Patton electronics ipRocketLink 3086FR Скачать руководство пользователя страница 122 | Manualshive

Страница: 122 / 172

Patton electronics ipRocketLink 3086FR Скачать руководство пользователя страница 122

Introduction

122

Model 3086FR ATM IAD User Guide

10 • Security

Introduction

Security provides the ability to setup and enforce security policies. The policies define the types of traffic per-
mitted to pass through a gateway, either inbound, outbound, or both, and from which origins the traffic may
be allowed to enter.

Within the security configuration is a stateful firewall. A stateful firewall utilizes a security mechanism to main-
tain information concerning the packets it receives. This information is used for deciding dynamically whether
or not a packet may pass through.

Port filters are rules that determine how a packet should be handled. The rules define the protocol type, the
range of source and destination port numbers and an indication whether the packet is allowed or not.

Security triggers are used with applications that require and create separate sessions. The most common exam-
ple is FTP. An FTP client establishes a connection to a server using port 21, but data transfers are done on a
separate connection or port. The port number, and who makes the connection, can vary depending on the
FTP client. To allow FTP to work without triggers, you would need to set up port filters allowing the correct
port numbers through. This is a significant security risk.

This risk can be avoided by using security triggers. Triggers tell the security mechanism to expect these second-
ary sessions and how to handle them. Rather than allowing a range of port numbers, triggers handle the situa-
tion dynamically, opening the secondary sessions only when appropriate. The triggers work without needing to
understand the application protocol or reading the payload of the packet, although this does happen when
using NAT.

Triggering allows you to set up a trigger for different application protocols that use multiple sessions. The tim-
eout between sessions and whether or not session chaining are allowed are configurable. Session chaining is not
needed for FTP but is for NetMeeting.

See Chapter 11, “NAT (Network Address Translation)” on page 131.

Configuring the IAD

The configuration of security assumes that the 3086FR/Frame Relay to ATM Converter already has a valid IP
address for the Ethernet port so that the user may access the modem via the web page. If the IP address is still
the factory default, go to the section in Chapter 3 entitled IP Address Quick Start Modification.

In this example the WAN transport between the two 3086FR/IADs will be IPoA.

1.

Click on

WAN Connections

under Configuration on the 3086FR’s Menu.

2.

Click on

Create a New Service

.

3.

Select

IPoA Routed

and click on the

Configure

button.

4.

For this example, enter

IPoA Security Firewall

in the Description field.

5.

VPI remains at

0

. Change VCI to be

100

.

6.

Click on

WAN IP address

and enter

192.168.101.1

in the adjacent box. The default IP mask is

255.255.255.0.

7.

Click on

Apply

.

«
...
120
121
122
123
124
...
»

Содержание ipRocketLink 3086FR

Страница 1: ...E mail support patton com WWW www patton com Part Number 07M3086FR UG Rev C Revised February 16 2012 Important This is a Class A device and is intended for use in a light industrial environment It is...

Страница 2: ...cts and will at our option repair or replace the product should it fail within one year from the first date of the shipment This warranty is limited to defects in workmanship or materials and does not...

Страница 3: ...rotocol support 15 PPP Support 16 ATM Protocols 16 Frame Relay to ATM conversion protocols 16 Protocol Support 16 Management 17 Security 17 Front Panel Status LEDs Test Mode Switches and Console Port...

Страница 4: ...Configuring the DSL interface using the CLI 48 DSL Data Rate 48 Data Link Interface 48 Annex Type 48 Line Probe 49 Error Monitors 49 Configuring the serial port 50 Configuration variables available 50...

Страница 5: ...erMaxErrors Default Value 3 79 CLI Configuration Methods 80 Show current configuration 80 Set configuration variable 80 Web Configuration Methods 81 8 3086FR routed and bridged ATM connections 83 Intr...

Страница 6: ...r assistance 145 Introduction 146 Contact information 146 Warranty Service and Returned Merchandise Authorizations RMAs 146 Warranty coverage 146 RMA numbers 147 A Compliance information 149 Complianc...

Страница 7: ...162 RJ 11 non shielded port 162 RJ 45 non shielded RS 232 console port EIA 561 162 Serial port 163 V 35 M 34 Connector 163 V 35 DB 25 Female Connector 163 X 21 DB 15 Connector 164 E1 T1 RJ 48C Connec...

Страница 8: ...8 Model 3086FR ATM IAD User Guide Contents...

Страница 9: ...hapter 3 provides quick start installation procedures Chapter 4 describes connecting the DSL and data ports Chapter 6 describes configure Frame Relay and ATM features Chapter 7 describes the Local Man...

Страница 10: ...bol and WARNING heading indicate a potential electric shock hazard Strictly follow the warning instructions to avoid injury caused by electric shock The alert symbol and WARNING heading indicate a pot...

Страница 11: ...sible and pro tected by a circuit breaker For AC powered units ensure that the power cable used meets all applica ble standards for the country in which it is to be installed and that it is con nected...

Страница 12: ...ndicate function and keyboard keys such as SHIFT CTRL C and so on Are you ready All system messages and prompts appear in the Courier font as the system would display them dir Bold Courier font indica...

Страница 13: ...PP Support 16 ATM Protocols 16 Frame Relay to ATM conversion protocols 16 Protocol Support 16 Management 17 Security 17 Front Panel Status LEDs Test Mode Switches and Console Port 18 Console port outl...

Страница 14: ...2 specifies 4 wire for data rates from 2 3 to 4 6 Mbps the 3086FR is able to operate up to 4 6 Mbps over just 2 wires Speed setting ranges are user selectable in nx64 kbps increments from 64 kbps The...

Страница 15: ...nce from 24 900 feet 7 590 m at 192 kbps to 10 200 ft 3 109 m at 2 3 Mbps on 26 AWG 0 4 mm wire Annex A ANSI Annex B ETSI PSD selection CO and CP modes supported TC PAM based DSL modulations EOC Manag...

Страница 16: ...e ATM UNI 3 0 3 1 and 4 0 signaling ATM QoS with UBR CBR nrt VBR and rt VBR Peak cell rate shaping on a per VCC basis up to 32 active VCCs across VPI 0 255 VCI 0 65525 Single default PVC 8 35 with PCR...

Страница 17: ...ify circuit turn up Logging via SYSLOG and VT 100 console Console port set at 9600 bps 8 N 1 settings no flow control EOC access for End To End management configuration and control Security Packet fil...

Страница 18: ...ketLink routers have all status LEDs and console port on the front panel of the unit and all other electrical connections are located on the rear panel Figure 1 Model 3086FR The status LEDs from left...

Страница 19: ...DTE device attached to the serial port is active binary 1 T1 E1 Link Green On indicates the T1 E1 interface is connected to a live T1 E1 line LOS Red On indicates a T1 E1 loss of frame condition It al...

Страница 20: ...universal power supply The Model 3086FR offers internal or external AC power supply options The internal power supply connects to an AC source via an IEC 320 connector 100 240 VAC 200 mA 50 60 Hz The...

Страница 21: ...ows When in the default out position the Ethernet circuitry takes on a straight through MDI configuration and functions as a transceiver It will connect directly to a hub When in the in position the E...

Страница 22: ...Model 3086FR Frame Relay over ATM IAD overview 22 Model 3086FR ATM IAD User Guide 1 General Information...

Страница 23: ...23 Chapter 2 Product Overview Chapter contents Product Overview 24 Applications Overview 24 FR over ATM 25 Integrated access 25...

Страница 24: ...IP interface A transport consists of layer 2 and everything below it Creating a transport and attaching it to a bridge or router s interface enables data to be bridged or routed The supported transpor...

Страница 25: ...del 3086FR fills that gap providing seamless and economical FR to ATM conversion allowing customers to keep using their legacy equipment Integrated access In addition to FR to ATM conversion and trans...

Страница 26: ...Product Overview 26 Model 3086FR ATM IAD User Guide 2 Product Overview...

Страница 27: ...n Chapter contents Hardware installation 28 What you will need 28 Installing the AC power cord 28 Connecting network cables 29 IP address Quick Start modification 30 Web Operation and Configuration 30...

Страница 28: ...owser in preparation for configuring the modem see Web Operation and Configura tion on page 30 What you will need Model 3086FR G SHDSL IAD Ethernet cable with RJ45 plugs on each end included with IAD...

Страница 29: ...RJ45 RJ45 straight through cable between the adapter and the red marked RJ45 port on the 3086FR IAD 2 Do NOT connect the Frame Relay to ATM Converter to the Ethernet LAN now 3 On the PC start a Hyper...

Страница 30: ...ces enter To see if the change in IP address is correct fi system config save enter To save the new IP address in flash memory Wait for configuration saved message Saving configuration fi Configuratio...

Страница 31: ...uick Start Installation The Model 3086FR home page displays see figure 3 SS Figure 3 Model 3086FR home page The Model 3086FR menu structure for models RIC and RID is shown in figure 4 on page 32 the m...

Страница 32: ...Hardware installation 32 Model 3086FR ATM IAD User Guide 3 Quick Start Installation Figure 4 Model 3086FR Menu Structure Models RIC and RID...

Страница 33: ...Hardware installation 33 Model 3086FR ATM IAD User Guide 3 Quick Start Installation Figure 5 Model 3086FR Menu Structure Model RIK...

Страница 34: ...Hardware installation 34 Model 3086FR ATM IAD User Guide 3 Quick Start Installation...

Страница 35: ...ports 39 Connecting the 3086FR serial port to a DTE 39 Connecting the 3086FR serial port to a DCE 39 V 35 interfaces 39 X 21 interfaces 39 T1 Interface 41 T1 Interface Connection 41 T1 Interface Conf...

Страница 36: ...ps Configure the DSL interface assigning all bandwidth to the serial port Configure the serial port Configure the FR to ATM conversion When the 3086FR Ethernet port is used to route data from and to t...

Страница 37: ...are not acceptable The female RJ 11 connector on the Model 3086FR s twisted pair interface is polarity insensitive and is wired for a two wire interface Figure 7 RJ 11 pinout TDM Port Model 3086FR un...

Страница 38: ...TDM Port 38 Model 3086FR ATM IAD User Guide 4 Connecting the DSL and data ports Figure 8 Rear panel power and interface connectors...

Страница 39: ...e option for DTE configuration a tail circuit cable will be required this cable is available from most datacomm supply vendors The tail circuit cable will cross most interface signals so that the DCE...

Страница 40: ...E DTE board 3 The DTE DCE daughter board is installed at the factory with the DCE label and arrows pointing towards the X 21 connector DCE configuration To change to DTE configuration lift the daughte...

Страница 41: ...crossover cable connects the transmit pins of the Model 3086FR s T1 port to the receive pins of the device attached to this port and vice versa Check the third party T1 equipment documentation for pin...

Страница 42: ...mpedance to protect the device set unit to Normal for regular operation Once all options have been selected click on the Configure and Activate at the bottom of the screen Addition ally save the confi...

Страница 43: ...e device attached to this port and vice versa Check the third party E1 equipment documentation for pinout information and cable requirements If the E1 connection is made via the BNC connectors connect...

Страница 44: ...me CAS E1 with CRC Consult with your service provider which option is required Line Code Choose from AMI or HDB3 Most E1 applications use HDB3 Line Build Out Select 120 ohm if the E1 connection is mad...

Страница 45: ...Interface 48 Annex Type 48 Line Probe 49 Error Monitors 49 Error Monitor Max Interval Errors 49 Error Monitor Interval Time sec 49 Error Monitor Interval Count 49 Error Monitor Total Intervals 49 Erro...

Страница 46: ...age 53 Configuring the LMI local management interface see chapter Configuring the DSL and serial ports on page 45 Configuration can be done via web browser or via command line interface CLI through lo...

Страница 47: ...ons use nx64kbps DSL speeds leave this setting at 0 unless your application calls for a non nx64 speed Selections for the I bit are 0 through 7 as follows 0 no increment 1 Intended DSL data rate 8 kbp...

Страница 48: ...n error before the DSL link is restarted Default 3 Error Monitor Start Up Delay Amount of time to wait after the link is up before monitoring the DSL link Default 5 Once you have entered your selectio...

Страница 49: ...k is capa ble of passing error free data The error monitor will accumulate DSL line statistics CRC count FIFO errors LOSW count etc and make a determination on whether or not to drop DSL link and retr...

Страница 50: ...k Setting this variable will invert the appropriate clock at the interface This should only be used under direction of Patton Electronics technical support in order to trouble shoot system installatio...

Страница 51: ...mode or source of timing for the serial interface options internal internal timing external external timing notes For X 21 devices this setting must match the DTE DCE jumper inside the unit serial spe...

Страница 52: ...and serial ports Web Interface Configurations The serial interface can be configured using the web interface by following the Serial hyperlink on the web management screen The following screen shot s...

Страница 53: ...ted with the specified port 65 Configuration Management of the Channel Level Variables 65 Understanding the Channel Level View 65 Set Configuration Variables associated with the channels 66 Frame Rela...

Страница 54: ...y Transport 74 Clear all Frame Relay Transports 75 Delete the specified transport 75 List all active Frame Relay Channels 75 Set configuration variables for the specified frame relay transport 75 Show...

Страница 55: ...tworks so an ATM network may be used to transport FR from end to end The ATM network is completely transparent to the FR network and equipment The IWF Interworking Function equipment implements this f...

Страница 56: ...to transport multiple DLCIs PVCs between two FR locations For additional details see sec tion Frame Relay Network FRN Interworking FRF 5 on page 57 With Frame Relay Service FRS Interworking FRF 8 ATM...

Страница 57: ...Frame Relay Ethernet based operations on page 74 Figure 16 Example Ethernet based FR ATM application The PCs on the private side of the firewall have access to the web server in the DMZ and the Intern...

Страница 58: ...he connection multiplexing is configured for one to one each port can carry one channel DLCI or PVC However when many to one is selected up to 8 channels DLCIs can be carried in one ATM port Since eac...

Страница 59: ...dministrators Reference Guide 6 Configuring FR and ATM features Figure 18 FRN Setup FRF 5 link location Once FRN Setup FRF 5 is selected see figure 18 the Port Level Configuration screen is displayed...

Страница 60: ...mation Figure 20 Port X Configuration window This screen is divided into the following sections Port Level Information screen The Port Level Configuration information allows the user to configure Port...

Страница 61: ...lay interface to the ATM interface Channel configuration variables options include the Frame Relay DLCI that will be used to communicate with the Frame Relay Network Port Level Configuration Options P...

Страница 62: ...multiple DLCI channels to be transported over a single ATM rfc1483 connection Note that if the MuxMode is not set to many to one trying to add multiple DLCI connections will result in errors Mux_one_t...

Страница 63: ...he system to transport data over the atm link using a different DLCI than is used on the DTE side If the network DLCI is set to 0 then the DTE side DLCI will be used If the Network DLCI is set to any...

Страница 64: ...110 110 disable mux_one_to_one port3 none 20 120 120 disable mux_one_to_one port4 none 30 130 130 disable mux_one_to_one port5 none 40 140 140 disable mux_one_to_one port6 none 50 150 150 disable mux_...

Страница 65: ...used to determine the possible configuration options available to the user Note At any point during the typing of the command selecting the will display the possible options available to the user Not...

Страница 66: ...ure shows the setting of the DLCI for port 5 channel 1 Note that after the channel number was input the key was used to request that the system displays the possible variables that the user has access...

Страница 67: ...nfigured by group and channel The group level configuration options are applied to eight channels that are related to that group The following list of variables are configured at the group level Figur...

Страница 68: ...his is required because ATM and Frame Relay encapsulate packets in different formats as defined by their respective RFC There are two options available for the Translation Mode setting within the Mode...

Страница 69: ...hen the packet is routed to the appropriate encapsulation conversion station before being sent out the opposite interface Figure 24 FRS encapsulation conversion using Translate Mode Transparent The se...

Страница 70: ...Forward Explicit Congestion Notification bit will be mapped to the ATM EFCI Explicit Forward Congestion Indica tion bit and vise versa The following options are available Always_zero Frame Relay All F...

Страница 71: ...are configured using the frs directive in the CLI interface The following commands are available Show one of the eight groups Command frs show group The frs show group command shows the configuration...

Страница 72: ...t channel variable value The following example could be used to set the DLCI variable to 171 fi frs set channel 1 DLCI 171 Web Configuration Methods The following documentation defines how to configur...

Страница 73: ...channel level information screen is displayed as shown below This screen allows configuration of all variables associated with the group and chan nels The screen is broken down into three sections th...

Страница 74: ...e Relay Fragmentation will be disabled If set to any other value it will set the fragmentation size used DLCI Data Link Connection Identifier The Frame Relay DLCI used for the specified channel Must b...

Страница 75: ...ame Relay Channels Command framerelay list transports List all transports currently defined in the system Set configuration variables for the specified frame relay transport Command framerelay set tra...

Страница 76: ...6 Configuring FR and ATM features Model 3096RC G SHDSL T DAC Administrators Reference Guide 76 Frame Relay Ethernet based operations...

Страница 77: ...ault Value FALSE 79 T391_Value Default Value 10 79 T392_Value Default Value 16 79 fullReportCycle Default Value 6 79 netErrorWindowSize Default Value 4 79 netMaxErrors Default Value 3 79 userErrorWind...

Страница 78: ...ing options are available no_maintenance No maintenance interface will be used for this frame relay connection ITU_Network The ITU Q 933 protocol will be used The unit will operate as the Network side...

Страница 79: ...DTE side is DOWN Mgt_Port_UP Currently the LMI on the DTE side is UP mgtAutoStart Default Value FALSE The management Auto Start variable allows the user to start the LMI session before any DLCI connec...

Страница 80: ...ng options are available Show current configuration Command lmi show fi lmi show FR_Mgt Type no_maintenance FR_Mgt State Mgt_Port_DOWN Full Report Cycle 6 User Max Errors 3 Net Max Errors 3 User Error...

Страница 81: ...Interface Web Configuration Methods The following describes how to configure the LMI using the web interface All LMI configuration variables are contained under the LMI Management window found throug...

Страница 82: ...Web Configuration Methods 82 Model 3086FR ATM IAD User Guide 7 Local Management Interface...

Страница 83: ...84 DSLAM Connections with remote CPE units 84 Bridged application configurations to a DSLAM 84 RFC 1483 Bridged Configuration 85 PPPoA Bridged RFC 2364 Configuration 87 Routed application configuratio...

Страница 84: ...the DSL interface Assign DSL bandwidth to the serial port and the remaining DSL bandwidth will be assigned to 10 100Base T port For instance if you select a DSL rate of 512 kbps and 256 kbps are assig...

Страница 85: ...the command line interface CLI via the RS 232 control port fi ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as b...

Страница 86: ...ontrol port fi ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as both PCs For example to 192 168 100 3 fi ip set...

Страница 87: ...PPP packet transmitted and received through a PPP session to the connection The PPP packets are encapsulated according to RFC 2364 for transmission over the ATM link The packets are de encapsulated on...

Страница 88: ...his example it is called PPPoA Bridged VPI 0 VCI 300 LLC header mode off HDLC header mode off No authentication Leave User name and Password blank Click on Apply 3 Go to G SHDSL in the Configuration M...

Страница 89: ...already defined Click on Create a new service in the main window select PPPoA_Bridged and click on the Configure button In the Description field enter the description you wish In this example it is ca...

Страница 90: ...an IP address of 192 168 1 1 Change it to an IP address which is in the same subnet as the Desktop PC For example to 192 168 100 2 The default IP mask is 255 255 255 0 fi ip set interface ip1 ipaddres...

Страница 91: ...ged ATM connections In the Description field enter the description you wish In this example it is called RFC 1483 Routed Change the configuration parameters to match the following Description RFC 1483...

Страница 92: ...Gateway field OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 3 Mask 0 0 0 0 Cost 1 Interface blank 4 Go to G SHDSL in the Configuration Menu then the submenu Status The Modem St...

Страница 93: ...IP address is 192 168 172 229 so in this example change the IP address of the 3086FR to 192 168 172 3 The default IP mask is 255 255 255 0 fi ip set interface ip1 ipaddress 192 168 100 2 255 255 255 0...

Страница 94: ...onfiguration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main window select RFC 1483 Routed and click on the Configure button In the D...

Страница 95: ...uration Menu Configuration IP Routes Click on Create new Ip V4 Route Create the gate way to the remote 3086FR by entering the WAN IP address of the remote 3086FR in this example enter 192 168 164 2 in...

Страница 96: ...ived through a PPP session to the connection The PPP packets are encapsulated according to RFC 2364 for transmission over the ATM link The packets are de encapsulated on the receive side so that the I...

Страница 97: ...efault IP mask is 255 255 255 0 fi ip set interface ip1 ipaddress 192 168 100 2 255 255 255 0 Now you can bring up the web page management system on your browser by entering the IP address of the 3086...

Страница 98: ...on PPPoA Routed VPI 0 VCI 800 WAN IP Address 0 0 0 0 LLC Header Mode off HDLC Header Mode off CHAP User Name fred Passwood fredspass Click on Configure 3 In the Configuration Menu click on Configurati...

Страница 99: ...redspass Confirmation Password fredspass Dialout Auth chap Interface ID 1 Remote IP 192 168 164 2 Local IP 0 0 0 0 Magic Number 0 MRU 0 IP Addr from IPCP true Discover Primary DNS true Discover Second...

Страница 100: ...ptions parameters Ipaddr 0 0 0 0 Mask 0 0 0 0 Dhcp false MTU 1500 Enabled true Click on the Change button if changes were made 6 There is no gateway created in the IP routes submenu Upon connecting th...

Страница 101: ...r example to 192 168 172 3 The default IP mask is 255 255 255 0 fi ip set interface ip1 ipaddress 192 168 172 3 255 255 255 0 Now you can bring up the web page management system on your browser by ent...

Страница 102: ...ct PPPoA Routed and click on the Configure button In the Description field enter the description you wish In this example it is called PPPoA Routed Change the configuration parameters to match the fol...

Страница 103: ...n then WAN Connections Edit for the WAN Ser vice ppp1 Edit PPP and verify or change the following parameters on the Edit PPP webpage Parameters in red italics are those requiring changes from the defa...

Страница 104: ...blank Confirmation Password blank Dialout Auth none Interface ID 2 Remote IP 192 168 164 3 Local IP 192 168 164 2 Magic Number 0 MRU 0 IP Addr from IPCP true Discover Primary DNS false Discover Second...

Страница 105: ...DSLAM Connections with remote CPE units 105 Model 3086FR ATM IAD User Guide 8 3086FR routed and bridged ATM connections Click on Change button...

Страница 106: ...bridged ATM connections 4 Click on Edit ATM Channel Verify the Options to match the following Change if necessary Tx Vci 800 Tx Vpi 0 Rx Vci 800 Rx Vpi 0 Peak Cell Rate 2000 Burst Tolerance 0 MCR 0 M...

Страница 107: ...Ipaddr 192 168 164 2 Mask 255 255 255 0 Dhcp false MTU 1500 Enabled true Click on the Change button if changes were made 6 Again Configuration Menu Configuration IP Routes Click on Create new Ip V4 R...

Страница 108: ...ange it to deactivate Then in the Action submenu under G SHDSL change Action to Start then click on Action IPoA Routed RFC 1577 User data in the form of IP packets is encapsulated into AAL 5 PDUs for...

Страница 109: ...the IP address of the 3086FR 2 On the Menu go to Configuration then to WAN Connections Delete the factory default WAN services already defined Click on Create a new service in the main window select...

Страница 110: ...User Guide 8 3086FR routed and bridged ATM connections 3 Returning to the 3086FR Configuration Menu click on Configuration then IP Routes Click on Create new Ip V4 Route Destination 0 0 0 0 Gateway 19...

Страница 111: ...R routed and bridged ATM connections 4 Go to G SHDSL in the Configuration Menu then the submenu Configuration Change Terminal Type to Central and Interface Type to atm Click on the Configure button In...

Страница 112: ...t as both PCs For example to 192 168 172 3 The default IP mask is 255 255 255 0 fi ip set interface ip1 ipaddress 192 168 172 3 255 255 255 0 1 Now you can bring up the web page management system on y...

Страница 113: ...eate new Ip V4 Route Destination 0 0 0 0 Gateway 192 168 164 2 Mask 0 0 0 0 Cost 1 Interface leave blank Click on OK 4 Go to G SHDSL in the Configuration Menu then the submenu Configuration Leave Term...

Страница 114: ...DSLAM Connections with remote CPE units 114 Model 3086FR ATM IAD User Guide 8 3086FR routed and bridged ATM connections...

Страница 115: ...115 Chapter 9 IP Configurations Chapter contents IP Configurations 116 Router 116 RIP and RIPv2 116 Static Route 116 DHCP Server and Relay 117 DNS Client 119 DNS Relay Mode 120...

Страница 116: ...can configure the router to accept RIPv1 RIPv2 or both Follow these guidelines in choosing a routing configuration Choose RIPv1 if you want routing advertisements to be aggregated on the network class...

Страница 117: ...L link in the Value field of Gateway 5 Enter the appropriate netmask in the Value field of Netmask 6 Leave Cost as 1 7 Interface is an ASCII field which you may leave blank or fill in for your identif...

Страница 118: ...CP param eters The three categories of configuration parameters on this web page are the Address Range of the DHCP Server the Lease Times in seconds the selection of Domain Name Servers if desired and...

Страница 119: ...client provides a method for retrieving a list of IP addresses for a host name as well as acquiring the host name for a given IP address The DNS client will cache any results from the name server whic...

Страница 120: ...ge up to 10 DNS server addresses may be added to utilize the DNS servers already being used by the network 1 Select Enabled 2 Click on Configure 3 Enter the DNS server address in the field following D...

Страница 121: ...r contents Introduction 122 Configuring the IAD 122 Configuring the security interfaces 123 Deleting a Firewall Policy 124 Enabling the Firewall 125 Firewall Portfilters 125 Security Triggers 126 Intr...

Страница 122: ...Triggers tell the security mechanism to expect these second ary sessions and how to handle them Rather than allowing a range of port numbers triggers handle the situa tion dynamically opening the sec...

Страница 123: ...0 0 because this is the gateway default route 5 Click on Create and the route will be entered 6 The default gateway can be verified by clicking on IP Routes under Status in the menu Configuring the s...

Страница 124: ...dded between the external and internal interfaces 1 Under Policies Triggers and Intrusion Devices on the Security page click on Firewall Policy Configuration 2 In the Current Firewall Policies page cl...

Страница 125: ...e network is now secure All the interfaces which have been defined are protected and all traffic is blocked between different the different interface types That is all traffic is blocked between the e...

Страница 126: ...s Security triggers are used to allow an application to open a secondary port in order to transport data The most common example is FTP This procedure is to set up a trigger on the Firewall to have an...

Страница 127: ...igger which will open a secondary channel only when data is being passed This prevents the need to open too many ports which offer a security risk 1 From the Configuration Menu Configuration Security...

Страница 128: ...sabled Enables Victim Protection Victim Protection protects the victim from an attempted spoofing attack Web spoofing allows an attacker to create a shadow copy of the world wide web WWW All access to...

Страница 129: ...e addresses and keeps resending them This creates a backlog queue of unacknowledged SYN ACK packets Once the queue is full the system will ignore all incoming SYN request and no legitimate TCP connect...

Страница 130: ...Intrusion Detection System IDS 130 Model 3086FR ATM IAD User Guide 10 Security...

Страница 131: ...131 Chapter 11 NAT Network Address Translation Chapter contents Introduction 132 Enabling NAT 132 Global address pool and reserved map 133...

Страница 132: ...used so that different inside hosts can share a global address by mapping different ports to different hosts For example Host A is an FTP server and Host B is a web server By mapping the FTP port to...

Страница 133: ...lobal IP addresses need to be created and put into the Global Address Pool 3 Set the parameters to the following values Interface Type internal Use Subnet Configuration Use IP Address Range IP Address...

Страница 134: ...s Translation 6 Set the parameters to the following values Global IP Address 100 100 100 101 Internal IP address 10 1 1 2 Transport Type all Port Number 65535 This port number means all port numbers f...

Страница 135: ...135 Chapter 12 Monitoring Status Chapter contents Status LEDs 136...

Страница 136: ...1 off indicates CTS is binary 0 DTR Green ON indicates the DTR signal from the DTE device attached to the serial port is active binary 1 T1 E1 Link Green On indicates the T1 E1 interface is connected...

Страница 137: ...al Analog Loopback LAL Serial Port Loop 139 Operating Remote Digital Loopback RDL DSL Loop 139 T1 E1 Diagnostics 140 Network Loop 140 T1 E1 Local Loop 141 QRSS BIT Error Rate Diagnostics 142 T1 E1 con...

Страница 138: ...rades which are at no charge contact upgrades patton com for the location of the new firmware and follow these instructions 1 Get the firmware image from Patton and save on your PC It is a tar file an...

Страница 139: ...nt to the local Model 3086FR in this test mode will be echoed returned to the user device i e characters typed on the key board of a terminal will appear on the terminal screen Figure 29 Local Line Lo...

Страница 140: ...You should then check the twisted pair line for proper connections and continuity T1 E1 Diagnostics The 3086FR K offers two diagnostics loops for the T1 E1 interface Network line loopback and local l...

Страница 141: ...the Activate Test Mode button 2 Perform a BER bit error rate test Replace the Local T1 E1 equipment PBX with a T1 E1 tester and initiate a BER test to verify integrity of the cable and operation of t...

Страница 142: ...oped to the 3086FR originator the far end device i e PBX or routers s T1 E1 port must be set to line loop The local 3086FR decodes the received bits using the same polynomial If the received bits matc...

Страница 143: ...for the following Red Alarm Yellow alarm Blue Alarm Remote Alarm carrier loss and Sync Loss Transceiver Status This section displays status for the following Search FAS Search CRC Search CAS Frame Syn...

Страница 144: ...erator and detector 511 with Errors Initiates a built in 511 bit pseudo random pattern generator and detector The test pattern generator also injects intentional errors approximately once per second c...

Страница 145: ...ntents Introduction 146 Contact information 146 Warranty Service and Returned Merchandise Authorizations RMAs 146 Warranty coverage 146 Out of warranty service 146 Returns for credit 146 Return for cr...

Страница 146: ...re ship ment All of our products are backed by a comprehensive warranty program Note If you purchased your equipment from a Patton Electronics reseller ask your reseller how you should proceed with wa...

Страница 147: ...a request on the RMA Request page in the Support section at www patton com By calling 1 301 975 1000 and speaking to a Technical Support Engineer By sending an e mail to returns patton com All returne...

Страница 148: ...Warranty Service and Returned Merchandise Authorizations RMAs 148 Model 3086FR ATM IAD User Guide 14 Contacting Patton for assistance...

Страница 149: ...apter contents Compliance 150 EMC 150 Safety 150 PSTN Regulatory 150 Radio and TV Interference FCC Part 15 150 CE Declaration of Conformity 150 Authorized European Representative 151 FCC Part 68 ACTA...

Страница 150: ...wever there is no guarantee that inter ference will not occur in a particular installation If the equipment causes interference to radio or television reception which can be determined by disconnectin...

Страница 151: ...uniterrupted service If trouble is experienced with this equipment for repair or warranty information please contact our company If the equipment is causing harm to the telephone network the telephon...

Страница 152: ...Any repairs or alterations made by the user to this equipment or equipment mal functions may give the telecommunications company cause to request the user to disconnect the equipment Users should ensu...

Страница 153: ...T1 E1 Interface 3086FR RIK and RIT models only 155 64K G 703 Port 3086FR RIF Model 155 Protocol Support 155 PPP Support 156 ATM Protocols 156 Management 156 Security 157 Compliance Standard Requireme...

Страница 154: ...Ethernet Line and Console Field Factory Default Option Standard 1 year warranty G SHDSL Characteristics Full duplex 2 3 Mbps speed over 2 wire in accordance with ETSI ITU standard G 991 2 2 3 Mbps to...

Страница 155: ...Line Coding Protocol Support Complete internetworking with IP RFC 741 TCP RFC 793 UDP RFC 768 ICMP RFC 950 ARP RFC 826 IP Router with RIP RFC 1058 RIPv2 RFC 2453 Up to 64 static routes with user selec...

Страница 156: ...trol LLC Subnetwork Access Protocol SNAP encapsulation Default VC mux mode ATM UNI 3 0 3 1 and 4 0 signaling ATM QoS with UBR CBR nrt VBR and rt VBR and per VC queuing and shaping IISP V 1 0 Q 2931 UN...

Страница 157: ...P on events POST POST errors line DSL PPP DHCP IP Compliance Standard Requirements FCC part 15 Class A US EMC CE per RTTE 99 5 EC EMC LVD FCC Part 68 US Permission to connect CTR 12 CTR 13 IC CS03 Can...

Страница 158: ...Model 3086FR ATM IAD User Guide B Specifications Fuse rating 250 Volts 400 mA time delay Connect the equipment to a 36 60 VDC source that is electri cally isolated from the AC source The 36 60 VDC so...

Страница 159: ...159 Appendix C Cable Recommendations Chapter contents DSL Cable 160 Ethernet Cable 160 Adapter 160...

Страница 160: ...ble 10 foot 3 m RJ 11 RJ 11 refer to RJ 11 non shielded port on page 162 Ethernet Cable Ethernet cable P N 10 2500 refer to RJ 45 shielded 10 100 Ethernet port on page 162 Adapter EIA 561 to DB 9 P N...

Страница 161: ...45 shielded 10 100 Ethernet port 162 RJ 11 non shielded port 162 RJ 45 non shielded RS 232 console port EIA 561 162 Serial port 163 V 35 M 34 Connector 163 V 35 DB 25 Female Connector 163 X 21 DB 15 C...

Страница 162: ...le twisted pair TP for full duplex transmission The signals are not polarity sensitive RJ 45 non shielded RS 232 console port EIA 561 Pin No Signal Direction Signal Name 1 Output TX 2 Output TX 3 Inpu...

Страница 163: ...U XTC Transmit Clock DTE Source V RC Receiver Clock DCE Source W XTC Transmit Clock DCE Source X RC Receiver Clock DCE Source Y TC Transmitter Clock DTE Source AA TC Transmitter Clock DTE Source KK Au...

Страница 164: ...Source 15 TC Transmitter Clock B DCE Source 16 RD Receive Data A DCE Source 17 RC Receiver Clock A DCE Source 18 LL Local LIne Loop 19 RTS Request to Send B DTE Source 20 DTR Data Terminal Ready A DT...

Страница 165: ...inology 166 Local VT 100 emulation 166 Remote Telnet 166 Using the Console 167 Administering user accounts 168 Adding new users 168 Setting user passwords 168 Changing user settings 169 Controlling lo...

Страница 166: ...ATM PPPoH Point to Point over HDLC Ethernet Interface bridges and routers both have interfaces A single transport is attached to a bridge or router via an interface Object an object is anything that y...

Страница 167: ...xt lines For example ethernet After typing the you will not see the add delete set show list clear ethernet Then you may enter one of the keywords on the displayed list followed by a space and To cont...

Страница 168: ...Adding new users To add a new user username use the command system add user username Comment system add login user username Comment The first command creates a user who can access the system via a dia...

Страница 169: ...change the set tings for user fred system set user fred access default engineer superuser system set user fred maydialin enabled disabled system set user fred mayconfigure enabled disabled For exampl...

Страница 170: ...sl set dataRateI 0 fi gshdsl set Action Start Attribute Type Value Description Version RO The version number of the DSL driver Platform RO The platform name of the unit e g 3086FR or 3086FR ModemState...

Страница 171: ...Administering user accounts 171 Model 3086FR ATM IAD User Guide E Command Line Interface CLI Operation Default Setting of the unit Terminal Remote Interface Hdlc DataRateN 24 DataRateI 0...

Страница 172: ...Administering user accounts 172 Model 3086FR ATM IAD User Guide E Command Line Interface CLI Operation...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды