background image

Glossary 

MultiAccess Communications Server MA30120 User Guide                                                                            174

Proxy (Application Gateway)

 – The task of a proxy (Application Gateway) is to completely separate the 

communication connections between the external network (Internet) and the internal network (LAN). There 
must be no direct connection between an internal system and an external computer. The proxies work 
exclusively on the application level. Firewalls that are based on proxies use a dual homed gateway that does 
not transfer any IP packets. The proxies that run as specialized programs on the gateway can now receive 
connections for a special protocol, process the received information at the application level and then transfer 
them. 

Proxy ARP

 

– The technique in which one machine, usually a router answers ARP requests intended for 

another machine.  By "faking" its identity, the router accepts responsibility for routing packets to the "real" 
destination.  Proxy ARP allows a site to use a single IP address with two physical networks.  Subnetting would 
normally be a better solution. 

Private Key 

 

In public key cryptography the private key is only known to the holder and it can be used to sign 

and decrypt messages. 

Proxy 

– A cache server that acts as a firewall, protecting the local network. It allows an application inside the 

proxy to access resources on the global Internet. 

PSK (Pre Shared Key)

 

– A PSK password must be entered at both ends of the VPN tunnel. This password is 

also called the secret. The holder of this password can establish a VPN connection to the secure network.  
Make sure that this password does not reach the wrong hands and that you change the PSK password at 
regular intervals. 

Public Key

 

– In public key cryptography the public key, which is included in the certificate, can be used to 

verify signatures and encrypt messages.  A sample public key is shown below:

 

0sAQNic1Twvw7iknvNd6ieKDhd9JTu/Krbc71H4oIFd/xqKJntU8x25

M0Wbxr0gQngECdZPWHj6KeSVtMtslzXMkxDecdawoCadPtPiH/Iln

23GKUOt3fob9wBYbwdHOxPAYtNQBxNPEU9PGMxQd
Yp8io72cy0duJNCXkEVvpvYvVzkmp0xVYOWYkfjiPsdhnz5FCitEh6

XsCe0ctBymLtAlWhuycVojr2JwzSqUIJXzS6QY5

o5yztgjVIgwW1Er6jyyo2aeFLgusX0dz/OfdQ0N0AjRAmO3

eknOYLk2DPRkmUeYr3W94GRlzzP8ZoyPwdBv7hpZ0TRA
La8N2/TDKx+fGLfixB6Ed8X0jCmq4It7iD2d/9EWeaUZfctq
aKfw==

 

Public key cryptography is based on two keys, a private key and a public key. Where conventional 
cryptography is a one key system for both locking (encrypting) and unlocking (decrypting) a message, whereas 
public key cryptography uses different keys for locking and unlocking. In public-key systems, one key can be 
kept private while the other key is made public. Knowing that the public key does not reveal the private key. 

PuTTY

 – A simple but excellent 

SSH

 and 

Telnet

 replacement for Windows 95/98/NT that happens to be free.  

Installation is simple - you download 

PuTTY.exe

 and store it somewhere on your system that's convenient.

 

Qmail

 – A security-oriented Unix mailer daemon developed by Dan Bernstein.   

RADIUS

 

– RADIUS stands for 

Remote Authentication Dial-In User Service

. RADIUS is a protocol with which 

the router can obtain information for the user authentication from a central server. 

RFC

 (

Request For Comments

– A document of Internet Society under standardization.  See also IETF. 

RFC 921 

– A policy statement on the implementation of the Domain Style Naming System on the Internet.  

RFC 921 details the schedule for the implementation for the Domain Style Naming System in terms of 1) the 
names themselves, 2) the method of translating names to addresses, and 3) the relationship between the 
Internet and the rest of the world. 

RFC 953

 

– The official IETF specification of the Hostname Server Protocol, a TCP-based hosts information 

program and protocol. The function of this server is to deliver machine-readable name/address information 
describing networks, gateways, hosts, and eventually domains, within the Internet environment. To access this 
server from a program, establish a TCP connection to port 101 (decimal) at the service host, SRI-NIC.ARPA 
(26.0.0.73 or 10.0.0.51). 

RFC 1918

 – An IETF standard for Address Allocation for Private Internet. 

Содержание MultiAccess MULTIACCESS MA30120

Страница 1: ...MA30120 User Guide ...

Страница 2: ...ndix B and includes software version 1 14 E 09 18 12 Updated RoHS Patents This device covered by one or more of the following patents 6 031 867 6 012 113 6 009 082 5 864 560 5 815 503 5 812 534 5 790 532 5 764 628 5 764 627 5 754 589 5 724 356 5 673 268 5 673 257 5 628 030 5 619 508 5 617 423 5 600 649 5 592 586 5 577 041 5 574 725 5 559 793 5 546 448 5 546 395 5 535 204 5 500 859 5 471 470 5 463 ...

Страница 3: ...etup 21 User Authentication 28 Chapter 3 Software 32 Home and Logout Options 33 Administration 35 Networks Services 50 Network Setup 56 DHCP Server 66 Tracking 70 Packet Filters 71 User Authentication 75 Modem Setup 88 Statistics Logs 98 Line Interfaces 117 Chapter 4 Troubleshooting 129 Chapter 5 MultiAccess Maintenance 130 Chapter 6 Warranty and Service 131 Regulatory Compliance 133 Recording Mul...

Страница 4: ...59 ASCII Conversion Chart 161 Appendix C How to Update 162 Menu Driven 162 Manual Method via Linux command line 162 Appendix D Waste Electrical and Electronic Equipment WEEE Statement 165 Appendix E Restriction of the Use of Hazardous Substances RoHS 166 Glossary 167 Index 178 ...

Страница 5: ...y are manageable from remote locations using platform independent industry standard protocols Management MultiAccess includes robust management support allowing a network administrator to securely manage the devices either through a web browser or at the command line The browser based option uses the HTTPS protocol also know as SSL Secure Sockets Layer to provide 128 bit encryption to secure the m...

Страница 6: ...and 128 BRI ISDN sessions Industry standard PPP client support PAP and CHAP authentication Secure graphical local or remote management using HTTPS or SSH Standard 19 rackmountable chassis 1U Two year warranty Ship Kit Contents The MultiAccess is shipped with the following 1 MultiAccess 4 power cords US Euro Austral UK 1 printed Quick Start Guide 1 Document CD 1 Recovery Image CD 2 Rack Mounting Br...

Страница 7: ...LI 4 LEDs LA The LA Link Active indicates layer 1 is up LA blinks when Los of Frame Alignment LFA but not Loss of Signal LOS LC The LC indicates a red alarm LS The LS indicates a yellow alarm LED Description of Support Modem LEDs CD The CD Carrier Detect LED lights when the modem detects a valid carrier signal from another modem It is on when the modem is communicating with the other modem It is o...

Страница 8: ...RJ 11 phone LINE jack a DB 9 COM1 jack a DB 15 High density DSUB VIDEO jack two USB Revision 1 1 compliant jacks four RJ 45 T1 E1 PRI line jacks and two Ethernet RJ 45 Ethernet 1 Ethernet 2 jacks The MultiAccess back panel is illustrated and described below Back panel The back panel components are described in detail in the Cabling Procedure section in Chapter 2 of this manual ...

Страница 9: ...one Ethernet interface on the MultiAccess is used The IP address of the MultiAccess and the pool of IP addresses for the dial in users are of the same network and normally are public addresses The modems of the MultiAccess are configured for RAS usage PPP clients dial into the system authenticate via RADIUS and establish a LAN to Client PPP session remote note ...

Страница 10: ...odem sharing and faxing for network workstations Workstations on the corporate LAN can be a Comm Port Redirector e g Multi Tech s WINMCSI for accessing MultiAccess s modems Authentication can be performed before granting access to the modem sharing resource providing another layer of security to your network s infrustructure If some or all the MultiAccess s modems are configured for faxing the Hyl...

Страница 11: ...e Formats Extended Super Frame ESF 12 Frame Multiframe F12 4 Frame Multiframe F4 72 Frame Multiframe Remote Switch Mode F72 T1 Line Code AMI or B8ZS E1 Frame Formats Extended Super Frame ESF w CRC4 Extended Super Frame ESF w o CRC4 Double Fame E1 Line Code AMI or HDB3 Channelized T1 Channels 24 DSU CSU operation for T1 WAN service Frame Format Extended Super Frame ESF 12 Frame Multiframe F12 4 Fra...

Страница 12: ...weak battery or incorrect setup Caution The Ethernet ports are not designed to be connected to a Public Telecommunication Network Safety Recommendations for Rack Installations Ensure proper installation of the MultiAccess in a closed or multi unit enclosure by following the recommended installation as defined by the enclosure manufacturer Do not place the MultiAccess directly on top of other equip...

Страница 13: ... the Security Database i e user file in RADIUS server or Microsoft SAM Active directory with IAS and make sure users have dial in rights with framed protocol PPP attribute 3 Identify applicable network resources IP address of gateway default route DNS WINS RADIUS server s etc Identify the network MASK Identify available IP addresses determine the static IP address that is to be assigned to the Mul...

Страница 14: ...is required connect an RJ 45 cable for each of the line connections being used 2 Connect a workstation to your local network connect one end of a RJ 45 cable to the Ethernet 1 jack on the back of the MultiAccess and the other end to the hub on your local network 3 For advanced users the Video and Keyboard connections are for manual intervention of the Operating System The default root level login ...

Страница 15: ...keyboard to determine the current status of the system Five seconds after turning on power one beep is heard indicating a successful POST of the mother board next the BIOS detects the hard drive from which the Linux operating system and appropriate drivers are loaded 3 Bring up a Web browser on the workstation At the browser s address line enter https 192 168 2 1 and press the Enter key Important ...

Страница 16: ...ion Use a safe password Your first name spelled backwards is not a sufficiently safe password a password such as xfT35 4 is better 2 If someone else is already logged onto the MultiAccess or you were logged in recently the following message displays At the prompt Do you want to log the user out Click Yes If you click No you are returned to the Login screen 3 The MultiAccess Communications Server W...

Страница 17: ... Setup Defines the primary role of the modem RAS fax or network modem pool Statistics Logs View and download all the statistics and log files maintained by your system Line Interfaces Defines setup information of your PSTN lines Help Online Help Describes what to do on each screen Options Under Each Menu Home Administration Networks Services Network Setup DHCP Server System Update Logout Return to...

Страница 18: ...Server MA30120 User Guide 18 Setup Your Time Zone 4 Click Administration on the menu bar The System Setup screen displays Set the System Time by selecting your Time Zone the current Day Month Year Hour and Minute Administration System Setup System Time ...

Страница 19: ...xternal Name server window the IP address of your domain name server DNS 3 Click the Add button to connect to your name server 4 Change the default IP Address for the Network Card 1 to the IP address of your local network and change the default Subnet Mask for the Network Card 1 to the subnet mask for your local network Click Save 5 Change your web browser address to the new address of your local ...

Страница 20: ...t for the screen to refresh 2 Use the various pull down menus to match the parameters of the Line Interface with the line provisioning information from your Telco Note A common provisioning issue is the type of framing format which the telco usually refers to as ESF But the MultiAccess gives you a choice of ESF or ESF with error correction Multi Tech recommends that you choose ESF with Error Corre...

Страница 21: ...ial in PPP access you do not have to modify the default Modem Usage settings The default usage is RAS If you plan to use all or part of your MultiAccess modems for dial out you will have to change the Modem usage settings for the selected modems to one of the Modem Sharing options that best fit your needs If you plan to use some or all your modems for faxing you will have to change the Modem Usage...

Страница 22: ... following the first ring message The Called Number information string of digits is provided by the central office switch and is commonly referred to as DNIS The MultiAccess does not support DNIS when the Line Interface type is T1 RBS Reverse Dial This parameter enables two features comma dialing and reverse dial mode When enabled the dial string can include the use of commas used to create a paus...

Страница 23: ...6000 creating a first available pool starting with the lowest numbered tty port SSL Support is made available when the usage is Modem Sharing with Authentication This is only used with SSL capable Telnet Clients Site Certificate information needs to be configured appropriately Contact Multi Tech Tech Support for additional information Idle Timer seconds The Idle Timer upon expiring will hangup the...

Страница 24: ...ss as a network fax server you need to set up the Modem Usage menu to support your configuration 5 Click on the Usage drop down arrow and select Fax 6 Click on the Modem up or down arrow and select the tty modem s for faxing You can choose multiple modems by holding down the shift key 7 Click on the Save button ...

Страница 25: ...efined in the Modem Usage Setup field of the Modem Usage screen 1 Verify that the V 92 Setup parameters conform to your client s characteristics 2 Multi Tech recommends that you set Retrain Limit to 4 and due to compatibility issues seen with various modems you may wish to disable Quick Connect and V 8bis 3 If additonal modem commands are required refer to Appendix B Advanced Commands ...

Страница 26: ...via the Hylafax Server requires the use of a Hylafax compatible Fax Client software e g Multi Tech s FaxFinder Client The General Fax Setup group is used to add Fax Clients to the Hylafax server The Fax Client must be installed on each workstation that you wish to send faxes from The Fax Client must use the credentials defined in the General Fax Setup group to submit faxes for sending The Fax Clie...

Страница 27: ...termined by one of two routing methods A Route by Device what tty port the fax was received on B Route by Called Number number dialed by the remote sender Route by Device is a static delivery method where all faxes that are received on that particular port will be sent to the email address defined for that port 8 To deliver the fax based on the port device it was received on select the radio butto...

Страница 28: ...Radius Server screens are only used when the Radius Server in the MultiAccess is going to be used Initially the Radius Server Default User Setup screen displays the default settings that are used for dial in network access Initially these default settings are all that you should need to authenticate a remote user Note When using the internal Radius Server you must use the IP address of network car...

Страница 29: ...IUS Server Address 2 window Follow that by entering the port number of the backup Radius server in the third Port window Then enter the backup Radius Accounting host in the RADIUS Accounting Address 2 window followed by the port number for the backup host in the fourth Port window 10 Enter your Shared Secret for the Radius Server in the RADIUS Shared Secret window 11 In the Remote Host Address win...

Страница 30: ...address of network card 1 eth0 in the Client window This IP address tells the Radius Server where the Radius Client is located 3 Enter the same Shared Radius Secret used in the Radius Client screen in the Shared Secret window The Shared Secret in the Radius Server and the Radius Server Secret in the Radius Client have to be the same in order for the two to communicate 4 You can enter an arbitrary ...

Страница 31: ...s dialing in to the MultiAccess The User name and password of the remote user is all that is needed initially If you check or enable Service Type through IP Address windows you will over ride the Default User Setup 1 Enter the remote user s name in the Username window 2 Enter the password of the remote user in the Password window 3 The Authentication Type should remain at the default setting 4 Cli...

Страница 32: ... protocol methods passwords and user database details Modem Setup Defines the primary role of the modem RAS fax or network modem pool Statistics Logs View and download all the statistics and log files maintained by your system Line Interfaces Defines setup information of your PSTN lines Help Online Help Describes what to do on each screen Options Under Each Menu Home Administration Networks Servic...

Страница 33: ...ter 3 Software MultiAccess Communications Server MA30120 User Guide 33 Home and Logout Home and Logout Options Home This is the opening screen of the MultiAccess Communication Server Web Management software ...

Страница 34: ...time out a prompt comes out saying Some body is already logged in Do you want to log the user out you respond with Yes and a new session is started The timeout period is set at Administration Web Admin Time before automatic disconnect If you change the Time before automatic disconnect you have to click the Save button for the new disconnect time to be active When you are done in Administration Web...

Страница 35: ...nistration System Setup In the Administration section you can perform the general system based settings for the MultiAccess Communications Server functions System Setup includes general system parameters such as the email address of the administrator remote syslog host and the system time can be set through these settings ...

Страница 36: ... of Notifications the MultiAccess Will Send System license key on expire from 10 days before expire SSH invalid login Not Web invalid login Works Intrusion Detection File System Integrity Intrusion Detection SNORT Network Intrusion Detection Backup backup file on export will be sent Update services system update completion Disk usage exceeding 70 disk usage exceeding 80 after cleanup Self monitor ...

Страница 37: ... as the only prompt Once it is checked and saved SSH is enabled and the other options display SSH requires name resolution for the access protocol otherwise a time out occurs with the SSH registration This time out takes about one minute During this time it seems as if the connection is frozen or can t be established After that the connection returns to normal without any further delay Allowed Net...

Страница 38: ...rnet protocol used to synchronize the clocks of computers to the same time source Clicking the SNTP Client check box enables the MultiAccess to act as a SNTP client SNTP Client Check the SNTP Client box to activate SNTP Client SNTP Server Address Enter the IP address of the SNTP Server for which the firewall will contact to synchronize its clock Then click the Save button ...

Страница 39: ...n Available Networks Select the networks that will allow access to Web Admin The list includes those networks you entered under Networks Services Networks You can add and delete existing selections The MultiAccess will display an ERROR message if you try to delete access to a network that would cause you to lock yourself out or otherwise not make sense Allowed Networks As with SSH Any has been ent...

Страница 40: ...esired time span in seconds after which you will be automatically disconnected from Web Admin if no operations take place After the initial installation the default setting is 3000 seconds The smallest possible setting is 300 seconds If you close the browser in the middle of an open Web Admin session without leaving Web Admin via Logout the last session stays active until the end of the time out I...

Страница 41: ...of the contact for MultiAccess certificate data e g the MultiAccess administrator over the default myname mydomain com Firewall Host Address Enter the MultiAccess s host address Use the same address that you will use to access the Web Admin interface It can be one of the MultiAccess IP addresses Example If you access Web Admin with https 192 168 10 1 the MultiAccess Host Address must also be 192 1...

Страница 42: ...o provide the IP address of the remote machine and appropriate user name and password Database Location Selects where the database is located Local or Remote If the database is located on this machine select Local If the database is located on a remote machine select Remote and provide the IP Address of the remote machine and the Username and Password Local Database Server Setup The Local Database...

Страница 43: ...e specific configuration files that get backed up are listed in the file called backup located in the opt multi access data directory Backups will fail if this file is renamed or missing from this directory Local Periodic Backup If Local Periodic Backup is chosen the Time Interval can be selected as a daily weekly or monthly backup The number set in the Maximum Backups is the number of backups tha...

Страница 44: ...he number of backups listed here Backups You can Get Restore and Delete backups To Restore a backup simply click on the Options Restore Your system will be restored from the file and rebooted To Delete a backup click on the Options Delete and the file is removed from your system For situations when you want to use the backup that is on the FTP server manually copy get the file and place it into th...

Страница 45: ...can decide what actions are to be taken By default DOS attack minimum fragmentation checks port scans DNS attacks bad packets overflows chat accesses Web attacks will be detected and then the administrator is informed Apart from the above the user can configure user defined rules for intrusion detection Check the box to enable Network Intrusion Detection Then click the Save button User Defined Net...

Страница 46: ... protocol i e TPC or UDP Service This selection allows you to choose the corresponding service The service must have been previously defined in the Services menu Select intrusion detection rules from the following dropdown list boxes Add After the rules are defined selected click the Add button The commands can be deleted by clicking Delete under the Command option ...

Страница 47: ...y is used as a diagnostic tool to determine if a TCP IP communication path exists to a remote host The utility sends a packet to the specified address and then waits for a reply Host Specify the IP address or name of the other computer for which connectivity is to be checked Number of PINGS Select the number of pings You can choose 3 the default 10 or 100 pings Timeout Specify the duration to wait...

Страница 48: ...cket filter on the MultiAccess not allowing the operation of Trace Route Host Specify the IP address host name of the other computer to test this tool Start Click the corresponding Start button to start the test A Sample Trace Route Log TCP Connect This system tool tests specific TCP ports for availability between the source MultiAccess and destination addresses Host Enter the IP address or host n...

Страница 49: ...e MultiAccess The login screen displays while the shutdown process takes place When a proper shutdown is initiated immediately 1 beep is heard and then the unit starts to shutdown killing services unloading driver etc and then approximately 30 seconds later run level zero is reached and two consecutive beeps are heard after which it is now safe to power off the unit Caution Avoid improper shutdown...

Страница 50: ...ically single hosts are treated in the same way as networks A network or host you added can be deleted only if it is not used for any route or by any other module If a network process function is using a network that network cannot be edited Similarly if a host address is edited and changed and if that host was used by SNAT or DNAT the change will not be performed Add Network Name Enter a straight...

Страница 51: ...nge The name of the network can not be changed but the IP Address and Subnet Mask can be edited You can delete a newly created network by clicking on Delete in the Options column for a desired network Added networks are displayed in the following functions 1 Web Admin 2 SSH 3 Packet Filter Rules 4 Network Intrusion Detection 5 Routing 6 Masquerading 7 SNAT 8 DNAT These names will be made available...

Страница 52: ...es below 256 Notes TCP UDP allow both protocols to be active at the same time Any causes the MultiAccess to accept any protocol offered The ICMP protocol is necessary to test network connections and MultiAccess functionality as well as for diagnostic purposes In the Packet Filter ICMP menu you can enable ICMP Forwarding between networks as well as MultiAccess ICMP reception e g to allow ping suppo...

Страница 53: ...ocol is TCP UDP TCP UDP or ANY D Port Server Destination Port Enter the destination port for the service It will be displayed if the type of the protocol is TCP UDP TCP UDP or ANY Add Button After you have entered the service click the Add button Edit By clicking Edit in the Options column the information is loaded into the entry menu of the Edit Service screen You can then edit the entry You can ...

Страница 54: ...d Edit the Group Name Selected Above Displays Click the Edit Group button to add networks to a group The group for which the networks have to be added has to be selected from the box When the Edit Group button is clicked the list of all the networks which are not part of any group and the list of networks which fall under that group will be displayed Delete the Group The Delete button must be clic...

Страница 55: ...elected from the Select Group name box After clicking the Edit Group button the list of all the services and the list of the services which fall under that group will be displayed You can select several services at once by holding down the Shift key as you select them Delete a Group Click the Delete Group button to delete a group selected from Select Group list Adding Services to a Group This opti...

Страница 56: ...sic primary network parameters For example change the IP address and subnet mask of eth0 to an available static address that matches the network this MultiAccess is going to be used on then click on the Save button Confirm the pop up menu regarding the address change and wait approximately 1 minute for the parameter change to take affect Then enter the new IP address in the Address bar of your bro...

Страница 57: ... your PC you will see an additional section for entering Network Card 2 information Since the input fields are the same as those for Network Card 1 they are not included in this graphic Local Host Host Name Enter a name for the MultiAccess into the Host Name field An example is MultiAccess mydomain com Click the Save button after entering the Host Name ...

Страница 58: ...Subnet Mask into the appropriate entry fields For example Network Card 1 eth0 Network Card 2 eth1 Name Description LAN 1 IP Address 192 168 2 1 Subnet Mask 255 255 255 0 Name Description LAN 2 IP Address 192 168 100 1 Subnet Mask 255 255 255 0 Caution When entering a new IP address it is possible to temporarily lock yourself out If you do you will need local console access to re establish proper n...

Страница 59: ... administer several logical networks on one network interface They can also be necessary in connection with the SNAT function to assign additional addresses to the firewall Note The same IP address cannot be configured many times for an interface Similarly the same IP address cannot be entered as an alias for two different interfaces Interface From the drop down list box select the network name to...

Страница 60: ... clicking the Add button Also existing entries can be deleted by highlighting the entry and clicking the Delete button Add Routes Static Route A static route defines which router external to the MultiAccess is to be used to reach a particular destination Select an already defined network from the drop down list Enter the external IP address which will act as a gateway to this network Confirm your ...

Страница 61: ...rface All services are automatically included in the translation The translation takes place only if the packet is sent via the indicated network interface The addess of the MultiAccess network interface is used as the new source of the data packets The Network Setup Masquerading screen allows you to select the network or group of networks to be masked to a selected network card Masquerading Masqu...

Страница 62: ... being the same as that of the MultiAccess For example the IP address of Ethernet 1 is 192 168 4 235 with a subnetmask of 255 255 255 000 and the network s default gateway is 192 168 4 1 These addresses are set in the Network Setup menu Next create a private network in Network and Services Networks menu of 192 168 5 000 with a subnetmask of 255 255 255 000 give it an arbitrary yet meaningful name ...

Страница 63: ...slation takes place after the filtering by packet filter rules you must allow connections that concern your SNAT rules in Packet Filters Packet Filter Rules with the original source address Packet filter rules are covered later in this chapter Note To create simple connections from private networks to the Internet you should use the Network Setup Masquerading function instead of SNAT In contrast t...

Страница 64: ...on properly Add DNAT Definition The DNAT screen contains four drop down list boxes The first two define the original target of the IP packets that are to be re routed The last two define the new target to which the packets are forwarded From the drop down list boxes select IP packet characteristics to be translated Pre DNAT Destination Select the original target host or network of the IP packets t...

Страница 65: ... you must change the value of the Web Admin TCP port in the Network Services Services e g port 444 Examples of DNAT Network Combinations You can map IP Port IP Port IP Port Range IP Port IP Port Range IP Port Range only if the Port Range is the same for PRE and POST IP Range Port IP Port IP Range Port Range IP Port You cannot map IP IP IP Range IP IP Range IP Range IP IP Range load balancing The w...

Страница 66: ...e overall purpose of the DHCP is to make it easier to administer a large network The DHCP package includes the DHCP server and a DHCP relay agent DHCP Server on Ethernet 1 DHCP Server on Ethernet 1 To Enable DHCP Server on Ethernet 1 check the corresponding checkbox Click the Save button to activate the change Add Click the Add Subnet button which will open a screen for entering the Subnet IP Addr...

Страница 67: ... can be made permanent by configuring the same using this screen The same IP address would not be used for any DHCP client with a different MAC address even if there were no active DHCP connection with that IP address DHCP Server Fixed Addresses Add Enter both a MAC address and an IP address Option Edit or Delete You can edit or delete entries by highlighting the desired entries and clicking eithe...

Страница 68: ...ng old files copies in the new files and then reboots the MultiAccess Depending on the how many updates are being applied and the contents of the updates you may be able to log back in in as quickly as 2 minutes or you may have to wait longer like in the case of updating from version 1 09 to 1 10 it takes appx 30 minutes Most updates take 2 or 3 minutes Some updates may include a process that does...

Страница 69: ...oad the appropriate update files from update multitech com and then put them on a private internal FTP server Appropriate files are defined as a version tar gz and a version html file per MA30120 version The IP address or DNS resolvable internal name of this private FTP server would be defined in the Update Server field The update files must be placed in the correct default directory of the FTP se...

Страница 70: ...ta you transfer On this screen you can specify which local devices will have their network traffic counted and recorded You can also exclude hosts or networks from the accounting process After this accounting is in place you can view the Accounting of your MultiAccess in the Statistics Logs Accounting menu Accounting Device Accounting Device From the Accounting Device drop down box select the netw...

Страница 71: ...The MultiAccess s behavior is determined by the content and order of the filter rules The filter rules are assigned by column number column No Every incoming data packet is checked in order as to whether rule 1 is valid rule 2 is valid etc As soon as a correspondence is found the procedure as determined by the action is carried out You can Accept Drop Reject and Log the packets When packets are de...

Страница 72: ...e sent for the rule to match You can also select network groups The Any option can also be given which matches all IP addresses regardless of whether they are officially assigned addresses or so called private addresses These Network clients or groups must be pre defined in the Networks menu Example net1 or host1 or Any Service Select the service that is to be matched with the rule These services ...

Страница 73: ...t Any Service Any To Server Broadcast8 Action Drop 4 Confirm your entries by clicking the Add button Log The packets matching the corresponding source address destination address service will be logged The log messages can be viewed from the Statistics Logs Packet Filter Packet Filter Livelog screen Add Confirm your entry by clicking the Add button After a successful definition the rule is always ...

Страница 74: ...ng appropriate packet filter rules ICMP Forwarding Check the ICMP Forward checkbox to enable the forwarding of ICMP packets through the MultiAccess into the local network and all connected DMZs In this way you select whether an ICMP packet should be dropped or passed through to the local network and all connected DMZs If ICMP forward is enabled ICMP packets go through all connected networks Anothe...

Страница 75: ...hell limited to user level access rights They also have rights to use modems configured for Modem Sharing with Local Authenication User Definition User Name Limited to alphanumeric characters with at least one letter A user name of all numbers is not supported Maximum user name is 30 characters User name is case sensitive Password The password is limited to alphanumeric characters with a maximum o...

Страница 76: ...ion Local Users Add Button Click the Add button after all the parameters are entered After a successful definition the new user is entered into the user table Edit or Delete You can edit or delete entries in the table by clicking on either the Edit button or Delete button listed under Options ...

Страница 77: ...re to be used This screen also defines the dynamic IP address pool and related parameters synomomous with traditional PPP remote access environments Note The RADIUS protocol RFCs 2138 2139 implements a client server relationship RADIUS software uses UDP of TCP IP to communicate between client and server The MultiAccess contains both RADIUS Client and RADIUS Server software These are separate entit...

Страница 78: ...ver in this window Port The top Port window is the UDP port number that the client communictes with the main Radius Server RADIUS Accounting Address 1 Radius Accounting host keeps track of information such as login time logout time port number etc This is the IP address of your primary Radius Accounting host Port The next Port window down is the UDP port number used to communicate with the main Ra...

Страница 79: ...ections that have their Port Selection set to All If the MultiAccess server has multiple line interface modules and all ports are to use an address pool set this field to the same address 192 168 1 150 for each line interface DNS Server Address 1 This is the IP address of the primary name server This identifies the name server for remote access users Click on the check mark window and enter the IP...

Страница 80: ...ser Setup The intended purpose of the MultiAccess s RADIUS Server is for use with the MultiAcces s RADIUS Client This RADIUS Server can serve the internal Radius Client or MultiAccess RADIUS Clients external to this unit other MultiAccess units This RADIUS Server uses serves Ethernet 1 The IP address of Ethernet 1 is the IP address of this RADIUS Server Note When the RADIUS Server and RADIUS Clien...

Страница 81: ... Upon receipt of an acceptance packet the client will compare the contents against the current conditions apply provide any necessary parameters to the user and allow the connection to proceed The RADIUS Client at this time if configured to do so starts the RADIUS Accounting process The client then sends an Accounting Start packet containing a summary of the user including resources used i e start...

Страница 82: ...the manufacture of the Radius client such as MultiTech Livingston etc Click on the drop down arrow and high light the manufacture of the Radius Client NAS IP Address Login Name Password All three optional and currently not used Add Click the Add button to configure the Radius Server with the MultiAccess and the above client information ...

Страница 83: ...rver however this reference and these user accounts are separate for the Local Users of the MultiAccess Linux Operating System The RADIUS Server will check it s local users file first and if a match of username and password is not found it will proceed to check the Local Users of the Linux system Add Users Username Up to 15 alphanumeric characters case sensitive can be used with the exception of f...

Страница 84: ... how long the user can be idle in seconds while connected applies to Framed protocol PPP Protocol This field indicates the type of framed service the user is to be provided IP Address This field indicates the IP address the framed user is to use A value of 255 255 255 255 254 instructs the NAS equipment to give the user an IP address from an address pool defined within the NAS equipment referred t...

Страница 85: ...Server Default User Setup The Radius Server Default User Setup screen displays the factory default settings and allows for changes to be made to the default Default Settings The Default Settings apply to all users of the Local Users data base If you want to add a New Default click on the Add New Default buttton and the Add New Default Setup screen appears ...

Страница 86: ...ver Default User Setup screen Auth Type This field is for selecting the type of authentication This field must be set to System Service Type This field is for selecting the type of service the user will be requesting or provided to them Compression This field is for selecting the Van Jacobson TCP IP compression applies to Framed protocol PPP Idle Timeout This field is for entering the maximum numb...

Страница 87: ...mask This field indicates the subnet mask that should be applied to this connection MTU This field is for entering the maximum allowable PPP framed size Utilmately the actual size used in negotiation per connection Hint This field is for entering additional matching criteria depending on the hint Routing This field is for selecting the routing method of the user when the user is a router Fall Thro...

Страница 88: ...e screen is used to define the role of the modem The Modem Setup screen is used to define the operating parameters of the modems set to a usage of RAS The Fax Setup screen is used to configure various faxing parameters when at least one modem is set to the usage of Fax Note The MultiAccess modems also support faxing with fax servers that are external to the MultiAccess via the Modem Sharing usage ...

Страница 89: ...r modems to provide dial in PPP for your Remote Access clients you do not have to modify the default modem usage settings which is RAS RAS usage is for inbound calls from PPP clients in a Dial Up networking environment If you are using some or all of your modems as a network resource setting the usage to Modem Sharing you can assign the shared modems to be part of a first available pool or each sh...

Страница 90: ...7 options The following is a description of each Usage RAS This is the default usage New units from the factory have all ports set to RAS When ports are added to the MultiAccess they come up set to RAS RAS is an acronym for Remote Access Server Ports set this way are to receive inbound calls from remote nodes PPP clients Mircosoft s Dial Up Networking is an example of a remote node or client The M...

Страница 91: ...e before access is granted All credentials are normally checked against the RADIUS data base If the RADIUS server rejects the credentials access to the modem resource is denied If the user is to authenticate against the Local database they must include an exclaimation point in front of the username The is a flag used to instruct the authenticator process to check the Local User database instead of...

Страница 92: ...SSL Secure Sockets Layer This Pull down only applies when the usage is Modem Sharing with Authentication SSL is a transport level technology for authentication and data encryption SSL negotiates a secure point to point socket using pre determined Site Certificate information Site Certificate information is used to authenticate the user and encrypt the data Site Certificate information is configure...

Страница 93: ...ect or select Short Phase 1 only or Short Phase 2 only V92 Quick Connect is a feature that allows V92 clients to use previously obtained line quality configuration data to speed up portions of the negotiation process Disabling this feature dictates the modems should use configuration data determined by a line probe during the negotiation process Enabling this feature allows the V92 client to dicta...

Страница 94: ...vides a list of available levels The available choices are from 9 dBm to 20 dBm 20 dBm is less power than 9 dBm V 8bis You can select Disable or Enable Without V 90 or Enabled with V 90 V 8bis is used to negotiate K56flex connections Note Selecting V8bis Enabled Without V90 does NOT disable V 90 it changes where it is offered Error Recovery Setup Retain Limit This value along with the Retrain Limi...

Страница 95: ...nations The General Fax Setup field establishes a data base of credentials used by fax clients to log into the Hylafax server preventing unauthorized use of the Hylafax server Inbound faxes received by Hylafax from remote dial up fax locations are sent as tif attachments to emails generated by the Hylafax server The Fax Modem Setup group sets the port identification and other administrative detail...

Страница 96: ...l Identifier which is used as the TSI Transmit Station Identifier when sending faxes and is included in the body of the email when receiving faxes You can limit the maximum number of pages being received Fax Modem The Fax Modem scroll box allows you to high light a range of modem ports for assigning global parameters or high lighting individual ports for port specific parameters Local Identifier T...

Страница 97: ... instruct the modem to answer and receive the incoming fax When the Fax is complete Hylafax will reference the Fax routing table and match the DNIS information to an email address If no Called Number route entries can be matched to the DNIS information for that particular fax the Route to Default entry will be used How many DNIS digits will Telco be providing The remote originator of the fax may d...

Страница 98: ...us of each digital line interface alarm condition Modem Connections Displays the current state of all modems along with connection protocol details Caller ID information and Call History information Server Connections Displays who is currently logged into the unit and via what means Interfaces Graphically displays the Ethernet utilization for each interface by days weeks months and Yearly Accounti...

Страница 99: ...con in your browser s tool bar or pressing the F5 key The value selected applies to all of the menus that automatically refresh Line Interface Status Modem Connections Modem Connection Details Modem Connection Caller ID and Server Connections The minimum refresh rate is once every 15 minutes and the maximum is once every 30 seconds Note Web caching rules applied by computers and programs external ...

Страница 100: ... Statistics Logs Uptime Statistics Logs Uptime Uptime tells you how long the system has been running The first line displays the date and time the system was started The second line displays the total time elapsed since the system was started in days hours minutes and seconds ...

Страница 101: ...rface Details screen will summarize configuration and performance information for each network interface Both Ethernet interfaces and the internal Loopback interface will always be present in this screen PPP interfaces will be added and removed automatically to and from the table as the PPP connections are established and relinquished ...

Страница 102: ...gateway address or if none set Genmask The netmask for the destination net 255 255 255 255 for a host destination and 0 0 0 0 for the default route Flags Possible flags include U route is up H target is a host G use gateway R reinstate route for dynamic routing D dynamically installed by daemon or redirect M modified from routing daemon or redirect A installed by addrconf C cache entry reject rout...

Страница 103: ... IP address and port number of the remote end of the socket If the final remote end point is actually on a different network the foreign address will be that of the first hop interface of the router off the local network State The state of the socket Normally this can be one of several values ESTABLISHED The socket has an established connection SYNC_SENT The socket is actively attempting to establ...

Страница 104: ...there is an active ESTABLISHED connection from 65 126 90 16 port 22 http to 65 126 90 4 port 1918 How to Read the Network Connections Table Example 2 Proto Recv Q Send Q Local Address Foreign Address State tcp 0 0 0 0 0 0 22 0 0 0 0 LISTEN This output tells you that your MultiAccess is listening LISTEN at all 0 0 0 0 interfaces for incoming requests to port 22 ssh the remote IP address is ANY 0 0 ...

Страница 105: ...the Facility Data Link channel of an Extended Super Frame No Alarm Active means the line interface is receiving a properly framed signal and that at least one modem associated with this line interface has a call in progress The front panel LEDs will reflect the LA on solid with the LC and LS off No Alarm Inactive means the line interface is receiving a properly framed signal and that all modems as...

Страница 106: ...change in Layer 1 status are also written to the log file as they occur The following are some example messages The log file will contain the following sequence of messages when a red alarm condition occurs Jul 28 14 30 31 multiaccess kernel FALC 800 Jul 28 14 30 31 multiaccess kernel fech 0 fecl 4 Jul 28 14 30 31 multiaccess kernel cvch 0 cvcl 0 Jul 28 14 30 31 multiaccess kernel cech 0 cecl 0 Ju...

Страница 107: ...eans the port as a system resource is available to the system and currently is not in use The state of allocated means as a system resource it is being used When the modem s usage is set to RAS or FAX the state of the port is Allocated When a successful call is established the state will change from Allocated to Data When the call is finished the state will return to Allocated When the modem s usa...

Страница 108: ...ultiAccess Communications Server MA30120 User Guide 108 Statistics Logs Modem Connections Connection Details Connection Details This screen displays the modem protocol and performance details for currently connected ports ...

Страница 109: ...een displays the telephone number dialed by the caller and the telephone number of that caller This information is available when the call is inbound to the MultiAccess and when the line type is PRI T1PRI or E1 PRI The exact digits displayed is controlled by Telco s implementation of DNIS Dialed Number Identification Service and Caller ID services ...

Страница 110: ... selectable The Filter Options are by Port The tty port the call was received on IP The IP address of a particular MultiAccess unit when the Call History database is made up of records from multiple MultiAccess units Username The login name of the dialed in RAS user Start Date and Hour the Hour variable specifies the starting point in time End Date and Hour the Hour variable specifies the final po...

Страница 111: ...kes to assemble and display the data structure depends on the number of records in the database the available system resources and network performance between the MultiAccess and your browser The larger the database the longer it takes to display and search the call history For example we have seen databaseswith approximately 120 000 call records take approximately 120 seconds to display ...

Страница 112: ...are MultiAccess Communications Server MA30120 User Guide 112 Statistics Logs Server Connections Statistics Logs Server Connections The Server Connections screen displays active command shell PPP sessions and activity ...

Страница 113: ...Logs Interfaces This screen displays graphically the network traffic load on each interface Ethernet 1 and Ethernet 2 separated by days weeks months and years Ethernet 1 Traffic Ethernet 1 traffic is displayed by default Ethernet 2 Traffic Click on Ethernet 2 traffic to graphically display the traffic on Ethernet 2 ...

Страница 114: ...unting per Ethernet interface Each day s total is separated by the amount transmitted per Ethernet interface and received per Ethernet interface transmit is from the MultiAccess to the LAN Receive is from the LAN to the MultiAccess The length of each Ethernet Frame transmitted or received by the MultiAccess is added up to achieve the byte total One Ethernet frame packet contains one IP packet of a...

Страница 115: ...ch process is not running and is trying to be restarted How to Add Edit or Delete Email Addresses for Self Monitoring 1 Open the Administration System Setup screen The current email addresses for informing the administrator of important events are listed in the second window of the Notification entry menu 2 Edit or delete existing email addresses or add new email addresses and then click Save Note...

Страница 116: ...dnight the zero hour on the date selected and end at the time selected The time selection of latest is only available when the date selected is today s current date Please note this exception the time selection of 00 00 will result in viewing the previous day s entire log When the log file type is Self Monitor and the selected date is not today s date due to the nature of how the logs are maintain...

Страница 117: ...ires a reboot The following statements attempt to summarize in the simplest terms certain digital carrier technology T1 and E1 lines in relationship to the MultiAccess T1 and E1 signals are made up of multiple protocols running at multiple levels Layer 1 refers to the framed signal physically transmitted and received on the wires transport layer Layer 2 runs a signaling or messaging protocol that ...

Страница 118: ...RI ISDN signaling is a layer 2 protocol T1 PRI 23B D uses channels 1 through 23 to Bear carry the calls 1 call per channel and uses the 24th channel D Channel as the signaling channel The D channel is used to send Call Setup and Call Progress messages between Telco s central office switch and the MultiAccess premise equipment PRI Signaling allows for analog calls or digital calls to be made per ch...

Страница 119: ...the parameters into the line interface The parameters you select should match the parameters of the digital communication line provided by your Telco The proper loading sequence is Select the desired Line Type and wait for the screen to refresh the available menu options will change based on the selected line type Change any of the remaining options as needed Click on the Save button and wait for ...

Страница 120: ...ar signal The Line Type selection dictates the available Line Code choices When the line type is T1 your choices are Alternate Mark Inversion AMI Line code is a bipolar coding scheme in which successive ones alternate in polarity Successive ones of the same polarity are bipolar violations BPV errors BPVs and too many consecutive zeros are conditions that cause signal degradation AMI line code requ...

Страница 121: ...tocol both need to be Ground Start or both need to be Loop Start If You re connecting the MultiAccess to a T1 line that comes from a PBX system on your premise and it s set to FXS Loop Start and the MultiAccess is also set to FXS Loop Start the call signaling will fail because they are not maintaining the FXO to FXS relationship Line Build Out LBO This layer 1 parameter dictates the physical size ...

Страница 122: ...e transmit 00 MultiAccess modem is instructed to dail MultiAccess indicates off hook transmits 11 to Telco Telco winks back in the same fashion as the MultiAccess did in the previous example After the MultiAccess detects the wink it transmits the DTMF digits in the voice B_Channel The MultiAccess modem then listens into the channel for a busy signal from Telco and at the same time watches the stat...

Страница 123: ...ge based on the selected line type Change any of the remaining options as needed Click on the Save button and wait for the screen to refresh the Send button will now be active Click the Send button and wait for the screen to refresh this takes approximately 45 seconds Now the Current Setup field will reflect the new settings Line Type Three selections are available T1 RBS T1 PRI and E1 PRI Units l...

Страница 124: ...to the public network default or as NT2 network side NT2 could be used when the MultiAccess is connected to a PBX or similar private equipment that is already configured for premise side operation When the MultiAccess is connected directly to a PRI line that is part of the public switched network it should be set to TE Line Code The Line Code parameter is a layer 1 technique used to identify and c...

Страница 125: ... select the country for which the equipment is operating in and needs to comply with Line Build Out LBO This layer 1 parameter dictates the physical size decibel level of the T1 signal being transmitted by the MultiAccess Your choices are 0dB 7 5dB 15 dB 22 5dB 0dB is the largest size signal the MultiAccess can transmit There are a number of variables as to when the Line Build Out setting should b...

Страница 126: ...ad the parameters into the line interface The parameters you select should match the parameters of the digital communication line provided by Telco The proper loading sequence is Select the desired Line Type and wait for the screen to refresh the available menu options will change based on the selected line type Change any of the remaining options as needed Click on the Save button and wait for th...

Страница 127: ...te equipment that is already configured for premise side operation When the MultiAccess is connected directly to a PRI line that is part of the public switched network it should be set to TE Line Code The Line Code parameter is a layer 1 technique used to identify and control the ones and zeros of the data pattern E1 line codes are derived from the AMI Alternate Mark Inversion bi polar technique A...

Страница 128: ...ratic communication bit errors and other problems may or may not result Country This allows you to select the country for which the equipment is operating in and needs to comply with Line Build Out LBO This layer 1 parameter dictates the physical size decibel level of the E1 signal being transmitted by the MultiAccess Your choices are 0dB 7 5dB 15 dB 22 5 dB 0dB is the largest size signal the Mult...

Страница 129: ...atures of Ping and Tracert and adds additional features to help you troubleshoot TCP IP connectivity problems 7 If you are using an external keyboard connected to the MultiAccess s PC board using the KB1 6 pin female MiniDIN connector make sure that you are not using an adapter cable e g a 6 pin DIN to 6 pin miniDIN adapter cable 8 Observe the MultiAccess front panel LEDs Verify that the LAN 1 and...

Страница 130: ...ontract employees or your university s graduating students This should involve maintaining current email addresses for alerts and notifications e g from the Administration menu as well as maintaining the overall WebAdmin password from the Administration Web Admin menu Disk space management Includes timely cleanup of random program and data files to avoid wondering if a program is a leftover from a...

Страница 131: ...TS LIABILITY EXCEED THE PRICE FOR DEFECTIVE PRODUCTS Repair Procedures for U S and Canadian Customers In the event that service is required products may be shipped freight prepaid to our Mounds View Minnesota factory Multi Tech Systems Inc 2205 Woodale Drive Mounds View MN 55112 Attn Repairs Serial ____________ A Returned Materials Authorization RMA is not required Return shipping charges surface ...

Страница 132: ... to the U S A Please include inside the shipping box a description of the problem a return shipping address must have street address not P O Box your telephone number and if the product is out of warranty a check drawn on a U S bank or your company s purchase order for repair charges Repaired units shall be shipped freight collect unless other arrangements are made in advance Please direct your qu...

Страница 133: ... with this equipment This equipment is designed to be connected to the phone network or premises wiring using a compatible modular jack which is Part 68 compliant See installation instructions for details 4 The ringer equivalence number REN is used to determine the number of devices that may be connected to the phone line Excessive REN s on the phone line may result in the device not ringing in re...

Страница 134: ...to certified equipment should be made by an authorized Canadian maintenance facility designated by the supplier Any repairs or alterations made by the user to this equipment or equipment malfunctions may give the telecommunications company cause to request the user to disconnect the equipment Users should ensure for their own protection that the electrical ground connections of the power utility p...

Страница 135: ... Version is displayed at the top of the Home screen Provide the configuration information e g Ethernet gateway and other IP addresses used from Network Setup Interfaces as well as any available Statistics Logs information Record the Node ID from the MultiAccess s back panel it may be required by the ISP for administration purposes or connection identification Every device that contains an Ethernet...

Страница 136: ...l for backup or archival purposes Customer shall NOT copy or translate into any language in whole or in part any documentation which is provided by MTS in printed form under this Agreement OTHER RESTRICTIONS The software may not be assigned sublicensed translated or otherwise transferred by Customer without prior written consent from MTS Customer may not reverse engineer decompile or disassemble t...

Страница 137: ...country to which the United States has prohibited export I will not download or by any other means export or re export the Programs either directly or indirectly to the above countries nor to citizens nationals or residents of the above countries I am not listed on the United States Department of Treasury lists of Specially Designated Nationals Specially Designated Terrorists and or Specially Desi...

Страница 138: ...ONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION 0 This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License The Program below refers to any such program or work and a work based on the Program means either the Program or any derivative work under copyright law that is to s...

Страница 139: ...n to modify or distribute the Program or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Program or any work based on the Program you indicate your acceptance of this License to do so and all its terms and conditions for copying distributing or modifying the Program or works based on it 6 Each time you redistribu...

Страница 140: ...ER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION IN NO EVENT UNLESS...

Страница 141: ...tory defaults must be issued to the modem before each call attempt The following sections within this appendix depict the AT commands supported by the MultiAccess 1 AT Command Syntax Convention 2 Standard AT Commands Supported 3 Standard AT Commands Accepted with No Effect 4 S Registers 5 Advanced MultiAccess Modem Commands 6 Application Notes 7 ASCII Conversion Chart AT Command Syntax Convention ...

Страница 142: ...nd Vn in the AT Commands Supported Three commands are exceptions to the sending of the OK or ERROR result code These are ATA ATD and ATO refer to AT Commands Supported Each of these commands itself terminates command input string parsing They cause the modem to perform an action which is then reported by specific result codes such as CONNECT Null Command The null command is permitted has no effect...

Страница 143: ...alue into S register Sn This value is interpreted as a decimal number string and ends at the first character not in the range 0 to 9 The S registers supported by the MultiAccess modems are described in the S Registers section in this appendix Registers not supported should not be accessed Sn Query the Value of an S Register The command Sn returns the value of S register Sn in the response The form...

Страница 144: ...onal characters the comma and the letter R are valid when the Modem Sharing option Reverse Dial option is enabled and when the t tone command immediately follows the d dial command in the dial string Commas add delay s to the call progress and are most commonly used when dialing a destination that initially answers with an automated attendant For example ATDT17637853500 5315 with the 5315 being en...

Страница 145: ... in originate mode but disables certain result codes in answer mode This is the DEFAULT setting Only OK RING and ERROR are sent in answer mode other result codes such as CONNECT NO CARRIER etc are not sent On On Line from Escape State The On command causes the modem to return to the Data state from the Command Escape state A CONNECT result code will be sent to the host User data flow interrupted i...

Страница 146: ...it rate error control protocol and compression protocol Z Reset to default Configuration The Z command causes all configuration variables to be reset to the internal defaults therefore this command has the same effect as F In addition if the modem is in the Command Escape mode the link is terminated F Set to Default Configuration The F command causes all configuration variables for the modem to be...

Страница 147: ...e monitor speaker is on The valid range of n is 0 to 2 P Pulse Dial The P command normally changes the dialing mode to pulse Cn DCD Behavior The Cn command normally controls the DCD handshake signal presented by a modem to the terminal The valid range of n is 0 to 1 Dn DTR Behavior The Dn command normally determines the behavior of the modem when a terminal DTR transition to off is detected The va...

Страница 148: ...tering command modem during on line mode without breaking the on line connection S3 Carriage Return Character Default 13 r CTRL M Min 0 Max 127 This register defines the character recognized as the Carriage Return Enter or Return Key This register may be set to any ASCII character refer to the ASCII Conversion Chart at the end of this appendix S4 Line Feed Character Default 10 n CTRL J Min 0 Max 1...

Страница 149: ...isconnecting If the retrain is successful the connection will continue Should a V 90 connection retrain to a V 34 modulation the connection will continue as a V 34 connection If the retransmit limit is reached while connected at a V 34 modulation the modem will disconnect A retransmit limit of 0 is used to denote no limit indicating that a disconnect will not result regardless of the number of tim...

Страница 150: ...ol only If V 44 is enabled and can be negotiated with the peer during protocol negotiation V 44 will take precedence over V 42bis V 42bis compression may be run over the LAPM MNP and PIAFS error correction protocols MNP5 compression may be run only over an MNP error correction protocol If during MNP protocol negotiation V 42bis is enabled and can be negotiated with the peer V 42bis will take prece...

Страница 151: ...acter or MNP2 flags If none of these are detected within the specified time a normal link connection is established S51 Error Correction Fallback Character Default 13 r Min 0 Max 127 This register defines the ASCII character that if detected repeatedly while in answer mode is attempting auto detection of an error control protocol will cause the EC negotiation attempt to be abandoned and a normal n...

Страница 152: ...ng law so it is very important to set this index with care μ LAW UNITED STATES 1 CANADA 2 HONG KONG 3 JAPAN 4 KOREA MULAW 5 TAIWAN 6 INTERNAT MULAW 15 any μ LAW country INTERNAT ALAW 16 any A LAW country A LAW ARGENTINA 17 AUSTRALIA 18 AUSTRIA 19 BELGIUM 20 BRAZIL 21 CHILE 22 CHINA 23 CYPRUS 24 CZECH 25 DENMARK 26 DENMARK 26 EGYPT 27 FINLAND 28 FRANCE 29 GERMANY 30 GREECE 31 HOLLAND 32 INDIA 33 IR...

Страница 153: ...otocls of LAPM or MNP and data compression protocols of V 44 V 42bis or MNP5 The modem will connect in asynchronous mode non framed ISDN V110 V110 framed data operating directly on digital DS 0 channel Auto rate adaption of 19 2 kbps or slower Associated with wireless calls ISDN PIAFS A framed protocol operating directly on digital DS 0 channel for use in Japan Associated with wireless calls ISDN ...

Страница 154: ...ult setting is 8 data bits STOP BITS Index 172 Default 1 This index determines the number of stop bits when connected in an asynchronous POS mode The possible settings are 1 or 2 stop bits The default setting is 1 stop bit PARITY Index 219 Default 0 No Parity This index determines the parity of the data when connected in an asynchronous POS mode The possible settings are as follows No Parity 0 Eve...

Страница 155: ...speed up portions of the negotiation process Disabling this feature dictates the modems should use configuration data determined by a line probe during the negotiation process for each call The supported values are V92 Quick Connect DISABLED 0 V92 QuickConnect SHORT PHASE1 ONLY 1 V92 QuickConnect SHORT PHASE2 ONLY 2 V92 QuickConnect ENABLED 3 Enabling this feature m285 3 allows the V92 client to d...

Страница 156: ... This provides support for early implementations of V 90 Please Note Selecting a value of 0 or 1 does not disable the ability to establish V 90 connections it simply changes where V 90 is offered within the negotiation process Answer State Delay Index 114 Default 20 The minimum setting is 0 The maximum setting is 255 This index is used to define the delay before entering into the answer state The ...

Страница 157: ...sing m253 1 means you should receive all 350 bytes at once Pause Before Answer Tone Index 173 Default 300 The minimum setting is 0 The maximum setting is 600 This index defines in milliseconds how long the modem waits before it generates quick connect answer tones after it receieves the answer command Answer Tone Duration Index 174 Default 660 The minimum setting is 0 The maximum setting is 1200 T...

Страница 158: ...ls the length of time that the answering modem transmits scrambled ones at 1200 bits s during a Bell 212A or V 22 connection attempt V22BIS TX BINARY ONES 2400 DURATION Index 181 Default 174 The minimum setting is 0 The maximum setting is 600 This index controls the length of time that the answering modem transmits scrambled ones at 2400 bits s during a V 22bis connection attempt The default value...

Страница 159: ...inate mode If for inbound calls the desired call type is to be something other than default the call type command index 112 must be issued with the answer command For Example Open the socket to the modem Initialize the modem ate0q0 Look for response ok if applicable Look for the ring call progress message Issue the appropriate answer string For example if the incoming call is an ISDN HDLC call iss...

Страница 160: ...Applications that desire normal mode connections may react differently to error control protocol negotiations and or the time it takes to determine error correction will not be used In certain situations it may be desirable to control or disable error control protocol negotiations V 42 Error correction commands mostly apply in both answer originate modes however some apply only in one mode In Answ...

Страница 161: ...14 S DC3 13 19 3 33 51 S 53 83 s 73 115 T DC4 14 20 4 34 52 T 54 84 t 74 116 U NAK 15 21 5 35 53 U 55 85 u 75 117 V SYN 16 22 6 36 54 V 56 86 v 76 118 W ETB 17 23 7 37 55 W 57 87 w 77 119 X CAN 18 24 8 38 56 X 58 88 x 78 120 Y EM 19 25 9 39 57 Y 59 89 y 79 121 Z SUB 1A 26 3A 58 Z 5A 90 z 7A 122 ESC 1B 27 3B 59 5B 91 7B 123 FS 1C 28 3C 60 5C 92 7C 124 GS 1D 29 3D 61 5D 93 7D 125 RS 1E 30 3E 62 5E 9...

Страница 162: ...o version 1 10 before it can use the menu driven method For the MultiAccess to have Internet Access defining the appropriate Default Gateway in the NetworkSetup page is required Manual Method via Linux command line Download the appropriate files via FTP from update multitech com 65 126 90 15 When connecting to the update server via FTP perform an anonymous login Username anonymous Password any ema...

Страница 163: ... they occur The updates may take a long time to down load and implement Depending on the particular update the implementation of it may occur upon the apply step 3 or the reboot step 4 Burning a New Hard Drive Image using the MultiAccess Recovery CD The MultiAccess ships with a Recovery CD You need a keyboard and monitor connected to the MultiAccess and a CD ROM drive that supports either a 40 pin...

Страница 164: ...Recovery images are named as multiaccess releasedate v iso For example the 1 11 version is named multiaccess 01242005 v1 11 iso 1 Download the image Connect via FTP to update multitech com 204 26 122 121 login anonymously set binary as the transfer mode and the get the iso file Note the exact size of the file as it is displayed on the update server It should be the exact same size on your computer...

Страница 165: ...he costs of recovery from municipal collection points reuse and recycling of specified percentages per the WEEE requirements Instructions for Disposal of WEEE by Users in the European Union The symbol shown below is on the product or on its packaging which indicates that this product must not be disposed of with other waste Instead it is the user s responsibility to dispose of their waste equipmen...

Страница 166: ...ertain Hazardous Substances in electrical and electronic equipment RoHS These Multi Tech products do not contain the following banned chemicals1 Lead Pb 1000 PPM Mercury Hg 1000 PPM Hexavalent Chromium Cr 6 1000 PPM Cadmium Cd 100 PPM Polybrominated Biphenyl PBB 1000 PPM Polybrominated Diphenyl Ether PBDE 1000 PPM Environmental considerations Moisture Sensitivity Level MSL 1 Maximum Soldering temp...

Страница 167: ... the remote system ARP Address Resolution Protocol An IETF standard that allows an IP node to determine the hardware datalink address of a neighboring node ARP provides a method of converting Protocol Addresses e g IP addresses to Local Network Addresses e g Ethernet addresses ARP exists as a low level protocol within the TCP IP suite and is used to map IP addresses to Ethernet or other addresses ...

Страница 168: ...lient Server Model A common way to describe the paradigm of many network protocols Examples include the name server name resolver relationship in DNS and the file server file client relationship in NFS CHAP Challenge Handshake Authentication Protocol An IETF standard for authentication using PPP which uses a random Challenge with a cryptographically hashed Response which depends on the Challenge a...

Страница 169: ...be kept private while the other key is made public Knowing the public key does not reveal the private key DNAT Dynamic NAT Used to operate a private network behind a firewall and make network services that only run there available to the Internet The use of private IP addresses in combination with Network Address Translation NAT in the form of Masquerading Source NAT SNAT and Destination NAT DNAT ...

Страница 170: ...a TCP IP utility called Finger This utility is an old TCP IP tool very popular on UNIX systems that matches an email address with the person who owns it and provides information about that person While the Finger utility is fairly old there are more advanced tools available that performs the same general function it still works and can be a useful tool in certain situations The Finger utility was ...

Страница 171: ...net Control Message Protocol notifies the IP datagrams sender about abnormal events ICMP might indicate for example that an IP datagram cannot reach an intended destination cannot connect to the requested service or that the network has dropped a datagram due to old age ICMP also returns information to the transmitter such as end to end delay for datagram transmission IETF Internet Engineering Tas...

Страница 172: ...es such as addresses on one network with values or quantities on another set such as devices on another network Examples include name address mapping inter network route mapping and DNAT port mapping Name resolution name to address mapping is another example Masquerading The concealing of internal network information LAN form the outside For example the computer of a colleague with the IP address ...

Страница 173: ...encrypted The opposite is ciphertext Port Where as only the source and target addresses are required for transmission on the IP level TCP and UDP require further characteristics to be introduced that allow a differentiation of the separate connections between two computers A connection on the TCP and UDP level are thus clearly identified by the source address and the source port as well as by the ...

Страница 174: ...3GoDVMob fob9wBYbwdHOxPAYtNQBxNPEU9PGMxQd Yp8io72cy0duJNCXkEVvpvYvVzkmp0xVYOWYkfjiPsdhnz5FCitEh6 XsCe0ctByoLjKA1C mLtAlWhuycVojr2JwzSqUIJXzS6nV4yrpI QY5 o5yztgjVIgwW1Er6jyyo2aeFLgucqjuHSZ sX0dz OfdQ0N0AjRAmO3 eknOYLk2DPRkmUeYr3W95q1Z2j 4GRlzzP8ZoyPwdBv7hpZ0TRA 9c38a26 La8N2 TDKx fGLfixB6Ed8X0jCmq4It7iD2d 9EWeaUZfctq aKfw Public key cryptography is based on two keys a private key and a public key W...

Страница 175: ...annel A communication medium that is safe from the threat of eavesdroppers Seed A random bit sequence used to generate another usually longer pseudo random bit sequence Security Policy Enterprises should have a carefully planned set of statements in place regarding network protection A good corporate Internet security policy should define acceptable use acceptable means of remote access informatio...

Страница 176: ... a given IP subnet The simplest and most common example is the default router gateway entry entered onto any IP connected node i e a static route telling the node to go to the Internet router for all subnets outside of the local subnet Subnet Mask The subnet mask or the net mask indicates into which groups the addresses are divided Based on this arrangement individual computers are assigned to a n...

Страница 177: ...dependent of the others as if each was a separate physical device Some higher end switches can also route between VLANs as if each was a separate hub switch connected by a router VPN Virtual Private Network A device or program that protects users and their data when exchanging information over the Internet A VPN can use encryption user authentication and or firewall protection to solve remote acce...

Страница 178: ...name 19 Housekeeping 130 HTTPS port 40 I ICMP forwarding 74 Intrusion Detection 45 IP Aliases 59 L Licenses GNU General Public License 138 Multi Tech Systems Inc End User License Agreement 136 Line Interfaces 17 LINE jack 8 Login 15 Logout 17 34 M Maintenance 130 Masquerading 61 Modem Setup 17 Monitoring 130 MultiAccess Communications Server 5 Multi Tech Systems Inc End User License Agreement 136 ...

Страница 179: ...Site Certificate 41 SNAT 63 Specifications 11 SSH Client 37 Starting up the RouteFinder 15 Statistics Logs 17 Statistics Logs Uptime 100 Subnet Settings 66 System Setup 35 System Update 17 T T1 E1 PRI ISDN 5 T1 E1 PRI line jacks 8 T1 PRI interfaces 5 T1 RBS 5 Tools 47 Traceroute 48 Tracking 17 Tracking Accounting 70 U Uptime 100 USB 8 User Authentication 17 User Authentication RADIUS 80 User Defin...

Отзывы: