3Com 3C421600A Скачать руководство пользователя страница 222 | Manualshive

Страница: 222 / 300

background image

220

C

HAPTER

14: H

ANDLING

P

ACKET

F

ILTERS

Call Filters

IP-Call filters are employed to screen outgoing calls for an ondemand user
or a per interface basis. Filtering rules can comb source, destination, and
host addresses, port numbers of TCP and UDP protocols, and Internet
Control Message Protocol (ICMP) messages and protocols.

Generic Filters

Generic filters are set by byte and offset values in a packet. Packets are
filtered by comparing theirs offset value and byte information with the
values you define in the filter. The RAS 1500 accepts or rejects the packet
based on the result.

Creating generic filters can be a complex task. Only experienced users
should use generic filters and strictly in cases where data and advertising
filters cannot provide necessary filtering capabilities.

Creating Filters

The RAS 1500 performs packet filtering based on rules you create. This
section describes how to create packet filters.

Filter File

Components

Filter rules are defined within filter files. Filters are text files stored either
in FLASH memory or on a RADIUS server. You can create and modify filter
using the following:

■

The Windows-based TRAM

■

An off-line text editor

File Descriptor

To be valid, a filter file must always have the following file descriptor on
the first line:

#filter

Eliminate blank space before the descriptor, otherwise an error will occur.

The remainder of the filter file is partitioned into protocol sections. Each
protocol section has a descriptive header preceding filter rules for that
protocol.

«
...
220
221
222
223
224
...
»

Содержание 3C421600A

Страница 1: ...http www 3com com SuperStack II Remote Access System 1500 System Management Guide Release 2 0 Part No 1 024 1797 Rev 2 00 December 1999...

Страница 2: ...ly at private expense Software is delivered as Commercial Computer Software as defined in DFARS 252 227 7014 June 1995 or as a commercial item as defined in FAR 2 101 a and as such is provided with on...

Страница 3: ...18 Shared ISP 19 LAN to LAN 19 Individual Dial Out 19 Comprehensive Security Options 20 Configuration Options 20 Web Configuration Interface 20 Command Line Interface 20 2 USING THE COMMAND LINE INTER...

Страница 4: ...the Primary Access Unit 33 Configuring Expansion Units 34 Reconfiguring the Private IP Network 34 Replacing I O Modules in the Port Expansion Unit 35 Disconnecting Expansion Units 35 Expansion Unit Co...

Страница 5: ...fore You Begin 59 Required Information 59 Optional Information 60 RAS 1500 Configuration 60 Computers on the Network 60 Configuring the RAS 1500 61 Step One Add a System Name 61 Step Two Add an IP Net...

Страница 6: ...figuring Callback Users 79 Calling Line Identification Callback 80 Overview 80 Call Handling 82 Configuring CLID Callback 84 Step One Add a CLID User 84 Step Two Configure the User CLID callback Setti...

Страница 7: ...r Configure the User Routing Parameters 102 Step Five Configure the User PPP Parameters 103 Step Six Configure Phone Numbers 104 Step Seven Configure Authentication 105 Step Eight Save Your Work 105 L...

Страница 8: ...e 130 AT Commands 130 Sending AT Command 130 Obtaining AT Command Help 131 Commonly Used AT Commands 131 Disconnecting with AT Commands 133 Configuring Data Compression Settings 134 Configuring Error...

Страница 9: ...Setting the Originate Call Type 154 11 CONFIGURING THE RAS 1500 ROUTER Reconfiguring Your System 157 Customizing CLI Parameters 157 Discarding and Renaming Files 161 Communicating with Remote and Loca...

Страница 10: ...g NOS Authentication on the RAS 1500 192 Troubleshooting NOS Authentication 195 RADIUS Accounting 195 Configuring RADIUS Accounting 196 Enabling and Disabling RADIUS Accounting 198 13 USING FRAME RELA...

Страница 11: ...c Filters 220 Creating Filters 220 Filter File Components 220 Creating Filter Files 224 Configuring Filters 226 Setting Filter Access 226 Interface Filters 227 User Filters 228 Assigning a Filter to a...

Страница 12: ...ram Protocol Broadcast Forwarding 251 Configuring UDP Broadcast Forwarding 252 Displaying UDP Broadcast Forwarding Parameters 252 16 USING NETWORK ADDRESS TRANSLATION AND PORT ADDRESS TRANSLATION Over...

Страница 13: ...rmation 280 Analog V 34 Model FCC Part 68 Compliance Statement 280 Canadian Installations 280 Physical Dimensions 281 Interfaces 281 Power Requirements 283 C TECHNICAL SUPPORT Online Technical Service...

Страница 14: ......

Страница 15: ...formation Required Reference Command Line Interface basics Using the Command Line Interface Web based Configuration Web based Configuration of the RAS 1500 Configuring NOS or RADIUS security Using Sec...

Страница 16: ...primary dial back number Set user name phone_number number In this example you must supply the user s name for name and phone number for number Commands The word command means you must enter the comm...

Страница 17: ...Module or Port Expansion Module Release Notes SuperStack II Remote Access System 1500 This document provides information about the system software release including new features and bug fixes It also...

Страница 18: ...his guide describes the installation and initial configuration of the RAS 1500 system SuperStack II Remote Access System 1500 System Reference Guide This guide describes how to configure the software...

Страница 19: ...1 OVERVIEW This chapter contains the following information Overview Applications Configuration Options This guide provides the most commonly used command line interface CLI parameters...

Страница 20: ...rimary Access Unit The RAS 1500 maybe be configured with a Router Unit and a Primary Access Unit as follows T1 North America Primary Access Unit with 23 Primary Rate Interface PRI ISDN channels E1 Eur...

Страница 21: ...and a remote LAN Routing occurs when one device dials up another device and logs in as a user There are several types of LAN to LAN connections Manual On demand Timed Continuous The RAS 1500 supports...

Страница 22: ...configuration options Web Configuration Interface Command Line Interface Web Configuration Interface You can configure the RAS 1500 by accessing the RAS 1500 Web Configuration Interface The Web Config...

Страница 23: ...ing information CLI Overview Obtaining Registered IP Addresses Accessing the CLI Using CLI Quick Setup Configuration with the CLI Configuring a Manage User Configuration with the CLI Configuring Expan...

Страница 24: ...sible options Navigating the Command Line Interface In addition to CLI commands required to configure the RAS 1500 the CLI has several additional commands to help make navigation through the CLI easie...

Страница 25: ...nal Use the following steps to access the CLI from the Windows 95 or Windows NT desktop 1 Connect the provided serial cable to the RAS 1500 console port and your computer serial port 2 Click Start the...

Страница 26: ...munications package or your program does not support VT100 emulation use ZTerm UNIX based Computers Kermit minicom and tip are typical terminal emulation programs for UNIX based computers Depending on...

Страница 27: ...additional system information The name you enter serves as the RAS 1500 DNS name and SNMP system name The name is also the name that the RAS 1500 advertises in SAP broadcasts The name must be unique...

Страница 28: ...table range is 8 30 32 if a host The network address is considered invalid if the portion of the station address not covered by the mask is 0 or if the station address plus the mask is 1 all 1s Defini...

Страница 29: ...202 40 metric 1 Check the default route setting with the list ip routes command Step Four Configure IPX To configure the RAS 1500 LAN interface on an IPX network you must Determine the IPX network num...

Страница 30: ...h Interrupt Ah Node address 0000C0488D28 Frame type ETHERNET_802 2 Board name TENBASE_802 2 LAN protocol RPL LAN protocol IPX network 00000684 This is an example of the information returned for one ve...

Страница 31: ...S 1500 LAN port The same physical network segment has a different network number for each frame type used Be sure to enter the network number associated with the chosen frame type Use the following co...

Страница 32: ...error message For instance in the case of three offline servers A B and C the RAS 1500 admits failure only after trying to reach them one after the other three times Use the following command add dns...

Страница 33: ...your generic SNMP software You must set the following SNMP community values name community name address IP address of the Windows SNMP manager access either read only read write or administrator read...

Страница 34: ...nage privileges to establish a secure centrally administered router through the CLI You can configure a remote login user or if you prefer to dial in you can create a manage user locally through the c...

Страница 35: ...Router Unit use the following command set imodem interface rm0 slot1 mod 1 at_command ati12 Configuring Modems in the Port Expansion Unit To configure specific modems on your Port Expansion Unit use...

Страница 36: ...private it may possibly conflict with other private IP networks defined in an office or enterprise If there is a conflict unpredictable problems with routing those private IP addresses through the RA...

Страница 37: ...module if the Port Expansion Unit does not correctly recognize it complete the following steps 1 Disconnect the FireWire cable to the Router Unit 2 Delete the Port Expansion Unit delete pem pem name 3...

Страница 38: ...ands set the destination IP IPX address the gateway used to access the remote destination and a metric value or distance in hops to reach the destination from the RAS 1500 The RAS 1500 also allows you...

Страница 39: ...the remote destination is written in the hexadecimal format xxxxxxxx where addresses ffffffff or fffffffe are invalid The gateway is expressed in the hex format xxxxxxxx xx xx xx xx xx xx where xxxxxx...

Страница 40: ......

Страница 41: ...RAS 1500 by accessing the RAS 1500 Web Configuration Interface The Web Configuration Interface consists of a series of Web pages that are embedded on the RAS 1500 and viewed through a remote Internet...

Страница 42: ...tion NAT and port address translation PAT settings Authentication Remote Authentication Dial In User Service RADIUS and network operating system NOS and accounting settings Login host Simple Network M...

Страница 43: ...an IP address to a device Before you start this procedure confirm the RAS 1500 is connected to the same LAN segment as the workstation on which you are running the IP Wizard 1 Insert the SuperStack I...

Страница 44: ...t as the IP Wizard workstation but do not have an IP address The RAS 1500 MAC address is printed on a sticker on the rear of the unit 4 In the IP Address text box type the IP address in dotted decimal...

Страница 45: ...ater Java script supported and enabled Style sheets supported and enabled Frames supported 800 x 600 resolution on a 15 monitor 2 In the location or address field at the top of the browser type the RA...

Страница 46: ...44 CHAPTER 3 WEB BASED CONFIGURATION OF THE RAS 1500 Figure 3 Web Configuration Interface Initial Screen B C A D E...

Страница 47: ...able 4 Web Configuration Interface Initial Screen Callout Description A Uniform resource locator URL of the RAS 1500 B Available views Each of these views displays a different tree of folders and Web...

Страница 48: ...you are prompted to setup a manager user as shown in Figure 5 Once this is done you may setup the RAS 1500 Figure 5 Setting Manager User Username and Password Configuration Pages Figure 6 shows a con...

Страница 49: ...d Management of the RAS 1500 47 Figure 6 Web Configuration Interface Configuration Page Table 5 Web Management Interface Configuration Page Callout Description A Configuration fields B Navigation butt...

Страница 50: ...field label A new window appears and displays help text for the selected field Page specific help In a configuration page click the Help button at the bottom of the page or in the Help view click the...

Страница 51: ...hat you could access with a modem directly connected to the computer Dialout IP Verses Telnet Network computers communicate with the RAS 1500 over the LAN using either DialOut IP or Telnet A differenc...

Страница 52: ...e name Optional Information The following information is optional Modem group name Modems to include in the modem group Configuring Your System For DialOut IP Software The RAS 1500 includes DialOut IP...

Страница 53: ...em group for example dialout_modems The list of modems is a comma separated list of modem device names It cannot contain spaces Example rm0 slot 1 mod 1 rm0 slot 1 mod 2 The RAS 1500 includes a defaul...

Страница 54: ...t DialOut IP does not support authentication through the RAS 1500 therefore a login prompt must not appear when the network service is first contacted To ensure security is off issue the following com...

Страница 55: ...eadability Use the all modem group only if every modem port on the 1500 is connected to a telephone switch central office or PBX set modem_group all access two_way add network service dialout_service...

Страница 56: ...Select Ports dialog box appears Step 2 Create DialOut IP COM Ports 1 In the Select Ports dialog box select the COM ports you want DialOut IP to create The list does not include COM ports that are in u...

Страница 57: ...CP port number of the RAS 1500 8 Click Start DialOut IP determines the correct settings for the COM port If the process finishes with no errors click Use Settings to configure the selected COM port If...

Страница 58: ......

Страница 59: ...GURING TELNET NETWORK DIAL OUT This chapter contains the following information Overview Before You Begin Configuring the RAS 1500 Configuring Network Computers Dialing Out From a Network Computer Case...

Страница 60: ...he local area network LAN to access modems on the RAS 1500 as though the modems were directly connected to the computers Once connected to a modem a network user can dial out to the Internet electroni...

Страница 61: ...et up This chapter details Telnet network dial out For details about DialOut IP refer to Chapter 4 Configuring DialOut IP Configuring and Using Telnet Network Dial out Complete the following steps to...

Страница 62: ...eout Login banner Login prompt RAS 1500 Configuration Before you begin confirm the following steps are complete as detailed in the Getting Started Guide The RAS 1500 hardware is successfully installed...

Страница 63: ...d in the RAS 1500 command line interface CLI If you need assistance with accessing the CLI refer to the Getting Started Guide You must press Enter to issue a command in the CLI This step is not includ...

Страница 64: ...0 sends a message to alert the user Users can either re submit the request for a modem or select another modem group Configure modem groups by specifying the interfaces that you want to belong to the...

Страница 65: ...em group you create in this step Step Four Add the Dial out Service 1 Add the Telnet dial out service Use the following command add network service service name server_type server type socket socket n...

Страница 66: ...s This parameter is optional For example modem_group telnet_users If you do not enter this command the network service uses the default modem group all which includes all of the modems on the RAS 1500...

Страница 67: ...k dial out service enable network service service_name Example enable network service telnet_lab You cannot change the service name using the set network service command To change the service name you...

Страница 68: ...each of the network computers as noted in Before You Begin on page 59 Table 10 User Parameters Parameter Description username Name of user up to 64 ASCII characters user password Password of the user...

Страница 69: ...ovides a step by step example of configuring the RAS 1500 and network computers for Telnet dial out A user on the network Eddie wants to dial out through the RAS 1500 using Telnet This example assumes...

Страница 70: ...s Use the following command add network service telnet server_type telnetd socket 6666 data service_type dialout modem_group telnet_users 7 Save your work Use the following command save all 8 On the n...

Страница 71: ...contains the following information Overview Before You Begin Configuring the Remote Computer Configuring RAS 1500 Using Callback and Roaming Callback Calling Line Identification Callback Network Callb...

Страница 72: ...connect to the local network via Novell IPX Internet Protocol IP or AppleTalk Using Network Dial In Use network dial in Figure 8 if you want to configure a RAS 1500 to allow dial in users to do the fo...

Страница 73: ...equirements Provide the remote RAS 1500 dial in user with the following Username and password Telephone number to access RAS 1500 Communications Software Provide the remote computers with the correct...

Страница 74: ...PPP parameters for network users 4 Configure additional dial up parameters IP Address Pool Overview RAS 1500 has an option to dynamically assign IP addresses to dial in network users from a pool each...

Страница 75: ...ample set ip pool kurtspool size 24 3 Configure the state of the IP address pool Use the following command set ip pool name public private Example set ip pool kurtspool public 4 Configure the IP addre...

Страница 76: ...ollowing command add user name password password type network login callback dialout manage network_service slip ppp fcp arap fr_1490 Example add user kurt password chicago type network login network_...

Страница 77: ...upported for network users employing this method Use the following command set network user name address_selection assign negotiate specified Example set network user gina address_selection negotiate...

Страница 78: ...mpression algorithm type Use the following command set network user name ppp compression_algorithm ascend auto microsoft none stac Example set network user tom ppp compression_algorithm stac 2 Configu...

Страница 79: ...ptimum compression algorithm Use the following command set network user name ppp reset_mode_co auto every_packet every_error Example set network user tom ppp reset_mode_co auto 7 Configure the ML PPP...

Страница 80: ...to use either the Password Authentication Protocol PAP or Challenge Handshake Authentication Protocol CHAP for PPP connections The default setting is either When a user dials in RAS 1500 first tries...

Страница 81: ...S 1500 call you back at a preconfigured phone number Dynamic callback Dynamic callback or Roaming callback allows your users to dial into your SuperStack II Remote Access 1500 prompts for the callback...

Страница 82: ...dial in user based on the user s Automatic Number Identification ANI Benefits of callback over dial in Cheaper in certain cases Provides lower cost connections when the calling party s tariffs are hig...

Страница 83: ...e RAS 1500 supports only CLID callback for ISDN users not analog users The RAS 1500 supports only CLID callback for local users not Network Operating System NOS and Remote Authentication Dial In User...

Страница 84: ...hes the incoming ANI The RAS 1500 queries the user s record for its type A remote user dials into the RAS 1500 Does the ANI of the incoming call match the CLID of a user The RAS 1500 places a dial out...

Страница 85: ...If the ANI of the incoming call matches the CLID of the user the user is called back If the ANI of the incoming call does not match the CLID of the user the call is rejected Option 2 CLID callback and...

Страница 86: ...se the following command add user name type clid_callback network and or login For example add user schmidt type clid_callback network When issuing the add command for a clid_callback user the type pa...

Страница 87: ...RAS 1500 calls back the remote user The RAS 1500 attempts the alternate number if the primary number is unavailable Use the following command set user name phone_number primary phone number set user...

Страница 88: ...tting to modems or modem groups To set CLID security for a modem You can only configure modems one at a time To configure multiple modems at the same time use modem groups below set switched interface...

Страница 89: ...er fred type manage clid_callback ras1500 set user fred phone_number 384010 modem_group onest ras1500 set user fred callback_delay 5 ras1500 set fac Call Initiation Process log verb ras1500 set switch...

Страница 90: ...umptions This case study assumes the following A Windows 95 Dial Up Networking connection was created and Network settings were configured for the client RAS 1500 uses the correct IP address and netma...

Страница 91: ...etects the authentication method the remote computer is using CHAP or PAP RAS 1500 first attempts CHAP then PAP authentication If the remote computer does not support one of these methods RAS 1500 dro...

Страница 92: ...t IP addresses are not broadcast aggregate IP addresses are broadcast 4 Add idle and session timeouts to limit Bridgett s time on the line set user bridgett idle_timeout 90 session_timeout 1800 5 Save...

Страница 93: ...nformation Overview Before you Begin Configuring LAN to LAN Routing LAN to LAN Routing Case Study Configuring IP on Demand This chapter assumes that all routing devices have been installed and that bo...

Страница 94: ...et arrives at a bridge or a router the device uses tables to determine where the packet belongs A major difference between routing and bridging is the layer at which each works Bridges use hardware ad...

Страница 95: ...1500 connects to another router periodic router updates called RIP messages allow routers to identify which networks are accessible You can configure the RAS 1500 to send and receive these RIP messag...

Страница 96: ...the expansion value you specify the RAS 1500 brings up an additional B channel If on a second sample line usage drops below the decrement value you set the RAS 1500 drops the additional B channel The...

Страница 97: ...ve defined a static route to a given location the RAS 1500 assumes you want to use that route and ignores dynamic routing broadcasts pointing to the same location Static routes remain in the table unt...

Страница 98: ...y to reach a remote network your RAS 1500 is not aware of by manually specifying it Spoofing The RAS 1500 supports spoofing between another RAS 1500 or Total Control products Spoofing is an inexpensiv...

Страница 99: ...tring the challenged system replies with a packet containing both the response value and a username The authenticating host looks up the correct password for the username received and then performs th...

Страница 100: ...ee Configure the user dial_out parameters Step Four Configure the user routing parameters Step Five Configure the user PPP parameters Step Six Configure phone numbers Step Seven Configure authenticati...

Страница 101: ...s for a numbered link is the IP address of the dial up port on the remote device The remote_ip_address for an unnumbered link is the IP address associated with the unnumbered interface on the remote d...

Страница 102: ...upplied by the RAS1500 when it is prompted for a password by a remote router that is authenticating it It should match the password defined on the remote router for that identity When the default rout...

Страница 103: ...sion These settings are only necessary if the connection type is timed set dial_out user username site start_time hh mm ss end_time hh mm ss Example set dial_out user main_office site start_time 13 00...

Страница 104: ...ute is added to the routing table after the user connection is active Until then it is not visible in the routing table add framed_route user username ip_route ip hostname ip network address gateway h...

Страница 105: ...cm 1 Configure basic PPP parameters set network user username ppp compression_algorithm algorithm max_channels maximum number of channels channel_expansion at x percent load on current link channel_de...

Страница 106: ...hannels 2 channel_expansion 60 channel_decrement 20 2 Configure optional PPP parameters set network user username ppp expansion_algorithm linear or constant min_size_compression 0 2047 bytes reset_mod...

Страница 107: ...ial up LAN to LAN connection Example set ppp receive_authentications chap set system transmit_authentication_name main_office Step Eight Save Your Work Save your work save all LAN to LAN Routing Case...

Страница 108: ...C interface rm0 eth 1 2 Add a user add user branch_office password chicago type network dial_out set user branch_office idle_timeout 300 Idle_timeout must be a minimum of 180 3 Configure the user net...

Страница 109: ...ss 192 112 227 1 C interface rm0 eth 1 2 Add a user add user main_office password boston type network dial_out set user main_office idle_timeout 300 3 Configure the user network parameters set network...

Страница 110: ...twork add ip network ipnet 1 address 192 112 226 1 C interface rm0 eth 1 2 Add a user add user branch_office password chicago type network dial_out set user branch_office idle_timeout 300 3 Configure...

Страница 111: ...ipnet 2 address 192 112 227 1 C interface rm0 eth 1 2 Add a user add user main_office password chicago type network dial_out set user main_office idle_timeout 300 3 Configure the user network paramet...

Страница 112: ...enabled no set network user username ip_routing both set user username phone_number phone number set user username alternate_phone_number phone number set system transmit_authentication_name authenti...

Страница 113: ...8 BRIDGING WITH THE RAS 1500 This chapter contains the following information Overview Enabling Bridging Over the LAN Using FCP to Bridge with OfficeConnect Routers...

Страница 114: ...mines where the frame belongs by analyzing address information When to Use Bridging When a frame arrives at a bridge the bridge analyzes the frame for the hardware address Figure 12 shows an example o...

Страница 115: ...ng Over the LAN Use the following steps to enable bridging over the local area network LAN 1 Create a user Use the following command add user name password password type network dial_out Example add u...

Страница 116: ...mber alternate_phone_number second number set network user name ppp channel_decrement percent ppp channel_expansion percent 5 Save your work save all Using FCP to Bridge with OfficeConnect Routers The...

Страница 117: ...P works 1 The RAS 1500 established the LAPB link as a part of the FCP negotiation 2 Both sides of the link exchange Names and MAC addresses negotiate compression STAC and reset the sequence numbers 3...

Страница 118: ...a user with the modem group set user username modem_group 12 b Set the user phone number set user username phone phone number c Set the user alternate phone number set user username alternate phone n...

Страница 119: ...e to send the frame Maybe a dial up link is still available where that can be forwarded If it does not know where to send it it will cycle through the configured dialout bridging users bringing up the...

Страница 120: ......

Страница 121: ...the local network using a login service such as Telnet Rlogin or ClearTCP Before You Begin Before you begin configuring the RAS 1500 as an IP terminal server follow all the configuration steps in the...

Страница 122: ...user to access a login host using a host name you must first configure a DNS server using the add dns server command Example add dns server 7 7 7 7 name boston preference 1 To set up login host table...

Страница 123: ...number specified in their user profile You can setup the user for a specific login service to access a specific login host or you can let the user determine the login service and login host You can a...

Страница 124: ...a phone number at which the user is called back using the following command set user name phone_number number At this point it may be helpful to use the show user command to display the user s defaul...

Страница 125: ...tting Login Host IP Address If login user s host type is specified you must enter the IP address for the host to be connected to Login Service Specifies the default login service See step 1 for detail...

Страница 126: ...e user has set up a terminal emulation session such as the Windows HyperTerminal with a phone number and standard communications parameters The IP network is configured All other settings remain at fa...

Страница 127: ...enter the following command to connect to either host connect quartz or connect granite Jack is connected to the host and prompted for a username password Trying 195 112 133 2 Connected to 195 112 13...

Страница 128: ...gin_service rlogin 2 Add a login host for Jill to access Use the following command add login_host granite address 195 112 133 10 pref 1 3 Configure Jill to specifically access Granite Use the followin...

Страница 129: ...m authentication Jill is up and running on the host When Jill logs out of her host session she exits from the RAS 1500 as well Example Granite logout NO CARRIER Microsoft R Windows 95 C Copyright Micr...

Страница 130: ......

Страница 131: ...Information Working with Modem Memory Configuring Modem Call Control Settings Configuring 56 Kbps Technology Configuring ISDN 3Com recommends using the Web configuration interface to configure the mod...

Страница 132: ...from your management station or computer You are now ready to use the Console Interface to configure the RAS 1500 AT Commands AT commands are used to communicate directly with the ports within the RAS...

Страница 133: ...others used in modem initialization strings Basic AT Dial Commands The basic commands needed to dial using an RAS 1500 are listed in the Table 26 Refer to the Issuing AT commands section earlier in th...

Страница 134: ...codes X3 or higher W AT9W5551234 Wait for an answer After the modem detects at least one ring it waits for five seconds of silence at the other end of the call and then continues executing the Dial st...

Страница 135: ...ls go on hook issue the command below H Example ATH hangs up the modem Action Command Example View stored telephone numbers I5 ATI5 Write the following Dial string s to NVRAM at position n n 0 3 Zn s...

Страница 136: ...d as a default setting V 42 bis versus MNP 5 Data Compression Of the two data compression protocols V 42 bis is considered to be the better of the two in most cases because it dynamically deletes entr...

Страница 137: ...re in Table 30 Table 30 Dictionary Sizes The RAS 1500 uses an 11 bit or 2048 entry dictionary but can reduce its size to accommodate a remote modem that uses a 9 or 10 bit dictionary As the dictionary...

Страница 138: ...peed but without error control and if you are not using an error control protocol for your call you may lose data Error Control The RAS 1500 is set at the factory to M4 causing it to try for an error...

Страница 139: ...receiving device If errors are encountered retransmission activity can cause a steady stream of data from the computer to overflow the buffer Error control is required for data compression and recomm...

Страница 140: ...during the handshaking process allowing for a faster connection The commands used are ATS27 4 and ATS 27 5 See the Table 32 for setting information Table 32 V 42 MNP Negotiation Method The defaults a...

Страница 141: ...allows the modem to distinguish between a momentary lapse due to line quality and a true disconnect by the remote modem If this value is set to 255 the modem does not hang up on loss of carrier It han...

Страница 142: ...em connects to an RAS 1500 it limits the maximum speed of the connection based on the value specified with N If the U argument is zero the connection is limited to the single speed implied by the N ar...

Страница 143: ...the U argument is zero the connection is limited to the single speed implied by the N argument For asymmetrical links N and U are used to constrain the speed of the higher speed direction of the link...

Страница 144: ...imum rate implied by the U value Controlling the Minimum Low speed Direction Low speed direction speed is the send receive baud rate of the slowest end of a connection Use the following S74 settings i...

Страница 145: ...in Table 37 to control the maximum low speed direction speed Table 37 S75 Upper Limit Link Speeds Upper Limit Link Speed Setting Example No upper limit 0 ATS75 0 2400 1 ATS75 1 4800 2 ATS75 2 7200 3...

Страница 146: ...ble 38 lists each command available Table 38 Modem Query Commands ATI8 ATI0 ATI2 and ATI18 are reserved Display Command Product name ATI3 Current modem settings ATI4 Settings stored in the modem s NVR...

Страница 147: ...o data was transferred but the protocol was able to recover Link NAKs Negative acknowledgments one or more blocks Data Compression The type of data compression negotiated for the call V 42 bis or MNP5...

Страница 148: ...ta frame without error LD received The remote modem sent an MNP error control Link Disconnect request DISC The remote modem sent a V 42 Disconnect frame Loop loss disconnect The modem detected a loss...

Страница 149: ...ate Viewing Settings When you issue an AT configuration command the modem stores the command RAM as a current setting Any setting s that you change and do not save to the modem are active until you re...

Страница 150: ...interface rm0 slot1 mod 4 at_ command AT F08W Configuration templates cannot be customized since they are a part of the modem ROM However you may load a template into active memory modify it and save...

Страница 151: ...then save them to Flash with the W command as in the following example AT K3 X3 S10 40 A2 T W Configuring Modem Call Control Settings You can use AT commands to configure how modems operate You can co...

Страница 152: ...tion in seconds that the local modem waits to detect a carrier signal from the remote modem ATS7 n n 0 255 60 Setting Command Parameters Default Idle time before disconnect If set in minutes to greate...

Страница 153: ...n tenths of a second of the EIA specified Multimode Training sequence for V 32 modems which includes 3Com Dual Standard modems set to answer V 32 calls set to B0 The delay gives V 32 modems additional...

Страница 154: ...system The larger the window the more frames that can be transferred without an acknowledgment However the more frames that are transferred without an acknowledgment the more the receiver is required...

Страница 155: ...Every time a call comes in the RAS 1500 goes through a link negotiation process called handshaking with the remote device The way the RAS 1500 handles outgoing and incoming calls depends on the call t...

Страница 156: ...ific type V2 1 6 and the desired connection cannot be made the RAS 1500 does not negotiate for other types of connections Default configuration to V 120 with X 75 turned off Setting the Originate Call...

Страница 157: ...ls Originating Non HDLC Protocols Use the commands in Table 48 to control the originating non HDLC 64 protocols Table 48 Non HDLC 64 Protocols Originating Analog Modem Mode Use the commands in to cont...

Страница 158: ......

Страница 159: ...ing CLI Parameters Local Prompt Use set command if you have more than one SuperStack II Remote Access System RAS 1500 and want to differentiate between them or you just want to customize your prompt f...

Страница 160: ...lobal prompt value is useful if you are running a number of processes and want to differentiate between the global and session prompts Or if you are Telnetting to the system for instance and want to c...

Страница 161: ...M INFO set system name marauder set system contact Henry Stimson set system location 3Com Lab SETTING THE LOCAL COMMAND PROMPT set command prompt RAS 1500 SETTING THE SYSTEM COMMAND HISTORY set comman...

Страница 162: ...t accounting primary_server 157 172 248 54 secondary_server 157 172 248 40 enable accounting enable ip rip enable ip routing enable security_option remote_user_administration dialin or telnet ADDING U...

Страница 163: ...es Dial Disconnect and Hangup Commands You can dial up a remote or local site with the dial command and log in to hosts with the rlogin and telnet commands You can use the hangup and logout commands t...

Страница 164: ...the message as it was configured The options are date current date according to system uptime callid user call number according to system uptime port port occupied by user rm0 mod y hostname user hos...

Страница 165: ...ommand shown below add network service service_name close_active_connections false true data ancillary entry enabled no yes socket socket number server_type cleartcpd dialout snmpd telnetd tftpd Examp...

Страница 166: ...es and forward slashes and auth must be on Default login service_type manage dialout Indicates whether the service is offering modem sharing service or manage service Modem sharing service connects th...

Страница 167: ...it is enabled by default When changing any parameter you must first disable the service then re enable it Example abbr set network service telnet user server_type telnetd data auth off enabled yes se...

Страница 168: ...as sent to RAS 1500 If you want to obtain a file from another network host add that host as a TFTP client and from within the system use Telnet to access that host and use the following command to obt...

Страница 169: ...o and the value of the Telnet escape character Typing status at the telnet prompt will produce something like this Connected to 172 144 122 144 Escape character is Telnet Control Characters Console po...

Страница 170: ...the console port Although messages are sent to the Console port by default you can configure a SYSLOG host to receive messages This would free up the Console since sending messages uses system resour...

Страница 171: ...llege hu com address 133 114 121 15 resolve name hahvahd Remotely add dns server 133 114 121 45 preference 1 name Our DNS server Screen output example Network Name hahvahd college hu com is resolved t...

Страница 172: ...out 1 60 verbose yes no Example ping 199 55 55 55 count 3 verbose yes The command would display the following PING Request 1 Time ms 10 PING Request 2 Time ms 0 PING Request 3 Time ms 0 PING Destinati...

Страница 173: ...ing maximum_rows command sets the maximum number of rows permissible in the Remote Ping Table Setting this parameter to a number smaller than the current number of rows will not cause any row deletion...

Страница 174: ...t Larry Johnson System Name RAS 1500 System Location westboro System Services Internet EndToEnd Applications System Transmit Authentication Name RAS 1500 System Version V1 5 Viewing Interface Status S...

Страница 175: ...use show commands to view the current configuration and its routing activity A few of the show commands used for troubleshooting are covered in this section including show memory show connection setti...

Страница 176: ...erface of current connections Username name of users currently connected Type current type of connections established on modems They include On demand user connection established for on demand purpose...

Страница 177: ...ate of a connection established on the specified interface Start Time start time of a connection established on the specified interface Example CONNECTIONS IfName User Name Type DLL Date Time Start St...

Страница 178: ......

Страница 179: ...e RAS 1500 grants or denies access based on information in the local user table only RADIUS authentication only The RAS 1500 sends a request to the RADIUS server and grants or denies access based on t...

Страница 180: ...configuration RADIUS Authentication Overview Use the RADIUS authentication for centralized authentication services on your network RADIUS authentication is enabled by default The RADIUS authenticatio...

Страница 181: ...f local authentication is enabled 2 The RAS 1500 encrypts the user s password using an encryption key shared by both the RAS 1500 and the RADIUS server and passes the username and encrypted password t...

Страница 182: ...cret string primary_server name_or_ip_address secondary_port port_number secondary_secret string secondary_server name_or_ip_address retransmissions number timeout seconds type nos radius Each of the...

Страница 183: ...etransmits an authentication request to both primary and secondary RADIUS servers Use the following command set authentication retransmissions count 7 Set the UDP port to match the UDP port setting on...

Страница 184: ...e of the following commands show authentication settings or show configuration NOS Authentication Overview NOS authentication is an alternative to RADIUS authentication for local and dial in users usi...

Страница 185: ...500 server and indicates to the user that the authentication has failed or passed 5 The RAS 1500 assigns the default user profile to the dial in user Installation Overview For NOS authentication to op...

Страница 186: ...You MUST load the software application on an Novell Server The time on the RAS 1500 and the Novell NetWare server must be within 15 minutes of each other 1 Copy the appropriate security NLM see below...

Страница 187: ...25 tcp mail time 37 udp timeserver name 42 udp nameserver whois 43 tcp nicname domain 53 tcp hostnames 101 tcp hostname sunrpc 111 udp Host specific functions tftp 69 udp finger 79 udp link 87 udp tt...

Страница 188: ...for Bindery sbindery nlm or for Novell Directory Services NDS snds nlm depending upon your NetWare Server version and which service is used load sbindery 3Com where sbindery is NLM name for the RAS 1...

Страница 189: ...y client starts each time the system is rebooted add the above commands in autoexec ncf file For NDS add the command after TCP IP binding IP to an interface and LOAD DSAPI For bindery add the command...

Страница 190: ...3c5x9 slot 5 frame ETHERNET_II name 3c5x9_2 bind ipx to 3c5x9_2 net cc100001 load 3C5X9 slot 5 frame ETHERNET_802 3 NAME 3C5X9_3 bind IPX to 3C5X9_3 net AA330000 load 3c5x9 slot 5 frame ETHERNET_SNAP...

Страница 191: ...ount database with NT User Account Manager This application software is a NT service that processes authentication requests from the RAS 1500 The NT Security Client uses a 3Com proprietary communicati...

Страница 192: ...500 and the Windows NT server must be within 15 minutes of each other If you change the time on a Windows NT Server you must reboot the server for the change to take effect 1 Insert the RAS 1500 Resou...

Страница 193: ...t are encrypted with an Encryption Key The default Encryption Key is 3com The Encryption Key is stored in the NT Registry database in the entry of EncryptionKey under the subkey HKEY_LOCAL_MACHINE sys...

Страница 194: ...hentication server may differ If you want to change the primary_secret refer to the readme file provided with the Security application 3 Configure the secondary NOS authentication server set authentic...

Страница 195: ...GMT offset of the RAS 1500 This setting is between 12 00 and 14 00 inclusive set timezone hh mm See Appendix A GMT Time Zones to find the GMT offset for your location Eastern United States example se...

Страница 196: ...t day_of_week sunday month october time_to_correct 02 00 00 amount_to_correct 01 00 00 Use the following command to enable DST on the RAS 1500 enable dst Setting the Date Use the following command to...

Страница 197: ...dministrator The RAS 1500 sends frames to the RADIUS accounting server that enables RADIUS to perform accounting functions The RADIUS accounting server uses the same basic protocol as the RADIUS authe...

Страница 198: ...r An example is shown after the final step 1 Select the primary RADIUS accounting server Use the following command set accounting primary_server ip_address 2 Optional Select the secondary RADIUS accou...

Страница 199: ...begins accounting either at the point of authentication or the point of connection Use the following command set accounting start_time authentication connection 7 Set the interval in seconds between r...

Страница 200: ...s of RADIUS accounting output The first describes a login user who has just begun a session Thurs Jan 16 22 00 55 1999 Acct Session ID 06000003 User Name cindyg Acct Status Type Start Acct Authentic R...

Страница 201: ...ervice Type Framed User Framed Protocol PPP Framed Address 122 132 124 152 Framed Netmask 255 255 124 0 When the framed user ends the session a record similar to the one below is sent to the accountin...

Страница 202: ......

Страница 203: ...e Relay Configuration Using the Command Line Interface Frame Relay Data Link Configuration Frame Relay PVC Configuration Monitoring and Troubleshooting Case Study The Frame Relay Stack complies with t...

Страница 204: ...lay supports congestion management which attempts to notify endpoints that the network is experiencing congestion and that the volume of traffic should be reduced to stop Frame Relay nodes from discar...

Страница 205: ...LMI provides a polling mechanism that allow switches and routers to request the status of all PVCs on a given interface Supporting Frame Relay The RAS 1500 provides a synchronous serial interface cap...

Страница 206: ...ts the Excess Burst Size Be is reached Any data in excess of Be is discarded All data is discarded until a new Tc begins Abbreviation Term Description Bc Committed Burst Size The number of bits above...

Страница 207: ...24k Bc Max 40k Be 48k Access 64k 56k 32k Bc Tc All Data between Bc and Be is sent with the DE bit set All data in excess of Be is discarded Bc is variable between Bc_Max and Bc_Min depending on conge...

Страница 208: ...uired system level parameters you are ready to begin configuring the RAS 1500 to use Frame Relay There are three basic components to a Frame Relay configuration Frame Relay user Frame Relay data link...

Страница 209: ...the IP address of the remote router WAN port The local_ip_address is the IP address of the local router WAN port 4 Set the user routing options as follows For a command description see Table 54 set n...

Страница 210: ...ing_interval 5 30 The parameters in Table 55 do not usually need modification They are based on the management type configured in Step 2 Table 55 Frame Relay Parameters Parameter Description access_ra...

Страница 211: ...to the associated user profile There is one PVC per user You must create a user for each PVC that you configure Use the following steps to configure the Frame Relay PVC 1 Add the Frame Relay PVC and...

Страница 212: ...burst All data above Bc is marked DE Any data in excess of Be is discarded becn_cmp Backward Explicit Congestion Notification Congestion Monitoring Period The number of seconds in each BECN Monitoring...

Страница 213: ...s show frame_relay pvc pvc name counters List the Status of all Frame Relay PVCs Use the following command to list the status of all Frame Relay PVCs list frame_relay Case Study Goal Use a Frame Relay...

Страница 214: ...ocol ripv1 3 Enable the IP network enable ip network sitea 4 Add a Frame Relay user add user siteb type network network_service fr_1490 enabled no 5 Set the user protocol settings set network user sit...

Страница 215: ...Enable the IP network enable ip network siteb 4 Add a user add user sitea type network network_service fr_1490 enabled no 5 Set the user protocol settings set network user sitea ip enable ipx disable...

Страница 216: ...ol set ip network sitea routing_protocol ripv1 3 Enable the IP network enable ip network sitea 4 Add a Frame Relay user add user siteb type network dialout network_service fr_1490 enabled no 5 Set the...

Страница 217: ...the RAS 1500 steps 1 through 3 are not necessary 1 Add an IP network add ip network siteb interface rm0 eth 1 address 172 17 253 254 b 2 Set the IP network routing protocol set ip network siteb routin...

Страница 218: ...sitea 9 Configure the Frame Relay datalink add datalink frame_relay interface rm0 wan 1 enabled yes 10 Configure a Frame Relay PVC and associate a user with it add frame_relay pvc btoa dlci 102 interf...

Страница 219: ...ed Filtering Overview Filter Types Creating Filters Configuring Filters Managing Filters General Filter Setup Filter Examples This chapter describes how to use a text editor and the command line inter...

Страница 220: ...e following filtering capabilities Input output filtering Packet filters can be used to control inbound or outbound data packets Source destination address filtering A packet filter can accept or deny...

Страница 221: ...ering on source network destination network protocol type source socket destination socket source node and destination node of the IPX packet Advertisement Filters Advertisement filters act on network...

Страница 222: ...d use generic filters and strictly in cases where data and advertising filters cannot provide necessary filtering capabilities Creating Filters The RAS 1500 performs packet filtering based on rules yo...

Страница 223: ...ol Sections Protocol Rules You define protocol rules within each protocol section in the filter file These rules set which packets may and may not access the network The following is the rule syntax l...

Страница 224: ...tination address is yyy the following rules are used IP 010 ACCEPT src addr xxx 020 ACCEPT dst addr yyy Field Description line Each rule must have a unique line number 1 999 You must arrange rules in...

Страница 225: ...increasing order verb This field can be one of the following ACCEPT allow packet access if the condition is met REJECT do not allow packet access if the condition is met AND logically use the AND con...

Страница 226: ...ter Files To create a filter use a text editor on your computer to create or edit a filter file Use the Trivial File Transfer Protocol TFTP to load the file in the RAS 1500 FLASH memory If you TFTP an...

Страница 227: ...ion if different from the default value of PERMIT Example 030 DENY 5 Continue to define protocol rules for each protocol section you want to filter Then check the file to ensure it meets the RAS 1500...

Страница 228: ...ires the original filter files to be deleted using delete filters Reverify and reapply using set interface Use show filter filter name to view your file If you are applying a filter to a RADIUS user u...

Страница 229: ...to determine whether the interface accepts or rejects the packet Interface filters can be applied dynamically without having to disable and re enable each network on that interface If you prefer to c...

Страница 230: ...does not waste time processing a packet that is going to be discarded anyway Most importantly the RAS 1500 does not know which interface an outgoing packet came in through If a potential intruder for...

Страница 231: ...lot1 mod 3 output_filter outfilter fil filter_access off If you want to set slot 4 mod 8 input and output filters at the same time enter the following set interface rm0 slot1 mod 3 input_filter infilt...

Страница 232: ...ollowing command list filters The resulting display might look like the following example Adding Filters to the Managed List The add filter command verifies filter syntax before adding a filter to the...

Страница 233: ...set interface rm0 eth 1 output_filter ENTER Now be sure to reapply the filter with the set interface command Enter the following set interface rm0 eth 1 output_filter filter_name Removing a Filter fro...

Страница 234: ...er you issue the set interface command So remember to remove and reapply the filter to ensure new filter rules apply to all affected interfaces To verify a filter file use the following command verify...

Страница 235: ...t filter is named ras1500 fil 2 If you are configuring a user filter not an interface filter enable filter_access off by default with the following command Filter access should remain off for an inter...

Страница 236: ...to limit permitted access to trusted hosts and networks only to explicitly deny access to hosts and networks that are not trusted or to limit external access to a given host for example a Web server...

Страница 237: ...e unimportant 8 Compare the first byte octet in the IP addresses 16 Compare only the first two bytes of the IP addresses 24 Compare only the first three bytes of the IP Addresses 32 Match the entire I...

Страница 238: ...IP 010 AND tcp dst port 23 020 ACCEPT tcp dst port 40 030 DENY The following rule example accepts only UDP packets that have a destination port number that is in the range of 24 to 39 filter IP 010 AN...

Страница 239: ...111 Sun Remote Procedure Call 113 113 Authentication Service 119 Network News Transfer Protocol 123 123 Network Time Protocol 161 161 Simple Network Management Protocol 162 162 Simple Network Managem...

Страница 240: ...ilter all but the following IPX networks enter the following filter IPX RIP 010 REJECT network 00 00 99 ff 020 REJECT network 99 88 0 45 030 REJECT network 0 8 7 5 To filter an IP route based on a sub...

Страница 241: ...are error messages necessary for the correct operation of TCP IP Table 61 ICMP Message Types If you are concerned about security filter out incoming type 5 messages Sending ICMP redirects is an easy...

Страница 242: ...ork addresses hosts and socket numbers Call filtering occurs after output filters are processed and are used for ondemand calls only For example to allow outgoing calls from the user of IP address 192...

Страница 243: ...of 1 Some routers used on the same network RAS 1500 may be configured to filter out specific traffic In some cases these routers may not apply the filter correctly Should this happen those packets wil...

Страница 244: ...tion as specified in the sender packet IP header Using this command you can discard packets of this type although this is a lower level of security than All Header Options The following commands are a...

Страница 245: ...n form 0Xxxxx Keyword Description Operators Value network network address or xx xx xx xx node node address or xx xx xx xx xx xx server server name or character string max 32 service type service type...

Страница 246: ...65536 src node source node address or 0 255 dst node destination node address or 0 255 src socket source socket number all 1 254 dst socket destination socket number all 1 254 generic field based on...

Страница 247: ...eded basis A user receives IP information when it is required and returns the IP information when finished with it This is useful when IP addresses are limited or used temporarily DHCP allows centrali...

Страница 248: ...DHCP server in behalf of the DHCP dial in clients The DHCP server receives and processes the request and sends the IP information back to the dial in server via the RAS 1500 Acting as a DHCP relay th...

Страница 249: ...sts IP information the DHCP server not the RAS 1500 sends it to the user When a dial in user requests IP information the RAS 1500 acting as a proxy server relays the request to the DHCP server The DHC...

Страница 250: ...tion to the local LAN 1 user When a local LAN 2 user requests IP information the DHCP server sends it to the user When a dial in user to the RAS 1500 requests IP information the RAS 1500 acting as a p...

Страница 251: ...ends it to the user When a dial in user to the RAS 1500 A requests IP information the RAS 1500 A acting as a proxy server relays the request through the PSTN to the RAS 1500 B The RAS 1500 B relays th...

Страница 252: ...ode dhcp_proxy 2 Set the DHCP mode set dhcp mode server 3 Set parameters for DHCP users These are the settings the DHCP server sends to users a Set the subnet mask and start and end addresses of the D...

Страница 253: ...gnment mode set ip address_assign_mode dhcp_proxy 2 Set the DHCP mode set dhcp mode disabled or relay 3 Specify the IP addresses of the primary and alternate DHCP servers set dhcp proxy server1 addres...

Страница 254: ...ng By default UDP broadcast forwarding is disabled To add or delete a UDP broadcast forwarding port use the following command add delete ip udp_bcast_forwarding_port port number For example to add por...

Страница 255: ...our ISP assigns you a public subnetwork 200 1 1 0 28 from which you set aside a pool of public addresses from 200 1 1 1 to 200 1 1 10 When a user on 192 168 111 to 200 1 1 15 and a user on your privat...

Страница 256: ...mic NAT Public Private 200 1 1 1 200 1 1 3 200 1 1 2 Public 192 168 111 1 Private 200 1 1 1 200 1 1 3 200 1 1 2 Public 192 168 111 1 Private 200 1 1 1 192 168 111 3 200 1 1 3 200 1 1 2 Public Private...

Страница 257: ...address 200 1 1 1 port 5001 The RAS 1500 maintains a dynamic PAT mapping for this translation Then when an inbound packet addressed to 200 1 1 1 port 5001 arrives at the RAS 1500 from the public netwo...

Страница 258: ...n the public IP address pool When another user attempts to access the public network the private address and port of the user are assigned the next available IP address and port in the public IP addre...

Страница 259: ...t network user nat_user nat_option nat To disable NAT for a user use the following command set network user username nat_option disable Example set network user nat_user nat_option disable Adding Dyna...

Страница 260: ...ettings show user username Example show user nat_user To list active NAT address mappings use the following command list nat user username address To list active NAT port mappings use the following co...

Страница 261: ...ample add pat tcp user pat_user private_address 192 168 111 1 private_port 80 public_port 80 Incoming packets from the public network whose destination port mappings do not exist in the dynamic PAT tr...

Страница 262: ...must match the password ras The public subnet allocated by the ISP for use by this private network is 202 55 55 40 29 The RAS 1500 is assigned the address 202 55 55 41 29 The private network has two...

Страница 263: ...p named 78 add modem_group 78 interface rm0 slot 2 mod 3 4 5 Add and configure a user named nat_user add user nat_user password ras type network dial_out enable no set user nat_user modem_group 78 pho...

Страница 264: ...lready configured the ISDN modems for proper operation However adding more than 4 Multi Link Point to Point Protocol MLPPP links diminishes the gain of adding the channels because of the MLPPP overhea...

Страница 265: ...ng listen set network user pat_user nat_option pat set network user pat_user pat_default_address 192 168 1 2 set dial user pat_user data async set dial user pat_user local_ip_address 255 255 255 255 s...

Страница 266: ......

Страница 267: ...ed line on its serial port A leased line is a dedicated line between two sites and is permanently installed rather than a dialed up connection PPP over the WAN port can connect to another RAS 1500 or...

Страница 268: ...449 V 11 V 10 EIA 530 V 11 V 10 EIA 530A V 11 V 10 Case Study Before You Begin Before you configure the RAS 1500 for PPP over leased line do the following 1 Work with the phone company to acquire a l...

Страница 269: ...seconds Assumptions Each office has a functioning RAS 1500 Each office has a separate IP network The main office has 192 112 226 0 C the branch office has 192 112 227 0 C Use Routing Information Proto...

Страница 270: ...3 Configure the user network parameters a Numbered link set network user branch_office address_selection specified remote_ip_address 78 0 0 2 A set network user branch_office ipx disable appletalk di...

Страница 271: ...S 1500 steps 1 through 3 are not necessary 1 Add an IP network add ip network ipnet 2 address 192 112 227 1 C interface rm0 eth 1 2 Add a user add user main_office password boston type network dial_ou...

Страница 272: ...ction issue the following command disable datalink ppp interface rm0 wan 1 Viewing the Status of the Connection To view the status of the link use the list ppp command Troubleshooting For debugging pu...

Страница 273: ...12 0 Kwajalein 11 0 American Samoa Canton Enderbury Islands Midway Island Niue Island Samoa 10 0 Christmas Islands Cook Islands French Polynesia Johnston Island Society Island Tahiti Tuamotu Island T...

Страница 274: ...ca El Salvador Guatemala Honduras Mexico 6 5 1 Canada Central Easter Island Nicaragua USA Central 5 0 Cayman Islands Colombia Ecuador Galapagos Islands Jamaica Panama Peru USA Indiana East 5 4 1 Baham...

Страница 275: ...Montserrat Puerto Rico Saba St Christopher St Croix St John St Kitts Nevis St Lucia St Maarten St Thomas St Vincent Trinidad and Tobago Venezuela Virgin Islands Windward Islands 4 3 1 Bermuda Brazil...

Страница 276: ...and Liberia Mali Mauritania Morocco Principe Island Sao Tome e Principe Senegal Sierra Leone St Helena Togo 0 1 1 Canary Islands Channel Islands England Faroe Island Ireland Republic of Madeira Northe...

Страница 277: ...ary Italy Luxembourg Macedonia Mallorca Islands Malta Melilla Monaco Namibia Netherlands Norway Poland Portugal San Marino Slovakia Slovenia Spain Sweden Switzerland Vatican City Yugoslavia 2 0 Botswa...

Страница 278: ...omania Russian Federation zone one Syria Turkey Ukraine 3 0 Azerbajian Bahrain Djibouti Eritrea Ethiopia Kenya Kuwait Madagascar Mayotte Qatar Saudi Arabia Somalia Tanzania Uganda Yemen 3 4 1 Iraq 3 5...

Страница 279: ...and Vietnam 7 8 1 Russian Federation zone six 8 0 Australia Western Brunei China People s Rep Hong kong Indonesia Central Malaysia Mongolia Philippines Singapore Taiwan 8 9 1 Russian Federation zone s...

Страница 280: ...5 Australia Lord Howe Island 11 0 Caroline Island New Caledonia New Hebrides Ponape Island Solomon Islands 11 12 1 Russian Federation zone ten Vanuatu 11 5 0 Norfolk Island 12 0 Fiji Kiribati Kusaie...

Страница 281: ...d and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If thi...

Страница 282: ...the equipment will operate to the user s satisfaction Before installing this equipment users should ensure that it is permissible to be connected to the facilities of the local telecommunications com...

Страница 283: ...00 has the following physical dimensions Interfaces Console Interface Electrical specification RS 232 C EIA TIA 232 E standard Connector DB 9 male Configuration DTE Transmission method Unbalanced RS 2...

Страница 284: ...Ohms for frequency range of 5 10 MHz Propagation Delay 5 7 nanseconds meter Cabling RJ 45 plug to RJ 45 plug straight through for multiport repeater applications transmit to receiver crossover cable f...

Страница 285: ...f the 12 VDC supply is 30 W the remaining 40 W is shared between the 3 3 and 5 VDC supplies If no load in 3 3 V and 12 V limited to 0 6 A then 5 V can deliver 12 A Input Voltage 90 264 VAC 47 63 Hz Ma...

Страница 286: ......

Страница 287: ...ld Wide Web site 3Com FTP site 3Com Bulletin Board Service 3Com BBS 3ComFactsSM automated fax service World Wide Web Site Access the latest networking information on the 3Com Corporation World Wide We...

Страница 288: ...modem to 8 data bits no parity and 1 stop bit Call the telephone number nearest you Access by Digital Modem ISDN users can dial in to the 3Com BBS using a digital modem for fast access up to 64 Kbps T...

Страница 289: ...dy Product model name part number and serial number A list of system hardware and software including revision levels Diagnostic error messages Details about recent configuration changes if applicable...

Страница 290: ...pe From anywhere in Europe call 31 0 30 6029900 phone 31 0 30 6029999 fax From the following European countries you may use the toll free numbers Austria Belgium Denmark Finland France Germany Hungary...

Страница 291: ...iddle East 44 1442 435860 44 1442 435718 From the following European countries you may call the toll free numbers select option 2 and then option 2 Austria Belgium Denmark Finland France Germany Hunga...

Страница 292: ......

Страница 293: ...sing Rlogin 166 using Telnet 166 using Telnet control characters 167 using TFTP 166 viewing facility errors 168 viewing interface status and settings 172 viewing system settings 172 viewing Telnet sta...

Страница 294: ...ion 137 using 137 escape code 146 exit commands 162 F fax service 3ComFacts 287 FECN 203 files deleting 161 renaming 161 filters adding filters to the managed list 230 advertisement filters 219 assign...

Страница 295: ...n 94 case study 105 267 configuring network parameters 98 connection types 93 connections to remote gateways 96 dialout scripts 94 PAP and CHAP authentication 96 setting internal networks for unnumber...

Страница 296: ...59 software configuration configuring a manage user 32 finding IPX network number 27 IP configuration 26 IPX configuration 27 setting default domain 30 setting IPX parameters 29 spoofing 96 standard p...

Страница 297: ...INDEX 295 V 90 151 W Windows 95 Dial Up Networking 89 World Wide Web WWW 285 X X 75 152...

Страница 298: ...296 INDEX...

Страница 299: ...sed to Customer on and after January 1 1998 that is date sensitive will continue performing properly with regard to such date data on and after January 1 2000 provided that all other products used by...

Страница 300: ...TING UNAUTHORIZED ATTEMPTS TO OPEN REPAIR OR MODIFY THE PRODUCT OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE OR BY ACCIDENT FIRE LIGHTNING OTHER HAZARDS OR ACTS OF GOD LIMITATION OF LIABILI...

Отзывы:

Нет отзывов

Похожие инструкции для 3C421600A

Бренд: C4i Страницы: 8

Univerge SV9300

Бренд: NEC Страницы: 26

Бренд: NEC Страницы: 20

DS2000 IntraMail

Бренд: NEC Страницы: 2

Бренд: Jabra Страницы: 15

Бренд: RadiSys Страницы: 44

Бренд: Ubee Страницы: 9

Бренд: Dahua Страницы: 6

Бренд: NETGEAR Страницы: 169

Avenue Express Control Panel

Бренд: Ensemble Designs Страницы: 19

Бренд: Usr Страницы: 2

Бренд: LevelOne Страницы: 31

Бренд: Garderos Страницы: 23

eBOX532-100-FL Series

Бренд: AXIOMTEK Страницы: 2

Бренд: ZyXEL Communications Страницы: 299

Бренд: Barco Страницы: 30

Бренд: BEC Страницы: 159

Бренд: Kramer Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды