service node could treat the user s service sessions as local connections at the service node itself Ask the network manager and the service node system manager if they require this notification when there are dial in mod...

Page 187: ...DEFINE PORT 6 ACCESS LOCAL ALTERNATE SPEED NONE AUTOBAUD ENABLED Local DEFINE PORT 6 INACTIVITY LOGOUT ENABLED MODEM CONTROL EN ABLED Local Configuring a Dial In Modem on a MODEM CONTROL Server The following example provides a sample configuration for a dial in modem operating at 9600 baud and configured for the RI DCD DSRS DTR signals Note that when the port password characteristic is enabled you...

Page 188: ...BLED DTRWAIT ENABLED Local DEFINE PORT 3 MODEM CONTROL ENABLED SIGNAL CHECK DISABLED Local DEFINE PORT 3 SPEED 1200 ALTERNATE SPEED 300 Local LOGOUT PORT 3 Configuring a Dial In and Dial Out Modem on a Full MODEM CONTROL Server The following example provides a sample configuration for a dial in and dial out modem operating at 2400 baud Local DEFINE PORT 4 ACCESS DYNAMIC AUTOBAUD DISABLED Local DEF...

Page 189: ...CHECK DISABLED Local DEFINE PORT 3 SIGNAL SELECT RI DCD DSRS DTR Local DEFINE PORT 3 SPEED 2400 Local LOGOUT PORT 3 Configuring a Dial In and Dial Out Modem on a MODEM CONTROL Server The following example provides a sample configuration for a dial in and dial out modem operating at 115200 baud and configured for the CTS DSR RTS DTR signals Local DEFINE PORT 4 ACCESS DYNAMIC AUTOBAUD DISABLED Local...

Page 190: ...serts DTR and RTS while the port is logged out If DTRWAIT is enabled the access server delays assertion of DTR and RTS until either it detects any modem signal or a connection occurs Then the access server asserts DTR and RTS When asserting DTR and RTS if conditions require the data signal rate selector signal DSRS the access server asserts DSRS at the same time 2 After asserting DTR and RTS the a...

Page 191: ...access server automatically disconnects the call Response to Momentary Loss of CTS If the port device drops CTS but not DCD the access server suspends data transmission on the line until the port device reasserts CTS Disconnecting The access server disconnects the sessions on a port when any of the following events occur on the port DCD is lost for more than 2 seconds DSR is lost or a LOGOUT comma...

Page 192: ...R is deasserted for 5 seconds as a consequence of a logout otherwise it is always asserted SIGNAL CHECK and DTRWAIT disabled Solicited remote connection is established regardless of the state of DSR Reception of asynchronous data is accepted once the connection is established Port is logged out if DSR is deasserted after initial assertion DSRLOGOUT DTR is always asserted SIGNAL CONTROL and SIGNAL ...

Page 193: ... only be reasserted when a connection is accepted Reception of asynchronous data is not accepted unless DSR and DTR are asserted SIGNAL CONTROL and SIGNAL CHECK DTR is deasserted for 5 seconds minimum as a consequence of a logout otherwise it is always asserted DTRWAIT disabled Port is logged out if DSR is deasserted after initial assertion Reception of asynchronous data is not accepted unless DSR...

Page 194: ...s indicates Signal Wait if connections cannot be accepted because DSR is deasserted Solicited remote connection is not accepted unless DSR is asserted SIGNAL CONTROL and DSRLOGOUT Same as SIGNAL CONTROL SIGNAL CONTROL SIGNAL CHECK and DSRLOGOUT Same as SIGNAL CONTROL and SIGNAL CHECK SIGNAL CONTROL DTRWAIT and DSRLOGOUT Same as SIGNAL CONTROL and DTRWAIT SIGNAL CONTROL SIGNALCHECK DTRWAIT and DSRL...

Page 195: ...re the port and device characteristics to match For More Information For information about connecting device cables refer to your access server hardware documentation In This Chapter This chapter contains the following topics Configuring an Interactive Device for LAT Sessions Configuring an Interactive Device for Telnet Sessions Configuring a Session Management TD SMP Terminal Configuring On Deman...

Page 196: ...11 2 Configuring and Managing Interactive Devices Managing Users Managing Sessions ...

Page 197: ... LAT services Local CHANGE PORT 6 ACCESS LOCAL AUTHORIZED GROUPS 10 24 46 Local CHANGE PORT 6 AUTOBAUD ENABLED AUTOPROMPT ENABLED Local CHANGE PORT 6 BREAK LOCAL DEDICATED NONE DEFAULT PROTOCOL LAT Local CHANGE PORT 6 DSRLOGOUT ENABLED FLOW CONTROL XON Local CHANGE PORT 6 INACTIVITY LOGOUT ENABLED INTERRUPTS DISABLED Local CHANGE PORT 6 LIMITED VIEW DISABLED PASSWORD DISABLED Local CHANGE PORT 6 Q...

Page 198: ...onfiguring LAT Group Codes for Interactive Devices Group codes are subdivisions of a LAT network Group codes are used to partition the network into combinations of service nodes service node services and access server ports To configure group codes on an access server perform the following steps Step Action 1 Determine the group codes of the LAT services that a port user needs by entering the SHOW...

Page 199: ...at connection attempts to a currently non operational service node When a session is established with the node the access server notifies the user with a beep signal and a message Attempts to reconnect upon LAT session failure are made every 30 seconds The attempts continue until the user enters local mode by using the Break key or the local switch key Unless a dedicated service is in effect a sta...

Page 200: ...COL command LAT The access server defaults to the LAT protocol when the user does not specify a protocol in the CONNECT command SLIP The access server defaults to the SLIP protocol when the user does not specify a protocol in the CONNECT command TELNET The access server defaults to the Telnet protocol when the user does not specify a protocol in the CONNECT command ANY The access server first sear...

Page 201: ... must be on an access server either the same one as the user s or a different one The queuing of the connect request also depends on whether the access server offering the service has reached its queue limit or has queuing disabled In this case the connection is not queued and the user receives a message that indicates that service is not available If the access server offering the service has que...

Page 202: ...The access server can queue up to 200 connection requests Example Changing Queue Limit Characteristics The following example shows how to change the queue limit to 150 Local CHANGE SERVER QUEUE LIMIT 150 Displaying Access Server Queue Entries The SHOW MONITOR QUEUE command displays the status of requests in the connection queue Options for the SHOW MONITOR QUEUE Command The following table lists t...

Page 203: ...ted request or the terminal user for a local access request that the request is being rejected No default entry exists for the REMOVE QUEUE command and failure to specify what entry or entries are to be removed from the queue results in an error The following sets of entries can be removed A specific entry by using the REMOVE QUEUE ENTRY entry number command for each entry The entries from a speci...

Page 204: ...er size parity and LOSS NOTIFICATION The LAT node must also support this feature The factory set default is disabled You should avoid enabling remote modification and security on the same port Enabling these characteristics allows a secure user to modify the port from the host normally the secure user cannot modify the port Example Configuring Remote Modification for Port Characteristics The follo...

Page 205: ... Command Reference Note Not all commands can be combined on one line Configuring a Device on Port 6 for Internet Hosts Example The following example shows a sample configuration of a device connected to Internet hosts which is illustrated in the Sample Network Configuration section in this chapter Local CHANGE PORT 6 ACCESS LOCAL AUTOBAUD ENABLED Local CHANGE PORT 6 BREAK LOCAL DEDICATED NONE Loca...

Page 206: ...and Managing Interactive Devices Reference For a description of the default protocol characteristic refer to Specifying the Default Protocol in this chapter For a description of the Telnet client profiles refer to Specifying the Telnet Client Session Profile in this chapter ...

Page 207: ...t terminal as two or more standard terminals using the same physical access server port For terminals that do not implement TD SMP the access server suspends service session data until the user resumes the session How to Configure Configure the session management terminal for a LAT session as described in the Configuring an Interactive Device for LAT Sessions section in this chapter Configure a Te...

Page 208: ...nnects the service session associated with it if there is one You are not logged out of the access server You can open or switch to another terminal session LOGOUT PORT does a full log out logging you out of the access server closing all terminal sessions and service sessions It also ends session management SET PRIVILEGED Applies to the port and to all terminal sessions on the port SET DEFINE CHAN...

Page 209: ...he introductory banner and username prompt After the user optionally enters a user name the access server invokes session management and the terminal prompts the user for a network resource name The access server then uses that name to create a session for the terminal session If a preferred service is defined and AUTOCONNECT is enabled the access server starts a session with the preferred service...

Page 210: ...istic is enabled on the access server the ODL protocol overrides FLOW CONTROL during font loading to allow for Asian characters This function is available only on a LAT network On Demand Loading Configuration Example The following shows how to enable on demand loading on port 5 Local CHANGE PORT 5 ON DEMAND LOADING ENABLED Disable Switch Character You should disable the access server switch charac...

Page 211: ...erminals do not require any special setup to communicate with a host through an access server The access server software automatically allows terminals that support block mode to transmit large blocks of data without using FLOW CONTROL Buffer Size The maximum receive buffer size is 2048 bytes 512 bytes for DS700 16 access servers with less than 1 MB ...

Page 212: ...d with interactive users at a terminal or similar device All characters entered by the user are sent to the Internet host for handling The host edits ECHOes and processes the user data This is the factory set default BINARY Used primarily with file transfers All port and Telnet special characters such as forward and backward switches and XON XOFF FLOW CONTROL characters are ignored by the access s...

Page 213: ...Session Characteristics Character Binary ECHO Remote Use current access server value1 BINARY Disabled Duplex CHARACTER SIZE Transmit Use current value 8 CHARACTER SIZE Receive Use current value 8 SIGNAL REQUEST Enabled Disabled AO IP AYT SYNCH EOR BRK Use current value Not used TOGGLE ECHO Not used Not used QUOTE Use current value Not used AUTOFLUSH Use current value Not used AUTOSYNC Use current ...

Page 214: ...nteractive Devices 1 If ECHO is in local mode the ECHO characteristics are suppressed and characters are not echoed SWITCH CHARACTERS Enabled Disabled TERMINAL TYPE Use current access server value Use current access server value Profiles Session Characteristics Character Binary ...

Page 215: ...HO Characteristics Local CHANGE PORT 5 TELNET CLIENT ECHO LOCAL You can suppress local echoing by either selecting ECHO LOCAL and then selecting the BINARY profile or by selecting ECHO LOCAL and then using the toggle ECHO character See Specifying ECHO Characteristics in this chapter Specifying the BINARY Characteristic The BINARY characteristic allows the user to enable BINARY communication in eit...

Page 216: ... The following example shows how to set CHARACTER SIZE to 7 in the transmit direction To set the character size in the receive direction use RECEIVE instead of TRANSMIT Local CHANGE PORT 5 TELNET CLIENT TRANSMIT CHARACTER SIZE 7 Mapping Keyboard Characters to Telnet Functions You can assign keyboard characters to various Telnet functions The SIGNAL REQUEST characteristic can enable or disable all ...

Page 217: ...y to the remote Internet host This includes output queued by the access server and the host Ctrl X Are You There AYT Verifies if the connection to the Telnet server is still active You must resume the session to see the Telnet server s response Ctrl T Break BRK Sends a Telnet Break command to the Internet host The way that this command is interpreted depends on the host None End of Record EOR Send...

Page 218: ...output on it way to the remote process to be dropped This function allows IP AO or AYT to have a more immediate effect By default AUTOSYNCH is enabled for IP and disabled for AO and AYT Example Specifying AUTOSYNCH The following example shows how to disable AUTOSYNCH for IP and enable AUTOSYNCH for AO on port 5 Local CHANGE PORT 5 TELNET CLIENT AUTOSYNCH IP DISABLED Local CHANGE PORT 5 TELNET CLIE...

Page 219: ...minal on port 5 Local CHANGE PORT 5 TELNET CLIENT NEWLINE TO TERMINAL NONE Local CHANGE PORT 5 TELNET CLIENT NEWLINE TO TERMINAL AB Specifying FLOW CONTROL The FLOW CONTROL characteristic enables or disables the XON XOFF FLOW CONTROL characters for any Telnet client session created at the port The access server supports the remote FLOW CONTROL feature where the remote Telnet server can toggle on a...

Page 220: ...mand does not affect existing sessions To affect existing sessions use the SET SESSION TELNET CLIENT MESSAGE VERIFICATION command Example Configuring MESSAGE VERIFICATION The following example shows how to disable VERIFICATION on port 5 Local CHANGE PORT 5 TELNET CLIENT MESSAGE VERIFICATION DISABLED Specifying the SWITCH CHARACTER The SWITCH CHARACTER characteristic determines how the access serve...

Page 221: ...he available types are ANSI UNKNOWN and VT10 through VT999 This value is used as a starting point for terminal type subnegotiation between the access server and the host The actual terminal type as displayed by the SHOW PORT SESSION STATUS command may be different if the Telnet host can not support the specified type The order of negotiation is VTXXX followed by ANSI followed by UNKNOWN For exampl...

Page 222: ..._SMITH Local SET USERACCOU J_SMITH Example Changing the User Password The following example changes the password for the user account J_SMITH to the character string SECRETSTUFF Quotes denote the password string in the command line Local CHANGE USERACCOU J_SMITH PASSWORD SECRETSTUFF Optional Setup for Local User Accounts Example Changing User Account Parameters The following example shows how to c...

Page 223: ...count for authentication authorization Password Specifies that a password has been set for the user account Access Specifies the default access mode this user is granted Max Connect Time Indicates the maximum number of minutes the user can be logged in before being forcibly logged out Dialback Number Contains a phone number used on dial back Dialout Number Contains a phone number used on dial out ...

Page 224: ...ected to a dedicated host Framed SLIP or PPP will be started on the session LOCAL User may utilize the access server commands NONE The configuration value of the port access parameter or realm wide access parameter determines user access to the realm Service Type User Access Telnet The user may make Telnet connections on the current session LAT The user may make LAT connections on the current sess...

Page 225: ...ion ENABLED DISABLED PASSWORD Allows modification of the password field for the specified entry Clear the PASSWORD by setting it to null string Max length 40 characters Case sensitive depending on authentication service protocol Case insensitive only for the local access server user data base USERACCOUNT User name of account Max length 40 characters DIALOUT NUMBER Contains a phone number used on d...

Page 226: ...TATUS Specifies user status ENABLED DISABLED Setting DISABLED prevents any login using this user name ACCESS Specifies the default access mode this user is granted LOCAL FRAMED NONE See the following table for a definition of the ACCESS clause variables Variable Definition LOCAL Local access only allowed FRAMED Framed PPP SLIP access only allowed NONE No access specified port characteristics or re...

Page 227: ... Resources The following lists the results of enabling a preferred service on a port Without AUTOCONNECT enabled refer to Specifying AUTOCONNECT in this chapter the port user connects to a particular resource by entering only the CONNECT command With AUTOCONNECT enabled the access server automatically connects the port to the preferred service at login The user can switch to local mode at any time...

Page 228: ...ses the user name as the string the user enters in response to the Enter username prompt However the access server uses the port s name as the user name when the user enters Ctrl Z instead of a user name You can use the USERNAME characteristic to establish a permanent user name 1 to 16 ASCII characters for a port In this case the Enter username prompt is not displayed when a user logs in to the ac...

Page 229: ...user is likely to enter routinely while using a service otherwise the current session is interrupted when that switch is pressed Avoid the tilde character if you use function keys on the VT series terminals or PCs Switch characters can be temporarily disabled for a particular session by using the SET SESSION command for a LAT session or the Telnet client profile for a Telnet session Refer to Speci...

Page 230: ... Break key to DISABLED on port 5 Local CHANGE PORT 5 BREAK DISABLED The Break key is ignored on a port with a dedicated service however you should disable BREAK along with all other switch characters If you need to pass the break condition to the dedicated service for any application of the service set BREAK to REMOTE In this case the break signal is not ignored but is passed to the LAT service no...

Page 231: ...g with access server messages such as shutdown For this reason you might want to recommend to users that they leave BROADCAST enabled on their ports Note The port user can still send messages with the access server BROADCAST enabled and the port BROADCAST disabled Example Disabling BROADCAST Messages The following example shows how to disable port 5 from receiving broadcast messages Local CHANGE P...

Page 232: ...e unaffected by the access server wide BROADCAST characteristic Ask users to inform you if they receive excessive or annoying broadcasts from other ports If you receive complaints about such broadcasts you can ask the sender of those broadcasts to stop broadcasting unnecessary messages or you can enable security on the sender s port This disables the BROADCAST command for the port Specifying LOSS ...

Page 233: ...ed If you enable VERIFICATION factory set default the access server displays the session number and the service name of the service If you disable VERIFICATION no session information is displayed when a session is started stopped or resumed Example Disabling VERIFICATION The following example shows how to disable VERIFICATION on port 5 Local CHANGE PORT 5 VERIFICATION DISABLED Specifying Lock The ...

Page 234: ...sions on that port In that case it may be best to disable LOCK on that port and rely on users to protect their sessions by disconnecting them when they must leave the terminal unattended Displaying Information About the Users You can use the SHOW MONITOR USERS command to do the following Determine which ports are in use at any time Identify the port users Display information about active port user...

Page 235: ...t groups apply only to those ports with ACCESS set to LOCAL current groups are ignored for those ports with ACCESS set to REMOTE Heading Description Port Number of the port Username Any user name or the name of the port established by the PORT NAME characteristic Note Any port having the user name Remote designates a remote access session in progress Status Status of the port which can be one of t...

Page 236: ...rent groups for these functions Checking authorization when the user enters a CONNECT command on the access server Displaying information with the SHOW NODES and SHOW SERVICES commands Example Assigning User Groups The following example shows the command for nonprivileged users to assign groups from among their authorized groups Local SET PORT GROUPS 5 If the authorized groups for the port were gr...

Page 237: ...e and port For example if it is important for you to connect to a particular system associated with a service named ACCOUNTING you can specify the service node where that system is attached Example Connecting to a LAT Service on a Specific Node or Server The following shows how to connect to LAT service SALES at node SERVER2 Local CONNECT LAT SALES NODE SERVER2 The following shows how to connect t...

Page 238: ...the Telnet abort output AO command Local SEND TELNET AO You can map Telnet functions to keyboard characters as described in Mapping Keyboard Characters to Telnet Functions For a complete list of Telnet commands refer to Telnet Keymapping Functions in this chapter In addition to the functions listed in Mapping Event Indications to Keyboard Characters in Chapter 13 you can also send the following Re...

Page 239: ...ome of the port users the remaining port users cannot establish subsequent additional sessions In this case you need to increase the access server session limit value or decrease the port session limit value for some or all of the ports You can set the SESSION LIMIT for the access server to a value of 0 to 128 or to NONE If you enter NONE the access server maintains up to 128 sessions potentially ...

Page 240: ...eceive equivalent information about the sessions for all access server ports For ports set up as a LAT service or Telnet listener the user name is displayed as Remote Example SHOW SESSIONS Display The following example shows how to generate a sessions display for ports 1 and 2 The first line of the sessions display begins with the port number and port user name On the same line the display shows t...

Page 241: ...ert the DSR signal during a signal check controlled connection attempt Queued at n Position in the connection queue of the connection request for a service The request at position 1 is the next one to be dequeued and connected Second column Displays which protocol LAT or Telnet the session is using Third column Name of the LAT service or Internet host associated with the session or SLIP for SLIP s...

Page 242: ...0 sessions refer to Specifying the Telnet Client Session Profile in this chapter and Chapter 18 respectively Displaying Session Status You can display the status of any current Telnet session If you have a LAT session the SHOW LIST MONITOR PORT SESSION command displays the port number session number Protocol LAT and the following message no status information available for LAT sessions Example SHO...

Page 243: ... the output from the access server Will Echo Enabled The access server will echo the input from the remote peer Disabled The access server will not echo the input from the remote peer Do SGA Enabled Receiving data in suppressed go ahead SGA mode This allows duplex communication Disabled Not receiving data in SGA mode The remote peer is sending go aheads Will SGA Enabled Sending data in SGA mode Th...

Page 244: ...nd remote FLOW CONTROL commands to enable and disable the peer s output FLOW CONTROL Disabled The access server will not send remote FLOW CONTROL commands to enable and disable the peer s output FLOW CONTROL Will Remote FLOW CONTROL Enabled The network access server will accept remote FLOW CONTROL commands Disabled The access server will not accept remote FLOW CONTROL commands Will Terminal Type E...

Page 245: ...RT 4 The port that you specify can have local remote or dynamic access Use caution when you log out a user s port When you log out a port you abruptly stop all sessions and data may be lost The port characteristics are also reset to the permanent values The privileged DISCONNECT PORT command allows you to stop another port s session with a dedicated service You cannot use this command for ports wi...

Page 246: ......

Page 247: ...ble privileged status Configure the port and device characteristics to match Reference For more information about LAT nodes refer to the LAT Network Concepts manual For information about connecting device cables refer to the appropriate access server hardware documentation In This Chapter This chapter contains the following topics Configuring a Port to Offer a LAT Service Configuring Access to a L...

Page 248: ... Use This Command And Refer to This Section and Chapter Service groups CHANGE SERVER SERVICE GROUPS ENABLED Changing Access Server Service Groups in Chapter 6 Authorized groups CHANGE PORT AUTHORIZED GROUPS ENABLED Configuring LAT Group Codes for Interactive Devices in Chapter 11 Service name CHANGE SERVICE NAME CHARACTERISTIC S Assigning a Service Name in this chapter Port name CHANGE PORT n NAME...

Page 249: ...e names must be 1 to 16 characters long and cannot be abbreviated Allowable characters are A to Z 0 to 9 hyphen _ underscore and period Ensure that the name is unique on the LAN If two or more service nodes offer the same service name access servers assume that all the services with that name are identical and are interchangeable Enabling Announcements By default announcements for a LAT service ar...

Page 250: ...ions marks as shown in the following example Local CHANGE SERVICE LN03_PRINT PORT 5 7 12 ID Assigning a Port Name Assigning a port name to a service limits the service s availability When you assign a port name to a service The service is not listed in the access server multicast message The service is available only to those users that know the port name Also the access server transmits the port ...

Page 251: ...H not echoed Verification BLIGH not echoed Local or Local DEFINE SERVICE LN03_PRINT PASSWORD BLIGH Caution Do not specify passwords for services such as printers that you set up for host initiated requests Example Clearing the Service Password To clear a previously set service password use empty quotation marks as shown in the following example Local CHANGE SERVICE LN03_PRINT PORT PASSWORD The pas...

Page 252: ... LAT Service The following example shows a sample configuration of a personal computer PC used as a terminal and a LAT service With the port set to ACCESS DYNAMIC the PC can switch between terminal emulation mode and file transfer mode When a PC is configured as a terminal you can use the connect command to use a printer service To do this the PC must have an application program that provides file...

Page 253: ...er port with a single computer system Ensure that each access server port is assigned to a service Example Configuring a Computer As a LAT Service on Port 2 The following example shows a sample configuration of a computer used as a LAT service Local DEFINE PORT 2 ACCESS REMOTE AUTOBAUD DISABLED AUTOPROMPT DISABLED Local DEFINE PORT 2 DEDICATED NONE DIALUP ENABLED DSRLOGOUT DISABLED Local DEFINE PO...

Page 254: ...200 Local LOGOUT PORT 3 Local CHANGE SERVER SERVICE GROUPS 10 24 46 ENABLED Local CHANGE SERVICE MODEM1 PORT 3 IDENTIFICATION Modem 123 4567 Example Configuring a Dial In and Dial Out Modem The following example shows a sample configuration of a dial in dial out modem used as a LAT service Local DEFINE PORT 4 ACCESS DYNAMIC AUTOBAUD DISABLED Local DEFINE PORT 4 DSRLOGOUT DISABLED FLOW CONTROL XON ...

Page 255: ...DICATED NONE Local DEFINE PORT 4 DSRLOGOUT DISABLED INACTIVITY LOGOUT ENABLED Local DEFINE PORT 4 LONGBREAK LOGOUT DISABLED SIGNAL CHECK ENABLED Local DEFINE PORT 4 SIGNAL CONTROL DISABLED Local LOGOUT PORT 4 Local CHANGE SERVER SERVICE GROUPS 10 24 46 ENABLED Local CHANGE SERVICE LASER PORT 4 IDENTIFICATION LN03 laser printer Setting Up a LAT Remote Print Queue on an OpenVMS Host To set up a LAT ...

Page 256: ...and file REMOTE_PRINT COM This command file sets up a remote printer and remote print queue You can use this file as a template to set up subsequent remote printers You should enter the remote printer command file name in the LTLOAD COM file This ensures that remote printers and remote print queues are set up automatically at system startup Note For OpenVMS Version 5 4 1 and later use LAT SYSTARTU...

Page 257: ...YS MANAGER directory For complete information about setting up remote printing on VAXcluster systems refer to the VMS VAXcluster manual in the OpenVMS documentation set Setting Up a LAT Remote Print Queue on an ULTRIX System To set up a LAT remote print queue on an ULTRIX host specify the access server name and the port name by using one of the following An lcp command An entry in the etc printcap...

Page 258: ...Configuration of Specific Types of Devices As LAT Services 12 12 Configuring and Managing LAT Services lf usr lib adm lpd errs cd usr spool mkdir lpd chown daemon lps lpr Plps test ...

Page 259: ...lability on a LAT network You must configure the device and port characteristics as described in Chapter 9 before performing this procedure The following are variables in the example that you should substitute with the appropriate values Access server port number Authorized and service groups Port name You should change the port name to a descriptive term This term should describe the resource pro...

Page 260: ...NABLED LONGBREAK LOGOUT DISABLED Local DEFINE PORT 4 NAME PORT_4 SIGNAL CHECK ENABLED Local DEFINE PORT 4 SIGNAL CONTROL DISABLED Local LOGOUT PORT 4 For systems that need to access the printer you must supply the system managers with the access server name port name and at least one group code that is enabled as an authorized group code on the port More Examples The following sections in this cha...

Page 261: ...d PORT_5 Local CONNECT LAT A_DEVICE DESTINATION PORT_5 Problem Solving If you have any problem connecting to the service or using the device use the following series of commands to review the service and port characteristics Verify whether the service is set up correctly by using the SHOW SERVICE service name CHARACTERISTICS command For example with the service A_DEVICE the command appears as foll...

Page 262: ... services offered by your access server use the SHOW LIST SERVICES LOCAL command To display information about a particular service use the SHOW LIST SERVICE command followed by the service name To display information about all services use the SHOW LIST SERVICE ALL command There are three types of information you can display about the service Characteristics The characteristics display is useful w...

Page 263: ...ication Service identification string This string is usually a short description of the service or of how to use it The following fields are displayed only for services offered by the access server local services Ports Numbers of the ports at which the local service is offered Rating Rating at which the access server offers this service If any ports that offer the service are available the rating ...

Page 264: ...lay for the SHOW SERVICE service name command For each selected service an introductory line identifies the service for which status information is being displayed The next line shows the headings for the status information Under the headings a line is displayed for each node offering the selected service The access server displays information about a service or services from data stored in its me...

Page 265: ...RVICE STATUS Display Headings The following table describes the fields and the headings in the display Heading Description Service Name that identifies the network service Node Name Name of the service node as stored in access server memory for each node that offers the service Status The accessibility of the service node as one of the following n Connected Service node is reachable and the access...

Page 266: ...vices from data stored in its memory If none of the ports can access a particular service the access server does not retain any data about that service Hence no information about that service can be displayed Note Ports with the LIMITED VIEW command enabled cannot perform the SHOW SERVICES command Rating Relative capability for a service node to process new sessions The service rating is assigned ...

Page 267: ...ring SHOW LIST MONITOR SERVICE SUMMARY Display Headings The following table describes the headings in the display Heading Description Service Name Name that identifies the network service Status Current availability of the service as one of the following Available One or more service nodes that offer the service are accessible n Connected Service is available and n sessions are currently active wi...

Page 268: ......

Page 269: ...s Configure the port and device characteristics to match Refer to your access server hardware documentation for information about connecting device cables In This Chapter This chapter contains the following topics Sample Device Configurations Configuring a Personal Computer As a Terminal and for Access through a Telnet Listener Configuring a Remote Print Queue Configuring a Telnet Listener Configu...

Page 270: ...ate values Access server port number Flow control type printer only Telnet listener identifier Must be 23 or between 2001 to 2032 inclusive Identification string up to 40 characters Configuring a Printer for Access Through a Telnet Listener For systems that need to access the printer you must supply the system managers with the TCP port number The section Configuring a Remote Print Queue in this c...

Page 271: ...CHANGE TELNET LISTENER 2010 PORTS 2 ENABLED Local CHANGE TELNET LISTENER 2010 IDENTIFICATION XYZ minicomputer Local CHANGE TELNET LISTENER 2010 CONNECTIONS ENABLED Configuring a Modem for Access Through a Telnet Listener This section contains examples that show how to configure a dial out modem and a dial in dial out modem Example Configuring a Dial Out Modem The following example shows a sample c...

Page 272: ...NE PORT 4 ACCESS DYNAMIC AUTOBAUD DISABLED Local DEFINE PORT 4 DSRLOGOUT DISABLED FLOW CONTROL XON Local DEFINE PORT 4 INACTIVITY ENABLED MODEM CONTROL ENABLED Local DEFINE PORT 4 PASSWORD ENABLED SIGNAL CHECK ENABLED Local DEFINE PORT 4 SPEED 2400 ALTERNATE SPEED 1200 Local LOGOUT PORT 4 Local CHANGE TELNET LISTENER 2008 PORTS 3 ENABLED Local CHANGE TELNET LISTENER 2008 IDENTIFICATION Modem 890 1...

Page 273: ... Local LOGOUT PORT 2 Local CHANGE TELNET LISTENER 2010 PORTS 2 ENABLED Local CHANGE TELNET LISTENER 2010 IDENTIFICATION Personal Computer Local CHANGE TELNET LISTENER 2010 CONNECTIONS ENABLED Switching Modes With the port set to ACCESS DYNAMIC the PC can switch back and forth from terminal emulation mode which allows the PC to access Access Server services on the LAT network and file transfer mode...

Page 274: ...rned by the following rules With INTERRUPTS DISABLED a potential user cannot interrupt an ongoing file transfer session between the PC and another system The user can start a session only when all file transfer sessions have completed or are disconnected from the privileged port The factory set default is INTERRUPTS DISABLED With INTERRUPTS ENABLED a potential user can press the Break key to inter...

Page 275: ...the network Once the initiator establishes a session to a partner you can transfer files in either direction between the initiator and the partner The computer serving as the file transfer partner might require some modifications before a file transfer To learn what modifications are required refer to the documentation for the computer and for the file transfer program Partner Guidelines The follo...

Page 276: ...r printing using the host s lpr command If a host print spooler attempts a connection to a Telnet listener port that is busy the queue entry request is dropped at the host and will have to be resubmitted Printer Port Telnet Server Characteristics The following table lists the recommended Telnet server characteristics for the printer port to facilitate printing of files Refer to Configuring Telnet ...

Page 277: ...o initially configure a remote access printer entry in the printcap file Example The following example creates printer ds0 with spooling directory usr spool lpd1 Some of the questions are ignored by pressing the Return key lprsetup ULTRIX Printer Setup Program Command add modify delete exit view quit help add Enter printer name to add ds0 Enter the FULL name of one of the following printer types o...

Page 278: ... language This file is loaded in the load host DECSERVER directory during installation 2 Modify the printcap entry ds0 lp1 lp tsb0c3 prds3 sd usr spool lpd1 The tsb0c3 entry identifies the access server internet address and is an entry in etc hosts for the access server The prds3 entry identifies the access server TCP port number and is an entry in etc services For example 16 20 48 43 tsb0c3 lkg d...

Page 279: ...s on the TCP IP network use to connect to the device on the access server port 2 Determine which access server port or ports are to be assigned to the Telnet listener 3 Provide an identification string that helps users recognize and use the resource It can be up to 40 characters in length The factory set default is no identification string 4 Enable the listener to receive connections The factory s...

Page 280: ...e device or application For example if an application defines IP as Ctrl G then you need to map IP to Ctrl G Local CHANGE PORT 5 TELNET SERVER IP G Event Indications You can map the following event indications to keyboard characteristics Event Indication Description Abort Output AO Occurs when the remote user of this connection requests that any output currently en route to the user s terminal be ...

Page 281: ... received from the internet host the character sequence is interpreted as a new line The factory set default is CRLF Note that the Telnet protocol specifies that the CRLF sequence should be sent NEWLINE TO HOST When entered by the remote user the character sequence is sent to the internet host The factory set default is CRLF Note that the Telnet protocol specifies that the CRLF sequence should be ...

Page 282: ...Servers Example Setting Character Size in a Specific Direction The following example shows how to set CHARACTER SIZE to 7 in the TRANSMIT direction Local CHANGE PORT 5 TELNET SERVER TRANSMIT CHARACTER SIZE 7 To set the character size in the receive direction use RECEIVE instead of TRANSMIT ...

Page 283: ...Listener TCP port 2010 Identification Printer Ports 6 8 Connections Enabled The first line displays the TCP port number the second line displays the identification string the third line displays the listener s access server port numbers the last line displays whether connections to the listener are enabled or disabled Displaying Telnet Server Characteristics The SHOW LIST MONITOR PORT TELNET SERVE...

Page 284: ...Many Devices Assigned to a Telnet Listener To remove a device that is one of many devices assigned to a Telnet listener perform the following steps Step Action 1 Use the SET TELNET LISTEN CONNECTIONS DISABLED command to stop any future connections The SET TELNET LISTEN CONNECTIONS DISABLED command is refused if a session exists Example The following example shows how to disable future connections ...

Page 285: ...a port Step Action 1 Use the LIST PORT n CHARACTERISTICS command to learn the values used in the existing configuration 2 Disconnect the device from the port 3 Select a new port and reattach the device at the new port 4 Set the new port s values to those of the existing port If the values are unavailable you need to configure the device as described in Chapter 4 5 Enable the Telnet listener on thi...

Page 286: ...In this way the server can poll anytime for the user s location If the Telnet server does not respond with IAC DO the session proceeds normally but the client does not send the location data Example TCP Messages to Poll Client User Location Data The following example shows a series of TCP messages generated during negotiation between the Telnet client the access server and the Telnet server The cl...

Page 287: ... to send data without any Telnet processing For example when sending data to a printer you may need to preserve the control characters sent to the printer or you may need to run socket I O calls In these cases you want to configure the raw TCP protocol on the Telnet listener Configuring Raw TCP To configure raw TCP on an access server configure a Telnet listener that has a type of RAW Use the CHAN...

Page 288: ... SHOW LIST TELNET LISTENER command to view the raw TCP settings Example Raw TCP Display The following example shows a typical display for a Telnet listener configured for raw TCP Local SHOW TELNET LISTENER 2003 Listener TCP port 2003 Listener Type RAW TCP Identification Ports 3 Connections ENABLED IP address 12 22 22 22 ...

Page 289: ...ng printing It listens for print requests from remote hosts on the Local Area Network LAN and responds to these requests The LPD software that the access server implements is similar in function to the LPR LPD Line Printer Remote Daemon on UNIX systems In This Chapter This chapter contains the following topics LPD Operation Configuring LPD ...

Page 290: ...e control file arrives first the access server stores the file waits for the data file to arrive and then prints the data The access server sends the user data in the control file as the last page of the print job If the data file arrives first the access server sends the file to the printer according to the printer setup on the port When the control file arrives the access server This File Contai...

Page 291: ...er cannot display or use user information from the control file while the file is printing If the Data File Arrives First and the Does the Header Trailer Print Does the User Information Print Header is enabled Yes No Header is disabled No No Header is optional No No Trailer is enabled Yes Yes Trailer is disabled No No Trailer is optional Yes Yes ...

Page 292: ...server receives print requests from remote hosts on TCP port 515 It uses LPD to send the file to a local printer through the access server s LAN interface and a serial port The following occurs when a host on the LAN uses LPD to send a print job to the access server ...

Page 293: ... of similar printers Use the DEFINE SET CHANGE PRINTER command to associate a printer with a port and configure print characteristics If Printing From This Host Then UNIX Create an entry in the etc printcap file that includes the name of the remote printer and the IP address of the access server the LPD server Refer to your system s LPR LPD documentation for details Users must convert files to eit...

Page 294: ... access to a printer temporarily for reasons such as routine maintenance or adding paper FLAGPAGE Specifies a message that prints on the flag page that prints before the file data HEADER Specifies whether a header page prints before the file data You can set this option so that no header page prints if the access server does not know the user name at the start of the print job for example if the a...

Page 295: ...ng Printer Characteristics Use the LIST SHOW PRINTER command to display the printer characteristics You can specify a printer name or display all of the configured printers Printer Display Example The following shows a typical display when you enter the SHOW PRINTER ALL command Local SHOW PRINTER ALL Printer LPS32_PS Header Page Enabled Connections Enabled Trailer Page Optional Flag Page Type Post...

Page 296: ...lt Protocol LAT Default Menu None Dialer Script None Preferred Service None Authorized Groups 0 Current Groups 0 Enabled Characteristics Broadcast Failover Input Flow Control Lock Loss Notification Message Codes Output Flow Control Verification Local SHOW PRINTER SPEEDY STATUS Printer SPEEDY Identification Fast Laser Printer Print Jobs 34 Total Bytes Sent 459285 Printer Service Status Port User St...

Page 297: ...devices Enable privileged status Configure the port and device characteristics to match This chapter provides information about configuring only the access server for SLIP communications For information about configuring SLIP hosts refer to the documentation provided with the host system In This Chapter This chapter contains the following topics Packet Forwarding to and from SLIP Hosts Displaying ...

Page 298: ...15 2 Configuring and Managing SLIP Ports Establishing Terminal Sessions with a PC Establishing a SLIP Session Establishing a SLIP Session Compressed SLIP Displaying SLIP Counters Disabling SLIP ...

Page 299: ...to an attached SLIP host it forwards the packet to that host The access server also directly forwards packets from one attached SLIP host to another attached SLIP host The access server acts like an ordinary IP router to an attached SLIP host The access server appears like a multihomed IP host to the IP routers on the Internet A multihomed host is an IP host with more than one IP address Network C...

Page 300: ...nit MTU and the compression If you change SLIP characteristics while a SLIP session is already established the changes have no effect until you start a new SLIP session Command Use the SHOW PORT n SLIP CHARACTERISTICS command to display SLIP characteristics Displaying SLIP Characteristics Example The following example shows a typical SLIP characteristics display Local SHOW PORT 5 SLIP CHARACTERIST...

Page 301: ...rt Obtains the SLIP Host Internet Address This section describes how an access server port obtains the SLIP host Internet address The SLIP host port address must be contained in the access server subnet identifier You can assign an address or you can allow the access server to automatically obtain the SLIP host address Assigning a Host Internet Address To assign the Internet address to a port use ...

Page 302: ...ss If you configure a port for SLIP communication and do not assign a host address the access server does the following 1 Reads the source address from the attached host s first output IP packet 2 Automatically assigns this address to the port if it is valid The access server clears this address when the SLIP host logs out from the port ...

Page 303: ...m Segment Size and the MTU An attached host announces the TCP maximum segment size MSS at connection time The MSS specifies the largest fragment of a datagram that the attached host is willing to receive The MSS is normally based on the MTU of the network connection as recommended by RFC 879 The MSS should always be smaller than the MTU value The TCP and IP headers account for the difference betwe...

Page 304: ...rt for SLIP communications as shown in the following example you must configure the device and port characteristics as described in Chapter 9 Example Configuring a PC As a Terminal and SLIP Host The following example shows a sample port configuration that enables a PC to act as both a terminal and a SLIP host Local DEFINE PORT 2 ACCESS LOCAL AUTOBAUD ENABLED Local DEFINE PORT 2 BREAK LOCAL DEDICAT...

Page 305: ...guration of a dedicated SLIP port Local DEFINE PORT 4 ACCESS LOCAL AUTOBAUD DISABLED AUTOCONNECT ENABLED Local DEFINE PORT 4 BREAK DISABLED DEDICATED SLIP Local DEFINE PORT 4 DEFAULT PROTOCOL SLIP Local DEFINE PORT 4 DSRLOGOUT DISABLED DTRWAIT DISABLED Local DEFINE PORT 4 FLOW CONTROL CTS INACTIVITY LOGOUT DISABLED Local DEFINE PORT 4 INTERRUPTS DISABLED PASSWORD DISABLED PREFERRED NONE Local DEFI...

Page 306: ...n modem for use with a SLIP host on a full modem control access server Local DEFINE PORT 6 ACCESS LOCAL ALTERNATE SPEED NONE AUTOBAUD ENABLED Local DEFINE PORT 6 DEFAULT PROTOCOL SLIP Local DEFINE PORT 6 DSRLOGOUT DISABLED DTRWAIT DISABLED Local DEFINE PORT 6 FLOW CONTROL CTS INACTIVITY LOGOUT DISABLED Local DEFINE PORT 6 INTERRUPTS DISABLED PASSWORD ENABLED Local DEFINE PORT 6 SIGNAL CHECK DISABL...

Page 307: ...ost in this chapter 3 If you want to authenticate a user make sure that a terminal emulation program is installed and running on the PC The terminal emulation program needs to be invoked after a connection is established so that the user can respond to prompts for authentication Refer to Managing Dial Up Access Security with AUTOLINK and AUTOLINK Authentication in Chapter 22 for more information i...

Page 308: ...al CHANGE PORT SLIP MTU 800 Local CONNECT SLIP Local 561 Starting SLIP or PPP datalink session If you previously configured the port with an Internet address and an MTU then you only need to use the CONNECT SLIP command After Making a Connection Once you enter the CONNECT SLIP command the access server expects IP packets from the PC formatted as SLIP frames Use the appropriate command to exit from...

Page 309: ...le Enabling CSLIP The following example shows how to enable CSLIP on port 5 Local CHANGE PORT 5 SLIP COMPRESSION ENABLED Disabling CSLIP The following example shows how to disable CSLIP on a port Local CHANGE PORT 5 SLIP COMPRESSION DISABLED Automatic CSLIP You can enable a port to start CSLIP automatically if the port receives compressed data over an already existing SLIP session The following ex...

Page 310: ... following table describes the information in the SLIP Counters display Field Description Connect Time Length of duration of the SLIP session This is 0 if there is no SLIP session Bytes Received Number of bytes received by the access server from the SLIP host on the port Bytes Sent Number of bytes sent by the access server to the SLIP host on the port Packets Received Number of IP packets received...

Page 311: ...Ports 15 15 Disabling SLIP Disabling SLIP Command Use the CHANGE PORT n SLIP DISABLED command to disable SLIP on a port Disable SLIP Example The following example shows how to disable SLIP on port 2 Local CHANGE PORT 2 SLIP DISABLED ...

Page 312: ......

Page 313: ...t managing SNMP on the access server refer to the file snmp_survival txt contained in the software installation kit This file fully describes every SNMP accessible variable and table in the access server For example the file describes What values variables can take When and how variables and tables change How the user interface can access variables and tables In This Chapter This chapter contains ...

Page 314: ...or more information about using community names refer to the Configuring the Access Server for SNMP Access section in this chapter Supported SNMP Operations The access server supports the SNMP operations listed in the following table Specification Title RFC 1155 Structure for Management Information for TCP IP Based Protocols RFC 1157 A Simple Network Management Protocol SNMP Operation Description ...

Page 315: ...explanations of the various SNMP MIB objects implemented on the access server MIB Description RFC 1213 Management Information Base MIB II for Internet protocol suite management This makes RFC 1158 obsolete RFC 1243 Definitions of Managed Objects for the AppleTalk MIB RFC 1284 Definitions of Managed Objects for the Ethernet like interface types RFC 1158 Obsolete MIB II Supported for backwards compa...

Page 316: ...formation Base Variables The following figure illustrates the access server implementation of MIB II the Character MIB RS 232 like MIB AppleTalk MIB and Ethernet like MIB variables The objects described in this section are implemented as defined in RFCs 1213 1243 1284 1316 and 1317 ...

Page 317: ...Example Displaying SNMP Information The following example shows how to display SNMP information on the access server Local SHOW SNMP SNMP State ENABLED AUTHENTICATION FAILURES ENABLED Community Name Address GET GETNEXT SET TRAP PUBLIC ANY ENA ENA DIS DIS SNUGS ANY ENA ENA ENA DIS BUGS 195 1 1 1 ENA ENA ENA DIS SERVER 195 1 1 2 ENA ENA ENA ENA Default Community Name PUBLIC The CHANGE SNMP ENABLED c...

Page 318: ...NGE SNMP ENABLED Configuring a Community Name with an Address You can configure a community name so that only an NMS with a given address can access the access server with SNMP commands Use the CHANGE SNMP COMMUNITY community name ADDRESS command to configure the community name in this way Example Configuring Community Names for Access from a Specific NMS The following example shows how to create ...

Page 319: ...this example only NMS 195 1 1 2 can access community name SERVER The access server sends TRAP messages to this NMS Local CHANGE SNMP COMMUNITY SERVER ADDRESS 195 1 1 2 Local CHANGE SNMP COMMUNITY SERVER SET ENABLED Local CHANGE SNMP COMMUNITY SERVER TRAP ENABLED Local CHANGE SNMP AUTHENTICATION ENABLED Local CHANGE SNMP ENABLED Note TRAPS cannot be enabled for communities with the IP address ANY T...

Page 320: ... SNMP COMMUNITY community name TRAP DISABLED command The following is an example of disabling TRAP messages for the SERVER community Local CLEAR SNMP COMMUNITY SERVER TRAP DISABLED Removing Community Names The access server allocates 80 bytes of NVRAM to store information about community names If you attempt to define or modify a community name and there is insufficient memory you see a message in...

Page 321: ...s from a Community Name You can remove an NMS address from a community name by using the ANY keyword in the CHANGE SNMP COMMUNITY community name ADDRESS command This keyword allows any NMS that knows the community name to access the access server The access server however rejects an ADDRESS ANY command if TRAP access is enabled Example Removing the Community Name Internet Address The following exa...

Page 322: ...ion kit includes ASCII text files of these MIBs 2 Enter the access server IP address each appropriate community name and desired access rights in the NMS database If the community name is associated with an IP address the address must be the Internet address of this NMS The network manager must also associate the IP address of the access server with each such name The exact procedure depends on th...

Page 323: ...Manage the access server as part of the LAT network Manage the access server as part of the TCP IP network Manage access server characteristics Check port status and counters Reassign a port device in case of port failure In This Chapter This chapter contains the following topics Managing Your Access Server As Part of the LAT Network Displaying Information About the Access Server Checking Port Sta...

Page 324: ...andwidth than many access server users connecting to few service nodes To reduce the number of service nodes accessed from a particular access server assign users to the access server based on their need for common services and then assign the appropriate authorized groups for the access server ports Checking LAT Service Accessibility The node limit characteristic specifies the number of service n...

Page 325: ...tus of the selected nodes This includes a list of the services offered by the nodes and information on each service This display can help you track the availability and use of services Example SHOW NODE STATUS Display The following example shows how to generate a status display for the service node called PEACH Local SHOW NODE PEACH STATUS Node PEACH Address 08 00 2B 00 2B 02 LAT Protocol V5 2 Dat...

Page 326: ...ceive messages Identification Node identification string Node Groups Group codes enabled for this service node For a port to access the service node at least one of these groups must Service Name column Name of each service offered on this node The same service might be offered on other service nodes Use the SHOW SERVICE STATUS command to find the names of all the nodes offering a particular servi...

Page 327: ...SHOW SERVER COUNTER command Counters can help you estimate access server traffic on the network for specific time periods For example for information about daily access server usage set the counters to zero at the start of each day You can also use counters data to calculate the average use of the Ethernet and the service nodes By combining this data from the access server with the counters data f...

Page 328: ...2932 Illegal Slots Received 0 Bytes Received 13876620 Solicitations Accepted 0 Bytes Transmitted 475427 Solicitations Rejected 0 TSHOW LIST MONITOR NODE COUNTERS Display Fields The following table describes the information displayed in the previous example Field Description Node Name of the node Seconds Since Zeroed Number of seconds since the counters were last set to zero maximum time exceeds 13...

Page 329: ...n 1 1000 of the value for Messages Transmitted If this value is higher than the guideline the service node might not be handling the access server message load Illegal Messages Received Number of illegally formatted messages the access server received from this node This value should be zero A count of nonzero indicates a possible software problem in either the access server or the service node Il...

Page 330: ... SET DEFINE CHANGE SERVER NAME command and you specify an access server name that is already being used by another node other LAT nodes may replace your access server name with a default LAT name to make your access server name unique The default is in the following format LAT nnnnnnnnnnnn The value nnnnnnnnnnnn is the unhyphenated 12 digit Ethernet address of the second service node which is used...

Page 331: ...ading Description Node Name The name of the service node as defined in the access server node database Status Reachability status of the service node shown as one of the following n Connected Node is reachable and n sessions are active with services offered by the service node Reachable No sessions are active but the service node is accessible Requesting Node that does not presently offer services...

Page 332: ...l mode with the exception of the RCF management port Displaying Access Server Counters The LIST MONITOR SHOW SERVER COUNTERS command displays the values for the global counters maintained by the access server The counters display is useful for detecting network problems The first line displays the access server software version number and base level LAT software version number ROM version number a...

Page 333: ...Bytes Sent 215694 Unrecognized Destination 193760 Multicast Frames Rcv d 66700 Data Overrun 0 Multicast Frames Sent 2179 User Buffer Unavailable 0 Frames Sent Deferred 96516 System Buffer Unavailable 0 Messages Received 1886375 Duplicates Received 106 Messages Transmitted 1569667 Messages Re transmitted 485 Solicitations Accepted 0 Illegal Messages Rcv d 6 Solicitations Rejected 0 Illegal Slots Rc...

Page 334: ...frames sent by the access server Frames Sent Deferred Number of times the access server deferred a frame transmission because the data link was in use This value should be less than 20 of the value for Frames Sent Frames Sent 1 Collision Number of times the access server successfully transmitted a frame on the second attempt after a collision during the first attempt This value should be less than...

Page 335: ... 200 such errors daily This number does not indicate a network problem If a reason for send failures is heartbeat errors and the transceiver being used does not support heartbeat check to see whether you have heartbeat enabled The send failures count will reflect the heartbeat errors generated from the transceiver not responding to checks of its heartbeat circuitry Disable the access server charac...

Page 336: ...f the access server does not have an IP address and is connected to a network with ARP traffic If this count is extremely high greater than 10 for each second of uptime the access server performance could be adversely effected Data Overrun Number of times the access server hardware lost an incoming frame because it was unable to keep up with the data rate This value should be 0 User Buffer Unavail...

Page 337: ...g The sum of the number of solicitations accepted and the number of solicitations rejected equals the number of queued connection requests that the access server received Solicitations Rejected Number of queued connection requests that the access server could not process and therefore rejected The sum of the number of solicitations accepted and the number of solicitations rejected equals the numbe...

Page 338: ...ng since the last downline load expressed as days hours minutes seconds Example SHOW SERVER STATUS Display The following example shows how to generate an access server status display Local SHOW SERVER STATUS Network Access SW Vx x for DSxxx xx BLxx xx ROM x x x Uptime 0 17 05 57 Address 08 00 2B 02 F2 BB Name T_LAT06 Number 65535 Cur High Max Active Ports 8 8 16 Minutes to Shutdown N A Active User...

Page 339: ...column headings in the access server status display Field Description Address Ethernet address of the access server Name Name of the access server This string can be specified by using the SET DEFINE CHANGE SERVER NAME command Number Number of the access server This number can be specified by using the SET DEFINE CHANGE SERVER NUMBER command Cur column Current running value of the resource If the ...

Page 340: ...e Circuits LAT virtual circuits on which the access server has active connections with service nodes Connected Nodes Service nodes with which the access server has established LAT virtual circuits Connected Sessions Total number of LAT Telnet and SLIP sessions on the access server Total number of LAT Telnet and SLIP sessions on the access server CPU Used Percentage of processing time the access se...

Page 341: ...of users Resource Errors Number of times an internal data structure could not be created due to the lack of system memory Port Framing Errors Sum of bytes received at the access server ports with illegally formatted data characters Values other than 0 might indicate a problem with one of the ports Use the port counters display to isolate the port or ports generating the errors accumulated in this ...

Page 342: ...s the access server The access server indicates none available if the RCF is not in use Boot Protocol This is the protocol used to downline load the software Selftest Status Shows internal information if the result of self test at the most recent access server initialization is other than Normal Server 00 00 00 Service 00000 Port 0000000000000000 If a nonfatal error occurs during self test the acc...

Page 343: ...er represents a bit map in which a bit set indicates a problem with the port Bit 1 2 4 Service 00000 This value is a hexadecimal representation of a bit map in which a bit set indicates which service or services contained a checksum error Bit 1 2 4 8 10 20 40 80 100 200 400 800 1000 2000 4000 8000 Field Description ...

Page 344: ... on the network These group codes are the sum of the authorized group codes of the ports on the access server 10000 20000 40000 80000 Port 0000000000000000 This value is a hexadecimal number that corresponds to ports 1 to 16 from left to right Note If more than one bit is set in a bit map the value shown is the sum of the values for each bit For example if the Service Status value is 18C hexadecim...

Page 345: ...t address of the access server Name Name of the access server as defined with the SET DEFINE CHANGE SERVER NAME command Number Number of the access server as defined with the SET DEFINE CHANGE SERVER NUMBER command Identification An ASCII string describing the access server supplied in multicast service node announcement messages and issued to interactive access server users at access server login...

Page 346: ...elected ports The bottom of the display lists all the enabled port characteristics Use the characteristics display when you are changing settings The port number n in the display indicates that the port device is connected to connector JN on the hardware unit The server name is configured with the SET DEFINE CHANGE SERVER NAME command The other values can be changed with the SET DEFINE CHANGE PORT...

Page 347: ...sage Codes Multisessions Output Flow Control On Demand Loading Password Queuing Security Signal Check Verification Local Displaying Port Counters The SHOW MONITOR PORT COUNTERS command displays the counters associated with each of the selected ports Use this command to discover the source of any problems between the port device and the port Typically network problems can be detected with errors re...

Page 348: ...the port as established for the port characteristic NAME if no user name was supplied Server Specifies a 1 to 16 character name for the access server Seconds Since Zeroed Number of seconds since the counters were last set to zero Framing Errors Number of bytes received at the port with illegally formatted frames If this value accumulates to greater than about 20 errors per day on any one port you ...

Page 349: ...Number of characters lost because the access server input buffers were full If this value accumulates more than 10 errors daily on any one port you might have flow control problems If the port device supports flow control ensure that the access server flow control and the flow control in the hardware for that device are set the same way To check the FLOW CONTROL setting use the SHOW PORT CHARACTER...

Page 350: ... the port which can be one of the following Connected Port is connected to a service Connecting Port is attempting a connection to a service Disconnected Session was terminated while dormant Disconnecting Session is disconnecting from a service Idle Port is not in use Local Mode Port is logged in to the access server and is not connected to or connecting to a service Locked LOCK command was execut...

Page 351: ...ORTS ALL SUMMARY Port Access Status Services Offered 1 Local Connected 2 Remote Connected LA50 PRINTER 3 Dynamic Idle HARDCOPY 4 Local Local Mode 5 Remote Connected LA50 PRINTER 6 Local Connecting 7 Remote Disconnected TIMESHARING 8 Local Idle 9 Local Idle 10 Local Idle 11 Local Idle 12 Local Idle 13 Local Idle 14 Local Idle 15 Local Idle 16 Local Idle Current Port Identification of the port at th...

Page 352: ...y use of the port Remote Access server allows only remote connections on the port Port access is specified by using the SET DEFINE CHANGE PORT command Status Current status of the port which can be one of the following Connected Port is connected to a service Connecting Port is attempting a connection to a service Disconnected Session was terminated while dormant Disconnecting Session is disconnec...

Page 353: ...el 2 The display screen of this model has 80 columns and 24 rows The TN3270 software performs the following tasks Translates the ASCII terminal data stream into the 3270 data stream and transmits it to the IBM host Receives the 3270 data stream from the IBM host and translates it into the ASCII terminal data stream The access server uses Telnet over TCP IP to access applications on IBM hosts This ...

Page 354: ...s Definition TN3270 supports the following models of DIGITAL ASCII terminals VT100 with Advanced Video Option VT102 VT220 VT240 and VT241 VT320 VT330 VT340 and VT341 VT420 In the remainder of this chapter the term ASCII terminal refers to all the models listed above and any compatible terminal emulation package ...

Page 355: ...signs the functions on the IBM 3270 keyboards to keys or key sequences on the ASCII terminals For example Ctrl Z on an ASCII keyboard by default maps to the IBM 3270 EXIT function when you use the VT100 keyboard map Server Specific Keyboard Maps You can have server wide keyboard maps that all server ports can access or you can set them up on a port by port basis For information on displaying and c...

Page 356: ... minimal tasks required to configure a port for 3270 emulation This section describes these tasks Setting Up an ASCII Terminal To enable an ASCII terminal for 3270 emulation you need to change the setup parameters as described below To change these parameters use the setup procedure described in the documentation provided with the terminal When you connect to an IBM host or resume a 3270 session T...

Page 357: ...or an IBM 3278 then the access server defaults to a standard Telnet connection To disable 3270 emulation on port 2 enter the following Local CHANGE PORT TN3270 NONE By default 3270 emulation is disabled on all ports Specifying the Type of ASCII Terminal Used for Emulation After you indicate the 3270 model number you need to specify the type of ASCII terminal For example to indicate that a VT220 is...

Page 358: ... the keyboard map defined for a session enter the 3270 HELP function Entering and Editing Data TN3270 supports the following data entry and editing features Unformatted and formatted screens Normal and insert modes For information about IBM 3270 data entry and editing refer to the documentation provided with your IBM application Status Line Indicator The status line indicator is a reverse video st...

Page 359: ... turns off when you enable the status display after viewing the hidden data INSERT The terminal is in insert mode INHIB The application has suspended input from the keyboard This condition can occur when You try to enter data in a protected field You try to enter the wrong type of data O You are using the numeric lock override function This indicator turns off when you enter the NUM OVR function a...

Page 360: ...IBM Host Communications 18 8 Configuring and Managing 3270 Terminal Emulation TN3270 Status Line Indicator Display The following figure shows the position of the status line indicator on the screen ...

Page 361: ... of keyboard maps depends upon the fact that each keyboard map is associated with a terminal type The privileged user can create a new terminal type and associate a new keyboard map with it Then he or she can customize the new map which changes the key assignments that go with IBM 3270 functions A port user can then associate a port with the new terminal type This automatically sets up the port to...

Page 362: ...l types and keyboard maps up to six of each New terminal types can be associated with one of the default keyboard maps or with a new keyboard map that has customized individual key assignments The first of the following two commands below creates a new terminal type called PC_100_DCA and associates it with the default VT100 keyboard map You might want to do this for example if you have PCs that em...

Page 363: ...s the keymapping assignment for the TN3270 function CLEAR Instead of the default VT100 keymapping EXT ENTER the manager assigns the CLEAR function to Ctrl W Local CHANGE TN3270 KEYMAP NEW_KEYS CLEAR CTRL W In a display the customized keymapping assignment is marked with an asterisk The privileged user can show the new keymapping with this command Local SHOW TN3270 KEYMAP NEW_KEYS Rules for Customi...

Page 364: ...al SHOW TN3270 TERMINAL Server LAT_08002B26D0DE Terminal Keymap VT100 VT100 VT220 VT220 VT320 VT220 VT420 VT220 ANSI VT1000 PC_100_DCA NEW_KEYS PC_220_DCA NEW_KEYS2 2 Choose a keyboard map for one of the terminal types for example NEW_KEYS and check its associated keymapping Local SHOW TN3270 KEYMAP NEW_KEYS 3 If the keymapping is what the users require for TN3270 applications they set up the port...

Page 365: ...e of the predefined default terminal types and then customize its keyboard map Customizing a Default Keyboard Map for a Port discusses this customization Select and use one of the server wide customized terminal types and its keyboard map These terminal types have been defined and customized for all ports by the server manager The users cannot customize the keymaps associated with these terminal t...

Page 366: ...ser can now confirm the terminal type and keyboard mapping assignments Local SHOW PORT 2 TN3270 CHARACTERISTICS Local SHOW PORT 2 TN3270 KEYMAP Customizing a Default Keyboard Map for a Port As a port user you can customize any of the key definitions on the default keyboard map to suit your keyboard For example the following command defines the ASCII code for the IBM 3270 NEWLINE function Local CHA...

Page 367: ... 18 15 Displaying and Customizing Keyboard Maps Example SHOW PORT TN3270 KEYMAP Command The following example shows a partial display of a keymap Local SHOW PORT 2 TN3270 KEYMAP Port 1 john 3270 function ASCII Keystroke mnemonic description CLEAR F12 Alt F2 ...

Page 368: ... the ASCII to EBCDIC and EBCDIC to ASCII translation tables These tables use ASCII codes 0 to 255 When you display or change a given translation you must enter the codes in hexadecimal format Any changes to the translation tables take effect in new sessions on the access server but do not affect current sessions Command Enables You to Display and Modify SHOW SET TN3270 ATOE The ASCII to EBCDIC tra...

Page 369: ...or TN3270 definitions in NVRAM TN3270 Commands That Free NVRAM Space The following table lists the commands used to free NVRAM space Definition Description Storage Requirements Keyboard map definition for a port 8 bytes Optional description text for a port 8 bytes for increments of 7 bytes of text Each ASCII to EBCDIC and EBCDIC to ASCII customized translation 8 bytes Command Frees NVRAM Space Use...

Page 370: ...onfiguring and Managing 3270 Terminal Emulation TN3270 Limiting NVRAM Usage To limit the number of NVRAM keyboard maps that the port user can customize use the command shown in the following example Local DEFINE PORT TN3270 NVRAM LIMIT 5 The default limit is 0 ...

Page 371: ...ASCII to EBCDIC translation for the code specified For the default ASCII to EBCDIC translation table refer to the Network Access Server Command Reference SET DEFINE CHANGE TN3270 ETOA Changes the EBCDIC to ASCII translation for the code specified For the default EBCDIC to ASCII translation table refer to the Network Access Server Commands Reference SET DEFINE CHANGE TN3270 TERMINAL Creates an acce...

Page 372: ...VT100 Nonprivileged KEYMAP Enables you to change a definition in the keyboard map KEYMAP NVRAM LIMIT Specifies the number of keyboard mapsin NVRAM that the nonprivileged user is allowed to define 0 Privileged NULLS Determines how TN3270 treats the transmission of null characters to the host 3179 Nonprivileged FLOW CONTROL Allows you to enable and disable input and output flow control for the port ...

Page 373: ...cs for a specified port TN3270 ATOE The ASCII to EBCDIC translation table TN3270 ETOA The EBCDIC to ASCII translation table TN3270 TERMINAL The terminal types available on the access server and their associated keyboard maps TN3270 KEYMAP The keymap assignments associated with a specified keymap PORT SESSION TN3270 KEYMAP All keyboard maps for all sessions on the specified port PORT SESSION CHARAC...

Page 374: ......

Page 375: ... link over low speed asynchronous serial lines Prerequisites Before you use the procedures in this chapter you must Ensure that the devices support PPP Connect and test the devices Configure the port and device characteristics to match For information about device cables refer to the access server hardware documentation In This Chapter This chapter contains the following topics Enabling PPP on an ...

Page 376: ... only required commands are DEFINE PORT MULTISESSIONS DISABLED DEFINE PORT PPP ENABLED Example Enabling PPP for Mixed Traffic The following example shows a series of commands used to configure a port to support mixed character cell and PPP traffic Local DEFINE PORT 3 ACCESS LOCAL AUTOBAUD ENABLED AUTOCONNECT DISABLED Local DEFINE PORT 3 BREAK LOCAL DEFAULT PROTOCOL PPP DSRLOGOUT ENABLED Local DEFI...

Page 377: ...D Local DEFINE PORT 5 PPP ENABLED Local DEFINE PORT 5 PPP IPCP HOST ADDRESS 1 2 3 4 Local LOGOUT PORT 5 Enabling Ports with Modems for PPP The following example shows a series of commands used to dedicate a port with an attached modem to PPP Local DEFINE PORT 5 ACCESS LOCAL ALTERNATE SPEED NONE Local DEFINE PORT 5 AUTOBAUD ENABLED AUTOCONNECT DISABLED Local DEFINE PORT 5 BREAK DISABLED DEDICATED P...

Page 378: ... session on a port by entering the following secure command Local CONNECT PPP You can stop a PPP session by Logging out of the port Generating a BREAK to the access server if the login is interactive followed by the DISCONNECT command causing the peer to negotiate an end to the link The exact mechanism for causing a peer to negotiate the end of a link depends on the PPP package used on the access ...

Page 379: ...ORT n PPP LCP characteristic commands Use the SHOW MONITOR PORT n PPP LCP STATUS command to see the values actually used on the link Example Displaying LCP Characteristics The following example shows the command to display the LCP configuration for port 5 Local SHOW PORT 5 PPP LCP CHARACTERISTICS Port 5 Server LAT_08002B26D0E7 LCP Characteristics LCP Enabled Passive Open Disabled Restart Timer 3 s...

Page 380: ... there is no response 1 to 5 attempts 3 Max Configure The number of times that LCP sends a configure request packet to the peer without receiving an acknowledgment 1 to 15 attempts 10 Max Terminate The number of times that LCP sends a terminate request packet to the peer without receiving an acknowledgment 1 to 15 attempts 2 Max Failure The number of times that LCP sends a negative acknowledgment ...

Page 381: ...abled Disabled ACF Compress Indicates if the access server negotiatesto allow its peer to omit the HDLC address and control fields from packets sent over the link Enabled Disabled Disabled FCS Size The size of the FCS that the access sever is configured to negotiate 16 bit 16 bit Callback Indicates that the access server negotiates to request a call back Enabled Disabled Enabled Note This field ha...

Page 382: ...Address 0 0 0 0 Compress Header Disabled Compress States 16 IPCP Characteristics Display Fields The following table explains the fields in the IPCP characteristics display Field Description Values Default IPCP Indicates if IPCP is enabled Enabled Disabled Disabled Passive Open When enabled IPCP negotiation does not begin until initiated by the attached device Disabled Disabled Restart Timer Indica...

Page 383: ...s 1 to 15 attempts 10 Negotiate Address Indicates if IP address negotiation is enabled for this link Enabled Disabled Disabled Remote IP Address Indicates the address that the access server should negotiate to use for the peer and the source of the port s remote IP address 0 0 0 0 Compress Header Indicates that TCP IP header compression is to be used Enabled Disabled Disabled Compress States Indic...

Page 384: ...26AA94 ATCP Characteristics ATCP Enabled Passive Open Enabled Restart Timer 3 seconds Max Configure 10 transmissions Max Terminate 2 transmissions Max Failure 10 transmissions ATCP Characteristics Display Field Values The following table explains the fields in the ATCP characteristics display Field Description Values Default ATCP Indicates if ATCP is enabled Enabled Disabled Enabled Passive Open1 ...

Page 385: ...elease Max Terminate The number of times that ATCP sends a terminate request packet to the peer without receiving an acknowledgment 1 to 15 attempts 2 Max Failure The number of times that ATCP sends a negative acknowledgment for the peer s proposed options before deciding to reject the options 1 to 15 attempts 10 Field Description Values Default ...

Page 386: ...PORT n PPP LCP CHARACTERISTICS display The display fields fall into two categories General link status LCP Status section Status of the LCP options LCP Options section Example LCP Status Display The following example shows the LCP status display for port 5 Local SHOW PORT 5 PPP LCP STATUS Port 5 Server LAT_08002B26D0E7 LCP Status State Initial Negotiation Time 0 00 00 00 Since Open 0 00 00 00 Fail...

Page 387: ...acter Map Specifies which characters require special encapsulation or byte stuffing Authentication Indicates whether authentication is required PAP is supported for this release Link Quality The link quality is disabled in this release Magic Number Local Indicates if the access server has negotiated to respond to magic numbers from the peer These numbers can be used to detect loopback The local ma...

Page 388: ... PORT n PPP IPCP CHARACTERISTICS display The display fields in fall into two categories General IP status over the link IPCP Status section Status of each IPCP option IPCP Options section Example IPCP Status Display The following example shows the IPCP status display for port 5 Local SHOW PORT 5 PPP IPCP STATUS Port 5 Server LAT_08002B26D0E7 IPCP Status State Initial Negotiation Time 0 00 00 00 Si...

Page 389: ...P negotiation procedure the last time IPCP negotiated Since Open The number of seconds since IPCP last attempted to negotiate IP over the link Failure Reason Provides a brief reason if IPCP cannot negotiate IP over the link Negotiate Address Indicates if address negotiation should take place This characteristic is disabled in this release IP Address Local The IP address that the access server is u...

Page 390: ... in fall into two categories General ATCP status over the link ATCP Status section Status of each ATCP option ATCP Options section Example ATCP Status Display The following example shows the ATCP status display on port 5 Local SHOW PORT 5 PPP ATCP STATUS Port 5 Server LAT_08002B26AA94 ATCP Status State Opened Negotiation Time 0 00 00 10 Since Open 0 00 08 10 Failure Reason None ATCP Options Local ...

Page 391: ...f reason if ATCP cannot negotiate IP over the link ATCP Options Local Refers to the access server Remote Refers to the attached PPP hosts AppleTalk Address The access server Appletalk address and the AppleTalk address that the access server has acquired and assigned to the attached host Routing Protocol The type of routing protocol information that may be sent across the link Suppress B_Cast Indic...

Page 392: ...ECT command zeroes each of the counters Example Commands to Display LCP Counters The following example shows the command to display LCP counters for port 5 Local SHOW PORT 5 LCP COUNTERS Port 5 Server LAT_08002B26D0E7 LCP Counters Negotiation Successes 0 Negotiation Failures 0 Configures in 0 Configures out 0 Acks in 0 Acks out 0 Naks in 0 Naks out 0 Rejects in 0 Rejects out 0 Terminates in 0 Term...

Page 393: ...eer from the access server Acks in The number of LCP configure acks received from the peer Acks out The number of LCP configure acks sent to the peer from the access server Naks in The number of LCP configure naks received from the peer Naks out The number of LCP configure naks sent to the peer from the access server This counter should always be zero in this release Rejects in The number of LCP c...

Page 394: ... from the peer Echo Reqs out The number of LCP echo requests sent to the peer from the access server This number should always be zero in this version Echo Resps in The number of LCP echo replies received from the peer Echo Resps out The number of LCP echo replies sent to the peer from the access server Prot Rejects in The number of LCP protocol rejects received from the peer Prot Rejects out The ...

Page 395: ...in the IPCP counters display Field Description Negotiation Successes The number of times that IPCP has successfully entered a round of negotiations to bring up IP since the link was brought up Ordinarily the value of this counter is 1 However you can reconfigure IPCP and then cause IPCP to renegotiate This changes the performance characteristics for the link Negotiation Failures The number of time...

Page 396: ...naks received from the peer Naks out The number of IPCP configure naks sent to the peer from the access server This counter should always be zero in this release Rejects in The number of IPCP configure rejects received from the peer Reject outs The number of IPCP configure rejects sent to the peer from the access server Terminates in The number of IPCP terminate requests received from the peer Ter...

Page 397: ...TCP counters display Field Description Negotiation Successes The number of times that ATCP has successfully entered a round of negotiations to bring up AppleTalk since the link was brought up Ordinarily the value of this counter is 1 However you can reconfigure ATCP and then cause ATCP to renegotiate This changes the performance characteristics for the link Negotiation Failures The number of times...

Page 398: ... in The number of ATCP configure rejects received from the peer Reject outs The number of ATCP configure rejects sent to the peer from the access server Terminates in The number of ATCP terminate requests received from the peer Terminates out The number of ATCP terminate requests sent to the peer from the access server Term Acks in The number of ATCP terminate acks received from the peer Term Acks...

Page 399: ... IPX Description Getting Started Hardware and Software Requirements Setting Up Your PC Setting Up the Network Access Server Summary of DECserver IPX Management Commands Modem Considerations Novell Client Server Operation Operational Checkout and Diagnosis Disabling IPX Frame Types Displaying IPX Characteristics Displaying IPX Status Displaying IPX Counters Displaying IPX Routes Resetting Counters ...

Page 400: ...cess server facilitates IPX client server communications between PC and NetWare file servers over the standard telephone line The remote node service provides the same functions and features to remote PCs as locally connected LAN users The main difference between the remote node connection and a local connection using Ethernet is the data transfer speed However dial in connections that use high sp...

Page 401: ...r can choose to activate a connection to the Novell network after login to the access server local user interface This allows the user to take advantage of other non IPX services from the access server before connecting to the Novell network The remote PC user can automatically connect to the Novell network after login Login and or PPP password authentication is configurable For PPP password the P...

Page 402: ...te node access to a Novell network through a network access server Step Action 1 Determine your hardware software requirements Hardware and Software Requirements 2 Configure your PC Setting Up the Network Access Server 3 Configure your network access server Setting Up the Network Access Server 4 Check your configuration Operational Checkout and Diagnosis ...

Page 403: ...ftware communications vendor Novell NetWare workstation software for the PC Can be acquired from your Novell NetWare or third party remote node access software kit Novell NetWare utilities on the PC Can be acquired from your Novell NetWare or third party remote node access software kit Hardware Requirements The following hardware is required to run IPX PC with a high performance Universal Asynchro...

Page 404: ...ote node access software for installation and setup procedures Novell Workstation Software Novell NetWare workstation software or equivalent must be installed on your PC This makes it possible to establish and maintain IPX network connections Reference Refer to your Novell Installation Guide for Workstations and the documentation included with your PC remote node access software for more informati...

Page 405: ...cal LOGOUT PORT n Considerations When configuring IPX consider the following ALTERNATE SPEED is not applicable to the DECserver 90M and DECserver 90TL hardware Ignore warning messages FLOW CONTROL should match the flow control configured for the attached device For DECserver 700 8 or 16 port and DECserver 900TM 32 port flow control can be configured either CTS RTS or XON XOFF CTS is recommended Fo...

Page 406: ...to the Local Prompt Following modem connection the PC user will log in to the local interface with or without password authentication Then the user will have the option to activate PPP using user interface commands Activating PPP To configure the port with login password authentication required use the following commands Local CHANGE SERVER LOGIN PASSWORD xxxxxx Local CHANGE PORT n PASSWORD ENABLE...

Page 407: ...quired To configure a port with no login password authentication required use the following commands Local CHANGE PORT n PASSWORD DISABLE Local CHANGE PORT n AUTOBAUD DISABLE SPEED speed Local CHANGE PORT n DEDICATED PPP Local CHANGE PORT n DEFAULT PROTOCOL PPP Note With AUTOBAUD DISABLEd serial port speed must be explicitly configured for both the modem and the DECserver port Configuring the Port...

Page 408: ...command Local CHANGE PORT n LCP AUTHENTICATION DISABLE Passwords Both login password authentication and PPP PAP password authentication use the same password One or both can be enabled at the same time For PAP verification of the password is case sensitive If PAP is enabled the password must also be supported and configured using your remote node access software on the PC ...

Page 409: ...P Description COUNTERS Display the current values of the IPXCP counters STATUS Display the current values of the IPXCP counters and characteristics CHANGE SET DEFINE PORT n LCP Description ACFC Address and Control Field Compression for PPP datagram AUTHENTICATION Password authentication is enabled ENABLE Enable LCP DISABLE Disable LCP MAP Specifies characters that may not be sent in the clear MAXF...

Page 410: ...Display the current values for the IPXCP characteristics SHOW MONITOR PORT n IPXCP Description STATUS Display the values of the IPXCP counters and characteristics COUNTERS Display the values of the IPXCP counters CHANGE SET DEFINE PORT n IPXCP Description ENABLE Enable IPXCP DISABLE Disable IPXCP MAXCONFIGURE Number of times IPXCP sends configure request without ACK MAXFAILURE Number of times IPXC...

Page 411: ...y the RIP entries known to the server ROUTES Display the routes known by the server STATUS Display the counters RIP entries and routes CLEAR IPX Description RIP Clear all unique networks from the RIP database SAP Clear all the SAP service entries known to the server ZERO Description IPX COUNTERS Zero all IPX counters PORT n PPP COUNTERS Zero all PPP counters associated with port n CHANGE SET DEFIN...

Page 412: ...SET DEFINE IPX FRAME frametype NETWORK Description ipx net Specify explicit internal network number LEARN Learn internal network number from LAN DISABLED Internal network disabled CHANGE SET DEFINE IPX INTERNAL NETWORK Description ipx net Specify ipx net as the internal network number NONE There is no IPX address for the internal network ...

Page 413: ...xample it may be necessary to type a series of three carriage returns at a faster rate for a successful autobaud Modem DSR must be configured to cycle on modem hang up The access server port is configured to log out the port when DSR cycles making sure that the Novell network connection goes away when the PC user is finished Use the fastest modem available Error correcting modems that are currentl...

Page 414: ...ate The following table lists guidelines for setting the serial port baud rate UART Type Maximum Modem Speed Maximum Recommended Serial Port Baud Rate 8250 9600 Up to 9600 16450 9600 to 14400 9600 to 19200 16450 A 9600 to 14400 9600 to 19200 16550 Up to 28800 Up to 115200 ...

Page 415: ...mote node access software kit Step Action 1 Dial in to the network access server Activate your remote node access software on your PC so that a phone call is made to the access server 2 Log in to the DECserver If the dial in access server port requires login password authentication type carriage returns until you see the prompt then type your password followed by another carriage return 3 Activate...

Page 416: ... to facilitate logging in to a Novell fileserver If Novell packet burst is used specify a maximum of 3 for PB BUFFERS in NET CFG Using PB BUFFERS 3 may cause access server buffers to be depleted for PPP at the port causing poor performance In some cases it may be better to disable packet burst by defining PB BUFFERS 0 in NET CFG You can determine if packets are being dropped by the access server b...

Page 417: ...east one LAN frame should have a corresponding network number IPX should be enabled and the internal network should be defined with a unique network number Reference If you have problems with your dial in connection refer to the Network Access Server Problem Solving book If your PC has a problem establishing a modem connection or negotiating PPP protocol to the access server you can diagnose the p...

Page 418: ...Disabling IPX Using the DEFINE Command If you decide you no longer need IPX support you can disable IPX by using the following privileged command Local DEFINE IPX DISABLED Reinitialize the access server to have this command take effect ...

Page 419: ...ber can be automatically learned or explicitly configured By default all four frame types attempt to learn their network number by monitoring frames on the network Standard Ethernet This packet format is the standard Ethernet V2 packet format protocol type 8137 RAW802 This mode uses IEEE 802 3 format frames without an IEEE 802 2 LLC header This mode is often called raw 802 3 SAP802 This mode encap...

Page 420: ...al SHOW IPX CHARACTERISTICS IPX Characteristics IPX Enabled LAN Node Address 08002B24F2DD Internal Network 2B24F2DD LAN Frame ETHERNET LAN Network Learn LAN Frame RAW802 LAN Network Disabled LAN Frame SAP802 LAN Network Disabled LAN Frame SNAP802 LAN Network Disabled IPX Characteristics Display Fields The following table describes the fields in the IPX characteristics display Field Description IPX...

Page 421: ...he network through PPP A higher network number offered by the PC client takes precedence over the internal network number This number must also be unique It is recommended that the internal network number be used to limit the number of unique networks in the IPX Routing Information Protocol RIP database of fileserver and routers LAN Frame LAN frame types ETHERNET RAW802 SAP802 or SNAP802 LAN Netwo...

Page 422: ...scription IPX Status Enabled or Disabled RIP entries Number of current RIP networks known by the server SAP entries Number of current SAP services known by the server Route entries Number of current routing table entries LAN Frame The frame type Ethernet RAW802 SAP802 or SNAP802 LAN Network Learning The network number for the corresponding LAN frame has been configured to learn The access server i...

Page 423: ...CHE Packets Received 0 Packets Transmitted 0 Receive Discards 0 Transmit Discards 0 Overruns 0 Timeouts 0 RIP Requests Transmitted 0 Responses Transmitted 0 Requests Received 0 Responses Received 0 Requests Discarded 0 Responses Discarded 0 Request Resource Errors 0 Response Resource Errors 0 SAP Requests Transmitted 0 Responses Transmitted 0 Requests Received 0 Responses Received 0 Requests Disca...

Page 424: ...warded FORWARD CACHE Packets Received If there is no existing route to a destination network the packet is cached and a routing information request is sent out for the network This field shows how many such data packets have been received FORWARD CACHE Receive Discards The field shows how many discarded data packets were received for the cache FORWARD CACHE Overruns This field shows how many cache...

Page 425: ...equest Resource Errors Number of RIP SAP request packet resource errors RIP SAP Responses Transmitted Number of RIP SAP response packets transmitted RIP SAP Responses Received Number of RIP SAP response packets received RIP SAP Responses Discarded Number of RIP SAP response packets discarded RIP SAP Response Resource Errors Number of RIP SAP response packet resource errors Field Description ...

Page 426: ...FFFFF EEE8022 08002B24F2DD SAP0 1 0 EEE8023 FFFFFFFFFFFF EEE8023 08002B24F2DD RAW0 1 0 1BEAD017 000000000000 1BEAD017 08002B24F2DD ASYNC3 134 0 Local IPX Routes Display Fields The following table describes the fields in the IPX routes display Field Description Destination NetWare address of final destination Next Hop NetWare address of next hop in the transmission Interface Interface type for next...

Page 427: ...ERO Command Options The following table contains the options that you can use on the command line to reset specific counters or sets of counters Option Description ALL Zeroes server IPX counters IPX Zeroes server IPX counters PORT port list PPP Zeroes PPP port counters for the specified port including LCP and IPXCP counters ...

Page 428: ......

Page 429: ...ll the latest software image on the access server and all load hosts Read the release notes Know what devices and cables are connected at the various ports Enter the SET PRIVILEGED command for your port Check if the current values or default values are appropriate In This Chapter This chapter contains the following topics Dial Services Command Groups Checking the Current Server Settings Defining a...

Page 430: ...ed information about commands used in this chapter refer to the Network Access Server Command Reference Entering the SET PRIVILEGED command Before changing any other parameter make sure you have the authority to make such changes The SET PRIVILEGED command allows you to make changes that require special access At the password prompt type the privileged password DNAS does not echo the password as y...

Page 431: ...shows a typical access server configuration display Local SHOW SERVER Network Access SW Vx x for DSxxx xx BLxx xx ROM Vx x x Uptime 000 44 34 Address 08 00 2B 26 AA 99 Name WWDOCMC Number 0 Identification Circuit Timer 80 Password Limit 3 Console Port 1 Prompt Local Inactivity Timer 30 Queue Limit 100 Keepalive Timer 20 Retransmit Limit 8 Multicast Timer 30 Session Limit 64 Node Limit 200 Software...

Page 432: ...ou set take effect immediately but are replaced when the access server initializes Characteristics that you set using the CHANGE command take effect immediately and when the access server initializes The size of the dialer script modem strings is restricted by the amount of remaining unallocated NVRAM for the modem pool total of 256 bytes for 8 and 16 port servers and 512 bytes for 32 port servers...

Page 433: ...rings in a dialer script called dickens in order to set unique dialer characteristics Local DEFINE DIALER SCRIPT dickens COMMAND AT Local SET DIALER SCRIPT dickens INIT NONE Local SET DIALER SCRIPT dickens RESET NONE Local CHANGE DIALER SCRIPT dickens PREFIX DT Local DEF DIALER SCRIPT dickens RESET NONE Local SET DIALER SCRIPT dickens TIMEOUT NONE ...

Page 434: ...ermine how a port is configured before you begin making changes to that port Step Action 1 Are you defining the dialer script to the port for the first time If yes go to step 2 If no use the SHOW PORT n command to determine the current dialer script by showing the port optional If you assign a dialer script to a port that already has an assigned dialer script the access server overwrites the first...

Page 435: ...Limit 4 Forwards Switch None Type Ansi Default Protocol DIAL Default Menu None Dialer Script Generic_14400 Preferred Service CALL_HOME Authorized Groups 0 Current Groups 0 Enabled Characteristics Autoconnect Autoprompt Broadcast DSRlogout Failover Inac tivity Logout Input Flow Control Lock Loss Notification Mes sage Codes Output Flow Control PPP SLIP Verification Local Assigning a Dialer Script to...

Page 436: ...ALER SCRIPT dickens Local SHOW PORT 2 Port 2 Server user10_DS700 16 Character Size 8 Input Speed 57600 Flow Control XON Output Speed 57600 Parity None Signal Control Enabled Stop Bits Dynamic Signal Select CTS DSR RTS DTR Access Dynamic Local Switch None Backwards Switch None Name PORT_2 Break Local Session Limit 4 Forwards Switch None Type Ansi Default Protocol DIAL Default Menu None Dialer Scrip...

Page 437: ...ES LOCAL family of commands in usage and syntax The examples in this section show instances of using the SHOW command only The use of the LIST and MONITOR commands is implied since these commands produce similar results in the screen display They differ in the effect that they have on storage of data in VRAM and NVRAM Reference For more information on command line syntax see the Commands to Displa...

Page 438: ...ber 555 6766 Delay seconds 15 Mode PPP Username None Password None Local Showing Dialer Service Status Use the SHOW LIST MONITOR DIALER SERVICE service name STATUS command to display dialer service status These commands are similar to the SHOW SERVICES LOCAL family of commands in usage and syntax Example Show Dialer Status In following example port 10 is currently available the last phone number i...

Page 439: ...SY 11 Raymond Connect CONNECTED 9600 12 Available NO ANSWER 13 Jim Dialing No answer 14 Bob Waiting Local SHOW DIALER STATUS Display Fields The following table lists values for the status field in the SHOW DIALER display Status Meaning Initializing Sending dialer command and authorization strings Dialing Sending the phone number string Waiting Waiting for the expected response from mode Connected ...

Page 440: ...n 0 Local Modifying the Dialer Service Use the SET DEFINE CHANGE DIALER SERVICE dialer service name command to define the dialer service The dialer service name characteristic is a string of 1 to 16 characters The dialer service name must be unique to the server Before you create a new dialer service use the SHOW DIALER SERVICE command to verify that the new name does not conflict with that of an ...

Page 441: ...t dial service Variables ENABLED DISABLED PORTS One or more physical ports that are to offer this dial service NUMBER Indicates the allowable phone number s for use with this service Maximum length 48 characters Variables ONLY Default Means users may use any number within their security constraints and are prompted to enter a phone number when initiating a dialer session ONLY Designates the sole p...

Page 442: ...aximum length 1 to 16 characters May be entered either on the command line within quotes or at a prompt If PASSWORD is the last word on the command line the user is prompted for a password DNAS masks the password string upon entry MODE Indicates the type of session the dial service will create after successfully completing the modem connection Variables LOCAL LOGIN PPP SLIP Variable Definition LOC...

Page 443: ...database contains among other things the phone number s that the user is authorized to use on a dial back request Security Profile Information For more information about user security profiles see the user accounts information in the Determining Security Configuration section in Chapter 22 Interactive Dial Back Dial Service Example The following example shows how the user specifies a dialer servic...

Page 444: ...ROTOCOL PPP Local CHANGE PORT n ACCESS DYNAMIC Configuring Call Back To request a call back using a PPP client the access server s port must first allow the call back negotiation to be started This is done using the command Local CHANGE PORT n LCP CALLBACK ENABLED If the PPP client and the access server successfully negotiate the use of call back the access server will attempt to queue a dial requ...

Page 445: ...service name is specified that does not match an existing dialer service the call back will fail and an accounting event will be generated 7 Whether the phone number to be dialed comes from the PPP client or the dialer service definition the user making the request must be authorized to dial that number Likewise the user must be allowed to create sessions of the mode defined by the dialer service ...

Page 446: ......

Page 447: ...SecurID Local User Accounts Kerberos V4 In This Chapter This chapter contains the following topics Security Type Descriptions Common Terminology Across Security Realms Managing Kerberos Managing RADIUS Managing SecurID Managing Local Access Server Security Determining Security Configuration Managing Dial Up Access Security with AUTOLINK and AUTOLINK Authentication Specifying Other Security Feature...

Page 448: ... associate many other access server related parameters with a realm name The SHOW KERBEROS REALM realm name command displays all the assignable parameters for all Kerberos realms Realm definition and usage is the same for all other security methods supported by the access server as are the characteristics that realms allow the administrator to define RADIUS RADIUS Remote Authentication Dial In Use...

Page 449: ...fined parameters Once the password has been accepted its processing is analogous to the Kerberos method However the resulting authorization parameters with SecurID are the combination of the realm parameters and the port configuration parameters User Accounts User accounts provide a method of defining user name and password pairs and associated authorization parameters User account information res...

Page 450: ... set any current default realm name to be NODEFAULT Then assign another as DEFAULT Login Retries and Timeouts The access server allows you to configure the number of times to retry contacting a server before timing out a login attempt You can specify the maximum number of retries to potentially alternate authentication hosts Hosts are tried round robin fashion until the login attempt times out Eac...

Page 451: ...S Accounting The RADIUS security method supports logging of accounting information The accounting information is sent to what is called the accounting host by means of the accounting service port UDP Ports Each security method has a well known port or two that must be specified to the access server in order for the UDP connection to be established When you create a new realm it is not usable until...

Page 452: ...server Kerberos Host Requirements To use Kerberos authentication the access server must be able to communicate over the network with a host that functions as a Kerberos V4 key distribution center KDC The key distribution center is an ULTRIX or UNIX host that runs Kerberos software and contains a database of valid user names and passwords The access server does not authenticate using the Kerberos V...

Page 453: ...g the DNS Counters section in Chapter 7 Configuration of User Authentication The configuration of user authentication on the access server involves entering several commands shown in the examples in this section For details about command syntax refer to the Network Access Server Command Reference Case Sensitivity Kerberos user names instances realms and passwords are case sensitive Configuring Ker...

Page 454: ... the more secure Kerberos configuration The access server itself is registered in the realm finance acme com The access server user name is always rcmd while its instance is the same as its server name In previous example if the server name is LAT_08002B010203 then the Kerberos principal name is rcmd LAT_08002B010203 finance acme com The access server Kerberos password is the value of SECRET thisi...

Page 455: ...LOUT LAT TELNET SLIP PPP NOPRIV Port Configuration You need to configure user authentication on the access server on a port by port basis To enable the authentication on a given port you enter a command such as LOCAL DEFINE PORT 2 AUTHENTICATION ENABLED Example Sample SHOW PORT Command After enabling authentication on a port you can then display the port settings to verify that user authentication...

Page 456: ...inute To change the default number of invalid authentication attempts use the SET PASSWORD LIMIT command Example Authentication with a Complete User Name The following example shows a typical user authentication that uses the complete form of the Kerberos principal name This session assumes that the Kerberos administrator has entered your user name and password in the Kerberos database Username sm...

Page 457: ...om Local 469 Kerberos password has been changed Local Alternative Password Command Instead of the KPASSWD command you can also use the DEFINE KERBEROS PASSWORD COMMAND as described in the Network Access Server Command Reference User Authentication Counters This section describes the user authentication counters These counters display information that is useful for detecting problems Network Access...

Page 458: ... 0 00 52 32 Time since last user authentication failure never Time since counters last zeroed 1 01 50 28 Setting the User Authentication Counters to Zero The user authentication counters add up until you explicitly reset them To reset user authentication counters for the server to 0 use the following command Local ZERO SERVER AUTHENTICATION COUNTERS You can reset the user authentication counters f...

Page 459: ... default values for many attributes associated with RADIUS access and usage Each RADIUS realm points to its own associated RADIUS authenticating host and accounting host Minimal Setup for RADIUS The minimal configuration requires the following commands to set up the remote ports used for communication with the RADIUS server s These features must be assigned in order for any communication with a RA...

Page 460: ...at the system is to wait before repeating an authentication request to an alternate authentication server This command causes the realm name to be included as part of a user name sent to the RADIUS server Local CHANGE RADIUS REALM JONAS COM INCLUDE Realm name inclusion is used for RADIUS proxy authentication service Reference See the Network Access Server Command Reference for more information on ...

Page 461: ...values serve as defaults at the realm level This means that when a RADIUS user tries to login to the access server these values will be assigned to authorization attributes if the user entry in the RADIUS server s users file does not assign a value for the corresponding attribute If the user does not provide the attribute default in the realm and the corresponding attribute is not provided in the ...

Page 462: ...fied values for attributes having a corresponding representation in the port Permissions are from a DIGITAL vendor specific RADIUS attribute The following is a list of RADUIS permissions For each of the these attributes the default is NOxxx or DISABLED Value Description Login LAT TELNET depending on the Login Service attribute or DEFAULT PROTOCOL value in PORT Framed PPP SLIP depending on the Fram...

Page 463: ...he specified protocol Telnet rlogin LAT Framed Delivers a network framed protocol connection PPP SLIP Callback Login Callback Framed Administrative User Delivers a NAS prompt with automatic privilege status NAS Prompt Delivers the NAS user interface Callback NAS Prompt Session Timeout Indicates the maximum number of seconds of service to be provided to the user before mandatory termination of the ...

Page 464: ...e special action The value 255 255 255 255 means that the PPP client should be allowed to negotiate the use of its local IP address via IPCP subject to the DECserver s subnet containment rules The value 255 255 255 254 means that PPP or SLIP client should be assigned the port s PPP address if one exists Nonspecial cases would equate to SET PORT SLIP HOST ADDRESS ip addr SET PORT IPCP HOST ADDRESS ...

Page 465: ...t Indicates the TCP or LAT port number to which the user is to be automatically connected Used in Access Accept packets Login LAT Service Indicates the LAT service name to which the user is to be automatically connected via LAT Used in Access Accept packets when the Login Service type is LAT Login LAT Node Indicates the node within the specified service to which the user is to be automatically con...

Page 466: ...data sent from the server to the client in an Access Challenge packet to be sent back to the server by the client in a new Access Request packet Needed to support challenge response forms of authentication Class Opaque data sent from the server to the client in a Access Accept packet to be sent to the accounting server by the client in a Accounting Request packet Needed to support RADIUS accountin...

Page 467: ...with a letter RADIUS Accounting Attributes Definition Acct Status Type One of the following types of accounting information Start Stop Accounting On Accounting Off Checkpoint Acct Delay Time The amount of relative time from the origination of the accounting information until the transmission or retransmission of the accounting packet Acct Input Octets The number of bytes received on the port durin...

Page 468: ...f authorization attributes Acct Authentic An indication of the means of authentication for this user RADIUS Local the DECserver User Data Base Remote the DECserver Kerberos or SecurID client Acct Session Time The number of seconds for which the service was delivered to the user Session Timeout Login Port Idle Timeout Login LAT Service Framed Protocol Login LAT Node Framed IP Address Login LAT Grou...

Page 469: ...rID utilizes two types of hosts master and slave When setting up a SecurID realm specify the master host by using the command SET PRIMARY host name You can specify the slave host using the command SET HOST host name Although the access server does allow you to configure multiple slave hosts you should not do this Using the SECRET Keyword The SECRET in the SecurID REALM is not specified by the user...

Page 470: ...LOCAL CHANGE SECURID REALM realm name This command defines and initializes a new SecurID realm LOCAL CHANGE SECURID REALM JONAS COM AUTHEN HOST ip addr Optional Setup for SecurID The commands in the following example can be used to configure additional security parameters for SecurID The commands in these examples will define a SecurID accounting node define the maximum timeout period for SecurID ...

Page 471: ...lt does not specify one or more authorization attribute SecurID User Authorizations Optional authorizations can come from the SecurID user description which is defined specifically for a particular SecurID implementation It is possible to define realm defaults within the access server The ultimate value for an authorization attribute may come from one of three sources the SecurID the realm default...

Page 472: ...ort configuration can supply its specified values for attributes having a corresponding representation in the port Permissions are DIGITAL vendor specific The following is a list of SecurID permissions For each of the above attributes the default is NOxxx or DISABLED DIALOUT NODIALOUT LAT NOLAT TELNET NOTELNET SLIP NOSLIP PPP NOPPP PRIVILEGED NOPRIVILEGED level of DECSERVER command ...

Page 473: ...alm Realm names must be unique within a given type of authentication In the case of the server realm the realm name indicates local or NAS authentication The SET DEFINE CHANGE CLEAR PURGE REALM realm name command family sets up and tears down the various realms used to identify particular administrative domains Example Setting the Server Realm In the following example the command defines a new ser...

Page 474: ...ws the existing local server security database Example Showing RADIUS Characteristics The following example shows the resulting display for the SHOW RADIUS CHARACTERISTICS command LOCAL SHOW RADIUS Retransmit Interval 00 00 01 Retransmit TimeOut 00 00 20 Authentication Service Port 1645 Account Service Port 1646 Realm XXX YYY XXX COM Realm Inclusion EXCLUDE Prompt Password Secret Entered Accountin...

Page 475: ...red Primary Host 16 20 55 66 Authorization Defaults Access INTERACTIVE Forced Callback DISABLED Max Connect 00 08 00 00 DialOut Service DIAL28800 DialBack Number 555 1234 DialOut Number Any Permissions DIALBACK DIALOUT LAT TELNET SLIP PPP NONPRIVILEGED NOPRIVILEGED Example Showing the Server Realm LOCAL SHOW SERVER REALM Realm local NAS Max Fails 3 Authorization Defaults Access INTERACTIVE Forced ...

Page 476: ...ion Defaults Access INTERACTIVE Forced Callback DISABLED Max Connect 00 08 00 00 DialOut Service DIAL14400 DialBack Number 555 1234 DialOut Number Any Permissions LAT TELNET SLIP PPP DIALBACK DIALOUT Displaying Security Summary To show the security summary use the SHOW SECURITY SUMMARY command This command displays all of the currently configured security realms It provides a subset of the data pr...

Page 477: ...he resulting display for this command for a port that was authenticated LOCAL SHOW PORT 7 AUTHORIZATION Port 7 user1 Server DECSERVER1 Username user1 finance_realm Access LOCAL Forced CallBack DISABLED Max Connect 00 08 00 00 DialOut Service DIAL14400 Remaining Time 00 00 33 24 Framed IP Address 16 22 33 44 Login IP Host 16 20 22 33 Login LAT Service LATSERVICE Login Service Type LAT Login Port 15...

Page 478: ...e password authentication requirement is independent of how you configure port characteristics PORT AUTHENTICATION and LCP AUTHENTICATION To use AUTOLINK authentication you need to set the DEFAULT PROTOCOL and DEDICATED SERVICE for the port to use the AUTOLINK protocol and then enable the AUTOLINK AUTHENTICATION port characteristic Activating AUTOLINK The port begins the AUTOLINK search protocol w...

Page 479: ...ication enabled in the ENABLED CHARACTERISTICS section Specifying an Authentication Method The following table describes the authentication method used when you enable AUTOLINK AUTHENTICATION and specify an LCP authentication method and an interactive authentication was not already performed prior to LCP negotiation LCP Authentication Results PAP USERNAME PC clients that connect immediately using ...

Page 480: ... passes to determine the authentication style and the protocol of the user session 1 If authentication is required the first pass determines the authentication style Either PPP authentication or character cell authentication can be used You can set the timer for the first pass to be between 10 and 60 seconds If no authentication is required AUTOLINK determines the session style 2 If there has been...

Page 481: ...imit is initiated If a user authenticates successfully in a terminal window or a script a single carriage return or a lapse of a user set timeout AUTOLINK PASS TWO produces a local prompt The user or the script can enter C PPP or C SLIP to begin framed operation Using a Login Script If you use a login script on the remote client your script must include the following Stage Description 1 The script...

Page 482: ...CONNECT for that port AUTOCONNECT is not cleared when the dedicated service is cleared Kerberos Requirement For Kerberos the server name must be unique When you specify any LAT or Telnet resource to be a dedicated service the host or service name node name and port name are limited to 16 characters each LAT Protocol Requirement To set a LAT service as a dedicated service the default protocol must ...

Page 483: ...o set SERVER LOGIN PASSWORD and PORT PASSWORD SERVER LOGIN PASSWORD defines the password for the access server PORT PASSWORD enables the login password on a particular port A single login password is used for the whole access server although the password is enabled on a port by port basis This password is most likely to be useful when you wish to reserve access to a terminal located in a public pl...

Page 484: ...nd line you receive an error message To reset the default ACCESS specify ACCESS on the command line or ACCESS at the Password prompt Specifying PASSWORD LIMIT The PASSWORD LIMIT characteristic specifies the following The number of times that a port user with the PASSWORD and or AUTHENTICATION port characteristic enabled can incorrectly enter the login password before the port is automatically logg...

Page 485: ...ess Server Security 22 39 Specifying Other Security Features Example Changing the Server Password Attempt Limit The following example shows how to change the password limit to 6 Local CHANGE SERVER PASSWORD LIMIT 6 ...

Page 486: ......

Page 487: ... facility is the logging of events related to user access These events can be useful to support audit trails billing capacity planning and connection trouble shooting In This Chapter This chapter contains the following topics Accounting Description What Events Are Logged When Events Are Logged Managing Accounting Using the Accounting Console Logging Feature ...

Page 488: ...ing Log Size section in this chapter and if set to zero no logging will occur The log file can be viewed as a circular buffer with entries added in chronological order When the end of the buffer is reached a newly created entry will overwrite the oldest existing entry Since the access server offers limited mass storage preserving the accounting information requires the use of the console logging f...

Page 489: ...Log Entry Type Event Time Port ID Port Acc ess Peer Rea son Tx Rx User Port Login X X X X X Port Logout X X X X X X Session Connect Attempt X X X X X X X X Session Discon nect X X X X X X X X X Kerberos Pass word Fail X X X X Privilege Pass word Fail X X X X Mainte nance Pass word Fail X X X X Login Pass word Fail X X X Remote Pass word Fail X X X SNMP Commu nity Fail X X X X ...

Page 490: ... X X X X Login Pass word Modified X X X X User Privilege Level Modified X X X X SNMP Commu nity Mod ified X X X X Remote Pass word Modified X X X X Field Description Event Provides the ability to distinguish the event type The valid event types are listed in the previous table Time Current server system uptime when entry was created Log Entry Type Event Time Port ID Port Acc ess Peer Rea son Tx Rx...

Page 491: ...ination physical port the connection is made to If no port is available the port field will be zero Note If a connection is created from a physical or remote console port to a Telnet listener or LAT service on the same server two session connect events will be logged one for the local access from the source port and one for the remote access to the destination port Two disconnect events will also ...

Page 492: ...a TN3270 session the protocol type may appear as TELNET for the connect event and TN3270 for the disconnect event For an AUTOLINK session the protocol may appear as AUTOLINK for the connect event and either AUTOLINK SLIP or PPP in the disconnect event depending on what protocol was used last SNMP Community Fail SNMP_IP representing SNMP over IP Access The access type either Local or Remote Field D...

Page 493: ...d will be the service name Remote Access The remote node s IP address followed by the remote TCP port number PING Whatever you type following the PING command For example PING NODE1 peer is NODE1 PING NODE1 finance acme com peer is NODE1 finance acme com MOP maintenance password fail event The Ethernet address of the remotely connected device SLIP The peer field is SLIP PPP The peer field is PPP A...

Page 494: ... sum of all the session disconnect Tx Rx fields during the life of a login from the Tx Rx values in the logout event will yield the Tx Rx count of bytes sent and received while the user was in local mode User This field is a variable length string as follows Login Events When authentication is enabled on the port this field will contain the entire Kerberos user name string for example jones financ...

Page 495: ...on connect is being attempted either user initiated or dedicated All attempts are logged whether they are successful or not Session Disconnect Events Session disconnect events are logged when a session connect attempt fails or when an existing session is terminated There is always an associated session connect attempt event Use the disconnect reason or bytes Tx Rx to determine whether the connecti...

Page 496: ...user does a SET PRIV command and successfully provides the privilege password at the Password prompt If the user is already privileged the event is still logged SNMP Community Modified Events SNMP community modified events are logged whenever a user adds or deletes an SNMP community string on the access server They are also logged if an existing community s access capabilities are modified SET SNM...

Page 497: ...Valid values for the LOGSIZE variable are 0 4 8 16 32 64 128 256 and 512 units are kilobytes If the accounting component cannot allocate the specified amount of memory at the time of initialization the value displayed for LOGSIZE in the SHOW ACCOUNTING CHARACTERISTICS display will be set to zero If this occurs define a smaller value for LOGSIZE This characteristic can only be modified with a DEFIN...

Page 498: ...th wrapping and when the specified points in the buffer are reached notifications are sent These notifications are in the form of SNMP traps Example Changing the Accounting Threshold The following example shows the use of the DEFINE ACCOUNTING THRESHOLD command Local DEFINE ACCOUNTING THRESHOLD EIGHTH Changing the Accounting Console Use the DEFINE ACCOUNTING CONSOLE command to display accounting e...

Page 499: ...isplay the current values of the accounting variables Example Displaying Accounting Characteristics The following example shows the display that appears when you use the SHOW ACCOUNTING CHARACTERISTICS command Local SHOW ACCOUNTING CHARACTERISTICS Accounting Characteristics Threshold None Log Size 128K Console Logging Disabled ...

Page 500: ... 13 Port 3 Username smith Event User Privilege Level Modified Time 0 26 12 44 Port 3 Username smith Event Session Connect Attempt Time 0 26 15 04 Port 3 Sessid 1 Protocol LAT Access Local Username smith Peer CLUSTER1 Event Session Disconnect Time 0 26 15 50 Port 3 Sessid 1 Protocol LAT Reason NORMAL TX 345 bytes RX 216 bytes Username smith Event Login Password Modified Time 0 27 13 51 Port 3 Usern...

Page 501: ...port you can connect to the port and view the console messages remotely LAT Remote View of the Accounting Log The following example shows the commands necessary to remotely view the accounting log messages with a LAT service and loopback connector on port 16 of the access server Local CHANGE PORT 16 ACCESS REMOTE Local CHANGE PORT 16 AUTOBAUD DISABLED SPEED 57600 Local CHANGE SERVICE ACCTREMOTE PO...

Page 502: ...cal CHANGE TELNET LISTENER 2001 PORT 16 Local CHANGE TELNET LISTENER 2001 CONNECTION ENABLE Local CHANGE SERVER CONSOLE 16 Local CHANGE PORT 16 AUTOBAUD DISABLED SPEED 57600 From a remote UNIX system the command is replace x x x x with your server s IP address TELNET x x x x 2001 This will cause the accounting events to be displayed on the remote screen To log the events to a file type the followi...

Page 503: ...ct This Device To This DECserver Model 90M or 90TL 8 Port 900TM 32 Port 700 16 Port 700 8 Port Use This Cable and Adapter Hardware Terminal printer with MMJ port BN24H xx cable H8575 A adapter and BC16E xx cable Terminal printer with DB25 male port H8575 A adapter and BN24H xx cable BC17D xx 10 wire cable or BC22D xx 6 wire cable Terminal printer with DB9 male port H8575 B adapter and BN24H xx cab...

Page 504: ...pter and BC16E xx cable Modems using RI DCD DSRS DTR signals typically 9600 baud with DB25 female port H8585 AB adapter and BN25G xx cable BC22E xx 10 wire cable or BC22F xx 25 wire cable Modem using CTS DSR RTS DTR signals typically 9600 baud with DB25 female port H8585 AC adapter and BN25G xx cable BC22E xx 10 wire cable or BC22F xx 25 wire cable Non DIGITAL systems with DB25 male ports reverse ...

Page 505: ... in the access server directory on the load host that contains executable code Address Resolution Protocol See ARP American National Standards Institute See ANSI ANSI American National Standards Institute This organization compiles and publishes computer industry standards ARP Address Resolution Protocol The Internet protocol that enables a host or a gateway to dynamically map or translate an Inte...

Page 506: ...n trap An SNMP trap message that is sent to each community with TRAPS enabled whenever an unauthorized Internet host tries to access the access server or when an Internet host uses an unauthorized SNMP GET or GETNEXT message autobaud The process by which the access server automatically determines the line speed and other characteristics of a terminal attached to one of its ports autoconnect A feat...

Page 507: ...r transmits virtual circuit messages client server Internet The model of interaction in a distributed system in which a program at one site sends a request to a program at another site and awaits a response The requesting program is called a client the program satisfying the request is called the server command line recall and edit A feature that allows the user to recall and edit previously enter...

Page 508: ...in the user s current session such as during a file transfer or during a block mode transfer where the terminal sends a screen of data to the host application DECnet The DIGITAL networking software that uses the DIGITAL Network Architecture DNA on both local area networks LANs and wide area networks WANs DECnet node address A unique numeric identification required for each DECnet node assigned by ...

Page 509: ... level domain is com for commercial institution As the example shows domain names are written with the most local label first and the topmost domain last Domain Name System See DNS downline loading The process of sending the access server image from a load host to a access server DSR Data Set Ready A control signal that is used to inform whether or not a communications device is ready to transmit ...

Page 510: ...oup codes LAT Group codes are integers ranging from 0 to 255 They are assigned to LAT services access servers and access server ports heartbeat A signal generated by certain Ethernet transceivers The signal verifies that the collision detection circuitry is operational host A multiuser computer host initiated request LAT A connection request from a computer asking a access server to initiate a ses...

Page 511: ...ess The 32 bit address assigned to computers that participate on an Internet using the TCP IP protocols Internet Bootstrap Protocol See BOOTP Internet Control Message Protocol See ICMP Internet gateway A computer that connects two or more networks and passes packets between them In Internet computers called gateways provide all interconnections among physical networks Gateways route packets based ...

Page 512: ...live timer This timer determines the length of time that a balanced circuit remains inactive Kerberos An authentication service that enhances security in an open network It was developed as part of Project Athena at Massachusetts Institute of Technology Project Athena is a software development project that facilitates communication among file servers and workstations in a distributed network envir...

Page 513: ...al model that consists of rules that specify the actual format and sequence of the messages used for communication between LAT nodes LAT service A resource on the LAT network learned data Data entered into a access server database by DNS Contrast with local data load host A computer on the same LAN as the access server that is used to downline load the access server image to the access server A lo...

Page 514: ...IB Management Information Base A listing of variables that can be accessed by SNMP MOP Maintenance Operation Protocol A maintenance protocol specified in the DIGITAL Network Architecture DNA that is used to implement the Remote Console Facility and to perform downline loads upline dumps and loopback tests MTU Maximum Transmission Unit This specifies the IP datagram size in bytes multicast A proces...

Page 515: ...rforms certain functions and can be accessed by devices such as access servers and computers NMS Network Management Station Host computer system with software which allows manager to monitor and control networked devices including access servers from one location Typically refers to system which uses SNMP to communicate but may use other protocols node A network system consisting of a computer sys...

Page 516: ...d through initializations power losses and port logouts Contrast with permanent database OSF 1 An Open Software Foundation trade mark operating system for DIGITAL VAX computers packet The basic Ethernet network message unit transmitted by the data link layer which is made up of a preamble and a data stream permanent database The access server database that contains the values that define the perma...

Page 517: ...d write memory integrated circuit IC Random Access Memory See RAM RCF Remote Console Facility A OpenVMS host function that allows connections to the access server remote console port realm An administrative domain within Kerberos in which users are registered and within which they can be authenticated by passwords release notes A text file that can include any of the following special instructions...

Page 518: ...er is ready to exchange control signals or data secure port A port set up so that the port user only has access to a limited subset of the nonprivileged user command set secure status A restrictive status that can be imposed on a port to limit the execution of commands on that port to a subset of the nonprivileged command set server A hardware and or software device which provides many users with ...

Page 519: ...ultaneously regardless of which session is current Simple Network Management Protocol See SNMP SLIP Serial Line Internet Protocol This protocol uses a simple framing technique to transmit IP datagrams over serial lines SLIP host An Internet host that uses SLIP as its data link SNMP Simple Network Management Protocol An Internet protocol that is used to manage systems from one or more Internet host...

Page 520: ...h TCP and IP are the two most fundamental TCP port This is a protocol port number used by TCP IP For access servers this number is mapped to a physical access server port number TD SMP Terminal Device Session Management Protocol An asynchronous coded syntax used by the access server and a terminal to manage independent multiple terminal sessions simultaneously over a single physical circuit See se...

Page 521: ...sage sent by the agent in this case the access server to one or more designated Internet hosts TSM Terminal Server Manager Software that runs on a OpenVMS host system TSM allows a manager to monitor and control multiple access servers from one location The access servers must be connected to the same Ethernet LAN as the OpenVMS host system TTL Time To Live This is a value that shows the time that ...

Page 522: ... another host User Datagram Protocol See UDP virtual circuit A logical communications path between a access server and a service node A virtual circuit provides a bidirectional sequential timer based error free stream of data WAN Wide Area Network A network composed of computers connected by communications links that cover distances up to many thousands of miles Contrast with LAN Wide Area Network...

Page 523: ... counters 17 10 to 17 11 status 17 16 summary 17 22 initialization 5 1 5 4 Internet address 15 5 LAT network 17 2 location 11 33 managing 17 1 as a LAT node 12 16 mapping 6 16 memory 2 3 17 3 modem signals 10 3 network configuration 1 2 NUMBER characteristic 6 12 port configuration 1 2 PPP protocol 19 2 realms 22 27 removing queue entries 11 9 security 22 1 22 27 SLIP configuration 1 3 user privil...

Page 524: ...11 35 Bad AppleTalk routes display 8 13 Bad Responses 7 10 Bandwidth 17 2 BINARY characteristics 11 21 BOOTP protocol 4 12 BOOTP server 7 25 BOOTP TFTP protocols 4 2 Break BRK 11 23 13 12 BREAK characteristic 11 36 BROADCAST characteristic 2 6 11 37 to 11 38 command 5 7 ALL 11 38 Broadcast errors 8 8 Bytes received 7 22 15 14 sent 15 14 transmitted 7 22 C Cache AppleTalk status display 8 11 CCR 2 ...

Page 525: ...2 12 Console Carrier Request CCR 2 10 Console port 2 1 2 6 changing 2 6 remote 2 12 4 3 CSLIP automatic 15 13 CTS 10 3 10 5 10 9 to 10 10 10 18 to 10 19 20 8 CTS FLOW CONTROL 9 11 enabling 9 11 D Data Carrier Detect DCD 10 3 to 10 5 Data communication equipment DCE 10 2 Data set ready DSR 10 3 to 10 5 Data signal rate selector DSRS 10 4 10 6 Data terminal equipment DTE 10 2 Data Terminal Ready DTR...

Page 526: ...9 10 DSR DTR support 10 4 DSRLOGOUT 9 13 10 7 10 10 11 11 Device characteristic 9 2 Enabling 9 13 DSRS 10 4 10 6 10 9 10 12 to 10 13 DSV CONFIG 4 2 DSV CONFIGURE 4 2 to 4 3 4 7 compatibility 4 3 executing 4 3 DSV CONFIGURE LIST command 4 5 DSV CONFIGURE COM location 4 3 DTE 10 2 DTR 10 3 to 10 5 10 7 10 9 10 11 to 10 12 10 18 10 20 DTR DSR support 10 3 DTRWAIT 10 11 10 18 enabling 10 11 Dump chara...

Page 527: ... 7 1 22 7 configuring 7 16 defining available hosts 7 17 defining available subnets 7 17 Internet configuring 7 16 GET 16 2 GETNEXT 16 2 Group codes 11 4 H Help 2 1 2 5 4 8 command 2 5 HELP TUTORIAL command 1 4 2 5 On line accessing 1 4 example 2 5 Hop Count Errors 8 8 Hosts 2 7 gateway access 7 17 IBM Terminal emulation 18 4 Internet configuring 7 13 load commands 4 4 configuring 4 4 DECnet Phase...

Page 528: ... INTERRUPTS characteristic 13 6 INTERVAL command 22 14 IP address 2 12 15 3 IP characteristics autoconfiguration 7 27 IP Error in Header 7 23 IP fragmentation 15 7 IP Fragments Dropped 7 23 IP Fragments Received 7 22 IP Packets Received 7 22 IP Packets Transmitted 7 22 IPCP 19 5 19 7 IPX 1 3 20 1 20 5 counters 20 25 setting 20 29 routes 20 28 IPXCP 20 2 K KDC 22 6 22 8 22 11 Keepalive timer 7 1 7 ...

Page 529: ...V CONFIGURE 4 6 example 4 6 Load hosts 21 1 commands 4 4 DECnet OSI OpenVMS 4 3 Initialization 5 5 management 1 3 procedures 4 2 Local ACCESS characteristic 9 5 Local access 23 5 23 7 Local Area Transport LAT 1 3 LOCAL SWITCH characteristic 11 36 LOCAL prompt 4 8 LOCK characteristic 2 6 11 39 Login events 23 8 to 23 9 RADIUS attributes 22 16 retries 22 4 LOGOUT commands 10 19 11 14 11 40 PORT 11 1...

Page 530: ...ristic learned 7 8 local 7 8 NBP 8 8 NCL 4 6 NCL SHOW command 4 5 NCP 2 7 to 2 8 5 4 NCP SHOW NODE 4 5 Network AppleTalk status display 8 11 Network communications LAT 1 3 17 2 TCP IP 1 3 Network configuration 11 4 Network Control Program NCP 2 8 Network Management Station NMS 16 1 NEWLINE characteristics 11 24 13 13 Next Hop AppleTalk routes display 8 12 NMS 16 1 to 16 2 16 9 configuring 16 10 No...

Page 531: ... Point to point protocol PPP 1 3 Port characteristics character size 11 10 device characteristic matching 9 6 displaying 17 24 to 17 25 LOSS NOTIFICATION 11 10 parity 11 10 remote modification 11 10 speed 11 10 TN3270 18 20 to 18 21 Port Failover disabling 11 7 Port field 23 5 Port name assigning 12 4 Port queuing characteristic 11 7 disabling 11 8 enabling 11 7 Ports ACCESS DYNAMIC 13 5 captive 3...

Page 532: ...22 13 user authorizations 22 14 user permissions 22 16 User Service Type attribute 22 16 Reacquiring AppleTalk status display 8 10 Realms defining SecurID 22 25 Kerberos 22 6 local setting 22 27 SecurID 22 24 to 22 25 Reason field 23 7 Receive Packets Lost 15 14 Received 7 22 Registering AppleTalk status display 8 10 Remote ACCESS characteristic 9 5 AppleTalk ARP display 8 14 Remote access 23 5 23...

Page 533: ...s authentication 22 10 RADIUS 22 2 attributes 22 16 servers 22 13 realms secret 22 4 Security server 22 5 Segments Discarded 7 22 Send Packets Lost 15 14 Send Packets Queued 15 14 Serial line internet protocol SLIP 15 1 SERVER keyword 4 4 Server name 4 4 Server queue limit characteristic 11 8 Server name keyword 4 4 Service Announcement 6 16 Service connections characteristic 11 8 Service groups 2...

Page 534: ...Simple network management protocol SNMP 16 1 Slave host 22 23 SLIP protocol 11 6 15 1 22 16 23 6 to 23 7 communications 15 1 compressed 15 13 connecting 15 12 CSLIP 15 13 dedicated ports configuring 15 9 displaying characteristics 15 4 hosts 15 1 15 3 15 8 Internet address 15 5 modems 15 10 packet forwarding 15 3 ports 1 2 configuration 1 3 SLIP hosts Internet address 15 5 SMI 10 3 10 5 10 13 SNMP...

Page 535: ... protocol 11 6 22 37 Telnet remote console 2 7 2 11 5 4 initialization 5 4 port connections number allowed 2 12 Telnet remote console port characteristics 2 12 Telnet sessions 11 4 interactive devices configuring 11 11 Terminal device session management protocol TD SMP 11 13 Terminal Server Manager TSM 2 8 Terminal sessions 15 11 TERMINAL type characteristic 11 27 TEST INTERNET 11 44 TFTP protocol...

Page 536: ...nds 2 3 SHOW LIST MONITOR commands 2 3 User interface 1 2 3 1 configuration 1 3 User privilege level modified events 23 10 V VERIFICATION characteristic 11 39 Disabling 11 39 Volatile Random Access Memory VRAM 2 3 VRAM 1 5 2 3 W Wildcards using in command line 4 6 Will Binary 11 49 Will Echo 11 49 Will End of Record 11 50 Will Remote FLOW CONTROL 11 50 Will SGA 11 49 Will Status 11 49 Will Termina...

Reviews:

No comments

Related manuals for Digital NetRider

Waves Linear-Phase MultiBand Software Audio Processor User Manual preview
Linear-Phase MultiBand Software Audio Processor
Brand: Waves Pages: 27
Olympus Master 4.1 Operating Instructions Manual preview
Master 4.1
Brand: Olympus Pages: 149
I-Data ReRouter Installation & Operator’S Manual preview
ReRouter
Brand: I-Data Pages: 79
Autodesk LANDXPLORER 2011 - SYSTEM REQUIREMENTS Manual preview
LANDXPLORER 2011 - SYSTEM REQUIREMENTS
Brand: Autodesk Pages: 3
Nortel SCS User Manual preview
SCS
Brand: Nortel Pages: 41
Nortel BayStack 380-24F Getting Started preview
BayStack 380-24F
Brand: Nortel Pages: 76
Nortel Attendant PC Software User'S Manual preview
Attendant PC
Brand: Nortel Pages: 176
Nortel Express Call Center User Manual preview
Express Call Center
Brand: Nortel Pages: 638
Nortel Symposium Web Center Portal Installation And Administration Manual preview
Symposium Web Center Portal
Brand: Nortel Pages: 710
Internet Security Systems RealSecure User Manual preview
RealSecure
Brand: Internet Security Systems Pages: 126
Extron electronics MS9200P User Manual preview
MS9200P
Brand: Extron electronics Pages: 124
AVG RESCUE CD - FOR WINDOWS V 85.2 User Manual preview
RESCUE CD - FOR WINDOWS V 85.2
Brand: AVG Pages: 83
AVG ANTI-VIRUS BUSINESS EDITION 2011 - REV 2011.01 User Manual preview
ANTI-VIRUS BUSINESS EDITION 2011 - REV 2011.01
Brand: AVG Pages: 128
Solid State Logic One Stop Vocal Processing Plug-in Vocalstrip User Manual preview
One Stop Vocal Processing Plug-in Vocalstrip
Brand: Solid State Logic Pages: 21
Autodesk 18506-091462-9305 - Architectural Desktop 2006 Update Manual preview
18506-091462-9305 - Architectural Desktop 2006
Brand: Autodesk Pages: 290
Autodesk 00128-051462-9310 - AUTOCAD 2008 COMM UPG FRM 2005 DVD User Manual preview
00128-051462-9310 - AUTOCAD 2008 COMM UPG FRM 2005 DVD
Brand: Autodesk Pages: 2268
Olympus 141670 - DS 330 Digital Voice Recorder Instructions Manual preview
141670 - DS 330 Digital Voice Recorder
Brand: Olympus Pages: 76
MACROMEDIA BREEZE-USING THE BREEZE PUBLISH WIZARD Use Manual preview
BREEZE-USING THE BREEZE PUBLISH WIZARD
Brand: MACROMEDIA Pages: 32

Brands by name

Popular brands

Load more brands