Manual

ManualsBrandsParadyne ManualsHardwareCSU

161

162

163

164

165

166

167

168

169

170

Table Of Contents

Contents
About This Guide
- Purpose and Intended Audience
- Document Organization
- Product-Related Documents
- Conventions Used
1. About the FrameSaver SLV
- System Overview
  - CSU/DSU-Specific Features
  - Router-Specific Features
- FrameSaver Diagnostic and SLM Feature Sets
- FrameSaver Diagnostic Feature Set
  - Additional FrameSaver SLV 9126-II and 9128-II Features
  - Additional FrameSaver SLV 9128-II Features
- FrameSaver SLM Feature Set
- OpenLane SLM System
- NetScout Manager Plus and NetScout Probes
2. User Interface and Basic Operation
- Logging On
- Main Menu
- Screen Work Areas
- Navigating the Screens
- Navigating the Router’s CLI
  - CLI Keyboard Keys
3. Configuration Procedures
- Basic Configuration
4. Configuration Options
- Using the Easy Install Feature
- Using RIP with FrameSaver SLV CSU/DSUs
- Entering System Information and Setting the System Clock
- Setting Up the Modem
  - Setting Up Call Directories for Trap Dial-Out
  - Setting Up to Use the Modem PassThru Feature
- Setting Up Auto-Configuration
  - Selecting a Frame Relay Discovery Mode
  - Automatically Removing a Circuit
- Setting Up Dial Backup
- PVC Backup Over the Network Interface
- Setting Up Back-to-Back Operation
  - Changing Operating Mode
- Configuration Option Tables
- Configuring the Overall System
- Configuring Physical Interfaces
- Assigning Time Slots/Cross Connections
- Configuring Frame Relay for an Interface
- Manually Configuring DLCI Records
- Configuring PVC Connections
- Configuring the IP Path List
- Setting Up Management and Communication Options
- Configuring the Criteria for Automatic Backup
5. Configuring the FrameSaver SLV Router
- FrameSaver SLV Router Overview
- IP Routing
- Address Resolution Protocol
- Proxy ARP
- Interface Configuration
- Network Address Translation
- Network Address Port Translation
  - NAPT Configuration Example
  - NAT and NAPT Configuration Example
- Dynamic Host Configuration Protocol Server
  - DHCP Server with NAT Configuration Example
  - DHCP Server at Remote Site Configuration Example
- DHCP Relay Agent
- Router Security
- Provisioning the Router Interface
- Configuring the Router Using Terminal Emulation
  - Uploading and Downloading the Router Configuration Via the CLI
6. Security and Logins
- Limiting Access
- Controlling Asynchronous Terminal Access
- Limiting Dial-In Access via the Modem Port
- Controlling ISDN Access
  - ISDN Call Security
  - Disabling ISDN Access
- Controlling Telnet or FTP Access
- Controlling SNMP Access
- Creating a Login
- Modifying a Login
- Deleting a Login
- Controlling Router CLI Access
  - Access Levels (Command Modes)
  - Changing Access Levels
7. Operation and Maintenance
- Displaying System Information
- Viewing LEDs and Control Leads
- Device Messages
- Status Information
- IP Routing Table
- Performance Statistics
- Trap Event Log
- Modem Operation
- ISDN DBM Operation
- FTP File Transfers
- Turning Off the System Alarm Relay
8. Troubleshooting
- Problem Indicators
- Resetting the Unit and Restoring Communication
- Troubleshooting Management Link Feature
- LMI Packet Capture Utility Feature
  - Viewing Captured Packets from the Menu-Driven User Interface
- Alarms
- Viewing the Trap Event Log
- Troubleshooting Tables
- Tests Available
  - Test Timeout Feature
  - DBM Tests
- Starting and Stopping a Test
  - Aborting All Tests
- PVC Tests
- Physical Tests
- IP Ping Test
  - IP Ping Test – Procedure 1
  - IP Ping Test – Procedure 2
- Lamp Test
9. Setting Up OpenLane for FrameSaver Devices and Activating SLM Features
- OpenLane Support of FrameSaver Devices
- Setting Up the OpenLane SLM System
- Setting Up FrameSaver Support
- Ordering SLM Feature Set Activations
  - To Find Your License Key Number
  - The Activation Certificate
- Administering and Managing SLM Activations
10. Setting Up NetScout Manager Plus for FrameSaver Devices
- Preparation
- Configuring NetScout Manager Plus
- Monitoring a DLCI’s History Data
- Monitoring the Agent Using NetScout Manager Plus
- Statistical Windows Supported
11. Setting Up Network Health for FrameSaver Devices
- Installation and Setup of Network Health
- Discovering FrameSaver Elements
- Configuring the Discovered Elements
- Grouping Elements for Reports
- Generating Reports for a Group
- Reports Applicable to SLV Devices
A. Menu Hierarchy
- Menus
B. SNMP MIBs and Traps, and RMON Alarm Defaults
- MIB Support
- Downloading MIBs and SNMP Traps
- System Group (mib-2)
  - FrameSaver Unit’s sysDescr (system 1)
  - FrameSaver Unit’s sysObjectID (system 2)
- Interfaces Group (mib-2)
  - Paradyne Indexes to the Interface Table (ifTable)
  - NetScout Indexes to the Interface Table (ifTable)
- Standards Compliance for SNMP Traps
- RMON Alarm and Event Defaults
- Object ID Cross-References (Numeric Order)
C. Router CLI Commands, Codes, and Designations
- CLI Commands
- Ethernet Type Codes
- Protocol and Port Designations
D. Router Command Line Summaries and Shortcuts
- CLI Summaries
E. Connectors, Cables, and Pin Assignments
- Rear Panels
- COM Port Connector
- DTE Port Connector
  - Standard V.35 Straight-through Cable
  - Standard V.35 Crossover Cable
- DSX-1 Connector
- T1 Network Cable (Feature No. 3100-F1-500)
  - T1 Mass Termination Cable (Feature No. 9007-F1-500)
  - Canadian T1 Line Interface Cable (Feature No. 3100-F1-510)
- Ethernet Port Connector
- Modem Connector
- ISDN DBM Connector
  - ISDN Modular Cable
F. Technical Specifications
G. Equipment List
- Equipment
- Cables
Index
- Numerics
- A
- B
- C
- D
- E
- F
- G
- H
- I
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- Y

5. Configuring the FrameSaver SLV Router

5-14

September 2002 9128-A2-GB20-80

Router Security

The router offers security via the following:

Filtering can be enabled or disabled for inbound and/or outbound traffic:

— Ethertype

— ICMP Message Type, Code

— IP Protocol Type: TCP, UDP, or ICMP

— TCP/UDP Ports

— IP Source/Destination IP Address

Always enabled:

— Land Bug Prevention

— Smurf Attack Prevention

IP Router Filtering

Router filtering does not apply when the router is in bridge-only mode. By default,

filtering is disabled on the router. Filtering provides security advantages on LANs

by restricting traffic on the network. A filter consists of a set of rules applied to a

specific interface to indicate whether a packet received or sent on that interface is

forwarded or discarded.

Filters are configured in general router configuration mode, then applied to the

Ethernet or frame relay network interface. Filters are applied to traffic in either the

transmit or receive direction on that interface.

There is one filter access list per interface, per direction, with a maximum of

33 rules per list. For IP filters, all rules with a source host IP address are applied

first; all rules with a destination host IP address are applied next. The remaining

filters are applied in the order in which they were configured.

Bridge Filtering

Bridge filtering does not apply when the router is in router-only mode. When

bridging is enabled, separate ethertype filters are applied to the Ethernet and

frame relay interfaces. They are applied to traffic in either the transmit or receive

direction on that interface, with one filter access list per interface, per direction.

There is a maximum of 16 rules per list. Each rule in the access list allows the user

to filter a single ethertype or range of ethertypes.

MAC frames can be filtered based on the:

SNAP Ethernet field in the 802.2 and 802.3 header.

Protocol type field in the DIX Ethernet header.

For ethertype filters, the rules are applied in the order in which they were

configured.