Cabletron Systems 1200, 1000 User Manual
WORKGROUP
REMOTE ACCESS SWITCH
EXAMPLE NETWORKS
Release 7.2
Cabletron Systems
(603) 332-9400 phone
(603) 337-3075 fax
support@ctron.com
EXAMPLE NETWORKS
Only qualified personnel should pe rform installation
!
CAUTION
procedures.
NOTICE
You may post this document on a network server for public use as long as no
modifications are ma de to th e do cu ment.
Cabletron Systems reserves the right to make changes in specifications and other
information contained in this document without prior notice. The reader should in
all cases consult Cabletron Systems to determine whether any such changes have
been made.
The hardware, firmware, or software described in this manual is subject to change
without notice.
IN NO EVENT SHALL CABLETRON SYSTEMS BE LIABLE FOR ANY
INCIDENTAL, INDIRECT, SPECIAL, OR CONSEQUENTIAL DAMAGES
WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING
OUT OF OR RELATED TO THIS MANUAL OR THE INFORMATION
CONTAINED IN IT, EVEN IF CABLETRON SYSTEMS HAS BEEN ADVISED OF,
KNOWN, OR SHOULD HAVE KNOWN, THE POSSIBILITY OF SUCH
DAMAGES.
©Copyrigh t 1998 by Cablet ron Systems, Inc . All rights reserved.
Cabletron Systems, Inc.
P.O. Box 5005
Rochester, NH 03866-500 5
Order Number:9032236-02
VIRU S D ISCLAIMER
Cabletron Systems has tested its software with current virus checking
technologies. H owev er, because no anti-virus sy stem is 100% rel iable, we strongly
cauti on you to wr ite pro tect and th en verif y that th e Licen sed Sof tware, pr ior to
installing it, is virus-free with an anti-viru s system in which yo u have confi denc e.
Cabletron Systems makes no representations or warranties to the effec t that t he
Licensed Software is virus-free.
Copyright © July 1997, by Cabletron Systems, Inc. All rights reserved.
2 CyberSWITCH
TRADEMARKS
Cabletron Systems, CyberSWITCH, MMAC-Plus, SmartSWITCH, SPECTRUM,
and SecureFast Virtual Remote Access Manager are trademarks of Cabletron
Systems, Inc.
All other product names m entioned in this manual are tradema rks or registered
trademarks of their re sp e ctive companies.
COPYRIGHTS
All of the code for this product is copyright ed by Cable tron System s , Inc.
© Copyright 1991-1997 Cabletron Systems, Inc. All rights reserved. Printed in the
United States of America .
Portio ns of the code for this p roduct are co pyrighted by the follow ing corpor ations:
Epilogue Technolo gy Co rporat io n
Copyright 1991-1993 by Epilogue Technology Corporation. All rights res erv ed.
Livingston Enterprises, Inc.
Copyright 1992 Livingston Enterprises, Inc.
Security Dynamics Technologies Inc.
Copyright 1995 by Security Dynamics Technologies Inc. All rights reserved.
Stac El e c tronics
Stac Electronics 1993, including one or more U.S. Patents No. 4701745, 5016009,
5126739 and 5146221 and other pending patents.
Telenetw orks
Copyright 1991, 92, 93 by Telene tworks. All rights reserved.
FCC NOTICE
This device complies with Part 15 of the FCC r ules. Operation is subject to the
following two conditions: (1) this de vice m a y no t caus e ha r mful interference, and
(2) this device must accept any int erference received, includ ing interference that
may caus e undesired op e ra ti on.
NOTE: This equipment has been tested and found to comply with the limits for a
Class A digital device, pursuant to Part 15 of the FCC rules. These limits are
designed to provide reasonable protection against harmful interference when the
equipment is operated in a commercial environment. This equipment uses,
generates, and can radiate radio frequency energy and if not installed in
accordance with the operator’s manual, may cause harmful interference to radio
communications. Operation of this equipment in a residential area is likely to cause
interference in which case the user will be required to correct the interference at his
own expense.
Workgroup Remote Access Switch 3
EXAMPLE NETWORKS
WARNING : Changes or modific ations made to this d evice wh ich ar e not expr essly
approved by the party responsible for compliance could void the user’s authority
to operate the equipment.
DOC NOTICE
This digital apparatus do es not exceed the Class A limits for radio no ise emissions
from digital apparatus set out in the Radio Interference Regulations of the
Canadian Department of Communications.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les
limites applicables aux appareils numériques de la class A prescrites dans le
Règlement sur le brouillage radioélectrique édicté par le ministère des
Communicatio ns du Cana d a.
VCCI NOTICE
This is a Class 1 product based on the standard of the Voluntary Control Council
for Interference by Information Technology Equipment (VCCI). If th is equipment
is used in a domestic environment, radio disturbance may arise. When such
trouble occurs, the user may be required to take corrective actions.
CABLETRON SYSTEMS, INC. PROGRAM LICENSE AGREEMENT
IMPORTANT: Before utilizing this product, carefully read this License Agreement.
This document is an agreement between you, the end user, and Cabletron Systems,
Inc. ("Cabletron") that sets forth your rights and obligations with respect to the
Cabletron software program (the "Program") contained in this package. The
Progra m may be contai ned in fi rmware, ch ips or ot her media. BY UTILIZ ING THE
ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND BY THE
TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE
LIMITATION OF WA RRANTY A ND DISCLAIMER O F LIABILITY. IF YOU DO
NOT AGREE TO THE TERMS OF THIS AGREEMENT, PROMPTLY RETURN
THE UNUSED PRODUCT TO THE PLACE OF PURCHASE FOR A FULL
REFUND.
4 CyberSWITCH
CONTENTS
Simpl e Re m ote Bridging Netwo r k 9
Overview 9
Initial Installation Steps 9
Configuring the Simple Remote Bridge 9
Resour ce s 10
Lines 10
Bridging and Routing Info rm ation 11
Bridging 11
IP Routing 11
Configure the CyberSWITCH 12
Save Configuration Files 15
Verify the Installation 16
Remote Bridging Network with Security 17
Overview 17
Initial Installation Steps 17
Resour ce s 19
Lines 19
Device Information 20
Bridging and Routing Info rm ation 22
Bridging 22
IP Routing 22
Configure the CyberSWITCH 23
Configuring the Options 23
Configuring the Security 23
Save Configuration Files 26
Verify the Installation 27
IP Rout in g Network 28
Overview 28
Initial Installation Steps 28
System Details 30
Resour ce s 30
Lines 30
Device Information 31
Device Information 33
Bridging and Routing Info rm ation 35
Bridging 35
IP Routing 35
Configure the CyberSWITCH 36
Configuring the Cybe rSW ITCH Options 36
Configuring the Security 40
Save Configuration Files 43
Verify the Installation 44
IP Routing Network with Remote Bridge Devices 45
Overview 45
Business A ssu mp tions 45
Initial Installation Steps 45
Resour ce s 47
Workgroup Remote Access Switch 5
EXAMPLE NETWORKS
Lines 47
Device Information 48
Bridging and Routing Info rm ation 50
Bridging 50
IP Routing 50
Configure the CyberSWITCH 51
Configuring the Cybe rSW ITCH Options 51
Configuring the Security 54
Verify the Installation 57
IP Routing Network with PPP Devices 58
Overview 58
Initial Installation Steps 58
System Details 60
Resour ce s 60
Lines 60
Bridging and Routing Info rm ation 61
Bridging 61
IP Routing 61
Bridging and Routing Info rm ation 62
Bridging 62
IP Routing 62
Device Information 63
Configure SITE1 65
Configur ing the System Options 65
Finishi ng the Security Conf iguration 73
Configure SITE2 74
Configurin g SITE2 Options 74
Configuring Security 75
Save Configuration Files 75
Verify the Installation 75
IPX Routing Ne tw ork 77
Overview 77
Business A ssu mp tions 77
Initial Installation Steps 77
System Details 79
Resour ce s 79
Lines 79
Device Information 80
Bridging and Routing Info rm ation 83
Bridging 83
IP Routing 83
IPX Routing 84
Configure IPX Routing: Masternet (Detroit) 85
Configure Devic es 85
Configure Sy ste m Options 87
Save Configuration Files 92
Configure the Remote Devices 92
Verify the Installation 92
6 CyberSWITCH
AppleTalk Routing Netwo rk 93
Overview 93
Initial Installation Steps 93
Resour ce s 95
Lines 95
AppleTalk Routing 96
Configure the CyberSWITCH 98
Configuring the Options 98
Configuring Device Inform a tion 101
Configuring an AppleTalk Static Route 104
Save Configuration Files 105
Verify the Installation 105
Index 106
Workgroup Remote Access Switch 7
E
XAMPLE NETWORKS
We provide se ver al exam ple n etwork s , beg inni ng wit h a simpl e net work and progre ssi ng t o more
complex networks. You m ay find t he c onfigurati on instruc tions pr ovided fo r each example helpful
when configuring your own network.
We inc l u de th e f ollowin g ch a p te rs:
• Simple Remote Bri dgin g Network
An example of a s imple netwo rk u sing re mote bri dge d ev ices to acce ss a C ybe rSWI TCH’s f our
basic rate lines.
• Remote Bridgi ng Network with Securit y
A bridged network with C a lling Line Id security and Bridge MAC Address security enabled.
The network is configured with two devices. One device will be configured to require a Bridge
MAC Address security password, and one device will not. This network uses BRI lines.
•IP Routing Network
An IP routing network wi th devices accessing the network f rom their homes.
• IP Routing Network with Remote Bridge Devices
A smart brid g in g interface to allow the two remote bridge devices to co nne ct to an IP subn e t.
The CyberSWITCH treats these devices connected to the Smart Bridging network interface as
if they were connected to the same Ethe rnet segment.
• IP Routin g Netwo rk w i th PP P Dev ices
Uses IP routing to connect two of our products, both us ing PPP. Each sys te m is on a separate
LAN. The configuration for this network is designed to allow th ree different types of accesses.
•IPX Routing Network
A sample netw ork usi ng IPX p rotoc ol to c omm unic ate with r emot e br idge s as we ll as a r emot e
IPX router.
• AppleTalk Network
An Appl e T alk netw o rk ma de up of tw o L ANs, separ a te d by the W AN.
S
IMPLE REMOTE BRIDGING NETWORK
OVERVIEW
This chapter provides an example of a simple network using remote bridge devices to access four
basic rate lines in the CyberSWITCH. Bridges are formed between each of the LANs to which the
remote bridge devices are con nected, and the LAN to whic h the CyberSWITC H is connected.
The following section provides the initial installation steps that would be used with any type of
network in stallation.
INITIAL INSTALLATION STEPS
The initial steps in the CyberS WIT CH insta llati on process ar e basica lly the same no matt er how
complicated the network. These steps are:
• completing the requirement worksheets
•ordering ISDN service
• powering on the sy stem
• accessing Release Notes
• connecti ng an administration console
• setting up Telnet access
• upgrading system s of t wa re
• changing defaults to sec ur e system
• returning configuration to factory defaults
The chapt e rs Accessing the CyberSWITCH and Upgrading System Software (in the User’s Guide)
describe each of these steps in detail .
Worksheets for this network are included on the next few pages.
CONFIGURING THE SIMPLE REMOTE BRIDGE
Because this is a simple bridged network, you only need to fill out the System Details and Bridging
and Routing Information worksheets. The worksheets for Example 1 are on the following pages.
EXAMPLE NETWORKS
SYSTEM DETAILS
System Name:
SITE1
PAP Password:_______________ CHAP Secret:___________________
RESOURCES
Type Slot Switch type Synchronization type
BRI 1 5ESS
Ethernet_1 2
LINES
BRI Lines
Name Slot Port Line type Call screen TEI SPID Di rectory number
Line1 1 1 PPP Auto
Line2 1 2 PPP Auto
Line3 1 3 PPP Auto
Line4 1 4 PPP Auto
PRI Lines
Name Slot Port Framing type Line coding Sig. method Line build-out
V.35 and RS232 Lines
Name Slot Port Device/Net wo rk Idle character
10 CyberSWITCH
BRIDGING
BRIDGING AND ROUTING INFORMATION
S
IMPLE REMOTE BRIDGING NETWORK
Bridging and Routing Information
Bridging
Mode of Operation ❒ restricted ❒ unrestricted
Bridge Filters
Bridge Dial Out/
Known Connect List
IP ROUTING
IP Routin g
Mode of Operation ❒ router
Network Interface Information
LAN Name
Unnu m b e red WA N ❒ need
Remote LAN Name
Tradition al WAN Name
Direct Host WAN Name
IP Host Mode IP address
X
enabled ❒ disabled
X
enabled ❒ disabled
X
IP host
IP address
Mask
❒ don’t need
IP address
Mask
IP address
Mask
IP address
Mask
Mask
192.42.1.6 192.42.1.7
Static Routes
Destination network address Mask Next hop
❒ default?
❒ default?
❒ default?
❒ default?
Workgroup Remote Access Switch 11
EXAMPLE NETWORKS
CONFIGURE THE CYBERSWITCH
Using CFGEDIT, we will guide you through the steps to configure the CyberSWITCH for a simple
remote bridge network. We will execute these steps in the same order as they appear in the
configuration menus.
Start the CFGEDIT configura tion utility . Type the foll owing comm a nd at the system prom p t:
cfgedit
The following Main Menu will then be displayed:
Main Menu:
1) Physical Resources
2) Options
3) Security
4) Save Changes
Select function from above or <RET> to exit:
<return>
C
ONFIGURING THE PHYSICAL RESOURCE INFORMATION
We start with config ur ing the Phys ical Resource informatio n. Press 1 at the Main Menu to display
the Physical Resource Configuration Menu:
Physical Resource Menu:
1) Resources
2) Data Lines
3) Access
4) ISDN Subaddress
Select function from above or <RET> for previous menu:
You may only configure the switch type . Th e rest of the re source information ma y only be
displayed.
We will next add the line in formation . Press 2 at the Physic al Resour ces Menu and pres s 1 to add a
line. First, you will be prompted for the line name. You will then be asked to select which slot and
port you wish to use. We will use LINE1 as the line name, and slot 1, port 1 as the slot and port
combination:
LINE NAME or press <RET> for previous menu: LINE1
Currently available Ports:
SLOT Resource Type Available Ports Switch Type
---- --------------- ----------------- ---------------
1 BASIC_RATE 1, 2, 3, 4 BRI_5ESS
Slot number from above? 1
Port number from Slot 1? 1
You will then be prompted for the line interface type. For our example, we will be using point-to-
point lines. Press 1 as shown below to select this line type.
12 CyberSWITCH
S
IMPLE REMOTE BRIDGING NETWORK
Bridging and Routing Information
LINE TYPE = BR_ISDN
1) POINT_TO_POINT
2) POINT_MULTIPOINT
Select Option [default = POINT_TO_POINT] or press <RET> for previous menu: 1
The next item th at you need to c onfigure is the Dat a Link for t he line. Depending on the switch type,
there may be more than one Data Link per line. In our example, we use one Data Link with
Automatic TEI Negotiat ion:
Current DATA LINK Configuration for this line:
id TEI
-- ----
There are currently no Data Links configured for this line.
Enter (1) to Add or press <RET> for previous menu: 1
Automatic TEI Negotiation (Y or N) [default = Y]? Y
Current Data Link Configuration for this line:
id TEI
-- ----
1 AUTO
(1) Add, (2) Change, (3) Delete a DATA LINK or press <RET> for previous menu? <RET>
After entering the above information, press <return> to display the line menu. Because there are
four lines in this example, the steps for adding a line should be repeated for lines 2, 3, and 4. After
all lines have been added, press <return> twice to return to the Main Menu.
C
ONFIGURING THE OPTIONS
The default configuration for the CyberSWITCH is bridging disabled and IP routing enabled. For
reasons we provide below, we want both bridging and IP routing enabled. Under the Option Menu,
select the bridging option and follow the instructions to enable bridging.
This network is a bridged network, but we are going to configure an IP option (the IP host operating
mode) so that we may use an IP application (such as Telnet, TFTP, or SNMP) to manage the
CyberSWITCH. Refer to the graphic below for clarification.
Workgroup Remote Access Switch 13
EXAMPLE NETWORKS
CSX1200 "A"
POWER
SERVICE
TX
LAN B-CHANNELS E1 ONLY
B17 B19
B9 B11
B5 B7
B13 B15
B1 B3
10BASE - T
RX
E1
D
B18 B20
B10 B12
B6 B8
B14 B16
B2 B4
B29 B31
B21 B23
B25 B27
T1
D
B30 L1
B22 B24
B26 B28
ISDN
IP Host Interface
192.42.1.0
192.42.1.6
CSX1200 "B"
LAN B-CHANNELS E1 ONLY
POWER
B17 B19
B29 B31
B9 B11
B5 B7
B21 B23
B13 B15
B1 B3
SERVICE
B25 B27
10BASE - T
TX
RX
E1
T1
D
D
B18 B20
B30 L1
B10 B12
B6 B8
B22 B24
B14 B16
B2 B4
B26 B28
IP Host Interface
Telnet Client
192.42.1.7
The network illustrated above is a bridged network. Each system, SITE1 and SITE2 have been
configured with all the necessar y bridging informati on. SITE1 and S ITE2 have also been configured
in the IP host operating mode, and each have an IP host interface. This will allow each system to be
managed remotely by the PC using Telnet client software (once the initial configuration has been
completed).
Note that th e IP add ress associated with each sys te m is on the same LAN as the PC. T his does not
have to be the case. As long as the P C h as access to the systems thro ugh their IP addre sses, it can
manage the systems using Telnet (or one of the oth e r IP applications).
The steps below describe the configuration steps needed for the above example:
To enable the IP Host Operating Mode:
1. Select IP Operating Mode fr om the IP configuration menu.
2. Select IP host operating mode.
Note: The IP operating mode can not be set to host unless bridging is enabled.
3. When you select the IP host operating mode, an abbreviated IP configuration will be displayed
(similar to the following ):
IP Menu:
1) IP Routing (Enable/Disable)
2) IP Operating Mode
3) IP Interfaces
4) IP Static Routes
5) RIP (Enable/Disable)
6) IP Static ARP Table Entries
7) Isolated Mode (Enable/Disable)
8) Static Route Lookup via RADIUS (Enable/Disable)
9) IP Address Pool
10) IP Filter Information
11) DHCP Information
Select function from above or <RET> for previous menu:
14 CyberSWITCH
S
IMPLE REMOTE BRIDGING NETWORK
Bridging and Routing Information
To configure the IP host interface:
1. Select IP Interfaces from the IP configuratio n men u.
2. Select to add an interface.
3. Enter the IP address assigned to this interface. For SITE1, this is 192.42.1.6; for SITE2, this is
192.42.1.7.
4. Enter the subne t mask.
5. Ent e r the MTU size.
6. Select the transmit broadcast address.
If IP RIP is enabled, enter the following additional inf orm ation:
7. IP RIP receive control.
8. IP RIP respond con trol.
9. IP RIP v2 authentication control.
10. IP RIP v2 auth e ntication key (required on ly if the IP RIP v2 authentication control has been
config u r e d wi th a value oth e r tha n “No Auth e n tication . “
For more detailed information on the IP host operating mode, refer to the IP Operating Mode section
in the Configuring Basic IP Routing chapter of the User’s Guide .
C
ONFIGURING THE SECURITY
For this network configuration, we require no security. The default configuration is device security
enabled. To make the required configuration change, select Security from the Main Menu. Then
select Security Level. Finally, select No Security.
SAVE CONFIGURATION FILES
We have now configured all of the required information. Press 4 from the Main menu to save the
changes and then press <RET> to exit. Reboot the sy stem to activate your changes.
Workgroup Remote Access Switch 15
EXAMPLE NETWORKS
VERIFY THE INSTALLATION
Steps on how to verify the in stallation are detailed in the System Verification chapter of the User’s
Guide. This section gives an outline of which steps should be executed.
On the CyberSWITCH:
Verify resources are operational
Issue
dr
Look for BRI lin e me ssages
Look for LAN initialized messages
Look for Bridge initializ ed mes s age s
Verify WAN Lin es Av ai lab le
Connect WAN lines
Issue
dr
Look for “Data Link up 1,1” in reports
On each Combinet LAN:
Attempt accessing a r e source on the system LAN. This may require that you reboot your machin e
and proceed through the logon sequence.
command
command
16 CyberSWITCH
R
EMOTE BRIDGING NETWORK WITH SECURITY
OVERVIEW
This example network is a bridged network with Calling Line Id security and Bridge MAC Address
security enabled. The network is configured with two devices. One device will be configured to
require a Bridge MAC Address security password, and one device will not. This network uses BRI
lines.
Worksheets for this network are included on the following pages.
Note that a Hunt Group i s used for the BRI lines pictured in the Network Topology Worksheet.
Remote devi ce s wil l then on ly nee d to con fig ure on e tel ephon e numbe r (t he Hunt Group n umber)
for the CyberSWITCH instead of all four phone numbers. If the first line is busy, the next line is
automatically used, and so on until a free line is found. A Hunt Group number can be arranged
through your Service Provider.
INITIAL INSTALLATION STEPS
The initial steps in the CyberS WIT CH insta llati on process ar e basica lly the same no matt er how
complicated the network. These steps are:
• completing the requirement worksheets
•ordering ISDN service
• powering on the system
• accessing Release Notes
• connecting an administration console
• setting up Telnet access
• upgrading system s of t wa re
• changing defaults to secure syst e m
• returning configuration to factory defaults
The chapt e rs Accessing the CyberSWITCH and Upgrading System Software (in the User’s Guide)
describe each of these steps in detail .
Worksheets for this network are included on the next few pages.
EXAMPLE NETWORKS
NETWORK TOPOLOGY
PC
13135551212
13135552121
Bridge Ethernet Address:
000123456789
Password: JXF30
File Server
13135551111
13135551112
BRI
LAN B-CHANNELS E1 ONLY
POWER
SERVICE
10BASE - T
TX
RX
ISDN
Bridges
B5 B7
B1 B3
B6 B8
B2 B4
B17 B19
B9 B11
B21 B23
B13 B15
E1
D
B18 B20
B10 B12
B22 B24
B14 B16
13135551113
13135551114
Hunt Group Number:
13135551111
B29 B31
B25 B27
T1
D
B30 L1
B26 B28
BRIBRI
13135556789
13135559876
Bridge Ethernet Address:
003456789000
Password: None
18 CyberSWITCH
PC
User Name:
Mike Mann
User Name:
Pat Smith
PC
SYSTEM DETAILS
R
EMOTE BRIDGING NETWORK WITH SECURITY
Initial Installation Steps
System Name:
Remote Bridge
PAP Password:____________ ___ CHAP Secret:_____ ______________
RESOURCES
Type
BRI 1 NI-1
Ethernet_1 2
Slot Switch type Synchronization type
LINES
BRI Lines
Name Slot Port Line type Call
screen
Line1 1 1 PPP Auto 3135551111 13135551111*
Line2 1 2 PPP Auto 3135551113 13135551113*
TEI SPID Directory
3135551112 13135551112*
3135551114 13135551114*
number
PRI Lines
* Hunt Group Number: 13135551111
Name Slot Port Framing type Line coding Sig. method Line build-out
Workgroup Remote Access Switch 19
EXAMPLE NETWORKS
DEVICE INFORMATION
Devi ce N ame:
Mike Mann
Calling (ISDN, FR, etc.) Information X.25 Information
Line Protocol
Base Data Rate SVC
Initial Data Rate
Max Data Rate
Dial-Out Number(s)
Authentication Information
PAP Password DLCI
CHAP Secret
IP Host ID
Bridge Ethernet Address*
Bridge Password*
CLID(s)
* HDLC Bridge only
Protocol fo r th is pa rt ic ul a r devi ce?
HDLC bridge
:
PVC
Frame Relay Information
000123456789
JXF30
13135551212 13135552121
Bridge IP
Bridging enabled? ❒ enabled ❒ disabled IP enabled? ❒ enabled ❒ disabled
Make calls
for bridged data?
For IP RLAN, IP (Sub-)
network number
For IPX RLAN, external
network number
❒ enabled ❒ disabled IP Address
(on WAN link)
Make calls f or IP data? ❒ enabled ❒ disabled
❒ 0.0.0.0 if
unnumbered link
IPX AppleTalk
IPX enabled? ❒ enabled ❒ disabled AppleTalk enabled? ❒ enabled ❒ disabled
Callable by IPX? ❒ enabled ❒ disabled AppleTalk Address
IPXWAN protocol? ❒ enabled ❒ disabled Make calls for
AT data?
IPX routing protocol?
IPX spoofing?
❒ none
❒ RIP/SAP
❒ triggered RIP/SAP
AT Routing Protocol
❒ enabled ❒ disabled
20 CyberSWITCH
R
DEVICE INFORMATION
EMOTE BRIDGING NETWORK WITH SECURITY
Device Information
Devi ce N ame:
Pat Smith
Calling (ISDN, FR, etc.) Information X.25 Information
Line Protocol
Base Data Rate SVC
Initial Data Rate
Max Data Rate
Dial-Out Number(s)
Authentication Information
PAP Password DLCI
CHAP Secret
IP Host ID
Bridge Ethernet Address*
Bridge Password*
CLID(s)
* HDLC Bridge only
Protocol fo r th is pa rt ic ul a r devi ce?
HDLC bridge
:
PVC
Frame Relay Information
003456789000
13135556789 13135559876
Bridge IP
Bridging enabled? ❒ enabled ❒ disabled IP enabled? ❒ enabled ❒ dis abled
Make calls
for bridged data?
For IP RLAN, IP (Sub-)
network number
For IPX RLAN, external
network number
❒ enabled ❒ disabled IP Address
(on WAN link)
Make calls f or IP data? ❒ enabled ❒ disabled
❒ 0.0.0.0 if
unnumbered link
IPX AppleTalk
IPX enabled? ❒ enabled ❒ disabled AppleTalk enabled? ❒ enabled ❒ disabled
Callable by IPX? ❒ enabled ❒ disabled AppleTalk Address
IPXWAN protocol? ❒ enabled ❒ disabled Make calls for
AT data?
IPX routing protocol?
IPX spoofing?
❒ none
❒ RIP/SAP
❒ triggered RIP/SAP
AT Routing Protocol
❒ enabled ❒ disabled
Workgroup Remote Access Switch 21
EXAMPLE NETWORKS
BRIDGING
Bridging X enabled ❒ disabled
Mode of Operation ❒ restricted ❒ unrestricted
Bridge Filters
Bridge Dial Out/
Known Connect List
IP ROUTING
BRIDGING AND ROUTING INFORMATION
IP Routin g
Mode of Operation ❒ router ❒ IP host
Network Interface Information
LAN Name
Unnu m b e red WA N ❒ need
Remote LAN Name
Tradition al WAN Name
Direct Host WAN Name
IP Host Mode IP address
X
enabled ❒ disabled
IP address
Mask
❒ don’t need
IP address
Mask
IP address
Mask
IP address
Mask
Mask
Static Routes
Destination network address Mask Next hop
22 CyberSWITCH
❒ default?
❒ default?
❒ default?
❒ default?
CONFIGURE THE CYBERSWITCH
Note: We are assuming that the softwar e ha s al ready been installed and i s running. Be sure you
are working from the system prompt.
Using the detailed instructions for these steps found in the Simple Remote Bridging chapter,
complete the following configurat ion step s.
Start the Run-Time CFGEDIT program
Select physical resources
Select to add a resource
Select Switch type to be NI-1
Select to add a line
Enter the line name
Select slot and port numbers
Select line interface type of “Poi nt-to-Point”
Add Data Links (Data Link explanati on follows)
Choose Auto TEI Neg otiation
Enter Service Profile ID (SPID) Value
Enter Directory Number for Data Link
Enter Maximum Number of Digits to Verify
Repeat “Add Data Links” for second Data Link
Repeat “Select to add a line” for each additional line
R
EMOTE BRIDGING NETWORK WITH SECURITY
Configure the CyberSWITCH
Data links are handled differently on a NI-1 switch. Some BRI lines have only one phone number
(for the Data Link), but can handle two calls (one for each bearer channel). For NI-1 switches, the
BRI line has two phone numbers (one for each bearer channel), and each phone number has it s own
SPID. You must enter the number of digits to ve rify, so that wh e n the system receiv e s a phone call
it can determine on which bearer to accept the phone call. Refer to the System Details worksheet for
the SPIDs, directory numbers, an d the number of digits to verify.
CONFIGURING THE OPTIONS
The default configuration for the CyberSWITCH is bridging disabled and IP routing enabled. For
reasons we provide below, we want both bridging and IP routing enabled. Under the Option Menu,
select the bridging option and follow the instructions to enable bridging.
This network is a bridged network, but we are going to configure an IP option (the IP host operating
mode) so that we may use an IP application (such as Telnet, TFTP, or SNMP) to manage the
CyberSWITCH. This process was described in the previous chapter (page 13) and will not be
repeated here.
CONFIGURING THE SECURITY
This network has remote devices, and the device information for each of those devices must be
configured. Device security is used, and the remote devices are configured in the on-node
Workgroup Remote Access Switch 23
EXAMPLE NETWORKS
authentication datab a se . Device security using a on-node authent ic a tion database are the default
values.
To begin the security configuration, press 3 at the Main CFGEDIT Menu. The Security Menu will
then be displayed as follow s :
Security Menu:
1) Security Level
2) System Options and Information
3) Device Level Databases
4) User Level Databases (Enable/Disable)
5) Off-node Server Information
6) Network Login Information
Select function from above or <RET> for previous menu:
C
ONFIGURING THE SECURITY LEVEL
From the Security Menu, press 1, Security Level. Then press 2 to enable Device Level Security:
Security Level Menu:
1) No Security
2) Device Level Security
3) User Level Security
4) Device and User Level Security
Select function from above or <RET> for previous menu:
After enabling Devi ce Level Security, return to the Security Menu.
C
ONFIGURING THE SYSTEM OPTIONS AND INFORMATION
The default configuration for System Options is all security options enabled, which is acceptable
for this network. No Syste m I nformation or Administra tion Sessions are re quired. Therefore, no
changes are n ecessary.
C
ONFIGURING THE DEVICE LEVEL DATABASE
From the Secu rity Menu, press 3 to displa y the Device Level Database Menu. To enable the Onnode Device Database, pr e ss 1 and follow the on- screen instructions:
Device Level Databases Menu:
1) On-node Device Database (Enable/Disable)
2) On-node Device Entries
3) Off-node Device Database Location
Select function from above or <RET> for previous menu:
Press 2 to configure the infor mation for our first device, Mike Mann. Press 1 to add a device. You
will first be asked to enter the Device Name:
24 CyberSWITCH
R
EMOTE BRIDGING NETWORK WITH SECURITY
Configure the CyberSWITCH
Device Name? Mike Mann
After the new device name has been specified, a screen similar to the following is displayed.
Device Table Menu: (Device = "Mike Mann")
1) ISDN
2) Frame Relay
3) X.25
4) Authentication
5) IP
6) IPX
7) AppleTalk
8) Bridging
9) Compression
Select function from above or <RET> for previous menu:
Information for the new device may be configured in any order. You have control over how much
information is specified for each device, and the order in which it is entered.
We will begin by specifying the type of device. We need to determine if the device will use ISDN
Line Protoc ol (choic e 1), Frame Relay (choic e 2) , or X. 25 (choice 3 ).T his d evice i s an ISDN devic e, so
we will press 1 for “ISDN Information” from the Device Table Configuration Menu.
The ISDN Configuration Menu will then be displayed with the preconfigured default values:
Device ISDN Menu: (Device = "Mike Mann")
1) ISDN Line Protocol "PPP (Point to Point Protocol)"
2) Base Data Rate "64000 bps"
3) Initial Data Rate "64000 bps"
4) Maximum Data Rate "128000 bps"
5) Dial Out Phone Number(s) ""
6) Subaddress ""
7) Profile Name "Default_Profile"
8) H0 Call Support ENABLED
Select function from above or <RET> for previous menu:
We do not want to use th e default ISDN Line Protocol of PPP. Press 1 to configure this device’s
ISDN line protocol. The device Mike Mann uses HDLC protocol, so we will press 2:
Device ISDN Line Protocol Menu: (Device = "Mike Mann")
1) PPP (Point to Point Protocol)
2) HDLC Bridge
3) IP Host (RFC1294)
Select option to associate with device "Mike Mann",
or "0" to disable ISDN access for this device [default = 1]? 2
The only other item on the Device ISDN Line Protoc ol Menu that thi s type of device nee ds is the
maximum data rate. We will accept the default value of 128,000 bps. No changes are required.
Return to th e Device Tab le Menu.
Workgroup Remote Access Switch 25
EXAMPLE NETWORKS
At the Device Table Menu, press 4 to enter the authe ntication information needed for this device.
The authentication information needed for each device depends on the device type.
For device “Mike Mann,” we opt to configure a bridge Ethernet address (000123456789), we will
assign a bridge password (JXF30), and configure a first and second calling line Id. After the device
authentication has been entered for device “Mike Mann,” the screen will appear as follows:
Device Authentication Menu: (Device = "Mike Mann")
PPP:
1) PAP Password ""
2) CHAP Secret ""
3) Outbound Authentication ENABLED
4) User Level Authentication DISABLED
IP Host (RFC 1294):
5) IP Host Id ""
HDLC Bridge:
6) Bridge Ethernet Address "000123456789"
7) Bridge Password "JXF30"
ISDN:
8) Calling Line Id(s) "13135551212"
"13135552121"
Select function from above or <RET> for previous menu:
Next, enter the device info rma ti on for Pat Smit h. Th is dev ice is also an HDLC bridge , and is
configured using the same type of authentication as device Mike Mann, except we will configure
no password for device Pat Smith . Enter 003456789000 for the bridge Et her net address,
13135556789 for the first calling line Id, and 13135559876 for the second calling line Id.
The following screen will be displayed after information for both devices in our network has been
entered:
CURRENT DEVICE TABLE (Sorted by Device Name in Ascending ASCII Order)
id Device Name
---------------------------1 "Mike Mann"
2 "Pat Smith"
(1) Add, (2) Change, (3) Delete, (4) Display a Device or press <RET> for previous menu?
SAVE CONFIGURATION FILES
We have now configured all of the required information for a bridged system with Calling Line Id
Security and Bridge MAC Add ress Sec urit y enable d. Pr ess 4 at the Mai n menu t o save th e changes.
The old configuration files w ill be stored in the \CON FIG direc tor y with a file extensio n of .BAK
(e.g., the old NODE.NEI file will be called NODE.BAK).
After you sa ve the configuration files, press <RET> to exit the CFGED IT program. Reb oot the
system to a ctivate your changes.
26 CyberSWITCH
VERIFY THE INSTALLATION
Steps on how to verify the in stallation are detailed in the System Verification chapter of the User’s
Guide. This section gives an outline of which steps should be executed.
On the CyberSWITCH:
Verify hardware resources are operational
Issue
dr
Look for BRI line messages
Look for LAN initialized messages
Verify WAN Lin es Av ai lab le
Connect WAN lines
Issue
dr
Look for “Data Link up 1,1” in reports
On eac h HD LC Bridge LAN:
Attempt ac cessing a re source on the Cy berSWITCH LAN. Th is may require th at you reboot
your system and proceed through the logon sequence.
command
command
R
EMOTE BRIDGING NETWORK WITH SECURITY
Verify the Installation
Workgroup Remote Access Switch 27
IP R
OUTING NETWORK
OVERVIEW
This sample network has an IP network with devices accessing the network from their homes.
INITIAL INSTALLATION STEPS
The initial steps in the CyberS WIT CH insta llati on process ar e basica lly the same no matt er how
complicated the network. These steps are:
• completing the requirement worksheets
•ordering ISDN service
• powering on the system
• accessing Release Notes
• connecting an administration console
• setting up Telnet access
• upgrading system s of t wa re
• changing defaults to secure syst e m
• returning configuration to factory defaults
The chapt e rs Accessing the CyberSWITCH and Upgrading System Software (in the User’s Guide)
describe these steps in detail.
Worksheets for this network are included on the next few pages.
NETWORK TOPOLOGY
Initial Installation Steps
LAN 131.1.0.0
IP R
OUTING NETWORK
PC
SITE:
San Fran
File Server
LAN B-CHANNELS E1 ONLY
POWER
SERVICE
TX
RX
PRI
ISDN
10BASE - T
Router 1 131.1.1.16
128.1.1.1
B17 B19
B29 B31
B9 B11
B5 B7
B21 B23
B13 B15
B1 B3
B2 B4
B25 B27
E1
T1
D
D
B18 B20
B30 L1
B10 B12
B6 B8
B22 B24
B14 B16
B26 B28
128.1.1.16
WAN Direct Host Interface and
WAN Interface 192.1.1.1
Host
192.1.1.2
Fred Bear
BRI
Host
192.1.1.3
Ralph Moose
BRIBRI
BRI
Host
Host
128.1.1.3
Todd Jones
128.1.1.2
Jill Smith
Workgroup Remote Access Switch 29
EXAMPLE NETWORKS
SYSTEM DETAILS
System Name:
IP Network
PAP Password:__________ _____ CHAP Se cret: __________ ______ ___
RESOURCES
Type Slot Switch type Synchronization type
BRI 1
Ethernet_1 3
LINES
BRI Lines
Name Slot Port Line type Call screen TEI SPID Di rectory number
line1 1 1 Auto
NTT
PRI Lines
Name Slot Port Framing type Line coding Sig. method Line build-out
30 CyberSWITCH
Loading...