manualshive.com logo in svg

Patton electronics 3120, Administrator'S Reference Manual

Share
Download
Patton electronics 3120 Administrator'S Reference Manual Download Page 313

Configuring a RADIUS server

313

Model 3120 RAS Administrators’ Reference Guide 

C • Technical Reference

A RADIUS client consists of a Network Access Server (NAS)—such as your Patton RAS—which provides one or 
more remote users with access to network resources. A single RADIUS Server can serve hundreds of RADIUS cli-
ents and up to tens of thousand of end users. Fault tolerance and redundancy concerns can be addressed by con-
figuring a RADIUS client to use one or more alternate RADIUS servers. A NAS (your Patton RAS) can access a 
local RADIUS Server on the connected LAN, or a remote RADIUS Server via WAN connections. 

RADIUS Services

AAA. 

RADIUS provides three network services, known as authentication, authorization, and accounting, or 

AAA. These services give network managers an easy way to:

Identify remote users, and control which users can access the network (authentication)

Define what each user can do by controlling access to network resources (authorization)

Track what resources each user consumes in order to bill them for services (accounting)

RADIUS login procedures combine authentication and authorization services to provide security functions.

Authentication

 is essentially a login procedure involving a username and password:  the process by which the net-

work validates a dial-in user’s identity—distinguishing a legitimate user from a malicious or mischievous hacker. 
RADIUS supports multiple authentication protocols including password authentication protocol (PAP) and chal-
lenge handshake authentication protocol (CHAP) (RFC 1994), as well as Unix login. PAP and CHAP are specified 
within the point-to-point protocol (PPP) authentication procedures (RFC 1661). To prevent interception by 
snoopers on the network, RADIUS encrypts user passwords for transmission between client and server.

A RADIUS authentication server will respond to requests from known clients and discard requests from 
unknown clients. Before authenticating any users, the NAS (your Patton RAS) must validate its own identity 
by authenticating with the RADIUS server using a common shared secret.

The shared secret is a text string configured on both the RADIUS client and server, and is never sent across the 
network in its pure original form. During authentication, the RADIUS server sends a random number to the 
NAS, which is combined with the shared secret using a hash-code algorithm (RSA Message Digest Algorithm 
MD5), and then sent back to the RADIUS server. The RADIUS server will decode the received message for 
validation against its own copy of the shared secret. The RAS will disconnect users that fail to authenticate with 
the RADIUS server.

Authorization

 is the process of restricting and enabling what each user can do. RADIUS servers are responsible 

for knowing which services and privileges a given user may legitimately access (for example, PPP, SLIP, Telnet, 
rlogin), and returning that information to the communications server when the user successfully authenticates. 

Accounting

 is the process of collecting and reporting statistics. The RADIUS accounting server collects and 

stores the statistics sent by RADIUS clients and responds to client queries for statistics. These data include user 
login times and durations, packets sent/received, bytes sent/received, and so on, and may be used for billing, 
traffic and performance analysis, and troubleshooting.

Summary of Contents for 3120

Page 1: ...Server Administrator s Reference Guide Sales Office 1 301 975 1000 Technical Support 1 301 975 1007 E mail support patton com WWW www patton com Document Number 107062U Rev D Part Number O7MD3120 ARG...

Page 2: ...n com URL www patton com Copyright 2001 2004 Patton Electronics Company All rights reserved The information in this document is subject to change without notice Patton Electronics assumes no liability...

Page 3: ...ort Configuration 22 Import Configuration 24 4 Alarms 25 Introduction 26 Displaying the Alarms window 27 Modify Response Configuring the alarm response system 29 Modify Alarms Configuring alarm severi...

Page 4: ...n 136 Dial in Modify Configuration 136 Dial in Main Window 137 Static User Authentication 138 RADIUS Configuration 138 Accounting information 139 Dialout 139 10 Drop and Insert 141 Introduction 142 Dr...

Page 5: ...rmation 206 O S forwarding table window 210 IP Routing Destination window 212 Address Translation Information 213 17 MFR Version 2 215 Introduction 217 MFR Version 2 main window 217 Interregister Sign...

Page 6: ...e Statistics Current 280 Far End Line Statistics History 281 Far End Line Statistics Totals 283 23 Sync PPP 285 Introduction 287 WAN Circuit CONFIGURATION window 287 24 About 299 Introduction 300 Patt...

Page 7: ...7 Model 3120 RAS Administrators Reference Guide Contents Configuring DNIS 328 Configuring a leased line dedicated line connection 329...

Page 8: ...Contents Model 3120 RAS Administrators Reference Guide 8...

Page 9: ...window Chapter 5 describes configuring the Authentication window Chapter 6 describes configuring the DAX window Chapter 7 describes configuring the Dial In window Chapter 8 describes configuring the D...

Page 10: ...ribed in this manual use the following text conventions Table 1 Text conventions Convention Meaning Futura bold type Indicates the names of menu bar options Italicized Futura type Indicates the names...

Page 11: ...t This word means to move the mouse in such a way that the tip of the pointing arrow on the screen ends up resting at the desired location Click Means to quickly press and release the left or right mo...

Page 12: ...About this guide Model 3120 RAS Administrators Reference Guide 12...

Page 13: ...13 Chapter 1 Introduction Chapter contents Introduction 14 Logging into the HTTP HTML Administration Pages 14 HTTP HTML and SNMP Object Format 14 Saving HTTP HTML Object Changes 15...

Page 14: ...browser After you enter the IP address the access server will ask for your user name and password as shown in figure 1 Figure 1 Access server login window Your access server will accept the following...

Page 15: ...pages Do the following to make changes to read write variables 1 Select the appropriate Modify screen 2 Make changes to the desired parameter 3 Click on the Submit button 4 Return to the HOME screen 5...

Page 16: ...1 Introduction Model 3120 RAS Administrators Reference Guide 16 Saving HTTP HTML Object Changes...

Page 17: ...Operating Status Variables 19 Active Calls diActive 19 Peak Active Calls diMaxActive 19 Total Calls diTotalCallAttempts 19 DSPs Not Working dspFailed 19 Total DRAM Detected boxDetectedMemory 19 Runnin...

Page 18: ...nu pane will return you to the HOME page from any other page The HOME window is divided into two panes the Configuration Menu pane and the configuration information pane see figure 3 The Configuration...

Page 19: ...is number should always be zero The DSPs in the access server are arranged as a resource pool and called upon at ring time If a DSP fails to respond to the access server s CPU it is determined to have...

Page 20: ...next time the access server is re booted Hard Reset this button causes the access server to perform a cold restart When you select Hard Reset the access server confirm that you want to execute this c...

Page 21: ...21 Chapter 3 Import Export Chapter contents Introduction 22 Export Configuration 22 Import Configuration 24...

Page 22: ...onfiguration Menu to display the Import Export main window see figure 6 Figure 6 Import Export main window Export Configuration Note The exported configuration file is a text format file Do not try ho...

Page 23: ...s a text file select the Save option on your browser see figure 8 For example under Netscape select File Save As A dialog box will display enabling you to save the contents of the export parameters to...

Page 24: ...button to select the desired file then click on the Submit Query button see figure 6 on page 22 Upon successfully importing the file the access server will display Configuration Load Complete indicati...

Page 25: ...rrent Box Temperature boxTemperature 28 Clear All Alarms 28 Alarms 28 Alarm ID alarmDefIndex 28 Alarm Name alarmName 28 Alarm Severity alarmSeverity 29 Time Since Alarm alarmTicks 29 Alarm Count alarm...

Page 26: ...erity of an alarm The states are Off No alarm present Solid Minor alarm Flashing Major alarm Administration web page indication The alarms window of the administration page uses highlighting to indica...

Page 27: ...The system administrator can manually generate a specific alarm for testing purposes or clear the alarm counters from the main window Figure 10 Alarms main window Note The POWER LED will flash if a po...

Page 28: ...se to a major alarm Alarm SNMP Trap IP 3 alarmTrapIp2 The IP address of a host system which is running the SNMP trap daemon Critical and major alarm messages will be sent to the system If set to 0 0 0...

Page 29: ...ar Alarm button resets the alarm to a non alarm condition Clear Alarm resets Alarm Time to 0 0 seconds and resets the Alarm Count to 0 Modify Response Configuring the alarm response system The alarm r...

Page 30: ...ill be sent to the system If set to 0 0 0 0 then no trap message will be sent in response to a major alarm Alarm SNMP Trap IP 4 alarmTrapIp3 The IP address of a host system which is running the SNMP t...

Page 31: ...WAN port detects a red alarm condition the specific WAN alarm will be set Each alarm item can be set for one of the following severity levels Critical 4 Major 5 Minor 6 Informational 7 Ignore 8 Note...

Page 32: ...4 Alarms Model 3120 RAS Administrators Reference Guide 32 Modify Alarms Configuring alarm severity levels...

Page 33: ...rverTimeouts 36 Accounting server timeouts auAccountingServerTimeouts 36 Maximum Response Time 36 Last Response Time 36 The Configuration section 37 Validation auValidation 37 Host Address auHostAddre...

Page 34: ...ng Port auAcctPort 43 Accounting Enable auAccountingEnable 43 Radius Packet Format auRadiusPacketFormat 43 Radius Session ID Size auRadiusRunningIdSize 43 Static User Authentication 44 Adding Static U...

Page 35: ...entication main screen Statistics section 2 Select Modify to set up or change access server Authentication parameters The Statistics section The Statistics section of the main Authentication screen li...

Page 36: ...s server needed to make subsequent requests for a call to the secondary RADIUS authentication server Accounting server retries auAccountingServerRetrys The number of times the access server needed to...

Page 37: ...US is a client server sys tem developed to manage the flexible requirements of remote dial in users The RADIUS protocol is speci fied under RFC 2138 for authentication and RFC 2139 for accounting RADI...

Page 38: ...urs If this number is exceeded then the secondary host will be tried If this num ber is exceeded by the secondary host the user will be rejected Secret auSecret The Secret variable sets the shared sec...

Page 39: ...RADIUS server used a method for encoding the accounting reply packet that was incorrect Accounting replies from these servers would therefore be dropped because they could not be authenticated eventua...

Page 40: ...code upload This rolls over to 0 after 100 reboots S Not used CCCCC Call ID in hex The call ID used is the one recorded on the main dial in screen Radius Session ID auRadiusRunningId The RADIUS sessio...

Page 41: ...is a client server sys tem developed to manage the flexible requirements of remote dial in users The RADIUS protocol is speci fied under RFC 2138 for authentication and RFC 2139 for accounting RADIUS...

Page 42: ...urs If this number is exceeded then the secondary host will be tried If this num ber is exceeded by the secondary host the user will be rejected Secret auSecret The Secret variable sets the shared sec...

Page 43: ...ticated eventually resulting in timeouts and shutting the call down with the reason authenAccoun tingTimeout As a workaround for this issue the state enableAccountingNoValidation which does not check...

Page 44: ...each of the variables found in the Static User Identification section Figure 18 Static User Identification setup Adding Static Users ID suID Identifies the entry in the table of users For the next us...

Page 45: ...currently supported dialout Access server will give a dialout connection The dialout connection is an AT command set driven connection into one of the access server modems On line help is provided by...

Page 46: ...ration Menu Once there click on the Record Current Configuration button located under Immediate Actions to save the changes to FLASH memory on the access server All changes made to the running configu...

Page 47: ...apter 6 DAX Chapter contents Introduction 48 Configuring the DAX 48 Circuit Type daxClockMode 48 Main Reference daxClockMainRef 49 Fallback Reference daxClockFallbackRef 49 Clock Status daxClockFailur...

Page 48: ...s the overall clocking scheme for the entire access server refer to Circuit Type dax ClockMode Main Reference Determines which WAN link supplies the clock for the system refer to Main Reference daxClo...

Page 49: ...circuit netref 2 102 Use to obtain system timing from a slave circuit internal 200 Use internal free run oscillator for the system clock external 300 Not currently implemented Fallback Reference daxC...

Page 50: ...he system clock If there are no alarms the DAX page will indicate No Alarms see figure 20 on page 48 Should one or more alarms be present an Alarms Present message will be displayed with the following...

Page 51: ...PIndex 61 Connection Modulation diactModulation 61 Transmit Connection Speed diactTxSpeed 61 Receive Connection Speed diactRxSpeed 62 Error Correction diactErrorCorrection 62 Data Compression Protocol...

Page 52: ...ress Pool diIpPool 70 Login Technique diLoginTechnique 70 Username Prompt diUsernamePrompt 71 Password Prompt diPasswordPrompt 71 Initial Banner diBanner 71 Modify Service 71 Default Service diService...

Page 53: ...V32Enable 78 V23 diModemV23Enable 78 V22 diModemV22Enable 78 V21 diModemV21Enable 78 Maximum V8 Failures diModemMaxV8Failures 78 MaxSpeed diModemMaxSpeed Not Currently Implemented 78 MinSpeed diModemM...

Page 54: ...Port dnisProfileServicePort 86 Service IP dnisProfileServiceIP 86 Status dnisIpProfileStatus 86 DNIS IP Pools Window 87 ID dnisIpPoolId 87 IP Address Pool dnisIpPool 87 Status dnisIpPoolStatus 87 Add...

Page 55: ...97 Remote Local PPP Protocol Comprsn diStatRemoteToLocalProtComp 97 Local Remote AC Comprsn diStatLocalToRemoteACComp 97 Remote Local AC Comprsn diStatRemoteToLocalACComp 97 Transmit Frame Check Seq S...

Page 56: ...d diactRxSpeed 102 Error Correction diactErrorCorrection 102 Data Compression Protocol diactCompression 102 Modulation Symbol Rate diactSymbolRate 102 Locally Initiated Renegotiates diactLocalRenegoti...

Page 57: ...ma tion about individual user settings refer to Dial In User Statistics window on page 89 Default Details link clicking on the Details link takes you to the page where you can see how the system is cu...

Page 58: ...om the oldest call at the top to the latest call at the bottom Active Calls diActive The total number of active calls and calls that are being initiated Peak Active Calls diMaxActive The maximum numbe...

Page 59: ...the linger time has expired Bury Kill the call and remove it from the dial in main window Duration diactSessionTime The number of seconds this call was is active Time in seconds the user has been conn...

Page 60: ...all for internal use Username diactUsername The caller s username State diactState Indicates current progress of the selected call Ringing The call has been recognized by the access server and is in t...

Page 61: ...s call is on This is a number from 0 to 59 Connection Modulation diactModulation The modulation type of the modem link for example V 34 The modem link can have these modulation or data types unknown 0...

Page 62: ...m data compression technique used during this call None 1 No compression V42bis 2 Compression is running Stac 4 Compression is running v44 5 V44 compression is running Locally Initiated Renegotiates d...

Page 63: ...server and is in the process of going off hook Connecting The access server has assigned a DSP to the incoming call and is now in the process of nego tiating the type of modulation V 34 V 32 ISDN or 5...

Page 64: ...1 E1 WAN port number that the call is on Time Slot diactSlotIndex Shows which T1 E1 channel the call is on This is a number from 1 30 Time Call Is Was Active diactSessionTime The amount of time the ca...

Page 65: ...iIndex Used for multi link PPP this is the unique identification shared between multi link active calls Username diactUsername The caller s username State diactState Indicates current progress of the...

Page 66: ...the IP address pool or the RADIUS server The remote users PC is assigned to this address The address appears in the IP address 0 0 0 0 format Port on Remote Machine diactPort The TCP port number being...

Page 67: ...hen sending packets to the remote IP entity The available settings are none 1 no compression vjTCP 2 compression is enabled Remote Local VJ Protocol Comprsn diIpRemoteToLocalCompProt The IP compressio...

Page 68: ...dle dial in users To view this page select Default Details from the main Dial In window Scroll down the window to view additional Dial In access server parameters To modify the Dial In access server p...

Page 69: ...Domain Name Server on page 72 Dial in attempts access server parameters see Modify Attempts on page 73 Link compression MRUs MultiLink and MultiBox access server parameters see Modify Configuration on...

Page 70: ...A username prompt is displayed and a username must be entered If the received username is a static user with no password defined then the connection completes and no password prompt is issued If a pa...

Page 71: ...can be up to 39 characters and should be an ASCII printable string It can include carriage returns and line feeds The username prompt immediately follows the initial banner This banner only appears fo...

Page 72: ...IUS attribute used to set the Force Next Hop is attribute 209 a Patton vendor extension For a full list of RADIUS attributes see Appendix A Supported RADIUS Attributes Modify Domain Name Server This p...

Page 73: ...is defines a message of up to 254 characters in length that will be displayed to a user if authentication fails This message only appears when the authentication technique is Text Success Banner diSuc...

Page 74: ...magic number negotiation should be done This access server parameter is used to check whether a link is in a looped back state The following options are available enable 1 The local node will attempt...

Page 75: ...ribes modifying the time out values for the session idle time time to login and the MIB data linger time Maximum Session Time min diSessionTimeout This is the maximum time in minutes that a connection...

Page 76: ...sage as defined in the Q931 specification Limitations 56000 only supports PAP and CHAP authentication All other data rates support text PAP or CHAP 56000 only supports a synchronous connection all oth...

Page 77: ...ing to the Internet This set ting enables or disables modem on hold Modem on Hold Timeout diV92ModemOnHoldTimeout If modem on hold is enabled sets the length of time the user can be in the modem on ho...

Page 78: ...ption is enabled enableV21 1 Enable V 21 modulation enableBell103 2 Enable Bell 103 modulation Maximum V8 Failures diModemMaxV8Failures Number of times the modem will attempt a V 8 connection before i...

Page 79: ...eed if the line quality is poor or fall forward to a faster speed if the line quality is good TxLevel diModemTxLevel Not Currently in Use This variable should be set with caution and normally only aft...

Page 80: ...its ability to capture DNIS information to provide the customer with the ability to set up dial in parameters for their dial in clients based on the phone number dialed and the physical WAN port they...

Page 81: ...t of 80 characters DNIS profile dnisPoolAssignedProfile The DNIS profile used if the dial in user meets the conditions of this configuration Note A DNIS profile of 0 indicates that no profile has been...

Page 82: ...specified they must be separated by semi colons Note This field has a limit of 80 characters DNIS profile dnisPoolAssignedProfile The DNIS profile used if the dial in user meets the conditions of thi...

Page 83: ...Ip Pools clicking on the DNIS Ip Pools link takes you to the page where you can view and change the IP address pools associated with the DNIS profiles Refer to DNIS IP Pools Window on page 87 Figure 3...

Page 84: ...ing assumes that all calls will be PPP users No username or password prompt will be displayed The system will go directly to PPP processing The dial up user must be configured for PAP or CHAP authenti...

Page 85: ...used to select an IP address for the dial in user The IP Pool is con figured using the DNIS Ip Pool link See DNIS IP Pool Entry Window on page 88 for more information Note Do not enter actual IP addr...

Page 86: ...n first Therefore if a user can negotiate either CHAP or PAP CHAP authentication will be performed textORchapORpap 6 This setting enables clear text logins or PPP calls using PAP or CHAP authenticatio...

Page 87: ...the DNIS Profiles used Refer to page Manage DNIS main window on page 81 DNIS Profiles clicking on the DNIS Profiles link takes you to the page where you can view and change the DNIS profiles Refer to...

Page 88: ...ng on ID in the DNIS IP Pool Window will take you to this window see figure 36 In this window you can change the IP Address Pool Figure 36 DNIS IP Pools Entry window IP Address Pool dnisIpPool The IP...

Page 89: ...rs defined under these sections refer to each under the access server Con figuration Menu Figure 37 User Statistics Call Identification Session The Dial In User Statistics window see figure 27 is wher...

Page 90: ...link is negotiating LCP parameters Authenticating The access server is in the process of verifying the user s password by using static or RADIUS authentication Online The access server has completed...

Page 91: ...r WAN Link diactLinkIndex The T1 E1 WAN port number that the call is on Time Slot diactSlotIndex Shows which T1 E1 channel the call is on This is a number from 1 30 IP Address diactIP The currently as...

Page 92: ...of call loginTimeOut 10 Exceeded login timeout parameter userTerminated 11 A problem is discovered initiating the dial in users telnet rlogin or tcpclear session maxNumCalls 21 Exceeds maximum number...

Page 93: ...digit or while we were waiting for the termination of the far end tone in response to our ack mfr2DisWaitCalling 57 Call disconnected while we were waiting for the next expected calling number digit T...

Page 94: ...ner l2tpCallDisconnected 80 Client disconnected the call l2tpLNSConnectTimeout 81 We accepted a tunnel and did not get a response from authenticator in time 5 seconds l2tpLACConnectTimeout 82 We initi...

Page 95: ...e 48 tcpNoBuffers 68 udpOpenErr 75 udpBindErr 76 l2tpOpenErr 77 l2tpLinkErr 78 reLinkErr 79 State at termination diactTerminateState Indicates the value of diactState when the call was terminated A va...

Page 96: ...ent value of the MRU for the local PPP entity This value is the MRU that the remote entity is using when sending packets to the local PPP entity This setting becomes active when the link is in the up...

Page 97: ...ansmitting packets to the remote PPP entity This setting becomes active when the link is in the up able to pass packets operational state for more information refer to Operational Status diIpOperStatu...

Page 98: ...ize in bits of the frame check sequence FCS that the remote node will generate when sending packets to the local node This setting becomes active when the link is in the up able to pass packets operat...

Page 99: ...lot ID diIpLocalMaxSlotId The Max Slot Id access server parameter that the local node has announced and that is in use on the link If vjTCP header compression is not in use on the link the value of th...

Page 100: ...User Statistics window see figure 40 shows the phone numbers that were used by this caller Figure 40 User Statistics Phone Data Physical Layer Number Called diactNumberDialed The phone number that was...

Page 101: ...iactErrorFrames Number of bad received packets received during this call Bad packets are those that failed CRC error checks Physical Layer This portion of the Dial In User Statistics window see figure...

Page 102: ...tion on the call V42 2 Error correction mode V120 4 Mode for ISDN B Data Compression Protocol diactCompression The modem data compression technique used during this call None 1 No compression V42bis 2...

Page 103: ...Technique doLoginTechnique 112 Username Prompt doUsernamePrompt 113 Password Prompt doPasswordPrompt 113 Initial Banner doBanner 113 Modify Attempts 113 Failure Banner doFailureBanner 113 Login Attemp...

Page 104: ...ame 119 User Name locationUserName 119 Password locationPassword 119 Phone Number locationPhoneNumber 119 Destination IP locationDestinationIP 119 Destination NetMask locationDestinationNet 119 Multil...

Page 105: ...dress doStatBadAddresses 128 Bad Controls doStatBadControls 128 Packets too long doStatPacketTooLongs 128 Bad Frame Check Sequences doStatBadFCSs 128 LCP Statistics 128 Local MRU doStatLocalMRU 129 Re...

Page 106: ...Speed doactTxSpeed 132 Rx Connection Speed doactRxSpeed 132 Error Correction Protocol doactErrorCorrection 132 Data Compression Protocol doactCompression 133 Modulation Symbol Rate doactSymbolRate 133...

Page 107: ...view add and modify modem profiles used to dial locations Figure 41 Dial Out main window Dial Out Main Window The Dial Out window displays statistics for individual users The following sections explai...

Page 108: ...ain window waitingForIpcp 14 the unit is in the process of negotiating an IP address for PPP based calls waitingRedial 15 The location is disconnected and waiting to 30 seconds to redial for continuou...

Page 109: ...o allocate a DSP for an outbound call but no available DSP s were available papAuthenticationFailure 49 invalid username password combination for tcp based calling exceedsMultiLinkLimit 64 exceeds the...

Page 110: ...dn56 10 56k ISDN connection phase2 20 currently training to a modulation answerAck 21 acknowledge state of the modulation v92 22 v 92 modulation moh 23 Modem is using v 92 s modem on hold feature v23...

Page 111: ...wing Login settings see Modify Login Maximum number of login attempts and the authentication failure banner see Modify Attempts on page 113 Maximum session time idle time time to login and call histor...

Page 112: ...pe TCP Service Type that will be placed on the TCP connection when established telnet 0 Telnet protocol tcpclear 1 All 8 bits are passed unchecked and unaltered Restrict to Lan doRestrictToLan Enablin...

Page 113: ...e A valid password should consist of ASCII characters and can include carriage returns and line feeds For example the prompt could be Enter your password Initial Banner doBanner This is usually a mess...

Page 114: ...oSessionTimeout This is the maximum time in minutes that a connection is allowed to be maintained After this time the con nection will be terminated even if there is active traffic on the connection T...

Page 115: ...92Enable Enables and disables V92 functionality Quick Connect diV92QuickConnect Quick connect shortens a modem s time to learn a phone line s characteristics by reusing some information pre viously le...

Page 116: ...modem modulation K56flex diModemK56Enable Enables or disables K56flex modem modulation V34 diModemV34Enable Enables or disables V34 modem modulation V32 diModemV32Enable Allows V 32 and V 32bix modula...

Page 117: ...llForwardFallBack 2 Allow the modem to fallback to a slower speed if the line quality is poor of fall forward to a faster speed if the line quality is good Tx Level doModemTxLevel Not currently implem...

Page 118: ...ble the status is set to destroy 7 and submitted To stop a dial on demand call or continuous call from dialing set the status to stop 6 Figure 46 Location Table status locationstatus This shows the cu...

Page 119: ...ters User Name locationUserName This is the username to log into the remote location Maximum size is 32 characters Password locationPassword This is the password to log into the remote location Maximu...

Page 120: ...Dial on demand 2 if the access server receives data destined for the IP address or net specified for this location the location will be dialed The connection will be dropped after the idle timeout or...

Page 121: ...this page location settings can be modified and submitted Any changes made will take effect on the next call to this location Figure 48 View Modify location details Dialing Locations To initiate an ou...

Page 122: ...ofile New modem profiles are added to the table using the add modem profile form The following describes each setting Locations Link This will take you to the location table window Profile ID modemPro...

Page 123: ...l forward to a faster speed if the line quality is good fallForwardFallBack 2 allow the modem to fallback to a slower speed if the line quality is poor or fall for ward to a faster speed if the line q...

Page 124: ...ID in the table and you will see the following page Settings can be modified and submitted on this page Any changes will take place on the next call to the location s which are using this profile See...

Page 125: ...user statistics window shows user information for a unique user ID Call ID doactIndex Unique identification of this call for internal use Username doactUsername The callers username for Tcp based call...

Page 126: ...out if an idle timeout was specified Time left in session doactRemainingSession Number seconds remaining in this session if a maximum session time was specified Termination Reason doactTerminateReason...

Page 127: ...tbound call but no available DSP s were available papAuthenticationFailure 49 invalid username password combination for tcp based calling exceedsMultiLinkLimit 64 exceeds the maximum multilink calls s...

Page 128: ...ddress doStatBadAddresses The number of packets received with an invalid address field Bad Controls doStatBadControls The number of packets received with an incorrect control field Packets too long do...

Page 129: ...Authentication doStatLcpAuth Authentication type used by the dial in user The following options are available none 1 pap 2 chap 3 MSChap 4 not currently implemented tacacs 5 not currently implemented...

Page 130: ...ve when the link is in the up able to pass packets operational state for more information refer to Operational Status diIpOperStatus on page 97 These are the available options disabled 0 ACC is disabl...

Page 131: ...a sent and received by this user Octets Sent doactSentOctets The number of octets bytes sent during this call Octets Received doactReceivedOctets The number of octets bytes received during this call P...

Page 132: ...V 34 modulation k56 5 K56 Flex modulation x2 6 X 2 modulation v90 7 V 90 modulation v110 8 V 110 modulation not currently implemented isdn64 9 ISDN 64 modulation isdn56 10 ISDN 56 modulation not curre...

Page 133: ...odem speed renegotiate Remote Initiated Retrains doactRemoteRetrains The number of times the remote modem has initiated a modem carrier retrain An example section of dialout 1 Display the Dial Out mai...

Page 134: ...8 Dial Out Model 3120 RAS Administrators Reference Guide 134 An example section of dialout...

Page 135: ...ion 136 Callback diCallbackConfig 136 Dial in Main Window 137 State diactState 137 Static User Authentication 138 Callback Configuration suCallbackConfig 138 Callback phone number suCallbackNumber 138...

Page 136: ...script based callback are not supported Microsoft Windows uses CBCP Callback is supported on PRI and robbed bit lines it is not supported on E1 R2 lines Dial in Modify Configuration Both the dial in d...

Page 137: ...ing place authenticating 4 leave as is tcpEstablish 5 telnet or raw TCP based connection is being established online 6 leave as is disconnecting 7 call is currently disconnecting cleaningup 8 call is...

Page 138: ...be specified callbackToCallingNum 3 call back to the calling phone number This is only available with ISDN PRI lines Callback phone number suCallbackNumber When the callback type is set to alwaysCall...

Page 139: ...he start and stop packets will have service type set to framed with no Call back Number attribute Dialout When callback is being used and the user is being called back the outbound call will be shown...

Page 140: ...9 Callback Access Server Administrators Reference Guide 140 Dialout...

Page 141: ...dractIndex 142 Originating Link dractLinkIndex 143 Originating Channel dractChannel 143 Passed to Link dractPassLinkIndex 143 Passed to Channel dractPassChannel 143 Number Dialed dractNumberDialed 14...

Page 142: ...tains channel information for each unique session ID If there are no drop and insert connections to the access server this screen will be blank Session Timeout drSessionTimeout This is the maximum tim...

Page 143: ...ing Time dractRemainingSession The amount of time remaining in this session State dractState Indicates current call progress setup 1 Idle state waiting for call to be attached alerting 2 Channel is be...

Page 144: ...B8ZS WAN A can have the following types of line signalling EMWinkStart GroundStart LoopStart EMImmediate WAN B and x on PBX must be configured identically WAN B can have the following types of line si...

Page 145: ...ful Connects dspTotalSuccessfulConnects 150 Failed Connect PreV8 dspTotalFailedConnectPreV8 150 Failed Connect PostV8 dspTotalFailedConnectPostV8 151 Remote Retrains dspTotalRemoteRetrains 151 Remote...

Page 146: ...155 Instance Second State dspStateSecond 155 Instance Second Used By dspUseSecond 155 Call Statistics 155 Originating Calls dspOriginatingCalls 155 Answering Calls dspAnsweringCalls 155 Successful Co...

Page 147: ...onfiguration Menu to display the DSP Settings main window The DSP main window see figure 60 displays the current state of the DSPs see DSP Settings main win dow Clicking on the Connection Summary link...

Page 148: ...leSecondOnly 18 Marks the first instance of the DSP available ForceDerail 19 This is for use by the engineers and technical support for testing purposes only Do not use Instance 1 State dspStatefirst...

Page 149: ...buffers Each buffer contains the program and data memory associated with a call on the DSP The buffer content is saved when the memory capture is triggered Do not turn on unless requested by technical...

Page 150: ...ries This part of the window shows DSP statistics as a whole Originating Calls dspTotalOriginatingCalls The number of calls the DSP initiates for outbound calls Answering Calls dspTotalAnsweringCalls...

Page 151: ...local DSP has requested a renegotiation to be done Suspect A Transitions into suspect state dspTotalWentSuspect The number of times an instance went into the suspect state An instance will go into th...

Page 152: ...ted on Clicking on the DSP Index link displays detailed informa tion about the DSP see section DSP information window on page 154 Connects Good dspSuccessfulConnects The number of calls that successfu...

Page 153: ...ect The number of times an instance on this DSP went into the suspect state An instance will go into the suspect state when it fails to complete several calls to succession Suspect B dspTotalSavedFrom...

Page 154: ...tor this state may be different than its actual state pendingReboot 1 This will put the individual DSP into the pendingBoot reset state any calls on the DSP will be immediately disconnected and the DS...

Page 155: ...call But we have seen a number of consecutive failures so it will not be used until no other available instances can be found A successful call will place this instance back into the available state...

Page 156: ...a retrain to be done Local Renegotiates dspLocalRenegotiates The number of times the local DSP has requested a renegotiation to be done Page Requests dspPageRequests This is the number of page request...

Page 157: ...que boxEtherBTechnique 161 Ethernet A Modify Window 162 State boxEtherAState 162 PrimaryIPAddress boxEtherAPrimaryIpAddress 162 PrimaryIpMask boxEtherAPrimaryIpMask 162 PrimaryIpFilters boxEtherAPrima...

Page 158: ...rors 165 Deferred Transmissions dot3StatsDeferredTransmissions 165 Late Collisions dot3StatsLateCollisions 165 Excessive Collisions dot3StatsExcessiveCollisions 165 Other Errors dot3StatsInternalMacTr...

Page 159: ...plays information about the configuration of each Ethernet interface including IP addresses subnet masks and state of the ethernet link Each Ethernet interface contains the following links Statistics...

Page 160: ...rAPrimaryIpAddress The Primary ethernet IP address PrimaryIpFilters boxEtherAPrimaryIpFilters Filters packets based on the filters assigned to the Primary IP address of the Ethernet port Enter the Fil...

Page 161: ...ication10Duplex 4 Ethernet is 10M full duplex linkIndication100M 5 Ethernet is 100M linkIndication100Duplex 6 Ethernet is 100M full duplex PrimaryIPAddress boxEtherBPrimaryIpAddress The Primary ethern...

Page 162: ...adminOff 2 Ethernet interface has been turned off by setting technique to disable linkIndication10M 3 Ethernet is 10M linkIndication10Duplex 4 Ethernet is 10M full duplex linkIndication100M 5 Ethernet...

Page 163: ...ake effect disable 0 ethernet port is disabled static 1 ethernet port is turned on IP address es and mask s are obtained from data entered under the Ethernet link Ethernet B Modify Window This window...

Page 164: ...boxEtherBSecondaryIpMask The secondary IP ethernet IP subnet mask SecondaryIpFilters boxEtherASecondaryIpFilters Filters packets based on the filters assigned to the Secondary IP address of the Ethern...

Page 165: ...dot3StatsDeferredTransmissions The number of times in which the first transmission attempt is delayed because the medium is busy This num ber does not include frames involved in collisions Late Colli...

Page 166: ...permitted frame size Other Received Errors dot3StatsInternalMacReceiveErrors The number of frames in which reception fails due to an internal MAC sublayer receive error Chip Set ID dot3StatsEtherChipS...

Page 167: ...ion IP 171 Comparison filterIpDestinationAddressCmp 171 Address filterIpDestinationIp 171 Mask filterIpDestinationMask 171 Source Port 171 Comparison filterIpSourcePortCmp 171 Port filterIpSourcePort...

Page 168: ...lters to be defined of which up to 10 can be used on a single user con nection A single filter can be assigned to a user via the Static Users Authentication Multiple filters can be assigned by using t...

Page 169: ...to data packets inbound or outbound from the access server The filter only applies to dial in users users on other interfaces that is Ethernet Frame Relay and so on are not affected The following opt...

Page 170: ...filters take priority therefore any applied and matching block filters will drop the packet Next pass filters are examined if PASS fil ters have been defined then at least one of them must match or e...

Page 171: ...e the effect of dis abling destination IP address comparison Source Port Applies the filter action based on the stated comparison to the source port number TCP or UDP Comparison filterIpSourcePortCmp...

Page 172: ...0 disables process ing based on protocol number TCP Established filterIpTcpEstablished Specifies whether the filter should match only those packets which indicate in the TCP header flags that the con...

Page 173: ...cation and only the specified filter s is are used The following options are available no 0 applyToDialout 1 An example of using a filter All customers are limited to the local mail server mail intern...

Page 174: ...kets Default for dial in apply to Dial in ID 3 Name DNS Direction inbound Action pass Source IP and mask not set Destination IP 192 10 10 1 mask 255 255 255 255 Source Port no compare Destination Port...

Page 175: ...rence Guide 13 Filter IP Action pass Source IP and mask not set Destination IP and mask not set Source Port no compare Destination Port no compare Protocol 1 TCP Established anyPackets Default for dia...

Page 176: ...13 Filter IP Model 3120 RAS Administrators Reference Guide 176 An example of using a filter...

Page 177: ...atus Change Trap frTrapState 181 DLMI Window 181 Signalling frDlcmiState 182 Data Link Protocol frDlcmiAddress 182 DLCI Length frDlcmiAddressLen 182 Polling Interval T391 frDlcmiPollingInterval 182 Fu...

Page 178: ...14 Frame Relay Model 3120 RAS Administrators Reference Guide 178 Congestion frameEnableCongestion 184...

Page 179: ...nction as a network to network interface NNI switch or as a User to Network Interface UNI Most applications will be as an UNI A Frame Relay network consists of endpoints the access server frame relay...

Page 180: ...I Link Status If the management DLCI either DLCI 0 or 1023 is established then the sta tus will be UP If the management channel has not been established the status will indicate DOWN HDLC Statistics o...

Page 181: ...be sent out on the line LINK Resets framerelResets Number of times the link management LMI was reset Produce Status Change Trap frTrapState This feature is not currently implemented DLMI Window Each...

Page 182: ...subsequent Status Enquiry messages An Error Count is logged if no response from the previous Status Enquiry message was received during the T391 interval The default value is 10 Full Enquiry Interval...

Page 183: ...ues STATUS ENQUIRY messages and waits for a STATUS reply from the User Polling Verification T392 frDlcmiPollingVerification Polling Verification pertains only to the Network LMI side It is the amount...

Page 184: ...passing data This is the desired condition of the link invalid 3 The link is down and not passing data Reasons for this may be your service provider hasn t enabled your service or the link is not yet...

Page 185: ...atus ifOperStatus 189 Last Change ifLastChange 189 Received Octets ifInOctets 189 Received Unicast Packets ifUcastPkts 189 Received Non Unicast Packets ifNUcastPkts 189 Received and Discarded w No Err...

Page 186: ...ation of the Interfaces group is mandatory for all systems Figure 75 Interfaces main window Click on Interfaces under the Configuration Menu to monitor interfaces statistics Interfaces main window Thi...

Page 187: ...oopback 24 slip 28 frame relay 32 Admin Stat ifAdminStatus The desired state of the interface up 1 The selected interface is ready to pass frames down 2 The selected interface is not ready to pass fra...

Page 188: ...rfaces table Figure 76 Interface Details window Description ifDescr A textual string containing information about the interface This string should include the name of the manu facturer the product nam...

Page 189: ...rface is not ready to pass frames testing 3 The selected interface is being tested No operational frames may be passed in this mode Operational Status ifOperStatus The current operational state of the...

Page 190: ...interface including framing characters Requested Unicast Packets ifOutUcastPkts The total number of packets that higher level protocols requested be transmitted to a subnetwork unicast address includ...

Page 191: ...bled Fragments ipReasmReqds 197 Successfully Reassembled ipReasmOKs 197 Reassembly Failures ipReasmFails 197 Fragmented OK ipFragOKs 197 Fragmented Failed ipFragFails 197 Fragments Created ipFragCreat...

Page 192: ...nreachable IcmpInDestUnreachs IcmpOutDestUnreachs 204 Times Exceeded icmpInTimeExcds icmpOutTimeExcds 204 Parameter Problems icmpInParmProbs icmpOutParmProbs 204 Source Quenchs icmpInSrcQuenchs icmpOu...

Page 193: ...Next Hop ipRouteNextHop 210 Interface ipRouteIfIndex 210 Type ipRouteType 210 Protocol ipRouteProto 211 Info ipRouteInfo 211 IP Routing Destination window 212 Route Destination ipRouteDest 212 Mask ip...

Page 194: ...e 77 IP main window Click on IP under the Configuration Menu to display the IP window IP main window The IP main window contains basic IP configuration parameters and statistics and it has the followi...

Page 195: ...r an agent to return a badValue response if a management station attempts to change this object to an inappropriate value The following conditions can be displayed forwarding 1 acting as a gateway not...

Page 196: ...s The total number of input datagrams successfully delivered to IP user protocols including ICMP Out Requests ipOutRequests The total number of IP datagrams which local IP user protocols including ICM...

Page 197: ...led ipFragFails The number of IP datagrams that have been discarded because they required fragmenting at this entity but were not fragmented because their Don t Fragment option was set Fragments Creat...

Page 198: ...kets to dial in users Default Time To Live ipDefaultTTL The default value inserted into the Time To Live TTL field in the IP header of datagrams originating from this entity whenever a TTL value is no...

Page 199: ...port In entities where the maximum number of connections is dynamic this object should contain the value 1 Active Opens tcpActiveOpens The number of times TCP connections have made a direct transition...

Page 200: ...le the Facility Data Link FDL object in the T1 E1 Link section to read remote TCP port connections To reach this screen click on the Details link from the TCP main window Figure 80 TCP Details window...

Page 201: ...n request from the remote TCP or an acknowledgement of the connection termination request previously sent finWait2 7 Waiting for a connection termination request from the remote TCP closeWait 8 Waitin...

Page 202: ...Others Received with No Delivery udpInErrors The number of received UDP datagrams that could not be delivered for reasons other than the lack of an appli cation at the destination port Sent udpOutDat...

Page 203: ...ssages are displayed in the window as col umns comprising two types of messages Messages received by the access server InMibVariable Messages sent by the access server OutMibVariable The numbers follo...

Page 204: ...a gateway or host finds a problem with one or more of the IP header parameters which prohibits further processing the gateway or host will discard the packet and return an ICMP parameter problem mess...

Page 205: ...dress Mask Requests icmpInAddrMasks icmpOutAddrMasks The number of ICMP address mask request messages received sent this message is generally used for diskless workstations which use this request at b...

Page 206: ...he interface associated with the IP address of this entry For example when the Internet standard all ones broadcast address is used the value will be 1 This value applies to both the subnet and networ...

Page 207: ...an agent constructs the value of the ipRouteMask by determining whether the value of the corresponding ipRouteDest field belongs to a Class A B or C network and then using the appropriate mask from ta...

Page 208: ...first entry 2 Click Add Route Adding a point to point route Do the following 1 Under Destination in the first entry type the IP address of the remote host to which you want make a point to point conn...

Page 209: ...lick Add Route Note If the destination and subnet mask are incompatible or the Gateway address is not entered an error screen will appear Examples of correct and incorrect routes are shown in table 4...

Page 210: ...ination address before being compared to the value in the ipRouteDest field For those systems that do not support arbitrary subnet masks an agent constructs the value of the ipRouteMask by determining...

Page 211: ...tries requires examina tion of the relevant ipRouteType object Protocol ipRouteProto The routing mechanism via which this route was learned Inclusion of values for gateway routing protocols is not int...

Page 212: ...at do not support arbitrary subnet masks an agent constructs the value of the ipRouteMask by determining whether the value of the corresponding ipRouteDest field belongs to a Class A B or C network an...

Page 213: ...considered to be infinite A cost can be given to user entered routes so their preference in rela tion to learned routes can be calculated State RouteState Defines the state which a route may be in du...

Page 214: ...validating the corresponding entry in the ipNetToMediaTable That is it effectively disassociates the interface identified with said entry from the mapping identified with said entry It is an implement...

Page 215: ...ts interRegCallingNumDig 218 First and Middle Response Code interRegCallingNumFirst 218 Last Response Code interRegCallingNumLast 218 Speech Condition Set up interRegGroupBAck 218 MFR Version 2 Modify...

Page 216: ...17 MFR Version 2 Model 3120 RAS Administrators Reference Guide 216 Last Response Code interRegCallingNumLast 224 Speech Condition Set up interRegGroupBAck 225...

Page 217: ...FR Version 2 main window MFR Version 2 main window The MFR Version 2 window displays parameters for networks that use Signalling System R2 The MFR Ver sion 2 window also has the Modify link that you c...

Page 218: ...ins information described in the following sections Called Number Total Digits interRegCalledNumDig The number of digits expected for the called number First and Middle Response Code interRegCalledNum...

Page 219: ...annels in each direction per cir cuit Figure 91 MFR Version 2 Modify window Line Signalling This portion of the MFR Version 2 Modify window contains information described in the following sec tions Se...

Page 220: ...ling objects are country specific Please refer to the host country s PTT for national signalling specifications ituStandard 1 custom 2 mexicoModified 3 czechRepublic 4 pbxDropOut 5 brazil 6 chinaRI 7...

Page 221: ...0010 2 abcd 0011 3 abcd 0100 4 abcd 0101 5 abcd 0110 6 abcd 0111 7 abcd 1000 8 abcd 1001 9 abcd 1010 10 abcd 1011 11 abcd 1100 12 abcd 1101 13 abcd 1110 14 abcd 1111 15 Back Acknowledge lineSigBackAck...

Page 222: ...10 14 abcd 1111 15 Minimum Transition Time lineSigMinTransTime The minimum transition time in milliseconds Minimum Detection Time lineSigMinDetectTime The minimum detect time in milliseconds Protocol...

Page 223: ...gits interRegCalledNumDig The number of digits expected for the called number First and Middle Response Code interRegCalledNumFirst The code specifying what is done after every digit is sent except th...

Page 224: ...e total digits to a large number for example 30 The access server will send the last response code when it sees the a15 tone First and Middle Response Code interRegCallingNumFirst The code specifying...

Page 225: ...inistrators Reference Guide 17 MFR Version 2 a5 5 a6 6 a7 7 a8 8 a9 9 a10 10 a11 11 a12 12 a13 13 a14 14 a15 15 Speech Condition Set up interRegGroupBAck The code sent when acknowledging the Group B d...

Page 226: ...17 MFR Version 2 Model 3120 RAS Administrators Reference Guide 226 MFR Version 2 Modify...

Page 227: ...n 2 Configuration 230 Address rip2IfConfAddress 230 Domain rip2IfConfDomain 230 Authentication Type rip2IfConfAuthType 230 Authentication Key rip2IfConfAuthKey 230 Send rip2IfConfSend 230 Receive rip2...

Page 228: ...er the Address column displays the RIP Version 2 Sta tus window see RIP Version 2 Statistics on page 231 where you can view routing and update informa tion for each subnet address Address Clicking on...

Page 229: ...access server that you want to enable RIP This is not the IP address of the device you want to direct RIP packets to 2 Enter the protocol version to be used for sending RIP packets The following choic...

Page 230: ...ication 1 simplePassword 2 Authentication Key rip2IfConfAuthKey The value to be used as the Authentication Key whenever the corresponding instance of rip2IfConfAuthType has a value other than authenti...

Page 231: ...e originated in this case a default route via another router may be propagated Status rip2IfConfStatus Choosing invalid has the effect of deleting this interface valid 1 invalid 2 RIP Version 2 Statis...

Page 232: ...RIP Version 2 Statistics Sent Updates rip2IfStatSentUpdates The number of triggered RIP updates actually sent on this interface This explicitly does NOT include full updates sent containing new inform...

Page 233: ...Get Next Variables snmpInTotalReqVars 235 Set Variables snmpInTotalSetVars 236 Get Requests snmpInGetRequests 236 Get Next Requests snmpInGetNexts 236 Set Requests snmpInSetRequests 236 Get Responses...

Page 234: ...statistics and has links for downloading and dis playing the following MIB documents Corporate MIB defines overall structure of the RAS MIB Enterprise MIB defines MIB variables applicable to a group...

Page 235: ...which the value of the error status field is tooBig No Such Names snmpInNoSuchNames The total number of SNMP PDUs that were delivered to the SNMP protocol entity and for which the value of the error s...

Page 236: ...number of SNMP Trap PDUs that have been accepted and processed by the SNMP protocol entity Out Out Packets snmpOutPkts The total number of SNMP messages that were passed from the SNMP protocol entity...

Page 237: ...OutGetResponses The total number of SNMP Get Response PDUs that have been generated by the SNMP protocol entity Traps snmpOutTraps The total number of SNMP Trap PDUs that have been generated by the SN...

Page 238: ...19 SNMP Model 3120 RAS Administrators Reference Guide 238 Out...

Page 239: ...MsgBlkTaskWait 242 Total Times Unavailable boxCountMsgBlkUnavailable 242 Operating System Heap Memory 243 Total Size boxHeapSize 243 Free boxHeapFreeSpace 243 Largest boxHeapLargestSpace 243 Enclosure...

Page 240: ...able Payable Features boxFeatureEnableKey 247 Installation 247 Country installCountry 247 Other 247 System Manager sysContact 247 Box Name sysName 247 Physical Location sysLocation 247 System Services...

Page 241: ...TP LAN IP manufacturer and message block information The main window also has the following links Modify click on this link to change SNMP and HTTP LAN IP payable features country of installation and...

Page 242: ...ill be a number whereas the revision printed on the ciruit board will be a letter A display of 0 zero indicates that the circuit board is revision A A display of 1 corresponds to a revision B circuit...

Page 243: ...and Other Operating System Heap Memory This portion of the System main window contains information described in the following sections see figure 97 Total Size boxHeapSize The size of the operating sy...

Page 244: ...y installCountry Specifies the country that the access server is installed in so it can be configured in accordance with local laws Other This portion of the System main window contains information de...

Page 245: ...nly access The following options are available none 0 The monitor user can not log in read only 2 This is the default setting The monitor user can view but not change any parameters Mon itor can not v...

Page 246: ...ow contains information described in the following sections Version boxSnmpVersion This parameter selects the SNMP version number supported by this unit see figure 98 Select snmpv1 1 only SNMP2 is not...

Page 247: ...rver is installed in so it can be configured in accordance with local laws The following options are available other 0 unitedStates 1 australia 2 canada 3 europeanUnion 4 france 5 germany 6 Other This...

Page 248: ...xcept passwords under authentication drop and insert and dial in links writeUserlp 50 The monitor user can change all parameters except passwords under authentication drop and insert dial in and IP li...

Page 249: ...buffercount The number of buffers this size which are currently free for use No Free boxbuffersfree The number of buffers this size which are currently free for use No of Tasks Waited boxCountBufferTa...

Page 250: ...20 System Model 3120 RAS Administrators Reference Guide 250 System Packet Holding Message Blocks...

Page 251: ...232 syslogConsolePriority 254 Min Priority for Flash Storage syslogFlashPriority 254 Min Priority for SNMP Trap Daemon syslogTrapPriority 254 Min Priority for RAM SyslogTablePriority 255 Unix Facility...

Page 252: ...System Log Modify on page 253 Volatile Memory Clicking on this link displays timestamp and stored system log message information System Log Volatile Memory on page 257 Non Volatile Memory Clicking on...

Page 253: ...ority greater than or equal to Min Priority for SysLog Daemon will be sent to this IP address SNMP Trap Daemon IP Address syslogTrapIP The IP address of a host system which is running a SNMP trap daem...

Page 254: ...se will generate the most messages while priorityDisable will turn off all messages priorityVerbose 5 priorityDebug 10 priorityInfo 20 priorityOddity 40 priorityService 60 prioritySystem 80 priorityDi...

Page 255: ...priorityInfo 20 priorityOddity 40 priorityService 60 prioritySystem 80 priorityDisable 1000 Unix Facility syslogUnixFacility This setting is used when syslog messages are sent to a Unix type syslog da...

Page 256: ...ing enable 1 Enable function call tracing dump 2 Display function call tracing on the computer monitor Maintenance This portion of the System Log Modify window contains information described in the fo...

Page 257: ...tem Log Volatile Memory The System Log Volatile Memory window see figure 102 displays timestamp and stored system log message information Figure 102 System Log Volatile Memory window Time slTick The t...

Page 258: ...ch instance DSP recovered from suspect on 0x0000 An instance on this DSP was in the suspect state and was placed back into the Available state because it connected on the last call DSP being rebooted...

Page 259: ...on 267 Line Status Configuration 268 Time Elapsed dsx1TimeElapsed 268 Valid Intervals dsx1ValidIntervals 268 WAN Configuration Modify 269 Line Interface Settings 269 Circuit ID dsx1CircuitIdentifier 2...

Page 260: ...ervalSESs 277 Severely Errored Frame Seconds dsx1IntervalSEFSs 277 Unavailable Seconds dsx1IntervalUASs 277 Controlled Slip Seconds dsx1IntervalCSSs 278 Path Code Violations dsx1IntervalPCVs 278 Line...

Page 261: ...navailable Seconds dsx1FarEndIntervalUASs 282 Controlled Slip Seconds dsx1FarEndIntervalCSSs 282 Path Code Violations dsx1FarEndIntervalPCVs 282 Line Errored Seconds dsx1FarEndIntervalLESs 282 Bursty...

Page 262: ...r to T1 E1 Link Activity main window on page 263 Line Status This variable indicates interface line status If any condition other than No Alarms exists you can click on the Alarms Present link to view...

Page 263: ...information about this page refer to Far End Line Statis tics History on page 281 Far End Line Statistics Totals link clicking on this link takes you to the page that displays the total far end statis...

Page 264: ...ee figure 105 The following failure states are reported in the dsx1LineStatus object The items listed in this section comprise those contained in RFC 1406 Definitions of Managed Objects for the DS1 an...

Page 265: ...ks the Loss Of Signal failure is declared when greater than 10 consecutive zeroes are detected see O 162 Section 3 4 4 Loopback Pseudo Failure The Loopback Pseudo Failure is declared when the near end...

Page 266: ...d LOF a k a Yellow Alarm 4 dsx1XmtFarEndLOF Near end sending LOF Indication 8 dsx1RcvAIS Far end sending AIS 16 dsx1XmtAIS Near end sending AIS 32 dsx1LossOfFrame Near end LOF a k a Red Alarm 64 dsx1L...

Page 267: ...ifi cation Q3 Setup Anchor invalid parameter in the ISDN Setup message according to Q 931 specification Q3 No stream Resource Out of resources for last call Q3 Ie miss mandatory information element mi...

Page 268: ...nfiguration Modify on page 269 Figure 107 WAN Circuit Configuration window Note Use the DAX menu to view clock source for the Model 29XX series access servers The WAN Configuration window also display...

Page 269: ...u to view clock source for the Model 29XX series access servers Line Interface Settings This portion of the WAN Configuration window contains information described in the following sections Circuit ID...

Page 270: ...ero bits dsx1HDB3 3 High Density Bipolar Order 3 It is based on AMI but extends this by inserting violation codes whenever there is a run of 4 or more 0s dsx1ZBTSI 4 May use dsx1ZBTSI or Zero Byte Tim...

Page 271: ...Indicates that the device does not use the FDL Note This is valid for T1 only Signalling Settings This portion of the WAN Circuit Configuration window contains information described in the following s...

Page 272: ...inter The WAN port into which the PRI with the common D channel is plugged into Test Settings This portion of the WAN Circuit Configuration window contains information described in the following secti...

Page 273: ...e of code is being sent across the DS1 interface by the device The values mean dsx1SendNoCode Sending looped or normal data dsx1SendLineCode Sending a request for a line loopback dsx1SendPayloadCode S...

Page 274: ...lIndex This object is the identifier of an entry in the channel table Figure 110 Channel assignment showing dialout desired function Desired Function channelfunction This variable defines how the conn...

Page 275: ...gnal idle 1 Channel not in use active 2 Channel in use frameRelay 3 Channel configured for frame relay clear 4 Intended for robbed bit signaling protocols the access server will not add bits to the si...

Page 276: ...ute interval Controlled Slip Seconds dsx1CurrentCSSs The number of Controlled Slip Seconds encountered by a DS1 interface in the current 15 minute interval Path Code Violations dsx1CurrentPCVs The num...

Page 277: ...recently completed 15 minutes interval assuming that all 96 intervals are valid Errored Seconds dsx1intervaless The number of errored Seconds encountered by a DS1 interface in one of the previous 96 i...

Page 278: ...onds dsx1IntervalBESs The number of bursty errored seconds BESs encountered by a DS1 interface in one of the previous 96 indi vidual 15 minute intervals Degraded Minutes dsx1IntervalDMs The number of...

Page 279: ...of controlled slip seconds encountered by a DS1 interface in the previous 24 hour interval Path Code Violations dsx1TotalPCVs The number of path coding violations encountered by a DS1 interface in th...

Page 280: ...a DS1 interface in the current 15 minute interval Severely Errored Seconds dsx1FarEnd CurrentSESs The number of far end severely errored seconds encountered by a DS1 interface in the current 15 minute...

Page 281: ...of far end degraded minutes DMs encountered by a DS1 interface in the current 15 minute interval Far End Line Statistics History Click on Far End Line Statistics History to display far end statistics...

Page 282: ...ntered by a DS1 interface in one of the previous 96 indi vidual 15 minute intervals Path Code Violations dsx1FarEndIntervalPCVs The number of far end path coding violations encountered by a DS1 interf...

Page 283: ...Errored Frame Seconds dsx1FarEndTotalSEFSs The number of far end severely errored framing seconds encountered by a DS1 interface in the previous 24 hour interval Unavailable Seconds dsx1FarEndTotalUAS...

Page 284: ...rsty Errored Seconds dsx1FarEndTotalBESs The number of far end bursty errored seconds BESs encountered by a DS1 interface in the previous 24 hour interval Degraded Minutes dsx1FarEndTotalDMs The numbe...

Page 285: ...MRU pppDefaultInitialMRU 290 Link Compression pppDefaultLinkCompression 290 Allow Magic Number Negotiation pppDefaultMagicNumber 290 Compression pppDefaultIpCompression 291 PPP Link Window 291 HDLC St...

Page 286: ...k MRRU pppStatLcpRemoteMRRU 294 LCP Authentication pppStatLcpAuth 295 ACC Map pppStatLocalToPeerACCMap 295 Peer Local ACC Map pppStatPeerToLocalACCMap 295 Local Remote PPP Protocol Comprsn pppStatLoca...

Page 287: ...provides PPP connections on the WAN side via E1 or T1 uplinks WAN Circuit CONFIGURATION window In order to configure PPP on a T1 E1 WAN link go to the WAN Configuration page for the WAN circuit you w...

Page 288: ...proceed to configure the PPP parameters PPP Main Window Clicking on the PPP link on the left pane of the screen shows the PPP main window This window shows the status of all PPP links and provides lin...

Page 289: ...Bcp 8 BCP has been negotiated and data can be passed across the link onlineIpcp 9 IPCP has been negotiated and both sides have agreed on IP addresses and data can be passed across the link Ip Address...

Page 290: ...be compared to this username Maximum size is 40 characters Authentication Password pppDefaultAuthenticationPassword This is the password that will be sent to the remote side if the remote machine is...

Page 291: ...ompression negotiated vj tcp 2 van jacobson TCP IP header compression will be negotiated per RFC 1332 PPP Link Window Clicking on the IP address link on the main page will bring up the PPP Link Window...

Page 292: ...g Overflow framerelRxOverflow The number of packets received with overflow indicated by software Aborts framerelRxAbort The number of packets received that were aborted Bad CRCs framerelRxBadCrc The n...

Page 293: ...assword pppAuthenticationPassword This is the password that will be sent to the remote side if the remote machine is authenticating If the local server is authenticating the password that the remote s...

Page 294: ...rols pppStatBadControls The number of packets received on this link with an incorrect control field Packets Too Long pppStatPacketTooLongs The number of packets received that have been discarded becau...

Page 295: ...emote unit This setting becomes active when the link is in the up able to pass packets operational state Local Remote PPP Protocol Comprsn pppStatLocalToRemoteProtComp Indicates whether the local PPP...

Page 296: ...The size in bits of the frame check sequence FCS that the remote node will generate when sending packets to the local node This setting becomes active when the link is in the up able to pass packets o...

Page 297: ...header compression is not in use on the link the value of this object will be 0 The range is from 0 to 255 Data This portion of the User Statistics window describes the amount of PPP data sent and re...

Page 298: ...page 289 for a description of the following options PPP protocol pppDesiredFunction Authentication Technique pppAuthenticationTechnique Authentication Side pppAuthenticationSide Authentication Userna...

Page 299: ...299 Chapter 24 About Chapter contents Introduction 300 Patton Electronics Company contact information 300...

Page 300: ...Company contact information Click on About under the Configuration Menu to display the About main window see figure 123 Figure 123 About window Patton Electronics Company contact information Patton E...

Page 301: ...301 Chapter 25 License Chapter contents Introduction 302 End User License Agreement 302 1 Definitions 302 2 Title 303 3 Term 303 4 Grant of License 303 5 Warranty 303 6 Termination 303...

Page 302: ...below End User License Agreement By opening this package operating the Designated Equipment or downloading the Program s electronically the End User agrees to the following conditions 1 Definitions A...

Page 303: ...kind Patton Electronics Company and its licen sors disclaim all warranties either express or implied including but not limited to the implied warranties of merchantability fitness for a particular pu...

Page 304: ...25 License Model 3120 RAS Administrators Reference Guide 304 End User License Agreement...

Page 305: ...endix A Supported RADIUS Attributes Chapter contents Access Accept Attributes 306 Access Request Attributes 306 Access Challenge Attributes 307 Accounting Start Attributes 307 Accounting Stop Attribut...

Page 306: ...Login IP Host 14 Login Service 15 Login Port 16 Reply Message 18 Callback Number 19 State 24 Class 25 Session Timeout 27 Idle Timeout 28 Termination Action 29 Port Limit 62 Primary DNS Ascend Compati...

Page 307: ...24 Session Timeout 27 Idle Timeout 28 User Name 1 NAS IP Address 4 NAS Port 5 Service Type 6 Framed Protocol 7 Framed IP Address 8 Class 25 Called Station Id 30 Calling Station Id 31 NAS Identifier 32...

Page 308: ...amed IP Address 8 Class 25 Called Station Id 30 Calling Station Id 31 NAS Identifier 32 Account Status Type 40 Account Delay Time 41 Account Input Octets 42 Account Output Octets 43 Account Session Id...

Page 309: ...309 Appendix B MIB trees Chapter contents Model 2960 MIB Tree Structure 310...

Page 310: ...B MIB trees Model 3120 RAS Administrators Reference Guide 310 Model 2960 MIB Tree Structure Model 2960 MIB Tree Structure...

Page 311: ...ter resides 319 Finding the branch where the SNMP parameter resides 319 Configuring Non Facility Associated Signaling NFAS 321 Configuring NFAS 321 Configuring Frame Relay 322 Line Configuration 322 W...

Page 312: ...hat Is RADIUS Remote Authentication Dial In User Service RADIUS is a data communications protocol designed to pro vide security management and statistics collection in remote computing environments es...

Page 313: ...and CHAP are specified within the point to point protocol PPP authentication procedures RFC 1661 To prevent interception by snoopers on the network RADIUS encrypts user passwords for transmission betw...

Page 314: ...Lucent Technologies on recommendation from the Inter net Engineering Task Force IETF The second generation IETF Standards for RADIUS RFC 2138 and RADIUS Accounting RFC 2139 were published in April 19...

Page 315: ...tp www ietf org rfc rfc2866 txt Accounting June 2000 PPP Standard Specification http www faqs org rfcs rfc1331 html Lucent White Paper http portmasters com marketing whitepapers radius_paper html Cisc...

Page 316: ...S to your server s list of known RADIUS clients The following information provides an overview of the necessary steps For detailed operating procedures for your specific RADIUS server please consult t...

Page 317: ...ter the IP address of your RADIUS server Secondary Host Address Enter the IP address of your fallback RADIUS server if you have one Other wise leave blank Host Port Enter the UDP Port number your RADI...

Page 318: ...their level of access to the access server An object identifier which identifies the specific parameter the application wants to view or modify SNMP has two levels of access Read only for which the co...

Page 319: ...ll Patton access server products therefore the parameter is likely to be found in the Enterprise MIB Click on Enterprise MIB and open the file Search for the SNMP name diActive that maps to Active Cal...

Page 320: ...C Technical Reference Model 3120 RAS Administrators Reference Guide 320 Using SNMP with the Access Server Figure 129 MIB tree for Model 3120 access server...

Page 321: ...NFAS NFAS only impacts the configuration of the signaling settings The line interface settings do not change with an NFAS implementation Example 1 The RAS hosts 2 NFAS groups each containing 2 PRIs WA...

Page 322: ...on the access server will establish a point to point link via one or more DLCI s or virtual channels Each DLCI is a pipe with an associated far end IP address You may then modify the access server s r...

Page 323: ...this point the access server s front panel LEDs should now be showing signs that the line is active If the phone company line is not connected to the access server the error indicator will glow red fo...

Page 324: ...ible for maintaining the link This is known as the management link interface or LMI The management protocol link must agree with your service provider In most cases the sig naling setting may be the o...

Page 325: ...our link 1 From the main Frame Relay window see figure 72 on page 179 select DLCI to configure the PVCs Figure 131 DLMI Configuration View window An example Frame Relay connection with the management...

Page 326: ...e IP Routing table The IP address of the PVC will not appear in the IP routing table if the Frame Relay link is down or the DLCI is not configured or inactive Figure 132 IP routing with Frame Relay ex...

Page 327: ...The route will now appear in the routing table To use the frame relay as the default gateway enter the next hop gateway of the frame relay link in the gateway field of the first set of entry items Cli...

Page 328: ...Note This section is optional If you are not going to set up IP address pools refer to section Setting up a DNIS user profile If IP address pools are to be assigned based on DNIS or WAN port configur...

Page 329: ...phone numbers sent by the switch Configuring a leased line dedicated line connection The remote access server can connect to a remote modem for dedicated modem access Configuring the RAS 1 Configure...

Page 330: ...Configuring the remote end using Microsoft Windows 1 After installing the modem driver uncheck Wait for dial tone before dialing under the General tab of the modem properties Figure 137 Modem properti...

Page 331: ...de C Technical Reference Figure 138 Leased Line Properties window General tab 4 Under the Options tab set Redial attempts to a high number 5 Set Time between redial attempts to 3 6 Disable the idle ti...

Reviews:

No comments

Brands by name

Popular brands

Load more brands