manualshive.com logo in svg

FNGi DHCPatriot Version 6, Руководство по эксплуатации

Поделиться
Скачать
FNGi DHCPatriot Version 6 Скачать руководство пользователя страница 21

IP address.  Type that followed by enter.  Then it will ask for the subnet mask.  Type that 
and press enter.  Then it will ask for the default gateway.  Type that and press enter.  It 
will then show the information that was gathered and ask if you would like to proceed.  If 
the information looks correct, press 1 and then enter.  If you have misconfigured 
something, press 0 and enter.  Then press 3 and enter to return to the IP address 
configuration area to restart the process.  You may cancel the process at any time by 
pressing Ctrl+e to return to the main menu, or by pressing Ctrl+x to exit.  No changes 
will be applied to the Ethernet interface until a reboot of the system is performed.  You 
may change the configuration several times before rebooting.

IPv6 Address Configuration (Optional)

From the main CLI menu screen, press 4 to enter the IPv6 address assignment area.  
The current IPv6 network settings are shown here.  Press 1 to proceed and configure 
the address.  You will first be asked for the IP address, this should be entered as 
address/prefix length (ex: 2001:db8:0:0:1/64).  Press enter to continue.  Then the 
gateway will be requested.  This must be an address in the same subnet as the IP 
address entered previously. Press enter to continue.  A summary will then be shown 
asking if you would like to proceed.  Press 1 and then enter to proceed. Return to the 
main menu (CTRL+e).

Domain Name Configuration

NOTE: It is important that both the primary and secondary DHCPatriot devices be set to 
the same domain name.

The next task to perform is setting the domain name.  At this point, you should be back 
at the main menu (see figure 4.1).  If you are not, please be sure that the IP address 
has been saved properly and then press Ctrl+e to return to the main menu.  Press 5 and 
then enter.  The currently configured domain name will be displayed.  Press 1 and then 
enter.  It will ask for a new domain name.  Each device’s host name must begin with 
either patriot-1 or patriot-2, therefore this is automatically set according to the primary or 
secondary designation.  This factory set designation cannot be changed.  Only a 
domain name may be configured here.

After entering the chosen domain name, press enter.  The screen will display your entry 
and ask for confirmation.  Press 1 and then enter to continue.  If you have entered the 
domain incorrectly, press 0 instead.  You will be returned to the main menu.  Begin the 
domain name configuration process from the beginning.  The domain name will not be 
changed until a reboot is performed.  You may change it several times before rebooting 
if necessary.  When the changes are complete, you may return to the main menu (0 or 
Ctrl+e).

The DHCPatriot devices will need to be entered into the DNS (Domain Name Service) 
server.  Specific methods for doing this vary depending on the brand of server being 
used.  The following entries must be made:

Chapter 4: Initial Configuration

21

DHCPatriot Version 6 Operations Manual  This document © 2017 First Network Group Inc.  All Rights Reserved

Содержание DHCPatriot Version 6

Страница 1: ...Operations Manual Version 6...

Страница 2: ......

Страница 3: ...17 Serial Console Access 17 Console from AUX on a Cisco 17 Console from an OCTAL cable connected to an ASYNC port 18 Console from a serial DB9 port on a standard PC 18 Secure Shell SSH Access 19 Conf...

Страница 4: ...henticated DHCP 32 Configuring Authenticated DHCP 32 Authentication Servers 32 Internal Built in Authentication 33 External 33 Captive Portal 33 Adding 34 Editing 35 Removal 35 Shared Network Configur...

Страница 5: ...ork Configuration 42 Shared Network 42 Adding 43 Editing 43 Removal 43 Dynamic Subnet 43 Adding 44 Editing 44 Disable 44 Removal 44 Static Subnet 44 Adding 45 Editing 45 Removal 45 Maintenance Subnet...

Страница 6: ...1 Deny Mac Address 52 View Address Usage 52 Search Sessions 53 Possible hijacked IP Addresses 55 Chapter 9 DHCPv6 Configuration and Maintenance 56 IPv6 Primer 56 DHCPv6 Primer 57 Configuration and Mai...

Страница 7: ...IP Delete 79 Sticky IP List 80 Built in Authentication 80 List Customers 80 Add Customer 81 Edit Customer 81 Suspend Customer 82 Enable Customer 82 Delete Customer 83 Change Password 83 Deny MAC Addre...

Страница 8: ...s 93 Authentication Problems 95 Chapter 13 User Based Tasks for Customer Service 97 Suspend User 97 Built in Authentication User Maintenance 98 Adding a User 98 Editing a User 99 Suspending One or Mor...

Страница 9: ...ome other backbone provider to link the customers to the Internet then a single DHCPatriot system cannot be used centrally in this situation An additional system will be needed for that separate pop I...

Страница 10: ...ferent cable may be needed in your region The power supply will accept a standard PC cable from your region Please note that if the DC version is purchased it will not come with power cabling Two seri...

Страница 11: ...customer network that consists of Ethernet based DSL For the purposes of this example we will assume that the DSLAM is providing only bridging services not routing On the Cisco 7200 the Ethernet from...

Страница 12: ...ptional RADIUS server The optional RADIUS server will again respond with Access Accept The DHCPatriot system marks the device as being online in its database and sends an accounting start to the optio...

Страница 13: ...ple the optional console server may be used in this example network allowing connection to the DHCPatriot for some administrative tasks Please note that as of 5 3 0 it is possible to configure a third...

Страница 14: ...age notify First Network Group immediately Packed in the boxes are all the parts you should need to mount your server in a telco or server rack In addition to the parts listed in the packing list abov...

Страница 15: ...ell ventilated Do not set up your DHCPatriot system in an area where heat electrical noise or electromagnetic fields are generated The area chosen must have close access to a grounded AC power outlet...

Страница 16: ...e into an AC power outlet with the proper specifications The red crossover cable supplied is used to connect the devices to each other Connect the cable to the ports on each unit as shown in figure 3...

Страница 17: ...s and Apple Mac systems implementations The pin assignment of the serial port and RJ45 port are supplied for use in other situations Console from AUX on a Cisco Plug one end of a Cisco flat black cabl...

Страница 18: ...the right Attach this Null Modem shell to your favorite serial port on your standard PC laptops work great in this mobile type situation Microsoft Windows based instructions Using Hyperterminal or equ...

Страница 19: ...ty certificate Click on Yes to allow Putty to permanently accept the certificate 6 A username prompt will appear Type the username admin and press enter 7 A password prompt will appear Type your passw...

Страница 20: ...r the admin user This password is widely known at least among DHCPatriot system owners and should not be used after the IP address is set Once a suitable password is chosen press 7 and then enter to b...

Страница 21: ...n NOTE It is important that both the primary and secondary DHCPatriot devices be set to the same domain name The next task to perform is setting the domain name At this point you should be back at the...

Страница 22: ...e settings are applied immediately after receiving confirmation Type the number of the speed and duplex you wish to set and press enter The chosen setting will be displayed Press 1 to confirm and 0 to...

Страница 23: ...enu to find the rule you wish to delete Then press 1 and then enter You will be prompted for a rule to delete Enter the number of the rule that you wish to delete Then press enter It should display de...

Страница 24: ...e displayed It is up to you to interpret this output as the possibilities are to numerous to list here Web Administration Interface Account Setup NOTE perform these actions on only ONE of the DHCPatri...

Страница 25: ...te and press enter You will get a confirmation message that the user was deleted and the list will refresh You will notice that the user is gone from the list You may continue to delete other users if...

Страница 26: ...s point you should be logged in If you instead receive a password error verify that you entered the login and password correctly If you are still unable to login revisit the Menu Configuration Interfa...

Страница 27: ...Devices are considered old and suspended when the time period you specified passes with no DHCP activity from the device Devices will be deleted after being suspended for the time period you specify P...

Страница 28: ...s not checked then the user has access to only the Web Administration Interface The two Admin User Restriction Auth and Standard settings are used for restricting user access to certain networks This...

Страница 29: ...when it asks if you are sure It is recommended that you not delete any rules that are marked FNGi as these are used by First Network Group to gain access to the devices to assist you in troubleshootin...

Страница 30: ...ng the limit displayed entries box To open system logs open the System Configuration menu and then click on System Logs A screen similar to figure 5 3 will appear Select the appropriate entries and en...

Страница 31: ...in figure 5 5 This has the function of visualizing and editing what apps can be accessed by what level of administrator The various apps will be grouped together by what admin level is currently set f...

Страница 32: ...uring both in some type of failover manner or using one for authentication and the other for accounting records To enter the Authentication server configuration area expand the Auth DHCP Config menu a...

Страница 33: ...servers in either a round robin or a failover configuration You can setup multiples of each type of authentication server access and accounting You can specify whether they are round robin or failove...

Страница 34: ...Captive Portal definition will show a popup screen as shown in figure 6 4 and 6 5 respectively Please note that these will not change until Commit has been clicked when editing A new feature was added...

Страница 35: ...the definition Click on OK The definition will be removed at that point Shared Network Configuration The DHCPatriot system can support one or more authenticated DHCP networks Each network can support...

Страница 36: ...to choose a descriptive name The name can only contain dashes underscores and alpha numeric characters Choose the desired lease length The default 8 hours is a good choice but there are both higher a...

Страница 37: ...ease lengths are available however Fill out the rest of the form according to the subnet values On screen help is available if needed Click on Commit and a new subnet will appear in the list at the bo...

Страница 38: ...should be pretty straight forward Click on Commit Editing This is much the same as adding Click on the Edit link of the desired Authenticated Subnet and the form will be auto completed with the values...

Страница 39: ...tic subnet configuration expand the Auth DHCP Config menu then click on Static Subnet A screen similar to that shown in figure 6 9 should appear Adding Choose the Shared Network that the Static Subnet...

Страница 40: ...n in figure 6 10 simply expand the Auth DHCP Config menu and click on Maintenance Subnet A screen similar to the one in figure 6 10 should appear On this screen you can add edit or delete maintenance...

Страница 41: ...name and password at the authentication window It also shows the current IP address and type if the user is currently online It also notes whether the user or device is assigned a static IP address St...

Страница 42: ...t support broadcast DHCP on the local LAN local to the DHCPatriot but rather requires that the traffic be relayed through a router or some other relay agent Cisco devices become relay agents when the...

Страница 43: ...red changes and click on Commit The changes should be reflected in the list at that point Removal To remove a Shared Network click on Delete A confirmation dialog will appear Click on OK and the Share...

Страница 44: ...disabled subnet will no longer be available for leasing of IP Addresses It will still show up in the reports along with any users who currently have an IP Address out of the subnet but the users will...

Страница 45: ...er may be set up as a DHCP relay agent by having ip helper address configured on an ethernet interface facing client devices If the primary IP address on that ethernet interface is NOT part of a DHCP...

Страница 46: ...ed here They are covered here because it is assumed that systems administrators will be performing these tasks as opposed to tech support or customer service We thave grouped tasks common to those dis...

Страница 47: ...based on MAC Address or Option 82 information Option 82 circuit id or remote id can be used to match the client In addition a TFTP file may optionally be specified To access Static IP Assignment expan...

Страница 48: ...client s that need a boot file or configuration file of some kind If a TFTP server was specified in the Shared Network configuration and was further specified as local meaning that the DHCPatriot itse...

Страница 49: ...ng you what is going to be changed and asking if you are sure This feature lets you change an assignment to a different file without visiting every single instance that is assigned to the file in both...

Страница 50: ...ure 8 1 should appear Please note that the username field will not be available if accessed from Standard DHCP Please note that as of 5 3 0 static IP addresses assigned via RADIUS now show up in this...

Страница 51: ...ed to clients by the DHCP server at all To access Exclude IP Address expand either the Auth DHCP Config or the Standard DHCP Config menu Click on Exclude IP Address A screen similar to figure 8 2 shou...

Страница 52: ...e various functions should you need it View Address Usage The DHCPatriot system makes it easy to confirm the current and past status of the networks and subnets configured on the system The View Addre...

Страница 53: ...screen you ll notice that each subnet is clickable Clicking a subnet will bring up a screen similar to figure 8 6 This screen shows a list of devices that currently are using an IP address The lease s...

Страница 54: ...the equipment as shown in figure 8 7 Administrative notes about the device can also be added edited and viewed here To add or edit an administrative note click on the Add Edit Note link or if a note...

Страница 55: ...ven an IP address by a DHCP server it will first do an arp request to find out if any device is using the IP address If it is found that another device is already using the address the client will sen...

Страница 56: ...size of the entire planet It helps to understand that there is a fundamental philosophy change in IPv6 We no longer think in terms of a single address We think in terms of subnets And by subnet we mea...

Страница 57: ...the number of households and businesses Here is a simple chart showing IPv6 size DHCPv6 Primer Most current clients that support IPv6 will have at least two modes of operation that can be set manual a...

Страница 58: ...v4 address space which is 232 IP addresses A 48 is 280 IP addresses However it is designed to provide for future expansion in the end user s network Current standards also state that any subnet on any...

Страница 59: ...DHCP server have some limitations which prevent the tracking of sessions and authentication as of 6 1 0 sessions are now tracked Customers taking advantage of the DHCPv6 features in the DHCPatriot sys...

Страница 60: ...ally a prefix delegation may be specified under DHCPv6 IPv6 Prefix Delegation figure 9 5 Prefix delegation is necessary under IPv6 as NAT and private addresses can no longer be used by a customer rout...

Страница 61: ...mically assigned via DHCPv6 or simply because you need a client to vacate a certain IP address for other purposes The DHCPatriot supports excluding an IP address from being assigned dynamically Enter...

Страница 62: ...Sessions for DHCPv6 see Figure 9 9 Again this is a similar concept to its counterpart in DHCPv4 There are some key differences however On the search parameter side a new search target DUID is introdu...

Страница 63: ...ddress 2001 db8 0 e8 ffff ffff ffff fffe Mar 8 21 06 47 patriot 2 dhcpd Sending Relay reply to 2001 db8 0 f b port 547 Exchanges such as this one above can be useful for noting that there was a DHCPv6...

Страница 64: ...pened allowing access to services that may need monitoring and DHCP ranges will be created so that monitoring can be done of DHCP by actually performing DHCP operations This ensures that the service r...

Страница 65: ...eturn the following status information about services as listed in the table below Disk Space OID 1 3 6 1 4 1 2021 51 1 4 1 2 9 68 73 83 75 83 80 65 67 69 1 This OID will return down 999 when disk spa...

Страница 66: ...usDispatch 1309195954 1 3 6 1 4 1 2021 51 10 1 14 STRING patriot 1 syslogd 1309195984 1 3 6 1 4 1 2021 51 10 1 15 STRING patriot 1 tftpd 1309195984 1 3 6 1 4 1 2021 51 10 1 16 STRING patriot 1 todTCP...

Страница 67: ...that are utilizing Authenticated DHCP The best way to monitor this service is by connecting to port 80 to see if some sort of data is returned The monitoring is available via SNMP however OID 1 3 6 1...

Страница 68: ...ill return an integer equal to the average CPU percentage used on the device over a recent five minute interval Percentage of CPU Used for IO OID 1 3 6 1 4 1 2021 50 10 101 1 This OID will return the...

Страница 69: ...Per Second OID 1 3 6 1 4 1 2021 50 46 This OID will return the average number of database queries per second over the most recent five minute interval This number is rounded to the nearest whole numbe...

Страница 70: ...1 gateway address result from 1 3 6 1 4 1 2021 50 80 1 will retrieve used IP address number from the chosen subnet 1 3 6 1 4 1 2021 50 100 1 gateway address result from 1 3 6 1 4 1 2021 50 80 1 will r...

Страница 71: ...e this 1 3 6 1 4 1 2021 50 100 1 10 31 128 1 INTEGER 253 Total Dynamic data per network 1 3 6 1 4 1 2021 50 110 1 2 for type of network auth standard will list all available dynamic networks for which...

Страница 72: ...as well as total used IPs for each dynamic network For example using FNGiTEST ID of 15 This command will get the used dynamic IP addresses for FNGiTEST 15 snmpget On v1 c lnx snmp patriot 1 network1 n...

Страница 73: ...DHCPatriot system also has an extensive health monitoring function that shows the current status of the system as well as some graphs This function shows all services that may be monitored and their c...

Страница 74: ...hat is not to say that the server status should be thought of as a replacement for remote monitoring with a monitoring system It can be mistaken as it is all done via SNMP which is limited to noting t...

Страница 75: ...istrators You should get a screen similar to figure 11 1 Fill out the name username and password or use encrypted password if you have a pre encrypted password to be used The encrypted password must b...

Страница 76: ...a user to be suspended on the DHCPatriot system It will suspend all devices belonging to the specified username The default admin level required for this feature is five This feature behaves the same...

Страница 77: ...User and clicking on Suspend Multiple Users The feature is accessed using a POST action string as follows https patriot domain cli function AuthMassSuspend username username password password note no...

Страница 78: ...k1 net cli function SuspendEnable username apiuser password apipass action unsuspend user linux Success will present the text RETURN 1 Failure will present RETURN 0 with some text given below as a rea...

Страница 79: ...yIPs action ADD Stickymac Stickyusername bobjim Stickyip 3 3 3 6 Stickynote Success will present the text RETURN 1 Failure will present RETURN 0 with some text given below as a reason for the failure...

Страница 80: ...rsion 1 0 encoding UTF 8 result record username username mac 00 02 04 ff ee dd mac stickyip 1 2 0 55 stickyip note note record result Built in Authentication This API allows users to be configured in...

Страница 81: ...ministration Interface The GET string to send is as follows https patriot domain cli function BAAddCustomer username user password pass identifier sometext u ser someuser pass somepass staticip someip...

Страница 82: ...look like for suspending a customer https patriot network1 net cli function BASuspendCustomer username apiuser password apipass user jsmithso n Success will present the text RETURN 1 Failure will pre...

Страница 83: ...r Auth DHCP Actions in the Web Administration Interface The GET string to send is as follows https patriot domain cli function BAChangePass username user password pass action changepass us er someuser...

Страница 84: ...ma c MAC Here is an example of what a properly formatted URL might look like for removing a user from the list of denied MAC addresses https patriot alpha network1 net cli username apiuser password a...

Страница 85: ...erly formatted URL that would return all session records not recommended is as follows https patriot network1 net cli function SearchSessions username apiuser password apipass action search user mac i...

Страница 86: ...ser jim but only if his MAC address is 00 00 89 0c 51 13 and he is currently online and only if some part of the session overlapped the start stop time period given Get Network Config This API call wi...

Страница 87: ...nown client assignments in the Web Administration Interface A sample of the result is shown below result record IDENT John Doe IDENT REMOTE_MAC 00 03 05 fc fe fa REMOTE_MAC tftp_file ID 1 ID record re...

Страница 88: ...this works more like a replacement as you will need to fill out all of the fields with the values you want in the entry If the field is left blank then it will become blank in the entry A properly for...

Страница 89: ...Standard Static Assignment can be found in the Web Administration Interface under Standard DHCP Actions Please note that an id of the appropriate subnet must be obtained from the Get Network Config A...

Страница 90: ...the values you want in the entry If the field is left blank then it will become blank in the entry A properly formatted URL looks like https patriot network1 net cli function StaticIPassign username...

Страница 91: ...er may also get an authenticated address this is usually a public address If the customer is getting a private unauthenticated address they have not yet registered or they are suspended If they cannot...

Страница 92: ...is in the known client table Standard DHCP Actions Known Client on the Web Administration Interface Contact your network administrator if you have questions about this It could also be that the client...

Страница 93: ...erience can be boiled down to either they cannot get an IP address to begin with or they cannot keep the IP address Things that might cause these problems can be boiled down to problems with the clien...

Страница 94: ...he server This should only come from one of the servers but may come from both under certain circumstances The client should send a DHCPREQUEST for the offered address The server should respond with D...

Страница 95: ...er try a different device to see if that resolves the problem As noted previously the above is not a comprehensive list nor does it give instruction of how to perform these operations on the client If...

Страница 96: ...again 2 Cannot authenticate MAC registering to user USER at this time It is currently online The current session will expire at TIME 2 1 This means that the MAC address is already seen as online by th...

Страница 97: ...int the user device s will be suspended and added to the list at the bottom Multiple users may be suspended by clicking on the Suspend Multiple Users link in the username field The username box will c...

Страница 98: ...dding a User To add a user complete the form similar to the one shown in figure 13 2 Identifier is an optional field and should be used for the customer s name or some other identifying information su...

Страница 99: ...sers will be suspended in the Auth DHCP Actions Suspend User area This note will be applied there and will be shown to the user on the Captive Portal screen Contact our Billing office at phone for exa...

Страница 100: ...is no harm in leaving this here If further suspended users are deleted it will merely replace this data Built in Authentication User Import New in version 5 4 0 the DHCPatriot system now supports imp...

Страница 101: ...on your hard drive that contains the csv file to import Choose the file and click OK Click on the Commit button The DHCPatriot will parse the file and display a preview of what it is going to import...

Страница 102: ...has a static ip centreclean walleye 00 01 6C 52 8E 96 actrisco efy9 qr7 00 01 6C 67 5A 97 bbwessel BB w3ss3l 00 03 47 D1 C4 F0 westsidesauk azaz 00 03 6D 1A 64 F4 clarsue 8d y3cnw 00 04 5A 42 12 18 p...

Страница 103: ...13 10 If there are any errors they will be displayed on this screen The imported user devices should appear in Auth DHCP Reports View Authenticated Devices Chapter 13 User Based Tasks for Customer Ser...

Страница 104: ...p Inc 4 6 Perry St PO Box 1662 Wapakoneta OH 45895 DHCPatriot network1 net 800 578 6381 opt 3 DHCPatriot is a trademark of First Network Group Inc http www network1 net All other names and brands are...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды