SpeedTouch™620 Wireless Business DSL Routers Inte rnet ISDN DSL N -in W LA Plug er Pow Ethe rnet Operator’s Guide
SpeedTouch™ 620 Operator’s Guide
Copyright Copyright ©1999-2006 THOMSON. All rights reserved. Distribution and copying of this document, use and communication of its contents is not permitted without written authorization from THOMSON. The content of this document is furnished for informational use only, may be subject to change without notice, and should not be construed as a commitment by THOMSON. THOMSON assumes no responsibility or liability for any errors or inaccuracies that may appear in this document.
Contents Contents E-DOC-CTC-20051017-0155 v1.0 1 Introduction ................................................................... 3 2 SpeedTouch™ Command Line Interface .................... 5 2.1 About the CLI Interface.................................................................. 5 2.2 CLI Access via Telnet or Serial Console......................................... 6 2.3 Basic Navigation ............................................................................ 7 2.
Contents ii 4.4 SpeedTouch™ Service Templates ................................................ 40 4.5 SpeedTouch™ System Languages Management .......................... 41 5 SpeedTouch™ Software Modules............................. 45 5.1 Software Activation Key Management ........................................ 46 6 SpeedTouch™ System Services................................ 49 6.1 SpeedTouch™ Dynamic DNS ....................................................... 50 6.
Contents E-DOC-CTC-20051017-0155 v1.0 8 SpeedTouch™ Remote Access .................................. 79 8.1 Remote Web Interface Access ..................................................... 81 8.2 Secure Remote Web Interface Access ......................................... 84 8.3 Remote Telnet Access.................................................................. 88 8.4 Remote SSH Access ..................................................................... 91 8.5 Remote FTP Access............
Contents iv 10 SpeedTouch™ Monitoring ...................................... 133 10.1 An Introduction to SNMP........................................................... 134 10.1.1 Basic Concepts ............................................................................................................. 135 10.1.2 MIBs Explained. ........................................................................................................... 136 10.2 SNMP configuration..................................
Contents 11.3 Command Line Interface Diagnostics ........................................ 179 11.3.1 About CLI Diagnostics ................................................................................................. 180 11.3.2 Lower Layer Diagnostics ............................................................................................. 181 11.3.3 Router Services Diagnostics ....................................................................................... 184 11.3.
Contents vi E-DOC-CTC-20051017-0155 v1.
About this Operator’s Guide About this Operator’s Guide Used Symbols A note provides additional information about a topic. A tip provides an alternative method or shortcut to perform an action. ! Terminology Typographical Conventions A caution warns you about potential problems or specific precautions that need to be taken. Generally, the SpeedTouch™620 will be referred to as SpeedTouch™ in this Operator’s Guide.
About this Operator’s Guide 2 E-DOC-CTC-20051017-0155 v1.
Chapter 1 Introduction 1 Introduction Overview Being a key component of your business network, a good operation of the SpeedTouch™ is essential to gain maximum performance of your DSL connectivity. Continuous management and diagnosis of the SpeedTouch™ should be performed to ensure a faultless operation of the SpeedTouch™, 24hours a day, 7 days a week. As such the SpeedTouch™ can be perfectly embedded in high quality networks.
Chapter 1 Introduction 4 E-DOC-CTC-20051017-0155 v1.
Chapter 2 SpeedTouch™ Command Line Interface 2 SpeedTouch™ Command Line Interface 2.1 About the CLI Interface CLI access CLI web page access requirements CLI Telnet access requirements You can access the Command Line Interface via: The SpeedTouch™ CLI Web Interface A Telnet session The serial Console interface. To access the CLI via the SpeedTouch™ Web Interface, you need: A TCP/IP connection between the computer and the SpeedTouch™. A web browser on your computer.
Chapter 2 SpeedTouch™ Command Line Interface 2.2 CLI Access via Telnet or Serial Console Access via a Telnet session or serial console As soon a session to the CLI is opened, a banner pops up, followed by the CLI prompt: ----------------------------------------------------------------------______ SpeedTouch 620 ___/_____/\ / /\ 5.4.0.
Chapter 2 SpeedTouch™ Command Line Interface 2.3 Basic Navigation Command group navigation From the top level, you can change to a command group by executing the name of the desired command group (for example type the name of the command group and press ENTER). To obtain a list of all available command groups, use the help command from the top level: =>:help Following commands are available : help menu ? exit ..
Chapter 2 SpeedTouch™ Command Line Interface Help You can use help or ? from any level to list all available commands and command groups for that level. Below an example is provided of executing help from the firewall command group selection: =>:firewall help Following commands are available : config list flush : Display/Modify firewall configuration. : Display firewall configuration. : Flush firewall configuration.
Chapter 2 SpeedTouch™ Command Line Interface History of Commands The CLI allows you to re-use commands you have used before during a CLI session. To scroll through the previously used CLI commands use UP ARROW and DOWN ARROW. To execute a re-used command, press ENTER. E-DOC-CTC-20051017-0155 v1.
Chapter 2 SpeedTouch™ Command Line Interface 2.4 Command Line Interface Commands Executing Commands from the Top Level All CLI commands are commands that operate on, or configure, the SpeedTouch™ settings. You can use these commands from top level, preceded by the name of the command group from which the command should be executed (for example firewall list).
Chapter 2 SpeedTouch™ Command Line Interface Executing Commands from the Command Group You can also enter the commands from the command group itself, using the reduced form of the command (for example list at the firewall command group selection): =>firewall [firewall]=>list Config ====== State Keep TcpChecks TcpWindow UdpChecks IcmpChecks LogDefault LogThreshold : : : : : : : : disabled disabled none 65536 disabled disabled disabled enabled Modules ======= Module State Text Hooks ---------------------
Chapter 2 SpeedTouch™ Command Line Interface Saving the configuration After configuring the SpeedTouch™ via the CLI, it is advised to save your configuration. You can save the complete SpeedTouch™ configuration to persistent memory by executing the saveall command. The saveall command can be entered from any CLI prompt. 12 E-DOC-CTC-20051017-0155 v1.
Chapter 2 SpeedTouch™ Command Line Interface 2.5 Menu-driven CLI Navigation Introduction Entering the CLI menu To improve the user-friendliness of the SpeedTouch™ CLI, the CLI features a menudriven interface. To enter the menu-driven interface, simply enter the command menu from the CLI prompt: The semi-graphical CLI offers you an attractive and easy-to-use configuration environment for the CLI. You can browse through the CLI command groups via the arrow keys. Pressing ENTER executes your selection, i.
Chapter 2 SpeedTouch™ Command Line Interface 14 E-DOC-CTC-20051017-0155 v1.
Chapter 3 SpeedTouch™ System Software 3 SpeedTouch™ System Software 3.1 About the System Software Upgrade system software System software packages and security For new system software packages, you can visit the SpeedTouch™ support pages at: http://www.speedtouch.com All SpeedTouch™ system software packages are: Digitally signed and encrypted: Packages that may have become corrupted, or have been altered in any way, will not be accepted by the SpeedTouch™. Specific per product.
Chapter 3 SpeedTouch™ System Software 3.2 System Software Management via FTP FTP access For more information on the SpeedTouch™ file system and how to access it via FTP, see “7 The SpeedTouch™ File System” on page 75. SpeedTouch™ system software locations The SpeedTouch™ file system consists of two subdirectories: ‘/active’ and ‘/ dl’. In the ‘/active’ subdirectory the currently running system software (the active software version) is stored.
Chapter 3 SpeedTouch™ System Software 3.2.1 Backup System Software via FTP Introduction Backup procedure For backup reasons, you can transfer system software files from both SpeedTouch™’s ‘/active’ and ‘/dl’ subdirectories to your local disk. To transfer system software files from the SpeedTouch™ to your local disk as backup, proceed as follows: Step Action 1 Open an FTP session to the SpeedTouch™.
Chapter 3 SpeedTouch™ System Software Step 4 Action To identify the system software file name, use the quote site software version command: ftp> quote site software version 200- Flash image : 5.4.0.10.0 200- Active SW : ZZUIAA5.40A (5.4.0.a.0) 200- Passive SW : ZZUIAA5.40A (5.4.0.a.0) 200200 CLI command "software version" executed You can also check for the system software file by making a listing of the subdirectory’s contents: ftp> dir 200 Connected to 192.168.1.
Chapter 3 SpeedTouch™ System Software 3.2.2 Upgrade or Restore System Software via FTP Upgrade/Restore procedure E-DOC-CTC-20051017-0155 v1.
Chapter 3 SpeedTouch™ System Software Transfer system software to the SpeedTouch™ To transfer a system software file stored on your local disk to the SpeedTouch™, proceed as follows: Step Action 1 Open an FTP session to the SpeedTouch™. At the user name prompt, enter a user name. At the password prompt, if applicable, enter the SpeedTouch™ system password (see “The SpeedTouch™ Multi Level Password Configuration Guide”): C:\>ftp Connected to .
Chapter 3 SpeedTouch™ System Software Step Action 6 Put the upgrade system software to the SpeedTouch™ ‘/dl’ subdirectory: ftp> put ZZUIAA5.411 200 Connected to 192.168.1.254 port 3638 150 Opening data connection for ZZUIAA5.411 226-Filesystem data garbage collection in progress. This may take a while ... 226 File written successfully ftp: 2314257 bytes sent in 5.05Seconds 464.90Kbytes/sec. As a result the system software file is stored on the ‘/dl’ subdirectory of the SpeedTouch™.
Chapter 3 SpeedTouch™ System Software Mark system software file as Passive Software Version You must identify the system software you transferred to the SpeedTouch™ ‘/dl’ subdirectory as passive software version to allow the SpeedTouch™ to mark the file as system software.
Chapter 3 SpeedTouch™ System Software 3.2.3 Manual System Software Management via BOOTP/TFTP server System software management The SpeedTouch™ system software can also be updated based on BOOTP, a standard mechanism used for booting diskless stations. The SpeedTouch™ Upgrade Wizard is based on a BOOTP/TFTP server. For more information on how to upgrade the SpeedTouch™ using its Upgrade wizard, please see the User’s Guide.
Chapter 3 SpeedTouch™ System Software Procedure To upgrade/restore the SpeedTouch™ system software: Step Action 1 Make sure that your SpeedTouch™ is powered off and that a BOOTP/ TFTP server is readily installed on the computer from which you intend to perform the system software upgrade 2 Configure the BOOTP/TFTP server to use the SpeedTouch™ system software image file in its reply to BOOTP requests from the SpeedTouch™ you want to upgrade.
Chapter 4 SpeedTouch™ Configuration Management 4 SpeedTouch™ Configuration Management Saving the configuration Whenever the configuration of the SpeedTouch™ has been altered in any way, with the intention to keep this configuration, you should save it. Whenever you alter the configuration of the SpeedTouch™ via the basic Web Interface, all changes are saved automatically.
Chapter 4 SpeedTouch™ Configuration Management 4.1 Configuration Management via the SpeedTouch™ Web Interface Basic and expert mode Backing up configurations via the basic Web Interface 26 The SpeedTouch™ features two ways of managing its configuration via the Web Interface: Via the basic Web Interface Via the expert Web Interface Proceed as follows: Step Action 1 Open a web browser and go to the SpeedTouch™ Web Interface. 2 Go to Home > SpeedTouch > Configuration.
Chapter 4 SpeedTouch™ Configuration Management Restoring configurations via the basic Web Interface E-DOC-CTC-20051017-0155 v1.0 Proceed as follows: Step Action 1 Open a web browser and go to the SpeedTouch™ Web Interface. 2 Go to Home > SpeedTouch > Configuration. 3 Click Save or Restore Configuration: 4 Click on Browse and choose the configuration file, residing on your local disk, you want to restore on your SpeedTouch™.
Chapter 4 SpeedTouch™ Configuration Management Backing up saved configurations via the expert Web Interface Proceed as follows: Step Action 1 Open a web browser and go to the SpeedTouch™ Web Interface. 2 Go to expert mode. 3 Click Save All to save the current configuration. 4 Open the Update page via Home > SpeedTouch > System Update: 5 Click the Configuration Files tab and select the file you want to back up: 6 Click Backup. 7 Select a location on your local disk to store the user.
Chapter 4 SpeedTouch™ Configuration Management Restoring a configuration via the expert pages Proceed as follows: Step Action 1 Open a web browser and go to the SpeedTouch™ Web Interface. 2 Go to expert mode. 3 Open the Upgrade page via Home > SpeedTouch > System Update: 4 Click Browse to locate the configuration file on your local disk you intend to restore. Select the file and click OK. 5 Click Upload to transfer the configuration file to the SpeedTouch™.
Chapter 4 SpeedTouch™ Configuration Management 4.2 Configuration Management via Telnet FTP access SpeedTouch™ configuration files For more information on the file system of the SpeedTouch™ and how to access it via FTP, see “7 The SpeedTouch™ File System” on page 75. The SpeedTouch™’s last saved configuration is stored in the SpeedTouch™ ‘/dl’ subdirectory of the SpeedTouch™ file system. There may be a user.ini file present in the system’s ‘/active’ subdirectory. However, this user.
Chapter 4 SpeedTouch™ Configuration Management 4.3 The :Config CLI Command Group Introduction The config CLI command group allows the management of SpeedTouch™ configurations. Following CLI commands are available in the config CLI command group: =>:help config Following commands are available : save load delete flush list dump : : : : : : Store current configuration to backup file Load saved or default configuration. Delete a user configuration file. Flush the loaded configuration.
Chapter 4 SpeedTouch™ Configuration Management Applying a configuration stored on the SpeedTouch™ To activate a configuration file, stored on the SpeedTouch™ ‘/dl’ subdirectory, the CLI command :config load is used. Following CLI commands are available in the config load CLI command group: =>:help config load Load saved or default configuration.
Chapter 4 SpeedTouch™ Configuration Management 4.3.1 Back up Configurations via FTP Introduction For backup reasons, you can transfer configuration files from both the SpeedTouch™ ‘/active’ and ‘/dl’ subdirectories to your local disk. Remind that a user.ini file in the system’s ‘/active’ subdirectory may contain an old saved configuration created before your latest software switch over. Backup procedure To backup the current SpeedTouch™ configuration to your local disk as backup user.
Chapter 4 SpeedTouch™ Configuration Management Step Action 6 Optionally, you can make a listing of the subdirectory’s contents: ftp> dir 200 Connected to 192.168.1.254 150 Opening data connection for /bin/ls -rwxrwxrwx 1 0 0 20 Jun 29 1971 start.cmd -rwxrwxrwx 1 0 0 2952448 Jun 29 1971 ZZUIAA5.314 -r--r--r-1 0 0 9 Jun 29 1971 seed.dat -r--r--r-1 0 0 729 Jun 29 1971 sslcert.pem -r--r--r-1 0 0 908 Jun 29 1971 sslkey.pem -r--r--r-1 0 0 692 Jun 29 1971 sshdsa.pem -rwxrwxrwx 1 0 0 66920 Jun 29 1971 user.
Chapter 4 SpeedTouch™ Configuration Management 4.3.2 Store Configurations via FTP Introduction Via the procedure described below you can: Restore a configuration file you previously backed up via the procedure described in “4.3.1 Back up Configurations via FTP” on page 33. Apply a new configuration to the SpeedTouch™ by storing a new or changed configuration file. Store multiple SpeedTouch™ configuration and template files on the file system for immediate use.
Chapter 4 SpeedTouch™ Configuration Management Transfer the configuration file to the SpeedTouch™ To transfer a SpeedTouch™ configuration file stored on your local disk to the SpeedTouch™, proceed as follows: Step Action 1 Open an FTP session to the SpeedTouch™. At the user name prompt, enter a user name and at the password prompt, the password (refer to “The SpeedTouch™ Multi Level Access Policy Configuration Guide” for more information).
Chapter 4 SpeedTouch™ Configuration Management Step 8 Action Put the configuration file to the SpeedTouch™ ‘/dl’ subdirectory: ftp> put config.ini 200 Connected to 192.168.1.254 port 1657 150 Opening data connection for config.ini ## 226 File written successfully ftp: 4472 bytes sent in 0.02Seconds 223.60Kbytes/sec. ftp> 9 You can check whether the configuration file was stored successfully by making a listing of the subdirectory’s contents: ftp> dir 200 Connected to 192.168.1.
Chapter 4 SpeedTouch™ Configuration Management Applying a configuration stored on the SpeedTouch™ To activate a configuration file, stored on the SpeedTouch™ ‘/dl’ subdirectory, the CLI command :config load is used. Below the syntax of the config load CLI command is provided: =>help config load Load saved or default configuration.
Chapter 4 SpeedTouch™ Configuration Management In case the file name of the configuration file is different from user.ini, you should specify the file name. This allows you to store multiple configuration files on the SpeedTouch™ file system, and load them when needed: ftp> dir 200 Connected to 192.168.1.254 port 2187 150 Opening data connection for /bin/ls -rwxrwxrwx 1 0 0 20 Jun 29 1971 start.cmd -rwxrwxrwx 1 0 0 2952448 Jun 29 1971 ZZUIAA5.314 -r--r--r-1 0 0 9 Jun 29 1971 seed.
Chapter 4 SpeedTouch™ Configuration Management 4.4 SpeedTouch™ Service Templates Introduction Template files are ASCII text files consisting of a set of SpeedTouch™ (embedded) Easy Setup wizard specific commands and CLI commands. Used by the SpeedTouch™ (embedded) Easy Setup wizard, template files allow users to complete the configuration of the device in a convenient and comprehensive way, without the need of manual configuration via CLI or the Web Interface.
Chapter 4 SpeedTouch™ Configuration Management 4.5 SpeedTouch™ System Languages Management Introduction Uploading a new system language E-DOC-CTC-20051017-0155 v1.0 The following three actions are possible regarding the system languages. Upload a new system language file, which can be found on the SpeedTouch™ Setup CD, to the SpeedTouch™. Switch between system languages via the system language bar. Delete a system language via the SpeedTouch™ Web Interface.
Chapter 4 SpeedTouch™ Configuration Management Switch between system languages To switch between system languages, select the desired system language in the system language bar. The system language bar can be found on the top right side of the SpeedTouch™ Web Interface: By default, the SpeedTouch™ is shipped with only one language. The system language bar will only be shown in case more than one valid system language is stored on the SpeedTouch™.
Chapter 4 SpeedTouch™ Configuration Management Delete a system language E-DOC-CTC-20051017-0155 v1.0 Proceed as follows: Step Action 1 Open a web browser and go to the SpeedTouch™ Web Interface. 2 Go to the Expert Mode. 3 Open the language page via Home > SpeedTouch > System Update. 4 Click on the Language Packs tab: 5 Select the entry at the desired system language and click Delete. 6 Select Saveall to save your changes.
Chapter 4 SpeedTouch™ Configuration Management 44 E-DOC-CTC-20051017-0155 v1.
Chapter 5 SpeedTouch™ Software Modules 5 SpeedTouch™ Software Modules SpeedTouch™ software module functionality The SpeedTouch™ comes by default with an extended set of features to provide end-to-end connectivity over the DSL line, IP Routing, RIP, Hyper-NAT, SNMP, Syslog, DHCP, DNS, Remote Assistance, Game & Application Sharing, UPnP, Web Site Filtering, IDS, DSD to name just a few. The SpeedTouch™ is able to support additional functionality on top of its basic feature set.
Chapter 5 SpeedTouch™ Software Modules 5.1 Software Activation Key Management The SpeedTouch™ Software Modules web page Via the SpeedTouch™ web interface you can easily overview the SpeedTouch™ available software activation keys and their current status: The Software Module Status Display shows the available software modules that can be activated via a software activation key.
Chapter 5 SpeedTouch™ Software Modules Software activation key management via the CLI You can overview the software modules and their status and link information via the SpeedTouch™ Command Line Interface (CLI). See “2 SpeedTouch™ Command Line Interface” on page 5 for more information on how to access the Command Line Interface.
Chapter 5 SpeedTouch™ Software Modules How to Install a Software Key After applying for a software key, your ISP should provide you with a software key user name and password. Proceed as follows to install and activate the software key via the GUI: Step Action 1 Go to the software modules page. Refer to How to Access the Software Modules Page. 2 Click on the software module you want to activate. You are taken to the software key request page.
Chapter 6 SpeedTouch™ System Services 6 SpeedTouch™ System Services Overview E-DOC-CTC-20051017-0155 v1.0 This chapter covers the following services: Service See Dynamic DNS 6.1 Simple Network Time Protocol (SNTP) 6.2 Website Filtering 6.3 Intrusion Detection 6.4 Remote Assistance 6.
Chapter 6 SpeedTouch™ System Services 6.1 SpeedTouch™ Dynamic DNS Introduction Dynamic DNS is a mechanism, offered by several dynamic DNS service providers (available through the Internet) that allows the mapping of a worldwide resolvable static DNS host name to a dynamically (and temporarily) assigned public IP address used for Internet connectivity.
Chapter 6 SpeedTouch™ System Services The SpeedTouch™ CLI dyndns commands The SpeedTouch™ allows configuration of its dynamic DNS client functionality via the :dyndns CLI command group: =>:dyndns help Following commands are available : add modify delete flush list : : : : : Add a Dynamic DNS client. Modify a Dynamic DNS client. Delete a Dynamic DNS client. Delete all Dynamic DNS clients. List all Dynamic DNS clients.
Chapter 6 SpeedTouch™ System Services Example dynamic DNS subscription For this example, following dynamic DNS subscription is assumed at DynDNS (www.dyndns.org): value user name JohnDoe@MyISP.com password john Dynamic DNS host johndoe.dyndns.org Allow wildcards yes Depending on your dynamic DNS subscription some other, more advanced options may be required or available, e.g. multiple host names, the Mail Exchanger (MX) host name, update interval, etc.
Chapter 6 SpeedTouch™ System Services Modifying the dynamic DNS client Now the dynamic DNS client must be configured according your dynamic DNS subscription. According the Example dynamic DNS subscription information, following configuration must be done: =>:dyndns modify name = MyDynDNS [intf] = PPPoE_1 [user] = JohnDoe@MyISP.com [password] = **** First time typing the password Please retype password for verification.
Chapter 6 SpeedTouch™ System Services Refining the dynamic DNS service settings If needed or required by the dynamic DNS service provider, you can change some details of the dynamic DNS service. The Example dynamic DNS subscription at DynDNS requires no changes in the service settings, as the pre-configured settings should be adequate.
Chapter 6 SpeedTouch™ System Services Enabling the Dynamic DNS Service In a final step you must enable the dynamic DNS client: =>:dyndns modify name=MyDynDNS status=enabled Checking dynamic DNS client Resolving You can easily check whether the dynamic DNS client is successfully updating the SpeedTouch™ public IP address towards the dynamic DNS service provider’s hostserver: =>:dyndns list MyDynDNS : PPPoE_1 [CONNECTED] options = dyndns wildcard user = JohnDoe@MyISP.com password = ******** addr = 141.11.
Chapter 6 SpeedTouch™ System Services 6.2 The SpeedTouch™ SNTP Client Introduction The SpeedTouch™ Simple Network Time Protocol (SNTP) client allows you to configure the SpeedTouch™ internal real-time clock (RTC), used for time-critical operations, for example for online certificates enrolment (IPSec VPN client). This section shortly describes the configuration and use of the SpeedTouch™ SNTP client.
Chapter 6 SpeedTouch™ System Services The Manual tab Select Manual to: Set a date manually. (format dd/mm/yyyy) Set a time manually. (format HH:mm:ss) Select a geographical timezone. (from GMT-12:00 to GMT+12:00) Enable or disable summertime. ! E-DOC-CTC-20051017-0155 v1.
Chapter 6 SpeedTouch™ System Services The SNTP tab To enable the SpeedTouch™ SNTP client, select the SNTP TAB: As long no NTP servers are configured, time will not be controlled by SNTP. Proceed as follows to add an NTP server: Step Action 1 Click New. 2 Enter the IP address or DNS hostname of an NTP server. 3 Specify the NTP version of the server. 4 Click Apply.
Chapter 6 SpeedTouch™ System Services Setting the time via CLI The :system rtc settime CLI command allows you to overview the current real-time clock settings and to configure them: =>:system rtc settime date = 04/07/2003 time = 10:34:55 timezone = +01:00 daylightsaving = off => You can also use this CLI command to manually set the SpeedTouch™ internal realtime clock: =>:help system rtc settime Set/Get date, time, timezone, daylight savings time Syntax : settime [date =
- ] [time = ]
Chapter 6 SpeedTouch™ System Services 6.3 Website Filtering About Website Filtering Address Based Filtering The website filtering feature offers you the possibility to control Internet Access by filtering blocking access to certain websites. The SpeedTouch™ has two methods of controlling access to the Internet: Method Description Address Based Filtering Allow or block access to specific sites based on their address. Content Based Filtering Allow or block access to websites based on their content.
Chapter 6 SpeedTouch™ System Services Content Based Filtering With content based filtering, you can block or allow access to web sites based on their content. To do this, you can apply a content level as filter. You can use (an, if necessary, customize) one of the predefined content levels or create your own. The following is an example of (part of) a content level: Note that “x” marks forbidden content while “v” marks allowed content. Overview E-DOC-CTC-20051017-0155 v1.
Chapter 6 SpeedTouch™ System Services 6.3.1 The Website Filtering Configuration Pages Page Overview 62 The website filtering section of the SpeedTouch™ web interface offers three pages: Page Description Overview Allows you to view the filtering configuration Configure Allows you to configure website filtering Help Provides online help on Website filtering E-DOC-CTC-20051017-0155 v1.
Chapter 6 SpeedTouch™ System Services 6.3.2 How to Verify the Filtering Configuration Procedure Proceed as follows to verify the website filtering configuration: Step Action 1 Go to the SpeedTouch™ configuration home page 2 In the Toolbox section, click Web Site filtering. Result: you are taken to the website filtering overview page: E-DOC-CTC-20051017-0155 v1.
Chapter 6 SpeedTouch™ System Services The Website Filtering Web page This page has two sections: Section Description Filtering Information This section provides information on the active filtering configuration: Address based filtering information: a list of all specified websites and the actions to be taken. Content based filtering information: license information and information about the active content level. Note: to view more detailed information on the content level, click Details...
Chapter 6 SpeedTouch™ System Services 6.3.3 How to Activate a Web Filtering License Prerequisite Procedure Before you can activate the web site filtering license, you need a valid license key. Proceed as follows to activate a web filtering license: Step Action 1 Go to the SpeedTouch™ configuration home page 2 In the Toolbox section, click Web Site filtering. Result: you are taken to the website filtering overview page 3 In the Pick a task... section, click Activate Web filtering license.
Chapter 6 SpeedTouch™ System Services 6.3.4 Configuring the Actions for Uncategorised Sites Filter Priority Actions for Uncategorised Sites Procedure 66 The address based filter, if activated, has the highest priority. For web sites that are not specified in the address based filter, the system uses the Content based filter (if activated). If neither filter is activated, no filtering is applied. Uncategorised sites are sites that are not targeted by any of the active filters.
Chapter 6 SpeedTouch™ System Services 6.3.5 How to Create an Address Based Filter How to Create a New Entry How to Modify an Entry How to Delete an Entry E-DOC-CTC-20051017-0155 v1.0 Proceed as follows: Step Action 1 Go to the SpeedTouch™ configuration home page 2 In the Toolbox section, click Web Site filtering. 3 In the top right corner, click Configure. 4 Go to the first bullet in the list (Address Based Filtering).
Chapter 6 SpeedTouch™ System Services 6.3.6 How to Create a Content Based Filter About Content Levels Content levels determine which web sites will be targeted by the filter, based on their content. There are 5 pre-defined content levels: Procedure 68 Level Description All Allow all categorized web sites. Legal Allow all except illegal, extreme, spam and spyware websites. Teenagers Block illegal, adult, extreme, online ordering & gambling and spyware websites.
Chapter 6 SpeedTouch™ System Services 6.3.7 How to Create a Content Level How to get a Detailed View How to Edit a Content Level E-DOC-CTC-20051017-0155 v1.0 Proceeds as follows to get a detailed view of an content level: Step Action 1 Go to the Web site filtering Overview page. Result: The Web interface shows a description of the content level as well as full details on which type of content is allowed and which is not. 2 Click on Details...
Chapter 6 SpeedTouch™ System Services How to Create a New Content Level Proceed as follows to create a new content level: Step Action 1 Go to the Web site filtering Configure page 2 In the Pick a Task... list, select Create a new content level. 3 Fill in a name and a description and click Next 4 If you want to: Start from a copy of an existing level, select Clone an Existing Level.
Chapter 6 SpeedTouch™ System Services 6.4 Intrusion Detection and Protection About Intrusion Detection How to View the Intrusion Detection statistics Possible Tasks The SpeedTouch™ actively protects your system against malicious intrusion. You can view statistics on the intrusion attempts the SpeedTouch™ has detected.
Chapter 6 SpeedTouch™ System Services 6.5 Remote Assistance About Remote Assistance How to Set Up Remote Assistance Remote Assistance allows you to log on to the SpeedTouch™ from a remote location and perform tasks.
Chapter 6 SpeedTouch™ System Services Connection Type E-DOC-CTC-20051017-0155 v1.0 On most variants, the connection will be HTTPS (secure HTTP).
Chapter 6 SpeedTouch™ System Services 74 E-DOC-CTC-20051017-0155 v1.
Chapter 7 The SpeedTouch™ File System 7 The SpeedTouch™ File System Introduction The SpeedTouch™ file system exists of nonvolatile memory responsible for storing, retrieving and maintaining the system software files, configuration profile files, language-pack files, software activation keys, secure storage files, etc. The file system of the SpeedTouch™ is accessible via the well known File Transfer Protocol (FTP). This allows to backup and restore files present on the SpeedTouch™ file system.
Chapter 7 The SpeedTouch™ File System Access rights to the file system Following access/action rights apply to the directories and its contents: Preparing for FTP file transfers 'root' Directory Access is allowed No Read access No Write access '/active' Subdirectory Access is allowed Listing of files (dir) FTP (m)get of (multiple) files '/dl' Subdirectory Access is allowed Listing of files (dir) FTP (m)get of (multiple) files FTP (m)put of (multiple) fi
Chapter 7 The SpeedTouch™ File System Files stored on the file system The following is an example output of the SpeedTouch™ ‘/dl’ and ‘/active’ subdirectory content: C:\Documents and Settings\john_doe>ftp 192.168.1.254 Connected to 192.168.1.254. 220 Inactivity timer = 120 seconds. Use 'site idle ' to change. User (192.168.1.254:(none)):Administrator 331 SpeedTouch (00-0E-50-0F-FE-2A) Password required. Password: 230 OK ftp>cd dl 250 Changed to /dl ftp>dir 200 Connected to 192.168.1.
Chapter 7 The SpeedTouch™ File System File types 78 Following file types can be found: System software files (e.g. ZZUIAA5.321) The SpeedTouch™ system software file. The one in the ‘/active’ directory is currently used by the SpeedTouch™; the one in the ‘/dl’ directory is dormant. Software activation keys(e.g. VPN256-32.swk) Software key files allowing the SpeedTouch™ to enable the corresponding software module at startup.
Chapter 8 SpeedTouch™ Remote Access 8 SpeedTouch™ Remote Access The SpeedTouch™ access methods The SpeedTouch™ offers various access methods to allow configuration and monitoring of the device. SpeedTouch™ HTTP SpeedTouch™ HTTPs access SpeedTouch™ Telnet access SpeedTouch™ FTP access SpeedTouch™ SSH access However, for obvious security reasons, in the default configuration all these methods are denied from the WAN side.
Chapter 8 SpeedTouch™ Remote Access Interface access list The interface access list of a service contains the interface groups from where a user is allowed access to that specific service. The interface access list can contain 1 or more of the following groups: IPSec Protection 80 lan: the local or corporate network local: the serial console cable wan: the Internet It is possible to use IPSec to protect remote management. You can either use IPSec tunnel mode or IPSec transport mode.
Chapter 8 SpeedTouch™ Remote Access 8.1 Remote Web Interface Access Introduction Default HTTP service configuration The SpeedTouch™ web interface is provided by the SpeedTouch™ HTTP web server. Access to this server and hence the web interface is controlled by the HTTP service. By default, the HTTP service is configured to let the web server accept http requests from LAN side only. In addition the SpeedTouch™ provides HTTPs access.
Chapter 8 SpeedTouch™ Remote Access Refinement of the Service If needed, the service can be fine-tuned to restrict the allowed traffic to: A single IP address A subnet A range of IP addresses Use the following CLI command to restrict the allowed traffic to 1 IP address. =>:service system ipadd name=HTTP ip=192.6.11.5 => Use the following CLI command to restrict the allowed traffic to a subnet. =>:service system ipadd name=HTTP ip=192.6.11.
Chapter 8 SpeedTouch™ Remote Access Hyper-NAT Refinements The SpeedTouch™ features a powerful Hyper-NAT engine allowing the local hosts to share a single (remotely negotiated) public IP address. In case Hyper-NAT is enabled on the WAN interface that will be used for remote management, and a static mapping has been made to allow remote hosts to address regular HTTP services on a host residing on your local network, you must make sure that accessing the SpeedTouch™ Web Interface is still possible.
Chapter 8 SpeedTouch™ Remote Access 8.2 Secure Remote Web Interface Access HTTPs service Introduction The remote management certificate The SpeedTouch™ supports secure HTTP or HTTPS. The Transport Layer Security (prior SSL implemented by Netscape) provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.
Chapter 8 SpeedTouch™ Remote Access Configuration via CLI commands To have HTTPs access via WAN, additional configuration of the HTTPs service is needed.
Chapter 8 SpeedTouch™ Remote Access Refinement of the Service If needed, the service can be fine-tuned to restrict the allowed traffic to: A single IP address A subnet A range of IP addresses Use the following CLI command to restrict the allowed traffic to 1 IP address. =>:service system ipadd name=HTTPs ip=192.6.11.5 => Use the following CLI command to restrict the allowed traffic to a subnet. =>:service system ipadd name=HTTPs ip=192.6.11.
Chapter 8 SpeedTouch™ Remote Access Hyper-NAT Refinements The SpeedTouch™ features a powerful Hyper-NAT engine allowing the local hosts to share a single (remotely negotiated) public IP address. In case Hyper-NAT is enabled on the WAN interface that will be used for remote management, and a static mapping has been made to allow remote hosts to address regular HTTPs services on a host residing on your local network, you must make sure that accessing the SpeedTouch™ Web Interface is still possible.
Chapter 8 SpeedTouch™ Remote Access 8.3 Remote Telnet Access About Secure Remote Telnet Access and SSH The SpeedTouch™ Telnet host is provided by the SpeedTouch™ Telnet server. Access to this server and hence the Telnet interface is controlled by the Telnet service. By default, the Telnet service is configured to let the Telnet server accept telnet sessions from LAN side only. In addition the SpeedTouch™ provides SSH remote access.
Chapter 8 SpeedTouch™ Remote Access Refinement of the Service If needed, the service can be fine-tuned to restrict the allowed traffic to: A single IP address A subnet A range of IP addresses Use the following CLI command to restrict the allowed traffic to 1 IP address. =>:service system ipadd name=TELNET ip=192.6.11.5 => Use the following CLI command to restrict the allowed traffic to a subnet. =>:service system ipadd name=TELNET ip=192.6.11.
Chapter 8 SpeedTouch™ Remote Access Hyper-NAT Refinements The SpeedTouch™ features a powerful Hyper-NAT engine allowing the local hosts to share a single (remotely negotiated) public IP address. In case Hyper-NAT is enabled on the WAN interface that will be used for remote management, and a static mapping has been made to allow remote hosts to open a Telnet session to a host residing on your local network, you must make sure that Telnet access to the SpeedTouch™ CLI is still possible.
Chapter 8 SpeedTouch™ Remote Access 8.4 Remote SSH Access SSH service Introduction SSH authentication SSH (Secure Shell) is to be used to establish privacy between 2 network devices. It provides a secured layer on top of TCP/IP. The implementation of SSH in the SpeedTouch™ is mainly targeted to allow privacy for CLI sessions when remotely managing the SpeedTouch™ from a WAN interface.
Chapter 8 SpeedTouch™ Remote Access Public Keys The SpeedTouch™ supports management of SSH public keys. To each public key installed on the SpeedTouch™, a role is assigned. This role defines the privileges, a user accessing the SpeedTouch™, can have.
Chapter 8 SpeedTouch™ Remote Access Default SSH service configuration Use the following CLI command to see the default SSH service configuration. =>:service system list name=SSH expand=enabled Idx Name Protocol SrcPort DstPort Group ---------------------------------------------------------------------1 SSH tcp 22 Description................ SSH server Properties................. server Attributes................. state port aclip aclif aclifgroup map log User Managed Attributes....
Chapter 8 SpeedTouch™ Remote Access Configuration via CLI commands To have SSH access via WAN, additional configuration of the SSH service is needed.
Chapter 8 SpeedTouch™ Remote Access Refinement of the Service If needed, the service can be fine-tuned to restrict the allowed traffic to: A single IP address A subnet A range of IP addresses Use the following CLI command to restrict the allowed traffic to 1 IP address. =>:service system ipadd name=SSH ip=192.6.11.5 Use the following CLI command to restrict the allowed traffic to a subnet. =>:service system ipadd name=SSH ip=192.6.11.
Chapter 8 SpeedTouch™ Remote Access Hyper-NAT Refinements The SpeedTouch™ features a powerful Hyper-NAT engine allowing the local hosts to share a single (remotely negotiated) public IP address. In case Hyper-NAT is enabled on the WAN interface that will be used for remote management, and a static mapping has been made to allow remote hosts to address regular SSH services on a host residing on your local network, you must make sure that accessing the SpeedTouch™ Web Interface is still possible.
Chapter 8 SpeedTouch™ Remote Access 8.5 Remote FTP Access Introduction The SpeedTouch™ FTP interface is provided by the SpeedTouch™ FTP server. Access to this server and hence the FTP interface is controlled by the SpeedTouch™ FTP service. By default, the FTP service is configured to let the SpeedTouch™ FTP server accept FTP requests from LAN side only. In addition the SpeedTouch™ provides FTP over SSH.
Chapter 8 SpeedTouch™ Remote Access Refinement of the Service If needed, the service can be fine-tuned to restrict the allowed traffic to: A single IP address A subnet A range of IP addresses Use the following CLI command to restrict the allowed traffic to 1 IP address. =>:service system ipadd name=FTP ip=192.6.11.5 Use the following CLI command to restrict the allowed traffic to a subnet. =>:service system ipadd name=FTP ip=192.6.11.
Chapter 8 SpeedTouch™ Remote Access Hyper-NAT Refinements The SpeedTouch™ features a powerful Hyper-NAT engine allowing the local hosts to share a single (remotely negotiated) public IP address. In case Hyper-NAT is enabled on the WAN interface that will be used for remote management, and a static mapping has been made to allow remote hosts to address regular FTP services on a host residing on your local network, you must make sure that accessing the SpeedTouch™ FTP server is still possible.
Chapter 8 SpeedTouch™ Remote Access 8.6 Remote SFTP Access SFTP Introduction SSH authentication SSH is to be used to establish privacy between 2 network devices. It provides a secured layer on top of TCP/IP. SFTP allows privacy during file transfer sessions.
Chapter 8 SpeedTouch™ Remote Access Public Keys The SpeedTouch™ supports management of SSH public keys. To each public key installed on the SpeedTouch™, a role is assigned. This role defines the privileges, a user accessing the SpeedTouch™, can have.
Chapter 8 SpeedTouch™ Remote Access Default SSH service configuration Use the following CLI command to see the default SSH service configuration. =>:service system list name=SSH expand=enabled Idx Name Protocol SrcPort DstPort Group ---------------------------------------------------------------------1 SSH tcp 22 Description................ SSH server Properties................. server Attributes................. state port aclip aclif aclifgroup map log User Managed Attributes....
Chapter 8 SpeedTouch™ Remote Access Configuration via CLI commands To have SSH access via WAN, additional configuration of the SSH service is needed.
Chapter 8 SpeedTouch™ Remote Access Refinement of the Service If needed, the service can be fine-tuned to restrict the allowed traffic to: A single IP address A subnet A range of IP addresses Use the following CLI command to restrict the allowed traffic to 1 IP address. =>:service system ipadd name=SSH ip=192.6.11.5 Use the following CLI command to restrict the allowed traffic to a subnet. =>:service system ipadd name=SSH ip=192.6.11.
Chapter 8 SpeedTouch™ Remote Access Hyper-NAT Refinements The SpeedTouch™ features a powerful Hyper-NAT engine allowing the local hosts to share a single (remotely negotiated) public IP address. In case Hyper-NAT is enabled on the WAN interface that will be used for remote management, and a static mapping has been made to allow remote hosts to address regular SSH services on a host residing on your local network, you must make sure that accessing the SpeedTouch™ Web Interface is still possible.
Chapter 8 SpeedTouch™ Remote Access 8.7 LAN Based Auto-Configuration (LAC) Support (TR-064) About TR-064 The SpeedTouch™ supports the DSL Forum’s TR-064 Technical Report on LAN Based Auto-Configuration. This provides the possibility to automatically configure the SpeedTouch™ from a management application running on a PC on the customer premises LAN. For more information, refer to the DSL Forum’s Technical Report TR-064.
Chapter 8 SpeedTouch™ Remote Access How to Configure LAC: Parameter Descripion E-DOC-CTC-20051017-0155 v1.
Chapter 8 SpeedTouch™ Remote Access 8.8 CPE WAN Management Protocol (CWMP) Support (TR-069) About CWMP The SpeedTouch™ supports the DSL Forum’s TR-069 Technical Report on CWMP. This allows the SpeedTouch™ to be configured and monitored from a management application running on a remote Auto-Configuration Server (ACS). For more information, refer to the DSL Forum’s technical report TR-069 “CPE WAN Management Protocol”.
Chapter 8 SpeedTouch™ Remote Access How to View the Configuration From the main prompt, use the following command to view the CWMP Parameters: =>cwmp =>[cwmp]config This results in the following type of output on the screen, providing an overview of all parameters and their values: State Mode Max Envelopes Session Timeout No Ip Timeout Connection Request Port Periodic Inform Periodic Inform Interval Connection Request Connection Request UserName Connection Request PassWord Connection Request Path Connect
Chapter 8 SpeedTouch™ Remote Access How to Configure CWMP: Parameter Descripion 110 The CLI command uses the following parameters: Parameter Value Description state enabled or disabled Enable or disable the CWMP daemon mode read-only or full Set the operational mode of the CWMP daemon to readonly or full.
Chapter 8 SpeedTouch™ Remote Access How to Configure the CWMP Server: Syntax From the cwmp server prompt, use the following commands to configure the CWMP Server parameters: config [url = ] [username = ] [password = ] How to Configure the CWMP Server: Parameter Description E-DOC-CTC-20051017-0155 v1.0 The CLI command uses the following parameters: Parameter Value Description url text string URL used to contact the ACS server.
Chapter 8 SpeedTouch™ Remote Access 112 E-DOC-CTC-20051017-0155 v1.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9 The Integrated SpeedTouch™ ISDN Modem Overview E-DOC-CTC-20051017-0155 v1.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.1 About the ISDN Modem Introduction Scenarios Next to the DSL, Ethernet and Wireless interface, the SpeedTouch™ features an ISDN modem, to allow the end user Internet connectivity. The ISDN modem can be used as: A stand alone WAN interface to connect to the Internet or corporate network A fall back interface for the DSL interface. Dial-in WAN interface for remote access or dial-in networking.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem Scenario examples The following 2 scenarios are examples of using the ISDN modem as a responder: Dialling in to the SpeedTouch™ for remote management purposes: This scenario is a good alternative for when the DSL line is down or for when the SpeedTouch™ doesn’t have a fixed IP address. Take into account the following configuration factors: E-DOC-CTC-20051017-0155 v1.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.2 How to Configure the ISDN Modem General configuration procedure Proceed as follows to configure the ISDN modem: Step Action 1 Add a new ISDN interface with name ISP1: =>:isdn ifadd intf=ISP1 2 Configure the new ISDN interface with the dial-in number of the ISP: =>:isdn ifconfig intf=ISP1 number=090934100 mlppp=disabled mode=dialout The PPP Multilink protocol (mlppp) can be enabled or disabled.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.3 ISDN Backup ISDN Backup The SpeedTouch™ has an ISDN interface that can be used to create an ISDN backup for the ADSL line. The process is shown in the diagram below: ADSL INTERNET ISDN ISDN When the ADSL line fails, the SpeedTouch™ establishes a dial-in connection towards the ISDN network. A PPP connection is then established over this ISDN connection which takes over the traffic from the failed ADSL line.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.3.1 How to Configure the ISDN Dial-In Connection Via the Web Interface 118 Proceed as follows to configure the ISDN dial-in connection via the Web interface: Step Action 1 Go to Expert mode 2 Click Connections 3 Click Routed PPoI Result: on the page that appears, you see a predefined connection called ISDN backup. 4 Click the arrow to open the configuration pages for this connection.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem Step Action 8 Click Other. Result: the Other page appears: 9 Select the Mode (On-Demand or Always On) 10 Fill in the idle time limit. If the connection is On-Demand, and the connection is idle for this amount of time (i.e. no traffic), the connection shuts down. The other values are automatically retrieved when the PPP connection is established . You cannot enable Callback via the Web interface. For this, you must use CLI.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem CLI Parameters: 120 The table below provides a description of the relevant parameters: Parameter Value Description intf text string name of the ISDN interface number numeric Dial-in number for the ISDN line mlppp enabled or disabled Enable or disable multilink ppp.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.3.2 How to Configure the PPP Connection How to Configure the PPP Connection Via the Web Interface If you used the Web interface to configure the Dial-In connection, you do not need any additional configuration.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem CLI Parameters: 122 The table below provides a description of the relevant parameters.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem E-DOC-CTC-20051017-0155 v1.0 Parameter Value Description demanddial enabled or disabled Enable or disable dial-on-demand (DOD).
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.4 ISDN Callback ISDN Backup The SpeedTouch™ has an ISDN interface that can be used to create an ISDN backup for the ADSL line. The process is shown in the diagram below: ADSL INTERNET ISDN ISDN When the ADSL line fails, the SpeedTouch™ establishes a dial-in connection towards the ISDN network. A PPP connection is then established over this ISDN connection which takes over the traffic from the failed ADSL line.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.4.1 How to Configure the ISDN Dial-In Connection Via the Web Interface E-DOC-CTC-20051017-0155 v1.0 Proceed as follows to configure the ISDN dial-in connection via the Web interface: Step Action 1 Go to Expert mode 2 Click Connections 3 Click Routed PPoI Result: on the page that appears, you see a predefined connection called ISDN backup. 4 Click on the arrow to open the configuration pages for this connection.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem Step Action 8 Click Other. Result: the Other page appears: 9 Select the Mode (On-Demand or Always On) 10 Fill in the idle time limit. If the connection is On-Demand, and the connection is idle for this amount of time (i.e. no traffic), the connection shuts down. The other values are automatically retrieved when the PPP connection is established. You cannot enable Callback via the Web interface. For this, you must use CLI.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem CLI Parameters: E-DOC-CTC-20051017-0155 v1.0 The table below provides a description of the relevant parameters: Parameter Value Description intf text string name of the ISDN interface number numeric Dial-in number for the ISDN line mlppp enabled or disabled Enable or disable multilink ppp.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.4.2 How to Configure the PPP Connection How to Configure the PPP Connection Via the Web Interface If you used the Web interface to configure the Dial-In connection, you do not need any additional configuration.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem CLI Parameters: E-DOC-CTC-20051017-0155 v1.0 The table below provides a description of the relevant parameters.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 130 Parameter Value Description demanddial enabled or disabled Enable or disable dial-on-demand (DoD).
Chapter 9 The Integrated SpeedTouch™ ISDN Modem 9.5 ISDN Remote CAPI About Remote CAPI Using RemoteCAPI, the ISDN interface of the SpeedTouch™ can be used by PC applications that typically need an ISDN board integrated into the PC. The Remote CAPI function only works with PC applications using the Rcapi.dll driver e.g. RVS COM.
Chapter 9 The Integrated SpeedTouch™ ISDN Modem How to Configure the Remote CAPI Client The above installation procedure adds the Remote CAP20 Client application to your system. You can access it via the Control Panel. Proceed as follows to configure this client: How to Configure Remote CAPI via the Web interface Step Action 1 Use the Control Panel to start the Remote CAP20 Client application: 2 In the IP box, enter the IP address of the SpeedTouch™ (192.168.1.254).
Chapter 10 SpeedTouch™ Monitoring 10 Overview SpeedTouch™ Monitoring This chapter covers the following topics : Topic E-DOC-CTC-20051017-0155 v1.0 See Page 10.1 An Introduction to SNMP 134 10.2 SNMP configuration 139 10.3 The SpeedTouch™ Syslog 160 10.
Chapter 10 SpeedTouch™ Monitoring 10.1 An Introduction to SNMP Introduction The Simple Network Management Protocol (SNMP) is a widely spread method for managing networks. Based on a client/server concept, the SNMP server (the SNMP manager) gets or sets the values of objects defined in a Management Information Base (MIB) kept by the SNMP client (the SNMP agent). In addition the SNMP agent is also able to autonomously initiate an action by sending a trap to the SNMP manager.
Chapter 10 SpeedTouch™ Monitoring 10.1.1 Basic Concepts Management Information Base The Management Information Base, or MIB, is a tree-like structure containing SNMP objects, instances of these objects and their corresponding values. Parts of this tree have been standardized, other parts may be specific to a device. For the SpeedTouch™ a set of MIBs is provided on the Setup CD, some being identical to the standard MIBs, others specifically made for the SpeedTouch™ .
Chapter 10 SpeedTouch™ Monitoring 10.1.2 MIBs Explained. Introduction As mentioned in “ Management Information Base” on page 135 both the SpeedTouch™ SNMP agent and the SNMP manager rely on Management Information Base (MIB) files containing all relevant SNMP objects. In the following, all MIBs important for the SpeedTouch™ are described. Additionally some of the most important and/or interesting SNMP counters are shortly highlighted.
Chapter 10 SpeedTouch™ Monitoring Standard MIBs (Continued) MIBs About SNMP E-DOC-CTC-20051017-0155 v1.0 Continued from previous page. RFC1213 MIB II RFC 2790 Host Resources MIB This MIB shows hot resource information such as software builds, CPE date and time-of-day, the total and free amount of Flash Memory and RAM and processor load. RFC 2836 Interface MIB RFC2851 INET-ADDRESS MIB This MIB module defines textual conventions for representing Internet addresses.
Chapter 10 SpeedTouch™ Monitoring ADSL and SHDSL MIBs ILMI MIBs ATM MIBs 138 Following two MIBs are specific per SpeedTouch™’s DSL variant (ADSL or SHDSL variants). You should only load the appropriate MIB, although loading both will not harm functionality. To retrieve maximum SNMP information it is imperative to use the MIB provided on the SpeedTouch™ Setup CD, and not the one supported (if so) by the SNMP manager.
Chapter 10 SpeedTouch™ Monitoring 10.2 SNMP configuration About SNMP configuration There are a few configurable options covering the SNMP functionality. If you require no traps are , the default options suffice to access information in the SpeedTouch™ from the LAN. Enabling SNMP By default, the SNMP agent is disabled. Before using or configuring SNMP, you must enable it: Command Line Interface (CLI) All the SNMP settings can be changed or viewed using CLI commands.
Chapter 10 SpeedTouch™ Monitoring 10.2.1 How to Allow Access to the SNMP Agent Default Setting Command By default, access to the SNMP Agent is disabled. Before you are able to use SNMP, you must enable it. Use the following command to allow access to the SNMP Agent: :service system modify name=SNMPV3_AGENT state=enabled 140 E-DOC-CTC-20051017-0155 v1.
Chapter 10 SpeedTouch™ Monitoring 10.2.2 How to View the SNMP Configuration About the SNMP Service Command The SpeedTouch™ SNMP service controls all SNMP traffic from and towards the SpeedTouch™. By default, no restrictions apply regarding SNMP traffic from and towards the local network. However SNMP traffic from and towards the WAN will be blocked.
Chapter 10 SpeedTouch™ Monitoring 10.2.3 How to View the System Contact, Name and Location Command Use the following CLI command to view the default configuration: {Administrator}[snmp]=>config Default Configuration The default configuration is as follows: SNMP System Contact : Service Provider SNMP System Name : SpeedTouch 620 SNMP System Location : Customer Premises All SNMP traps : DISABLED 142 E-DOC-CTC-20051017-0155 v1.
Chapter 10 SpeedTouch™ Monitoring 10.2.4 How to Configure SNMPv1 Configuring SNMPv1 on the SpeedTouch™ How to Configure the SNMPv1 Client The SpeedTouch™ supports SNMPv3, but is also backwards compatible with SNMPv1. However, you need specific configuration procedures for this.
Chapter 10 SpeedTouch™ Monitoring How to Configure the SNMPv1 Traps Proceed as follows: Step 1 Action Create a new target: :snmp target add name=Test_trap_pc addr=10.0.0.
Chapter 10 SpeedTouch™ Monitoring 10.2.5 How to Configure the System contact, Name and Location Command You can set the System contact, System Name and the System Location in the MIB II RFC1213. Use the following CLI command to do so: config [sysContact = ] [sysName = ] [sysLocation = ] [traps <{disabled|enabled}>] Parameters E-DOC-CTC-20051017-0155 v1.
Chapter 10 SpeedTouch™ Monitoring 10.2.6 How to Force the Source IP Address About Loopback The SpeedTouch™ offers the possibility to send SNMP traps to an SNMP manager. This facilitates the monitoring of the network. It is important that the source IP address of the SNMP traps remains the same at all times, so the Network Control Centre knows who is sending the traps.
Chapter 10 SpeedTouch™ Monitoring 10.2.7 How to Configure the SNMP Target About the SNMP Target Command The SNMP target is the destination for the SNMP traps, e.g an SNMP Manager. You can add up to nine different SNMP manager destination addresses, using the :snmp target add command.
Chapter 10 SpeedTouch™ Monitoring Use of defaults How to Delete a Destination Parameter Value Description taglist String containing one or more tags. A tag corresponds to a tag in the usmUserTable, the snmpCommunityTable or the snmpNotifyTable. params <{V1Params}> String used to select a set of entries in the snmpTargetParamsTable. storage other,volatile, nonVolatile, permanent or readOnly Storage type.
Chapter 10 SpeedTouch™ Monitoring 10.2.8 How to Read SNMP Parameters via the CLI About Reading SNMP Parameters SNMP get The snmp get, snmp getNext and snmp walk commands allow you to Get, GetNext or Walk SNMP settings and/or counters from a MIB object. The MIB object is identified by the MIB object’s ID. This is only used for ebugging purposes. Use the following CLI command to read a specific object ID: {Administrator}[snmp]=>get [objectid = ] With [objectID] the MIB ID of the object.
Chapter 10 SpeedTouch™ Monitoring SNMP walk Use the following CLI command to skim through a MIB object: {Administrator}[snmp]=> walk [objectid = ] Example: For example, objectid .1.3.6.1.2.1.1, identifies the SpeedTouch™ MIB system group. The example below skims through this MIB object: {Administrator}[snmp]=>walk ObjectId=1.3.6.1.2.1.1 VB_octetStr .1.3.6.1.2.1.1.1.0 SpeedTouch 620 VB_objId .1.3.6.1.2.1.1.2.0 .1.3.6.1.4.1.637.61.2 VB_timeTicks .1.3.6.1.2.1.1.3.0 9962843 VB_octetStr .1.3.6.1.2.1.
Chapter 10 SpeedTouch™ Monitoring 10.2.9 How to Allow Remote SNMP About Remote SNMP Command It is possible to allow to allow a remote SNMP manager to monitor the SpeedTouch™. To do this, add the WAN interface to the service access list. Use the following command: =>service system ifadd name SNMPV3_AGENT group wan Receiving Traps To allow the remote SNMP manager to receive SNMP traps generated by the SpeedTouch™, no extra configuration is necessary.
Chapter 10 SpeedTouch™ Monitoring 10.2.10 How to Add an SNMP User About SNMP Users SNMP Users allow you to determine which MIBs a specific user is allowed to view or change. This is done by adding a user to a user group. This user group determines the user’s access to the MIBs. Limiting MIB Access You can limit the MIBs visible within a defined Read-Only (RO) or Read/Write (RW) Community.
Chapter 10 SpeedTouch™ Monitoring Group Description Power User Has the same rights as User, plus additional read access to the following subtrees: 1.3.6.1.2.1.2: INTERFACES 1.3.6.1.2.1.4: IP 1.3.6.1.2.1.5: ICMP 1.3.6.1.2.1.6: TCP 1.3.6.1.2.1.7: UDP 1.3.6.1.2.1.10: ETHER-like (ADSL .1.10.94; HDSL .1.10.48) 1.3.6.1.2.1.16: RMON 1.3.6.1.2.1.17: BRIDGE 1.3.6.1.2.1.26: MAU 1.3.6.1.2.6.3.10.2: SNMPv2 Framework 1.3.6.1.2.1.16: RMON 1.3.6.1.2.1.80: PING 1.3.6.
Chapter 10 SpeedTouch™ Monitoring Procedure The general flow of user configuration is as follows: you create a view, which is basically a set of MIB access rights. after that, you create a user group with access to that view. Then, you create a user and add it to the group. Thus, the user will have the groups MIB access and have tha access rights you defined in the view.
Chapter 10 SpeedTouch™ Monitoring How to View the Users Use the following command to view the users: :snmp user list This results in the following output: securityname=SU snmpengineID=localSnmpID authprot=usmNoAuthProtocol privprot=usmNoPrivProtocol targettag= storage=nonVolatile securityname=user snmpengineID=localSnmpID authprot=usmNoAuthProtocol privprot=usmNoPrivProtocol targettag= storage=nonVolatile securityname=LanAdmin snmpengineID=localSnmpID authprot=usmNoAuthProtocol privprot=usmNoPrivProtocol
Chapter 10 SpeedTouch™ Monitoring How to View the Communities Use the following command to view the communities: :snmp securiytogroup list This results in the following output: securitymodel=snmpv1 securityname=ROCommunity groupname=V1ROGroup storage=nonVolatile securitymodel=snmpv1 securityname=RWCommunity groupname=V1RWGroup storage=nonVolatile securitymodel=usm securityname=SU groupname=SU_Group storage=nonVolatile securitymodel=usm securityname=user groupname=Basic_Group storage=nonVolatile securitym
Chapter 10 SpeedTouch™ Monitoring 10.2.11 How to Restrict SNMP Access SNMP Access Restriction You can restrict SNMP Access so that it is accepted from specific IP addresses only. To do this, add the IP address or an IP Address range to the access list for the service SNMPV3_Agent. Note that this also covers SNMPv1. You can also restrict access to specific interface groups such as WAN, LAN, DMZ,...
Chapter 10 SpeedTouch™ Monitoring 10.2.12 How to Configure the Traps Procedure In order to configure which traps are sent where, you need to: Step Action 1 Set the message handling parameters 2 Create a notify filter 3 Create a notify profile using that filter 4 Create notify tags 5 Create a destination for the traps 6 Enable traps If you simply want all tags to be sent, steps 2, 3 and 4 are not necessary. How to Set the Message Handling Parameters Use the :snmp targetparams add command.
Chapter 10 SpeedTouch™ Monitoring How to Create a Destination for theTraps Use the :snmp target add command. Example: :snmp target add name=Test_trap_pc addr=10.0.0.110 taglist=Trap_tag params=Trap_params How to Enable Traps Use the following command sequence: :snmp config traps enabled :service system modify name SNMPV3_TRAPS state enabled More Information E-DOC-CTC-20051017-0155 v1.
Chapter 10 SpeedTouch™ Monitoring 10.3 The SpeedTouch™ Syslog Introduction Syslog is a basic, uncomplicated, yet powerful method to administer a network device as the SpeedTouch™. By generating syslog messages, the SpeedTouch™ is able to inform network managers about the general state of the device and to record events which can be retrieved for later analysis and diagnosis. This chapter describes how to use the SpeedTouch™ Syslog deamon.
Chapter 10 SpeedTouch™ Monitoring 10.3.1 The SpeedTouch™ Syslog Daemon What is Syslog Syslog is a message generating tool that can be implemented in any network device. The intention of the tool is to send messages over the network indicating status, actions, possible problems, etc. from the device.
Chapter 10 SpeedTouch™ Monitoring Syslog priority facilities 162 Following priority facilities are possible for a syslog message generated by the SpeedTouch™.
Chapter 10 SpeedTouch™ Monitoring Syslog message bodies The SpeedTouch™ syslog daemon is internally responsible for collecting and administering messages generated by one or more of its subsystems.
Chapter 10 SpeedTouch™ Monitoring 10.3.2 Syslog via the Web Interface The Syslog web page The SpeedTouch™ Syslog web page allows users to view all or a selection of syslog messages the SpeedTouch™ has generated. Browse to the SpeedTouch™ Expert pages and open the Syslog pages via Home > SpeedTouch > Syslog. The advantage of offering the syslog Web Interface is that any authenticated user is able to browse the SpeedTouch™ Web Interface.
Chapter 10 SpeedTouch™ Monitoring Syslog configuration Via the SpeedTouch™ Syslog page, you can also configure the SpeedTouch™ syslog daemon to send syslog messages to one or more particular host IP addresses. This allows dedicated syslog software on the host to collect SpeedTouch™syslog messages for immediate notification, future reference, and event archiving.
Chapter 10 SpeedTouch™ Monitoring 10.3.3 Syslog via the CLI The Syslog CLI command group The SpeedTouch™ CLI syslog command group basically provides the same possibilities as provided on the SpeedTouch™ syslog web page: =>:syslog help Following commands are available: config ruleadd ruledelete flush list : : : : : Set/Display configuration Add a new rule to the syslog configuration. Delete a rule in the syslog configuration Flushes syslog rules.
Chapter 10 SpeedTouch™ Monitoring 10.3.4 Remote Syslog Notification Introduction Preconditions Syslog host on the local network The SpeedTouch™ can be configured to send all or a selection of generated syslog messages to a host on the local or a remote network IP address. This section describes how to configure the SpeedTouch™ syslog daemon to send messages to a particular host.
Chapter 10 SpeedTouch™ Monitoring Syslog host on a remote network The default SYSLOG SpeedTouch™ service is configured to allow traffic from the SpeedTouch™ syslog daemon towards the WAN: =>:service system list name=SYSLOG expand=enabled Idx Name Protocol SrcPort DstPort Group Sta te ----------------------------------------------------------------------1 SYSLOG udp 514 ena bled Description................ System Logging Events Properties................. client Managed parameters.........
Chapter 10 SpeedTouch™ Monitoring 10.4 SpeedTouch™ Identification on AWS Information Exchange The SpeedTouch™ exchanges some variables after the DSL synchronisation with the DSLAM (Digital Subscriber Line Access Multiplexer). These variables are hardcoded into the SpeedTouch™.
Chapter 10 SpeedTouch™ Monitoring SpeedTouch™ Identification over AWS The ADSL Work Station (AWS) is the graphical management tool to control and configure DSL lines on a DSLAM. The figure below is an example of a screenshot of an AWS. ! 170 The CPE Remote Inventory displays the values in a HEX notation. E-DOC-CTC-20051017-0155 v1.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11 SpeedTouch™ Advanced Diagnostics About the Advanced Diagnostics Overview E-DOC-CTC-20051017-0155 v1.0 The SpeedTouch™ features advanced diagnostics to allow for extended monitoring of the system’s performance, operation and connection status. You can access the diagnostics either with the Web interface or via CLI. The Web interface also provides a page showing the entire office network.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.1 The Office Network Web Page About the Office Network Web Page How to Access the Office Network Page Additional Pages The Office Network Web page shows all devices on the LAN and their main characteristics: Proceed as follows: Step Action 1 Go to the Basic Web Interface 2 Do one of the following: Click the Office Network option in the navigation pane. Click the Office Network icon on the Basic home page.
Chapter 11 SpeedTouch™ Advanced Diagnostics The Devices Page The Devices page provides information on the devices present on the LAN: To see more details of a specific device, click on the corresponding device name, e.g. a00098 in the above example: From these pages you can also perform the following tasks: Assign a game or application to a device Assign the public IP address of a connection to a device To do this, click on the corresponding task in the Pick a task... area.
Chapter 11 SpeedTouch™ Advanced Diagnostics The Interfaces Page The Devices page provides information on the devices present on the LAN: To see more details of a specific interface, click on the corresponding interface name, e.g. lan1 in the above example: 174 E-DOC-CTC-20051017-0155 v1.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.2 The Diagnostic Web Page Introduction Opening the SpeedTouch™ Diagnostic Web Interface Navigation and action buttons In this section the Diagnostic Web Page is described. Proceed as follows: 1 Open a web browser an go to the SpeedTouch™ Web Interface. 2 Go to the Expert Mode pages. 3 Open the diagnostic pages via Home > SpeedTouch > Diagnostics. Following navigation and action buttons are available: Click... To.. Expand Diagnostics topics.
Chapter 11 SpeedTouch™ Advanced Diagnostics System Diagnostics Use the expand button (or Expand all) to open the System Diagnostics: The information shown is mainly meant for uniquely identifying your device (for example as reference for helpdesking).
Chapter 11 SpeedTouch™ Advanced Diagnostics LAN Diagnostics Use the expand button (or Expand all) to open the LAN Diagnostics: The LAN Diagnostics provide information on the SpeedTouch™’s local network Ethernet interface(s). Per Ethernet interface a visual indicator shows whether: The interface is connected. The interface is disconnected. Per interface following data are shown: E-DOC-CTC-20051017-0155 v1.
Chapter 11 SpeedTouch™ Advanced Diagnostics WAN Diagnostics Use the expand button (or Expand all) to open the WAN Diagnostics: The WAN diagnostics consists basically of two expandable parts: The physical layer DSL diagnostics: Next to some general information on the DSL line flavour, status, bandwidth characteristic and throughput counters, some line properties and statistics are shown.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.3 Command Line Interface Diagnostics Overview E-DOC-CTC-20051017-0155 v1.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.3.1 About CLI Diagnostics Introduction This section describes some of the diagnostics available from the SpeedTouch™ Command Line Interface (CLI). For a full description of the CLI commands see the “SpeedTouch™ CLI Reference Guide” for more information.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.3.2 Lower Layer Diagnostics ADSL The :adsl info displays ADSL statistics and information on current SpeedTouch™ DSL line status. Although it is the same command for both SpeedTouch™ ADSL/POTS and ADSL/ ISDN variants, the command features specific output parameters and counters per variant. ADSL reporting has been extended to report the unrestricted ADSL bandwidth, i.e.
Chapter 11 SpeedTouch™ Advanced Diagnostics ATM Several commands are available to display specific Asynchronous Transfer Mode (ATM) statistics: :atm debug aal5stats Displays AAL5 port specific Asynchronous Transfer Mode (ATM) statistics :atm debug gstats :atm debug portstats Displays global ATM statistics Displays port specific ATM statistics Below some examples are provided: =>:atm debug aal5stats port = dsl0 vpi = 8 [vci] = 36 [clear] = :atm debug aal5stats port=dsl0 vpi=8 vci=36 # of CRC-3
Chapter 11 SpeedTouch™ Advanced Diagnostics ATM Auto-Configuration via TR-37/ ILMI 4.0 The ILMI operates between the network and the ATM Network Termination at the customer premises for example the SpeedTouch™. ILMI 4.0 is supported on VP/VC 0/16. Meaning that the VCC or VPC can be provisioned via this management channel. The information received via the management channel can be used to dynamically add terminated connections.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.3.
Chapter 11 SpeedTouch™ Advanced Diagnostics DNS Following DNS server/forwarding statistics are available: :dns server debug stats Displays statistics of SpeedTouch™’s DNS server/forwarder =>:dns server debug stats Corrupted packets received Local questions resolved Local negative answers sent Total DNS packets forwarded External answers received Spoofed responses Forward table full, discard Spurious answers Unknown query types => E-DOC-CTC-20051017-0155 v1.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.3.4 Routing Diagnostics Firewall Rule To check the operation of the SpeedTouch™ packet firewall following command is available: :firewall rule debug stats Displays per firewall rule, the number of packets (and corresponding bytes) that passed the firewall rule.
Chapter 11 SpeedTouch™ Advanced Diagnostics IP Diagnostics There are two useful commands: ping: Send IGMP ECHO_REQUEST packets to a given destination traceroute: Send ICMP/UDP packets to trace the ip path. Each of these can be given from the root of the CLI, as well as from any other place in any command group.
Chapter 11 SpeedTouch™ Advanced Diagnostics The Traceroute Command The traceroute command has the following syntax: traceroute addr = [count = ] [size = ] [interval = ] [maxhops = ] [dstport = ] [maxfail = ] [type = <{icmp|udp}>] [utime = <{disabled|enabled}>] It uses the following parameters: Parameter Value Description addr The destination IP address count
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.3.5 Ethernet Diagnostics Non-intrusive Sniffing For debugging purposes, the SpeedTouch™ offers a port mirroring feature. This means that, three out of the four physical ethernet ports can be used for network connections, while the remaining ethernet port can be used to connect a sniffing device. In this way, when there is a network problem, a sniffer can be connected without causing any intrusion in the network.
Chapter 11 SpeedTouch™ Advanced Diagnostics To verify which port is being mirrored (ingress or egress) use the following commands: =>:eth switch mirror ingress Ingress mirror port = 1 =>:eth switch mirror egress Egress mirror port = 2 => When there is no need to mirror traffic to ethernet port four any more you can disable the mirroring by executing the following command: =>:eth switch mirror ingress port=1 state=disabled =>:eth switch mirror egress port=2 state=disabled 190 E-DOC-CTC-20051017-0155 v1.
Chapter 11 SpeedTouch™ Advanced Diagnostics 11.3.6 Management Diagnostics SNMP and Syslog The SpeedTouch™ Simple Network Management Protocol (SNMP) and Syslog modules are industry standard management utilities to diagnose the device’s status, connections, etc. For a full description of the SpeedTouch™ SNMP module and Syslog, see “10.1 An Introduction to SNMP” on page 134 and “10.3 The SpeedTouch™ Syslog” on page 160.
Chapter 11 SpeedTouch™ Advanced Diagnostics 192 E-DOC-CTC-20051017-0155 v1.
Chapter 12 SLA Monitoring. 12 SLA Monitoring. Introduction The SpeedTouch™ supports Service Level Agreement/QoS monitoring on a continuous basis. An extended ping or trace route process can be started from the SpeedTouch™ to another node in the worldwide IP network, to measure the QoS (round-trip delay, packet loss, jitter, availability, routing stability, ..) to this other node and all intermediate nodes. Interim and final results can be consulted on web, CLI and via SNMP (RFC 2925).
Chapter 12 SLA Monitoring. Now that we defined an SLA ping test we need to configure the test. The following parameters can be configured: 194 Parameter Description Values test The name of the ping test to configure. string addr The destination IP address. string size The size of the data portion to be transmitted in a ping probe. number{0-20000} timeout The timeout value, in seconds, for a ping operation number{1-60} count The number of times to send a ping probe.
Chapter 12 SLA Monitoring. Use the following command to modify the SLA ping parameters: =>:sla ping modify test = internet [addr] = 11.0.0.138 [size] = 200 [timeout] = 3 [count] = 15 [datafill] = test [frequency] = 2 [maxrow] = 50 [storagetype] = nonVolatile [trap] = [trapprobefilter] = 2 [traptestfilter] = 12 [type] = IcmpEcho [descr] = [srcaddr] = 0.0.0.
Chapter 12 SLA Monitoring. Following results will be displayed : SLA Ping History Name Description status In Progress, Stopped minrtt Minimum RTT (Round-Trip-Time): microseconds maxrtt Maximum RTT: microseconds avgrtt Average RTT: microseconds rttsumofsqr RttSumOfSquares : milliseconds responses Probe Responses: number of responses received sentprobes Sent Probes: number of probes sent A complete list of the SLA pings send can be view as well.
Chapter 12 SLA Monitoring. Traceroute Process SLA Traceroute configuration Traceroute is usually implemented by transmitting a series of probe packets with increasing time-to-live values. A probe packet is a UDP datagram encapsulated into an IP packet. Each hop in a path to the target (destination) host rejects the probe packet (probe's TTL too small) until its time-to-live value becomes large enough for the probe to be forwarded.
Chapter 12 SLA Monitoring. Now that we defined an SLA ping test we need to configure the test. The following parameters can be configured: 198 Parameter Description Values test The name of the traceroute test to configure. string addr The destination IP address. string size The size of the data portion to be transmitted in a traceroute request.
Chapter 12 SLA Monitoring. Parameter Description Values maxfail The max number of consecutive timeouts allowed before terminating a traceroute request number{0-255} bypassrt Enables bypassing of the normal routing tables. disabled or enabled dffield Enables setting of the don't fragment flag in the IP headers of the traceroute requests. disabled or enabled dsfield The value to store in the Differentiated Service Field in the IP packet.
Chapter 12 SLA Monitoring. SLA Traceroute result Now that the SLA traceroute process has been started you can view the SLA traceroute results. Use the following command: =>:sla traceroute list route: [owner = modem] dest = 11.0.0.138 size = 0 timeout[s] = 3 probePerHop = 3 port = 33434 maxTTL = 30 InitialTTL = 1 frequency[s] = 0 maxrows = 50 maxfailures = 5 createHopEntries = no trapflag = type = UdpEcho storagetype =nonVolatile descr = srcaddr = 0.0.0.
Chapter 12 SLA Monitoring. Following results will be displayed : SLA Traceroute History Name Description status In Progress, Stopped currHopCount Reflects the current TTL value (range from 1 to 255) for a traceroute operation. currProbeCount Reflects the current probe count (1..10) for a traceroute operation. testAttempts The current number of attempts to determine a path to a target. testSuccesses The current number of attempts to determine a path to a target that have succeeded.
Chapter 12 SLA Monitoring. 202 E-DOC-CTC-20051017-0155 v1.
Chapter 13 Resetting the SpeedTouch™ 13 Resetting the SpeedTouch™ Introduction Normal reboot If needed you can reset the SpeedTouch™ to factory defaults or just reboot. To reboot the SpeedTouch™ without erasing the current configuration,use the following command: =>:saveall This command will save the current configuration to the user.ini file. Now enter the following command: =>:system reboot This command will reboot the SpeedTouch™ and will load the user.
Chapter 13 Resetting the SpeedTouch™ The Reset button On the back side of the SpeedTouch™ there is a resetbutton. By pressing this button for three to six seconds the device will reboot and startup with the settings defined in the isp.def if present. The reset button can be disabled by executing the following command: =>:system config resetbutton=disabled This command will disable the reset button on the back of the SpeedTouch™.
© THOMSON 2006 All rights reserved. E-DOC-CTC-20051017-0155 v1.0 . Need more help? Additional help is available online at www.speedtouch.