Patton electronics OnSite 2800 Series Скачать руководство пользователя страница 83 | Manualshive

Страница: 83 / 135

Patton electronics OnSite 2800 Series Скачать руководство пользователя страница 83

Access control list configuration task list

83

OnSite 2800 Series User Manual

7 • Access control list configuration

Before you begin to enter the commands that create and configure the IP access control list, be sure that you
are clear about what you want to achieve with the list. Consider whether it is better to deny specific accesses
and permit all others or to permit specific accesses and deny all others.

Note

Since a single access control list can have multiple filtering criteria
statements, but editing those entries online can be tedious. Therefore,
we recommend editing complex access control lists offline within a
configuration file and downloading the configuration file later via
TFTP to your OnSite device.

Creating an access control list profile and enter configuration mode

This procedure describes how to create an IP access control list and enter access control list configuration mode

Mode:

Administrator execution

name

is the name by which the access list will be known. Entering this command puts you into

access control list

configuration mode

where you can enter the individual statements that will make up the access control list.

Use the

no

form of this command to delete an access control list profile. You cannot delete an access control

list profile if it is currently linked to an interface. When you leave the access control list configuration mode,
the new settings immediately become active.

Example:

Create an access control list profile

In the following example the access control list profile named

WanRx

is created and the shell of the access con-

trol list configuration mode is activated.

2800>enable
2800#configure
2800(cfg)#profile acl WanRx
2800(pf-acl)[WanRx]#

Adding a filter rule to the current access control list profile

The commands

permit

or deny are used to define an IP filter rule. This procedure describes how to create an

IP access control list entry that permits access

Mode:

Profile access control list

This procedure describes how to create an IP access control list entry that denies access

Step

Command

Purpose

1

node

(cfg)#profile acl

name

Creates the access control list profile

name

and enters the configura-

tion mode for this list

Step

Command

Purpose

1

node

(pf-acl)[

name

]#permit ip {

src src-wildcard

| any |

host

src

} {

dest dest-wildcard

| any | host

dest

} [cos

group

]

Creates an IP access of control list
entry that permits access defined
according to the command
options

«
...
81
82
83
84
85
...
»

Содержание OnSite 2800 Series

Страница 1: ...rt 1 301 975 1007 E mail support patton com WWW www patton com Part Number 07M2800 GS Rev F Revised February 22 2012 Important This is a Class A device and is intended for use in a light industrial en...

Страница 2: ...h license Patton Electronics warrants all OnSite router components to be free from defects and will at our option repair or replace the product should it fail within one year from the first date of th...

Страница 3: ...44 5 T1 E1 port configuration 58 6 VPN configuration 67 7 Access control list configuration 79 8 Link scheduler configuration 93 9 LEDs status and monitoring 112 10 Contacting Patton for assistance 1...

Страница 4: ...ernet WAN models 20 Model code extensions 21 Ports descriptions 22 Applications overview 23 Branch Office virtual private network over Frame Relay service 23 Corporate multi function virtual private n...

Страница 5: ...Enter Frame Relay mode 48 Configuring the LMI type 48 Configuring the keep alive interval 49 Entering Frame Relay PVC configuration mode 49 Configuring the PVC encapsulation type 50 Binding the Frame...

Страница 6: ...e IP router for IPsec 73 Displaying IPsec configuration information 73 Debugging IPsec 74 Sample configurations 75 IPsec tunnel DES encryption 75 OnSite configuration 75 Cisco router configuration 76...

Страница 7: ...or wfq 97 Hierarchy 97 Quick references 98 Setting the modem rate 98 Command cross reference 99 Link scheduler configuration task list 99 Defining the access control list profile 100 Packet classific...

Страница 8: ...MC 118 Safety 118 PSTN Regulatory 118 Radio and TV Interference FCC Part 15 118 CE Declaration of Conformity 118 Authorized European Representative 119 FCC Part 68 ACTA Statement Model 2803 only 119 I...

Страница 9: ...Port pin outs 128 Introduction 129 Console port RJ 45 EIA 561 RS 232 129 Ethernet 10Base T and 100Base T port 130 Sync serial port 130 V 35 serial port 130 X 21 serial port 131 E OnSite 2800 Series f...

Страница 10: ...wn 37 16 Steps for setting up a new OnSite VPN Router 39 17 Connecting to the terminal 40 18 Connecting the OnSite VPN Router to the network 42 19 IP interface wan is bound to PVC 1 on port serial 0 0...

Страница 11: ...21 interface on the OnSite 2800 34 8 RJ 48C receptacle 34 9 Factory default IP address and network mask configuration 40 10 Command cross reference 99 11 TOS values and their meaning 106 12 Traffic c...

Страница 12: ...between two OnSite routers or between an OnSite and a third party device Chapter 7 on page 79 provides an overview of IP access control lists and describes the tasks involved in their configuration th...

Страница 13: ...T heading calls attention to important information The alert symbol and CAUTION heading indicate a potential hazard Strictly follow the instructions to avoid property damage The shock hazard symbol an...

Страница 14: ...with an external power adapter the adapter shall be a listed Lim ited Power Source For AC powered units ensure that the power cable used with this device meets all applicable standards for the country...

Страница 15: ...the proper voltage is present before plugging the power cord into the receptacle Failure to do so could result in equipment damage The interconnecting cables shall be acceptable for external use and...

Страница 16: ...c type Parts of commands which are related to elements already named by the user are in boldface italic font Italicized Futura type Variables for which you supply values are in italic font Futura type...

Страница 17: ...Series detailed description 19 OnSite 2800 Series model codes 19 Serial WAN models 19 Ethernet WAN models 20 Model code extensions 21 Ports descriptions 22 Applications overview 23 Branch Office virtu...

Страница 18: ...V 35 or X 21 synchronous serial WAN port to deliver a managed virtual private network VPN connection over the Internet or any unsecured IP network OnSite 2800 Series Routers support Frame Relay and PP...

Страница 19: ...ite 2800 Series detailed description The OnSite 2800 Series Managed VPN Router provides secure managed VPN routed networking with 2 port Ethernet LAN connectivity and serial WAN access via a built in...

Страница 20: ...OnSite 2802 Dual 10 100Base T Ethernet ports one for LAN connection and one for connection to a WAN OnSite 2805 Integrated Ethernet switch with four 10 100Base T Ethernet ports and one 10 100Base T E...

Страница 21: ...al input power supply see figure 4 EUI stands for external 100 240V AC universal input power supply see figure 4 For example the model code 2821 EUI describes an OnSite configured with the following T...

Страница 22: ...tors T1 ANSI T1 403 AT T TR54016 with AMI coding D4 framing or B8ZS coding ESF framing RJ 48C connector Power Rear panel The router is available in a DC or AC power input version see figure 4 on page...

Страница 23: ...e 2800 Series Serial WAN models provide dual 10 100Base T Ethernet ports with a selection of various synchronous serial WAN ports V 35 X 21 or T1 E1 The two Ethernet ports provide full featured IP rou...

Страница 24: ...ame Relay To configure this application you need to configure the following features The serial port with Frame Relay as the encapsulation protocol An IPSec VPN between the two endpoints See chapter 4...

Страница 25: ...me Relay network for access so both the private corporate traffic and the Inter net traffic is transported over a Frame Relay PVC with one DLCI The corporate traffic is transported within IPSec VPN th...

Страница 26: ...9 Power source 29 Location and mounting requirements 30 Installing the VPN router 30 Mounting the VPN router 30 Connecting cables 30 Installing the Ethernet cable 30 Installing the serial WAN cable 31...

Страница 27: ...d by the applicable local and international regulations Ensure that your site is properly prepared before beginning installation Before installing the VPN Router device the following tasks should be c...

Страница 28: ...ur site log Table 3 Installation checklist Task Verified by Date Network information available recorded in site log Environmental specifications verified Site power voltages verified Installation site...

Страница 29: ...addresses and subnet masks used for the V 35 or X 21 serial WAN port IP addresses and subnet masks used for the T1 E1 WAN port IP addresses of central TFTP Server used for configuration upload and do...

Страница 30: ...oling Note For proper ventilation leave at least 2 inches 5 cm to the left right front and rear of the OnSite VPN Router Connecting cables Installing VPN Router cables takes place in the following ord...

Страница 31: ...al interfaces V 35 DB 25 Model 2835 see section Installing the V 35 interface cable on page 32 for details on installing the interface cable X 21 DB 15 Model 2821 see section Installing the X 21 inter...

Страница 32: ...ith a V 35 interface presented on a DB 25 female connector see figure 2 Figure 2 Rear view of the router showing location of V 35 interface connector The signal pin outs for the Model 2835 V 35 interf...

Страница 33: ...equipment will not be able to work properly in DTE to DTE configurations even when using a tail circuit cable Please refer to your third party equipment user manual for informa tion on DTE to DTE oper...

Страница 34: ...T1 E1 twisted pair cables The PRI is usually connected to a PBX or switch local exchange LE Type and pin outs of these devices vary depending on the manufacturer In most cases a straight through RJ 48...

Страница 35: ...OnSite first to avoid possible electric shock Network hazardous voltages may be present on the device in the area of the PRI port regardless of power being on or off To prevent damage to the system m...

Страница 36: ...cribes installing the power cord into the VPN Router Do the following Note Do not connect the power cord to the power outlet at this time 1 If your unit is equipped with an internal power supply go to...

Страница 37: ...e 8 Congratulations you have finished installing the OnSite VPN Router Now go to chapter 3 Getting started with the OnSite Managed VPN Router on page 38 The UI and EUI power supplies automatically adj...

Страница 38: ...outer Chapter contents Introduction 39 1 Configure IP address 40 Power connection and default configuration 40 Connect with the serial interface 40 Login 41 Changing the IP address 41 2 Connect the On...

Страница 39: ...PN Router to the network 3 Load configuration Console port Serial interface PC or workstation with VT 100 emulation terminal Ethernet interface ETH0 Network interface PC or workstation or VT 100 emula...

Страница 40: ...e Console port is wired as an EIA 561 RS 232 port Use the included Model 16F 561 adapter and cable see figure 10 between the OnSite VPN Router s Console port and a PC or workstation s RS 232 serial in...

Страница 41: ...elect the context IP mode to configure an IP interface 172 16 40 1 cfg context ip router 172 16 40 1 ctx ip router Now you can set your IP address and network mask for the interface eth0 Within this e...

Страница 42: ...our application that you can use it to speed up configuring the OnSite router Simply download the configuration note that matches your application to your PC Adapt the configu ration as described in t...

Страница 43: ...OnSite VPN Router has been rebooted the new start up configuration will be activated 172 16 1 99 if ip eth0 reload Running configuration has been changed Do you want to copy the running config to the...

Страница 44: ...elay 47 Enter Frame Relay mode 48 Configuring the LMI type 48 Configuring the keep alive interval 49 Entering Frame Relay PVC configuration mode 49 Configuring the PVC encapsulation type 50 Binding th...

Страница 45: ...ransfers These packets are then switched between the various network segments until the destination is reached Statistical multiplexing techniques control network access in a packet switched network T...

Страница 46: ...ing an interface After configuring the serial interface or connecting other serial devices to your OnSite 2000 use the no shut down command to enable the serial interfaces again When you enable an int...

Страница 47: ...ed by a serial interface use the encapsulation interface configuration command This procedure describes how to set the encapsulation type of the serial interface for Frame Relay Mode Administrator exe...

Страница 48: ...line protocol is the periodic exchange of local management interface LMI packets between the OnSite device and the Frame Relay provider equipment If the OnSite device is attached to a public data net...

Страница 49: ...Relay PVC configuration mode The permanent virtual circuit PVC is a virtual circuit that is permanently established PVCs save bandwidth associ ated with circuit establishment and tear down in situati...

Страница 50: ...ow to set the encapsulation type to comply with RFC 1490 Mode Frame Relay Example Configuring the PVC encapsulation type The following example sets the encapsulation type to comply with RFC 1490 for P...

Страница 51: ...h is related to the IP context router Mode PVC Example Binding the Frame Relay PVC to IP interface The following example binds the Frame Relay PVC 1 to the IP interface wan of IP context router to the...

Страница 52: ...and verify that the entry no shutdown occurs in the con figuration part responsible for this PVC 2800 pvc 1 show running config Running configuration pvc 1 encapsulation rfc1490 bind interface wan rou...

Страница 53: ...ow running config Running configuration 2500 pvc 1 encapsulation rfc1490 bind interface wan router shutdown exit Displaying serial port information The following example shows the commands used to dis...

Страница 54: ...configuration settings for the serial interface Mode Port serial Example Displaying Frame Relay information The following example shows the commands used to display Frame Relay configuration settings...

Страница 55: ...sed line network A OnSite is working as a DTE and accesses the leased line network via a leased line modem connected to the serial interface The hardware port protocol V 35 is used on the serial inter...

Страница 56: ...e lan 2800 if ip lan exit 2800 ctx ip router interface internal 2800 if ip internal ipaddress 192 168 3 1 255 255 255 0 2800 if ip internal interface external 2800 if ip external ipaddress 192 168 2 1...

Страница 57: ...00 pvc 1 pvc 2 2800 pvc 2 encapsulation rfc1490 2800 pvc 2 bind interface internal router 2800 pvc 2 no shutdown 6 Check that the Frame Relay settings are correct 2800 frm rel 0 0 show framerelay Fram...

Страница 58: ...tor E1 only 61 Configuring T1 E1 application mode 62 Configuring T1 E1 LOS threshold 62 Configuring T1 E1 encapsulation 62 Create a Channel Group 62 Configuring Channel Group Timeslots 63 Configuring...

Страница 59: ...ut for T1 only and encapsulation channelized or HDLC A further feature is the creation and configuration of channel groups T1 E1 port configuration task list This section describes the configuration t...

Страница 60: ...s recovered from the receive line interface Be aware that always a port pair of clock master and clock slave are connected together In the other case the data transmission will fail due to bit failure...

Страница 61: ...configuration is used in long haul applications to prevent cross talk in the far end device Mode port e1t1 slot port Configuring T1 E1 used connector E1 only The E1 WAN port provides several line inte...

Страница 62: ...data transmission 1 31 for e1 and 1 24 for t1 It is also possible to use the port in channelized mode In channelized mode the user selects less than the total number of timeslots for the channel 1 31...

Страница 63: ...In the channel group configuration mode only the encapsulation type hdlc is available For more details see Configuring T1 E1 encapsulation on page 62 Mode channel group group name Entering HDLC Config...

Страница 64: ...ng up framerelay or ppp is exactly the same as for an X 21 V 35 serial port For that reason see 4 Serial port configuration on page 44 for details about frame relay configuration and the OnSite Softwa...

Страница 65: ...port configuration Example 1 Frame Relay without a channel group port e1t1 0 0 port type e1 framing crc4 encapsulation hdlc hdlc encapsulation framerelay framerelay lmi type itu pvc 100 encapsulation...

Страница 66: ...u pvc 100 encapsulation rfc1490 bind interface pvc100 router no shutdown port e1t1 0 0 no shutdown Example 3 PPP without a channel group port e1t1 0 0 port type e1 framing crc4 encapsulation hdlc hdlc...

Страница 67: ...an IP interface and the IP router for IPsec 73 Displaying IPsec configuration information 73 Debugging IPsec 74 Sample configurations 75 IPsec tunnel DES encryption 75 OnSite configuration 75 Cisco r...

Страница 68: ...combination of the keyed hashing for message authentication HMAC and the message digest version 5 MD5 hash algorithm It requires an authenticator of 128 bit length and calculates a hash of 96 bits ov...

Страница 69: ...playing IPsec configuration information Debugging IPsec Creating an IPsec transformation profile The IPsec transformation profile defines which authentication and or encryption protocols which authent...

Страница 70: ...communication Furthermore the profile defines which IPsec transformation profile to apply and whether transport or tunnel mode shall be most effective The SPI identifies a secured communication chann...

Страница 71: ...ection Authentication on page 68 and Encryption on page 68 or explicit specification Keys must be available for inbound and out bound directions They can be different for the two directions Make sure...

Страница 72: ...s an ACL if available twice once before and once after encryption authentication So the respective ACLs must permit the encrypted authenticated and the plain traffic For detailed information on how to...

Страница 73: ...n This section shows how to display and verify the IPsec configuration information Procedure To display IPsec configuration information Mode Configure Step Command Purpose 1 node cfg context ip router...

Страница 74: ...s Procedure To debug IPsec connections Mode Configure Example IPsec Debug Output 2800 cfg debug ipsec IPSEC monitor on 23 11 04 ipsec Could not find security association for inbound ESP packet SPI 120...

Страница 75: ...s in the ACL profiles Adjust the IP addresses of the LAN and WAN interfaces Adjust the route for the remote network IPsec tunnel DES encryption OnSite configuration profile ipsec transform DES esp enc...

Страница 76: ...1 1 255 255 0 0 interface FastEthernet0 1 ip address 200 200 200 1 255 255 255 252 crypto map VPN_DES ip route 192 168 1 0 255 255 255 0 FastEthernet0 1 IPsec tunnel AES encryption at 256 bit key leng...

Страница 77: ...the name of the IPsec policy profile in the ACL profile VPN_Out IPsec tunnel 3DES encryption at 192 bit key length ESP authentication with HMAC MD5 96 OnSite configuration profile ipsec transform TDES...

Страница 78: ...54321 authenticator FEDCBA0987654321FEDCBA0987654321 set session key outbound esp 7777 cipher 1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF authenticator 1234567890ABCDEF1234567890ABCDEF set transf...

Страница 79: ...ccess control list 82 Creating an access control list profile and enter configuration mode 83 Adding a filter rule to the current access control list profile 83 Adding an ICMP filter rule to the curre...

Страница 80: ...whether to forward or drop the packet based on the criteria you specified within the access lists Access list criteria could be the source address of the traffic the destination address of the traffic...

Страница 81: ...d between two parts of your network to control traffic entering or exiting a specific part of your internal network To provide the security benefits of access lists you should configure access lists a...

Страница 82: ...matching the criteria to be dropped To delete an entire access control list enter configuration mode and use the no form of the profile acl com mand naming the access list to be deleted e g no profile...

Страница 83: ...ments that will make up the access control list Use the no form of this command to delete an access control list profile You cannot delete an access control list profile if it is currently linked to a...

Страница 84: ...ol list entry that denies access defined according to the command options Keyword Meaning src The source address to be included in the rule An IP address in dotted decimal format e g 64 231 1 10 src w...

Страница 85: ...edure describes how to create an ICMP access control list entry that denies access Mode Profile access control list Step Command Purpose 1 node pf acl name permit icmp src src wildcard any host src de...

Страница 86: ...d in the rule An IP address in dotted decimal format e g 64 231 1 10 dest wildcard A wildcard for the destination address See src wildcard host dest The address of a single destination host msg name T...

Страница 87: ...Profile access control list This procedure describes how to create a TCP UDP or SCTP access control list entry that denies access Mode Profile access control list Step Command Purpose 1 node pf acl n...

Страница 88: ...es that a packets port must be equal to the specified port in order to match the rule lt port Optional Indicates that a packets port must be less than the specified port in order to match the rule gt...

Страница 89: ...rofile to incoming packets on the interface wan in the IP router context 2800 cfg context ip router 2800 cfg ip router interface wan 2800 cfg if wan use profile acl WanRx in Step Command Purpose 1 nod...

Страница 90: ...e Mode Administrator execution or any other mode except the operator execution mode Example Displaying an access control list entries The following example shows how to display the access control list...

Страница 91: ...ables the debug monitor for access control lists globally 2800 no debug acl Step Command Purpose 1 node cfg context ip router Selects the IP router context 2 node ctx ip router interface if name Selec...

Страница 92: ...t have to be entered are listed below The commands access the OnSite device via a Telnet session running on a host with IP address 172 16 2 13 which accesses the OnSite via IP interface lan 172 16 2 1...

Страница 93: ...le 100 Packet classification 100 Creating an access control list 101 Creating a service policy profile 102 Specifying the handling of traffic classes 104 Defining fair queuing weight 104 Defining the...

Страница 94: ...e apply a rate limit to reduce delay and what a traffic class means Configuring access control lists Packet filtering helps to control packet movement through the network Such control can help to limi...

Страница 95: ...e resources really makes a difference Frequently the access link modem is outside of the OnSite and the queueing would happen in the modem which does not distinguish between packet types To improve Qo...

Страница 96: ...ter to define the arbitration mode and the order in which packets of different classes are served Introduction to Scheduling Scheduling essentially means to determine the order in which packets of the...

Страница 97: ...ource had to strictly obey its limit all following packets would also have to be delayed by the same amount and further collisions would reduce the achieved rate even further To avoid this effect the...

Страница 98: ...on Setting the modem rate To match the data multiplexing of different traffic types to the capacity of the access link is the most common application of the OnSite link scheduler 1 Create a minimal pr...

Страница 99: ...to straight forwardly configure OnSite devices In table 10 the Cisco IOS Release 12 2 QoS commands are in contrast with the respective OnSite commands Link scheduler configuration task list To configu...

Страница 100: ...es of packet descriptions like addressed to xyz Those descrip tions are called rules For each packet the list of descriptions is sequentially checked and the first rule that matches decides what happe...

Страница 101: ...fic from a Web server The scenario is depicted in figure 21 The IP address of the Web server is used as source address in the permit statement of the IP filter rule for the access control list Figure...

Страница 102: ...ol lists the link arbiter needs rules defining how to handle the different traffic classes For that purpose you create a service policy profile The service policy profile defines how the link arbiter...

Страница 103: ...he name of the link arbiter profile to configure On the second line the global band width limit is set The value defining the bandwidth is given in kilobits per second Each service policy profile must...

Страница 104: ...sses the values are relative to each other It is recommended to split 100 which can be read as 100 among all available source classes e g with 20 30 and 50 as value for the respec tive share commands...

Страница 105: ...class name Excess pack ets are dropped Used in class mode queuing only happens at the leaf of the arbitration hierarchy tree The no form of this command reverts the queue limit to the internal default...

Страница 106: ...FC791 RFC1349 The precedence field is defined by the first three bits and supports eight levels of priority The low est priority is assigned to 0 and the highest priority is 7 The no form of this comm...

Страница 107: ...critical data Under 802 1p a 4 byte Tag Control Info TCI field is inserted in the Layer 2 header between the Source Address and the MAC Client Type Length field of an Ethernet Frame Table 12 lists the...

Страница 108: ...ument aver age kilobits defines the average permitted rate in kbps the value of the second argument kilobits ahead defines the tolerated burst size in kbps ahead of schedule Excess packets are dropped...

Страница 109: ...nsmit direction Providers may use input shaping to improve downlink voice jitter in the absence of voice support The default setting no service policy sets the interface to FIFO queuing Mode Interface...

Страница 110: ...10 Displaying link scheduling profile information The show profile service policy command displays link scheduling profile information of an existing ser vice policy profile This command is only avail...

Страница 111: ...queues of a profile The following example shows how to enable statistic gathering for all traffic classes 2800 enable 2800 configure 2800 cfg profile service policy sample 2800 pf srvpl sample debug...

Страница 112: ...112 Chapter 9 LEDs status and monitoring Chapter contents Status LEDs 113...

Страница 113: ...s no power applied Run When lit indicates normal operation Flashes once per second during boot startup Serial STATUS Lit when serial link is up ACTIVITY Flashes when serial data is transmitted or rece...

Страница 114: ...Support Headquarters in the USA 115 Alternate Patton support for Europe Middle Ease and Africa EMEA 115 Warranty Service and Returned Merchandise Authorizations RMAs 115 Warranty coverage 115 Out of w...

Страница 115: ...007 Fax 1 253 663 5693 Alternate Patton support for Europe Middle Ease and Africa EMEA Online support available at http www patton inalp com E mail support email sent to support patton inalp com will...

Страница 116: ...be issued upon receipt and inspection of the equipment 30 to 60 days We will add a 20 restocking charge crediting your account with 80 of the purchase price Over 60 days Products will be accepted for...

Страница 117: ...ompliance 118 EMC 118 Safety 118 PSTN Regulatory 118 Radio and TV Interference FCC Part 15 118 CE Declaration of Conformity 118 Authorized European Representative 119 FCC Part 68 ACTA Statement Model...

Страница 118: ...nterfer ence will not occur in a particular installation If the OnSite router does cause interference to radio or television reception which can be determined by disconnecting the unit the user is enc...

Страница 119: ...ssible Also you will be advised of your right to file a complaint with the FCC if you believe it is necessary The telephone company may make changes in its facilities equipment operations or procedure...

Страница 120: ...only 121 PPP support 121 IP services 122 Management 122 Operating environment 122 Operating temperature 122 Operating humidity 122 System 122 Dimensions 122 Power supply 123 Internal AC version 123 12...

Страница 121: ...ecial request T1 E1 interface Model 2803 only T1 RJ 48C connector receptacle E1 RJ 48C connector receptacle and dual BNC coaxial connectors receptacles Line Rate 1 544 Mbps T1 in accordance with ANSI...

Страница 122: ...Manual Key IKE optional AES DES 3DES Encryption Management Industry standard CLI with local console RJ 45 RS 232 and remote Telnet access TFTP configuration firmware loading SNMP v1 agent MIB II and...

Страница 123: ...oved external SELV source which provides reinforced insulation from the AC mains power and where the DC connector is the disconnect device The source must have a rating of 12 VDC 1 25 A 5VDC Version w...

Страница 124: ...124 Appendix C Cabling Chapter contents Introduction 125 Serial console 125 Ethernet 10Base T and 100Base T 126...

Страница 125: ...g a serial terminal Note See section Console port RJ 45 EIA 561 RS 232 on page 129 for console port pin outs The interconnecting cables must be acceptable for external use and must be rated for the pr...

Страница 126: ...are connected to the OnSite over a cable with RJ 45 plugs Use a cross over cable to a host or a straight cable to a hub See figure 26 host and figure 27 on page 127 hub for the different connections...

Страница 127: ...thernet 10Base T and 100Base T 127 OnSite 2800 Series User Manual C Cabling Figure 27 Ethernet straight through Hub Straight through cable RJ 45 male Tx Tx Rx Rx 1 2 3 6 RJ 45 male 1 Rx 2 Rx 3 Tx 6 Tx...

Страница 128: ...8 Appendix D Port pin outs Chapter contents Introduction 129 Console port RJ 45 EIA 561 RS 232 129 Ethernet 10Base T and 100Base T port 130 Sync serial port 130 V 35 serial port 130 X 21 serial port 1...

Страница 129: ...ure 28 showing the RJ 45 receptacle with the numerical identification of the pin numbers and functions Figure 28 EIA 561 RJ 45 8 pin port Refer to table 15 which tabulates the pin number signal name a...

Страница 130: ...sted are not used Sync serial port V 35 serial port Table 16 RJ 45 socket Pin Signal Direction 1 TX from OnSite 2 TX from OnSite 3 RX to OnSite 6 RX to OnSite Table 17 V 35 Female DB 25 connector V 35...

Страница 131: ...Port pin outs X 21 serial port Note Pins not labeled are not used Table 18 X 21 Female DB 15 connector X 21 Interface Pin Out Pin Signal 1 Frame Ground 2 TD a 3 CNTRL a 4 RD a 5 IND a 6 SET a 8 Signa...

Страница 132: ...132 Appendix E OnSite 2800 Series factory configuration Chapter contents Introduction 133...

Страница 133: ...rofile dhcp server DHCP network 192 168 1 0 255 255 255 0 include 192 168 1 10 192 168 1 19 lease 2 hours default router 192 168 1 1 context ip router interface eth0 ipaddress 172 16 40 1 255 255 0 0...

Страница 134: ...134 Appendix F Installation checklist Chapter contents Introduction 135...

Страница 135: ...le 19 Installation checklist Task Verified by Date Network information available recorded in site log Environmental specifications verified Site power voltages verified Installation site pre power che...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды