background image

Chapter 3 – Software  

MultiAccess Communications Server MA30120 User Guide                                                                             56

Network Setup 

The Network Setup menus consist of Interface, Routes, Masquerading, SNAT, and DNAT screens.  The 
Interface screen is used to set up two Ethernet interfaces with funtional IP parameters for your network or 
networks. Routes screen is used to define additional (network specific) IP routes. The Masquerading screen is 
used to hide private addresses behind public addresses. DNAT and SNAT screens are also used to hide 
private addresses, but with more control of a public access perspective (directional control). 

About the Interface Screen 

These settings are for setting the default gateway, host name, external name servers for the system, 
configuration of IP address, mask for the installed network cards, enabling/disabling Proxy ARP on each of 
the interfaces, configuring aliases for each of the interfaces. 

Configure the first Ethernet interface (Network Card 1) with the basic/primary network parameters. For 
example, change the IP address and subnet mask of eth0 to an available, static address that matches the 
network this MultiAccess is going to be used on, then click on the Save button. Confirm the pop up menu 
regarding the address change and wait approximately 1 minute for the parameter change to take affect. 
Then enter the new IP address in the Address bar of your browser and proceed to log back into the unit. 

Configure the remaining basic parameters; Defining the default gateway, adding at least one DNS server 
(this is used by the operating system to resolve names), and define a host name for the MultiAccess. 

It is not necessary to configure and connect the second Ethernet interface.  The intended use of the 
second network interface is for more advanced applications. Use of the second interface lends flexibility to 
separate applications, useful with private and public network implementations, provides an alternative 
means of network access and can aid in troubleshooting. It is acceptable to have both interfaces on the 
same network, as long as they have unique host addresses, or they can be on separate networks.  

 

Summary of Contents for MultiAccess MULTIACCESS MA30120

Page 1: ...MA30120 User Guide ...

Page 2: ...ndix B and includes software version 1 14 E 09 18 12 Updated RoHS Patents This device covered by one or more of the following patents 6 031 867 6 012 113 6 009 082 5 864 560 5 815 503 5 812 534 5 790 532 5 764 628 5 764 627 5 754 589 5 724 356 5 673 268 5 673 257 5 628 030 5 619 508 5 617 423 5 600 649 5 592 586 5 577 041 5 574 725 5 559 793 5 546 448 5 546 395 5 535 204 5 500 859 5 471 470 5 463 ...

Page 3: ...etup 21 User Authentication 28 Chapter 3 Software 32 Home and Logout Options 33 Administration 35 Networks Services 50 Network Setup 56 DHCP Server 66 Tracking 70 Packet Filters 71 User Authentication 75 Modem Setup 88 Statistics Logs 98 Line Interfaces 117 Chapter 4 Troubleshooting 129 Chapter 5 MultiAccess Maintenance 130 Chapter 6 Warranty and Service 131 Regulatory Compliance 133 Recording Mul...

Page 4: ...59 ASCII Conversion Chart 161 Appendix C How to Update 162 Menu Driven 162 Manual Method via Linux command line 162 Appendix D Waste Electrical and Electronic Equipment WEEE Statement 165 Appendix E Restriction of the Use of Hazardous Substances RoHS 166 Glossary 167 Index 178 ...

Page 5: ...y are manageable from remote locations using platform independent industry standard protocols Management MultiAccess includes robust management support allowing a network administrator to securely manage the devices either through a web browser or at the command line The browser based option uses the HTTPS protocol also know as SSL Secure Sockets Layer to provide 128 bit encryption to secure the m...

Page 6: ...and 128 BRI ISDN sessions Industry standard PPP client support PAP and CHAP authentication Secure graphical local or remote management using HTTPS or SSH Standard 19 rackmountable chassis 1U Two year warranty Ship Kit Contents The MultiAccess is shipped with the following 1 MultiAccess 4 power cords US Euro Austral UK 1 printed Quick Start Guide 1 Document CD 1 Recovery Image CD 2 Rack Mounting Br...

Page 7: ...LI 4 LEDs LA The LA Link Active indicates layer 1 is up LA blinks when Los of Frame Alignment LFA but not Loss of Signal LOS LC The LC indicates a red alarm LS The LS indicates a yellow alarm LED Description of Support Modem LEDs CD The CD Carrier Detect LED lights when the modem detects a valid carrier signal from another modem It is on when the modem is communicating with the other modem It is o...

Page 8: ...RJ 11 phone LINE jack a DB 9 COM1 jack a DB 15 High density DSUB VIDEO jack two USB Revision 1 1 compliant jacks four RJ 45 T1 E1 PRI line jacks and two Ethernet RJ 45 Ethernet 1 Ethernet 2 jacks The MultiAccess back panel is illustrated and described below Back panel The back panel components are described in detail in the Cabling Procedure section in Chapter 2 of this manual ...

Page 9: ...one Ethernet interface on the MultiAccess is used The IP address of the MultiAccess and the pool of IP addresses for the dial in users are of the same network and normally are public addresses The modems of the MultiAccess are configured for RAS usage PPP clients dial into the system authenticate via RADIUS and establish a LAN to Client PPP session remote note ...

Page 10: ...odem sharing and faxing for network workstations Workstations on the corporate LAN can be a Comm Port Redirector e g Multi Tech s WINMCSI for accessing MultiAccess s modems Authentication can be performed before granting access to the modem sharing resource providing another layer of security to your network s infrustructure If some or all the MultiAccess s modems are configured for faxing the Hyl...

Page 11: ...e Formats Extended Super Frame ESF 12 Frame Multiframe F12 4 Frame Multiframe F4 72 Frame Multiframe Remote Switch Mode F72 T1 Line Code AMI or B8ZS E1 Frame Formats Extended Super Frame ESF w CRC4 Extended Super Frame ESF w o CRC4 Double Fame E1 Line Code AMI or HDB3 Channelized T1 Channels 24 DSU CSU operation for T1 WAN service Frame Format Extended Super Frame ESF 12 Frame Multiframe F12 4 Fra...

Page 12: ...weak battery or incorrect setup Caution The Ethernet ports are not designed to be connected to a Public Telecommunication Network Safety Recommendations for Rack Installations Ensure proper installation of the MultiAccess in a closed or multi unit enclosure by following the recommended installation as defined by the enclosure manufacturer Do not place the MultiAccess directly on top of other equip...

Page 13: ... the Security Database i e user file in RADIUS server or Microsoft SAM Active directory with IAS and make sure users have dial in rights with framed protocol PPP attribute 3 Identify applicable network resources IP address of gateway default route DNS WINS RADIUS server s etc Identify the network MASK Identify available IP addresses determine the static IP address that is to be assigned to the Mul...

Page 14: ...is required connect an RJ 45 cable for each of the line connections being used 2 Connect a workstation to your local network connect one end of a RJ 45 cable to the Ethernet 1 jack on the back of the MultiAccess and the other end to the hub on your local network 3 For advanced users the Video and Keyboard connections are for manual intervention of the Operating System The default root level login ...

Page 15: ...keyboard to determine the current status of the system Five seconds after turning on power one beep is heard indicating a successful POST of the mother board next the BIOS detects the hard drive from which the Linux operating system and appropriate drivers are loaded 3 Bring up a Web browser on the workstation At the browser s address line enter https 192 168 2 1 and press the Enter key Important ...

Page 16: ...ion Use a safe password Your first name spelled backwards is not a sufficiently safe password a password such as xfT35 4 is better 2 If someone else is already logged onto the MultiAccess or you were logged in recently the following message displays At the prompt Do you want to log the user out Click Yes If you click No you are returned to the Login screen 3 The MultiAccess Communications Server W...

Page 17: ... Setup Defines the primary role of the modem RAS fax or network modem pool Statistics Logs View and download all the statistics and log files maintained by your system Line Interfaces Defines setup information of your PSTN lines Help Online Help Describes what to do on each screen Options Under Each Menu Home Administration Networks Services Network Setup DHCP Server System Update Logout Return to...

Page 18: ...Server MA30120 User Guide 18 Setup Your Time Zone 4 Click Administration on the menu bar The System Setup screen displays Set the System Time by selecting your Time Zone the current Day Month Year Hour and Minute Administration System Setup System Time ...

Page 19: ...xternal Name server window the IP address of your domain name server DNS 3 Click the Add button to connect to your name server 4 Change the default IP Address for the Network Card 1 to the IP address of your local network and change the default Subnet Mask for the Network Card 1 to the subnet mask for your local network Click Save 5 Change your web browser address to the new address of your local ...

Page 20: ...t for the screen to refresh 2 Use the various pull down menus to match the parameters of the Line Interface with the line provisioning information from your Telco Note A common provisioning issue is the type of framing format which the telco usually refers to as ESF But the MultiAccess gives you a choice of ESF or ESF with error correction Multi Tech recommends that you choose ESF with Error Corre...

Page 21: ...ial in PPP access you do not have to modify the default Modem Usage settings The default usage is RAS If you plan to use all or part of your MultiAccess modems for dial out you will have to change the Modem usage settings for the selected modems to one of the Modem Sharing options that best fit your needs If you plan to use some or all your modems for faxing you will have to change the Modem Usage...

Page 22: ... following the first ring message The Called Number information string of digits is provided by the central office switch and is commonly referred to as DNIS The MultiAccess does not support DNIS when the Line Interface type is T1 RBS Reverse Dial This parameter enables two features comma dialing and reverse dial mode When enabled the dial string can include the use of commas used to create a paus...

Page 23: ...6000 creating a first available pool starting with the lowest numbered tty port SSL Support is made available when the usage is Modem Sharing with Authentication This is only used with SSL capable Telnet Clients Site Certificate information needs to be configured appropriately Contact Multi Tech Tech Support for additional information Idle Timer seconds The Idle Timer upon expiring will hangup the...

Page 24: ...ss as a network fax server you need to set up the Modem Usage menu to support your configuration 5 Click on the Usage drop down arrow and select Fax 6 Click on the Modem up or down arrow and select the tty modem s for faxing You can choose multiple modems by holding down the shift key 7 Click on the Save button ...

Page 25: ...efined in the Modem Usage Setup field of the Modem Usage screen 1 Verify that the V 92 Setup parameters conform to your client s characteristics 2 Multi Tech recommends that you set Retrain Limit to 4 and due to compatibility issues seen with various modems you may wish to disable Quick Connect and V 8bis 3 If additonal modem commands are required refer to Appendix B Advanced Commands ...

Page 26: ...via the Hylafax Server requires the use of a Hylafax compatible Fax Client software e g Multi Tech s FaxFinder Client The General Fax Setup group is used to add Fax Clients to the Hylafax server The Fax Client must be installed on each workstation that you wish to send faxes from The Fax Client must use the credentials defined in the General Fax Setup group to submit faxes for sending The Fax Clie...

Page 27: ...termined by one of two routing methods A Route by Device what tty port the fax was received on B Route by Called Number number dialed by the remote sender Route by Device is a static delivery method where all faxes that are received on that particular port will be sent to the email address defined for that port 8 To deliver the fax based on the port device it was received on select the radio butto...

Page 28: ...Radius Server screens are only used when the Radius Server in the MultiAccess is going to be used Initially the Radius Server Default User Setup screen displays the default settings that are used for dial in network access Initially these default settings are all that you should need to authenticate a remote user Note When using the internal Radius Server you must use the IP address of network car...

Page 29: ...IUS Server Address 2 window Follow that by entering the port number of the backup Radius server in the third Port window Then enter the backup Radius Accounting host in the RADIUS Accounting Address 2 window followed by the port number for the backup host in the fourth Port window 10 Enter your Shared Secret for the Radius Server in the RADIUS Shared Secret window 11 In the Remote Host Address win...

Page 30: ...address of network card 1 eth0 in the Client window This IP address tells the Radius Server where the Radius Client is located 3 Enter the same Shared Radius Secret used in the Radius Client screen in the Shared Secret window The Shared Secret in the Radius Server and the Radius Server Secret in the Radius Client have to be the same in order for the two to communicate 4 You can enter an arbitrary ...

Page 31: ...s dialing in to the MultiAccess The User name and password of the remote user is all that is needed initially If you check or enable Service Type through IP Address windows you will over ride the Default User Setup 1 Enter the remote user s name in the Username window 2 Enter the password of the remote user in the Password window 3 The Authentication Type should remain at the default setting 4 Cli...

Page 32: ... protocol methods passwords and user database details Modem Setup Defines the primary role of the modem RAS fax or network modem pool Statistics Logs View and download all the statistics and log files maintained by your system Line Interfaces Defines setup information of your PSTN lines Help Online Help Describes what to do on each screen Options Under Each Menu Home Administration Networks Servic...

Page 33: ...ter 3 Software MultiAccess Communications Server MA30120 User Guide 33 Home and Logout Home and Logout Options Home This is the opening screen of the MultiAccess Communication Server Web Management software ...

Page 34: ...time out a prompt comes out saying Some body is already logged in Do you want to log the user out you respond with Yes and a new session is started The timeout period is set at Administration Web Admin Time before automatic disconnect If you change the Time before automatic disconnect you have to click the Save button for the new disconnect time to be active When you are done in Administration Web...

Page 35: ...nistration System Setup In the Administration section you can perform the general system based settings for the MultiAccess Communications Server functions System Setup includes general system parameters such as the email address of the administrator remote syslog host and the system time can be set through these settings ...

Page 36: ... of Notifications the MultiAccess Will Send System license key on expire from 10 days before expire SSH invalid login Not Web invalid login Works Intrusion Detection File System Integrity Intrusion Detection SNORT Network Intrusion Detection Backup backup file on export will be sent Update services system update completion Disk usage exceeding 70 disk usage exceeding 80 after cleanup Self monitor ...

Page 37: ... as the only prompt Once it is checked and saved SSH is enabled and the other options display SSH requires name resolution for the access protocol otherwise a time out occurs with the SSH registration This time out takes about one minute During this time it seems as if the connection is frozen or can t be established After that the connection returns to normal without any further delay Allowed Net...

Page 38: ...rnet protocol used to synchronize the clocks of computers to the same time source Clicking the SNTP Client check box enables the MultiAccess to act as a SNTP client SNTP Client Check the SNTP Client box to activate SNTP Client SNTP Server Address Enter the IP address of the SNTP Server for which the firewall will contact to synchronize its clock Then click the Save button ...

Page 39: ...n Available Networks Select the networks that will allow access to Web Admin The list includes those networks you entered under Networks Services Networks You can add and delete existing selections The MultiAccess will display an ERROR message if you try to delete access to a network that would cause you to lock yourself out or otherwise not make sense Allowed Networks As with SSH Any has been ent...

Page 40: ...esired time span in seconds after which you will be automatically disconnected from Web Admin if no operations take place After the initial installation the default setting is 3000 seconds The smallest possible setting is 300 seconds If you close the browser in the middle of an open Web Admin session without leaving Web Admin via Logout the last session stays active until the end of the time out I...

Page 41: ...of the contact for MultiAccess certificate data e g the MultiAccess administrator over the default myname mydomain com Firewall Host Address Enter the MultiAccess s host address Use the same address that you will use to access the Web Admin interface It can be one of the MultiAccess IP addresses Example If you access Web Admin with https 192 168 10 1 the MultiAccess Host Address must also be 192 1...

Page 42: ...o provide the IP address of the remote machine and appropriate user name and password Database Location Selects where the database is located Local or Remote If the database is located on this machine select Local If the database is located on a remote machine select Remote and provide the IP Address of the remote machine and the Username and Password Local Database Server Setup The Local Database...

Page 43: ...e specific configuration files that get backed up are listed in the file called backup located in the opt multi access data directory Backups will fail if this file is renamed or missing from this directory Local Periodic Backup If Local Periodic Backup is chosen the Time Interval can be selected as a daily weekly or monthly backup The number set in the Maximum Backups is the number of backups tha...

Page 44: ...he number of backups listed here Backups You can Get Restore and Delete backups To Restore a backup simply click on the Options Restore Your system will be restored from the file and rebooted To Delete a backup click on the Options Delete and the file is removed from your system For situations when you want to use the backup that is on the FTP server manually copy get the file and place it into th...

Page 45: ...can decide what actions are to be taken By default DOS attack minimum fragmentation checks port scans DNS attacks bad packets overflows chat accesses Web attacks will be detected and then the administrator is informed Apart from the above the user can configure user defined rules for intrusion detection Check the box to enable Network Intrusion Detection Then click the Save button User Defined Net...

Page 46: ... protocol i e TPC or UDP Service This selection allows you to choose the corresponding service The service must have been previously defined in the Services menu Select intrusion detection rules from the following dropdown list boxes Add After the rules are defined selected click the Add button The commands can be deleted by clicking Delete under the Command option ...

Page 47: ...y is used as a diagnostic tool to determine if a TCP IP communication path exists to a remote host The utility sends a packet to the specified address and then waits for a reply Host Specify the IP address or name of the other computer for which connectivity is to be checked Number of PINGS Select the number of pings You can choose 3 the default 10 or 100 pings Timeout Specify the duration to wait...

Page 48: ...cket filter on the MultiAccess not allowing the operation of Trace Route Host Specify the IP address host name of the other computer to test this tool Start Click the corresponding Start button to start the test A Sample Trace Route Log TCP Connect This system tool tests specific TCP ports for availability between the source MultiAccess and destination addresses Host Enter the IP address or host n...

Page 49: ...e MultiAccess The login screen displays while the shutdown process takes place When a proper shutdown is initiated immediately 1 beep is heard and then the unit starts to shutdown killing services unloading driver etc and then approximately 30 seconds later run level zero is reached and two consecutive beeps are heard after which it is now safe to power off the unit Caution Avoid improper shutdown...

Page 50: ...ically single hosts are treated in the same way as networks A network or host you added can be deleted only if it is not used for any route or by any other module If a network process function is using a network that network cannot be edited Similarly if a host address is edited and changed and if that host was used by SNAT or DNAT the change will not be performed Add Network Name Enter a straight...

Page 51: ...nge The name of the network can not be changed but the IP Address and Subnet Mask can be edited You can delete a newly created network by clicking on Delete in the Options column for a desired network Added networks are displayed in the following functions 1 Web Admin 2 SSH 3 Packet Filter Rules 4 Network Intrusion Detection 5 Routing 6 Masquerading 7 SNAT 8 DNAT These names will be made available...

Page 52: ...es below 256 Notes TCP UDP allow both protocols to be active at the same time Any causes the MultiAccess to accept any protocol offered The ICMP protocol is necessary to test network connections and MultiAccess functionality as well as for diagnostic purposes In the Packet Filter ICMP menu you can enable ICMP Forwarding between networks as well as MultiAccess ICMP reception e g to allow ping suppo...

Page 53: ...ocol is TCP UDP TCP UDP or ANY D Port Server Destination Port Enter the destination port for the service It will be displayed if the type of the protocol is TCP UDP TCP UDP or ANY Add Button After you have entered the service click the Add button Edit By clicking Edit in the Options column the information is loaded into the entry menu of the Edit Service screen You can then edit the entry You can ...

Page 54: ...d Edit the Group Name Selected Above Displays Click the Edit Group button to add networks to a group The group for which the networks have to be added has to be selected from the box When the Edit Group button is clicked the list of all the networks which are not part of any group and the list of networks which fall under that group will be displayed Delete the Group The Delete button must be clic...

Page 55: ...elected from the Select Group name box After clicking the Edit Group button the list of all the services and the list of the services which fall under that group will be displayed You can select several services at once by holding down the Shift key as you select them Delete a Group Click the Delete Group button to delete a group selected from Select Group list Adding Services to a Group This opti...

Page 56: ...sic primary network parameters For example change the IP address and subnet mask of eth0 to an available static address that matches the network this MultiAccess is going to be used on then click on the Save button Confirm the pop up menu regarding the address change and wait approximately 1 minute for the parameter change to take affect Then enter the new IP address in the Address bar of your bro...

Page 57: ... your PC you will see an additional section for entering Network Card 2 information Since the input fields are the same as those for Network Card 1 they are not included in this graphic Local Host Host Name Enter a name for the MultiAccess into the Host Name field An example is MultiAccess mydomain com Click the Save button after entering the Host Name ...

Page 58: ...Subnet Mask into the appropriate entry fields For example Network Card 1 eth0 Network Card 2 eth1 Name Description LAN 1 IP Address 192 168 2 1 Subnet Mask 255 255 255 0 Name Description LAN 2 IP Address 192 168 100 1 Subnet Mask 255 255 255 0 Caution When entering a new IP address it is possible to temporarily lock yourself out If you do you will need local console access to re establish proper n...

Page 59: ... administer several logical networks on one network interface They can also be necessary in connection with the SNAT function to assign additional addresses to the firewall Note The same IP address cannot be configured many times for an interface Similarly the same IP address cannot be entered as an alias for two different interfaces Interface From the drop down list box select the network name to...

Page 60: ... clicking the Add button Also existing entries can be deleted by highlighting the entry and clicking the Delete button Add Routes Static Route A static route defines which router external to the MultiAccess is to be used to reach a particular destination Select an already defined network from the drop down list Enter the external IP address which will act as a gateway to this network Confirm your ...

Page 61: ...rface All services are automatically included in the translation The translation takes place only if the packet is sent via the indicated network interface The addess of the MultiAccess network interface is used as the new source of the data packets The Network Setup Masquerading screen allows you to select the network or group of networks to be masked to a selected network card Masquerading Masqu...

Page 62: ... being the same as that of the MultiAccess For example the IP address of Ethernet 1 is 192 168 4 235 with a subnetmask of 255 255 255 000 and the network s default gateway is 192 168 4 1 These addresses are set in the Network Setup menu Next create a private network in Network and Services Networks menu of 192 168 5 000 with a subnetmask of 255 255 255 000 give it an arbitrary yet meaningful name ...

Page 63: ...slation takes place after the filtering by packet filter rules you must allow connections that concern your SNAT rules in Packet Filters Packet Filter Rules with the original source address Packet filter rules are covered later in this chapter Note To create simple connections from private networks to the Internet you should use the Network Setup Masquerading function instead of SNAT In contrast t...

Page 64: ...on properly Add DNAT Definition The DNAT screen contains four drop down list boxes The first two define the original target of the IP packets that are to be re routed The last two define the new target to which the packets are forwarded From the drop down list boxes select IP packet characteristics to be translated Pre DNAT Destination Select the original target host or network of the IP packets t...

Page 65: ... you must change the value of the Web Admin TCP port in the Network Services Services e g port 444 Examples of DNAT Network Combinations You can map IP Port IP Port IP Port Range IP Port IP Port Range IP Port Range only if the Port Range is the same for PRE and POST IP Range Port IP Port IP Range Port Range IP Port You cannot map IP IP IP Range IP IP Range IP Range IP IP Range load balancing The w...

Page 66: ...e overall purpose of the DHCP is to make it easier to administer a large network The DHCP package includes the DHCP server and a DHCP relay agent DHCP Server on Ethernet 1 DHCP Server on Ethernet 1 To Enable DHCP Server on Ethernet 1 check the corresponding checkbox Click the Save button to activate the change Add Click the Add Subnet button which will open a screen for entering the Subnet IP Addr...

Page 67: ... can be made permanent by configuring the same using this screen The same IP address would not be used for any DHCP client with a different MAC address even if there were no active DHCP connection with that IP address DHCP Server Fixed Addresses Add Enter both a MAC address and an IP address Option Edit or Delete You can edit or delete entries by highlighting the desired entries and clicking eithe...

Page 68: ...ng old files copies in the new files and then reboots the MultiAccess Depending on the how many updates are being applied and the contents of the updates you may be able to log back in in as quickly as 2 minutes or you may have to wait longer like in the case of updating from version 1 09 to 1 10 it takes appx 30 minutes Most updates take 2 or 3 minutes Some updates may include a process that does...

Page 69: ...oad the appropriate update files from update multitech com and then put them on a private internal FTP server Appropriate files are defined as a version tar gz and a version html file per MA30120 version The IP address or DNS resolvable internal name of this private FTP server would be defined in the Update Server field The update files must be placed in the correct default directory of the FTP se...

Page 70: ...ta you transfer On this screen you can specify which local devices will have their network traffic counted and recorded You can also exclude hosts or networks from the accounting process After this accounting is in place you can view the Accounting of your MultiAccess in the Statistics Logs Accounting menu Accounting Device Accounting Device From the Accounting Device drop down box select the netw...

Page 71: ...The MultiAccess s behavior is determined by the content and order of the filter rules The filter rules are assigned by column number column No Every incoming data packet is checked in order as to whether rule 1 is valid rule 2 is valid etc As soon as a correspondence is found the procedure as determined by the action is carried out You can Accept Drop Reject and Log the packets When packets are de...

Page 72: ...e sent for the rule to match You can also select network groups The Any option can also be given which matches all IP addresses regardless of whether they are officially assigned addresses or so called private addresses These Network clients or groups must be pre defined in the Networks menu Example net1 or host1 or Any Service Select the service that is to be matched with the rule These services ...

Page 73: ...t Any Service Any To Server Broadcast8 Action Drop 4 Confirm your entries by clicking the Add button Log The packets matching the corresponding source address destination address service will be logged The log messages can be viewed from the Statistics Logs Packet Filter Packet Filter Livelog screen Add Confirm your entry by clicking the Add button After a successful definition the rule is always ...

Page 74: ...ng appropriate packet filter rules ICMP Forwarding Check the ICMP Forward checkbox to enable the forwarding of ICMP packets through the MultiAccess into the local network and all connected DMZs In this way you select whether an ICMP packet should be dropped or passed through to the local network and all connected DMZs If ICMP forward is enabled ICMP packets go through all connected networks Anothe...

Page 75: ...hell limited to user level access rights They also have rights to use modems configured for Modem Sharing with Local Authenication User Definition User Name Limited to alphanumeric characters with at least one letter A user name of all numbers is not supported Maximum user name is 30 characters User name is case sensitive Password The password is limited to alphanumeric characters with a maximum o...

Page 76: ...ion Local Users Add Button Click the Add button after all the parameters are entered After a successful definition the new user is entered into the user table Edit or Delete You can edit or delete entries in the table by clicking on either the Edit button or Delete button listed under Options ...

Page 77: ...re to be used This screen also defines the dynamic IP address pool and related parameters synomomous with traditional PPP remote access environments Note The RADIUS protocol RFCs 2138 2139 implements a client server relationship RADIUS software uses UDP of TCP IP to communicate between client and server The MultiAccess contains both RADIUS Client and RADIUS Server software These are separate entit...

Page 78: ...ver in this window Port The top Port window is the UDP port number that the client communictes with the main Radius Server RADIUS Accounting Address 1 Radius Accounting host keeps track of information such as login time logout time port number etc This is the IP address of your primary Radius Accounting host Port The next Port window down is the UDP port number used to communicate with the main Ra...

Page 79: ...ections that have their Port Selection set to All If the MultiAccess server has multiple line interface modules and all ports are to use an address pool set this field to the same address 192 168 1 150 for each line interface DNS Server Address 1 This is the IP address of the primary name server This identifies the name server for remote access users Click on the check mark window and enter the IP...

Page 80: ...ser Setup The intended purpose of the MultiAccess s RADIUS Server is for use with the MultiAcces s RADIUS Client This RADIUS Server can serve the internal Radius Client or MultiAccess RADIUS Clients external to this unit other MultiAccess units This RADIUS Server uses serves Ethernet 1 The IP address of Ethernet 1 is the IP address of this RADIUS Server Note When the RADIUS Server and RADIUS Clien...

Page 81: ... Upon receipt of an acceptance packet the client will compare the contents against the current conditions apply provide any necessary parameters to the user and allow the connection to proceed The RADIUS Client at this time if configured to do so starts the RADIUS Accounting process The client then sends an Accounting Start packet containing a summary of the user including resources used i e start...

Page 82: ...the manufacture of the Radius client such as MultiTech Livingston etc Click on the drop down arrow and high light the manufacture of the Radius Client NAS IP Address Login Name Password All three optional and currently not used Add Click the Add button to configure the Radius Server with the MultiAccess and the above client information ...

Page 83: ...rver however this reference and these user accounts are separate for the Local Users of the MultiAccess Linux Operating System The RADIUS Server will check it s local users file first and if a match of username and password is not found it will proceed to check the Local Users of the Linux system Add Users Username Up to 15 alphanumeric characters case sensitive can be used with the exception of f...

Page 84: ... how long the user can be idle in seconds while connected applies to Framed protocol PPP Protocol This field indicates the type of framed service the user is to be provided IP Address This field indicates the IP address the framed user is to use A value of 255 255 255 255 254 instructs the NAS equipment to give the user an IP address from an address pool defined within the NAS equipment referred t...

Page 85: ...Server Default User Setup The Radius Server Default User Setup screen displays the factory default settings and allows for changes to be made to the default Default Settings The Default Settings apply to all users of the Local Users data base If you want to add a New Default click on the Add New Default buttton and the Add New Default Setup screen appears ...

Page 86: ...ver Default User Setup screen Auth Type This field is for selecting the type of authentication This field must be set to System Service Type This field is for selecting the type of service the user will be requesting or provided to them Compression This field is for selecting the Van Jacobson TCP IP compression applies to Framed protocol PPP Idle Timeout This field is for entering the maximum numb...

Page 87: ...mask This field indicates the subnet mask that should be applied to this connection MTU This field is for entering the maximum allowable PPP framed size Utilmately the actual size used in negotiation per connection Hint This field is for entering additional matching criteria depending on the hint Routing This field is for selecting the routing method of the user when the user is a router Fall Thro...

Page 88: ...e screen is used to define the role of the modem The Modem Setup screen is used to define the operating parameters of the modems set to a usage of RAS The Fax Setup screen is used to configure various faxing parameters when at least one modem is set to the usage of Fax Note The MultiAccess modems also support faxing with fax servers that are external to the MultiAccess via the Modem Sharing usage ...

Page 89: ...r modems to provide dial in PPP for your Remote Access clients you do not have to modify the default modem usage settings which is RAS RAS usage is for inbound calls from PPP clients in a Dial Up networking environment If you are using some or all of your modems as a network resource setting the usage to Modem Sharing you can assign the shared modems to be part of a first available pool or each sh...

Page 90: ...7 options The following is a description of each Usage RAS This is the default usage New units from the factory have all ports set to RAS When ports are added to the MultiAccess they come up set to RAS RAS is an acronym for Remote Access Server Ports set this way are to receive inbound calls from remote nodes PPP clients Mircosoft s Dial Up Networking is an example of a remote node or client The M...

Page 91: ...e before access is granted All credentials are normally checked against the RADIUS data base If the RADIUS server rejects the credentials access to the modem resource is denied If the user is to authenticate against the Local database they must include an exclaimation point in front of the username The is a flag used to instruct the authenticator process to check the Local User database instead of...

Page 92: ...SSL Secure Sockets Layer This Pull down only applies when the usage is Modem Sharing with Authentication SSL is a transport level technology for authentication and data encryption SSL negotiates a secure point to point socket using pre determined Site Certificate information Site Certificate information is used to authenticate the user and encrypt the data Site Certificate information is configure...

Page 93: ...ect or select Short Phase 1 only or Short Phase 2 only V92 Quick Connect is a feature that allows V92 clients to use previously obtained line quality configuration data to speed up portions of the negotiation process Disabling this feature dictates the modems should use configuration data determined by a line probe during the negotiation process Enabling this feature allows the V92 client to dicta...

Page 94: ...vides a list of available levels The available choices are from 9 dBm to 20 dBm 20 dBm is less power than 9 dBm V 8bis You can select Disable or Enable Without V 90 or Enabled with V 90 V 8bis is used to negotiate K56flex connections Note Selecting V8bis Enabled Without V90 does NOT disable V 90 it changes where it is offered Error Recovery Setup Retain Limit This value along with the Retrain Limi...

Page 95: ...nations The General Fax Setup field establishes a data base of credentials used by fax clients to log into the Hylafax server preventing unauthorized use of the Hylafax server Inbound faxes received by Hylafax from remote dial up fax locations are sent as tif attachments to emails generated by the Hylafax server The Fax Modem Setup group sets the port identification and other administrative detail...

Page 96: ...l Identifier which is used as the TSI Transmit Station Identifier when sending faxes and is included in the body of the email when receiving faxes You can limit the maximum number of pages being received Fax Modem The Fax Modem scroll box allows you to high light a range of modem ports for assigning global parameters or high lighting individual ports for port specific parameters Local Identifier T...

Page 97: ... instruct the modem to answer and receive the incoming fax When the Fax is complete Hylafax will reference the Fax routing table and match the DNIS information to an email address If no Called Number route entries can be matched to the DNIS information for that particular fax the Route to Default entry will be used How many DNIS digits will Telco be providing The remote originator of the fax may d...

Page 98: ...us of each digital line interface alarm condition Modem Connections Displays the current state of all modems along with connection protocol details Caller ID information and Call History information Server Connections Displays who is currently logged into the unit and via what means Interfaces Graphically displays the Ethernet utilization for each interface by days weeks months and Yearly Accounti...

Page 99: ...con in your browser s tool bar or pressing the F5 key The value selected applies to all of the menus that automatically refresh Line Interface Status Modem Connections Modem Connection Details Modem Connection Caller ID and Server Connections The minimum refresh rate is once every 15 minutes and the maximum is once every 30 seconds Note Web caching rules applied by computers and programs external ...

Page 100: ... Statistics Logs Uptime Statistics Logs Uptime Uptime tells you how long the system has been running The first line displays the date and time the system was started The second line displays the total time elapsed since the system was started in days hours minutes and seconds ...

Page 101: ...rface Details screen will summarize configuration and performance information for each network interface Both Ethernet interfaces and the internal Loopback interface will always be present in this screen PPP interfaces will be added and removed automatically to and from the table as the PPP connections are established and relinquished ...

Page 102: ...gateway address or if none set Genmask The netmask for the destination net 255 255 255 255 for a host destination and 0 0 0 0 for the default route Flags Possible flags include U route is up H target is a host G use gateway R reinstate route for dynamic routing D dynamically installed by daemon or redirect M modified from routing daemon or redirect A installed by addrconf C cache entry reject rout...

Page 103: ... IP address and port number of the remote end of the socket If the final remote end point is actually on a different network the foreign address will be that of the first hop interface of the router off the local network State The state of the socket Normally this can be one of several values ESTABLISHED The socket has an established connection SYNC_SENT The socket is actively attempting to establ...

Page 104: ...there is an active ESTABLISHED connection from 65 126 90 16 port 22 http to 65 126 90 4 port 1918 How to Read the Network Connections Table Example 2 Proto Recv Q Send Q Local Address Foreign Address State tcp 0 0 0 0 0 0 22 0 0 0 0 LISTEN This output tells you that your MultiAccess is listening LISTEN at all 0 0 0 0 interfaces for incoming requests to port 22 ssh the remote IP address is ANY 0 0 ...

Page 105: ...the Facility Data Link channel of an Extended Super Frame No Alarm Active means the line interface is receiving a properly framed signal and that at least one modem associated with this line interface has a call in progress The front panel LEDs will reflect the LA on solid with the LC and LS off No Alarm Inactive means the line interface is receiving a properly framed signal and that all modems as...

Page 106: ...change in Layer 1 status are also written to the log file as they occur The following are some example messages The log file will contain the following sequence of messages when a red alarm condition occurs Jul 28 14 30 31 multiaccess kernel FALC 800 Jul 28 14 30 31 multiaccess kernel fech 0 fecl 4 Jul 28 14 30 31 multiaccess kernel cvch 0 cvcl 0 Jul 28 14 30 31 multiaccess kernel cech 0 cecl 0 Ju...

Page 107: ...eans the port as a system resource is available to the system and currently is not in use The state of allocated means as a system resource it is being used When the modem s usage is set to RAS or FAX the state of the port is Allocated When a successful call is established the state will change from Allocated to Data When the call is finished the state will return to Allocated When the modem s usa...

Page 108: ...ultiAccess Communications Server MA30120 User Guide 108 Statistics Logs Modem Connections Connection Details Connection Details This screen displays the modem protocol and performance details for currently connected ports ...

Page 109: ...een displays the telephone number dialed by the caller and the telephone number of that caller This information is available when the call is inbound to the MultiAccess and when the line type is PRI T1PRI or E1 PRI The exact digits displayed is controlled by Telco s implementation of DNIS Dialed Number Identification Service and Caller ID services ...

Page 110: ... selectable The Filter Options are by Port The tty port the call was received on IP The IP address of a particular MultiAccess unit when the Call History database is made up of records from multiple MultiAccess units Username The login name of the dialed in RAS user Start Date and Hour the Hour variable specifies the starting point in time End Date and Hour the Hour variable specifies the final po...

Page 111: ...kes to assemble and display the data structure depends on the number of records in the database the available system resources and network performance between the MultiAccess and your browser The larger the database the longer it takes to display and search the call history For example we have seen databaseswith approximately 120 000 call records take approximately 120 seconds to display ...

Page 112: ...are MultiAccess Communications Server MA30120 User Guide 112 Statistics Logs Server Connections Statistics Logs Server Connections The Server Connections screen displays active command shell PPP sessions and activity ...

Page 113: ...Logs Interfaces This screen displays graphically the network traffic load on each interface Ethernet 1 and Ethernet 2 separated by days weeks months and years Ethernet 1 Traffic Ethernet 1 traffic is displayed by default Ethernet 2 Traffic Click on Ethernet 2 traffic to graphically display the traffic on Ethernet 2 ...

Page 114: ...unting per Ethernet interface Each day s total is separated by the amount transmitted per Ethernet interface and received per Ethernet interface transmit is from the MultiAccess to the LAN Receive is from the LAN to the MultiAccess The length of each Ethernet Frame transmitted or received by the MultiAccess is added up to achieve the byte total One Ethernet frame packet contains one IP packet of a...

Page 115: ...ch process is not running and is trying to be restarted How to Add Edit or Delete Email Addresses for Self Monitoring 1 Open the Administration System Setup screen The current email addresses for informing the administrator of important events are listed in the second window of the Notification entry menu 2 Edit or delete existing email addresses or add new email addresses and then click Save Note...

Page 116: ...dnight the zero hour on the date selected and end at the time selected The time selection of latest is only available when the date selected is today s current date Please note this exception the time selection of 00 00 will result in viewing the previous day s entire log When the log file type is Self Monitor and the selected date is not today s date due to the nature of how the logs are maintain...

Page 117: ...ires a reboot The following statements attempt to summarize in the simplest terms certain digital carrier technology T1 and E1 lines in relationship to the MultiAccess T1 and E1 signals are made up of multiple protocols running at multiple levels Layer 1 refers to the framed signal physically transmitted and received on the wires transport layer Layer 2 runs a signaling or messaging protocol that ...

Page 118: ...RI ISDN signaling is a layer 2 protocol T1 PRI 23B D uses channels 1 through 23 to Bear carry the calls 1 call per channel and uses the 24th channel D Channel as the signaling channel The D channel is used to send Call Setup and Call Progress messages between Telco s central office switch and the MultiAccess premise equipment PRI Signaling allows for analog calls or digital calls to be made per ch...

Page 119: ...the parameters into the line interface The parameters you select should match the parameters of the digital communication line provided by your Telco The proper loading sequence is Select the desired Line Type and wait for the screen to refresh the available menu options will change based on the selected line type Change any of the remaining options as needed Click on the Save button and wait for ...

Page 120: ...ar signal The Line Type selection dictates the available Line Code choices When the line type is T1 your choices are Alternate Mark Inversion AMI Line code is a bipolar coding scheme in which successive ones alternate in polarity Successive ones of the same polarity are bipolar violations BPV errors BPVs and too many consecutive zeros are conditions that cause signal degradation AMI line code requ...

Page 121: ...tocol both need to be Ground Start or both need to be Loop Start If You re connecting the MultiAccess to a T1 line that comes from a PBX system on your premise and it s set to FXS Loop Start and the MultiAccess is also set to FXS Loop Start the call signaling will fail because they are not maintaining the FXO to FXS relationship Line Build Out LBO This layer 1 parameter dictates the physical size ...

Page 122: ...e transmit 00 MultiAccess modem is instructed to dail MultiAccess indicates off hook transmits 11 to Telco Telco winks back in the same fashion as the MultiAccess did in the previous example After the MultiAccess detects the wink it transmits the DTMF digits in the voice B_Channel The MultiAccess modem then listens into the channel for a busy signal from Telco and at the same time watches the stat...

Page 123: ...ge based on the selected line type Change any of the remaining options as needed Click on the Save button and wait for the screen to refresh the Send button will now be active Click the Send button and wait for the screen to refresh this takes approximately 45 seconds Now the Current Setup field will reflect the new settings Line Type Three selections are available T1 RBS T1 PRI and E1 PRI Units l...

Page 124: ...to the public network default or as NT2 network side NT2 could be used when the MultiAccess is connected to a PBX or similar private equipment that is already configured for premise side operation When the MultiAccess is connected directly to a PRI line that is part of the public switched network it should be set to TE Line Code The Line Code parameter is a layer 1 technique used to identify and c...

Page 125: ... select the country for which the equipment is operating in and needs to comply with Line Build Out LBO This layer 1 parameter dictates the physical size decibel level of the T1 signal being transmitted by the MultiAccess Your choices are 0dB 7 5dB 15 dB 22 5dB 0dB is the largest size signal the MultiAccess can transmit There are a number of variables as to when the Line Build Out setting should b...

Page 126: ...ad the parameters into the line interface The parameters you select should match the parameters of the digital communication line provided by Telco The proper loading sequence is Select the desired Line Type and wait for the screen to refresh the available menu options will change based on the selected line type Change any of the remaining options as needed Click on the Save button and wait for th...

Page 127: ...te equipment that is already configured for premise side operation When the MultiAccess is connected directly to a PRI line that is part of the public switched network it should be set to TE Line Code The Line Code parameter is a layer 1 technique used to identify and control the ones and zeros of the data pattern E1 line codes are derived from the AMI Alternate Mark Inversion bi polar technique A...

Page 128: ...ratic communication bit errors and other problems may or may not result Country This allows you to select the country for which the equipment is operating in and needs to comply with Line Build Out LBO This layer 1 parameter dictates the physical size decibel level of the E1 signal being transmitted by the MultiAccess Your choices are 0dB 7 5dB 15 dB 22 5 dB 0dB is the largest size signal the Mult...

Page 129: ...atures of Ping and Tracert and adds additional features to help you troubleshoot TCP IP connectivity problems 7 If you are using an external keyboard connected to the MultiAccess s PC board using the KB1 6 pin female MiniDIN connector make sure that you are not using an adapter cable e g a 6 pin DIN to 6 pin miniDIN adapter cable 8 Observe the MultiAccess front panel LEDs Verify that the LAN 1 and...

Page 130: ...ontract employees or your university s graduating students This should involve maintaining current email addresses for alerts and notifications e g from the Administration menu as well as maintaining the overall WebAdmin password from the Administration Web Admin menu Disk space management Includes timely cleanup of random program and data files to avoid wondering if a program is a leftover from a...

Page 131: ...TS LIABILITY EXCEED THE PRICE FOR DEFECTIVE PRODUCTS Repair Procedures for U S and Canadian Customers In the event that service is required products may be shipped freight prepaid to our Mounds View Minnesota factory Multi Tech Systems Inc 2205 Woodale Drive Mounds View MN 55112 Attn Repairs Serial ____________ A Returned Materials Authorization RMA is not required Return shipping charges surface ...

Page 132: ... to the U S A Please include inside the shipping box a description of the problem a return shipping address must have street address not P O Box your telephone number and if the product is out of warranty a check drawn on a U S bank or your company s purchase order for repair charges Repaired units shall be shipped freight collect unless other arrangements are made in advance Please direct your qu...

Page 133: ... with this equipment This equipment is designed to be connected to the phone network or premises wiring using a compatible modular jack which is Part 68 compliant See installation instructions for details 4 The ringer equivalence number REN is used to determine the number of devices that may be connected to the phone line Excessive REN s on the phone line may result in the device not ringing in re...

Page 134: ...to certified equipment should be made by an authorized Canadian maintenance facility designated by the supplier Any repairs or alterations made by the user to this equipment or equipment malfunctions may give the telecommunications company cause to request the user to disconnect the equipment Users should ensure for their own protection that the electrical ground connections of the power utility p...

Page 135: ... Version is displayed at the top of the Home screen Provide the configuration information e g Ethernet gateway and other IP addresses used from Network Setup Interfaces as well as any available Statistics Logs information Record the Node ID from the MultiAccess s back panel it may be required by the ISP for administration purposes or connection identification Every device that contains an Ethernet...

Page 136: ...l for backup or archival purposes Customer shall NOT copy or translate into any language in whole or in part any documentation which is provided by MTS in printed form under this Agreement OTHER RESTRICTIONS The software may not be assigned sublicensed translated or otherwise transferred by Customer without prior written consent from MTS Customer may not reverse engineer decompile or disassemble t...

Page 137: ...country to which the United States has prohibited export I will not download or by any other means export or re export the Programs either directly or indirectly to the above countries nor to citizens nationals or residents of the above countries I am not listed on the United States Department of Treasury lists of Specially Designated Nationals Specially Designated Terrorists and or Specially Desi...

Page 138: ...ONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION 0 This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License The Program below refers to any such program or work and a work based on the Program means either the Program or any derivative work under copyright law that is to s...

Page 139: ...n to modify or distribute the Program or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Program or any work based on the Program you indicate your acceptance of this License to do so and all its terms and conditions for copying distributing or modifying the Program or works based on it 6 Each time you redistribu...

Page 140: ...ER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION IN NO EVENT UNLESS...

Page 141: ...tory defaults must be issued to the modem before each call attempt The following sections within this appendix depict the AT commands supported by the MultiAccess 1 AT Command Syntax Convention 2 Standard AT Commands Supported 3 Standard AT Commands Accepted with No Effect 4 S Registers 5 Advanced MultiAccess Modem Commands 6 Application Notes 7 ASCII Conversion Chart AT Command Syntax Convention ...

Page 142: ...nd Vn in the AT Commands Supported Three commands are exceptions to the sending of the OK or ERROR result code These are ATA ATD and ATO refer to AT Commands Supported Each of these commands itself terminates command input string parsing They cause the modem to perform an action which is then reported by specific result codes such as CONNECT Null Command The null command is permitted has no effect...

Page 143: ...alue into S register Sn This value is interpreted as a decimal number string and ends at the first character not in the range 0 to 9 The S registers supported by the MultiAccess modems are described in the S Registers section in this appendix Registers not supported should not be accessed Sn Query the Value of an S Register The command Sn returns the value of S register Sn in the response The form...

Page 144: ...onal characters the comma and the letter R are valid when the Modem Sharing option Reverse Dial option is enabled and when the t tone command immediately follows the d dial command in the dial string Commas add delay s to the call progress and are most commonly used when dialing a destination that initially answers with an automated attendant For example ATDT17637853500 5315 with the 5315 being en...

Page 145: ... in originate mode but disables certain result codes in answer mode This is the DEFAULT setting Only OK RING and ERROR are sent in answer mode other result codes such as CONNECT NO CARRIER etc are not sent On On Line from Escape State The On command causes the modem to return to the Data state from the Command Escape state A CONNECT result code will be sent to the host User data flow interrupted i...

Page 146: ...it rate error control protocol and compression protocol Z Reset to default Configuration The Z command causes all configuration variables to be reset to the internal defaults therefore this command has the same effect as F In addition if the modem is in the Command Escape mode the link is terminated F Set to Default Configuration The F command causes all configuration variables for the modem to be...

Page 147: ...e monitor speaker is on The valid range of n is 0 to 2 P Pulse Dial The P command normally changes the dialing mode to pulse Cn DCD Behavior The Cn command normally controls the DCD handshake signal presented by a modem to the terminal The valid range of n is 0 to 1 Dn DTR Behavior The Dn command normally determines the behavior of the modem when a terminal DTR transition to off is detected The va...

Page 148: ...tering command modem during on line mode without breaking the on line connection S3 Carriage Return Character Default 13 r CTRL M Min 0 Max 127 This register defines the character recognized as the Carriage Return Enter or Return Key This register may be set to any ASCII character refer to the ASCII Conversion Chart at the end of this appendix S4 Line Feed Character Default 10 n CTRL J Min 0 Max 1...

Page 149: ...isconnecting If the retrain is successful the connection will continue Should a V 90 connection retrain to a V 34 modulation the connection will continue as a V 34 connection If the retransmit limit is reached while connected at a V 34 modulation the modem will disconnect A retransmit limit of 0 is used to denote no limit indicating that a disconnect will not result regardless of the number of tim...

Page 150: ...ol only If V 44 is enabled and can be negotiated with the peer during protocol negotiation V 44 will take precedence over V 42bis V 42bis compression may be run over the LAPM MNP and PIAFS error correction protocols MNP5 compression may be run only over an MNP error correction protocol If during MNP protocol negotiation V 42bis is enabled and can be negotiated with the peer V 42bis will take prece...

Page 151: ...acter or MNP2 flags If none of these are detected within the specified time a normal link connection is established S51 Error Correction Fallback Character Default 13 r Min 0 Max 127 This register defines the ASCII character that if detected repeatedly while in answer mode is attempting auto detection of an error control protocol will cause the EC negotiation attempt to be abandoned and a normal n...

Page 152: ...ng law so it is very important to set this index with care μ LAW UNITED STATES 1 CANADA 2 HONG KONG 3 JAPAN 4 KOREA MULAW 5 TAIWAN 6 INTERNAT MULAW 15 any μ LAW country INTERNAT ALAW 16 any A LAW country A LAW ARGENTINA 17 AUSTRALIA 18 AUSTRIA 19 BELGIUM 20 BRAZIL 21 CHILE 22 CHINA 23 CYPRUS 24 CZECH 25 DENMARK 26 DENMARK 26 EGYPT 27 FINLAND 28 FRANCE 29 GERMANY 30 GREECE 31 HOLLAND 32 INDIA 33 IR...

Page 153: ...otocls of LAPM or MNP and data compression protocols of V 44 V 42bis or MNP5 The modem will connect in asynchronous mode non framed ISDN V110 V110 framed data operating directly on digital DS 0 channel Auto rate adaption of 19 2 kbps or slower Associated with wireless calls ISDN PIAFS A framed protocol operating directly on digital DS 0 channel for use in Japan Associated with wireless calls ISDN ...

Page 154: ...ult setting is 8 data bits STOP BITS Index 172 Default 1 This index determines the number of stop bits when connected in an asynchronous POS mode The possible settings are 1 or 2 stop bits The default setting is 1 stop bit PARITY Index 219 Default 0 No Parity This index determines the parity of the data when connected in an asynchronous POS mode The possible settings are as follows No Parity 0 Eve...

Page 155: ...speed up portions of the negotiation process Disabling this feature dictates the modems should use configuration data determined by a line probe during the negotiation process for each call The supported values are V92 Quick Connect DISABLED 0 V92 QuickConnect SHORT PHASE1 ONLY 1 V92 QuickConnect SHORT PHASE2 ONLY 2 V92 QuickConnect ENABLED 3 Enabling this feature m285 3 allows the V92 client to d...

Page 156: ... This provides support for early implementations of V 90 Please Note Selecting a value of 0 or 1 does not disable the ability to establish V 90 connections it simply changes where V 90 is offered within the negotiation process Answer State Delay Index 114 Default 20 The minimum setting is 0 The maximum setting is 255 This index is used to define the delay before entering into the answer state The ...

Page 157: ...sing m253 1 means you should receive all 350 bytes at once Pause Before Answer Tone Index 173 Default 300 The minimum setting is 0 The maximum setting is 600 This index defines in milliseconds how long the modem waits before it generates quick connect answer tones after it receieves the answer command Answer Tone Duration Index 174 Default 660 The minimum setting is 0 The maximum setting is 1200 T...

Page 158: ...ls the length of time that the answering modem transmits scrambled ones at 1200 bits s during a Bell 212A or V 22 connection attempt V22BIS TX BINARY ONES 2400 DURATION Index 181 Default 174 The minimum setting is 0 The maximum setting is 600 This index controls the length of time that the answering modem transmits scrambled ones at 2400 bits s during a V 22bis connection attempt The default value...

Page 159: ...inate mode If for inbound calls the desired call type is to be something other than default the call type command index 112 must be issued with the answer command For Example Open the socket to the modem Initialize the modem ate0q0 Look for response ok if applicable Look for the ring call progress message Issue the appropriate answer string For example if the incoming call is an ISDN HDLC call iss...

Page 160: ...Applications that desire normal mode connections may react differently to error control protocol negotiations and or the time it takes to determine error correction will not be used In certain situations it may be desirable to control or disable error control protocol negotiations V 42 Error correction commands mostly apply in both answer originate modes however some apply only in one mode In Answ...

Page 161: ...14 S DC3 13 19 3 33 51 S 53 83 s 73 115 T DC4 14 20 4 34 52 T 54 84 t 74 116 U NAK 15 21 5 35 53 U 55 85 u 75 117 V SYN 16 22 6 36 54 V 56 86 v 76 118 W ETB 17 23 7 37 55 W 57 87 w 77 119 X CAN 18 24 8 38 56 X 58 88 x 78 120 Y EM 19 25 9 39 57 Y 59 89 y 79 121 Z SUB 1A 26 3A 58 Z 5A 90 z 7A 122 ESC 1B 27 3B 59 5B 91 7B 123 FS 1C 28 3C 60 5C 92 7C 124 GS 1D 29 3D 61 5D 93 7D 125 RS 1E 30 3E 62 5E 9...

Page 162: ...o version 1 10 before it can use the menu driven method For the MultiAccess to have Internet Access defining the appropriate Default Gateway in the NetworkSetup page is required Manual Method via Linux command line Download the appropriate files via FTP from update multitech com 65 126 90 15 When connecting to the update server via FTP perform an anonymous login Username anonymous Password any ema...

Page 163: ... they occur The updates may take a long time to down load and implement Depending on the particular update the implementation of it may occur upon the apply step 3 or the reboot step 4 Burning a New Hard Drive Image using the MultiAccess Recovery CD The MultiAccess ships with a Recovery CD You need a keyboard and monitor connected to the MultiAccess and a CD ROM drive that supports either a 40 pin...

Page 164: ...Recovery images are named as multiaccess releasedate v iso For example the 1 11 version is named multiaccess 01242005 v1 11 iso 1 Download the image Connect via FTP to update multitech com 204 26 122 121 login anonymously set binary as the transfer mode and the get the iso file Note the exact size of the file as it is displayed on the update server It should be the exact same size on your computer...

Page 165: ...he costs of recovery from municipal collection points reuse and recycling of specified percentages per the WEEE requirements Instructions for Disposal of WEEE by Users in the European Union The symbol shown below is on the product or on its packaging which indicates that this product must not be disposed of with other waste Instead it is the user s responsibility to dispose of their waste equipmen...

Page 166: ...ertain Hazardous Substances in electrical and electronic equipment RoHS These Multi Tech products do not contain the following banned chemicals1 Lead Pb 1000 PPM Mercury Hg 1000 PPM Hexavalent Chromium Cr 6 1000 PPM Cadmium Cd 100 PPM Polybrominated Biphenyl PBB 1000 PPM Polybrominated Diphenyl Ether PBDE 1000 PPM Environmental considerations Moisture Sensitivity Level MSL 1 Maximum Soldering temp...

Page 167: ... the remote system ARP Address Resolution Protocol An IETF standard that allows an IP node to determine the hardware datalink address of a neighboring node ARP provides a method of converting Protocol Addresses e g IP addresses to Local Network Addresses e g Ethernet addresses ARP exists as a low level protocol within the TCP IP suite and is used to map IP addresses to Ethernet or other addresses ...

Page 168: ...lient Server Model A common way to describe the paradigm of many network protocols Examples include the name server name resolver relationship in DNS and the file server file client relationship in NFS CHAP Challenge Handshake Authentication Protocol An IETF standard for authentication using PPP which uses a random Challenge with a cryptographically hashed Response which depends on the Challenge a...

Page 169: ...be kept private while the other key is made public Knowing the public key does not reveal the private key DNAT Dynamic NAT Used to operate a private network behind a firewall and make network services that only run there available to the Internet The use of private IP addresses in combination with Network Address Translation NAT in the form of Masquerading Source NAT SNAT and Destination NAT DNAT ...

Page 170: ...a TCP IP utility called Finger This utility is an old TCP IP tool very popular on UNIX systems that matches an email address with the person who owns it and provides information about that person While the Finger utility is fairly old there are more advanced tools available that performs the same general function it still works and can be a useful tool in certain situations The Finger utility was ...

Page 171: ...net Control Message Protocol notifies the IP datagrams sender about abnormal events ICMP might indicate for example that an IP datagram cannot reach an intended destination cannot connect to the requested service or that the network has dropped a datagram due to old age ICMP also returns information to the transmitter such as end to end delay for datagram transmission IETF Internet Engineering Tas...

Page 172: ...es such as addresses on one network with values or quantities on another set such as devices on another network Examples include name address mapping inter network route mapping and DNAT port mapping Name resolution name to address mapping is another example Masquerading The concealing of internal network information LAN form the outside For example the computer of a colleague with the IP address ...

Page 173: ...encrypted The opposite is ciphertext Port Where as only the source and target addresses are required for transmission on the IP level TCP and UDP require further characteristics to be introduced that allow a differentiation of the separate connections between two computers A connection on the TCP and UDP level are thus clearly identified by the source address and the source port as well as by the ...

Page 174: ...3GoDVMob fob9wBYbwdHOxPAYtNQBxNPEU9PGMxQd Yp8io72cy0duJNCXkEVvpvYvVzkmp0xVYOWYkfjiPsdhnz5FCitEh6 XsCe0ctByoLjKA1C mLtAlWhuycVojr2JwzSqUIJXzS6nV4yrpI QY5 o5yztgjVIgwW1Er6jyyo2aeFLgucqjuHSZ sX0dz OfdQ0N0AjRAmO3 eknOYLk2DPRkmUeYr3W95q1Z2j 4GRlzzP8ZoyPwdBv7hpZ0TRA 9c38a26 La8N2 TDKx fGLfixB6Ed8X0jCmq4It7iD2d 9EWeaUZfctq aKfw Public key cryptography is based on two keys a private key and a public key W...

Page 175: ...annel A communication medium that is safe from the threat of eavesdroppers Seed A random bit sequence used to generate another usually longer pseudo random bit sequence Security Policy Enterprises should have a carefully planned set of statements in place regarding network protection A good corporate Internet security policy should define acceptable use acceptable means of remote access informatio...

Page 176: ... a given IP subnet The simplest and most common example is the default router gateway entry entered onto any IP connected node i e a static route telling the node to go to the Internet router for all subnets outside of the local subnet Subnet Mask The subnet mask or the net mask indicates into which groups the addresses are divided Based on this arrangement individual computers are assigned to a n...

Page 177: ...dependent of the others as if each was a separate physical device Some higher end switches can also route between VLANs as if each was a separate hub switch connected by a router VPN Virtual Private Network A device or program that protects users and their data when exchanging information over the Internet A VPN can use encryption user authentication and or firewall protection to solve remote acce...

Page 178: ...name 19 Housekeeping 130 HTTPS port 40 I ICMP forwarding 74 Intrusion Detection 45 IP Aliases 59 L Licenses GNU General Public License 138 Multi Tech Systems Inc End User License Agreement 136 Line Interfaces 17 LINE jack 8 Login 15 Logout 17 34 M Maintenance 130 Masquerading 61 Modem Setup 17 Monitoring 130 MultiAccess Communications Server 5 Multi Tech Systems Inc End User License Agreement 136 ...

Page 179: ...Site Certificate 41 SNAT 63 Specifications 11 SSH Client 37 Starting up the RouteFinder 15 Statistics Logs 17 Statistics Logs Uptime 100 Subnet Settings 66 System Setup 35 System Update 17 T T1 E1 PRI ISDN 5 T1 E1 PRI line jacks 8 T1 PRI interfaces 5 T1 RBS 5 Tools 47 Traceroute 48 Tracking 17 Tracking Accounting 70 U Uptime 100 USB 8 User Authentication 17 User Authentication RADIUS 80 User Defin...

Reviews: