WLO USER’S MANUAL
WLO220T, WLO0880T, WLO880F
Rev. 3.0
1
Copyright and Trademark Information
This document contains proprietary information that is protected by copyright. All rights
reserved. No part of this document may be photocopied, reproduced, or translated into
another language without prior expressed written consent from Amer Networks.
© Copyright 2013, the Amer Networks company logo are trademarks or registered trademarks
of Amer Networks. All rights reserved. Windows is a trademark or registered trademark of
Microsoft Corporation. Other trademarks or registered trademarks are the property of their
respective holders.
www.Amer.com
2
Table of Contents
System Tab ................................................................................................ 5
Status .................................................................................................. 5
Date/Time ............................................................................................ 5
Management ......................................................................................... 7
Software...............................................................................................8
Configuration ........................................................................................ 9
Administrators..................................................................................... 10
Diagnostic tools ................................................................................... 11
Ping ................................................................................................... 11
Trace Route......................................................................................... 12
Technical Support Summary .................................................................. 13
Network................................................................................................... 14
Interface Table .................................................................................... 14
Routing Table ...................................................................................... 15
DNS Settings ...................................................................................... 16
Visibility................................................................................................... 17
Top Talkers ......................................................................................... 17
Traffic Statics ...................................................................................... 17
Netflow Configuration ........................................................................... 18
Top Talkers Configuration...................................................................... 21
Optimization............................................................................................. 22
Current Policies ................................................................................... 22
Default Policy ...................................................................................... 23
Add Optimization Policy ........................................................................ 24
Address Object .................................................................................... 25
Address Groups ................................................................................... 26
Services ............................................................................................. 27
Service Groups .................................................................................... 28
Applications ........................................................................................ 29
Signatures .......................................................................................... 30
Schedule ............................................................................................ 32
Logging ................................................................................................... 34
Syslog................................................................................................ 34
Syslog Servers .................................................................................... 35
Logging Configuration .......................................................................... 35
Save........................................................................................................ 37
Save Configuration .............................................................................. 37
3
The WLO appliances are compact inline appliances that manage network traffic
flows to optimize and protect network and server infrastructures. Amer Networks
offers the following appliance models to meet your specific networking needs:
• WLO220T
• WLO880F (Fiber-based)
• WLO880T
Deployed in front of servers or network equipment, the WLO appliance is a
non-intrusive solution for managing bandwidth abuse or attacks against network
infrastructure. The WLO appliances monitoring network flows at 2Gbps throughput
while maintaining line quality and low latency. The WLO appliances are configured
using granular user-defined policies identifying thresholds for session creation,
per-flow bandwidth, and aggregate bandwidth.
This document will only cover the web gui configuration of the WLO device.
For the initial setup and configuration, please use the following documents:
Quick Install Guide – for the initial set setup and configuration.
CLI manual – covers the CLI command and programing the device from telnet or
ssh.
For best results please use Firefox when accessing the WLO web gui.
4
System Tab
The system tab allows you to setup the basic functions of the WLO or Wan Lan
Optimizer. This is where you should start off when first logging into the device. Here
you can set the login and password and perform some basic troubleshooting.
Status
This lists the device information, the interface status and the System Events.
This is the default page when you first log into the WLO.
You can not make any changes here, as you can only view the status.
Date/Time
Modify the date and time used by the WLO. The time is used by the device for its
internal logs, as well as reporting with syslog or Netflow.
5
Time zone
Set the time zone and if you want the WLO to adjust for daylight savings.
Network Time Protocol
Add in an NTP server for the WLO to time sync with.
6
Management
Configure the management port settings for the WLO.
SSH Configuration
Modify the SSH pre shared key.
7
Software
Update and manage the MOS image on the WLO. The WLO has a primary and a
secondary firmware image which can be used to test out new firmware. The WLO
will use the firmware based on the “next” boot option. To select another image to
boot with, click on the next, under the next boot selection column.
To update a firmware image:
Select the primary or secondary image to update.
Click on upgrade under the action column.
Browse to the firmware location on your pc.
Select the firmware file, example is wlo200t-4.8.1.img
Click on upload.
The firmware image will be uploaded to the device.
This process will take a few minutes to complete.
When completed, it will return to the main software images page.
The following will be displayed to prove the firmware has been updated.
8
To use the new firmware.
Select the next boot selection beside the firmware image that was modified.
Select reboot to reboot the WLO.
Configuration
View the WLO configuration in CLI format. This allows you to download the file to a
txt format. It can be saved or modified and then uploaded back to the same or
another WLO.
Upload New
Upload a previously saved configuration file to the WLO.
Browse to the file located on your pc.
Click on upload.
9
Reset Existing
By clicking reset, the device will be reset to factory default settigns.
These are 192.168.1.1. and admin for the login, and admin for the password.
Once the reset is clicked on, the system will take a few minutes to boot back up.
Administrators
Change the password used for management of the WLO. This included both SSH and
telnet management. There are 2 default user accounts, the main admin account.
This has full read / write access to the device. The other account is admin-r. This
account only has read access to the WLO. You can only use the 2 accounts to
manage the WLO. Select the account you want to modify from the drop down menu.
Then add the current password, followed by the new password. Click on apply when
finished.
10
Diagnostic tools
The WLO gives us a few tools to assist with setup and basic network
troubleshooting.
Ping
Select to ping by ipv4 address or by a hostname.
For the hostname to work, the DNS settings must already be set on the WLO.
Set the hop count, the packet size, and the timeout for the ping test. By leaving the
3 options blank, the system will use its default settings and ping out 5 times.
11
Trace Route
Select to trace route by ipv4 address or by a hostname.
For the hostname to work, the DNS settings must already be set on the WLO.
Set the max hops, and the timeout for the test. By leaving the 2 options blank, the
system will use its default settings.
12
Technical Support Summary
Output the full technical support summary of the WLO. This is used for amer tech
support and getting a full understanding of the WLO configuration.
To start the download, click on the download button.
This process will take a few minutes to complete.
Once completed the CLI output of the WLO will be displayed.
To download the file to your pc, click on the download configuration button.
13
Network
Configure the WLO Ipv4 address settings. This will include the static routes and the
DNS servers uses by the WLO.
Interface Table
Modify or configure the IPv4 settings for all the interfaces on the WLO.
For management access to the device, use BR0 for the WLO220T, and ETH2 for the
WLO880T and WLO880F. By default ETH0 and ETH1 are in transparent mode, so no
configuration is required.
Add logical interface allows for more interfaces to be created on the WLO.
Add bridge interface allows for another bridge interface to be created.
Both of these options are for troubleshooting purposes they are not needed in
normal operations of the WLO.
Select the management interface by clicking on BR0 or ETH2.
Modify the IPv4 address for access to the WLO.
Set the management access protocol used to access the WLO.
The link connection speed will also be listed here, and can be modified to better suit
your network environment. The ability to down the interface is also listed.
14
Routing Table
Create or edit the existing static routes in the WLO. With a bridge interface
configuration, the system automatically creates the two required routes.
To edit an entry, click on the IP address or click on add route.
Add in the network address, netmask, gateway, and the distance.
The distance setting is used to select a preferred route for the traffic flow.
The lower the number the more preferred the route is.
15
DNS Settings
Modify the host name for the WLO as well as modify the DNS servers and the domain
name associated with the device.
A valid DNS server is required to make the domain resolution lookup work correctly.
16
Visibility
Setup and configure the Netflow collection and the Top Talkers feature. The port
statics or traffic can also be viewed here.
Top Talkers
This option shows a graphical display of the live data passing through the WLO. The
data will refresh every 5 seconds. The WLO will try to resolve any external ip
address to a valid domain name.
Traffic Statics
This displays the real time traffic being transmitted and received by each interface
on the WLO. The data will refresh every 5 seconds, or it can be turned off or
refreshed manually. This information is very helpful when troubleshooting the WLO
or verifying that the device is properly configured.
17
Netflow Configuration
Modify and configure the Netlflow collection for the WLO. The options available here
allow for greater compatibility with any Netflow collector on the market.
The Netflow configuration is broken down into 4 tabs.
Basic
Enable or disable the Netflow collection of the WLO. Select the version of the Netflow
collector to use, version 9 is the latest. The transport protocol can be modified to be
UDP or TCP. UDP is the industry standard for most Netflow Collection. Set the
maximum amount of bandwidth the WLO can use when sending out the UDP packets.
Set the sampling rate at which the WLO collecting the netflow data. These last two
settings only need to be modified if the Netflow collector is having issues displaying
the data.
18
Collector
Add in the IP address of the computer running the Netflow Collection Software.
Modify the Port being used by the same software. This value will be displayed by the
Netflow software during its installation process.
19
Export By Time
Configure the Netflow collection to send the data over to the collector based on a set
time interval. These two settings only need to be modified if the Netflow collector is
having issues displaying the data.
Export By Match
Configure the Netflow collection to log data based on specific traffic types or
parameters. The traffic reporting can be filtered by the byte or packet count.
Incoming or outgoing interface can also be used. Based on the flow of traffic, the
next hop can also be used. Also advanced packet parameters can be used such as
TOS (Tos Byte) and the DSCP (Differentiated Services Code Point).
20
Top Talkers Configuration
Select to Enable the Top Talkers view in the Web gui. Select the display to view the
top talkers in a chart or in a table. Set the chart information to be displayed in Bytes
or in Packets.
21
Optimization
This section allows you to setup and configure the traffic shaping rules on the WLO.
The options in this section allow you to further filter and control the traffic flow. The
ability to create address objects, services, and schedules is in this section.
Configuring application filtering and setting a schedule is also in this section. All
these options will be used to make the optimization policy to control the traffic flow.
Current Policies
This shows the current policy’s configured on the WLO. The policy order goes from
highest priority on the top, to lowest priority on the bottom. A policy listed in this
section, will use used before the default policy, which is normally to allow all. The
number of policy’s the WLO supports is unlimited. This is why you can set the
number of policy’s shown on the screen.
The enable button allows you to enable or disable a currently policy.
Click on the enable policy button, and select the policy you wish to modify. Then
select update to save the selection.
22
The move policy button allows you to reorder the policy list. As the policy rules will
be applies to the traffic starting from the top of the list. Simply click on the up or
down arrow to move the policy order. When finished, select apply to save the
changes.
Default Policy
This is the pre-configured policy the WLO ships with. By default its set to permit all
traffic, and to log all traffic to Netflow. The default rule, will be used after the main
policy list has been checked. The WLO can be set to block all traffic by default. This
is used for testing purposes, or when the main policy list is completely filled out. You
can also choose to log all traffic to Netflow, or to the Top-Talkers function.
23
Add Optimization Policy
The main purpose of the WLO is to log and optimize traffic flow. This optimization
process is configured in this step.
Most of the options in the Optimization Policy need to be created first, before you
can select them. Create the address, or services, or groups, or schedule, before you
create a policy.
The policy creation starts off with naming the rule.
Then you can choose to enable the policy.
Select any or another source address from the drop down menu.
Select any or another destination address from the drop down menu.
Then click on the traffic management tab.
Select one type of traffic from the following 2 choices:
Service or Application, from the drop down menu.
Select the action option. Permit, is used to prioritize or guarantee a connection.
Deny is used to block traffic.
Limit allows for the traffic shaping to occur.
Select the limit rate in kbps, based on:
Aggregate limit – used for the total combined connection bandwidth.
Per Connection – used for the total per user bandwidth.
Per Source – used with a specified source address only.
Per Destination – used with a specified destination address only.
Last click on scheduling & logging.
24
Select the schedule from the drop down menu.
The logging options allow the WLO to only log specific traffic if required.
Select to log by policy match or by threshold match.
Set the visibility to include Netflow and Top Talkers.
When completed, click on apply to create the policy.
Address Object
Create an IPv4 address which can be used in policy creation. This address can be
used to represent an internal or external ip address.
25
Click on add address object.
Name the IP address.
Give it a comment, to better describe it. (not required to create an address)
Add in the specific IPv4 address.
Set the Netmask of 32 when using a specific ip address.
When specifying a subnet, use the correct subnet mask.
Click on apply to save the address.
Address Groups
This allows for multiple address objects to be combined into one address group. This
makes the policy optimization creation much easier when dealing with multiple IP
address.
26
To add in a group, click on the add address group button.
Give the group a name and a comment to better identify it.
Select the address objects on the left side, and click add to add them into the newly
created group.
When done click apply.
From here, the domain name option is also available.
Select Domain Name as the group type.
Add in a Domain in the Domain Name field.
Note that you can only add in one domain per group.
Services
Create or modify a service port which can be used in policy creation.
The WLO has a list of pre-defined services ports, which can be modified.
To create a custom service port click on add service on the bottom of the list.
27
Name the new service.
Set the Source port begin and end. This allows for a range to be entered. Use the
same for both if setting up a single service port. Do the same for the destination port.
Set the correct protocol, and click on apply to finish.
You are only able to remove the p2p and any custom made service port.
Service Groups
This allows for multiple service ports to be combined into one service group. This
makes the policy optimization creation much easier when dealing with multiple
ports.
28
Click on add service port.
Give the group a name and a comment to better identify it.
Select the service objects on the left side, and click add to add them into the newly
created group.
When done click apply.
Applications
Modify existing applications which can be used in policy creation.
The WLO has a list of pre-defined Applications, which can be modified.
These Applications can also be configured in a group.
29
To create an application group click on add application on the bottom of the list.
Name the application group.
Select the application object and then click on add to move it to the right side.
Click on apply when finished.
Signatures
The WLO has a set of pre-defined signatures, which can be used in application
control. These signatures can be modified, or new signatures can be created.
30
To create a signature click on add signature on the bottom of the list.
Name the signature entry.
Configure the starting port and the ending port for the entry.
Select the protocol and the condition required.
Entry the Pattern to match, and select Ascii or a Hex entry.
Configure the offset and the DSCP settings.
When finished, click on apply.
31
Schedule
Configure a policy to run at a set time. This allows for more customization of your
traffic optimization rules. The rules can be enabled or disabled based on the time of
day. This allows for separate rules during office hours, and other rules for over lunch
or after hours.
To add in a schedule, click on the add schedule button.
Name the schedule and add in a comment if required.
Select Occurs once, which will run one time only.
Select Recurring, which will run for more than one day.
Configure the start and end of the schedule, using ether the calendar, or the clock,
or both.
Set the start and end time using the 12 hours clock.
If the schedule is to run only one a day, use just one time span.
32
Set the day the schedule will run with the when option.
Select the daily option to have the schedule run every day.
Click on apply when finished.
33
Logging
This section allows you to configure the internal and syslog logging of the WLO.
These options allow for better management of the logs, and more control over what
logs to record.
Syslog
This section displays the internal logs for the WLO. The same log information is
displayed on the main page or the status tab. If required you can erase the log by
clicking on the clear button on the bottom of the page. The refresh button is also
available to force the system to generate logs.
34
Syslog Servers
Configure up to 4 external syslog servers. This functionality is compatible with any
syslog server program on the internet.
Select the enable messages option to turn on the syslog function.
Select the correct line number.
Configure the ip address or the host name of the pc or server with the syslog
software installed.
Set the port number specified by the syslog software.
Set the facility setting you wish to log.
Select to record the data to the WLO’s internal Event log or the Traffic Log. These 2
logs have up to 2 MB of storage space available to them.
Logging Configuration
Configure the logging levels for the WLO. This section allows for a different logging
configuration for each log location. This allows for a better reporting tool, and no
duplicate log entries.
The first option is the log level. This uses the standard log / facility levels for logging.
Levels: 0=Emergency, 1=Alert, 2=Critical, 3=Error, 4=Warning, 5=Notification,
6=Information, 7=Debugging. The log level will determine how many log entries
the WLO will produce. Setting a low number, the logs will only show minimum
entries related to service or attack issues. Using a higher number, will show more
log entries related to simple traffic flow. Level 7, debugging is used for support
purposes only, as it will log everything, including key strokes.
35
Each log level selected will have its own traffic logging options. This allows for alert
or critical logs to be sent via email, and less important logs sent to the console.
Set the log level and then set the logging options under the log location column.
By selecting the top check box in a column, it will select all options under that
column.
Click on apply to save.
36
Save
This section allows for the configuration to be saved to the WLO.
Any changes made to the WLO configuration, needs to be saved before it will be
applied. This function does not restart the unit, as any changes are saved any
applied while the WLO is still running.
Save Configuration
Click on save to save the configuration to the WLO. This process will only takes a few
seconds.
Also when you log out of the web gui, the system will prompt to save the
configuration to the device.
37
Loading...