TSR Router Menu-Driven User Interface User Manual 2.97
Contents
1. Number Keyword Protocol Reference 0 HOPOPT IPv6 Hop by Hop Option RFC1883 1 ICMP Internet Control Message RFC702 2 IGMP Internet Group Management RFC1112 3 GGP Gateway to Gateway RFC823 4 IP IP in PIP encapsulation RFC2003 5 ST Stream RFC1190 RFC1819 6 TCP Transmission Control RFC793 7 CBT CBT Ballardie 8 EGP Exterior Gateway Protocol RFC888 DLM1 9 IGP any private interior gateway IANA used by Cisco for their IGRP 10 BBN RCC MON BBN RCC Monitoring SGC 11 NVP II Network Voice Protocol RFC741 SC3 12 PUP PUP PUP XEROX 13 ARGUS ARGUS RWS4 14 EMCON EMCON BN7 15 XNET Cross Net Debugger IEN158 JFH2 16 CHAOS Chaos NC3 17 UDP User Datagram RFC768 JBP 18 MUX Multiplexing IEN90 JBP 19 DCN MEAS DCN Measurement Subsystems DLMI 20 HMP Host Monitoring RFC890 RH6 21 PRM Packet Radio Measurement ZSU 22 XNS IDP XEROX NS IDP ETHERNET XEROX 23 TRUNK 1 Trunk 1 BWB6 24 TRUNK 2 Trunk 2 BWB6 25 LEAF 1 Leaf 1 BWB6 26 LEAF 2 Leaf 2 BWB6 27 RDP Reliable Data Protocol RFC908 RH6 28 IRTP Internet Reliable Transaction RFC938 TXM 29 ISO TP4 ISO Transport Protocol Class 4 RFC905 RC77 30 NETBLT Bulk Data Transfer Protocol RFC969 DDC1 31 MFE NSP NFE Network Services Protocol MFENET BCH2 32 MERIT INP MERIT Internodal Protocol HWB 33 SEP Sequential Exchange Protocol JC120 34 3PC Third Party Connect Pr2. HEX Description 80C6 Pacer Software 80C7 Applitek Corporation 80C8 80CC Integraph Corporation 80CD Harris Corporation 80CE Harris Corporation 80CF 80D2 Taylor Inst 80D3 Rosemount Corporation 80D4 Rosemount Corporation 80D5 IBM SNA Services over Ethernet 80DD Varian Associates 80DE Integrated Solutions TRFS Transparent Remote File System 80DF Integrated Solutions 80E0 80E3 Allen Bradley 80E4 80F0 Datability 80F2 Retix 80F3 Kinetics AppleTalk ARP AARP 80F4 Kinetics 80F5 Kinetics 80F7 Apollo Computer 80FF 8103 Wellfleet Communications 8107 Symbolics Private 8108 Symbolics Private 8109 Symbolics Private 8130 Waterloo Microsystems 8131 VG Laboratory Systems 8137 Novell old NetWare IPX ECONFIG E Option 8138 Novell 8139 813D KTI 9000 Loopback Configuration Test Protocol 9001 Bridge Communications XNS Systems Management 9002 Bridge Communications TCP IP Systems Management 9003 Bridge Communications FF00 BBN BITAL LANBridge cache wakeup Terminal Server Router Release 2 97 B 9 Protocol Types Ethernet Protocol Types B 10 Terminal Server Router Release 2 97 APPENDIX Troubleshooting In this Appendix m Communication Related Issues m LAN Related Issues m Diagnostics and Performance Tools Verification Statistics System Reports Troubleshooting Communication Related Issues Communication Related Issues Excessive Tr
3. 00005 12 8 Basic Configuration LocalUnit Identification lees 7 4 OVERVIEW cile A Se ee ES E 7 2 RemoteUnit Profile 00 0 0 00 2 0 7 9 Routing Protocol Security 0 7 5 Setup Complete 0 00002 ce eee ee 7 13 SNMP Configuration 0 0 02 2000s 7 12 WAN Interface Connections 7 7 Basic Setup 0 0c cece cece eens 12 2 Bipolar 8 Zero Substitution Glossary 1 Bib erea E E mtsent Glossary 1 Dp pp MEM ekoa ma e ena hake hed os Glossary 1 Bridge Forward Delay 0 0 00000 ee 3 18 3 20 Hello Time 12e eer D epp EXE 3 18 Max ABC ouest o RET vxore reet 3 18 Priority 000 eee 3 18 4 40 5 43 5 45 C CHAP sie doe eter ae eed ie woes 3 9 Glossary 1 Clear Totals All inito oer uem sopa suni Gabe 9 3 LAN ovcesp ach REN bea dU EREA 9 3 WAN Lotes cobro Sted eee bea ie eg enters 9 3 GLD doeet etes neve Ete sree Glossary 1 Code Load eed eeu RUE PIQUE dos 2 9 Command Line 0 ee eee eee Glossary 1 Community Name s eese eee ee 3 12 Compression sseeeeee s 5 16 Ratio to from WAN eee eee eee ee 9 4 Config Load 1 0 tree eU E Eus 2 9 Config Password leleeeeeeeeeeesn 2 4 Config Upload Download sssuuss 2 9 config security level lees esses 2 3 Configuration 00 cc eee eee ees 12 1 Terminal Server 00 ce eee eee eee 6 2 connecting to t
4. 0 cece cence eee eens 4 18 Forwarded to WAN 0 0 0 0 c cece een ees 9 4 Terminal Server Router Release 2 97 Frame i422 IS ha EPIS RP Ea d Glossary 1 Relay ocossetqeeerbeurert4RRERGG e BA 3 7 12 4 Type iuuderxkewiesbbteeR e Ed PH S 10 8 802 2 s ta PER EX MA S d 4 4 4 6 802 3 aee lLI4g RR Rt RE WERTE RE E 4 4 4 6 Bth coss EXER dan eked oe es 4 4 Ethernet II eR REPRE ERR 4 6 SNAP ete iunt e oe P TUS 4 4 Frame Relay Internet Connection 0 0 00 cece eee 12 4 G Gateway e ciii iii ei ead SER ex 4 12 10 8 GRE T nnel 52 REDUCE RR REPRE RA ENS 5 6 H Help ctt eas aed PECORE MORET REY CE REA 1 4 HOPS oss ner EXAOEES 4 11 10 8 Glossary 1 l Installation 15 iere terere iea E eee 1 1 DP E EEPE EEEE E 7 10 Glossary 1 Adress 4 oe Sr e E eR 5 30 7 10 8 4 Firewall Local Profile Significant Bits 0 0 2 0 0 eee eee eee 4 27 Firewall significant bits 0 5 36 IPX pashan Sse Hare cat oe ea Me eue UT eee 7 10 ROUTEN sees erste LUE 4 12 10 8 Server Advertising lille 4 30 Name MEME CIR ES 4 31 NetWork eidem ee yx aee oves 4 31 Selected Items 0 0 c cece eee 4 31 Type Pr 4 31 L LAN MP 9 3 Collision Threshold 0 00 00 cece eee 4 7 Network Updates 0 0 c eee eee eee 4 5 Packet EOS 44 202 Lt ee etek tech ee oo E oe 9 3 Received dee Hone ad Ueatdave maw 9 3 Transmitted 2 0 0 ee eee 9 3 Packet Totals 0
5. 0 6 cnt e 2 7 Set up the Router for Uploads Downloads 000 cece eee ee 2 7 Upload Download Setup Menu Fields 0000 cece eee ee 2 9 Load Defaults i eeu edie lace cea tnd obstet dust hee n 2 10 Softwate Images cocer bet UTR ead deed cho Sie ee qns 2 11 OPHONS iic ad bie bat ee Be eh Sede dee 2 11 Table of Contents 3 Profile Directory Router Card Profile OVervieW x ene YR X Tiat e PERAE EAEE PEN KEPER Shed RE aw ee RUPEE 3 2 Configuration 2i Rer e ERGORREY E RRELATR X ERREUR baa 3 2 RIP Mode Receive 0 eect etn s 3 4 RIP Mode Send osse ree ek erhebt gai red ees CR ue 3 5 PAU os ete sete e por Eu Set e M ME 3 6 SECU MMC 3 8 SNMP uretieORISeG4 aA E ques patadas pGdeeddquuend aoe aera 3 11 DNSPEIOXY eos sews 2 Soa seat peer Eolo ee Sg ed re S RR e 3 15 Spanning Tree Protocol 0 0 0 0 ccc cece eee 3 17 Network Time Protocol i e sce deeendlvedeaee dudeeewes TUA se tags 3 19 SYSLOG S cent ERE eh dee aoe ee Ep UR ad ees chi ten 3 21 DNS Resolyet obe reed eee dot ee tae Pod iste aic e Ce 3 23 LAN Local Profile Overview 0 0 0 0 0 cc ccc cent eee ee 4 2 Set up a Local Profile 0 0 0 0 eee 4 3 LANIP re cnt orate nr EEE RI E A UCM IE LE 4 6 a a t uA AE M eran rae 4 6 Nono CT 4 6 Link Speed i uon oe dete p heb od st c t eee E orta id 4 7 Static NetwOIkKS i os be aee Reuse rl cet tese Voce ee Eo peres cuc eg 4 8 Setup Static Networks een eeu cae heeded R
6. Enabled to enable Network Processing The following items appear once enabled NTP Server Address The IP address or domain name of the NTP server IP Address IP address of the NTP server Setting the NTP server value to 0 0 0 0 will cause the router to listen to and process NTP broadcasts Domain Name gt Domain name of the NTP server Maximum of 43 characters Poll Interval The Poll Interval specifies the polling of the NTP server to a defined number of seconds The range in seconds is from 16 to1024 seconds with a default of 16 Time Zone Offset HOURS The hours Time Zone Offset is used to calculate gateway time from GMT Greenwich Mean Time Range is 12 to 12 Time Zone Offset MINUTES The minutes Time Zone Offset is used to calculate gateway time from GMT Greenwich Mean Time Range is 0 to 60 3 20 Terminal Server Router Release 2 97 Profile Directory Router Card Profile SysLog SysLog The SysLog client capability enables or disables sending alarm and event messages to an external Syslog server from the Router 1 Select SysLog Configure gt and select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 53 19_ gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send lt RIP1 gt Trunk Configure gt Security Configure gt SNMP Configure gt DNS Proxy Configure gt Spanning Tree Protocol Configure gt Network Time Protocol Configure gt SysLog gt DNS
7. Admin Password Users assigned to this level may view and change all screens as well as change all three password levels The default ADMIN password is admin This entry must be unique from the VIEW and CONFIG passwords The field value may be a 5 15 character alphanumeric value NOTE If the default login passwords are not changed the user will be prompted at each login to enter new passwords at the CONFIG and ADMIN levels Terminal Server Router Release 2 97 Management Window Enhanced Security Enhanced Security The Enhanced Security option provides another level of password security that restricts access to the Main Menu via Telnet or the Async port It can be used by a Network Administrator to only allow those with the Enhanced Security password to access the Router When enabled this option hides the system login prompt until the appropriate password is entered 1 Use the SPACEBAR to select Enabled and TAB to enter this selection 2 The Change Enhanced Security Password gt field will display Select ENTER to change password You will be requested to enter the password twice to confirm Forcel Networks OTSR Tue Jan 1 2002 1 09 42 gt System Time Login Setup for LocalUnit System Date and Time Jan 1 2002 1 09 05 Daylight Savings Time fldjustment Disabled fluto Logout Timer 30 Change Login VIEW Password gt Change Login CONFIG Password gt Change Login ADMIN Password gt
8. Simple Network Management Protocol SNMP is the most common method by which network managements applications can query a management agent using a supported MIB Management Information Base SNMP operates at the OSI application layer Spanning Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network For an Ethernet network to function properly only one active path can exist between two stations Simple Network Management Protocol SNMP is the most common method by which network managements applications can query a management agent using a supported MIB Management Information Base SNMP operates at the OSI application layer Telemetry Byte Oriented Serial TBOS is an alarm monitoring and control prototype for telephone network equipment Trunk Level 1 A digital transmission link with a total signaling speed of 1 544 Mbps T 1 is a standard for the digital transmission in North America Terminal Server Router Release 2 97 Glossary telnet An Internet standard protocol that enables a computer to function as a terminal working from a remote computer trunk A communication line between two switching systems Terminal Server Router Release 2 97 Glossary 3 Glossary Glossary 4 Terminal Server Router Release 2 97 Numerics 100T Full Duplex iiber ees 4 45 Half Duplex tre Rer tepis 4 45 10T Eull Duplex sofia See Eu EX aw Ee 4 45 Half Duplex 2i lt
9. lt Enabled gt o page forwar ure the communication information for this profile NOTE Each filter even if it is not enabled will count toward the maximum number of 500 filters 4 16 Terminal Server Router Release 2 97 Profile Directory Local Profile Filters 3 Select Setup Filters gt If Filters is not displayed scroll to the selection with the SPACEBAR select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 21 06 gt Profile Setup for LocalUnit LOCAL Frame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPX X IN X IX Neither gt Other KX IX X Local Profile LAN IP LAN IPX Window IP Address UN P m 1 802 2 Ext Network 00000000 Subnet Mask 255 Bp Eth II Ext Network 00000000 Default Router 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 ie Setup lt i gt Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 Press CTRL A to add filters See the following sections on defining custom protocol and address filters Forcel Networks OTSR Wed Jan 2 2002 1 24 24 LocalUnit has 0 Enabled Filters Forward Mode lt TR NEERC ES Define Filter Custom gt gt Filter Type Source Dest Filter Name Enabled Filter Window a i o page forwar o page ba Scrollable Select the port forwarding mode based upon the enabled filters Terminal Server R
10. 10 8 Display Use this field to select whether you wish to view the table for IP Networks lt IPX Networks or lt IPX Servers Use the SPACEBAR to scroll though the options the screen will update accordingly Learned From Will select what to learn from the Local LAN or from any of the Remote sites listed in the Profile Directory Use the SPACEBAR to scroll though the options the screen will update accordingly Auto Update Use this field to have this screen automatically update with events while you are viewing the screen On will update the screen every 5 seconds Network This field displays the network IP address of each network known to the Router If this route was added using one of the Static Network screens Static will appear before the address of this entry If this route was learned by the local unit Direct will appear before the address Type This field displays the Hex value assigned to each known server This field applies only to IPX Servers Name This field displays the first 11 characters of the name of each known server This field applies only to IPX Servers Metric This field displays the numeric value of hops indicating the distance from your Local LAN network to the destination network This field applies only to IP Networks Next Gateway This field displays the MAC Address of the first gateway router that the data will use to reach the destination network This field is only used
11. lt Enabled gt o page forward Oo pag Hit ENTER to configure the communication information for the remote profile 5 4 Profile Directory Remote Profile Spanning Tree 3 Select Setup lt Spanning Tree gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 23 58 15 gt Profile Setup for RemoteUnit WAN Network Protocol ode Updates IP Bridge IPM CER Other lt Blocked gt GRE Tunnel WAN IP Default Router 0 0 0 0 FW Allow Frags lt Disabled gt Setup lt Q Min a gt gt Setup lt Trunk Port gt Scrollable Select the item to be set up and hit ENTER 4 To enable Spanning Tree scroll lt Disabled gt to lt Enabled gt with the SPACEBAR select ENTER Forcel Networks OTSR Wed Jan 2 2002 23 59 05 gt Spanning Tree Port Setup for remote RemoteUnit Spanning Tree MEE Scrollable Use the spacebar to change the selection 5 42 Terminal Server Router Release 2 97 Profile Directory Remote Profile Spanning Tree 5 Enter the appropriate data in the following fields Forcel Networks QTSR Wed Jan 2 2002 23 59 50 gt Spanning Tree Port Setup for remote RemoteUnit Spanning Tree IEmIMESN Port Priority 128 Port Cost 651 Scrollable Use the spacebar to change the selection Port Priority The Port Priority value can range from 0 to 255 with a default of 128 Port Cost The Port Priority value can range from 0 to 65535 with a def
12. Terminal Server Router Release 2 97 5 11 Profile Directory Remote Profile Transmission Options Setup lt gt bottom of the Remote main window Remote Profile Window Forcel Networks OTSR Wed Jan 2 2002 2 59 21 gt Profile Setup for REMATE WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt Disabled gt IPM Blocked gt Other lt Blocked gt NAT Gateway lt Disabled gt WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt Setup lt Security Options gt gt Setup lt Trunk Port Editable Please enter a value The Setup field has the following options Use the SPACEBAR to scroll through the selections 5 12 lt Security Options gt Use this option to access the Remote WAN Security Options Setup window The fields on this window may be used to configure the remote security parameters and options such as compression See Security Options on page 5 14 for more information lt Static VPN Networks gt Use this option to access the Static VPN Networks window These windows can be used to configure static network routes for the remote device See Static VPN Networks on page 5 17 for more information Static NAT Addresses gt Use this option to access the Static NAT Addresses window which allows the operator to configure static bi directional NAT mappings between local server addresses and public addresses See Static NAT Addresses on
13. Any such transfer voids the above warranty and related licenses Force10 Networks offers expanded product care beyond what is covered by the warranty through different support plans The plans are designed to maximize network availability through advance replacement for defective equipment Please contact your Forcel0 Networks representative for support program details Warranty Procedure BUYER must promptly notify Force10 Networks of any defect in the Product or Software and comply with ForcelO Networks return repair policy and procedures Force10 Networks or its agent will have the right to inspect the Product or workmanship on BUYER s premises With respect to a warranty defect in Product hardware reported to Force10 Networks by BUYER during the warranty period Force10 Networks as its sole obligation and BUYER s exclusive remedy for any breach of warranty will use commercially reasonable efforts at its option to a repair replace or service at its factory or on the BUYER s premises the Product or component therein or workmanship found to be defective so that the Product hardware operates substantially in accordance with Force10 Networks Documentation or b credit BUYER for the Product in accordance with Force10 Networks depreciation policy With respect to a warranty defect in the Licensed Software reported to Force10 Networks by BUYER during the 90 day software warranty period ForcelO0 Networks at its own expense and as its sole ob
14. Basic Config Verification lt Ping Utility gt Statistics lt Run time gt System Reports lt Events gt Exit lt Logout gt Scrollable Use the spacebar to change the selection and hit ENTER 7 2 Terminal Server Router Release 2 97 Basic Configuration Start Basic Configuration 2 Select Yes to enter the setup program and select ENTER Forcel Networks OTSR Wed Jan 2 2002 5 22 37 gt Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 7 3 Basic Configuration Local Unit Identification Local Unit Identification Note When this window is opened the items below in the box are not displayed As you fill in information or accept the current default information by hitting ENTER the next line will display This is the same process that you will find on all of the windows in the Guide Forcel Networks OTSR Wed Jan 2 2002 5 24 36 For help call Forcel Networks Technical Support Page 1 of 7 Welcome to the QTSR Basic Configuration Please enter a name which will uniquely identify this QTSR in your network It is suggested that the name of your location be used QTSR Name LocalUnit Please enter the IP fiddress of this QTSR Please enter the Subnet Mask of this QTSR Please enter the Default Router of this QTSR go to ie ESC to exit Basic Configuration ditable Enter a non zero IP fiddress Subnet Mask in Dotted Decimal Notation
15. Forcel Networks OTSR Med Jan 2 2002 5 39 50 gt LRN Port Verification for LocalUnit DestHost MEN Access Port Local LAN 25 Src IP Address 10 0 0 1 Payload Size 64 START PING Single Ping Enter Dotted Decimal IP or Domain Name LAN Port Verification Fields DstHost Destination Host Enter an IP Address or domain name to use for this query IP Address must be in the form of xxx xxx xxx xxx where xxx 1s between 0 255 Access Port This is the local or remote profile of the network used during the test The operator can scroll with the SPACEBAR through the selections of the Access Port Local LAN to select the Local LAN or any of the defined Remote Unit s All defined Remote Profiles will be in this selection Src IP Address Source IP Address This is one of the multiple IP addresses assigned to the Ethernet LAN port and will override the IP address that will be used as the source IP address Default is to use the IP address of the interface from which the ping is sent Payload Size This optional parameter sets the number of bytes to send in the ICMP echo request payload Range is 0 to 65500 default is 64 Terminal Server Router Release 2 97 6 3 Verification Window Ping Utility START PING lt gt Single Ping gt Test for device failure The single ping test will send one ping and display the results of the test lt Continuous Ping gt Test for intermittent communicati
16. Forcel Networks OTSR Wed Jan 2 2002 60 09 26 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration Profile Directory gt gt Verification lt Ping Utility gt gt Statistics lt Run time System Reports lt Events Exit Siri gt Scrollable Use the spacebar to change the selection and hit ENTER 3 Press ENTER The following message is displayed Forcel Networks OTSR Fri Jan 11 2002 3 05 58 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration Profile Directory gt gt Verification Ping Utility Statistics lt Run time System Reports lt Events lt Reinitialize Scrollable Select Yes to reinitialize the unit Terminal Server Router Release 2 97 11 3 Exit Window Reinitialize 4 Press SPACEBAR to scroll NO to YES and press ENTER Forcel Networks OTSR Wed Jan 2 2002 6 12 17_ gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt Configuration lt Profile Directory gt Verification lt Ping Utility gt Statistics lt Run time System Reports lt Events lt Reinitialize I Do you wish to Reinitialize the unit Jm Scrollable Select Yes to reinitialize the unit 5 System will close the session and reboot Session released on Wed Jan
17. NENN X 00 00 00 00 00 00 CTRL A to add CTRL E to erase CIRL F to page forward CTRL B to page back Editable Enter a name for the filter Terminal Server Router Release 2 97 5 29 Profile Directory Remote Profile Static Addresses Forcel Networks OTSR Wed Jan 2 2002 3 41 14 RemoteUnit has 1 Static IP fiddress Record Setup Static IP Address gt Static Device Name IP Address Addresses Window NEN 0 0 0 0 IP Address 5 30 Static Addresses Fields Setup Static lt IP Address gt To setup a static IP address lt MAC Address gt To setup a static MAC address Device Name A user defined name of the LAN device that is associated with this static address Up to 7 characters is allowed for this field MAC Address Enter the MAC Address of the desired device If the static address is configured through the Local LAN Profile Setup screen the device can be reached via the local LAN If the static address is configured on a specific Remote WAN Profile screen the device can be reached via that specific remote This field is only available if the Setup Static field is set to MAC Address gt IP Address Enter the IP Address of the desired device If the static address is configured through the Local Profile Setup screen the device can be reached via the local LAN If the static address is configured on a specific Remote WAN Profile screen the device can be reached via that specific
18. On the Main Menu press TAB until the Alarms is highlighted on the System Reports option Use the SPACEBAR to scroll to Alarms if it not displayed Forcel Networks OTSR Wed Jan 2 2002 25 59 26 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management System Time Login gt gt Configuration lt Profile Directory gt gt Verification lt Ping Utility gt gt Statistics lt Run time gt gt System Reports i gt gt Exit lt Logout gt gt Scrollable Use the spacebar to change the selection and hit ENTER Terminal Server Router Release 2 97 System Reports Window Alarms 2 Press ENTER The Alarm Log will display Forcel Networks QTSR Wed Jan 2 2002 6 00 31 gt fllarm Log for LocalUnit Auto Update mi Count 1 Time Message Jan 1 0 22 21 0 Ethernet Link 3 1 Down Press ESC to continue Auto Update Use this field to have this screen automatically update with events while you are viewing the screen On will update the screen every 5 seconds lt Off gt will disable this feature Time Displays the date and time that the alarm occurred Alarms are displayed in descending order with the most recent alarm first Message Displays the actual alarm that triggered the alarm on the Router Count Unlike the Event screen the value in the count column will not increment each time that the alarm occurs Note that the time stamp reflects the t
19. QTSR Name LocalUnit Enter a unique name for this unit Name can be up to 11 characters IP Address of this QTSR Enter the IP Address of the Router Subnet Mask of this QTSR Enter the Subnet Mask of the Router IP Address Default Router of this QTSR Enter the default Router IP Address for the QTSR 7 4 Terminal Server Router Release 2 97 Basic Configuration Routing Protocol Security Routing Protocol Security Forcel Networks OTSR Wed Jan 2 2002 5 25 38 or help call Force10 Networks Technical Support Page 2 of 7 Select direction s for LAN Network Updates Neither gt Select RIP mode to be received from remotes lt RIP1 gt Select RIP mode to send to remotes lt RIP1 gt Select the protocol remotes will use to authenticate local LocalUnit lt NONE gt Select the authentication User ID lt Local Profile Name gt Current User ID LocalUnit Select the protocol LocalUnit will use to authenticate all remotes NONEM to go to next field ESC to exit Basic Configuration crollable Select method this system will use to authenticate remote units Select direction s for LAN Network Updates lt Both Set LAN Network updates in both directions Neither Disable LAN Network updates Default Send Set LAN Network updates in the send direction Receive Set LAN Network updates in the receive direction Select RIP mode to be received from remotes lt RIP1 gt Set to RIP version 1
20. add 132 1 wani static nat address 168 21 15 216 174 44 233 Add static NAT bi directional mapping to wan1 add 192 1 wanl static nat address 168 21 16 216 174 44 234 Add static NAT bi directional mapping to wanl add 192 1 wanl static nat address 168 21 17 216 174 44 235 Add static NAT bi directional mapping to wanl set 1 1 1 encapsulation fr Set the encapsulation on trunk 1 to Frame Relay set 1 lmi annexd Disable LMI Annex D set 1 wanl trunk 1 Set the WAN interface wanl to be mapped to trunk 1 set 1 wanl dlci 101 Set the DLCI number reset 1 Reboot the router to enable all configurations set Terminal Server Router Release 2 97 Router Configuration Router in Slot 1 216 174 44 232 1s the static NAT address assigned to the router 216 174 44 233 1s the static NAT address assigned to the controller 216 174 44 234 is the static NAT address for a server 216 174 44 235 1s the static NAT address for a host n the private network that can be reached from the outside world There can be up to 16 static NAT addresses therefore the actual range can be 216 174 44 232 to 216 174 44 247 Only 4 were used in this example Terminal Server Router Release 2 97 12 7 Router Configuration Back to Back with PPP Back to Back with PPP The following configuration will set up two Routers back to back with PPP Boulder wan
21. and ENTER 2 Select LAN Setup gt and ENTER Forcel Networks OTSR Wed Jan 2 2002 1 06 56 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State ole outer VEN NONE NONE omm gt ocalUnit lt gt Directory 1 RemoteUnit WAN NONE NONE Setup gt Enabled gt Window age forwar Hit ENTER to configure the communication information for this profile Terminal Server Router Release 2 97 4 9 Profile Directory Local Profile Set up Static Networks 3 Select Setup Static Networks gt if Static Networks is not displayed scroll to selection with the SPACEBAR select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 09 48_ gt Profile Setup for LocalUnit LOCAL Frame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPX X 4 X IX Neither gt Other X X X e LAN IP LAN IPX One IP Address 10 0 0 1 802 2 Ext Network 00000000 Window Subnet Mask 255 0 0 0 Eth II Ext Network 00000000 Default Router 0 0 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 fie Setup EISPBIDIUCPRS CENE Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 Select lt IP Networks gt or lt Static IPX Networks gt Forcel Networks QTSR Wed Jan 2 2002 1 10 44_ gt LocalUnit has 0 Static IP Networks Setup Static MAS Network Subnet Mask
22. ccc cece ee eee nee 9 3 LEAN IP 12 2 tices tote Ret tle iad t Rs 4 6 Default Router 2 0 0 0 0c ccc eee 4 6 IP Address 2 0c cece ccc eens 4 6 Subnet Mask 0 0 0 0 cc cece eee ees 4 6 LAN IPX eerecke ieee RR RE been noe 4 6 802 2 Ext Network 0 0 0 cece eens 4 6 802 3 Ext Network 20 20 0000 cece ee eens 4 6 Ethernet II Ext Network 0 00000 4 6 Terminal Server Router Release 2 97 Index LAN Port Tests Continuous Ping Status Response Count 0 0 e eee ee eee eee 8 4 Timeout Count verser evrbte r beri 8 4 Operation Smple Pig uliseseckzmew cce Ra RSS 8 4 Single Ping Status llle lues 8 4 IP Address vob REGE EEG 8 4 MAC Address 00 cece eee eee 8 4 Result ban useteustedewseeuern cade eka 8 4 Leat ada dieters ne RR Ree Pe e Bastard ae 5 40 Lease Duration 122i 80nd eae EE IE 4 34 Level iios rreri o tian tena REG Ga eae Boek Ge 3 22 Link Speed i i eoccis ae ERR REA 4 7 4 44 100T Full Duplex rer ve Le enir EEG 4 45 Half Duplex sssssseseses eee 4 45 10T Full Duplex 0 0 0 0 0c cece ee eee 4 45 Half Duplex 22 2 cusses asws rop ket op he ak 4 45 AutoNegotiate 22 0 0 cece eee 4 45 LM isos satonetecseeeeninedsame esses Glossary 1 Local Device s iiu RUE EXPEEVU ERR 4 26 IP Address i csset erm 5 25 Security Server ides new ey Pub ER cas AA 3 9 Local Device s 0 cece cece eee 5 35 Local IP Address Netwo
23. for more information Terminal Server Router Release 2 97 5 13 Profile Directory Remote Profile Security Options Security Options The purpose of this window is to define security information and miscellaneous options pertaining to this Router The security portion of this window allows the setup of password or secret depending on the chosen security protocol that this remote device will use during the authentication process Also the setup of authentication on the LAN of the Local Unit or a specified security server Authentication is a security process whereby the transmitting and receiving devices determine which security protocol to use during data transmission as well as establish confirmation identity This authentication process must match between the receiving and transmitting devices prior to actual data transmission if the process fails the link is terminated The protocol used by the remote unit to authenticate the local unit and vice versa is defined in the LAN Profile 1 On the Main Menu press TAB until Configuration Profile Directory gt is highlighted and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Prof
24. gt Spanning Tree Global Setup for local LocalUnit Spanning Tree IEEIMESN Bridge Hello Time 2 seconds Bridge Max flge 20 seconds Bridge Forward Delay 15 seconds Bridge Priority 32768 Scrollable Use the spacebar to change the selection Spanning Tree Global Setup Menu Fields Bridge Hello Time The Bridge Hello Time specifies the time interval between transmissions of Topology Change Notification BPDUs towards the Root when the Bridge is attempting to notify the Designated Bridge on the LAN to which its Root Port is attached of a topology change The value can range from 1 to 10 seconds with a default of 2 seconds Bridge Max Age The Bridge Max Age value specifies the maximum age of received protocol information before it is discarded The value can range from 6 to 40 seconds with a default of 20 seconds Bridge Forward Delay The Bridge Forward Delay is the time spent by a Port in the Listening or Learning States before transitioning to the Learning or Forwarding State respectively The value can range from 4 to 30 seconds with a default of 15 seconds Bridge Priority The Bridge Priority is the priority part of the bridge identifier The value can range from 0 to 65535 with a default of 32768 Terminal Server Router Release 2 97 Profile Directory Router Card Profile Network Time Protocol Network Time Protocol The Network Time Protocol is a protocol which sets the network to a common time system
25. lt RIP1 gt Trunk Configure gt Security Configure gt SNMP Configure gt DNS Proxy Configure gt Spanning Tree Protocol Configure gt Network Time Protocol Configure gt SysLog Configure gt DNS Resolver Configure gt Scrollable Use the spacebar to change the selection 3 4 Terminal Server Router Release 2 97 Profile Directory Router Card Profile RIP Mode Send RIP Mode Send This field sets the RIP send mode to RIP version 1 RIP version 2 or to both Selection is lt RIP1 gt lt RIP2 gt or lt RIP1 RIP2 gt Forcel Networks OTSR Tue Jan 1 2002 1 57 58 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send quil Trunk Configure gt Configure gt Configure DNS Proxy Configure Spanning Tree Protocol Configure Network Time Protocol Configure SysLog Configure DNS Resolver Configure Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 3 5 Profile Directory Router Card Profile Trunk Trunk This window is used to configure the Trunk setup for the Router Although the Router is designed to connect remote sites over dedicated connections the unit supports a number of different encapsulation protocols simultaneously including Frame Relay and PPP The Router provides the flexibility to allow the user to define which slots will be used for the selected WAN protocol 1 Select Trunk Configure gt and sele
26. to Firewall Filters Press ENTER Forcel Networks OTSR Profile Setup for LocalUnit LOCAL LAN Network Wed Jan 2 2002 1 36 38 gt Frame Types Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPX X 4 K X lt Neither gt Local Other 4 X X Profile Window LAN IP LAN IPX IP Address 10 0 0 1 802 2 Ext Network 00000000 Subnet Mask 255 0 0 0 Eth II Ext Network 00000000 Default Router 0 0 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 Setup lt n gt Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 Select CTRL A to add an IP Firewall Rule Forcel Networks OTSR LocalUnit has 0 IP Firewall Rules Service s LAN Device s Firewall Filters Window Wed Jan 2 2002 1 37 09 gt WAN Device s Log CTRL A to add CTRL to erase CTRL F to page forward CTRL B to page back There are no items configured 4 24 Terminal Server Router Release 2 97 Profile Directory Local Profile Firewall Filters Local Profile 5 Enter the parameters of the rule select ESC to close the window and save the configuration See Firewall Filters Fields on page 4 25 for a description of all fields for the Firewall Setup window Forcel Networks OTSR Wed Jan 2 2002 1 37 50 IP Firewall Setup for remote Rule Number 1 Action Pass Service lt SMIP gt Service
27. 0 0 0 DNS Secondary Server IP Address 0 0 0 0 DNS Resolver Cache Contents lt Flush gt Static Host List View or Modify gt G a DNS Resolver Setup Menu Fields DNS Resolver Disable enable use of DNS resolver to convert domain names to IP addresses My Domain Name lt Enable gt lt Disable gt Set the default domain that the DNS resolver will add to any name queries that are not fully qualified Identifier of up to 43 characters My Node Name Set the card s host name Identifier of up to 15 characters DNS Primary Server IP Address Configure IP address of DNS server 1 DNS Secondary Server IP Address Configure IP address of DNS server 2 DNS Resolver Cache Contents lt Flush gt will clear the cache contents lt Display gt will display the cache contents 3 24 Terminal Server Router Release 2 97 Static Host List View or Modify gt Profile Directory Router Card Profile DNS Resolver Select this field and press ENTER The system will confirm that you want to save this configuration Scroll the No to Yes to save Forcel Networks OTSR Fri Nov 14 2008 2 27 20 gt DNS Resolver Setup for local LocalUnit DNS Resolver My Domain Name My Node name DNS Primary Server IP Address DNS Secondary Server IP Address DNS Resolver Cache Contents Static Host List lt Enabled gt TestDomainName TestNodeName 192 100 1 1 100 100 2 2 lt Flush gt View or M
28. 1 Disconnect all connections to the T1 on the Controller slot a disconnect 1 Disconnect all connections to the router in slot 1 set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 connect a 2 all 1 1 2 Connect all of T1 2 to the Router that is in slot 1 rename 1 LocalUnit Boulder Rename the LocalUnit default to Boulder LAN Set 1 1 1 2 multilink group 1 Assign 1 1 1 2 to multilink group 1 rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wan set 1 1 ip address 1 1 1 1 255 255 255 0 Set the Ethernet IP address in the conventional IP address format Router LAN add 1 wanl static ip network 2 2 2 0 255 255 255 0 1 Adds a static IP network route to the WAN interface set 1 wanl trunk multilink group 1 Set the WAN interface named wan1 to be mapped to trunk multilink group 1 reset 1 Reboot the router to enable all configurations set Terminal Server Router Release 2 97 Denver Router in Slot 1 Command Router Configuration Denver Router in Slot 1 Description set 1 default Set Router to default settings disconnect a 1 Disconnect all connections to the T1 on the Controller slot a disconnect 1 Disconnect all connections to the router in slot 1 set clockl a 1 Set primary master transmi
29. 2 2002 6 08 08 Terminating Force1 Networks QTSR connection Connection closed by foreign host gt 11 4 Terminal Server Router Release 2 97 CHAPTER Router Configuration In this Chapter m Basic Setup m PPP Internet Connection and Public IP Address Routing m Frame Relay Internet Connection and Public IP Address Routing m Internet Connection using PPP NAT PAT and Firewall Filters m Internet Connection using NAT and Static NAT Addresses m Back to Back with PPP m Back to Back with Multi Link PPP m Back to Back with Frame Relay Router Configuration Basic Setup Basic Setup 12 2 Command Description set ds0 addr type data Confirm DSO is set to type data ds0 addr slot port channel of DSO Example set a 1 1 24 type data connect slot port trunk slot port channel Cross connect T1 to router card Example connect a 1 1 24 6 1 1 router in slot 6 set router addr proxy Disable enable router proxy router addr slot port of router card Example set 6 1 disable set slot port up Set Router LAN as In Service Example set 6 1 up telnet router _card addr Telnet to Router card router_card addr slot location of router card Example telnet 6 if earlier than 3 0 release slot port must be used Local and Remote Profile Setup reset For most router configuration changes to go into effect the router must be reset Best practic
30. 2 Throughput to from WAN ss esses 9 4 0 Ce lt a 4 12 10 8 Time Lopin Setup g cvevus teas eres DAS ER EY 2 3 Setup o e Pack bea Ses E ERA ER ES 2 2 Timeout Count 2 e peers ss ipt REEE ATEEN 8 4 Trace Route ssi iai in e e e Get ache EE 8 5 Trap Destinations eslesee eee eee 3 13 Triggered Events 2 0 0 0 auae A 4 Troubleshooting 0 2 cee speserei C 1 Communication Related Issues C 2 LAN Related Issues 0 0000 eee C 2 Trunk e 2c eek RR REED 3 6 Glossary 3 Trunk Ports 02 005 oaea see eEER EPI epp 5 44 WAN Connection 0 000 cee eee 3 7 WAN Connection Type 000005 3 7 a m 5 40 Typical Data 5i secertcue t a pasi reais 5 16 Terminal Server Router Release 2 97 Index U Unable to Access a Remote Unit via Telnet C 4 Access the Local Router unit via Telnet C 4 Add Data Filters C 2 Advertise Networks llle C 2 Create Static Route Entries 00 C 2 Upload Download 0 000 eee eee 2 7 User Events 0 0 0 c ccc eens A 1 A 2 ATTI essegi ee prr ever pails 3 HERES A 5 User ID ra dainai a a ORO 3 9 5 16 V Verification Ping Utility occ ore ieee ea Re eem 8 2 Port Monitor 5 222 er Tee eens HeLa OSES A 8 7 Trace Route 0 0 0 cece ees 8 5 Verification Window 00 c cece eee ene 8 1 View PassWord ebore RES REESE TAI 2 4 security level 00 0 cece cece eee
31. 22 Terminal Server Router Release 2 97 Profile Directory Router Card Profile DNS Resolver DNS Resolver The DNS Resolver enables the use of the Domain Name Service DNS resolver to convert domain names to IP addresses 1 Select DNS Resolver Configure gt and select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 56 48 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send lt RIP1 gt Trunk Configure gt Security Configure SNMP Configure DNS Proxy Configure Spanning Tree Protocol Configure Network Time Protocol Configure SysLog Configure DNS Resolver vwmiETE Configure DNS Resolver 2 To enable DNS Resolver scroll lt Disabled gt to Enable with the SPACEBAR select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 58 19 gt DNS Resolver Setup for local LocalUnit DNS Resolver o QUERER My Domain Name o d My Node name f DNS Primary Server IP fiddress 0 0 0 0 DNS Secondary Server IP Address 0 0 0 0 DNS Resolver Cache Contents lt Flush gt Static Host List View or Modify gt SSS emmy SSS Terminal Server Router Release 2 97 3 23 Profile Directory Router Card Profile DNS Resolver 3 Enter the appropriate data in the following fields Forcel Networks OTSR Tue Jan 1 2002 4 59 20 gt DNS Resolver Setup for local LocalUnit DNS Resolver lt HR gt My Domain Name a q My Node name gt DNS Primary Server IP Address 0
32. CFTP CFTP CFTP HCF2 63 any local network IANA 64 SAT EXPAK SATNET and Backroom EXPAK SHB 65 KRYPOTOLAN Kryptolan PXL1 66 RVD MIT Remote Virtual Disk Protocol MBG 67 IPPC Internet Pluribus Packet Core SHB 68 any distributed file system IANA 69 SAT MON SATNET Monitoring SHB 70 VISA VISA Protocol GXT1 71 IPCV Internet Packet Core Utility SHB 72 CPNX Computer Protocol Network Executive DXM2 73 CPHB Computer Protocol Heart Beat DXM2 74 WSN Wang Span Network VXD 75 PVP Packet Video Protocol SC3 76 BR SAT MON Backroom SATNET Monitoring SHB 77 SUN ND SUN ND PROTOCOL Temporary WM3 78 WB MON WIDEBAND Monitoring SHB Terminal Server Router Release 2 97 B 3 Protocol Types Protocol Number in Firewall Filters B 4 Number Keyword Protocol Reference 79 WB EXPAK WIDEBAND EXPAK SHB 80 ISO IP ISO Internet Protocol MTR 81 VMTP VMTP DRC3 82 SECURE VMTP SECURE VMTP DRC3 83 VINES VINES BXH 84 TTP TTP JXS 85 NSFNET IGP NSFNET IGP HWB 86 DGP Dissimilar Gateway Protocol DGP ML109 87 TCF TCF GAL5 88 EIGRP EIGRP CISCO GXS 89 OSPFIGP OSPFIGP RFC1583 JTM4 90 Sprite RPC Sprite RPC Protocol SPRITE BXW 91 LARP Locus Address Resolution Protocol BXH 92 MTP Multicast Transport Protocol SXA 93 AX 25 AZ 25 Frames BK29 94 IPIP IP within IP Encaps
33. Connection Type Displays the WAN connection type PPP Frame Relay 1490 or PPP in Frame Relay DLCI Enter the Data Link Connection Identifier Range is between 16 1022 Note This field is not available with a WAN that has PPP set as its connection type Terminal Server Router Release 2 97 7 11 Basic Configuration SNMP Configuration SNMP Configuration A screen will ask you if you would like to Add a Remote Unit Profile Select NO and ENTER The guide will move onto the SNMP setup page lt Forcel Networks OTSR Wed Jan 2 2002 5 35 59_ gt ENTER to go to next field ESC to exit Basic Configuration Editable Please enter a value For help call Forcel Networks Technical Support Page 6 of 7 Specify the community name address and access privileges of devices needing to communicate with the local unit through SNMP SNMP Communities Name fiddress Access public 0 0 0 0 read gt 0 0 0 0 read gt Specify the community name address and location of devices to which the Unit will report alarm information SNMP Trap Destinations Name fiddress Location public 0 0 0 0 Local LAN gt ENEEENEND 0 0 0 0 Local LAN gt SNMP Communities Name Enter a 10 character name Address Enter an IP address first line Subnet Mask for second line Access Selection is read write both SNMP Trap Destinations Name Enter a 10 character name Address Enter an
34. Counter Range is between 1 255 Default 6 LMI Local Management Interface Poll Interval Range is between 5 30 Default 10 Poll Counter Range is between 1 255 Default 6 Terminal Server Router Release 2 97 3 7 Profile Directory Router Card Profile Security Security 1 Select Security Configure gt and select ENTER Forcel Networks OTSR Tue Jan 1 2002 2 03 06 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Hode Send RPL gt run onfigure gt Security PETE gt SNMP Configure DNS Proxy Configure Spanning Tree Protocol Configure Network Time Protocol Configure SysLog Configure DNS Resolver Configure Configure Security Menu The fields on this screen may be used to define the authentication process for the local unit This window will change with the selection of field options Forcel Networks OTSR Tue Jan 1 2002 2 04 48_ gt Security Setup for local LocalUnit Security Authentication by remote Protocol Ms Setup User ID Local Profile Name gt LocalUnit Window Authentication of remote Protocol NONE Local Security Server Type Address Password lt None gt Scrollable Select method remote units use to authenticate this system 3 8 Terminal Server Router Release 2 97 Profile Directory Router Card Profile Security Security Setup Menu Fields Authentication by Remote Protocol CHAP PAP or NONE Use this first fi
35. Default lt RIP2 gt Set to RIP version 2 lt RIP1 RIP2 gt Set to Rip Version 1 or 2 Select RIP mode to send to remotes lt RIP1 gt Set to RIP version 1 Default lt RIP2 gt Set to RIP version 2 lt RIP1 RIP2 gt Set to Rip Version 1 or 2 Select the protocol remotes will use to authenticate local LocalUnit CHAP Set authentication to CHAP Challenge Handshake Authentication Protocol lt PAP gt Set authentication to PAP Password Authentication Protocol lt NONE gt Disable authentication Default Terminal Server Router Release 2 97 7 5 Basic Configuration Routing Protocol Security Change the CHAP Secret LocalUnit will send Note this field displays only with a selection on CHAP Selection is YES NO Below the current Secret Password is listed If YES is selected the operator will be requested to enter in a new password and retype this password to confirm Change the PAP Secret LocalUnit will send Note this field displays only with a selection on PAP Selection is YES NO Below the current Secret Password is listed If YES is selected the operator will be requested to enter in a new password and retype this password to confirm Select the authentication User ID Local Profile Name Displays the current Local Unit name Default Local Custom Name With this selection you will be prompted to enter a Custom name This name can be up to 32 char
36. Destination gt Filters by Destination only lt Both gt Filter by Source and Destination Filter Name This field displays the name the filter has been given Terminal Server Router Release 2 97 Profile Directory Local Profile Defining Custom Filters Defining Custom Filters lt Forcel Networks OTSR Wed Jan 2 2002 1 25 40_ gt LocalUnit has 0 Enabled Filters Forward Mode lt ALL Frames NOT Matching Filters Define Filter lt MATIM gt Filter Type Source Dest Filter Name Forcel Networks QTSR Wed Jan 2 2002 1 26 58 gt LocalUnit has 1 Custom Filter Custom Name Packet Offset 32 Bit Mask 32 Bit Match 0 00000000 00000000 Custom Filter Window CTRL A to add CTRL E to erase Editable Enter a name for the filter This screen defines filters that search for a matching string of characters within a packet The defined character string can consist of up to 32 bits The user must specify Custom Name Filter name can be up to 7 characters Packet Offset designates where in the packet to begin looking for a matching character string Range is 0 to 60 bytes 32 Bit Mask indicates which bits are to be searched for a possible match Within the mask a 1 turns a bit ON 0 is OFF Only bits that are on set to 1 will be searched for 32 Bit Match specifies the character string that the system is searching for When a match is located the packet adheres to the Forward Mode
37. Enhanced Security lt M NEGA Change Enhanced Security Password gt Scrollable Use the spacebar to change the selection When Telneting into the Router with Enhanced Security enabled the following will appear gt telnet 3 Connected Escape character is 1 Type the Enhanced Security Password here Note There will be no effect to the screen here until the correct password is typed in When the correct password is typed no return or other keystroke is needed the following will appear Password gt WARNING IF ENHANCED SECURITY IS ENABLED AND THE ADMINISTRATOR DOES NOT NOTE THE PASSWORD THERE IS NO WAY TO ACCESS THE ROUTER UNTIL YOU HAVE RESET THE ROUTER BACK TO ITS DEFAULT SETTINGS LOSING ALL CONFIGURATION SETTINGS SEE set rtr card addr default Terminal Server Router Release 2 97 2 5 Management Window Enhanced Security 2 Atthis point the Router is requesting your Level 1 2 or 3 User Password Enter your password and select ENTER and continue as you would Telnet into the Router normally Password x Select a terminal type space or backspace to toggle CR to accept Terminal generic 2 6 Terminal Server Router Release 2 97 Management Window Upload Download Upload Download WARNING BEFORE LOADING A DOWN LEVEL OF ROUTER CODE SAVE THE CONFIGURATION TO A FILE CONFIGURATION MAY BE RESET TO THE DEFAULT SETTING AND CURRENT CONFIGURATION LOST This window allows th
38. Errors 6 Remote s Forwarded Throughput Comp Ratio Remote Name to WAN to from WAN to from WAN conns RemoteUnit pps 0 0 bps 0 CTRL F to page forward CTRL B to page backward Scrollable Use the spacebar to change the selection 9 2 Terminal Server Router Release 2 97 Statistics Window Run Time Auto Update Use this field to select whether you wish to have this screen automatically updated with new transmission statistics while you are viewing the screen On will update the screen every 2 seconds lt Off gt will disable this feature Clear lt gt Totals Use this field to reset clear the total packets displayed in the following fields lt All gt Will clear both the LAN and WAN Packet Totals lt LAN gt Will clear only the LAN Packet Totals lt WAN gt Will clear only the WAN Packet Totals LAN Packet Totals Use this field to review the number of LAN packets that the local unit has Received Transmitted and contained Errors If Auto Update is set to lt No gt the LAN packet totals will not increment while the screen is displayed Received This field will increment as packets are received from the LAN For this total to update Auto Update must be lt On gt Transmitted This field will increment as packets are transmitted by the Router to the LAN These include packets received from the WAN as well as internally generated packets For this total to update Auto Update must be lt On gt Err
39. Establishment lt Qutgoing gt Local IP Address Network Remote IP flddress Network lt gt Packets which match this rule Editable Enter the position for this rule Firewall Filters Fields Rule Number The rule number defines the order in which the rules are applied Once there are two or more rules created the rule number can be changed to put them in the desired order The Last rule displayed is automatically set after the first rule is defined and states that the router should drop any service incoming or outgoing that has not been addressed in the proceeding rules Action Pass Drop This column indicates the service s that will lt Pass gt or lt Drop gt from the remote network to the local network and vice versa On the Firewall Filters window the following indicate Pass Drop in this column Drop Blank column Pass Typically rules are established with the Pass action since the last rule which is automatically defined by the software Drops all services not expressly permitted by the previous rule s For example if you wish to deny all transmissions except Telnet you would create a rule indicating that Telnet has the Pass action The Adit software would create the last rule that states the unit should Drop all other services Since any service that is not expressly permitted to pass will be prohibited it is important that you thoroughly understand the security policies of your LAN before attempting
40. Forcel Networks OTSR Wed Jan 2 2002 1 08 17 gt Profile Setup for LEEMUNENND LOCAL Frame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates Tw X D X IX dE Ne1 er gt Local Other K EK XI Profile Setup LAN IP LAN IPM Window IP Address 10 0 0 1 802 2 Ext Network 00000000 Subnet Mask 255 0 0 0 Eth II Ext Network 00000000 Default Router 0 0 0 8 SNAP Ext Network 00000000 802 3 Ext Network 00000000 Setup lt Static Networks gt Link Speed lt Auto Negotiate gt Editable Please enter a value Local Profile Setup Menu Fields Profile Setup for LocalUnit The LocalUnit is the default name for this unit and will be used during the authentication process to ensure this unit s identity This name can easily by changed by simply typing over the LocalUnit and saving when closing this window This name can be up to 11 characters Protocol This column includes three protocol options IP IPX and Other These protocols are used to define Frame Types and LAN Network Updates to be used by this Router Frame Types Define the frame type of the packets that are sent and received by the Router If a packet is received formatted in a frame type that has not been enabled the Router will not accept the data Note that multiple frame types may be supported simultaneously for IPX and Other protocols 802 2 When selected X this Unit may send and receive packets that match the 802 2 f
41. ID Local Profile Name This field displays the User ID of the Local Unit Authentication of Remote This fields defines the parameters the remote unit expects to receive from this local unit Protocol This field displays the authentication protocol if any to be used by remote units when authenticating the local unit The authentication protocol is defined on the Local LAN Security SNMP window User ID Remote Profile Name Displays the current Remote Profile name Remote Custom Name User defined name up to 32 characters This user ID is sent during the authentication process Security Server Displays the defined method as to where the remote device will be authenticated This option is set in the Router CARD Setup gt Security SNMP window Compression Enabled Will negotiate compression with a remote device Disabled If the remote device will not negotiate compression leave this field as Disabled Typical Data This allows the data compression to be customized to the type of data on a given network Easy to Compress gt If typical compression ratios are greater than 2 1 then this setting should achieve the best compression This is the default Hard to Compress gt If compression ratios are less than 2 1 Terminal Server Router Release 2 97 Profile Directory Remote Profile Static VPN Networks Static VPN Networks Static networks allow you to establish fixed or pre determined routes which increases the
42. IP address first line Subnet Mask for second line Location Selection is Local LAN gt will have a selection for each Remote Unit that a profile has been created for 7 12 Terminal Server Router Release 2 97 Basic Configuration Setup Complete Setup Complete You have now completed the Basic Configuration You may re enter the Basic Configuration to make changes now or at any time Forcel Networks OTSR Thu Jan 10 2002 3 07 17_ For help call Forcel Networks Technical Support Page 7 of 7 Basic Configuration Finished Do you want to re enter Basic Configuration NO gt Do you want to save your configuration changes qa LocalUnit will reinitialize to implement changes ENTER to go to next field ESC to exit Basic Configuration Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 7 13 Basic Configuration Setup Complete 7 14 Terminal Server Router Release 2 97 CHAPTER Verification Window The Verification window is used to identify suspected communication problems between the Local LAN and Remote WAN devices In this Chapter m Ping Utility m Trace Route m Port Monitor Verification Window Ping Utility Ping Utility Use this option to verify any communication problems between the Router and various devices connected to your LAN or at a Remote location Problems are detected when a ping is sent to a device Ifthe device echoes bac
43. MAC Address of the learned address Terminal Server Router Release 2 97 10 11 System Reports Window Address Tables 10 12 Terminal Server Router Release 2 97 CHAPTER Exit Window In this Chapter m Logout m Reinitialize Exit Window Logout Logout 1 Onthe Main Menu press TAB until the Logout is highlighted on the Exit option Forcel Networks OTSR Wed Jan 2 2002 6 07 41 QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration lt Profile Directory gt gt Verification lt Ping Utility gt gt Statistics lt Run time System Reports lt Events Exit ET gt Scrollable Use the spacebar to change the selection and hit ENTER 2 Press ENTER The system will exit out of the Router GUI and the following message is displayed Session released on Wed Jan 2 2002 6 08 08 Terminating Force10 Networks QTSR connection Connection closed by foreign host gt 11 2 Terminal Server Router Release 2 97 Exit Window Reinitialize Reinitialize Some changes that you make to the Management software will not take effect until the Router is reinitialized Since this procedure 1s common to all functions within the software the reinitialization procedure appears on the Main Menu 1 Onthe Main Menu press TAB until the Logout is highlighted on the Exit option 2 Press SPACEBAR to scroll to Reinitialize
44. Metric Next Gateway Static Networks Setup IP ad t Scrollable Select the network type to configure 4 10 Terminal Server Router Release 2 97 Profile Directory Local Profile Set up Static Networks 5 Select CTRL A to add a Static Network Forcel Networks OTSR Wed Jan 2 2002 1 11 55 LocalUnit has 1 Static IP Network Setup Static IP Networks gt Network Subnet Mask Metric Next Gateway 1 OECD 0 0 0 0 y 1 0 0 0 0 Static Networks Setup IP pa o ge forwar o page bac Editable Enter a non zero IP fiddress Subnet Mask in Dotted Decimal Notation Static Network Menu Fields Network Enter the address ofthe destination network for the route that you are adding Static networks reached via a remote Unit must be configured through the corresponding Remote WAN Profile Setup screen Those configured through the Local LAN Profile Setup screen can be reached via the local LAN If this is an IP network enter the value in dotted decimal notation If this is an IPX network enter the appropriate value in hexadecimal notation Subnet Mask A subnet mask determines which bits in the IP address are used to identify the network number It is also a method of extending the IP Network Address so that a site may use one network address for several different networks This is accomplished by reassigning the portion of the IP Network Address that normally identifies a node to further identify the physic
45. NONE lt gt lt Enabled gt Profile Directory Window o page forward o Hit ENTER to configure the communication information for the remote profile Terminal Server Router Release 2 97 5 37 Profile Directory Remote Profile Filter Network Server 3 Tab down to Setup lt Security Options gt and scroll with the SPACEBAR to Filter Network Server gt Press ENTER Forcel Networks OTSR Wed Jan 2 2002 23 49 22 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt Disabled gt IPK lt Blocked gt Other lt Blocked gt Remote NAT Gateway lt Disabled gt Profile Window WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt Bs amp Setup SEETTEMNITIUCPBAET RITIENE gt Setup Trunk Port gt Scrollable Select the item to be set up and hit ENTER 4 Select with the SPACEBAR IP Networks gt lt IPX Networks or lt IPX Servers TAB to the Selected Items field lt Forcel Networks OTSR Wed Jan 2 2002 23 50 19 RemoteUnit has 1 configured and learned IP Network Setup GANT MR b Filter Selected Items Network Filter Filter 1 Static Fltr 0 0 0 0 Network Server CIRL F to p e backward age forward o pag Scrollable Select the Network Server type to configure 5 38 Terminal Server Router Release 2 97 Profile Directory Remote Profile Filter Network Se
46. Networks QTSR Med Jan 2 2002 23 56 18 RemoteUnit has 2 configured and learned IP Networks Setup IP Networks gt qm Selected Items Network Learn 1 Static Fltr 0 0 0 0 4 2 Static Fltr 192 168 1 0 4 CTRL F to page forward CTRL B to page backward Scrollable Use the spacebar to change the selection Ifthe server type and name are specified only servers that match both values will be learned or filtered Be aware that the Name value is case and spacing sensitive Network This field displays the network address of each service network learned from the remote unit If this route was added using the Static Network screen Static Fltr will appear before the network address of this entry Type This field is only available when the Setup field is set to lt IPX Servers gt The Type field displays the Hex value assigned to each known server When a service is added using CTRL A a Hex value must be defined If you wish to learn or filter certain services that match a particular server type manually add an entry specifying the desired Hex value This setting will enable the unit to learn or filter all services that match the specified service type This field may be used in conjunction with the Name field described below Range 1 FFFF Name This field displays the first 11 characters ofthe name of each known network server If a server is manually added and a server name is not defined all servers matching the
47. Port Setup for remote RemoteUnit Connection WAN Connection Type DLCI Select WAN Port Number lt M BPDA 2 1 PPP Scrollable Use the spacebar to change the selection WAN Port Number Select the WAN Port Number by scrolling through the options in the lt gt brackets Note Only WANs that are set up will display here As the selections scroll through the WAN numbers the connection ID will be modified to reflect this selection WAN Connection Type MLPPP PPP PPP in Frame Relay or Frame Relay 1490 DLCI Set DLCI value Range is 16 1022 Note this field is not applicable with all connection types ML Fragment Threshold This field appears when the WAN selected is WAN Connection Type MLPPP The MultiLink Fragment Threshold is the size at which non prioritized packets will be inspected to determine if they should be fragmented Range 320 1600 with a default of 1600 lt Forcel Networks OTSR Tue Jan 1 2002 23 55 03_ gt WAN Port Setup for remote RemoteUnit Connection WAN Connection Type DLCI Select WAN Port Number BM MLPPP ML Fragment Threshold 1600 Terminal Server Router Release 2 97 5 45 Profile Directory Remote Profile Trunk Port 5 46 Terminal Server Router Release 2 97 CHAPTER Terminal Server Window In this Chapter m Overview m Configuration m Manual Closure of a Telnet Socket Terminal Server Window Overview Overview The Terminal Server window will configure
48. Protocol Types Protocol Number in Firewall Filters 0 2 0 0 elles B 2 Ethernet Protocol Eypes isse ERR epU ER EE CEGEREYA GU REY E GS B 6 x Terminal Server Router Release 2 97 Table of Contents C Troubleshooting Communication Related Issues 0 cc ccc eee e ene C 2 Excessive Triggered Update Events on the Events screen C 2 LAN Related Issues 2 0 ccc tenet e een teen eens C 2 Unable to add data filters advertise networks or create static route entries C 2 Unable to access the Local LAN Router unit via Telnet C 4 Unable to access a remote unit via Telnet 00 c cee eee eee C 4 Diagnostics and Performance Tools 2 0 0c ccc eee elles C 5 Verification 0 cen EENE EENE EEN EEE a C 5 SASIC S PM PPM pU C 6 System REPOMS 1 55 celeb oed eel EO el docto ac eb os relieta C 6 Alarms screwed r RSA ESE ESE EIE ERES BONES UE eS d C 7 Identify Alarms voro gnora De Se Me one aa ECCE RUP C 7 Clear Alarm i ecekecenkemRek ReverebxmeRev eee eO CCRY ee C 9 Glossary Index Terminal Server Router Release 2 97 xi Table of Contents xii Terminal Server Router Release 2 97 CHAPTER Introduction In this Chapter m Overview m Installation m Maneuvering in the System m Fields m Help Bar m Connecting to the Router Introduction Overview Overview The TSR can be configured using CLI via telnet or through the Router Menu driven software Thi
49. SPACEBAR will scroll forward through the options ENTER will open the option s window or accept the entered value Example Terminal generic Select Field A field followed by gt is a selectable field which causes an action to be performed highlight the field and press ENTER to perform the action for example to enter the Trunk Port Setup screen Example SETUP Trunk gt Some selectable fields such as Main Menu options are also a scrollable option field For example lt Events gt gt Press the SPACEBAR to select the desired option and then press ENTER to perform the action Edit Field A field value enclosed in parentheses may be modified by entering an alphanumeric character Example SYSTEM NAME Adit 600 You will note that many editable fields are displayed with a default value To change this value highlight the field and type over the existing entry or press DELETE and then enter new value Note these fields are case sensitive To enter this value press ENTER Terminal Server Router Release 2 97 1 3 Introduction Help Bar Help Bar The Router provides field specific help that 1s displayed at the bottom of the window The help text will indicate if the field is scrollable or editable and provide a brief description of the field If it is a selectable field it will state what to do to invoke the action to be performed Forcel Networks OTSR Tue Jan 1 2002 1 03 36 gt QT
50. Server Router Release 2 97 Profile Directory Local Profile Advertise Network Server Use these windows to review networks that your unit has discovered through the LAN By sending out IPX and IP RIP Routing Information Protocol and IPX SAP Service Advertising Protocol packets and monitoring RIP and SAP packets from other devices your unit can learn about other networks The system constantly monitors RIP packets to ensure that the status of the network has remained unchanged Should a RIP packet indicate a change in status the unit will update the data in the table and exchange the updated data with all remotes Forcel Networks OTSR Wed Jan 2 2002 1 41 34 LocalUnit has 1 configured and learned IP Network Setup lt I gt Do not Advertise gt Selected Items Network Do not Advertise 10 0 0 0 Advertise Network Server Window Once the Local Unit has learned of a network you may choose to have the Router advertise broadcast RIP packets on behalf of the actual network Selecting which networks you wish your Local Unit to advertise provides added security by restricting what information is passed on to the remote For added control in network advertising automatic learning may be turned off and using the Static Network windows manually enter the network routes to be advertised Disable Learning On the LAN Profile setup window set LAN Network Updates to Neither On the WAN Profile setup window set WAN Netwo
51. change the selection Tunnel Data Yes Enables tunnel Displays additional fields to setup No Disables tunnel Tunnel Name Enter Tunnel name with a maximum of 11 characters Remote IP Tunnel Address Enter the IP address of the far end of the tunnel in the form xxx xxx xxx xxx where xxx is between 0 255 Terminal Server Router Release 2 97 5 23 Profile Directory Remote Profile Static NAT Addresses Static NAT Addresses Use this window to configure Static Bi directional NAT mappings between local server addresses and public addresses NOTE Up to 16 Static NAT addresses can be configured Each Static NAT address filter will count toward the maximum number of 500 filters 1 Select Configuration Profile Directory gt from the Main Menu and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE gt lt Enabled gt Profile Directory Window o page forward o page Hit ENTER to configure the communication information for the remote profile 5 24 Terminal Server Router Release 2 97 Forcel Networks OTSR Profile Setup for RemoteUnit WAN Network Profile Directory Remote Profile Static NAT Addresses Se
52. flow control on a TSR port None Set flow control to none Default RTS CTS Set flow control to hardware XON XOFF Set flow control to xonxoff Inactivity Timer The number of minutes of inactivity on the port before resetting the socket to close the port Range is 0 999 minutes with 0 used to disable Default is 0 Reset on DSR Low Disabled Enabled When DSR Data Set Ready input goes low socket is reset Default is Disabled Terminal Server Router Release 2 97 6 7 Terminal Server Window Configuration TBOS Display Mapping To set the TBOS mapping for each of the 8 available displays Set Device Type for Monitoring lt None gt None will disable monitoring for that TBOS display lt Lynx sc gt Proxium Lynx radio with up to 2xT1 E1 capacity exceeding 50 miles lt Lynx HD 31145 10 gt Proxium Lynx radio with up to 8 T1 E1 capacity exceeding 40 miles Lynx HD 31145 1f gt Proxium Lynx radio with up to 8 T1 E1 capacity exceeding 40 miles Lynx DS3 gt Proxium Lynx radio with DS3 capacity exceeding 15 miles Lynx 1 4 Port Prot Sw Proxium Lynx radio Lynx 8 Port Prot Sw Proxium Lynx radio Alcatel MDR 4000 gt Alcatel MDR 4000 radio Description Field used to further identify the monitored equipment Up to 20 characters can be used Forcel Networks OTSR Wed Jan 2 2002 4 15 51 gt Please enter the settings for port 1 Port Type EMITTE Port Name none Baud Rate Data Bit
53. for Internet hosts based off of GMT Greenwich Mean Time 1 Select Network Time Protocol Configure gt and select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 49 59 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send lt RIP1 gt Trunk Configure gt Security Configure gt SNMP Configure gt DNS Proxy Configure gt Spanning Tree Protocol Configure gt Network Time Protocol gt SysLog Configure gt DNS Resolver Configure gt Configure Network Time Protocol 2 To enable Network Time Protocol scroll lt Disabled gt to Enabled with the SPACEBAR select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 51 05_ gt Network Time Protocol Setup for local LocalUnit Network Time Protocol lt TR gt Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 3 19 Profile Directory Router Card Profile Network Time Protocol 3 Enter the appropriate data in the following fields Forcel Networks OTSR Tue Jan 1 2002 4 51 47 gt Network Time Protocol Setup for local LocalUnit Network Time Protocol RESUME NTP Server Address XIP Address gt 0 0 0 0 Poll Interval 16 1 Time Zone Offset HOURS td Time Zone Offset MINUTES Scrollable Use the spacebar to change the selection Network Time Protocol Setup Menu Fields Network Time Protocol Disabled to disable Network Processing
54. for a TBOS port type Default is Disabled IP Address The IP address for the defined port ofthe TSR card in the form of xxx xxx xxx xxx where xxx is between 0 255 Note This field is not displayed for a TBOS port type Protocol Port The protocol port number with range of 1 65535 a setting of 0 defines a null port Default is 23 Note This field is not displayed for a TBOS port type Baud Rate Defines the Transmission rate for the port Tested baud rates are 110 300 1200 2400 4800 9600 19200 38400 57600 115200 Default is 9600 Data Bits To set the number of data bits encoding a character Allowable data bits 5 6 7 and 8 Default is 8 bits NOTE If 1 5 Stop Bits is selected the Data Bits setting MUST be 5 Data Bits if 2 Stop Bits is selected 5 Data Bits MUST NOT be selected Parity To set the parity on this TSR port None Set no parity to the TSR port Default Even Set even parity to the TSR port lt Odd gt Set odd parity to the TSR port 6 6 Terminal Server Router Release 2 97 Terminal Server Window Configuration Stop Bits A stop bit is an interval at the end of each Asynchronous Character that allows the receiving computer to pause before the start of the next character Stop Bits values available are 1 1 5 and 2 NOTE If 1 5 Stop Bits is selected the Data Bits setting MUST be 5 Data Bits if 2 Stop Bits is selected 5 Data Bits MUST NOT be selected Flow Control To set the
55. interface To Add a Secondary IP Address 1 Select Configuration Profile Directory gt from the Main menu and ENTER 2 Select LAN lt Setup gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 06 56 gt Profile Directory 1 Configured and 2 Enabled Profile Name Profile Type Recv Send Profile State vica Localtnit AN NONE NONE lt SMS gt RemoteUnit WAN NONE NONE Setup gt lt Enabled gt age forwar Hit ENTER to configure the communication information for this profile Terminal Server Router Release 2 97 4 41 Profile Directory Local Profile Secondary IP Address 3 Select Setup Secondary IP Address by scrolling through the options with the SPACEBAR and select ENTER Wed Jan 2 2002 2 02 46 gt Profile Setup for LocalUnit LOCAL Frame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPX X X K X lt Neither gt Other X X X Local proms LAN IP LAN IPM Window IP Address 10 0 0 1 802 2 Ext Network 00000000 Subnet Mask 255 0 0 0 Eth II Ext Network 00000000 Default Router 0 0 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 Setup ERES E HERO Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 Select CTRL A to enter an IP Address Forcel Networks QTSR Wed Jan 2 2002 2 03 38_ gt Secondary IP Address Setup for local Local
56. log telnet 192 168 21 14 32 is the host s IP address at the far end that will be able to ping XXX XXX XXX XXXx 32 add 1 wanl firewall 2 pass inout nolog ping 192 168 21 14 32 xxx xxx xxx xxx 32 or telnet to the router 0 0 0 0 0 will allow any other host at the far end to ping and or telnet to the router Adds a Firewall rule to the WAN Where xxx XXX XXX XXX is the host s IP address at the far end that will be able to ping or telnet to the router 0 0 0 0 0 will allow any other host at the far end to ping and or telnet to the router add 1 wanl firewall 3 pass inout nolog ping 0 0 0 0 0 0 0 0 0 0 Adds a Firewall rule to the WAN add 1 wanl firewall 4 pass inout nolog tcp 1 65535 0 0 0 0 0 0 0 0 0 0 Adds a Firewall rule to the WAN add 1 wanl firewall 5 pass inout nolog udp 1 65535 0 0 0 0 0 0 0 0 0 0 Adds a Firewall rule to the WAN set 1 wanl trunk 1 Set WAN interface wanl to be mapped to trunk 1 Set 1 1 1 encapsulation ppp Set the encapsulation on trunk 1 to PPP reset 1 Terminal Server Router Release 2 97 Reboot the router to enable all configurations set 12 5 Router Configuration Internet Connection using NAT and Static NAT Addresses Internet Connection using NAT and Static NAT Addresses 12 6 Router in Slot 1 ISP Router that provides the Internet connection Router with NAT and Static NAT addresses Command Description set clock1 a 1 Set
57. maximum allowable number of 500 filters Terminal Server Router Release 2 97 4 27 Profile Directory Local Profile Advertise Network Server Advertise Network Server 1 Select Configuration Profile Directory gt from the Main menu select ENTER 2 Select LAN Setup gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 06 56 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE lt gt 1 RemoteUnit WAN NONE NONE Setup gt lt Enabled gt Profile Directory Window age forwar Hit ENTER to configure the communication information for this profile 3 Select Setup Advertise Network Server gt If the Advertise Network Server is not displayed scroll to the selection with the SPACEBAR select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 40 41_ gt Profile Setup for LocalUnit LOCAL Frame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPM X X X X lt Neither gt Other X X X Local Profile L LAN IPX Window IP Address 0 0 802 2 Ext Network 00000000 Subnet Mask Eth II Ext Network 00000000 Default Router 0 0 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 Jpe Setup NEBSEECBIACPBTELRETB Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 28 Terminal
58. of configured filters is within the maximum allowed The Local Profile is used to define the Local LAN port parameters for the unit at the present location 4 2 Terminal Server Router Release 2 97 Profile Directory Local Profile Set up a Local Profile Set up a Local Profile 1 The Local LAN Profile Setup is found in Configuration Profile Directory gt Forcel Networks OTSR Tue Jan 1 2002 1 53 43_ gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt Software Images gt Configuration Profile Directory Mam Verification Ping Utilit gt Menu erification ing Utility Statistics lt Run time gt System Reports lt Events gt Exit lt Logout gt Scrollable Use the spacebar to change the selection and hit ENTER 2 Select LocalUnit LAN lt Setup gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 06 56 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE lt 1 RemoteUnit WAN NONE NONE Setup gt lt Enabled gt Profile Directory window o page forwar Hit ENTER to configure the communication information for this profile Terminal Server Router Release 2 97 4 3 Profile Directory Local Profile Set up a Local Profile 3 Configure the LAN on this Main window Note there are additional windows for specific features See the following section
59. primary master transmit clock source set 1 default Set Router to default settings disconnect a 1 Disconnect all T1 connections on the Controller slot a disconnect 1 Disconnect all connections to the router in slot 1 set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 1 LocalUnit Boulder Rename LocalUnit default to Boulder LAN rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wan1 set 255 ethernet ip address 192 168 21 15 255 255 0 Set the Ethernet IP address and Subnet Mask for the Unit Set set 255 ip gateway 192 168 21 14 1 1 ip address 192 168 21 14 255 255 0 Set the IP gateway default route for the Unit Set the ethernet IP address in the conventional IP address format Router LAN set 1 wanl nat enable Set the WAN interface named wanl enable NAT mapping set 1 wanl nat port dynamic Set the WAN interface named wanl to set NAT port mapping to be dynamic set add 0 0 1 wanl nat address 216 174 44 2 1 1 wanl static ip network 0 0 0 0 0 0 1 Set the WAN interface named wanl NAT address Adds a static IP network route to the WAN interface add 192 1 wanl static nat address 168 21 14 216 174 44 232 Add static NAT bi directional mapping to wanl
60. remote This field is only available if the Setup Static field is set to lt IP Address gt Terminal Server Router Release 2 97 Profile Directory Remote Profile Firewall Filters Remote Profile Firewall Filters Remote Profile A firewall is a method for keeping a network secure from intruders by using filters to block the transmission of certain types of service traffic Once created firewalls are a security feature that allows only certain types of services to pass in and or out of your LAN Firewalls can be created on a per remote basis Each filter consists of a set of drop pass rules which are applied in the order in which they appear on the list in other words rule 1 is applied before rule 2 and so on This set of rules constitutes a filter for a specific remote profile and will be applied to that profile s incoming or outgoing or both traffic types service flows Forcel Networks OTSR Wed Jan 2 2002 23 47 56 RemoteUnit has 3 IP Firewall Rules Service s LAN Device s WAN Device s Firewall 1 SMTP gt x Rules 2 Telnet gt x Window Last Any lt gt CTRL E to erase CTRL F to page Hit ENTER to modify this Firewall Filter Rule Fields Rule Number Pass no blank indicates Drop Services s Lists current service defined LAN Device s Lists LAN defined for this rule indicates any gt Outgoing lt Incoming lt gt Outgoing and i
61. so that the preferred route is given the lower value This field value has a range of 1 to 15 Next Gateway Enter the IP Address of the first gateway router that the data will use to reach the destination network Referring back to Example 1 Network B would enter the IP Address of Router 1 since that is the first gateway on the route to Network C This field is only used on IP Networks Next IPX Router Enter the MAC Address of the next gateway router on the route that the data will use to reach the destination network Referring back to Example 1 Network B would enter the MAC Address of Router 1 since that is the next gateway on the route to Network C This field is only used on IPX networks 4 12 Terminal Server Router Release 2 97 Profile Directory Local Profile Static Addresses Static Addresses Use this screen to define static addresses that are based on the Ethernet MAC or IP Address of a specific device on the local LAN Typically the Router would learn of these devices by monitoring LAN WAN packets By defining a static address you are telling the Router the location of the corresponding device before it learns where this device resides Static addresses are typically used in a bridging situation Use the Local LAN Profile to define static addresses for devices that are located on the LAN If you wish to establish static addresses for devices on remote LANS access this screen using the corresponding Remote Profile
62. the four ports on the TSR card These settings apply only 1f the jumper for the port is set to RS 232 Each port can be set independently with the jumper on the TSR card to either RS 232 or to Ethernet See the Adit 600 User Manual for information on setting the port jumpers Configuration 1 Select Configuration Terminal Server gt from the Main Menu and select ENTER Forcel Networks OTSR QTSR Main Menu Category Wed Jan 2 2002 4 09 56_ gt QTSR Version 2 97 Slot 3 Selection Main Management Menu Configuration Verification Statistics System Reports Exit lt System Time Login gt Terminal Server A lt Ping Utility gt lt Run time gt lt Events gt lt Logout gt Scrollable Use the spacebar to change the selection and hit ENTER 6 2 Terminal Server Router Release 2 97 Terminal Server Setup Window Terminal Server Setup Window Terminal Server Window Configuration The Terminal Server Setting window displays current settings for all ports on the TSR card Forcel Networks OTSR Wed Jan 2 2002 4 11 21_ gt Settings for the ports are as follows Port Type TermServer TermServer Ethernet Ethernet Port Name none none none none Password Prompt Disabled Disabled IP Address 10 10 11 1 10 10 11 2 Prot Port 23 23 Baud Rate 9600 9600 Data Bits 8 8 Parity None None Stop Bits 1 1 Flow Cntrl None None Inactivity Timer Reset on DSR Low Disabled Disa
63. to both read and write privileges 3 12 Terminal Server Router Release 2 97 Profile Directory Router Card Profile SNMP SNMP Trap Destinations Forcel Networks OTSR Tue Jan 1 2002 2 08 20 gt SYS Name unknown SYS Contact unknown SYS Location unknown SNMP SNMP Community Name s Name Address Access public 0 0 0 0 read gt Setup Window Tenens Configure SNMP Traps Select SNMP Trap Destination gt and select ENTER This window defines the SNMP Trap Destinations to which the Router will report alarm information Forcel Networks OTSR Tue Jan 1 2002 2 09 26 gt SNMP Trap Destination s Name fiddress Location pS 0 0 0 0 Local LAN gt SNMP Setup Window CIRL E to erase Editable Please enter a value Terminal Server Router Release 2 97 3 13 Profile Directory Router Card Profile SNMP Name Enter the community name s of the devices to which the Router will report The default community name is public To enter a new community name highlight the field and type the desired value with a maximum of 10 characters Address Enter the corresponding IP Address of the device that was entered in the Name field Location Local LAN lt RemoteUnit gt Available options are the Local LAN gt and all defined Remote WAN Units defined in the Profile Directory there can be up to 24 3 14 Terminal Server Router Release 2 97 Profile Dire
64. to create a firewall We suggest that only experienced Network Administrators create and maintain firewall filters Incorrectly defined filters may compromise the security and functionality of your LAN Terminal Server Router Release 2 97 4 25 Profile Directory Local Profile Firewall Filters Local Profile Service This field displays the service that this particular rule affects While the most common services have been pre defined there are a few options where you may further define the service to be filtered Name Description Finger Display information about users FTP File Transfer Protocol Gopher Document search and retrieval HTTP World Wide Web ICMP Internet Control Message Type Equal or Range Specify a number or range Number 0 65535 Start Number 0 65535 End Number 0 65535 NUM IP protocol number to be specified see Protocol Number in Firewall Filters on page B 2 for a list of these Protocols and the assigned number Protocol Number number between 1 255 NNTP Network News Transfer Ping ICMP echo request reply POP3 Post Office Protocol Version 3 SMTP Simple Mail Transfer SNMP Simple Network Management Protocol TCP Transmission Control Protocol Port Equal or Range Specify a number or range Number 0 65535 Start Number 0 65535 End Number 0 65535 Telnet User interface to local unit UDP User Datagram Protocol WAIS Wide Area Information S
65. when finished Scrollable Use the spacebar to select the port type The following windows show how the selection of the Port Type changes the fields displayed Force1 Networks OTSR Wed Jan 2 2002 4 15 08 gt Please enter the settings for port 1 Port Type MIermCompati Port Name Password Prompt IP fiddress Prot Port Baud Rate lt Data Bits lt lt lt lt Disabled gt 10 10 11 1 23 9600 gt 8 None gt 1 0 lt None gt Parity Stop Bits Flow Cntrl Inactivity Timer 0 Reset on DSR Low lt Disabled gt Press ESC when finished Scrollable Use the spacebar to select the port type Terminal Server Router Release 2 97 Terminal Server Window Configuration Forcel Networks OTSR Wed Jan 2 2002 4 15 51 gt Please enter the settings for port 1 Port Type Port Name Baud Rate Data Bits Parity Stop Bits Flow Cntrl TBOS rir ia Mapping Display Display 2 Display 3 Display 4 Display 5 Display 6 Display Display 8 lt none 96 lt Non lt None lt None lt None lt None lt None lt None lt None lt None gt 00 e Description Description Description Description Description Description Description Description VVVVV VV Vv Press ESC when finished Scrollable Use the spacebar to select the port type Forcel Networks OTSR Wed Jan 2 2002 4 16 26 gt Please enter the settings for port 1 K RawICP TT e
66. 1 MPO NM Rela Denver 1 1 1 1 24 NES 2 2 2 1 24 IP Boulder Router in Slot 1 Command Description set 1 default Set Router to default settings disconnect a 1 Disconnect all T1 connections on the Controller slot a disconnect 1 Disconnect all connections to the router in slot 1 set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 1 LocalUnit Boulder Rename LocalUnit default to Boulder LAN rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wanl Set 1 1 ip address 1 1 1 1 255 255 255 0 f Set the ethernet IP address in the conventional IP address format Router LAN Set 1 1 phy auto Set the Physical Specifications to auto negotiate set 1 wanl rip ip updates never Set wanl to not send RIP updates add 1 wanl static ip network 2 2 2 0 Adds a static IP network route to the WAN interface 255 255 255 0 1 set 1 1 1 encapsulation ppp Set the encapsulation on trunk 1 to PPP Set 1 wanl trunk 1 Set the WAN interface wan1 to be mapped to trunk 1 reset 1 Reboot the router to enable all configurations set 12 8 Terminal Server Router Release 2 97 Denver Router in Slot 1 Command Router Configuration Denver Router in Slot 1 Description set 1 default Set Router to default settings disconnect a 1 Disconnect all T1 connections on the Control
67. 12 Configuration 0 eee 7 12 SYS Contact 2 000 cee ea cee nea P REVO PEN 3 12 SYS Location 0 esee eee 3 12 SYS Name ios RR Ea dex PS 3 12 Trap Destination Address i ewido vane ve alee tals IRAE see 3 14 Location isses eer iga ee a e RR eds 3 14 Names ssc eves ta PIE eU a ears 3 14 Trap Destinations 2 0 0 0 eee eee eee 3 13 SNMP Communities ACCESS ose SPICE EP ERE ERE PE 7 12 Address s ovontevwbaxukD RUE REPRE 7 12 Name o piei eea e Ste be ae E de 7 12 SNMP Configuration SNMP Communities 000005 7 12 SNMP Trap Destinations 7 12 SNMP Trap Destinations Addiess osre revtor o EX EA EPESA OR 7 12 Location cress criei cece teens 7 12 Name me vut paee RR eres ee 7 12 Source Destination 0 aeaaee 4 18 Spanning Tre cpessesessesisripsvreas ese Glossary 2 Spanning Tree Protocol 3 17 4 38 5 41 Bridge Forward Delay 3 18 3 20 Index 6 Bridge Hello Time 000 3 18 Bridge Max Age 00 ce cece eee 3 18 Bridge Priority 3 18 4 40 5 43 5 45 Start IP Address 0 ccc cece cence eens 4 34 Start Basic Configuration 000 7 2 Start Monitor 2 nnana cee eens 8 8 Static Address 4 13 4 24 5 12 5 25 5 26 5 29 5 33 5 39 5 45 Networks 0 0 0 0 00 0 c cece cece n 5 12 SelUD bs 4 oie Sens Ox oa Svea eee SER OR 5 30 Static Addresses 2 0 0
68. 2 3 W WAN us EE RREBENSE RE RENS EU xu TE 9 3 Connection 0 0 0 ccc cece eee 3 7 7 7 Connection Type 00 0 e ee eee 3 7 7 7 Frame Relay eese ees 3 7 PBP 22e y REX eee ee Ke oe wean ER 3 7 PPP in Frame Relay 005 3 7 Network Updates 0 0 0 0 c eee ee eee 5 5 Packet Errors Sex lth yer be n a oe ots 9 3 RECEIVER oss DERE eee PC CE EE 9 3 Totals ceo oesAaulstncietiels tadate pete ee as 9 3 Transmitted 2 0 0 0 eee ene 9 3 WAN Interface Connections 0005 7 7 Port Number 0 0 0 e cee eee ee ee eens 7 7 WAN Connection 0 cece eee eee eee 7 7 WAN Connection Type 000000 7 7 WAN Monitor Number of Bytes to Display 8 8 8 9 Remote Name zo oscercxe te atid ase ss 8 8 Start Monitor 0 0 0 cece eee ene 8 8 WAN Port Number 0 00 c cece eee ae 7 11 DEGI pases bad bea whe Chae wee eae 7 11 Index 7 Index Index 8 Terminal Server Router Release 2 97
69. 2 4 17 57 gt Please enter the settings for port 1 Port Type lt TermServer gt Port Name none Password Prompt lt Disabled gt IP Address 10 10 11 1 Prot Port 23 Baud Rate 9600 gt Data Bits gt 8 Parity Tone gt Stop Bits gt Flow Cntrl lt None gt Inactivity Timer 0 Reset on DSR Low lt Disabled gt a re Te O T Wor Vt tuna 6 10 Terminal Server Router Release 2 97 CHAPTER Basic Configuration In this Chapter m Overview m Start Basic Configuration m Local Unit Identification m Routing Protocol Security m WAN Interface Connections m Remote Unit Profile m SNMP Configuration m Setup Complete Basic Configuration Overview Overview The Basic Configuration is designed to walk the user through all the Basic Setup to operate the Router effectively This feature can be used at any time to initially setup the Router or to change the configuration of the Router As setup information is entered and the Enter button is selected the next setup item will appear ESC will exit this setup program at any time ENTER will move to the next page or enter the information into the system Start Basic Configuration 1 Select Configuration Basic Config gt gt from the Router Main menu and select ENTER Forcel Networks QTSR Wed Jan 2 2002 5 09 57 QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt Configuration
70. 23 40 5455 b PREX UERRES 10 10 Display esteu teak eere RETI 10 10 Learned From 0 00 cc eee eens 10 10 Port Name 0 ccc eee 10 11 Terminal Server Router Release 2 97 Alarms Auto Update llslslsseeleeeess 10 5 eu dam 10 5 MeSSaSe uus be vr EE V ERU EM 10 5 Time oer dee ead a PSOE eh 10 5 EVENS Cm 10 2 Count deci thd obese E PEE 10 3 MESSage uus ense E A REG es 10 3 Time oe eae ee eee aa EROR eed 10 3 Networks Servers llle eese 10 8 Frame Type oeoev haath 10 8 HOPS exer RC S EROR UE ROS xD S 10 8 Metric sois bb UREPSRRE RR e EUH 10 8 Name oeesscesees ue een eed ew eaten Sele 10 8 Network 2 ccc ceci eere ieda RR 10 8 Next Gateway lese 10 8 Ticks eM E EER E eee Rd 10 8 TYPE cito ees inet e PERROS ERR EE a als 10 8 System Reports Window uselsess 10 1 System Time Login 0 00a ee 2 2 2 3 Admin Password 0000 e eee eee aes 2 4 Auto Logout Timer 0 000s eae 2 3 Config Password 00 0 e cece eee eee 2 4 Daylight Savings Time Adjustment 2 3 Enhanced Security 0 0 0 0 00 eee eee 2 5 System Date and Time 045 2 3 View Password llslsseseeee eens 2 4 T TI ziswiwwpbUeNI E EN eae E E EA Glossary 2 Tab Key uo RR RR PR PER UR wee Rs 1 2 Telnet ess eorI er RENG OG ee ae he Glossary 3 Telnet Session 0 cece eee ees 1 5 Terminal Server setup 00 00 e eee eee 6
71. 3 A 1 3 3 lt PPP gt 4 A 1 4 4 lt PPP gt 5 A 1 5 5 lt PPP gt 6 A 1 6 6 lt PPP gt 7 A 1 lt PPP in Frame Relay gt 8 A 1 8 8 lt Frame Relay 1490 gt For Frame Relay Set Option for PVC Management lt Annex D gt Set the Poll Interval 10 Set the Poll Counter ENTER to go to next field ESC to exit Basic Configuration Editable Please enter a value 7 6 Terminal Server Router Release 2 97 Basic Configuration Remote Unit Profile Remote Unit Profile A screen will ask you if you would like to Edit a Remote Unit Profile Select lt YES gt and ENTER The guide will walk through each Remote Profile that has been set up Forcel Networks OTSR Wed Jan 2 2002 5 30 58 For help call Forcel Networks Technical Support Page 4 of 7 Would you like to edit the Remote Profile RemoteUnit qa ENTER to go to next field ESC to exit Basic Configuration Scrollable Use the spacebar to change the selection Med Jan 2 2002 25 32 94 For help call Forcel Networks Technical Support Page 5 of Would you like to add a new Remote Profile ENTER to go to next field ESC to exit Basic Configuration Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 7 9 Basic Configuration Remote Unit Profile The following window will configure the Remote Unit Forcel Networks OTSR Thu Jan 3 2002 28 38 18 For help call Forcel Networks Technical Support Page 4
72. 7 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CAR lt Setup gt LocalUnit CaN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Profile Directory Window o page forwar o page Hit ENTER to configure the communication information for the remote profile 5 28 Terminal Server Router Release 2 97 Remote Profile Window Static Addresses Window MAC Address Profile Directory Remote Profile Static Addresses Select Setup Static Addresses gt scroll through the list of options with the SPACEBAR if Static Addresses is not displayed Press ENTER Forcel Networks OTSR Wed Jan 2 2002 23 38 33 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt Disabled gt IPK lt Blocked gt Other lt Blocked gt NAT Gateway lt Disabled gt WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt Setup lt SiRRetem he IE EIE gt gt Setup lt Trunk Port gt Scrollable Select the item to be set up and hit ENTER Scroll through the list of options with the SPACEBAR to select Setup Static lt MAC Address gt or Setup Static lt IP Address gt Press CTRL A to add a Static Address Forcel Networks OTSR Wed Jan 2 2002 3 39 43_ gt RemoteUnit has 1 Static MAC Address Record Setup Static lt MAC Address gt Device Name MAC Address
73. EE CTRL F to page forward CTRL B to page backward Scrollable Use the spacebar to change the selection Flush Learned Entries This field will eliminate all the learned entries from either the x MAC Address table or the IP Address table when the field is changed from Off to On Use the SPACEBAR to scroll to the selection Display Use this field to select to view the address table by MAC Address or IP Address Use the SPACEBAR to select the appropriate view The screen will update accordingly as you scroll between options When the view by IP Address is selected the table may also display the corresponding MAC Address for locally learned devices Corresponding MAC Addresses are only displayed if the Router has encountered an ARP RARP packet Learned From Will select to view devices learned from the LAN or from any remote units This field will display either lt All Ports gt Local LAN gt or each of the individual Remotes listed in the Profile Directory The screen will update accordingly as you scroll between options Auto Update Use this field to have this screen automatically update with events while you are viewing the screen On will update the screen every 5 seconds 10 10 Terminal Server Router Release 2 97 System Reports Window Address Tables Port Name Displays the Port Name of the learned address IP Address Displays the IP Address of the learned address MAC Address Displays the
74. ESSED OR IMPLIED AND ALL OTHER OBLIGATIONS OR LIABILITIES OF FORCEI0 NETWORKS INCLUDING ANY WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE NONINFRINGEMENT AND OR ANY IMPLIED WARRANTIES ARISING OUT OF COURSE OF PERFORMANCE OR COURSE OF DEALING ALL OTHER WARRANTIES ARE DISCLAIMED AND EXCLUDED BY FORCE10 NETWORKS THE REMEDIES CONTAINED IN THIS AGREEMENT WILL BE THE SOLE AND EXCLUSIVE REMEDIES WHETHER IN CONTRACT TORT OR OTHERWISE AND FORCE10 NETWORKS WILL NOT BE LIABLE FOR INJURIES OR DAMAGES TO PERSONS OR PROPERTY RESULTING FROM ANY CAUSE WHATSOEVER WITH THE EXCEPTION OF INJURIES OR DAMAGES CAUSED BY THE GROSS NEGLIGENCE OF FORCE10 NETWORKS THIS LIMITATION APPLIES TO ALL SERVICES SOFTWARE AND PRODUCTS DURING AND AFTER THE WARRANTY PERIOD IN NO EVENT WILL FORCE10 NETWORKS BE LIABLE FOR ANY SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES LOSS OF DATA OR COMMERCIAL LOSSES EVEN IF FORCE10 NETWORKS HAS BEEN ADVISED THEREOF No agent BUYER or representative is authorized to make any warranties on behalf of Force10 Networks or to assume for Force10 Networks any other liability in connection with any of Force10 Networks Products software or services The foregoing summarizes Force10 Networks entire product and software warranties which are subject to change without notice Terminal Server Router Release 2 97 Preface Warranty Product Returns Before returning any equipment to Force10 Networks Inc first contact th
75. FORCEQC Terminal Server Router MENU DRIVEN USER INTERFACE USER MANUAL Part Number 770 0105 BL Product Release 2 97 August 2009 Copyright 2009 Forcel0 Networks Inc All rights reserved Forcel0 Networks reserves the right to change modify revise this publication without notice The hardware and software described herein are furnished under a license or non disclosure agreement The hardware software and manual may be used or copied only in accordance with the terms of this agreement It is against the law to reproduce transmit transcribe store in a retrieval system or translate into any medium electronic mechanical magnetic optical chemical manual or otherwise any part of this manual or software supplied with the product for any purpose other than the purchaser s personal use without the express written permission of Force10 Networks Inc Trademarks Adit and Force10 Networks are registered trademarks of Force10 Networks Inc Forcel0 and the Force10 logo are trademarks of Forcel10 Networks Inc or its affiliates in the United States and other countries and are protected by U S and international copyright laws All other brand and product names are trademarks or registered trademarks of their respective holders Statement of Conditions In the interest of improving internal design operational function and or reliability Force10 Networks reserves the right to make changes to products described in this document w
76. Gb Pe Bae 4 16 Define veis t Faces oA SE Es 4 18 Define Filter 2 0 0 0 0 cece eens 4 18 Defining Custom iso e b RERO 4 19 Filter Name soen eiiiai e ne 4 18 Filter Type sieosc sere DEPPEX opeten e p edie s E 4 18 Firewall 4 sees esee Rye 5 12 Firewall Local Profile 4 7 4 22 Firewall Remote Profile 5 31 Forward Mode 0 00 ccc c eee nee eens 4 18 Network Server esses eee eens 5 12 SelUD eere taen e P PDC Loess Gees eed wes 4 6 Source Destination 0 0 c cece eee eee 4 18 TVPG eena sive atid poete ep ep pde ea ues 4 18 Firewall 0 ccc ccc eee eee Glossary 1 Falters sess GS vee ee ave ON ond 5 12 12 5 Local Device S ca icetrnesieutea rene teas 5 35 Local IP Address Network 5 35 Packets which Match this Rule 5 36 Remote IP Address Network 5 36 Rule 1 Remote Profile 5 34 SELVICES perece Ssh E eR oa CR CORP 5 35 Firewall Local Profile Falters oreet o teei aed REDE E ORE 4 7 4 22 Local Device s 00 0 2 eee ee ee eee 4 26 Local IP Address Network 4 27 Packets which Match this Rule 4 27 Remote IP Address Network 4 27 Rule Hi oeuvre er tepidis 4 25 Setvice S ils igowRRAS Y RR res bE NES 4 26 Firewall Remote Profile Falters 1 2 RIVER RECRRN D PIOS 5 31 FW Allow Frags 00 00 ce eee eens 5 11 Forward Mode
77. Main Menu QTSR Version 2 97 Slot 3 Category Selection Management RARA gt Configuration lt Profile Directory gt gt Verification lt Ping Utility Statistics lt Run time System Reports lt Events Exit lt Logout Scrollable Use the spacebar to change the selection and hit ENTER 2 A dialog box will display a confirmation message to load factory defaults 3 Select YES with the SPACEBAR and select ENTER 4 Defaults will be loaded 2 10 Terminal Server Router Release 2 97 Management Window Software Images Software Images Use Software Images to switch the active with the backup application images stored in the Router 1 Select Management Software Images from the Main Menu and select Enter Forcel Networks OTSR Tue Jan 1 2002 1 26 09 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management KSoftware Images gt Configuration lt Profile Directory gt Verification lt Ping Utility gt Statistics lt Run time gt System Reports lt Events gt Exit lt Logout gt Scrollable Use the spacebar to change the selection and hit ENTER Options Show Current Images Displays the application images stored in the Router shown below Switch Appl Images Switch the active with the backup application images stored in the router Note More than one software image must be loaded for an active and a backup image to display lt Forcel Network
78. NOTE Each static address filter will count toward the maximum number of 500 filters 1 Select Configuration Profile Directory gt on the Main menu and select ENTER 2 Select LAN Setup gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 06 56 gt Profile Directory 1 Configured and 2 Enabled g Name Profile Type Recv Send Profile State Profile Router CARD Setup Directory LocalUnit LAN NONE NONE lt gt Window 1 RemoteUnit WAN NONE NONE Setup gt Enabled gt page forwar D Hit ENTER to configure the communication information for this profile Terminal Server Router Release 2 97 4 13 Profile Directory Local Profile Static Addresses 3 Select Setup Static Addresses gt if Static Addresses is not displayed scroll to the selection with the SPACEBAR and select ENTER Wed Jan 2 2002 1 14 29 gt Profile Setup for LocalUnit LOCAL Frame Types LRN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPX X IN X X lt Neither gt Other X X X Local s LAN IP LAN IPX Window IP Address 10 0 0 01 802 2 Ext Network 00000000 Subnet Mask 255 B o Eth II Ext Network 00000000 Default Router 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 e Setup CIEISUIIRATISSSESS gt Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 Select CTRL A to add static r
79. OR gt Trap On lt ALL gt Number of bytes to display for each packet 0 Direction lt Both gt Port Name Select the Port Name by scrolling through the list of LAN Port Remote Units with the SPACEBAR Start Monitor Use this prompt to initiate the packet trace Select START MONITOR gt and press ENTER to begin the trace As the transmission occurs the packet hex dump will be displayed on the screen If you wish you may end the trace at any point Press ESC to terminate Trap On Use this field to define what traps to turn on lt All gt Enable all traps lt No LCP PVC gt No Link Control Protocol PVC keep alive packets lt ARP RARP gt Address Resolution Protocol Reverse Address Resolution Protocol lt ALL IP gt All IP addresses lt IP ADDR gt Enter IP address lt All UDP gt All UDP Protocol ports lt UDP Port gt User Datagram Protocol Port number range 0 65535 lt BootP DHCP gt Bootstrap Protocol Dynamic Host Configuration Protocol lt RIP gt Routing Information Protocol lt STP gt Spanning Tree Protocol lt IPX gt Internet Packet Exchange lt ICMP gt Internet Control Message Protocol lt MGCP gt Master Gateway Control Protocol lt RTP gt Realtime Transport Protocol BLOCK TCP gt Block the Transmission Control Protocol Number of bytes to display for each packet Use this field to enter the number of bytes to display for each packet The ra
80. Protocol Sautter 127 CRUDP Combat Radio User Datagram Sautter 128 SSCOPMCE Waber 129 IPLT Hollbach 130 SPS Secure Packet Shield McIntosh 131 PIPE Private IP Encapsulation within IP Petri 132 SCTP Stream Control Transmission Protocol Stewart 133 FC Fibre Channel Rajagopal 134 RSVP E2E IGNORE RFC3175 135 254 Unassigned IANA 255 Reserved IANA Terminal Server Router Release 2 97 B 5 Protocol Types Ethernet Protocol Types Ethernet Protocol Types B 6 This table defines the protocol types that can be used by the LAN Protocol filters The associated Hex number is entered into the Ethernet Value field see Defining Protocol Filters on page 4 20 HEX Description 0000 05DC IEEE 802 3 Length Field 0 1500 decimal 1010 01FF Experimental for development Conflicts with 802 3 length fields 0200 Xerox PUP Conflicts with 802 3 length fields 0201 PUP Address Translation Conflicts with 802 3 length fields 0600 Xeros XNS IDP 0800 DOD IP 0801 X 75 Internet 0802 NBS Internet 0803 ECMA Internet 0804 CHAOSnet 0805 X 25 Level 3 0806 ARP for IP and for CHAOS 0807 SNX Compatibility 081C Symbolics Private 0888 088A Xyplex 0900 Ungermann Bass network debugger 0A00 Xerox 802 3 PUP 0A01 PUP 802 3 Address Translation OBAD Banyan Systems Inc 1000 Berkeley trailer negotiation 1001 100F Berkeley Trailer encapsula
81. Protocol Types Ethernet Protocol Types B 8 HEX Description 805B VMTP Versatile Message Transaction Protocol RFC 1045 Stanford 805C Stanford V Kernel production Version 6 0 805D Evans amp Sutherland 8060 Little Machines 8062 Counterpoint Computers 8065 University of Massachusetts Amherst 8066 University of Massachusetts Amherst 8067 Vecco Integrated Automation 8068 General Dynamics 8069 AT amp T 806A Autophon Switzerland 806C ComDesign 806D Compugraphic Corporation 806E 8077 Landmark Graphics Corporation 807A Matra France 807B Dansk Data Elektronic A S Denmark 807C Merit Internodal 807D VitaLink Communications 807E VitaLink Communications 807F VitaLink Communications 8080 VitaLink Communications bridge 8081 Counterpoint Computers 8082 Counterpoint Computers 8083 Counterpoint Computers 8088 Xyplex 8089 Xyplex 808A Xyplex 809B Kinetics Ethertalk Appletalk over Ethernet 809C Datability 809D Datability 809E Datability 809F Spider Systems Ltd England 80A3 Nixdorf Computer West Germany 80A4 80B3 Siemens Gammasonics Inc 80C0 Digital Communication Associates 80C1 Digital Communication Associates 80C2 Digital Communication Associates 80C3 Digital Communication Associates Terminal Server Router Release 2 97 Protocol Types Ethernet Protocol Types
82. RE EE AS ee he E Ee 11 2 Remitialize s sie die ok 6s Hed Rex E Se SP PER EEA ES Eee EEN Soe 11 3 1 2 Router Configuration Basic Set p iiscsseserise m boas Hee OE EE PE NER REPE 12 2 PPP Internet Connection and Public IP Address Routing 12 3 Routeran Slot 1 5 e 26 ERI E RR ER RE PX RE EEE Y 12 3 Frame Relay Internet Connection and Public IP Address Routing 12 4 Router in Slot l a cc cece teen ene eens 12 4 Internet Connection using PPP NAT PAT and Firewall Filters 12 5 Router in Slot l nannan nananana 12 5 Internet Connection using NAT and Static NAT Addresses 12 6 Router m Slot 1 sec ca ce daewoo RAD RRR SE der Eee RNS 12 6 Back to Back with PPP 0 6 ccc cc nnn teen eens 12 8 Boulder Router in Slot 1 2 0 0 cece cette eens 12 8 Denver Router in Slot 0 eee tenn eens 12 9 Back to Back with Multi Link PPP 0 0 0 ccc ccc eee eens 12 10 Boulder Router in Slot I 2 0 0 ee teenies 12 10 Denver Router in Slot sce De Ce E eS 12 11 Back to Back with Frame Relay 0 0 000 cece cece ete e eee 12 12 Boulder Router in Slot L 22 oto lie hk Gr eee dee ees 12 12 Denver Router in Slot3 2 0 0 ce tnt teen ens 12 13 A User Events User Events ss sich b RR RIS deed Ssh bated E EEE E bos A 2 Authenticate Events liess hh A 3 Triggered Events 0 0 ccc ccc hh A 4 Alarms ii6 sgc dx t eH becca RO RU AER ECKE UE Statik Ee eee A 5 B
83. Resolver Configure gt onfigure SysLog 2 To enable SysLog System Log Message Service scroll lt Disabled gt to lt Enable gt with the SPACEBAR select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 54 37 gt SYSTEM LOG MESSAGE SERVICE SETUP Setup for local LocalUnit Note Level 3 is fllarms Level 5 is Events lt ER E gt Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 3 21 Profile Directory Router Card Profile SysLog 3 Enter the appropriate data in the following fields Forcel Networks OTSR Tue Jan 1 2002 4 55 38 gt SVSTEM LOG MESSRGE SERVICE SETUP Setup for local LocalUnit Note Level 3 is fllarms Level 5 is Events Sys Log MEnabled 9 Facility 16 Level 3 Server IP Address 0 0 0 0 Scrollable Use the spacebar to change the selection SysLog Setup Menu Fields Sys Log To enable the Sys Log use the SPACEBAR to scroll Disabled to lt Enabled gt and select TAB or ENTER The window will now display the optional settings for SysLog Facility The value can range from 0 to 23 with a default of 16 Level The value can range from 0 to 7 with a default of 3 Level 3 is Alarms and level 5 is Events Server IP Address The server IP Address is a unique dotted decimal notation entry that is used for data routing purposes This IP address of the SysLog Server or the Host that has the SysLog Server software running 3
84. Router Release 2 97 System Reports Window Networks Servers 3 Press ENTER The Networks Servers listing will display lt Forcel Networks OTSR Wed Jan 2 2002 6 02 17 gt Total Entries 3 on 2 Ports Flush learned entries Off Display lt I gt Learned From lt All Ports gt Auto Update On gt Network Subnet Mask Metric Next Gateway Port Name 1 Static 0 0 0 0 0 0 0 0 1 RemoteUni t 2 Static 192 168 1 0 259 259 259 0 1 RemoteUnit 3 Direct 10 0 0 0 255 0 0 0 1 10 0 0 1 Local LAN CTRL F to page forward CTRL B to page backward Scrollable Use the spacebar to change the selection 4 To view the other display options scroll through the Display IP Networks field lt Forcel Networks OTSR Wed Jan 2 2002 6 03 05 gt Total Entries on 0 Ports Flush learned entries lt Off gt Display lt URHERERRRYSS gt Learned From lt All Ports gt Auto Update lt On gt Network Hops Ticks Next IPX Router Port Name Frame Type _ lt Forcel Networks OTSR Wed Jan 2 2002 6 04 04_ gt Total Entries on 0 Ports Flush learned entries Off Display lt IMG gt Learned From lt All Ports gt Auto Update On gt Network Hops Type Name Port Name Frame Type CIRL F to page 1 Scrollable Use CTRL F to page forward CTRL B to page backward Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 10 7 System Reports Window Networks Servers
85. SR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management qUISCBIE TAE Configuration Profile Directory Verification Ping Utility gt Statistics lt Run time gt System Reports lt Events gt Exit lt Logout Scrollable Use the spacebar to change the selection and hit ENTER 1 4 Terminal Server Router Release 2 97 Introduction Connecting to the Router Connecting to the Router Establish a Telnet Session l Usethe telnet rtr card addr CLI command to connect to the Router card The following example is when the router is located in slot 3 telnet 3 Connected Escape character is Attempting Forcel0 Networks QTSR connection QTSR Sat Apr 10 2004 10 51 23 CR to login 2 Select ENTER or lt CR gt to log in Password 3 Enter default password admin and select ENTER Password gt Select a terminal type space or back space to toggle CR to accept Terminal lt VT100 gt 4 Select Terminal Type scroll through options with the SPACEBAR and then ENTER to select Recommended lt generic gt Terminal lt generic gt 1 5 Terminal Server Router Release 2 97 Introduction Set a New Password Set a New Password If you have logged in with a default password for security reasons the password should be changed the system directs the user to do so telnet 3 Connected Escape character is Attempting Forcel0 Netwo
86. Slot 3 Use the spacebar to change the selection and hit ENTER Terminal Server Router Release 2 97 Profile Directory Router Card Profile Configuration 2 Select Router CARD Setup gt and select ENTER Forcel Networks OTSR Tue Jan 1 2002 1 55 10 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD CHI gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE Setup gt lt Enabled gt Profile Directory Window o page forwar Hit ENTER to configure the communication information for this profile Forcel Networks QISR Tue Jan 1 2002 1 56 24 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive uil gt RIP Mode Send lt RIP1 gt Trunk Configure gt Security Configure gt SNMP Configure gt DNS Proxy Configure gt Spanning Tree Protocol Configure gt Network Time Protocol Configure gt Router SysLog Configure gt Card DNS Resolver Configure gt Configuration Window Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 3 3 Profile Directory Router Card Profile RIP Mode Receive RIP Mode Receive This field sets the RIP receive mode to RIP version 1 RIP version 2 or to both Selection is lt RIP1 gt lt RIP2 gt or lt RIP1 RIP2 gt Forcel Networks OTSR Tue Jan 1 2002 1 56 24 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive uui RIP Mode Send
87. Unit IP Address Subnet Mask ONT 0 0 0 0 eras ase Editable Enter a non zero IP Address Subnet Mask in Dotted Decimal Notation 4 42 Terminal Server Router Release 2 97 Profile Directory Local Profile Secondary IP Address Secondary IP Address Fields IP Address The secondary IP Address in the form xxx xxx xxx xxx where xxx is between 255 Subnet Mask The Subnet Mask to the corresponding Secondary IP address listed in the form xxx xxx xxx xxx where xxx is between 1 255 Terminal Server Router Release 2 97 4 43 Profile Directory Local Profile Link Speed Link Speed The Link Speed sets the Ethernet PHY mode and speed for the Router NOTE It is highly recommended that this setting be left at auto negotiation Connection ethernet devices with incompatible settings can lead to severe performance degradation and errors on a network To Set the Link Speed 1 Select Configuration Profile Directory gt from the Main menu select ENTER 2 Select LAN lt Setup gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 06 56 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CRRD Setup gt Profile LocalUnit LAN NONE NONE d Directory 1 RemoteUnit WAN NONE NONE Setup gt lt Enabled gt Window o page forwar Hit ENTER to configure the communication information for this profile 4 44 Terminal Server Router Relea
88. WAN connection The Router will initiate IP and IPX learning mode With each of these selections the Router will initiate learning mode to gain knowledge of local and remote networks and services Once it knows of remote networks and services it can advertise the information on the local LAN on behalf of the remote networks and servers lt Bridge gt will not prompt the Router to initiate WAN bandwidth optimization Note that the unit will not advertise servers and networks lt Blocked gt if you do not wish to use the corresponding protocol Optimize See Route above WAN Network Updates Routing information updates across the WAN will occur based on this selection This field 1s only available when IP Protocol is set to Route or when IPX Protocol is set to Optimize This field should be set to Never if the NAT Gateway field below is set to Enabled Never To prohibit all routing information updates When this is selected static routes between the Router and the remote units must be configured lt Periodic gt Periodic updates across the WAN occur every 30 seconds for the IP protocol and every 60 seconds for IPX lt Triggered gt Triggered updates occur only when changes within the network are detected This is the recommended setting Terminal Server Router Release 2 97 5 5 Profile Directory Remote Profile Transmission Options GRE Tunnel Use this field to define IP Tunneling for GRE Generi
89. Window Events Events Displays the log of events for the Router View the Event Log 1 Onthe Main Menu press TAB until Events is highlighted on the System Reports option Forcel Networks OTSR Wed Jan 2 2002 5 46 40 QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration lt Profile Directory gt gt Verification lt Ping Utility gt gt Statistics lt Run time gt gt System Reports ES gt gt Exit lt Logout gt gt Scrollable Use the spacebar to change the selection and hit ENTER 2 Press ENTER The Event Log will display Forcel Networks OTSR Wed Jan 2 2002 5 47 31 gt Event Log for LocalUnit Auto Update mi Message Count Export complete in 0 0 secs 48320 bpsl Login accepted at ADMIN level Password changed for ADMIN level ADMIN login terminated Export complete in 0 0 secs 48320 bps Login accepted at ADMIN level Password changed for ADMIN level ADMIN login terminated Export complete in 0 0 secs 48400 bps Login accepted at ADMIN level Password changed for ADMIN level ADMIN login terminated Export complete in 0 0 secs 48480 bps Login accepted at ADMIN level Password changed for ADMIN level ADMIN login terminated Export complete in 0 0 secs 48400 bpsl CTRL F to page forward DOWN ARROW to scroll 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 An An An An AN an An an an
90. a 3 ERO Y X ELA 4 9 Static Addresses visere 3g tev eee REPERI pea ee PEORES IER 4 13 Elltets ss cx eter S LCD RA AE DOE DS PONT EA UR V eene SS RUE S 4 16 Defining Custom Filtets iba Rey E hente ean ey E YS PX 4 19 Defining Protocol Filters 20 0 0 ccc cee esee 4 20 Defining Address Filters llle eee 4 21 Firewall Filters Local Profile 0 0 00 4 22 Advertise Network Server lessen 4 28 IPX Server Advertising 00 0 ccc ccc e 4 30 DHCP Server Client Relay 00 ccc e 4 32 Spanning Tree sis edu eee HUE o KA E E EE data eee rene eae eae 4 38 Secondary IP Address 0 0 ccc cece ees 4 41 Link Speed 1s esie Ea E nace UR e OR Gu e E ea Ae eed 4 44 viii Terminal Server Router Release 2 97 Table of Contents 5 Profile Directory Remote Profile Remote WAN Profile Overview 0 00 0 ccc cette teens 5 2 Transmission Options 0 0 cece ccc tenet tenes 5 5 Security Options ss ssas REDE ERI ted dw uq pure V I eee hae 5 14 Static VPN Networks 0 0 0 0 ccc eee n 5 17 GRE Tunnel set to lt AI gt 20 cece 5 18 GRE Tunnel set to By Network gt 0 00 0 0 cece cee eens 5 21 Static NAT Addresses 0 0 ccc cette teen enn eens 5 24 NAT Bypass Subnets s 2 04344 re bu ER Mad RA ed tad dean dos 5 26 Static Addresses c ten dad Set hard etna bb bee ke ee 5 28 Firewall Filters Remote Profile eee 5 31 Filter Network Server isses s 5 37 Spannin
91. a filters advertise networks or create static route entries Unable to connect to anything outside the LAN from LAN host Ping the Router LAN IP address Verify cabling is correct straight cable Is the Link LED if connected to a switch or hub crossover if connected to a NIC Is the ping successful Change IP Host amp LAN IP in the address and or same subnet subnet mask Reboot host and reinitialize router Statistics Run Time Check Remote Conns AN packets received and transmitted Remote Conns 1 Repair T1 issue Verify that the Verify channels Check WAN profile encapsulation is correct match from end to Static VPN Networks and that there isn t an end Verify that authentication remote router port is mismatch enabled Add network to Static VPN Network field Correct network defined Verify that remote router has route defined back to local router s newtorks Terminal Server Router Release 2 97 C 3 Troubleshooting Unable to access the Local LAN Router unit via Telnet C4 Unable to access the Local LAN Router unit via Telnet First verify that the local Router was given an IP Address that is on the same network as the workstation Since Telnet uses the IP protocol establish that IP is functioning correctly by pinging the local unit from the workstation or by pinging the workstation from the local unit Pinging will verify that there is communication between the work
92. acters long Select the authentication User ID Local Custom Name gt Current User ID Select the protocol LocalUnit will use to authenticate all remotes CHAP Set authentication to CHAP Challenge Handshake Authentication Protocol lt PAP gt Set authentication to PAP Password Authentication Protocol lt NONE gt Disable authentication Default 7 6 Terminal Server Router Release 2 97 Basic Configuration WAN Interface Connections WAN Interface Connections This screen will display the Port Number and connection information of existing WANs The window displays one WAN initially As you set the connection type and then hit ENTER the next WAN will display Note You are not allowed to back up to the previous WAN on the list This screen will only hold 8 WANS on a page additional pages are added as needed Forcel Networks OTSR Thu Jan 3 2002 0 31 13 For help call Force1 Networks Technical Support Page 3 of 7 Select the Type of WAN Connection for each connected port Port Number WAN Connection WAN Connection Type lt PPP lt PPP lt PPP lt PPP lt PPP lt PPP lt PPP in Frame Relay gt lt Frame Relay 1490 gt For Frame Relay Set Option for PVC Management IESUS feb be bh pk pk pk pk CO mI NOE cm COM ACE COND E ENTER to go to next field ESC to exit Basic Configuration Scrollable Select the PVC Management type to be used Port Number Displays the Port Number of th
93. added type will be learned and the first 11 characters of their names will be displayed If both the server name and type are defined when the server is manually added then only servers matching both criteria will be learned Filter This field will change depending on the value set in the Selected Items field Use the SPACEBAR to place and X in this field to choose that the Router will Filter the chosen network or server Learn This field will change depending on the value set in the Selected Items field Use the SPACEBAR to place and X in this field to choose that the Router will Learn the chosen network or server 5 40 Terminal Server Router Release 2 97 Spanning Tree Profile Directory Remote Profile Spanning Tree NOTE This option displays only when Spanning Tree is Enabled on the Router CARD Profile AND the Remote Profile Mode is set to Bridge The Spanning Tree configures the setup for the Spanning Tree Algorithm To Configure Spanning Tree Profile Directory Window Forcel Networks OTSR Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile Select Configuration lt Profile Directory gt from the Main menu and ENTER 2 Select WAN lt Setup gt and select ENTER Wed Jan 2 2002 2 58 07 gt State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt Terminal Server Router Release 2 97
94. ads and downloads When new software is installed on the Router a software load verification checks and verifies that the new software is good before the unit will accept it If it is determined to be bad or damaged the Router will reject it and continue to use the original software Acceptable binary file extensions are mgm or MGM Config Authorizes the IP Address to perform configuration file uploads and downloads For uploads this selection allows the device s in the IP Address field to transfer or restore a previously backed up configuration file to the Router via TFTP For downloads this selection defines an IP Address to which a backup copy of the Router s configuration can be sent Acceptable file extensions are cfg or CFG Both Authorizes the IP Address to perform code and config file uploads downloads NOTE Code and Config uploads require a reboot of the unit before the changes take effect Terminal Server Router Release 2 97 2 9 Management Window Load Defaults Load Defaults Use the Load Defaults option to reset the Router software to the factory defaults This option will delete all configuration settings including the passwords Use the SPACEBAR to choose Yes and press ENTER If you have a Telnet connection to the unit your session will be terminated 1 Select Management Load Defaults gt from the Main Menu and select ENTER Forcel Networks OTSR Tue Jan 1 2002 1 25 03 QTSR
95. ae eee bee ee 2 3 Securtty ODtlOns sssr oser EX ERE ERE E eed 5 12 Security SNMP 00 cence eee 3 12 5 14 ACCESS sess bre rp PROP RPPOpRbAerYpxxersxX vs 3 12 Index 5 Index Address 44i i eR beeen d 3 12 Authentication by Remote 0 5 16 Community Name 00 00 ce eee 3 12 Compression ressors Kus takes washes RENE 5 16 Password ccc cece eee ees 3 9 Sectirity Server occssssas E WA RR X EEG 5 16 Typical Data 1 2 0 0 cee eee 5 16 Selected Items s svuucev se enop wees bes rS 5 39 Server IP Address 0 0 0 0 cee eeee 3 22 3 24 Services Local Profile 0 000000 4 26 Services Remote Profile 00 00 0058 5 35 Set Poll Counter o eer deen ERR yaad 7 8 Set Poll Interval 00 0 0 ccc cece eee eee 7 7 Setup Advertisement 000 c cece eee eee 4 30 Local Profile m x RR Rb os Meese es 4 6 Setup Complete 0 0 0 0 cece eee eee 7 13 Significant Bits 04 4 27 5 35 5 36 Single Ping 5 eked eae eee eee 8 4 Single Ping Status iue REDE RR ERE EPA 8 4 Continuous Ping 00 0 0 cee eee eee 8 4 IPAddress sechere paesa rnt ERE PEE PEE 8 4 MAC Address 0 00 cece eee eee eens 8 4 R sto susrest eroatera E saan ERE EE Ge 8 4 SIC Loo ORE he dea Ree eae Y Ren 3 16 SNAP occu dtustede obec ST STLPPPXASERGa 4 4 SNMP lcerereshrerereb yer eva 3 11 Glossary 2 Community Name 00 00 e eee 3
96. al network This serves to lessen the number of available device numbers while expanding the available number of physical networks Metric Enter a numeric value indicating the distance from your local network to the destination network Originally this measured by the number of gateways between the two networks the number may be modified either higher or lower to indicate a desired priority To ensure a route is considered primary the value in this Metric field must be less than that of a secondary route This field is only used on IP networks Valid entries range from 1 to 15 Please note that a value of 1 usually indicates a direct network Hops See Metric above When defining the number of hops in a given route remember to increment the actual number by 1 since your locally attached unit is counted as 1 This field is only used on IPX networks Valid entries range from 1 to 15 Terminal Server Router Release 2 97 4 11 Profile Directory Local Profile Set up Static Networks Ticks Indicates the distance between two networks as measured in time increments 1 18th of a second Only IPX Networks use this information Like hops ticks may be used to designate primary and secondary routes to the same network Although both the hops and ticks values are considered when determining routing priority for Novell networks the tick value is considered first To designate routing priority between two routes manipulate the tick value
97. alue in the Forward Mode to determine whether the packet should be passed or received To enable a filter return to the Enabled Filter Window ESC from this window and select CTRL A select filter type Custom Protocol or Address filter will be added to the Enabled Filters window NOTE Each filter even if it is not enabled will count toward the maximum number of 500 filters Terminal Server Router Release 2 97 4 21 Profile Directory Local Profile Firewall Filters Local Profile Firewall Filters Local Profile A firewall is a method for keeping a network secure from intruders by using filters to block the transmission of certain types of traffic services Once created firewalls are a security feature that allow only certain types of services to pass in and or out of your LAN Each filter consists of a set of drop pass rules that are applied in the order in which they appear on the list in other words rule 1 is applied before rule 2 and so on This set of rules constitutes a filter for the local profile and will be applied to incoming traffic outgoing traffic or both traffic types service flows Wed Jan 2 2002 1 39 06 gt LocalUnit has 2 IP Firewall Rules Service s LAN Device s WAN Device s Log Firewall 1 SHIP gt x Rules Last Any fe Window CIRL E to erase CTRL F to page forwa Hit ENTER to modify this Firewall Filter Rule Symbol Description Rule Number P
98. an an an an anan anan COD CcoCcOoCcococoCcoCcono co C EKO Pe hehh l 10 2 Terminal Server Router Release 2 97 System Reports Window View the Event Log Auto Update On or lt Off gt Time The value in this column represents the date and time that the specific event occurred Events are displayed in descending order with the most recent event displayed at the top of the screen Message This column displays the actual event that occurred on the Router Use this field to trace the activities of your Router Count If the same event occurs consecutively the value in the count column will display the number of times that the event occurred although the message will display only once Note that the time stamp reflects the date and time that the event first occurred Terminal Server Router Release 2 97 10 3 System Reports Window Alarms Alarms 10 4 This screen displays alarms that have occurred on your Router When an alarm is triggered the LED labeled CRD on the front of the Router will be RED and will remain until the alarm is cleared Unlike the System Events alarms will not increment the Count field each time they occur Each alarm will be listed separately and the Count field will display a value of 1 Alarm listings will also appear as flashing or bold text entries in the User Event Log Please note that all alarms will generate SNMP traps The Alarm Log is cleared when the Router is reinitialized 1
99. and the first 11 characters of their names will be displayed If the server name is defined when the server is manually added then only servers matching both type and name will be learned Selected Items Use this field to determine whether your Router will advertise the information listed on this window to remote units Valid field options include Do Not Advertise and Advertise If Advertise is selected checked items with X will advertise to all Remote Units in the Profile Directory If Do Not Advertise is selected checked items will not be advertised Use the CTRL A keys to manually configure a service When manually configuring a service the following prompt is displayed You must define a server type see TYPE field above however the corresponding server name may be left blank If a server name is not defined all services of the specified type will be learned regardless of the name If the server type and name are specified only server types that match both values will be learned Be aware that the NAME value is case and spacing sensitive Press ESC to save changes and return to the Local LAN Profile Setup window Terminal Server Router Release 2 97 4 31 Profile Directory Local Profile DHCP Server Client Relay DHCP Server Client Relay Use the options on this window to enable the Router to act as a DHCP server client or relay agent Workstations with DHCP Dynamic Host Configuration Protocol clien
100. ass no blank indicates Drop Services s Lists current service defined LAN Device s Lists LAN defined for this rule indicates any gt Outgoing lt Incoming lt gt Outgoing and incoming WAN Device s Lists WAN defined for this rule indicates any Log X Logged in the Event or Alarm log 4 22 Terminal Server Router Release 2 97 Profile Directory Local Profile Firewall Filters Local Profile To Add a Firewall Filter WARNING THE ADDITION OF THE FIRST FIREWALL RULE WILL AUTOMATICALLY SECURE THE UNIT AGAINST ACCESS VIA TELNET UNLESS THE FIRST RULE EXPRESSLY PERMITS TELNET TO ENSURE THE ABILITY TO TELNET INTO THE UNIT BY AT LEAST ONE REMOTE DEVICE YOU MUST CREATE A RULE INDICATING WHICH DEVICE HAS TELNET ACCESS 1 Onthe Main Menu press TAB until Configuration Profile Directory gt is highlighted and press ENTER 2 Select Setup gt on the LocalUnit LAN line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 1 35 41_ gt Profile Directory 1 Configured and 2 Enabled ene Name Frofile Type Recvu Send profile State Directory 4 Renotelnit HAN NONE NONE lt Setup gt lt Enabled gt Window o page forward Hit ENTER to configure the communication information for this profile Terminal Server Router Release 2 97 4 23 Profile Directory Local Profile Firewall Filters Local Profile 3 Tab down to Setup Static Addresses gt and scroll with the SPACEBAR
101. ation and troubleshooting procedures not during normal operation Terminal Server Router Release 2 97 C 5 Troubleshooting Statistics Statistics Run Time The Run Time is used to review data transmission information between the Local LAN unit and Remote WAN devices This option allows you to review data transmission statistics to from remote units This data will help you to monitor the Router s connection performance capabilities such as throughput compression and errors See Chapter 9 Statistics Window for more information regarding this feature System Reports The System Reports menu presents data that may be useful in identifying WAN communication problems Events C 6 The Events listing offers on going historical activity for the Router while the Alarm listing indicates events that suggest further investigation See Events on page 10 2 for more information regarding this feature Alarms This screen provides a listing of any Alarms that have occurred on the Router When an Alarm is triggered the Router LED labeled CRD will display a red indicator light which will stay on until the Alarm is cleared Each Alarm is listed separately and the Count field will display a value of 1 See Alarms on page 10 4 for more information regarding this feature Network Servers By sending out IPX and IP RIP Routing Information Protocol and IPX SAP Service Advertising Protocol packets and monitoring RIP and SAP packets from othe
102. ault of 651 Terminal Server Router Release 2 97 5 43 Profile Directory Remote Profile Trunk Port Trunk Port Use this screen to define the Router Interface 1 Onthe Main Menu press TAB until Configuration Profile Directory gt is highlighted 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Profile Directory Window page forwar o page bac Hit ENTER to configure the communication information for the remote profile 3 Select Setup lt Trunk Port gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 4 01 28 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP lt Route gt Never gt lt Disabled gt IPX lt Blocked gt Other lt Blocked gt NAT Gateway lt Disabled gt Remote Profile Window Numbered FW Allow Frags lt Disabled gt Setup Security ptions gt gt Setup st Sua gt gt Scrollable Select the item to be set up and hit ENTER 5 44 Terminal Server Router Release 2 97 WAN Port Setup Window WAN Port Setup Window with MLPPP Profile Directory Remote Profile Trunk Port Forcel Networks OTSR Mon Nov 17 2008 1 40 37_ gt WAN
103. bled Jumper RS 232 ETHERNET ETHERNET o Scrollable 2 Select with the SPACEBAR the port 1 4 to configure the Select Port to change or ESC to Exit field and select ENTER 3 This window will display the current settings of the selected port These settings will only apply if the jumper on the card is set to RS 232 Forcel Networks OTSR Wed Jan 2 2002 4 12 30 gt Please enter the settings fof ort 1 Port Type lt Eikiatee gt Port Name none Password Prompt lt Disabled gt IP Address 10 10 11 1 Prot Port 23 Baud Rate 9600 gt Data Bits gt 8 Parity Ts gt Stop Bits gt Flow Cntrl lt None gt Inactivity Timer 0 Reset on DSR Low lt Disabled gt Press ESC when finished Scrollable Use the spacebar to select the port type Terminal Server Router Release 2 97 6 3 Terminal Server Window Configuration NOTE If the portis set to Ethernet there will be a warning listed on the bottom of the window Terminal Server Setup Window with a port set to Ethernet Forcel Networks OTSR Please enter the settings fof port 3 Port Type aT ermServeryy Port Name none Password Prompt Disabled gt IP Address 0 10 11 3 Prot Port Baud Rate Data Bits Parity Stop Bits Flow Cntrl Inactivity Timer 0 Reset on DSR Low lt Disabled gt Wed Jan 2 2002 4 13 31 gt WARNING Settings for this port have no effect Port is ETHERNET Press ESC
104. bt eme edd s 4 45 8022 xo ce UE E Ut UU us Ee 4 4 pa PM 4 4 A ACCESS sus e e adit secco wg Sie i agna ta 7 12 Add a Firewall Filter Local Profile 4 23 Add a Firewall Filter Remote Profile 5 32 Addtess o iere ue e e tee 7 12 Address Filter Device Name 2 0 00 cece eee eens 4 21 MAC Address 00 0c cece eee 4 21 Address Tables Auto Update 0 cece eee eee ee 10 10 Display cs acces eae enr RR 10 10 Learned From 00 000 e cece eens 10 10 Pott Name oc ke ee he eem ees 10 11 Admin Password 0 c cece eee Uuni RERNE 2 4 security level lees 2 3 Advertise Network Server 00000 nananana 4 28 4 30 Selected Items 0 cece cece eee 4 30 Setup Advertisement 00 00 4 30 Al avin i4 oe Ue Tae Ea aie ed ee wa edens A 5 Auto Update 0 0 ee cece eee 10 5 COUN cere Leer eoe onte ceed E en eee 10 5 Message o Uv ones ware ea reds 10 5 MMV ooo oo poet aded idee eH REUS ed es 10 5 Annex D i oes eae cadi ed Ch end Glossary 1 Authenticate Events A 3 Authentication 2 0 00 sssaaa eee 5 16 by Remote 244600 E eR ee erm die ies 3 9 OEREO sige EE a E E E A E E E TAE 3 9 Protocol CHAP etus E debts 3 9 zy p 3 9 Auto Logout Timer 20 eee eee 2 3 INegotlate 5i denies oe sas hla ean tt ened Rus acy 4 45 Update NEMPE 9 3 10 5 10 10 INDEX B BZS insti td sceneries Hector ERR Ra ase es Glossary 1 Back to Back with PPP
105. c Route Encapsulation If enabled define the local and remote IP Tunnel Addresses as well as the Secured GRE Tunneled Data This field is only available if the IP protocol is set to Route All Tunnel all packets on this interface to the tunnel destination address By Network Tunnel packets based on their destination address by matching GRE network entries Note If the IP protocol is set to By Network gt establish the remote address in the Static Networks window lt Disabled gt Disable GRE tunneling NAT Gateway Enable NAT Gateway for this Router to translate addresses from all of its local devices to a specific IP Address typically assigned by an Internet Service Provider This will allow the remote device to dynamically assign a single IP Address to the Router or to configure a specific IP Address which in turn will be used by all devices on that network Enabled with GRE Tunnel lt Disabled gt Forcel Networks OTSR Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt Disabled gt IPX lt Blocked gt Other lt Blocked gt Wed Jan gt 2 2002 3 00 12_ NAT Gateway BEDPESND NAT Port Numbers lt Dynamic gt NAT Address lt Assigned by Remote NAT Port Numbers Port numbers are associated with applications that run on the workstation The NAT Gateway may translate the socket or combination of IP Address a
106. ccc cece cece ences 5 28 Device Name 0 cece eee 4 15 5 30 IP Address 0 0 0 ccc eee nee 4 15 5 30 MAC Address sre exu 4 15 5 30 Setup Static 2 2 cee eee eee eee 4 15 5 30 IP Addr6esS 4c epp Ed ert ius 4 15 MAC Address 0 00 ce cece eens 4 15 Static NAT Addresses 0 0005 5 24 12 6 Local IP Address 0 0 0 c eee 5 25 NAT IP Address oso ented seen eee ood 5 25 Static Networks 0 0 00 e cece eee 4 8 4 12 HOPS 65 4 daa eased yee Sees bn VU X VES SS 4 11 Me thie er ee 4 Gas Re Rae oe EA 4 11 NEtWOTK deese rer rp ab BOs VE Ex 4 11 Next Gateway seen 4 12 Subnet Mask 54 63054 rh o pen EEAS E 4 11 TICKS 4 REPERI eX Jaane bas 4 12 Static VPN Networks 0 0000 c cece eens 5 17 Me thie 1e RE aiaa ea P ERE 5 20 5 22 Network ve e e EX bus 5 20 5 22 Subnet Mask 00 0 0 0 cece ee eee 5 20 5 22 Statistics Run Time 0 0 0 eee eens 9 2 Auto Update isi er eek Y ere EY 9 3 Clear Totals sisstin see aea eee 9 3 Statistics Window 0 0 cc cece cece eens 9 1 Subnet Mask 05 4 11 5 20 5 22 7 10 SYS Contact o2 4 xWwetof ut X WEE HS 3 12 SYS Location 2 0 0 0 0 ccc cece ees 3 12 SYS Nate ce ses eter wae dente ee aleed 3 12 SysLog 0 cece eee ee eee 3 21 3 22 3 23 3 24 System Date and Time 0 00000 ee 2 3 System Log Message Service 3 21 3 23 System Reports Address Tables Auto Update
107. control that you have over routing choices within your network Although Router is able to dynamically learn routing information through RIP packets you may wish to disable this feature and manually enter fixed routes Disable Learning by selecting the lt Never gt option in the WAN Network Updates field on the Remote WAN Profile Setup window Static routing may be preferred if Routers that are not configured to advertise cannot utilize the automatic learning capabilities of the unit Advertising is disabled for security purposes Keeping routing tables small in order to increase LAN WAN performance Advertising is disabled to decrease traffic on the LAN and across the WAN Static routing may also be preferable when managing large networks Often times it is easier to disable the learning mode and manually enter routes rather than review each routing table entry and determine its advertising status As a static routing example let s assume that we have three networks A B and C Network B is connected to Network C via a router and to Network A via a Remote Unit Network B may not learn of Network A s existence if advertising was disabled on Router 1 Therefore if you wish to establish an entry in the routing table indicating a route between Network B and Network C you can define a static route on Network B Network A Network B Network C Unit Unit B Y Router 1 Enter a static
108. ct ENTER Tue Jan 1 2002 1 58 57 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send lt RIP1 gt Trunk gt Security Configure gt SNMP Configure gt DNS Proxy Configure gt Spanning Tree Protocol Configure gt Network Time Protocol Configure gt SysLog Configure gt DNS Resolver Configure gt Provisioned Trunk Protocol Configuration 2 All WAN connections will display in this window To select the WAN Connection Type TAB to the Type on the specific WAN Link use the SPACEBAR to select the Type PPP MLPPP PPP in Frame Relay or Frame Relay 1490 and select ENTER For more information on this window see the field definitions on the next page lt Forcel Networks OTSR Wed Oct 22 2008 60 51 58 gt Trunk Setup for local LocalUnit 8 of 24 Trunks rpg stones ata WAN Link WAN Connection WAN Connection Type Multilink Group Speed 1 A 2 1 1 lt gt lt None gt lt 64K gt 2 A 2 2 2 lt PPP gt lt None gt lt 64K gt 3 A 2 3 3 lt PPP gt lt None gt lt 64K gt 4 A 2 4 4 lt PPP gt lt None gt lt 64K gt 5 A 2 5 5 lt PPP gt lt None gt lt 64K gt 6 A 2 6 6 lt PPP gt lt None gt lt 64K gt 7 8 2 7 7 PPP gt None 64K 8 8 2 8 8 PPP gt None 64K 3 6 Terminal Server Router Release 2 97 Profile Directory Router Card Profile Trunk Trunk Setup Menu Fields WAN Link This field displays the WAN Link Number 1 24
109. ction and hit ENTER 3 Press ENTER The Trace Route window will display lt Forcel Networks OTSR Wed Jan 2 2002 5 41 53_ gt Trace Route Utility QE stHost SrcPort Local LAN gt gt SrcIP 10 0 0 1 InitialTTL 1 MaxTTL 30 Method ICMP Size 0 IP Tos 00 Don t Frag NO gt Query Number 3 Wait 1 ms Timeout 3 seconds Hop Ave Host Hit Enter to Start a Trace Route Terminal Server Router Release 2 97 8 5 Verification Window Trace Route Trace Route Utility START TRACERT gt gt After all parameters are entered select START TRACERT gt and ENTER to start the trace DstHost Destination Host Enter an IP Address or domain name to use for this query IP Address must be in the form of xxx xxx xxx xxx where xxx is between 0 255 Src Port Source Port Scroll through the available options Local LAN and Remote Units SrcIP Port Source IP Port The source IP address from any of the routers numbered IP addresses Default is the IP address of the router interface used to send the packets InitialTTL This optional parameter defines the beginning of the range of hops to query Range is 254 hops Note must be less than MaxTTL Default is 1 MaxTTL This optional parameter defines the end or the maximum of the range of hops to query Range is 2 255 hops Note must be more than InitialTTL Default is 30 Method lt ICMP gt Internet Control Message Protoc
110. ctory Router Card Profile DNS Proxy DNS Proxy The DNS Domain Name Servers Proxy specifies the IP address of DNS name servers to be used by the DHCP Dynamic Host Configuration Protocol clients 1 Select DNS Proxy lt Configure and select ENTER Forcel Networks OTSR Tue Jan 1 2002 2 11 28 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send lt RIP1 gt Trunk Configure gt Security Configure gt SNMP DNS Proxy Spanning Tree Protocol Configure Network Time Protocol Configure Configure SysLog Configure DNS Resolver Configure Configure DNS Proxy Menu 2 Type CTRL A to Add a DNS Proxy Forcel Networks OTSR Tue Jan 1 2002 2 12 32 gt LocalUnit has 0 DNS Proxys Domain Name DNS Server Site CTRL A to add CTRL E to erase CTRL F to page forward CTRL B to page back There are no items configured Terminal Server Router Release 2 97 3 15 Profile Directory Router Card Profile DNS Proxy 3 Enter the appropriate data in the following fields Forcel Networks OTSR Tue Jan 1 2002 2 13 35 gt LocalUnit has 1 DNS Proxy Domain Name DNS Server Site lv ee 0 0 0 0 Local LAN gt CTRL A to add CTRL to erase CTRL F to page forward CTRL B to page back Editable Please enter a value 4 Select ESC and lt YES gt to exit the window and save changes DNS Proxy Setup Menu Fields Domain Name Define a name for the Domain with up
111. d using one of the Static Network windows Static Fltr will appear before the network address of this entry If this is not a static route and has been selected Config Fltr will appear before the network address of this entry Only static routes for the Local Unit will display on this window IPX Server Advertising lt Forcel Networks OTSR Wed Jan 2 2002 1 42 50 LocalUnit has 0 configured and learned IPM Networks Setup lt IDTEURYS gt lt Do not Advertise gt Selected Items Network Do not Advertise CTRL F t o pa Scrollable e forward C ag Select the Network Server type to configure Servers are learned and maintained by the Router in the same way as network tables by sending out IPX SAP Service Advertising Protocol packets and monitoring SAP packets from other devices the unit learns about other servers Once a server has been discovered the information is displayed on this window Terminal Server Router Release 2 97 Profile Directory Local Profile IPX Server Advertising This window may be used in two ways depending on which Selected Items mode is chosen Do Not Advertise gt Selected Items or lt Advertise gt Selected Items The Do Not Advertise mode causes the unit to not advertise the learned services To advertise under this mode remove the X next to the server to advertise The Advertise mode causes the unit to advertise all learned services to all remotes If a sp
112. dress Tables along with Network Tables are used to determine if and where the Router should send packets 1 Onthe Main Menu TAB to the System Reports option 2 Press SPACEBAR to scroll to Address Tables Forcel Networks OTSR QTSR Main Menu Category Wed Jan 2 2002 6 04 56 QTSR Version 2 97 Selection Management Configuration Verification Statistics System Reports Exit System Time Login gt gt Profile Directory gt gt Ping Utility gt gt lt Run time gt gt Address Tables gt lt Logout gt gt Slot 3 Scrollable Use the spacebar to change the selection and hit ENTER Terminal Server Router Release 2 97 10 9 System Reports Window Address Tables 3 Press ENTER The Address Tables window will display These windows will change as different options are selected lt Forcel Networks OTSR Wed Jan 2 2002 6 05 46 gt LocalUnit has learned 1 MAC Address from 1 Port Flush learned entries lt Off gt Display MEINES Learned From lt All Ports gt Auto Update On gt MAC Address Port Name HAC Address 1 Local LAN Direct 00E0971007EE lt Forcel Networks OTSR Wed Jan 2 2002 6 06 30_ gt LocalUnit has learned 1 IP Address from 1 Port Flush learned entries lt 0ff gt Display lt I GCS Learned From lt All Ports gt fAuto Update On gt IP Port Name IP Address HAC Address Address 1 Local LAN Direct 10 0 0 1 00E097100 7
113. e Port Type Port Name IP Address Prot Port Baud Rate Data Bits Parity Stop Bits Flow Cntrl 10 10 11 1 23 9600 8 lt None gt lt 1 gt lt None gt Inactivity Timer 0 Reset on DSR Low lt Disabled gt Press ESC when finished Scrollable Use the spacebar to select the port type Terminal Server Router Release 2 97 Terminal Server Window Configuration Port Type This option only applies to ports that are set to RS 232 not Ethernet lt TermServer gt Set the port type to Terminal Server Default lt TermCompat gt Set the port type to Terminal Server with special compatibility features lt TBOS gt Set the port type to TBOS Telemetry Byte Oriented Serial port type Note TBOS is only available on TSR cards with the TBOS feature enabled This option only applies to ports that are RS 232 not Ethernet lt RawTCP gt Set the port type to Raw TCP Transmission Control Protocol Port Name A defined Port name with up to 15 characters Default is none Password The access password for the configured asynchronous port with up to 15 characters This single password shall grant or deny access to the port No other security levels such as Admin or View shall be required Note This field is not displayed for a TBOS port type Prompt lt Disabled gt Enabled This field will enable disable a visible password prompt Note This field is not displayed
114. e Profile Directory Remote Profile Firewall Filters Remote Profile This field displays the service that this particular rule affects The most common services have been pre defined however there are a select few options where you may further define the service to be filtered Name Description Finger Display information about users FTP File Transfer Protocol Gopher Document search and retrieval HTTP World Wide Web ICMP Internet Control Message Type Equal or Range Specify a number or range Number 0 65535 Start Number 0 65535 End Number 0 65535 NUM IP protocol number to be specified see Protocol Number in Firewall Filters on page B 2 for a list of these Protocols and the assigned number Protocol Number number between 1 255 NNTP Network News Transfer Ping ICMP echo request reply POP3 Post Office Protocol Version 3 SMTP Simple Mail Transfer SNMP Simple Network Management Protocol TCP Transmission Control Protocol Port Equal or Range Specify a number or range Number 0 65535 Start Number 0 65535 End Number 0 65535 Telnet UDP User interface to remote unit User Datagram Protocol WAIS Wide Area Information Services Service Establishment Use this field to establish the transmission direction that will be affected by this rule Incoming All session establishments coming from
115. e Profile GRE Tunnel set to By Network 5 Press CTRL A to add a Static IP Network Enter Network Address Subnet Mask and Metric value Note this window displays additional fields depending on the field setting for GRE Tunnel on the Remote Profile window Forcel Networks QTSR Wed Jan 2 2002 23 29 15 RemoteUnit has 1 Static IP Network Setup Static IP Networks gt VPN Features Network Subnet Mask Metric GRE Tunnel Encrypt 0 0 Static 1 CD 0 0 0 0 1 VPN gt VPN Networks Window erase CTRL F to page forward CTRL B to page bac P fiddress Subnet Mask in Dotted Decimal Notation Static VPN Networks Fields Setup Static lt IP Networks Enter the Subnet IP Address Note The host bits should all be zero Network Enter the Subnet IP Address Note The host bits should all be zero Subnet Mask Enter the Subnet Mask of the Network IP Address Metric Enter the distance in hops to the network Value must be between 1 15 VPN Features GRE Tunnel Displays the Tunnel Name defined on the VPN setup window Encrypt Not supported in this release 5 22 Terminal Server Router Release 2 97 Profile Directory Remote Profile GRE Tunnel set to By Network VPN gt Opens the VPN Setup window Forcel Networks OTSR Wed Jan 2 2002 3 32 34_ gt VPN Setup for remote RemoteUnit Tunnel data JE Tunnel Name Remote IP Tunnel fiddress 0 0 0 0 Scrollable Use the spacebar to
116. e WAN 1 24 WAN Connection Displays the connection slot port channel of each existing WAN WAN Connection Type lt PPP gt Set the connection type to Point to Point Protocol Frame Relay 1490 7 Set the connection type to Frame Relay per RFC 1490 PPP in Frame Relay Set the connection type to PPP over Frame Relay per RFC 1973 For Frame Relay Set Option for PVC Management Disabled Disables Frame Relay Annex D gt Set to Annex D which is a Frame Relay standard extension lt LMI gt Set to Local Management Interface LMI rev DLCI 1023 Set Poll Interval Range is between 5 30 Terminal Server Router Release 2 97 7 7 Basic Configuration WAN Interface Connections Set Poll Counter Range is between 1 255 Forcel Networks OTSR Thu Jan 3 2002 0 32 46_ For help call Forcel Networks Technical Support Page 3 of 7 Select the Type of WAN Connection for each connected port Port Number WAN Connection WAN Connection Type A 1 lt PPP 2 2 PPP PPP PPP PPP PPP PPP in Frame Relay Frame Relay 1490 For Frame Relay Set Option for PVC Management LMI Set the Poll Interval 19 Set the Poll Counter 6 id 1 X le si sq E Sq e For help call Forcel Networks Technical Support Page 3 of 7 Select the Type of WAN Connection for each connected port Port Number WAN Connection WAN Connection Type 1 A 1 1 1 lt PPP gt 2 A 1 2 2 lt PPP gt
117. e distributor or dealer from which you purchased the product A Return Material Authorization RMA number is required for all equipment returned to Force10 Networks Inc Call Force10 Networks Customer Support at 1 866 887 4638 US or 1 707 665 4355 International Direct for RMA number repair warranty information and shipping instructions Be prepared to provide the following information Forcel0 Networks serial number s from the system chassis or circuit card s Name of distributor or dealer from which you purchased the product Description of defect Terminal Server Router Release 2 97 Preface Notices This manual contains important information and warnings that must be followed to ensure safe operation of the equipment DANGER A DANGER NOTICE INDICATES THE PRESENCE OF A HAZARD THAT CAN OR WILL CAUSE DEATH OR SEVERE PERSONAL INJURY IF THE HAZARD IS NOT AVOIDED CAUTION A CAUTION NOTICE INDICATES THE POSSIBILITY OF INTERRUPTING NETWORK SERVICE IF THE HAZARD IS NOT AVOIDED WARNING A WARNING NOTICE INDICATES THE POSSIBILITY OF EQUIPMENT DAMAGE IF THE HAZARD IS NOT AVOIDED NOTE A Note indicates information to help you understand how to perform a procedure or vi Terminal Server Router Release 2 97 how the system works Notes should be read before performing the required action TABLE OF CONTENTS Preface rauco dT a Oe eines tage thea eee aed Rawr ngewe wees iii Warranty Procedure ecole ea resosi
118. e eens 1 6 Next Gateway seenkedex kr ret hee vs 4 12 10 8 IPX Ro tet ves rer eRnbEX 4 12 10 8 Node Type 00 0 eee eee eese 4 35 4 36 Number Bytes to Display 0 0 0000 8 8 8 9 O Operation Single Ping iiie RR RR ES 8 4 P Packet RIP 1 22 RE e eee ee 4 29 SAP oo uaskvudGox eRPbrWE ed equ Xp 4 29 Packets which match this rule 4 27 5 36 PAP sirener pas Bae bh oe aoe ES 3 9 Glossary 2 Password 0000 c eee cece eens 1 6 3 9 3 10 Pi g 4 39 4 Sacha eet a e Ex bes Glossary 2 Continuous 0 0 ccc cece eee 8 4 iro P 8 4 Single Status 2 0 0 eee 8 4 Ut lity 1225s eens Dade CERES 8 2 Port Monit r Lia cent td ooo cede RENE 8 7 Name occnsenkeeskrersuece pie ee eR Ree Y doe 10 11 Number 212v a e y RD stad eee eee NE 7 7 PPP 3 6 3 7 12 5 12 8 in Frame Relay ssc opisno eee ag Salen be te eld 3 7 Internet Connection 00 00 ce eee ee 12 3 Profile Directory bea bea pea be 4 2 6 2 Local cisci sea yieete soe UPS dU 4 2 N ti oeste ue RP Ue PI RR Rede 7 10 hun Ac T d 5 2 Protocol 05 3 4 Gh ee eERA 4 4 5 5 7 10 Glossary 2 Network Time 2 0 00 0 ce eee eee eens 3 19 Spanning Tree 3 17 4 38 5 41 Khu ETE B 1 PVG esse UR eR deae Glossary 2 R Reboot After Load Code 00 0c 2 9 After Load Config susc ES 2 9 Record Configurable 4 serie op DER Svp 4 2 Reinitialize
119. e information for the items under the Client Description list Terminal Server Router Release 2 97 4 37 Profile Directory Local Profile Spanning Tree Spanning Tree NOTE This option does not display on the Local LAN Profile Setup until Spanning Tree is enabled on the Router CARD Profile The Spanning Tree configures the setup for the Spanning Tree Algorithm To Configure Spanning Tree 1 Select Configuration Profile Directory gt from the Main menu and ENTER 2 Select LAN lt Setup gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 06 56 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Profile Router CARD Setup gt LocalUnit LAN NONE NONE lt gt Directory 1 RemoteUnit WAN NONE NONE Setup gt lt Enabled gt Window page forwar D Hit ENTER to configure the communication information for this profile 4 38 Terminal Server Router Release 2 97 Profile Directory Local Profile Spanning Tree 3 Select Setup Spanning Tree gt and select ENTER Wed Jan 2 2002 1 54 12 gt Profile Setup for LocalUnit LOCAL Frame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPX KX X X X lt Neither gt Other X IX X LAN IP LAN IPM IP Address 10 0 0 1 802 2 Ext Network 00000000 Subnet Mask 255 0 0 0 Eth II Ext Network 00000000 Default Router 0 0 0 0 SNAP Ext Ne
120. e is to always reset the router after making configuration changes Terminal Server Router Release 2 97 Router Configuration PPP Internet Connection and Public IP Address Routing PPP Internet Connection and Public IP Address Routing Router in Slot 1 ISP Router that provides the Internet connection Command Description set clockl a 1 Set primary master transmit clock source set 1 default Set Router to default settings disconnect a 1 Disconnect all connections to the T1 on the Controller slot a disconnect 1 Disconnect all connections to the router in slot 1 set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 1 LocalUnit Boulder Rename the Unit from LocalUnit default to Boulder LAN rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wanl1 set 1 1 ip address 215 168 21 14 255 255 255 0 Set the ethernet IP address in the conventional IP address format Router LAN add 1 wanl static ip network 0 0 0 0 0 0 0 0 1 Adds a static IP network route to the WAN interface set 1 wanl trunk 1 Set the WAN interface named wanl to be mapped to trunk 1 set 1 1 1 encapsulation ppp Set the encapsulation on trunk 1 to PPP reset 1 Terminal Server Router Release 2 97 Reboot the router to enable all conf
121. e network administrator to manage the list of devices and users who are authorized to perform Installation of software Backup of software and configuration settings via tftp The Router management enables a network administrator to perform a Router Code Upload from a central location via the LAN or WAN connection using TFTP A Code Download can also be performed as a backup binary image of the software Config Upload and Config Download can be performed remotely via TFTP to install and backup the Router s configuration to and from a binary file There is an additional option to upload code to the Router with the CLI command load slot tftp ip addr file name Set up the Router for Uploads Downloads 1 Select Management lt Upload Download gt from the Main Menu and ENTER Forcel Networks OTSR Tue Jan 1 2002 1 11 21 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management MUpload Download E Configuration Profile Directory gt Verification Ping Utility gt Statistics lt Run time gt System Reports lt Events gt Exit lt Logout gt Scrollable Use the spacebar to change the selection and hit ENTER Terminal Server Router Release 2 97 2 7 Management Window Set up the Router for Uploads Downloads 2 8 2 Select CTRL A to add a TFTP Upload Download User NOTE The IP Address 1 will display The denotes any IP Address on the defined Client Site Th
122. e user may define a specific IP Address for Uploads Downloads by replacing the or by Adding another Upload Download User lt Forcel Networks OTSR Tue Jan 1 2002 1 19 00 gt Feature and Release Kev Options IAM Ee No Features Activated Set OTSR has 1 TFTP Upload Download User Reboot after load code VES Reboot after load config VES IP fiddress Client Site Mode 1 10 10 2 54 Local LAN gt code gt CTRL A to add CTRL E to erase Hit or to view lists longer than display region Specify the Client Site Selections are Local LAN gt default or Remote Unit s that have been set up lt Forcel Networks OTSR Tue Jan 1 2002 1 23 14_ gt Feature and Release Key Options i e Features No Features flctivated Set OTSR has 2 TFTP Upload Download User Reboot after load code VES Reboot after load config VES IP fiddress Client Site Mode 1 10 10 2 54 Local LAN gt code gt 2 192 168 1 1 qmm lt code gt CTRL A to add CTRL E to erase Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 Management Window Upload Download Setup Menu Fields 4 For Mode specify whether the IP Address can perform code uploads downloads config file uploads downloads or both 5 Press ESC to save your changes and return to the Main Menu These changes will go into effect immediately Upload Download Setup Menu Fields Featu
123. ecific server under this mode is not to be advertised the X must be removed next to the listed server Since each server that contains an X next to it consumes a filter you should choose the approach that consumes the least number of filters For example if the Router has learned 15 services of which you want to advertise only 5 It would consume fewer filters to set the Selected Items field to Advertise and place an X next to the 5 servers to than to choose Do Not Advertise and place an X next to the 10 servers NOTE Each selected server will be counted as a filter A max of 500 filters on the system Network This field displays the network address of each learned or configured server If a server has been selected using the X key Config Fltr will appear before the network address of this entry Type The TYPE field displays the Hex value assigned to each known server When a server is added using CTRL A a Hex value must be defined If you wish to learn certain services that match a particular server type manually add an entry specifying the desired Hex value This setting will enable the unit to learn all services that match the specified service type This field may be used in conjunction with the NAME field described below Name This field displays the first 11 characters of the name of each known server If the server is manually added and a server name is not defined all servers matching the added type will be learned
124. ect 1 Disconnect all connections to the router in slot 1 Set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 1 LocalUnit Boulder Rename LocalUnit default to Boulder LAN rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wanl1 Set 1 1 ip address 1 1 1 1 255 255 255 0 f Set the ethernet IP address in the conventional IP address format Router LAN Set 1 1 phy auto Set the Physical Specifications to auto negotiate add 1 wanl static ip network 2 2 2 0 Adds a static IP network route to the WAN interface 255 255 255 0 1 Set 1 1 1 encapsulation fr Set the encapsulation on trunk 1 to Frame Relay Set 1 lmi disable Disable LMI Local Management Interface Set 1 wanl trunk 1 Set the WAN interface wanl to be mapped to trunk 1 Set 1 wanl dlci 101 Set the DLCI number reset 1 Reboot the router to enable all configurations set 12 12 Terminal Server Router Release 2 97 Denver Router in Slot 3 Command Router Configuration Denver Router in Slot 3 Description set 3 default Set Router to default settings disconnect a 1 Disconnect all T1 connections on the Controller slot a disconnect 3 Disconnect all connections to the router in slot 1 set clockl a 1 Set primary master transmit clock source set a 1 all type data Set the T1 1 of the Controlle
125. ed IP Network request to from X Triggered ETH II IP Network update to from X Terminal Server Router Release 2 97 User Events Alarms Alarms Data integrity fault detected and corrected This is logged when the unit detects and recovers from a loss of data synchronization Dedicated trunk connection on Port X lost Description Local LAN remote IPX SAP IPX RIP server name network exists at Local LAN remote MAC Address Table is full Triggered 802 3 IPX Eth II IP network update to remote fail Triggered 802 3 IPX server update to remote fail WAN data loss detected recovery action taken This is logged when the unit begins the recovery process from trunks with high error conditions Pass Drop dyn Any Protocol xx Type xx Port xx to from rem sys gt Firewall Rule rule num gt Note All alarms generate SNMP traps Terminal Server Router Release 2 97 A 5 User Events Alarms A 6 Terminal Server Router Release 2 97 APPENDIX Protocol Types In this Appendix m Protocol Number in Firewall Filters m Ethernet Protocol Types Protocol Types Protocol Number in Firewall Filters Protocol Number in Firewall Filters B 2 The Router card can filter based on protocol numbers See Firewall Filters Local Profile on page 4 22 and Firewall Filters Remote Profile on page 5 31 for instructions The following table defines the protocol numbers
126. ed Jan 2 2002 4 11 21 gt Settings for the ports are as follows Port Type TermServer TermServer Ethernet Ethernet Port Name none none none none Password Prompt Disabled Disabled IP fiddress 10 10 11 1 10 10 11 2 Pand Rete 9600 9600 i au ate tll i Data Bits 8 8 erver Parity None None Setup Stop Bits 1 1 Window Flow Cntrl None None Inactivity Timer Reset on DSR Low Disabled Disabled Jumper RS 232 RS 232 ETHERNET ETHERNET Select port to change or ESC to exit MTS gt Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 6 9 Terminal Server Window Manual Closure of a Telnet Socket 3 The RS 232 setup window will appear Exit this window with the ESC button without making any changes Forcel Networks OTSR Wed Jan 2 2002 4 12 30 Please enter the settings for port 1 Port Type MIermServer Port Name none Password Prompt lt Disabled gt IP fiddress 10 10 11 1 Terminal Prot Port 23 Server Baud Rate 9600 gt RS 232 Data Bits 8 Set Parity None gt etup Stop Bits 1 Window Flow Cntrl None gt Inactivity Timer 0 Reset on DSR Low lt Disabled gt Press ESC when finished Scrollable Use the spacebar to select the port type 4 A message will appear the bottom of the window asking to reset the socket Select lt YES gt and ENTER The window will close and the socket is now closed Forcel Networks OTSR Wed Jan 2 200
127. ed during the authentication process If None was selected in the Type field this field will be disabled Password Enter the password of the local server that will be used during the authentication process You must make sure that the password entered into the server is the same as the value entered here or the authentication process will fail If None was selected in the lt Type gt field this field will be disabled 3 10 Terminal Server Router Release 2 97 Profile Directory Router Card Profile SNMP SNMP By defining specific IP Addresses devices may be specified to manage the Local Unit via SNMP NOTE The Router is compatible with the Standard MIB and MIB II 1 Select SNMP lt Configure gt and select ENTER Tue Jan 1 2002 2 06 04_ gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send lt RIP1 gt Trunk Configure gt Security Configure gt SNMP TITE DNS Proxy Configure gt Spanning Tree Protocol Configure gt Network Time Protocol Configure gt SysLog Configure gt DNS Resolver Configure gt onfigure SNMP Menu 2 Usethe SNMP setup window to set up SNMP configurations lt Forcel Networks OTSR Tue Jan 1 2002 2 07 10 SYS Name a SYS Contact unknown SYS Location unknown rivi SNMP C i N s N A Setup ommunity Name s ame ccess Window pos read gt SNMP Trap Destinations gt Editable Please enter a va
128. eld to identify the authentication protocol to be used by remote units when authenticating this unit lt CHAP gt Challenge Handshake Authentication Protocol lt CHAP gt Secret Select ENTER and a NEW Password dialog box will display Enter a 1 15 character password and select ENTER anda RETYPE Password dialog box will display Retype password and select ENTER Password is now set NEW Password oxi RETYPE Password sxxxxxseexxx lt PAP gt Password Authentication Protocol lt PAP gt Password Same as above lt CHAP gt Password lt NONE gt no authentication protocol is the default User ID Use this field to define the local unit s User ID During the authentication process the local unit will send a name or User ID along with the authentication protocol s secret or password see above Use the SPACEBAR to scroll between lt Local Profile Name gt the default value and lt Local Custom Name gt If set at lt Local Profile Name gt the local unit will send the 11 character unit name which was defined on the Local LAN Profile screen If this field is set to lt Local Custom Name gt you may define a 32 character maximum alphanumeric value to represent the User ID which is sent during the authentication process Defining a custom User ID simply gives the end user more flexibility for this value To assign a custom User ID set the USER ID field to Local Custom Name gt and press TAB Up to ten 10 custom names ma
129. em Reports features are instrumental in diagnosing and troubleshooting the Router card Forcel Networks OTSR Wed Jan 2 2002 5 38 33 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration Profile Directory gt gt Verification MPing Utilit gt gt Statistics lt Run time System Reports lt Events lt Logout Scrollable Use the spacebar to change the selection and hit ENTER Verification The Verification section may be used to identify suspected communication problems between the local and remote devices Verification options are Ping Utility Verifies the ability of the local unit to communicate by pinging remote or local devices See Ping Utility on page 8 2 for more information on this feature Trace Route The Trace Route option is used to verify timely and reliable connections The Trace Route utility determines the path a packet follows from source to destination See Trace Route on page 8 5 for more information on this feature Port Monitor The Port Monitor is a diagnostic tool that is used to review the actual data being transmitted from or received by the local Router When the monitoring is started a hexadecimal display of each transmission as it occurs is shown See Port Monitor on page 8 7 for more information on this feature NOTE The Port Monitor decreases the throughput of the Router It should only during install
130. er to view and change all screens terminate users as well as change all three password The Enhanced Security option provides an additional level of security for the network administrator System Date and Time The time and date values are used for reporting purposes Enter the date in the following format Mmm DD YYYY Immediately follow the date with the desired time entry The appropriate time format is HH MM SS hour minute second Press TAB to proceed to the next field Daylight Savings Time Adjustment Use this field to enable or disable automatic adjustment of the system clock for Daylight Savings Time Auto Logout Timer This field defines the minutes of inactivity before the current session is terminated The default time is 30 minutes Type the desired auto logout time between 1 255 NOTE Any changes that have not been saved will be lost when the timer is activated Terminal Server Router Release 2 97 2 3 Management Window View Password 2 4 View Password Users assigned to this level may view only no changes are allowed The default VIEW password is public This field must be unique from the CONFIG and ADMIN passwords The field may be a 5 15 characters alphanumeric value Config Password Users assigned to this level may view and change all screens The default CONFIG password is config This entry must be unique from the VIEW and ADMIN passwords The field may be a 5 15 character alphanumeric value
131. ervices Service Establishment Use this field to establish the transmission direction that will be affected by this rule Name Description Incoming All session establishments coming from the local unit that match the value in the Service field will adhere to the value in the Action field Outgoing All transmissions outbound from the LAN toward the local unit that match the value in the Service field will adhere to the value in the Action field In Out Will affect both incoming and outgoing transmissions 4 26 Terminal Server Router Release 2 97 Profile Directory Local Profile Firewall Filters Local Profile Local IP Address Network IP Address of the local device or network that this rule will affect If you enter the address of a local device this rule will affect only the session establishments of the local device and the destination address entered in the Remote IP Address Network field below If this rule is to affect any local devices networks leave this field with the default asterisk symbol Significant Bits Use this field to identify the number of bits from left to right that will be used to match the IP Address field within the data packet with the value entered into the Local IP Address Network Range is between 1 32 Remote IP Address Network Enter the IP Address of the remote device or network that this rule will affect If you enter the address of a remote device this rule will affect only the sess
132. es which consist of a string of four numbers up to three digits each An operating parameter used with routers that can be set to block the transfer of packets from one LAN to another Any of a number of security schemes that prevent unauthorized users from gaining access to a computer network and or may monitor the transfer of information to and from the network A fragment of data that is packaged into a frame format which comprises a header payload and trailer Each individual short trip that packets make from router to router as they are routed to their destination Internet Protocol Local Management Interface A specification for the use of frame relay products that define a method of exchanging status information between devices such as routers A diagnostic test in which a signal is transmitted across a medium while the sending device waits for its return Glossary Mbps NTP PAP ping protocol PVC RADIUS RIP SNMP Spanning Tree SNMP TBOS T1 Glossary 2 Million Bits Per Second Network Time Protocol developed to maintain a common sense of time among Internet hosts around the world Many systems on the Internet run NTP and have the same time relative to Greenwich Mean Time Password Authentication Protocol Packet InterNet Grouper PING is a program used to test whether a particular network destination on the Internet is online i e working by repeatedly bouncing a signal o
133. ffa specified address and seeing how long that signal takes to complete the round trip No return signal site is down or unreachable Portion is returned trouble with the connection Procedure or set of rules Permanent Virtual Circuit A PVC is a permanent channel connection between two ATM devices PVC s allow network transmissions to be started without having to first establish a connection with the end point ATM device When a PVC is constructed the end points of the connection will agree upon a path in which data will travel and therefore agree upon the route that data will travel to reach its destination Remote Authentication Dial In Service RADIUS is a client server based authentication software system The software supports remote access applications allowing an organization to maintain user profiles in a centralized database residing on an authentication server which can be shared by multiple remote access servers Routing Information Protocol RIP is based on distance vector algorithms that measure the shortest path between two points on a network based on the addresses of the originating and destination devices The shortest path is determined by the number of hops between those points Each router maintains a routing table or routing database of known addresses and routes each router periodically broadcasts the contents of its table to neighboring routers in order that the entire network can maintain a synchronized database
134. field value To enable a filter return to the Enabled Filter Window ESC from this window and select CTRL A select filter type Custom Protocol or Address filter will be added to the Enabled Filters window NOTE Each filter even if it is not enabled will count toward the maximum number of 500 filters Terminal Server Router Release 2 97 4 19 Profile Directory Local Profile Defining Protocol Filters Defining Protocol Filters lt Forcel Networks OTSR Wed Jan 2 2002 1 28 20 gt LocalUnit has 0 Enabled Filters Forward Mode lt ALL Frames NOT Matching Filters Define Filter DEAE gt Filter Type Source Dest Filter Name Forcel Networks QTSR Med Jan 2 2002 1 29 11 gt LocalUnit has 1 Protocol Filter Protocol Name Ethernet Value IEEE Value 1 E 0000 00 CTRL A to Scrollabl Protocol Filter Window CTRL A to add CTRL E to erase Editable Enter a name for the filter Use this screen to define filters that are based on specific protocols being used by LAN devices These filters when enabled provide security by restricting LAN WAN access based on a specific protocol Protocol Name Filter name can be up to 7 characters Ethernet Value Enter the assigned Ethernet value for this protocol see Addendum B Protocol Types IEEE Value Enter assigned IEFE value for this protocol same as the DSAP and SSAP values in a SNAP packet NOTE Only need to identify either an Ethe
135. for the WAN Connection WAN Connection The WAN Connection displays the current connection of this WAN in the form slot port channel WAN Connection Type The value in this field determines the type of protocol encapsulation that will be used for the selected WAN PPP Point to Point Protocol Provides a standard means of encapsulating data packets sent over a single channel WAN link It is the standard WAN encapsulation protocol for the inter operability of bridges and routers MLPPP MultiLink PPP When PPP is selected and a Multilink group is chosen the WAN Connection Type will display MLPPP PPP in Frame Relay Point to Point Protocol encapsulated in Frame Relay Frame Relay 1490 A packet switching protocol for connecting devices on a WAN Frame Relay networks in the U S support data transfer rates at T1 1 544 Mbps and T3 45 Mbps speeds Frame Relay service is provided for customers who want connections at 56 Kbps to T1 speeds Multilink Group The Multilink Group will specify a trunk as part of a multilink PPP group Selection is None or 17 through lt 24 gt Available only when MLPPP connection type is selected Data Speed The Data Speed will specify the data speed for each DSO in the given trunk Selection is 56K or 64K The default is 64K PVC Management Field Description Disabled Disables PVC Management Annex D Frame Relay standard Poll Interval Range is between 5 30 Default 10 Poll
136. g Tree iiis ke RR ae ee eee PER REST HER ede eh ate 6 5 41 Trunk Port 43 406 b5 d bee deeb dae heehee od OTIO OEE aE ES 5 44 6 Terminal Server Window OVERVICW s vis vxo ep 4d ROS E EE EO ECRIRE VENERE 6 2 Configuration sssr chelsea ee ee RR A ERAN DEN See PRES A PARCEL 6 2 Manual Closure of a Telnet Socket 2 0 0 nunnana nurun runur eens 6 9 7 Basic Configuration OVEIVIEW os bien be eae XR LP eh ea en eee dh Boe ERE 7 2 Start Basic Configuration llis 7 2 Local Unit Identification 0 0 0 cect e 7 4 Routing Protocol Security 0 cece ee 7 5 WAN Interface Connections lsseeleeeee es 7 7 Remote Unit Profiles scssi e e rx pee eas ee eres te C ac UR ad 7 9 SNMP Configuration llis 7 12 Setup Complete err over ox Ed ER a e ande Rica ace ee Uh 7 13 8 Verification Window Ping Utility ete ane tubos uei nee le E E eiui dob ert 8 2 oberg TI T 8 5 Port MORBKOE Loose DeC RPG E ba ee tage MDC pet adem gie an 8 7 9 Statistics Window R n Time eein ea he Rh eo ecb RR RR e Rie ec dee Re ed ch aia 9 2 Terminal Server Router Release 2 97 ix Table of Contents 10 System Reports Window lu SPD DP 10 2 View the Event Log 0 eee em 10 2 Alarms ka bee bade eee E ha EE a eee are aE E 10 4 Networks Servers 04 64 Acca eta eee OT HEC REA be eee bee RR 10 6 Address Tables i i seiias cin bh eae be RR dG ed ode rad d 10 9 11 Exit Window Logout rive elas LOEO e o SE eek PP CU
137. g capabilities of the Local Unit Advertising is disabled so that access to certain networks may be restricted for security purposes or to decrease traffic on the LAN and across the WAN Youwish to keep routing tables small in order to increase LAN WAN performance Static routing may also be preferable when managing large networks Often times it is easier to disable the learning mode and manually enter routes rather than review each routing table entry and determine its advertising status As a Static routing example let s assume that we have three networks A B and C Network B is connected to Network C via a router and to Network A via a remote Unit Network B may not learn of Network A s existence if advertising was disabled on Router 1 Therefore if you wish to establish an entry in the routing table indicating a route between Network B and Network C you can define a static route on Network B Network A Network B Network C B Y Router 1 Enter a static route which Enter a static route which indicates that Network C indicates that Network C may be reached through may be reached through remote Unit B Router 1 To continue with this example if Network B is not configured to advertise Network C to Network A then Network A will not dynamically learn of Network C s existence If you wish to establish a route on Network A to Network C you must define a static route o
138. he desired device that can be reached via the local LAN This field is only available if the Setup Static field is set to MAC Address gt IP Address Enter the IP Address of the desired device If the static address 1s configured through the Local LAN Profile Setup screen the device can be reached via the local LAN This field is only available if the Setup Static field is set to IP Address gt Terminal Server Router Release 2 97 4 15 Profile Directory Local Profile Filters Filters Use this screen to review currently enabled data filters or to enable new filters Data filters are used to determine whether data can be sent or received on the LAN WAN based on a specific device protocol type or defined data string Data filters must be defined using the Custom Protocol and Address Filter screens prior to being enabled on the current screen Filters will not be in effect until they are added to this screen Once enabled they will adhere to the value set in the Forward Mode field 2 Select LAN Setup gt and select ENTER Profile Directory Window Hit ENTER to config Forcel Networks OTSR Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile Select Configuration lt Profile Directory gt on the Main menu and select ENTER Wed Jan 2 2002 1 06 56_ gt State Router CARD lt Setup gt LocalUnit LAN NONE NONE lt gt 1 RemoteUnit WAN NONE NONE Setup gt
139. he router 0 2 eee eee eee 1 5 connecting with Telnet 0 0 e ee eee 1 5 Continuous Ping 00 c ee eee ee ee 8 4 Continuous Ping Status Response Count 0 0 e eee eee eee 8 4 Timeout Count i e wis ares Reps 8 4 CSW is cae Bee ey OE ea eee Glossary 1 Index D Daylight Savings Time Adjustment 2 3 Default Router unnan naaa 5 10 Defining Address Filters 0 0 0 0 cece eee eee 4 21 Custom Filters i c eu ERR 4 19 Protocol Filters 0 0 0 0 eee 4 20 Device Name 354545 Kes oenina p he oes eee 5 30 Devices Local kr RR ERE IER ee 4 26 5 35 DHCP iori ES E EASIER UE Glossary 1 DHCP Server sopraano cira cece eee 4 34 4 37 DHCP Server BOOTP Relay DHCP Server 00 0 e eee eee 4 34 4 37 Domain Name 00 0 c eee eee eee 4 34 Domain Name Servers 0 0000 00 eee 4 34 Lease Duration iii 0568 vor DER EORR EUR 4 34 Name Server NBNS 0000s eee 4 35 NetBIOS Name Server 000 eue 4 35 NetBIOS Node Type 0 0 00000 eee 4 35 Node Type Sousse tales eee a 4 35 4 36 Number cs eer ERR ERRUEERREENR awe 4 34 SCOPE uade Fara p o wes pas QAAE AP EN de 4 35 DHCP Server Client Relay 40 4 32 Diagnostics and Performance Tools C 5 Display 2i err RET eae tees ERR ok eed Y 10 10 DLCI 24cm riia OUR ERE ANA 7 11 DNS PrOX Y eee ERE DERE E 3 15 DNS Server L2 bee ent eRUEDRRIPRSEEESG 3 16 Domai
140. hould be enabled Info Active Leases gt Displays the Active Lease Information below Domain Name This option is used if the DHCP Server is enabled on the DHCP Server Client Relay screen On a LAN network where this unit is the DHCP Server the Domain Name will be assigned with IP addressing information to DHCP clients This value is a maximum of 41 characters Start IP Address If this Unit is specified to act as a DHCP server enter the first valid IP Address the Unit may assign to a DHCP client This field acts in conjunction with the Number field Number Enter the number of IP Addresses that this unit may assign This field acts in conjunction with the Start IP Address field by using a contiguous block of IP Addresses Number range is 1 through 254 Lease Duration Enter the duration in hours and minutes that an IP Address assigned by this Unit will remain valid If this field is left at 000 00 the IP Address will remain valid indefinitely Domain Name Servers The Domain Name Servers option specifies the IP address of DNS name servers to be used by DHCP clients Enter the IP address of up to 4 domain name servers Terminal Server Router Release 2 97 Profile Directory Local Profile DHCP Server Client Relay Option Type Value These fields add the optional DHCP server attributes that will be advertised every time a DHCP client discovery is initiated This provisioning takes effect immediately and can only be perfor
141. iew data transmission information between the Local LAN unit and Remote WAN devices This option allows you to review data transmission statistics to from remote units This data will help you to monitor the Router s connection performance capabilities such as throughput compression and errors In this Chapter m Run Time Statistics Window Run Time Run Time Use this screen to review the statistics regarding data transmission to and from remote units All remote units that appear on the Profile Directory screen will be displayed here If no data is currently being transmitted to a specific unit the transmission fields will display 0 s 1 Onthe Main Menu press TAB until the Run time is highlighted on the Statistics option Forcel Networks OTSR Wed Jan 2 2002 5 44 47_ gt QTSR Main Menu Category QTSR Version 2 97 Slot 3 Selection Management Configuration Verification Statistics System Reports Exit lt System Time Login gt gt Profile Directory gt gt lt Ping Utility gt gt qm NN gt Events Logout Scrollable Use the spacebar to change the selection and hit ENTER 2 Press ENTER The Run time Statistics window will display Forcel Networks OTSR Wed Jan 2 2002 5 45 36 gt Run time Statistics for LocalUnit fluto Update ImW b Clear lt All gt Totals gt LAN Packet Totals Received 0 Transmitted 0 Errors 6 WAN Packet Totals Received 0 Transmitted 0
142. iggered Update Events on the Events screen This generally is an indication that the network is changing due to the addition or deletion of hardware Once the information has been exchanged these events should subside If this continues it may indicate that the number of networks or servers on the LAN exceed the Router s table capacity Set the LAN NETWORK UPDATES field located on the Local Profile window to Send or Neither and then statically configure the appropriate networks Excessive triggered update events may also be the result of information advertised to the Router by a Remote Unit If this is the case restrict advertising on the remote unit see Chapter 5 Profile Directory Remote Profile LAN Related Issues Unable to add data filters advertise networks or create static route entries The Router software will accommodate a maximum of 150 filters Data filters such as address custom or protocol filters networks advertised to no remotes firewall filter rules and all static route entries are all considered filters If you have been able to add filters in the past but are no longer able to do so this is an indication that the maximum limit has been reached We suggest that you review all created data filters advertised networks and static route entries and eliminate those that are no longer applicable See Chapter 4 LAN Local Profile Overview C 2 Terminal Server Router Release 2 97 Troubleshooting Unable to add dat
143. igurations set 12 3 Router Configuration Frame Relay Internet Connection and Public IP Address Routing Frame Relay Internet Connection and Public IP Address Routing Router in Slot 1 ISP Router that provides the Internet connection Command Description set clockl a 1 Set primary master transmit clock source set 1 default Set Router to default settings disconnect a 1 Disconnect all the T1 connections on the Controller slot a disconnect 1 Disconnect all connections to the router in slot 1 set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 1 LocalUnit Boulder Rename the Unit from LocalUnit default to Boulder LAN rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wan1 set 1 1 ip address 215 168 21 14 Set the ethernet IP address in the conventional IP address 255 255 255 0 format Router LAN add 1 wanl static ip network 0 0 0 0 0 0 0 0 1 Adds a static IP network route to the WAN interface Set 1 1 1 encapsulation fr Set the encapsulation on trunk 1 to Frame Relay set 1 lmi annexd Disable LMI to Annex D Set 1 wanl trunk 1 Set the WAN interface wanl to be mapped to trunk 1 set 1 wani dlci 101 Set the DLCI number reset 1 Reboot the router to enable all configurations set 12 4 Terminal Server Router Release 2 97 Router Configurat
144. ile Directory Window page forwar o page bac Hit ENTER to configure the communication information for the remote profile 5 14 Terminal Server Router Release 2 97 Profile Directory Remote Profile Security Options 3 Tab down to Setup lt Security Options gt Scroll through the list of options with the SPACEBAR and select ENTER Forcel Networks OTSR Wed Jan 2 2002 3 16 58_ gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel we Sout gt Never gt lt Disabled gt lt Blocked gt Remote Other lt Blocked gt Profile Window NAT Gateway lt Disabled gt WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt Be Setup gt gt Setup lt Trunk Port gt Scrollable Select the item to be set up and hit ENTER 4 The following Security Options setup window will display Forcel Networks OTSR Wed Jan 2 2002 3 17 48_ gt Security ptions Setup for remote RemoteUnit Ruthentication by remote User ID Local Profile Name LocalUnit Authentication of remote Protocol NONE User ID lt i r3 METIS RemoteUnit gt Security Server lt Loca Compression lt Disabled gt Typical Data lt Easy to Compress gt Scrollable Select User ID received from this remote unit Terminal Server Router Release 2 97 5 15 Profile Directory Remote Profile Security Options 3 16 Security Options Fields Authentication By Remote User
145. ilter the Remote WAN networks servers in two ways depending on which mode is selected The lt Filter gt mode causes the unit to learn all networks services on known networks and then advertise these services to the LAN In the Learn mode the unit will disable or restrict learning of networks services Under this mode services will only be learned if they are selected or added For example when you enter the current screen all known networks services will be displayed since the lt Filter gt mode is the default mode If you wish to restrict which services are learned you may change the Selected Items field to Learn and then enable only selected services displayed on the screen Once you exit this screen and save the changes only those services that you enabled and or added will be learned and displayed Since the Filter mode learns all services it may be most appropriate for smaller networks The Learn mode however may be best for larger networks since it allows you to restrict which types of services are learned 1 OntheMain Menu press TAB until Configuration Profile Directory gt is highlighted and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE
146. ime that the alarm first occurred Terminal Server Router Release 2 97 10 5 System Reports Window Networks Servers Networks Servers 10 6 Use this screen to review all of the networks and servers that your Local LAN Unit has learned on its Local LAN or from remote units as well as static entries By sending out IPX and IP RIP Routing Information Protocol and IPX SAP Service Advertising Protocol packets and monitoring RIP and SAP packets from other devices the Router will learn about other servers and networks The Router will constantly monitor RIP and SAP packets to ensure that the status of the network or server has changed Should a RIP or SAP packet indicate a change in status the Router would update the data in the table and send the information to all enabled remotes to exchange the updated data This screen will change depending on the values in the Display and Learned From fields 1 On the Main Menu TAB to the System Reports option 2 Press SPACEBAR to scroll to Networks Servers Forcel Networks OTSR Wed Jan 2 2002 6 01 23 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration Profile Directory gt gt Verification Ping Utility gt gt Statistics lt Run time gt gt System Reports A OAA gt Exit lt Logout gt gt Scrollable Use the spacebar to change the selection and hit ENTER Terminal Server
147. ink Bottom LED indicates 10M Link Green Link but no activity Red Flashing Green Flashing Current Ethernet collision Current Ethernet receive Yellow Flashing Port Set for RS 232 Current Ethernet transmit TOP LED Bottom LED Description Yellow Off No Activity Yellow Flashing Yellow Current transmit Yellow Flashing Green Current receive Terminal Server Router Release 2 97 Troubleshooting Identify Alarm Display Alarms To display Router alarms On the Main Menu System Reports option select Alarms gt or use the SPACEBAR to scroll to Alarms if not displayed Scrollable Forcel Networks OTSR QTSR Main Menu Category Wed Jan QTSR Version 2 97 Selection Management Configuration Verification Statistics System Reports Exit System Time Login gt Profile Directory gt gt Ping Utility gt gt lt Run time gt i gt gt lt Logout gt gt 2 2002 5 99 26_ gt Slot 3 Use the spacebar to change the selection and hit ENTER Terminal Server Router Release 2 97 Troubleshooting Clear Alarm This Window provides a listing of any Alarms that have occurred on the Router Each Alarm is listed separately and the Count field will display a value of 1 See Alarms on page 10 4 for more information regarding this feature Forcel Networks QTSR Wed Jan 2 2002 6 00 31 gt fllarm Log for LocalUnit Auto Update l
148. ion Internet Connection using PPP NAT PAT and Firewall Filters Router in Slot 1 Internet Connection using PPP NAT PAT and Firewall Filters ISP Router that provides the Internet connection Router with NAT PAT and Firewall Filters Command Description set clockl a 1 Set primary master transmit clock source set 1 default Set Router to default settings disconnect a 1 Disconnect all connections to the Controller T1 a 1 disconnect 1 Disconnect all connections to the router in slot 1 set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 1 LocalUnit Boulder Rename LocalUnit default to Boulder LAN rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wanl Set 1 1 ip address 192 168 21 14 Set the ethernet IP address in the conventional IP address 255 255 255 0 format Router LAN set 1 wanl nat enable Set the WAN interface named wanl1 enable NAT mapping set 1 wanl nat port dynamic Set the WAN interface named wanl to set NAT port mapping to be dynamic set 1 wanl nat address 216 174 44 2 1 Set the WAN interface named wanl NAT address add 1 wanl static ip network 0 0 0 0 Adds a static IP network route to the WAN interface 0 0 0 0 T add 1 wanl firewall 1 pass incoming Adds a Firewall rule to the WAN Where Xxx XXX XXX XXX
149. ion establishments of the remote device and the device network address entered in the Local IP Address Network field above If this rule is to affect any remote devices networks leave this field with the default asterisk symbol Significant Bits Use this field to identify the number of bits from left to right that will be used to match the IP Address field within the data packet with the value entered into the Remote IP Address Network Range is between 1 to 32 lt Packets which match this rule Use this field to indicate whether a rule match should trigger an Alarm or Log entry Blank A transmission match will not trigger an Alarm or Events log entry Alarm A transmission match will trigger an Alarm entry Log A transmission match will trigger an Events log entry Log or Alarm entries may also be useful when a specific security issue is at stake For example if your security policy does not permit Telnetting you may wish to keep track of all Telnet attempts As a general rule however we do not recommend keeping a log of all rule matches since this may impact system performance and may cause an Event or Alarm screen overflow NOTE When enabled a single event alarm will be logged for all TCP session initiations An event alarm will be logged for each packet for all UDP transfers UDP traffic should typically not be allowed across a firewall NOTE AII firewall rules are considered filters and will be applied toward the
150. it will not accept RIPs and SAPs from the LAN Local Remote Unit Unit 4 Send network service information from remote to LAN When this field value is set to Receive the Local Unit will monitor the RIPs and SAPs on the LAN learn the available networks and services and then pass this information on to the appropriate remote units on the WAN Network information from the WAN however will not be broadcast to the LAN LAN Local Remote p Unit Unit lt Receive gt network service information from the LAN and send to the Remotes The lt Neither gt value will not allow the Local Unit to send or receive information regarding networks and services on the LAN Terminal Server Router Release 2 97 4 5 Profile Directory Local Profile LAN IP LAN IP IP Address This is the IP Address ofthis Router used to uniquely identify the device on the internetwork The default for this IP Address is 10 0 0 1 Subnet Mask A subnet mask determines which bits in the IP address are used to identify the network number The default for the Subnet Mask is 255 0 0 0 Default Router This is an optional entry depending on your network configuration Use this field to identify a router that 1s physically connected to your LAN If the Router receives a packet which contains a network that is not known
151. ithout notice Force10 Networks does not assume any liability that may occur due to the use or application of the product s described herein Corporate Contact Information Technical Assistance Center Forcel0 Networks Inc E mail access support Force10Networks com 350 Holger Way Phone US 866 887 4638 San Jose CA 95134 1362 Phone International Direct 1 707 665 4355 Phone 1 866 571 2600 or 1 408 571 3500 www ForcelONetworks com Supporting Software Versions TSR Software Release 2 97 Adit 600 Controller Release 10 1 1 PREFACE Warranty Forcel0 Networks Inc warrants to BUYER that Product Hardware will be free from substantial defect in material and workmanship under normal use in accordance with its Documentation and given proper installation and maintenance for period of five years from the date of shipment by Force10 Networks Force10 Networks warrants that the Licensed Software when used as permitted under its License Terms and in accordance with the instructions and configurations described in the Documentation including use on Force10 Networks product or a computer hardware and operating system platform supported by Force10 Networks will operate substantially as described in the Documentation for a period of ninety 90 days after date of shipment of the Licensed Software to BUYER This warranty shall not apply to Products or Software that have been either resold or transferred from BUYER to any other party
152. k to the Router then communications are operating normally If no echo returns then further investigation is needed Devices must be running TCP IP software in order for the ping to be successful A single ping may be used where only one packet is sent to the device being tested or a continuous ping to the device until you manually terminate the test Continual pinging may help identify intermittent communication problems Please note that when pinging a device on a remote LAN it is not unusual for the first ping to fail NOTE In order to perform LAN port testing the selected frame type must be Ethernet Il and the Router s IP Address must be configured 1 On the Main Menu press TAB until the Ping Utility is highlighted on the Verification option Forcel Networks QTSR Wed Jan 2 2002 5 38 33 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration Profile Directory gt gt Verification Ping Utilit gt gt Statistics lt Run time System Reports lt Events Exit lt Logout Scrollable Use the spacebar to change the selection and hit ENTER 2 Press ENTER The LAN Port Verification window will display 6 2 Terminal Server Router Release 2 97 Verification Window Ping Utility 3 To initiate a Ping select START PING Single Ping gt scroll to Continuous Ping if desired and select ENTER The Ping process will begin
153. lOD cep KON ot KEY Se AE ER oles a Eus 7 12 login setup cst ede ec ee TE 2 2 Logout sos ches nena ogee eo t geen cess ee esse es 11 2 Loopback i c emen Glossary 1 M MAC Address lllsssesss 4 21 5 30 8 4 Management OVerVIeW xoxo aerea X PPP RE ewes 2 2 Window eeeeee en 2 1 Mask Subnet eos no re E V EE Ee 4 11 MDDS vb RERREIEUREIEERPECOR ERE es Glossary 2 Metti iuo RE EARS 4 11 5 20 5 22 10 8 Mode Forward 0 0 0 eee cence eee 4 18 N Name suoi RXWReRXGO UR 3 12 5 40 7 12 Device iiec phe kRR DR PIA RR Een 4 15 4 21 Remote cascos ox erkexd peas sex ase X gs 9 3 Server NBNS 0 00 c eee eee eee 4 35 NAT Addresses oo RR RE RETE A ES 12 6 Bypass Subnets s sesosese s emeti atap ESES 5 26 Gateway ccce cese ee SCR aon AUN bc 5 6 IP Address 1 0 ccc cc cece en cect 5 25 NAT PAT iere e COR Gece ees 12 5 NetBIOS Naitie Server ilu esee A ee i 4 35 Node Type 0 0 cece ce eee eee eens 4 35 Network 000 4 11 4 30 5 20 5 22 5 40 Network Time Protocol 0 00 00 e eee 3 19 Networks Servers Brame Type 2 ust owe ia tee doh 10 8 HOPS tuu Decem re ees eared ene Were A os 10 8 Metric orci tenentes ut ec Paene d 10 8 Name ecc a 10 8 Network lees 10 8 Next Gateway 0 cee ee eee eee eee 10 8 Next IPX Router seere sestese na Ere aaan 10 8 MERS rar a A AEN teda EAT 10 8 bu EE IE 10 8 Index 4 New Password 00 0 cece eee ee
154. le 2 0006 4 25 Rule 1 Remote Profile 05 5 34 R n lIume 3 0 cate dewey canned EASIER ERNE ema EA 9 2 Auto Update 2 0 0 0 eee 9 3 Clear Totals i eve REPE EE SDRMPpESURER SE 9 3 Al 2e RLRU UR ERE REY A URP E ERR 9 3 LAN uepesepobperbsu hae se EXE STA 9 3 WAN ix bete I eR P E EEE 9 3 Comp Ratio to from WAN 006 9 4 EtfOIS ciernu DARECRE ER eR ECL bees 9 3 Forwarded to WAN 00 00 e cece eee 9 4 LAN Packet Totals 0 0 0 0 00000 eee 9 3 Statistics voce x UEDRE VUE RURPERQURER P 9 3 Received 2225 fics Shh be ea CORR See ee 9 3 Remote Connections 0000 e eee 9 4 Remote s Name 0 0c eee eee eee 9 3 Throughput to from WAN 02 000 9 4 Transmitted ossis oeseri a ee 9 3 WAN Packet Totals nuanua 9 3 S SAP eiiiai ee dpt eerte A 4 5 SCOPE 4 cs 20a isha seve hose woes hee ees 4 35 Secondary IP Address 00 000 eee 4 41 SeCUFILy a oes pe ad er ods eee ener ur ERA 3 8 Address ose teer RR e 3 10 Authentication by Remote 3 9 Authentication of Remote 05 3 9 CHAP cres 3p pia ceed aahew Ogee a ag E ERE EU 3 9 Local Security Server 00000 e eee 3 9 Password 42i WEDEXNE UE da 3 10 SETVE PPP hee ae he ee eee 5 16 WV PC T 3 9 UserID eec eereRPREER DEC Ce PEE 3 9 Security Level L View xcu EC PE HER CR Ee 2 3 2 CONN Es deen ose anetaw EXE E E 2 3 3 Admin secsi e
155. lect Setup Static NAT Addresses scroll with the SPACEBAR to select this option and select ENTER Wed Jan 2 2002 23 34 04 Protocol Mode Updates I Route gt Never gt R IPX lt Blocked gt emote Other lt Blocked gt Profile Window NAT Gateway lt Disabled gt WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt _ Setup CIEISPITBE TREES gt gt Setup lt Trunk Port gt Scrollable Select the item to be set up and hit ENTER 4 Select CTRL A to add a Static NAT Address Forcel Networks OTSR Wed Jan 2 2002 3 34 51_ gt RemoteUnit has 1 Static NAT Address List Stati Local IP Address NAT IP Address TypePort Local Port NAT Port atic Addresses 1 OMEN 0 0 0 0 Window Local IP Address Enter the IP Address of the local device NAT IP Address Enter the NAT IP Address of the target device TypePort lt ALL gt Selects all port types lt UDP gt Selects UDP port types Local Port Enter a local port Range 1 65535 NAT Port Enter a NAT port Range 1 65535 lt TCP gt Selects TCP port types Local Port Enter a local port Range 1 65535 NAT Port Enter a NAT port Range 1 65535 Terminal Server Router Release 2 97 5 25 Profile Directory Remote Profile NAT Bypass Subnets NAT Bypass Subnets Use this window to define NAT Bypass Subnets which will create a list of source addresses that will not be subject to NAT translation when passing thr
156. ler slot a disconnect 1 Disconnect all connections to the router in slot 1 set clockl a 1 Set primary master transmit clock source set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 1 LocalUnit Denver Rename LocalUnit default to Denver LAN rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wanl1 Set 1 1 ip address 2 2 2 1 255 255 255 0 Set the ethernet IP address in the conventional IP address format Router LAN set 1 1 phy auto Set the Physical Specifications to auto negotiate set 1 wanl rip ip updates never Set wan1 to not send RIP updates add 1 wanl static ip network 1 1 1 0 255 255 255 0 1 Adds a static IP network route to the WAN interface Set 1 1 1 encapsulation ppp Set the encapsulation on trunk 1 to PPP set 1 wanl trunk 1 Set the WAN interface wan1 to be mapped to trunk 1 reset 1 Terminal Server Router Release 2 97 Reboot the router to enable all configurations set 12 9 Router Configuration Back to Back with Multi Link PPP Back to Back with Multi Link PPP The following configuration will set up two Adit 600 Routers back to back with Multi Link PPP 12 10 Boulder Router in Slot 1 Command Description set 1 default Set Router to default settings disconnect a
157. ligation and BUYER s exclusive remedy for any breach of the software warranty will use commercially reasonable efforts to at its option a correct any reproducible error in the Licensed Software or b replace the defective Licensed Software as follows Should a Severity 1 or 2 warranty defect with the Software occur during the 90 day warranty period Force10 Networks will provide in its sole determination either 1 software to resolve the defect to be downloaded into the affected units by the BUYER or 2 a documented workaround to address the issue Severity 1 issues are failures of the Licensed Software to comply with the Force10 Networks software specifications and that completely or severely affect the Force10 Networks Product and its traffic or service capacity or maintenance or monitoring capabilities Severity 2 issues are failures of the Licensed Software to comply with the Force10 Networks software specifications and that result in a major degradation of the Force10 Networks Product so as to impact its system or service performance or significant impairments to network operator control or effectiveness Should a Severity 3 warranty Preface defect with the Licensed Software occur during the 90 day warranty period Force10 Networks will provide assistance to Buyer to determine if a solution or workaround will be provided in a subsequent software release following the reported issue Severity 3 issues are defined as failures of
158. llle eese 11 3 Remote Connections 0 00 eee ees 9 4 NaMe svi e Foo SRE QE RS 8 8 9 3 Terminal Server Router Release 2 97 Profile 1r CEREREM CURVAS 5 1 5 2 Security s cetuersses ure P EY PERaUq uad 5 12 Remote IP Address Network 4 27 5 36 Significant Bits 0 0 eee eee 4 27 5 36 Remote Profile Default ROUt r eeczu ks ces eee ies EA 5 10 Filter Network Server 005 5 12 5 37 Firewall Filters 5 eoelebERe RE 5 12 5 31 FW Allow Frags 00 00 cece eee 5 11 GRE T nnel sce eacu ss vas ernir Eser eens 5 6 Mode ee 5 5 NAT Bypass Subnets 0 000005 5 26 NAT Gateway 0 ccc cee eee 5 6 Numbered sce es ee ae ne RO eae Meee RR 5 9 Protocol RR Re bea OS eee 5 5 RemoteUmtt 5 5 55 6h secerges 6 59 hee ae EAS 5 4 Security Options 0000 e cee eee ee 5 12 Security SNMP isis esas eR EUER 5 14 Mange m 5 12 Spanning Ttee i v tu meas ean p Ea 5 41 Static Addresses 2 1 0 0 00 cece eee 5 12 5 28 Static NAT Addresses 0 000000 ce uee 5 24 Static Networks 0 0c c cece eee ene 5 12 Static VPN Networks 0 000 c eee 5 17 Subnet Mask 3 22 3 24 3 26 5 9 Tink POPE ocu ERR RR LUE Ox 5 44 WAN Network Updates 000 5 5 RemoteUnitt ou eR RU VERS ENSE 5 4 RemoteUnit Profile 0 0 00 eee eee 7 9 Protile Name oec EUR He eee eR rA 7 10 Protocol iecore Gee Ee EX ES 7 10 IP ETE 7 10 IPX i
159. lue Terminal Server Router Release 2 97 3 11 Profile Directory Router Card Profile SNMP SNMP Setup Menu Fields SYS Name Set the value of sysName Value has a maximum of 64 ASCII characters SYS Contact Set the value of sysContact Value has a maximum of 64 ASCII characters SYS Location Set the value of sysLocation Value has a maximum of 64 ASCII characters SNMP Community Name s Use these fields to specify the community name address and access privileges of devices needing to communicate with the Local LAN unit through SNMP If no IP Addresses is defined on this screen any device may access the local unit using the IP Address assigned on the Local LAN Profile Setup screen regardless of the specified community name The values entered in these fields will be used by the SNMP program as verification of entry into the unit Name Enter the community name s of the device to access the Local LAN unit through SNMP Community names entered into the SNMP program MUST match the values entered here or access for remote management will not be allowed The default community name is public new community names can have a maximum of 10 characters Address Enter the corresponding IP Address of the device s that were entered in the Name field Access Read device is allowed to view the settings but cannot make any changes Write device is allowed to make changes but not view settings Both device is allowed
160. m as specified in the IEEE 802 1D specification See Spanning Tree on page 4 38 for more information lt Secondary IP Address gt Add a secondary IP address and subnet to the specified LAN interface The router will then be capable of routing between the various subnets on the LAN interface or between any of the LAN subnets and any WAN subnet A maximum of 8 secondary IP addresses can be added to the LAN interface See Secondary IP Address on page 4 41 for more information Link Speed Sets the Ethernet PHY mode and speed for the Router Note it is highly recommended that this setting be left at auto negotiation Connection of Ethernet devices with incompatible settings can lead to severe performance degradation and errors on a network See Link Speed on page 4 44 for more information Terminal Server Router Release 2 97 4 7 Profile Directory Local Profile Static Networks Static Networks Static networks allow fixed or pre determined routes which increases the control over routing choices within your network Although the Router is able to dynamically learn routing information through RIP packets you may wish to disable this feature and manually enter fixed routes Disable Learning by choosing the lt Neither gt option in the LAN Network Updates field on the Local LAN Profile Setup screen Static routing may be preferred if Routers within a network are not configured to advertise thereby escaping the automatic learnin
161. med when the DHCP server is enabled Once the option number is entered the other fields become active Option Range is 1 254 Options tags are unique duplicate numbers will be rejected 0 off Reserved numbers 6 15 44 46 47 50 51 53 54 and 61 The operator will be notified when exiting this window that a Reserved or Duplicate Option number has been used and will direct you to modify the option number Type Value lt Bool gt Boolean uses true false lt 1Byt gt lt 2Byte gt lt 3Byte gt lt 4Byte gt sends a value in 1 2 3 or 4 bytes lt IP gt IP Address in the form xxx xxx xxx xxx where xxx is a number from 0 to 255 lt TEXT gt String with a maximum of 50 characters enclosed in quotes NetBIOS over TCP IP Node Type This option allows NetBIOS over TCP IP clients which are configurable to be configured as described in RFC 1001 1002 The value is specified as a single octet that identifies the client type 1 B node 2 P node 4 M node 8 H node Scope The Scope is a DHCP option that represents a grouping of computers on a subnet using the same NetBIOS name This name has a maximum of 41 characters Name Server NBNS This option specifies a list of RFC 1001 1002 NBNS name servers listed in order of preference Enter the IP address and subnet mask of the NBNS servers Terminal Server Router Release 2 97 4 35 Profile Directory Local Profile DHCP Server Client Relay DHCP Mode lt Rela
162. minal Server Router Release 2 97 Profile Directory Remote Profile GRE Tunnel set to By Network GRE Tunnel set to By Network 1 Select Configuration Profile Directory gt from the Main Menu and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks QTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Profile Directory Window o page forwar o page Hit ENTER to configure the communication information for the remote profile 3 Set GRE Tunnel to By Network gt 4 Select Setup lt Static VPN Networks gt scroll with the SPACEBAR to through the options and select ENTER Forcel Networks QTSR Wed Jan 2 2002 23 28 01 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt By Network gt IPM Blocked gt Other lt Blocked gt Remote NAT Gateway lt Disabled gt Profile Local IP Tunnel Address lt Assigned by Remote gt Window WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt _e Setup lt SHEMSTeA TUTE Ta RS gt gt Setup lt Trunk Port gt Scrollable Select the item to be set up and hit ENTER Terminal Server Router Release 2 97 5 21 Profile Directory Remot
163. n Name essere 3 16 SHE chose paru PX FRATRE ETRREREPIS STE 3 16 DNS Resolver 0 0c eee eee eee eee 3 23 DNS Server opes pe XA DER pelea E 3 16 Domain Name 2 0s eee eee 3 16 4 34 E Enhanced Security 00 cece eee eee swis 2 5 BSC Key ise sentient anche PEE EP ia ENS 1 2 Eth oven ent CURRINGRUERNURERLPPERUERERSA 4 4 Events pb prb er EDEN ERREUR Er 10 2 Authenticate odere ur LEE RREEEGXGG Rx A 3 COUDE i es Rap tec temet deed 10 3 M SSAge ss seen ER see eee ea ORE Re 10 3 THM x Pee ea a ERE ERR RS 10 3 Triggered ccr erEEVurESS eee aed ee A 4 User sath Gh et Geb eis bce bch HE TP A 2 Excessive Triggered Update Events C 2 EXIt yo LR METER UE PR ONERE EARS 11 1 Logout 2246 cce0s eee eee esas ee eae Bee 11 2 Reinitialize llle 11 3 Exiting essas eneen ER RES As ee 11 2 11 3 Index 2 F Facility neheeeti ed rgqene v E SENSO 3 22 Fields Edit iss iR RPEVODE SNP OPS NR 1 3 Scroll bec REDE hee 4a ek HR ee Ro 1 3 DEIECE dope apt EN eter ne ia 1 3 Filter 422m eee ees 5 40 Glossary 1 Filter Network Server eee 5 37 Filtet p 2o EERERR bead A4 RETE 5 40 Lat cuedu nud ole eee One a Been 5 40 Na Me cne Rer does Sake aol wae eee 5 40 Network preser sieves ties thx ee bx b VS 5 40 Selected Items Falter Liearn x o3 2 6 5 9 ewee nk oe nena eda 4 5 39 SelUD sis beets dette based aed eee eas 5 39 Type aes hase eres bx ERE 5 40 Falters ie penea e a
164. n Network A that indicates that Network C may be accessed through remote Unit B To set up a static route you must define the following routing information The address of the network you wish to reach How far away from the local LAN the network is located in terms of metric measurement or hops depending on the protocol Whether the network can be reached on the local LAN via the LAN port or through a remote unit 4 6 Terminal Server Router Release 2 97 Profile Directory Local Profile Set up Static Networks If you are using the local LAN you will also need to define the address either IP or MAC depending on the protocol of the first gateway 1 e router you will use to reach the network you are defining It is important to note that if the static network 1s reached via a remote unit it must be defined by choosing the SETUP Static Networks option on the corresponding Remote WAN Profile Setup screen Static networks that are reached via the local LAN must be defined by choosing the SETUP Static Networks option on the Local LAN Profile Setup screen NOTE All static routes are considered filters and will be applied toward the maximum allowable number of 500 filters IP Networks An Internet Protocol Network IPX Networks Internet Packet Exchange Network A Novell NetWare s native LAN communications protocol Set up Static Networks 1 Select Configuration Profile Directory gt from the Main menu
165. n of how data transmission will occur on the LAN port This includes defining the protocol s that it will use to send and receive data defining security protocols specifying which LAN servers and networks will be advertised to WAN units and establishing specific data filtering options The LAN profile is used in conjunction with the WAN profiles The WAN profiles identify which remote units the local unit can communicate with as well as the data transmission requirements of each remote In addition to the fields on this screen there are several other areas that directly relate to the communication abilities of the Router You may use the fields at the bottom of this screen to access the following areas Defining static addresses at the local unit Establishing static networks Establishing Remote WAN advertising Establishing DHCP Server Client Relay agent parameters Defining firewalls Defining data filters The Router can accommodate a maximum of 500 filters such as those created when establishing static routes or data filters The following entries consume a filter Configured address custom and protocol filters Static IP networks and static IPX networks Enabling any learned items listed on the Advertise Network Server screen or Filter Network Server screen Static IP and MAC Addresses Firewall filters In a large network it is necessary to selectively use of each of these options so that the number
166. ncoming WAN Device s Lists WAN defined for this rule indicates any Log X Logged in the Event or Alarm log Terminal Server Router Release 2 97 5 31 Profile Directory Remote Profile Firewall Filters Remote Profile To Add a Firewall Filter WARNING THE ADDITION OF THE FIRST FIREWALL RULE WILL AUTOMATICALLY SECURE THE UNIT AGAINST ACCESS VIA TELNET UNLESS THE FIRST RULE EXPRESSLY PERMITS TELNET To ENSURE THE ABILITY TO TELNET INTO THE UNIT BY AT LEAST ONE REMOTE DEVICE YOU MUST CREATE A RULE INDICATING WHICH DEVICE HAS TELNET ACCESS 1 On the Main Menu press TAB until Configuration Profile Directory gt is highlighted and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Profile Directory Window page forwar o page bac Hit ENTER to configure the communication information for the remote profile 5 32 Terminal Server Router Release 2 97 Profile Directory Remote Profile Firewall Filters Remote Profile 3 Tab down to Setup lt Security Options gt and scroll with the SPACEBAR to Firewall Filters Press ENTER Forcel Networks OTSR Wed Jan 2 2002 3 42 49 Profile Setup for RemoteU
167. nd TCP port number lt Dynamic gt IP Address and the port number will be translated lt Preserved gt NAT Gateway will only translate the IP Address This should only be set to lt Preserved gt if an application you are using requires a specific port number NAT Address Use this field to define the IP Address for the Local LAN tunneling or NAT Gateway device lt Assigned by Remote gt lt Configured gt with Configured selected the following fields are displayed Address Enter the Local IP Tunnel Address Subnet Mask If you are only GRE Tunneling this will probably be your local IP Address in the Local Profile If the address is dynamically assigned the Local Unit will receive an IP Address from this remote device Number of NAT Addresses With a setting of NAT addresses to greater than 1 you a pool of public addresses is created from which the NAT translation will draw Range is between 1 255 Terminal Server Router Release 2 97 Profile Directory Remote Profile Transmission Options Enabled with GRE Tunnel By Network Forcel Networks OTSR Profile Setup for RemoteUnit WAN Network Wed Jan 2 2002 3 03 42_ gt Protocol Mode Updates GRE Tunnel IP Route Never gt MBu Networki IPX lt Blocked gt Other lt Blocked gt NAT Gateway lt Enabled gt NAT Port Numbers lt Dynamic gt NAT and Local IP Tunnel Address lt Assigned by Remote NAT Port Numbers See definiti
168. nge is 0 512 Terminal Server Router Release 2 97 Verification Window Port Monitor Direction Use this field to define the direction to trace Both lt Transmit gt or lt Receive gt The following an example of a Port Monitor trace gt gt gt Sending gt gt gt Time 2 55 31 msg 0001 WAN WAN 2 14 octets ESC to stop 00 00 01 03 08 00 75 95 01 01 00 03 02 67 66 FR DLCI 0 Bridged Eth lt lt lt Receiving lt lt lt Time 2 55 31 msg 0002 WAN WAN 2 19 octets ESC to stop 00 00 01 03 08 00 7D 95 01 01 00 03 02 67 67 07 03 10 06 A0 82 FR DLCI 0 Bridged Eth lt lt lt Receiving lt lt lt Time 2 55 38 msg 0003 WAN WAN 2 100 octets ESC to stop 00 18 41 03 CC 45 00 00 60 E5 IF 0000 7F 11 81 AA 10 14 14 00 03 CO A8 00 04 00 89 00 89 00 4C 48 OF FR DLCI 100 IP IP4 HDR src 20 20 0 3 dst 192 168 0 4 ttl 127 len 20 UDP HDR Ports src 137 dst 137 len 76 cksum is 480F cacl 0 gt gt gt Sending gt gt gt Time 2 55 38 msg 0004 WAN WAN 2 100 octets ESC to stop 00 18 41 03 CC 45 00 00 60 ES IF 00 00 7E 11 82 AA 10 14 14 00 03 CO A8 00 04 00 89 00 89 00 4C 48 OF FR DLCI 100 IP IP4 HDR src 20 20 0 3 dst 192 168 0 4 ttl 126 len 20 UDP HDR Ports src 137 dst 137 len 76 cksum is 480F cacl 0 Terminal Server Router Release 2 97 6 9 Verification Window Port Monitor 6 10 Terminal Server Router Release 2 97 CHAPTER Statistics Window The Statistics window is used to rev
169. nit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt Disabled gt IPK lt Blocked gt Remote Other lt Blocked gt Profile Window NAT Gateway lt Disabled gt WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt _ _ P Setup STETTHIBBSEEC ES gt gt Setup lt Trunk Port gt Scrollable Select the item to be set up and hit ENTER 4 Select CTRL A to add an IP Firewall Rule Forcel Networks OTSR Wed Jan 2 2002 3 43 44_ gt RemoteUnit has 0 IP Firewall Rules Firewall Service s LAN Device s WAN Device s Log Filters Window CTRL A to add CTRL to erase CIRL F to page forward CTRL B to page back There are no items configured Terminal Server Router Release 2 97 5 33 Profile Directory Remote Profile Firewall Filters Remote Profile 5 34 5 Enter the parameters of the rule select ESC to close the window and save the configuration See below for a description of all fields for the Firewall Setup window Forcel Networks OTSR Wed Jan 2 2002 3 44 26_ gt IP Firewall Setup for remote RemoteUnit Rule Number 10 Action lt Pass gt Service lt SMIP gt Service Establishment lt Qutgoing gt Local IP Address Network Remote IP flddress Network lt gt Packets which match this rule Editable Enter the position for this rule Firewall Filters Fields Rule Number The rule number defines the
170. nsmission may be viewed as it occurs The number of packets that are displayed is determined by the value given at the Number of bytes to display for each packet prompt When attempting to determine a transmission problem it may be useful to print the hex displays for further analysis NOTE The Port Monitor should only be used for installation verification and PPP negotiation verification Under normal operation the Port Monitor should not be used as it will decrease performance and if used for an extended period of time it may cause service interruption 1 On the Main Menu press TAB until the Ping Utility is highlighted on the Verification option 2 Press SPACEBAR to scroll to Port Monitor Forcel Networks OTSR Wed Jan 2 2002 5 42 40 QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration Profile Directory gt gt Verification MPort Monitor gt gt Statistics lt Run time System Reports lt Events Exit lt Logout Scrollable Use the spacebar to change the selection and hit ENTER Terminal Server Router Release 2 97 8 7 Verification Window Port Monitor 3 Press ENTER The Port Monitor window will display along with a warning that using the Port Monitor will degrade performance Forcel Networks QTSR Wed Jan 2 2002 25 43 26 gt PORT Monitor Setup for local LocalUnit Port Name lt LAN gt START MONIT
171. number Setup The Setup field accesses additional setup screens for the Local Profile The screen that is accessed depends on the chosen option Listed below are the available field options Static Networks gt Used to configure static network routes that can be reached locally See Static Networks on page 4 8 for more information lt Static Addresses gt Configure static addresses for the local devices See Static Addresses on page 4 13 for more information lt Filters gt Define data filters for this Local Unit Filtering provides additional security by restricting which packets will be forwarded to from the LAN See Filters on page 4 16 for more information Terminal Server Router Release 2 97 Profile Directory Local Profile Link Speed Firewall Filters gt This option is used to access the Firewall Rules screen which allows the operator to establish firewall filters for this local unit See Firewall Filters Local Profile on page 4 22 for more information lt Advertise Network Server gt Enables the unit to advertise all networks and services to all remote units or to advertise to no remotes See Advertise Network Server on page 4 28 for more information lt DHCP Server Client Relay gt Establish the Router as a DHCP Server Client or Relay Agent See DHCP Server Client Relay on page 4 32 for more information lt Spanning Tree gt Configures the global setup for using the Spanning Tree Algorith
172. o etup gt ade NRT Gateway Disabled Local IP Tunnel Address lt Assigned by Remote WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt B Bie Setup CIEISIHATMTNGTCIIR 6S gt gt Setup lt Trunk Port gt Scrollable Select the item to be set up and hit ENTER 5 Select CTRL A to add a Static IP Network Enter Network Address Subnet Mask and Metric value Note this window displays additional fields depending on the field setting for GRE Tunnel on the Remote Profile window lt Forcel Networks OTSR Wed Jan 2 2002 3 26 27_ gt RemoteUnit has 1 Static IP Network Setup Static lt IP Networks gt Network Subnet Mask Metric 1 ORO 0 0 0 0 Static VPN Networks Window CTRL A to add CTRL E to eras ase CTRL F to page forward CTRL B P Address Subnet Mask in Dotted Decimal page bac Notation Terminal Server Router Release 2 97 5 19 Profile Directory Remote Profile GRE Tunnel set to lt All gt Static VPN Networks Fields Setup Static lt IP Networks Enter the Subnet IP Address Note The host bits should all be zero lt IPX Networks Enter the Hexidecimal Address Note The host bits should all be zero Network Enter the Subnet IP Address Note The host bits should all be zero Subnet Mask Enter the Subnet Mask of the Network IP Address Metric Enter the distance in hops to the network Value must be between 1 15 5 20 Ter
173. odif gt Static Host Name to IP List Do you wish to save the DNS Resolver change lt gt Note This change will go into effect IMMEDIATELY Terminal Server Router Release 2 97 Profile Directory Router Card Profile DNS Resolver After the configuration is saved the DNS Static Host window displays and a Static Host can be added or modifed Note If any changes are made they must be saved when exiting the window Fri Nov 14 2008 2 32 26 gt DNS STRTIC HOSTS 1 entries of 33 max Setup for local LocalUnit IP Address Host Name 1 12S TestHostName CTRL A to add CTRL E to erase Editable Enter a non zero IP Address Subnet Mask in Dotted Decimal Notation Number of Static Hosts set up A maximum of 33 can be entered IP Address IP address of the static host Host Name Enter the filter name with a maximum of 42 characters no spaces or numbers 3 26 Terminal Server Router Release 2 97 CHAPTER Profile Directory Local Profile In this Chapter m LAN Local Profile Overview m Static Networks m Static Addresses m Filters m Firewall Filters Local Profile m Advertise Network Server m DHCP Server Client Relay m Spanning Tree m Secondary IP Address m Link Speed Profile Directory Local Profile LAN Local Profile Overview LAN Local Profile Overview The LAN Profile is the largest most detailed portion of the Router software The fields on this screen allow definitio
174. of 7 Profile Name RemoteUnit WAN Network Protocol Mode Updates lt Route gt lt Never gt lt Blocked gt lt Blocked gt Does this unit have a numbered IP address assigned on the WAN lt NO gt Connection WAN Connection Type Select WAN Port Number lt I gt n 1 1 1 PPP ENTER to go to next field ESC to exit Basic Configuration Scrollable Use the spacebar to change the selection Profile Name Enter a unique name for this Remote Unit Name can be up to 11 characters Protocol IP Mode lt Route gt lt Blocked gt and lt Bridge gt WAN Network Updates lt Never gt lt Periodic gt and lt Triggered gt IPX Mode lt Blocked gt lt Bridge gt and lt Optimized gt WAN Network Updates lt Never gt lt Periodic gt lt Triggered gt Other Mode lt Blocked gt lt Bridge gt and lt Optimized gt Does this unit have a numbered IP address assigned on the WAN Selection is lt Yes gt lt No gt If lt Yes gt is selected IP Address and Subnet Mask below are listed IP Address Enter the IP Address of the Remote Unit Subnet Mask Enter the Subnet Mask of the above IP Address Terminal Server Router Release 2 97 Basic Configuration Remote Unit Profile Select WAN Port Number Selection is None 1 through lt 24 gt all existing WAN ports are listed Connection Displays the connection information for the selected WAN in the form slot port channel WAN
175. oftware caused by a modification repair storage installation operation or maintenance ofthe Product or Software by anyone other than Force10 Networks or its agent or as authorized and in accordance with the Force10 Networks Documentation or b the negligent unlawful or other improper use or storage of the Product or Software including its use with incompatible equipment or software or c fire explosion power failures acts of God or any other cause beyond Force10 Networks reasonable control or d handling or transportation after title of the Product passes to BUYER Other manufacturer s equipment or software purchased by Force10 Networks and resold to BUYER will be limited to that manufacturer s warranty Forcel0 Networks assumes no warranty liability for other manufacturer s equipment or software furnished by BUYER BUYER UNDERSTANDS AND AGREES AS FOLLOWS Except for the limited warranty set forth above the Product License Software and all services performed by Force10 Networks hereunder are provided as is without representations or warranties of any kind Force10 Networks does not warrant that the Product License Software any hardware or software or any update upgrade fix or workaround furnished to BUYER will meet BUYER s requirements that the operation thereof including any maintenance or major releases thereto will be uninterrupted or error free THE WARRANTIES IN THIS AGREEMENT REPLACE ALL OTHER WARRANTIES EXPR
176. oiunceikgc eun cairo ns 7 10 Other 3 40 21s ase E E E RYE 7 10 Reports Alarm Log 00000 c eee eaee 10 5 Response Count 1 ovs tc Mewes Meus EE EX 8 4 Result 222ketR t REL kOe eee ke oe RES 8 4 RIP 2issceme Esau iA 4 5 4 8 5 17 Glossary 2 Mode Send 0 c cece eee eens 3 5 RIP Mode Receive 0 c eee e eee 3 4 Router 2c 3k Bk Pe Ree RE RE RR eet E 12 1 Router Card Profile 0 0 0 cece eens 3 1 Configuration 2 0 0 0 0 0 0 cee cece eee 3 2 DNS Proxy av ss coke uiii piiraa uia eee ae 3 15 DNS Resolver o n nnn 00 0 cece eee eee 3 23 Network Time Protocol 005 3 19 OVervieW ceseieecerees SEG e E E REESE 3 2 RIP Mode Receive 0 cece eens 3 4 Mode Send ec sau seen RAW es OANE 3 5 Sec rlty iii sesoieerebrecr e CER PIER ERES 3 8 SNMP oer us tee ep QURE REV A rS 3 11 Terminal Server Router Release 2 97 Index Spanning Tree Protocol sellus 3 17 SVS LOS x ovs cp oi epp per gd wusr qq ue 3 21 Tr nk 1 25 benERR e breite REUS 3 6 Router Configuration 0 00000 ee eae 12 1 Back to Back with PPP 12 8 Basic Setup icacsauck eee o gE REESE ENG 12 2 Frame Relay Internet Connection 12 4 Internet Connection using NAT 12 6 Internet Connection using PPP NAT PAT 12 5 PPP Internet Connection 05 12 3 Routing Protocol Security 00 00 0005 7 5 Rule 1 Local Profi
177. ol ICMP method of trace routing is the most widely used and has the best reliability Default lt UDP gt User Datagram Protocol UDP method requires that all devices in the chain of the trace route support probes on the particular UDP port This method is not recommended Size Define Packet Size Range 0 65500 IP Tos Sets the IP type of service Range 0x00 OxFF Hex Default is 0 Don t Frag Sets the Don t Fragment flag in the IP header This can be used along with the size setting to determine the maximum payload size that can be sent between the router and the destination without fragmentation occurring the path MTU UDP Port Sets the UDP port to send to Range is 1 65535 with a default of 33434 This setting only applies if the method is set to UDP Query Number Defines the number of probe packets sent to each hop along the route Range is 1 10 Default is 3 Wait Defines the wait time between queries Range is 0 250 ms Default is 1 ms Timeout Defines the query timeout Range is 1 60 seconds Default is 3 seconds Terminal Server Router Release 2 97 Verification Window Port Monitor Port Monitor The Port Monitor option is a diagnostic tool that can be used to review the actual data being transmitted to or received by the Local LAN unit This can be especially useful in determining where a transmission failure is occurring When monitoring is started a hex display of each tra
178. ollable Select whether this feature should be enabled lt Renew Release gt This option will force a lease to be renewed or released lt Renew gt The card will perform a typical lease renewal sequence based on its current DHCP configurables lt Release gt If valid IP based leases exist and the DHCP Client interface is up a release message will be sent to the server Then the Lease Contents will be cleared and all configurable settings will be left at their last value The DHCP Client will acquire a new lease when the user sends a renew command Automatic DNS lt Disabled gt No automatic enabling disabling of the DNS Resolver will occur and the enable disable setting of the DNS Resolver will be under manual configuration control lt Enabled gt The DNS Resolver management will be managed automatically by the Client based on completeness of DNS configurables to operate the DNS Resolver Set Tx Packets Broadcast Bit Use this parameter to indicate if the broadcast bit is to be set checked box or clear in the bootp flags header value for all transmitted DHCP BOOTP packets for the DHCP Client Request The following DHCP Client configurables can be requested check box from a DHCP Server IP Address Mask DNS Host Name DNS Primary Server Gateway DNS Domain Name DNS Secondary Server Description This column will display the current Client information items Current Lease Value This column will display the current Leas
179. on IP Networks Hops See Metric above This field is only used on IPX Networks Ticks This field displays the distance between two networks as measured in time increments 1 18th of a second This information is only used by IPX Networks Like hops ticks may be used to designate primary and secondary routes to the same network Although both the hops and ticks values are considered when determining routing priority for Novell networks the tick value is considered first Next IPX Router This field displays the MAC Address of the next gateway router that the data will use to reach the destination network This applies only to IPX Networks Frame Type This field will display the chosen frame type of the packets that are sent and received by the Router If a packet 1s received that is formatted in a frame type that has not been enabled the Router will not accept the data Note that multiple frame types may be supported simultaneously This field applies only to IPX Networks Terminal Server Router Release 2 97 Address Tables System Reports Window Address Tables Use this screen to review the MAC Address and IP Address of the devices that are known by the Local Unit The Router will monitor traffic on the LAN WAN and dynamically learn the MAC Address and or IP Address of each device This learning is a continuous process that occurs automatically as communication takes place on the LAN or across the WAN The MAC Address and IP Ad
180. on on previous page NAT and Local IP Tunnel Address Use this field to define the IP Address for the Local LAN tunneling or NAT Gateway device lt Configured gt See previous page lt Assigned by Remote gt lt Enabled gt with GRE Tunnel lt All gt IP Protocol VPN Setup gt window will display This field displays only when GRE Tunnel is set to lt All gt Forcel Networks OTSR Profile Setup for RemoteUnit WAN Network Wed Jan 2 2002 3 05 21 gt Protocol Mode Updates GRE Tunnel IP Route Never gt All A IPX lt Blocked gt Other lt Blocked gt IP Protocol VPN Setup gt NAT Gateway lt Enabled gt NAT Port Numbers lt Dynamic NAT and Local IP Tunnel Address lt Assigned by Remote Terminal Server Router Release 2 97 5 7 Profile Directory Remote Profile Transmission Options To open the setup window select IP Protocol VPN Setup gt and select ENTER Forcel Networks OTSR Wed Jan 2 2002 23 10 04 gt VPN Setup for remote RemoteUnit Tunnel Name MEE Remote IP Tunnel Address 0 0 0 0 Editable Please enter a value Tunnel Name Enter Tunnel name up to 11 characters Remote IP Tunnel Address Enter IP Tunnel Address 5 8 Terminal Server Router Release 2 97 WAN IP This field is used to enable the Router to assign an IP Address to the remote device that this remote profile is attached to Remote Profile Window Forcel Net
181. on problems A continuous ping will send a ping until the test is manually terminated Results of the continuous ping test are constantly updated based on the result of each ping sent Press ESC to terminate the test at any time Successful Single Ping Unsuccessful Single Ping Status Status IP Dst Address 100 1 0 26 IP Dst Address 100 1 0 26 IP Src Address 100 1 0 10 IP Src Address 100 1 0 10 MAC Address 00 00 86 62 72 17 MAC Address i Response Time lt 1ms Last Result Destination Unreachable Last Result Host Responding Successful Single Ping Unsuccessful Single Ping Status Status IP Dst Address 100 1 0 26 IP Dst Address 100 1 0 26 IP Src Address 100 1 0 10 IP Src Address 100 1 0 10 MAC Address 00 00 86 62 72 17 MAC Address Response Time lt 1ms Last Result Destination Unreachable Last Result Host Responding Response Count 19 Timeout Count 0 Response Count 19 Timeout Count 0 Response Window Fields IP Address Displays the IP Address entered on the setup window MAC Address When a Single Ping is successful the MAC Address is displayed When the test has failed the MAC Address field does not display and a timeout result is displayed Result or Last Result Will indicate if the host is responding to the test Result notices will be one of the following Host Responding This is a successful test with a ping responding Destination Unreachable This is an
182. order in which the rules are applied Once there is two or more rules created the rule number can be changed to put them in the desired order The Last rule displayed is automatically set after the first rule is defined and states that the Router should drop any service incoming or outgoing which has not been addressed in the proceeding rules Action Pass Drop This column indicates the service s that will lt Pass gt or lt Drop gt from the local network to the remote network and vice versa On the Firewall Filters window the following indicated Pass Drop in this column Drop Blank column Pass Typically rules are established with the Pass action since the last rule which is automatically defined by the software Drops all services not expressly permitted by the previous rule s For example if you wish to deny all transmissions except Telnet you would create a rule indicating that Telnet has the Pass action The Router software would create the last rule that states the unit should Drop all other services Since any service that is not expressly permitted to pass will be prohibited it is important that you thoroughly understand the security policies of your WAN before attempting to create a firewall We suggest that only experienced Network Administrators create and maintain firewall filters Incorrectly defined filters may compromise the security and functionality of your WAN Terminal Server Router Release 2 97 Servic
183. ormat Eth II When selected X this Unit may send and receive packets that match the Ethernet II format Note that the IP protocol commonly uses this format SNAP When selected X this Unit may send and receive packets that match the SNAP Subnet Network Address Protocol format 802 3 When selected X this Unit may send and receive packets that match Novell s X802 3 format Terminal Server Router Release 2 97 Profile Directory Local Profile Set up a Local Profile LAN Network Updates Use the LAN Network Updates field to determine whether the Local LAN unit will learn via RIP and SAP packets which networks and services are attached to the local LAN and whether Remote WAN networks and services will be advertised to the LAN If this information is learned it may be advertised to remote devices if advertising is established Use the SPACEBAR to select from the following options Both Neither Send and Receive When set to Both the Local Unit will accept the RIPs and SAPs from the LAN and the networks and services learned from the WAN will be broadcast to the LAN Local Unit 4 Both send and receive network service information to from LAN The lt Send gt value will enable the Local Unit to send to the LAN information regarding the networks and services that it has learned from remote devices on the WAN However the un
184. ors This field increments as packets are transmitted to or received from the LAN in error This includes RX CRC errors partial frames aborted frames and bad frames and TX retry failures and RX carrier loss errors This does not include bad packets that result from collisions For this total to update Auto Update must be lt On gt Note There are WAN protocol packets sent to the telephone company switch even when there are no active calls WAN Packet Totals Use this field to review the number of WAN packets that the local unit has Received Transmitted and contained Errors If Auto Update is set to lt No gt the WAN packet totals will not increment while the screen is displayed Received This field increments as packets are received from the WAN This includes packets from all remote sites For this total to update Auto Update must be lt On gt Transmitted This field increments as packets are received from the LAN and internally generated packets such as network optimization packets which have been transmitted to the WAN For this total to update Auto Update must be lt On gt Errors This field identifies packets that have been transmitted to or received from the WAN in error This includes RX CRC errors partial frames aborted frames long frames and bad frames as well as aborted TX frames It is used to identify WAN communication problems prior to contacting the telephone company for further diagnosis For this t
185. otal to update Auto Update must be lt On gt Remote s Name This field reflects the names of all the Remote WAN profiles listed in the Profile Directory Terminal Server Router Release 2 97 9 3 Statistics Window Run Time Forwarded to WAN This field represents the number of data packets per second pps that are being forwarded from the LAN to the respective remote units Each screen update is a current snapshot of transmission activity Throughput to from WAN This field value displays two numbers which represent the current bandwidth utilization in bits per second bps for each remote site listed The TO number represents transmission utilization going from the LAN to the listed remote unit The FROM number represents transmission utilization received from the listed remote unit Comp Ratio to from WAN Using advanced data compression algorithms the Router constantly seeks to determine the best way to compress the data to be transmitted across the WAN The values in this field represent how much the Router was able to compress the data Since some data is more compressible than others the compression ratio will reflect this Remote Conns The numeric value in this field represents the number of connections currently active per Remote WAN site 9 4 Terminal Server Router Release 2 97 CHAPTER System Reports Window In this Chapter m Events m Alarms m Networks Servers m Address Tables System Reports
186. otocol SAF3 35 IDPR Inter Domain Policy Routing Protocol MXS1 36 XTP XTP GXC Terminal Server Router Release 2 97 Protocol Types Protocol Number in Firewall Filters Number Keyword Protocol Reference 37 DDP Datagram Delivery Protocol WXC 38 IDPR CMTP IDPR Control Message Transport MXS1 Protocol 39 TP TP Transport Protocol DXF 40 IL IL Transport Protocol Presotto 41 IPv6 IPv6 Deering 42 SDRP Source Demand Routing Protocol DXE1 43 IPv6 Route Routing Header for IPv6 Deering 44 IPv6 Frag Fragment Header for IPv6 Deering 45 IDRP Inter Domain Routing Protocol Sue Hares 46 RSVP Reservation Protocol Bob Braden 47 GRE General Routing Encapsulation Tony Li 48 MHRP Mobile Host Routing Protocol David Johnson 49 BNA BNA Gary Salamon 50 ESP Encap Security Payload for IPv6 RFC2406 51 AH Authentication Header for IPv6 RFC2402 52 I NLSP Integrated Net Layer Security TUBA GLENN 53 SWIPE IP with Encryption J16 54 NARP NBMA Address Resolution Protocol RFC1735 55 MOBILE IP Mobility Perkins 56 TLSP Transport Layer Security Protocol using Oberg Kryptonet key management 57 SKIP SKIP Markson 58 IPv6 ICMP ICMP for IPv6 RFC1883 59 IPv6 NoNxt No Next Header for IPv6 RFC1883 60 IPv6 Opts Destination Options for IPv6 RFC1883 61 any host internal protocol IANA 62
187. ough a NAT enabled WAN interface 1 Select Configuration Profile Directory gt from the Main Menu and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Profile Directory Window o page forward o page Hit ENTER to configure the communication information for the remote profile 3 Select Setup Static Addresses gt scroll through the list of options with the SPACEBAR if NAT Bypass Subnets gt is not displayed Press ENTER Forcel Networks OTSR Wed Jan 2 2002 23 36 20 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt Disabled gt IPK lt Blocked gt Other lt Blocked gt NAT NAT Gateway lt Disabled gt Bypass Subnets Window WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt de Setup BP TESTIS gt Setup Trunk Port gt Scrollable Select the item to be set up and hit ENTER 5 26 Terminal Server Router Release 2 97 Profile Directory Remote Profile NAT Bypass Subnets 4 Press CTRL A to add a NAT Bypass lt Forcel Networks OTSR Wed Jan 2 2002 3 37 16 gt RemoteUnit has 1 NAT ByPass Reco
188. outer Release 2 97 4 17 Profile Directory Local Profile Filters 4 15 Filters Menu Fields Forward Mode This field determines what data to pass not to pass based on this field value and the filters listed on the current window There are two available values which determine how the Router will handle data to from the LAN lt All Frames NOT Matching Filters any packets matching the filters listed will not be passed 1 e pass all frames except those matching the enabled filters lt ONLY Frames Matching Filters gt enabled filters will have the PASS action All packets matching the filters listed will be passed to from the LAN Any packets that do not match will be dropped 1 e will not pass through the Local Unit Define Filter Use this field to choose the appropriate filter type The filter screens are used to define the actual filter prior to enabling adding it on the current window lt Custom gt see Defining Custom Filters on page 4 19 lt Protocol gt see Defining Protocol Filters on page 4 20 lt Address gt see Defining Address Filters on page 4 21 Once the filter type is defined select Enter and the Define Filter window will appear See the following sections on defining filters Filter Type This field value represents the type of filter lt Custom gt lt Protocol gt or lt Address gt Source Destination This field is active only with an Address Filter lt Source gt Filters by Source only lt
189. outes as needed Forcel Networks OTSR Wed Jan 2 2002 1 15 41 LocalUnit has 1 Static MAC Address Record Setup Static lt MAC Address gt Device Name MAC Address END 00 00 00 00 00 00 Static MAC Address Setup CTRL A to add CTRL E to erase CTRL F to page forward CTRL B to page back Editable Enter a name for the filter 4 14 Terminal Server Router Release 2 97 Profile Directory Local Profile Static Addresses Forcel Networks OTSR Wed Jan 2 2002 1 16 53 gt LocalUnit has 1 Static IP Address Record Setup Static IP Address gt Device Name IP Address E 0 0 0 0 Static IP Address Setup CTRL A to add CTRL E to erase CIRL F to page forward CIRL B to page back Editable Enter a name for the filter Static IP Address Menu Fields Setup Static Use the SPACEBAR to scroll between IP Address gt and MAC Address gt The fields on this screen will vary depending on your choice IP Address A unique 32 bit identifier for a specific TCP IP device on a network The address is in dotted decimal form XXX XXX XXX XXX where xxx 1 255 MAC Address The address for a device as it is identified at the Media Access Control layer in the network structure Device Name Use this field to identify the user defined name of the LAN device that is associated with this static address The maximum number of alphanumeric characters for this field is 7 MAC Address Enter the MAC Address of t
190. page 5 24 for more information NAT Bypass Subnets gt Use this option to access the Static NAT Addresses window which allows the operator to configure static bi directional NAT mappings between local server addresses and public addresses See Static NAT Addresses on page 5 24 for more information Static Addresses gt This option is used to access the Static Addresses window which allows the operator to configure static addresses for the remote unit See NAT Bypass Subnets on page 5 26 for more information Firewall Filters gt This option is used to access the Firewall Rules screen which allows the operator to establish firewall filters for this remote unit See Firewall Filters Remote Profile on page 5 31 for more information Filter Network Server gt This option is used to access the Filter Network Server screen which allows the operator to establish network and server filtering for this remote unit See Filter Network Server on page 5 37 for more information Terminal Server Router Release 2 97 Profile Directory Remote Profile Transmission Options lt Spanning Tree gt Configures the global setup for using the Spanning Tree Algorithm as specified in the IEEE 802 1D specification See Spanning Tree on page 5 41 for more information Note IP Mode must be set to lt Bridged gt for this option to display in the scrolled list lt Trunk Port gt Configures the Router Remote trunks See Trunk Port on page 5 44
191. r Type to Data connect a 1 all 3 1 1 Connect all of T1 1 to the Router that is in slot 1 rename 3 LocalUnit Denver Rename LocalUnit default to Denver LAN rename 3 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wanl1 Set 3 1 ip address 2 2 2 1 255 255 255 0 Set the ethernet IP address in the conventional IP address format Router LAN set 3 1 phy auto add 3 wanl static ip network 1 1 1 0 255 255 255 0 1 Set the Physical Specifications to auto negotiate Adds a static IP network route to the WAN interface Set 3 1 1 encapsulation fr Set the encapsulation on trunk 1 to Frame Relay set 3 lmi disable Disable LMI Local Management Interface set 3 wanl trunk 1 Set the WAN interface wan1 to be mapped to trunk 1 set 3 wanl dlci 101 Set the DLCI number reset 3 Reboot the router to enable all configurations set Terminal Server Router Release 2 97 12 13 Router Configuration Denver Router in Slot 3 12 14 Terminal Server Router Release 2 97 APPENDIX User Events In this Appendix m User Events m Authenticate Events m Triggered Events m Alarms User Events User Events User Events Description access login terminated Adit Initialized IP Address was dynamically assigned by remote Login accepted at access level Login rejected Password changed for access level Port X connected Port X down Sys
192. r devices the Router will learn about other servers and networks The Router will constantly monitor RIP and SAP packets to ensure that the status of the network or server has changed Should a RIP or SAP packet indicate a change in status the Router would update the data in the table and send the information to all enabled remotes to exchange the updated data See Networks Servers on page 10 6 for more information regarding this feature Address Tables The MAC Address and IP Address Tables along with Network Tables are used to determine if and where the Router should send packets See Address Tables on page 10 9 for more information regarding this feature Terminal Server Router Release 2 97 Alarms Identify Alarm Alarm indicators Troubleshooting Alarms Router LEDs When an Alarm is triggered the Router LED labeled CRD displays a red indicator light that stays on until the Alarm is cleared The Terminal Server Router card has 2 LEDs per port At Power up QUAD TSR TOP LED Bottom LED Description Off Off At Power Up Boot Loss of power Red Red Card is inoperative Flashing Red Flashing Red Self test or Boot in process Normal Operation TOP LED Bottom LED Description Green Solid Link Green Solid Link Port set for Ethernet see below Flashing Red Flashing Red Self test or Boot in process Port Set for Ethernet State Off Description No Ethernet link Top LED indicates 100M L
193. rame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPM X X X X lt Neither gt Local Other X X X Profile Window LAN IP LAN IPM IP Address 10 0 0 1 802 2 Ext Network 00000000 Subnet Mask 255 0 0 0 Eth II Ext Network 00000000 Default Router 0 0 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 e Setup lt MAI Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 DHCP Mode Disabled Server lt Client gt or Relay Opens the DHCP Setup window for the following Forcel Networks OTSR Wed Jan 2 2002 1 44 28 gt DHCP Server Client Relay Agent Setup for local LocalUnit DHCP Mode METER DHCP Mode Disabled Scrollable Select whether this feature should be enabled Terminal Server Router Release 2 97 4 33 Profile Directory Local Profile DHCP Server Client Relay DHCP Mode Server 4 34 DHCP Mode Server Forcel Networks OTSR Wed Jan 2 2002 1 45 46 DHCP Server Client Relay Agent Setup for local LocalUnit DHCP Mode MARIS Info lt Active Leases gt Domain Name Start IP fiddress 0 0 0 0 Number 0 Lease Duration 000 00 hr min Domain Name Servers 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Potion Type Value NetBIOS over TCP IP Node Type Scope Name Servers NBNS 0 0 0 0 0 0 0 0 Scrollable Select whether this feature s
194. rd Network Subnet Mask i O 0 0 0 0 CTRL A to add CTRL E to era se Editable Enter a non zero IP fiddress Subnet Mask in Dotted Decimal Notation Network An IP address or host to bypass the NAT Translation in the form of xxx xxx xxx xxx where xxx is between 0 255 Subnet Mask Subnet mask of the Network IP address above in the form of xxx xxx xxx xxx where xxx is between 0 255 Terminal Server Router Release 2 97 5 27 Profile Directory Remote Profile Static Addresses Static Addresses Use this screen to define static addresses that are based on the Ethernet MAC or IP Address of a specific device on the local LAN Typically the Router would learn of these devices by monitoring LAN WAN packets By defining a static address you are telling the Router the location ofthe corresponding device before it learns where this device resides Static addresses are typically used in a bridging situation Use the Local LAN Profile to define static addresses for devices that are located on the LAN If you wish to establish static addresses for devices on remote LAN s access this screen using the corresponding Remote WAN Profile NOTE Each static address filter will count toward the maximum number of 500 filters 1 Select Configuration Profile Directory gt from the Main Menu and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks QTSR Wed Jan 2 2002 2 58 0
195. re and Release Key Options Options may be available to purchase to upgrade the Router Once this option is purchased a key code will be given to enable the feature on this product For more information please call Force10 Networks Technical Assistance Center Reboot After Load Code Use this option to automatically reboot the Router after software 1s successfully installed A software load verification checks and verifies that the new software is good before the unit will accept it If it is determined to be bad or damaged the Router will reject it and continue to use the original software Reboot After Load Config Use this option to automatically reboot the Router after a configuration file is successfully installed IP Address The IP Address field is use to identify which device s will be allowed to perform config and or code uploads and downloads A in this field will allow all devices at the selected Client Site to perform Uploads Downloads Client Site This field identifies the profile the Router will use to reach the IP Address entered in the previous field If Local LAN is selected it indicates the device can be reached via the LAN If the device can be reached via a WAN connection you should select one of the Remote WAN profiles Mode Use this field option to enable uploads downloads of software and configuration files for specific IP addresses Code Authorizes the IP Address to perform software uplo
196. rk ss 4 27 5 35 Significant Bits 0 0 0 00 eee 4 27 5 35 Local Profile 3 see 4 1 4 2 4 4 6 1 Advertise Network Server 004 4 28 DHCP Server Client Relay 4 32 Filters isses ERR hehe deed 4 16 Firewall Filters iios RE wai 4 7 4 22 Frame Type 4222 reRRREOSR eb chine SC He Pas 4 4 802 2 ror ase UPUSXCURER ae eae ee eas 4 4 802 3 cob LED AX RETE ER EERQU ER 4 4 BULID s csane daeees cane spe PEEL SS 4 4 SNAP osuere EROR ELK E ERER 4 4 LAN Network Updates 004 4 5 Link Speed isse 4 44 LEocalUnmt verter er Anup cake Pap 4 4 Secondary IP Address 2 0005 4 41 SEUD nireset Rer pR M de PCR UE ans 4 6 Filters e LR EROR hee ea E 4 6 LAN Collision Threshold 4 7 Link Speed 0 0 cee 4 7 Spanning Tree icr seed beuwELREXWE ERES 4 38 Static Addresses 0 0 cece cece eee 4 13 Static Networks 20 0 0 cee cece eee ee 4 8 Local Security Server 0 0 0 0 0 cee eee 3 9 Index 3 Index LocalUnit IP Addiess 2 oce t rE opasa EE EANES 7 4 Name iced eie ee ee oa DITS 7 4 Reimitializimp ioi DERL PORE EYES 11 4 Subnet Mask 1 0 0 0 0 0 cc cece eens 7 4 LocalUnit Identification 0 0000 ee eee 7 4 IP Address llle 7 4 LocalUnit Default Router 00 0 cece eee eee 7 4 Nae 2k reuse sesh SXRPER URPEXG 7 4 Subnet Mask 0 00 c eee eee eee eee 7 4 LOCat
197. rk Updates to Never The Advertise Network Server Window can be used in two ways depending on which Selected Items mode is chosen Do Not Advertise gt Selected Items mode causes the unit to not advertise the learned network to all remotes if you place an X next to the selected item lt Advertise gt Selected Items mode causes the unit to advertise the learned network to all remotes if you place an X next to the selected item NOTE Since each network that contains an X next to it consumes a filter choose an approach that consumes the least number of filters With 15 learned networks of which 5 need to be advertised it uses less filters to Advertise 5 networks than to select Do Not Advertise 10 Terminal Server Router Release 2 97 4 29 Profile Directory Local Profile IPX Server Advertising 4 30 NOTE Each selected network will be counted as a filter A maximum of 500 filters can be defined Advertise Network Server Fields Setup Use this field to identify which networks or server types you wish to review Options are IP Networks IPX Servers gt and IPX Networks Selected Items Advertise With this option selected Networks will advertise to all Remote Units that are listed in your Profile Directory Do Not Advertise gt With this option selected Networks will not be advertised Network This field displays the network address of each network learned from the local LAN If this route was adde
198. rks QTSR connection QTSR Wed Apr 10 2004 5 51 21 lt CR gt to login Password gt Select a terminal type lt space gt or lt back space gt to toggle lt CR gt to accept Terminal lt generic gt You have logged in with a default password For security reasons the password should be changed Complete the change request and record your new password for future use Password Change Request Valid QTSR passwords are from 5 to 15 alpha numeric characters NEW Password gt RETYPE Password gt After a successful login the system prompts the user to change the password from the default 1 Type in New Password and press ENTER 2 Retype in New Password and press ENTER 1 6 Terminal Server Router Release 2 97 CHAPTER Management Window In this Chapter m Management Overview m System Time Login m Upload Download m Load Defaults m Software Images Management Window Management Overview Management Overview The Management menu contains the system components of the TSR software This section is used to define security parameters factory default settings as well as providing software loading and configuration settings for the Router Management Menu options allow the user to Establish the system security features Install and backup system software Backup and install configuration settings Default system parameters to factory settings NOTE Two simultaneous ses
199. rnet or IEEE value but not both To enable a filter return to the Enabled Filter Window ESC from this window and select CTRL A select filter type Custom Protocol or Address filter will be added to the Enabled Filters window NOTE Each filter even if it is not enabled will count toward the maximum number of 500 filters 4 20 Terminal Server Router Release 2 97 Profile Directory Local Profile Defining Address Filters Defining Address Filters lt Forcel Networks OTSR Wed Jan 2 2002 1 30 11_ gt LocalUnit has 0 Enabled Filters Forward Mode lt ALL Frames NOT Matching Filters Define Filter ERE gt Filter Type Source Dest Filter Name Forcel Networks QTSR Wed Jan 2 2002 1 32 05_ gt LocalUnit has 1 Address Filter Device Name MAC Address 1 E 00 00 00 00 00 00 CTRL A t Scrollab Address Filter Window CTRL A to add CTRL E to erase Editable Enter a name for the filter Use this window to define filters that are based on the Ethernet MAC Address of a specific device When enabled these filters provide security by restricting LAN WAN access based on a device s MAC Address Address filters are based on either source destination or both source and destination MAC Addresses Device Name Filter name can be up to 7 characters MAC Address Enter the MAC Address of the LAN device that you are defining as a filter The system will use the defined MAC Address and the v
200. route which Enter a static route which indicates that Network C indicates that Network C may be reached through may be reached through remote Unit B Router 1 To continue with this example if Network B is not configured to advertise Network C to Network A then Network A will not dynamically learn of Network C s existence If you wish to establish a route on Network A to Network C you must define a static route on Network A that indicates that Network C may be accessed through Remote Unit B To set up a static route you must define the following routing information The address of the network you wish to reach How far away from the local LAN the network is located in terms of metric measurement or hops depending on the protocol Whether the network can be reached on the local LAN via the LAN port or through a Remote Unit Terminal Server Router Release 2 97 5 17 Profile Directory Remote Profile GRE Tunnel set to lt All gt If you are using the local LAN you will also need to define the address either IP or MAC depending on the protocol of the first gateway 1 e router you will use to reach the network you are defining It is important to note that if the static network is reached via a Remote WAN Unit it must be defined by choosing the SETUP Static Networks option on the corresponding Remote WAN Profile Setup window Static networks that are reached via the local LAN must be defined b
201. rver 5 Select lt Learn gt or Filter and select ENTER Forcel Networks QTSR Wed Jan 2 2002 23 51 18 gt RemoteUnit has 1 configured and learned IP Network Setup IP Networks gt mme si Items Network Learn 1 Static Fltr 0 0 0 0 X CTRL F to page forward CTRL B to page backward Scrollable Use the spacebar to change the selection 6 To manually configure a service see Static VPN Networks on page 5 17 Filter Network Server Fields Setup Use this field to identify which networks or server types you wish to review and filter P Networks IPX Networks or IPX Servers Selected Items Filter Learn lt Filter gt default The Router will learn all networks servers and advertise them to the LAN This mode is particularly useful for small networks with few items to be learned advertised Customize the advertised networks servers in one of two ways Learn or see Static VPN Networks on page 5 17 to add a filter Learn Under this mode learning and advertising are disabled until a specific server type is selected from the displayed servers or is manually added The lt Learn gt mode is much better suited for larger networks as specifying which networks servers you wish the Router to learn may consume less filters than specifying which networks servers you Do Not want learned Terminal Server Router Release 2 97 5 39 Profile Directory Remote Profile Filter Network Server Forcel
202. s OTSR Tue Jan 1 2002 1 27 31 gt Software Image Show Switch Menu for LocalUnit Choices MShow Current Images App Image Ver 2 97K Wed Jul 01 08 14 46 2009 ACTIVE App Image Ver 2 95B Mon Sep 22 02 51 29 2008 BRCKUP x Forcel Networks OTSR Tue Jan 1 2002 1 29 Software Image Show Switch Menu for LocalUnit Choices Switch Appl Images App Image Ver 2 97K Wed Jul 01 08 14 46 2009 BACKUP App Image Ver 2 95B Mon Sep 22 02 51 29 2008 ACTIVE Scrollable Terminal Server Router Release 2 97 2 11 Management Window Options 2 12 Terminal Server Router Release 2 97 CHAPTER Profile Directory Router Card Profile In this Chapter Overview Configuration RIP Mode Receive RIP Mode Send Trunk Security SNMP DNS Proxy Spanning Tree Protocol Network Time Protocol SysLog DNS Resolver Profile Directory Router Card Profile Overview Overview The Router Card Profile of the Profile Directory is used to review configure base router features Configuration Main Menu 1 Select Configuration lt Profile Directory gt from the Main Menu and select ENTER Forcel Networks OTSR QTSR Main Menu Scrollable Category Selection Management lt Software Images gt Configuration MProfile Directory Verification Ping Utility gt Statistics lt Run time gt System Reports lt Events gt Exit lt Logout gt Tue Jan 1 2002 1 53 43_ QTSR Version 2 97
203. s Parity TBOS Stop Bits Setup Flow Cntrl Window TBOS Display Mapping Display 1 None Display None Display None Display None Display None Display None Display None Display None Press ESC when finished Scrollable Use the spacebar to select the port type Description Description Description Description Description Description Description Description VVVVVV VV 6 8 Terminal Server Router Release 2 97 Man Main Menu Terminal Server Window Manual Closure of a Telnet Socket ual Closure of a Telnet Socket The TSR provides the ability to manually close a currently open Telnet socket associated with a specific asynchronous port The process is as follows 1 Select Configuration Terminal Server gt from the Main Menu and select ENTER Forcel Networks OTSR Wed Jan 2 2002 4 09 56 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt Configuration Terminal Server M Verification lt Ping Utility gt Statistics lt Run time gt System Reports lt Events gt Exit lt Logout gt Scrollable Use the spacebar to change the selection and hit ENTER 2 Select with the SPACEBAR the port 1 4 the port to close and select ENTER NOTE Port must be set to RS 232 Example port 1 and port 2 This does not apply to a port configured to support Ethernet traffic Example port 3 and 4 Forcel Networks OTSR W
204. s TAB until Configuration Profile Directory gt is highlighted and press ENTER Forcel Networks OTSR Tue Jan 1 2002 1 53 43 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt Software Images gt gt Configuration Profile Directoryyiiee Verification lt Ping Utility gt Profile Directory Statistics lt Run time Window System Reports lt Events Exit lt Logout Scrollable Use the spacebar to change the selection and hit ENTER 5 2 Terminal Server Router Release 2 97 Profile Directory Remote Profile Remote WAN Profile Overview 2 Select RemoteUnit WAN Setup gt and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Profile Directory window o page forward o page Hit ENTER to configure the communication information for the remote profile 3 Configure the WAN on this Main window There are additional windows for specific features See the following sections Note The Remote Profile Window will change as options are selected The graphic below displays the window at its default settings Forcel Networks OTSR Wed Jan 2 2002 2 59 21 gt Profile Setup for REMAINS WAN Network Protocol Mode Updates GRE Tunnel IP Route g
205. s manual covers the Router menu driven software only For additional information on the TSR please see the Adit 600 User Manual Installation The TSR card can be installed into any of the service card slots of the Adit 600 chassis This card is hot swappable therefore the card can be removed and replaced without bringing down the system or with or without power to the unit Install a Router Card 1 Slide the Router card into a service card slot of the chassis 2 Press firmly into slot to engage until card is seated completely 3 Card has completed bootup when a solid Red CRD light an LED is displayed Maneuvering in the System 1 2 TAB moves from one field to the next Keyboard arrows move to the next field in the direction of the arrow Items in brackets are scrollable options With the Spacebar the operator can move through the selections ENTER displays the window for the selected feature or to enter a alphanumeric value ESC Exit and return to previous window or to the Main Menu Help Bar is displayed along the bottom of the window and lists options for the selected feature The router software contains three different field types that may be used in entering information scroll select and edit Terminal Server Router Release 2 97 Introduction Fields Fields Scroll Field A field enclosed in angle brackets is a scrollable option field While the field is selected use the following keystrokes
206. se 2 97 Profile Directory Local Profile Link Speed 3 Select Link Speed Auto Negotiate gt All options are available by scrolling with the SPACEBAR Once the selection has been made select ENTER to set the configuration Forcel Networks OTSR Wed Jan 2 2002 2 04 55 Profile Setup for LocalUnit LOCAL Frame Types LAN Network Protocol 802 2 Eth II SNAP 802 3 Updates IP K lt Neither gt IPX X X X X lt Neither gt Local Other X 4 X Profile Window LAN IP LAN IPX IP Address 10 0 0 1 802 2 Ext Network 00000000 Subnet Mask 255 0 0 0 Eth II Ext Network 00000000 Default Router 0 0 0 0 SNAP Ext Network 00000000 802 3 Ext Network 00000000 Setup Static Networks gt Link Speed Auto Negotiate Scrollable Select LAN Link Speed Discovery Method Link Speed Fields Auto Negotiate This selection is the default and is highly recommended to be left at this setting The router and the device will negotiate common features and functions 100T Full Duplex The selection will force the ethernet PHY to 100 MHz full duplex on the Router 100T Half Duplex The selection will force the ethernet PHY to 100 MHz half duplex on the Router 10T Full Duplex The selection will force the ethernet PHY to 10 MHz full duplex on the Router 10T Half Duplex The selection will force the ethernet PHY to 10 MHz half duplex on the Router Terminal Server Router Release 2 97 4 45 Profile Direc
207. sions are allowed to access the Router software For example one local and one remote one must be accessing with the VIEW level System Time Login 1 Select Management System Time Login gt from the Main Menu and select ENTER Forcel Networks OTSR Tue Jan 1 2002 1 03 36 gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management JICUBEUEHETHD Configuration Profile Directory Verification Ping Utility gt Statistics lt Run time gt System Reports lt Events gt Exit lt Logout gt Scrollable Use the spacebar to change the selection and hit ENTER 2 2 Terminal Server Router Release 2 97 Management Window System Date and Time This screen provides the basic system and security options for the Router card Forcel Networks OTSR Tue Jan 1 2002 1 07 13 gt System Time Login Setup for LocalUnit System Date and Time Wan 1 2002 1 06 38 Daylight Savings Time Adjustment lt Disabled gt Auto Logout Timer 30 Change Login VIEW Password gt Change Login CONFIG Password gt Change Login ADMIN Password gt Enhanced Security lt Disabled gt Editable System Date and Time in the form Mmm DD YYYY HH MM SS The Router is equipped with three password levels and an enhanced security password Level 1 VIEW allows the user to view only no changes are allowed Level 2 CONFIG allows the user to view and change all screens Level 3 ADMIN allows the us
208. station and the Router Since you are unable to Telnet into the local unit you will need to connect the local unit to a workstation using the Async port Once you are connected to the local unit refer to Chapter 8 Ping Utility The inability to ping from one device to the other indicates a problem with IP or possibly the Telnet software Refer to your Telnet documentation for more information Unable to access a remote unit via Telnet Refer to the instructions given above in Unable to access the local unit via Telnet In addition make sure that the workstation trying to Telnet as well as the IP and ARP packets are authorized to communicate across the WAN Review the FORWARD MODE field setting as well as the enabled filters on both the local and remote units to verify that they are set up to communicate refer to Chapter 3 Configuration Profile Directory Chapter 4 LAN Local Profile Overview and Chapter 5 Remote WAN Profile Overview Also if the remote network is different define the local unit s IP Address as the default route for the workstation and make sure that there is a remote route to the remote s network in the Network Server table Be aware that if you establish a firewall filter and do not expressly permit Telnetting into this unit you will be denied access Terminal Server Router Release 2 97 Troubleshooting Diagnostics and Performance Tools Diagnostics and Performance Tools The Verification Statistics and Syst
209. t Never gt lt Disabled gt IPK lt Blocked gt Other lt Blocked gt Remote NAT Gateway lt Disabled gt Profile Setup Window Numbered FW Allow Frags lt Disabled gt Setup lt Security Options gt gt Setup lt Trunk Port gt Editable Please enter a value Terminal Server Router Release 2 97 5 3 Profile Directory Remote Profile Remote WAN Profile Overview The graphic below displays how the window changes with the NAT Gateway enabled Remote Profile Window Forcel Networks OTSR Wed Jan 2 2002 23 00 12 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt Disabled gt IPX lt Blocked gt Other lt Blocked gt NAT Gateway BIDEHESSBD NAT Port Numbers lt Dynamic gt NAT Address lt Assigned by Remote WAN IP Numbered lt NO gt FW Allow Frags lt Disabled gt Setup lt Security Options gt gt Setup lt Trunk Port gt Scrollable Select whether this feature should be enabled Profile Setup for RemoteUnit This is an 11 character maximum field to uniquely identify this remote device This value identifies the remote system s name on the remote unit s Local LAN Profile Setup window All remote devices will initially have the default name RemoteUnit To change the name of the remote device simply type over the existing name This name will be used during the authentication process
210. t clock source set a 1 all type data Set the T1 1 of the Controller Type to Data connect a 1 all 1 1 1 Connect all of T1 1 to the Router that is in slot 1 connect a 2 all 1 1 2 Connect all of T1 2 to the Router that is in slot 1 rename 1 LocalUnit Denver Rename LocalUnit default to Denver LAN Set 1 1 1 2 multilink group 1 Assign 1 1 1 2 to multilink group 1 rename 1 RemoteUnit wanl Rename WAN 1 from RemoteUnit default to wanl Set 1 1 ip address 2 2 2 1 255 255 255 0 Set the ethernet IP address in the conventional IP address format Router LAN add 1 wanl static ip network 1 1 1 0 255 255 255 0 1 Adds a static IP network route to the WAN interface Set 1 wanl trunk multilink group 1 Set the WAN interface named wan1 to be mapped to trunk multilink group 1 reset 1 Reboot the router to enable all configurations set Terminal Server Router Release 2 97 12 11 Router Configuration Back to Back with Frame Relay Back to Back with Frame Relay The following configuration will set up two Routers back to back with Frame Relay Boulder oe Denver 1 1 1 1 24 e 2 2 2 1 24 IP Boulder Router in Slot 1 Command Description set clockl internal Set primary master transmit clock source set 1 default Set Router to default settings disconnect a 1 Disconnect all T1 connections on the Controller slot a disconn
211. t p Count 1 Time Message Jan 1 0 22 21 0 Ethernet Link 3 1 Down Press ESC to continue Clear Alarm Once an alarm is identified then the process of clearing it can begin Silence Alarm if necessary Alarm Cut Off CLI command aco Check Connection Check Cable replace if necessary Check hardware and replace if necessary Call Customer Service Terminal Server Router Release 2 97 C 9 Troubleshooting Clear Alarm C 10 Terminal Server Router Release 2 97 Annex D B8ZS Bit bps CHAP CLI command line CSU DHCP DNS filter firewall frame hops IP LMI loopback GLOSSARY A frame relay standard extension dealing with the communication and signaling between customer premises and equipment and frame relay network equipment for the purpose of querying network status information Bipolar 8 Zero Substitution a coding scheme that maintains ones density Contraction of the words binary and digit Bits per second Challenge Handshake Authentication Protocol Command Line Interface The command line is where you enter MS DOS commands Channel Service Unit the interface to the T1 line that terminates the local loop Dynamic Host Configuration Protocol DHCP is a network configuration that allows maintenance to be performed from a central site rather than by end users Domain Name Servers also known as resolvers are a system of computer which convert domain names into IP address
212. t software will generate a broadcast message requesting an IP Address from a DHCP server As a relay agent the Router will forward these requests to the appropriate server When the server assigns the workstation an IP Address the Router will then send this address back to the appropriate workstation Using this method the DHCP server can reside at a Remote WAN location and the Router can serve as an agent between requesting workstations and the server As a DHCP server the Router can assign up to 254 IP Addresses to DHCP clients on the local LAN It will not assign to clients across the WAN 1 Select Configuration Profile Directory gt from the Main menu select ENTER 2 Select LAN lt Setup gt and select ENTER Forcel Networks OTSR Profile Directory 1 Configured and 2 Enabled Wed Jan 2 2002 1 06 56 gt State Name Profile Type i outer Ais LocalUnit LAN ectory 1 RemoteUnit WAN Window Recv Send Frofile Setu NONE NONE gt NONE NONE Setup gt lt Enabled gt age forwar Hit ENTER to configure the communication information for this profile 4 32 Terminal Server Router Release 2 97 Profile Directory Local Profile DHCP Server Client Relay 3 Select Setup lt DHCP Server Client Relay gt If not displayed scroll to the selection with the SPACEBAR select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 43 49 Profile Setup for LocalUnit LOCAL F
213. t to the router identified in this field This field is only displayed if the IP Mode field is set to Bridge Forcel Networks OTSR Wed Jan 2 2002 23 14 27 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Bridge IPM Blocked gt Other lt Blocked gt Remote Profile Window WAN IP Default Router 0 0 0 0 FW Allow Frags lt Disabled gt Setup lt Security Options gt gt Setup lt Trunk Port gt Scrollable Use the spacebar to change the selection 5 10 Terminal Server Router Release 2 97 Profile Directory Remote Profile Transmission Options FW Allow Frags Use this field to allow fragmented packets to pass though the firewall to accommodate devices that send reverse ordered or out of ordered packets It is recommended that this field be left at Disabled since this is a security risk Enabled Enables the passage of fragmented packets Disabled Disables the passage of fragmented packets Default Forcel Networks OTSR Wed Jan 2 2002 23 15 38 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt lt Never gt lt Disabled gt IPM Blocked gt Other lt Blocked gt NAT Gateway lt Disabled gt WAN IP Numbered lt NO gt FW Allow Frags KDisabled Setup lt Security Options gt gt Setup lt Trunk Port gt Scrollable Use the spacebar to change the selection
214. tem Date Time Change recorded Terminal inactivity login terminated Terminal Server Router Release 2 97 A 2 User Events Authenticate Events Authenticate Events Description sysname failed to authenticate us using CHAP sysname failed to authenticate us using PAP Authentication successful to remote using CHAP Authentication successful to remote using PAP Authentication failure to remote using CHAP Authentication failure to remote using CHAP CHAP secret mismatch Authentication failure to remote using CHAP system name mismatch Authentication failure to remote using CHAP Retry timeout occurred WAN protocol is active inactive to remote on port X LCP negotiation was successful to remote IPCP negotiation was successful to remote CCP negotiation failed to Terminal Server Router Release 2 97 A 3 User Events Triggered Events Triggered Events 4 4 Description Triggered IPX Network request from X Triggered IPX Server request to from X Triggered 802 3 IPX Server update to from X Triggered 802 3 IPX Network update to from X Triggered 802 2 IPX Server update to from X Triggered 802 2 IPX Network update to from X Triggered ETH II IPX Network update to from X Triggered ETH II IPX Server update to from X Triggered SNAP IPX Network update to from X Triggered SNAP IPX Server update to from X Trigger
215. the Licensed Software to comply with the Force10 Networks software specifications but that do not significantly impair the function or service of the Force10 Networks Product or the system Determination of Severity 1 2 or 3 shall be made solely by Force10 Networks following receipt of the reported problem Refurbished material may be used to repair or replace the Product BUYER shall bear the risk of loss for Products or Software returned to Force10 Networks for repair replacement or service and the same must be shipped pre paid by BUYER Requests for warranty services and troubleshooting must be made to and will be provided by the Force10 Networks Customer Support Center via telephone during the warranty period and during normal business hours Normal business hours for Force10 Networks Customer Support Center are 7 00 a m to 6 00 p m Mountain Standard Time Monday through Friday excluding weekends and standard Force10 Networks recognized holidays Limitation of Warranty amp Limitation of Remedies Correction of defects by repair replacement or service will be at Force10 Networks option and constitute Force10 Networks sole obligation and BUYER s sole and exclusive remedy under the limited warranty Any such error correction or replacement provided to BUYER does not extend the original warranty period for hardware or software respectively Force10 Networks assumes no warranty or other liability with respect to defects in the Product or S
216. the packet will be sent to the router identified in this field If there are other routers and networks behind the Default Router add Static Network IP information with the Default Router as the Default Gateway If you are communicating with different network domains you will need to enter the IP Address of your Router as the default router on each workstation or make sure that the local router will redirect to the Unit when appropriate so that they may use the Unit to reach the remote site LAN IPX These fields enable the Unit to route IPX to Remote WAN networks even if an IPX server does not exist on the local LAN Typically the Router will learn its external network number However if the local LAN does not have a server or if the LAN NETWORK UPDATES field see above is set to lt Neither gt and you wish to route IPX to Remote WAN networks the external network number must be defined using these fields If you are not using IPX on your LAN these fields will not apply Please note that these are all hexadecimal entries For the following see you network administrator for the appropriate numbers If the frame type is unsupported leave the field set to Os 802 2 Ext Network Enter the corresponding IPX external network number Ethernet II Ext Network Enter the corresponding IPX external network number SNAP Enter the corresponding IPX external network number 802 3 Ext Network Enter the corresponding IPX external network
217. the remote which match the value in the Service field will adhere to the value in the Action field Outgoing All transmissions outbound from the LAN toward this remote which match the value in the Service field will adhere to the value in the Action field In Out Will affect both incoming and outgoing transmissions Local IP Address Network Enter the IP Address of the local device or network that this rule will affect If you enter the address of a local device this rule will affect only the session establishments of the local device and the destination address entered in the Remote IP Address Network field below If this rule is to affect any local devices networks leave this field with an asterisk default symbol Significant Bits Use this field to identify the number of bits from left to right that will be used to match the IP Address field within the data packet with the value entered into the Local IP Address Network Range is between 1 32 Terminal Server Router Release 2 97 5 35 Profile Directory Remote Profile Firewall Filters Remote Profile 5 36 Remote IP Address Network Enter the IP Address of the remote device or network that this rule will affect If you enter the address of a remote device this rule will affect only the session establishments of the remote device and the device network address entered in the Local IP Address Network field above If this rule is to affect any remote devices networks lea
218. tion 1600 VALID 4242 BXS Basic Block Protocol 5208 BBN Simnet Private 6000 DEC Unassigned 6001 DEC MOP Dump Load Assistance 6002 DEC MOP Remote Console 6003 DEC DECnet Phase IV 6004 DEC LAT 6005 DEC DECnet Diagnostics 6006 DEC DECnet Customer Use 6007 DEC DECnet SCA 6008 DEC unassigned 6009 DEC unassigned Terminal Server Router Release 2 97 Protocol Types Ethernet Protocol Types HEX Description 6010 6014 3Com Corporation 7000 Ungermann Bass download 7001 Ungermann Bass NIU 7002 Ungermann Bass NIU 7007 OS 9 Microware 7020 7029 LRT England 7030 Proteon 7034 Cabletron 8003 Cronus VLN 8004 Cronus Direct 8005 HP Probe protocol 8006 Nestar 8008 AT amp T 8010 Excelan 8013 SGI diagnostic type obsolete 8014 SGI network games obsolete 8015 SGI reserved type obsolete 8016 SGI bounce server obsolete 8019 Apollo 802E Tymshare 802F Tigan Inc 8035 Reverse ARP 8036 Aeonic Systems 8038 DEC LANBridge 8039 DEC Unassigned 803A DEC Unassigned 803B DEC Unassigned 803C DEC Unassigned 803D DEC Ethernet CSMA CD Encryption Protocol 803E DEC Unassigned 803F DEC LAN Traffic Monitor 8040 DEC Unassigned 8041 DEC Unassigned 8042 DEC Unassigned 8044 Planning Research Corporation 8046 AT amp T 8047 AT amp T 8049 ExperData France Terminal Server Router Release 2 97 B 7
219. to 41 characters DNS Server Enter the IP Address for the DNS Server Site This field lists the Local LAN and all the RemoteUnit that have a profile created for them Use the SPACEBAR to scroll through the list 3 16 Terminal Server Router Release 2 97 Profile Directory Router Card Profile Spanning Tree Protocol Spanning Tree Protocol The Spanning Tree Protocol configures the global setup for using the Spanning Tree Algorithm as specified in the IEEE 802 1D specification 1 Select Spanning Tree Protocol Configure and select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 45 45 gt QTSR ROUTER Slot 3 Configuration RIP Mode Receive lt RIP1 gt RIP Mode Send lt RIP1 gt Trunk Configure gt Security Configure gt SNMP Configure gt DNS Proxy Configure Spanning ree Protocol Network Time Protocol Configure SysLog Configure DNS Resolver Configure Configure Spanning Tree Protocol 2 To enable Spanning Tree scroll lt Disabled gt to lt Enabled gt with the SPACEBAR select ENTER Forcel Networks OTSR Tue Jan 1 2002 4 48 04 gt Spanning Tree Global Setup for local LocalUnit Spanning Tree IMEEM Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 3 17 Profile Directory Router Card Profile Spanning Tree Protocol 3 16 3 Enter the appropriate data in the following fields Forcel Networks OTSR Tue Jan 1 2002 4 49 00
220. to ensure this unit s identity Please note that the system is case and spacing sensitive Terminal Server Router Release 2 97 Profile Directory Remote Profile Transmission Options Transmission Options The following fields are always displayed on the Remote Profile setup window By selecting options on this section other fields are displayed or removed lt Forcel Networks OTSR Profile Setup for RemoteUnit WAN Network Updates lt Never gt Wed Jan 2 2002 3 01 58_ gt GRE Tunnel lt Disabled gt Protocol Mode I Route gt IPM Blocked gt Other lt Blocked gt Protocol This field displays three protocol options IP IPX and Other Use the Mode WAN Network Updates and GRE Tunnel fields to determine how and if the listed protocols will be used This screen will change dramatically as different modes are selected Mode This field works in conjunction with the Protocol field above and defines which protocol s the Remote Unit will use to send and receive data when communicating with this remote device Protocol Route Blocked Bridge Optimize IP X X X IPX X X X Other X X Route When used in conjunction with the LAN Network Updates Local Profile window and WAN Network Updates setting below the lt Route gt values enable the Router to use Force10 Networks network optimization feature which ensures that only necessary data is transmitted over the
221. tory Local Profile Link Speed 4 46 Terminal Server Router Release 2 97 CHAPTER Profile Directory Remote Profile In this Chapter m Remote WAN Profile Overview m Security Options m Static VPN Networks m Static NAT Addresses m NAT Bypass Subnets m Static Addresses m Firewall Filters Remote Profile m Filter Network Server m Spanning Tree m Trunk Port Profile Directory Remote Profile Remote WAN Profile Overview Remote WAN Profile Overview The fields on the Remote WAN Profile Setup window allow you to define how and when data transmission will occur with a specific remote device This includes defining the protocol s that it will use to send and receive data defining security information static networks and WAN lines The Local Unit will depend on this information to determine communication guidelines with remote sites The Remote WAN profile can support up to 24 remote profiles The Remote WAN profile complements the Local LAN profile The remote profiles identify which remote devices the local unit can communicate with by defining the data transmission requirements of each remote device The local profile defines the local unit s transmission requirements and may appear as a remote profile in each remote unit s profile directory It is important to understand that the information contained in the remote profile determines how the local and remote units establish communication 1 Onthe Main Menu pres
222. tta EATE See e TES eee aS iii Limitation of Warranty amp Limitation of Remedies 04 lv Warranty Product Returns 0 cece eects V INGHCES rm vi Introduction OVERS W eee E E dE E use E E tes A E E cas eed 1 2 Tostall tion sene eE e rE E E E E ars a Ee 1 2 Install a Ro ter Card 2 eere ae eer m aree eoe RR we Rete ec 1 2 Maneuvering in the System 0 0 eee ete ees 1 2 Eieldsu s enisi E eie LL SIM pe AE EE 1 3 Scroll Field yenerse arepe phe a xU rA WU OR ERE V Re 1 3 Select Field bL wea ei RR Ee bee Ee 1 3 Edit Field esset ug ERR RS REG SOMES ROS AG RATNER EDS EO 1 3 Help Bate se esi neces 40a eho RAG d S155 RPM EY RESERVE 1 4 Connecting t the Router x eR REX eee eae eRe p iee AER 1 5 Establish a Telnet Session 1 5 e eR rare gehn oe reed a acd 1 5 Set a New Password 0 cece tte hen 1 6 Management Window Management OVervieW iw orase deo ae ves eer es EX ee Ree A ees 2 2 System Time Login oiu dave Gey sae ee eee eee FESSES D 2 2 System Date and Time csser ccc a ee ee eee RE CREE 2 3 Daylight Savings Time Adjustment 0 0 cece eee eee eee ee 2 3 Atito Lo gout TIME ereire cei pere Los ebbe ee Bh ees 2 3 View Password osadi itea wind eg eni wig ROREM sind gipie ee ale nied piesa 2 4 Config Password seses ceo Hath iene dese EE ee Eod Pee 2 4 Admin Password eo 3045495555254 EX Wu BS UBER Oe CaN Red 2 4 Enhanced Security isss satis aaie ete ees 2 5 Upload Download
223. twork 00000000 802 3 Ext Network 00000000 Setup AE Min gt Link Speed lt Auto Negotiate gt Scrollable Select the item to be set up and hit ENTER 4 To enable Spanning Tree scroll lt Disabled gt to lt Enabled gt with the SPACEBAR select ENTER Forcel Networks OTSR Wed Jan 2 2002 1 54 52 gt Spanning Tree Port Setup for local LocalUnit Spanning Tree XMEEgG Scrollable Use the spacebar to change the selection Terminal Server Router Release 2 97 4 39 Profile Directory Local Profile Spanning Tree 5 Enter the appropriate data in the following fields Forcel Networks OTSR Wed Jan 2 2002 1 55 25 Spanning Tree Port Setup for local LocalUnit Spanning Tree XMIEIIECN Port Priority 128 Port Cost 100 Scrollable Use the spacebar to change the selection Spanning Tree Fields Port Priority The Port Priority value can range from 0 to 255 with a default of 128 Port Cost The Port Priority value can range from 0 to 65535 with a default of 100 4 40 Terminal Server Router Release 2 97 Profile Directory Local Profile Secondary IP Address Secondary IP Address This option will add a secondary IP address and subnet to the specified LAN interface The router will then be capable of routing between the various subnets on the LAN interface or between any of the LAN subnets and any WAN subnet A maximum of 8 secondary IP addresses can be added to the LAN
224. ulation Protocol J16 95 MICP Mobile Internetworking Control Pro J16 96 SCC SP Semaphore Communications Sec Pro HXH 97 ETHERIP Ethernet within IP Encapsulation RFC3378 98 ENCAP Encapsulation Header FRC1241 RXB3 99 any private encryption scheme IANA 100 GMTP GMTP RXB5 101 IFMP Ipsilon Flow Management Protocol Hinden 102 PNNI PNNI over IP Callon 103 PIM Protocol Independent Multicast Farinacci 104 ARIS ARIS Feldman 105 SCPS SCPS Durst 106 QNX QNX Hunter 107 A N Active Networks Braden 108 IPComp IP Payload Compression Protocol RFC2393 109 SNP Sitara Networks Protocol Sridhar 110 Compaq Peer Compaq Peer Protocol Volpe 111 IPX in IP IPX in IP Lee 112 VRRP Virtual Router Redundancy Protocol Hinden 113 PGM PBM Reliable Transport Protocol Speakman 114 any 0 hop protocol IANA 115 L2TP Layer Two Tunneling Protocol Aboba 116 DDX D II Data Exchange DDX Worley 117 IATP Interactive Agent Transfer Protocol Murphy 118 STP Schedule Transfer Protocol JMP 119 SRP SpectraLink Radio Protocol Hamilton 120 UTI UTI Lothberg 121 SMP SMP Ekblad Terminal Server Router Release 2 97 Protocol Types Protocol Number in Firewall Filters Number Keyword Protocol Reference 122 SM SM Crowcroft 123 PTP Performance Transparency Protocol Welzl 124 ISIS over IPv4 Przygienda 125 FIRE Partridge 126 CRTP Combat Radio Transport
225. unsuccessful test The Router is not able to talk to the IP Address Timeout This is an unsuccessful test There is no response within a reasonable amount of time Response Count During successful testing the Response Count field will display the number of times that the Router received an echo back from the device Timeout Count The Timeout Count will increment with each unsuccessful ping During successful testing the Timeout Count field will display a 0 which means that no communications errors have been encountered NOTE Acontinuous ping test may be intermittently unsuccessful This is an indication that a transmission error may occur with this device during actual data transmission Terminal Server Router Release 2 97 Verification Window Trace Route Trace Route The Trace Route option is used to verify timely and reliable connections The Trace Route utility determines the path a packet follows from source to destination 1 Onthe Main Menu press TAB until the Ping Utility is highlighted on the Verification option 2 Press SPACEBAR to scroll to Trace Route Forcel Networks OTSR Wed Jan 2 2002 5 40 34_ gt QTSR Main Menu QTSR Version 2 97 Slot 3 Category Selection Management lt System Time Login gt gt Configuration Profile Directory gt gt Verification ANE THEN gt Statistics lt Run time System Reports lt Events Exit lt Logout Scrollable Use the spacebar to change the sele
226. ve this field at the default symbol Significant Bits Use this field to identify the number of bits from left to right that will be used to match the IP Address field within the data packet with the value entered into the Remote IP Address Network Range is between 1 to 32 lt Packets which match this rule Use this field to indicate whether a rule match should trigger an Alarm or Log entry Blank A transmission match will not trigger an Alarm or Events log entry Alarm A transmission match will trigger an Alarm entry Log A transmission match will trigger an Events log entry Log or Alarm entries may also be useful when a specific security issue is at stake For example if your security policy does not permit Telnetting you may wish to keep track of all Telnet attempts As a general rule however we do not recommend keeping a log of all rule matches since this may impact system performance and may cause an Event or Alarm screen overflow NOTE When this field is enabled a single event alarm will be logged for all TCP session initiations An event alarm will be logged for each packet for all UDP transfers UDP traffic should not be allowed across a firewall NOTE All firewall rules are considered filters and will be applied toward the maximum allowable number of 500 filters Terminal Server Router Release 2 97 Profile Directory Remote Profile Filter Network Server Filter Network Server This screen allows you to f
227. works OTSR Profile Setup for RemoteUnit WAN Network Profile Directory Remote Profile Transmission Options Wed Jan 2 2002 3 12 29 gt GRE Tunnel Protocol Mode Updates I Route gt Never gt IPX lt Blocked gt Other lt Blocked gt NAT Gateway lt Disabled gt Numbered IP Address Subnet Mask lt Disabled gt FW Allow Frags lt Disabled gt Setup lt Trunk Port gt Scrollable Use the spacebar to change the selection Numbered Designate if the local unit will have an IP Address assigned to the WAN when communicating with this remote unit If the remote unit is an Axxius it is recommended that the WAN remain unnumbered thus conserving IP Addresses This field displays if the IP Mode field is set to lt Route gt IP Address This address is used to uniquely identify the Remote Unit on the internetwork Use this field to assign an IP Address to the WAN Subnet Mask A subnet mask determines which bits in the IP address are used to identify the network number It is also a method of extending the IP Network Address so that a site may use one network address for several different networks Terminal Server Router Release 2 97 5 9 Profile Directory Remote Profile Transmission Options Default Router Use this field to identify a router that is physically connected to your LAN If the Router receives a packet destined to a network that is not known the packet will be sen
228. y be configured Authentication of Remote Protocol CHAP PAP or NONE Use this field to identify the authentication protocol to be used by this Router when authenticating remote devices Local Security Server Use these fields to identify the local server that is used to authenticate remote devices This field is only necessary if you are using either the lt RADIUS gt or lt TACACS gt security authentication method If you are not using either of these security methods the Router will respond to the authentication requests of remote devices and will accept or reject them based on their validity Type Use the SPACEBAR to choose the security authentication method that you are using lt None gt Use this setting if the local unit will be used to authenticate remote devices Please note that you may not use the lt None gt setting if the Security Server field for a remote device has been set to External Server lt RADIUS gt Will set the server to use the RADIUS Remote Authentication Dial In Service protocol RADIUS is a client server based authentication software system lt TACACS gt Will set the server to use the TACACS Terminal Access Controller Access Control System protocol TACACS provides services of authentication authorization and accounting independently Terminal Server Router Release 2 97 3 9 Profile Directory Router Card Profile Security Address Enter the IP Address of the local server that will be us
229. y choosing the SETUP Static Networks option on the Local LAN Profile Setup window NOTE All static routes are considered filters and will be applied toward the maximum allowable number of 500 filters Depending on the GRE Tunnel field setting the Static VPN Networks window display fields are modified The following displays two options GRE Tunnel set to All 1 Select Configuration Profile Directory gt from the Main Menu and press ENTER 2 Select WAN Setup gt on the RemoteUnit line and press ENTER Forcel Networks OTSR Wed Jan 2 2002 2 58 07 gt Profile Directory 1 Configured and 2 Enabled Name Profile Type Recv Send Profile State Router CARD lt Setup gt LocalUnit LAN NONE NONE Setup gt 1 RemoteUnit WAN NONE NONE lt gt lt Enabled gt Profile Directory Window o page forward o page Hit ENTER to configure the communication information for the remote profile 5 18 Terminal Server Router Release 2 97 Profile Directory Remote Profile GRE Tunnel set to lt All gt 3 Set GRE Tunnel to lt All gt 4 Select Setup lt Static VPN Networks gt scroll with the SPACEBAR to through the options and select ENTER Forcel Networks OTSR Wed Jan 2 2002 23 19 29 gt Profile Setup for RemoteUnit WAN Network Protocol Mode Updates GRE Tunnel IP Route gt Never gt lt All gt IPK lt Blocked gt Other lt Blocked gt p IP Protocol VPN Set A rotoc
230. y gt The DHCP Relay will forward the DHCP BOOTP requests to the defined address of the remote unit selected Forcel Networks OTSR Wed Jan 2 2002 1 49 49_ gt DHCP Server Client Relay Agent Setup for local LocalUnit DHCP Mode Relay gt Forward DHCP BOOTP Requests to eae at MAAMA DHCP Mode Relay Scrollable Select the remote on which the DHCP Server resides Forward DHCP BOOTP Requests to 1 Atthe 0 0 0 0 field enter the IP address of the remote unit and select ENTER or TAB The next field will appear 2 Attheat 7 field select the remote unit scroll through the list and select ENTER or TAB A second IP address can be entered in the same manner on the second line 4 Press ESC to save changes and return to the Local LAN Profile Setup window 4 36 Terminal Server Router Release 2 97 Profile Directory Local Profile DHCP Server Client Relay DHCP Mode lt Client gt Forcel Networks QTSR Wed Jan 2 2002 1 51 46 gt DHCP Server Client Relay Agent Setup for local LocalUnit DHCP Mode HEFNENEP lt Renew gt Automatic DNS lt Enabled gt Set Tx Packets Broadcast Bit X Request Description X IP Address Mask DNS Host N ost Name DHCP DNS Domain Name Mode DNS Primary Server 0 0 Client DNS Secondary Server Client ID 97 10 07 EE Lease Time hr min sec Server ID Server IP Relay flgent 0 0 Current Status Not Enabled Quarantined N Scr
Download Pdf Manuals
Related Search