Manuale d’uso / di manutenzione del prodotto OfficeConnect 812 del fabbricante 3Com
Vai alla pagina of 170
http://www.3com.com/ ® Of ficeConnect ® Remote 812 ADSL Router CLI User’ s Guide Release 2. 0 Part Number 10043337 AA.
ii 3Com Corporation 5400 Bayf ront Pla za Santa Clara, Ca lifor nia 95052-8145 Copyright © 2001 3Com Corporation. All rights reserved. No part of this documentation ma y be repr oduced in any form or.
iii Table of Contents 1 A CCESSING THE C ONFIG URATION I NTERFACE Establis hing C ommunica tions w ith th e OfficeConne ct Remot e 812 1 -1 Local Conn ection 1 -1 IBM-PC Compat ible Comp uters 1 -1 Ma.
iv Quick Setup Script In structions 4 -2 Quick Setup Script 4 -2 Do you want to co ntinue Quick Set up? 4 -2 Passwor d Pr otection 4 -2 Which p ortion s of the ne twork do you w ant to confi gure? 4 -.
v Setting Up a V irtua l Privat e Netw ork (VP N) T unnel 6 -5 T unn el En cryption 6 -5 VPN T unnel ing Over view 6 - 6 Before Y ou Begin 6 -6 Initia ting a VPN T unn el 6 - 6 Enab ling and Disa blin.
vi Config uring the DHCP Relay 6 -29 Moni toring the DH CP Rela y 6 - 29 DNS 6 -29 Conf iguring DNS 6 -30 DNS Host Entri es 6 -30 Managi ng th e DN S Proxy 6 - 30 Access Lists 6 -31 IPX Rou ting 6 -31.
vii IP RIP Packet Filter ing Usi ng CLI 6 -50 IPX So urce and Dest inati on Netw ork Fil terin g Using C LI 6 -51 IPX So urce and De stin ation H ost Fi ltering Usin g CL I 6 -51 IPX So urce and De st.
viii B CLI C OMMAND D ESCRIPTION CLI Co mmand s B -1 ADD B -1 add a ccess <ip su bnet address> B -1 add auto_f ilter eth _blk_dst B -1 add auto_f ilter vc_blk_ netbios B -1 add bri d ge netw ork.
ix delete ipx service <se rvice_name> B -11 delete pat tcp vc <vc_name> B -11 delete pat udp vc <vc_name> B -11 delete n at [dynamic | static ] vc <vc name> publi c_pool _start.
x enable i p rip B -15 enable ip r outing B -15 enable ip x network <n etwork_name> B -15 enable lan access B -15 enable lin k_traps interface <interface_nam e> B -16 enable net work servi.
xi list se rvice s B -21 list sn mp commu nities or list snm p trap_ commun ities B -21 list sys log B -21 list tc p connecti ons B - 22 list tf tp clients B -22 list ud p liste ners B -22 list t unne.
xii set sys tem B -34 set sy slog <ip_ address> lo glevel [ level] B -34 set time <ti me> B -34 set tun nel <tunne l_name > B -34 set u ser < user_n am e> B -35 set vc <vc_n.
xiii show memory B -50 show ne twork <name > sett ings B -50 show network < name> coun ters B -50 show ppp on vc <vc_name> co unters B -51 show ppp on vc <vc_name> s ettings B .
xiv POSITIO NAL HELP B -57 Comma nd Compl etion B -57 Output Pause B -58 Comm and Kill B -58 Comments B -58 3C OM C OR PORAT ION L IMITED W ARRANTY FCC C LASS A V ERIFICATION S TA TEMENT FCC C LASS B .
1 A CCESSING THE C ONFIGU RATION I NTERFACE This chapte r explains how to at tach to the configur ation interf ace locally via the consol e port or remotely via a T elne t session . This chapte r also introduces you to the capabi lities and conventi ons associated with manag ement of your Office Connect â Remote 81 2.
1-2 C HAPTER 1: A CCESSING THE C ONFIGURATI ON I NTERFACE UNIX-Based Computers Kermit , min i com and tip are typica l terminal emul ation pr ograms for UNIX- based computer s. Dependin g on the platfo rm you ’ re usin g, y ou ma y ne ed to m odify a config uration fil e for vt100 sett ings.
2 CLI C OMMAND C ONVENTIONS AND TERMINOLOGY This chapte r describes the comm and syntax, conventions and terminolo gy used within the C ommand Line Inter face. Reviewing and under standing thi s chapter is essenti al for you to under stand subsequ ent chapter s.
2-2 C HAPTER 2: CLI C OMMAND C ONVENTIONS AND TERMINOLOGY The type of val ue you enter must match the typ e requested. Numb ers ar e either deci mal or hexadecimal . T ext can be eit her a string that you cr eate, or it may be a list of opt ions you must choos e fr om.
Command Stru cture 2-3 Help is most usefu l during configur ation: query the li s t of pos sible parameter s by typin g ? and, when you find t he value you nee d, type it witho ut losing your place in the argume nt. Just be sur e to leave a space between the keywor d and the question mark.
.
3 C ONFIGUR ATION M ETHODS The OCR 812 C LI offers three setup ch oices, all of which ar e described in this section: the auto mated, Quic k Se tup me thod, t he QuickVC Se tup meth od, and the manual method .
3-2 C HAPTER 3: C ONFIGUR ATION M ETHODS Manual Setup Instru ct ions Once you become familiar with the CLI interface, you might find it mor e ef ficient to mana ge the OCR 812 manually . Manual co nfigurati on is most versatil e in that you only ent er commands that need t o effectiv ely change fr om the curr ent config uration.
4 Q UICK S ETUP This chapte r will describe i n detail the operat ions of the Quick Se tup progra m. It will id entify the requir ed info r matio n, steps involv ed, and sam ple output scri pts fr om the execution o f this pro gram.
4-2 C HAPTER 4: Q UICK S ETUP Downgr ading the Rem o te 812 So ftware t o a Previo us V ersion Downgr ading the 812 softwar e to an older vers ion is not recomme nded (we suggest you upgrade to obt ain the latest and most r eliable softwa re availabl e).
CLI Quick Setup Script 4-3 Quick S etup Iden tification I nformatio n Quick Setup Manage ment I nformatio n An SNMP comm unity names a group of systems t hat can manage your system vi a SNMP . It is a rudimentary for m of securi t y . Along wit h a community name, you can l i mit acces s to a specific manag ement station .
4-4 C HAPTER 4: Q UICK S ETUP TELNET info rmation For TEL NET managemen t of the syste m, you need to cr eate a u ser name and passwor d to contr ol access. Quick Setup IP Informati on The OCR 812 us es a network name to i dentify the net work for futu re manageme nt commands.
CLI Quick Setup Script 4-5 The OCR 812 can act as a DHCP s erver , provid ing IP addr esses to other st ations on the local LAN. It is possible to restrict access to the TF TP server to a specific system or a list of systems. Quick Se t up wil l allow you to enter one system that is allowed or allow access to all systems.
4-6 C HAPTER 4: Q UICK S ETUP Quick Setu p Brid ge Inform atio n The networ k name is used by t he OCR 812 to identi fy your bridg ing setup. The spannin g tree algor ithm is used to elimi nate loops in a network t hat is linked togethe r with brid ges.
CLI Quick Setup Script 4-7 Sampl e Output Display as Quick Set up Executes OCR-D SL> set syst em na me "na me" OCR-D SL>set sy stem l ocation " vienna" OCR-DSL>set system contact "jc" OCR-D SL>enable comm and passw ord “ password ” OCR-D SL>add snmp co mmuni ty public add ress 0.
.
5 Q UICK VC S ETUP This chapte r will describe i n detail the operati ons of the OCR 812 Quick VC Setup W izar d prog ram. It will ident ify the requir ed info r matio n, steps inv olved, and sample out put scripts from th e execution of th is prog ram.
5-2 C HAPTER 5: Q UICK VC S ETUP The Categ ory of Ser vice and cell rate paramete rs only affect data transm itted from the OC R 812 to the remote si te (up stream directio n). Th e defa ult value of U BR with a Peak Ce ll Rate of 0 will attem pt to use all avai lable upstrea m band width when tra nsmitting to the re mote site.
CLI Quick VC Setup Script 5-3 The IP confi guration fo r VC “ name ” is no w complete. IP Confi gurati on (Netwo rk Serv ice RFC 1 483) Port Address T ranslation (P A T) allows a si ngle WAN-side IP addre ss to be ‘ sh ar ed ’ by multiple LAN-side devices.
5-4 C HAPTER 5: Q UICK VC S ETUP IPX Ro uting ( N etwo rk Servi ce PPP) The IP X configur ation fo r VC “ name ” is n ow com plete . IPX Ro uting ( N etwo rk Servic e RFC 1483) The IP X configur ation fo r VC “ name ” is n ow com plete .
CLI Quick VC Setup Script 5-5 Sample I dentificatio n Information This section co ntains a samp le of possible settings . Encapsul ation type: PPP AT M i n f o r m a t i o n : VPI/VC I: 0/33 Category .
.
6 M ANUAL S ET UP This chapt er describ es how to manually set up the OCR 812 for rout ing or brid ging. Configur ation Overview The foll owing steps pr ovide an outline t o follow when c onfiguring the OCR 812 t o rou te or bridge to r emote networ ks.
6-2 C HAPTER 6: M ANUAL S ETUP Remote Site Management Each r emote site that you want to conn ect to is accessed t hrough a sing le A TM Virtual C hannel connecti on. T o set up connecti ons over the W AN, a VC (r emote site ) profi le must be crea ted and edited.
Remote S ite Managem e nt 6-3 For example , if you want t o change the PPP authentic ation passwor d to testpassword for a pr ofile call ed I nternet you would do the foll owing: disab le vc Interne t.
6-4 C HAPTER 6: M ANUAL S ETUP When the N etwork Service i s set t o RFC 1483, the pr ofile ’ s IP WA N addresses can be dynamic ally learned with the DHCP pr otocol.
Sett ing Up a V irtu al Pri vat e Netw ork (V PN) T unnel 6-5 set vc name <vc name > atm vci <vci value> vp i <vpi va lue> Y ou should have bee n provided with Ca tegory Of Service par ameters. UBR - Uns pecified B it Rate; No li mit has been spe cified for the upstr eam data flow .
6-6 C HAPTER 6: M ANUAL S ETUP VPN T unneling Overview A VPN t unnel is a priv ate virtual cir cuit tha t uses public wir es to connect two nodes. For example, it is common pr actice to crea te VPNs that use the I nter net as the public med ium over which privat e info rmatio n is sent an d received.
Sett ing Up a V irtu al Pri vat e Netw ork (V PN) T unnel 6-7 Enab ling a nd Disa bling a VPN T u nnel T o enab le a VPN , ente r the enable tu nnel comma nd.
6-8 C HAPTER 6: M ANUAL S ETUP be blank (a ssigned with the value “” ). Y ou can chang e t he P ASSWORD and SEND_P ASSWORD using the SET TUNNEL [P ASSWORD | SEND_P ASSWORD ] command.
Sett ing Up a V irtu al Pri vat e Netw ork (V PN) T unnel 6-9 For example , to change the SEND_P ASSWORD settings o f a tunnel named ZOOM to VPN, e nter the follo wing comm and: SET TUNNEL ZOOM SEND_PASSWORD VPN Y ou must disable t he tunnel using t he disabl e tunnel <t unnel_na me> command be fore you can change an y parame ters.
6-10 C HAPTER 6: M ANUAL S ETUP Confi guring Authenticatio n and Encr ypti on T o lear n ho w to use CLI co mmand s to config ure authentica tion and e ncrypti on for the OC R 812, please refer to the.
Sett ing Up a V irtu al Pri vat e Netw ork (V PN) T unnel 6-11 An adminis trator ma y also set up a Windows 2000 Server as a router with a privat e IP subnet set to 98.76 .54.0/C. T o add DHCP Services o n the Windows 2000 Server , an admini strator can use an y IP addr esses from 98.
6-12 C HAPTER 6: M ANUAL S ETUP vpdn- group 1 accept- dialin pr otocol l 2tp virtu al-t emp late 25 terminate -from hostname OfficeConnect local name c7 200 no l2tp tu nnel authe ntication sour ce-ip 192.
Sett ing Up a V irtu al Pri vat e Netw ork (V PN) T unnel 6-13 ppp aut henticat ion pap 6 Ensur e RIP and IP Pool co nfiguration pa rameters ar e set to the foll owing values: RIP Conf igurati on ro uter rip ver 2 network 1 92.180.3. 0 IP Pool for L2TP T unn el ip local pool L2TP 192 .
6-14 C HAPTER 6: M ANUAL S ETUP Adding a Fra med R oute for a VPN T unnel If you wish to set up a route to a net work on the private ( LAN) side of a r emote site, use a f ramed rout e. T o add a framed ro ute for a VPN tunn el, enter the add framed_ route vc com mand or the add fram ed_route tunn el command a t the CLI prompt .
IP Ro utin g 6-15 Enab ling IP Routing When th e OCR 8 12 is to be used f or IP Rout ing, IP forwar ding m ust be ena bled. This is a glo bal setting for the enti re ro uter .
6-16 C HAPTER 6: M ANUAL S ETUP Y ou can obtain a li st of all confi gured net works using the command list networ ks . T o on ly list IP netwo rks, use list ip network s .
IP Ro utin g 6-17 The IP addr ess associated with the l ocal side of the W AN connecti on can be specifie d by you, learned fr om the remote site (if you ar e using PPP as the Network Service for the connect ion), or the inte rface can be Unnumb ered.
6-18 C HAPTER 6: M ANUAL S ETUP If you ar e using address translatio n for a remote site connection (NA T) you must set ip_r outing to LISTE N or NONE. This is beca use you have set up a private LAN network and there fore do no t want to be broadcas ting inf ormation to other route r s.
Add ress Tran slati on 6-19 IP T ools The OCR 812 CLI pro vides a standa rd set of IP utilit y program s including Pin g, TELNET and RLOGIN. Address T ranslation Public IP ad dress es ar e regis tered and can be used wit hin a public netwo rk (e.g., the Internet).
6-20 C HAPTER 6: M ANUAL S ETUP P A T allows mul tiple privat e IP addres ses to use one publi c IP addr ess by dynamical ly and static ally mapping ea ch private I P source ad dress and pr ivate IP source port to one public IP s ource addr ess and one publi c IP sour ce port.
Add ress Tran slati on 6-21 ther e is no existin g dynamic or stati c port mapping, the packet will be tran sl ated usin g t he P A T defa ult ad dress. Confi guring P A T T ypi cally , P A T only needs t o be enabled or disabled for a remote sit e connection.
6-22 C HAPTER 6: M ANUAL S ETUP mem or y . I f yo u do n ot e nter the save all comma nd before a reboo t, unsaved changes made since the last save will be lost.
Add ress Tran slati on 6-23 Please al so note the foll owing: The “ bes t guess ” LAN workst ation will co ntinue to recei ve all non-addr essed packets sent by th is r e mote work stat ion un til a nd un less a new (dif fer ent) communicat ion pattern is de tected by Intel ligent P A T .
6-24 C HAPTER 6: M ANUAL S ETUP Confi guring NA T Stat ic and Dyna mic Mappi ngs If you do no t configur e static or dyna mic mappings fo r NA T (even if t hey have a defaul t P A T addres s), the fol.
Add ress Tran slati on 6-25 If you choose ( optionall y) to add stati c or dynam ic mappings for Sup er NA T , do not use the public WAN po rt IP addres s of the OfficeCo nnect 812 as one of the Super NA T static or dynamic pu blic IP address es.
6-26 C HAPTER 6: M ANUAL S ETUP Configur ing the 812 for SIP Phone Su pport The OCR 812 can be confi gured to use SIP phones. Overview A SIP phone (Se s sion Initia tion Pr otocol pho ne) is a network - capab le telephon e that uses Eth er net connectiv i ty to place an d receive call s over the Internet.
DHCP 6-27 caller id entity (and fin ds, then connects to, the recip ient ’ s IP address ). The IP address o f the intended rec ipient is their (SIP) phone numb er .
6-28 C HAPTER 6: M ANUAL S ETUP Conf igurin g the DHCP Serve r The OCR 812 ’ s DHCP Server has the foll owing fields that wil l need to be config ured: Host name Doma in Name IP Addr ess Pool, Start.
DNS 6-29 assigned , the corr esponding wor kstation MAC ad dresses , and r emaining time befor e the lease expir es. show dhcp server counters list dhcp se rver leases The DHCP Server configurati on is displayed wi th the show dhcp serv er settings command.
6-30 C HAPTER 6: M ANUAL S ETUP Configu ring DNS T o enable DN S function ality on the OCR 812, use th e command: enable dns T o disable DNS functio nality , use the command: disa ble dns Y ou can configur e three glo bal DNS para meters that contr ol the ope ration of th e DNS pr oxy .
IPX Routi ng 6-31 T o displa y the conte nts of the DNS Server tab l e, use the comman d: list dns servers T o delet e a domain entry , use the comma nd: delete dns serv er <doma in nam e> Access Lists Access lists enab le you to r estrict which Remote Subnet s are all o wed to access the Manageme nt services of the OCR8 12.
6-32 C HAPTER 6: M ANUAL S ETUP Remembe r to save y our configurat ion using the save al l command befo re reboot ing your OCR 812 so tha t your chang es will be wri tten to p ermanent FLAS H memory . Enabli ng IP X Routin g Unlike IP , there is no setting on th e OC R 812 that en ables or disables IPX routing functi onality on a glob al basis.
IPX Routi ng 6-33 T o specif y t hat the in terface is Unnumbe red you must ente r 00000000 for th e <ipx netwo rk addres s> parameter . set vc <v c name> ipx_ad dress 00000 000 Conf igurin g IPX S tatic and Fra med Routes A stati c route i s a configur ed rout e that will r emain in the r outing tabl e until deleted.
6-34 C HAPTER 6: M ANUAL S ETUP Configuri ng IP X Static and Fram ed Servi ces The Serv ice t able co ntai ns IP X se rver nam es, t he ser vices they provide, their network addr esses and node add resses, and their relative di stances. Examples of services includ e file se rvers and pri nters.
Bridging 6-35 dele te ipx_serv ice vc <vc name > nam e <service name> type <typ e> Remember t o disable and then re- enable the VC prof ile for the change to tak e effect. Conf iguring IPX R IP and SAP IPX RIP i s used to e xchange IPX r outing inf ormation wi th other IP X rout ers.
6-36 C HAPTER 6: M ANUAL S ETUP The OCR 812 brid ge supports the Sp anning T ree Pr otocol (S TP). This featur e is used when tw o networks ar e joined by two bridg es forming a loope d network. STP pr events the data p ackets fro m circ ling the t wo net works.
Bridging 6-37 IP For warding refers t o the r outing of IP packets fro m one i nterface to anoth er . I t does no t affect commun icating to the OCR 812 itself. Even when IP Forwarding is disabl ed, you can perform no n-routing fu nctions such as us e a We b browser to manage the un it and use PING.
6-38 C HAPTER 6: M ANUAL S ETUP MAC-En capsul ated Routi ng Because r outers ba se their for warding de cision on netw ork-level ad dress es, packets tha t are r outed ove r a W AN are tr ansmitted witho ut MAC-layer ad dresses.
System Admini stra tion 6-39 2 Forwar d Unicast Packets Only : If a pr otocol is con figure d for rou t ing, an d a packet for that pr otocol ty pe is received from the LA N that is not addresse d to the M AC ad dress of the OCR 812, it is bri dged.
6-40 C HAPTER 6: M ANUAL S ETUP Y ear (yyy) can be speci fied as 2 digits or as 4 digits (97 or 1997 ). For exampl e: set date 01-JAN- 1998 T o manually set the time , use the c omma nd set ti me (which sets the system ti me, and leav es the date unchange d).
System Admini stra tion 6-41 If mor e than one OCR 812 is installed in your network, eac h OCR 812 is assigned a di fferent primary NTP server (the assig nment of a pri mary NTP server to a give n OCR 812 is based on the uniqu e MAC addres s of that OCR 812 unit).
6-42 C HAPTER 6: M ANUAL S ETUP T o specify a time zon e for NTP , use the follo wing co mmand: set timezone <timezone_n ame> The de fault t ime zone is GM T .
System Admini stra tion 6-43 Displaying Date, Time, and Syst em Uptime T o displ ay current date , current time, a nd system uptime (time elapsed since power -on), use the c ommand sho w d ate .
6-44 C HAPTER 6: M ANUAL S ETUP Pro viding TF TP Access T rivial Fi le T ransfer Pr otocol (T F TP) pr ovides a simple way to transfe r files fr om one machine t o another . The OCR 812 ha s a TF TP server tha t allows yo u to copy file s to or fr om the uni t.
System Admini stra tion 6-45 After lo gging in to the CLI, you can exit the CLI with the co mmand: exit cli.
6-46 C HAPTER 6: M ANUAL S ETUP T o set the idle timeou t period, use the comm and: set co mmand idle _timeout <ti meout> wher e < timeo ut > specifies the idle timeout period in mi nutes.
Offic e Conn ect Remote 812 F iltering Capab ilities 6- 47 Packet fil ters contr ol inter -network d ata transmis sion by accepti ng or re jecting the passage of s pecif ic packets thr ough network interface s based on packet head er informat ion.
6-48 C HAPTER 6: M ANUAL S ETUP Generic Filters Generic filt ers are pr otocol-i ndependent and are spec ified by byte and of fset values in a packet . Packets ar e filter ed by comparing each packet ’ s of fset valu e and byte info rmation with th e values that you def ine in the filt er .
Creating Filters Using Command Line Interface 6-49 Filte r File Comp onents in CLI Y ou define the fi ltering rul es used by the r outer within filter files.
6-50 C HAPTER 6: M ANUAL S ETUP the first match that occurs . If t here is no match, by defa ult the packet is accepted. For this reas on, you should or der your pr otocol rul es so that the rules you expect to be most f requent ly matched ar e in the beg inning of the sect ion.
Creating Filters Using Command Line Interface 6-51 Generic F ilter Rule The syntax for generi c filters is slightl y differ ent than that for other fil ters: <line #> <verb> GENERIC => .
6-52 C HAPTER 6: M ANUAL S ETUP IP So urce and Des tination Netwo rk Filte ring Using C LI Sour ce and desti nation addr ess filt ering is gener ally used t o limit permit ted access to trus ted hosts.
Creating Filters Using Command Line Interface 6-53 If the r outer is lis tening for , or br oadcasting RI P messages, you s hould allow them to pass i n the appr opriate di rectio n(s). Y ou define IP RIP filte ring rule s in the IP-R IP pro tocol section of the filter fi le.
6-54 C HAPTER 6: M ANUAL S ETUP IPX: 1 ACCEP T sr c-socket = 0x001; 999 DE NY ; IPX RIP Pa cket Fil tering Using CLI Routin g Information Pr otocol (RI P) packets ar e used to identify al l attached network s as well as the n umber of route r hops r equir ed to r each them.
Creating Filters Using Command Line Interface 6-55 3 ACCEP T generic=>origin=FRAME/offset=12/l e ngth=2/mask=0 xFFFF/value=0x8136; 4 ACCEP T generic=>origin=FRAME/offset=12/l e ngth=2/mask=0 xFFFF/value=0x8137; 999 DE NY ; Step by Step Gu ide to Cr eating Filt er Files Usin g CLI Y ou can create f ilter files usin g any text editor .
For exampl e, fr om the workstation command line en ter: tftp <OfficeConnect Remote 812 IP addr ess> put <filter filename> 12 The r outer does not r ecognize a filter file sto red in its FLASH memory until you add it to th e mana ged filte r tabl e.
Applying F ilters Us ing CLI 6-57 Most import antly , the rout er does not know which in terface an outgoin g packet came in thr ough. If a potent ial intruder forges a pack et with a false sour ce ad.
Confi guring Fi lters for a VPN T unnel T o configur e filters f or a VPN tunnel, us e the following com mands: set tunnel <tunn e l name> inpu t_filter <filter_name > set tunnel <tunn .
Managi ng Filters Using CL I 6-59 It may be help ful to use the list files command to see files successfully stored in the FLASH memory . Removi ng a Filter fr om an Interface U sing CLI T o r emove a.
6-60 C HAPTER 6: M ANUAL S ETUP.
A OFFICECONNEC T REMOTE 812 SAMPLE CONFIGURA TION Sample Configu ration Overview This sect ion describes a samp le configurat ion that ill ustrates the f ollowing OCR 812 f eatures: Address T ranslation Internal DHCP Server and DNS Proxy . Multi ple R emote S ites, with different routi ng an d brid ging c onfig uration s.
A-2 A PPENDIX A: OFFICECONNECT REMOT E 812 SAMPLE CONFIGURATION Confi guring the Sample Network The foll owing section s discu ss the six steps r equir ed to confi gure our sample network .
Configur ing the Sample Network A-3 set dhcp server dns1 192. 168.200. 254 dns2 0.0.0.0 set dhcp server wins1 0.0.0.0 wins2 0. 0.0.0 add dns host o crdsl-3com.
A-4 A PPENDIX A: OFFICECONNECT REMOT E 812 SAMPLE CONFIGURATION dynamical ly lear n the addr esses for two r emote DNS Servers . The login name for this acc ount is “ interne t-user ” and the passw ord is “ 1a 2b3c ” .
Configur ing the Sample Network A-5 set vc corp-net ip_r outing both set vc corp-net ipx_ address 0 ip x_routin g all enable vc corp-net.
.
B CLI Command Description CLI Command s ADD Use the ADD com mand to defi ne: Networks yo u will conne ct to Hosts you need to access SNMP communi t ies Users who will dia l out, dial in, acce s s the net work, or use the CLI Note that som e paramete rs have default val ues.
B-2 A PPENDIX B: CLI C O MMAND D ESCRIPTION Y ou must use add us er to create a network type user for thi s comman d, and set user to spec ify the pr otocol and ot her parameters rela ted to bridgi ng. add dns host <host_name> addr ess <ip_addr ess> Adds the named ho st to the Local Host T able.
CLI Command s B-3 Y ou must corr ect the filte r file in a text edi tor , use TF TP to export the updat ed file to the system ’ s FLASH file system, and use the verify filt er command t o check the filt er ’ s syntax.
B-4 A PPENDIX B: CLI C O MMAND D ESCRIPTION add ip ne twork <netw ork_ nam e> addr ess [i p_net_ad dress] frame [ETHER NET_II | SNAP | LOOPBACK] { interface [eth:1] } { enable d [yes] } Adds an IP network to the list of IP networks ava ilable over the sp ecified interfa ce.
CLI Command s B-5 add ipx route <ipx_net_a ddress> gateway [ipx_h ost_addr ess] metric [metric_nu mber] ticks [tick_nu mber] Adds an IPX stat ic route (for the LAN) t o the system ’ s IPX Rout e table, which defines s tatic r outes to re mote IPX networ ks.
B-6 A PPENDIX B: CLI C O MMAND D ESCRIPTION Belo w is a part ial list of th e IPX ser vic es ava ilabl e: add ipx_ route vc <name > ipx_ne t [ipx _address ] metri c [hop_cou nt] ticks [t ick_number] Adds an IPX rout e for the a user over the W AN.
CLI Command s B-7 Y ou must supp ly the name, inte r nal ipx network nu mber , node number , socket, and ty pe of servic e for this serv ice. The user mu st also supp ly gateway in formation to indica te the next r outer hop.
B-8 A PPENDIX B: CLI C O MMAND D ESCRIPTION clos e_act ive_c onnec tions [T RUE | F A LSE] This con f igur es a network list ener proce ss that pr ovides a certa in type of service.
CLI Command s B-9 Adds to t he list of S NMP author ized users. The communit y name and IP a ddress of SNMP req uests from man agers on the networ k must match the list, which you can see using list snmp communiti es .
B-10 A PPENDIX B: CLI C OMMAND D ESCRIPTION add user [name] passwor d [password] {enabl ed [ye s]} Adds a T elnet user to the local user table. The li st users command di splays these paramete rs for all users. add vc [name] Create s a virtual channel (VC) pr ofile.
CLI Command s B-1 1 delete dns host <host_ nam e> Dele tes the specifie d host from the DNS Local Host T able . Use list DNS hosts to view the DNS Local Host table . After dele tion, re quests for that host will be pro cessed thr ough a DNS ser ver , instead o f locally .
B-12 A PPENDIX B: CLI C OMMAND D ESCRIPTION delete nat [dynam ic | s tatic ] vc <vc name> public_p ool_start <addr ess> publi c_addr ess <ip_ addr ess> Deletes th e s tatic NA T mapping to this publi c IP address for the associated V C.
CLI Command s B-1 3 DIAL dial <vc_name> Generates an outgo ing connection to t he location specif ied by the vc name. Y ou can use l i st vcs to list th e defined vc prof iles, and thei r curr ent status. DISABLE disable a ccess Disables the Access List f eature.
B-14 A PPENDIX B: CLI C OMMAND D ESCRIPTION disabl e lan acces s When the access list is enabled, this command d isables access to Hosts on the local LAN in terface. When disa bled, all frames r eceived on the LAN interfac e are subject to the ac cess list check.
CLI Command s B-1 5 ENABLE enable a ccess Enables the Access Li st featur e. When enables, on ly Remote Hosts in the access l ist are p ermitted access to the Router ’ s management services. enable bridge network <network_name> Ena bles br idgi ng ove r the spec ifie d netwo rk.
B-16 A PPENDIX B: CLI C OMMAND D ESCRIPTION enable link_ traps inte rface <interfac e_name> This comma nd tells SNMP to sen d linkup and li nkdown traps for th e specified interf ace. Y ou can see i f the interface i s current ly enabled for tr aps using the show interface settin gs command.
CLI Command s B-1 7 hangup vc <vc_name> C auses the con nection for the speci f ied VC to dr op. Y ou can see which VC s have active co nnections us ing lis t vcs . Also see disable vc , which causes a VC ’ s session to dro p, and preve nts new sessions whi ch use that VC fr om being estab lished.
B-18 A PPENDIX B: CLI C OMMAND D ESCRIPTION mgmt - unk nown, but filt ering inform ation exist s RxPkt - N umber of pac kets receive d from this MA C station RxOctets - No.
CLI Command s B-1 9 list i nte rfac es D isplays t he installe d interfa ces, alon g with their operat ional status, a dministr ation status , and interfa ce index.
B-20 A PPENDIX B: CLI C OMMAND D ESCRIPTION Pr ot - LO CAL or RIP NextHop - addr ess of the gate way used to reach this r oute Metric - number of r outer hops away this r oute is fr om the system If - interfa ce that th e route uses list ipx network s Di splay s the IPX netw orks that you previou sly defi ned using the add ipx network com mand.
CLI Command s B-2 1 Ty p e - ST A TIC or DY NAMI C networ k Netw ork Addr ess - ad dress of the network lis t proc esses Displays all processes running on the system. Inde x - a refer ence numbe r in the pr ocess table Nam e - designa tion of th e process (e.
B-22 A PPENDIX B: CLI C OMMAND D ESCRIPTION list t cp connections Displays i nformation about al l TCP connectio ns. Connection st atus is defined i n RFC-79 3.
CLI Command s B-2 3 PING ping <ip_name_or_addr> output [ou tput_file name] coun t [count] interval [interva l] tim eout [tim eout_ value ] Sends an IC MP echo req uest to a rem ote IP host.
B-24 A PPENDIX B: CLI C OMMAND D ESCRIPTION SA VE save all Saves all changes you h ave made dur ing your ses sion with the C LI. It is a good idea to save your changes frequen tly , jus t as you shou ld with any type of edito r . SET set a dsl r e se t Resets the ADSL interface.
CLI Command s B-2 5 set date <date> Sets the system date, an d leaves the time unc hanged. Use show date to see what the curr ent settings ar e. The format is: dd- mmm-yyyy . The month should be th e first th ree character s of the month name . The year can be eith er 2 or 4 digit s (97 or 1997 ).
B-26 A PPENDIX B: CLI C OMMAND D ESCRIPTION set dhcp s erver DNS1 <IP_ address> DNS2 <IP_ad dress> doma in <stri ng> end_add ress <IP_ addr ess > hostn ame <st ring> leas.
CLI Command s B-2 7 set faci lity <fac ility _nam e> loglevel [ level] Sets the severi ty r eporting level f or a facility . The hosts that will receiv e the error log e ntries a re defi ned usi ng add syslog lo glevel . Use li st facil ities to see what the cur rent logl evel is for eac h fac ility .
B-28 A PPENDIX B: CLI C OMMAND D ESCRIPTION Sets the br oadcast algori thm, the maximum size used for re assembling fragme nting packet s, the R IP authent ication st ring, RI P policie s , and the r outing pr otocol for the speci fied interf ace. The only r equir ed parameter fo r this command is <name >.
CLI Command s B-2 9 set ip r outing auto nomous_syst em_number [nu mber] table_ maximum_siz e [number] metric_ma ximum_entrie s [number] rip_flag s [METRICS, SEND_REQUEST] router_i d [router_i d] Sets parame ters for I P routin g to the specif ied IP rout er addre ss, which is the gateway t o an Auto nomous System .
B-30 A PPENDIX B: CLI C OMMAND D ESCRIPTION set ipx network <network_name> dela y_ticks [ number] diagnostics [DISABLE | ENABLE] maximum_ learning_r etries [nu mber] netbios [ENABLE | DISABLE] n.
CLI Command s B-3 1 set ipx system prio rity [prio rity le vel] default_gate way [ipx _host_add] init ial_po ol_add ress [ipx_addr] pool_me mbers [n umber] Sets parame ters for dy namic IPX netwo r ks.
B-32 A PPENDIX B: CLI C OMMAND D ESCRIPTION set ppp rec eive_authen tication [ANY | ANY_EXCEPT_MSCHAP | CHAP | MSCHAPV1 | MSCHAPV2 | NONE | P AP] Sets the ty pe of inbound authe ntication t o be used when establi shing PPP connecti ons for PPTP and L2T P tunnels.
CLI Command s B-3 3 set tunnel <tunnel_ name> encryptio n_algor i thm [AUTO | MICROSOF T_128BIT | MICROSOF T_40BIT | MICROSOF T_56BIT | NONE | REQUIRED] Sets encryp tion for a PPTP or L2TP tunnel. Encryption can be set to any of the parame ters shown in th e T able below .
B-34 A PPENDIX B: CLI C OMMAND D ESCRIPTION set system name [ “ name ” ] location [ “ loca tion ” ] contact [ “ contact info ” ] transmit_authentica tion_name [ name] Specifi es system contact information, which is displayed usin g show system .
CLI Command s B-3 5 set user <user_ n ame> message [ “ me ssage ” ] passwor d [p asswor d] session_timeout [se co nds] tcp_por t [tcp_port] ter mina l_type Modifie s user parameters . SEND_P ASSWORD <pas sword> The SE ND_P ASSWORD must ma tch the authentic ation passwor d on the VPN se rver .
B-36 A PPENDIX B: CLI C OMMAND D ESCRIPTION set vc <vc_name> addr ess_selectio n [negotiat e | assign | spec ified] brid ging [ena ble | dis able] defau lt_ro ute_opt ion [enabl e | disable] des.
CLI Command s B-3 7 Parameter Description <vc_name> VC profile name . addres s_ select ion Determines h ow the IP address will be assigned for remote IP network connecti ons. NEGOTIATE - learn the remot e IP address. SPECIFIE D - uses IP address set in rem ote_I P_address value bridging Enables/disables bridging ac ross this link.
B-38 A PPENDIX B: CLI C OMMAND D ESCRIPTION set vc < vc_name> atm set [num ber] category_of_service [Un specified (UBR) | V ariable (VBR)] pcr [ number] scr [num ber] type [PVC | SV C] vci [nu mber] vpi [n umber] manage ment_ip_ addre ss Seconda ry IP address on the VC for Manage ment purposes o nly.
CLI Command s B-3 9 Sets A TM pa rameter s for VCs. SHOW Show commands display details about system entities. show access Displays the curr ent status of the access list featu re. Administra tion Status - Indicates status of the access list feature. Options are Enabled or Disabled .
B-40 A PPENDIX B: CLI C OMMAND D ESCRIPTION show adsl statistics Statist ics for both near end and f ar end ADSL/A TM link. Count ers include corrected frames, CRC errors, and HEC errors for the Fast and Interlea ved path.
CLI Command s B-4 1 show bri dge set tings Displays the settings for all b ridge ne tworks. U se set bridge to modify these values. Base Agin g Ti me - time to ag e out a kno wn MA C address, d efault.
B-42 A PPENDIX B: CLI C OMMAND D ESCRIPTION History Depth: 10 Curr ent Pr ompt: OCR-D SL> Local P rompt: OCR-DSL > show config uratio n Displays a vari ety of system informat ion including: Syst.
CLI Command s B-4 3 show dhcp relay Displays the cur rent con figuration and count ers for both the pri mary and secondary DHCP relay server . IP Ad dress - IP add ress of th e DHC P Serv er . Max Ho ps - maximum hops to g et to thi s server . Status - enabled or disab led.
B-44 A PPENDIX B: CLI C OMMAND D ESCRIPTION DNS #1 - IP ad dress of t he primary D NS server that the DHCP server will util ize wh en resolvin g nam es. DNS #2 - IP addr ess of the secondary DNS server t hat the DHCP server will util ize wh en resolvin g nam es.
CLI Command s B-4 5 BR-E TH - CALL - Et her net brid ge call filter rules IP - I P data filter rul es IP-C ALL - IP call filter ru les IP-R IP - IP RIP a dvertise ment fil ter rule s show icmp counters Shows the Input and Output Counte rs for ICMP . T wo types of I C MP mess ages - error an d query messages - are sent to syslog hosts.
B-46 A PPENDIX B: CLI C OMMAND D ESCRIPTION Echos - sum of ICMP Echo (request) messages sent Echo Replie s - sum of these messages sen t Timest amps - sum of these messages sent Time stamp Re plies - .
CLI Command s B-4 7 show ip counters D isplays system wide IP network statistics. INP UT COUN TERS T otal I nput Datagra ms - sum o f IP data grams received Bad Head ers - number of da tagram s with b.
B-48 A PPENDIX B: CLI C OMMAND D ESCRIPTION Br oadcast Algorithm - broadcast al gorithm u sed fo r this ne twork Max Reasse mbly Size - maximu m packet size al lowed to be re assembled from fragmen ts.
CLI Command s B-4 9 RIP In Pac kets - sum of RI P packets r eceived SAP Out Packets - sum of SAP packets trans mitted SAP In Packet s - sum of S AP pac kets receiv ed show ipx netw ork <netwo rk_name> settings Displays p arameter settings for the specified IPX n etwork.
B-50 A PPENDIX B: CLI C OMMAND D ESCRIPTION show i px s ap settings counters Displays in forma tion ab out SA P for IPX . show ipx s ettings Displays settings for dynamic IPX net works.
CLI Command s B-5 1 show ppp on vc <vc_name > counte rs This sh ows counte rs for th e Point -to-Poi nt Pr otocol on t he Virtual Cir cuit. show ppp on vc <vc_name> settin g s This shows t he setting s for the Point-to -Point Protocol o n the V irtual Ci rcuit.
B-52 A PPENDIX B: CLI C OMMAND D ESCRIPTION SETTINGS for PPP BUNDLE 1 Opera tional Sta tus - opened or not opened Number Acti ve Links - number of l inks active on t his PPP bundle User Pr ofile - user whose parameters wer e used in cr eating li nks Local MMRU - MRU the r emote entit y uses when sendi ng packets to loca l PPP enti ty .
CLI Command s B-5 3 Remote T o Loc al ACC Compr ession - In dicates whether the r emote PPP entity will use Address and Con t r ol Compr ession when sending pa ckets to the lo cal PPP enti ty .
B-54 A PPENDIX B: CLI C OMMAND D ESCRIPTION T otal Set MIB Ob jects - sum of MI B objects alter ed successf ully as the re sult of re ceiving valid SNMP Se t-Request PDUs Get Request PDUs - sum of SN .
CLI Command s B-5 5 show teln et Displays the status of the TEL N ET escap e featur e (ENA BLED or DI SABLED). It is set using the disable an d enable TELNET escape commands .
show user <name> settings Displays the parameters de fined for the specif ied TELNET user . Y ou can use list users to s ee which users ar e defined. show vc <vc _name> settings Displays the parameters defined for the speci fied VC. Y ou can use li st vc to see which vi rtual chann els ar e defined.
CLI Exit Comma nds B-57 set_escape <string> Allows changin g the TELNET e scape charact er fro m ^] to something else. Contr ol characte rs are specif ied using the carat characte r foll owed by another charact er . For example, t o set the TELNET escape char acter to control - X, type set_ e sca pe ^X .
B-58 A PPENDIX B: CLI C OMMAND D ESCRIPTION Output Pause The output wi ll pause when ther e is more than 24 l ines of outpu t. T ype ‘ more ’ (or press CR) to co ntinue , or ‘ quit ’ to st op. Command Kill T o disconti nue the curr ent command actio n, and flush a ny commands which have been typed ahea d, use ^C (contr ol-C).
i INDEX A Add co mmand 2 -2 Address filtering, source and destination 6 -44 Address T ranslation Configuri ng NA T 6 -23 Configuri ng P A T 6 -21 Configuri ng Super NA T 6 -24 Monitoring NA T 6 -24 Mo.
ii D data filter ing, Input and o utput 6 -44 Data Filters 6 -45 Defaults 4 -2, 4 -7 DHCP Configuratio n set DHCP mode B -25 set DHCP rela y se rver1 B -25 set DHCP rela y se rver2 B -25 set DHCP serv.
iii I Input a nd Output filters contrasted 6 -54 Input da ta filters 6 -45 Input Fil ters 6 -54 Interface 1 -1, 2 -3 Interface Filters 6 -54 Interfaces disable in te rface B -13 disable li nk_traps in.
iv IP Routing Fram ed R oute s 6 - 18 Static Ro utes 6 -18 IP Sour ce and Des tination Network Filtering Using CL I 6 -50 IP Sour ce and De stination Port Filtering Usin g CLI 6 -50 IPX Configuratio n.
v N Network A ddress T ran slati on (NA T) 6 -23 Network Se rvice, confi guring 6 -3 Network user 2 -2, 2 -3, 4 -4 , 4 -5, 4 -6 O Output da ta filters 6 -45 Output F ilters 6 -54 P Pack age, what ’ .
vi S Sample Configurat ion A -1 Scrip ts CLI do (run CL I script) B -14 Security CLI Access disable security_o ption remote_ u ser administration B -14 enable security_option remote_user administratio.
vii T TELNET a ccess 6 -4 2 TF TP access 6 -42 U Unconfi gured state (booting 812 in) 4 -1 Unconfi gured state (restoring 812 to) 4 -1 Users dele te us er B -1 2 show us er settings B -56 show vc sett.
.
3Com Corporation L IMI TED W ARRANTY H ARDWARE 3Com warrants its hardware pro ducts to be free from def ects in wor kmanship and materials, under nor mal use and ser vice, for the fo llowing leng ths .
FCC C LAS S B S TATEM ENT This device complies with Part 15 of the FCC Rules. Op eration is subject to the following two conditions: 1 This device may not cau se harmful interf erence, and 2 This device must a ccept any interferen ce received, including interference t hat may caus e undesired op eration.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il 3Com OfficeConnect 812 è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del 3Com OfficeConnect 812 - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso 3Com OfficeConnect 812 imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul 3Com OfficeConnect 812 ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il 3Com OfficeConnect 812, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del 3Com OfficeConnect 812.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il 3Com OfficeConnect 812. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo 3Com OfficeConnect 812 insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.