Black Box LR1530A-EU-R3 User's Manual
Contents
1. Permanent Remove Remote Site Information LAN Statistics 1 Bridged traffic 1 Common protocol stats 2 statistics Frame relay statistics 44 4 Status 5 Usage information 6 Clear remote site stats 4 Total LAN traffic 5 LAN error 6 Clear LAN statistics 7 Clear LAN errors 2 WAN diagnostics 1 Link operation 2 Test pattern set up menu 3 T1 loopback menu 2 External loopback 3 CSU DSU self test CSU DSU digital loopback CSU DSU remote loopback 4 NAT Exports Link performance 1 Display local 2 Display local ATT 3 Display far end 4 Reset local 5 Reset far end 6 Reset all 5 1 SNMP set up menu T Edit Community menu Server IP pool address menu 1 LAN firewall setup menu dit Services 2 1 2 DHCP set up menu 2 Message Size 2 DNS setup menu 2 WAN firewall setup menu 2 Router port 2 Syslog 3 Firewall set 3 Show Communities 3 NetBIOS setup menu 1 2 Block src IP spoofing 3 Default export 3 Events ciate 4 Remove Community 4 DHCP services 4 Show services 2 4 Security pus 5 Relay destination LAN WAN Firewall Set Up 5 Clear services 5 Activation ESOS 6 ICMP echo verification 6 Firewall 6 Time to live Edit Community 7 Lease period 1 Designated servers menu 1 7 Ping TACUIT 8 Default Gateways 2 Edit firewall entry menu2. SOURCEPORT SEQUENCE NUMBER ACKNOWLEDGEMENT NUMBER 46 47 48 49 50 51 52 53 54 55 56 57 1 1 1 GES Reserved WINDOW CHECKSUM URGENTPOINIER DATA FIELD 58 59 60 61 62 63 64 W Y 2 L i L L L DATA FIELD NEXT 500 OCTETS ETHERNET CHECKSUM Octet Locations on a Bridged N ovell N etware Frame LEVEL2 ETHERNET 0 1 2 3 4 5 6 7 8 9 10 n 12 13 L L 1 1 ETHERNET DESTINATION ADDRESS ETHERNET SOURCE ADDRESS TYPECODE NOVELL IPX HEADER 14 15 16 17 18 19 20 21 22 23 L 1 1 Checksum LENGTH DESTINATION NETWORK 24 25 26 27 28 29 30 31 32 33 34 35 1 1 1 1 DESTINATION DESTINATION HOST sana SOURCE NETWORK 36 37 38 39 40 41 42 43 1 1 1 i L SOURCE SOURCEHOST NOVELL SPX HEADER 44 45 46 47 48 49 50 51 52 53 54 55 Connection Datastream SOURCE DESTINATION SEQUENCE ACKNOWLEDGE ALLOCATION Control Type CONNECTION ID CONNECTIONID NUMBER NUMBER NUMBER NOVELL DATA FIELD AND ETHERNET CHECKSUM 56 57 58 59 60 61 62 w x Y 2 DATA FIELD 5340CTETS OF DATA ETHERNET CHECKSUM 68 Octet Locations on Ethernet Frames ETHERNET Type Codes Type Code Description 0801 X 75 Internet ARP 0 DECMOPDumpload 6x2 DECMOPRemoteConsie soos DECDECNETPhaseIVRoute DEC Diagnost
3. OTN e 3 INTRODUCTION TO FILTERING MAC Address Filtering Pattern Filtering Popular Filters Bridge IP amp Related Traffic Novell IPX Frames NetBIO S amp NetBEUI Microsoft Windows Banyan IP router NetBIO S over TCP Other interesting TCP Ports APPENDIX A MENU TREES APPENDIX B OCTET LOCATIONSON ETHERNET FRAMES Octet Locations on a Bridged TCP IP Frame Octet Locations on a Bridged Novell Netware Frame ETHERNET Type Codes Octet Locations on an IP Routed TCP IP Frame Octet Locations on an IPX Routed Novell Netware Frame Octet Locations on a Bridged XNS Frame APPENDIX C SERVICING INFORMATION Opening the case Identifying the Internal Components Sanity Timer Force ZMOD EM Software Load To Clear a Lost Password Connecting to the Console Connector WAN Interface Connection Pinout Information V 35 Module CSU D SU Module T1 E1 Module UNIVERSAL WAN Module V 35 Link Pinouts RS232C V 24 Link Pinouts RS530 RS422 Link Pinouts V 11 X 21 Link Pinouts Contents V 11 X 21 DB25 to DB15 Connector Cable V 35 Null Modem Cable Configuration The link speed must be defined for each of the two units RS232 V 24 Null Modem Cable RS530 RS422 Null Modem Cable APPENDIX D SOFTWARE UPGRADES 86 87 87 88 89 91 1 INSTALLATION The router is an Ethernet Bridge Router that provides bridging IP IPX routing and compression over a frame relay permanent virtual circuit or a PPP l
4. ARP aging timer S IP routing p 2 Default Gateway Ti Dosunalon 12 ARP retry timer 4 IP forwarding 3 Show all Routes 2 Status a3 Add 5 ARP proxy 1 4 Show Static Routes Remote 44 iie 5 Clear Static Routes Next hop 3 Type 14 Cost 5 Private 7 26 Add Remove 1 17 Network mask Routing Setup Ep 3 1 Slatic Routes menu Stane Routes Statio Services 1 12 Static Services menu JF OU Edit Route T Edi Service Edit Service i Convert Route 2 Convert Service cong 3 Show Routes Status 3 Show Static Services 4 4 Clear Static Routes y 5 Local Networks Interface 4 Clear Static Services 2 Server Name 6 Show Routes 4 Hops 24 Interface 7 Show Services zG Ti Network 18 Help Node E Socket 8 Hops 8 FiterSetup Jl MAC Address Router Pattern IPX Router Pattern lers Filters 11 MAC Address Filters i T T METTE d E Eum o Bee PX Router Patom Filters a 3 Broadcast Address 13 Remove Alias 13 Remove Alias 13 Remove Alias 4 Show Bridging Table Status Show Pattern Show Pattern 4 Show Pattern 5 Show Permanent Table Location Add Pattern Add Pattern 5 Add Pattern 16 Clear Bridging Table iter If Source 36 Remove Pattem 6 Remove Pattern 15 Remove Pattern Filter If Destinatior lelp Help 7 Help 3l T1 E1 Loopback COpback pe 2 Loopback mode Loopback delay Start loopback Menu Tree sof
5. Figure 2 9 Local Extemal DNS Server Configuration 47 Applications Configure N etwork Address Translation NAT Support is provided for Network Address Translation NAT Network Address Translation is a technique which translates private IP addresses on a private network to valid global IP addresses for access to the Internet Port translation NAPT allows more than one private IP address to be translated to the same global IP address Port translation allows data exchanges initiated from hosts with private IP addresses to be sent to the Internet via the router using a single global IP address A global IP address must be assigned to the WAN link upon which NAPT is enabled for NAPT to work The global IP address will be assigned by the ISP To use NAPT the private network addresses of the services that will be available globally must be assigned NAT Exports Location Main Configuration Applications Set up NAT Exports Edit Services enter the private network IP address of each service offered The NAT enabled option allows you to enable Network Address Translation NAT Enabled Location Main Configuration WAN Set up Remote Site Set up Edit Remote Site Protocol Set up V IP Parameters NAT Enabled Enabled 48 Applications Translation The Translation Type option allows you to use Network A ddress Port Translation type Location Main Configuration WAN Set up Remote Site
6. offset Used in pattern filters to determine the starting position to start the pattern checking Example 12 80 This filter pattern will match if the packet information starting at the 128 octet equals the 80 of the filter pattern OR Used in combination filters when one or the other conditions must be met Example 10 201 12 80 This filter pattern will match if the packet information starting at the 10 octet equals the 20 of the filter pattem or if the packet information starting at the 12 octet equals the 80 of the filter pattern amp AND Used in combination filters when one and the other conditions must be met Example 10 20 amp 12 80 This filter pattern will match if the packet information starting at the 10 octet equals the 20 of the filter pattem and the packet information starting at the 12 octet equals the 80 of the filter pattern NOT Used in pattern filters to indicate that all packets not matching the defined pattern will be filtered Example 12 80 99 This filter pattern will match if the packet information starting at the 12th octet does not equal the 80 of the filter pattern Introduction to Filtering brackets Used in pattern filters to separate portions of filter patterns for specific operators Example 12 80 amp 14 24 14 32 This filter pattern will be checked in two operations First the section in brackets will be checked and then the results of th
7. B Receive Signal Element Timing DCE Source X 10 CF B Received Line Signal D etector X 11 DA B Transmit Signal Element Timing DTE Source x 12 DB B Transmit Signal Element Timing DCE Source Lb 13 CB B Clear to Send a DB A Transmit Signal Element Timing DCE Source C RR 17 a Receive Signal Element Timing OCE Source X Local Loopback IX i X 20 coar omaremmat Remote Loopback K S CD b DataTermina Ready K DA A Transmit Signal Element Timing OTE Source X A Figure C 8 RS530 RS422 Link Pinouts The connecting cable must be a shielded cable Circuits which are paired contain an A and B reference should be connected to twisted pairs within the connecting cable 84 Servicing Information V 11 X 21 Link Pinouts X 21 Direction Contact Circuits Circuit To From No Ref Name DCE DCE O1 proteciveGrom 3 T transmitted X ECT Lp se p Indication A ssa Sa tiene gt Egle ee 777 DE 7 8 Gmud Ground 9 Te TrmmitedDaa X n 88 Received dati x 3 89 indication a ser f Figure C 9 V 11 X 21 Link Pinouts The connecting cable must be a shielded cable Circuits which are paired contain an A and B reference should be connected to
8. Simply connect the routers to each of the LANs and connect the interface module to the supplied equipment from the service provider The WAN set up must be configured appropriately in order for the links to operate Once the WAN connection has been established to the remote partner router the router will proceed to bridge the LAN traffic between the two locations If SNMP or Telnet management is required for the router an IP address must be defined for each router The IP address allows network management stations to use SNMP to configure and monitor the router remotely The IP address also allows Telnet stations to connect to the router and view the builtin menu system without having to physically connect to the device IP Address Location Main Configuration LAN Set up LAN IP Set up V P A ddress Subnet mask size The IP address consists of four 8 bit numbers and is represented by 4 fields separated by periods where each field is specified by a decimal number e g 199 169 1 10 Each decimal number must be less than or equal to 255 the maximum value of an 8 bit field The IP address is first specified and then you will be prompted to enter the size of the subnet mask 31 Applications The size of the subnet mask defines the subnet mask by using the specified number to reserve a series of contiguous bit locations from the start of the entire IP address These reserved bit locations are then used as the
9. The router is pre configured to query the frame relay service to auto learn the LMI type and the PVC DLCI numbers This auto learn function allows the router to be plugged into the frame relay service and auto leam the PVC configuration to become operational without further manual configuration Manual configuration is also allowed by modifying the options within each Remote Site Profile and the individual link configuration menus When the router first starts up it will query the frame relay service to try to determine the LMI type Once the LMI type is determined the PVC configurations will be known from the full status enquiry messages If the DLCI numbers of the PVC s on your service are determined during this learning process the router will automatically create a remote site profile for each PVC The automatically created remote site profiles will be named LinkxD LClyyy where x is the physical link number the PV C is on and yyy is the DLCI of the PVC ra If during this learning process the maximum number of remote sites 40 has been reached the router will prompt you that there are no remote sites available A new remote site cannot be auto created unless one of the existing remote sites is manually deleted 22 Applications Manual Configuration LMI Type The LMI Type option allows you to manually specify the type of Link Management Interface in use by the Frame Relay service provider for the Frame Relay service Whe
10. a standard RS 232 crossover converter should be used The following table illustrates the console pinouts RJ45 connector DB9 connector RS 232 on unit DCE on converter DCE signal name Console LAN 3 y Y 7 N MDI X MDI Figure Rear View of the Console and LAN Connectors 7 Servicing Information WAN Interface Connection Pinout Information The router is manufactured with three different WAN link modules V 35 LXT411 CSU DSU or Universal WAN The type installed may be determined from the label above the WAN link output connector on the back of the router V 35 Module The V 35 link interface is provided as a D B25 connector on the back of the bridge router so an interface converter is needed to convert to the standard V 35 connectors When connecting two bridge routers back to back without modems a null modem cable is required to crossover the pins on the links Crossing over the pins allows two bridge routers both configured as DTE interfaces to be connected together With this configuration both bridge routers will provide clocking for the links and each bridge router must have a link speed defined CSU DSU Module Routers with an LXT411 CSU DSU interface module use a standard RJ45 service connector pinout specification RJ48S 56 64 CSU DSU Figure C 4 Rear View of the CSU DSU Connector 78 Servicing Information The LXT411 CSU DSU link connect
11. the IP router sends the IP frame to the remote partner router that is connected to the appropriate remote IP network If no explicit route entry is found in the routing tables the IP frame is sent to the D efault G ateway To configure the router to be an IP router the following parameters must be defined in the built in menu system 33 Applications IP Address Location Main Configuration LAN Set up LAN IP Set up V P A ddress Subnet mask size The IP address consists of four 8 bit numbers and is represented by 4 fields separated by periods where each field is specified by a decimal number e g 199 169 1 10 Each decimal number must be less than or equal to 255 the maximum value of an 8 bit binary number The IP address is first specified and then you will be prompted to enter the Subnet mask size The Subnet mask size defines the subnet mask by using the specified number to reserve a series of contiguous bit locations from the start of the entire IP address These reserved bit locations are then used as the network portion of the IP address for the subnet For example with a class C IP address a subnet mask size of 26 will mask the 24 network address bits plus 2 host bits for the subnet address resulting in 4 subnet addresses being created Note that depending on whether or not nonstandard subnets are allowed not all of these addresses may be valid see the sections on defining masks Th
12. up and configuration purposes For more information on all of the configuration parameters available please refer to the router PPP Menus Reference Manual file on the accompanying CD RO M 51 Applications Configure Firewall The router provides Firewall security for restricting access between any two networks connected through the router Firewalls are set up on a per connection basis for the LAN and remote sites The direction of filtering is from the perspective of the router incoming traffic is from the network in question to the router outgoing is from the router to the network The direction of filtering may be set to incoming outgoing both or none Once the direction of filtering for a connection has been set holes may be created in the firewall to allow specified traffic through Normally the LAN firewall is used for restricting intranet traffic connections within the corporate network and remote site firewalls are used to limit access from less trusted sources such as the Internet or dial up links Main FTP server 195 100 1 12 Main Web server 195 100 1 20 Corporate Head Office Network 195 100 1 0 Branch Office Network 195 100 2 0 Router with firewall enabled Any other network any IP address Figure 2 10 Sample Firewall Application The above diagram shows a corporate head office network which is connected to the Internet with an router There is also a branch office at a remote sit
13. 4 5 Data Set TEE Data Set Ready 6 4 Request To Send Data Set mt 5 Figure C 11 V 35 Null Modem Cable The connecting cable must be a shielded cable Circuits which are paired contain an A and B reference should be connected to twisted pairs within the connecting cable This cable is needed when it is necessary to connect two units back to back and a set of modems is not available Note that this cable specifies D B25 connectors on each end to allow direct connection to the link interface connector on each unit The link speed must be defined for each of the two units 87 Servicing Information RS232 V 24 Null Modem Cable DB25 MALE Shield Shield Transmitted Data Received Data Received Data Transmitted Data Request To Send Data Set Ready Data Set Ready Request To Send DB25 MALE DTE Ready Received Line Signal Detector CD 8 Signal Ground Signal Ground 7 Received Line Signal Detector CD DTE Ready 20 15 Transmit Timing DCE Source Receiver Timing DCE Source 17 17 Receiver Timing DCE Source Transmit Timing DCE Source 45 24 Transmit Timing DTE Source Transmit Timing DTE Source 24 Figure C 12 RS232 V 24 Null Modem Cable The connecting cable must be a shielded cable This cable is needed when it is necessary to connect two units back to back and a set of modems is not available Note that this cable specifies D B25 connectors on
14. 6 Route cost Protocol Set Up Security Parameters Menu Tree software release F5P 06 02 xx Relay Options 3 4 5 Set Up FLASH Set Up Password 1 Telnet access 1 Console ZMODEM Dump Device Name 2 Network TFTP Restore Show Time 6 Remove Name 3 LAN IPX Set Up T Ethernet frames 2 RAW 802 3 frames 3 IEEE 802 2 frames 4 802 2 SNAP frames 5 Auto Leam 2 6 Help 1 Secondary IP Set Up 1 Edit Secondary 1 Edit Secondary Show Secondary Ent Remove Secondary Entry 41 Secondary Mask Size ubnet Mask outing Protocol IP mode rivate Route toute Cost 2 LAN NAT set up 11 Translation type 7 Show address pool Dynamic IP pool 24 Add static entry Remove static entry 6 NAT enable Connection Set Up Primary link Auto call 1 2 2 3 4 El 5 Time Interval 6 State 1 Bridge Parameters 1 1 STP parameters menu 2 Bridge enabled inygram preservation 2 IP Parameters 11 IP routing menu NAT Advanced menu 1 1 STP Parameters T Schedule 2 Usage set up 3 Threshold setup 4 Inactivity timer 5 Recovery timer Hf Schedule 1 Activation intervals Display schedule Display time Usage Set Up Usage hmm a 2 Call l mit 3 Restart time 1 1 Routing protocol Z RIP mode 3 Triggered 4 Auto Default Route 5 Link cost NAT advanced 1 Translation type
15. Address 199 169 100 0 Subnet IP Network Address Subnet Network Address Subnet Mask is 199 169 100 64 255 255 255 192 199 169 100 128 Router IP Address 199 169 100 129 Subnet Mask Size 26 Router IP Address 199 169 100 65 Subnet Mask Size 26 1 LE zi f PEE E 2 c Host IP Address Host IP Address Host IP Address Host IP Address 199 169 100 66 199 169 100 67 199 169 100 130 199 169 100 131 Figure 2 5 Defining an IP Subnet Mask To configure the routers to route between the newly created sub networks the following parameters must be defined in the built in menu system IP Address amp Subnet Size Location Main Configuration LAN Set up LAN IP Set up V IP A ddress mask size The IP address consists of 4 octets and is represented by 4 fields separated by periods where each field is specified by a decimal number e g 199 169 1 10 Each decimal number must be 38 Applications less than or equal to 255 that is the maximum value of each 8 bit field The IP address is first specified and then you will be prompted to enter the mask size The mask size defines the subnet mask by using the specified number to reserve a series of contiguous bit locations from the start of the entire IP address These reserved bit locations are then used as part of the network portion of the IP address For example with a class C IP address a subnet size of 26 will provide 2 host bits f
16. List of event and alarm logs Expanded description of programmable filtering The router PPP Menus Reference Manual provides the following information Complete description of the options for the built in menu system Contents 1 INSTALLATION Unpack the router Select a Site Identify the Connectors Connect to the Console Make the LAN Connections Make the WAN Link Connection Power Up the router Login and Enter the Required Configuration Mandatory Configuration Setting the Link Interface Type Universa WAN only Setting the T1 E1Parameters T1 E1WAN only Identify the Status LEDs 2 TYPICAL APPLICATIONS amp HOW TO CONFIGURE THEM Managing the router Using Menus Conventions Basic Frame Relay Configuration Auto Learning the Frame Relay Configuration Manual Configuration LMI Type Quick Start Frame Relay Basic Leased Line Configuration Quick Start PPP Leased Line Connections Should Y ou Bridge or Route Configure as an Ethernet Bridge Configure as an Ethernet IP router D efine an IP D efault G ateway D efine an IP Static Route D efine an IP Subnet Mask Configure as an Ethernet IPX router Novell Servers in Both Locations Novell Servers in One Location O nly PPP Link Configuration Overview Numbered Links Unnumbered Links Configure Dynamic Host Configuration Protocol Configure Network Address Translation NAT Configure PPP Security Configure Firewall ER 1 1 10 U01 U0
17. Set up Edit Remote Site X Protocol Set up V P Parameters NAT Advanced Translation type Port Z The configuration options described here are only for initial s amp up and configuration purposes For more complete information on all of the configuration parameters available please refer to the router PPP Menus R eference M anual file on the accompanying CD ROM 49 Applications Configure PPP Security The router provides support for both PAP and CHAP PPP security authentication An outgoing user name PAP password and CHAP secret are defined that the router will use when responding to an authentication request from a remote site PPP router T he cold start defaults for the security user name and passwords are as follows T hese defaults will exist when the router is first started before and configuration is entered and after a Full Reset has been performed These default values are also 94 when the router is placed in TFTP Network load mode for upgrading the operating software via TFTP transfers Care should be taken when upgrading a group of routers that have security levels set D efault user name is the same as the default device name D PA P password and CH A P s re are both set to none The complete security configuration for both incoming and outgoing calls is defined within the Security menu of the WAN Set up section Security Level Location Main Configuration WAN Set up Sec
18. V T1 E1 Set Up Slot Channel Set Up Start first channd Number number of channds 13 Installation Some El service providers reserve timeslot 16 for network management use If your service specifies that timeslot 16 is for their use toggle this option to reserved Set Link Interface T ype Location Main Configuration WAN Set Up V Link Set Up V T1 E1 Set Up Slot Channel Set Up El Timeslot 16 reserved 14 Installation Identify the Status LEDs The meanings of the four 3 colour Light Emitting Diodes LED s on the front of the router are found in the following chart Green Green flashing Yellow Yellow flashing Routerisin BOOT mode Power 0000 Green LAN is connected and forwarding Red Routeris NOT connected to the LAN e ding i e Listening Green LINK is up idle Green flashing LINK is up transmitting data traffic LINK negotiating control signals asserted on link Red LINK isdown no control signals present Tx OO DO Green LINK is up idle Green flashing LINK is up receiving data traffic LINK negotiating control signals received from link Red LINK is down no control signals present Rx OOO _ 15 Installation Power LAN Figure 1 4 Front View of the router 16 2 TYPICAL APPLICATIONS amp How TO CONFIGURE THEM The router is an Ethernet Bridge Router that supports frame relay RAW 1490 permanent virtual circuits fr
19. be connected together with IPX routers you must ensure that the IPX network numbers on each of the N ovell servers is unique If the IPX network numbers are the same the IPX routers will not operate Once the WAN connections have been established to the remote partner routers the IPX router portion of the routers will begin to build their routing tables according to the IPX frames they receive from the network Manual entries may be made in the routing tables by adding static IPX routes The configuration options described here are only for initial s amp up and configuration purposes For more information on all of the configuration parameters available please refer to the router PPP Meus Reference Manual file on the accompanying CD ROM 41 Applications N ovell Servers in One Location Only Some Novell LAN installations require that a remote LAN that consists of only Novell IPX clients be connected to a central LAN that contains the Novell servers and some more clients In this configuration the router located at the remote site must be configured with the appropriate IPX network numbers The IPX network number must be configured manually because there is no Novell server at the remote site The router must act as a Novell server to supply the proper IPX network number to the clients on the remote site LAN In the following diagram the router connected to LAN 2 must be configured with IPX network number 1500 using the appropriate
20. both the mode and version if no errors have occurred or an error message On the rare occasion that during the programming of the FLASH something happens to the bridge router power hit or hardware reset causing the FLASH to become corrupted the bridge router will restart in ZMO D EM receive mode only If 93 the bridge router does not start in ZMODEM receive mode refer to Appendix D Servicing Information The TFTP Load Flash operation may be aborted by re connecting to the console of the router and choosing the Abort Load option from the Load FLASH Set Up menu This will cause the router to reset and return to normal operations operating from the existing software In the following diagram of a cluster of routers when upgrading the three routers in the diagram the upgrade order should be Router C then Router B and finally Router A A TFTP software load to Router C would be performed as follows Using TFTP get config txt from each router and save Telnet to Router C Enter the ID or alias of Router B in the Network TFTP option to put Router C in Network Load mode When Router C restarts in Network Load mode the connection to Router B will be re established only if autocall is enabled on router B The TFTP transfer of the upgrade code may now be performed from the PC to Router Once Router C has completed programming the flash and has restarted in operational mode the connection to Router B will be re est
21. default setting as a leased line router The router will operate as a PPP leased line bridge router if the frame relay function is disabled The Leased Line router establishes PPP Point to Point Protocol WAN connections to other PPP Leased Line router units or to other vendors PPP leased line routers via direct leased line connections Configuration default configuration for N orth A merican router is to have frame relay enabled To run PPP leased line frame relay must be disabled Frame Relay disable Location Main Configuration WAN Set up Link Set up i Frame Relay disabled The router will request confirmation of the change enter yes Quick Start PPP Leased Line Connections The PPP Leased Line router requires only a few configuration parameters to establish a direct connection to another PPP IP router Once the connection is established and is working properly the router should be configured with a remote site profile entry for that vendors router Before the router can establish a link connection to another PPP router the link speed information must be defined Refer to the following diagram that shows an router unit and another vendors unit connected together with a direct leased line connection 26 Applications PPP IP Router Figure 2 2 Basic PPP Leased Line Configuration The following steps must be performed on the router unit Link Speed Location Main Configuration WAN Set u
22. each end to allow direct connection to the link interface connector on each unit The link speed must be defined for each of the two units 88 Servicing Information RS530 RS422 Null Modem Cable DB25 MALE DB25 MALE 1 Shield Shield 1 2 Transmitted Data A Received Data 3 14 Transmitted Data B Received Data B 16 3 Received Data A Transmitted Data A 2 16 Received Data B Transmitted Data B 14 4 Request To Send A DCE Ready A 6 19 Request To Send B DCE Ready B 22 5 Clear To Send A Clear To Send 5 6 DCE Ready A Request To Send 4 22 DCE Ready B Request To Send B 19 20 DTE Ready A Received Line Signal Detector A 8 23 DTE Ready B Received Line Signal Detector B 10 7 Signal Ground Signal Ground 7 8 Received Line Signal Detector A DTE Ready A 20 10 Received Line Signal Detector B DTE Ready B 23 15 Transmit Timing A DCE Source Receiver Timing A DCE Source 17 12 Transmit Timing B DCE Source Receiver Timing B DCE Source 9 24 Transmit Timing Transmit Timing 11 Transmit Timing B DTE Source Transmit Timing 18 Local Loopback 21 Remote Loopback Remote Loopback 21 17 Receiver Timing A DCE Source Transmit Timing A DCE Source 15 9 Receiver Timing B DCE Source Transmit Timing B DCE Source 12 25 Test Mode Test Mode 25 Figure C 13 RS530 RS422 Null Modem Cable The connecting cable must be a shielded cab
23. routers operating as half of a complete router that is connected between the two endpoint LANs When an IPCP link is set to unnumbered the only configuration option applicable is Peer IP Address The peer IP address in this case is the IP address of the remote PPP router that is the IP address of its LAN connection If the peer IP address is not specified the router will attempt to determine it when negotiating the IPCP connection When an IPXCP link is set to unnumbered no addressing configuration is required All of the IPX settings are negotiated during the IPXCP connection 45 Applications Configure Dynamic Host Configuration Protocol The router uses Dynamic Host Configuration Protocol DHCP to allow users in a small office environment to simply enable DHCP clients on their workstations and power them up to get their proper initialization Y ou would then be able to use TCP IP applications such as connecting to the Internet DHCP allows configuration of devices DHCP clients to be handled from a central DHCP server This allows devices to be added and removed from a network with all of the network information ie IP address DNS subnet mask etc being configured automatically It 15 designed to allocate network addresses to a number of hosts on the routers LAN and supply minimal configuration needed to allow hosts to operate in an IP network The following steps must be performed on the router to configure it as a DHCP
24. server DHCP Services Location Main Configuration Applications Set up DHCP Set up DHCP Services Server DHCP Services options which are available are none and server Set to server to enable this device as a DHCP Server IP Address Pool Location Main Configuration Applications Set up DHCP Set up Server IP address pool V P address pool V IP A ddress number of addresses The IP address pool option requires having the first IP address in the range that is wanted for the 46 Applications devices attached to the D HCP Server to be set The number of addresses to be assigned must also be specified to a maximum of 253 With the DHCP Services and IP Address Pool defined devices may be attached to the network up to the maximum specified and they will be automatically configured W hen setting up a router as a D server that will have both Mer DNS server on the internal n amp work and a remote connedion to another DN S server for example through an ISP then the local DNS server should be set as the primary DN S and the external DNS server as the secondary DN S DNS Set Up Location Main Configuration Application Set up DHCP set up DNS set up Primary DNS IP address local DNS server Secondary DNS IP addr external D NS server External DNS Server 29 Secondary O O Internet Service gt e j M Provider Local DNS Server Primary
25. used with the Universal interface module has the correct pinouts for the operational mode selected for the interface V 11 X 21 V 35 RS232 V 24 RS530 RS422 Using the incorrect cable connector for the operational mode selected may cause permanent damage to the interface module Please see Appendix D for pinout assignments Set Link Interface T ype Location Main Configuration WAN Set Up V Link Set Up V Link Interface T ype Select the Service type to which this router will be connected Note If the module is being changed from one type of service to another you must first select none before a new selection may be chosen Also the link must be toggled through a disable enable cycle before the change is brought into effect 11 Installation Setting the T1 ElParameters T1 E1 WAN only The parameters requred for a T1 or E1 connection may be obtained from your service provider These may then be entered via the T1 E1 set up menu to configure the router for that service E1 Selection Location Main Configuration WAN Set Up V Link Set Up T1 El Set Up Link mode Tlor El Set the service mode to which this router will be connected Service parameters Location Main Configuration WAN Set Up Link Set Up t T1 E1 Set Up Speed Channel rate 56 64 kbps T1 E1framing framed unframed SF E SF Line encoding AMI INV AMI B8ZS H D B3 Select the service channel speed
26. would route information within the internal network and any IP frames that are destined for the Internet would be routed to the default gateway Default Gateway Location Main Configuration Application Set up DHCP Set up D G ateway The IP address of the default gateway consists of 4 octets and is represented by 4 fields separated by periods where each field is specified by a decimal number e g 199 169 1 10 Each decimal number must be less than or equal to 255 that is the maximum value of each 8 bit field A configured Default Gateway will override a default route learned from RIP Configuration The Default Gateway may be located across the WAN oonnadion 35 Applications Define an IP Static Route Static IP routes may be defined when one specific router is to be used to reach a destination IP network The static route will have precedence over all learned RIP routes even if the cost of the RIP learned routes is lower Edit Static Route Location Main Configuration V P Routing Set up IP Routes Edit Route Edit Static Route Remote Site Net Hop Cost Each static IP route is defined in the Edit Route menu The destination network IP address is specified when you first enter the menu and then the IP address of the next hop route and the cost may be defined Once all of the static IP routes are defined they may be viewed with the Show Static Routes command from th
27. 1 2 Rear View of the Universal WAN router Console LAN O E MDI X MDI Figure 1 3 Rear View of the V 35 router 12VDC Console LAN T1 E1 Lxx MDI X MDI Figure 1 Rear View of the T1 E1 router 6 Installation Connect to the Console Connection to the router operator s console is made through the RJ 45 connector labeled CONSOLE on the back of the router A RJ 45 cable and RJ 45 to D B9 female converter are provided for connection to a D B9 male connector Connect the console port of the router to a computer running an asynchronous communication package or a standard asynchronous terminal The router supports autobaud rates at 1200 2400 9600 or 19 200 bps The router is managed through the use of hotkey Menus Appendix C provides the pinout information for the console connector and the D B9 to RJ45 converter Make the LAN Connections Connect the router to the LAN with the available LAN interface cable The router may be connected directly to a wiring hub or Ethernet switch by using the MDI LAN port and a standard 10BaseT cable The router may be connected directly to a computer network card by using the MDI X LAN port and a standard 10BaseT cable Make the WAN Link Connection The Universa WAN module may be selected to operate as a V 11 V 35 RS232 or EIA530 interface The Universal WAN interface module uses a D B25 connector Be sure to secure the cable connector to the router an
28. 2 Show address pool 3 Dynamic IP pool 4 Add static entry 5 Remove static entry Link IP address 2 Peer IP address Private Route Negotiate address 8 VJ compression 3l IPX Parameters 1 IPX enabled Link type 4 Local IPX node Peer IPX node Static routes only 7 PX DMR enabled 8 Force RIP update CCP Parameters 1 Compression Extended sequence 2 4 Bridge parameters menu IP parameters menu arameters menu CCP parameters menu Incoming PAP password Incoming CHAP secret Outgoing user name 4 Outgoing PAP password 5 Outgoing CHAP secret 64 Continued from previous page 4 Application Set Up SEEN Statistics Set Up Extended Statistics Interval 3 Clear All Statistics Statistics Setup menu Remote site information men LAN statistics menu Link stats Link performance menu j Link summary Interface stats Interface status Clear link amp interface stats x 1 Soft Reset z 1 Trace Int 2 Full Reset 2 Real Time 3 Heartbeat Capture 4 WAN trace 4 End i WAN loopback 5 Data display 6 Time 1 Acknowledge alarm 2 2 Show events 13 Clear events 4 Show security log 5 Clear security log 6 Show resumption log 7 Clear resumption log 2 DHCP Set Up WAN Trace 3 Firewall Set Up
29. 5 100 1 20 The configuration options described here are only for initial set up and configuration purposes For more information on all of the configuration parameters available please refer to the router PPP Menus Reference Manual file on the accompanying CD RO M 99 Applications 3 INTRODUCTION TO FILTERING The router provides programmable filtering which gives you the ability to control under what conditions Ethernet frames are forwarded to remote networks There are many reasons why this might need to be accomplished some of which are security protocol discrimination bandwidth conservation and general restrictions Filtering may be accomplished by using two different methods The first method is to filter or forward frames based solely on their source or destination MAC address This method of filtering is useful when bridging between LANs and for providing remote access security in any type of network The Ethernet MAC Media Access Control address is checked against the addresses in the filtering list and the frame is filtered or forwarded accordingly The second method of filtering is pattern filtering where each frame is checked against a filter pattern The filter pattern may be defined to perform a check of any portion of the Ethernet frame Separate filter patterns may be defined for bridged frames IP routed frames and IPX routed frames For more information on filtering please refer to the Progra
30. CP Ports Decimal Hex use La s m d w Th _ 62 APPENDIX A MENU TREES The menu trees on the next few facing pages are a graphical representation of the hierarchy of the built in menu system of the router The menus are shown with the options of the menus being displayed below the specific menu name Each of the menu options shown in the menu tree is explained in the accompanying router menu reference files The PDF files are located on the accompanying CD ROM Menu names are displayed in boxes The numbers on the left side of the boxes indicate the menu option from the parent menu that this menu corresponds to All menu options are listed with numbers indicating their actual position within the menu system 63 1 Configuration Terminal how 1 13 Add Y Terminal Set Up menu Device Set Up menu Telnet Set Up menu 14 Load FLASH Set Up menu 5 Console Hardware Status 7 TFTP access 1 2 LAN Set Up T Bridge setup menu 2 IP set up menu 13 IPX set up menu Bridge STP Set Up State Path cost 13 Priority LAN interface type wansevup Tak setup 1 Physical link type 2 Link operation 3 Frame Relay 4 Frame Relay set up menu 5 Link Interface type 5 T1 E1 set up menu 6 Link speed 7 Link CD wait time 8 Loop compensation Frame Relay Set Up Auto leaming LM type 3 Polling interval Enquiry interval Error thr
31. E ALLOCATION Control Type CONNECTIONID CONNECTION ID NUMBER NUMBER NUMBER NOVELLDATA FIELD ANDETHERNET CHECKSUM 42 43 44 45 46 47 48 w x Y 2 1 1 DATA FIELD UP TO 534 OCTETS OF DATA ETHERNET CHECKSUM 70 Octet Locations on Ethernet Frames Octet Locations on a Bridged XNS Frame LEVEL 2 ETHERNET 1 2 3 4 5 6 7 8 9 10 1 12 13 1 1 1 1 1 1 1 1 ETHERNET DESTINATION ADDRESS ETHERNET SOURCE ADDRESS TYPE CODE gt INTERNET PACKET 14 15 16 17 18 19 20 21 22 23 1 CHECKSUM LENGTH DESTINATION NETWORK 24 25 26 29 30 31 3 3 3 1 1 1 1 1 1 1 1 1 1 1 DESTINATION HOST SOURCE NETWORK 36 37 38 39 40 41 42 43 46 x 1 X Z 1 1 1 1 1 1 1 1 1 1 1 SOURCE HOST ETHERNET CHECKSUM SEQUENCED PACKET PROTOCOL 14 15 16 17 18 19 20 21 22 23 1 1 1 1 1 1 1 1 CHECKSUM LENGTH DESTINATION NETWORK 24 25 26 27 28 31 5 n 3 1 1 1 1 1 1 1 1 1 DESTINATION HOS SOURCE NETWORK 370038 39 40 42445 46 4 1 1 1 1 1 1 1 1 1 SOURCE tion Datastre SOURCE SOURCE HOST mpe CONNECTION m 32 53 540 55 57 58 59 X 1 1 1 1 1 1 1 1 ACKNOWLEDGE ALLOCATION DATA FIELD ETHERNET CHECKSUM NUMBER NUMBER 71 Octet Locations on Ethernet Frames X K X X APPENDIX C SERVICING INFORMATION Opening of the case is only to be performed by qualified service person
32. Edit Services 3 Firewall Ee Snow A rogoo Server IP address pool 4 Firewall statistics 1 Other Services menu 14 Remove Address address pool 5 Clear statistics E ELM 7 Show address pool 6 Show firewall entries ig BOE 2 Add static address 7 Remove entry S WWW HTTP Remove static address 1 amp Telnet 2 Designated Servers 5 DNS DNS Set Up LT Emal ENTE sen POP 2 3 server 11 Primary DNS FTP server Other Services 12 Secondary DNS WWW HTTP server 1 13 Domain name Telnet server port 3 Local DNS 1 i Remote DNS Host IP address NeIBIOS Setup 18 Secondary local DNS Host port 21 Send NetBIOS node type 3 Secondary remote DNS Description 1 Send NetBIOS scope 2 SB Remove Bridging Set Up Spanning Tree Send NetBIOS name srv Edit Firewall Entry 2 NetBIOS node type Dest IP addi Router Port 1 Spanning Tree menu 1 STP State NetBIOS scope ld Dest IP address 2 Bri i 2 Bridge Priori NetBIOS name server Destination mas 1 Telnet 12 Bridge Forwarding ano Dota Source IP address n TFTP 3 Bridge Aging Timer 1 2 Message Age Timer Source mask 23 SNMP 4 Show Bridging Table IE S Protocol type Show Permanent Table 12 E b d Source port 16 Clear Bridging Table e Show Por Destination port Description 2 9 Entry direction IP Routing Set U iP Routes T ARP IF Routes t menu 1 Edit Static Route Edit Static Route
33. LASH After the reset the remote sites information will have to be re entered either from a saved configuration file recommended or by manually reentering the information for each site On the rare occasion that during the programming of the FLASH something happens to the bridge router power hit or hardware reset causing the FLASH to become corrupted the bridge router will restart in ZMO D EM receive mode only If 91 the bridge router does not start in ZMODEM receive mode refer to Appendix D Servicing Information for recovery procedure The ZMODEM Load Flash operation may be aborted by aborting the ZMODEM transfer and then entering 5 control X characters X from the console keyboard After the control X characters are sent the router will display a limited menu system Choose the Abort Load option from the Load FLASH Set Up menu This will cause the router to reset and return to normal operations operating from the existing software If the ZMODEM transfer operation needs to be restarted after it has been canceled or after loading the first file simply choose the Console ZMODEM option from the Load FLASH Set Up menu once again Considerations When the router is placed in Console load BOOT mode the LAN interface and the WAN interface will be disabled The router will only accept information from the console management port The BOOT code of the router may be upgraded by performing a load of the all fil
34. Novell servers located on only one of the LAN segments N ovell Servers in Both Locations An Ethernet IPX router is used to intelligently route Novell IPX LAN traffic to remotely connected LANs across the WAN WAN connection IPX Network Address 1500 IPX Network Address 1512 Novell IPX Client Novell Server Novell Server Novell IPX Client Figure 2 7 IPX Routed Local Area N etworks Servers on both sides IPX routers forward IPX frames based upon their IPX destination address and an internal routing table The router maintains the internal routing table with the remote network IPX addresses and the remote partner IPX routers associated with those networks When an IPX frame is received from the local LAN the destination IPX address is 40 Applications examined and looked up in the routing tables Once the destination IPX address is found in the routing tables the IPX router sends the IPX frame to the remote partner router that is connected to the appropriate remote IPX network To configure the router to be an IPX router when both LAN segments contain Novell servers the IPX network numbers are learned automatically from the routing information and service announcements sent by the servers The router will automatically assign the IPX network numbers and proceed to route the IPX frames to the appropriate destination network When two IPX LA N segments with N ovell servers on each segment are to
35. Series 500 Frame Relay Leased Line Bridge Router User and System Administration Guide LR1530A R3 LR1530A EU R3 LR 1531A R2 LR 1535A R2 O copyright 2002 by Black Box Corporation Federal Communications Commission FCC Note This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manua may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense Warning The user is cautioned that modifications to this equipment can void the authority granted by the FCC to operate the equipment Canadian Emissions Standard ICES 003 This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus as set out in the interference causing equipment standard entitled D igital Apparatus ICES 003 of the D epartment of Communications Cet appareil num rique respecte les limites de bruits radio lectriques applicables aux appareils num riques de Classe A prescrites dans la norme sur l
36. ablished only if autocall is enabled on router B Once router C is operating with the new software the PC may be used to reload the config txt file back to Router C Repeat for Router B then again for Router A Perform the Router B upgrade using the ID or alias of Router A Router A upgrades would not require a remote site ID as the PC used for TFTP transfers is located on the same LAN as Router A 94 PC used for TFTP transfers Router B Router C 5500099 10 95
37. al mode selected may cause permanent damage to the interface module Pinouts for each mode of operation are listed on the pages following 80 Servicing Information V 35 Link Pinouts 25 34 Direction Contact Contact Circuit To From No No Name DCE DCE 1 A ProtectveGround NA Perret a X 3 Received Data A R LE estu E 0 Clear to send SignalGround SignalGround Data Channel Received Line Signal E Detector 9 X Receiver Sonal Element Timing X a pas A e eic 1i W X 12 aa Send signalElementTiming 8 X Epa EN a 34 s FX Ls esa tenent 5 Received Data B Received Signal Element Timing A ec ap 2 RET DsaTemmdRey x _ 21 N Remote Loopback _ E NUMEN RENE A NN EK GENE Numam E 24 U TerminalSignalElementTiming A X 25 NN Figure C 6 V 35 Link Pin Outs The connecting cable must be a shielded cable 81 Servicing Information Circuits which are paired contain an A and B reference should be connected to twisted pairs within the connecting cable NOTE ForU K Approval The connecting cable may be any length between 0 and 5M One end must be terminated in a male 34 pin X 21 bis connector as defined in 150 2593 1984 The other end must be termin
38. ame relay encapsulated PPP permanent virtual circuits and PPP leased lines This section will describe how to set up the router using each of its networking functions The router may be configured as a simple Ethernet bridge an Ethernet IP router an Ethernet IPX router or a combination of the three When operating the router as a combination bridge router simply configures each of the components separately de The configuration options described within this section are only for initial set up and configuration purposes For more information on all of the configuration parameters available please refer to the router PPP Menus Reference M anual file on the acompanying CD ROM Important The router uses FLASH memory to store the configuration information Configuration settings are stored to FLASH memory after there has been 30 seconds of idle time Idle time is when there is no selection or modification of the values in the built in menu system If you wish to save the configuration immediately enter z to jump to the main menu then select option 6 to save the configuration 17 Applications Managing the router Using Menus This section describes the minimum configuration parameters required when setting up the router Each of the configuration scenarios requires setting of operational parameters on the router The built in menu system of the router is used to configure the unit When navigating around the menu system a new
39. ated in a male 25 pin X 21 bis connector as defined in ISO 2110 1989 82 Servicing Information RS232C V 24 Link Pinouts Con Circ Circuit Direction tact uit Name To From No DCE DCE 1 Protective Ground NA 2 Transmitted Data X 3 BB Received Data X AA BA BB CA Request to Send X __ CC Data Set Ready X AB CF CD CE DA 7 Signal Ground NA Received Line Signal Detector CD X rur 22 4 EA X Transmit Signal Element Timing D CE Source Receive Signal Element Timing DCE Source Local Loopback X Data Terminal Ready X Ring Indicator Transmit Signal Element Timing DTE Source X Figure C 7 RS232 V 24 Link Pinouts The connecting cable must be a shielded cable NOTE For U K Approval The connecting cable may be any length between 0 and 5M Each end must be terminated in a male 25 pin X 21 bis connector as defined in ISO 2110 1989 1 1 1 1 1 1 1 1 X 1 1 0 1 3 5 6 7 8 9 0 1 2 X 2 Em 5 6 E e e 10 15 16 EUM 18 19 2 2 2 2 2 5 83 Servicing Information RS530 RS422 Link Pinouts Direction Contact Circuit To From N umber Circuit N ame DCE DCE l Shield Protective Ground INA 2 me Tears E Received Data tenets 5 Clatosnd MM MEM AB Signal Ground ETT TTE TD GNE EZ 9 DD
40. cante El aparato el ctrico debe ser montado a la pared o al techo s lo como sea recomendado por el fabricante Servicio El usuario no debe intentar dar servicio al equipo el ctrico m s all a lo descrito en las instrucciones de operaci n Todo otro servicio deber ser referido a personal de servicio calificado El aparato el ctrico debe ser situado de tal manera que su posici n no interfiera su uso La colocaci n del aparato el ctrico sobre una cama sof alfombra o superficie similar puede bloquea la ventilaci n no se debe colocar en libreros o gabinetes que impidan el flujo de aire por los orificios de ventilaci n El equipo el ctrico deber ser situado fuera del alcance de fuentes de calor como radiadores registros de calor estufas u otros aparatos incluyendo amplificadores que producen calor El aparato electico deber ser connectado a una fuente de poder s lo del tipo descrito en el instructivo de operaci n o como se indique en el aparato Precauci n debe ser tomada de tal manera que la tierra fisica y la polarizaci n del equipo no sea eliminada Los cables de la fuente de poder deben ser guiados de tal manera que no sean pisados ni pellizcados por objectos colocados sobre o contra ellos poniendo particular atenci n a los contactos y recept culos donde salen del aparato El equipo el ctrico debe ser limpiado nicamente de acuerdo a las recomendaciones del fabricante En caso de existir una antena externa d
41. d the communications equipment with connector screws to prevent accidental disconnection WARNING ensure that the connector cable used with the Universal interface module has the correct pinouts for the operational mode selected for the interface V 11 V 35 RS232 or 530 Using the incorrect cable connector for the operational mode selected may cause permanent damage to the interface module Please see Appendix D for pinout assignments Note When the router is initially powered up the Universal WAN will have the default type of none Before the link can be used it Installation must be configured to the type of connection service that will be used please see the following section for this procedure The V 35 module and Universal WAN module in V 35 mode require interface converters that convert from a D B25 connector to a male 34 pin V 35 connector used for the V 35 service interface Be sure to secure the cable connector to the router and the communications equipment with connector screws to prevent accidental disconnection The T1 E1 and LX411 CSU DSU interfaces connect with a standard RJ 45 RJ 48C specification for T1 E1 RJ 48S specification for CSU D SU connector After the router is powered up and the router has established communications with its partner across the WAN the Tx LED will turn green Installation Power Up the router Once the LAN and Link connections are made and the console is connected
42. e IP Routes menu Configuration Whe the IP routing protocol is set to none the subnet mask size must also be defined when creating a static route entry The subnet mask is required to allow a static route to be created to a different IP network address L The configuration options described here are only for initial s amp up and configuration purposes For more information on all of the configuration parameters available please refer to the router PPP Menus Reference Manual file on the accompanying CD RO M 36 Applications Define an IP Subnet Mask An IP network may be divided into smaller portions by a process called sub netting A subnet is specified using high end bits of the host field of the IP address for network addressing This is done with a subnet mask Thus the size of the subnet i e The number of bits available for subnet addressing is the size of the subnet mask minus the length of the network field of the IP address for that class 8 16 or 24 bits for classes A B and C respectively For example a small company is connected to the Internet they are assigned a single class C IP network address 199 169 100 0 This network address allows the company to define up to 255 host addresses within their network Their network will be attached to the Internet with an IP router If this company decides to split their network into two LANs to reduce the load on their network the original IP network address may be sub netted
43. e connected with a Digital Leased link The administrator at the corporate head office wishes to set up an IP firewall to allow everyone on the Internet to have access to the corporate FTP and Web servers and nothing else The administrator 52 Applications also wishes to allow all of the TCP traffic from the branch office network to have access to the head office Anyone in the corporation may have unrestricted access to the Internet The following steps must be performed on the router to set up the firewall support as desired First the firewall on the ISP connection remote site 1 of the WAN is set up The firewall option is set to inbound to have this WAN firewall filter traffic from the ISP to the router while allowing unrestricted access out to the Internet Firewall WAN Remote Site Filter direction Location Main Configuration Applications Set up V Firewall Set up WAN Firewall Set up V enter ID 1 for ISP remote site Firewall inbound The firewall on the Intemet connection is set up to protect the entire corporate network including the branch office from unauthorized traffic Then the entries are made in the Designated Servers menu to allow Internet access to the FTP and Web servers on the corporate network FTP amp WWW Designated Servers Location Main Configuration Applications Set up V Firewall Set up WAN Firewall Set up V ID 1 for ISP remote site Designated Servers V FTP S
44. e default gateway parameter only needs to be defined when there is another IP router connected to the LAN that is the default gateway for this IP network Once the WAN connections have been established to the remote partner routers the IP router portion of the routers will begin to build their routing tables according to the IP frames they receive from the network Manual entries may be made in the routing tables by adding static IP routes 34 Applications Define an IP Default Gateway An IP default gateway is an IP router that is resident on the local IP network that this router is connected to and is used to route IP frames for destination networks that do not exist in the routing tables When an IP frame is received that is destined for a network that is not listed in the routing tables of the router the router will send the IP frame to the default gateway If the device originating the IP frame is on the same local LAN as the router the router will then send an ICMP redirect message to the originating device Any future IP frames for that destination network will then be sent to the default gateway instead of the router A default gateway may be configured if there are a large number of routes that will pass through another router to a larger network An example of this would be a router that is used to connect to the Internet All of the routers on the local LAN would have the Internet access router as the default gateway The routers
45. e first check will be used in the second check using the first portion of the filter pattern If the packet information starting at the 14 octet equals 24 or 32 and the information at the 12 octet equals 80 the filter pattern will match 60 Introduction to Filtering Popular Filters Some of the more commonly used pattern filters are shown here Bridge Bridge pattern filters are applied to Ethernet frames that are bridged only When the router is operating as a router all routed frames will be unaffected by the bridge pattern filters IP amp Related Traffic IP amp Related Traffic 12 0800 12 0806 ie 20800 12 0806 Novell IPX Frames Novell IPX Frames temen 2413 802 2 LLC 14 AAAA amp 20 8137 NetBIOS amp NetBEUI Microsoft Windows NetBIOS NetBEUI Microsoft Windows 61 Introduction to Filtering Banyan Banyan 12 0BAD 12 80C5 IP Router IP router pattern filters are applied to IP Ethernet frames that are being routed When the router is operating as an IP router all IP routed frames will be checked against the defined IP router pattern filters IP routed frames are unaffected by the bridge pattern filters and the IPX router pattern filters NetBIOS over TCP NetBIOS over TCP 22 0089 NETBIOS Datagram Service 22 008A NETBIOS Session Service 22 008B Note UsestheTCP D estination Port location Other interesting TCP Ports Other interesting T
46. e from the O perational BOOT Code directory on the CD ROM 92 Servicing Information Procedures for performing a TFTP Flash Load to upgrade the operating software of the router Execute the Network TFTP command from the Load FLASH Set Up menu Enter none to connect locally or enter the remote site ID number or alias to connect to a remote site Start the TFTP application to be used for transfers to the router The IP address of the router may be found in the Internet Set Up menu Put the file all for this router from the O perational BOOT Code directory on the CD ROM to the router Any router not in Network Load BOOT mode will respond with an access violation eror The router will verify the file all in memory program and verify the FLASH clear the configuration to default values except IP Address IP Routing state IP Forwarding state WAN Environment Link 1 amp 2 State Password and connection data for the remote site if applicable and then reset After the reset the remote sites information will have to be re entered either from a saved configuration file recommended or by manually reentering the information for each site The router may take up to two 2 minutes to program and verify the FLASH The console will not respond during this time To check on the router s current state during this process get the file status txt from the router This file will report the router s state
47. e mat riel brouilleur Appareils Num riques NMB 003 dict e par le ministre des Communications Speed Ethernet LAN 10 Mbps WAN up to 2 048 Mbps Protocol IP amp IPX Multi Protocol router capabilities Protocol independent MA C layer bridging SN MP terminal access Indicators 4 LEDs Power LAN Tx Rx Connectors DB25 female model 1530A R2 Universal or model 1530 V 35 WAN RJ45 female model 1531A 56 64K CSU DSU WAN and model 1535A T1 E1 CSU DSU WAN Rj45 female 10BaseT LAN RJ45 female console port Power 12VDC 1A external center positive Size 1 6 H x 6 1 W x 43 D 4x 155 x 11 cm Weight 15 oz 500 gy INSTRUCCIONES DE SEGURIDAD Normas Oficiales Mexicanas Electrical Safety Statement 1 2 10 11 12 13 14 15 16 17 18 Todas las instrucciones de seguridad y operaci n deber n ser le das antes de que el aparato el ctrico sea operado Las instrucciones de seguridad y operaci n deber n ser guardadas para referencia futura Todas las advertencias en el aparato el ctrico y en sus instrucciones de operaci n deben ser respetadas Todas las instrucciones de operaci n y uso deben ser seguidas El aparato el ctrico no deber ser usado cerca del agua por ejemplo cerca de la tina de ba o lavabo s tano mojado o cerca de una alberca etc El aparato el ctrico debe ser usado nicamente con carritos o pedestales que sean recomendados por el fabri
48. eased line circuit The following instructions provide a quick set up guide for installation of the router Unpack the unit Rough handling during shipment can damage electronic equipment As you unpack the router carefully check for signs of damage If damage is suspected contact the shipper Save the box and all packing material to protect the router should it ever need to be moved or returned for service Check the packing slip that identifies the components and the LAN connector The connectors on the rear of the router provide all external connections to the router Select a Site Place the router in a well ventilated area The site should maintain normal office temperature and humidity levels Air vents located on the rear of the router must have an inch or so of clearance from any object Units should not be stacked Installation Identify the Connectors Each unit is configured with both straight MDI and crossed over MDI X 10BaseT LAN connectors the router will auto sense between the two Only one connector may be used at a time The router is produced with four different WAN interface modules V 35 CSU DSU Universal WAN or T1 E1 The type of module in a unit may be determined by looking at the label over the WAN connector on the back panel 12VDC Console LAN CSU DSU O OCC MDI X MDI Figure 1 1 Rear View of the CSU DSU router Console LAN UNIVERSAL WAN O ee MDI X MDI Figure
49. eber ser localizada lejos de las lineas de energia El cable de corriente deber ser desconectado del cuando el equipo no sea usado por un largo periodo de tiempo Cuidado debe ser tomado de tal manera que objectos liquidos no sean derramados sobre la cubierta u orificios de ventilaci n Servicio por personal calificado devera ser provisto cuando El cable de poder o el contacto ha sido da ado u Objectos han ca do o l quido ha sido derramado dentro del aparato o El aparato ha sido expuesto a la lluvia o El aparato parece no operar normalmente o muestra un cambio en su desempe o o our El aparato ha sido tirado o su cubierta ha sido da ada Using This Manual This Installation and Applications G uide provides the basic information required to initially set up and configure the router This guide is organized into the following sections Installation provides instructions for installing the router Typical Applications amp How to Configure T hem provides simple configuration examples for typical applications in which the router might be used The applications described in this document are for example only and provide a method of quick configuration of the router For more complete information on all of the configuration parameters available please refer to the PPP Menu Reference Manual on the accompanying CD ROM Introduction to Filtering provides an introduction to the pattern filtering options of the route
50. ers available please refer to the router PPP Menus Reference M anual file on the accoompanying CD ROM 28 Applications Should You Bridge or Route When connecting two Local Area Networks together the first question to ask is should I bridge or route The decision to bridge or to route may be decided by how the existing networks have been already set up Bridging should be used when the network consists of non routable protocols or routable protocols using the same network numbers Some protocols can only be bridged some of the more well known are NetBEUI used by Microsoft Windows 3 11 Windows 95 and Windows NT and LAT used by Digital Equipment Corp If your IPX or IP network address is the same at both locations bridging is simpler and requires less configuration If the locations are to be routed together the network numbers will have to be different in both cases this could require extensive reconfiguration IPX routing should be used if the two locations are already set up with different IPX network numbers Routing IPX will minimize the number of SAP and RIP messages being sent across the WAN IP routing should be used if the two locations are already set up with different IP network numbers or if you wish to divide your one IP network number into two sub networks In some cases both bridging and routing may be required Routing may be required for IP information and bridging may be required for NetBEUI 29 Appl
51. erver 195 100 1 12 o WWW HTTP Sever 195 100 1 20 When defining a designated server you will be prompted for the IP address of that device Adding an entry to the 53 Applications designated servers list allows you to quickly setup a firewall entry without having to figure out TCP port values Next the LAN firewall is set up to restrict access to the LAN The firewall option is set to outbound to have the LAN firewall filter traffic from the router Firewall LAN Filter Direction Location Main Configuration Applications Set up V Firewall Set up LAN Firewall Set up V Firewall Outbound An entry is made in the firewall table to allow the devices in the branch office to have unlimited TCP access to devices in the head office Firewall Table Entry Location Main Configuration Applications Set up V Firewall Set up LAN Firewall Set up Edit Firewall Entry filter ID 1 V Dest IP A ddress 195 100 1 0 V Destination Mask 255 255 255 0 Source IP A ddress 195 100 2 0 V Source M ask 255 255 255 0 V Protocol TCP entry direction outbound Finally holes are provided in the LAN firewall to allow Internet access to the FTP and WWW servers 54 Applications Firewall Location Main Configuration Applications Set up V Firewall Set up V LAN Firewall Set up Designated Servers V FTP Server 195 100 1 12 WWW HTTP Server 19
52. eshold 6 Monitored events 5 S 6 T1 E1 Set Up Slot Channel Set Up Link mode LB LBO TIE framing 4 Channel rate Speed i El CRC4 SlovChannel Set Up 7 Line encodi Alarm generation T1408 1 Idle code Number Start Speed E1 timeslot 16 1 6 Status 1 2 Remote Site Set Up Edit Remote Site T Edit Remote Site menu 1 Connection set up menu 2 Remote site summar Activation menu TT Protocol set up menu Call summ ary 24 Security parameters menu 4 Remove remote site Remote site alias 5 Manual call Connection 2 6 Force disconnect Primary connection Secondary connection Remote site type 3 Security Set Up 1 Default parameters menu Security level 3 Request security 4 CHAP challenges 5 Caller ID security Default Parameters 1 Outgoing user name 2 Outgoing PAP password 3 Outgoing CHAP secret 4 PPP Set Up 1 1 Advanced PPP Set Up menu 2 Restart Timer 3 Configure Count 4 Failure Count 5 Terminate Count Advanced PPP Set Up Echo monitorin 24 Quality protocol Quality interval MP encapsulation 2 7 MP sequencing MP discriminator MP minimum 3 a3 IPX 4 5 Force disconnect 6 Link summary Continued on next page 1 2 1 Access Set Up 1 Terminal Set Up 1 Device Set Up LAN IP Set Up 1 SecondaryP set up 2 LAN NAT setup 3 IP address 4 Routing protcol 5 RIP mode
53. fined The router is pre configured to query the frame relay service to auto learn the required parameters they may also be set manually The DLCI Data Link Connection Identifier number for the PVC is assigned by the frame relay service provider The PVC must be defined on the physical link on the router Refer to the following diagram that shows three router units connected together with a PVC being configured on each unit The configuration of the PVCs within the frame relay cloud is controlled by the frame relay service provider DLCI numbers assigned for these mm PVCs from the frame relay provider Frame Relay PVC WAN connections Figure 2 1 Frame Relay configuration 20 Applications Configuration The default configuration for routers shipped outside North American is to have frame relay disabled To run frame relay on these routers it must first be enabled Frame Relay enable Location Main Configuration WAN Set up V Link Set up Frame Relay enabled The router will request confirmation of the change enter yes Foran router with a CSU D SU interface the default clock speed that the router will expect to receive from the DCE link is 64K bps If the DCE link is 56 Kbps then the Link Speed value must be reset to 56 here Link Speed Location Main Configuration WAN Set up V Link Set up Link Speed 56 21 Applications Auto Learning the Frame Relay Configuration
54. frame type The clients connected to LAN 2 must also be running with the same frame type as defined on the router Afterthe routers have established the WAN connection the IPX routing procedures will cause the names of the services located on LAN 1 to be stored in the services table on the router on LAN 2 When one of the clients on LAN 2 starts up it will look for a server on the local LAN and the router will respond with the list of servers that are located on the central LAN IPX Network Address WAN connection 1500 defined on router IPX Network Address 1512 Novell IPX Client Novell Server Novell IPX Client Novell IPX Client Figure 2 8 IPX Routed Local Area N etworks Servers on one side The following steps must be performed on the router connected to LAN 2 4 Applications IPX Frame Types Location Main Configuration V PX Routing Set up Configure LAN Nets V E themet I Frames RAW 802 3 Frames EE E 802 2 Frame 802 2 SN A P Frames Define the appropriate IPX network number for the appropriate frame type Note that IPX network numbers must be unique If more than one frame type is to be used each frame type must have a unique IPX network number There must be no duplicate IPX network numbers within your entire IPX routed network they must all be unique The IPX network numbers may be any value from 0 to FFFFFFFF HEX Configuration Sino there is not a server on LAN 2 in
55. framing format and encoding as designated by the service provider T1 service requires the specification of a Line Build Out factor This parameter modifies the transmitted signal to compensate for degradation due to line losses between the transmitter and receiver A number of different options are available to meet standards for T1 long haul direct connection to service providers central office facility T1 short haul connection through a local PBX AT amp T TR64211 specification long haul and AT amp T TR64211 short haul Your service provider will tell you which specification their service requires Short 12 Installation haul LBOs are listed as the length of the cable run in feet between the router and the local exchange E1 service does not require line build out selection Set Link Interface T ype Location Main Configuration WAN Set Up V Link Set Up T1 E1 Set Up LBO as spedfed T1 long haul LBO s 0 L7 5db L15db L22 5db Short haul LBOs SOto110ft S110to220ft S220to330ft S330to440ft S440to550ft S550to660ft AT amp T standard TR642111ong haul connection TLOdb AT amp T standard TR64211 short haul connection SOto110ft TS110to220ft TS220t0330ft TS330to440ft TS440to550ft TS550to660ft If fractional T1 E1 service is being provided you will need to specify the channels timeslots to be used Set Link Interface T ype Location Main Configuration WAN Set Up Link Set Up
56. ic Protocol DEC Customer Protocol __ _ DECLAN Traffic Monitor AppleTalk AARP Kinetics suc me 69 Octet Locations on Ethernet Frames Octet Locations on an IP Routed TCP IP Frame INTERNET PROTOCOL 0 1 2 3 4 5 6 7 8 9 10 11 Type of T 3 FRAGMENT TIME TO 27 HEADER veR HL GEO TOTALLENGTH IDENTIFICATION 9 PROTOCOL CEECKSUN 12 13 14 15 16 17 18 19 L L L li j i SOURCE ADDRESS DESTINATION ADDRESS TRANSPORT CONTROL PROTOCOL 20 21 22 23 24 25 26 27 28 29 30 81 gt m DESTINATION x SOURCE PORT TNAT SEQUENCE NUMBER ACKNOWLEDGEMENT NUMBER 32 33 34 35 36 37 38 39 40 41 42 43 s Resorvod WINDOW CHECKSUM URGENTPOINIER DATA FIELD 44 45 46 47 48 49 50 W X Y Z DATA FIELD NEXT 500 OCTETS ETHERNET CHECKSUM Octet Locations on an IPX Routed N ovell Netware Frame NOVELLIPX HEADER 0 1 2 3 4 5 6 7 8 9 Checksum LENGTH Transport PACKET DESTINATION NETWORK 10 m 12 13 14 15 16 17 18 19 20 21 L 1 DESTINATION HOST PES TNATION SOURCE NETWORK 22 23 24 25 26 27 28 29 2 y SOURCE SOURCE HOST SOURCE NOVELLSPXHEADER 30 31 32 33 34 35 36 37 38 39 40 4l 1 L 1 1 L Connection Datastream SOURCE DESTINATION SEQUENCE ACKNOWLEDG
57. ications Configure as an Ethernet Bridge An Ethernet bridge intelligently forwards LAN traffic to remotely connected LANs across the Wide Area Network WAN WAN connection Figure 2 3 Bridged Local Area N etworks Ethernet bridges simply forward information based on Ethernet MAC addresses If a LAN packet is destined for a device located on a remote LAN the bridge will forward that packet to the remote LAN If a LAN packet is destined for a device located on the local LAN the bridge will ignore the packet Ethernet bridges also communicate to each other using what is called the Spanning Tree Protocol STP STP is used to prevent loops in a network which cause LAN traffic to be re broadcast again and again causing network congestion The router is pre configured to operate as an Ethernet bridge compatible with the IEEE 802 1d Spanning Tree Protocol definitions This means that without configuration modifications the router will bridge Ethernet traffic to its partner bridges when the Wide Area Network WAN connection has been established 30 Applications The router also is pre configured as an IPX router T his means that if you wish to bridge IPX traffic instead of routing it you must disable the IPX routingfundion of the router Once IPX routing has been disabled all IPX traffic will be bridged between partner bridges on the WA N The two Local Area Networks may be bridged together with minimal configuration required
58. into two or more smaller IP networks consisting of a smaller number of host addresses in LAN This allows each of the sites to be a smaller IP network and to be routed together to allow inter network communication The router allows masks from 8 to 32 bits The mask size determines how many bits of the host field of the original IP network address will be used for the creation of subnets In this example a subnet mask size of 26 will produce a subnet size of 2 bits 24 bits from the class C network address field plus 2 bits from the host address field Two bits gives 4 possible sub network addresses from the original IP network address T wo of the resulting sub networks will have either all zeros or all ones as the subnet address under standard subnets these addresses are reserved for network functions and hence are invalid addresses So setting a mask of 26 will generate two resulting sub networks with up to 62 host addresses each 64 potential addresses minus the all zero and al one addresses The new IP network addresses will be 199 169 100 64 and 199 169 100 128 The subnet mask for the newly created networks will be 255 255 255 192 37 Applications Configuration mask size entered defines the size of the subnet mask from the start of the entire IP address T his allows subnet sizes from 0 to 24 bits A subnet mask size of 8 in a dass A address represents a subnet size of 0 or no subndting performed Original IP Network
59. ion is set to operate at 64 Kbps by default The link may be set to 56 Kbps via the software menus if required When two CSU DSU link routers are to be connected via a leased line in a back to back set up the unit must be set to 56 Kbps link speed and a null modem crossover cable used for the connection A D SU CSU crossover cable would be constructed as follows 1 gt 7 2 gt 8 7 gt 1 8 gt 2 E 1 Module Routers with a T1 E1 interface module use a standard RJ45 service connector pinout specification RJ48C T1 E1 Figure C 5 Rear View of the T1 E1 Connector When two T1 E1 routers are to be connected in a back to back set up a null modem crossover cable used for the connection A T1 E1 crossover cable would be constructed as follows 1 gt 4 2 gt 5 5 gt 2 4 gt 1 Pins 1 and 2 are receive 1 ring 2 tip Pins 4 and 5 are transmit 4 ring 5 tip 79 Servicing Information UNIVERSAL WAN Module The Universal WAN Interface module in this router may be configured to operate in one of four modes V 11 X 21 V 35 RS232 V 24 or RS530 RS422 The interface connector for all types is a standard D B25 pin female connector WARNING ensure that the connector cable used with the Universal WAN interface module has the correct pinouts for the operational mode selected for the interface V 11 21 V 35 RS232 V 24 or RS530 RS422 Using the incorrect cable connector for the operation
60. le Circuits which are paired contain an A and B reference should be connected to twisted pairs within the connecting cable This cable is needed when it is necessary to connect two units back to back and a set of modems is not available Note that this cable specifies D B25 connectors on each end to allow direct connection to the link interface connector on each unit The link speed must be defined for each of the two units 89 Servicing Information Software Upgrades APPENDIX D SOFTWARE UPGRADES Procedures for performing a Console ZMODEM Flash Load to upgrade the operating software of the router 1 Savethe current configuration of the router Main menu option 6 2 Execute the Console ZMO DEM command from the Load FLASH Set Up menu 3 Confirmation is required Enter yes to proceed 4 Afterthe router restarts the router will be in receive ZMODEM mode The router will display the following messages on the console port System startup Receiving ZMODEM B0100000023be50 5 Start the Z MOD EM transfer and send the file all from the Operational BOOT Code directory on the CD ROM 6 Once the ZMO DEM transfer is complete the router will verify the file 44 all in memory program and verify the FLASH clear the configuration to default values except the password and then reset A byte status message will be displayed on the console port during the programming of the F
61. menu or an option may be chosen by simply typing the number associated with the option that you wish to choose The menu system operates on a hotkey principa Each menu option may be chosen by simply typing the number associated with that option The router will accept the choice and act on it immediately The menu system consists of different menu levels each containing new configuration options Navigation back out of a nested menu is easily accomplished by pressing the tab key The tab key takes you to the previous menu level If you wish to move from your current menu location directly to the main menu simply press the equals key When choosing menu options that will toggle between values simply pressing the number associated with that option will cause the options value to change Each successive selection of the option will cause the options value to change Some menu options require input from the operator When selecting an option that requires a value the menu system will display the range of values acceptable and a prompt symbol gt Simply enter the new value at the prompt symbol and press enter Should you make an error in entering the new value the BACK SPACE key for most terminals deletes the most recently entered characters 18 Applications Conventions Throughout this section router menu options are shown that are required for the various configuration choices The appropriate menu options are sho
62. mmable Filtering section of the router reference manual file The PDF file is located on the accompanying CD RO M MAC Address Filtering MAC address filtering is provided by three built in functions The first function is Filter if Source the second is Filter if Destination The third function allows you to change the filter operation from positive to negative The positive filter operation causes frames with the specified MAC addresses to be filtered The negative filter operation causes frames with the specified MAC addresses to be forwarded You may easily prevent any station on one segment from accessing a specific resource on the other segment for this positive filtering and the use of Filter if Destination would be appropriate If you want to disallow a specific station from accessing any service Filter if Source could be used 97 Introduction to Filtering You may easily prevent stations on one segment from accessing all but a specific resource on the other segment for this negative filtering and the use of Forward if Destination would be appropriate If you want to disallow all but one specific station from accessing any service on the other segment the use of Forward if Source could be used Pattern Filtering Pattern filtering is provided in three separate sections Bridge Pattern Filters IP router Pattern Filters and IPX router Pattern Filters When the router is operating as an IP IPX Bridge
63. n the LMI type is set to none the router simply creates frame relay packets and sends them on the defined PVC s The links are not checked for errors There is no congestion control checking The link is only monitored for control signals To manually configure the LMI type the Auto Learning option must be disabled Auto Leaming Location Main Configuration WAN Set up Link Set up Frame Relay Set up Auto learning enabled LMI Type Location Main Configuration gt WAN Set up Link Set up Frame Relay Set up LMI The configuration options described here are only for initial set up and configuration purposes For more complete information on all of the configuration parameters available please refer to the router PPP Menus Reference M anual file on the acoompanying CD ROM 23 Applications Quick Start Frame Relay Since the router auto learns the frame relay configuration only a couple of parameters need to be configured before the unit is fully operational as an IP router for frame relay Upon initial start up the router is pre configured to query the frame relay service to auto learn the LMI type and the PVC DLCI numbers The router will then automatically create a remote site profile for each PVC Within each of the remote site profiles automatically created Bridging IP routing and IPX routing are all set to enabled Because each of these options are enabled by default and the automaticall
64. nel WARNING Before servicing ensure that appliance coupler is disconnected Always disconnect the power cord from the rear panel of the bridge router Geraetesteckvorrichtung trennen vor den Wartung O pening the case 1 Remove power from the bridge router and remove the other cabling 2 Tum the bridge router over and place it on a flat cushioned surface 3 Remove the two Phillips head screws that fasten the case together 4 Hold the two halves of the case together and tum the bridge router right side up 5 Liftoffthetop half of the case 73 Servicing Information Identifying the Internal Components The major components and the jumper strap positions are shown Sanity Timer Always ON Force ZMODEM SW Upgrade Return Password to Default se x Power rd p 9 O 10BaseT V 35 Universal Figure C 1Top Intemal View ofthe router V 35 or Universal WAN interface 74 Servicing Information aN Sanity Timer Always ON Force ZMODEM SW Upgrade 3 Return Password to Default gt y SOS Power 47 Q9 CSUDSU Sx 10BaseT 1 1 Figure C 2 Top Internal View of the CSU DSU orT Y E1 75 Servicing Information Sanity Timer Do not remove this strap pins 1 2 Force ZMODEM Software Load On the rare occasion that during the programming of the FLASH something happens to the bridge router power hit or hardware reset causing the FLASH
65. network portion of the IP address For example with a class C IP address a subnet mask size of 26 will mask the 24 network address bits plus 2 host bits for the subnet address resulting in 4 subnet addresses being created Note that depending on whether or not nonstandard subnets are allowed not all of these addresses may be valid see the sections on defining masks The configuration options described here are only for initial s amp up and configuration purposes For more information on all of the configuration parameters available please refer to the router PPP Menus Reference Manual file on the accompanying CD RO M 32 Applications Configure as an Ethernet IP router An Ethernet IP router is used to intelligently route Internet Protocol IP LAN traffic to remotely connected LANs across the WAN Router IP Address Router IP Address 199 169 1 10 WAN connection 199 169 2 12 IP Network Address 199 169 2 0 IP Network Address 199 169 1 0 Figure 2 4 IP Routed Local Area N etworks IP routers forward IP frames based upon their IP destination address and an internal routing table The router maintains the internal routing table with the remote network IP addresses and the remote partner IP routers associated with those networks When an IP frame is received from the local LAN the destination IP address is examined and looked up in the routing tables O nce the destination IP network is found in the routing tables
66. o be established then each WAN interface must be assigned an IP address on a unique IP network The WAN IP network address must be different than the two existing networks that are being connected together with the PPP routers If anumbered IPX link is to be established then each WAN interface must be assigned an IPX node address on a unique IPX network number The WAN IPX network address must be different than the two existing networks that are being connected together with the PPP routers The IP address of the local WAN link is defined as the Local IP Address within the remote site profile settings The IP address of the WAN link of the remote PPP router is defined as the Peer IP Address within the remote site profile settings The WAN IP network number is defined by defining a subnet size to use when defining the local IP address The size of the subnet will determine the IP network number used The IPX node address of the local WAN link is defined as the Local IPX Node within the remote site profile settings The IP address of the WAN link of the remote PPP router is defined as the Peer IPX N ode within the 44 Applications remote site profile settings The WAN IPX network number is defined with the IPX N et option in the remote site profile settings Unnumbered Links An unnumbered link does not use network addressing on the WAN link The WAN connection is roughly equivalent to an internal connection with each of the two end point
67. or the subnet address resulting in 4 possible subnets The addresses for two of these are all ones or all zeros and are not valid under standard subnets leaving two subnets available Configuration The subn amp mask size entered defines the size of the subn amp mask from the start of the entire IP address The configuration of the sub netted class C IP network is now completed Remember that each of the 2 sub networks created may only have 62 host IP addresses defined L The configuration options described here are only for initial set up and configuration purposes For more information on all of the configuration parameters available please refer to the router PPP Menus Reference Manual file on the accompanying CD RO M 39 Applications Configure as an Ethernet IPX router The router is preconfigured to operate as an IPX router when installed in an IPX network The router will learn the IPX network numbers from the local LAN and when the WAN connections are established the router will route the IPX frames to the appropriate destination IPX network The IPX routing scenario may consist of one of the two following configurations The first configuration consists of Novell servers located on each of the LAN segments to be connected The second configuration consists of Novell servers located on only one of the LAN segments to be connected The router IPX router will need to be configured differently in the second configuration with
68. p Link Set up Link Speed The clock speed that the router will expect to receive from the DCE link device must be defined Local IP Address Location Main Configuration LAN Set up LAN IP Set up V P A Subnet mask size This is the IP address and subnet mask for the link of this router in the unnumbered IP connection 27 Applications Bridge Connection Once the link speeds have been configured the router will attempt to establish the link connection to the remote site PPP router The Bridge connection does not require any configuration for operation IP Router Connection Once the link speeds and local IP address have been configured the router will attempt to establish the link connection to the remote site PPP router The IP connection is an unnumbered connection that requires only the configuration of the IP address of the router IPX Router Connection Once the link speeds have been configured the router will attempt to establish the link connection to the remote site PPP router The IPX connection is an unnumbered connection that does not require any configuration If security is required for the connection refer to the Configure PPP Security section for information on setting the security passwords and user names for PPP The configuration options described here are only for initial s amp up and configuration purposes For more complete information on all of the configuration paramet
69. r Several examples of typical pattern filters are also provided Menu Trees provides a graphical tree type overview of the structure of the built in menu system of the router All of the configuration is performed using the options provided in the menu system The Menu Tree is like an index to the menu options Configuration Pages provides a place to note the current configuration of the router for future reference If a replacement unit is required the configuration may be quickly modified to be the same as the existing unit Octet Locations on Ethemet Frames provides a graphical representation of the various common Ethernet frames that the router will bridge or route When defining a pattern filter these frame displays indicate the offset values to use in order to define the pattern filter correctly Servicing Information provides information on opening the case and changing the straps Using the Electronic Reference Manual The router Reference Manuals are provided as Adobe Acrobat PDF files on the accompanying CD ROM The PPP Menus Reference File is provided individually for ease of configuration reference The Adobe Acrobat Reader program is included on the CD ROM It is also available for most computer operating platforms from Adobe on the Internet at www adobe com The Reference Manual provides the following information Introduction to bridging routing and router features Pin out references for the link modules
70. router each of the frames received from the local LAN is passed on to the appropriate internal section of the router The IPX frames are passed on to the IPX router the IP frames are passed on to the IP router and all other frames are passed on to the bridge Different pattern filters may be defined in each of these sections to provide very extensive pattern filtering on LAN traffic being sent to remote LANs Pattern filters are created by defining an offset value and a pattern match value The offset value determines the starting position for the pattern checking An offset of 0 indicates that the pattern checking starts at the beginning of the data frame An offset of 12 indicates that the pattern checking starts at the 12th octet of the data frame When a data frame is examined in its HEX format an octet is a pair of HEX values with offset location 0 starting at the beginning of the frame Please refer to A ppendix C O det Locations on E theme Frames for more information on octet locations in data frames The pattern match value is defined as a HEX string that is used to match against the data frame If the HEX data at the appropriate offset location in the data frame matches the HEX string of the filter pattern there is a positive filter match The data frame will be filtered according to the filter operators being used in the filter pattern 98 Introduction to Filtering The following operators are used in creating Pattern filters
71. t password is BRIDGE case sensitive and should be changed if security is desired With the options of the built in menu system the router may be configured to operate within your environment Refer to the router PPP Menus Reference Manual file on the accompanying CD ROM for a complete description of all the Menu O ptions Installation Mandatory Configuration The router requires a minimum amount of mandatory configuration in order to operate The following table identifies the configuration parameters that must be defined for proper operation under the operational states shown in the table Mandatory Configuration IP Router IPX Router Frame Relay PPP Leased Line None Frame Relay Disabled Remote Site Profile The configuration options required for proper initial operation are described in Section 2 Typical Applications and How to Configure Them Refer to Section 2 for details on configuring the router Also refer to the Menu Reference Manual file on the accompanying CD ROM for a complete description of all the Menu O ptions Other options may be changed depending upon specific installation configurations Refer to the menu tree in Appendix A for a reference of the menu structure and options 10 Installation Setting the Link Interface T ype Universal WAN only The Universal WAN Interface must be configured to match the service to which it will be connected WARNING ensure that the connector cable
72. this example the IPX network number may be manually configured and the router will proceed to route between the two networks W hen manually configuring an IPX network number for a frame type that has already learned a network number IPX routing must be disabled before the new network number is assigned 43 Applications PPP Link Configuration O verview A PPP Point to Point Protocol connection between two routers may use a number of Network Control Protocols NCP for communication An IP router connection will use the Internet Protocol Control Protocol IPCP NCP for all IP communications An IPX router connection will use the Internet Packet Exchange Control Protocol IPX CP NCP for all IPX communications In order to establish an IPCP or IPXCP link connection between two PPP routers either a numbered link or an unnumbered link connection must be established The two types of link connections are available to allow for greater flexibility between vendors products Numbered Links A numbered link assigns a network address either IP or IPX to both ends of the WAN connection In a numbered link configuration the WAN connection may be viewed as another LAN network with the two PPP routers simply routing information between their local LANs and the common connected WAN network Because the WAN is considered to be a separate network each of the stations on that network must be assigned a network address If a numbered IP link is t
73. to a terminal you are ready to power up the router Connect the DC power cord from the supplied power supply to the back of the router and plug the power supply into the AC wall outlet Observe the LEDs as the router powers up The LEDs will go through a flashing pattern as the power up diagnostics are performed After the power up diagnostics are finished the Power LED will go from red to green The console will also display testing and initialization messages as it performs these tasks if this is the first time the router has been powered up on this console the display may be unreadable until the next step is performed Enter at least one RETURN up to three if necessary in order for the router to determine the baud rate of the terminal used for the console ie autobaud The following information will now be seen on the console connected to the router Terminals supported angi Eve slew 109 enprelO2 ep 79 20215 4 tvi950 vt52 vt100 wyse 50 wyse vp teletype Enter terminal type Select the terminal type being used if listed and enter its name in lower case at the prompt or choose the terminal type teletype if your terminal is not listed This terminal type operates in scroll mode and may be used successfully until a custom terminal definition is created Login and Enter the Required Configuration At the login screen type a 1 and the default password to enter the menu system of the router The defaul
74. to become corrupted the bridge router will restart in ZMODEM receive mode only If the bridge router does not start in ZMODEM receive mode perform the following steps power down the bridge router open the case remove the strap from the center set of pins 3 4 power up the bridge router The bridge router should now restart and bein ZMODEM receive mode 5 Re install the strap and replace the cover 1 H WN Please refer to Appendix E or the Menus Reference Manual for information on how to do software upgrades To Clear a Lost Password Remove power from the bridge router Remove the case cover Remove the jumper strap on pins 5 6 Re attach the power to the bridge router and wait for Power LED to go green Remove power from the bridge router Re install the jumper strap on pins 5 6 Install the case cover Power up the bridge router Log into the bridge router using the default password BRIDGE and change the password as desired 1 WON 1 C 2 2 2 wa 76 Servicing Information Connecting to the Console Connector The console connector on the router is a DCE interface on a RJ45 pinout The supplied D B9 to RJ45 converter should be used to connect to the DB9 connector of a DTE terminal This connection will then provide access to the built in menu system If the console interface is to be connected to a modem or other DCE device
75. tware release F5P 06 02 xx 65 X K X X APPENDIX B OcTET LOCATIONS ON ETHERNET FRAMES This appendix provides octet locations for the various portions of three of the common Ethernet frames When creating pattern filters these diagrams will assist in the correct definition of the patterns The offset numbers are indicated by the numbers above the frame representations Note the differences in the TCP IP and Novell frames when bridging and when routing When routing the TCP IP and Novell frames are examined after the Level 2 Ethernet portion of the frame has been stripped from the whole data frame This means that the offset numbers now start from 0 at the beginning of the routed frame and not the bridged frame Some of the common Ethernet type codes are also shown here The Ethernet type codes are located at offset 12 of the bridged Ethernet frame 67 Octet Locations on Ethernet Frames Octet Locations on a Bridged TCP IP Frame LEVEL2ETHERNET 0 1 2 3 4 5 6 7 8 9 10 11 12 13 ETHERNET DESTINATION ADDRESS ETHERNET SOURCE ADDRESS TYPE CODE INTERNET PROTOCOL 14 15 16 17 18 19 20 21 22 23 24 25 ver mu TOTALLENGTH IDENTIFICATION FRAGMENT TIME TO prorocoL HEAD 26 27 28 29 30 31 32 33 SOURCE ADDRESS DESTINATION ADDRESS TRANSPORT CONTROL PROTOCOL 34 35 36 37 38 39 40 42 43 44 45
76. twisted pairs within the connecting cable NOTE For U K Approval The connecting cable may be any length between 0 and 5M 85 Servicing Information V 11 21 DB25 to DB15 Connector Cable DB25 MALE DB15 MALE 1 Protective Ground Protective Ground 1 2 Transmit Data A Transmit Data A 2 3 Receive Data A Receive Data A 4 7 Signal Ground Signal Ground 8 8 Indication A Indication A 5 10 Indication B Indication B 12 12 Signal Element Timing B Signal Element Timing B 13 14 Transmit Data B Transmit Data B 9 15 Signal Element Timing A Signal Element Timing A 6 16 Receive Data B Receive Data B 44 20 Control A Control A 3 23 Control B Control 10 Figure C 10 V 11 X 21DB25 to DB15 Connector Cable NOTE For U K Approval The connecting cable may be any length between 0 and 5M 86 Servicing Information V 35 Null Modem Cable Configuration DB25 MALE DB25 MALE 1 Protective GND Protective GND 1 2 Transmitted Data A Received Data A 3 14 Transmitted Data B Received Data B 16 3 Received Data A Transmitted Data A 2 16 Received Data B Transmitted Data B 14 9 Receiver Signal Element Timing B Transmitter Signal Element Timing B 11 20 Data Terminal Read Data Channel Received Line Signal Detector CD 8 8 Data Channel Received Line Signal Detector CD Data Terminal Ready 20 1 Signal Ground Signal Ground 7 6 Data Set Read Request To Send
77. urity Set up Security L evel The security level defines the type of security that this router will request when a remote site PPP router attempts to establish a PPP connection The security may defined as none PAP or CHAP When a security level is defined on this router an entry for each remote site PPP router that may be connected to this router must be placed in the security database The security database is used to store the user names and passwords of the remote site PPP routers 50 Applications Security Database E ntry Location Main Configuration WAN Set up Edit Remote Site Security Parameters Incoming PA P Password Incoming CH A P Secret Outgoing U ser N ame Outgoing PA P Password Outgoing CHA P Secret The security entries in the security database define the user names and passwords that remote site PPP routers will provide when an authentication request is sent from this router W hen defining the user names for the PPP routers that will be connecting together you should remember that the remote site PPP router user name that is authenticated by the router is used to match to the configured remote site profiles If a match to a configured remote site profile exists the incoming call will use the configuration defined within that remote site profile This also allows easier viewing of the remote site statistics L The configuration options described here are only for initial s amp
78. wn in each instance in the following format Configuration O ption N ame Location Main Sub Menu Name Sub Menu Name Option N ame The configuration option is shown as well as the options location within the menu system The character indicates that a sub menu level must be chosen The option name is finally shown in italics The keyboard graphic in the left margin indicates that this is information that the user will have to enter for configuration T he note icon is used to provide miscellaneous information on the configuration and se up of the router Configuration The Configuration N ote is used to indicate that there may be another configuration item that is effected by changing this option The information icon is used to indicate that more information is available on this subject The information is usually located within another document as specified A N The caution icon indicates that caution should be taken when performing this task 19 Applications Basic Frame Relay Configuration North American routers are configured to have frame relay enabled as the default setting With frame relay enabled the router will communicate over WAN connections to other frame relay units via frame relay Permanent Virtual Circuits PVC From 1 to 40 PVC s may be defined to connect to other frame relay units Before the router can establish a PVC connection to another frame relay router at least one PVC must be de
79. y created remote site profiles will establish a PVC connection to the remote site routers the router will bridge and IPX route data without any user configuration Because an IP router requires an IP address the router must be configured with an IP address before IP routing is fully operational To configure an IP address forthe router use the IP address option IP Address Location Main Configuration LAN Set up LAN IP Set up V P A ddress Subne mask size If security is required for the PVC connection refer to the Configure PPP Security section for information on setting the security passwords and user names for PPP 24 Applications By default PPP is disabled for each of the newly created remote site profiles If PPP encapsulation is desired for example to use security the PPP encapsulation option should be set to enabled By default when PPP encapsulation is enabled multilink is also enabled PPP Encapsulation Location Main Configuration WAN Set Up Remote Site Set Up Edit Remote Site Connection Set up V PPP enable The configuration options described here are only for initial set up and configuration purposes For more complete information on all of the configuration parameters available please refer to the router PPP Menus R eference M anual file on the accompanying CD ROM 25 Applications Basic Leased Line Configuration routers shipped outside North America are configured to have a
Download Pdf Manuals
Related Search