XCell XC-32 Скачать руководство пользователя | Manualshive

Страница: 81 / 92

background image

User manual XC-32 XC-320 XC-4200

XI.2 - Radius

XI.2.1 - Introduction

Radius is a client-server protocol aiming at centralizing the users authentication on a
dedicated server (see RFC 2138).
To use Radius terminology, we will call Xcell NAS (Network Access Server).
The obvious interest of this protocol is the fact that it enables to manage all the accesses
to an information site with only one users database, and whatever the type and number of
NAS may be.
In addition to its authentication function, a RADIUS server also enables to rule the
connection type and parameters, (PPP, telnet, admin, asynchronous or/and RNIS access,
connection time...), according to the user who wish to connect.
An extension of the Radius protocol, (RFC 2139), also enables to count the connections.
You can thus keep a track of the connections made by all the users (name, connection
length, amount of informations transmitted and received, cause of the end of session).
The working process of Xcell integrated Radius client is the following :
A user authentication request, (login, PAP, CHAP), is first locally analysed. If Xcell
contains a suitable user account, connection type and parameters are managed by Xcell.
When the session starts, Xcell sends a starting signal to the RADIUS server (START).
When the session ends, Xcell transmits an ending signal (STOP).
If Xcell cannot manage to authenticate the user, the request is transmitted to the RADIUS
server. If RADIUS accepts the request, it will transmit the connection type and parameters
to Xcell. Later, informations about beginning and end of session are transmitted to
RADIUS.

XI.2.2 - Xcell-hold Radius attributes

Attribute

Definition

Notes

User-Name

Name of the user to identify.

Maximum size : 16

alphanumerical characters

User-Password

User password

Maximum size : 8

alphanumerical characters

CHAP-Password

Challenged user answer

emitted by the NAS

Size : 128 bits

NAS-IP-Address

NAS IP address

NAS-Port

Asynchronous port or ISDN

channel number

NAS-Port-Type

Port type

Asynchronous or ISDN

-81-

«
...
79
80
81
82
83
...
»

Содержание XC-32

Страница 1: ...20 XC 4200 User MANUAL Version 1 2 DECISION Europe 3 rue de Lattre de Tassigny BP14 85170 ST DENIS LA CHEVASSE FRANCE Tel 33 02 51 41 41 89 Fax 33 02 51 41 41 90 Web http www xcell com E mail support...

Страница 2: ...note 15 IV Configuration 16 IV 1 Introduction 16 IV 2 Entering IP address 16 IV 2 1 Entering IP address from Xcell administrator 16 IV 2 2 Entering IP address from a terminal 17 IV 3 HTTP Configuratio...

Страница 3: ...tty and RemoteCOM 37 VI 1 Introduction 37 VI 2 RemoteCOM 37 VI 2 1 RemoteCOM under Windows 95 98 37 VI 2 1 1 Setting up the Xcell 37 VI 2 1 2 Installation of RemoteCOM driver 38 VI 2 2 RemoteCOM under...

Страница 4: ...s side Xcell 57 VII 7 4 Configuration of server s side XC 58 VIII Printer Mode LPD 59 IX Rtelnet Mode 60 IX 1 Definition 60 IX 2 Configuration 60 IX 3 Rtelnet Pool 61 X Asynchronous PPP Mode 62 X 1 I...

Страница 5: ...1 4 Examples 78 XI 1 4 1 Forward Firewall 79 XI 1 4 2 Input Firewall 81 XI 1 4 3 Output Firewall 81 XI 2 Radius 82 XI 2 1 Introduction 82 XI 2 2 Xcell hold Radius attributes 82 XI 2 3 Radius requests...

Страница 6: ...on a remote Xcell Remote access server s family is composed by the following products p XC 32 provides 2 asynchronous ports RS232C and one Ethernet port p XC 320 provides 4 or 8 asynchronous ports RS...

Страница 7: ...4200 WAN Link Printer Ethernet Network Modem Lan link Aquisition de donn es Work Portable computer Serial port server function Raw Mode Gateway Terminal server function Remote access router function...

Страница 8: ...server the rawtty application to redirect the in and out data flow of the specified communication port dev ttyx to one of XC 320 port RemoteCOM is provides the same function for Windows 95 98 NT syst...

Страница 9: ...User manual XC 32 XC 320 XC 4200 Figure 1 Using of XC as a terminal server Figure 2 Using of XC as remote access server 9...

Страница 10: ...User manual XC 32 XC 320 XC 4200 Figure 3 Using of XC to connect serial equipments 10...

Страница 11: ...XC is composed by a line of five LEDS XC 32 Designation Color State Meaning Setup Locate Red On Setup mode activated Off Normal mode Clignotemen t Locate function activated Link Red On No presence of...

Страница 12: ...EDS Designatio n Color State Meaning Setup Red On Setup mode activated Off Normal mode Blinking Locate function activated LAN Link Red On No presence of the network Off Presence of the network LAN Tx...

Страница 13: ...ault Isdn Fan fault Green On One isdn interface activated at least Off No isdn interface activated Blinking Fan fault Link Red On No presence of the network Off Presence of the network Tx Orange Data...

Страница 14: ...port 10baseT p p p p 1 on off button The front face of XC 4200 displays the following elements p p p p 4 8 12 or 16 asynchronous ports RS232C V24 or RS422 485A p 1 asynchronous port noted Serial 1 Co...

Страница 15: ...warning Xcell Technology reserves itself the right to revise this publication without having to provide notification for such revisions Aslong as reasonable precautions have been taken Xcell Technolog...

Страница 16: ...r Before using Telnet or HTTP protocols you just need to fix Xcell IP address This can be made with Xcell administrator or with a terminal IV 2 Entering IP address IV 2 1 Entering IP address from Xcel...

Страница 17: ...d with the following commands IFCONFIG IP interface IP_address ROUTE ADD NET interface destination gateway netmask Example ROOT ifconfig ip eth0 192 168 1 11 Ok ROOT route add net eth0 192 168 1 0 0 0...

Страница 18: ...User manual XC 32 XC 320 XC 4200 Click on GO and open a session under the name root Default password is root Now you can configure your Xcell 18...

Страница 19: ...adcast address By default this address is the one of the system with 255 in place of the machine address For a network address 192 168 2 0 broadcast address will be 192 168 2 255 By default network ma...

Страница 20: ...m Xcell that these frames run through the 192 168 2 1 router There are three manners for this The first consists in informing Xcell that all IP frames intended for the 192 168 1 2 server have to be se...

Страница 21: ...s interfaces IV 5 1 Software settings Configuration of a serial port can be done with serial command You must enter individually each parameter ROOT serial speed 9600 4 ROOT serial csize 8 4 ROOT seri...

Страница 22: ...xample to program the first five Xcell ports in each of these modes commands would respectively be ROOT serial mode term 1 Ok ROOT serial mode printer 2 Ok ROOT serial mode raw 3 Ok ROOT serial mode p...

Страница 23: ...3 Ok ROOT serial flowctrl none 4 Ok IV 5 5 Automatic disconnection of a Modem If there is no data traffic during a determined deplay on port where the modem is connected Xcell can decide to disconnect...

Страница 24: ...nds that are dealt with in this chapter IV 6 Saving and restoring Xcell configuration IV 6 1 Saving in FLASH memory All parameters are conserved by Xcell in RAM up to the next Xcell boot If you want t...

Страница 25: ...user account The opening of a user account can be made through the user commands Thanks to these commands you can create or modify a user form To create a new form use the user add command You have t...

Страница 26: ...cell can be configurated so that it calls dial in user back Thus phone number dialed by Xcell can be predefined static callback or provided by the user dynamic callback In case of a static callback Xc...

Страница 27: ...tate and interrupts the connection if it falls One simple solution to this problem is to make the modem DCD always active p Configuration panel p Modems p Your modem s properties p Connection tab p Ad...

Страница 28: ...net session on another port other than port 23 you just have to enter the following command ROOT user telnetport paul 1 25 IV 8 Management of a modem connection A Terminal can be connected directly on...

Страница 29: ...it Audits generate some usefull information to control Xcell s activity or to analyse configuration errors These information are displayed in real time or redirected a file Audit commands enable you t...

Страница 30: ...ferents types are auth Messages about authentication printer Messages about lpd daemon isdn Messages about isdn connections system Messages about system parameters DHCP RADIUS save ppp Messages about...

Страница 31: ...you will show the ten last lines of the audit file IV 9 4 List of created audits The audit show command enables you to display the list of declared audits Example ROOT audit show buffer 0 0 0 0 debug...

Страница 32: ...User manual XC 32 XC 320 XC 4200 ROOT audit start Ok To stop a console audit use the audit stop command ROOT audit stop Ok 32...

Страница 33: ...with a limited choice of commands Moreover up to 3 different sessions can be open on any server Use the command XCELL telnet myserver Connection login can be immediately displayed on the terminal scre...

Страница 34: ...ample type the following command XCELL telnet myserver 1301 V 3 Multi sessions Up to three Telnet sessions may be issued on one same terminal A terminal with an emulation that can bear a change of scr...

Страница 35: ...port 7 wants to close his first session he will have to enter XCELL close session 1 If the same user wants to close all his sessions he will enter XCELL close session all V 4 Automatic Telnet It is p...

Страница 36: ...User manual XC 32 XC 320 XC 4200 36...

Страница 37: ...95 98 VI 2 1 1 Setting up the Xcell Only flow control parameter must be set on the Xcell Configuration example with Telnet console First display current ports configuration ROOT serial show all Port...

Страница 38: ...sk No to Windows s automatic detection p Click on Others p Then click on Have disk and find the way to the path in which you have make a copy of RemoteCOM driver remcom inf p Restart Windows after the...

Страница 39: ...port number p Example Xcell 192 168 4 23 port 7 4 Using RemoteCom You can audit RemoteCOM activity using the RemoteCOM application icon in the task bar p Click on RemoteCOM icon p Click on Status p D...

Страница 40: ...M port number 6 Troubleshooting p Check if Xcell is visible on the network using ping or telnet p Check configuration and state of Xcell s port p Read the log file VI 2 2 RemoteCOM under Windows NT sy...

Страница 41: ...nd recepts states of DCD and DSR signals VI 2 2 2 Installation of RemoteCOM driver RemoteCOM for WINNT is composed of p A service module RemoteCOM service p A driver RemoteCOM driver p A program for s...

Страница 42: ...data transmitted EV_TXEMPTY in WaitCommEvent label is right only when transmitted data have really been send by the remote port The COMSTAT cbOutQue field in ClearCommError is updated in the same way...

Страница 43: ...tallation RemoteCOM service is disable The first time you will restart your system RemoteCOM will warn you and then you will be able to choose the activation mode of RemoteCOM service You can change s...

Страница 44: ...TY device driver on UNIX SCO Open Server install sh Xcell rawTTY installation Xcell IP address 192 168 1 42 192 168 1 42 Ok RET O Non N DEL exit O PORTS in RAW mode ex 1 2 7 enter 5 6 5 6 Ok RET O Non...

Страница 45: ...e delay v1 d u username c device xcell_IP port_num Keepalive helps to regularly check Xcell s physical presence on the network A request is carried out every delay second s to check if the connection...

Страница 46: ...ual XC 32 XC 320 XC 4200 rawtty dev raw4 192 168 1 12 5 The rawclose command enables to force to close port declared in rawtty Syntax rawclose server_IP_address port_number Example rawclose 192 168 1...

Страница 47: ...e end of the network to the other we must change this data flow in a characters flow mixed with codes which match with signal s states Packaging of data and forwarding of an IP network can generate de...

Страница 48: ...OOT mux port 1 1 Ok ROOT mux dsrredirect none 1 Ok ROOT mux ctsredirect none 1 Ok ROOT mux show 1 Port Mode Sync Flush KAlive Remote IP port DCD DSR CTS debug 1 mux No Yes 0 192 168 2 1 1 none none no...

Страница 49: ...port DCD DSR CTS debug 1 raw No Yes 0 0 0 0 0 0 none none none No ROOT serial show 1 Port Mode Speed FlowCtrl LineC Cs Par Stop ModemName RtelnetTimeO 1 raw 9600 soft local 8 none 1 2001 0 VII 5 Examp...

Страница 50: ...t power off his terminal to permit the other technician to manage the PLC When a terminal is powered there is at least one signal activated RTS for a terminal or DTR for a terminal emulator You just h...

Страница 51: ...te IP port DCD DSR CTS debug 1 mux No Yes 0 192 168 2 1 1 none none none No ROOT serial show 1 Port Mode Speed FlowCtrl LineC Cs Par Stop ModemName RtelnetTimeO 1 mux 9600 soft modem 8 none 1 2001 0 V...

Страница 52: ...on is to automatically break the unused connection after a specified timeout Connection will be automatically relaunched when the technician will type any character on his keyboard On client s side Xc...

Страница 53: ...top redirection of DSR signal mux dsrredirect none 1 p Receive a character thanks to the serial quick no command Xcell will wait for a character on its serial port before establishing the connection V...

Страница 54: ...al mode raw 1 Ok ROOT mux dsrredirect none 1 Ok ROOT mux ctsredirect none 1 Ok ROOT mux show 1 Port Mode Sync Flush KAlive Remote IP port DCD DSR CTS debug 1 raw No Yes 0 0 0 0 0 0 none none none No R...

Страница 55: ...the PLC will be accessible to the second technician after 3 minutes On client s side Xcell p Link DTR or RTS signal of the terminal to DSR signal of serial port n 1 make a cable p Enable redirection...

Страница 56: ...be established State of DTR or RTS signal on the terminal will be applied to DCD on client Xcell This Xcell will be able to establish or break the connection matching with terminal state on or off Oth...

Страница 57: ...tion of server s side XC ROOT serial mode raw 1 Ok ROOT mux ctsredirect none 1 Ok ROOT mux defaultdtr yes 1 Ok ROOT mux show 1 Port Mode Sync Flush KAlive Remote IP port DCD DSR CTS debug 1 raw No Yes...

Страница 58: ...nnected on Xcell port 4 The remote printer name is printern where n is Xcell port number on which the printer is connected to If a printer is found on the port 4 the configuration will be the followin...

Страница 59: ...he user connects to this equipment when he executes a Telnet session from a TCP IP machine Figure 6 The TCP IP workstation connects to the no TCP IP server through a Telnet session on Xcell Under UNIX...

Страница 60: ...1 In our example port number 2004 is associated to Xcell port 1 To know what TCP port numbers are assigned to Xcell ports enter ROOT serial show all IX 3 Rtelnet Pool If you assign the same TCP port n...

Страница 61: ...ntication this is a generated random chain of characters sent with its host name The client has to use the name to find the corresponding code to combine it with the chain and to encrypt the chain The...

Страница 62: ...To display PPP forms list or all parameters of a form use the ppp show command Example ROOT ppp show Ppp Comment internet ROOT ppp show internet To delete a form use the following command ROOT ppp del...

Страница 63: ...user account name that will be used by Xcell to authenticate itself to the remote host Example ROOT ppp authname internet paul Enter the user account password thanks to the ppp password command Examp...

Страница 64: ...ernet yes X 5 8 Mask It is the network mask of the created ppp interface ROOT ppp mask internet 255 255 255 255 X 5 9 Routing induce modifications Xcell has to carry out on its routing table after a P...

Страница 65: ...um size of IP packets in reception ROOT ppp mru internet 1500 X 5 12 MTU Maximum size of IP packets in transmission ROOT ppp mtu internet 1500 X 6 PPP connection establishment The establishment of an...

Страница 66: ...ve negotiation the 2 IP address have to be defined by one machine or the other If the first or the second IP address is not defined negotiation will fail If one of both IP addresses is defined by each...

Страница 67: ...to insure that IP addresses susceptible to be provided by Xcell are not used by other machines X 7 Compression Xcell bears BSD compression over a PPP link In case of PPP connection through modems betw...

Страница 68: ...psulates C assigned IP frame in a Xcell assigned Ethernet frame p Xcell receives the Ethernet frame and extracts the IP frame p As the IP frame is not assigned for it Xcell consults its routing table...

Страница 69: ...Ok ROOT route add net eth0 192 168 1 0 0 0 0 0 255 255 255 0 Ok p Specify your DNS address It will be transmitted to the client when the PPP link will be established ROOT domain server1 DNS_IP_Address...

Страница 70: ...user callback paul static Ok ROOT user callbacnb paul 1 0251809000 Ok Define a modem form if none of those predefined corresponds to your modem ROOT modem add sporster Ok ROOT modem comment sporster...

Страница 71: ...done Ok ROOT reset port 1 Ok X 9 2 Configuration of Windows 95 Dial Up PPP Client In the Dial Up Networking window right click on a connection icon and then click on Properties Create a remote access...

Страница 72: ...ted in IP frames To do this you must use a WINS server or edit lmhosts files on each LAN machines X 10 Access Server function without Proxy ARP The situation is almost the same as previous However mod...

Страница 73: ...hosts an IP address belonging to a sub network different from that used by the server For example if you initiated Remote IP with the value 192 168 2 1 all machines connected on Xcell will be respect...

Страница 74: ...d advising the sender Reject p Refusing the operation without warning the sender Deny A frame type is characterized by p The transmitter p The receiver p The protocol UDP TCP ICMP p Eventually the por...

Страница 75: ...1 Examples Chain activated every week from Monday to Friday Just select Start Day of the Week Monday and End Day of the Week Friday Chain activated every month from the 1st to 15th Just fill these tw...

Страница 76: ...adopted Premise Conclusion sender AND target AND protocol AND port accept OR reject OR deny AND logical and OR logical or Xcell looks for the first rule that characterizes the IP frame to be analyzed...

Страница 77: ...e first rule as source and source value of the first rule as target WARNING This option is valide only in a Forward Firewall chain XI 1 3 2 Type Of Service TOS There are five Type of Service p Minimum...

Страница 78: ...connections to Internet or forbid a machine to use some services FTP mail web To forbid these connections just say to Xcell not to route frames coming from the machine to the selected services It can...

Страница 79: ...nal box unchecked and TOS to standard In this example all frames Protocol all coming from the 192 168 2 11 machine Source 192 168 2 11 and targeting an Internet host Destination 0 0 0 0 will be reject...

Страница 80: ...nes to connect to Internet XI 1 4 2 Input Firewall For security reasons we can expected that an Internet host could not issue a Telnet session or access to a Rawtty port on Xcell Only the LAN machines...

Страница 81: ...ed cause of the end of session The working process of Xcell integrated Radius client is the following A user authentication request login PAP CHAP is first locally analysed If Xcell contains a suitabl...

Страница 82: ...chronous ports Acct Status Type Session starting or ending informations START or STOP Acct Input Octets Number of bytes received during a session Acct Output Octets Number of bytes transmitted during...

Страница 83: ...f Service Type Login or Callback Login Login TCP Port 0 1 0 1 0 1 if Service Type Login or Callback Login Login Service 1 if Service Type Login or Callback Login Acct Input Octets 0 0 1 Acct Output Oc...

Страница 84: ...of the Time Out it repeats its request three times You can modify this number with the following command SYSTEM RADIUS AUTHRETRIES authentic server request retries SYSTEM RADIUS ACCTRETRIES accounting...

Страница 85: ...DHCP server IP address It broadcast is request on the LAN to join the DHCP server If you want to specify a particular DHCP server IP address just use the system dhcp server command Example ROOT syste...

Страница 86: ...ate XC s DHCP relay ROOT dhcp relay server 1 192 168 1 1 Note that you can enter IP address of a second DHCP server In this case Xcell will retransmit DHCP requests to both servers and will take care...

Страница 87: ...R DSR DCD Speed 440 kbd Cabling RJ45 Option DB25M DB9 ROUTING Static routing Yes Yes Yes SECURITY PAP CHAP Yes Yes Yes Radius Client Yes Yes Yes Users database Yes Yes Yes Automatic callback Yes Yes Y...

Страница 88: ...PP Yes LPD Yes Yes Yes RemoteCOM Option 1 1 Mux mode yes GENERAL M moiry 8 Mo 16 Mo Timer WatchDog Yes Yes Yes CPU 32 bits 40 Mhz 32 bits 133 Mhz Size 69 135 27 mm 220 166 31 mm 446 187 44 mm Power su...

Страница 89: ...al XC 32 XC 320 XC 4200 XIII Cabling XIII 1 RJ45 connector PIN Circuit 1 CTS 2 TxD 3 Ground 4 RxD 5 DCD 6 DTR 7 RTS 8 DSR Figure 8 RJ45 Front view XIII 2 Xcell DTE to DTE equipment With RTS CTS flow c...

Страница 90: ...User manual XC 32 XC 320 XC 4200 XIII 3 Xcell DTE to asynchronous terminal DTE With DTR DSR flow control XIII 4 Xcell DTE to DCE equipment RS232C Modem 90...

Страница 91: ...C 4200 RJ45 DB25 Male Comx 232 Reference F00132 Update B 19 08 98 RJ45 DB9 Male Comx 232 Reference F00142 Update B 19 08 98 XIII 5 Xcell DTE to DCE equipment RS422A RJ45 DB25 Male Comx 422 Reference F...

Страница 92: ...User manual XC 32 XC 320 XC 4200 RJ45 DB9 Male Comx 422 Reference F00162 Update C 28 06 99 XIII 6 Xcell DTE to DCE equipment RS485 RJ45 DB9 Male Comx 485 Reference F00181 Update A 02 07 99 92...

Отзывы:

Нет отзывов

Похожие инструкции для XC-32

SuperServer E100-8Q

Бренд: Supermicro Страницы: 48

Бренд: F5 Страницы: 2

WANJet 400 Appliance

Бренд: F5 Страницы: 11

UniServer T1100 G3

Бренд: H3C Страницы: 66

UniServer R6900 G3

Бренд: H3C Страницы: 214

UniServer R6700 G3

Бренд: H3C Страницы: 151

UniServer R4900 G5

Бренд: H3C Страницы: 16

Бренд: Kontron Страницы: 110

A+ AS-2124US-TNRP

Бренд: Supermicro Страницы: 130

Бренд: Cabletron Systems Страницы: 100

SUPERSERVER 6015C-NT

Бренд: Supermicro Страницы: 110

xSeries 342 2RX

Бренд: IBM Страницы: 158

376227-B21 - ProLiant InfiniBand 4x Fabric Copper Switch

Бренд: HP Страницы: 169

Бренд: SEH Страницы: 32

Бренд: Planet Страницы: 71

Бренд: QSSC Страницы: 97

Бренд: SAP Страницы: 32

Бренд: Intel Страницы: 75

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды