VIRTUAL REMOTE ACCESS CONNECTION MANAGER USER’S GUIDE Release 1.2.0 Cabletron Systems (603) 332-9400 phone (603) 337-3075 fax support@ctron.
USER’S GUIDE ! Only qualified personnel should perform installation procedures. CAUTION NOTICE You may post this document on a network server for public use as long as no modifications are made to the document. Cabletron Systems reserves the right to make changes in specifications and other information contained in this document without prior notice. The reader should in all cases consult Cabletron Systems to determine whether any such changes have been made.
TRADEMARKS CyberSWITCH and SecureFast Virtual Remote Access Manager are trademarks of Cabletron Systems, Inc. All other product names mentioned in this manual are trademarks or registered trademarks of their respective companies. COPYRIGHTS All of the code for this product is copyrighted by Cabletron Systems, Inc. © Copyright 1991-1997 Cabletron Systems, Inc. All rights reserved. Printed in the United States of America. CABLETRON SYSTEMS, INC.
USER’S GUIDE CONTENTS Using This Guide 10 About this Guide 10 Documentation Set 11 Guide Conventions 12 System Overview 13 The SFVRA Connection Manager Network 13 Unique System Features 14 Interoperability Overview 15 Interoperability Protocols 15 Interoperability Devices 16 Remote ISDN Devices 16 System Components 17 Before You Install SFVRA Connection Manager System Requirements 17 Server PC Requirements 17 Client PC Requirements 18 Policies for Configuration 18 Network Topology 19 System Installat
Configuring Users 40 Overview 40 Address 41 Configuring User Address 42 Configuring User Categories 42 Protocols 42 IP 43 Configuring the IP Protocol 44 Static Routes 45 Configuring Static Routes 46 IPX 46 IPX Option Background Information 46 Configuring the IPX Protocol 48 IPX Spoofing 49 Watchdog Protocol 49 SPX Protocol 50 Configuring IPX Spoofing 52 Bridging 53 Configuring the Bridging Protocol 55 IP Remote LAN 55 Configuring IP Remote LAN 55 IPX Remote LAN 56 IPX Spoofing on a RLAN Interface 56 Confi
USER’S GUIDE Configuring CyberSWITCH - User Groups Overview 78 CyberSWITCHES 79 Grouping CyberSWITCHES Users 80 Grouping Users 81 View 81 Viewing Groups 82 Creating a New Group 82 Configuring Network Proxies 78 79 83 Overview 83 Properties 83 Configuring Routing Properties 84 SFVRA Services 84 Configuring SFVRA Services 85 Network Proxies 86 Configuring Network Proxies 88 Monitoring Connections 89 Overview 89 Current Connections 89 Viewing Current Connections 91 Connect History 92 Viewing Past Conn
Problem Diagnosis 111 Overview 111 TCP Connections 111 System Messages 112 Overview 112 Client Interface Messages 112 Error Messages 112 Warning Messages 117 Informational Messages 117 Interrogative Messages 118 SQL Error Messages 121 Problem Log Messages 121 Failure Messages 121 Reasons for Failure 122 SQL Setup Utility 124 Overview 124 Configuring the SQL Service for SFVRA-CONN 124 Expanding the Size of tempdb 126 Upgrading the SQL Service for SFVRA-CONN 127 Manage Logins 129 Overview 129 Crea
USER’S GUIDE Configure the CyberSWITCH 144 Configuring the CyberSWITCH to Interact with SFVRA-CONN 144 Configuring the CyberSWITCH to Interact with Bridge Users 144 Configure the CyberSWITCH - User Grouping 145 Configure the CyberSWITCH on SFVRA-CONN 145 Configure User Records 146 Verify Configurations 151 IP Network Example 152 Overview 152 Initial Installation Steps 152 Network Topology 153 System Details 154 Resources 154 Lines 154 IP Routing 154 Configure the CyberSWITCH 155 Configuring the CyberSWI
System Details 186 Resources 186 Lines 186 AppleTalk Routing 187 Configure the CyberSWITCH 188 Configuring the CyberSWITCH to Interact with SFVRA-CONN 188 Configuring the CyberSWITCH to Interact with AppleTalk Users 188 Configure the CyberSWITCH - User Grouping 189 Configure the CyberSWITCH on SFVRA-CONN 189 Configure User Records 190 Configure Network Proxies 195 Verify Configurations 197 SQL Database Script Definitions 198 Overview 198 SFVRA Database Tables 198 ACCESS_SERVER 198 ACCESS_SERVER_STATUS 20
USING THIS GUIDE This guide provides an overview as well as instructions for installing and configuring the SecureFast Virtual Remote Access Connection Manager (SFVRA-CONN or SFVRA Connection Manager). This guide has been written for the network administrator responsible for setting up, configuring, and maintaining SFVRA Connection Manager systems. ABOUT THIS GUIDE The User’s Guide describes the software installation, configuration, and maintenance of SFVRACONN.
USING THIS GUIDE Documentation Set System Messages provides system messages that may be used to troubleshoot if necessary. Each message that is listed provides a definition and a suggested action you can take. The SQL Setup Utility chapter walks you through an application which configures your SQL Server for use with SFVRA Connection Manager. The Manage Logins chapter describes how to use an application which allows you to configure various login accounts for SFVRA Connection Manager.
USER’S GUIDE Context-sensitive help is available for fields within the user interface. To activate context-sensitive help, Windows NT users can use the mouse to select the field in question and press . Buttons can be selected by using the Tab key. The Release Notes provide release highlights and important information related to this release that you should review before you configure the SFVRA-CONN.
SYSTEM OVERVIEW SecureFast Virtual Remote Access Connection Manager (SFVRA-CONN or SFVRA Connection Manager) provides a rich set of network configuration, management, and reporting capabilities. It is implemented where network administrators require centralized control over a decentralized network. It is ideally suited for Internet Service Providers (ISP’s), or for corporations implementing telecommuting or connecting their corporate, branch and remote offices.
USER’S GUIDE broadcasted by the Remote Access Switch and therefore the current connection is used by other devices, if necessary. When the user disconnects from the Remote Access Switch, the static routes are removed from the Remote Access Switch’s broadcast. SFVRA Connection Manager allows IP address pools to be configured centrally. It dynamically assigns an available address when a user connects. This becomes more advantageous as the number of users increases.
SYSTEM OVERVIEW Interoperability Overview • High Availability SFVRA Connection Manager will initiate a connection to a remote device in the event that an existing connection to that remote device is lost due to a failure of a locally managed CyberSWITCH. • Load Leveling Incoming calls are evenly distributed between all available CyberSWITCHES within a hunt group.
USER’S GUIDE INTEROPERABILITY DEVICES The remote devices that connect to the SFVRA Connection Manager can be classified into five types: • MAC Layer Bridges • IP Host Devices • IP Router Devices • IPX Routers • AppleTalk Routers MAC layer bridges connect to the Remote Access Switches using the CPP bridge encapsulation line protocol. These devices send transparently bridged Ethernet frames to the Remote Access Switches. MAC layer bridges do not process network layer protocols.
SYSTEM OVERVIEW System Components SYSTEM COMPONENTS The major components of SFVRA Connection Manager are: DATABASE The database is a standard SQL Server that allows the system administrator to generate custom SQL Queries to retrieve and process data. The database stores the user configuration data, authentication data, and run time statistics. CLIENT The client is the graphical user interface used by the system administrator to configure and manage the system.
USER’S GUIDE CLIENT PC R EQUIREMENTS • • • • • • • 33/66 MHz 486-class PC 8 MB RAM 2 MB free disk space Windows NT 3.51 with service pack 2 or higher, or Windows 95® Network connection to SQL Server 32-bit ODBC drivers Keyboard, mouse, and color monitor POLICIES FOR CONFIGURATION When you are planning to provide a dial-in service for remote users, there are important policies to define in order to configure it successfully. 18 • Device level security should be used for all remote users.
SYSTEM OVERVIEW Before You Install SFVRA Connection Manager NETWORK TOPOLOGY SFVRA Connection Manager systems are normally positioned at the central site, attached to the enterprise backbone. NT Servers should be accessible by all the CyberSWITCHES through interconnected LANs or dedicated lines. You may want to position them behind firewalls to protect their valuable information.
USER’S GUIDE SQL / DBMS Server Duplicated Database and VRA Manager Duplicated Database and VRA Manager VRA Manager VRA Manager TCP/IP ODBC TCP/IP ODBC VRA Manager TCP/IP ODBC User Interface WindowsNT Server WindowsNT Server Brand X Router WindowsNT Server CSX5500 or CSX7000 CSX5500 or CSX7000 CSX5500 or CSX7000 ISDN CSX5500 or CSX7000 CSX150 ISDN Workstation PC SFVRA Connection Manager is designed to provide a “fault tolerant” environment.
SYSTEM INSTALLATION The SFVRA Connection Manager consists of four components: the Client, which is the user interface to the database; the services, which control the Agents by the TCP/IP connection based on the information stored in the database; the Agents, which are the Remote Access Switches; and the Database.
USER’S GUIDE Complete the following ODBC set-up on each device that will run any component of the SFVRA Connection Manager application and on the device containing the MS SQL Server. 1. Close any active applications. 2. Insert the SFVRA Manager Setup CD into the CD-ROM drive. If, as is usually the case, your CD-ROM is setup for AutoRun, the following screen will automatically load: To manually load the above screen, select Run from the Start Menu. Enter :\SCCD.
SYSTEM INSTALLATION Installing the SFVRA Connection Manager System 9. For Server, select the device on which the SQL Server was installed. Note: If the database is on a different IP subnet, steps 10 and 11 are necessary for configuration. If the database is on the same subnet, skip to step 12. 10. Enter an IP address as the Network Address of the machine on which the database resides.
USER’S GUIDE The ODBC SQL Server Setup dialog should appear as follows: 13. Click OK and then click Close. INSTALLING THE SFVRA-CONN SOFTWARE Install the SFVRA Connection Manager software on a Windows NT device, preferably on the same device as the MS SQL Server. The Client software may be installed on a Windows 95 or Windows NT device.
SYSTEM INSTALLATION Installing the SFVRA Connection Manager System 3. Insert the SFVRA Manager Setup CD into the CD-ROM drive. If, as is usually the case, you CDROM is setup for AutoRun, the initial installation screen will be displayed. To manually load the screen, select Run from the Start Menu. Enter :\SCCD.EXE as the program to open, then select OK. 4. From the initial installation screen click Install SFVRA Connection Manager.
USER’S GUIDE INSTALLING THE NDIS DRIVER The SFVRA RIP Service and SFVRA Proxy ARP Service require the use of an NDIS driver. Install this driver on any machine that runs one of these services. 1. From the Control Panel, open Network. For Windows NT 3.51: 2. Click Add Software. 3. Select requires disk from manufacturer. Click Continue. For Windows NT 4.0: 2. Click Add on the Protocols tab. 3. Click Have Disk. For both Windows NT 3.51 and 4.0: 4.
SYSTEM INSTALLATION Installing the Simple Network Management Protocol INSTALLING WINDOWS NT SNMP SERVICE 1. From Control Panel, open Network. For Windows NT 3.51: 2. Click Add Software. 3. Select TCP/IP Protocol and related components. Click Continue. Select SNMP Service. For Windows NT 4.0: 2. Click Add on the Services tab. 3. Select SNMP Service. Click Have Disk. For both Windows NT 3.51 and 4.0: 4. Locate the Windows NT distribution files, or insert the original Setup disks. Click Continue.
USER’S GUIDE INSTALLING ADOBE ACROBAT READER To review or print the SFVRA Connection Manager documentation, you will need Adobe Acrobat Reader. We have included the Reader setup utility on this CD for those of you who do not already have a version of Reader. To install Adobe Acrobat Reader: 1. Close any active applications. 2. Insert the SFVRA Manager Setup CD into the CD-ROM drive. If, as is usually the case, your CD-ROM is setup for AutoRun, the initial installation screen will be displayed. 3.
USING THE SFVRA-CONN APPLICATION OVERVIEW This chapter includes the following sections: • Starting the SFVRA-CONN Client This section provides instructions for starting up the SFVRA-CONN Client application. • SFVRA Service This section describes the operation of the SFVRA Service. • RIP Service This section describes the operation of the RIP Service. • Proxy ARP Service This section describes the operation of the Proxy ARP Service.
USER’S GUIDE 4. If required, enter your password. 5. Click OK. SFVRA SERVICE The SFVRA Service must establish a connection to the database before it will perform any authentication, management or logging functions. Once the database connection is established, the SFVRA Service will open connections to the CyberSWITCH systems that are configured in the database.
USING THE SFVRA-CONN APPLICATION RIP Service The User Audit Request, which request the current state of the connections, is used to prompt the CyberSWITCH for a User Audit Reply. The SFVRA Service sends a User Audit Request to the CyberSWITCH at the following times: 1. A connection has just been established between the CyberSWITCH and the SFVRA Service. 2. A connection has just been established between the Database and the SFVRA Service. 3. Once per hour.
USER’S GUIDE marks the remote device as connected. It then checks the destination IP addresses in the list of pending IP packets for a match with the remote device’s static routes or IP address. If a match is found, the ARP Service broadcasts a gratuitous ARP for the destination IP address with the CyberSWITCH’S MAC address as the sender MAC address. This causes all local devices to update their ARP cache entry for this IP address, if they have such an entry.
CONFIGURING REMOTE ACCESS SWITCHES OVERVIEW The SFVRA Connection Manager provides you with the capability to configure, update and collectively view several basic features about the Remote Access Switches connected to it. Each CyberSWITCH, a Remote Access Switch, needs to be configured individually, and care must be taken to ensure similar configurations between the CyberSWITCH and SFVRA-CONN.
USER’S GUIDE CYBERSWITCH PROPERTIES The Properties tab displays the basic configuration parameters of the CyberSWITCH. For configuration, each Remote Access Switch must have a unique name and IP address. A unique-tothe-Remote Access Switch TCP port number is also required for communication with SFVRA Connection Manager. CyberSWITCHES may only belong to one group or no groups. See Configuring CyberSWITCH - User Groups for more information. The number of channels is based on hardware availability.
CONFIGURING REMOTE ACCESS SWITCHES CyberSWITCH Properties CYBERSWITCH GROUP This feature allows CyberSWITCH systems and users to be grouped together to manage which CyberSWITCH systems are available to each user. NUMBER OF CHANNELS The number of ISDN and/or Digital Modem channels which the Remote Access Switch currently supports. These numbers are based on the hardware configuration of the Remote Access Switch.
USER’S GUIDE PRIORITY USERS Some remote users are more critical than others. These users can be designated as priority users, which reserves the last available B-channel for the priority user only. Reserving channels is an optional feature. You can select users, whether they are ISDN or modem users, to have access to the reserved B-channels. Users must be properly configured for Dial Out before they are made available as Priority Users.
CONFIGURING REMOTE ACCESS SWITCHES Pooling CONFIGURING PRIORITY USERS 1. On the Functions menu, select CyberSWITCH, or click List dialog appears. 2. Select a CyberSWITCH that which you want to configure Priority Users. The Remote Access Switches dialog appears. Note: on the toolbar. The CyberSWITCH Configuring Priority Users for a CyberSWITCH can only be done in the Update mode. 3. Select the Priority Users tab. 4.
USER’S GUIDE Note: An IP address should not be configured for the user (either locally or in SFVRA-CONN) if an IP address is to be assigned to the user from the IP address pool. START IP ADDRESS The Start IP Address field designates the beginning of a range of IP addresses that are used by this CyberSWITCH to assign IP addresses to any user that does not already have an IP address configured. The range is inclusive. An address is required before enabling the IP Pool.
CONFIGURING REMOTE ACCESS SWITCHES Pooling CONFIGURING REMOTE ACCESS SWITCH POOLING 1. On the Functions menu, select CyberSWITCH, or click List dialog appears. 2. Select a CyberSWITCH that which you want to configure an IP Address Pool, or click Add to configure a new CyberSWITCH. The Remote Access Switches dialog appears. 3. Select the Pooling tab. 4. Enter a Start IP Address. This address is included in the range. 5. Enter an End IP Address. This number is included in the range.
CONFIGURING USERS OVERVIEW User Records is a set of valid remote devices that can access the network resources by connecting to one of the Remote Access Switches and replaces the On-node Device Database. User Records contains a symbolic name for the user and a unique identifier that is used to enforce user security.
CONFIGURING USERS Address ADDRESS Each user is required to have a unique User Name. The name (first and last), address (location and e-mail), organization, relevant numbers (telephone and fax), and any comments are optional features within User Records. This information can be used as a contact person to remote devices. Included in this feature is a SFVRA Connection Manager administrator defined category. Remote devices can be categorized and accessed by this category through the functions of the database.
USER’S GUIDE ORGANIZATION The organization to which the user, or the person responsible for the user, belongs. This feature is optional. CATEGORY The category of the user, or of the person responsible for the user. This feature is optional, but categories must be previously defined. Categories are configured through the Tables menu. COMMENTS This field is for storing any comments or special information that pertains to the user or the person responsible for the user. This feature is optional.
CONFIGURING USERS Protocols IP When IP is enabled, the CyberSWITCH acts as a router, routing IP datagrams based on IP address information to the user. The default configuration is IP disabled. Note: If the bridge and the IP options are enabled, the SFVRA-CONN will instruct the CyberSWITCH to act as a brouter. A brouter operates as a router for protocols it can route, and operates as a bridge for protocols it cannot route.
USER’S GUIDE DYNAMIC ADDRESS ASSIGNMENT Indicates that this user will be assigned an IP Address by a Remote Access Switch when the user dials in to the CyberSWITCH. This feature will only work properly if at least one Remote Access Switch that can reach the user has enabled the IP Pool. IP INPUT FILTER An IP Input Filter monitors packets that this user sends into SFVRA-CONN’s local subnet. The filter must be previously defined on the Remote Access Switches. Undefined filters will be ignored.
CONFIGURING USERS Protocols STATIC R OUTES Static routes may be configured for each user. Static routes specify the IP address of the next hop router or gateway that provides access to the user’s network. You only need to configure a static route if the user needs to access a LAN or WAN network that is not directly connected to any of the Remote Access Switches administered by SFVRA Connection Manager and the Remote Access Switches cannot or will not exchange routing information with the next hop device.
USER’S GUIDE Configuring Static Routes 1. On the Functions menu, select Users, or click 2. Select a User that which you want to configure static route(s). The User dialog appears. Note: on the toolbar. The User List dialog appears. The user must be added to the database before static routes are configured. 3. Select IP on the Protocols tab. 4. See Configuring the IP Protocol if the user has not been configured for IP. 5. Click Add Route. 6. Enter the Destination Subnet. 7.
CONFIGURING USERS Protocols Over the last few years Novell has evolved their WAN IPX routing model. Originally the Novell IPX router supported numbered WAN network interfaces only. That is, a unique IPX network number was assigned to each WAN port on the router. Novell then migrated to an unnumbered WAN network interface in their latest versions of their IPX router. When two routers communicate, they will try to use the unnumbered network interface type.
USER’S GUIDE ROUTING PROTOCOL Indicates the protocol the user will be using to communicate with the CyberSWITCH. • NONE specifies no routing protocol. Static routes and services must be configured on each CyberSWITCH in the same group as the user. • RIP/SAP allows the periodic broadcast of routing and service information across WAN circuits.
CONFIGURING USERS Protocols IPX SPOOFING NetWare was designed for the LAN environment, and assumes that there is always available bandwidth. Because of this, NetWare protocols are not well suited to WANs. Special handling must be given to the NetWare protocols to prevent them from causing excessive ISDN connections. The special handling of NetWare protocols in a routing environment consists of spoofing and automatic filters.
USER’S GUIDE SPX Protocol SPX Protocol is optionally used by NetWare applications requiring guaranteed, in-sequence delivery of packets by a connection-oriented service. Each end of an SPX connection sends keepalive packets, identified as packets, to monitor the status of the connection. The SPX protocol ensures connection integrity by exchanging a keep-alive packet between the connection end-points, once every 6 seconds.
CONFIGURING USERS Protocols DEFAULT HANDLING Determines how a CyberSWITCH should handle Watchdog Spoofing and SPX packets when there is no connection established to the user. HANDLING WHILE CONNECTION IS UP Determines how a CyberSWITCH should handle Watchdog Spoofing and SPX packets while there is a connection to the user.
USER’S GUIDE SERIALIZATION PACKET HANDLING Serialization packets are used to detect unauthorized duplication of NetWare Software. Servers send serialization packets to pass their serialization numbers to other servers to verify the server software has not been copied. By default the automatic filtering option for serialization packets is set to Always Discard.
CONFIGURING USERS Protocols 4. Select the Spoofing Options tab. Note: The Watchdog Spoofing and Packet Handling options are the same for both IPX and IPX RLAN. Changing the options on the IPX tab identically changes the options on the IPX RLAN tab, and vice versa. 5. Change any IPX or SPX watchdog spoofing options that you desire, or accept the defaults. 6. Select the Packet Handling tab. 7. Change any Packet Handling options that you desire, or accept the defaults. 8.
USER’S GUIDE ENABLE Enabling Bridging indicates that the user is a Bridge and the CyberSWITCH connected to it should route Bridge datagrams to this user based on Bridge network layer information. CALLABLE Callable indicates that a CyberSWITCH is to initiate connections to this user based on a Bridge packet. This feature is valid only if bridging is enabled, and the user is properly configured for dial out.
CONFIGURING USERS Protocols CONFIGURING THE BRIDGING PROTOCOL 1. On the Functions menu, select Users, or click 2. Select a user that which you want to configure for the Bridging protocol, or click Add to configure a new user. The User dialog appears. 3. Select Bridging on the Protocols tab. 4. Enable Bridging by clicking in the box. 5. Determine if the user is Callable. Note: 6.
USER’S GUIDE 5. Click Update to write the new information for the user to the database, or click Add to create the newly configured user. Note: 6. If you are adding a new user to the database, a User Name must be defined on the Address tab. Click Close. Note: A WAN (Remote LAN) IP Network Interface must be defined on all Remote Access Switches that each Bridging with IP RLAN user can access. Refer to the IP RLAN Network Interfaces section in the CyberSWITCH documentation for further information.
CONFIGURING USERS Protocols Configuring IPX RLAN 1. On the Functions menu, select Users, or click 2. Select a user that which you want to configure for the IPX RLAN options, or click Add to configure a new user. The User dialog appears. 3. Select Bridging on the Protocols tab. Note: on the toolbar. The User List dialog appears. If Bridging has not been configured for this user, see Configuring the Bridging Protocol for more information. 4. Enter an IPX Network Number, if necessary. 5.
USER’S GUIDE APPLETALK The Extended Network type indicates that the user is connected to an Extended AppleTalk network, which allows addressing of more than 254 nodes and supports multiple zones. The NonExtended Network type indicates that the user is connected to a NonExtended AppleTalk network, which supports addressing of up to 254 nodes and supports only one zone. SFVRA Connection Manager does not check the validity of the node number configured for each user.
CONFIGURING USERS Protocols be at least one seed router on the network. Discovery mode is not supported for WAN ports, and therefore a valid network range/number needs to be specified. NODE ID If the system is acting as a seed router on this port, then this parameter specifies the suggested AppleTalk address (Extended) or Node Id (NonExtended), which is used as initial value for the AppleTalk address for the port. The default is no suggested address.
USER’S GUIDE RESTRICTIONS Data rates are required for all users. The base data rate value represents the data rate of one channel. This rate can be specified as either 56000 bps or 64000 bps. The initial data rate and the maximum data rate are used in combination with the base data rate. The initial data rate determines the number of calls that will be attempted when opening the first wide area connection.
CONFIGURING USERS Restrictions BASE D ATA RATE Only used for outbound calls. This value represents the data rate of one channel. The data rate can be specified as either 56,000 or 64,000 bps. A data rate must be defined for each remote device that will be dialed. The initial data rate and the maximum data rate configuration elements must also be configured for the Callable feature, and are used in combination with the base data rate. The default configuration for the base data rate is 64,000 bps.
USER’S GUIDE any value in this range. For example, if you have configured the base data rate at 64,000 bps, and the maximum data rate at 512,000 bps, the system would use a maximum of eight calls (connections) running in parallel to open up bandwidth (512,000 / 64,000 = 8). The value need not be a multiple of the base data rate. The default configuration for the maximum data rate is 128,000 bps. ENABLE H0 CALL SUPPORT If enabled, provides support for H0 calls operating at 384 Kbps.
CONFIGURING USERS Access CONFIGURING RESTRICTIONS 1. On the Functions menu, select Users, or click 2. Select a user that which you want to configure restrictions, or click Add to configure a new user. The User dialog appears. 3. Select the Restrictions tab. 4. Select 56000 bps or 64000 bps for the Base Data Rate. 64000 bps is the default. 5. Determine the Initial Bandwidth and Maximum Bandwidth. These values do not have to be multiples of the Base Data Rate. 6.
USER’S GUIDE Layer 2 Protocol (PPP or CPP), with the remote device. Once this is negotiated, the CyberSWITCH sends a Connect Request to SFVRA-CONN. SFVRA Connection Manager checks time and bandwidth restrictions for the remote device and sends a Connect Reply back to the CyberSWITCH, indicating whether the call is acceptable.
CONFIGURING USERS Access LAYER 2 PROTOCOL The data-link protocol for a user. Select Combinet Proprietary Protocol (CPP) for Combinet users, or select Point to Point Protocol (PPP) for all other users. AUTHENTICATION METHOD For device level authentication methods, the choices are PAP, CHAP, CLID, CPP, NT, or none. If PAP or CHAP is chosen, then a password must be specified. If CPP is chosen, then an Ethernet address should be provided.
USER’S GUIDE remote user sends this output of the hash function, along with its symbolic name, to the system in a CHAP response. Within the User Records entry for each remote device that will be authenticated via CHAP, the system maintains the remote device’s secret. The name in the remote device’s CHAP response is used to locate the User Table entry, and consequently the secret used by the remote device.
CONFIGURING USERS Access interception. Instead, a calculation is done on the packets transmitted between the two devices, and the results are compared to the shared CHAP Secret for validation. If the calculation’s results do not match the expected results, the connection is terminated. ETHERNET ADDRESS This address is used for authentication purposes on connections made over the Combinet Proprietary Protocol (CCP). It is required if CPP is enabled as the authentication method.
USER’S GUIDE ENABLE USER LEVEL AUTHENTICATION Indicates that the remote device requires user level authentication. SFVRA-CONN authenticates the remote device at the device level, and an offnode authentication server, such as RADIUS, ACE, or TACACS, preforms user level authentication. TIMEOUT GRACE PERIOD The grace period is the amount of time, in minutes, that the user will not be re-authenticated at the user level. CONFIGURING AUTHENTICATION 1. On the Functions menu, select Users, or click 2.
CONFIGURING USERS Access USER IS A MEMBER OF A list of all groups that a user is a member. The user can connect to the Remote Access Switches in these groups. USER IS NOT A MEMBER OF A list of all groups that a user is not a member. The user cannot connect to the Remote Access Switches in these groups. CONFIGURING GROUPING 1. On the Functions menu, select Users, or click 2. Select a user that which you want to configure groups. The User dialog appears. Note: on the toolbar.
USER’S GUIDE OTHER Other Access options allow for the configuration of compression and the Callback feature. COMPRESSION Compression allows a CyberSWITCH to compress outgoing data and decompress incoming data. This allows user devices on the WAN to initiate a connection to the system over the switched digital network and transmit and receive compressed data, thereby decreasing transmission time.
CONFIGURING USERS Access CyberSWITCH is found which has at least two more free channels than the CyberSWITCH that received the call, SFVRA-CONN instructs a selected CyberSWITCH to re-establish a connection to this user. Note: In order for the Callback feature to work properly, the user must be properly configured for Dial Out, and call restrictions must be disabled, or non-zero values must be configured for outgoing calls.
USER’S GUIDE user to the local user table, that user’s starting sequence number option will be assigned the value that appears on this screen. You can then change this for each individual user. Or, if the user is authenticated via an off node server that does not deliver a value for this configuration item, the user will be given its starting sequence number from the value on this menu.
CONFIGURING USERS Telephone CONNECT TYPE The type of connection that is to be made when the Remote Access Switch attempts to connect to the user. This feature dictates what connection type the CyberSWITCH systems are to use to reach a user. This option only specifies outbound connection types. Available connection types are: • ISDN • Dedicated • Digital Modem TELEPHONE NUMBER(S) This configuration element is required when the Callable feature is used.
USER’S GUIDE CALLING LINE IDENTIFIER (CLID) Applicable to ISDN connections only, and only when the Check CLID option is enabled. You can specify eight CLIDs for each user entry. Each CLID for a given user must be unique. This is the telephone number of the calling party that is connecting to the system. In some areas this information is passed to the system on the ISDN incoming connection message. The system will compare the incoming CLID with the value configured in the User List.
CONFIGURING USERS Telephone CONFIGURING TELEPHONE 1. On the Functions menu, select Users, or click 2. Select a user that which you want to configure dial out, or click Add to configure a new user. The User dialog appears. 3. Select the Telephone tab. 4. Select ISDN, Dedicated, or Digital Modem as the Connect Type. Note: on the toolbar. The User List dialog appears. The user must be added to the database before a telephone number or a calling line ID can be configured. 5.
USER’S GUIDE USAGE The Usage window monitors the accumulated connection time for a specific user. The connection time displayed does not include time accrued by any current connections, nor is it updated dynamically if a connection is closed while viewing this information. MINUTES USED TODAY Displays the time, in minutes, that this user has been connected to a CyberSWITCH today through an inbound or an outbound connection.
CONFIGURING USERS Usage VIEWING AND RESETTING CALL USAGE 1. On the Functions menu, select Users, or click on the toolbar. The User List dialog appears. 2. Select a user that which you want to view and/or reset the monthly call restrictions. The User dialog appears. 3. Select on the Usage tab. 4. Click Reset to reset the minutes used today and this month to zero for this user, if necessary. 5. Click Update to write the new information for the user to the database. 6. Click Close.
CONFIGURING CYBERSWITCH - USER GROUPS OVERVIEW Groups of CyberSWITCH systems and users may be configured, in order to allow the SFVRA Connection Manager to better manage its devices. By grouping the CyberSWITCH systems and users, you can not only limit which users can call which CyberSWITCH, but you can manage which CyberSWITCH can call which users. This can reduce costs by eliminating calls from CyberSWITCH systems that may not have the cheapest direct connection to certain users.
CONFIGURING CYBERSWITCH - USER GROUPS CyberSWITCHES CYBERSWITCHES A CyberSWITCH may be assigned to a group individually or by selecting many CyberSWITCHES. The Clear All button deselects currently selected CyberSWITCHES. AVAILABLE GROUPS A list all groups currently configured in the SQL database. CURRENT CYBERSWITCHES A list all CyberSWITCHES currently configured to be a part of this group. AVAILABLE CYBERSWITCHES A list of all CyberSWITCHES currently available to be configured into a group.
USER’S GUIDE 3. Select CyberSWITCH from the Available list and click Add to assign the device to the specified group. The CyberSWITCH shifts to the Current list. 4. Click Close. USERS A user may be assigned to a group individually or by selecting many users. The Clear All button deselects currently selected users. AVAILABLE GROUPS A list all groups currently configured. CURRENT USERS A list all Users currently configured to be a part of this group.
CONFIGURING CYBERSWITCH - USER GROUPS View GROUPING USERS 1. On the Functions menu, select CyberSWITCH - User Grouping, or click CyberSWITCH - User Groups dialog appears. on the toolbar. The 2. On the Users tab, select an available group from the pull-down menu. See Creating a New Group to configure a new group. 3. Select user from the Available list and click Add to assign the device to the specified group. The user shifts to the Current list. 4. Click Close.
USER’S GUIDE VIEWING GROUPS 1. On the Functions menu, select CyberSWITCH - User Grouping, or click CyberSWITCH - User Groups dialog appears. on the toolbar. The 2. On the View tab, select an available group from the pull-down menu. All CyberSWITCHES and users configured for the selected group appears below in the two tables. See Creating a New Group to configure a new group. 3. Click Close. CREATING A NEW GROUP 82 1.
CONFIGURING NETWORK PROXIES OVERVIEW Routing Information Protocol (RIP) is a protocol used to exchange routing information among IP devices. The Remote Access Switches use RIP to automate the maintenance of routing tables on IP devices and relieves the administrator from keeping the routing tables up to date manually. RIP determines the shortest path between two points on a network in terms of the number of “hops”.
USER’S GUIDE ROUTING PROTOCOL Select the dynamic routing protocol for the SFVRA-CONN to implement. Currently supported protocols are RIP version 1 or RIP version 2. CONFIGURING ROUTING PROPERTIES 1. On the Functions menu select Network Proxies, or click dialog appears. on the toolbar. The Network Proxies 2. Select the Properties tab. 3. Select desired version of RIP. 4. Click Update to write the new information to the SQL database. 5. Click Close.
CONFIGURING NETWORK PROXIES SFVRA Services IP ADDRESS The IP Address used by the Network Proxies to connect to the SFVRA Service. DESCRIPTION The Description is an optional field that describes the SFVRA Service. For example, you may wish to set this to the computer name or location where the SFVRA Service is running. CONFIGURING SFVRA SERVICES 1. On the Functions menu select Network Proxies, or click dialog appears on the toolbar. The Network Proxies 2. Select the SFVRA Services tab. 3.
USER’S GUIDE NETWORK PROXIES The RIP service operates by advertising itself as a path to reach one or more remote subnets. If the RIP service data is destined for a remote subnet, the RIP service forwards the connection information to the SFVRA service. The SFVRA service will initiate a call to the remote subnet through a local CyberSWITCH. The CyberSWITCH then advertises itself as the path to the remote subnet.
CONFIGURING NETWORK PROXIES Network Proxies COMPUTER NAME The Computer Name for the Windows NT system on which the RIP Service or Proxy ARP Service runs. This may be found on the Windows NT system by selecting Network from the Control Panel. DESCRIPTION The Description is an optional field that describes the RIP Service or the Proxy ARP Service. For example, you may wish to set this to the location where the RIP Service or Proxy ARP Service is running.
USER’S GUIDE CONFIGURING NETWORK PROXIES 88 1. On the Functions menu select Network Proxies, or click dialog appears. 2. Select the Network Proxies tab. 3. Click Add to configure a new RIP Service or Proxy ARP Service in the database. 4. Enter the Computer Name of the system that runs the Network Proxy. 5. Enter a Description, if necessary. 6. Select a Group for which the Network Proxy will advertise routes. 7. Click OK to write the new information to the SQL database. 8. Click Close.
MONITORING CONNECTIONS OVERVIEW The SFVRA Connection Manager provides you with the ability to monitor all calls that are currently connected, those that were previously connected, and any problems that might have occurred with a connection. • Current connections • Past connections • Problems with connections • Creating reports on connections • Database Information CURRENT CONNECTIONS The present connection log lists current connections chronologically.
USER’S GUIDE SEARCH This button searches the SQL Database for the current connections based on the parameters that you define. You can search for a specific user or a specific Remote Access Switch or both. Leaving a search field blank indicates a search for all in that category. CURRENT CALL AND CONNECTION TABLES User Name The remote user which the Remote Access Switch is connected. CyberSWITCH Name The Remote Access Switch which the user is connected.
MONITORING CONNECTIONS Current Connections Type The type of connection currently established. Types include: • ISDN • Dedicated • Digital Modem Status The current status of the connection. • Active means that the connection is currently in place. • Unknown means the connection is in an unknown state. The unknown state is entered for any connection that was Active when the TCP connection between the Remote Access Switch and the SFVRA-CONN was lost.
USER’S GUIDE CONNECT HISTORY The Connection History log has similar features to Current Connect. The status of the call is not included, since all past calls are inactive. However, the end time has been added to the table. These statistics can also be viewed on the basis of each call that makes up a connection. The call display also lists the calling number, the called number, and the charges for the call.
MONITORING CONNECTIONS Connect History Duration The total duration, in minutes, of the connection. Maximum Bandwidth The maximum bits peer second for the duration of the connection that was established between the user and the Remote Access Switch. Direction The direction in which the connection was first established. • DED stands for a dedicated connection. • IN stands for a call from the user in to the Remote Access Switch. • OUT stands for a call from the Remote Access Switch out to the user.
USER’S GUIDE DATES These fields let you define a time frame for the data that you want to export or clear from the Call and Connect History Tables. The time frames are inclusive, i.e. “From (the beginning of this) Month To (the end of that) Month.” EXPORT FILE NAMES Specify the names of the files you want created for the data from the Call and Connect History tables. EXPORT TYPE Data may be exported to the following formats: • Record (.
MONITORING CONNECTIONS Connect History EXPORT This button exports the data indicated by the dates to the specified files. A file name must be specified for both the Connect History data and the Call History data. The exported data is copied from these tables and placed in a tab delineated file. The data includes what you see in the two tables with the addition of the following: Connect Number A unique number assigned by the SFVRA-CONN to the established connection.
USER’S GUIDE 5. Click Export or Delete. 6. Click Close to exit. PROBLEM LOG The problem log lists calls chronologically for the time that the problem occurred. It also includes the user name, the CyberSWITCH name, the calling telephone number, the type of failure, and the reason for failing. Failure types include authentication, connection, NAS down, and time restrictions.
MONITORING CONNECTIONS Problem Log User Name The remote user which the Remote Access Switch was connected. Start Time The time that this connection was established. Failure Type The type of failure as defined in the SQL Database table FAILURE_TYPES. Failure types include: • Authenticate failed • CSX Connection Active • CSX Keepalive Failure • Connect failed • Time restriction Reason A string defining the reason for failure as defined in the SQL Database table REASON_STRINGS.
USER’S GUIDE VIEWING THE PROBLEM LOG 1. On the Functions menu, select View Problem Log, or click dialog appears. 2. Enter a User Name, CyberSWITCH name, failure type, or any combination of the three and click Search. Note: 3. on the toolbar. The Problem Log Leaving a search field blank indicates a search for all in that category. Click Close to exit. PROBLEM LOG MANAGER The Problem Log continues to grow as more and more users connect with Remote Access Switches managed by SFVRA Connection Manager.
MONITORING CONNECTIONS Problem Log EXPORT TYPE Data may be exported to the following formats: • Record (.ASC) A fixed-width text file suitable for importing to client/server and mainframe databases such as DB2. • Tab-separated (.TSV) Tab characters separate fields, and new-line pairs separate records. Character fields are enclosed within double-quote (CHR$(34)) characters. • Text (.TXT) The equivalent of printing the report to the Generic/Text Only (TTY) printer driver to the FILE device. • DIF (.
USER’S GUIDE CONNECTION REPORTS The SFVRA Connection Manager provides the ability to create and print reports about the connection history and problem log. Connection history reports include a summary report and a detailed report. The problem log report is a summary report. You can select a user, or all users and a time frame for each report. Currently, you must have a default printer configured, even if you are printing to a file, in order to use Reports.
MONITORING CONNECTIONS Connection Reports The Detailed User Report provides all information about the connections within the specified time period. The information includes the user name, the CyberSWITCH name, the direction of the call, the type of connection that was made, the number of calls that were made per connection, the maximum bandwidth, the start and end time, the duration of the call, the calling number and the number that was called. This report is sorted by the disconnection time.
USER’S GUIDE Date The month and year the connection was established. User Name The remote user which the Remote Access Switch was connected. Reason for Failure A string defining the reason for failure as defined in the SQL Database table REASON_STRINGS.
MONITORING CONNECTIONS Database Information DATABASE INFORMATION Database Information displays general information about the SFVRA Connection Manager and its database. This is useful for determining whether the available space on the database needs to be cleared. If the database runs out of space, SFVRA-CONN will continue to function, but will not be able to log calls or problems. Call restriction polices may suffer as well.
USER’S GUIDE Note: All call times are rounded down. For example, any calls made between 4:00 and 4:59 are counted and marked at 4:00. VIEWING DATABASE INFORMATION 104 1. On the Functions menu, select Database Information, or click Information dialog appears. 2. Click View Call Log to see calls from the last 24 hours. 3. Click Close to exit. SFVRA Connection Manager on the toolbar.
ROUTINE MAINTENANCE OVERVIEW This chapter provides instructions for performing routine SFVRA Connection Manager maintenance such as: • performing a configuration back up • upgrading the application software • upgrading the database software CONFIGURATION BACK UP The SFVRA-CONN’s database data and the SFVRA-CONN application’s data is critical to the SFVRA Connection Manager’s operation. We strongly suggest that you back up this data in case you ever need to restore it.
USER’S GUIDE Upgrade the SFVRA-CONN software using the following steps: 1. Close any active applications. 2. Insert the SFVRA Manager Setup CD into the CD-ROM drive. If, as is usually the case, you CDROM is setup for AutoRun, the following screen will be displayed. To manually load the above screen, select Run from the Start Menu. Enter :\SCCD.EXE as the program to open, then select OK. 106 3. Click Install SFVRA Connection Manager. 4.
ROUTINE MAINTENANCE Upgrading the SFVRA Database UPGRADING THE SFVRA DATABASE The following instructions briefly discuss upgrading the SFVRA Database. Refer to the SQL Setup Utility chapter for more information. 1. Login to the MS SQL Server. Enter the Login ID sa and a password, if necessary, and click OK. The SQL Setup program executes. 2. The SQL Server Setup Utility first locates the SFVRA database. 3. Click OK to upgrade the database. 4.
SYSTEM VERIFICATION OVERVIEW After the SFVRA Connection Manager has been configured, and before proceeding with normal system operation, it is necessary to verify that the system is functional. This chapter provides instructions for verifying the system configuration. You only need to perform the verification procedures for the options that apply to your configuration. For example, if your configuration does not use CyberSWITCH - User Groups, skip the CyberSWITCH - User Groups verification section.
SYSTEM VERIFICATION Verifying that SFVRA-CONN has been Enabled on a CyberSWITCH This command will display a message similar to the following: lport ----2000 fhost --------------100.0.0.2 fport ----1253 window (l/r) -----------1182\8696 tstate -----------Established outq (s/u) ------------0/0 If the system displays this message, then a TCP connection has been established. Repeat this step for each SFVRA Service.
USER’S GUIDE VERIFYING GROUP ASSIGNMENTS To verify that CyberSWITCH systems and Users have been properly assigned to a group: 1. On the Functions menu, select CyberSWITCH - User Grouping, or click 2. Select the View tab. 3. Select an available group. on the toolbar. The CyberSWITCH systems and Users configured in the group are listed.
PROBLEM DIAGNOSIS OVERVIEW This chapter, when used in conjunction with the System Verification chapter, helps diagnose problems encountered in the verification process. TCP CONNECTIONS Problem: The CyberSWITCH connected to the same LAN as SFVRA Connection Manager does not receive a ping response from the SFVRA Service. Action: 1. Verify that the SQL Service is running. Under the Control Panel of the machine with the SQL Server, select Services. Ensure that the SQL Server is listed as Started.
SYSTEM MESSAGES OVERVIEW This chapter describes the types of system messages available. There are three categories of these messages based on where they are generated: the Client interface, the SQL database, and the Problem Log. The Client interface messages are divided into four types: error, warning, informational and interrogative. These messages have the title SFVRA Connection Manager:. The type of message is indicated by the number and by different symbols on the dialog box.
SYSTEM MESSAGES Client Interface Messages to view or change any information. We recommend that you upgrade the SFVRA database before upgrading the SFVRA-CONN Clients to avoid this error. Note: Version 2 Client software can only connect to version 2 of the SFVRA database. SFVRA Connection Manager: 1002 System Information is unavailable at this time.
USER’S GUIDE SFVRA Connection Manager: 1013 METRIC must be a value between 1 and 16. Invalid metric number. Reconfigure the metric to fall in the indicated range. SFVRA Connection Manager: 1014 The Login ID specified does not have access to the SFVRA database. Login failed. The Login ID is valid, however, it does not have permission to access the database. From the Control Panel, open ODBC. Ensure that Use Trusted Connection is turned off.
SYSTEM MESSAGES Client Interface Messages SFVRA Connection Manager: 1027 Invalid IPX Network Number. Enter a hexadecimal number between 0 and FFFFFFFE (0 for none). Reconfigure the Network Number to be within the defined parameters. SFVRA Connection Manager: 1028 Invalid AppleTalk Address An AppleTalk Address consists of the network number followed by a node ID. SFVRA Connection Manager: 1029 File names must be unique. Export Failed.
USER’S GUIDE SFVRA Connection Manager: 1038 This ADD only available in CyberSWITCH UPDATE mode. Please ADD the CyberSWITCH first. In order to add a user to a CyberSWITCH’S Priority User list, the CyberSWITCH must be previously configured in the database. Click Add at the bottom of the dialog to write the CyberSWITCH information to the database, and then click Add in the ISDN Users box or in the Modem Users box to configure Priority Users.
SYSTEM MESSAGES Client Interface Messages WARNING MESSAGES Warning messages signal events that you should investigate. These messages are indicated by on the dialog box, and may be normal during certain network conditions, or they may indicate a problem. The SFVRA-CONN should continue to operate after posting a warning message. There are currently no warning messages. INFORMATIONAL MESSAGES SFVRA-CONN provides several informational messages.
USER’S GUIDE SFVRA Connection Manager: 3007All Priority Users must be deleted prior to changing the CyberSWITCH’S group. This CyberSWITCH currently has Priority Users. These users will be unable to access this CyberSWITCH if the group is reconfigured. Delete the Priority Users before reconfiguring the CyberSWITCH’S group. SFVRA Connection Manager: 3008 Nothing has been SELECTED. In order to perform the selected function, such as deleting a telephone number, data must be selected.
SYSTEM MESSAGES Client Interface Messages SFVRA Connection Manager: 4006 DELETE entries form Problem List database tables? Indicates that information will be removed from the database. This information cannot be recovered once it is deleted. SFVRA Connection Manager: 4007 Are you sure you want to ADD to the group? Indicates that the selected CyberSWITCH(ES) or User(s) will be included into the selected group. Ensure that each CyberSWITCH within the group is available to handle the protocol(s) of the user.
USER’S GUIDE SFVRA Connection Manager: 4019 ADD IP Static Route: for User Name to the database? Indicates that the named IP Static Route will be added to the database. Ensure that the route information is accurate. SFVRA Connection Manager: 4020 DELETE IP Static Route: from the database? Indicates that the named static route will be deleted from the database. This information cannot be recovered once it is deleted.
SYSTEM MESSAGES SQL Error Messages SFVRA Connection Manager: 4029 DELETE SFVRA Service: from the database? Indicates that the named SFVRA Service will be deleted from the database. This information cannot be recovered once it is deleted. SFVRA Connection Manager: 4030 There are Network Proxy Services configured for this group. Do you want them to be deleted? Indicates that the group that will be deleted from the database has at least one Network Proxy Service assigned to it.
USER’S GUIDE REASONS FOR FAILURE The reasons for failure work in conjunction with the Failure types. While the Failure Type is listed in the PROBLEM_LIST table, a corresponding reason is listed in the REASON_STRING table. The following is a list of Reasons for Failure: Cannot aggregate this call. Connect Failed. In a Hunt Group situation, SFVRA-CONN aggregates calls across multiple CyberSWITCHES. Ensure Hunt Group phone number is specific to one CyberSWITCH. Cannot find this device name.
SYSTEM MESSAGES Problem Log Messages Invalid secret. Authenticate Failed. The call from the user was rejected based on an invalid secret. Ensure that the CHAP secret configured on the user matches the CHAP Secret in the database. No access at this time. Connect Failed. The call from the user was rejected or disconnected because of the time of day. Reconfigure the user’s Time of Day restriction to allow the call. No channels available. Connect Failed.
SQL SETUP UTILITY OVERVIEW A Microsoft SQL Server must be configured for SFVRA Connection Manager system. For best performance, we advise that you install the SQL Server on the same Windows NT machine as the SFVRA Service program. The SQL Server should be set up with SFVRA as the name, SFVRA as the Login ID and use c:\Program Files\SFVRA\SFVRA.SQL to create tables in the SFVRA database. The following instructions are for the SQL Setup Utility written for the ease of configuring your SQL Server.
SQL SETUP UTILITY Configuring the SQL Service for SFVRA-CONN Note: 5. If you want the Device to reside in a different place than indicated by the dialog, you must create the Device in the desired directory before running this application. Refer to the SQL Server Administrator’s Companion for information on creating the Device. Otherwise, sfvra.dat will be created in the same directory as master.dat.
USER’S GUIDE 7. When the SQL Setup program has finished, the following screen will be displayed. Ensure that no error messages are listed in the SQL Server Messages dialog. Click Close. EXPANDING THE SIZE OF TEMPDB If you received the following message during the SQL Setup, proceed with the steps outlined below. 126 1. Run the SQL Enterprise Manager. 2. On the Server Manager dialog, select the server that runs the SFVRA database. 3. From the Manage menu, select Database Devices. 4.
SQL SETUP UTILITY Upgrading the SQL Service for SFVRA-CONN 8. On the Database tab, click Expand. 9. Select master as the Database Device to determine where tempdb should take available space. 10. The default size is the unused space that was just created in master, however you may change the size to fit the needs of tempdb. We recommend that the size of tempdb be at least 9 MB. Click Expand Now. 11. Click OK. 12. Exit SQL Enterprise Manager. UPGRADING THE SQL SERVICE FOR SFVRA-CONN 1.
USER’S GUIDE 5. When the upgrade procedure is complete, the following screen appears: Ensure that no errors occurred. Scroll through the list of SQL Server Messages, if any. 6. 128 Click Close.
MANAGE LOGINS OVERVIEW There are three types of login accounts for SFVRA Connection Manager. The login ID “sa” is defined by the MS SQL Server for the system administrator. This account has complete access over SFVRA-CONN and all its applications. It is required to run the SQL Setup application and the Manage Logins application. SFVRARW is another type of login ID that has read/write privileges. The login ID “SFVRA“ has read/write privileges and is defined by the SQL Setup application.
USER’S GUIDE PASSWORD The Password of the account. DATABASE ACCESS Determines the type of access for the account. • Read/Write gives the account the rights to make changes within the Client interface. This does not provide the ability to add new accounts or modify existing accounts, including their own. • Read Only allows the account only the ability to view the information provided on the Client interface. Note: The Microsoft SQL Server must be 6.5 or later to configure Read Only access.
CONVERT OVERVIEW Convert allows the network administrator to translate user information from several formats into the SFVRA Connection Manager database file. Convert reads in the data and adds each user sequentially into the database. If the application encounters a statement that it doesn’t recognize, the conversion process will exit and an error message is shown that describes where the error can be found. Once the error is corrected, you can re-run Convert.
USER’S GUIDE CYBERSWITCH CONFIGURATION FILES The first type are system files for the CyberSWITCH. Convert uses two of these files: IP.NEI and NETWORK.NEI or DEVDB.NEI, depending upon which version of UAA software installed on the CyberSWITCH. The IP.NEI file contains static route information. A static route will be added to the SFVRA database for any user that is named as the next hop. The NETWORK.NEI file or the DEVDB.
CONVERT CyberSWITCH Configuration Files CHECK CLID Validates the Calling Line information received when an ISDN connection is made. The system will compare the incoming Calling Line ID with the value configured (if any) in the User List. If the numbers are identical the connection will be established. Otherwise, the system will reject the incoming call. When the Calling Line ID security is enabled, entering a Calling Line ID for each remote user is optional.
USER’S GUIDE TRANSFERRING .NEI FILES 1. Configure the Windows NT machine or CyberSWITCH so that they are on the same LAN. 2. Connect the two machines with a 10Base-T crossover cable. 3. Start a DOS prompt. 4. Ping the CyberSWITCH to ensure connectivity. For example, if the CyberSWITCH system’s LAN address is 134.141.131.1, type: ping 134.141.131.1 5. Use a TFTP client application to GET the files from the CyberSWITCH to the Windows NT machine.
CONVERT Convert System Messages Therefore user names that contain spaces will be processed incorrectly. For example, consider the following entry: JohnSmith sesame 1.1.1.1 “John” is processed as the user name, “Smith” is processed as the password, and “sesame” is processed as the IP address. Convert will accept sesame for the IP address.
USER’S GUIDE Other messages that you may encounter are SQL errors and are numbered by the SQL manufacturer. These numbers have the prefix RDO (Remote Data Object). Refer to the SQL Error Messages section of the Client System Messages chapter for more detail. ERROR MESSAGES Error messages signal that a procedure failed. These messages are indicated by on the dialog box and contain a description of each error message and suggestions for a resolution. Convert: 1000 A Login ID must be entered.
CONVERT Convert System Messages users processed and added to the database. The “x” indicates the number of user names read from the .NEI file by Convert, while “y” represents the number of users actually added to the database. Convert: 1008 Error adding user to database. Failure occurred at User Name: . User Record(s) processed: . User Record(s) added to the Database: . Indicates that Convert was unable to add a user from the NETWORK.NEI file or the DEVDB.
USER’S GUIDE INFORMATIONAL MESSAGES SFVRA Connection Manager provides several informational messages. The messages are indicated by on the dialog box and contain information mainly pertaining to actions that are a result of an action that the administrator provoked. Convert: 3000 User List Conversion Complete. User Record(s) Processed: . User Record(s) added to the Database . Convert successfully completed the conversion of the users from the NETWORK.NEI file, the DEVDB.NEI file, or the data file.
CSX MONITOR OVERVIEW CSX Monitor allows the network administrator to get a broad view of the TCP connection and the current calls to each CyberSWITCH. The status of each connection is displayed as no TCP/IP connection, waiting - undetected by the SFVRA Service, and TCP/IP connected. When a CyberSWITCH is added to the SFVRA database, CSX Monitor displays the CyberSWITCH within the amount of time indicated in the update cycle.
USER’S GUIDE RUNNING THE CSX MONITOR 1. From the Start menu\Programs\SFVRA, select CSX Monitor. 2. Enter a Login ID and a password, if necessary, and click OK. The CSX Monitor program executes. Note: 3. View the TCP connections and current calls to remote users. 4. For each CyberSWITCH with at least one current call, you may view information about the calls. a. Place the cursor over the CyberSWITCH name. The cursor changes to an arrow with a question mark. b. Click on the CyberSWITCH name.
BRIDGING NETWORK EXAMPLE OVERVIEW This chapter provides an example of a simple network using remote bridge devices to access remote users. Bridges are formed between each of the LANs to which the remote bridge devices are connected, and the LAN to which the Remote Access Switches administered by SFVRA Connection Manager is connected. Note that a Hunt Group is used for the BRI lines pictured in Network Topology Worksheet.
USER’S GUIDE NETWORK TOPOLOGY File Server VRA_Manager 128.1.1.10 128.1.1.
BRIDGING NETWORK EXAMPLE System Details SYSTEM DETAILS CyberSWITCH Name: LAN IP Address: TCP Port: CSX - User Group: BRIDGE_CSX 128.1.1.
USER’S GUIDE CONFIGURE THE CYBERSWITCH Configure the CyberSWITCH systems according to the procedures in the appropriate documentation. The purpose of this section is not to describe the configuration steps of CyberSWITCH systems, but to point out the areas that are necessary for the users to gain access under control of the SFVRA-CONN.
BRIDGING NETWORK EXAMPLE Configure the CyberSWITCH - User Grouping CONFIGURE THE CYBERSWITCH - USER GROUPING Note: The SFVRA Connection Manager software should have already been installed, and the Client interface should be activated before proceeding with the following steps. We will begin the network configuration by defining a CyberSWITCH - User Group. These groups can be used to determine which Remote Access Switches users are allowed to call.
USER’S GUIDE 3. Configure CyberSWITCH Properties. On the Properties tab, enter BRIDGE_CSX for the CyberSWITCH Name. Enter 128.1.1.1 for the IP Address. Enter 2000 for the TCP Port. Select REMOTE_BRIDGE as the CyberSWITCH Group. Enter 8 for the Number of ISDN Channels. The Properties tab will appear as follows: 4. Click Add and then Close. 5. Click Close on the CyberSWITCH List dialog. CONFIGURE USER RECORDS Note: The Client interface should be activated before proceeding the following steps.
BRIDGING NETWORK EXAMPLE Configure User Records 2. To add remote users, click Add. The User dialog appears. 3. Define the User Name. For this example, we will configure the user “Mike Mann” first. On the Address tab, enter Mike Mann for the User Name. Only the User Name is required and it must be unique. Other fields are informational for use by the Network Administrator or Help Desk.
USER’S GUIDE 4. Enable the Bridging Protocol. In order for the Remote Access Switches to be able to communicate with each user, the protocol used by the user needs to be identified. Select Bridging on the Protocols tab and enter the information as it appears below: 5. 148 On the Restrictions tab, accept the default values.
BRIDGING NETWORK EXAMPLE Configure User Records 6. Configure Authentication for user “Mike Mann.” Select Authentication on the Access tab. Select CPP as the Layer 2 Protocol. Select CPP as the Authentication Method. In this case, we opt to have security check both the Ethernet address and a password. Enter JXF30 for the User Password. Enter 000123456789 for the Ethernet Address. Enable Check CLID for additional security.
USER’S GUIDE 8. Assign the user to a group. In order for the user “Mike Mann” to be allowed to connect with the CyberSWITCH “BRIDGE_CSX,” the user must be in the same group. Select Groupings on the Access tab. Select REMOTE_BRIDGE in the User is not a member of box and click Add.
BRIDGING NETWORK EXAMPLE Verify Configurations 9. Configure Calling Line ID’s. Since we enabled Check CLID security, we need to configure a Calling Line ID to check. Select the Telephone tab. Under Calling Line ID(s), click Add, enter 13135551212, and click OK. Click Add again, enter 13135552121, and click OK. The Telephone tab should appear as shown below: 10. Click Update and then click Close. 11. Click Close on the User List dialog. Next enter the user information for Pat Smith.
IP NETWORK EXAMPLE OVERVIEW This sample network depicts a company that has an IP network with users accessing the network from their homes, from two satellite offices that have an IP Host that communicates through a Remote Bridge, and from a branch office that communicates through a router that does not support IP RIP. This CyberSWITCH uses a Primary Rate line that can support 23 users at 64Kbps.
IP NETWORK EXAMPLE Initial Installation Steps NETWORK TOPOLOGY File Server VRA_Manager 128.1.1.10 TCP Port 2000 128.1.1.2 SITE: San Fran IP_CSX CSX5500 Host PRI BRI 192.1.1.2 Fred Bear WAN Interface 192.1.1.1 IP UnNumbered Interface for SITE2 RLAN Interface 198.12.10.1 ISDN Remote Satellite Offices Host BRI Bridge Host LAN POWER 128.3.3.4 SERVICE TX RX SITE2 CSX1200 128.3.3.
USER’S GUIDE SYSTEM DETAILS CyberSWITCH Name: LAN IP Address TCP Port Number CSX - User Group IP_CSX 128.1.1.2 2000 IP RESOURCES Type PRI Ethernet-1 Slot 1 3 Switch type 5ESS Synchronization type slave LINES PRI Lines Name Slot Port Framing type Line coding Sig. method Line build-out Line 1 1 1 ESF B8ZS common channel 0-35 IP ROUTING IP Routing X enabled ❒ disabled Mode of Operation X router ❒ IP host Network Interface Information LAN Name San Fran IP address 128.1.1.
IP NETWORK EXAMPLE Configure the CyberSWITCH CONFIGURE THE CYBERSWITCH Configure the CyberSWITCH systems according to the procedures in the appropriate documentation. The purpose of this section is not to describe the configuration steps of CyberSWITCH systems, but to point out the areas that are necessary for the users to gain access under control of the SFVRA-CONN.
USER’S GUIDE CONFIGURE THE CYBERSWITCH - USER GROUPING Note: The Client interface should be activated before proceeding the following steps. We will begin the network configuration by defining a CyberSWITCH - User Group. These groups can be used to determine which Remote Access Switches the users are allowed to call. In this example, we will configure a group based on the user’s protocol. Note: CyberSWITCH - User Groupings can be used for all types of users, from all areas of your network.
IP NETWORK EXAMPLE Configure User Records 3. Configure CyberSWITCH Properties. On the Properties tab, enter IP_CSX for the CyberSWITCH Name. Enter 128.1.1.2 for the IP Address. Enter 2000 for the TCP Port. Select IP as the CyberSWITCH Group. Enter 23 for the Number of ISDN Channels. The Properties tab will appear as follows: 4. Click Add and then Close. 5.
USER’S GUIDE 2. To add remote users, click Add. The User dialog appears. 3. Define the User Name. For this example, we will configure the user “Fred Bear” first. On the Address tab, enter Fred Bear for the User Name. Only the User Name is required and it must be unique. Other fields are informational for use by the Network Administrator or Help Desk.
IP NETWORK EXAMPLE Configure User Records 4. Enable the IP Protocol. In order for the Remote Access Switches to be able to communicate with each user, the protocol used by the user needs to be identified. Select IP on the Protocols tab and enable IP. Enter the IP Address 198.12.10.0. 5. On the Restrictions tab, accept the default values.
USER’S GUIDE 6. Configure Authentication for user “Fred Bear.” Select Authentication on the Access tab. Select PPP as the Layer 2 Protocol. Select None as the Authentication Method. After the user authentication has been entered, the Authentication tab will appear as follows: 7. Click Add. Certain user features require the user to be configured in the database before the feature itself can be configured.
IP NETWORK EXAMPLE Configure User Records 8. Assign the user to a group. In order for the user “Fred Bear” to be allowed to connect with the CyberSWITCH “IP_CSX,” the user must be in the same group. Select Groupings on the Access tab. Select IP in the User is not a member of box and click Add. The Groupings tab should appear as shown below: 9. Click Update and then click Close. 10. Click Close on the User List dialog.
USER’S GUIDE 3. Define the User Name. On the Address tab, enter Monterey for the User Name. Only the User Name is required and it must be unique. Other fields are informational for use by the Network Administrator or Help Desk. 4. Enable the Bridging Protocol. In order for the Remote Access Switches to be able to communicate with each user, the protocol used by the user needs to be identified. Select Bridging on the Protocols tab and enable Bridging.
IP NETWORK EXAMPLE Configure User Records 8. Assign the user to a group. In order for the user “Monterey” to be allowed to connect with the CyberSWITCH “IP_CSX,” the user must be in the same group. Select Groupings on the Access tab. Select IP in the User is not a member of box and click Add. 9. Click Update and then click Close. 10. Click Close on the User List dialog. Next enter the user information for Carmel.
USER’S GUIDE 6. Configure a static route. Select IP on the Protocols tab. Under Static Routes, click Add Route. Enter 128.3.0.0 as the Destination IP Address, and press the Tab key. Accept the default Subnet Mask, and press the Tab key. Enter a Metric value of 1, and click Add. The IP tab will appears as follows: Note: 164 Although “SITE2” is a callable user, the Callable feature can not be enabled until a telephone number is configured.
IP NETWORK EXAMPLE Configure User Records 7. Increase the Maximum Bandwidth. In this example, user “dallasnet” has no call restrictions and a maximum bandwidth of 256000 bps. Select the Restrictions tab and enter the information as it appears below. 8. Configure Authentication for user “Monterey.” Select Authentication on the Access tab. Select PPP as the Layer 2 Protocol. Select CHAP as the Authentication Method. Enter ikcd98s for the CHAP Secret. 9. Assign the user to a group.
USER’S GUIDE 10. Configure a telephone line for central site calls. In order for a CyberSWITCH to call user “SITE2,” the type of connection needs to be defined and a telephone number for the user must be available. Select the Telephone tab. Select ISDN as the Connect Type. Under Telephone Number(s), click Add, enter 913135553232 , and click OK. 11. Configure the user “SITE2” to be callable by the central site. Return to IPX on the Protocols tab. Enable the Callable feature. 12.
IP NETWORK EXAMPLE Configure Network Proxies 2. Configure basic routing properties. On the Properties tab, select RIP V.1 as the Routing Protocol. 3. Define the location of the SFVRA Service(s). Select the SFVRA Connection Manager Services tab. Click Add. Enter 128.1.1.10 as the IP Address. Enter SFVRA-CONN for the Description. Click OK.
USER’S GUIDE 4. Assign the RIP Service to a group. Select the Network Proxies tab. Click Add. Enter SFVRA_CONN for the Computer Name. Enter RIP Service for the Description. Select IP as the Group. Click OK. 5. Click Close. VERIFY CONFIGURATIONS Steps on how to verify the installation are detailed in the System Verification chapter. Refer to the System Verification chapters of your CyberSWITCH documentation for more specific details on verifying the CyberSWITCH features.
IPX NETWORK EXAMPLE OVERVIEW This sample network uses IPX protocol to allow remote devices and their servers to communicate. It illustrates a master network (“Enterprise LAN”) which supports the following: • a Virtual Ethernet WAN network to communicate with remote bridges (using a Remote LAN interface) • a traditional WAN network to communicate with a remote IPX router (using a traditional WAN interface).
USER’S GUIDE NETWORK TOPOLOGY VRA_Manager Server Detroit Master Network External # 0100 128.1.1.10 TCP Port 2000 128.1.1.
IPX NETWORK EXAMPLE System Details SYSTEM DETAILS CyberSWITCH Name LAN IP Address TCP Port Number CSX - User Group IPX_CSX 128.1.1.
USER’S GUIDE CONFIGURE THE CYBERSWITCH Configure the CyberSWITCH systems according to the procedures in the appropriate documentation. The purpose of this section is not to describe the configuration steps of CyberSWITCH systems, but to point out the areas that are necessary for the users to gain access under control of the SFVRA-CONN.
IPX NETWORK EXAMPLE Configure the CyberSWITCH - User Grouping CONFIGURE THE CYBERSWITCH - USER GROUPING Note: The SFVRA Connection Manager software should have already been installed, and the Client interface should be activated before proceeding the following steps. We will begin the network configuration by defining a CyberSWITCH - User Group. These groups can be used to determine which Remote Access Switches users are allowed to call.
USER’S GUIDE 4. Click Add and then Close. 5. Click Close on the CyberSWITCH List dialog. CONFIGURE USER RECORDS Note: The Client interface should be activated before proceeding the following steps. In this example, there are two types of IPX users, IPX WAN and Remote LAN. Using the detailed instructions for these steps found in Configuring Users, complete the configuration information indicated in the following procedures.
IPX NETWORK EXAMPLE Configure User Records 2. To add remote users, click Add. The User dialog appears. 3. Define the User Name. For this example, we will configure the user “dallasnet” first. On the Address tab, enter dallasnet for the User Name. Only the User Name is required and it must be unique. Other fields are informational for use by the Network Administrator or Help Desk.
USER’S GUIDE 4. Enable the IPX Protocol. In order for the Remote Access Switches to be able to communicate with each user, the protocol used by the user needs to be identified. Select IPX on the Protocols tab and Enable IPX and the IPX WAN Protocol. Select Triggered RIP/SAP as the Routing Protocol. Select ACTIVE as the WAN Peer Type. Note: 176 Although “dallasnet” is a callable user, the Callable feature can not be enabled until a telephone number is configured.
IPX NETWORK EXAMPLE Configure User Records 5. Increase the Maximum Bandwidth. In this example, user “dallasnet” has no call restrictions and a maximum bandwidth of 256000 bps. Select the Restrictions tab and enter the information as it appears below. 6. Configure Authentication for user “dallasnet.” Select Authentication on the Access tab. Select PPP as the Layer 2 Protocol. Select PAP as the Authentication Method. Enter dnpswd for the User Password.
USER’S GUIDE 7. Click Add. Certain user features require the user to be configured in the database before the feature itself can be configured. These feature include: configuring static routes, assigning a user to a group, and configuring telephone numbers and Calling Line ID’s. The next parameter that we will configure for user “dallasnet” is the CyberSWITCH - User Group, therefore we need to add the user to the database first. 8. Assign the user to a group.
IPX NETWORK EXAMPLE Configure User Records 9. Configure a telephone line for central site calls. In order for a CyberSWITCH to call user “dallasnet,” the type of connection needs to be defined and a telephone number for the user must be available. Select the Telephone tab. Select ISDN as the Connect Type. Under Telephone Number(s), click Add, enter 912143339999 , and click OK. 10. Configure the user “dallasnet” to be callable by the central site. Return to IPX on the Protocols tab.
USER’S GUIDE 3. Define the User Name. On the Address tab, enter tampabr as the User Name. Only the User Name is required and it must be unique. Other fields are informational for use by the Network Administrator or Help Desk. 4. Enable the Bridging Protocol. In order for the Remote Access Switches to be able to communicate with each user, the protocol used by the user needs to be identified. Select Bridging on the Protocols tab and Enable the Bridging Protocol. Enter 0128 for the IPX Network Number.
IPX NETWORK EXAMPLE Configure Network Proxies 8. Assign the user to a group. In order for the user “tampabr” to be allowed to connect with the CyberSWITCH “IPX_CSX,” the user must be in the same group. Select Groupings on the Access tab. Select IPX in the User is not a member of box and click Add. 9. Click Update and then click Close. 10. Click Close on the User List dialog. Next enter the user information for orlandobr. This user will not have an External Network Number configured.
USER’S GUIDE 3. Define the location of the SFVRA Service(s). Select the SFVRA Services tab. Click Add. Enter 128.1.1.10 as the IP Address. Enter SFVRACONN for the Description. Click OK. 4. Assign the RIP Service to a group. Select the RIP Services tab. Click Add. Enter SFVRA-CONN for the Computer Name. Enter RIP Service for the Description. Select IPX as the Group. Click OK. 5. 182 Click Close.
IPX NETWORK EXAMPLE Verify Configurations VERIFY CONFIGURATIONS Steps on how to verify the installation are detailed in the System Verification chapter. Refer to the System Verification chapters of your CyberSWITCH documentation for more specific details on verifying the CyberSWITCH features. This section gives an outline of which steps should be executed.
APPLETALK NETWORK EXAMPLE OVERVIEW This chapter provides an example configuration of an AppleTalk Routing network. Our AppleTalk network is made up of two LANs, separated by the WAN. The Macs on each side of the WAN need to exchange packets with the MACs on the other side of the WAN. Both LANs also have a CyberSWITCH (SITE1 and SITE2). When configured for AppleTalk routing, SITE1 and SITE2 will provide the access the MACs need.
APPLETALK NETWORK EXAMPLE Initial Installation Steps NETWORK TOPOLOGY MAC MAC VRA_Manager 128.1.1.10 APPLETALK_CSX TCP Port 2000 128.1.1.4 SITE1 AppleTalk Configuration Network Range: 10-13 Zones: SITE1.Engineering (default) SITE1.Marketing CSX5500 ISDN SITE2 CSX5500 SITE2 AppleTalk Configuration Network Range: 45-50 Zones: SITE2.Engineering (default) SITE2.
USER’S GUIDE SYSTEM DETAILS CyberSWITCH Name: LAN IP Address: TCP Port Number: CSX - User Group: APPLETALK_CSX 128.1.1.
APPLETALK NETWORK EXAMPLE System Details APPLETALK ROUTING AppleTalk Routing/Port Information AppleTalk routing X enabled LAN Name ❒ disabled lanport1 Port number 1 Network type X extended ❒ nonextended Netwk range/ number 10-13 AppleTalk address (none) Zone name(s) WAN site1.eng site1.
USER’S GUIDE CONFIGURE THE CYBERSWITCH Configure the CyberSWITCH systems according to the procedures in the appropriate documentation. The purpose of this section is not to describe the configuration steps of CyberSWITCH systems, but to point out the areas that are necessary for the users to gain access under control of the SFVRA-CONN.
APPLETALK NETWORK EXAMPLE Configure the CyberSWITCH - User Grouping CONFIGURE THE CYBERSWITCH - USER GROUPING Note: The SFVRA Connection Manager software should have already been installed, and the Client interface should be activated before proceeding the following steps. We will begin the network configuration by defining a CyberSWITCH - User Group. These groups can be used to determine which Remote Access Switches users are allowed to call.
USER’S GUIDE 3. Configure CyberSWITCH Properties. On the Properties tab, enter APPLETALK_CSX for the CyberSWITCH Name. Enter 128.1.1.4 for the IP Address. Enter 2000 for the TCP Port. Select APPLETALK as the CyberSWITCH Group. Enter 2 for the Number of ISDN Channels. The Properties tab will appear as follows: 4. Click Add and then Close. 5. Click Close on the CyberSWITCH List dialog CONFIGURE USER RECORDS Note: The Client interface should be activated before proceeding the following steps.
APPLETALK NETWORK EXAMPLE Configure User Records 2. To add remote users, click Add. The User dialog appears. 3. Define the User Name. On the Address tab, enter SITE2 for the User Name. Only the User Name is required and it must be unique. Other fields are informational for use by the Network Administrator or Help Desk.
USER’S GUIDE 4. Enable the AppleTalk Protocol. In order for the Remote Access Switches to be able to communicate with each user, the protocol used by the user needs to be identified. Select AppleTalk on the Protocols tab and Enable AppleTalk. Enter 0 for the Network Number. Enter 0 for the Node ID. Select None as the Routing Protocol. Note: 192 Although “SITE2” is a callable user, the Callable feature can not be enabled until a telephone number is configured.
APPLETALK NETWORK EXAMPLE Configure User Records 5. Increase the Maximum Bandwidth. In this example, user “SITE2” has no call restrictions and a maximum bandwidth of 384000 bps. Select the Restrictions tab and enter the information as it appears below. 6. Configure Authentication for user “dallasnet.” Select Authentication on the Access tab. Select PPP as the Layer 2 Protocol. Select CHAP as the Authentication Method. Enter ikcd98s for the CHAP Secret.
USER’S GUIDE 7. Click Add. Certain user features require the user to be configured in the database before the feature itself can be configured. These feature include: configuring static routes, assigning a user to a group, and configuring telephone numbers and Calling Line ID’s. The next parameter that we will configure for user “SITE2” is the CyberSWITCH - User Group, therefore we need to add the user to the database first. 8. Assign the user to a group.
APPLETALK NETWORK EXAMPLE Configure Network Proxies 9. Configure a telephone line for central site calls. In order for a CyberSWITCH to call user “SITE2,” the type of connection needs to be defined and a telephone number for the user must be available. Select the Telephone tab. Select ISDN as the Connect Type. Under Telephone Number(s), click Add, enter 913135553232 , and click OK. 10. Configure the user “SITE2” to be callable by the central site. Return to AppleTalk on the Protocols tab.
USER’S GUIDE 2. Configure basic routing properties. On the Properties tab, select RIP V.1 as the Routing Protocol. 3. Define the location of the SFVRA Service(s). Select the SFVRA Services tab. Click Add. Enter 128.1.1.10 as the IP Address. Enter SFVRACONN for the Description. Click OK.
APPLETALK NETWORK EXAMPLE Verify Configurations 4. Assign the RIP Service to a group. Select the Network Proxies tab. Click Add. Enter SFVRA-CONN for the Computer Name. Enter RIP Service for the Description. Select APPLETALK as the Group. Click OK. 5. Click Close. VERIFY CONFIGURATIONS Steps on how to verify the installation are detailed in the System Verification chapter.
SQL DATABASE SCRIPT DEFINITIONS OVERVIEW This chapter contains the SQL Database script definitions used to install the SFVRA database. With this information, an advanced SQL administrator may run queries in the ISQL_w application. For example, the administrator may find it convenient to change one field in the database for all users or CyberSWITCH systems with one command, instead of opening each entry in the Client interface.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables CITY Identifies the city of a responsible person for the CyberSWITCH. The SFVRA Service does not use this information. CITY is not currently supported. STATE Identifies the state of a responsible person for the CyberSWITCH. The SFVRA Service does not use this information. STATE is not currently supported. COUNTRY Identifies the country of a responsible person for the CyberSWITCH. The SFVRA Service does not use this information.
USER’S GUIDE IP_POOL_END The last address used to create a pool of addresses in the IP_POOL table for the CyberSWITCH. ENABLE_DYN_IP_ADDR Indicates if IP Pooling is enabled or disabled for the CyberSWITCH. If enabled, an entry is created in the IP_POOL table for each address between IP_POOL_START and IP_POOL_END for the SERVER_NAME. A value of TRUE indicates that IP Pooling is enabled, while FALSE means it is disabled. GROUP_ID Represents the group to which the CyberSWITCH belongs.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables NUMBER_TYPE Defines the type of number for the User. Refer to the Number Type options table below to translate the number type codes. Code Number Type Options 1 Telephone Number 2 Calling Line ID CALLNUMBER The number. IP_POOL Entries are created in this table by the Client interface when the IP Address Pool is enabled for a CyberSWITCH. SERVER_NAME The CyberSWITCH to which the IP address belongs.
USER’S GUIDE PROBLEM_LIST The SFVRA Service creates entries in this table whenever a call has some type of problem. SERVER_NAME The CyberSWITCH involved in this problem. USER_NAME The user involved in this problem. CONNECT_ID The Connect ID on the CyberSWITCH that had the problem. This number is an index into an array on the CyberSWITCH. It is used by the SFVRA Service to uniquely identify a connection on a CyberSWITCH and is of no informative purpose to the customer.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables REASON_STRING The reason for the failure. CALL_HISTORY The SFVRA Service creates entries in this table when a connection has gone down. All calls that made up this connection are moved from the CURRENT_CALL table to this table. CALLNR An identity field to uniquely identify this entry. CONNECTNR The number that ties the call to the connection in the CONNECT_HISTORY table. CONNECT_ID The Connect ID on the CyberSWITCH for the call.
USER’S GUIDE CALL_DIRECTION A string representing the direction of the call. IN stands for a call made in to a CyberSWITCH from a remote user. OUT means that the CyberSWITCH made a call out to a remote user. DEDICATED indicates a dedicated line. ADVICE_OF_CHARGES A number returned from the phone switch about the cost of the call. Note that this is only applicable in Japan. IN_OCTET_COUNT The number of octets of data that was received by the CyberSWITCH during the call.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables MAX_BANDWIDTH A number that represents the maximum bandwidth that was ever used during the connection. IN_OCTET_COUNT The number of octets of data received by the CyberSWITCH during the connection. OUT_OCTET_COUNT The number of octets of data transmitted by the CyberSWITCH during the connection. IP_ADDRESS The IP address of the remote user involved in the connection.
USER’S GUIDE CALLDIRECTION_ID The direction of the call as referenced in the USER_CALLDIRECTIONS table. CALL_STATUS The current status of the call. Active means that the call is currently in place. Dropped means that as bandwidth decreases, calls within a connection may be dropped. Unknown means the call is in an unknown state. The unknown state is entered for any call that was Active when the TCP connection between the CyberSWITCH and the SFVRA-CONN was lost.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables CONNECT_ID The Connect ID on the CyberSWITCH for the connection. This number is an index into an array on the CyberSWITCH. It is used by the SFVRA Service to uniquely identify a connection on a CyberSWITCH and is of no informative purpose to the customer. START_TIME The start time of the connection. CONNECTTYPE_ID The type of the call that initiated the connection as referenced in the USER_CONNECTTYPES table.
USER’S GUIDE AUTHENTICATION_ID A number that represents the type of authentication to perform when a call is being negotiated to or from the user. ID Authentication Type 1 Password Authentication Protocol (PAP) 2 Challenge Handshake Authentication Protocol (CHAP) 3 Calling Line ID (CLID) 4 None 5 Combinet Proprietary Protocol (CPP 6 NT USER_PASSWORD A string used for PAP or NT Authentication. This string is only used if the AUTHENTICATION_ID indicates PAP or NT Authentication.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables LAYER2_ID A number that indicates the type of layer 2 protocol to negotiate with this user. ID Layer 2 Protocol 0 Point to Point Protocol (PPP) 1 Combinet Proprietary Protocol (CPP) ETHERNET_ADDR The Ethernet address of the User. Note that this value is only valid if AUTHENTICATION_ID indicates CPP authentication. ENABLE_COMPRESSION Indicates if compression is enabled or disabled for the User.
USER’S GUIDE MAX_BANDWIDTH A number that represents the maximum bandwidth that will ever be allowed to the User. CONNECTYPE_ID A number that references the CONNECTTYPE_ID in the USER_CONNECTTYPES table that indicates what type of connection to make with the User. BASE_DATARATE A number indicating the base data rate of connections for the User. TOD_NOT_BEFORE The number of minutes since midnight before which a User is not allowed connections. Note that this is only valid if NO_RESTRICTIONS is set to FALSE.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables SPOOF_WD_DEFAULT_IPX Indicates how a CyberSWITCH should handle IPX Watchdog Protocol when there is no connection established with the User. Refer to the Spoofing options table below to translate the spoofing codes. Code Spoofing Options 1 Forward 2 Spoof 3 Discard SPOOF_WD_CONNECT_IPX Indicates how a CyberSWITCH should handle IPX Watchdog Spoofing while there is a connection to the User.
USER’S GUIDE SPOOF_IPX_MESSAGE_PACKET Indicates how a CyberSWITCH should handle Message Waiting packets, which are sent by servers to attached clients to inform them that the server has a message to send to them. Refer to the packet handling options table above to translate the packet handling codes. DM_BEARER Describes the bearer capabilities for the User’s modem. Refer to the modem bearer capabilities table below to translate the bearer codes.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables IPX_TRIGGER_TYPE Defines the WAN Peer type for the User. Refer to the WAN Peer Type options table below to translate the peer type codes. Code WAN Peer Type Options 0 Passive 1 Active IPX_NETWORK_NUMBER A decimal number that represents the hexadecimal IPX Remote LAN Network Number for the User. GROUP_ID A number matching in the GROUPS table to which the User belongs.
USER’S GUIDE USER_AUTH_TIME Indicates the last time that user level security authentication was preformed for the User. AUTH_TIMEOUT The grace period for User level Authentication, which is the amount of time, in minutes, that the user will not be re-authenticated at the user level. USER_ACCUM The SFVRA Service creates the entries in this table the first time a connection is established with a User. The table is updates on each connection thereafter.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables CATEGORY_NAME A string created by the administrators of SFVRA-CONN’s Client interface to do their own categorizing. USER_INFO Entries are created in this table by the Client interface for every User configured. Note: For every entry in the USER_INFO table there must be a corresponding entry in the USER_ACCESS table. USER_NAME A string used to uniquely identify a User. NAME_LAST Identifies a responsible person for the User.
USER’S GUIDE FAX Identifies the fax number of a responsible person for the User. The SFVRA Service does not use this information. EMAIL Identifies the email address of a responsible person for the User. The SFVRA Service does not use this information. ACCT_ID The ACCT_ID is reserved for a future feature. The SFVRA Service does not use this information. ACCT_ID is not currently supported. Note: ACCT_ID cannot be NULL, even though this field is not currently supported.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables CONNECTTYPE_ID The type of connection for the User as referenced in the USER_CONNECTTYPES table. USER_AUTHENTICATIONS This table is currently not in use by the current version of the SFVRA Service or the Client interface and will be removed at a later date. The inclusion of this table is necessary for backward compatibility. AUTHENTICATION_ID AUTHENTICATION_ID is not currently supported.
USER’S GUIDE CONN_REPORT_HDR The Client Interface uses this table to create reports defined by the administrator. This table is filled with the information defined by the date range and type of report from the Reports dialog of the Client Interface when either the Preview or Print buttons are clicked. This table should not be modified. CONN_REPORT_DET The Client Interface uses this table to create reports defined by the administrator.
SQL DATABASE SCRIPT DEFINITIONS SFVRA Database Tables GROUP_NAME A string representation created by an administer for Groupings. USER_GROUPS Entries are created in this table when a User is added to more than one group. When a User belongs to more than one group, the GROUP_ID in the USER_ACCESS table is 0 and the group correlations for the User are found in this table. Users are listed once for each group to which they belong. USER_NAME The user for which this GROUP_ID is valid.
USER’S GUIDE VERSION The entry in this table is created when the database is installed or upgraded. It indicates what version of the SFVRA database is being run to ensure that the Client interface and SFVRA Service do not attempt to reference fields that do not exist in the database. VERNUMBER The version number of the database. It is used by SFVRA to ensure the fields it is trying to reference are there. ISSUE The issue number of the database.
GETTING ASSISTANCE REPORTING PROBLEMS For a fast response, please take the time to fill out the System Problem Report to inform us of any difficulties you have with our products. A copy of this report can be found at the end of this chapter. This report provides us with important information to diagnose and respond to your questions. Please pay special attention to the following areas: FAX Header The System Problem Report has been designed as a FAX form.
USER’S GUIDE DATE: ______________ TO: CUSTOMER SERVICE Cabletron Systems (603) 332-9400 PHONE (603) 337-3075 FAX NUMBER OF PAGES INCLUDING THIS PAGE: ______ FROM: ______________________________________ COMPANY:______________________________________ ADDRESS: ______________________________________ ______________________________________ PHONE: ______________________________________ FAX: ______________________________________ ____________________________________________________________________________________
Index INDEX A ACCESS_SERVER 198 ACCESS_SERVER_STATUS Adobe Acrobat Reader 28 AppleTalk 58 example network 184 network number 58 node ID 59 routing protocol 59 applications Convert 131 CSX Monitor 139 Manage Logins 129 SQL Setup Utility 124 authentication CHAP 65 CLID 67 device level 63 PAP 65 user level 64 Windows NT 66 B backing up data 105 base data rate 61 baud rate 74 bearer capabilities 74 bridging 53 dial out 53 example networks IP RLAN 55 IPX RLAN 56 141 C call detail recording 14 CALL_HISTORY 2
USER’S GUIDE dial out connect type 73 number 73 subaddress 74 dynamic address assignment H 18, 44 E error messages Client 112 Convert 136 ethernet address 67 example networks AppleTalk 184 bridging 141 IP 152 IPX 169 export connect history 93 problem log 98 reports 102 F failure messages 121 FAILURE_TYPES 202 feature overviews bandwidth agility 14 call back 14 call restriction 14 centralized management 14 high availability 15 load leveling 15 network security 15 pooling 15 protocol discrimination 15 us
Index M Manage Logins 129 manage tables connect history 93 problem log 98 maximum bandwidth 61 message packet handling 52 messages Client error 112 failure 121 informational 117 interrogative 118 reasons for failure 122 warning 117 Convert error 136 informational 138 interrogative 138 warning 137 SQL error 121 metric value 45 MIB file compiling 27 location 27 N NDIS driver installation 26 network number AppleTalk 58 IP RLAN 54 IPX RLAN 54 network proxies 86 properties 83 SFVRA services NT security 66 84
USER’S GUIDE U services proxy ARP 31 RIP 31 SFVRA 30 starting/stopping 32 SFVRA enabled on CSX operation verification service 30, 84 SFVRA Connection Manager functions 13 SFVRA_SERVER 219 SNMP compiling MIB file 27 configuring service 27 installing service 27 software installation 24 upgrade 105 spoofing options 51 SPX protocol 50 SQL error messages 121 SQL Server installation 21 SQL server setup utility 124 STAC-LZS number 70 static routes 13, 45 STATIC_IP_ROUTES 201 subaddress 74 subnet mask 45 summary