manualshive.com logo in svg

Patton CopperLink CL2300, User Manual, Page: 100 / 116

Share
Download
Patton CopperLink CL2300 User Manual Download Page 100

Setting Access Community Information

100

CopperLink CL2300 User Manual 

13

 

• SNMP Configuration

Setting Access Community Information

SNMP uses one or more labels called 

community strings

 to delimit groups of 

objects

 (variables) that can be 

viewed or modified on a CL2300. The SNMP data in such a group is organized in a tree structure called a 
Management Information Base (MIB). A single device may have multiple MIBs connected together into one 
large structure, and various community strings may provide read-only or read-write access to different, possibly 
overlapping portions of the larger data structure. An example of a read-only variable might be a counter show-
ing the total number of octets sent or received through an interface. An example of a read-write variable might 
be the speed of an interface, or the hostname of a CL2300.

Community strings also provide a weak form of access control in earlier versions of SNMP version 1 and 2. 
SNMP version 3 provides much improved access control using strong authentication and should be preferred 
over SNMP version 1 and 2 wherever it is supported. If a community string is defined, then it must be pro-
vided in any basic SNMP query if the requested operation is to be permitted by the CL2300. Community 
strings usually allow read-only or read-write access to the CL2300. In some cases, a given community string 
will be limited to one group of read-only or read-write objects described in an individual MIB. 

In the absence of additional configuration options to constrain access, knowledge of the single community 
string for the CL2300 is all that is required to gain access to all objects, both read-only and read-write, and to 
modify any read-write objects.

Note

Security problems can be caused by unauthorized individuals possessing 
knowledge of read-only community strings so they gain read access to confi-
dential information stored on an affected device. Worse can happen if they 
gain access to read-write community strings that allow unauthorized remote 
configuration of affected devices, possibly without the system administrators 
being aware that changes are being made, resulting in a failure of integrity 
and a possible failure of CL2300 availability. To prevent these situations, 
define community strings that only allow read-only access to the MIB 
objects should be the default.

Choosing community names is like choosing a password. Do not use easily guessed ones; do not use commonly 
known words, mix letters and other characters, and so on. If you do not intend to allow anyone to use SNMP 
write commands on your system, then you probably only need one community name.

This procedure describes how to define your own SNMP community.

Mode:

 Configure

Step

Command

Purpose

1

device

(cfg)#snmp community 

name

 {  ro

  | 

rw }

Configures the SNMP community name with read-only 
or read/write access

Use the no command option to remove a SNMP community setting.

Example:

 Setting access community information

In the following example the SNMP communities for the default community public with read-only access and 
the undisclosed community Not4evEryOne with read/write access are defined. Only these valid communities 
have access to the information from the SNMP agent.

Summary of Contents for CopperLink CL2300

Page 1: ...al Important This is a Class A device and is not intended for use in a residential environment Sales Office 1 301 975 1000 Technical Support 1 301 975 1007 E mail support patton com WWW www patton com...

Page 2: ...be free from defects and will at our option repair or replace the product should it fail within one year from the first date of the shipment This warranty is limited to defects in workmanship or mater...

Page 3: ...texts 29 5 IP Context Overview 35 6 Command Line Interface CLI 43 7 Accessing the CLI 47 8 System Image Handling 59 9 Configuration File Handling 63 10 Basic System Management 74 11 Wizard Interface 8...

Page 4: ...n 21 Contents of package 21 What you will need 21 Installation 22 Connecting the Line Interface 22 Connecting Console Interface 23 Connecting the Ethernet Interface 24 Connecting Power 24 3 Configurat...

Page 5: ...37 Classifier 39 Network Address Port Translation NAPT 39 Routing table Selection 39 Access Control Lists ACL 39 Routing 39 Packet Processing To From Local Applications 40 IP Context Overview Configu...

Page 6: ...8 System Image Handling 59 Introduction 60 System image handling task list 60 Displaying system image information 60 Copying system images from a network server to Flash memory 61 9 Configuration File...

Page 7: ...Line Setup 86 12 IP Routing 89 Introduction 90 Basic Routing 90 Static Routes 90 System Routes 91 Dynamic Routes 92 Show Routes 92 Basic Static Routing Example 92 13 SNMP Configuration 94 Introductio...

Page 8: ...uthorizations RMAs 110 Warranty coverage 110 RMA numbers 111 A Compliance Information 112 Compliance 113 PSTN 113 Radio and TV Interference 113 CE Declaration of Conformity 113 Authorized European Rep...

Page 9: ...d related elements 36 14 Processing order of IP services attached to an IP interface 38 15 Setup for initial configuration via the console port 49 16 Sample configuration file 66 17 Local memory regio...

Page 10: ...10 List of Tables 1 General conventions 14 2 CL2300 LED description 21 3 Details available in the Trap Details window 106...

Page 11: ...nd Line Interface CLI Chapter 7 starting on page 47 provides information on accessing the CLI Chapter 8 starting on page 59 provides information on system image handling for the CL2300 Chapter 9 start...

Page 12: ...n CAUTION The alert symbol and CAUTION heading indicate a potential haz ard Strictly follow the instructions to avoid property damage CAUTION The shock hazard symbol and CAUTION heading indicate a pot...

Page 13: ...g cables are rated for proper voltage current anticipated temperature flammability and mechanical serviceability WAN LAN PSTN ports connections may have hazard ous voltages present regardless of wheth...

Page 14: ...surface and ensure free air circulation Avoid exposing the unit to direct sunlight and other heat sources Protect the unit from moisture vapors and corrosive liquids Typographical Conventions Used in...

Page 15: ...and are separated by vertical bars screen Terminal sessions and information the system displays are in screen font node The leading IP address or nodename of a SmartNode is substituted with node in bo...

Page 16: ...16 Chapter 1 General Information Chapter contents Overview 17 Conceptual Overview 18 Default Configuration 19...

Page 17: ...faults to plug n play mode which enables CopperLink Extenders to pair up automatically at the best rate achievable Should a pair be faulty the CL2300 will automatically adjust the line rate to ensure...

Page 18: ...technician will know how to manipu late the data flow at every level of the Open Systems Interconnection OSI model It will also give you a detailed look at the management and system level of the units...

Page 19: ...h the conceptual view of the CL2300 This configuration is a remote CPE configuration is shown in figure 2 Figure 2 Remote CPE Configuration Traffic flow is as follows Ethernet Eth ports are bound to C...

Page 20: ...nts CopperLink CL2300 Front Panel 21 Planning the Installation 21 Contents of package 21 What you will need 21 Installation 22 Connecting the Line Interface 22 Connecting Console Interface 23 Connecti...

Page 21: ...ce is powered on CPE OFF ON CopperLink WAN is configured as Local CopperLink WAN is configured as Remote CopperLink Pair one LEAD for each port 1 on 3301 2 on 3302 4 on 3304 OFF ON SLOW BLINK FAST BLI...

Page 22: ...ion properly the two CL2300s must be connected together using twisted pair unconditioned dry metal wire between 19 0 9mm and 26 AWG 0 4mm Leased circuits that run through signal equalization equipment...

Page 23: ...s Figure 7 RJ 45 to RJ 11 cable Connecting Console Interface Install the supplied RJ 45 to RJ 45 cable with the DB9 RJ45 adapter between the CL2300 RS 232 port and an open serial port on your computer...

Page 24: ...4 5 6 7 8 Figure 9 CL2300 10 100Base T RJ 45 Connector Pin out Connecting Power The Long Range Ethernet Extender does not have a power switch so it powers up as soon as it is plugged in The power conn...

Page 25: ...he IP address default 192 168 200 10 26 Change the default username 26 Save the Configuration 26 CopperLink LINE Commands 27 Local and Remote 27 Annex Type 27 Line Rate Configuration 27 Modulation Sch...

Page 26: ...he default username admin and no password Change the IP address default 192 168 200 10 Follow the command sequence below node enable node configure node cfg context ip ROUTER node ctx ip router interf...

Page 27: ...manual for rate reach chart to determine your optimal setting if you choose to hard set this value Higher TC PAM rates are ideal for shorter cable runs offering max symmetrical upstream downstream spe...

Page 28: ...line 0 0 use profile name Service Mode Configures the number of pairs wires you want to use The CL2300 will default to the maximum number of wires available on your version of the CopperLink CL2301 2...

Page 29: ...0 Context Switch HW Bridge 30 Switch Mode Groups 30 Switch Mode VLANS 30 Port Configuration 31 Bindings 32 Context Bridge SW Bridge Introduction 32 Bridge Groups 33 CopperLink Line Overview 34 CopperL...

Page 30: ...enhance the performance especially when handling the tagging untagging of VLAN traffic The switch is set by default as layer two unmanaged switch with no VLAN support for passing transparent traffic D...

Page 31: ...Multicast Enable Multicast VLAN Not supported bind VLAN s directly to the interface or port Shutdown Session Create PPPoE session No Disable features or reset to default behavior Permit untagged permi...

Page 32: ...me functions such as isolate manage or dictate the traffic flow of all IP traffic at the MAC layer If you are unable or need a more complex configuration than the Context switch group can perform then...

Page 33: ...CopperLink CL2300 User Manual 4 CL2300 Bridging Contexts Figure 12 Breaking down Trinity IOS concepts Bridge Groups Description Bridge Group Enters or creates a bridge group No Disable features or res...

Page 34: ...ode Local Service mode configuration CopperLink Line Configuration Parameters Description Annex type Configure annex must match peer Bind Interface bridge group Description text information Mode local...

Page 35: ...o From Local Applications 40 IP Context Overview Configuration Task List 40 Planning Your IP Configuration 40 IP Interface Related Information 40 QoS Related Information 41 Configuring Physical Ports...

Page 36: ...services for data and voice The IP context performs much of the same functions as a standalone IP router and since every context is defined by a name the IP context is named ROUTER by default In figu...

Page 37: ...s the IP protocol of a physical port or circuit Applications such as SIP gateways may also be bound to an IP interface A top down binding defines over which IP interface and hence over which physical...

Page 38: ...rLink CL2300 User Manual 5 IP Context Overview Figure 14 shows the journey of a packet through the IP context and the order in which the attached profiles process the packet Figure 14 Processing order...

Page 39: ...selecting a different routing table based on some header fields of the incoming packet You may also use the traffic class tagged before in the Classifier to make a routing table decision For example...

Page 40: ...enerated traffic see chapter 12 IP Rout ing on page 89 for more information IP Context Overview Configuration Task List The following sections describe the basic tasks involved in IP context configura...

Page 41: ...und to them An interface name can be any arbitrary string but for ease of identification use self explanatory upper case names that describe the use of the interface e g LAN WAN Several IP related con...

Page 42: ...tch or if there is no route command in the interface the software uses the DEFAULT routing table Configuring Access Control Lists ACL Packet filtering helps to control packet movement through the netw...

Page 43: ...Introduction 44 Command modes 44 CLI prompt 44 Navigating the CLI 45 Initial mode 45 System changes 45 Configuration 45 Changing Modes 45 Command editing 45 Command help 45 The No Form 45 Command comp...

Page 44: ...e mode The configuration mode group contains all of the remaining modes A command mode is an envi ronment within which a group of related commands is valid All commands are mode specific and certain c...

Page 45: ...on can also be terminated by using the logout command within any mode Command editing Command help To see a list of all CLI commands available within a mode type a question mark or the tab key at the...

Page 46: ...d line Command editing shortcuts are summarized below The syntax Ctrl p means press the p key while holding down the keyboard s control key sometimes labeled Control Ctl or Ctrl depending on the keybo...

Page 47: ...SSH server 50 Disabling the Telnet or SSH server 50 Logging on 50 Selecting a secure password 51 Password encryption 52 Factory preset superuser account 52 Configuring operators administrators and sup...

Page 48: ...mmand and then press the tab key the Trinity shell will present you with either the remaining portion of the command or a list of possible commands These features are described in Chapter 6 Command Li...

Page 49: ...e login screen will be displayed Proceed with logging in Accessing via a secure configuration session over SSH SSH is the most commonly used and recommended method for connecting to a Patton device A...

Page 50: ...SSH server The following command defines an alternate listening port for the telnet or SSH server Mode Configure Step Command Purpose 1 device cfg terminal telnet ssh port port Uses TCP port port for...

Page 51: ...ice The net work administrator should do everything possible to make the network secure Carefully read the questions below and see if any applies to you Do your passwords consist of a pet s name birth...

Page 52: ...reset admin account will delete after reboot You can create more than one superuser account but there has to be at least one superuser account defined If for some reason the last superuser account is...

Page 53: ...rameters Example Create an administrator account The following example shows how to add a new administrator account with a login name super and a matching password Gh3 Ke4h device enable device config...

Page 54: ...dministrator and operator accounts This command is not available for an operator account The following procedure describes how to display account information Mode Administrator execution Step Command...

Page 55: ...on of a command in a list of commands that is a command with index 1 will appear higher in the configuration file than one with index 3 192 168 1 1 pf voip default show running config profile voip def...

Page 56: ...ile voip default codec 1 g723 6k3 rx length 30 tx length 30 codec 2 g711ulaw64k rx length 20 tx length 20 codec 3 g711alaw64k rx length 20 tx length 20 dejitter max delay 200 Note Succeeding indexes a...

Page 57: ...2 g711ulaw64k rx length 20 tx length 20 codec 3 g711alaw64k rx length 20 tx length 20 codec 4 g723 6k3 rx length 30 tx length 30 dejitter max delay 200 Ending a Telnet SSH or console port session Use...

Page 58: ...ommand cli config defaults makes commands also appear in the running config that are set to default values no cli config defaults turns it off Step Command Purpose 1 device enable Enters administratio...

Page 59: ...Chapter 8 System Image Handling Chapter contents Introduction 60 System image handling task list 60 Displaying system image information 60 Copying system images from a network server to Flash memory...

Page 60: ...e following sections Displaying system image information Copying system images from a network server to the Flash memory Copying system configuration files to flash memory Displaying system image info...

Page 61: ...cs Co factory Since most of the voice and data features of the CL2300 are defined and implemented in the application software upgrading to a new release might be neces sary if you want to have additio...

Page 62: ...ds the image file from the TFTP server at address address and starts the system image download process This progress is visualized with a prog ress bar printing dots according to the time elapsed sinc...

Page 63: ...emory 67 Replacing the Startup Configuration with a Configuration from Flash Memory 68 Copying Configurations To and From a Remote Storage Location 69 Replacing the Startup Configuration with a Config...

Page 64: ...your CL2300 You can also create a new configuration file or modify an existing one offline You can copy configuration files from the flash memory to a remote server Transferring configuration files be...

Page 65: ...0 172 19 33 250 interface LAN used for connection to internal network interface lan ipaddress 172 19 33 30 255 255 255 0 mtu 1500 interface WAN used for connection to access network interface wan ipad...

Page 66: ...gura tion is no longer used but still remains in the persistent memory It is possible to switch back to the shipping configuration at any time during the operation of a CL2300 configuration The gettin...

Page 67: ...al Intelligent Access Device Only on Startup to execute the Startup or Shipping Configuration Copy Configuration Files within the persistent Memory Region Figure 17 Local memory regions In most cases...

Page 68: ...ource name config target name Copies the selected source configuration file source name as target configuration file target name into the local memory Example Backing up the startup configuration The...

Page 69: ...artup configuration or a user specific configuration that is stored in the persistent memory region config are often uploaded to the remote data store for backup edit or cloning pur poses The latter p...

Page 70: ...device by overwriting it with the configuration contained in the file new startup located on the TFTP server at IP address 172 16 36 80 1 Download the startup configuration with the copy command into...

Page 71: ...ing the CLI the shell executes the commands as you enter them When you log in using the CLI all commands you enter directly modify the running configuration located in the volatile memory region syste...

Page 72: ...his progress is visualized with a counter counting up from 0 to 100 according to the downloaded amount of the file size If the upload should fail an error message File Transfer Put failed is displayed...

Page 73: ...ice show config Lists the loaded configurations 2 device erase config name Deletes the configuration name from the flash memory Example Deleting a specified configuration The following example shows h...

Page 74: ...ng System Information 76 Setting the System Banner 77 Setting Time and Date 78 Configuring Daylight Savings Time Rules 78 Display Clock Information 79 Display Time Since Last Restart 79 Configuring th...

Page 75: ...ormation are highly recommended To configure basic system parameters perform the tasks described in the following sections Managing feature license keys see page 75 Setting system information see page...

Page 76: ...its output device cfg show licenses VPN vpn License serial number 14343534 Status Active device cfg Setting System Information The system information includes the following parameters Contact Hostname...

Page 77: ...at is no longer than one line This entry corresponds to the Patton Electronics enterprise specific MIB supplier object Mode Configure Step Command Purpose 1 device cfg system contact information Sets...

Page 78: ...ervices These services allow the products to accurately keep track of the current time and date The system clock specifies year month day hour minutes and optionally seconds The time is in 24 hour for...

Page 79: ...pose 1 device show clock Display the local time Example Display clock information The following example shows the commands used to display the time and date settings of your device in local time if yo...

Page 80: ...ce cfg webserver http port 80 device cfg webserver http Restarting the System In case the CL2300 has to be restarted the reload command must be used The reload command includes a two dialog where the...

Page 81: ...ssued on the Telnet console reload Other reset reasons include power off failures and system failures In order to pinpoint the problem the reset log contains the reset cause Mode Administrator executi...

Page 82: ...der into Timestamp and Hostname The whole syslog message Priority Header and Message contains only printable characters and the maximum length is 1024 bytes Mode Configure Step Command Purpose 1 devic...

Page 83: ...83 Chapter 11 Wizard Interface Chapter contents Introduction 84 Browser Notes 84 Connect with Web GUI 84 Management IP Setup 86 Line Setup 86...

Page 84: ...affect your running configura tion until the unit is rebooted Browser Notes Recommended that you use the most recent browser with the latest security updates You may find the XML scripting does not wo...

Page 85: ...s in figure 20 Figure 20 Wizard Homepage Once the wizard icon is selected you will have the options of supported set ups as shown in figure 32 Click on CL2300 Basic Setup Figure 21 Choose Wizard Click...

Page 86: ...optional the gateway is required for remote manage ment DHCP The CL2300 management port will accept an IP address from a DHCP server Both This choice will assign two IP addresses one static and one DH...

Page 87: ...lable on your version of the CopperLink CL2301 2 wire CL2302 4 wire CL2304 8 wire Annex Please consult support before changing this setting Line Rate Configuration This will increase the potential lin...

Page 88: ...view Option When the user chooses the save and reboot option a prompt will ask you to confirm If the configuration is correct select Yes as shown in figure 24 Figure 24 Confirmation Typically the time...

Page 89: ...9 Chapter 12 IP Routing Chapter contents Introduction 90 Basic Routing 90 Static Routes 90 Configuring static routes 90 System Routes 91 Dynamic Routes 92 Show Routes 92 Basic Static Routing Example 9...

Page 90: ...the running config In the output of the show route command they are flagged with an R Another flag U indicates if the route is up or not A static gateway route is becoming active up if the gateway is...

Page 91: ...in the dot format a b c d for IPv4 and in the colon format a b c x for IPv6 default Short form for defining a default IPv4 route It configures network mask size with 0 0 0 0 0 default v6 Short form f...

Page 92: ...n by the system the show route command has to be executed Mode Operator execution Step Command Purpose 1 device show route details Displays route information Default 0 Output Routing Tables Flags C dh...

Page 93: ...2 metric 0 route 10 2 0 0 16 gateway 172 17 100 2 metric 0 Show Route Output Routing Tables Flags C dhCp D Dynamic G use Gateway H target is a host R useR U route is Up S System Routing Table DEFAULT...

Page 94: ...entification of a CL2300 via SNMP 97 SNMP Tools 97 SNMP Configuration Task List 97 Setting Basic System Information 97 Setting Access Community Information 100 Setting Allowed Host Information 101 Spe...

Page 95: ...formation and make this information available to NMSs using SNMP Managed devices sometimes called network elements can be routers and access servers switches and bridges hubs computer hosts or printer...

Page 96: ...and naming objects and events for the purpose of management The first version Structure of Management Information SMIv1 is described in RFC 1155 Structure and Identification of Management Information...

Page 97: ...Setting allowed host information required see page 101 Specifying the default SNMP trap target optional see page 101 Displaying SNMP related information optional see page 102 Setting Basic System Info...

Page 98: ...stem settings The MIB II system group values are accessible for reading and writing via the following SNMP objects iso org dod internet mgmt mib 2 system sysContact iso org dod internet mgmt mib 2 sys...

Page 99: ...e figure 26 for a typical MIB browser application accessing these MIB II system group objects representing the system information device enable device configure device cfg system contact Bill Anybody...

Page 100: ...ions to constrain access knowledge of the single community string for the CL2300 is all that is required to gain access to all objects both read only and read write and to modify any read write object...

Page 101: ...t that with IP address IP address of device can access the MIB using the security name community Use the no command option to remove a SNMP allowed host setting Example Setting allowed host informatio...

Page 102: ...ettings is often necessary to check configuration modifications or when determining the behavior of the SNMP agent This procedure describes how to display information and configuration settings for SN...

Page 103: ...toolbar a left frame and a right frame The operations that can be performed by the MibBrowser are available in a series of buttons in the toolbar on top of the MibBrowser s main window The toolbar ca...

Page 104: ...of the MibBrowser To get to know more about the MibBrowser refer to section Using the MibBrowser on page 103 Figure 28 is a screen shot of the TrapViewer Figure 28 ManageEngine TrapViewer displaying...

Page 105: ...d port and community Once received the traps are listed in the trap table of the TrapViewer By default the trap table has the follow ing four columns Class that defines the severity of the trap Source...

Page 106: ...alue other than 6 then the field shows a value 0 This field can have val ues from 0 to 2147483647 Message This is a text field By default this field will always contain the Varbinds in the Trap PDU Th...

Page 107: ...Note The linkDown trap is not sent if any of the ISDN ports has gone down linkUp TRAP TYPE ENTERPRISE snmp VARIABLES ifIndex DESCRIPTION A linkUp trap signifies that the sending protocol entity recogn...

Page 108: ...logical or physical interfaces change Logical interfaces are interfaces defined in the IP context and CS context Physical interfaces are ports The CL2300 adds an entry to event log for each Interface...

Page 109: ...ntents Introduction 110 Contact information 110 Warranty Service and Returned Merchandise Authorizations RMAs 110 Warranty coverage 110 Out of warranty service 110 Returns for credit 110 Return for cr...

Page 110: ...e ship ment All of our products are backed by a comprehensive warranty program Note If you purchased your equipment from a Patton Electronics reseller ask your reseller how you should proceed with war...

Page 111: ...request on the RMA Request page in the Support section at www patton com By calling 1 301 975 1007 and speaking to a Technical Support Engineer By sending an e mail to returns patton com All returned...

Page 112: ...112 Appendix A Compliance Information Chapter contents Compliance 113 PSTN 113 Radio and TV Interference 113 CE Declaration of Conformity 113 Authorized European Representative 113...

Page 113: ...n which can be determined by disconnecting the unit the user is encouraged to try to correct the interference by one or more of the following measures moving the com puting equipment away from the rec...

Page 114: ...ter contents LAN Connection 115 CopperLink Connection 115 CopperLink Line Rate and CopperLink Distance 115 Line Rate 115 Distance 115 LED Status Indicators 116 Console 116 Power Supply 116 External AC...

Page 115: ...ion 6 RX data input 7 no connection 8 no connection 1 2 3 4 5 6 7 8 CopperLink Connection RJ 45 CopperLink Line Rate and CopperLink Distance Line Rate Up to 60 Mbps asymmetrical Distance Approximately...

Page 116: ...844 feet LED Status Indicators Power Local and Remote Green CopperLink Link Green Ethernet Link Green and Activity Flashing Green Console RJ 45 Power Supply External AC 100 to 240 VAC Power consumpti...

Reviews:

No comments