AB-100 User Manual - Winncom Technologies
Contents
1.2. Axxcelera B R O AMDBEAUNSEDSINEEWESRSEPTPUESSS AB 100 User Manual Axxcelera B RO A D B N D W RE L Eco8 S 10 100 ETHERNET TO ATM 25 CONVERTER AB 100 ETHERNET MNGMT Sept 18 2003 Axxcelera Broadband Wireless 175 Science Parkway Rochester New York 14620 Telephone 716 242 9600 Telephone 877 557 4001 Fax 716 242 9620 Revision History Version Date Author Comments 1 16 June 03 Matt Olson Created 2 18 Aug 03 Matt Olson Updated 3 21 Aug 03 Matt Olson Updated 4 27 Aug 03 Matt Olson Updated 5 18 Sep 03 Matt Olson Updated Axxcelera Broadband AB 100 Manual Page 2 of 111 Version 5 Table of Contents REVISION AIS TORY assii iseasi orreen nonae naapa taaan aa aaea Aaaa ERE edvcessssuesstieesteavsnsiesnneeatnaeseabeubenedeias 2 TABLE OF CON TE N T S r Era ara a aa ae arae aE aa RM NER EROR a ae aA EEEE tx Aa AEAEE NEE Eaa SEE aa 3 1 OVERVIEW A A 7 2 INSTAELATJQN esa narea aeee ERA e Easa e RAA A aaa A Eea AAA e Eea E CAE RASER AE E EAA EAEn E AERE 8 2 1 Factory Defaults NEM P E E EEA E RE EEEE 8 2 22 Back Panel ec 8 2 2 1 A TM RE EEE E EEE E Ee E RER SE 8 2 2 2 liner AT T EEA 8 223 MNGMT D 8 2 2 4 if jp 8 2 2 5 PWR P ON 8 2 2 6 Ground c 8 2 3 Technical SDOCD
3. Anmcelera AB 100 Stat 1 1 1 fed Firewall Add Host Validator external internal uick Start gt System V Configuration Add Host Validator Save config Authentication 3 ibanlecnaccion Host IP Address Security Host Subnet Mask WAN connections IP routes Direction both X DHCP server DHCP relay DNS client Aooly DNS relay P Ports Return to Validator List O Return to Policy List 9 Return to Interface List Q Copyright c 2003 Axxcelera Broadband Wireless 2 In the Host IP Address text box type the IP address that you want to allow block 3 In the Host Subnet Mask text box type the IP mask address If you want to filter a range of addresses you can specify the mask for example 255 255 255 0 If you want to filter a single IP address use the specific IP mask address for example 255 255 255 255 4 Click on the Direction drop down list and select the direction of traffic that you want the validator to filter 5 Click on Apply The Configure Validators page is displayed containing details of the host validator that you have just added 6 Each portfilter displayed in the Configuration Validators page has a Delete Host Validator hyperlink assigned to it To delete a validator click on this link then at the confirmation page click on the Delete Host Validator button The validator is removed from the Firewall configuration 3 4 4 11 Configuring triggers A trigger allows an application to open a seco
4. Copyright c 2003 Axxcelera Broadband Wireless 3 4 9 1 Configuring DNS servers 1 Type the IP address of the unknown domain name in the DNS servers text box Axxcelera Broadband AB 100 Manual Page 42 of 111 Version 5 2 Click Add The IP address appears in the DNS server table You can add a maximum of three server IP addresses Each IP address entry has a Delete button associated with it Click on Delete to remove an IP address from this list 3 4 9 2 Configuring DNS search domains Type a search string in the Domain search order text box Click Add The search string is displayed in the Domain search order table You can add a maximum of six search strings Each search string entry has a Delete button associated with it Click on Delete to remove a string from this list N Re 3 4 10 DNS relay This option allows you to create configure and delete DNS relay s primary and secondary DNS servers DNS relay can forward DNS queries to the DNS servers on this list From the Configuration menu click on DNS Relay The following page is displayed PTAxxcelera AB 100 i ris DNS Relay O Quick Start gt System V Configuration This page allows you to enter a list of DNS server IP addresses that the DNS relay can Save config forward DNS queries to It also allows access to the DNS relay LAN database O Authentication een Edit DNS server list Security Se Use this section to edit existing DNS server addresses present in t
5. Spanning Interface Spanning Spanning Bridge Interface RFC1483 Ethernet lANIecnneciion Bridge Bridge Bridge Interface Interface Config Security WAN connections IP routes routes Edit Bridge DHCP relay DNS client DNS relay Options V Ports P oe Name Value Version 1 01 Filterage 35g Version 1 01 Enabled false 7 Termination Change Reset Copyright c 2003 Axxcelera Broadband Wireless T 4 10 Edit Bridge Interface Name Value Description Ether Filter All Ip Pppoe Allows these type of Ethernet packets Type through the port All all type of Ethernet packets Ip all ip arp type of Ethernet packets Pppoe only PPPoE types of Ethernet packts Port Filter all port The name of the existing port that you wan packets received on a specified bridge interface to be forwarded to If the value is all it will forward packets received on a specified bridge interface to all existing bridge ports Enabled true false Enables or disables this feature Layer2Session N A N A Axxcelera Broadband AB 100 Manual Page 53 of 111 Version 5 Axxceler AB 100 Status Edit connection ImBridge O Quick Start gt System V Configuration Edit Eridge Edit Bridge Edit Edit Bridge Edit Edit Edit Auto Edit p Edit Edit Save config Interface Interface Spanning Spanning Bridge Interface RFC1483
6. f Maximum TCP Open Handshaking Count type in the maximum number of unfinished TCP handshaking sessions per second that are allowed by Firewall before SYN Flood is detected g Maximum Ping Count type in the maximum number of pings per second that are allowed before the Firewall detects an Echo Storm DOS attack h Maximum ICMP Count type in the maximum number of ICMP packets per second that are allowed by the Firewall before an ICMP Flood DOS is detected 3 Once you have configured Intrusion Detection click on Apply The Intrusion Detection settings are applied to the Firewall and the Security Interface Configuration page is displayed 3 4 5 WAN connections This option allows you to create and configure WAN connections for your AB 100 You can also create virtual interfaces on routed services From the Configuration menu click on WAN connections The WAN connections page is displayed _ Axcelera AB 100 Status WAN connections Quick Start System ayoo Configuration Save config Authentication E connection Service Name IP Bridge Interface Name Description Creator ecurity WAN connections ipoa1 ip2 ipoa1 cu Edit Delete Virtual fo IP routes DHCP server ipoa2 ip3 ipoa2 CLI Edit Delete OQ Virtual fo DHCP relay DNS client DNS relay Create a new service Q P Ports WAN services currently defined 3 4 5 1 Creating a WAN service 1 Click on Cre
7. add atm25i 0 200 atm25m 0 768 default default perm epd add atm25m 0 1024 atm25i 0 300 default default perm epd add atm25i 0 300 atm25m 0 1024 default default perm epd Axxcelera Broadband AB 100 Manual Page 78 of 111 Version 5 9 1 4 SU1 resolve device add eth0 ether iedd mtu 1500 192 168 3 65 device add atm1 atm bun mtu 1500 192 168 5 2 subnet add ethO home 192 168 3 64 ff ff ff f8 subnet add atm1 home 192 168 5 0 ff ff ff fc rip send all none rip accept all none route add default 0 0 0 0 192 168 5 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 ipatm pvc atm1 atm25m 0 768 pcr 70000 70000 remoteip 192 168 5 1 9 1 5 SU1 system conf channel 0 antenna horizontal mode static mid 3 bid 0 interface eth duplex half backoff 0 provider abw key Axxcelera mask 1ffff leds active 9 1 6 SU2 resolve Axxcelera Broadband AB 100 Manual Page 79 of 111 Version 5 device add ethO ether edd mtu 1500 192 168 3 65 device add atm1 atm bun mtu 1500 192 168 5 6 subnet add ethO0 home 192 168 3 64 ff ff ff f8 subnet add atm1 home 192 168 5 4 ff ff ff fc rip send all none rip accept all none route add default 0 0 0 0 192 168 5 5 00 00 00 00 1 MAN relay all ipatm lifetime 60 ipatm pvc atm1 atm25m 0 1024 pcr 70000 70000 remoteip 192 168 5 5 9 1 7 SU2 system conf channel 0 antenna horizontal mode static mid 4 bid 0 interface eth0 duplex half backoff 0 provider abw key Axxcelera
8. A firewall level none c 2 zZ z z Axxcelera Broadband AB 100 Manual Page 93 of 111 Version 5 firewall enabl fals IDS false ClearIDSBlacklist true sessionlog true blockinglog true IntrusionLog false N ImFwIDS ImFireWall ImFwIDS UseBlackList false UseVictimProtection false DosAttackBlockDuration 1800 ScanAttackBlockDuration 86400 VictimProtectionBlockDuration 600 MaxTcpOpenHandshakingCount 100 MaxPingCount 15 MaxICMPCount 100 N ImProcessLogFilters ImProcessLogFilters N ImDevice ImDevic A saveconfig false N ImServices ImServices N ImService ImServices ethl A creator CLI A description eth1 N ImEthernet ImServices ethl ethl A enabled true A layer2SessionUser ImBridge ImBridgeInterfaces ethl N ImChannels ImServices ethl ethl ImChannels N ImEtherChannel ImServices ethl ethl ImChannels item0 A port ethernet N ImService ImServices ipoa 0 A creator WebAdmin A description SU MGMT N ImIpoa ImServices ipoa 0 item0 A svc false A atmarp here A lifetime 60 A enabled true A layer2SessionUser ImRouter ImIpInterfaces ipoa 0 N ImChannels ImServices ipoa 0 item0 ImChannels N ImAtmChannel ImServices ipoa 0 item0 ImChannels item0 A txVci 99 A rxVci 99 A class UBR A port atm N ImService ImServices rfc1483 0 A creator WebAdmin A description DATA N ImRfc1483 ImServices rfc1483 0 itemO A mode LlcBridged A enabled true A layer2SessionUser ImBridge ImBridge
9. DHCP relay DNS client DNS relay V Ports Ethernet ATM Service Name iP Bridge Interface Name Description Creator Copyright c 2003 Axxcelera Broadband Wireless 4 Click on Create a new service 5 Select IPoA routed 6 Click on Configure Axxcelera Broadband AB 100 Manual Page 61 of 111 Version 5 Axxcelera BROADBAND WIRELESS O Status O Quick Start gt System V Configuration Save config Authentication LAN connection Security WAN connections IP routes DHCP server DHCP relay DNS client DNS relay V Ports Ethernet ATM AB 100 WAN connection create service Please select the type of service you wish to create ATM C RFC 1483 routed C RFC 1483 bridged C PPPoA routed PPPoA bridged IPoA routed Ethernet Copyright c 2003 Axxcelera Broadband Wireless 7 Fill in the following fields a Description Description text field b VPI Virtual Path Identifier NOTE AB Access only supports VPI 0 7 on terrestrial interface c VCI Virtual Circuit Identifier d WAN IP address IP address assigned to the ATM WAN interface This address is the address the ipatm pvc s in the resolve file of each SU will terminate on 8 Click on Apply Axxcelera BROADBAND WIRELESS O Status O Quick Start gt System V Configuration Save config Authentication LAN connection Security WAN connections IP routes DHCP server DHCP relay DNS client DNS relay V Po
10. Enter the hostname that you want to refer to this unit by Enter the current password of the unit Select Retrieve Configuration Click on Submit Axxcelera Broadband AB 100 Manual Page 100 of 111 Version 5 E Update AB Unit 192 168 2 2 9 Convert the ipatm pvc information in the resolve file to the initswitchcli file This is done by the AB File Converter tool 10 Fill in Hostname of AP that you want to convert 11 Select Convert Resolve File Axxcelera Broadband AB 100 Manual Page 101 of 111 Version 5 AB File Converter Process files to create inittswitchch 12 Click on Submit 13 Open Edit AB Configuration 14 Fill in Hostname of AP that you want to edit 15 Select Edit Configuration REE AB Unit Edit Tool Hostname to Fdit TestaP Edit Configuration Exit Update Tool 16 Click on Submit 17 Edit the resolve file by changing the following lines a Device e OLD device add eth0 ether edd mtu 1500 192 168 2 2 Axxcelera Broadband AB 100 Manual Page 102 of 111 Version 5 e New device add atm0 atm bun mtu 1500 192 168 2 2 e Delete device delete atm b Subnet e OLD subnet add ethO home 192 168 2 0 _ ff ff ff 00 e New subnet add atmO0 home 192 168 2 0 _ ff ff ff 00 e Delete subnet delete atm0 home c Ipatm pvc e Add ipatm pvc add atm0 atm25m 0 100 pcr 70000 70000 remoteip 192 168 2 1 e Relay If the unit relay all then nothi
11. Ethernet Authentication Bridge Bridge LAN connection Interface Config Security WAN connections P routes Edit Bridge Interface DHCP relay DNS client x DNS relay Options V Ports Ethernet Name Value ATM Ether Filter Type Port Filter All Enabled tue z Layer2Session Reset Copyright c 2003 Axxcelera Broadband Wireless 4 11 Edit Spanning Bridge Interface Name Value Description Enabled true false Enables or disables the bridge s ability to use the spanning tree protocol Priority 0 255 The priority is used in conjunction with the pathcost to determine the best root to the root bridge The higher the priority number the less significant in protocol terms the port Path Cost 1 65535 The cost of the port is used when deciding which is the best path to the root bridge Axxcelera Broadband AB 100 Manual Version 5 Page 54 of 111 i _ Ancelera AB 100 1 O Sit Edit connection rfc1483 0 O Quick Start gt System V Configuration Save config Authentication LAN connection Edit Bridge Interface Edit Spanning Bridge Interface Edit RFC1483 Security E WAN connections Protas Edit Spanning Bridge Interface DHCP server DHCP relay DNS client DNS relay Options V Ports Ethernet Name Value ATM Enabled false 7 Priority 128 Path Cost 15 Change Reset Copyright c 2003 Axxcelera Broadband Wireless iz 4 12Edit Spanning B
12. Security Victim Protection Block Duration 555 WAN connections IP routes DOS Attack Block Duration 1800 DHCP server DHCP relay Scan Attack Block Duration 55450 DNS client Maximum TCP Open Handshaking Count DNS relay T 3 2 P Ports Maximum Ping Count 15 Maximum ICMP Count f1 00 Apply Clear Blacklist Return to Interface List Copyright c 2003 Axxcelera Broadband Wireless The values displayed above are the default values 2 Configure Intrusion Detection as follows a Use Blacklist select true or false depending on whether you want external hosts to be blacklisted if the Firewall detects an intrusion from that host Click on the Clear Blacklist button at the bottom of the page to clear blacklisting of an external host The Security Interface Configuration page is displayed b Use Victim Protection select true of false depending on whether you want to protect a victim from an attempted web spoofing attack Axxcelera Broadband AB 100 Manual Page 33 of 111 Version 5 c Victim Protection Block Duration type the length of time in seconds that the Firewall blocks packets destined for the victim of a spoofing style attack d DOS Attack Block Duration type the length of time in seconds that the Firewall blocks suspicious hosts for after it has detected scan activity e Scan Attack Block Duration type the length of time in seconds that the Firewall blocks suspicious hosts for after it has detected scan activity
13. c 2003 Axxcelera Broadband Wireless Specify the protocol number in the 7ransport Type text box for example for IGMP enter protocol number 2 For more information on protocol numbers see ftp ftp rfc editor org in notes rfc1700 txt Then use the Direction drop down lists to specify whether you want to allow block inbound traffic and allow block outbound traffic Click on Apply The Firewall Port Filters page is displayed containing details of the IP portfilter that you have just added 2 Each portfilter displayed in the Firewall Port Filters page has a Delete hyperlink assigned to it To delete a portfilter click on this link then at the confirmation page click on the Delete button The portfilter is removed from the Firewall configuration 3 4 4 10 Configuring validators A validator allows blocks traffic based on the source destination IP address and netmask Traffic will be allowed or blocked depending on the validator configuration specified when the policy was created See Configuring Security policies This section assumes that you have previously followed the instructions in Configuring Security policies To configure validator 1 From the Current Firewall Policies table click on Host Validators link for the policy that you want to configure The Configure Validators page is displayed Click on the Add Host Validator link The following page is displayed Axxcelera Broadband AB 100 Manual Page 30 of 111 Version 5 _
14. port atm N ImUsers ImUsers N ImUser ImUsers atmos gp mele N ImRouter ImRouter username atmos password atmos comment Created by CLI accessLevel superuser mayConfigure true mayDialIn true pppLoginAuth none N ImIpInterfaces ImRouter ImIpInterfaces N ImIpInterface ImRouter ImIpInterfaces ipl A A A A A A ipaddr 192 168 3 mask 255 255 255 dhcp false mtu 1500 enabled true layer2Session Im id 0 Bridge N ImTcpMssClamp ImRouter ImIpInterfaces ipl ImTcpMssClamp A enabled false N ImRipVersions ImRouter ImIpInterfaces ipl ImRipVersions A A acceptvVl false acceptV2 false Axxcelera Broadband AB 100 Manual Page 69 of 111 Version 5 A sendV1 false A sendv2 false A sendMulticast false N ImIpInterface ImRouter ImIpInterfaces ipaddr 192 168 100 1 A A A A A A N ImTcpMssClamp ImRouter ImIpInterfaces mask 25 dhcp fa mtu 150 enabled 525954259570 lse 0 true layer2Session ImServices ipoa 0 itemO A enabled false N ImRipVersions ImRouter ImIpInterfaces A A A A A acceptvl false acceptV2 false sendV1 sendV2 sendMul N ImPorts ImPor N ethernet ImPo A resetDe N atm ImPorts a resetDefaults false A false false ticast false ts rts ethernet faults false tm N ImWebserv gp opp mDpss p end httpPor upnpPor r ImWebserver t 80 t 2800 telnetPort 23 interface ipl enabled mgmtIp a
15. 109 Ipae EE OL c ocn 109 IZo AIMP e E E L 110 2A AIM Cable Sn a AE A EE OET E TEN E EAE EE 110 I MEME CoD E E E RE 110 1242 COSS OVET ee A E ma TY ee een Eaa a Eea Ee TEE EE a 111 Axxcelera Broadband AB 100 Manual Page 6 of 111 Version 5 Section 1 1 Overview ATM networks have certain specific advantages over Ethernet networks but Ethernet networks have certain advantages over ATM networks At the heart of these advantages is the acceptance of ATM as a core network technology and the acceptance of Ethernet as an end consumer protocol Interfacing these two disparate network protocols typically involves the use of expensive ATM switches and or Ethernet routers with ATM interface modules Axxcelera s AB Access wireless point to multipoint LAN WAN appliances are unique in the industry in that they are able to provide either an ATM terrestrial network interface or an Ethernet terrestrial network Throughput and performance of the AB Access product is maximized when the Access Point basestation device is deployed with an ATM ATM25 terrestrial interface Flexibility in the AB Access product allows an ATM Access Point to communicate with Subscriber Units customer premise equipment with Ethernet interfaces Thus AB Access itself serves as a network technology bridge between ATM and Ethernet But not everyone who deploys AB Access desires to deploy ATM to the basestation AB 100 provides an inexpensive and effective means of performin
16. 70000 70000 remoteip 192 168 100 3 8 1 2 AP system conf channel 0 antenna horizontal mode static mid 0 bid 0 interface atm0 duplex half backoff 0 provider abw key Axxcelera mask 1ffff leds active max mid 254 Axxcelera Broadband AB 100 Manual Version 5 Page 72 of 111 8 1 3 SU resolve device add eth0 ether iedd mtu 1500 192 168 3 65 device add atm1 atm bun mtu 1500 192 168 100 3 subnet add eth0 home 192 168 3 64 ff ff ff f8 subnet add atm1 home 192 168 100 0 ff ff ff 00 rip send all none rip accept all none route add default 0 0 0 0 192 168 100 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 ipatm pvc atm1 atm25m 0 768 pcr 70000 70000 remoteip 192 168 100 1 8 1 4 SU system conf channel 0 antenna horizontal mode static mid 3 bid 0 interface ethd duplex half backoff 0 provider abw key Axxcelera mask 1ffff leds active 8 2 AB 100 icf config file Information Model configuration file version 4 N ImIGMPProxy ImIGMPProxy A forwardAll false N ImRip ImRip A hostRoutes false A poison false Axxcelera Broadband AB 100 Manual Page 73 of 111 Version 5 A authEnable false A authPassword A advertiseDefaultRoute false A defaultRouteCost 1 N ImBridge ImBridge A filterage 300 A enabled false A layer2SessionUser ImRouter ImIpInterfaces ipl N ImBridgeInterfaces ImBridge ImBridgeInterfaces N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A
17. Enable NAT to internal interfaces Delete Interface Q Acrarced o Enable NAT for Advanced Configuration ipoa O internal May be configured on external or DMZ interfaces Delete Interface Q Add Interface O Axxcelera Broadband AB 100 Manual Page 22 of 111 Version 5 The NAT column for the external interface tells you that you can enable NAT to internal interfaces If you had a DMZ interface configured this column would also include an Enable NAT to DMZ interfaces button 4 To enable NAT between the external interface and the internal interface type click on Enable NAT to internal interfaces The Security page is refreshed and NAT is enabled To disable NAT between interfaces click on Disable NAT to internal interfaces Once you have enabled NAT between interfaces you can e Configure global addresses see Configuring NAT global addresses e Configure reserved mapping see Configure NAT reserved mapping 3 4 4 6 Configuring NAT global addresses Global address pools allow you to create a pool of outside network addresses that is visible outside your network Before you can configure global addresses you need to configure NAT See Configuring NAT If you want to set up a global address pool on your existing NAT enabled interfaces 1 From the NAT Security Interfaces table click on the Advanced NAT Configuration hyperlink for the interface that you want to add a global pool to The following pag
18. TOULE aeos DoD CRM Ex UD IK NIMYARGERIR ERR REEE NSE RUE rir AREE EE 37 LET SM RIT rur A TOUTS C m 37 3 4 7 DHCP Ser G0 sii aed cs scctdeanteadaveunentiteditabelstiactess blaalesceksuceiadecaneadinnser ESR 37 3 4 7 1 Enabling disabling the DHCP server cccceccccecceeseeesseeeeceeeeeeceeeseecsaeenseenees 38 3 4 7 2 Creating a DACP server SOBDEL eto ERE tnt RSS DU REP on Rp bN HEP SK bi QUE 38 A473 Editing a DHCP SUDET iseanan Eine na Eotes E IO DEI CIR 39 DATA Creatina a Axed MOR oues pn eO vd tte in an Ud ts OU pas UR paso UR EERS 40 3 4 8 III ACC 41 3 4 8 1 Enabling disabling DHCP relay sse 41 3 4 8 2 Adding a DHCP server to the DHCP relay list sess 42 3 4 83 Editing deleting entries in the DHCP relay list esses 42 3 4 9 3j poe roo mt a a 42 3 4 9 1 Configuring DNS SEDVBEB dot co Recap ect ANI pPo REA RR n PER Rr a dUrdAE 42 3 4 9 2 Configuring DNS search domains esee 43 Er NIE c M 43 3 4 10 1 Configuring the DNS relay list uscusssneisona t dep pEI RUDI pax DE 43 3 5 lio M e E E A A E A E 44 3 5 1 Configuring DOLLS arosine ni EE E EERE E EEEE 44 Ai P E E laa e E E Ar FUR RUE ep Un Ad 44 3S2 ATM eee E E E EE E T 44 3 3 13 View advanced atteDUleS una eod ENDO VQ ted aar 45 4 ADVANGED OPTIQONSGS i iisu eA Ee RrRKRRRRRRRARRERRAAKRRRARTRuRRRRRERR RERRRRKERRE AR ERKERKRRRR RARE ERERAKTARRARRARR ERR ERKRI
19. and VBR rt channels This value overrides an existing BT value if set Sustainable Cell Any positive number The average cell rate fora VBR or VBR Rate that is less than the RT connection PortSpeed and the PCR for the channel Packet Priority The number of priority levels available on Levels an ATM transport ATM Traffic UBR CBR VBR Set the traffic class for the channel Class rt VBR ABR Channels connected to AB Access should UBRPlus QFC always use the default of UBR Port atm Allows user to set the type of port which will always be atm Port Class atm Displays the type of port 3 Axxcelera AB 100 pis Edit connection ipoa1 S V Configuration Authentication Security MEE Edit Service Edit IPoA Edit Atm Channel Edit Ip Interface Tem Edit Atm Channel Axxcelera Broadband Options Name Value Tx vci 515 Tx Vhpi 0 Rx Vci 515 Rx Vpi f Peak Cell Rate 2000 Burst Tolerance 0 Max Cell Rate f Max Burst Size f Sustainable Cell Rate 5 Packet Priority Levels 1 ATM Traffic Class UBR Port atm Port Class atm Change Reset AB 100 Manual Copyright c 2003 Axxcelera Broadband Wireless Page 48 of 111 Version 5 lr 4 4 Edit Ip Interface Name MEG Description Ipaddr a b c d IP Address for the defined interface Mask a b c d Subnet Mask for the defined interface Dhep true false Enable DHCP client on define
20. block x traffic WAN connections IP routes Selecting allow will block traffic from all hosts except those hosts which have validators DHCP server DHCP relay Appl DNS client Heg DNS relay gt Ports Return to Policy List Q Return to Interface List Q Copyright c 2003 Axxcelera Broadband Wireless 3 This page allows you to configure your Security policy Add specific values for the following entries e Set the interface types that you want to create a policy between by selecting a type from each of the Between interfaces of types drop down lists e Set the policy to either block only traffic specified in validators or allow only traffic specified in validators For more information on validators see Configuring validators Click on Apply After a short time the policy is added to the Firewall configuration 4 To display policy details click on Return to Policy List The page is refreshed and contains a Current Security Policies table Axxcelera Broadband AB 100 Manual Page 27 of 111 Version 5 Axxcelera AB 100 O Status H 1 H H Security Policy Configuration O Quick Start gt System V Configuration Current Security Policies Save config Authentication F a EDURm a e E e a eet ian Riiie Interface Type 1 Interface Type 2 Validators Policy Configuration Security external internal Only listed hosts blocked Port Filters 9 Host Validators WAN connections l IP
21. config Authentication Gateway LAN connection Netmask 0000 Security WAN connections Cost i 3 IP routes DHCP server ferae none DHCP relay Advertise DNS client isa DNS relay D Ports ok Reset Cancel Copyright c 2003 Axxcelera Broadband Wireless Axxcelera Broadband AB 100 Manual Page 36 of 111 Version 5 2 Complete the Create Ip V4Route form in order to configure the route 3 When you have filled in the details click on OK The Edit Routes page is displayed The table now contains details of the route that you have just created 3 4 6 2 Editing a route 1 To edit the destination gateway and netmask address or a route click in the relevant text box update the information then click on Apply 2 To edit the cost interface setting or advertise status for the route click on the Advanced Options hyperlink for a specific route and update the relevant information Click on OK 3 4 6 3 Deleting a route 1 To delete an exiting route check the Delete Box for a specific route 2 Click on Apply 3 4 7 DHCP server This option allows you to enable disable the DHCP server and create configure and delete DHCP server subnets and DHCP fixed IP MAC mappings From the Configuration menu click on DHCP server The following page is displayed Axxcelera Broadband AB 100 Manual Page 37 of 111 Version 5 Axxceler O Status O Quick Start gt System V Configuration Save config Authentication LAN
22. it is written to Flash A status page is displayed confirming that the upload is complete and telling you how much of the file in bytes and as a percentage has been written to Flash 4 Once the file has been written to Flash the Firmware Update page is refreshed The page confirms completion to the update and asks you to restart your AB 100 in order to use the new firmware Click on Restart Router NOTE Updating your firmware could take up to 4 minutes to complete 3 3 5 Backup Restore This page allows you to backup your configuration to or restore it from your computer 3 3 5 1 Backing up your configuration 1 From the System menu click on Backup Restore The following page is displayed Axxcelera Broadband AB 100 Manual Page 13 of 111 Version 5 _ Axrcelera AB 100 Stat 1 1 as Backup Restore Configuration Q GMS Si This page allows you to backup the configuration settings to your computer or restore configuration V System from your computer Event Log One click Update emot REECE Backup Configuration Firmware Update Backup Restore Backup configuration to your computer Restart Router P Configuration Backup Restore Configuration Restore configuration from a previously saved file Configuration File Browse Copyright c 2003 Axxcelera Broadband Wireless 2 From the Backup Configuration section click on the Backup button The File Download window is displayed Click to select the Save this fi
23. option of restarting and restoring the factory default settings Click on the Reset to factory default settings box to check it then click on the Restart button Read the console status output to check how the reset is progressing 3 Once the login and password prompt is displayed at the console you can login as usual with login atmos password atmos then refresh the browser that is open to the AB 100 web page The Status page is displayed and your AB 100 system has been reset 3 4 Configuration 3 4 1 Save config To save your current configuration to Flash memory 1 From the Configuration menu click on Save config The following page is displayed Axcelera AB 100 Status Save configuration Quick Start System Configuration Confirm Save Save config Authentication LAN connection Security WAN connections IP routes DHCP server Save DHCP relay DNS client DNS relay gt Ports ayoo Please confirm that you wish to save the configuration There will be a delay while saving as configuration information is written to flash Copyright c 2003 Axxcelera Broadband Wireless Axxcelera Broadband AB 100 Manual Page 15 of 111 Version 5 2 Click on the Save button to save your current configuration in the im conf file in the FlashFS After a short time the configuration is saved and the following confirmation message is displayed Saved information model to file flashfs im conf 3 4 2 Authentication
24. pathCost 10 N ImSpanningBridgeConfig ImBridge ImSpanningBridgeConfig A spanning false A spanPriority 32768 A helloTime 2 A maxAge 20 A forwardDelay 15 N ImDhcpClient ImDhcpClient A reboot 10 A retry 300 A backoffCutoff 120 N ImDhcpServer ImDhcpServer A defaultLeaseTime 43200 A allowBootp true A maxLeaseTime 86400 A allowUnknownClients true A enabled false N ImDhcpRelay ImDhcpRelay A enabled false N ImDnsRelay ImDnsRelay A relayDomainName N ImDnsClient ImDnsClient N ImFireWall ImFireWall security enable false firewall level none firewall enabl fals IDS false ClearIDSBlacklist true sessionlog true blockinglog true IntrusionLog false N ImFwIDS ImFireWall ImFwIDS UseBlackList false UseVictimProtection false DosAttackBlockDuration 1800 ScanAttackBlockDuration 86400 VictimProtectionBlockDuration 600 MaxTcpOpenHandshakingCount 100 MaxPingCount 15 MaxICMPCount 100 N ImProcessLogFilters ImProcessLogFilters N ImDevice ImDevic A saveconfig false N ImServices ImServices N ImService ImServices ethl A creator CLI A description eth1 N ImEthernet ImServices ethl ethl A enabled true gy ops gp mpg gym gm p mpg A layer2SessionUser ImBridge ImBridgeInterfaces N ImChannels ImServices ethl ethl ImChannels Axxcelera Broadband AB 100 Manual Version 5 N ImEtherChannel ImServices ethl ethl ImChannels itemO Page 90 of 111 A port ethern
25. portFilter All A enabled false N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled true A layer2Session ImServices ethl ethl N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImSpanningBridgeConfig ImBridge ImSpanningBridgeConfig A spanning false A spanPriority 32768 A helloTime 2 A maxAge 20 A forwardDelay 15 N ImDhcpClient ImDhcpClient A reboot 10 A retry 300 A backoffCutoff 120 ImDhcpServer ImDhcpServer A defaultLeaseTime 43200 A allowBootp true A maxLeaseTime 86400 A allowUnknownClients true A enabled false ImDhcpRelay ImDhcpRelay A enabled false N ImDnsRelay ImDnsRelay A relayDomainName ImDnsClient ImDnsClient N ImFireWall ImFireWall zZ z z security enable false firewall level none firewall enabl fals IDS false ClearIDSBlacklist true sessionlog true blockinglog true gp op mese Axxcelera Broadband AB 100 Manual Version 5 Page 74 of 111 A IntrusionLog false N ImFwIDS ImFireWall ImFwIDS gd Omm p mpg UseBlackList false UseVictimProtection false DosAttackBlockDuration 1800 ScanAttackBlockDuration 86400 VictimProtectionBlockDuration 600 MaxTcpOpenH
26. true means that the user can login but not dialin e false means that the user can dialin but not login 3 Click on the Create button The Authentication page is displayed The table now contains details for the user that you have just created 3 4 2 2 Editing deleting a login account 1 The Authentication page table contains an Edit user hyperlink for each user account entry Click on a link The following page is displayed Axxcelera AB 100 O Stat H H 1 se Authentication edit user molson O Quick Start gt System V Configuration Details for user molson Fue M Usemame molson Eee Password eoweesee Security May login ft X WAN connections ue IP routes Comment DHCP server DHCP relay Apply Reset DNS client DNS relay Delete this user amp Ports Cancel and return to Authentication Setup Page Copyright c 2003 Axxcelera Broadband Wireless This page allows you to e Update details for a specific user account Modify the necessary text boxes then click on the Apply button e Delete a user account Click on the Delete this user button 2 Once you have edited or deleted a user account the Authentication page is displayed and the table reflects any changes that you have made on the edit user page 3 4 3 LAN connection This option allows you to e Configure the IP address and subnet of the default LAN connection to the AB 100 e Configure a secondary IP address on the same subnet as the primary IP address
27. 00 rip send all none rip accept all none route add default 0 0 0 0 192 168 2 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 ipatm pvc atm0 atm25i 0 99 pcr 70000 70000 remoteip 192 168 2 1 ipatm pvc atm1 atm25m 0 768 pcr 70000 70000 remoteip 192 168 100 3 10 1 2 AP system conf channel 0 antenna horizontal mode static mid 0 bid 0 interface atm0 backoff 0 provider abw key Axxcelera mask 1ffff leds active 10 1 3 AP initswitchcli tp default UBR 70000 sp default 256 stats add atm25m 0 769 atm25i 0 200 default default perm epd add atm25i 0 200 atm25m 0 769 default default perm epd Axxcelera Broadband AB 100 Manual Page 87 of 111 Version 5 10 1 4 SU resolve device add atm0 atm bun mtu 1500 192 168 9 2 device add atm1 atm bun mtu 1500 192 168 100 3 subnet add atm1 home 192 168 100 0 ff ff ff 00 subnet add atm0 home 192 168 9 0 ff ff ff fc rip send all none rip accept all none route add default 0 0 0 0 192 168 100 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 ipatm pvc atm0 atm25i 0 99 pcr 70000 70000 remoteip 192 168 9 1 ipatm pvc atm1 atm25m 0 768 pcr 70000 70000 remoteip 192 168 100 1 10 1 5 SU system conf channel 0 antenna horizontal mode static mid 3 bid 0 interface atm0 backoff 0 provider abw key Axxcelera mask 1ffff leds active Axxcelera Broadband AB 100 Manual Page 88 of 111 Version 5 10 1 6 SU initswitchcli tp default UBR 70000 sp default 256 st
28. 00 system Click on one of the attribute names to display help information about each entry 3 Youcan carry out advanced configuration of your Ethernet port attributes From the Ethernet Port Configuration page click on View advanced attributes The Advanced Ethernet Port Configuration page is displayed Click on one of the advanced attribute names to display help information about each entry Update the port attributes that are available for editing then click on Apply to update the advanced configuration settings Click on the Return to basic attribute list to return to the Ethernet Port Configuration page These same steps can be taken to review modify the ATM port configuration 3 5 1 1 Ethernet Axxcelera AB 100 O Status Ethernet Port Configuration O Quick Start gt System V Configuration View advanced attributes Save config M did Basic Port Attributes connection Security Name Value WAN connections Connected true IP routes DHCP server Full Duplex true DHCP relay DNS client Link Speed 1000000 DNS relay Reset Defaults false z V Ports y Note that the Reset Defaults option will not take effect until you save configuration and reboot Ethernet ATM Apply Reset Copyright c 2003 Axxcelera Broadband Wireless 3 5 1 2 ATM Axxcelera Broadband AB 100 Manual Page 44 of 111 Version 5 Axxcelera AB 100 BROADBAND WIRELESS O Status O Quick Start gt System V Configuration Save c
29. 192 168 4 2 LAN Settings O gt System gt Configuration Advanced Diagnostics Connection Authentication None Login Settings Port Connection Status Port Type Connected Line State Ethernet ethernet v N A ATM atm R x N A WAN Status IP Address Type Static IP Address Settings WAN Subnet Mask None Default Gateway 192 168 5 3 Primary DNS None DNS Client Settings LAN Status LAN Subnet Mask 255 255 255 0 Act as Local DHCP Server No DHCP Server Settings O MAC Address 00 C0 69 D0 00 13 Hardware Status Up Time 00 03 28s Version AB 100 He500 IDT ATM v1 0 0 0 He500 CSP v1 0 ISOS 9 0 9 00 2 14 Vendor Axxcelera Broadband Wireless Defined Interfaces ipoa1 Show Statistics O Port atm VPI VCI 0 515 ipoa2 Show Statistics Q Port atm VPI VCI 0 256 eth1 Show Statistics Routing Table Destination Netmask Gateway Interface 192 168 4 0 255 255 255 0 0 0 0 0 ip1 192 168 2 0 255 255 255 0 0 0 0 0 ip3 192 168 5 0 255 255 255 0 0 0 0 0 ip2 127 0 0 0 255 0 0 0 0 0 0 0 loopback 0 0 0 0 0 0 0 0 192 168 5 3 ip2 3 2 Quick Start 3 3 System 3 3 1 Event Log The Event Log page is displayed whenever an error occurs or can be accessed via the System menu by clicking on Event Log The following page is displayed Axxcelera Broadband AB 100 Manual Page 10 of 111 Version 5 Axxcelera AB 100 OBANOD WIRELESS O Status Event log ba ume ic This page shows recent events from you
30. 2 168 3 64 gateway 192 168 5 2 netmask 255 255 255 248 cost 1 timeout O0 interface advertise false ute ImRouter ImRoutes iteml destination 192 168 3 72 gateway 192 168 5 6 netmask 255 255 255 248 cost 1 timeout 0 interface advertise false ts Ports ethernet Defaults false gom mee gp op ms reset Ports atm resetDefaults false rver ImWebserver A httpPort 80 A upnpPort 2800 A telnetPort 23 A interface ipl Version 5 item0 ipoa 1 ImTcpMssClamp ipoa 1 ImRipVersions ipoa 2 item0 ipoa 2 ImTcpMssClamp ipoa 2 ImRipVersions AB 100 Manual Page 84 of 111 enabled true mgmtlIp 0 0 0 0 archive expand isfs derived data dat enableAuxillaryPort true Pp Pp end Axxcelera Broadband AB 100 Manual Page 85 of 111 Version 5 Section 9 10 AB 100 AB Access Native ATM Backhaul System 192 168 100 3 19216892 192 168 100 1 PVC 99 AB 100 AP SU Management PVC e gt SU 192 168 9 1 30 AB 100 SU Data PVC e gt LAN 192 168 1 2 AP 192 168 2 1 30 LAN 192 168 1 1 10 1AB Access Configuration Files 10 1 1 AP resolve Axxcelera Broadband AB 100 Manual Page 86 of 111 Version 5 device add atm0 atm bun mtu 1500 192 168 2 2 device add atm1 atm bun mtu 1500 192 168 100 1 subnet add atm0 home 192 168 2 0 ff ff ff fc subnet add atm1 home 192 168 100 0 ff ff ff
31. 2 of 111 A filterage 300 A enabled false A layer2SessionUser ImRouter ImIpInterfaces ipl N ImBridgeInterfaces ImBridge ImBridgeInterfaces N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled false N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled true A layer2Session ImServices ethl ethl N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImBridgeInterface ImBridge ImBridgeInterfaces rfc1483 0 A etherFilterType All A portFilter All A enabled true A layer2Session ImServices rfc1483 0 itemO ImSpanningBridgeInterface ImBridge ImBridgeInterfaces rfcl1483 ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImSpanningBridgeConfig ImBridge ImSpanningBridgeConfig A spanning false A spanPriority 32768 A helloTime 2 A maxAge 20 A forwardDelay 15 N ImDhcpClient ImDhcpClient A reboot 10 A retry 300 A backoffCutoff 120 ImDhcpServer ImDhcpServer A defaultLeaseTime 43200 A allowBootp true A maxLeaseTime 86400 A allowUnknownClients true A enabled false ImDhcpRelay ImDhcpRelay A enabled false N ImDnsRelay ImDnsRelay A relayDomainName ImDnsClient ImDnsClient N ImFireWall ImFireWall A security enable false
32. 6 pcr 2300 2300 remoteip 192 168 10 6 atml atm25m 0 1792 pcr 11000 11000 remoteip 192 168 10 7 atml atm25m 0 2048 pcr 9000 9000 remoteip 192 168 10 8 12 Edit the system conf file with the following changes a Interface e Old interface ethO e New interface atmO ff TestaP system conf ojx File Edit Format View Help channel OQ antenna horizontal mode static mid O bid O interface atmo backoff 0 rovider Axxcelera ey Axxcelera mask 7fff reg disabled leds active duplex half 13 Once files are edited and saved they are ready to upload to the AP by using Program AB Unit Axxcelera Broadband AB 100 Manual Page 99 of 111 Version 5 14 Fill in the current IP address 15 Enter the Hostname for the modified files 16 Fill in the current unit password 17 Select Reboot Now 18 Click on Submit Program AB Unit eese fe 11 2CLIP_S l 2 9o cx Gy ee Setup the AB 100 with all necessary configuration information Change all IP addresses information on all SUs in the sector All wireless SU IP addresses will need to be changed The reason for this is that AB 100 can only bind 1 PVC to an IP address so each SU must be on a separate subnet and terminated on a different interface on AB 100 Contact your Axxcelera representative before converting to CLIP_S if you do not fully understand how the IP addresses must be assigned Open Retrieve AB Configuration Fill in current IP address of unit
33. ARRARERRARD 46 4 1 Edit ServiC A M 46 42 Edit IPoA er 46 4 3 Edit Atm Channel sc cesucassseaeasusous endet suanacouuasteconcmasauusasneieseantan wen eueesassacerataniesase 47 JA Edit Ip Interldoe minnan a a D WR sateen cassie 49 4 5 Edit Tep Mss Clamp T EER 49 Z5 Edit RV SESS sirieni ET E A EA REEE as 50 MT Edt Ludum 51 B Edit RBS ece ia esera update race east tru Ru vie lec a df ETa ce 52 49 Edit Bide sesjoner akt a E E ETE EE EEEE ERES 52 4 10 Edit Bridge Interface sissdcinscsestseacasdenncacosbadcsaaadbeuvapashedeoussaseiasniedsadshncuebde saccandannteeoabeace 53 AAT Edit Spanning Bridge Interface scicasensscsnscdessensseaacnsenscesaseannncencndvncannsedadyvancaxeaseateataneabe 54 4 12 Edit Spanning Bridge Config iuogeeastiisiin medo MORIR ANNE DE NOR DID tU DH 33 AAS Edit AWtO Bridge P M MM 56 Axxcelera Broadband AB 100 Manual Page 4 of 111 Version 5 AAAs Edit Ethernet uie tete eee remi etra ere sa Fee eet e Pie eate 57 415 Edit GSE Mods MINUS 58 CONFIGURING 1483 BRIDGED ccsscccceseeeceeeseeeeeeeaaeeeeeneaeeeeesaaeaeseneaeaesesegaesesnnaaeseseseaeaeeneaes 59 CONFIGURING CLIP IPOA ce fesesceessaticcasssscpces sates sees RB ORE X TRO SEREXR EINE fasnaenneusseldncasssaxpenessecacasseais 61 AB 100 AB ACCESS 1483_S SYSTEM 1 eeeeeeaeee seer ee eeeeseaeee sees eeesesss
34. DRGA HONG jsnsccsscnsnessievssucsesvnsssvcuasvansevssnasensinseseiwtccnnstievinadeeledvextinesilaventeses 9 EE s Jouer 9 3 WEB BASED CONFIGURATION ccceseeeceeeeeeeeeeeeneee seen ees eseeaeee nh enhn anni tnn na snas insat nite tnm a nns n sss h natnra 10 3 1 sip C 10 3 2 CHOSE Se nte o tNO MORD RI ROREM eT AUS Ree nM Mq enit 10 3 3 NOISE RENI ETE 10 3 3 1 Event L8 odo E E E NEA M Ea N 10 3 3 2 Osce UD occ ene een meee een eee ee eee eee eee 11 3 3 3 BCT LG COG NEP 12 3 3 4 Firmware Update seroren creeranno nE E E E E E 13 3 3 5 Back Restore ates ca ocenseacvnneccaquswnetewenaernerssenreaswnacvance VER ep a rUN D Oraka E E EU Rearen 13 3 3 5 1 Backing up your confgbDEA ROTE s ees iem pUIPekr ap et Ur PIipR dS Valen aos Demi inES 13 3 3 5 2 Restoring your configuradtiOf uuiusse exten rire tede aar Ii SEPAN REERN I QU RP ATI UN ERE eUE 14 3 3 6 R start quis eet ne E AR gat 14 34A M Siue MEE ETT 15 3 4 1 Save CONTI T eieiaeo S 15 3 4 2 PE WI WII INTO In iQ PN E EA A 16 3 4 2 1 Creating a new login ACC MUN s soieesto rU bab amapant ictus rola papa Dart ard ane 16 3 4 2 2 Editing deleting a login account uiu oestine erre REIR RRHER ERE SURE KR RUE KE ERO 17 3 4 3 LAN COM CO MON Cp m 17 CIN NEP cuc P 18 3 4 3 2 Creating virtual Hier PACES eue od ire rie ren tp AFER DER Nen SU UN pENE E PUE PANEER VIA E DUKE 18 3 4 4 SEQUI sso cates Ul
35. Errors 0 f Out Errors 0 Packets Sent 378 Good Packets 2155 Version 1 01 Enabled true 7 Termination Change Reset Copyright c 2003 Axxcelera Broadband Wireless x Axxcelera Broadband AB 100 Manual Page 58 of 111 Version 5 Section 5 5 Configuring 1483 bridged 1 Open web browser 2 Click on Configuration 3 Click on WAN connections Axxcelera BB 1g 9 Status WAN connections O Quick Start gt System V Configuration Save config Authentication LAN connection Service Name IP Bridge Interface Name Description Creator Security WAN connections IP routes Create a E service DHCP server DHCP relay DNS client DNS relay V Ports Ethernet ATM WAN services currently defined Copyright c 2003 Axxcelera Broadband Wireless 4 Click on Create a new service 5 Select RFC 1483 bridged 6 Click on Configure Axxcelera Broadband AB 100 Manual Page 59 of 111 Version 5 Axxcelera BROADBAND WIRELESS O Status O Quick Start gt System V Configuration Save config Authentication LAN connection Security WAN connections IP routes DHCP server DHCP relay DNS client DNS relay V Ports Ethernet ATM AB 100 WAN connection create service Please select the type of service you wish to create ATM C RFC 1483 routed RFC 1483 bridged C PPPoA routed PPPoA bridged C IPoA routed Ethernet Copyright c 2003 Axxcelera Broadband Wireless 7 F
36. HCP sener Edit Spanning Bridge Config relay DNS client DNS relay V Ports Options Ethernet ATM Name Value Version 1 01 Spanning false Span Priority 52768 Hello Time IE Max Age feo Forward Delay 15 Change Reset Copyright c 2003 Axxcelera Broadband Wireless d v 4 13 Edit Auto Bridge Description Enables or disables auto bridge Auto Bridge true false Axxcelera BROADBAND AB 100 z i 9g z nee Edit connection ImBridge O Quick Start gt Sec Edit Bridge Edit Bridge Edit Edit Bridge Edit Edit Edit Auto Edit Ip Edit Edit V Configuration Interface Spanning Interface Spanning Spanning Bridge Interface RFC1483 Ethernet Bridge Bridge Bridge S fi Authentication Interface Interface Config LAN connection z n zl Securty Edit Auto Bridge WAN connections IP routes DHCP server DHCP relay i DNS client Options DNS relay V Ports Name Value Ethernet Auto Bridge false gt ATM Change Reset Copyright c 2003 Axxcelera Broadband Wireless Ei Axxcelera Broadband AB 100 Manual Version 5 Page 56 of 111 4 14Edit Ethernet Name Value Description If In Octets Number or bytes received on interface If Out Octets Number of bytes transmitted on interface If In Errors Number of errors received on interface If Out Errors Number of errors transmitted on int
37. IP Address the IP address of an individual host inside your network e Transport Type specify the transport type that you want to map from the outside interface to the inside e Port Number the port number that your transport uses 4 Once you have configured the table click on Add reserved mapping The table is refreshed and reserved mapping is added to your NAT configuration To delete a reserved mapping setup click on the Delete hyperlink then click on the Delete Reserved Mapping button Click on Return to Interface List to display the Security Interface Configuration page 3 4 4 8 Configuring Security policies A policy is the collective term for the rules that apply to incoming and outgoing traffic between two interface types Before you can create a Security policy you need to enable Security See Enabling Firewall and or Intrusion Detection To create and configure a Firewall policy 1 Go to the Policies Triggers and Intrusion Detection section of the Security Interface Configuration page Click on Security Policy Configuration The Security Policy Configuration page is displayed Axxcelera Broadband AB 100 Manual Page 26 of 111 Version 5 2 Click on New Policy The Security Add Policy page is displayed Axxcelera AB 100 Status Security Add Policy Quick Start System Configuration Save config Between interfaces of types external internal J Authentication LAN connection Security Validators will
38. Interfaces rfc1483 0 N ImChannels ImServices rfc1483 0 item0 ImChannels N ImAtmChannel ImServices rfcl483 0 item0 ImChannels item0 A txVci 200 rxVci 200 pcr 2000 class UBR port atm PP gm pg gym p mpg A A A A Axxcelera Broadband AB 100 Manual Page 94 of 111 Version 5 ImUsers ImUsers ImUser ImUsers a PPP m po username a password a comment C accessLev tmos tmos tmos reated by CLI mayConfigu mayDialIn pppLoginAu ImRouter ImRoute l superuser re true true th none z ImIpInterfaces ImRouter ImIpInterfaces ImIpInterface ImRouter ImIpInterfaces ipl A ipaddr 192 168 1 2 mask 255 255 255 0 dhcp false mtu 1500 enabled true A layer2Session ImBridge ImTcpMssClamp ImRouter ImIpInterfaces A enabled false ImRipVersions ImRouter ImIpInterfaces A acceptV1 false A acceptV2 false A sendV1 false A sendV2 false A sendMulticast false ImIpInterface ImRouter ImIpInterfaces ipaddr 192 168 9 1 mask 255 255 255 252 dhcp false mtu 1500 reallnterface enabled true layer2Session ImServices ipoa 0 ImTcpMssClamp ImRouter ImIpInterfaces A enabled false ImRipVersions ImRouter ImIpInterfaces A acceptVl false A acceptV2 false A sendV1 false A sendV2 false A sendMulticast false ImRoutes ImRouter ImRoutes ImIpV4Route ImRouter ImRoutes itemO destination 192 168 100 0 gateway 192 168 9 2 netmask 255 255 255 0 cost 1 timeout 0 int
39. Name ImDnsClient ImDnsClient ImFireWall ImFireWall security enable false firewall level none firewall enable fals IDS false ClearIDSBlacklist true sessionlog true blockinglog true IntrusionLog false z z zZ z zou gp op mess Axxcelera Broadband AB 100 Manual Version 5 Page 81 of 111 N ImFwIDS ImFireWall ImFwIDS N Im N Im N Im N Im UseBlackList false UseVictimProtection false DosAttackBlockDuration 1800 ScanAttackBlockDuration 86400 VictimProtectionBlockDuration 600 MaxTcpOpenHandshakingCount 100 MaxPingCount 15 MaxICMPCount 100 ProcessLogFilters ImProcessLogFilters Device ImDevic A saveconfig false Services ImServices Service ImServices ethl A creator CLI A description eth1 Ethernet ImServices ethl ethl A enabled true A layer2SessionUser ImBridge ImBridgeInterfaces ethl Channels ImServices ethl ethl ImChannels EtherChannel ImServices ethl ethl ImChannels itemO A port ethernet Service ImServices ipoa 0 A creator WebAdmin A description AP MGMT Ipoa ImServices ipoa 0 item0 A svc false A atmarp here A lifetime 60 A enabled true A layer2SessionUser ImRouter ImIpInterfaces ipoa 0 PPP PP PP Pe N ImChannels ImServices ipoa 0 item0 ImChannels N ImAtmChannel ImServices ipoa 0 item0 ImChannels item0 A txVci 101 rxVci 101 pcr 2000 class UBR A A A A port atm N ImService ImS
40. Outbound IP routes Jl l DHCP server TCP DHCP relay Allow Allow DNS client DNS relay P Ports Apply Return to Filter List Return to Policy List Return to Interface List Copyright c 2003 Axxcelera Broadband Wireless Specify the start and end of the port range for the TCP protocol that you want to filter For information on application port numbers see ftp ftp rfc editor org in notes rfc1700 txt Then use the Direction drop down lists to specify whether you want to allow block outbound traffic Click on Apply The Firewall Port Filters page is displayed containing details of the TCP portfilter that you have just added e Fora UDP portfilter click on Add UDP Filter The Firewall Add UDP Port Filter page is displayed For details on how to complete the table follow the above instructions for adding a TCP portfilter e Foranon TCP UDP portfilter click on Add Raw IP Filter The following page is displayed Axxcelera Broadband AB 100 Manual Page 29 of 111 Version 5 _ Axcelera AB 100 ae Firewall Add Raw IP Filter external gt System internal V Configuration Save config Authentication LAN connection Security WAN connections IP routes DHCP server Protocol Number DHCP relay DNS client DNS relay D Ports Apply Return to Filter List Direction Inbound Outbound Allow gt Allow gt Return to Policy List Return to Interface List Copyright
41. Save config Authentication LAN connection Security Edit Ip Interface Edit Tcp Mss Clamp Edit Rip Versions Edit NAT Edit IPoA WAN connections m IP routes Z DHCP sever Edit Rip Versions DHCP relay DNS client DNS relay 7 V Ports Options Ethernet ATM Name Value Accept V1 false E Accept V2 false z Send V1 false Send V2 false z Send Multicast false x Change Reset Copyright c 2003 Axxcelera Broadband Wireless E r J 4 7 Edit NAT Description Nat Enabled true false Set whether NAT Network Address Translation is set on the interface _ Amcelera AB 100 Status Edit connection ip2 O Quick Start gt System V Configuration Save config Authentication Edit Ip Interface Edit Tcp Mss Clamp Edit Rip Versions Edit NAT Edit IPoA LAN connection Security H WAN connections Edit NAT IP routes DHCP server DHCP rel DNS client Options DNS relay V Ports Name Value Ethernet Nat Enabled false ATM Change Reset Copyright c 2003 Axxcelera Broadband Wireless id Axxcelera Broadband AB 100 Manual Page 51 of 111 Version 5 4 8 Edit RFC1483 Name Value Description Mode LlcBridged Sets the mode that the bridge will operate VcMuxBridged in LlcRouted VcMuxRouted If In Octets Number or bytes received on interface If Out Octets Number of bytes transmitted on interface If In Errors Numbe
42. T 9 1 2 AP Systemi CONi MM 78 9 1 3 AP imtswiteh ce so Deus EN eta ERU n A E 78 9 1 4 SUI resolve D raa Ee EEE E E A EEE Ei 79 9 1 5 LT Sy ISI THO BREMEN 79 9 1 6 SO TESOL VE Mc EE ETE E eee en ETE EET RTN 79 9 1 7 SUZ Syste M CONT esce eese eeaeee eien aeetas an eria tri Tae EEA emu ESERE patr euius 80 92 AB IOU GF GODIIEC TIG ccdaidscsasssedesasnaecstdubodemteedaculasdedcsasideaptarssatuaund caudae a baaa 80 10 AB 100 AB ACCESS NATIVE ATM BACKHAUL SYSTEM cesses 86 10 1 JAB Xocess Configuration Files eura a eias but Rhe ei n ec S RPG S etn RS o GEE TRE 86 101 1 AP PESOS ER 86 10 12 AP gysten COIL PERRO 87 10 13 AP AAS WTCIICIE sc cesssssvnecesniecsuionaptisesuwnssaniucne saasemsadswsuinssyeslasesstcoupeenedundedumeetivasianses 87 TQM SU TSO C R 88 Axxcelera Broadband AB 100 Manual Page 5 of 111 Version 5 101 5 LISS cod TREE 88 ON MA BRI SWIG UD Tm 89 10 2 AB TOU icf config filet AP rrenan ha m i e p OD n AE 89 10 3 AB 100 icf config file SU m 92 11 CONVERTING TO ATM aa a coe eco cce peo cue ce ccu ere eso o Exc E aa aE be a aE Eaa ire eroe aA EA E araea aE 97 EMEN MM c 97 W CEIP Orren ae E 100 I3 TABI cn 105 PE sp Cue aa aaea aa aN aaa aaau 109 12 1 Ethernet Porterren nina e AA RUN N 109 122 Ethernet BAD CS secs vesssasacitesaczasiicanussteisines E E O OEEO ET 109 122 1 S mtem
43. TCP SYN synchronize start segment is sent with a maximum segment size larger than the interface MTU the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without requiring fragmentation Aucelera 25209 Status Edit connection ip2 O Quick Start gt System V Configuration Save config Edit Ip Interface Edit Tcp Mss Clamp Edit Rip Versions Edit NAT Edit IPoA Authentication ml LAN connection Security Edit Tcp Mss Clamp WAN connections IP routes DHCP server DHCP relay Options DNS client DNS relay Name Value V Ports TCP MSS Clamp false Ethernet ATM Change Reset Copyright c 2003 Axxcelera Broadband Wireless 4 6 Edit Rip Versions Name Value Description Accept V1 true false Controls whether the interface will accept any RIP V1 updates from other devices Accept V2 true false Controls whether the interface will accept any RIP V2 updates from other devices Send V1 true false Controls whether the interface will send any RIP V1 updates to other devices Send V2 true false Controls whether the interface will send any RIP V2 updates to other devices Send Multicast true false Send RIP updates via multicast Axxcelera Broadband AB 100 Manual Page 50 of 111 Version 5 _ Ancelera AB 100 Status Edit connection ip2 O Quick Start gt System V Configuration
44. This option allows you to administer accounts for users who access the AB 100 From the Configuration menu click Authentication The following page is displayed Aacelera AB 100 aes Authentication emcuick stay This page allows you to control access to your router s console and these configuration web pages gt System V Configuration Save config Currently Defined Users Authentication LAN connection Security User May login Comment WAN connections IP routes DHCP server DHCP relay DNS client DNS relay gt Ports atmos true Created by CLI Ed user molson true Edit user O Create a new user O Copyright c 2003 Axxcelera Broadband Wireless 3 4 2 1 Creating a new login account 1 Click on the Create a new user button The following page is displayed Axxcelera AB 100 O Status H H Authentication create user O Quick Start gt System V Configuration Details for new user Save config Usemame Authentication LAN connection Password Security i WAN connections May login false zi IP routes Comment 4 DHCP server DHCP relay Create Reset DNS client DNS relay Cancel and return to Authentication Setup Page O gt Ports Axxcelera Broadband Copyright c 2003 Axxcelera Broadband Wireless AB 100 Manual Version 5 Page 16 of 111 2 Type details for the new user into the username password and comment text boxes and select May login option e
45. UDP application b Port Number Start type the start of the trigger port range that the primary session uses c Port Number End type the end of the trigger port range that the primary session uses d Secondary Port Number Start type the start of the trigger port range that the secondary session uses e Secondary Port Number End type the start of the trigger port range that the secondary session uses f Allow Multiple Hosts select allow if you want a secondary session to be initiated to from different remote hosts Select block if you want a secondary session to be initiated only to from the same remote host g Max Activity Interval type the maximum interval time in milliseconds between the use of secondary port sessions h Enable Session Chaining select Allow or Block depending on whether you want to allow multi level TCP session chaining i Enable UDP Session Chaining select Allow or Block depending on whether you want to allow multi level UDP and TCP session chaining You must set Enable Session Chaining to Allow if you want this to work j Binary Address Replacement select Allow or Block depending on whether you want to use binary address replacement on an existing trigger k Address Translation Type specify what type of address replacement is set on a trigger You must set Binary Address Replacement to Allow if you want this to work 3 Once you have configured the trigger click on Apply The Firewall Trigger Confi
46. V Configuration Define your new fixed mapping here The IP prem choose will be given to the host with the MAC address you specify The IP address must Save config not clash with an IP address already present in a dynamic address range You should also ensure that there is a suitable subnet defined for the IP Authentication LAN connection address to reside in The MAC address should be expressed as 6 hexadecimal pairs seperated by colons e g 00 20 2b 01 02 03 IP address I Security WAN connections MAC address pum pes Maximum lease time 85400 server seconds DHCP relay DNS client x REG DNS relay Cancel gt Ports Copyright c 2003 Axxcelera Broadband Wireless 2 Complete the following a Type in the IP address that will be given to the host with the specific MAC address b Type in the MAC address and the maximum lease time default is 86400 seconds 3 Click on OK The DHCP Server page is displayed and details of your new fixed host are displayed under the sub heading Existing DHCP fixed IP MAC mappings To edit a fixed mapping click on the IP address MAC address or max lease time type a new entry and Axxcelera Broadband AB 100 Manual Version 5 Page 40 of 111 click Apply To delete a fixed mapping check the Delete box for specific mapping and click Apply 3 4 8 DHCP relay This option allows you to e Enable disable DHCP relay e Add DHCP servers to the DHCP relay list e Configure delete ser
47. ace ImBridge ImBridgeInterfaces rfcl1483 ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImSpanningBridgeConfig ImBridge ImSpanningBridgeConfig A spanning false A spanPriority 32768 A helloTime 2 A maxAge 20 gy m pg z z ex m z eS Axxcelera Broadband AB 100 Manual Page 67 of 111 Version 5 A forwardDelay 15 N ImDhcpClient ImDhcpClient A reboot 10 A retry 300 A backoffCutoff 120 N ImDhcpServer ImDhcpServer A defaultLeaseTime 43200 A allowBootp true A maxLeaseTime 86400 A allowUnknownClients true A enabled false N ImDhcpRelay ImDhcpRelay A enabled false N ImDnsRelay ImDnsRelay A relayDomainName N ImDnsClient ImDnsClient N ImFireWall ImFireWall security enable false firewall level none firewall enabl fals IDS false ClearIDSBlacklist true sessionlog true blockinglog true IntrusionLog false N ImFwIDS ImFireWall ImFwIDS UseBlackList false UseVictimProtection false DosAttackBlockDuration 1800 ScanAttackBlockDuration 86400 VictimProtectionBlockDuration 600 MaxTcpOpenHandshakingCount 100 MaxPingCount 15 MaxICMPCount 100 N ImProcessLogFilters ImProcessLogFilters N ImDevice ImDevic A saveconfig false N ImServices ImServices N ImService ImServices ethl A creator CLI A description eth1 N ImEthernet ImServices ethl ethl A enabled true oe a a p gm pgs PPP PP PPP A la
48. andshakingCount 100 MaxPingCount 15 MaxICMPCount 100 N ImProcessLogFilters ImProcessLogFilters A N ImDevice ImDevic saveconfig false N ImServices ImServices N ImService ImServices ethl A creator CLI description ethl rnet ImServices ethl ethl enabled true layer2SessionUser ImBridge ImBridgeInterfaces ethl N ImChannels ImServices ethl ethl ImChannels N ImEtherChannel ImServices ethl ethi ImChannels itemO port ethernet A A A A A A A N ImService ImServices ipoa 0 creator WebAdmin description AP MGMT N ImIpoa ImServices ipoa 0 item0 svc false atmarp here lifetime 60 enabled true layer2SessionUser ImRouter ImIpInterfaces ipoa 0 N ImChannels ImServices ipoa 0 item0 ImChannels N ImAtmChannel ImServices ipoa 0 item0 ImChannels itemO0 A A A A A txVci 100 rxVci 100 pcr 2000 class UBR port atm N ImUsers ImUsers N ImUser ImUsers atmos gp meg N ImRouter ImRouter ImIpInterfaces ImRouter ImIpInterfaces zZ username atmos password atmos comment Created by CLI accessLevel superuser mayConfigure true mayDialIn true pppLoginAuth none N ImIpInterface ImRouter ImIpInterfaces ipl PPP pg ipaddr 192 168 1 1 mask 255 255 255 0 dhcp false mtu 1500 enabled true layer2Session ImBridge Axxcelera Broadband AB 100 Manual Version 5 Page 75 of 111 N ImTcpMssClamp ImRouter ImIpInterfaces A enabled fal
49. ate a new service A page is displayed containing a list of WAN service options Axxcelera Broadband AB 100 Manual Page 34 of 111 Version 5 2 Select an option then click on Configure You need to add detailed configuration information about the WAN service that you are creating 3 Click on Apply The WAN connections page is displayed The table now contains details of the service that you have just created 3 4 5 2 Editing a WAN service Click on the Edit link for a specific service The WAN connections edit page is displayed 2 Change the values for the existing service If you want to carry out advanced editing click on the links at the top of the edit page The links that appear depend on the type of service that you are configuring 3 Click on Change The edit page is displayed and changes are applied to the service 3 4 5 3 Deleting a WAN service 1 Atthe WAN connections page click on the Delete link for a specific service The WAN connection delete page is displayed 2 Check the details displayed then click on the Delete this connection button 3 4 5 4 Creating a virtual interface routed services only 1 Click on the Virtual I f link for a specific service The Virtual interface page is displayed 2 Click on the Create a new virtual interface hyperlink On the Create virtual interface page type the IP address and netmask of the virtual interface then click on the Apply button 3 The WAN connections pa
50. ats add atm25m 0 769 atm25i 0 200 default default perm epd add atm25i 0 200 atm25m 0 769 default default perm epd 10 2 AB 100 icf config file AP Information Model configuration file version 4 N ImIGMPProxy ImIGMPProxy A forwardAll false N ImRip ImRip hostRoutes false poison false authEnable false authPassword advertiseDefaultRoute false defaultRouteCost 1 N ImBridge ImBridge A filterage 300 A enabled false A layer2SessionUser ImRouter ImIpInterfaces ipl N ImBridgeInterfaces ImBridge ImBridgeInterfaces N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled false N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled true A layer2Session ImServices ethl ethl N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImBridgeInterface ImBridge ImBridgeInterfaces rfc1483 0 A etherFilterType All A portFilter All A enabled true PP gm pg Axxcelera Broadband AB 100 Manual Page 89 of 111 Version 5 A layer2Session ImServices rfcl483 0 item0 N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces rfc1483 0 ImSpanningBridgeInterface A enabled false A priority 128 A
51. cates the unit is powered on A orange LED indicates the unit is booting up 2 2 5 PWR A 48VDC power connector 2 2 6 Ground Grounding screw to connect grounding cable to Axxcelera Broadband AB 100 Manual Page 8 of 111 Version 5 2 3 Technical Specifications Temperature Range Humidity Primary Power External Power Supply Options Weight Case NOTE AB 100 should only be used with the provided power supply unless you have consulted 20 C to 50 C 95 at 40 C 104 F non condensing 40 70 VDC 48VDC typ 48V max 150mA typ 85mA 100 240V 100 120VA 50 60Hz 0 9 kg 2 lb Cast Aluminum with an Axxcelera Engineer first Using another power source could damage the unit if not connected properly 2 4 Console Port AB 100 has a DB 9 female serial port on it The serial cable should be a straight DB 9 male to DB 9 female To gain access to the console of your AB 100 configure your terminal console software with the following settings Name Bps 9600 Data Bits 8 Parity None Stop bits 1 Flow Control None Axxcelera Broadband AB 100 Manual Version 5 Page 9 of 111 Section 3 3 Web based Configuration The web interface can be accessed by entering the IP address of the unit in the URL box The factory default IP address is 192 168 4 2 amp http 192 168 4 2 3 1 Status Axxcelera AB 100 O Status Status Quick Start Local IP Address
52. ce you have created a security interface 1 Click on the Firewall Enabled and or Intrusion Detection Enabled radio buttons 2 Click on Change State to update the Security State section 3 4 4 3 Setting a default security level You must have Security and Firewall enabled in order to set a default Security level See Enabling Security and Enabling Firewall and or Intrusion Detection 1 From the Security Level section click on the Security Level drop down list 2 Click on the level that you want to set none high medium or low 3 Click on the Change Level button 3 4 4 4 Configuring security interfaces Security interfaces are based on existing LAN services You must create a LAN service for every secutity interface that you want to configure For details on how to create LAN services see LAN connections 1 From the Security Interfaces section click on Add Interface The Firewall Add Interface page is displayed Axxcelera AB 100 O Stat a im Security Add Interface O Quick Start gt System V Configuration New Interface Setup Save config Na fpi Authentication aoa A LAN connection Interface Type external Security WAN connections Apply IP routes DHCP server Return to Interface List DHCP relay DNS client DNS relay V Ports Ethernet ATM Copyright c 2003 Axxcelera Broadband Wireless 2 Click on the Name drop down list and select the LAN service that you want to base your security int
53. connection Security WAN connections IP routes DHCP server DHCP relay DNS client DNS relay gt Ports AB 100 DHCP Server This page allows creation of DHCP server subnets and DHCP server fixed host IP MAC mappings You may also enable and disable the DHCP server from here The DHCP server is currently disabled Enable DHCP server interfaces Use this section to edit the list of IP interfaces that the DHCP server will operate on There are currently no IP interfaces listed for the DHCP server The DHCP server will operate on all interfaces Add new interface Use this section to tell the DHCP server to operate on another IP interface New IP interface jp1 7 Add There are currently no DHCP server subnets defined Create new Subnet Help There are currently no DHCP server fixed IP MAC mappings defined Create new Fixed Host O Help zl 3 4 7 1 Enabling disabling the DHCP server 1 Click on the Enable Disable button at the top of the page 2 The DHCP server is enabled by default If you click on the Disable button DHCP server is disabled and the button changes to Enable NOTE If DHCP is enabled DHCP server will be disabled by default You can not enable DHCP server unless you disable DHCP relay See DHCP Relay 3 4 7 2 Creating a DHCP server subnet 1 Click on the Create new Subnet link The following page is displayed Axxcelera Broadband AB 100 Manual Page 38 of 111 Version 5 Ancele
54. ct Retrieve Configuration Click on Submit W Update AB Unit Pala xe pueros S 192 158 2 2 7 Convert the mr1483 information in the initmr1483 file to the initswitchcli file This is done by the AB File Converter tool 8 Fill in Hostname of AP that you want to convert 9 Select Convert mr1463 File Axxcelera Broadband AB 100 Manual Page 105 of 111 Version 5 AB File Converter 10 Click on Submit 11 Create the file TestAP initr1483 TestAP initr1483 Notepad 12 Create the file TestAP initbridge Axxcelera Broadband AB 100 Manual Page 106 of 111 Version 5 File Edit Format View Help spanning disable device add e device add ri1483 13 Select Edit Configuration lll AB Editor Me xl 14 Click on Submit 15 Edit the system conf file with the following changes a Interface e Old interface ethO e New interface atm0 Axxcelera Broadband AB 100 Manual Page 107 of 111 Version 5 TestAP system conf s lE x antenna horizontal mode static mid O bid O interface atmo backoff rovider Axxcelera ey Axxcelera mask 7fff reg disabled leds active 17 Once files are edited and saved they are ready to upload to the AP by using Program AB Unit 18 Fill in the current IP address 19 Enter the Hostname for the modified files 20 Fill in the current unit password 21 Select Reboot Now 22 Click on Submit E Program AB Unit M fe s Axxc
55. curity The following page is displayed Axxcelera AB 100 BAND wi cue Security Interface Configuration Quick Start System Configuration Secu rity State Save config ES p Authentication Security C Enabled Disabled LAN connection Firewall Disabled Security ia enileannactione Intrusion Detection Enabled Disabled IP routes Change State DHCP server DHCP relay DNS client DNS relay Security Level V Ports Ethernet ATM ayoo Security Level n a Enable Firewall to set level Security Interfaces There are currently no Interfaces defined Interfaces must be defined and Security enabled to configure NAT Add Interface Policies Triggers and Intrusion Detection Security Policy Configuration SeeutyHigger Configuration Why cant configure this Why cant I configure this Copyright c 2003 Axxcelera Broadband Wireless This page contains the default Security settings 3 4 4 1 Enabling Security You must enable Security before you can enable Firewall and or Intrusion Detection In the Security State section 1 Click on Security Enable radio button 2 Click on Change State to update the Security State section Axxcelera Broadband AB 100 Manual Page 20 of 111 Version 5 3 4 4 2 Enabling Firewall and or Intrusion Detection You must create a security interface before you can enable Firewall and or Intrusion Detection See Configuring security interfaces On
56. d interface MTU 576 1500 Maximum Transmission Unit sets the maximum size of an Ethernet frame that will be passed through the interface Real Interface Interface name Displays the real interface that a virtual interface is attached to Name Interface name The name of the WAN service as defined by AB 100 when created Snmp If Index Enabled true false Allows user to enable or disable the interface Layer2Session N A N A _ Aucelera AB 100 O Gir Edit connection ip2 O Quick Start gt System V Configuration Save config Authentication LAN connection Security WAN connections IP routes DHCP server DHCP relay DNS client DNS relay V Ports Ethernet ATM Edit Ip Interface Edit Ip Interface Options Name Value lpaddr 192 168 5 1 Mask 255 255 255 0 Dhcp false v MTU 1500 Real Interface Name ip2 Snmp If Index 0 Enabled tue x Layer2Session Change Reset 4 5 Edit Tcp Mss Clamp Axxcelera Broadband AB 100 Manual Edit Tcp Mss Clamp Edit Rip Versions Edit NAT Edit IPoA Copyright c 2003 Axxcelera Broadband Wireless Description Page 49 of 111 Version 5 TCP MSS Clamp true false Enables or disables TCP MSS Maximum Segment Size Clamp functionality on an existing IP interface When TCP MSS Clamp is enable on an interface all TCP traffic routed through that interface will be examined If a
57. dit a service a Click on the Edit link b Change the options for the existing virtual interface then click on Change The page is reset and the new values are displayed NOTE All options are explained in detail in section Advanced Options To delete a service a Click on the Delete link b Check the details displayed then click on the Delete this connection button 3 4 4 Security This option allows you to configure Security NAT and Firewall e Security AB 100 allows you to Enable Security see Enabling Security Configure Security interfaces Configuring security interfaces Configure triggers see Configuring triggers e NAT AB 100 allows you to Enable NAT between interfaces see Configuring NAT Configure global addresses see Configuring NAT global addresses Configure reserved mapping see Configuring NAT reserved mapping e Firewall AB 100 allows you to Enable Firewall and Firewall Intrusion Detection settings see Enabling Firewall and or Intrusion Detection Set the Firewall security level see Setting a default security level Axxcelera Broadband AB 100 Manual Page 19 of 111 Version 5 Configuring Firewall policies portfilters and validators see Configuring Security policies Configuring portfilters and Configuring validators Configure Intrusion Detection settings see Configuring Intrusion Detection Settings From the Configuration menu click on Se
58. e Backup Restore page 4 Information Model configuration file version 4 N ImIGMPProxy ImIGMPProxy Axxcelera Broadband AB 100 Manual Version 5 Page 66 of 111 A forwardAll false N ImRip ImRip hostRoutes false poison false authEnable false authPassword advertiseDefaultRoute false defaultRouteCost 1 N ImBridge ImBridge A filterage 300 A enabled false A layer2SessionUser ImRouter ImIpInterfaces ipl ImBridgeInterfaces ImBridge ImBridgeInterfaces N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled false N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled true A layer2Session ImServices ethl ethl N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 ImBridgeInterface ImBridge ImBridgeInterfaces rfc1483 0 A etherFilterType All A portFilter All A enabled true A layer2Session ImServices rfcl483 0 item0 ImSpanningBridgeInterface ImBridge ImBridgeInterfaces rfcl1483 ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 ImBridgeInterface ImBridge ImBridgeInterfaces rfc1483 1 A etherFilterType All A portFilter All A enabled true A layer2Session ImServices rfcl483 1 item0 ImSpanningBridgeInterf
59. e Create virtual interfaces multiple virtual interfaces can be associated with the existing primary LAN interface From the Configuration menu click on LAN connections The following page is displayed Axxcelera Broadband AB 100 Manual Page 17 of 111 Version 5 Ancelera AB 100 Status LAN connection O Essig This page allows you to change the IP address for the default LAN port The name of the IP interface is ip1 gt System V Configuration Save config Authentication Default LAN Port LAN connection The Secondary IP Address should be on the Security same subnet as the Primary IP Address and WAN connections uses the same Subnet Mask Addresses on IP routes other subnets can be added using Virtual DHCP server Interfaces Bey Primary IP Address DNS relay IP Address 192 158 4 2 P Ports Subnet Mask pss 255 pss pc Secondary IP Address IP Address hb p b NN Apply Note there may be a short pause between clicking Apply and receiving a response Advanced LAN port ip1 virtual interfaces IP Interface Name None Create a new virtual interface O Copyright c 2003 Axxcelera Broadband Wireless Configuring primary and secondary LAN connections 1 The Default LAN Port section contains two subsections a IP address and subnet mask details of your primary LAN connection To edit these details click in the appropriate text box and type new primary address details b Secondary IP address deta
60. e is displayed Axxcelera Broadband AB 100 Manual Page 23 of 111 Version 5 Axxcelera AB 100 BROADBAND WIRELESS Status Advanced NAT Configuration ip2 O Quick Start gt System V Configuration Global Address Pools Save config Authentication No Global Address Pools LAN connection Security Add Global Address Pool Q WAN connections IP routes DHCP server DHCP relay DNS client i TE Reserved Mappings gt Ports No Reserved Mappings Add Reserved Mapping O Return to Interface List Q Copyright c 2003 Axxcelera Broadband Wireless 2 Click on Add Global Address Pool the following page is displayed Axxcelera AB 100 BROAD Status NAT Add Global Address Pool ip2 O Quick Start gt System V Configuration Add Global Address Pool Save config Authentication LAN connection Interface Type Use Subnet Configuration IP Address Subnet Mask IP Address 2 Security WAN connections internal gt Use Subnet Mask z l IP routes DHCP server DHCP relay DNS client Add Global Address Pool DNS relay E Ports Return to NAT Configuration Return to Interface List Q Copyright c 2003 Axxcelera Broadband Wireless Axxcelera Broadband AB 100 Manual Page 24 of 111 Version 5 3 This page allows you to create a pool of network IP addresses that are visible outside your network Add values for the following table entries e Interface type the internal add
61. eaeeeseeeeeseeseeanes 63 7 1 AB Access Configuration Piles siissssciacessniadatesehieucaebeatunatstanscesbheparauenbontiennesaseaeueians 63 7 1 1 iui gta tte secu ee E A E E E REE EE E 63 74 2 AP System CONT errei irecte o RE E AERE TEE 64 7 1 3 AP uisi eo na a E EA E E E RE 64 7 1 4 SOZ mA C eee r RR 64 7 1 5 AP intswiteheli menena A EEE EUN DE 64 7 1 6 SUT resol V P 64 7 1 7 SUL initbrid M 65 7 1 8 SUI System SE OIN ea sis e nEn EE EEEN AAEE EARTE OT 65 7 1 9 SOLTAS ee E E ET 65 FABLE EOS 0 c 65 FADD SUZ MO Se E MX 66 PAD SU2 Sy coeurs 66 VU EEME RPSL sm 66 Ta AB 100icf config THeu oen pies Poe OHRERR QUA DEOR DIVS CuppRuIN LE MD EROR LONG URN C DIR dU UCER 66 8 AB 100 AB ACCESS CLIP T SYSTEM irren oe Ene n Ene I ER ERKRERRER RR ER ERERRRRKRRREMEREEEKEKKE anaa Ea 71 8 1 AB Access Configuration Files iic ona c Ea FU ord e SUY de BEEN e voe dies VEI de e BEA PA URS RR S 71 8 1 1 lug MNT n 71 8 1 2 AP system COU mM crc 72 8 1 3 SU PESOLV e C 73 8 1 4 STC CCL REEL 73 827 POB TOO ICE eoi uU TUIS 73 9 AB 100 AB ACCESS CLIP S SYSTEM csssscccessissennsesnctcatatasnncnnsicetcetacasnsaasaneteeeasnsadaasennsncataisaneadean 77 9 AB Access Configuration Files sis oca c Rx DEVISE Ub IRR OUR CHER Dar AE 71 9 1 1 AP TeSOlVE inenen eA aE E E E E R E EARE Ea T
62. efault default perm epd add atm25m 0 1024 atm25i 0 300 default default perm epd add atm25i 0 300 atm25m 0 1024 default default perm epd 7 1 6 SU1 resolve Axxcelera Broadband AB 100 Manual Page 64 of 111 Version 5 device add bridge ether bridge mtu 1500 192 168 3 10 subnet add bridge home 192 168 3 0 ff ff ff 00 rip send all none rip accept all none route add default 0 0 0 0 192 168 3 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 7 1 7 SUIT initbridge spanning disable device add edd device add r1483 7 1 8 SU1 system conf channel 0 antenna horizontal mode static mid 3 bid 0 interface eth backoff 0 provider abw key Axxcelera mask 1ffff leds active 7 1 9 SU1 initr1483 pvc 0 768 atm25m 70000 70000 7 1 10 SU2 resolve Axxcelera Broadband AB 100 Manual Version 5 Page 65 of 111 device add bridge ether bridge mtu 1500 192 168 3 11 subnet add bridge home 192 168 3 0 ff ff ff 00 rip send all none rip accept all none route add default 0 0 0 0 192 168 3 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 7 1 11 SU2 initbridge spanning disable device add edd device add r1483 7 1 12 SU2 system conf channel 0 antenna horizontal mode static mid 4 bid 0 interface eth backoff 0 provider abw key Axxcelera mask 1ffff leds active 7 1 13 SU2 initr1483 pvc 0 1024 atm25m 70000 70000 7 2 AB 100 icf config file This file can be retrieved and loaded through th
63. elera Broadband AB 100 Manual Page 108 of 111 Version 5 Section 12 12 Appendix 12 1 Ethernet port RJ 45 Female PIN TYPE SIGNAL 1 OUTPUT RX 87654321 2 OUTPUT RX 3 INPUT TX 4 N A N A 5 N A N A 6 INPUT TX 7 N A N A 8 N A N A 12 2 Ethernet cables 12 2 1 Straight RJ 45 Male PIN SIGNAL Direction PIN 1 TX gt 1 87654321 2 TX gt 2 3 RX 3 4 N A 4 5 N A 5 6 RX 6 7 N A 7 8 N A 8 12 2 2 Cross Over Axxcelera Broadband AB 100 Manual Page 109 of 111 Version 5 RJ 45 Male PIN SIGNAL Direction _ 1 TX gt 3 87654321 2 TX gt 6 3 RX 1 4 N A 4 5 N A 5 6 RX 2 7 N A 7 8 N A 8 12 3 ATM port RJ 45 Female BZ TYPE SIGNAL 1 INPUT RX 87654321 2 INPUT RX 3 N A N A 4 N A N A 5 N A N A 6 N A N A 7 OUTPUT TX 8 OUTPUT TX 12 4ATM cables 12 4 1 Straight RJ 45 Male PIN SIGNAL Direction PIN 1 RX 1 87654321 2 RX 2 3 N A 3 4 N A 4 5 N A 5 6 N A 6 7 TX gt 7 8 TX gt 8 Axxcelera Broadband AB 100 Manual Page 110 of 111 Version 5 12 4 2 Cross Over RJ 45 Male 87 6 543717 1 RX 7 2 RX 8 3 N A 3 4 N A 4 5 N A 5 6 N A 6 7 TX gt 1 8 TX gt 2 Axxcelera Broadband AB 100 Manual Version 5 Page 111 of 111
64. er ImIpInterfaces ipoa 0 ipaddr 192 168 100 1 mask 255 255 255 252 dhcp false mtu 1500 realInterface enabled true layer2Session ImServices ipoa 0 itemO0 N ImTcpMssClamp ImRouter ImIpInterfaces ipoa 0 ImTcpMssClamp A enabled false N ImRipVersions ImRouter ImIpInterfaces ipoa 0 ImRipVersions A acceptV1l false A acceptV2 false A sendV1 false A sendV2 false A sendMulticast false N ImIpInterface ImRouter ImIpInterfaces ipoa 1 A ipaddr 192 168 5 1 gp op mese zZ A A A A gp a ee Axxcelera Broadband AB 100 Manual Page 83 of 111 Version 5 mask 255 255 255 252 dhcp false mtu 1500 realInterface enabled true layer2Session ImServices ipoa l PP gm p SP ImTcpMssClamp ImRouter ImIpInterfaces A enabled false ImRipVersions ImRouter ImIpInterfaces A A A A A acceptvl false acceptV2 false sendV1 false sendv2 false sendMulticast false ImIpInterface ImRouter ImIpInterfaces ipaddr 192 168 5 5 mask 255 255 255 252 dhcp false mtu 1500 realInterface enabled true layer2Session ImServices ipoa 2 gp op ms ImTcpMssClamp ImRouter ImIpInterfaces A enabled false ImRipVersions ImRouter ImIpInterfaces A A A A A acceptV1 false acceptV2 false sendV1 false sendV2 false sendMulticast false ImRoutes ImRouter ImRoutes ImIpV4Ro ImIpV4Ro ImPorts ImPor ethernet Im atm ImW Axxcelera Broadband ute ImRouter ImRoutes item0 destination 19
65. era Broadband AB 100 Manual Page 97 of 111 Version 5 W AB Editor O x 10 Click on Submit 11 Edit the resolve file by changing the following lines a Device e OLD device add eth0 ether edd mtu 1500 192 168 2 2 e New device add atm0 atm bun mtu 1500 192 168 2 2 b Subnet e OLD subnet add ethO home 192 168 2 0 _ ff ff ff 00 e New subnet add atmO0 home 192 168 2 0 _ ff ff ff 00 c Ipatm pvc e Add ipatmpvc add atm0 atm25m 0 100 pcr 70000 70000 remoteip 192 168 2 1 d Relay If the unit relay all then nothing needs to be changed If the unit specifies specific devices all relays need to be deleted and add relay all e Old relay ethO ethO relay ethO atm1 relay atm atml e New relay all Axxcelera Broadband AB 100 Manual Page 98 of 111 Version 5 D TestAP resolve Notepad 0 x File Edit Format View Help add atmo atm hbun mtu 1500 192 168 2 2 add atml atm hun mtu 1500 192 168 10 1 add atml home 192 168 10 0 TF ff ff 00 add atmo home 192 168 2 0 TET OG route add default 0 0 0 0 192 168 2 1 00 00 00 00 1 MAN relay all send ethO none send atml none accept ethO none accept atml none lifetime 60 atmo atm257 0 100 pcr 70000 70000 remoteip 192 168 2 1 atml atm25m 0 512 pcr 1000 1000 remoteip 192 168 10 2 atml atm25m 0 768 pcr 2000 2000 remoteip 192 168 10 3 atml atm25m 0 1024 pcr 5000 5000 remoteip 192 168 10 4 atml atm25m 0 1280 pcr 700 700 remoteip 192 168 10 5 atml atm25m 0 153
66. erface advertise false ImPorts ImPorts ethernet ImPorts ethernet A resetDefaults false atm ImPorts atm A resetDefaults false ImWebserver ImWebserver A A A A ipl ImTcpMssClamp ipl ImRipVersions ipoa 0 gp ge item0 ipoa 0 ImTcpMssClamp ipoa 0 ImRipVersions gp opp mpl AB 100 Manual Version 5 Axxcelera Broadband Page 95 of 111 httpPort 80 upnpPort 2800 telnetPort 23 interface ipl enabled true mgmtIp 0 0 0 0 archive expand isfs derived data dat enableAuxillaryPort true PPP PP SP Pe end Axxcelera Broadband AB 100 Manual Page 96 of 111 Version 5 Section 10 11 Converting to ATM Before you install the AB 100 at an existing sector you will need to convert the AP from a terminated Ethernet configuration to an ATM configuration All of these configuration changes will be done on the AP and are slightly different for CLIP T CLIP S and 1483 S modes All instructions use the AB Express tool For further instructions on how to use this tool refer to the AB Express User Manual 11 1CLIP T Open Retrieve AB Configuration Fill in current IP address of unit Enter the hostname that you want to refer to this unit by Enter the current password of the unit Select Retrieve Configuration Click on Submit W Update AB Unit O x DOE Ur M 7 Open Edit AB Configuration 8 Fill in Hostname of AP that you want to edit 9 Select Edit Configuration Axxcel
67. erface Packets Sent Number of packets sent on interface Good Packets Number of good packets sent on interface Version Current version of Ethernet driver Enabled true false Enables or disables interface Termination N A N A Axxcelera AB 100 4 T L Status Edit connection eth1 O Quick Start gt System V Configuration Save config Authentication LAN connection WAN connections IP routes Edit Ethernet Edit Ether Channel Edit Bridge Interface DNS client DNS relay 7 Security Edit Ethernet gt Ports Options Name Value If In Octets 154969 If Out Octets 413175 If In Errors If Out Errors 0 Packets Sent 977 Good Packets 785 Version 1 01 Enabled tue Termination Change Reset Copyright c 2003 GlobespanVirata Inc Terms and conditions zj Axxcelera Broadband AB 100 Manual Page 57 of 111 Version 5 4 15Edit Ether Channel Name Value Description Port text field Enter class of port Should be left to default Port Class Ethernet Displays class of port _ Aucelera AB 100 Status Edit connection eth1 Quick Start System Configuration Save config Authentication LAN connection Security a connections Edit Ethernet Edit Ether Channel Edit Bridge Interface routes DHCP server B DHCP relay Edit Ethernet DNS client DNS relay V Ports z Ethernet Options ATM Name Value Ifln Octets 169707 If Out Octets 157661 If In
68. erface on Axxcelera Broadband AB 100 Manual Page 21 of 111 Version 5 3 4 4 5 Click on the Interface Type drop down list and specify what kind of interface it is depending on how it connects to the network external internal or DMZ Click on Apply The Security page is displayed The Security Interface section contains a table that displays information about each security interface that you have created e Name name of LAN service that the security interface is based on e Type of network connection specified e NAT setting It contains hyperlinks that allow you to configure NAT See Configuring NAT e Delete Interface hyperlink Click on this to display the Security Delete Interface page Check the interface details then click on the Delete button Configuring NAT To configure NAT you need to l 2 3 Enable Security see Enabling Security Create at least two different security interface types based on existing LAN services see Configuring security interfaces Once you have created more than one security interface the NAT column in the Security Interface table tells you that you can enable NAT between the existing security interface and a network interface type For example if you create an external interface and an internal interface your table will look like this Security Level Security Level n a Enable Firewall to set level Security Interfaces Name Type NAT iplan external
69. ervices ipoa 1 A creator WebAdmin A description SU1 Data N ImIpoa ImServices ipoa l item0 A svc false A atmarp here A lifetime 60 A enabled true A layer2SessionUser ImRouter ImIpInterfaces ipoa 1 N ImChannels ImServices ipoa l item0 ImChannels N ImAtmChannel ImServices ipoa l item0 ImChannels item0 A txVci 200 rxVci 200 pcr 2000 class UBR A A A A port atm N ImService ImServices ipoa 2 A creator WebAdmin A description SU2 Data Axxcelera Broadband AB 100 Manual Version 5 Page 82 of 111 N ImIpoa ImServices ipoa 2 item0 A svc false A atmarp here A lifetime 60 A enabled true A layer2SessionUser ImRouter ImIpInterfaces ipoa 2 N ImChannels ImServices ipoa 2 item0 ImChannels N ImAtmChannel ImServices ipoa 2 item0 ImChannels item0 A txVci 300 A rxVci 300 A pcr 2000 A class UBR A port atm N ImUsers ImUsers N ImUser ImUsers atmos username atmos password atmos comment Created by CLI accessLevel superuser mayConfigure true mayDialIn true pppLoginAuth none N ImRouter ImRouter ImIpInterfaces ImRouter ImIpInterfaces N ImIpInterface ImRouter ImIpInterfaces ipl A ipaddr 192 168 1 1 mask 255 255 255 0 dhcp false mtu 1500 enabled true A layer2Session ImBridge N ImTcpMssClamp ImRouter ImIpInterfaces ipl ImTcpMssClamp A enabled false N ImRipVersions ImRouter ImIpInterfaces ipl ImRipVersions A acceptV1 false A acceptV2 false A sendV1 false A sendV2 false A sendMulticast false N ImIpInterface ImRout
70. et N ImService ImServices ipoa 0 A creator WebAdmin A description AP MGMT N ImIpoa ImServices ipoa 0 item0 A svc false A atmarp here A lifetime 60 A enabled true A layer2SessionUser ImRouter ImIpInterfaces ipoa 0 N ImChannels ImServices ipoa 0 item0 ImChannels N ImAtmChannel ImServices ipoa 0 item0 ImChannels item0 A txVci 99 A rxVci 99 A class UBR A port atm N ImService ImServices rfc1483 0 A creator WebAdmin A description DATA N ImRf c1483 ImServices rfc1483 0 itemO A mode LlcBridged A enabled true A layer2SessionUser ImBridge ImBridgeInterfaces rfc1483 0 N ImChannels ImServices rfcl1483 0 item0 ImChannels N ImAtmChannel ImServices rfc1483 0 itemO ImChannels itemO A txVci 200 A rxVci 200 A pcr 2000 A class UBR A port atm N ImUsers ImUsers N ImUser ImUsers a username a password a comment C tmos tmos tmos reated by CLI mayConfigu mayDialIn pppLoginAu N ImRouter ImRoute gom ge z accessLevel superuser re true true th none ImIpInterfaces ImRouter ImIpInterfaces N ImIpInterface ImRouter ImIpInterfaces ipl A ipaddr 192 dhcp false A A A mtu 1500 A 168 1 1 mask 255 255 255 0 enabled true A layer2Session ImBridge N ImTcpMssClamp ImRouter ImIpInterfaces ipl ImTcpMssClamp A enabled false N ImRipVersions ImRouter ImIpInterfaces ipl ImRipVersions A acceptV1 false A acceptV2 false A sendV1 false A sendV2 false A sendMulticast false N ImI
71. g ATM to Ethernet network protocol conversions Whether deploying the AB 100 as a way to make the most of an AB Access deployment in a pure Ethernet network or as a means of providing wireline ATM25 to Ethernet 10 100 Base T conversions AB 100 serves this task without requiring additional expensive ATM switches or Ethernet routers Ethernet over ATM is not new Standards exist within the ATM world to coordinate how these networks are to interoperate These standards define how to terminate ATM networks at Ethernet bridges layer 2 as well as how to terminate them at IP routers layer 3 AB 100 supports both of these varieties via the RFC 1483 and RFC 1577 ATM standards and thus is compatible with standard ATM and Ethernet appliances Because the AB 100 is both an Ethernet device as well as an ATM device other services such as firewall NAT DHCP server and DNS relay are also supported Axxcelera Broadband AB 100 Manual Page 7 of 111 Version 5 Section 2 2 Installation 2 1 Factory Defaults Username atmos Password atmos Ethernet IP Address 192 168 4 2 24 2 2 Back Panel ETHERNET 2 2 1 ATM AnATM 25 UTP connection with LEDs that diplay link and traffic status 2 2 2 Ethernet A 10 100 BT Ethernet UTP connection with LEDs that display link and traffic status 2 2 3 MNGMT A DB 9 female connection that provides serial management to the unit 2 2 4 LED LED that displays status of unit A green LED indi
72. ge is displayed If you click on the Virtual I f link the Virtual interface page displays a table listing the names of existing virtual interfaces Each virtual interface is called item by default 3 4 6 IP routes This option allows you to create static IP routes to destination addresses via an IP interface name or a Gateway address From the Configuration menu click on JP routes The Edit Routes page is displayed Axxcelera Broadband AB 100 Manual Page 35 of 111 Version 5 Axxcelera AB 100 ROADBANO WIRELESS Status 1 Edit Routes Quick Start System Configuration Existing Routes Save config Valid Destination Gateway Netmask Advertise Delete Authentication LAN connection v oooo 192 168 5 3 0 0 0 0 false v T Advanced Options Security WAN connections Apply Reset IP routes DHCP server Create new Ip V4Route DHCP relay DNS client DNS relay P Ports Copyright c 2003 Axxcelera Broadband Wireless This page lists the following information about the existing routes Whether the route is valid v or invalid Y Destination IP address Gateway address Netmask Whether the route is advertised via RIP true or false 3 4 6 1 Creating an IP V4 Route 1 Click on Create new IP V4 Route hyperlink The following page is displayed Axxcelera AB 100 BROADBAND WIRELESS Status Create Ip V4Route O Quick Start p System Name Value V Configuration Destination 0 0 0 0 Save
73. give you better small packet performance than CLIP_T however it is more difficult to convert an existing sector to CLIP_S This is because the AB 100 only allows one IP address per PVC So each SU must be terminated to a different IP address this also requires that each wireless interface of each SU be assigned a new IP address It is generally preferable to use a 252 30 subnet mask for each SU 192 168 5 2 30 192 168 100 2 192 168 3 65 29 PVC 768 PVC 1024 192 168 5 6 30 AP 192 168 100 1 30 SU1 192 168 5 1 30 SU2 192 168 5 5 30 LAN 192 168 1 1 24 AP Management PVC e SU1 Data Mgmt PVC e SU2 Data Mgmt PVC 9 1 AB Access Configuration Files 9 1 1 AP resolve Axxcelera Broadband AB 100 Manual Page 77 of 111 Version 5 device add atm0 atm bun mtu 1500 192 168 100 2 subnet add atm0 home 192 168 100 0 ff ff ff fc rip send all none rip accept all none route add default 0 0 0 0 192 168 100 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 ipatm pvc atm0 atm25i 0 101 pcr 70000 70000 remoteip 192 168 100 1 9 1 2 AP system conf channel 0 antenna horizontal mode static mid 0 bid 0 interface atm0 backoff 0 provider abw key Axxcelera mask 1ffff leds active max_mid 254 9 1 3 AP initswitchcli tp default UBR 2667 sp default 256 stats add atm25m 0 768 atm25i 0 200 default default perm epd
74. guration option uici a gt System This page allows you to set up a new DHCP server configuration option that will be sent to DHCP clients V Configuration on this subnet Save config Create new DHCP option Authentication LAN connection Choose which option you would like to configure using the drop down list Then fill in the text box to specify what will be sent to DHCP clients if they should request a value for the chosen option Some of the options such as WINS servers may be a list of IP addresses You should type them in Security seperated by commas as in the following example WAN connections 192 168 219 1 192 168 220 1 IP routes Option name x DHCP server H Default gateway DHCP relay Option value DNS client DNS relay OK Reset gt Ports Cancel Copyright c 2003 Axxcelera Broadband Wireless 3 Click on the Option name drop down list and select a name Type a value that matches the selected option name in the Option value text box Click on OK 4 The Edit DHCP server subnet page is displayed and details of your new option are displayed under the sub heading Additional option information To delete an existing option check the Delete box for a specific option and click OK 3 4 7 4 Creating a fixed host 1 Click on the Create new Fixed Host link The following page is displayed Axcelera AB 100 O Status H H Scien Create new DHCP server fixed host IP MAC mapping uick Start gt System Add new mapping
75. guration page is displayed containing details of the trigger that you have just configured 4 Each trigger displayed on the Firewall Trigger Configuration page has a Delete hyperlink assigned to it To delete a trigger click on this link then at the confirmation page click Axxcelera Broadband AB 100 Manual Page 32 of 111 Version 5 on the Delete button The Firewall Trigger Configuration page is displayed and details of the delete trigger have been removed There are two hyperlinks on the page a To adda new trigger click on New Trigger b To display the Security Interface Configuration page click on Return to Interface List 3 4 4 12 Configuring Intrusion Detection Settings Intrusion Detection settings allow you to protect your network from intrusions such as denial of service DOS attacks port scanning and web spoofing This section assumes that you have followed the instructions in Enabling Security and Enabling Firewall and or Intrusion Detection To configure Intrusion Detection settings 1 Go to the Policies Triggers and Intrusion Detection section of the Security Interface Configuration page Click on Configure Intrusion Detection The Firewall Configure Intrusion Detection page is displayed _ Axxcelera AB 100 O Status H H H H Firewall Configure Intrusion Detection O Quick Start amp System V Configuration Save config Use Blacklist false gt Authenticati en T pacer Use Victim Protection false
76. he DNS relay s list DHCP server The first address should be the Primary DNS server and the second address should be DHCP relay the Secondary DNS server You cannot have more than two addresses at a time DNS client DNS relay There are currently no DNS servers in the list Use the section below to add a new DNS server P Ports Add new DNS server Use this section to add a new DNS server to the DNS relay s list New DNS server IP address Apply Copyright c 2003 Axxcelera Broadband Wireless 3 4 10 1 Configuring the DNS relay list 1 In the Add new DNS server section type an address in the New DNS server IP address text box 2 Click on Apply The address is displayed in the Edit DNS server list section 3 To delete an entry check Delete box for a IP address then click on Apply Axxcelera Broadband AB 100 Manual Page 43 of 111 Version 5 3 5 Ports This option allows you to configure the ports available on your AB 100 system AB 100 has two ports one Ethernet port and one ATM port 3 5 1 Configuring ports 1 From the left hand menu click on Configuration From the Configuration menu click on Ports A sub list of ports available on your AB 100 is displayed The following ports are available on the AB 100 e Ethernet e ATM 2 From the Ports menu click on Ethernet The Ethernet Port Configuration page is displayed See Ethernet The page displays basic port attributes for the Ethernet port on your AB 1
77. ill in the following fields a Description Description text field b VPI Virtual Path Identifier NOTE AB Access only supports VPI 0 7 on terrestrial interface c VCI Virtual Circuit Identifier d Encapsulation method LLC SNAP or VcMux null NOTE AB Access only supports LLC SNAP encapsulation 8 Click on Apply Axxcelera BROADBAND WIRELESS O Status O Quick Start gt System V Configuration Save config Authentication LAN connection Security WAN connections IP routes DHCP server DHCP relay DNS client DNS relay V Ports Ethernet ATM Axxcelera Broadband AB 100 WAN connection RFC 1483 bridged Description customer1 SU4 VPI o VCI 259 Encapsulation method LLC SNAP gt Apply Copyright c 2003 Axxcelera Broadband Wireless AB 100 Manual Page 60 of 111 Version 5 Section 6 6 Configuring CLIP IPoA The CLIP_S and CLIP_T configuration are setup the same on AB 100 The only difference is that in CLIP T you only need to create one WAN IPoA routed connection The CLIP S configuration requires that you create a different WAN IPoA routed for each SU in the sector 1 Open web browser 2 Click on Configuration 3 Click on WAN connections _ Aucelera perce 9 Stats WAN connections O Quick Start B gt System M Eisen WAN services currently defined Authentication LAN connection Security WAN connections IP routes Create a E senice Q DHCP server
78. ils To create configure a secondary IP address click in the Secondary IP Address text box and type new address details 2 Once you have configured the IP address es click on the Apply button A message is displayed confirming that your address information is being updated If you have changed the primary IP address you may need to enter the new address in your web browser address box 3 4 3 1 Advanced See Advanced Options section 3 4 3 2 Creating virtual interfaces 1 Click on the Create a new virtual interface hyperlink at the bottom of the LAN connections page The following page is displayed Axxcelera Broadband AB 100 Manual Page 18 of 111 Version 5 Axxcelera AB 100 Status Create virtual interface Quick Start System Configuration Configure new virtual interface Save config IP Address i Authentication LAN connection Netmask f k Security WAN connections IP routes Apply DHCP server DHCF relay Copyright c 2003 Axxcelera Broadband Wireless DNS client DNS relay gt Ports ayoo 2 On the Create virtual interface page type the IP address and netmask of the virtual interface then click on the Apply button 3 The LAN connections page is displayed The virtual interfaces section contains a table listing the names of the virtual interface s Each virtual interface is called item by default 4 Each virtual interface name has an Edit and Delete link associated with it To e
79. is based on transport type and port number Before you can configure reserved mapping you need to configure NAT See Configuring NAT If you want to setup a reserved mapping on your existing NAT enabled interface 1 From the NAT Security Interfaces table click on the Advanced NAT Configuration hyperlink for the interface that you want to add reserved mapping to The Advanced NAT Configuration page is displayed 2 Click on the Add Reserved Mapping hyperlink The follow page is displayed Axxcelera Broadband AB 100 Manual Page 25 of 111 Version 5 Axxcelera AB 100 O Status H H NAT Add Reserved Mapping ip2 O Quick Start gt System V Configuration Add Reserved Mapping Save config Authentication LAN connection IP Addresses Transport External Port Range Internal Port Range Securit r WAN RT Global Internal Type Start End Start End IP routes DHCP server 0 0 0 0 Set to 0 0 0 0 to use the icmp 0 0 D 0 DHCP relay primary IP address of the interface ip2 DNS client DNS relay amp Ports Add Reserved Mapping Return to NAT Configuration Return to Interface List Q Copyright c 2003 Axxcelera Broadband Wireless 3 This page allows you to configure your reserved mapping Add specific values for the following table entries e Global IP Address if you are mapping from a global IP address type the address here If you are mapping g from a security interface type 0 0 0 0 e Internal
80. le to disk radio button From the Save As window select a file in which to save your backup configuration Click on Save 3 3 5 2 Restoring your configuration From the System menu click on Backup Restore In the Restore Configuration section click in the Configuration File text box and type the network path of the file that you wish to restore If you do not know the path details click on the Browse button and locate the file using the Choose file box 3 Click on the Restore button The page is refreshed with a Configuration Restored message and details of the number of bytes uploaded NR 3 3 6 Restart Router This page allows you to restart your AB 100 System 1 From the System menu click on Restart Router The following page is displayed Axxcelera Broadband AB 100 Manual Page 14 of 111 Version 5 Axxcelera AB 100 OA O BAND WIR hier Restart Router CA e From this page you may restart your router V System Event Log One click Update Restart Remote Access After clicking the restart button please wait for several seconds to let the system restart If you would like to reset all configuration to factory Firmware Update default settings please check the following box Backup Restore Restart Router Reset to factory default settings Configuration Restart Copyright c 2003 Axxcelera Broadband Wireless 2 Click on the Restart button to reset the AB 100 system The Restart page also provides you with the
81. mask 1 ffff leds active 9 2 AB 100 icf config file Information Model configuration file version 4 N ImIGMPProxy ImIGMPProxy A forwardAll false N ImRip ImRip A hostRoutes false A poison false A authEnable false Axxcelera Broadband AB 100 Manual Page 80 of 111 Version 5 A authPassword A advertiseDefaultRoute false A defaultRouteCost 1 N ImBridge ImBridge A filterage 300 A enabled false A layer2SessionUser ImRouter ImIpInterfaces ipl N ImBridgeInterfaces ImBridge ImBridgeInterfaces N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled false N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 N ImBridgeInterface ImBridge ImBridgeInterfaces ethl A etherFilterType All A portFilter All A enabled true A layer2Session ImServices ethl ethl N ImSpanningBridgeInterface ImBridge ImBridgeInterfaces ethl ImSpanningBridgeInterface A enabled false A priority 128 A pathCost 10 ImSpanningBridgeConfig ImBridge ImSpanningBridgeConfig A spanning false A spanPriority 32768 A helloTime 2 A maxAge 20 A forwardDelay 15 ImDhcpClient ImDhcpClient A reboot 10 A retry 300 A backoffCutoff 120 ImDhcpServer ImDhcpServer A defaultLeaseTime 43200 A allowBootp true A maxLeaseTime 86400 A allowUnknownClients true A enabled false ImDhcpRelay ImDhcpRelay A enabled false N ImDnsRelay ImDnsRelay A relayDomain
82. ndary port in order to transport packets The most common applications that require secondary ports are FTP and NetMeeting This section assumes that you have followed the instructions in Enabling Security To configure a trigger 1 Go to Policies Triggers and Intrusion Detection section on the Security Interface Configuration Click on Firewall Trigger Configuration The Firewall Configuration pages is displayed There are no triggers defined at this time Click on the New Trigger link The following page is displayed Axxcelera Broadband AB 100 Manual Page 31 of 111 Version 5 cAxxcelera AB 100 O Status H Security Add Trigger O Quick Start gt System V Configuration Pie Transport Port Port Secondary Secondary Allow Max Enable Enable Binary Address LAN connection Type Number Number Port Port Multiple Activity Session UDP Address Translation S Start End Number Number Hosts Interval Chaining Session Replacement Type ecurity Start End Chaining WAN connections IP routes DHCP server DHCP relay DNS client DNS relay Apply amp Ports Res p me o ees 5 Aevi Allow z Allow z Allow z nene z Return to Trigger List Return to Interface List Copyright c 2003 Axxcelera Broadband Wireless 2 Configure the trigger as follows a Transport Type select a transport from the drop down list depending on whether you are adding a trigger for a TCP or a
83. ng needs to be changed If the unit specifies specific devices all relays need to be deleted and add relay all e Old relay eth0 ethO relay ethO atm1 relay atm atml e New relay all P TestaP resolve Notepad lol x File Edit Format View Help device add atmo atm hbun mtu 1500 192 168 2 2 subnet add atmo home 192 168 2 0 TtL fi f 00 route add default 0 0 0 0 192 168 2 1 00 00 00 00 1 MAN rip send all none rip accept all none ipatm lifetime 60 ipatm pvc add atmo atm25m 0 100 pcr 70000 70000 remoteip 192 168 2 1 18 Edit the system conf file with the following changes a Interface e Old interface ethO e New interface atm0 Axxcelera Broadband AB 100 Manual Page 103 of 111 Version 5 TestAP system conf lE x antenna horizontal mode static mid O bid O interface atmo backoff rovider Axxcelera ey Axxcelera mask 7fff reg disabled leds active 17 Once files are edited and saved they are ready to upload to the AP by using Program AB Unit 18 Fill in the current IP address 19 Enter the Hostname for the modified files 20 Fill in the current unit password 21 Select Reboot Now 22 Click on Submit L Program AB Unit M 9 e Axxcelera Broadband AB 100 Manual Page 104 of 111 Version 5 11 31483 S Open Retrieve AB Configuration Fill in current IP address of unit Enter the hostname that you want to refer to this unit by Enter the current password of the unit Sele
84. onfig Authentication LAN connection Security Name Value WAN connections Port Speed 59111 IP routes DHCP server Connected false DHCP relay DNS client Reset Defaults false z DNS relay Note that the Reset Defaults option will not take effect until you save configuration and reboot V Apply Reset Ethernet ATM ATM Port Configuration View advanced attributes 0 Basic Port Attributes 3 5 1 3 View advanced attributes eAxxcelera AB 100 RUM Advanced Ethernet Port Configuration gt System y Configuration Return to basic attribute list Save config Authentication LAN connection Advanced Port Attributes Security Name Value WAN connections 100Base true IP routes DHCP serer 100Base Full Advert true Beene 100Base Half Advert true DNS relay 10Base Full Advert true V Ports 10Base Half Advert true Eine Auto Neg Ack Ok false Auto Neg Done true Auto Negotiate Restart false Auto Negotiation true Connected true Dis Reconnect Count 2 Enable Duplex Check true Full Duplex true Is Mysti true Jabber false Jabber Count 0 Link Speed 1000000 Loopback false No Neg100Base Mode true No Neg Full Duplex Mode false Remote100BTFD true Remote100BTHD true Remote10BTFD true Axxcelera Broadband Remote10BTHD true AB 100 Manual Version 5 Copyright c 2003 Axxcelera Broadband Wireless Page 45 of 111 4 Advanced Options 4 1 Edit Service Section 4 C
85. pInterface ImRouter ImIpInterfaces ipoa 0 Axxcelera Broadband AB 100 Manual Page 91 of 111 Version 5 ipaddr 192 168 2 1 mask 255 255 255 252 dhcp false mtu 1500 realInterface enabled true layer2Session ImServices ipoa 0 item0 ImTcpMssClamp ImRouter ImIpInterfaces ipoa 0 ImTcpMssClamp enabled false ImRipVersions ImRouter ImIpInterfaces ipoa 0 ImRipVersions acceptvVl false acceptV2 false sendV1 false sendV2 false sendMulticast false ImRoutes ImRouter ImRoutes ImIpV4Route ImRouter ImRoutes itemO destination 192 168 100 0 gateway 192 168 2 2 netmask 255 255 255 0 cost 1 timeout O0 interface advertise false ImPorts ImPorts ethernet ImPorts ethernet resetDefaults false ImPorts atm resetDefaults false A A A A A A A N A N A A A A A N N A A A A A A A N N A N atm A N ImWebs A A A A A A A A end rver ImWebserver httpPort 80 upnpPort 2800 telnetPort 23 interface ipl enabled true mgmtIp 0 0 0 0 archive expand isfs derived data dat enableAuxillaryPort true 10 3 AB 100 icf config file SU 4 Information Model configuration file version 4 N ImIGMPProxy ImIGMPProxy A N ImRip N Im gp mpg forwardAll false ImRip hostRoutes false poison false authEnable false authPassword advertiseDefaultRoute false defaultRouteCost 1 Bridge ImBridge Axxcelera Broadband AB 100 Manual Version 5 Page 9
86. r of errors received on interface If Out Errors Number of errors transmitted on interface Packets Sent Number of packets sent on interface Good Packets Number of good packets sent on interface Version H Displays current version of 1483 drivers Enabled true false Enables or disables interface Termination N A N A c Axxcelera AB 100 Status Edit connection ip2 O Quick Start gt System V Configuration M Edit Ip Interface Edit Tcp Mss Clamp Edit Rip Versions Edit NAT Edit IPoA LAN connection s El Su Edit NAT DHCP sener DNS cent Options DNS relay V Ports Name Value Ethernet Nat Enabled false ATM Change Reset Copyright c 2003 Axxcelera Broadband Wireless 4 9 Edit Bridge Name Value Description Version Displays the current version of the bridge drivers Filterage 10 100 000 The filter age is the time in seconds after which MAC addresses are removed from the filter table when there is no activity Version Displays the current version of the bridge drivers Enabled true false Enables or disables the bridge Axxcelera Broadband AB 100 Manual Page 52 of 111 Version 5 Termination N A N A 4Axxcelera AB 100 HF H LU LU Status Edit connection ImBridge O Quick Start B gt System V Configuration ee COT Edit Bridge Edit Bridge Edit Edit Bridge Edit Edit Edit Auto Edit Ip Edit Edit Rate Interface
87. r router V System Event Log Crosci Upee Showing all events Remote Access Firmware Update most recent events last times are since last reboot or real time if available Backup Restore Restart Router Time Event oniguraton 00 00 06 im Changed ip1 IP address to 192 168 4 2 00 00 06 im Changed ip2 IP address to 192 168 5 1 00 00 06 im Changed ip3 IP address to 192 168 2 1 Clearthese entries Select events to view Selecta log z View Copyright c 2003 Axxcelera Broadband Wireless 3 3 2 One click update This allows you to use one click to download new AB 100 images from a remote HTTP server You do not need to browse for the correct file to upload which you must do when using the Update process 1 From the System menu click on One click update The following page is displayed o Statis One Click Update Quick Start From this page you may update the system software on your network device V System Event Log One click Update Update device firmware Remote Access Firmware Update Backup Restore Restart Router Next amp Configuration Copyright c 2003 Axxcelera Broadband Wireless 2 Click on the Next button The Auto Update page is displayed This page contains the following information Axxcelera Broadband AB 100 Manual Page 11 of 111 Version 5 e Existing software version the software version that you are currently using e Available software version the software version available for do
88. ra AB 100 O Status O Quick Start Create new DHCP server subnet P System This page allows you to set up a new DHCP server subnet so that the system can assign IP address subnet mask V Configuration and option configuration parameters to DHCP clients Save config Authentication LAN connection Parameters for this subnet Define your new DHCP subnet here If you do not wish to specify the subnet value and subnet mask by hand you may instead select an IP interface using the Get subnet from IP interface field A suitable subnet will be created based on the IP address and subnet mask belonging to the chosen IP interface Security Subnet value WAN connections IP routes Subnet mask i eo DHCP server 4 DHCP relay Get subnet from IP interface none v NS cli ae ee Maximum lease time 86400 seconds P Ports Default lease time 43200 seconds IP addresses to be available on this subnet You need to make sure that the start and end addresses offered in this range are within the subnet you defined above Alternatively you may check the Use a default range box to assign a suitable default IP address pool on this subnet Start of address range End of address range XT 1 i 1 Use a default range DNS server option information Enter the addresses of Primary and Secondary ONS servers to be provided to DHCP clients on this subnet You may instead allow DHCP server to specify its own IP address by clicking on the Use local host add
89. rchive expand isfs derived data dat true 0 0 0 0 enableAuxillaryPort true Axxcelera Broadband AB 100 Manual Version 5 ipoa 0 ipoa 0 ImTcpMssClamp ipoa 0 ImRipVersions Page 70 of 111 Section 8 8 AB 100 AB Access CLIP T system The CLIP T configuration will allow the easiest conversion from Ethernet to ATM mode However it does not have the small packet performance advantages that CLIP_S has This configuration uses the AP in the exact same way that it does in Ethernet mode So there are only minor changes and additions to the resolve and system conf files 192 168 100 1 192 168 2 2 30 PVC 768 192 168 100 3 192 168 3 65 29 SU Data Management PVC e AP SU Management Data Path AB 100 B AP 192 168 2 1 30 LAN 192 168 1 1 24 8 1 AB Access Configuration Files 8 1 1 AP resolve Axxcelera Broadband AB 100 Manual Page 71 of 111 Version 5 device add atmO atm bun mtu 1500 192 168 2 2 device add atm1 atm bun mtu 1500 192 168 100 1 subnet add atm0 home 192 168 2 0 ff ff ff fc subnet add atm1 home 192 168 100 0 ff ff ff 00 rip send all none rip accept all none route add default 0 0 0 0 192 168 2 1 00 00 00 00 1 MAN route add su1 192 168 3 64 192 168 100 3 ff ff ff f8 1 MAN relay all ipatm pvc lifetime 60 ipatm pvc atm0 atm25i 0 50 pcr 70000 70000 remoteip 192 168 2 1 ipatm pvc atm1 atm25m 0 768 pcr
90. reator WebAdmin CLI Displays the name of the config interface in which the service was created Desctiption Text field Text field that can be used to help identify the item _ Aucelera AB 100 Status Edit connection ipoal O Quick Start gt System V Configuration ALME Edit Service Edit 1PoA Edit Atm Channel Edit p Interface LAN connection 7 P Ej Seet e TG Edit Service p pee DNS cent Options Y Pow Name Value Ethernet Creator oui AM Description pe Change Reset Copyright c 2003 Axxcelera Broadband Wireless B 4 2 Edit IPoA Name Value Description il SVC true false Enables Switched Virtual Circuits Atmarp here lt a b c d gt Sets the Atmarp server for the local machine use here for a remote machine use its IP Address Lifetime 0 x ATM cell lifetime in seconds Similar to the TTL in an Ethernet frame If In Octets Number or bytes received on interface If Out Octets Number of bytes transmitted on interface If In Errors Number of errors received on interface If Out Errors Number of errors transmitted on interface Axxcelera Broadband AB 100 Manual Page 46 of 111 Version 5 Packets Sent Number of packets sent on interface Good Packets Number of good packets sent on interface Version Current version of the IPoA driver Enabled true false Enables or disables interface Termination N A Curren
91. ress as DNS server checkbox Primary DNS server address Secondary DNS server address Use local host address as DNS server Default gateway option information Use local host as default gateway OK Reset Cancel Tm T Ti T Copyright c 2003 Axxcelera Broadband Wireless 2 This page allows you to a Setthe value and netmask of the subnet either manually or by selecting an IP interface whose value and mask is used instead and set the maximum and default lease times Setthe DHCP address range or use a default range of 20 addresses c Setthe Primary and Secondary DNS Server addresses or set your AB 100 System to give out its own IP address as the DNS Server address d Set your AB 100 System to give out its own IP address as the default Gateway address 3 Once you have entered new configuration details for your DHCP server click on OK The DHCP Server page is displayed containing details of your new subnet 3 4 7 3 Editing a DHCP subnet 1 Click on the Advanced Options link for a specific subnet The Edit DHCP server subnet page is displayed This allows you to edit all of the values that were set when the subnet was created 2 This page also allows you to add additional option information At the bottom of the page click on the Create new DHCP option link The following page is displayed Axxcelera Broadband AB 100 Manual Version 5 Page 39 of 111 Axcelera AB 100 pone Create DHCP server confi
92. ress type that you want to map your external global IP addresses to Click on the drop down list and select an interface type e Use Subnet Configuration there are two ways to specify a range of IP addresses You can either Use Subnet Mask specify the subnet mask address of the IP address or Use IP Address Range specify the first and last IP address in the range Click on the drop down list and select a method e Type in the JP Address that is visible outside the network e Subnet Mask IP Address 2 the value you specify here depends on the subnet configuration that you are using If you chose Use Subnet Mask type in the subnet mask of the IP address If you chose Use IP Address Range type in the last IP address in the range of addresses that make up the global address pool 4 Once you have configured the table click on Add global address pool The table is refreshed and the global address is added to your NAT configuration To delete a global address pool click on the Delete hyperlink then click on the Delete Global Address Pool button Click on Return to Interface List to display the Security Interface Configuration page To create a reserved mapping click on the Add Reserved Mapping hyperlink See Configuring NAT reserved mappings 3 4 4 7 Configuring NAT reserved mapping Reserved mapping allows you to map an outside security interface or an IP address from a global pool to an individual IP address inside the network Mapping
93. ridge Config Name Value Description Version E Displays the current version of the spanning tree drivers Spanning true false Specifies whether or not the bridge is to implement the spanning tree protocol Span Priority 0 65535 Sets the spanning tree protocol priority Where two bridges have the same priority their MAC address is compared and the smaller MAC address is treated as the most significant Hello Time 1 10 Sets the time after which the spanning tree process sends notification of topology changes to the root bridge Max Age 6 40 Sets the maximum age of received spanning tree protocol information before it is discarded This is used when the bridge is or is attempting to become the root bridge Forward Delay 4 30 Sets the time that the bridge spends in listening or learning states when the bridge is or is attempting become the root bridge Axxcelera Broadband AB 100 Manual Page 55 of 111 Version 5 Axxcelera BROA AB 100 1 T O Status Edit connection ImBridge O Quick Start amp System V Configuration pe config Edit Bridge Edit Bridge Edit Edit Bridge Edit Edit Edit Auto Edit Ip Edit Edit uthentication Interface Spanning Interface Spanning Spanning Bridge Interface RFC1483 Ethernet LAN connection Bridge Bridge Bridge Security Interface Interface Config WAN connections g IP routes D
94. routes external dmz Only listed hosts blocked Port Filters Host Validators Q DHCP server DHCP relay dmz internal Only listed hosts blocked Port Filters Host Validators DNS client L 4 1 DNS relay P Ports Mew Palies All policies defined Return to Interface List O Copyright c 2003 Axxcelera Broadband Wireless The table contains details of each Security policy You can now configure the policies to include portfilters and validators See Configuring portfilters and Configuring validators 3 4 4 9 Configuring portfilters A portfilter is an individual rule that determines what kind of traffic can pass between two interfaces specified in an existing policy This section assumes that you will have followed the instructions in Configuring Security Policies To configure portfilter 1 From the Current Security Policies table click on the Port Filters link for the policy that you want to configure The page displayed contains three Add Filter hyperlinks that allow you to create three different kinds of portfilter e Fora TCP portfilter click on Add TCP Filter The following page is displayed Axxcelera Broadband AB 100 Manual Page 28 of 111 Version 5 _ Axcelera AB 100 ae Firewall Add TCP Port Filter external eae internal V Configuration Save config Authentication LAN connection Security Transport Port Range Direction Mad connections Type Start End Inbound
95. rts Ethernet ATM Axxcelera Broadband AB 100 WAN connection IPoA routed Description customerl SU3 VPI fo VCI 515 C Use DHCP WAN IP address 192 168 5 1 Enable NAT on this interface Copyright c 2003 Axxcelera Broadband Wireless AB 100 Manual Version 5 Page 62 of 111 Section 7 7 AB 100 AB Access 1483 S system SU1 192 168 3 10 PVC 1024 E mo 192 168 3 11 LAN 192 168 3 1 24 AP Management PVC e SU1 Data Mgmt PVC e e SU2 Data Mgmt PVC e e 7 1 AB Access Configuration Files 7 1 1 AP resolve device add bridge ether bridge mtu 1500 192 168 3 2 subnet add bridge home 192 168 3 0 ff ff ff 00 rip send all none rip accept all none route add default 0 0 0 0 192 168 3 1 00 00 00 00 1 MAN relay all ipatm lifetime 60 Axxcelera Broadband AB 100 Manual Page 63 of 111 Version 5 7 1 2 AP system conf channel 0 antenna horizontal mode static mid 0 bid 0 interface atm0 backoff 0 provider abw key Axxcelera mask 1ffff leds active max_mid 254 7 1 3 AP initbridge spanning disable device add edd device add 11483 7 1 4 AP initr1483 pve 0 101 atm25i 70000 70000 7 1 5 AP initswitchcli tp default UBR 70000 sp default 256 stats add atm25m 0 768 atm25i 0 200 default default perm epd add atm25i 0 200 atm25m 0 768 d
96. se N ImRipVersions ImRouter ImIpInterfaces A acceptVl false A acceptV2 false A sendV1 false A sendV2 false A sendMulticast false N ImIpInterface ImRouter ImIpInterfaces ipaddr 192 168 2 1 mask 255 255 255 252 dhcp false mtu 1500 reallnterface enabled true layer2Session ImServices ipoa 0 N ImTcpMssClamp ImRouter ImIpInterfaces A enabled false N ImRipVersions ImRouter ImIpInterfaces A acceptVl false A acceptV2 false A sendV1 false A sendV2 false A sendMulticast false N ImRoutes ImRouter ImRoutes N ImIpV4Route ImRouter ImRoutes item0 destination 192 168 100 0 gateway 192 168 2 2 netmask 255 255 255 0 cost 1 timeout O0 interface advertise false N ImIpV4Route ImRouter ImRoutes iteml destination 192 168 3 64 gateway 192 168 2 2 netmask 255 255 255 248 cost 1 timeout O0 interface advertise false N ImPorts ImPorts N ethernet ImPorts ethernet A resetDefaults false N atm ImPorts atm A resetDefaults false N ImWebserver ImWebserver httpPort 80 upnpPort 2800 telnetPort 23 interface ipl enabled true mgmtIp 0 0 0 0 mop gm ple pop e gp spp mop ge p gm pg enableAuxillaryPort true end ipl ImTcpMssClamp ipl ImRipVersions ipoa 0 item0 ipoa 0 ImTcpMssClamp ipoa 0 ImRipVersions archive expand isfs derived data dat Axxcelera Broadband AB 100 Manual Version 5 Page 76 of 111 Section 8 9 AB 100 AB Access CLIP S system The CLIP_S configuration will
97. tly not used _ Auacelera AB 100 e Status Edit connection ipoal O Quick Start gt System V Configuration Save config Authentication LAN connection Security WAN connections IP routes DHCP server DHCP relay DNS client DNS relay V Ports Ethernet ATM Edit Service Edit IPoA Options Name Value Svc false v Atmarp Lifetime o IfIn Octets 0 If Out Octets 47088 If In Errors If Out Errors 0 Packets Sent 981 Good Packets 0 Version 1 01 Enabled true J Termination Change Reset 4 3 Edit Atm Channel here Edit Atm Channel Edit Ip Interface Copyright c 2003 Axxcelera Broadband Wireless AENG Value li Description TX VCI 0 65536 Transmit Virtual Circuit Identifier TX VPI 0 256 Transmit Virtual Path Identifier RX VCI 0 65536 Receive Virtual Circuit Identifier RX VPI 0 256 Receive Virtual Path Identifier Peak Cell Rate 0 70000 The maximum number of cells allowed to pass through the PVC in a second Burst Tolerance 0 100 Controls the duration of traffic bursts on VBR Variable Bit Rate and VBR RT VBR Real Time channels Axxcelera Broadband AB 100 Manual Version 5 Page 47 of 111 Max Cell Rate Determines the maximum rate at which ATM cells are allowed to be sent along the PPPoA transport Max Burst Size 0 100 Controls the maximum burst size for VBR
98. tton DHCP server is disabled and the button changes to Enable NOTE If DHCP server is enabled DHCP relay will be disabled by default You can not enable DHCP relays unless you disable DHCP server See DHCP Server Axxcelera Broadband AB 100 Manual Page 41 of 111 Version 5 3 4 82 Adding a DHCP server to the DHCP relay list 1 Inthe Add new DHCP server section type an address in the New DHCP server IP address text box 2 Click on Apply The address is displayed in the Edit DHCP server list section 3 4 8 3 Editing deleting entries in the DHCP relay list 1 To edit an entry click on an IP address and type a new entry then click on Apply 2 To delete an entry check the Delete box for a specific IP address the click on Apply 3 4 9 DNS client This option allows you to e Create a list of server addresses This enables you to retrieve a domain name for a given IP address e Create domain search list DNS client uses this list when a user asks for the IP address list for an incomplete domain name From the Configuration menu click on DNS client The following page is displayed P Axxcelera AB 100 O Status H DNS client O Quick Start gt System V Configuration DNS servers Save config Authentication r LAN connection 192 168 1 1 Static Delete Security WAN connections IP routes Add DHCP server DHCP relay H E DNS client Domain search order DNS relay u ME P Ports www dns com Delete Add
99. utes Restart Router Enable gt Configuration Copyright c 2003 Axxcelera Broadband Wireless 2 Type in the length of time that you want to allow remote access for Click on Enable 3 The Remote Access page is displayed confirming the number of seconds remaining for remote access There is also a Disable button that allows you to stop remote access before the specified time ends Axxcelera Broadband AB 100 Manual Page 12 of 111 Version 5 3 3 4 Firmware Update This option allows you to upload firmware images to the AB 100 using HTTP A tar archive is uploaded to the RAM of your AB 100 The archive is unpacked automatically files are validated and then written to Flash memory 1 From the System menu click Firmware Update The following page is displayed _ Aucelera ald Status Firmware Update O Was Sib From this page you may update the system software on your network device V System Event Log One click Update Select Update File Remote Access Updates where available may be obtained from Axxcelera Broadband Wireless Firmware Update Backup Restore New Firmware Image DE Restart Router 3 Browse Update amp Configuration p Copyright c 2003 Axxcelera Broadband Wireless 2 Type in the network location of the new firmware image that you want to upload or use the Browse button to browse through the network and select the file Click on Update 3 Once the file has been uploaded to the RAM of your AB 100
100. uui tu RU eei Nast usb cuiii EE teta tU te aci DERE 19 344 1 Enabling chis MOT 20 3 4 4 Enabling Firewall and or Intrusion Detection ssssssseeeenee 21 3 4 4 3 Setting a default security Ievelsns nue GE prae UR RA ONE D I EROR 21 3 4 4 4 Configuring security interfaces ener 21 344 5 Config ring NAL T AESi 22 3 4 4 6 Configuring NAT global addresses seen 23 3 4 4 7 Configuring NAT reserved mapping sse 25 3 4 4 8 Configuring Security policies esent duet APIS QU Ped RP Reo Pe DER uds 26 Axxcelera Broadband AB 100 Manual Page 3 of 111 Version 5 3 4 4 9 Configuring portfilters uu scere inis or E ROREM UFen QUI x Rond bn np AERE RIA Corn SEXUS 28 3 4 4 10 Configuring validators RTL 30 3 4 4 11 Configuring trigget S asseris niir can Nec mod istic ooa DEAETE E ia 31 3 4 4 12 Configuring Intrusion Detection Settings ss ssesessssessessrssressessresresseeseese 33 3 4 5 WAN COMMG CLOTS NT 34 3 4 5 1 Cr ating a WAN SEEVICES a puisse plate i ia sae S Dis ee RERE CARESS 34 3 4 5 2 Editing a WAN service os iesiccs cite deaivien sane Gesancccesteurencannannacrsendaeesanrmimnaanterenteeenanirs 35 SABO Del ting a WAN SErViCEsusissiisiarsie iea A ni en d ton REAR E ER DD 35 3 4 5 4 Creating a virtual interface routed services only 35 3 4 6 c P E TERETERE S 35 3446 1 Greatingan IP V4 ROULG esiri A RE 36 3453 Editing d
101. ver entries on the DHCP relay list From the Configuration menu click on DHCP relay The following page is displayed _ Ancelera i AB 100 toon DHCP Relay O Quick Start gt System V Configuration This page allows you to enter a list of DHCP server IP addresses that the relay will forward DHCP packets to You Save config may also enable and disable the DHCP relay from here and choose which IP interfaces the relay should operate Authentication on LAN connection Security The DHCP relay is currently disabled WAN connections Enabl IP routes Iu DHCP server DHCP relay DNS client DNS relay DHCP relay interfaces E Ports Use this section to edit the list of IP interfaces the DHCP relay should listen on There are currently no IP interfaces configured so the DHCP relay will listen on all available IP interfaces Add new interface Use this section to tell DHCP relay to listen on another IP interface New IP interface ip1 v Add Edit DHCP server list Use this section to edit existing DHCP server addresses present in the DHCP relay s list There are currently no DHCP servers in the list Use the section at the bottom of the page to add a new DHCP server Add new DHCP server Use this section to add a new DHCP server to the DHCP relay s list New DHCP server IP address i Apply zi 3 4 8 1 Enabling disabling DHCP relay 1 Click on the Enable Disable button at the top of the page If you click on the Disable bu
102. wnload e Download from the available software version s source address e Overview URL that can be linked to a web page detailing additional information about this software version 3 To update device firmware click on OK The Firmware Update page is refreshed The page contains two progress bars e The first progress bar displays how long it is taking to fetch the new software version from the web server e Once the software has been retrieved the second progress bar displays how long it is taking to write the new software version to Flash 4 Once the file has been written to Flash the Auto Update page is refreshed The page confirms completion of the update and asks you to restart your AB 100 in order to use the new firmware Click on Restart 3 3 3 Remote Access This allows you to enable temporary remote access to your AB 100 using Network Address Translation NAT NOTE In order to configure remote access you first need to enable the firewall and create an external to internal firewall policy For more information see Security 1 Once you have configured Security from the System menu click on Remote Access to display the following Axxcelera AB 100 Sta ism Remote Access fede Fale From this page you may temporarily permit remote administration of this network V System device Event Log One click Update Remote Access Enable Remote Access Firmware Update DE Backup Restore Allow access and set idle timeout to 20 min
103. yer2SessionUser ImBridge ImBridgeInterfaces N ImChannels ImServices ethl ethl ImChannels N ImEtherChannel ImServices ethl ethl ImChannels item0 A port ethernet N ImService ImServices rfc1483 0 A creator WebAdmin A description SU1 N ImRfc1483 ImServices rfc1483 0 itemO A mode LlcBridged A enabled true A layer2SessionUser ImBridge ImBridgeInterfaces rfc1483 0 N ImChannels ImServices rfcl1483 0 item0 ImChannels N ImAtmChannel ImServices rfci483 0 itemO ImChannels itemO A txVci 200 Axxcelera Broadband AB 100 Manual Version 5 Page 68 of 111 A A A A rxVci 200 pcr 2000 class UBR port atm N ImServic A A creator WebAdmin description SU2 ImServices rfc1483 1 N ImRf c1483 ImServices rfc1483 1l itemO A A mode LlcBridged enabled true A layer2SessionUser ImBridge ImBridgeInterfaces rfc1483 1 N ImChannels ImServices rfc1483 1 item0 ImChannels N ImAtmChannel ImServices rfcl483 1 item0 ImChannels item0 A A A A A N ImServic txVci 300 rxVci 300 pcr 2000 class UBR port atm A A A A A A A A A A A A creator WebAdmin ImServices ipoa 0 description AP MGMT N ImIpoa ImServices ipoa 0 item0 svc false atmarp here lifetime 60 enabled true layer2SessionUser ImRouter ImIpInterfaces ipoa 0 N ImChannels ImServices ipoa 0 item0 ImChannels N ImAtmChannel ImServices ipoa 0 item0 ImChannels itemO txVci 101 rxVci 101 pcr 2000 class UBR
Download Pdf Manuals
Related Search
Related Contents
Philips 30268/55/48 lazy dog, jeux typotraitcoupebordperdu PCON 取扱説明書 Mélange à Boisson Frappée – Protéine Petit Lait – Vanille 取扱説明書 - ランズバーグ・インダストリー- https://telegra.ph/AC-Single-phase-Voltage-Drop-Calculator-fc83c110-11-16
- https://telegra.ph/Calculate-Wire-Resistor-from-Voltage-Drop-2b6d6b10-11-16
- https://telegra.ph/Calculate-Length-from-Voltage-Drop-482bb825-11-16
- https://telegra.ph/Calculate-Wire-Resistor-from-Voltage-Drop-811ea25d-11-16
- https://telegra.ph/1-4-8-Concrete-Mix-Calculator-4a9672ea-11-13
- https://telegra.ph/Footer-Concrete-Volume-Calculator-aa1df977-11-13
- https://telegra.ph/equal-angle-steel-weight-calculator-ee8a9566-11-07
- https://telegra.ph/pipe-weight-calculator-53fba9a5-11-07
- https://telegra.ph/AC-Three-phase-Voltage-Drop-Calculator-8996d196-11-17
- https://telegra.ph/DC-Voltage-Drop-Calculator-dbf6d129-11-18