Lucent Technologies PortMaster 4 Configuration Manual Download Page 175 | Manualshive

Page: 175 / 191

background image

Networking Concepts

A-7

Using Naming Services and the Host Table

Using Naming Services and the Host Table

Naming services are used to associate IP addresses with hostnames. Many networks use
the Domain Name System (DNS) or the Network Information Service (NIS) for mapping
hostnames to IP addresses. Both services are used to identify and locate objects and
resources on the network. To use DNS or NIS, you must specify the IP address of the
name server during the configuration process.

The PortMaster enables you to specify an internal host table, which can be used in
addition to DNS and NIS. The host table allows each unique IP address to be aliased to a
unique name. The host table is consulted when a port set for host access prompts for the
name of the host. The table is used to identify the IP address of the requested host. If the
user-specified hostname is not found in the host table, then NIS or DNS is consulted.

Note – The internal host table should be used only when no other host mapping
facility is available. Using the host table only when necessary reduces confusion and the
amount of network maintenance required.

Managing Network Security

PortMaster products allow you to maintain network security using a variety of methods.
Security is a general term that refers to restricting access to network devices and data.
To enable security features, you must identify sensitive information, find the network
access points to the sensitive information, and secure and maintain the access points.

PortMaster security methods include

•

Callback for remote access users

•

Assignment of local passwords before connections are established

•

Access control filters for host connections

•

Inbound and outbound packet filtering

•

IP packet filtering by protocol, source and destination address, and port

•

IPX packet filtering by source and destination network, node, and socket

•

SAP filtering

•

PAP and CHAP authentication protocols for PPP connections

•

Password security for administrative access

•

Remote Authentication Dial-In User Service (RADIUS) or PortAuthority™ RADIUS
support

•

ChoiceNet filtering

Each of these security methods is described in more detail in this guide. All or some of
these security methods can be configured as you configure the system-wide parameters
and each interface. RADIUS, PortAuthority RADIUS, and ChoiceNet are described
briefly in the next sections.

PortAuthority RADIUS must be purchased separately.

✍

«
...
173
174
175
176
177
...
»

Summary of Contents for PortMaster 4

Page 1: ...PortMaster 4 Configuration Guide Lucent Technologies RemoteAccessBusinessUnit 4464 WillowRoad Pleasanton CA94588 925 737 2100 800 458 9966 March1999 950 1426A...

Page 2: ...erty of their respective owners Disclaimer Lucent Technologies Inc makes no express or implied representations or warranties with respect to the contents or use of this manual and specifically disclai...

Page 3: ...es xviii Subscribing to PortMaster Mailing Lists xviii 1 Introduction PortMaster Software 1 1 Preconfiguration Planning 1 2 Setting the View 1 3 Configuration Tips 1 3 Basic Configuration Steps 1 4 2...

Page 4: ...ng a Default IP Pool 2 11 Resetting the IP Pool 2 11 Deleting Named IP Pools 2 11 Setting Address Ranges 2 12 Setting a Named IP Pool Gateway 2 13 Setting Named IP Pools in RADIUS 2 13 Setting the Dyn...

Page 5: ...ing SNMP Settings 3 13 Monitoring SNMP Alarms 3 14 4 Configuring an Ethernet Interface Overview of PortMaster 4 Ethernet Interfaces 4 1 Understanding Ether0 4 1 Understanding Ether1 4 2 Understanding...

Page 6: ...sers 5 3 Login Users 5 3 Configuring Settings for Network and Login Users 5 3 Setting a Password 5 3 Setting the Idle Timer 5 3 Setting the Session Limit 5 4 Configuring Network Users 5 4 Setting the...

Page 7: ...lephone Number 7 4 Setting the Username and Password 7 4 Setting the Protocol 7 4 Setting the Destination IP Address 7 5 Setting the Destination Netmask 7 5 Setting the IPX Network Number 7 5 Setting...

Page 8: ...or FTP Packets 8 9 Rule to Permit DNS into Your Local Network 8 10 Rule to Listen to RIP Information 8 10 Rule to Allow Authentication Queries 8 10 Rule to Allow Networks Full Access 8 10 Restrictive...

Page 9: ...the ISDN PRI Switch 10 7 Setting the Framing Format 10 8 Setting the Encoding Method 10 8 Setting the Pulse Code Modulation 10 9 Setting the Loopback 10 9 Setting the Directory Number 10 9 Configuring...

Page 10: ...1 Lines to T3 Channels 11 1 Setting the Clock Source 11 2 Setting the Clock Source for Each Synchronous Serial Line 11 2 Enabling Clocking on the Backplane 11 2 Setting T3 Mux Clocking 11 3 Performing...

Page 11: ...ection 13 2 Configuring Global Settings 13 2 Configuring Ethernet Interface Settings 13 2 Configuring the Synchronous WAN Port 13 3 Troubleshooting a Leased Line Connection 13 4 A Networking Concepts...

Page 12: ...Contents xii PortMaster Configuration Guide...

Page 13: ...This guide is designed to be used by qualified system administrators and network managers Knowledge of basic networking concepts is required PortMaster Documentation The following manuals are availab...

Page 14: ...twork Management Protocol SNMP RFC 1166 Internet Numbers RFC 1212 Concise MIB Definitions RFC 1213 Management Information Base for Network Management of TCP IP based Internets MIB II RFC 1256 ICMP Rou...

Page 15: ...ontrol Protocol BACP RFC 2138 Remote Authentication Dial In User Service RADIUS RFC 2139 RADIUS Accounting RFC 2153 PPP Vendor Extensions RFC 2328 OSPF Version 2 RFC 2400 Internet Official Protocol St...

Page 16: ...u option button or key or the name of a file directory or utility except in code samples Enter version to display the version number Press Enter Open the permit_list file Italic font Identifies a comm...

Page 17: ...ndia or Pakistan contact your local Lucent Remote Access sales channel partner For a list of authorized sales channel partners see the World Wide Web at http www livingston com International EMEA dist...

Page 18: ...ailing list is also available in a daily digest format To receive the digest send email to majordomo livingston com with subscribe portmaster users digest in the body of the message portmaster radius...

Page 19: ...nfigurations PMVision replaces the PMconsole interface to ComOS This application and other Java based configuration tools for the PortMaster are available via anonymous FTP at ftp ftp livingston com p...

Page 20: ...ur high speed lines use Frame Relay ISDN switched 56Kbps or PPP If you want dial on demand routing do you want multiline load balancing Do you want Multilink Point to Point Protocol PPP RFC 1717 Do yo...

Page 21: ...lot for the other Ethernet interfaces to activate configuration settings Except for the manager module for which the command line prompt displays no number the prompt indicates the view you are in For...

Page 22: ...ston com pub livingston software java See the PMVision online help for information on using PMVision 4 Configure the global settings PortMaster global settings are described in Chapter 2 Configuring G...

Page 23: ...tting up an L2TP tunnel to an L2TP compatible router See the PortMaster 4 Command Line Reference for information on the L2TP commands 13 Configure OSPF if you are using this protocol OSPF is described...

Page 24: ...Basic Configuration Steps 1 6 PortMaster 4 Configuration Guide...

Page 25: ...ress Pool on page 2 8 Setting the Reported IP Address on page 2 9 Configuring Named IP Pools on page 2 9 Setting the Dynamic Host Control Protocol DHCP Server on page 2 13 Displaying the Routing Table...

Page 26: ...mends using the Domain Name System DNS or Network Information Service NIS for hostname resolution rather than the local host table The PortMaster always checks the local host table before using DNS or...

Page 27: ...used for hostname resolution If you are using DNS or NIS you must set a domain name for your network To set the domain name of your network use the following command Command set domain String Setting...

Page 28: ...oses Setting the Loghost To set the IP address of the loghost the host to which the PortMaster sends syslog messages use the following command Command set loghost Ipaddress Note Do not set a loghost a...

Page 29: ...or the local0 through local7 facilities to receive syslog messages from PortMaster products but all the facilities are provided See your operating system documentation for information on configuring s...

Page 30: ...msm rac Use the save all command to save changes to nonvolatile RAM The chassis is identified as a PortMaster 4 by default Configuring Local IP Addresses The PortMaster 4 supports up to four internal...

Page 31: ...e second global local IP address if set 5 The third global local IP address if set 6 The fourth global local IP address if set 7 The IP address of Ether1 8 The IP address of Ether0 Main IP Address Whe...

Page 32: ...8 54 6 Use the show global command to view local IP addresses Configuring an IP Address Pool You can dynamically assign IP addresses to PPP or SLIP dial in users By assigning addresses as needed from...

Page 33: ...ely identifies an IP pool By identifying an IP pool by name instead of by base IP address you can use a single name for an entire network system but assign different base IP addresses for each network...

Page 34: ...ed in the RADUS user profile and the Quad T1 or Tri E1 board s assigned range is set to 0 0 0 0 and a default IP pool is configured in the pool table the PortMaster assigns the user an address from th...

Page 35: ...Whenever you make changes to the IP pool table you must reset the pool for the changes to take effect Command reset ippool Resetting the IP pool causes the PortMaster to convert address ranges into s...

Page 36: ...ay 0 0 0 0 add to livermore Although the output to this command indicates a range size of 256 address as specified by the 24 netmask only 254 of these addresses are available to be assigned to users T...

Page 37: ...assigned a default gateway address no crossbar IP address is used and the PortMaster consults the forwarding table The default gateway functions as a crossbar IP address See the PortMaster 4 Command...

Page 38: ...P server Command set dhcp server address Note ComOS does not support DHCP requests over Ethernet nor requests from a PortMaster 2Ei or a PortMaster ISDN Office Router OR U used for dial up How the Cab...

Page 39: ...the source is 192 168 33 10 3 The PortMaster 4 forwards the request to the DHCP server by substituting the IP address of the DHCP server 10 66 98 96 for the broadcast destination address Internet 10...

Page 40: ...llowed by the set debug 0x81 command See the PortMaster Troubleshooting Guide for debugging information To disable DHCP reply information enter the following command Command set dhcp server 0 0 0 0 Th...

Page 41: ...ic Route for IP A static route for IP contains the following items Destination The IP address prefix of the host or the number of the IPX network to which the PortMaster will be routing Netmask The st...

Page 42: ...g the packet through the gateway to the specified destination Ticks The time required to send the packet to its destination Ticks are measured in 50ms increments The ticks metric is used in addition t...

Page 43: ...s because it has no provision to include a netmask Therefore if you set a static netmask in the netmask table the PortMaster collapses the route to that boundary instead and broadcasts a host route wi...

Page 44: ...routers Command set Ether0 address 192 168 206 X for some value of X Command set gateway 192 168 206 Y where Y points at your gateway Command add netmask 192 168 207 0 255 255 255 224 Command add net...

Page 45: ...heck feature in ComOS you must first configure call check user entries on the RADIUS 2 1 server Otherwise the PortMaster issues a busy signal to every call See the RADIUS for UNIX Administrator s Guid...

Page 46: ...ter denies access with an Invalid Login message If no user table entry exists for the user and port security is off the PortMaster passes the user on to the host defined for that port using the select...

Page 47: ...filter the PortMaster refuses service with an Access Denied message If the access override parameter is set on the port the PortMaster instructs the user to authenticate himself even though the defau...

Page 48: ...PortMaster Security Management 2 24 PortMaster 4 Configuration Guide...

Page 49: ...anging information between the SNMP manager and an SNMP agent The SNMP agent returns values for Management Information Base MIB variables that can be changed or queried by the SNMP manager The agent g...

Page 50: ...protocol data units PDUs The master agent processes the PDUs and forwards them to appropriate subagents The subgents are responsible for processing the data The master agent and the subagents can oper...

Page 51: ...chy As shown in Figure 3 1 the OID for the Livingston MIB is 1 3 6 1 4 1 307 Figure 3 1 Management Information Base MIB Hierarchy Figure 3 2 shows the tree structure of the private Livingston portion...

Page 52: ...ger queries the agents by means of OIDs Each OID uniquely identifies a single MIB variable For example the OID 307 3 2 1 1 1 2 0 returns the port name for port C0 and the OID 307 3 2 1 1 1 2 1 returns...

Page 53: ...ble 3 2 PortMaster Serial Interfaces MIB Table Object Definition livingstonSerialIndex Unique value for each serial interface livingstonSerialPortName Text string containing the name of the serial int...

Page 54: ...nSerialifDescr Text string containing information about the network interface bound to the serial interface livingstonSerialInOctets Total number of octets received on the serial interface livingstonS...

Page 55: ...ing Configured line framing Line framing types include the following Extended superframe ESF 1 D4 2 Cyclic redundancy check CRC4 3 Frame Alignment Signal FAS 4 livingstonT1E1Encoding Configured line s...

Page 56: ...mProtocol Error correcting protocol being used in the modem livingstonModemCompression Compression being used in the modem interface livingstonModemInSpeed Estimate of the modem interface s current in...

Page 57: ...ents In all other cases this object must return none 1 livingstonAMCEUName Username of the dial in user This object returns the valid username when the event type is servicechanged 4 or namechanged 5...

Page 58: ...status of the call on a given modem port This table can also be used to take appropriate action to terminate the session livingstonAMPortVTSModemBoard Specifies the modem board number for the given s...

Page 59: ...ary MIB Table Object Definition livingstonPMBrdCallSumBrdId Board ID used as an index into the call summary table The valid board IDs are the numbers of the physical slots that hold T1 or E1 boards 0...

Page 60: ...ing commands Command set snmp on off Command save all Command reboot Setting SNMP Read and Write Community Strings Community strings allow you to control access to the MIB information on selected SNMP...

Page 61: ...specification of read and write hosts allows another level of security beyond the community strings If SNMP hosts are specified each host attempting to access SNMP information must not only possess th...

Page 62: ...interfaces from the command line interface enter the following command Command show alarms The output of this command lists alarm messages and associated alarm identification numbers For details about...

Page 63: ...nd descriptions and instructions You can also configure the PortMaster 4 using the PMVision application for Microsoft Windows UNIX and other platforms supporting the Java Virtual Machine JVM PMVision...

Page 64: ...e IP Control Protocol IPCP the PortMaster 4 uses the following order of precedence when choosing an IP address to identify itself 1 The Local IP address configured in the user profile if set 2 The glo...

Page 65: ...st listen v2 broadcast multicast on v1 compatibility Refer to the PortMaster 4 Command Line Reference for a description of the keywords in this command Refer to the PortMaster Routing Guide for a disc...

Page 66: ...you must configure an IP address and netmask and set broadcast on the Ethernet interfaces on those boards as well See Configuring Standalone Ethernet Boards on page 4 8 To set or change the IP address...

Page 67: ...PortMaster Ethernet ports If the setting has been changed you must enable IP on the Ethernet interface of all PortMaster products attached directly to a local Ethernet Disable IP traffic on Ethernet p...

Page 68: ...four commonly used IPX encapsulation and frame types shown in Table 4 1 The encapsulation method and frame type were selected when your IPX network servers were installed The IPX frame type you set o...

Page 69: ...configure the primary Ethernet interface before adding subinterfaces See Setting General Ethernet Parameters on page 4 3 for details After you configure the primary Ethernet interface follow this proc...

Page 70: ...Ether1 Before You Begin Before a standalone Ethernet board can function you must configure an Ethernet interface on the manager module Configure Ether1 or Ether0 see Overview of PortMaster 4 Ethernet...

Page 71: ...set 7 The IP address of Ether1 8 The IP address of Ether0 Main IP Address When the PortMaster creates an IP packet it must identify itself by placing a source address in the IP header To do so the Por...

Page 72: ...nk state metric by using the cost Number keyword and value The Number metric is a 16 bit number between 1 and 65535 the default is 1 Refer to the PortMaster Routing Guide for more information about OS...

Page 73: ...guring Network Users on page 5 4 Configuring Login Users on page 5 8 Note Only 100 to 200 users can be configured in the user table and stored in the nonvolatile memory of the PortMaster Therefore use...

Page 74: ...hem The username is a string of from 1 to 8 printable nonspace ASCII characters The optional user password is a string of from 0 to 16 printable ASCII characters You cannot add users with blank userna...

Page 75: ...er in pmd rlogin Telnet or netdata TCP clear connections through an asynchronous serial or ISDN port A connection is established to the specified host as soon as the user logs in This type of connecti...

Page 76: ...command Command set user Username protocol slip ppp x75 sync If you set a nonzero IP address for the user IP is automatically routed If you set a nonzero IPX network number for the user IPX is automat...

Page 77: ...etween the remote user device and the PortMaster Each user s connection requires a different IPX network number If you use fffffffe as the IPX network number the PortMaster assigns the user an IPX net...

Page 78: ...ission unit MTU defines the largest frame or packet that can be sent without fragmentation A packet that exceeds this value is fragmented if IP or discarded if IPX PPP connections can have a maximum M...

Page 79: ...me compression on off Table 5 2 describes the results of using each keyword To find out what type of compression was negotiated for the user enter the following command Command show S0 Setting Filters...

Page 80: ...ined in the user table To specify the callback location for a network user use the following command Command set user Username dialback Locname none To disable callback connections for the user use th...

Page 81: ...rmines the nature of their connection with the host The login service specifies how login sessions are established Four types of login service are available as described in Table 5 4 Table 5 4 Types o...

Page 82: ...to establish a login session to the specified host Generally rlogin is used on mixed UNIX networks where the PortMaster login service is impractical to use telnet Telnet is supported on most TCP IP ho...

Page 83: ...upports any of these connection types using one or more synchronous ports For most applications a dedicated line connects two PortMaster routers each located on a separate remote network The following...

Page 84: ...ing the View To configure a synchronous serial line as a WAN port you must first set the view to the slot containing the board for the line that you want to configure To set the view enter the show bo...

Page 85: ...modem dialing or authentication In this mode the port immediately begins running the specified protocol If the port is set for a hardwired connection it cannot be used for any other purpose A hardwir...

Page 86: ...ys asserted Table 6 2 describes the effects of DCD condition on port behavior Set modem control on only if you want to use the DCD signal from the attached device In general set modem control on for n...

Page 87: ...l Setting the Port Idle Timer The idle timer indicates how long the PortMaster waits after activity stops on a synchronous port before disconnecting a dial in or dial out connection You can set the id...

Page 88: ...destination IP address for Frame Relay connections Instead use the data link connection identifier DLCI list to link IP addresses to DLCIs or use LMI or Annex D and Inverse ARP to discover Frame Relay...

Page 89: ...eased lines or Frame Relay Routing is set in the user table for dial in connections and in the location table for dial out connections To configure RIP routing use the following command Command set W1...

Page 90: ...mand set W1 ofilter Command reset W1 Command save all Note You must reset the port and re establish the connection for the new settings to take effect Setting Compression You can set Van Jacobson TCP...

Page 91: ...onsole interface to ComOS Configuring the Location Table A location defines a dial out destination and the characteristics of the dial out connection Locations control dial out network connections in...

Page 92: ...ial out location for each remote host or router you want to access Location table entries are identified by this unique location name which can contain up to 12 characters To create a location use the...

Page 93: ...adcast the PortMaster dials out to that location when it boots to update routing information The PortMaster hangs up when the idle timer expires because RIP traffic does not reset the idle timer To co...

Page 94: ...nd set location Locname telephone String Setting the Username and Password The username and password are what the PortMaster uses to authenticate itself to the remote host Note that the username and p...

Page 95: ...ng the Destination Netmask If the host or network on the remote end of the connection requires a netmask you must define it in the location table To set the destination netmask for a location use the...

Page 96: ...ed from 0 to 99 Dial group numbers can be used to reserve ports for dial out to specific locations or to differentiate among different types of modems that are compatible with the remote location The...

Page 97: ...S data compression only for PPP connections with bidirectional compression Stac LZS data compression cannot be used for SLIP connections To configure compression for a location use the following comma...

Page 98: ...more information on ISDN connections see Chapter 10 Configuring T1 E1 and ISDN PRI Setting CHAP When you enter a username and password into the location table they are used as the system identifier a...

Page 99: ...t with the least amount of traffic in the queue Ports with very different speeds must not be combined for load balancing purposes The overall throughput for a given number of ports is approximately eq...

Page 100: ...To set the high water mark in bytes for a location use the following command Command set location Locname high_water Number Setting Filters You can attach input and output filters to each location Fi...

Page 101: ...connection with the remote location by using the dial command from the command line To display the chat script if you are using one during dialing use the optional x keyword You can watch the connecti...

Page 102: ...Testing Your Location Configuration 7 12 PortMaster 4 Configuration Guide...

Page 103: ...ava Virtual Machine JVM PMVision replaces the PMconsole interface to ComOS The FilterEditor application provides a graphical interface to construct and edit filters for both PortMaster 4 Remote Access...

Page 104: ...ace filter are displayed while packets not permitted by the filter are not displayed For more information about the ptrace facility see the PortMaster Troubleshooting Guide Filter Options Table 8 1 sh...

Page 105: ...network hardwired ports as either input or output filters SAP filters are attached as output filters only The Ethernet interface filter is enabled as soon as the name of the input or output filter is...

Page 106: ...he volume of traffic User filters are attached to users configured for dial in SLIP or PPP access When a user makes a PPP or SLIP connection the designated filters are attached to the network interfac...

Page 107: ...as ping packets report errors and provide other information about IP packet processing You can filter ICMP packets by source and destination IP address or by ICMP packet type Packet types are identifi...

Page 108: ...ays Source and or destination IPX network number Source and or destination IPX node address Source and or destination IPX socket number To create an IPX filter rule use the following command entered o...

Page 109: ...ning IP filters Some of the following examples use the 192 168 1 0 network as the public network Substitute the number of your network or subnetwork if you use these examples Note Any packet that is n...

Page 110: ...8 permit tcp dst eq 53 Command set filter internet in 9 permit icmp Table 8 3 describes line by line each rule in the filter 5 Permits FTP data to return to the requesting host This rule is required t...

Page 111: ...ng connections from TCP port 20 of your FTP server In the following examples 172 16 0 2 is the address of your FTP server and 192 168 0 1 is the address of the host from which you allow outgoing FTP C...

Page 112: ...p dst eq 113 For more information about these types of queries refer to RFC 1413 Rule to Allow Networks Full Access To allow some other network to have complete access to your network add the followin...

Page 113: ...ter restrict in 8 permit 0 0 0 0 0 10 0 0 3 32 udp dst eq 53 Command set filter restrict in 9 permit 0 0 0 0 0 10 0 0 3 32 tcp dst eq 53 Command set filter restrict in 10 permit 0 0 0 0 0 10 0 0 3 32...

Page 114: ...ter the connection is established 4 If the address is not permitted the connection is denied unless access override is enabled If you want a user to be able to override a port s access filter enable a...

Page 115: ...and descriptions and instructions Because the PortMaster is a DTE device a straight through RS 232 cable is used to connect modems to it Straight through cables for modems use pins 2 3 4 5 6 7 8 and 2...

Page 116: ...se hardware flow control RTS CTS Using Automatic Modem Configuration PortMaster products use a modem table to automate the external modem configuration process The modem table is user configurable and...

Page 117: ...a caret to separate the send and expect characters in the string In the example above the PortMaster expects OK Never use on or off for a modem short name Table 9 1 shows the current factory default...

Page 118: ...C1 D2 Q3 T5 W OK multizdx MultiTech Z DX fax data v 32 115200 AT F ATM0 E1 C1 D3 SB115200S0 1S10 20 E0 W0 multi v34 MultiTech MT2834 28 8k 115200 AT F AT C1 D3S0 1 W0 multi v34 MultiTech MT2834 28 8k...

Page 119: ...escribed in Configuring Ports for Modem Use on page 9 5 To configure the modem not to answer when users dial in set C0 0 in the initialization string Configuring Ports for Modem Use The modem settings...

Page 120: ...speed use the following command entered on one line Command set C0 all speed 1 2 3 Speed You can substitute any of the following for Speed You can set the speed for all the asynchronous ports simulta...

Page 121: ...for a modem use the following command Command set C0 rts cts on off Note Because it is more reliable you should always use hardware flow control if it is available Do not use both hardware and softwar...

Page 122: ...Configuring Ports for Modem Use 9 8 PortMaster 4 Configuration Guide...

Page 123: ...10 5 Configuring Fractional Settings on page 10 6 Configuring ISDN PRI Settings on page 10 7 Configuring True Digital Modems on page 10 10 Configuring Channelized T1 or E1 on page 10 11 Using NFAS for...

Page 124: ...page 10 3 Configuring the Quad T1 Boards on page 10 4 Configuring the Ethernet Interface Use the console port to log in to the PortMaster or log in as root and press the Return key twice to get to the...

Page 125: ...PMVision to continue the configuration process You can perform the following command line configuration via the console or by using Telnet Substitute your own information for variables 1 If you are n...

Page 126: ...emory Command save all Configuring the Quad T1 Boards To configure a Quad T1 board you set the view to the slot where the Quad T1 board is installed Substitute your own information for variables 1 Set...

Page 127: ...The board identification number is the same as the number of the slot in which the T1 or E1 board is installed Command show boards Use the following command to set the view to a slot with an installed...

Page 128: ...st also set the channel rate for a fractional T1 or E1 line Setting Channel Groups You can divide the channels of a T1 E1 or ISDN PRI line into numbered groups after the line type has been set to frac...

Page 129: ...set isdn switch ni 2 dms 100 4ess att 5ess net5 vn2 vn3 1tr6 ntt kdd ts014 Cgroup Group number from 1 to 63 that designates a port number on each T1 E1 or ISDN PRI line or none to unassign channels C...

Page 130: ...set the port type to network hardwired set the directory number for the port appropriately and reset the port Table 10 6 T1 and E1 Framing Format Options Option Description Line0 Line0 through Line3...

Page 131: ...following command Command set Line0 loopback on off Setting the Directory Number Normally a T1 or E1 line has a single telephone number However when the line is set up as ISDN B channels you can set a...

Page 132: ...require no configuration or initialization string Use the show M0 and show modems commands to display modem status Setting Digital Modems to Analog Service When analog modem service is required for d...

Page 133: ...vice on the Quad T1 board and channelized E1 service on the Tri E1 board Channelized T1 Service Channelized T1 service provides 24 channels of 56Kbps capacity each In contrast an ISDN PRI line provide...

Page 134: ...and call options used with channelized T1 use the following command Table 10 12 explains the in band signaling protocol options Command set Line0 signaling wink immediate fxs Configuring the PortMaste...

Page 135: ...or each line Command Slotnumber show Line0 Example Channelized T1 Configuration This example configures Line1 on a Quad T1 board for channelized T1 service using E M wink start extended superframe for...

Page 136: ...band see Configuring Line Use on page 10 5 To accept caller ID and dial digit tones use the mrf2 option Because some countries implement different variations of multifrequency robbed bit signaling MF...

Page 137: ...r show Line0 Using NFAS for ISDN PRI Non facility associated signaling NFAS is an ISDN PRI protocol that allows you to define one or two D channels to carry signaling messages for up to 20 T1 lines or...

Page 138: ...ndary interface in standby mode As call traffic commences on the T1 interfaces the primary D channel handles signaling messages for all channels in the interface group which typically include the prim...

Page 139: ...y one interface group and one type of signaling The four T1 interfaces on any Quad T1 line board cannot belong to different groups When you configure NFAS on one T1 interface the other T1 interfaces c...

Page 140: ...Save the configuration and reset the slot to make the changes take effect Command 0 save all Command 0 reset slot0 5 Change the view to the slot containing the line board you want to set as the secon...

Page 141: ...S Use the set debug nfas command to diagnose problems or errors during testing For example to receive debug information from the line board in slot 3 enter the following commands Command 2 set console...

Page 142: ...mmand 1 set line3 nfas slave 7 5 Command 1 save all Command 1 reset slot1 To take full advantage of NFAS you can configure three more Quad T1 boards as slave interfaces for a maximum of 20 interfaces...

Page 143: ...ype Using a Default Switch Type To configure the PortMaster 4 to communicate with an SS7 gateway using the default IMT switch type you set only the IP address and port number of the gateway and the Po...

Page 144: ...P port 7000 using a 1A switch enter the following commands Command set view 0 Command 0 set imt 192 168 10 10 10000 7000 1a Changed gateway IP address from 0 0 0 0 to 192 168 10 10 Changed gateway por...

Page 145: ...nes To view SS7 debug information for a Quad T1 or Tri E1 board set the view to the slot and enter the following commands Command 1 set console Command 1 set debug imt on For example the following sam...

Page 146: ...teway is active and a session is established use the show netconns command to display session information The following output to the show netconns command shows that slot 1 and slot 2 handles S2 and...

Page 147: ...8 10 10 and is listening for SS7 signaling on port 10000 Port 7000 on the PortMaster 4 is the IMT base port for both slot 0 and slot 1 Default Configuration Configure slot 0 set view 0 set imt 192 168...

Page 148: ...Configuring SS7 10 26 PortMaster 4 Configuration Guide Set line signaling on all lines you want to use for SS7 in slot 1 set line0 imt set line0 signaling rbs save all reset slot1...

Page 149: ...o zero NRZ DS 3 signaling A T3 Mux board can provide internal clocking or can receive clocking externally at a rate of 44 736Mbps The DS 1 clocking rate is 1 544Mbps You can install a T3 Mux board in...

Page 150: ...the installed Quad T1 board Command set view Slotnumber You can now use the set Line0 clock command to set the clock source You use the backplane keyword of this command to derive clocking from a T3 M...

Page 151: ...ock external internal Performing Diagnostics This section describes how to enable a PortMaster 4 to conduct loopback tests on a single DS 1 channel and on a T3 line Looping an Individual DS 1 Channel...

Page 152: ...Performing Diagnostics 11 4 PortMaster 4 Configuration Guide...

Page 153: ...interface to ComOS Overview of Frame Relay Frame Relay is a switched digital service that supports multiple virtual circuits simultaneously connected to a site by a single physical circuit Each site...

Page 154: ...bandwidth available to the particular PVC under all conditions In some implementations an additional property can be assigned to a PVC known as burst speed or maximum burst This speed represents the...

Page 155: ...port and specifying the DLCIs during the synchronous port configuration Alternatively the PortMaster can discover DLCIs dynamically with LMI or Annex D and learn the IP addresses of the other routers...

Page 156: ...routers attached to the PVCs represented by the specified DLCIs if those routers support Inverse ARP Alternatively you can specify single IP addresses or IPX network numbers by appending a colon and...

Page 157: ...th you must connect them to separate Ethernet segments Ether0 operates at 10Mbps and is physically on the manager board Use Ether1 for netboots SNMP RADIUS and syslog Follow this proceduG8e to configu...

Page 158: ...t view Slotnumber Command Slotnumber The slot number appears in the prompt to identify the board you are configuring 3 Set the network type Command Slotnumber set W1 network hardwired 4 Set the protoc...

Page 159: ...ery little trouble if you have configured the PortMaster using information from your carrier If you are having problems use the information in this section to debug your configuration If you are havin...

Page 160: ...e it with a dial group Then associate a synchronous port with the same dial group For example to create a location called sub1 enter the following commands Command add location sub1 Command set locati...

Page 161: ...ing Interface with the name of the interface A list of interfaces can be shown with the ifconfig command Always reset the port after changing the DLCI list Verify that all DLCIs are accounted for by c...

Page 162: ...Frame Relay Subinterfaces 12 10 PortMaster 4 Configuration Guide...

Page 163: ...s also require a carrier that provides an external clock signal PortMaster routers support leased line connections using synchronous ports and the PPP protocol In this configuration one PortMaster is...

Page 164: ...Ipaddress 2 Set the name of the PortMaster on the other end of the connection Command set sysname String 3 Save the configuration Command save all Configuring Ethernet Interface Settings Note Lucent...

Page 165: ...ard Setting the view for a specific board gives you administrative access to that board Command set view Slotnumber Command Slotnumber The slot number appears in the prompt to identify the board you a...

Page 166: ...r configuration If you have trouble with a leased line connection verify the following Enter the following commands to view the PPP negotiation on port W1 if this is the port you are using Command set...

Page 167: ...back Command set Line0 loopback on You should see the following message LCP_APPARENT_LOOP For more information about the interpreting the results of the debug command refer to the PortMaster Troublesh...

Page 168: ...Troubleshooting a Leased Line Connection 13 6 PortMaster 4 Configuration Guide...

Page 169: ...networks Novell Internetwork Packet Exchange IPX is another protocol used to exchange data over PC based networks IPX uses Novell s proprietary Service Advertising Protocol SAP to advertise special se...

Page 170: ...ng made obsolete by classless interdomain routing CIDR Instead of dividing networks by class CIDR groups them into address ranges A network range consists of an IP address prefix and a netmask length...

Page 171: ...ng a range from 192 through 223 inclusive The remaining 8 bits form the host field More than two million class C networks can exist and each class C network can have up to 254 hosts For example Class...

Page 172: ...can be used by anyone for setting up their own internal IP networks IP Address Conventions If the bits in the host portion of an address are all 0 that address refers to the network specified in the n...

Page 173: ...which network segment the node resides Node address expressed as dotted triplets of 4 digit hexadecimal numbers These 6 bytes 48 bits provide the media access control MAC address of the node The two e...

Page 174: ...5 255 255 255 for the user s Framed IP Netmask regardless of the value of the attribute ComOS 3 5 and Later Releases ComOS 3 5 and subsequent releases support variable length subnet masks VLSMs theref...

Page 175: ...maintenance required Managing Network Security PortMaster products allow you to maintain network security using a variety of methods Security is a general term that refers to restricting access to net...

Page 176: ...authentication requests to the RADIUS server and acts on responses sent back by the server For more information about RADIUS refer to the RADIUS for Windows NT Administrator s Guide and RADIUS for UN...

Page 177: ...1 TCP FTP control telnet 23 TCP Telnet smtp 25 TCP Simple Mail Transfer Protocol SMTP email nicname 43 TCP whois Internet directory service nicname 43 UDP whois Internet directory service domain 53 TC...

Page 178: ...ity printer 515 TCP Line printer daemon LPD spooler talk 517 TCP Terminal to terminal chat talk 517 UDP Terminal to terminal chat ntalk 518 TCP Newer version of Terminal to terminal chat router 520 UD...

Page 179: ...S save all 6 8 10 13 10 15 save route 2 18 set 2 2 set accounting 10 4 set all modem 9 5 set all speed 9 6 set assigned_address 2 8 10 4 set authentic 10 3 set C0 modem 9 5 set C0 rip v2 4 3 6 7 7 6 s...

Page 180: ...signaling 10 12 10 13 10 14 10 15 set line0 source 11 2 set Line0 t1 10 6 set Line0 t1 e1 13 3 set line1 isdn 10 4 set line1 nfas slave 10 18 set line2 group 10 7 set location analog 10 10 set locati...

Page 181: ...user session limit 5 4 set view 1 3 10 3 10 5 11 2 set W1 address 6 6 12 6 set W1 annex d 12 4 12 6 set W1 cd 6 4 12 6 13 4 set W1 destination 6 6 13 3 set W1 extended 6 2 set W1 group 6 5 set W1 han...

Page 182: ...Command Index Command Index 4 PortMaster 4 Configuration Guide...

Page 183: ...g Information table MIB 3 9 Board Call Summary table MIB 3 11 board identification number 6 2 10 5 12 6 13 3 boundaries of networks 2 19 of routes 2 20 broadcast high and low 4 4 broadcast address set...

Page 184: ...2 11 DHCP server cable modem telephone interface 2 13 setting 2 16 dial 6 5 dialback See callback dial groups 6 5 7 6 dial in configuration tip 1 3 dial in users maximum ports 5 6 dial on demand conne...

Page 185: ...out 7 10 FTP 8 9 hardwired port 8 8 ICMP packets 4 4 input 4 3 5 8 6 7 7 10 8 3 Internet 8 8 IP 8 4 IPX rules 8 6 location filters 8 4 logging results 8 11 maximum number 8 2 network access 8 10 outpu...

Page 186: ...ype 10 22 using default switch type 10 21 in pmd 1 1 2 22 in band signaling E1 10 12 T1 10 12 See channelized T1 and channelized E1 initialization strings 9 3 intermachine trunk See IMT Internet input...

Page 187: ...P IP header compression 7 7 testing 7 11 username 7 4 loghost setting 2 4 login host 5 8 login users adding to the user table 5 2 description of 5 3 See also user table loopback enabling on T1 or E1 l...

Page 188: ...description 5 3 protocol 5 4 See user table NFAS configuring 10 17 D channel backup 10 17 debugging 10 19 described 10 15 displaying 10 19 examples 10 19 fault tolerance 10 17 limitations 10 17 multi...

Page 189: ...7 7 1166 A 1 A 2 1213 3 1 1490 12 3 1597 A 4 1700 8 5 8 6 1826 8 5 1827 8 5 1877 2 3 2003 8 5 2139 A 8 988 A 3 RIP network users 5 6 on Ethernet 4 3 routing setting 7 6 synchronous ports 6 7 rlogin l...

Page 190: ...12 5 13 2 syslog messages 2 4 system logging disabling 2 4 messages 2 4 setting 2 4 T T1 and E1 Interfaces table MIB 3 7 T1 channel groups 10 6 T1 lines channel groups 10 6 channel rates 10 7 encodin...

Page 191: ...5 5 login host 5 8 login service 5 9 login users 5 2 maximum ports 5 6 MTU 5 6 packet filters 5 7 session limit 5 4 setting the protocol 5 4 TCP IP header compression 5 7 user types 5 2 utilities for...

Reviews:

No comments

Related manuals for PortMaster 4

Serial Servers Vlinx VESR9xx

Brand: B&B Electronics Pages: 61

x3655 - System - 7985

Brand: IBM Pages: 118

Brand: W&T Pages: 228

DocuColor 45087638

Brand: Xerox Pages: 28

Brand: Advantech Pages: 43

FusionServer 1288H V5

Brand: xFusion Digital Technologies Pages: 96

Brand: 3onedata Pages: 24

Brand: Gigabyte Pages: 86

Brand: Gigabyte Pages: 110

Brand: Gigabyte Pages: 173

Brand: Gigabyte Pages: 166

Brand: Gigabyte Pages: 134

Advanced Office-in-a-Box

Brand: Enconnex Pages: 40

Brand: DNP Pages: 136

T19 Hydro Server

Brand: BITMAIN Pages: 17

Serial Servers Vlinx VESR9xx

Brand: Vlinx Pages: 65

Codec Engine Server

Brand: Texas Instruments Pages: 36

Brand: Godex Pages: 31

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands