manualshive.com logo in svg

Patton 3086, Руководство пользователя, Страница: 115 / 162

Поделиться
Скачать
Patton 3086 Скачать руководство пользователя страница 115

Intrusion Detection System (IDS)

115

Model 3086 G.SHDSL Integrated Access Device User Guide 

6 • Security

Sets the duration for blocking all suspicious hosts. The firewall detects when the system is being scanned 
by a suspicious host attempting to identify any open ports.

– Victim Protection Block Duration:Default = 600 seconds (10 minutes).

Sets the duration of the block in seconds.  

– Maximum TCP Open Handshaking Count:Default = 100

Sets the maximum number of unfinished TCP handshaking sessions per second that are allowed by a 
firewall before a SYN Flood is detected. SYN Flood is a DOS attack. When establishing normal TCP 
connections, three packets are exchanged: (1)  A SYN (synchronize) packet is sent from the host to the 
network server. (2) A SYN/ACK packet is sent from the network server to the host. (3) An Ack 
(acknowledge) packet is sent from the host to the network server. If the host sends unreachable source 
addresses in the SYN packet, the server sends the SYN/ACK packets to the unreachable addresses and 
keeps resending them. This creates a backlog queue of unacknowledged SYN/ACK packets. Once the 
queue is full, the system will ignore all incoming SYN request and no legitimate TCP connections can 
be established.

– Once the maximum number of unfinished TCP handshaking sessions is reached, an attempted DOS 

attack is detected. The firewall blocks the suspected attacker for the time limit specified in the DOS 
Attack Block Duration parameter.

– Maximum Ping Count:Default = 15

Sets the maximum number of pings per second that are allowed by the firewall before an Echo Storm is 
detected. Echo Storm is a DOS attack. An attacker sends oversized ICMP datagrams to the system using 
the ‘ping’ command. This can cause the system to crash, freeze, or reboot, resulting in denial of service 
to legitimate users.

– Maximum ICMP Count:Default = 100

Sets the maximum number of ICMP packets per second that are allowed by the firewall before an ICMP 
Flood is detected.  An ICMP Flood is a DOS attack. The attacker tries to flood the network with ICMP 
packets in order to prevent transmission of legitimate network traffic.

4. After selecting the chosen parameters, click on 

Apply

.

Содержание 3086

Страница 1: ...s Device User Guide Sales Office 1 301 975 1000 Technical Support 1 301 975 1007 E mail support patton com WWW www patton com Document Number 033221U Rev A Part Number 07M3086 Revised April 2 2003 Start Installation For Quick see page 29 ...

Страница 2: ...cts and will at our option repair or replace the product should it fail within one year from the first date of the shipment This warranty is limited to defects in workmanship or materials and does not cover customer damage abuse or unauthorized modification If the product fails to perform as warranted your sole recourse shall be repair or replacement as described above Under no condition shall Pat...

Страница 3: ...HDSL IAD overview 16 General attributes 16 G SHDSL Characteristics 17 Ethernet 17 Protocol support 17 PPP Support 17 ATM Protocols 18 Sync Serial Interface 18 Protocol Support 18 Management 19 Security 19 Front Panel Status LEDs Test Mode Switches and Console Port 20 Console port outlined in red 21 Rear panel connectors and switches 21 Power connector 22 AC universal power supply 22 48 VDC power s...

Страница 4: ...l port to a DCE 40 V 35 interfaces 40 X 21 interfaces 40 Configuring the Serial port features 41 Switch Bank S2 43 Switches S2 1 through S2 7 43 Switch S2 8 44 Switch Bank S3 44 Switch S3 1 CO CP selection 45 Switch S3 3 Transmit Clock Mode 45 Using the 3086 as a simple modem serial port data over DSL only 45 DIP Switch Configuration 46 CLI configuration 46 3086 A CLI configuration 46 3086 B CLI c...

Страница 5: ...alized Configurations 101 IP Configurations 102 Router 102 DHCP Server and Relay 102 6 Security 107 Introduction 108 Configuring the IAD 108 Configuring the security interfaces 109 Deleting a Firewall Policy 110 Enabling the Firewall 111 Firewall Portfilters 111 Security Triggers 112 Intrusion Detection System IDS 114 7 NAT Network Address Translation 117 Introduction 118 Enabling NAT 118 Global a...

Страница 6: ...33 64K G 703 Port 3086 RIF Model 133 Protocol Support 133 PPP Support 134 ATM Protocols 134 Management 134 Security 134 Compliance Standard Requirements 135 Australia Specific 135 Dimensions 135 Power and Power Supply Specifications 135 AC universal power supply 135 48 VDC power supply 135 B Cable Recommendations 137 DSL Cable 138 Ethernet Cable 138 Adapter 138 C Physical Connectors 139 RJ 45 shie...

Страница 7: ...47 To establish the DSL link 148 E Frame Relay to ATM Internetworking 151 Introduction 152 Serial Interface 152 Variables 152 Clock 152 rxClkInv txClkInv 152 Speed 152 txSamplePoint 152 Web Interface 153 CLI Configuration 153 Serial Show 153 Serial Help 153 FRS Process Definition and Configuration 154 Variables Available 154 transMode 154 DEMapping 155 FECNMapping 155 VPI 156 VCI 156 DLCI 156 FRSN...

Страница 8: ...Contents Model 3086 G SHDSL Integrated Access Device User Guide 8 ...

Страница 9: ...port FCC Part 68 ACTA Statement This equipment complies with Part 68 of FCC rules and the requirements adopted by ACTA On the bottom side of this equipment is a label that contains among other information a product identifier in the format US AAAEQ TXXXX If requested this number must be provided to the telephone company A plug and jack used to connect this equipment to the premises wiring and tele...

Страница 10: ...he registration number signifies that registration was performed based on a Declaration of conformity indicating that Industry Canada technical specifications were met It does not imply that Industry Canada approved the equipment Service All warranty and non warranty repairs must be returned freight prepaid and insured to Patton Electronics All returns must have a Return Materials Authorization nu...

Страница 11: ...D features and capabilities Chapter 2 contains an overview describing IAD operation Chapter 3 provides quick start installation procedures Chapter 4 describes configuring the IAD for typical applications Chapter 5 describes configuring the IAD for specialized applications Chapter 6 describes configuring security for the IAD Chapter 7 describes configuring for network address translation NAT Chapte...

Страница 12: ... Rate 256 kbps Autonegotiate the G SHDSL speed Ethernet and serial connections Annex B Remote CPE MDI LAN connector Switch configuration disabled The shock hazard symbol and WARNING heading indicate a potential electric shock hazard Strictly follow the warning instructions to avoid injury caused by electric shock The alert symbol and WARNING heading indicate a potential safety hazard Strictly foll...

Страница 13: ...em would display them dir Bold Courier font indicates where the operator must type a response or command Table 2 Mouse conventions Convention Meaning Left mouse button This button refers to the primary or leftmost mouse button unless you have changed the default configuration Right mouse button This button refers the secondary or rightmost mouse button unless you have changed the default configura...

Страница 14: ...About this guide Model 3086 G SHDSL Integrated Access Device User Guide 14 ...

Страница 15: ...port 17 ATM Protocols 18 Sync Serial Interface 18 Protocol Support 18 Management 19 Security 19 Front Panel Status LEDs Test Mode Switches and Console Port 20 Console port outlined in red 21 Rear panel connectors and switches 21 Power connector 22 AC universal power supply 22 48 VDC power supply 22 Ethernet port outlined in green 22 MDI X 22 Line port outlined in yellow 23 ...

Страница 16: ...er does not process traffic for the serial port The DSL bandwidth may be split for simultaneous transport of IP and TDM traffic The following sections describe Model 3086 features and capabilities General attributes see page 16 G SHDSL Characteristics Model 3086 see page 17 Ethernet see page 17 Protocol support see page 17 PPP support see page 17 ATM protocols see page 18 Management see page 18 Sy...

Страница 17: ... Management channel for remote end to end management Ethernet Auto sensing Full Duplex 10Base T 100Base TX Ethernet Standard RJ 45 connector Built in MDI X cross over switch IEEE 8021 d transparent learning bridge up to 1 024 addresses and Spanning Tree 8 IP address subnets on Ethernet interface Protocol support Complete internetworking with IP RFC 741 TCP RFC 793 UDP RFC 768 ICMP RFC 950 ARP RFC ...

Страница 18: ...5 Interface Available with Female M34 DB 25 and DB 15 connectors User configurable DTE DCE for X 21 Protocol Support Complete internetworking with IP RFC 741 TCP RFC 793 UDP RFC 768 ICMP RFC 950 ARP RFC 826 IP Router with RIP RFC 1058 RIPv2 RFC 2453 Up to 64 static routes with user selectable priority over RIP OSPF routes Built in ping facilities Integrated DHCP Server RFC 2131 Selectable general ...

Страница 19: ...ttings no flow control EOC access for End To End management configuration and control Security Packet filtering firewall for controlled access to and from LAN WAN Support for 255 rules in 32 filter sets 16 individual connection profiles DoS Detection protection Intrusion detection Logging of session blocking and intrusion events and Real Time alerts Logging or SMTP on event Password protected syst...

Страница 20: ...nc Serial TD RD CTS and DTR Ethernet Link 100M Tx and Rx Status NS ER and TM Table 3 Status LED descriptions Power Green ON indicates that power is applied Off indi cates that no power is applied WAN DSL Link Green Solid green connected Off disconnected Sync Serial TD Green Green indicates a binary 0 condition off indicates a binary 1 or idle condition RD Green Green indicates a binary 0 condition...

Страница 21: ...rial port V 35 X 21 Line connector Ethernet Link Green ON indicates an active 10 100 BaseT connec tion 100M Green ON connected to a 100BaseT LAN Off connected to a 10BaseT LAN Tx Green Flashing when transmitting data from the IAD to the Ethernet Rx Green Flashing when transmitting data from the Ether net to the IAD Status NS Red ON incidates absence of a valid DSL connec tion ER Red flashes once i...

Страница 22: ...ins 1 2 3 6 See MDI X switch for hub or trans ceiver configuration The following table defines conditions that occur when the MDI X switch is in the out position MDI X The MDI X push switch operates as follows When in the default out position the Ethernet circuitry takes on a straight through MDI configuration and functions as a transceiver It will connect directly to a hub When in the in position...

Страница 23: ...overview 23 Model 3086 G SHDSL Integrated Access Device User Guide 1 General Information Line port outlined in yellow The RJ 11 4 DSL line port uses pins 2 and 3 of the RJ 11 port Pin No Signal Name 1 2 In Out A 3 In Out B 4 ...

Страница 24: ...1 General Information Model 3086 G SHDSL Integrated Access Device User Guide 24 Model 3086 G SHDSL IAD overview ...

Страница 25: ...25 Chapter 2 Product Overview Chapter contents Product Overview 26 Applications Overview 26 Internet Extranet Access 27 IP FR and TDM Access 27 IP FR and Voice over DSL 27 Metro Intranet Access 28 ...

Страница 26: ...ce enables data to be bridged or routed The supported transports are PPPoA PPPoE Frame Relay RFC 1483 Multiprotocol Encapsulation over ATM AAL5 IPoA PPPoH and Ethernet Configuring an interface and transport for the router or bridge requires naming the interface and transport before attaching them When using the built in HTTP server web browser this is done automatically But when config uring the M...

Страница 27: ...ider s network VCs transport data across the WAN to their final destination Additionally the Model 3086 supports PPP encapsulation FR to ATM network internetworking or FR to ATM Service internetworking IP FR and TDM Access The Model 3086 goes a step further along with providing IP FR ATM PPP connectivity for a 10 100 Ether net LAN it also comes with a local serial port for connection to a router o...

Страница 28: ... the Model 3096RC separates PCM voice and IP data traffic for transport over the WAN Metro Intranet Access Patton s Model 3086 symmetrical G SHDSL modulation scheme allows deployment in back to back configu rations for Metro Intranet Access with the following benefits Low cost creation of VPN and Intranet Access Can be connected locally or via TDM networks Secure networking and more efficient Traf...

Страница 29: ...on Chapter contents Hardware installation 30 What you will need 30 Installing the AC power cord 30 Connecting network cables 31 IP address Quick Start modification 31 Web Operation and Configuration 32 PC Configuration 32 Web Browser 32 ...

Страница 30: ...nd Configura tion on page 32 What you will need Model 3086 G SHDSL IAD Ethernet cable with RJ45 plugs on each end included with IAD DB9 RJ45 Adapter included with IAD RJ45 RJ45 straight through cable for connecting to control port included with IAD PC computer with HyperTerminal or equivalent VT 100 emulation program or an ASCII dumb terminal Installing the AC power cord This section describes ins...

Страница 31: ...RJ45 port on the 3086 IAD 2 Do NOT connect the IAD to the Ethernet LAN now 3 On the PC start a HyperTerminal session at 9600 bps 8 data bits 1 stop bit and no parity 4 Plug the AC power cord into the Model 3086 to power up the IAD 5 Type superuser for Login and press Enter 6 Then type superuser for the password press Enter 7 A message will display Login Successful By typing the character all the c...

Страница 32: ...ed message Saving configuration Configuration saved enter The IP address has now been successfully changed Web Operation and Configuration Now that the IP address has been configured for your application you can complete the configuration using any standard web browser PC Configuration In order to connect the PC to the Ethernet LAN to communicate with the Model 3086 the PC s IP address should be o...

Страница 33: ...33 Model 3086 G SHDSL Integrated Access Device User Guide 3 Quick Start Installation The Model 3086 home page displays see Figure 3 Figure 3 Model 3086 home page The Model 3086 menu structure is shown in figure 4 on page 34 ...

Страница 34: ...3 Quick Start Installation Model 3086 G SHDSL Integrated Access Device User Guide 34 Hardware installation Figure 4 Model 3086 Menu Structure ...

Страница 35: ...configuration 46 3086 A CLI configuration 46 3086 B CLI configuration 47 Web browser configuration 48 Serial plus Ethernet Traffic 48 CLI configuration 48 Selecting the DSL link speed 49 Selecting PCM mode 49 Assigning bandwidth to serial and Ethernet ports 49 Central or Remote terminal Master Slave 49 Interface Type 49 Annex Type 50 Web Browser Configuration 50 Using the 3086 in Routed or Bridged...

Страница 36: ...lication Configurations Model 3086 G SHDSL Integrated Access Device User Guide 36 Routed application configurations to a DSLAM 68 RFC 1483 Routed 68 PPPoH Routed 75 PPPoA Routed RFC 2364 82 IPoA Routed RFC 1577 94 ...

Страница 37: ...ctivated In addition to configuring the DSL link the user must configure the routing or bridging features and must choose from HDLC or ATM encapsulation Configuration for these applications is presented in the following sections The 3086 is used to transport serial data only serial plus Ethernet or Ethernet only data Since the configuration of the router or bridge and the ATM or HDLC Features are ...

Страница 38: ...83 PPPoA HDLC Description X X X X X X X X VPI X X X X X X default 0 VCI X X X X X X default 35 Encapsulation X X Llc or VcMux Use DHCP X X X WAN IP address X X X default mask 255 255 255 0 LLC header X X X HDLC header X X X X X No authentication X X X PAP X X X CHAP X X X User Name X X X Password X X X WAN IP address Local IP X 0 0 0 0 Local IP Mask 255 255 255 0 Access Concentrator X Service Name...

Страница 39: ...onnecting the serial port The serial port in the 3086 is simple to install The V 35 interface is wired as a DCE the X 21 interface can be configured as a DCE factory default or as a DTE via internal configuration jumper Connecting the 3086 serial port to a DTE The serial port on the Model 3086 is configured as a DCE so it connects directly to a DTE using a standard straight through cable The cable...

Страница 40: ...n DCE to DCE configurations even when using a tail circuit cable please refer to your third party equipment user manual for information on DCE to DCE operation The 3086 requires a cable with a male M 34 or male DB 25 connector X 21 interfaces The Model 3086 s X 21 interface configuration can be modified by the user as DCE factory default or DTE via an internal jumper board When the local third par...

Страница 41: ...tion To change to DTE configuration lift the daughter board from the connector turn it around so that the DTE label an arrows point to the X 21 connector and place it back on the connector The X 21 port is now configured as a DTE Note When the X 21 port is configured as a DTE the clocking mode for the port must be set for external clock Configuring the Serial port features Switch configuration Swi...

Страница 42: ... On Set up DIP switches and then turn the implementation switch S2 8 to the Off position wait 3 to 4 sec onds turn S2 8 back to On you do not need to cycle the power for the unit To put the unit back to CLI Web management ALL DIP switches must be set to the On position The Model 3086 includes two eight DIP switch banks labeled S2 and S3 They are externally accessible by removing the plate on the b...

Страница 43: ...S2 8 Switch configuration On Toggle On Off On To activate DIP configuration S7 S6 S5 S4 S3 S2 S1 Serial Port Data Rate kbps On On On On On Off Off 192 On On On On Off On On 256 On On On On Off On Off 320 On On On On Off Off On 384 On On On On Off Off Off 448 On On On Off On On On 512 On On On Off On On Off 576 On On On Off On Off On 640 On On On Off On Off Off 704 On On On Off Off On On 768 On On ...

Страница 44: ...this table On On Off Off On On On 1536 On On Off Off On On Off 1600 On On Off Off On Off On 1664 On On Off Off On Off Off 1728 On On Off Off Off On On 1792 On On Off Off Off On Off 1856 On On Off Off Off Off On 1920 On On Off Off Off Off Off 1984 On Off On On On On On 2048 On Off On On On On Off 2112 On Off On On On Off On 2176 On Off On On On Off Off 2240 On Off On On Off On On 2304 S2 8 Conditio...

Страница 45: ... S3 3 to configure the 3086 for internal or external clock mode keep in mind that this setting only affects the operation of the serial port Using the 3086 as a simple modem serial port data over DSL only Serial port connection only Ethernet port not used to send data over DSL but can be used for management There are three ways to configure the 3086 for serial port operation only Via DIP switches ...

Страница 46: ...LI The above configuration can be entered via the CLI as follows 3086 A CLI configuration Note Press the Enter key at the end of each command line gshdsl set terminal central gshdsl set dslrateTS 32 gshdsl set interface hdlc gshdsl set pcmmode Serial gshdsl set ghsannex AnnexB gshdsl set serialTS 32 system config save Wait for configuration saved message Saving configuration 3086 A 3086 B Switch S...

Страница 47: ...ne gshdsl set terminal remote gshdsl set dslrateTS 32 gshdsl set interface hdlc gshdsl set pcmmode Serial gshdsl set ghsannex AnnexB gshdsl set serialTS 32 system config save Wait for configuration saved message Saving configuration Configuration saved Note When connecting to Patton Electronics Model 3096RC Central Office T DACS The model 3086 must be configured as CP Remote Check the 3096RC user ...

Страница 48: ...he Configure button Serial plus Ethernet Traffic The Model 3086 IAD can concurrently carry TDM data from the serial port non routed and data from the Ethernet port both data streams are carried simultaneously over the DSL link Note The serial port data does not go through the routing core of the model 3086 this data is sent unprocessed over the DSL link CLI configuration Configuring the 3086 to tr...

Страница 49: ...d the other half 1 152 Mbps 18 TS assigned to the Ethernet port From the CLI command prompt type gshdsl set serialTS 18 enter Note Enter the required bandwidth in number of 64kbps time slots for the serial port the 3086 automatically assigns the rest of the bandwidth to the Ethernet ports For example if the total DSL bandwidth is 2 3 Mbps 36 TS assigning 1 152 Mbps 18 TS to the serial port automat...

Страница 50: ...lect the Con figuration option Use the drop down menus to enter the required configuration Once all settings have been selected click on the Configure button at the bottom of the screen This concludes the basic DSL configuration for Ethernet and serial transport If your application calls for Ethernet only or Serial and Ethernet traffic you need to configure the Model 3086 Ethernet transport betwee...

Страница 51: ...alled ip1 with an IP address of 192 168 1 1 Let s change the IP address so it is in the same subnet as both PCs For example to 192 168 100 2 ip set interface ip1 ipaddress 192 168 100 2 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the 3086 2 On the Menu go to Configuration then to WAN Connections Delete the factory default WAN se...

Страница 52: ...2 Using the 3086 in Routed or Bridged applications Verify the settings to be Interface 1 LLC header mode dialout LLC header mode off HDLC header mode on No authentication Leave User name and Password blank Click on Apply 4 Go to G SHDSL in the Configuration Menu then the submenu Configuration ...

Страница 53: ...232 control port ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as both PCs For example to 192 168 100 3 ip set interface ip1 ipaddress 192 168 100 3 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the 3086 2 On the Menu go to Configuration then t...

Страница 54: ...n the Configure button In the Action submenu under G SHDSL change Action to Deactivate then click on Action Return to Action select Start and click on Action Network Extension HDLC PPPoH Routed Model 3086 Remote Configuration Steps PPPoH Routed From the command line interface CLI via the RS 232 control port ip list interfaces One IP interface was called ip1 with an IP address of 192 168 1 1 Change...

Страница 55: ...lc If changed then click on Configure Click on Action Select deactivate for Action Click on the Action button 2 On the Menu go to Configuration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main window select PPPoH_Routed and click on the Configure button In the Description field enter the description you wish In this example it is ca...

Страница 56: ... Device User Guide 56 Using the 3086 in Routed or Bridged applications Click on Configure 3 Go to Configuration Menu Configuration WAN connections Edit for PPPoH Routed service Edit IP Interface Ipaddr enter the WAN IP Address in this example 192 168 164 2 Click on Change ...

Страница 57: ...n Menu Configuration IP Routes Click on Create new Ip V4 Route Create the gateway to the remote 3086 by entering the WAN IP address of the remote 3086 in this example enter 192 168 164 3 in the Gateway field OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 3 already configured in first part of step 4 Mask 0 0 0 0 Cost 1 Interface blank ...

Страница 58: ...ome parametric values are different although the process is the same From the command line interface CLI via the RS 232 control port ip list interfaces ip clear routes pppoh clear transports ethernet add transport eth1 ethernet One IP interface was called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as the laptop PC The laptop s IP address is 192 168 172 ...

Страница 59: ...iption field enter the description you wish In this example it is called PPPoH Routed Description PPPoH Routed Interface 1 WAN IP address 192 168 164 3 LLC Header Mode off HDLC Header Mode ON No authentication Username blank Password blank Click on Configure 3 Go to Configuration Menu Configuration WAN connections Edit for PPPoH Routed service Edit IP Interface Ipaddr enter the WAN IP Address in t...

Страница 60: ...ridged services are offered RFC 1483 Bridged PPPoA Bridged and HDLC Bridged The configurations show a desktop on one end and a laptop on the other The laptop and its Model 3086 would be replaced with a DSLAM RFC 1483 Bridged Configuration No additional IP addresses are needed other than the IP address chosen earlier In fact if you are configuring and managing the model 3086 only from the CLI Comma...

Страница 61: ...p set interface ip1 ipaddress 192 168 100 2 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the 3086 2 On the Menu go to Configuration then to WAN Connections Delete the factory default WAN services already defined Click on Create a new service in the main window select RFC_1483_Bridged and click on the Configure button In the Descr...

Страница 62: ...the command line interface CLI via the RS 232 control port ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as both PCs For example to 192 168 100 3 ip set interface ip1 ipaddress 192 168 100 3 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the 308...

Страница 63: ...ion Return to Action select Start and click on Action PPPoH Bridged Configuration Model 3086 Remote Configuration Steps PPPoH Bridged From the command line interface CLI via the RS 232 control port ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same sub net as both PCs For example to 192 168 100 2 ip set interface ip1 ipadd...

Страница 64: ...u wish In this example it is called PPPoH Bridged Interface 1 LLC header mode dialout LLC header mode off HDLC header mode on No authenticaion Leave User name and Password blank Click on Apply 3 Go to G SHDSL in the Configuration Menu then the submenu Configuration Change Terminal Type to Remote and Interface Type to hdlc Click on the Configure button In the Action submenu under G SHDSL change Act...

Страница 65: ...dress of the 3086 2 On the Menu go to Configuration then to WAN Connections Delete the factory default WAN services already defined Click on Create a new service in the main window select PPPoH_Bridged and click on the Configure button In the Description field enter the description you wish In this example it is called PPPoH Bridged Interface 1 LLC header mode dialout LLC header mode off HDLC head...

Страница 66: ...ration Steps PPPoA Bridged From the command line interface CLI via the RS 232 control port ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as both PCs For example to 192 168 100 2 ip set interface ip1 ipaddress 192 168 100 2 255 255 255 0 1 Now you can bring up the web page management system on your browser by en...

Страница 67: ...PPPoA Bridged From the command line interface CLI via the RS 232 control port ip list interfaces One IP interface is called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as both PCs For example to 192 168 100 3 ip set interface ip1 ipaddress 192 168 100 3 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP...

Страница 68: ...ted WAN services are offered RFC 1483 PPPoH IPoA PPPoA and PPPoE Routed RFC 1483 Routed RFC 1483 provides the simplest method of connecting end stations over an ATM network User data in the form of Ethernet packets is encapsulated into AAL 5 PDUs for transport over ATM RFC 1483 provides no authentication and configuration that would be provided by PPP Model 3086 Remote Configuration Steps RFC 1483...

Страница 69: ...6 Click on G SHDSL in the Configuration Menu Configuration verify that Terminal Type is Central and Interface Type is atm If changed then click on Configure Click on Action Select deactivate for Action Click on the Action button 2 On the Menu go to Configuration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main window select RFC 1483...

Страница 70: ...RFC 1483 Routed Change the configuration parameters to match the following Description RFC 1483 Routed VPI 0 VCI 35 Encapsulation Method LLC SNAP WAN IP Address 192 168 164 2 Click on Configure 3 Configuration Menu Configuration IP Routes Click on Create new Ip V4 Route Create the gate way to the remote 3086 by entering the WAN IP address of the remote 3086 in this example enter 192 168 164 3 in t...

Страница 71: ...L in the Configuration Menu then the submenu Status The Modem State should be deactivated If not go to the Action and change it to deactivate Then in the Action submenu under G SHDSL change Action to Start then click on Action Model 3086 Central Configuration Steps RFC 1483 Routed From the command line interface CLI via the RS 232 control port ip list interfaces pppoh clear transports One IP inter...

Страница 72: ...172 229 so in this example change the IP address of the 3086 to 192 168 172 3 The default IP mask is 255 255 255 0 ip set interface ip1 ipaddress 192 168 100 2 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the 3086 Click on G SHDSL in the Configuration Menu Configuration verify that Terminal Type is Remote and Interface Type is at...

Страница 73: ... go to Configuration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main window select RFC 1483 Routed and click on the Configure button In the Description field enter the description you wish In this example it is called RFC 1483 Routed Description RFC 1483 Routed VPI 0 VCI 35 Encapsulation Method LLC SNAP WAN IP Address 192 168 164 3...

Страница 74: ...s 3 Configuration Menu Configuration IP Routes Click on Create new Ip V4 Route Create the gate way to the remote 3086 by entering the WAN IP address of the remote 3086 in this example enter 192 168 164 2 in the Gateway field OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 2 Mask 0 0 0 0 Cost 1 Interface blank ...

Страница 75: ... deactivated If not go to the Action and change it to deactivate Then in the Action submenu under G SHDSL change Action to Start then click on Action The modems should link up within 30 seconds or so and the link is ready for communication PPPoH Routed Model 3086 Remote Configuration Steps PPPoH Routed From the command line interface CLI via the RS 232 control port ip list interfaces ip clear rout...

Страница 76: ... IP address of the 3086 Click on G SHDSL in the Configuration Menu Configuration verify that Terminal Type is Central and Interface Type is hdlc If changed then click on Configure Click on Action Select deactivate for Action Click on the Action button 2 On the Menu go to Configuration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main...

Страница 77: ...evice User Guide 4 Basic Application Configurations Username blank Password blank Click on Configure 3 Go to Configuration Menu Configuration WAN connections Edit for PPPoH Routed service Edit IP Interface Ipaddr enter the WAN IP Address in this example 192 168 164 2 Click on Change ...

Страница 78: ...u Configuration IP Routes Click on Create new Ip V4 Route Create the gate way to the remote 3086 by entering the WAN IP address of the remote 3086 in this example enter 192 168 164 3 in the Gateway field OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 3 already configured in first part of step 5 Mask 0 0 0 0 Cost 1 Interface blank ...

Страница 79: ... Action to Start then click on Action Model 3086 Central Configuration Steps PPPoH Routed From the command line interface CLI via the RS 232 control port ip list interfaces pppoh clear transports One IP interface was called ip1 with an IP address of 192 168 1 1 Change the IP address so it is in the same subnet as the laptop PC The laptop s IP address is 192 168 172 229 so in this example change th...

Страница 80: ...then click on Configure Click on Action Select deactivate for Action Click on the Action button 2 On the Menu go to Configuration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main window select PPPoH_Routed and click on the Configure button In the Description field enter the description you wish In this example it is called PPPoH Rou...

Страница 81: ...k on Create new Ip V4 Route Create the gate way to the remote 3086 by entering the WAN IP address of the remote 3086 in this example enter 192 168 164 2 in the Gateway field OK The other fields should be Destination 0 0 0 0 Gateway 192 168 164 2 already changed in the first part of step 5 Mask 0 0 0 0 Cost 1 Interface blank 5 Go to G SHDSL in the Configuration Menu then the submenu Status The Mode...

Страница 82: ...ide with Remote and 3086 A may represent a home PC which is connecting to a central ized PPP server Local and 3086 B Since this is a routed application there are differences to be noted Referring to the application diagram three unique subnets exist The Ethernet LAN on the 3086 and Remote side the Ethernet LAN on the 3086 and Central side and lastly the subnet of the ATM s PVC link between the two...

Страница 83: ...lick on Action Select deactivate for Action Click on the Action button 2 On the Menu go to Configuration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main window select PPPoA Routed and click on the Configure button In the Description field enter the description you wish In this example it is called PPPoA Routed Change the configurat...

Страница 84: ...erify or change the following parameters on the Edit PPP webpage Server false Create Route true Specific Route false Subnet Mask 0 0 0 0 Route Mask 0 0 0 0 Hdlc false LLC false Lcp Max Configure 10 Lcp Max Failure 5 Lcp Max Terminate 2 Dialin Auth none Dialout Username fred Dialout Password fredspass Confirmation Password fredspass Dialout Auth chap Interface ID 1 Remote IP 192 168 164 2 Local IP ...

Страница 85: ... Give DNS to Relay true Give DNS to Client true Remote DNS 0 0 0 0 Remote Secondary 0 0 0 0 LCP Echo Every 10 Auto Connect false Idle Timeout 0 Termination true Click on Change button 4 Click on Edit ATM Channel Verify the Options to match the following Change if necessary Tx Vci 800 Tx Vpi 0 Rx Vci 800 Rx Vpi 0 Peak Cell Rate 2000 Burst Tolerance 0 MCR 0 MBS 0 Sustainable Cell Rate 0 ...

Страница 86: ...is infor mation while setting up the PPP connection 7 Go to G SHDSL in the Configuration Menu then the submenu Status The Modem State should be deactivated If not go to the Action and change it to deactivate Then in the Action submenu under G SHDSL change Action to Start then click on Action Model 3086 Central Server Configuration Steps PPPoA Routed 1 From the command line interface CLI via the RS...

Страница 87: ...86 Click on G SHDSL in the Configuration Menu Configuration verify that Terminal Type is Central and Interface Type is atm If changed then click on Configure Click on Action Select deactivate for Action Click on the Action button 2 On the Menu go to Configuration then to WAN Connections Delete both default WAN services already defined Click on Create a new service in the main window select PPPoA R...

Страница 88: ...n this example it is called PPPoA Routed Change the configuration parameters to match the following Description PPPoA Routed VPI 0 VCI 800 WAN IP Address 192 168 164 2 LLC Header Mode off HDLC Header Mode off Note The following items are for dial out service only for when a remote is establishing a connection with a server CHAP User Name leave blank Passwood leave blank Click on Configure ...

Страница 89: ... parameters on the Edit PPP webpage Parameters in red italics are those requiring changes from the default configuration Server true Create Route true Specific Route false Subnet Mask 0 0 0 0 Route Mask 0 0 0 0 Hdlc false LLC false Lcp Max Configure 10 Lcp Max Failure 5 Lcp Max Terminate 2 Dialin Auth pap Dialout Username blank Dialout Password blank Confirmation Password blank Dialout Auth none I...

Страница 90: ...ide 90 DSLAM Connections with remote CPE units IP Addr from IPCP true Discover Primary DNS false Discover Secondary DNS false Give DNS to Relay false Give DNS to Client false Remote DNS 0 0 0 0 Remote Secondary 0 0 0 0 LCP Echo Every 10 Auto Connect false Idle Timeout 0 Termination true ...

Страница 91: ...DSLAM Connections with remote CPE units 91 Model 3086 G SHDSL Integrated Access Device User Guide 4 Basic Application Configurations Click on Change button ...

Страница 92: ...nnections with remote CPE units 4 Click on Edit ATM Channel Verify the Options to match the following Change if necessary Tx Vci 800 Tx Vpi 0 Rx Vci 800 Rx Vpi 0 Peak Cell Rate 2000 Burst Tolerance 0 MCR 0 MBS 0 Sustainable Cell Rate 0 Class UBR Port atm Click on the Change button if changes were made ...

Страница 93: ...arameters Ipaddr 192 168 164 2 Mask 255 255 255 0 Dhcp false MTU 1500 Enabled true Click on the Change button if changes were made 6 Again Configuration Menu Configuration IP Routes Click on Create new Ip V4 Route Create the gateway to the remote 3086 by changing or verifying the following parameters in the webpage Edit Advanced Settings Destination 0 0 0 0 Gateway 192 168 164 3 Mask 0 0 0 0 Cost ...

Страница 94: ...ction and change it to deactivate Then in the Action submenu under G SHDSL change Action to Start then click on Action IPoA Routed RFC 1577 User data in the form of IP packets is encapsulated into AAL 5 PDUs for transport over ATM The fact that the user data is routed at an IP layer instead of bridged at a MAC layer allows the source and destination to be on different subnets A notable drawback of...

Страница 95: ... entering the IP address of the 3086 2 On the Menu go to Configuration then to WAN Connections Delete the factory default WAN services already defined Click on Create a new service in the main window select IPoA_Routed and click on the Configure button In the Description field enter the description you wish In this example it is called IPoA Routed VPI 0 VCI 700 WAN IP address 192 168 164 2 Click o...

Страница 96: ...s Device User Guide 96 DSLAM Connections with remote CPE units 3 Returning to the 3086 Configuration Menu click on Configuration then IP Routes Click on Create new Ip V4 Route Destination 0 0 0 0 Gateway 192 168 164 3 Mask 0 0 0 0 Cost 1 Interface leave blank Click on OK ...

Страница 97: ...ser Guide 4 Basic Application Configurations 4 Go to G SHDSL in the Configuration Menu then the submenu Configuration Change Terminal Type to Central and Interface Type to atm Click on the Configure button In the Action submenu under G SHDSL change Action to Deactivate then click on Action ...

Страница 98: ...e subnet as both PCs For example to 192 168 172 3 The default IP mask is 255 255 255 0 ip set interface ip1 ipaddress 192 168 172 3 255 255 255 0 1 Now you can bring up the web page management system on your browser by entering the IP address of the 3086 2 On the Menu go to Configuration then to WAN Connections Delete the factory default WAN services already defined Click on Create a new service i...

Страница 99: ... on Create new Ip V4 Route Destination 0 0 0 0 Gateway 192 168 164 2 Mask 0 0 0 0 Cost 1 Interface leave blank Click on OK 4 Go to G SHDSL in the Configuration Menu then the submenu Configuration Leave Terminal Type as Remote Change Interface Type to hdlc Click on the Configure button In the Action submenu under G SHDSL change Action to Deactivate then click on Action Return to Action select Start...

Страница 100: ...4 Basic Application Configurations Model 3086 G SHDSL Integrated Access Device User Guide 100 DSLAM Connections with remote CPE units ...

Страница 101: ...101 Chapter 5 Specialized Configurations Chapter contents IP Configurations 102 Router 102 DHCP Server and Relay 102 ...

Страница 102: ...Enter the IP address of the gateway which is the WAN IP address of the device on the other end of the DSL link in the Value field of Gateway 5 Enter the appropriate netmask in the Value field of Netmask 6 Leave Cost as 1 7 Interface is an ASCII field which you may leave blank or fill in for your identification 8 Click OK 9 Add additional static routes using the same procedure DHCP Server and Relay...

Страница 103: ...igure on the DHCP Server web page to change the configuration for any of the DHCP param eters The three categories of configuration parameters on this web page are the Address Range of the DHCP Server the Lease Times in seconds the selection of Domain Name Servers if desired and whether to use the router as the default gateway 3 Clicking on Advanced Options offers additional options for configurat...

Страница 104: ...DNS client provides a method for retrieving a list of IP addresses for a host name as well as acquiring the host name for a given IP address The DNS client will cache any results from the name server which reduces network traffic 1 Enter the DNS Servers by entering the IP address in the field next to the Add button 2 Click on Add More than one DNS Server may be added An alternative is to create a ...

Страница 105: ... DNS Relay web page up to 10 DNS server addresses may be added to utilize the DNS servers already being used by the network 1 Select Enabled 2 Click on Configure 3 Enter the DNS server address in the field following DNS server IP address 4 Click on Apply 5 Repeat to add more DNS server addresses not to exceed the maximum of 10 ...

Страница 106: ...5 Specialized Configurations Model 3086 G SHDSL Integrated Access Device User Guide 106 IP Configurations ...

Страница 107: ...r contents Introduction 108 Configuring the IAD 108 Configuring the security interfaces 109 Deleting a Firewall Policy 110 Enabling the Firewall 111 Firewall Portfilters 111 Security Triggers 112 Intrusion Detection System IDS 114 ...

Страница 108: ...d by using security triggers Triggers tell the security mechanism to expect these second ary sessions and how to handle them Rather than allowing a range of port numbers triggers handle the situa tion dynamically opening the secondary sessions only when appropriate The triggers work without needing to understand the application protocol or reading the payload of the packet although this does happe...

Страница 109: ... both as 0 0 0 0 because this is the gateway default route 5 Click on Create and the route will be entered 6 The default gateway can be verified by clicking on IP Routes under Status in the menu Configuring the security interfaces The interfaces and routes have been configured on the 3086 IAD which will function as the firewall The Ethernet side of the 3086 will be configured to be an internal sec...

Страница 110: ...lled etoi is added between the external and internal interfaces 1 Under Policies Triggers and Intrusion Devices on the Security page click on Firewall Policy Configuration 2 In the Current Firewall Policies page click on New Policy 3 Select the parameters so the policy applies between interface of types external internal Also Validators will block traffic This blocks all hosts 4 Click on Apply Del...

Страница 111: ...ge State The network is now secure All the interfaces which have been defined are protected and all traffic is blocked between different the different interface types That is all traffic is blocked between the external and internal interfaces The next section describes how to configure the Firewall for allowing certain types of data transfer to occur between the PC s on different networks Firewall...

Страница 112: ...rity Triggers Security triggers are used to allow an application to open a secondary port in order to transport data The most common example is FTP This procedure is to set up a trigger on the Firewall to have an FTP session from PC A to PC B but not the reverse 1 First create an outbound only portfilter for FTP and add it to the item0 policy 2 Following the path given in step 1 for the ping portf...

Страница 113: ...nel add a trigger which will open a secondary channel only when data is being passed This prevents the need to open too many ports which offer a security risk 1 From the Configuration Menu Configuration Security Firewall Trigger Configuration New Trig ger 2 Set the parameters as follows Transport Type tcp Port Number Start 21 Port Number End 21 Allow Multiple Hosts Block Max Activity Interval 3000...

Страница 114: ...bled Enables Victim Protection Victim Protection protects the victim from an attempted spoofing attack Web spoofing allows an attacker to create a shadow copy of the world wide web WWW All access to the shadow Web goes through the attacker s machine so the attacker can monitor all of the victim s activities and send false data to or from the victim s machine When enabled packets destined for the v...

Страница 115: ...e unreachable addresses and keeps resending them This creates a backlog queue of unacknowledged SYN ACK packets Once the queue is full the system will ignore all incoming SYN request and no legitimate TCP connections can be established Once the maximum number of unfinished TCP handshaking sessions is reached an attempted DOS attack is detected The firewall blocks the suspected attacker for the tim...

Страница 116: ...6 Security Model 3086 G SHDSL Integrated Access Device User Guide 116 Intrusion Detection System IDS ...

Страница 117: ...117 Chapter 7 NAT Network Address Translation Chapter contents Introduction 118 Enabling NAT 118 Global address pool and reserved map 119 ...

Страница 118: ... can also be used so that different inside hosts can share a global address by mapping different ports to different hosts For example Host A is an FTP server and Host B is a web server By mapping the FTP port to Host A and the HTTP port to Host B both insides hosts can share the same global address Setting the protocol number to 255 0xFF means that the mapping will apply to all protocols Setting t...

Страница 119: ...s Pool The global IP addresses need to be created and put into the Global Address Pool 3 Set the parameters to the following values Interface Type internal Use Subnet Configuration Use IP Address Range IP Address 100 100 100 101 Subnet Mask IP Address 2 100 100 100 102 Click on Add Global Address Pool 4 Next create a reserved mapping between a global IP address from the global pool and an internal...

Страница 120: ...er Guide 120 Introduction 6 Set the parameters to the following values Global IP Address 100 100 100 101 Internal IP address 10 1 1 2 Transport Type all Port Number 65535 This port number means all port numbers for TCP or UDP protocols will be mapped 7 Click on Add Reserved Mapping ...

Страница 121: ...121 Chapter 8 Monitoring Status Chapter contents Status LEDs 122 ...

Страница 122: ...y 1 or idle condition RD Green Green indicates a binary 0 condition off indicates a binary 1 or idle condition CTS Green ON indicates the CTS signal from the IAD is active binary 1 off indicates CTS is binary 0 DTR Green ON indicates the DTR signal from the DTE device attached to the serial port is active binary 1 Ethernet Link Green ON indicates an active 10 100 BaseT connec tion 100M Green ON co...

Страница 123: ...ostics Chapter contents Introduction 124 Ping 124 Software Upgrades 124 Configuration 124 Procedure 124 Operating Local Analog Loopback LAL 125 Operating Remote Digital Loopback RDL 125 BIT Error Rate V 52 Diagnostics 126 ...

Страница 124: ... at no charge contact upgrades patton com for the location of the new firmware and follow these instructions 1 Get the firmware image from Patton and save on your PC It is a tar file and MUST NOT be unzipped 2 Login to the 3086 s web page on the browser 3 Click on System then Upgrade 4 Locate the firmware image on this web page 5 Click on Upgrade 6 Wait until the upgrading is complete and then res...

Страница 125: ...returned to the user device i e characters typed on the key board of a terminal will appear on the terminal screen Figure 10 Local Line Loop To perform a Local Analog Loopback test follow these steps 1 Move the front panel toggle switch UP to Local 2 Verify that the data terminal equipment is operating properly and can be used for a test 3 Perform a V 52 BER bit error rate test as described in sec...

Страница 126: ...iving Model 3086 then decodes the received bits using the same polynomial If the received bits match the agreed upon pseudo random pattern then the 3086 s and the communication link s are functioning properly 511 Initiates a built in 511 bit pseudo random pattern generator and detector 511 with Errors Initiates a built in 511 bit pseudo random pattern generator and detector The test pattern genera...

Страница 127: ...ontents Introduction 128 Contact information 128 Warranty Service and Returned Merchandise Authorizations RMAs 128 Warranty coverage 128 Out of warranty service 128 Returns for credit 128 Return for credit policy 129 RMA numbers 129 Shipping instructions 129 ...

Страница 128: ...fore ship ment All of our products are backed by a comprehensive warranty program Note If you purchased your equipment from a Patton Electronics reseller ask your reseller how you should proceed with warranty service It is often more convenient for you to work with your local reseller to obtain a replacement Patton services our products no matter how you acquired them Warranty coverage Our product...

Страница 129: ... Completing a request on the RMA Request page in the Support section at www patton com By calling 1 301 975 1000 and speaking to a Technical Support Engineer By sending an e mail to returns patton com All returned units must have the RMA number clearly visible on the outside of the shipping container Please use the original packing material that the device came in or pack the unit securely to avoi...

Страница 130: ...10 Contacting Patton for assistance Model 3086 G SHDSL Integrated Access Device User Guide 130 Warranty Service and Returned Merchandise Authorizations RMAs ...

Страница 131: ...132 T1 E1 Interface 3086 RIK and RIT models only 133 64K G 703 Port 3086 RIF Model 133 Protocol Support 133 PPP Support 134 ATM Protocols 134 Management 134 Security 134 Compliance Standard Requirements 135 Australia Specific 135 Dimensions 135 Power and Power Supply Specifications 135 AC universal power supply 135 48 VDC power supply 135 ...

Страница 132: ...nvenient and standard RJ connectors for Ethernet Line and Console Field Factory Default Option Standard 1 year warranty G SHDSL Characteristics 2 3 mbps speed Model 3086 over 2 wire DTE Rates 144Kbps to 2 32 Mbps operation With nx64 with n 1 support Distance from 24 900 at 144kbps 192kbps Line rate to 10 200 at 2 3 mbps on 26 AWG 4mm wire Annex A ANSI Annex B ETSI PSD selection 2 wire or 4 wire su...

Страница 133: ...741 TCP RFC 793 UDP RFC 768 ICMP RFC 950 ARP RFC 826 IP Router with RIP RFC 1058 RIPv2 RFC 2453 Up to 64 static routes with user selectable priority over RIP OSPF routes Built in ping facilities Integrated DHCP Server RFC 2131 Selectable general IP leases and user specific MAC IP parings Selectable lease period DHCP relay agent RFC 2132 RFC 1542 with 8 individual address pools DNS Relay with prima...

Страница 134: ... UNI L3 and Q 2971 UNI L3 support LAN Emulation Client LEC V 1 with LEC via PVC or ILMI connection Peak cell rate shaping on a per VCC basis up to 32 active VCCs across VPI 0 255 VCI 0 65525 Single default PVC 8 35 with PCR 5 500 cells I 610 OAM network management including AIS RDI loop back and performance monitoring Enhanced ILMI 4 0 for auto configuration of ATM PVCs Management User selectable ...

Страница 135: ...nnect Safety EN60950 Australia Specific TS016 E1 Telecom AZ NZS 3260 Safety AZ NZS 35 48 EMC Dimensions 1 58H x 4 16W x 3 75D in 10 6H x 4 1W x 8 8D cm Power and Power Supply Specifications The 3086 may come with either an AC or DC power supply AC universal power supply The Model 3086 offers internal or external AC power supply options The internal power supply connects to an AC source via an IEC ...

Страница 136: ...A Specifications Model 3086 G SHDSL Integrated Access Device User Guide 136 Power and Power Supply Specifications ...

Страница 137: ...137 Appendix B Cable Recommendations Chapter contents DSL Cable 138 Ethernet Cable 138 Adapter 138 ...

Страница 138: ...Cable DSL Cable 10 foot 3 m RJ 11 RJ 11 refer to RJ 11 non shielded port on page 140 Ethernet Cable Ethernet cable P N 10 2500 refer to RJ 45 shielded 10 100 Ethernet port on page 140 Adapter EIA 561 to DB 9 P N 16F 561 refer to RJ 45 non shielded RS 232 console port EIA 561 on page 140 ...

Страница 139: ...r contents RJ 45 shielded 10 100 Ethernet port 140 RJ 11 non shielded port 140 RJ 45 non shielded RS 232 console port EIA 561 140 Serial port 141 V 35 M 34 Connector 141 V 35 DB 25 Female Connector 141 X 21 DB 15 Connector 142 Power input 142 ...

Страница 140: ...ded port Single twisted pair TP for full duplex transmission The signals are not polarity sensitive RJ 45 non shielded RS 232 console port EIA 561 Pin No Signal Direction Signal Name 1 Output TX 2 Output TX 3 Input RX 4 5 6 Input RX 7 8 Pin No Signal Direction Signal Name 1 2 In Out Tip 3 In Out Ring 4 Pin No Signal Direction Signal Name 1 Out DSR 2 Out CD 3 In DTR 4 Signal Ground 5 Out RD 6 In TD...

Страница 141: ...a DCE Source U XTC Transmit Clock DTE Source V RC Receiver Clock DCE Source W XTC Transmit Clock DCE Source X RC Receiver Clock DCE Source Y TC Transmitter Clock DTE Source AA TC Transmitter Clock DTE Source KK Aux Power Input 5VDC 300mA Pin Signal 1 FG FrameGround 2 TD Transmit Data A DTE Source 3 RD Receive Data A DCE Source 4 RTS Request to Send A DTE Source 5 CTS Clear to Send A DCE Source 6 D...

Страница 142: ...rce 15 TC Transmitter Clock B DCE Source 16 RD Receive Data A DCE Source 17 RC Receiver Clock A DCE Source 18 LL Local LIne Loop 19 RTS Request to Send B DTE Source 20 DTR Data Terminal Ready A DTE Source 21 RL Remote Loopback 22 DSR Data Set Ready B DCE Source 23 DTR Data Terminal Ready B DTE Source 24 XTC External Transmitter Clock A DTE Source 25 TM Test Mode Pin Signal ...

Страница 143: ...minology 144 Local VT 100 emulation 144 Remote Telnet 144 Using the Console 145 Administering user accounts 146 Adding new users 146 Setting user passwords 146 Changing user settings 147 Controlling login access 147 Controlling user access 147 G SHDSL Commands 147 To establish the DSL link 148 ...

Страница 144: ...PoA IP over ATM PPPoH Point to Point over HDLC Ethernet Interface bridges and routers both have interfaces A single transport is attached to a bridge or router via an interface Object an object is anything that you can create and manipulate as a single entity for example interfaces transports static routes and NAT rules List Objects are numbered entries in a list For example if you have created mo...

Страница 145: ...next lines For example Æ ethernet After typing the you will not see the add delete set show list clear Æ ethernet Then you may enter one of the keywords on the displayed list followed by a space and To continue our example Æ ethernet list ports transports Æ ethernet list Then Æ ethernet list transports Æ ethernet list transports enter Ethernet transports ID Name Port 1 eth1 ethernet Æ Another exam...

Страница 146: ...r user accounts Adding new users To add a new user username use the command system add user username Comment system add login user username Comment The first command creates a user who can access the system via a dialin connection using PPP for example The second command creates a user who can login to the system For example the commands system add user fred user with dialin access system add logi...

Страница 147: ... example to change the set tings for user fred system set user fred access default engineer superuser system set user fred maydialin enabled disabled system set user fred mayconfigure enabled disabled For example to change the security level for fred enter system set user fred access engineer Note Only superusers can use the user change command Controlling login access To set user login access for...

Страница 148: ...shdsl set dataRateI 0 gshdsl set Action Start Attribute Type Value Description Version RO The version number of the DSL driver Platform RO The platform name of the unit e g 3086 or 3086 ModemState RO Idle Deactivated Norm Oper In Progress Show the state of the handshaking process Idle The DSL chip is in idle state Deactivated The DSL chip is deactivated Normal Operation The DSL chip is in operatin...

Страница 149: ...nistering user accounts 149 Model 3086 G SHDSL Integrated Access Device User Guide D Command Line Interface CLI Operation Default Setting of the unit Terminal Remote Interface Hdlc DataRateN 24 DataRateI 0 ...

Страница 150: ...D Command Line Interface CLI Operation Model 3086 G SHDSL Integrated Access Device User Guide 150 Administering user accounts ...

Страница 151: ...amplePoint 152 Web Interface 153 CLI Configuration 153 Serial Show 153 Serial Help 153 FRS Process Definition and Configuration 154 Variables Available 154 transMode 154 DEMapping 155 FECNMapping 155 VPI 156 VCI 156 DLCI 156 FRSName 156 State 156 Web Configuration 157 CLI Configuration 157 Generic Frame Relay 158 Connection 1 159 Connection 2 160 Connection 3 160 ...

Страница 152: ...Options Internal External Function The clock setting for the serial interface will determine the source of timing for the serial interface This will not set the source of timing for the DSL link and the timing derived from this interface can not be used to driver the DSL interface rxClkInv txClkInv Options Inverted Normal Function The clock invert functions could be used to invert the clocks that ...

Страница 153: ... the web CLI Configuration The serial interface can be configured through the CLI just as any other set of variables The configuration vari ables are display by typing the command serial There are two sub screens that are available to help configure the system The two commands with their responses are shown below Serial Show Shows the current configuration on the serial interface serial show Clock...

Страница 154: ...ransformed in the connection on the other side of the link When an FRS conversion takes place the system will pull information from the framere lay header field and create an ATM cell with similar information This will also be performed in the opposite direction The following information pertains to the FRS configuration The 3086 allows for eight individual FRS connections Each is configured indiv...

Страница 155: ...l into one of the above listed encapsulation types DEMapping Defines how the DE bit discard eligibility in the framerelay header will be translated into the ATM CLPI bit Cell Loss Priority Indication in the ATM header Options Zero the CLPI and DE will always be set to 0 One the CLPI and DE will always be set to 1 Convert the DE bit from the framerelay header will be replaced by the CLPI bit in the...

Страница 156: ...e ATM side of the FRS connection VCI Sets the Virtual Channel Identifier for the ATM side of the FRS connection DLCI Sets the Data Link Connection Identifier for the framerelay side of the FRS connection FRSName Define the name of the connection This is only used by the administrator as a reference Has no bearing on the FRS connection State Sets the state of the connection Options Enable enable th...

Страница 157: ...ific configuration of the channel CLI Configuration The configuration through the CLI is performed based on the channel numbers assigned The Channels are predefined as chn1 through chn8 The following high level commands are available through the CLI frs show chn2 Show the configuration for channel 2 frs list List all eight channels showing their high level configuration frs set chn2 Set configurat...

Страница 158: ...105 205 176 disable chn7 none 106 206 177 disable chn8 none 107 207 178 disable Note In the above example only channel 1 is active frs set chn2 DEMapping DLCI FECNMapping FRSName VCI VPI state transMode frs set chn2 VPI 0 After typing frs set chn2 inputting the into the system will display the optional variables that can be config ured Following the list of variables the user elected to set the VP...

Страница 159: ...Connect the atm and framerelay connections to the IP interfaces Example Connection 1 ip clear interfaces bridge clear interfaces framerelay clear transports rfc1483 clear transports framerelay add transport fr1 fr 171 Create a framerelay transport named fr1 with a DLCI of 171 rfc1483 add transport rfc1 atm 100 200 llc routed Create an ATM transport named rfc1 with vpi 100 vci 200 and llc and route...

Страница 160: ...terfaces 4 Connect the atm and framerelay connections to the bridge interfaces Example Connection 2 framerelay clear transports ip clear interfaces bridge clear interfaces rfc1483 clear transports Clear all transports and interfaces framerelay add transport fr1 fr 171 Add framerelay transport with DLCI 171 rfc1483 add transport rfc1 atm 100 200 llc bridged Add rfc1483 connection with vpi 100 vci 2...

Страница 161: ...ne 30 130 174 disable chn5 none 40 140 175 disable chn6 none 50 150 176 disable chn7 none 60 160 177 disable chn8 none 70 170 178 disable Display the current settings for the FRS tabel frs set chn1 VPI 100 frs set chn1 VCI 200 frs set chn1 DLCI 171 frs set chn1 transMode translate frs set chn1 DEMapping one frs set chn1 FECNMapping zero frs set chn1 FRSName testing frs list Chn Name VPI VCI DLCI C...

Страница 162: ...E Frame Relay to ATM Internetworking Model 3086 G SHDSL Integrated Access Device User Guide 162 Generic Frame Relay Connection Created Named FRS0 Enable the current settings ...

Отзывы:

Нет отзывов