Nortel BSG12aw 1.0 Скачать руководство пользователя страница 59

Страница: 59 / 200

VPN configuration

Configuration Guide

Configuring client termination

Complete this procedure to configure client termination.

Procedure steps

Step

Action

From the BSG navigation pane, select

Configuration, VPN, Users, Client

Termination

tab.

The VPN Client Termination pane appears.

Click the

Policy

Action,

Create

check box.

In the

Policy

Name

field, type the policy name.

From the

Interface

Name

list, select the WAN interface.

From the

Policy

Status

list, select

ACTIVE

From the

Policy

Type

list, select

IKE

Pre-Shared

In the

IKE

(Phase 1) Proposal

box, from the

IPSec

Encryption

list, select the

encryption standard.

From the

IPSec

Authentication

list, select the authentication.

From the

Group

list, select

Group

, or

Group

From the

Life

Time

list, select the

Seconds

Minutes

, or

Hours

In the

Life

Time

Value

field, enter the life time value.

From the

Peer

Identity

Type

list, select

IPV4

FQDN

EMAIL

, or

KEYID

for the

peer identity type.

From the

Peer

Identity

Value

field, select the peer identity value.

The list contains the Remote Identity values entered on the VPN Global Settings
screen.

From the

Local

Identity

Type

list, select

IPV4

FQDN

EMAIL

, or

KEYID

for the

local identity type.

In the

Local

Identity

Value

field, enter the local identity value.

In the

Traffic

Selector

box, in the

Local

Address

field, enter the source IP

address of outbound traffic.

In the

Local

Address

Mask

field, enter the local network mask of outbound

traffic.

The local address is a local network on the LAN side of the BSG.

In the

Remote

Address

field, enter the destination IP address of outbound

traffic.

The remote address is the same network as the client address pool.

In the

Remote

Address

Mask

field, enter the destination network mask of

outbound traffic.

From the

Protocol

list, select the type of traffic you want to protect.

In the

IPSec

(Phase 2) Proposal

box, from the

Protocol

list, select

ESP

Содержание BSG12aw 1.0

Страница 1: ...BSG8ew and BSG12ew aw tw 1 0 Business Services Gateway Document Status Standard Document Number NN47928 500 Document Version 02 02 Date October 2008 Configuration Guide ...

Страница 2: ...resented without express or implied warranty Users must take full responsibility for their applications of any products specified in this document The information in this document is proprietary to Nortel Networks Trademarks Nortel the Nortel logo and the Globemark are trademarks of Nortel Networks Microsoft MS MS DOS Windows and Windows NT are trademarks of Microsoft Corporation All other tradema...

Страница 3: ...ervice 12 Virtual private network 12 Session initiation protocol 12 Port management 12 Introduction 13 WAN configuration 15 WAN configuration navigation 15 Ethernet 15 Ethernet WAN configuration 15 Prerequisites for WAN configuration 15 Ethernet WAN configuration procedures 15 PPPoE WAN configuration 19 Prerequisites for WAN configuration 19 PPPoE WAN configuration procedures 19 DSL 23 Prerequisit...

Страница 4: ...dvanced configuration 83 WAN advanced configuration navigation 83 Ethernet 83 Ethernet WAN configuration parameters 83 PPPoE WAN configuration parameters 84 Rate limit configuration parameters Ethernet 84 Renewing or releasing the WAN lease 85 DSL 87 DSL Basic Configuration 87 PPP Configuration 88 Rate limit configuration parameters DSL 89 T1 E1 89 T1 E1 Configuration 90 Alarms Status 92 T1 E1 Cha...

Страница 5: ...l group configuration parameters 114 VLAN port protocol configuration parameters 115 VLAN database display parameters 116 VLAN STP configuration 117 STP basic settings configuration parameters 117 MSTP configuration 118 Prerequisites to MSTP configuration 118 MSTP configuration navigation 118 MSTP basic settings configuration parameters 118 CIST configuration parameters 119 MSTP VLAN mapping confi...

Страница 6: ...nfiguration parameters 140 RRD OSPF settings configuration parameters 141 VRRP configuration 142 VRRP configuration navigation 142 VRRP basic settings configuration parameters 142 VRRP settings configuration parameters 142 DHCP advanced configuration 145 DHCP server configuration 146 DHCP server configuration navigation 146 DHCP basic settings configuration parameters 146 DHCP global options confi...

Страница 7: ...hared secret configuration parameters 168 Users configuration 171 Users configuration navigation 171 User database configuration parameters 171 IP address pool configuration parameters 172 VPN client termination configuration parameters 172 175 SIP advanced configuration 177 SIP server management configuration parameters 178 SIP system configuration 179 SIP system configuration navigation 179 Cent...

Страница 8: ...on navigation 191 Global information configuration parameters 191 Codec information configuration parameters 192 FXS information configuration parameters 193 FXO information configuration parameters 195 Rebooting VoIP 195 NAT ALG display parameters 196 Port management advanced configuration 197 Ethernet ports configuration 197 Ethernet ports configuration navigation 197 Basic port settings configu...

Страница 9: ...on of new software and documentation for Nortel equipment open and manage technical support cases Getting Help over the phone from a Nortel Solutions Center If you don t find the information you require on the Nortel Technical Support Web site and have a Nortel support contract you can also get help over the phone from a Nortel Solutions Center In North America call 1 800 4NORTEL 1 800 466 7835 Ou...

Страница 10: ...47928 500 Getting Help through a Nortel distributor or reseller If you purchased a service contract for your Nortel product from a distributor or authorized reseller contact the technical support staff for that distributor or reseller ...

Страница 11: ...e Protocol STP For more information see VLAN configuration page 37 and VLAN advanced configuration page 111 Wireless network Wireless network WLAN configuration includes configuring the access point radio MAC filtering security and wireless multi media For more information see Wireless network configuration page 43 and LAN advanced configuration page 97 IP routing IP routing configuration includes...

Страница 12: ...iguration includes configuring VPN IP security IPsec traffic selector table IPsec Security Authentication SA table and Internet Key Exchange IKE pre shared secret For more information see VPN configuration page 55 and VPN advanced configuration page 165 Session initiation protocol Session Initiation Protocol SIP configuration includes configuring the SIP server SIP system SIP protocol routing rule...

Страница 13: ... VPN configuration page 55 QoS configuration page 71 Advanced configuration page 81 WAN advanced configuration page 83 LAN advanced configuration page 97 VLAN advanced configuration page 111 IP routing advanced configuration page 127 DHCP advanced configuration page 145 Multicast advanced configuration page 153 QoS advanced configuration page 159 VPN advanced configuration page 165 SIP advanced co...

Страница 14: ...14 Introduction NN47928 500 NN47928 500 ...

Страница 15: ...rnet The following sections describe WAN Ethernet configuration Ethernet WAN configuration on page 15 PPPoE WAN configuration on page 19 Ethernet WAN configuration This section describes Ethernet WAN configuration Ethernet appears under WAN configuration if you are connected to a BSG8ew or BSG12ew Prerequisites for WAN configuration You must have SYSTEM READ WRITE permission Ethernet WAN configura...

Страница 16: ...address assignment Procedure steps Step Action 1 From the BSG navigation pane select Configuration WAN Ethernet The WAN Configuration pane appears 2 From the Interface list select the required interface 3 From the Encapsulation Mode list select Ethernet 4 From the MAC Cloning list select Enable 5 In the MAC Address field type the MAC Address 6 For IP Address Assignment select Dynamic 7 Click Apply...

Страница 17: ...dress field type the Gateway IP Address 7 In the Primary DNS field type the Primary Domain Name System DNS IP address 8 In the Secondary DNS field type the Secondary DNS IP address 9 Click Apply End Variable Value Interface Select an Interface to be configured Encapsulation Mode Set the encapsulation mode to Ethernet The WAN interface operates as a normal Ethernet interface MAC Cloning Select the ...

Страница 18: ...ation WAN Rate Limit The Rate Limit Configuration pane appears 2 From the Rate Limit Status list select Enabled 3 In the Uplink Rate Limit field type the uplink rate limit provided by your ISP 4 Click Apply End Variable Value Interface Select an Interface to be configured Encapsulation Mode Set the encapsulation mode to Ethernet The WAN interface operates as a normal Ethernet interface WAN IP Addr...

Страница 19: ...tes for WAN configuration You must have SYSTEM READ WRITE permission PPPoE WAN configuration procedures The following task flow shows the sequence of procedures to perform to configure the PPPoE WAN Variable Value Rate Limit Status Select the rate limit status Enabled enables uplink rate limiting feature Disabled disables uplink rate limiting feature The default value is Disabled Uplink Rate Limit...

Страница 20: ... Configuration WAN Ethernet The WAN Configuration pane appears 2 From the Interface list select the required interface 3 From the Encapsulation Mode list select PPPoE 4 In the ISP Name field type the Internet Service Provider name 5 In the User Name field type the PPPoE user name supplied by your ISP 6 In the Password field type the PPPoE password supplied by your ISP 7 In the Host Name field type...

Страница 21: ... Rate Limit Status list select Enabled 3 In the Uplink Rate Limit field type the uplink rate limit provided by your ISP 4 Click Apply End Variable definitions The following table describes the variables and values to configure the uplink rate limit Variable Value Interface Select an Interface to be configured Encapsulation Mode Set the encapsulation mode PPPoE The WAN interface operates as a Point...

Страница 22: ...22 WAN configuration NN47928 500 NN47928 500 ...

Страница 23: ...SL modem statistics Prerequisites for DSL configuration You must have access read write permission to configure DSL DSL configuration procedures The following task flow shows the sequence of procedures to perform to configure DSL Figure 3 DSL configuration procedures Configuring DSL Complete this procedure to configure DSL Procedure steps Step Action 1 From the BSG navigation pane select Configura...

Страница 24: ...he BSG navigation pane select Configuration WAN Rate Limit The Rate Limit Configuration pane appears 2 From the Rate Limit Status list select Enabled 3 In the Uplink Rate Limit field type the uplink rate limit provided by your ISP 4 Click Apply Variable Value VPI VCI The Virtual Path Identifier Virtual Channel Identifier VPI VCI used by the DSL modem to make a connection The range is 0 to 255 The ...

Страница 25: ... the uplink rate limit Variable Value Rate Limit Status Select the rate limit status Enabled enables uplink rate limiting feature Disabled disables uplink rate limiting feature The default value is Disabled Uplink Rate Limit Specifies the maximum uplink rate limit over the WAN interface in bps The range is 100 000 to 100 000 000 bps ...

Страница 26: ...lity T1 transmits DS 1 formatted data at 1 544 MB s and E1 transmits E1 formatted data at 2 048 MB s through the telephone e switching network Prerequisites for T1 E1 configuration You must have access read write permission to configure T1 E1 T1 E1 configuration procedures The following task flow shows the sequence of procedures to perform to configure T1 E1 ...

Страница 27: ...ration procedures Configuring the T1 interface If your BSG is located in North America configure the T1 interface This procedure guides you through setting up one T1 interface Procedure steps Step Action 1 From the BSG navigation pane select Configuration WAN T1 E1 ...

Страница 28: ...ld be provided by your service provider 5 From the LineBuildOut list select 0 7 5 15 or 22 5 You can configure LineBuildOut if Line Mode is CSU You should contact your service provider for proper settings for the type of framing line coding line mode line build out line length clock source 6 From the Line Length list select the line length You can configure line length when Line Mode is DSU This s...

Страница 29: ...ts of data Unframed the non signaling or unframed framing format is a simplified version of the T1 super frame The default value is ESF Line Mode The Line Mode Options Channel Service Unit CSU select if cable length is equal to or more than 655 feet Data Service Unit DSU select if cable length is less than 655 feet The default value is CSU LineBuildOut The level of attentuation in decibels require...

Страница 30: ...uration pane appears 6 Select interface 1 7 From the Framing list select E1 or E1CRC The framing you set here must agree with the framing used by the peer 8 From the Line Mode list select CSU or DSU Line Length The Line Length value Line Length refers to the length of the cable in feet that connects the devices on each end of a T1 line Options 0 133 134 266 267 399 400 533 534 655 The default valu...

Страница 31: ...ur service provider 11 Click Apply End Variable definitions This table describes the variables used to configure the T1 E1 interface Variable Value Interface The T1 E1 controller Interface Type The interface type for the given interface Options T1 E1 The default value is T1 If you change the interface type you must reboot the system before configuring the remaining parameters Framing The Framing T...

Страница 32: ...annel number or the range of channel numbers This channel numbers are provided by your service provider 4 Click Add End Line Length The Line Length value Line Length refers to the length of the cable in feet that connects the devices on each end of an E1 line Options 0 133 134 266 267 399 400 533 534 655 The default value is 0 133 You can configure the line length only when the Line Mode is DSU Tr...

Страница 33: ...ation is required 5 In the User Name field type the user name If you selected Client type the BSG user name If you selected Server type the peer user name 6 In the Password field type the password If you selected Client type the BSG password If you selected Server type the peer password 7 From the Link Type list select Public 8 Click Apply Variable Value Channel Group This identifies an instance o...

Страница 34: ...ntication is required Options Server authenticates the peer at the time of negotiation Client authenticated by the peer router at the time of negotiation User Name The User Name required for the Server or Client that requires authentication This field is available only if authentication is required Password The password for the specified user This field is available only if authentication is requi...

Страница 35: ...ss Assignment is Manual 7 In the Primary DNS field type the primary DNS server IP address Set this field if IP Address Assignment is Manual 8 In the Secondary DNS field type the secondary DNS server IP address Set this field if IP Address Assignment is Manual Field Name Description PPP Interface Read only field Specifies the name of the PPP interface and the serial interface over which it is layer...

Страница 36: ...k interface for which the IP address is configured IP Address Assignment The IP address assignment mode Options Dynamic obtains the IP address dynamically from the peer Manual configuration is not required Manual configure the IP address manually Manually configure the IP Address Subnet Mask and Peer IP Address fields IP Address The IP address of the PPP Multilink interface if IP Address Assignmen...

Страница 37: ...N1 is the default VLAN The BSG provides VLAN1 as a fully functioning VLAN using all eight ports Prerequisites to VLAN configuration You must have SYSTEM READ WRITE L2 READ WRITE and L3 READ WRITE permission to access the information on the VLAN configuration panels VLAN configuration procedures The following task flow shows the sequence of procedures to perform to configure a VLAN ...

Страница 38: ...e 38 Configuring the virtual interface page 39 Configuring DHCP pool settings page 40 Creating a new VLAN Complete this procedure to create a new VLAN Procedure steps Step Action 1 From the BSG navigation pane select Configuration VLAN Setup Static VLAN tab The Static VLAN Configuration pane appears 2 In the VLAN ID field type the VLAN ID ...

Страница 39: ...e to configure the virtual interface You must configure a virtual interface if hosts on the new VLAN need to communicate with other hosts on other VLANs or on the WAN Procedure steps Step Action 1 From the BSG navigation pane select Configuration LAN Virtual Interfaces The IP Address Configuration pane appears Variable Value VLAN ID Type a unique VLAN ID that you want to configure as a static VLAN...

Страница 40: ...the DHCP Pool Id field type the pool ID 3 In the DHCP Pool Name field type the name of the pool 4 In the Subnet Pool field type the subnet pool IP address Use the same value you entered for Subnet Mask when you configured the virtual interface 5 In the Network Mask field type the network mask IP address Variable Value VLAN ID Type the VLAN identifier IP Address Assignment Select the IP address ass...

Страница 41: ...he Value field type the default router for the client subnet 16 Click Add 17 From the Option list select Domain Name Server IP Format 18 In the Value field type the domain name server used for IP address resolution 19 Click Add End Variable definitions The following table describes the variables and values to configure DHCP settings Variable Value DHCP Pool Id Type the pool ID for the DHCP pool DH...

Страница 42: ...ime server option is 4 and its length is 4 octets The length must always be a multiple of 4 Name server IP format a list of name servers available to the client The code for this option is 4 The length must always be a multiple of 4 Domain Name Server IP format the Domain Name Server IP address is configured and is sent as an option in DHCP offers Domain Name String this domain name is used by the...

Страница 43: ...wireless network You must configure the radio port as a member port of the VLAN used for the wireless network Wireless network configuration procedures The following task flow shows the sequence of procedures to perform to configure a wireless network Figure 6 Wireless network configuration procedures Configuring a wireless network Complete this procedure to configure a wireless network Procedure ...

Страница 44: ...pre shared key value This field is available only if Authentication Type is set to WPA PSK WPA2 PSK or WPA WPA2 PSK Mixed 7 From the Cipher Suite list select the cipher used for data encryption This field is available only if Authentication Type is set to WPA WPA2 WPA WPA2 Mixed WPA PSK WPA2 PSK or WPA WPA2 PSK Mixed 8 In the PMK SA Lifetime field type the maximum lifetime of a PMK in the PMK cach...

Страница 45: ...ation RSNA pre authentication on this entity Stations authenticate to different APs if present but associate to a single AP Select Disabled to disable the RSNA pre authentication Stations authenticate to a single AP This field is available only if Authentication Type is set to WPA WPA2 or WPA WPA2 Mixed Pre Shared Key Type Specifies the preshared key type either Hex or ASCII If you select Hex you ...

Страница 46: ...d range is 1 to 4294967295 The default value is 43200 Access Point The Access Point represents the status of radio in the BSG Select Enabled to activate the radio Select Disabled to deactivate the radio You must select a country code before you enable the access point Country Code Select the required country code A country code is required to set up the proper regulatory restrictions for channel a...

Страница 47: ...bled See Central SIP server configuration parameters page 179 SIP configuration procedures The following task flow shows the sequence of procedures to perform to configure SIP Note You should configure the emergency number for example 911 before you use the SIP server This ensures that an emergency call originating on your system reaches its destination if the SIP server becomes unavailable To con...

Страница 48: ...s SIP configuration navigation Configuring SIP system settings page 48 Configuring CAC page 50 Configuring FXS FXO global information page 50 Variable definitions page 51 Configuring FXO page 52 Configuring SIP system settings Complete this procedure to configure SIP system settings ...

Страница 49: ...ystem settings Variable Value Managed Domain Name Type the domain name of the SIP server You can also type the IP address of the SIP server in this field The default name is mydomain com Central SIP Server Address Type the IP address of the central SIP server This field is mandatory Transport Select the required transport protocol for SIP Select one of the following options User Datagram Protocol ...

Страница 50: ... Complete this procedure to configure FXS FXO global information Note If the maximum number of simultaneous SIP calls across the WAN is reached the next SIP call attempt fails and the caller hears fast busy tone Variable Value Select Select a row WAN Link Select the required WAN link Maximum Calls Allowed The maximum simultaneous calls allowed on each WAN link The range is 1 to 50 for BSG8ew The r...

Страница 51: ...avigation pane select Configuration SIP FXO FXS FXS tab The Foreign Exchange Subscriber FXS Configuration pane appears 2 From the FXS Channel list select Line 1 3 Select the Channel Enable check box to enable the channel 4 In the Channel Number field type the channel number 5 In the Password field type the password to access the FXS channel 6 Click Apply 7 From the FXS Channel list select Line 2 8...

Страница 52: ...he maximum number of rings within which the FXO must get the answer from the remote number 8 In the Emergency Number field type the emergency number 9 In the On Hook Detection Time field type the on hook detection time 10 Click Apply Variable Value FXS Channel Select the required FXS channel Select one of the following options Line1 Line2 Channel Enable Select this check box to enable the administ...

Страница 53: ...ord Type the password to access the FXO Channel Forward Number Type the forward number This number is used when an incoming call on the FXO channel requires forwarding Emergency Number Type the emergency number of the contact Ring Count Type the ring count This is the maximum number of rings within which FXO must get an answer from the remote number The minimum value is 1 and maximum value is 6 Th...

Страница 54: ...54 SIP configuration NN47928 500 NN47928 500 ...

Страница 55: ...t have VPN READ WRITE permission VPN configuration navigation Client tunnel configuration procedures page 55 Branch office tunnel configuration procedures page 64 Client tunnel configuration procedures The following task flow shows the sequence of procedures to perform to configure a client tunnel Note If you are connecting two BSG units at either end of the VPN tunnel ensure that the IP addresses...

Страница 56: ...tion navigation Configuring remote identity client page 56 Configuring users page 57 Configuring the address pool page 58 Configuring client termination page 59 Enabling VPN client page 63 Configuring remote identity client Complete the following procedure to configure the remote identity Procedure steps Step Action ...

Страница 57: ...ote user Procedure steps Step Action 1 From the BSG navigation pane select Configuration VPN Users The Database for VPN Remote Users pane appears 2 In the User Name field type the user name 3 In the Password field type the password 4 Click Apply End Variable Value Remote Identity Type The user identity type that uniquely identifies the peer Select one of the following IPV4 specifies the IP address...

Страница 58: ... IP address for the address pool 4 In the End IP Address field enter the ending IP address for the address pool 5 Click Apply End Variable definitions The following table describes the variables and values for configuring the VPN address pool Variable Value User Name Type the user name The range is 1 to 31 characters Password Type the password for the user The range is 1 to 31 characters Note The ...

Страница 59: ... 12 From the Peer Identity Type list select IPV4 FQDN EMAIL or KEYID for the peer identity type 13 From the Peer Identity Value field select the peer identity value The list contains the Remote Identity values entered on the VPN Global Settings screen 14 From the Local Identity Type list select IPV4 FQDN EMAIL or KEYID for the local identity type 15 In the Local Identity Value field enter the loca...

Страница 60: ...apply the policy Policy Status Select the status of the IPsec policy Select INACTIVE to disable the policy on the specified interface Select ACTIVE to enable the policy on the specified interface The default is INACTIVE Policy Type Select the policy type Select one of the following IKE XAUTH IKE Pre Shared IKE Phase 1 Proposal table IPSec Encryption Select the IPSec Encryption Select one of the fo...

Страница 61: ... modules group for performing the new Diffie Hellman exchange Select Group 2 for a compromise between network speed and network security Life Time Select the life time unit Select one of seconds minutes or hours Life Time Value Type the life time value The range is 5 minutes to 8 hours Peer Identity Type Value Select the identity type to access the remote network Select one of the following IPV4 I...

Страница 62: ...ed block size of 128 bits and a key size of 128 192 or 256 bits Due to the fixed block size of 128 bits AES operates on a 4x4 array of bytes Select DES if you require network speed Select AES256 if you require strong network security Authentication Select the preferred authentication method Select one of the following None indicates that no authentication method is required HMAC MAC5 the message a...

Страница 63: ...appears 2 From the VPN Status list select Enabled 3 Click Apply End Variable definitions The following table describes the variables and values for viewing the existing VPN policies Life Time Select the life time unit Select one of seconds minutes or hours Life Time Value Type the life time value The range is 5 minutes to 8 hours Variable Value VPN Status Select the VPN status VPN status can be En...

Страница 64: ...e identity branch office page 64 Configuring IKE page 65 Enabling VPN branch office page 69 Configuring remote identity branch office Complete the following procedure to configure the remote identity Procedure steps Step Action 1 From the BSG navigation pane select Configuration VPN VPN Settings The VPN Global Settings pane appears 2 From the Remote Identity Type list select IPV4 FQDN EMAIL or KEY...

Страница 65: ...e policy name 4 From the Interface Name list select Fa0 9 5 From the Policy Status list select ACTIVE 6 In the IPSec Gateway IP Address field enter the IP address if you configured the Remote Identity as IPV4 This is the same IP address you entered in Remote Identity Value on the VPN Global Settings screen Variable Value Remote Identity Type The user identity type that uniquely identifies the peer...

Страница 66: ...peer identity type 19 From the Peer Identity Value list select the peer identity value The list contains the Remote Identity values entered on the VPN Global Settings screen 20 From the Local Identity Type list select IPV4 for the local identity type 21 In the Local Identity Value field enter the local identity value 22 In the IPSec Phase 2 Proposal box from the Protocol list select ESP or AH 23 F...

Страница 67: ... Encryption Select the IPSec Encryption Select one of the following options Data Encryption Standard DES is a standard for encrypting data that uses a 64 bit key to encrypt data but only 56 bits are usable This standard is considered inadequate for data protection as this standard do not match the speed of computer Triple Data Encryption Standard 3DES processes each block of data using a different...

Страница 68: ...the Remote Identity values entered on VPN Global Settings Local Identity Type Value Select the identity type to access the local network Select one of the following IPV4 IP address FQDN Fully Qualified Domain Name EMAIL email address of the user KEYID uniquely identifies the peer Type the associated value IP Sec Phase 2 Proposal table Protocol Select the authentication protocol Select ESP IPSec en...

Страница 69: ...h degree of probability IPSec Mode Select the IPSec mode Select Tunnel IPSec encrypts the IP header and the Payload Select Transport IPSec encrypts only the Payload Preferred Forward Secrecy Select the Preferred Forward Secrecy PFS Select one of the following options Select None IKE does not use any PFS PFS Group 1 IKE uses a 768 bit Diffie Hellman Prime modules group for performing the new Diffie...

Страница 70: ...NN47928 500 NN47928 500 Variable definitions The following table describes the variables and values for viewing the existing VPN policies Variable Value VPN Status Select the VPN status VPN status can be Enabled or Disabled ...

Страница 71: ...vel of performance Prerequisites for QoS configuration You must have SYSTEM READ WRITE permission to configure QoS QoS Status must be enabled it is enabled by default You must know the uplink rate limit This is provided by your ISP The total bandwidth you assign to all flows must be less than or equal to the uplink rate You must calculate how much bandwidth to give to the various flows for example...

Страница 72: ...gation Configuring the uplink rate limit page 72 Configuring a policy map page 73 Configuring a class map page 74 Configuring QoS marking page 75 Configuring port based QoS page 76 Configuring queue settings page 77 Configuring the uplink rate limit Complete this procedure to configure the uplink rate limit ...

Страница 73: ...tted Information Rate CIR and their associated burst sizes CBS and PBS TRTCM marks the packet red if it exceeds PIR yellow if it exceeds CIR and green if it does not exceed CIR Procedure steps Step Action 1 From the BSG navigation pane select Configuration QoS Policy Map tab The QOS Policymap Settings pane appears 2 In the Police ID field type the police ID 3 In the PIR bytes per second field type...

Страница 74: ...rom the Policy Map ID list select a policy map ID 4 In the Source IP Address field type the IP address 5 In the Source Subnet Mask field type the subnet mask IP address 6 In the Destination IP Address field type the destination IP address 7 In the Destination Subnet Mask field type the destination subnet mask IP address 8 From the Protocol list select Any TCP or UDP 9 In the Source Port field type...

Страница 75: ... Policy Map identifier The value ranges from 1 to 2147483647 Source IP Address Type the source IP address that uniquely defines a packet flow Source Subnet Mask Type the subnet mask for the source IP address Destination IP Address Type the destination IP address that uniquely defines a packet flow Destination Subnet Mask Type the destination subnet mask address for the destination IP address Proto...

Страница 76: ...t priority settings This mapping can be done only from LAN ports The WAN port has a default 802 1p priority to queue mapping that you cannot change The default mapping for the WAN port is queue number 7 802 1p priority Procedure steps Step Action 1 From the BSG navigation pane select Configuration QoS Port based QOS tab The Traffic Class Mapping pane appears 2 In the Select field select a port to ...

Страница 77: ... name Priority0 Select the Traffic Class value for priority 0 The values ranges from 0 to7 Priority1 Select the Traffic Class value for priority 1 The values ranges from 0 to7 Priority2 Select the Traffic Class value for priority 2 The values ranges from 0 to7 Priority3 Select the Traffic Class value for priority 3 The values ranges from 0 to7 Priority4 Select the Traffic Class value for priority ...

Страница 78: ... the queue weight 9 Click Apply End Variable definitions The following table describes the variables and values for configuring QoS queue settings Variable Value Port No The port number for which the queue settings apply Select Select the queue you want to configure Queue Displays the queue number Green Threshold Min Type the minimum Green Threshold value Green packets start to drop at the configu...

Страница 79: ...not be changed queue 1 0 cannot be changed queue 2 0 cannot be changed queue 3 512 cannot be set to 0 queue 4 256 cannot be set to 0 queue 5 128 cannot be set to 0 queue 6 64 cannot be set to 0 queue 7 32 cannot be set to 0 Queueing Strategy Displays the queueing strategy Queues 0 to 2 are strict priority Queues 3 to 7 are weighted round robin Variable Value ...

Страница 80: ...80 QoS configuration NN47928 500 NN47928 500 ...

Страница 81: ...ation WAN advanced configuration page 83 LAN advanced configuration page 97 VLAN advanced configuration page 111 IP routing advanced configuration page 127 DHCP advanced configuration page 145 Multicast advanced configuration page 153 QoS advanced configuration page 159 VPN advanced configuration page 165 SIP advanced configuration page 177 Port management advanced configuration page 197 ...

Страница 82: ...82 Advanced configuration NN47928 500 NN47928 500 ...

Страница 83: ...g sections provide information for configuring the Ethernet WAN Ethernet page 83 PPPoE WAN configuration parameters page 84 Rate limit configuration parameters Ethernet page 84 Renewing or releasing the WAN lease page 85 Ethernet WAN configuration parameters The following table describes the parameters for Ethernet WAN configuration located at Configuration WAN Ethernet Variable definitions The fo...

Страница 84: ...le MAC cloning only if the Encapsulation Mode is Ethernet The default value is Disabled MAC Address Type the MAC address if the MAC cloning is enabled IP Address Assignment Select the IP Address Assignment status Select Manual or Dynamic for Ethernet interface WAN IP Address Type the WAN IP address if the IP Address Assignment is manual Subnet Mask Type the subnet mask if the IP Address Assignment...

Страница 85: ...select the WAN configuration that you want to modify 3 Select the Renew option button if you want to renew the lease term OR Select the Release option button if you want to release the lease 4 Click Apply End Variable definitions The following table describes the variables and values for renewing and releasing the lease Variable Value Rate Limit Status Select the rate limit status Enabled enables ...

Страница 86: ...the specified interface This option is enabled only when Dynamic option is selected in the IP Address Assignment field Release Click this option button to release the DHCP lease on the specified interface This option is enabled only when Dynamic option is selected in the IP Address Assignment field Variable Value ...

Страница 87: ... can configure DSL parameters To access this page select Configuration WAN DSL Basic Configuration page Variable definitions This table describes the variables that appear on the DSL Basic Configuration page Variable Value DSL Name The DSL Name Options DSL 1 The default value is DSL 1 DSL Connection Type The DSL connection type Options Auto indicates Auto Connection Mode T1413 indicates T1413 conn...

Страница 88: ...ntly uses the remaining bandwidth which dynamically changes in time because of VBR service Typical applications are computer communications such as file transfers and e mail UBR service provides no feedback mechanism If the network is congested UBR cells can be lost The default value is UBR Encapsulation The encapsulation type Options ATM Adaptation Layer 5 Sub Network Access Protocol AAL5 SNAP mu...

Страница 89: ...igure T1 E1 T1 E1 navigation T1 E1 Configuration page 90 Variable Value PPP Interface The PPP interface for which you need to configure the IP address User Name The username for the specified PPP interface used for authentication Password The password for the specified PPP interface used for authentication WAN IP Address Displays the IP address of the WAN PPP interface Subnet Mask Displays the sub...

Страница 90: ...Variable definitions This table describes the variables that appear on the T1 E1 Configuration page Note If you change the interface type you must reboot the system for the change to take effect After you reboot the remaining variables are reset to default values If you want to change the remaining variables change them after you reboot Note If you change the controller from T1 to E1 or vice versa...

Страница 91: ...n B8ZS replaces any sequence of eight consecutive zeros with 000VB0VB Alternative Mark Inversion AMI encodes a signal by inverting one of the two consecutive high polarity data bits High Density Bipolar With 3 Zero Substitution HDB3 replaces any sequence of four consecutive zeros with 000V or B00v For T1 the default value is B8ZS For E1 the default value is HDB3 Line Mode The Line Mode Options Cha...

Страница 92: ...n feet that connects the devices on each end of a T1 line Options 0 133 134 266 267 399 400 533 534 655 The default value is 0 133 You can configure the line length only when the Line Mode is DSU Transmit ClockSource The clock source Options LocalTiming A local clock source is used or an external clock is attached to the box containing the interface LoopTiming Recovered received clock is used to t...

Страница 93: ... Variable definition This table describes the variables that appear on the PPP Configuration page Variable Value Interface The T1 E1 interface on which you create the channel group Options t1e1 1 t1e1 2 Channel Group Index The Channel Group Index The range is 1to 64 Time Slot The time slots The range is 1to 24 for T1 and 2 to 32 for E1 Variable Value Serial Interface The serial Interface on which ...

Страница 94: ...ly if authentication is required Password The password for the specified user This field is available only if authentication is required Keep Alive The Keep Alive Time Out value in seconds If no Echo response packet is received within the time out value the connection is lost The default value is 10 Link Type The PPP link type Options Public adds the default route for the PPP interface Private no ...

Страница 95: ...ddress if IP Address Assignment is Manual Secondary DNS Server The Secondary DNS server IP address if IP Address Assignment is Manual Peer DNS The Peer DNS IP address if IP Address Assignment is Manual Variable Value Authentication Required The Authentication Required setting for the multilink interface Options Yes authentication is required Enables the Server Client User Name and Password fields ...

Страница 96: ...nk Type The multilink type Options Public adds the default route for the multilink interface Private no default route is added for the multilink interface The default value is Private MTU The Maximum Transmission Unit The default value is 1500 Variable Value ...

Страница 97: ...rerequisites for virtual interface configuration You must have L3 READ WRITE permission to access virtual interface configuration Virtual interface configuration navigation Virtual interface configuration parameters page 97 Renewing or releasing the LAN lease page 98 Virtual interface configuration parameters The following section describes the parameters for configuration of the virtual interface...

Страница 98: ... to modify 3 Select the Renew option button to renew the lease OR Select the Release option button to release the lease 4 Click Apply End Variable Value VLAN ID Type the VLAN identifier IP Address Assignment Select the IP address assignment mode Select Manual to manually assign the IP address Select Dynamic for the System to assign the IP address for the specified VLAN from Dynamic Host Configurat...

Страница 99: ...the lease Variable Value Select Select the IP address to modify Renew Enable Renew if you want to renew the DHCP lease for this interface Renew is available only if IP Address Assignment is set to Dynamic Release Enable Release if you want to release the DHCP lease for this interface Release is available only if IP Address Assignment is set to Dynamic ...

Страница 100: ...rnet LAN configuration Variable definitions The following table describes the variables and values for configuring the basic LAN settings Variable Description LAN IP Address Mode Select the IP address mode Select Manual to assign the IP address and subnet mask address manually Select Dynamic to allow the system to assign the IP address IP Address Type the IP address if the IP address assignment is...

Страница 101: ...ITE permission to access this information Wireless LAN configuration navigation WLAN settings configuration parameters page 102 SSID configuration parameters page 102 WLAN radio configuration parameters page 103 MAC filtering configuration parameters page 104 WLAN security configuration parameters page 105 WEP configuration parameters page 106 Wireless multimedia configuration parameters page 107 ...

Страница 102: ... to activate the radio Select Disabled to deactivate the radio You must select a country code before you enable the access point Country Code Select the required country code A country code is required to set up the proper regulatory restrictions for channel availability and transmission power You must disable the radio Access Point before you set the country code Radio Mode Select the required ra...

Страница 103: ...the Turbo Mode status Turbo Mode is used to perform a speed boost to the wireless network Select Dynamic to allow the BSG to detect whether clients are capable of Turbo Mode If a client is not capable of turbo mode the client returns to normal mode Select Static only when you know that all wireless devices in the network are capable of Turbo Mode Select Disabled if there are no wireless clients to...

Страница 104: ...ection by transmitting both a RTS and CTS frame to all stations The default value is CTS only Preamble Specifies the preamble length Some clients do not support a short preamble They cannot be reached if the preamble is set to Short Select Short boosts the performance of the BSG wireless but potential for missed clients Select Short Long all clients are accessible The default value is Short Long D...

Страница 105: ...n Select WPA PSK WPA2 PSK or WPA WPA2 PSK Mixed if authentication uses a preshared key The default value is Open Pre Authentication Specifies the preauthentication status Select Enable to enable the Robust Security Networks Association RSNA preauthentication on this entity Stations authenticate to different APs if present but associate to a single AP Select Disable to disable the RSNA preauthentic...

Страница 106: ...or data encryption It consists of an organizationally unique identifier OUI the first 3 octets and a cipher suite identifier the last octet Select one of the following options AES CCMP TKIP WEP AES CCMP TKIP AES CCMP WEP TKIP WEP AES CCMP TKIP WEP This field is used in conjunction with the Authentication Type If you select WPA for Authentication Type the BSG supports TKIP If you select WPA2 the BS...

Страница 107: ...r data encryption Options 1 2 3 4 If you want to assign the selected key index as the default value you must select the Set this as default WEP key Set this as default WEP Key If you select this box you can configure the selected key index as the default value The default for the first configured WEP is checked The default for subsequent configured WEPs is unchecked Key Type The required WEP key t...

Страница 108: ...g Contention Width Minimum The minimum contention width of the AP in the radio The range is 1 to 15 The default values for AC0 through AC3 are 4 4 3 and 2 Log Contention Width Maximum The maximum contention width of the AP in the radio The range is 1 to 15 The default values for AC0 through AC3 are 10 10 4 and 3 AIFSN The arbitrary inter frame sequence AIFS The range is 1 to 15 The default values ...

Страница 109: ...s for AC0 through AC3 are 3 7 1 and 1 TXOP Limit The transmission opportunity of the AP in the radio The range is 0 to 65535 The default values for AC0 through AC3 are 0 0 94 and 47 Admission Control The status of admission of WMM parameters Options Enabled Disabled The default value for AC0 through AC3 is Disabled Variable Value ...

Страница 110: ...110 LAN advanced configuration NN47928 500 NN47928 500 ...

Страница 111: ...gs configuration navigation VLAN basic settings configuration parameters page 111 VLAN port settings configuration parameters page 112 Static VLAN configuration parameters page 113 Dynamic VLAN configuration parameters page 114 VLAN protocol group configuration parameters page 114 VLAN port protocol configuration parameters page 115 VLAN database display parameters page 116 VLAN basic settings con...

Страница 112: ...mic Multicast learning status If the status is disabled then the GMRP is disabled for the current port The default value is Enable Protocol Based VLAN Specifies the protocol based learning status The default value is Enable Variable Value Port Displays the port ID for which you want to configure the VLAN port settings Port Name Type the name of the port Port and Protocol Based VLAN Specifies the p...

Страница 113: ... packets Select Disable the packets are handled normally The default value is Disable BDTU tunneling status cannot be set if 802 1x tunnel status is disabled Ingress Filtering Specifies the Ingress Filtering status Select Enable the device discards incoming frames for VLANs where this port is not a member Select Disable the device accepts all incoming frames The default value is Disable Port Mode ...

Страница 114: ...iable Value Select Select a row Port Displays the port number Port Name Displays the port name Dynamic VLAN Learning Set the Dynamic VLAN Learning to Enable or Disable If Enable GVRP is enabled on the current port if the global GVRP status is enabled for the device If Disable GVRP is disabled on the current port even if the global GVRP is enabled Any GVRP packet received is discarded and no GVRP r...

Страница 115: ... to the encapsulation format Select the frame type for the protocol group Select one of the following options Ethernet RFC 1042 SNAP 802 1H SNAP Other LLV Other The default value is Ethernet Protocol Value Specifies the protocol value Select one of the following options ARP IP RARP IPX NOVELL NETBIOS APPLETALK OTHER The default value is ARP If you select OTHER enter the protocol value Group Identi...

Страница 116: ...quests The following section describes the display parameters for the current VLAN database located at Configuration VLAN setup VLAN Database tab Variable definitions The following table describes the values and variable displayed on the VLAN database panel Variable Value VLAN ID Displays the VLAN ID Member Ports Displays the member ports list Untagged Ports Displays the untagged ports list Status...

Страница 117: ...nfiguration parameters The following section describes the configuration parameters for the STP basic settings located at Configuration Spanning Tree Basic Settings tab Variable definitions The following table describes the variables and values for configuring the STP basic settings Variable Value Enable RSTP Select this option button to enable RSTP Enable MSTP Select this option button to enable ...

Страница 118: ... the parameters for configuration of MSTP basic settings located at Configuration Spanning Tree MSTP Basic Settings tab Variable definitions The following table describes the variables and values for configuring the MSTP basic settings Variable Value MSTP Status Displays the MSTP status The status displayed is based on the MSTP setting Enable or Disable selected in STP Basic Settings Compatibility...

Страница 119: ...ximum Age Seconds Type the time period for which the information received in the RSTP Bridge Protocol Data Unit BPDU is valid The value ranges from 6 to 40 seconds The default value is 20 seconds Forward Delay Seconds Type the time period within which the port changes its spanning tree state when moving toward the forwarding state The value ranges from 4 to 30 seconds The default value is 15 secon...

Страница 120: ... operational status of the edge port admin status The value of this field depends on the Edge Port Admin Status If the Edge Port Admin Status is Enabled then this field is automatically set to True This value takes effect only when you shut down and restart the port If the Edge Port Admin Status is Disabled then this field is automatically set to False This value takes effect only when you shut do...

Страница 121: ...Instance ID The Common Instance Spanning Tree CIST is generated by default and has instance ID number 0 The allowable values range from 1 to 16 Add VLAN Select the VLAN to map to the MSTP instance Delete VLAN Select the VLAN to unmap from the MSTP instance Variable Value Select Select a row Port Displays the port number Port Name Displays the port name MSTP Instance ID Displays the instance ID of ...

Страница 122: ...number Port Name Displays the port name Designated Root Displays the unique Bridge Identifier of the Bridge recorded as the Root for the segment to which the port is attached Designated Bridge Displays the Bridge Identifier which this port considers to be the Designated Bridge for this port segment Designated Port Displays the Port Identifier on the Designated Bridge for this port segment Designat...

Страница 123: ...on Select RSTP for the port to transmit only RSTP BPDUs Select STP Compatible for the port to transmit RSTP BPDUs or Topology Change Notification BPDUs Config TCN BPDUs The default value is RSTP Bridge Priority Type the bridge priority value used to select the root bridge Transmit Hold Count Type the maximum number of packets that can be sent in an given interval to avoid flooding The value ranges...

Страница 124: ...s and values for configuring the RSTP port settings Attention Attention To set the Maximum Age and Forward Delay Parameters satisfy the following relation 2 Forward Delay 1 0 Max Age To set the Hello Time and Maximum Age parameters satisfy the following relation Max Age 2 Hello Time 1 0 Variable Value Maximum Age secs Type the time period for which the information received in RSTP BPDU is valid Th...

Страница 125: ...tatus of the edge port The default value is Disabled Edge Port Oper Status Specifies the operational status of the edge port admin status The value of this field depends on the Edge Port Admin Status If the Edge Port Admin Status is Enabled then this field is automatically set to True This value takes effect only when you shut down and restart the port If the Edge Port Admin Status is Disabled the...

Страница 126: ...r of the bridge which this port considers to be the designated bridge for this port segment Designated Port Displays the port identifier of the port on the designated bridge for this port segment Type Displays the operational point to point status of the LAN segment attached to this port This value indicates whether a port is considered to have a point to point connection or shared media Role Disp...

Страница 127: ...Redundancy Protocol VRRP for the Business Service Gateway BSG Prerequisites to IP routing advanced configuration You must have L3 READ WRITE permission to access IP routing configuration IP routing advance configuration navigation Static ARP configuration parameters page 128 Static routes configuration parameters page 129 RIP configuration page 130 OSPF configuration page 134 RRD configuration pag...

Страница 128: ... located at Configuration IP Routing Static ARP Variable definitions The following table describes the variables and values for configuring Static ARP Variable Value IP Address Type the IP address of the host whose MAC address is statically configured in the ARP cache MAC Address Type the MAC address of the host Interface Select the interface on which to configure Static ARP ...

Страница 129: ...tic routes Variable Value Destination Network Type the network address of the route Subnet Mask Type the subnet mask for the Destination Network address Gateway Type the Next Hop gateway to reach the IP address Interface Select the outgoing interface The value ranges from 1 to 4094 Distance Metric Type the metric value of the destination The value ranges from 0 to 255 Routing Protocol Displays the...

Страница 130: ...iable Value Space Periodic Updates Specifies the Space Periodic Update status Select Enabled to split and send the generated update packets The default value is Disabled Security Level Specifies the security level of the RIP Select Minimum to accept RIP 1 packets even when authentication is in use Select Maximum to ignore RIP 1 packets even when authentication is in use The default value is Maximu...

Страница 131: ...eters for configuring RIP on an interface located at Configuration IP Routing RIP Interfaces tab Variable definitions The following table describes the variables and values for modifying a RIP interface Retry Count Type the retry count value to update request and update response packet The value ranges between 10 and 40 The default value is 36 Default Metric Type the default metric value to set th...

Страница 132: ...everse Send Version The version of RIP packets sent by the router Select one of the following options Do not send indicates that no packets are sent RIP Version 1 indicates the data packets are sent using a RIP update that is complaint with RFC 1058 RIP1 Compatible indicates the RIP 2 updates are broadcast using an RFC 1058 route subsumption rules RIP Version 2 indicates the RIP2 packets are multi...

Страница 133: ...s Type the IP address of the neighbor router to which the unicast update is sent Variable Value Select Select the RIP interface you want to configure IP Address Displays the IP address of the RIP interface Authentication Type The authentication type Select one of the following options No Authentication disables authentication Simple Password simple password based authentication MD5 message digest ...

Страница 134: ...figuration parameters page 137 OSPF route information display parameters page 138 OSPF link state database display parameters page 139 OSPF basic settings configuration parameters The following section describes the parameters for configuration of OSPF basic settings located at Configuration IP Routing OSPF Basic Settings tab Variable definitions The following table describes the variables and val...

Страница 135: ...le Autonomous Systems AS for the same destination To minimize the chance of routing loops all OSPF routers in an OSPF routing domain must have RFC compatibility set identically Select Yes to use the preference rules specified by RFC1583 Select No to use the preference rules specified in RFC2178 The default value is Yes External Link State Database Limit Type the maximum number of non default AS ex...

Страница 136: ...LSA can be flooded through the normal area Stub Configures the area type as Stub External LSAs cannot be flooded into a stub area a default route is used to reach the external routes NSSA Configures the area type as Not So Stubby Area NSSA Only a limited number of Type 5 external LSAs are translated into Type 7 LSAs and flooded into the NSSA The default value is Normal Send Summary Routers Specifi...

Страница 137: ...cation Type is MD5 type the secret key used to create the message digest appended to the OSPF packet Authentication Key If Authentication Type is set to Simple Password type the authentication key The Authentication Key does not appear in the UI after you configure a OSPF area configuration Hello Interval Type the Hello Interval The range is 1to 65535 The default value is 10 seconds Retransmit Int...

Страница 138: ...ptions None indicates authentication is not required Simple Password indicates a simple password is required for authentication MD5 indicates message digest 5 based authentication The default value is None MD5 Key ID Type the secret key used to create the message digest appended to the OSPF packet if the authentication type is MD5 Authentication Key Type the key required for authentication if auth...

Страница 139: ...er Type 2 Cost Displays the type 2 cost of the OSPF router Interface Displays the interface ID of the OSPF interface Variable Value Area ID Displays the Area ID associated with the OSPF address range Type Displays the area type Link ID Displays the Link Identifier The value is in the form of an IP address ADV Router Displays all of the router Link State Advertisements LSAs If IP address is not inc...

Страница 140: ...e following section describes the parameters for configuration of the RRD RIP settings located at Configuration IP Routing RRD RIP tab Variable definitions The following table describes the variables and values for configuring RRD RIP settings Variable Value RRD Status Select the RRD status as Enabled or Disabled Select Enabled to enable route redistribution Select Disabled to disable route redist...

Страница 141: ...OSPF routes are populated in the RIP routing database BGP routes BGP routes are populated in the RIP routing database Route Tag Type Specifies whether the route tag is manually entered or automatically generated Select Manual the Route Tag must be entered manually Select Automatic the Route Tag is generated automatically and the Route Tag field is disabled Route Tag Type the route tag if the Route...

Страница 142: ... configuration parameters The following section describes the parameters for configuration of the VRRP settings located at Configuration IP Routing VRRP VRRP Settings tab Variable definitions The following table describes the variables and values for configuring VRRP settings Variable Value VRRP Status Specifies the VRRP status Select Enabled to enable VRRP in the router and restart VRRP on all th...

Страница 143: ...efault value is 100 Authentication Type Select the Authentication type used for VRRP protocol exchanges between virtual routers If you select No Authentication the VRRP Protocol exchange values are not authenticated If you select Simple Text Password the VRRP Protocol exchanges are authenticated by a clear text password The default value is No Authentication Authentication Key Type the authenticat...

Страница 144: ...144 IP routing advanced configuration NN47928 500 NN47928 500 ...

Страница 145: ...ation Protocol DHCP server and the relay settings for Business Service Gateway BSG Prerequisites for DHCP advanced configuration You must have SYSTEM READ WRITE permission to access DHCP configuration DHCP advanced configuration navigation DHCP server configuration page 146 DHCP relay settings configuration parameters page 151 ...

Страница 146: ...and values for configuring DHCP basic settings Variable Value DHCP Server Select the DHCP server status Select Enabled to enable the DHCP server and process DHCP client requests Select Disabled to disable the DHCP server and stop processing client requests The default value is Enabled Blocked IP Address Re use Timer seconds Type the reuse timeout value used by the DHCP server This timer value repr...

Страница 147: ...Router IP format a list of IP addresses for routers on the client subnet The code for the default router option is 3 and its length is 4 octets The length must always be a multiple of 4 Timer servers IP format a list of time servers RFC 868 available to the client The code for the time server option is 4 and its length is 4 octets The length must always be a multiple of 4 Name server IP format a l...

Страница 148: ...he maximum lease time associated with the server pool Status Displays the status of the pool setting entry Status is Up or Down This field is displayed after you add a pool setting entry Variable Value Pool Name Select the pool name Option The DHCP option Select one of the following options Netmask IP Format the client subnet mask RFC 950 The code for the subnet mask is 1 and its length is 4 octet...

Страница 149: ... one of the following options Netmask IP Format the client subnet mask RFC 950 The code for the subnet mask is 1 and its length is 4 octets Default Router IP format a list of IP addresses for routers on the client subnet The code for the default router option is 3 and its length is 4 octets The length must always be a multiple of 4 Timer servers IP format a list of time servers RFC 868 available t...

Страница 150: ...st Pool Name Select the pool name Host IP Type the IP address of the host Identifier Type the IP address of the identifier The identifier is a string of maximum length 63 Variable Value Device Name Type the DHCP device name The maximum string length is 63 characters The space character cannot appear in the device name Device Status Specifies the device status The device status restricts DHCP servi...

Страница 151: ...ate the relay agent The default value is Disabled IP DHCP Relay Information Option Select the IP DHCP Relay Information Option status This option controls the processing related to Relaying Agent information Select Enabled to start processing the relay agent information options The processing includes inserting the options before relaying a packet from a client to a server and examining or strippi...

Страница 152: ...152 DHCP advanced configuration NN47928 500 NN47928 500 ...

Страница 153: ...efinitions The following table describes the variables and values for configuring dynamic multicast Variable Value Select Select the port you want to configure Port Type the port on which GMRP and the Restricted Group Registration are configured Port Name Type the port name Dynamic Multicast Status Select the GMRP port status At the system level Dynamic Multicast and IGMP Snooping are mutually exc...

Страница 154: ...GMP leave is received from a host the BSG removes the host s port from the table entry Prerequisites to IGMP snooping advanced configuration You must disable Dynamic Multicast Learning before you can enable IGMP Snooping see VLAN basic settings configuration parameters page 111 IGMP snooping configuration navigation IGMP snooping basic settings configuration parameters page 154 IGMP snooping timer...

Страница 155: ...IP Based if the hardware supports programming of S G and G entries Select MAC Based if the hardware supports only MAC based multicast tables This configuration takes effect when you reboot the system The default value is IP Based Report Forwarding Select whether the reports are forwarded on all the ports or only on the router ports Select All Ports to forward reports on all the ports Select Router...

Страница 156: ...port The timer runs for the configured time for each port on which a report is received This timer restarts whenever a report message is received from a host on the specific port If the timer expires the learnt port entry is purged from the multicast group The value ranges from 130 to 1225 The default value is 260 seconds Report Forward Interval secs Type the time interval within which the next re...

Страница 157: ... one of the following options Version1 Version2 Version3 The default value is Version3 Fast Leave Select the fast leave status of IGMP If you select Disabled the switch checks if any interested receivers are in the group by sending a group specific query before removing the port from the forwarding table If you select Enabled the switch does not send a group specific query It immediately removes t...

Страница 158: ...t Forwarding Table and IP Based Multicast Forwarding Table screens Variable Value VLAN ID Displays the VLAN ID Port List Displays the ports on which routers are connected for the VLAN ID Variable Value MAC Based Multicast Forwarding VLAN ID Displays the VLAN ID pertaining to the MAC based multicast forwarding entry Group MAC Address Displays the configured Group MAC Multicast address Port List Dis...

Страница 159: ...s page 161 QoS queue settings configuration parameters page 162 QoS basic settings configuration parameters The following section describes the parameters for configuration of the QoS basic settings located at Configuration QoS Basic Settings tab Variable definitions The following table describes the variable and value for configuring QoS basic settings Policy map settings configuration parameters...

Страница 160: ...mber if it exceeds CIR It is marked green if it does not exceed CIR The marking is based on Committed Information Rate CIR and two associated burst sizes Committed Burst Size CBS and Peak Burst Size PBS A packet is marked green if it does not exceed CBS and amber if it exceeds CBS but not PBS Otherwise it is marked red PIR bytes per second Type the PIR key value in bytes per second The default val...

Страница 161: ...of the following options Any both TCP or UDP packets are classified using the class map TCP only TCP packets are classified using the class map UDP only UDP packets are classified using the class map Source Port Type the source port The value ranges from 1 to 65535 Destination Port Type the destination port The value ranges from 1 to 65535 Incoming DSCP Type the incoming Differentiated Services Co...

Страница 162: ...e following table describes the variables and values for configuring QoS queue settings Variable Value Select Select the port you want to configure Port Displays the port number Port Name Displays the port name Priority0 Select the Traffic Class value for priority 0 The value ranges from 0 to 7 Priority1 Select the Traffic Class value for priority 1 The value ranges from 0 to 7 Priority2 Select th...

Страница 163: ...nfigured minimum depth The default value is 50 Amber Threshold Max Type the maximum Amber Threshold value All amber packets are dropped at the configured maximum depth The default value is 64 Scheduler Weight Type the queue weight The range for queues 3 to 7 is 1 to 65535 The default weights are queue 0 0 cannot be changed queue 1 0 cannot be changed queue 2 0 cannot be changed queue 3 512 cannot ...

Страница 164: ...164 QoS advanced configuration NN47928 500 NN47928 500 ...

Страница 165: ...on navigation VPN settings configuration page 165 Users configuration page 171 VPN settings configuration This section provides configuration of the branch office tunnel VPN settings configuration navigation VPN global settings configuration parameters page 165 VPN policy configuration parameters page 166 VPN IPsec configuration parameters page 166 IKE pre shared secret configuration parameters pa...

Страница 166: ... Remote Identity Type The user identity type that uniquely identifies the peer Select one of the following IPV4 specifies the IP address FQDN specifies the fully qualified domain name an unambiguous domain name that denotes the position of the node in the DNS tree hierarchy EMAIL specifies the email of the peer KEYID specifies the string that uniquely identifies the peer Remote Identity Value Type...

Страница 167: ...the outbound traffic Protocol Select the required traffic protocol for the source and destination address Select one of the following options Any TCP UDP ICMPv4 AH ESP When you select a protocol and apply the IPSec policy the policy is applied on the selected protocol packets only For example if you select ICMPv4 when you ping from one host to another only ICMP packets are authenticated IPSec SA t...

Страница 168: ...e to the fixed block size of 128 bits AES operates on a 4x4 array of bytes Encryption Keys 1 2 and 3 The encryption key settings depend on the selected IPSec Encryption DES specify a key for Encryption Key 1 only length 16 3DES specify encryption keys 1 2 and 3 AES 128 specify a key for Encryption Key 1 only length 32 AES 192 specify a key for Encryption Key 1 only length 48 AES 256 specify a key ...

Страница 169: ...a standard for encrypting data that uses a 64 bit key to encrypt data but only 56 bits are usable This standard is considered inadequate for data protection as this standard do not match the speed of computer Triple Data Encryption Standard 3DES processes each block of data using a different key each time resulting in a significantly more secure message Advanced Encryption Standard AES128 AES192 A...

Страница 170: ... The list contains the Remote Identity values added on VPN Global Settings Local Identity Type Value Select the identity type to access the local network Select one of the following IPV4 IP address FQDN Fully Qualified Domain Name EMAIL email address of the user KEYID uniquely identifies the peer Type the associated value IP Sec Phase 2 Proposal table Protocol Select the authentication protocol Se...

Страница 171: ...orithm This cryptographic hash function computes a condensed digital representation to a high degree of probability IPSec Mode Select the IPSec mode Select Tunnel IPSec encrypts the IP header and the Payload Select Transport IPSec encrypts only the Payload Preferred Forward Secrecy Select the Preferred Forward Secrecy PFS Select one of the following options Select None IKE does not use any PFS PFS...

Страница 172: ...s for the configuration of client termination located at Configuration VPN Users Client Termination tab Variable definitions The following table describes the variables and values for configuring client termination Variable Value User Name Type the user name The range is 1 to 31 characters Password Type the password for the user The range is 1 to 31 characters Variable Value Pool Name Type the nam...

Страница 173: ...etwork speed Select 3 DES if you require network security IPSec Authentication Select the preferred authentication method Select one of the following options HMAC MAC5 the message authentication code is calculated using the MD5 cryptographic hash function This cryptographic hash function has some additional security properties with a 128 bit hash value which is commonly used to check the integrity...

Страница 174: ...raffic Selector table Local Address Type the Source IP address of the outbound traffic Local Address Mask Type the Network mask of the outbound traffic Remote Address Type the Destination IP address of the outbound traffic Remote Address Mask Type the Destination mask of the outbound traffic Protocol Select the traffic protocol for the source or destination address Select one of the following opti...

Страница 175: ...ethod is required HMAC MAC5 the message authentication code is calculated using the MD5 cryptographic hash function This cryptographic hash function has some additional security properties with a 128 bit hash value which is commonly used to check the integrity of files HMAC SHA1 the message authentication code is calculated using the SHA1 algorithm This cryptographic hash function computes a conde...

Страница 176: ...176 VPN advanced configuration NN47928 500 NN47928 500 ...

Страница 177: ...onfigure SIP You must ensure that the WAN interface can ping the SIP server You must ensure that Network Address Translation NAT and firewall are enabled in the WAN interface You must have VOICE READ WRITE permission to access SIP configuration SIP advanced configuration navigation SIP server management configuration parameters page 178 SIP system configuration page 179 SIP protocol configuration ...

Страница 178: ...splays the status of the SIP server The default value is Enabled Operating Mode Displays the current operating mode of the SIP Server One of the following values is displayed Normal Any type of SIP call is possible BackupWanUp The WAN link is up but SSE server is not reachable by WAN BackupWanDown The WAN link is down SIP calls can be made only inside the LAN The mode changes dynamically based on ...

Страница 179: ...configuring the central SIP server Variable Value Managed Domain Name Type the domain name of the SIP server You can also type the IP address of the SIP server in this field The default name is mydomain com Central SIP Server Address Type the IP address of the central SIP server This field is mandatory Transport Select the required transport protocol for SIP Select one of the following options Use...

Страница 180: ...e ranges from 1 to 10 The default value is 2 Central SIP Server via Address es Displays the central SIP server via address or addresses You can enter aliases for the Central SIP Server address Separate each address with a comma Note If the maximum number of simultaneous SIP calls across the WAN is reached the next SIP call attempt fails and the caller hears fast busy tone Variable Value Select Sel...

Страница 181: ...ddress Directory Path Type the directory path Variable Value Dump SIP Messages Specifies whether SIP messages are traced Select Enable to enable traces for all calls Select Disable to disable traces for all calls The default value is Disable Detailed Traces Specifies that the traces are logged in detail Select one of the following options All all components are traced None no components are traced...

Страница 182: ...variables and values for configuring header settings Transport settings configuration parameters The following section describes the parameters for the configuration of transport settings located at Configuration SIP SIP Protocol Transport tab Variable definitions The following table describes the variables and values for configuring transport settings Variable Value Organization Header Type the n...

Страница 183: ...65535 TLS Select this check box to configure TLS TLS Port Type the port number used for TLS The value ranges from 1 to 65535 Variable Value Minimum Registration Period Type the minimum registration period for the SIP server The value ranges from 1 to 3600 The default value is 30 seconds Maximum Registration Period Type the maximum registration period for the SIP server for any phone when the BSG i...

Страница 184: ... in the Subscriber database The default value is Enable Remove Dynamic Subscriber On De registration Select the Dynamic subscriber De Registration status Select one of the following Enable When the SIP call is complete the subscriber is automatically removed from both the Registration and Subscriber database Disable When the SIP call is complete the subscriber information must be explicitly delete...

Страница 185: ...e default value is 90 ms Maximum Type the maximum session timer value in milliseconds The value ranges from 90 to 4294967295 The default value is 3600 ms Protocol Timers Timer T1 Type the timer T1 value in milliseconds This is used for local retransmission The value ranges from 1 to 2147483647 The default value is 500 ms Timer T2 Type the timer T2 value in milliseconds This is used for local retra...

Страница 186: ...Timer I Type the timer I value in milliseconds The value ranges from 1 to 2147483647 The default value is 5000 for UDP Timer J Type the timer J value in milliseconds The value ranges from 1 to 2147483647 The default value is 32000 for UDP Timer K Type the timer K value in milliseconds The value ranges from 1 to 2147483647 The default value is 5000 for UDP Variable Value ...

Страница 187: ...d at Configuration SIP Routing Rules View Rules tab The View Rules panel also shows the list of routing rules created using the Add Rule panel Variable definitions The following table describes the variable and value displayed in the Routing Rules dialog box Adding rules configuration parameters The following section describes the parameters for the configuration of a routing rule located at Confi...

Страница 188: ...ith the start and end numbers given in the range Otherwise must be specified as the condition in the last rule Value for Condition Type the value for the specified condition This option is disabled for some conditions Specify Number Transformation Select this check box to enable number transformations Type Specifies the number transformations applicable to the condition Select one of the following...

Страница 189: ...s Select this option button to enable and use the Custom Dial Plan Scripts If you select this check box Use Web UI Dial Plan Configuration is disabled New Dial Plan Name Type the new dial plan name if you enabled Use Custom Dial Plan Scripts NTML File Path Type the National Traffic Management Log NTML file path if you enabled Use custom Dial Plan Scripts Dial Plan Mode Select the dialplan mode if ...

Страница 190: ...e of the subscriber The maximum number of characters is 32 Alias Type the alias name of the subscriber The maximum number of characters is 100 You can configure the alias only when Allow Dynamic Subscriber Addition is enabled You can set Allow Dynamic Subscriber Addition in Registrar Configuration under SIP Protocol In backup mode SIP alias works for static subscribers only Display Name Type the d...

Страница 191: ...O FXS Global tab Variable definitions The following table describes the variables and values for global configuration of codec FXO and FXS Variable Value VoIP Status Displays the VoIP current status Displays Running if VoIP is running Displays Not Available if VOIP is not running VoIP Firmware version Displays the version of the VoIP firmware Country Code The country code The default value is Cana...

Страница 192: ...ce Mail configuration Mail box Enable Select this check box to enable voice mail in VoIP The default value is unchecked Server IP Type the IP address of the mail server You can configure this field only when Mail box Enable is selected Server Port Type the mail server port The value ranges from 1024 to 65535 The default value is 5060 You can configure this field only when Mail box Enable is select...

Страница 193: ...in increments of 30 Possible values are 30 60 90 120 For all other codecs the range is 10 to 100 in increments of 10 Possible values are 10 20 30 90 100 The default frame size value for G 723 is 30 For all other codecs the default value is 20 Silence Compression Status Select this check box to enable silence compression for the corresponding codec entry When enabled no unnecessary noise consumes t...

Страница 194: ...smitted over IP The default value is Disabled Mail Password Type the mailbox password of the FXS channel This password is used when the Voice Mail Configuration is enabled see Global information configuration parameters page 191 Call Forwarding Forward Number Type the number to which the call is forwarded Ring type Select the ring type for the FXS channel Select one of the following options 0 1 2 ...

Страница 195: ...if the SIP server becomes unavailable Variable Value FXO Channel Select the required FXO channel Channel Enable Select this check box to enable the administrative status of the FXO channel The channel is available for use only when it is enabled Channel Number Type the FXO channel number This is the FXO number which identifies the FXO line for an incoming call Password Type the password for access...

Страница 196: ...vate UDP via port for SIP application Private SIP Via TLS Port Displays the private secured transport via port for SIP application Private SIP Record Route Displays the private record route IP for further SIP requests Private SIPS Record Route Displays the private secured SIP record route IP for further SIPS requests Timer for Cleaning NAT Binding Displays the NAT binding cleaning time in minutes ...

Страница 197: ...The following section describes the parameters for the configuration of basic port settings located at Configuration Port Management Ethernet Basic Settings tab Variable definitions The following table describes the variables and values for configuring Ethernet basic port settings Variable Value Select Select the Ethernet port you want to configure Port Displays the Ethernet port number Port Statu...

Страница 198: ...The MTU must be increased if you want bigger packets without fragmentation Enabling Jumbo Frame Support increases the MTU of the port Select Enabled to enable Jumbo Frame Support Select Disabled to disable Jumbo Frame Support The default value is Disabled Variable Value Select Select the Ethernet port you want to configure Port Displays the Ethernet port number Port Name Displays the Ethernet port...

Страница 199: ...10Mb s 100 Mbps port speed is 100Mb s 1Gbps port speed is 1Gb s Flow Control Select the flow control status Select one of the following options Disabled flow control is turned off Transmit flow control is sent to a remote device Receive flow control is received from a remote device Both flow control is sent and received from a remote device Variable Value ...

Страница 200: ...200 Port management advanced configuration NN47928 500 NN47928 500 ...

Результаты поиска

Содержание BSG12aw 1.0

Отзывы:

Похожие инструкции для BSG12aw 1.0

Бренды по названию

Популярные бренды

Nortel BSG12aw 1.0, Руководство по настройке

Результаты поиска

Содержание BSG12aw 1.0

Отзывы:

Похожие инструкции для BSG12aw 1.0

Бренды по названию

Популярные бренды