User`s guide

ManualsBrandsAscend ManualsComputer equipmentPipeline

201

202

203

204

205

206

207

208

209

210

Table Of Contents

Ascend Customer Service
How to use this guide
What you should know
Documentation conventions
How to use the on-board software
- Changing parameter values
- Saving or discarding your changes
Manual set
Configuring WAN Connections
- About Wide Area Network (WAN) connections
- Link encapsulation
- Nailed groups
- How calls are initiated
- How calls are answered
- Data compression options
- The Answer profile
- Connection profiles
- Configuring Frame Relay connections
Configuring IP Routing
- Introduction to IP routing on the Pipeline
- Managing the routing table
- Configuring IP routing connections
- Ascend Tunnel Management Protocol (ATMP)
IP Address Management
- Connecting to a local IP network
- BOOTP Relay
- DHCP services
  - How IP addresses are assigned
  - Configuring DHCP services
- Dial-in user DNS server assignments
  - Configuring DNS servers in the Ethernet profile
  - Configuring DNS servers in the Connection profile
- Local DNS host address table
- Network Address Translation (NAT) for a LAN
Configuring IPX Routing
- How the Pipeline performs IPX routing
- Adding the Pipeline to the local IPX network
- Working with the RIP and SAP tables
- Configuring IPX routing connections
Configuring the Pipeline as a Bridge
- Introduction to Ascend bridging
- Enabling bridging
- Managing the bridge table
- Configuring bridged connections
Defining Filters and Firewalls
- Introduction to filters
- Overview of Filter profiles
- Example filters
- Working with predefined call filters
- Display unwanted dial-out packets
- Secure Access Firewalls
- Filter persistence
  - Background on firewall and filter persistence
  - Filter persistence and Connection profiles
Setting Up Pipeline Security
- Recommended security measures
- Pipeline Security profiles
- Connection security
- Using filters to secure the network
- Using security cards
Pipeline System Administration
- Overview of administration functions
- Activating administrative privileges
- Configuring administration options
- Using the Pipeline status windows
- Performing system administration operations
- Using the terminal server interface
  - Invoking and quitting the terminal server interfac...
  - Terminal server commands
- Accessing a local Pipeline via Telnet
Pipeline 75 Voice Features
- About the integrated services of ISDN
- How your ISDN service affects voice features
  - Ordering supplementary voice services
  - Ordering voice features
- How outgoing voice calls are handled
- How incoming voice calls are handled
- Support for 2-channel calls on one SPID
  - Configuring a 2-channel, single SPID call
- Support for outgoing 3.1K audio calls
  - How 3.1K audio calls work
  - Configuring 3.1K audio call
- EAZ Terminal ID for Germany
IDSL Implementations
- ISDN Digital Subscriber Line (IDSL)
- Configuring an IDSL connection
- Making voice calls over IDSL
APP Server utility
- About the APP Server utility
- APP Server installation and setup
Troubleshooting
- Cabling problems: Rule these out first
- Common problems and their solutions
- Problems configuring the Pipeline
- ISDN BRI interface problems
  - Bridge/router problems
- Problems accessing the remote network
  - Check the installation
  - Configuration problems
Upgrading system software
- What you need to upgrade system software
- Displaying the software load name
- The upgrade procedure
Untitled

Setting Up Pipeline Security

Recommended security measures

7-2 Preliminary January 30, 1998 Pipeline User’s Guide

• Activate the Full Access security level.

After you change the password, activate the Full Access security level for

your own use in performing the rest of these basic security measures. (For

instructions, see “Activating the Full Access security level” on page 7-4.)

• Make the default security level very restrictive.

The Pipeline provides terminal services via Telnet. Any user who Telnets to

the unit is assigned the default security level, which is initially without

restrictions. You should turn off all privileges in the Default security profile.

(For instructions, see “Making the Default security level restrictive” on page

7-4.)

• Assign a Telnet password.

Until you assign a Telnet password, any local user who has the Pipeline

unit’s IP address can Telnet into it. Once you assign the password, all

incoming Telnet sessions (from the local network or across the WAN) will be

prompted to enter that password. (For instructions, see “Assigning a Telnet

password” on page 7-5.)

• Change the SNMP community strings.

The Pipeline supports SNMP traps, which allows it to send alarms, report on

call details, and send other management information to an SNMP

management station without being polled. The Pipeline default read and

write community strings should be changed to prevent unauthorized access

to the Pipeline by an SNMP management station. (For instructions, see

“Changing the SNMP read and write community string” on page 7-5.)

• Require profiles for incoming connections.

The Pipeline unit’s Answer profile can be used to build unrestricted

connections (connections for which no name or password is required).

Although some sites allow this type of connection, many do not. You should

restrict incoming connections to those with a configured profile. (For

instructions, see “Requiring profiles for incoming connections” on page 7-

7.)

• Turn off ICMP Redirects.

To secure the Pipeline unit’s IP routes, you should configure the unit to

ignore ICMP (Internet Control Message Protocol) Redirect packets. (For

instructions, see “Turning off ICMP redirects” on page 7-7.)