Patton IPLink 2603 Series User Manual Download

Page: 1 / 120

Models 2603, 2621, and 2635

IPLink Series High Speed Routers

User Guide

Sales Office:

+1 (301) 975-1000

Technical Support:

+1 (301) 975-1007

E-mail:

[email protected]

WWW:

www.patton.com

Document Number:

033261U Rev. A

Part Number:

07M2603

Revised:

July 14, 2003

Start Installation

For Quick

see page 27

Summary of Contents for IPLink 2603 Series

Page 1: ...h Speed Routers User Guide Sales Office 1 301 975 1000 Technical Support 1 301 975 1007 E mail support patton com WWW www patton com Document Number 033261U Rev A Part Number 07M2603 Revised July 14 2003 Start Installation For Quick see page 27 ...

Page 2: ... defects and will at our option repair or replace the product should it fail within one year from the first date of the shipment This warranty is limited to defects in workmanship or materials and does not cover customer damage abuse or unauthorized modification If the product fails to perform as warranted your sole recourse shall be repair or replacement as described above Under no condition shal...

Page 3: ...eral Information 15 IPLink Series High Speed Routers overview 16 General attributes 16 Ethernet 17 Protocol support 17 PPP Support 17 WAN Interfaces 17 Protocol Support 17 Management 18 Security 18 Front Panel Status LEDs and Console Port 19 Console port 20 Rear panel connectors and switches 20 Power connector 20 AC universal power supply 20 48 VDC power supply 21 Ethernet port outlined in green 2...

Page 4: ...eb Interface Configuration 43 CLI Configuration 43 T1 E1 Interface Configuration 44 Configuring the IPLink Series 2603 for T1 Operation 44 Web Configuration 44 CLI configuration 45 Configuring the IPLink Series 2603 for E1 Operation 46 Web Configuration 46 CLI configuration 47 WAN Service Configuration 47 PPP Configuration 48 PPPoH Configuration 48 PPPoH Bridged Remote Site Configuration 48 Centra...

Page 5: ...tings 83 SNMP Daemon Settings window 84 Static Variables 84 Community Table 85 Save SNMP Configuration 85 Misc System Settings window 86 CPU Usage 86 Enabled Status of System Services 87 MAC Filtering of the Bridge Interface 87 8 Monitoring Status 89 Status LEDs 90 9 T1 E1 Diagnostics 91 Introduction 92 Ping 92 Traceroute 92 2603 IPLink s Line Loop 92 D4 Loop CO loop 93 Operating Remote Digital Lo...

Page 6: ...ompliance Standard Requirements 106 Australia Specific 106 Dimensions 106 Power and Power Supply Specifications 106 AC universal power supply 106 48 VDC power supply 107 B Cable Recommendations 109 Ethernet Cable 110 Adapter 110 C Physical Connectors 111 RJ 45 shielded 10 100 Ethernet port 112 RJ 45 non shielded RS 232 console port EIA 561 112 Serial port 113 V 35 DB 25 Female Connector 113 X 21 D...

Page 7: ...7 Models 2603 2621 2635 High Speed Routers User Guide Contents Changing user settings 119 Controlling login access 119 Controlling user access 119 ...

Page 8: ...Contents Models 2603 2621 2635 High Speed Routers User Guide 8 ...

Page 9: ...ted by ACTA On the bottom side of this equipment is a label that contains among other information a product identifier in the format US AAAEQ TXXXX If requested this number must be provided to the telephone company A plug and jack used to connect this equipment to the premises wiring and telephone network must comply with the applicable FCC Part 68 rules and requirements adopted by the ACTA This e...

Page 10: ... met It does not imply that Industry Canada approved the equipment Service All warranty and non warranty repairs must be returned freight prepaid and insured to Patton Electronics All returns must have a Return Materials Authorization number on the outside of the shipping container This number may be obtained from Patton Electronics Technical Services at Tel 1 301 975 1007 Email support patton com...

Page 11: ... and capabilities Chapter 2 contains an overview describing router operation Chapter 3 provides quick start installation procedures Chapter 4 describes configuring the IPLink router Chapter 5 describes configuring security for the router Chapter 6 describes configuring for network address translation NAT Chapter 7 describes configuring SNMP daemon settings Chapter 8 contains definitions for the LE...

Page 12: ...port DTE Model 2635 V 35 DB 25 port DCE DTE when using special V 35 cable Model 2603 T T1 configuration RJ 48C 100 ohm interface Model 2603 K E1 configuration RJ 48C 120 ohm and dual BNC interface 75 ohm The shock hazard symbol and WARNING heading indicate a potential electric shock hazard Strictly follow the warning instructions to avoid injury caused by electric shock The alert symbol and WARNIN...

Page 13: ...m would display them dir Bold Courier font indicates where the operator must type a response or command Table 2 Mouse conventions Convention Meaning Left mouse button This button refers to the primary or leftmost mouse button unless you have changed the default configuration Right mouse button This button refers the secondary or rightmost mouse button unless you have changed the default configurat...

Page 14: ...About this guide Models 2603 2621 2635 High Speed Routers User Guide 14 ...

Page 15: ...ol support 17 PPP Support 17 WAN Interfaces 17 Protocol Support 17 Management 18 Security 18 Front Panel Status LEDs and Console Port 19 Console port 20 Rear panel connectors and switches 20 Power connector 20 AC universal power supply 20 48 VDC power supply 20 Ethernet port outlined in green 21 MDI X 21 Line port outlined in yellow 21 ...

Page 16: ... routers boast easy installa tion offering Console VT 100 Telnet and HTTP SNMP management options The following sections describes the IPLink series features and capabilities General attributes see section General attributes Ethernet see section Ethernet on page 17 Protocol support see section Protocol support on page 17 PPP support see section PPP Support on page 17 Management see section Managem...

Page 17: ...with 8 individual address pools DNS relay with primary and secondary name server selection NAT RFC 3022 with network address port translation NAPT MultiNat with 1 1 Many 1 Many Many mapping Port IP redirection and mapping PPP Support Point to point protocol over HDLC PPPoE RFC 2516 Client for autonomous network connection Eliminates the requirement of installing client software on a local PC and a...

Page 18: ...Fragmentation Management User selectable HDLC or Frame Relay WAN datalink connection Web Based configuration via embedded web server CLI menu for configuration management and diagnostics Local Remote CLI VT 100 or Telnet SNMPv1 RFC 1157 MIB II RFC 1213 Quick Start Setup runs through common options to simplify circuit turn up Logging via SYSLOG and VT 100 console Console port set at 9600 bps 8 N 1 ...

Page 19: ...d Off indi cates that no power is applied T1 E1 Link Green Solid green connected Off disconnected LOS Red On indicates a T1 E1 loss of frame condition It also indicates that no T1 E1 signal is detected TD Green Green indicates a binary 0 condition off indicates a binary 1 or idle condition RD Green Green indicates a binary 0 condition off indicates a binary 1 or idle condition Sync Serial TD Green...

Page 20: ...ers internal or external AC power supply options The internal power supply connects to an AC source via an IEC 320 connector 100 240 VAC 200 mA 50 60 Hz The external power supply connects to an external source providing 5 VDC via a barrel type connector Ethernet Link Green ON indicates an active 10 100 Base T connec tion 100M Green ON connected to a 100BaseT LAN Off connected to a 10BaseT LAN Tx G...

Page 21: ... When in the default out position the Ethernet circuitry takes on a straight through MDI configuration and functions as a transceiver It will connect directly to a hub When in the in position the Ethernet circuitry is configured in cross over MDI X mode so that a straight through cable can connect The IPLink Series router s Ethernet port directly to a PC s NIC card Line port outlined in yellow The...

Page 22: ...1 General Information Models 2603 2621 2635 High Speed Routers User Guide 22 IPLink Series High Speed Routers overview ...

Page 23: ...23 Chapter 2 Product Overview Chapter contents Introduction 24 Applications Overview 25 ...

Page 24: ... architecture is understood Also while configuring The IPLink Series router via a browser using the built in HTTP server is very intuitive an understanding of the architecture is essential when using the command line interface CLI commands The fundamental building blocks comprise a router or bridge interfaces and transports the router and bridge each have interfaces A transport provides the path b...

Page 25: ...use with powerful data routing to make shared Internet connectivity simple and easy With NAT support the IPLink routers offer convenient and economical operation by using a single IP address while the integrated DHCP server automates IP address assignment for connected LAN computers Security is standard with built in firewall and violation alerting features that protect the network from would be i...

Page 26: ...2 Product Overview Models 2603 2621 2635 High Speed Routers User Guide 26 Applications Overview ...

Page 27: ...on the IPLink 2603 s T1 E1 interface port 29 Installing an interface cable on the IPLink 2621 s X 21 interface port 31 Installing an interface cable on the IPLink 2635 s V 35 interface port 33 Installing the AC power cord 34 Installing the Ethernet cable 36 IP address Quick Start modification 36 Web Operation and Configuration 37 PC Configuration 37 Web Browser 37 ...

Page 28: ...rowser in preparation for configuring the modem see Web Operation and Configura tion on page 37 What you will need IPLink Series High Speed Router Ethernet cable with RJ45 plugs on each end included with router DB9 RJ45 adapter included with router RJ45 RJ45 straight through cable for connecting to control port included with router PC computer with HyperTerminal or equivalent VT 100 emulation prog...

Page 29: ...1 WAN interface see figure 4 Located on the back of the IPLink the T1 and E1 interfaces are presented on an RJ 48C connector with selectable line impedances of 100 ohms for T1 and 120 ohms for E1 lines see figure 5 The 2603 K also comes with dual BNC for alternate connection to unbalanced 75 ohm E1 lines see figure 6 on page 30 Figure 4 Rear View of the 2603 T showing location of Ethernet and WAN ...

Page 30: ... 2621 2635 High Speed Routers User Guide 30 Hardware installation Figure 6 Rear view of the 2603 K showing location of Ethernet and WAN connectors The interface cable has been installed go to section Installing the AC power cord on page 34 ...

Page 31: ...ar view of the 2621 showing location of Ethernet and X 21 connectors When the local third party equipment is configured as DTE the Model 3086 X 21 serial port can be config ured as DCE and a regular straight through cable can then be used Do the following to configure the X 21 port as a DCE 1 Open the IPLink s case by inserting a screwdriver into the slots and twist the screwdriver head slightly T...

Page 32: ...ory with the DTE label and arrows pointing towards the X 21 connector DTE configuration To change to DCE configuration lift the daughter board from the connector turn it around so that the DCE label an arrows point to the X 21 connector and place it back on the connector The X 21 port is now configured as a DCE Note When the X 21 port is configured as a DTE the clocking mode for the port must be s...

Page 33: ...IPLink comes with a V 35 cable Use this cable to interconnect the IPLink s V 35 port to a device configured as a DCE Figure 11 Connecting the 2635 to a DCE device The serial port on the IPLink Model 2635 is configured as a DCE it connects directly to a DTE using a stan dard straight through V 35 cable However in many applications the IPLink s V 35 interface will connect to a DCE modem or multiplex...

Page 34: ...uter Do the following Note Do not connect the other end of the power cord to the power outlet at this time 1 If your unit is equipped with an internal power supply go to step 2 Otherwise insert the barrel type con nector end of the AC power cord into the external power supply connector see figure 12 2 Insert the female end of the AC power cord into the internal power supply connector see figure 12...

Page 35: ...outlet 5 Verify that the green Power LED is lit see figure 13 6 Unplug the AC power cord from the IPLink Series router to power down the unit Figure 13 IPLink front panel LEDs and Console port locations Model 2603 shown The IPLink router power supply automatically adjusts to accept an input voltage from 100 to 240 VAC 50 60 Hz Verify that the proper voltage is present before plugging the power cor...

Page 36: ...mands parameters may be seen by entering the command followed by a space and a question mark ethernet The following parameters appear add delete set show list clear IP address Quick Start modification The first parameter to change is the IP address from the default IP address of 192 168 200 10 to your selected IP address Do the following comments are in brackets ip list interfaces enter lists the ...

Page 37: ...router the PC s IP address should be on the same subnet as the router Connect a straight through Ethernet cable between the PC s NIC or PCMCIA Ethernet card and an Ethernet hub or switch Web Browser Do the following 1 Launch a standard web browser such as Netscape Communicator or Internet Explorer IE 2 Enter the IPLink router s IP address into the URL or Address field of the browser The IPLink Ser...

Page 38: ... Start Installation Models 2603 2621 2635 High Speed Routers User Guide 38 Hardware installation Figure 15 Models 2621 or 2635 home page The IPLink Series router menu structure is shown in figure 16 on page 39 ...

Page 39: ...Hardware installation 39 Models 2603 2621 2635 High Speed Routers User Guide 3 Quick Start Installation Figure 16 IPLink Series router menu structure ...

Page 40: ...3 Quick Start Installation Models 2603 2621 2635 High Speed Routers User Guide 40 Hardware installation ...

Page 41: ...I configuration 47 WAN Service Configuration 47 PPP Configuration 48 PPPoH Configuration 48 PPPoH Bridged Remote Site Configuration 48 Central Site Configuration 49 PPPoh Routed 50 Remote site configuration 50 Central Site Configuration 52 Frame Relay Configuration 53 Frame Relay bridged 53 Remote Site Configuration 54 Central site configuration 56 Frame Relay Routed 59 Remote Site Configuration 5...

Page 42: ...e serial interface will determine the source of timing for the serial interface only External rxClkInv txClkInv Inverted The clock invert functions could be used to invert the clocks that are used on the serial interface It is not recommended to set this parameter unless requested by Patton Electronics technical support Normal Speed Any n x 64 kbps speed Speed should be enter ed as the rate i e 51...

Page 43: ...ailable to help configure the system The commands with their responses are shown below Serial Show Shows the current configuration on the serial interface serial show Clock Source internal Intf Speed 512 Tx Sample Point txclk Tx Clk Inv normal Rx Clk Inv normal Serial Help Describes each of the serial commands that are available serial help Serial Interface Help Screen serial show Show the current...

Page 44: ...al Clock or the Transmit clock to sample data options txClk use Transmit Clock extClk use External Clock After the serial port has been configured go to section WAN Service Configuration on page 47 for router bridge and WAN service configuration T1 E1 Interface Configuration The IPLink Series Model 2603 is equipped with a user selectable T1 E1 interface The T1 interface is pre sented via an RJ 48C...

Page 45: ...oncludes the T1 interface configuration via the web browser go to section WAN Service Configura tion on page 47 for instructions on router bridge and WAN service configuration CLI configuration Using terminal or Telnet software log into the Model 2603 enter username superuser and password superuser You can display all E1 T1 configurable options by typing e1t1 and pressing Enter Time Slot Select Fo...

Page 46: ... return and invalid selection message Line Options Choose from Clear Channel E1 Fractional E1 Multi Frame CAS E1 Multi Frame CAS E1 with CRC Consult with your service provider which option is required Line Code Choose from AMI or HDB3 Most E1 applications use HDB3 Line Build Out Select 120 Ohms if the E1 connection is made via the RJ 48C connector select 75 Ohm if the E1 connection is made via the...

Page 47: ...3 At the prompt type e1t1 set codeSel hdb3 then press Enter Line Build Out Select 120 Ohms if the E1 connection is made via the RJ 48C connector select 75 Ohm if the E1 connection is made via the Dual BNC connectors For 120 ohm connections type e1t1 set buildOut 120_Ohm_E1 then press Enter FDL Mode option FDL is aT1 feature therefore for E1 applications select FDL none At the prompt type e1t1 set ...

Page 48: ...router at the Central side review the router s configuration for connection to a remote bridge IPlink series Remote From the command line interface CLI via the RS 232 control port ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Let s change the IP address so it is in the same subnet as both PCs For example to 192 168 100 2 ip set interface ip1 ipaddress 192 168 ...

Page 49: ...terface CLI via the RS 232 control port ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as both PCs For example to 192 168 100 3 ip set interface ip1 ipaddress 192 168 100 3 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the IPLink 2 On the Menu g...

Page 50: ...rface was called ip1 with an IP address of 192 168 1 1 Change it to an IP address which is in the same subnet as the Desktop PC For example to192 168 200 2 The default IP mask is 255 255 255 0 ip set interface ip1 ipaddress 192 168 200 2 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the IPLink 2 Click on Action 3 Select deactivate...

Page 51: ...word blank 1 Click on Configure 2 Go to Configuration Menu Configuration WAN connections Edit for PPPoH Routed service Edit IP Interface Ipaddr enter the WAN IP Address in this example 192 168 164 2 3 Click on Change 4 Configuration Menu Configuration IP Routes Create new Ip V4 Route Create the gateway to the remote router by entering the WAN IP address of the remote router in this example enter 1...

Page 52: ...the RS 232 control port ip list interfaces ip clear routes pppoh clear transports ethernet add transport eth1 ethernet One IP interface was called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as the laptop PC The laptop s IP address is 192 168 172 229 so in this example change the IP address of the IPLink to 192 168 172 3 The default IP mask is 255 255 25...

Page 53: ...e 192 168 164 3 Click on Change 6 Go to Configuration Menu Configuration IP Routes Click on Create new Ip V4 Route 7 Create the gateway to the remote IPLink by entering the WAN IP address of the remote IPLink in this example enter 192 168 164 2 in the Gateway field 8 Click OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 2 already changed in the first part of step 5 Mask 0 0 0...

Page 54: ...n IP address which is in the same subnet as the Desktop PC For example to192 168 200 2 The default IP mask is 255 255 255 0 ip set interface ip1 ipaddress 192 168 200 2 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the IPLink 2 Click on Action 3 Select deactivate for Action 4 Click on the Action button 5 On the Menu go to Configur...

Page 55: ...h In this example it is called Frame Relay bridged 8 DLCI number Consult with your service provider for the DLCI number required 9 Encapsulation Method Defines the FRC1490 encapsulation type that will be used by the channel Choose the encapsulation method best suited for your network needs from the following options Bridged Ethernet Bridged Ethernet with CRC Raw 10 Go to Configuration Menu Configu...

Page 56: ...ill be disabled if set to any other value it will set the fragmentation size used Port Defines the port that should be used to setup the Frame Relay Connection For routed applications the port should be set to frf for bridged applications the port should be set to fr Central site configuration Note If you are using a IPLink at the Central location follow the instruc tions below otherwise refer to ...

Page 57: ...suited for your network needs from the following options Bridged Ethernet Bridged Ethernet with CRC Raw WAN IP address Enter the IP address assigned to the WAN port V 35 X 21 or T1 E1 Enable NAT on this interface In this example leave this option blank 4 Hit the Apply button 5 Go to Configuration Menu Configuration WAN connections Edit for Frame Relay Routed service Edit Frame Relay Channel Ipaddr...

Page 58: ... 192 168 164 3 8 Click on Change 9 Go to Configuration Menu Configuration IP Routes Click on Create new Ip V4 Route Create the gate way to the remote IPLink by entering the WAN IP address of the remote IPLink in this example enter 192 168 164 2 in the Gateway field 10 Click on OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 2 Mask 0 0 0 0 Cost 1 Interface blank Click the Ok b...

Page 59: ... port ip list interfaces One IP interface was called ip1 with an IP address of 192 168 1 1 Change it to an IP address which is in the same subnet as the desktop PC For example to 192 168 100 2 The default IP mask is 255 255 255 0 ip set interface ip1 ipaddress 192 168 100 2 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the IPLink ...

Page 60: ...r for the DLCI number required Encapsulation Method Defines the FRC1490 encapsulation type that will be used by the channel Choose the encapsulation method best suited for your network needs from the following options Bridged Ethernet Bridged Ethernet with CRC Raw WAN IP address Enter the IP address assigned to the WAN port V 35 X 21 or T1 E1 Enable NAT on this interface In this example leave this...

Page 61: ...mple enter 8192 Txmaxpdu Enter the number of transmit side max PDU in this example enter 8192 Channel segment size The channel segment size is used to define fragmentation of the packets based on the Frame Relay Forum IA FRF 12 If this variable is set to 0 then FRF 12 Frame Relay Fragmentation will be disabled if set to any other value it will set the fragmentation size used Port Defines the port ...

Page 62: ... on Configuration Menu Configuration IP Routes Click on Create new Ip V4 Route 4 Create the gateway to the remote IPLink by entering the WAN IP address of the remote IPLink in this example enter 192 168 164 3 in the Gateway field 5 Click OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 3 Mask 0 0 0 0 ...

Page 63: ...ame subnet as the laptop PC The laptop s IP address is 192 168 172 229 so in this example change the IP address of the IPLink to 192 168 172 3 The default IP mask is 255 255 255 0 ip set interface ip1 ipaddress 192 168 172 3 255 255 255 0 6 Now you can bring up the web page management system on your browser by entering the IP address of the IPlink 7 On the Menu go to Configuration then to WAN Conn...

Page 64: ...te the gateway to the remote IPLink by entering the WAN IP address of the remote IPLink in this example enter 192 168 164 2 in the Gateway field 15 Click OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 2 already configured in first part of step 5 Mask 0 0 0 0 Cost 1 Interface blank LMI Configuration Frame Relay Local Management Interface The Frame Relay Local Management Inter...

Page 65: ...e connection 617D_Both The ANSI T1 617 protocol will be used The unit will operate as both the Network and User side of the connection MgtState Defines the current state of the DTE side LMI Possible options are as follows Mgt_Port_DOWN Currently the LMI on the DTE side is DOWN Mgt_Port_UP Currently the LMI on the DTE side is UP mgtAutoStart Default Value FALSE The management Auto Start variable al...

Page 66: ...State Mgt_Port_DOWN Full Report Cycle 6 User Max Errors 3 Net Max Errors 3 User Error Window Size 4 Net Error Window Size 4 T391_Value 10 T392_Value 16 Mgt Auto Start false set configuration variable command lmi set variable value variable Any variable from the above list value Value as defined by the variable lmi set managementType 933A_Network Web Configuration Methods The following documentatio...

Page 67: ...gh Speed Routers User Guide 4 Configuring the IPLink Router All LMI configuration variables are contained under the LMI Management window found through the Con figuration LMI Management link The following screen shows the configuration variables available ...

Page 68: ...4 Configuring the IPLink Router Models 2603 2621 2635 High Speed Routers User Guide 68 WAN Service Configuration ...

Page 69: ...ter contents Introduction 70 Configuring the router 70 Configuring the security interfaces 71 Deleting a Firewall Policy 72 Enabling the Firewall 73 Firewall Portfilters 73 Security Triggers 74 Intrusion Detection System IDS 76 ...

Page 70: ... by using security triggers Triggers tell the security mechanism to expect these second ary sessions and how to handle them Rather than allowing a range of port numbers triggers handle the situa tion dynamically opening the secondary sessions only when appropriate The triggers work without needing to understand the application protocol or reading the payload of the packet although this does happen...

Page 71: ...sk both as 0 0 0 0 because this is the gateway default route 5 Click on Create and the route will be entered 6 The default gateway can be verified by clicking on IP Routes under Status in the menu Configuring the security interfaces The interfaces and routes have been configured on the IPLink Router which will function as the firewall The Ethernet side of the IPLink router will be configured to be...

Page 72: ...ed etoi is added between the external and internal interfaces 1 Under Policies Triggers and Intrusion Devices on the Security page click on Firewall Policy Configuration 2 In the Current Firewall Policies page click on New Policy 3 Select the parameters so the policy applies between interface of types external internal Also Validators will block traffic This blocks all hosts 4 Click on Apply Delet...

Page 73: ... State The network is now secure All the interfaces which have been defined are protected and all traffic is blocked between different the different interface types That is all traffic is blocked between the external and internal interfaces The next section describes how to configure the Firewall for allowing certain types of data transfer to occur between the PC s on different networks Firewall P...

Page 74: ...ty Triggers Security triggers are used to allow an application to open a secondary port in order to transport data The most common example is FTP This procedure is to set up a trigger on the Firewall to have an FTP session from PC A to PC B but not the reverse 1 First create an outbound only portfilter for FTP and add it to the item0 policy 2 Following the path given in step 1 for the ping portfil...

Page 75: ...l add a trigger which will open a secondary channel only when data is being passed This prevents the need to open too many ports which offer a security risk 1 From the Configuration Menu Configuration Security Firewall Trigger Configuration New Trig ger 2 Set the parameters as follows Transport Type tcp Port Number Start 21 Port Number End 21 Allow Multiple Hosts Block Max Activity Interval 3000 E...

Page 76: ...bled Enables Victim Protection Victim Protection protects the victim from an attempted spoofing attack Web spoofing allows an attacker to create a shadow copy of the world wide web WWW All access to the shadow Web goes through the attacker s machine so the attacker can monitor all of the victim s activities and send false data to or from the victim s machine When enabled packets destined for the v...

Page 77: ...unreachable addresses and keeps resending them This creates a backlog queue of unacknowledged SYN ACK packets Once the queue is full the system will ignore all incoming SYN request and no legitimate TCP connections can be established Once the maximum number of unfinished TCP handshaking sessions is reached an attempted DOS attack is detected The firewall blocks the suspected attacker for the time ...

Page 78: ...5 Security Models 2603 2621 2635 High Speed Routers User Guide 78 Intrusion Detection System IDS ...

Page 79: ...79 Chapter 6 NAT Network Address Translation Chapter contents Introduction 80 Enabling NAT 80 Global address pool and reserved map 81 ...

Page 80: ...an also be used so that different inside hosts can share a global address by mapping different ports to different hosts For example Host A is an FTP server and Host B is a web server By mapping the FTP port to Host A and the HTTP port to Host B both insides hosts can share the same global address Setting the protocol number to 255 0xFF means that the mapping will apply to all protocols Setting the...

Page 81: ...Pool The global IP addresses need to be created and put into the Global Address Pool 3 Set the parameters to the following values Interface Type internal Use Subnet Configuration Use IP Address Range IP Address 100 100 100 101 Subnet Mask IP Address 2 100 100 100 102 Click on Add Global Address Pool 4 Next create a reserved mapping between a global IP address from the global pool and an internal P...

Page 82: ...r Guide 82 Introduction 6 Set the parameters to the following values Global IP Address 100 100 100 101 Internal IP address 10 1 1 2 Transport Type all Port Number 65535 This port number means all port numbers for TCP or UDP protocols will be mapped 7 Click on Add Reserved Mapping ...

Page 83: ...Chapter contents SNMP Daemon Settings window 84 Static Variables 84 Community Table 85 Save SNMP Configuration 85 Misc System Settings window 86 CPU Usage 86 Enabled Status of System Services 87 MAC Filtering of the Bridge Interface 87 ...

Page 84: ...ny changes made in the file will be reflected on the Daemon Settings pages Static Variables These static variables can be retrieved with an SNMP request and provide details about this specific unit These variables are modified as a group Variable Definition System Description Description of this unit System Object ID The root object ID of the system System Location Physical location of unit System...

Page 85: ...snmpd cnf The system configuration must still be saved for the changes to persist after reset Note The changes made to these settings will take effect immediately how ever they will not be persistent after a reboot unless saved Variable Definition Index This is a unique ID field given by our system used when editing from the CLI Password The community string needed to access the box Management IP ...

Page 86: ...this threshold is exceeded a flag reporting this is set The overflow flag can be checked with a self clearing SNMP variable cpuUsageOverThresholdPP 1 3 6 1 4 1 1768 1 5 and cpuUsageOverThresholdNP 1 3 6 1 4 1 1768 1 6 Note Settings will take effect immediately System must be saved to persist over reboot Variable Definition Current PP CPU Usage The current usage of the PP Processor PP Error Thresho...

Page 87: ...affic from an unknown MAC address is only permitted to access the IP of the unit itself This allows a PC joining the network to communicate with the DHCP server in the unit in order to obtain an IP address Once the PC has received a lease from the DHCP server the MAC address is granted permission to cross the bridge allow ing the user extra control of the traffic through the unit Note Administrati...

Page 88: ... the Bridge Interface To modify these values type the following from the CLI Command Desciption bridge set dhcpFilteredPort This value is provided for future expandability it is not recommended that the user modify this bridge set dhcpMACFiltering Possible values for this are disable and enable ...

Page 89: ...89 Chapter 8 Monitoring Status Chapter contents Status LEDs 90 ...

Page 90: ... condition RD Green Green indicates a binary 0 condition off indicates a binary 1 or idle condition Sync Serial TD Green Green indicates a binary 0 condition off indicates a binary 1 or idle condition RD Green Green indicates a binary 0 condition off indicates a binary 1 or idle condition CTS Green ON indicates the CTS signal from the router is active binary 1 off indicates CTS is binary 0 DTR Gre...

Page 91: ...ceroute 92 2603 IPLink s Line Loop 92 D4 Loop CO loop 93 Operating Remote Digital Loopback RDL 94 BIT Error Rate V 52 Diagnostics 95 T1 E1 connection Status 95 Alarms 96 Transceiver Status 96 FDL statistics T1 only 96 E1 T1 DS0 Monitor 96 Software Upgrades 96 Configuration 97 ...

Page 92: ... is a diagnostic utility that allow users to trace the route that packets traversing across a network con nection between two hosts To use a traceroute use the following command ip traceroute usage traceroute n v m max_ttl q nqueries w waittime ipaddr or hostname n print addresses numerically rather than symbolically v verbose output m max ttl q queries set number of probes per ttl w wait time hos...

Page 93: ... follows 1 Go to the IPLink Main page select E1 T1 Next click on Test Modes select network Loop using the drop down menu click on the Configure and Activate button 2 Perform a BER bit error rate test This test can be initiated from the far end using a BER tester to verify the condition of the T1 E1 line D4 Loop CO loop The IPLink 2603 responds to D4 or CO Central Office loop The CO is a T1 network...

Page 94: ...e returned to the originating device i e data sent by the local 2603 will be returned by the far end device Figure 19 Remote Digital Loop To perform an RDL test follow these steps 1 Go to the IPLink Main page select the E1 T1 option Next click on Test Modes select Remote Loop using the drop down menu and click on the Configure and Activate button to start the test 2 Perform a bit error test BERT S...

Page 95: ...ink 2603 can also initiate a built in QRSS pattern with errors This test pattern generator injects intentional errors approximately once per second in the transmitted stream To perform a V 52 BER test follow these steps 1 From the Main page T1 E1 option select the QRSS option and then click on the Configure and Activate button This will start the internal test pattern generator for data sent and l...

Page 96: ...clude Current and historical near end line statistics E1 T1 DS0 Monitor The DS0 monitor page allows monitoring of a particular timeslot in the E1 T1 stream To enable this feature click on the DSO Monitor link under the E1 T1 menu and select the desired receive and transmit timeslot Software Upgrades Software upgrades are required in two scenarios First for new features Second for standard software...

Page 97: ... to the TFTP server Configuration The Patton products are configured as a TFTP server with the default IP address 192 168 200 10 Procedure 1 Go to Upgrade patton com and download the software upload package The package contains the follow ing files Tftplock key Tftpupdt beg Image Npimage Key Initbun Im conf Tftpupdt rbt Tftpupdt end Script bat 2 Connect the control console port of the unit to a PC...

Page 98: ...9 T1 E1 Diagnostics Models 2603 2621 2635 High Speed Routers User Guide 98 Software Upgrades ...

Page 99: ...ontents Introduction 100 Contact information 100 Warranty Service and Returned Merchandise Authorizations RMAs 100 Warranty coverage 100 Out of warranty service 100 Returns for credit 100 Return for credit policy 101 RMA numbers 101 Shipping instructions 101 ...

Page 100: ...ore ship ment All of our products are backed by a comprehensive warranty program Note If you purchased your equipment from a Patton Electronics reseller ask your reseller how you should proceed with warranty service It is often more convenient for you to work with your local reseller to obtain a replacement Patton services our products no matter how you acquired them Warranty coverage Our products...

Page 101: ...Completing a request on the RMA Request page in the Support section at www patton com By calling 1 301 975 1000 and speaking to a Technical Support Engineer By sending an e mail to returns patton com All returned units must have the RMA number clearly visible on the outside of the shipping container Please use the original packing material that the device came in or pack the unit securely to avoid...

Page 102: ...10 Contacting Patton for assistance Models 2603 2621 2635 High Speed Routers User Guide 102 Warranty Service and Returned Merchandise Authorizations RMAs ...

Page 103: ...104 Sync Serial Interface 104 T1 E1 Interface 104 Protocol Support 105 PPP Support 105 Management 105 Security 106 Compliance Standard Requirements 106 Australia Specific 106 Dimensions 106 Power and Power Supply Specifications 106 AC universal power supply 106 48 VDC power supply 106 ...

Page 104: ...ont panel LEDs indicate Power WAN Ethernet LAN speed and status Field Factory Default Option Standard 1 year warranty Ethernet Auto sensing Full Duplex 10Base T 100Base TX Ethernet Standard RJ 45 and built in MDI X cross over switch IEEE 8021 d transparent learning bridge up to 1 024 addresses and Spanning Tree 8 IP address subnets on Ethernet interface Sync Serial Interface ITU T X 21 or V 35 int...

Page 105: ... with 1 1 mapping NAT Many 1 NAT Many Many mapping NAT Port IP redirection and mapping uPNP controlled device for seamless networked device interconnectivity and Windows XP integration IGMPv2 Proxy support RFC 2236 Frame Relay with Annex A D LMI RFC 1490 MpoFR and FRF 12 Fragmentation PPP Support Point to Point Protocol over HDLC PPPoE RFC 2516 Client for autonomous network connection Eliminates t...

Page 106: ...ystem SNMP HTTP TELNET Logging or SMTP on events POST POST errors PPP DHCP IP Compliance Standard Requirements FCC part 15 Class A US EMC CE per RTTE 99 5 EC EMC LVD FCC Part 68 US Permission to connect CTR 12 and CTR 13 IC CS03 Canadian Permission to connect Safety EN60950 Australia Specific TS016 E1 Telecom AZ NZS 3260 Safety AZ NZS 35 48 EMC Dimensions 1 58H x 4 16W x 3 75D in 10 6H x 4 1W x 8 ...

Page 107: ...A Specifications 48 VDC power supply Rated voltage and current 36 60 VDC 400 mA The DC power supply connects to a DC source via a terminal block Connect the equipment to a 36 60 VDC source that is electri cally isolated from the AC source The 36 60 VDC source is to be reliably connected to earth ...

Page 108: ...A Specifications Models 2603 2621 2635 High Speed Routers User Guide 108 Power and Power Supply Specifications ...

Page 109: ...109 Appendix B Cable Recommendations Chapter contents Ethernet Cable 110 Adapter 110 ...

Page 110: ...gh Speed Routers User Guide 110 Ethernet Cable Ethernet Cable Ethernet cable P N 10 2500 refer to RJ 45 shielded 10 100 Ethernet port on page 112 Adapter EIA 561 to DB 9 P N 16F 561 refer to RJ 45 non shielded RS 232 console port EIA 561 on page 112 ...

Page 111: ...cal Connectors Chapter contents RJ 45 shielded 10 100 Ethernet port 112 RJ 45 non shielded RS 232 console port EIA 561 112 Serial port 113 V 35 DB 25 Female Connector 113 X 21 DB 15 Connector 113 E1 T1 RJ 48C Connector 114 ...

Page 112: ...ded 10 100 Ethernet port Assuming the MDI X switch is in the out position RJ 45 non shielded RS 232 console port EIA 561 Pin No Signal Direction Signal Name 1 Output TX 2 Output TX 3 Input RX 4 5 6 Input RX 7 8 Pin No Signal Direction Signal Name 1 Out DSR 2 Out CD 3 In DTR 4 Signal Ground 5 Out RD 6 In TD 7 Out CTS 8 In RTS ...

Page 113: ...DCE Source 9 RC Receiver Clock B DCE Source 10 CD Carrier Detect B DCE Source 11 XTC External Transmitter Clock B DTE Source 12 TC Transmitter Clock B DTE Source 13 CTS Clear to Send B DCE Source 14 TD Transmit Data A DTE Source 15 TC Transmitter Clock B DCE Source 16 RD Receive Data A DCE Source 17 RC Receiver Clock A DCE Source 18 LL Local LIne Loop 19 RTS Request to Send B DTE Source 20 DTR Dat...

Page 114: ...C Physical Connectors Models 2603 2621 2635 High Speed Routers User Guide 114 Serial port E1 T1 RJ 48C Connector ...

Page 115: ...s Introduction 116 CLI Terminology 116 Local VT 100 emulation 116 Remote Telnet 116 Using the Console 116 Administering user accounts 118 Adding new users 118 Setting user passwords 118 Changing user settings 119 Controlling login access 119 Controlling user access 119 ...

Page 116: ... via an interface Object an object is anything that you can create and manipulate as a single entity for example interfaces transports static routes and NAT rules List Objects are numbered entries in a list For example if you have created more than one ethernet trans port the following command ethernet list transports produces a list of numbered transport objects ID Name Port 1 eth2 ethernet 2 eth...

Page 117: ...lowed by a space and To continue our example Æ ethernet list ports transports Æ ethernet list Then Æ ethernet list transports Æ ethernet list transports enter Ethernet transports ID Name Port 1 eth1 ethernet Æ Another example shows when the user must provide a parameter Æ ip list clear add delete set attach attachbridge detach show interface ping Æ ip interface name The name of the interface In th...

Page 118: ...r username Comment system add login user username Comment The first command creates a user who can access the system via a dialin connection using PPP for example The second command creates a user who can login to the system For example the commands system add user fred user with dialin access system add login joe user with login access creates two new users called fred and joe The accounts are cr...

Page 119: ... Changing user settings To change any of the default settings for a user use the following commands For example to change the set tings for user fred system set user fred access default engineer superuser system set user fred maydialin enabled disabled system set user fred mayconfigure enabled disabled For example to change the security level for fred enter system set user fred access engineer Not...

Page 120: ...D Command Line Interface CLI Operation Models 2603 2621 2635 High Speed Routers User Guide 120 Administering user accounts ...

Search results

Summary of Contents for IPLink 2603 Series

Reviews:

Related manuals for IPLink 2603 Series

Brands by name

Popular brands

Patton IPLink 2603 Series, User Manual

Search results

Summary of Contents for IPLink 2603 Series

Reviews:

Related manuals for IPLink 2603 Series

Brands by name

Popular brands