How it Works
Huawei
Loading...
EGW1520A
User Manual
185 pgs3.99 Mb0
Users Guide
22 pgs1.33 Mb0
Users Manual
150 pgs4.6 Mb0
Users Manual
15 pgs209.26 Kb0
Users Manual
200 pgs4.15 Mb0

Huawei EGW1520A User Manual

eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
349
Parameter
Description
IPv4: Internet Protocol version 4, which is the first widely used protocol version and is at the core of standards-based Internet technology.
AppleTalk: A proprietary suite of protocols developed by Apple Inc. to provide communication services for Apple computers, such as file transfer, printing, email, and other network services.
IPX: Internet Packet Exchange (IPX) protocol stack, which is supported by Novell's NetWare operating system.
NetBEUI: Network Basic Input/Output System (NetBIOS) Extended User Interface, which is a non-routable protocol developed for the IBM to transfer NetBIOS messages.
IGMP: Internet Group Management Protocol, which is used by hosts and neighboring routers on IP networks to establish multicast group memberships.
Destination MAC Address
Indicates the destination MAC address. For example, value 00:01:6C:4C:58:FE indicates that the ADSL port filters data frames whose destination MAC addresses are 00:01:6C:4C:58:FE. If this parameter is left blank, the ADSL port filters the destination MAC addresses for all data frames.
Source MAC Address
Indicates the source MAC address. For example, value 90:FB:A6:14:9E:5A indicates that the ADSL port filters data frames whose source MAC addresses are 90:FB:A6:14:9E:5A. If this parameter is left blank, the ADSL port filters the source MAC addresses for all data frames.
Frame Direction
Indicates the direction in which a data frame is transmitted. The options are as follows:
LAN<=>WAN: The ADSL port filters the MAC addresses for data frames that are transmitted mutually between the LAN and WAN ports.
WAN=>LAN: The ADSL port filters the MAC addresses for data frames that are transmitted from the WAN ports to the LAN ports.
LAN=>WAN: The ADSL port filters the MAC addresses for data frames that are transmitted from the LAN ports to the WAN ports.
5. Click to save the settings.
Figure 7-260 shows the configuration result.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
350
Figure 7-260 Configuration result
Value BOTH indicates that the ADSL port filters the MAC addresses for data frames that are transmitted from the LAN port to the WAN port and from the WAN port to the LAN port.
7.6.5 URL Filter
Description
----End
Using the URL filtering feature, an enterprise or a family can prevent its members from visiting certain websites.
Principle At present, contents at many websites are illegal or improper because they are not effectively
supervised or restricted. Therefore, more and more enterprises use the URL access control function to ensure information security and restrict URL access.
As shown in Figure 7-261, URL filtering is used to:
Control access to websites containing content including pornography, terrorism, violence, gambling, or illegal information.
Shield phishing websites to protect employees' privacy.
Shield malicious websites to protect the enterprise's private network from attack.
Provide customized services for enterprises, for example, allow employees to access specified websites.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
351
Figure 7-261 URL filtering
Implementation
The EGW1520 provides the following URL filter modes:
Include URLs in the whitelist can be accessed.
Exclude URLs in the blacklist cannot be accessed.
Configuration
Use either whitelist or blacklist mode.
EGW1520 can filter the whole URL (for example, http://www.example.com) or the keyword in the URL (for example, example.com).
Specification
Maximum number of URLs to be filtered at the same time: 100
Maximum length of each URL: 128 bytes
Full match and partial match
Limitation Wildcards, for example, using * for full match, are not allowed in filtering rules.
Prerequisite You have logged in to the web management system. For details, see 7.7.1 Web Management. Procedure
Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the Filter URL tab.
The page shown in Figure 7-262 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
352
Figure 7-262 Configuring the URL filter (1)
Step 3 Select a URL filter mode, for example, Exclude.
Include URLs in the whitelist can be accessed.
Exclude URLs in the blacklist cannot be accessed.
Step 4 Click to save the filter mode.
The page shown in Figure 7-263 is displayed.
Figure 7-263 Configuring the URL filter (2)
Step 5 Click to add a URL to be filtered.
The page shown in Figure 7-264 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
353
Figure 7-264 Configuring the URL filter (3)
Step 6 Enter the URL to be filtered (a compete URL or keywords) and the port number. The default
port number is 80.
Step 7 Click to save the settings.
Figure 7-265 shows the configuration result.
Figure 7-265 Configuring the URL filter (4)
----End
7.6.6 Virtual Server
After configuring the virtual server, users can access to servers in the private network, and enable services, such as web browsing and FTP download.
Description
A virtual server functions as a public server in the private network. Users in the external network can use services that the virtual server provides (such as web and FTP download services) after accessing the external address obtained from the EGW1520. Figure 7-266 shows the typical network.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
354
Configuration
Figure 7-266 Typical virtual server network
Prerequisites
You have logged in to the web management system. For details, see 7.7.1 Web
Management.
The EGW1520 has been connected to the upstream network and the NAT function has been enabled.
Required services and port numbers have been enabled on the private network.
Procedure
Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the Virtual Server tab.
The page shown in Figure 7-267 is displayed.
Figure 7-267 Configuring a virtual server (1)
Step 3 Click to add a virtual server.
The page shown in Figure 7-268 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
355
Figure 7-268 Configuring a virtual server (2)
Parameter
Description
Select a Service
Indicates the service that is provided by the virtual server, such as the web, mail, and FTP services. The service must be enabled on the internal server(Multiple services can be enabled on a server in the internal network).
Custom Service
Allows you to define a service different from options in the Select a Service drop-down list box. The service that you define must be enabled on the internal server.
Virtual Server IP Address
Indicates the IP address of the internal server, for example,
192.168.1.5.
External Port Start
Indicates the start and end port numbers that the virtual server provides for external users. External users can use the port numbers between the start and end port numbers to access the virtual server. You are advised to use the default value.
External Port End
Protocol
Indicates the transfer protocol used by the virtual server, for example, TCP for the web server.
Type
Indicates the port count used by the internal server.
Step 4 Set parameters according to Table 7-68.
Table 7-68 Parameter description
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
356
Parameter
Description
Single: The internal server uses only one port.
Range: The internal server uses multiple ports. Port numbers on the internal server must be the same as those provided by the virtual server for external access, and you cannot change them.
Internal Port Start
Indicates the start and end port numbers that the internal server provides for external users, which must be the same as the start and end port numbers that the virtual server provides for external users.
Internal Port End
Step 5 Click to save the settings.
Figure 7-269 shows the configuration result.
Figure 7-269 Configuring a virtual server (3)
After the configuration is successful, external users can access the internal server through the EGW1520 WAN port or the ADSL IP address and port number.
----End
Typical Configuration Example
Network Requirements Users access the Internet through EGW1520 and want to configure a web server and an FTP
server on the private network to provide web and FTP download services for external users. The network requirements are as follows:
Connect EGW1520 to the Internet through the WAN port whose IP address is 11.11.11.1.
Configure a web server and an FTP server on the private network, whose IP addresses are 192.168.1.8 and 192.168.1.5 respectively.
After the configuration is complete, external systems can access the internal web server and FTP server.
Typical Network
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
357
Figure 7-270 shows the typical network diagram of the virtual server.
Figure 7-270 Typical network
Procedure
For details on how to configure the web and FTP servers, see the relevant documents.
For details on how to add a virtual server, see Adding a virtual server.
1. Configure the web server software on the server whose IP address is 192.168.1.8 and
enable the port number 80. Configure the FTP server software on the server whose IP address is 192.168.1.5 and enable the port number 21.
For details, see the related user guide.
2. On the web management system, add a virtual server.
Figure 7-271 shows the configuration result.
Figure 7-271 Configuration result
Verification
If an external user enters http://11.11.11.1 in the address box of the Internet Explorer and accesses the web server successfully, the web server is configured successfully. Otherwise, verify the configurations of the web server software and the EGW1520 virtual server.
If an external user enters ftp://11.11.11.1 in the address box of the Internet Explorer and accesses the FTP server successfully, the FTP server is configured successfully. Otherwise, verify the configurations of the FTP server software and the EGW1520 virtual server.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
358
7.6.7 DMZ
Description
An external user must use the IP address that EGW1520 provides for external users (WAN port IP address 11.11.11.1 in this example) to access the internal server.
A virtual server enables external users to access internal servers on the private network. When multiple services are running on internal servers, several virtual servers must be configured. This makes the configuration complicated. To simplify the configuration, configure only the IP addresses for internal servers in the Demilitarized Zone (DMZ). External users can access only the internal servers (such as the WWW and FTP servers) in the DMZ but cannot use the other internal resources. This protects the internal network against illegal access.
The DMZ is deployed between a public network and an enterprise's private network. Some public servers (such as the web server and FTP server) are deployed in the DMZ, as shown in
Figure 7-272. The EGW1520 forwards all access requests from the public network (excluding
those meeting NAT requirements) to the DMZ. This protects the internal network.
Figure 7-272 DMZ implementation
The following uses a web server in the DMZ as an example to describe the DMZ implementation.
1. After receiving external HTTP packets, the EGW1520 checks the packets. If the packets
do not meet NAT requirement, EGW1520 forwards the packets to the DMZ.
2. EGW1520 converts the destination address of request packets to the DMZ web server's
preset IP address, and sends the packets to the DMZ web server.
3. After receiving the request packets, the web server sends response packets to the
computer on the public network. Then NAT is performed.
Configuration
Prerequisites
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
359
You have logged in to the web management system. For details, see 7.7.1 Web
Management.
You have connected to the upstream network and the NAT function has been enabled. For details on how to connect to the upstream network, see 7.2 Connection Modes.
Procedure
Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the DMZ Host tab.
The page shown in Figure 7-273 is displayed.
Figure 7-273 Configuring the DMZ (1)
Step 3 Enter the DMZ host IP address, for example, 192.168.1.5.
Step 4 Click to save the settings.
Figure 7-274 shows the configuration result.
Figure 7-274 Configuring the DMZ (2)
----End
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
360
Typical Example
Networking Requirements Assume that a user who uses the EGW1520 to connect to the Internet wants to deploy a web
server and an FTP server on the intranet to provide website services and FTP resource download services for users on the external network. The network requirements are as follows:
Typical Network
Figure 7-275 shows the typical network.
Figure 7-275 DMZ typical network
The EGW1520 uses a WAN port to connect to the Internet. The IP address of the WAN port is 11.11.11.1.
Deploy a web server and an FTP server on the same computer on the EGW1520's intranet. The IP address is 192.168.1.5.
Configure the DMZ to enable users on the external network to access the web server and FTP server.
Configuration Procedure
For details on how to configure the web and FTP servers, see the relevant documents.
For details on how to configure the DMZ, see Configuration.
1. On the computer whose IP address is 192.168.1.5, configure the web server and the FTP
server. For details, see the related user guide.
2. Configure the DMZ on the web management system.
Figure 7-276 shows the configuration result.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
361
Figure 7-276 Configuration result
Verification
Start the Internet Explorer and enter http://11.11.11.1 in the address box as a user on the external network. If the web server is connected, the configuration is successful. If the web server is not connected, check the IP address setting of the DMZ host on the web server and EGW1520.
Start the Internet Explorer and enter ftp://11.11.11.1 in the address box as a user on the external network. If the FTP server is connected, the configuration is successful. If the FTP server is not connected, check the IP address setting of the DMZ host on the FTP server and EGW1520.
An external user must use EGW1520 external IP address (in this topic, it is the IP address of the WAN port 11.11.11.1) to access internal servers.
7.6.8 Remote Login
This topic describes how to remotely configure and maintain the EGW1520 by connecting to uplink ports (WAN, ADSL, or 3G port).
The EGW1520 provides a public IP address for remote maintenance.
Enabling Remote Login
Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the Remote login tab.
The page shown in Figure 7-277 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
362
Figure 7-277 Configuring remote login
Step 3 Select Enable.
Step 4 Click to save the settings.
----End
Obtaining the Public IP Address of EGW1520
Step 1 On the web management system, choose Management > Status from the navigation tree. Step 2 Click the Network tab.
The page shown in Figure 7-278 is displayed.
Figure 7-278 Obtaining the IP address of EGW1520
Step 3 View the IP address of EGW1520. The IP address in Figure 7-278 is the public IP address of
EGW1520.
----End
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
363
Logging In to EGW1520 Remotely
Step 1 Use the Internet Explorer (6.0 or a later version) on your computer to access the public IP
address of EGW1520.
When you log in to the EGW1520 using HTTP, the EGW1520 automatically changes your login mode to HTTPS to ensure communication security.
If the security level of your browser is not set properly, the system notifies you that the certificate is incorrect, as shown in Figure 7-279.
Figure 7-279 Prompt information
Click to continue your operation. The page shown in Figure 7-280 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
364
Figure 7-280 Logging in to the EGW1520
Step 2 Enter the user name (initial user name is admin) and password (initial password is
Admin@123) and click .
----End
7.7 Operations and Maintenance
The EGW1520 can be managed on web pages or in TR-069 mode.
7.7.1 Web Management
The web management system allows users to set parameters, detect faults, and upgrade devices.
The EGW1520 also supports remote login, from which you can remotely configure and maintain the EGW1520. For details about how to remotely log in to the EGW1520, see 7.6.8 Remote Login.
Prerequisite
Before logging in to the web management system, ensure that the configuration environment is ready.
1. Prepare a PC (maintenance terminal).
The PC must meet the following requirements:
Has the Ethernet adapter installed, supporting TCP/IP.
Has Windows XP or later operating system installed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
365
Has Microsoft Internet Explorer 6.0 or later version without configuring the proxy
server.
Supports the resolution 1024 x 768 or above.
2. The console cables have been connected.
You can connect cables by using either of the following methods according to the network:
Use the straight-through cable to connect the EGW1520 LAN port to the PC network
port.
Use the straight-through cable to connect the EGW1520 LAN port to the PC network
port through the switch or hub.
3. The PC IP address has been set.
The IP addresses of the PC and EGW1520 must be on the same network segment. For example, if IP address of the EGW1520 is 192.168.1.1 (default value), the PC IP address can be set to 192.168.1.x, where x ranges from 2 to 254.
By default, DHCP is enabled on an EGW1520. The PC can use the automatic mode to obtain the IP address.
Background
Procedure
Step 1 Log in to the EGW1520 using Internet Explorer 6.0 or later. The default URL is
Users can access the web management system in the following two modes:
HTTPS The web browser interacts with the EGW1520 using HTTPS, which ensures user
information security.
HTTP The web browser interacts with the EGW1520 using HTTP.
Only HTTPS access mode is enabled on EGW1520 by default. The HTTP access mode can be enabled on the page for configuring the LAN. For details, see Configuring the LAN.
HTTP transmits plain text. Use HTTP to perform web management only in trusted networks.
If only the HTTPS mode is enabled, the system switches to the HTTPS mode automatically when you access the EGW1520 in HTTP mode.
https://192.168.1.1. The page shown in Figure 7-281 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
366
Figure 7-281 Logging in to the web management system (1)
The default IP address of the EGW1520, login user name, and password can be obtained from the label at the bottom of the EGW1520.
After logging in to the web management system, you can change IP address of the EGW1520. For details, see Configuring the LAN.
Step 2 Enter the user name and password, and click Log In.
Administrator: The user name is admin and the password is Admin@123.
Common user: Both the initial user name and password are the internal number of a common user.
Choose Management > Password to change the password after the initial login.
Make a note of your password and keep it in a safe place. Do not share your password with anyone. If you forget your password, press and hold the RESET button on EGW1520 for more than six seconds, and log in to the web management system using the default password Admin@123. The configuration is restored to factory settings.
If you fail to log in to the web management system for 5 consecutive times in 10 minutes, the system locks your PC IP address for 30 minutes.
If you do not perform any operation in 10 minutes after logging in to the web management system, the login times out and the system requires re-login to ensure security.
----End
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
367
7.7.2 TR-069
Description
Principle
The Technical Report 069 (TR-069) is a DSL forum (which was later renamed as broadband forum) technical specification entitled CPE WAN Management Protocol (CWMP). It defines an application layer protocol for remote management of end-user devices.
This topic describes the principle, implementation, specification, and limitation of the TR-069.
The Technical Report 069 (TR-069) is a DSL forum (which was later renamed as broadband forum) technical specification entitled CPE WAN Management Protocol (CWMP). It defines an application layer protocol for remote management of end-user devices. As a bidirectional SOAP/HTTP-based protocol, it provides the communication between customer premises equipment (CPE) and Auto Configuration Servers (ACS). It includes both a safe auto configuration and the control of other CPE management functions within an integrated framework.
Customer premises equipment, such as gateways and set top boxes (STBs) are scattered on the user side. Maintenance personnel need to provide on-site services when configuration modification or troubleshooting is required, which increases management difficulty. TR-069 enables you to manage and maintain user's devices remotely on the network side. Details about the functions that TR-069 provides are as follows:
Implementation
As a CPE, EGW1520 supports TR-069, Figure 7-282 shows TR-069 network.
Configuration management Installs CPE without configurations and modifies parameter settings remotely. Version management Manages CPE software and firmware, for example, download the software version, and
back up and restore the configuration file. Remote monitoring Monitors the CPE status and performance, and queries the CPE status. GUI-based management Manages NEs on the EMS in GUI mode. Alarm management Reports alarms to the EMS and instructs the EMS to delete an alarm in time once the
alarm is cleared.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
368
Figure 7-282 TR-069 network diagram
ACS
Auto-Configuration Server
BRAS
Broadband Remote Access Server
DSLAM
Digital Subscriber Line Access Multiplexer
CPE
Customer Premises Equipment
EGW1520 uses the ADSL port or WAN port to connect to ACS. The preceding figure uses the ADSL port as an example.
Specification
TR-069
TR-098
TR-104
Limitation
N/A
Setting TR-069 Parameters on the ACS
This topic describes how to set TR-069 parameters on the ACS.
TR-069 Connection Parameters
For details about configurations on the ACS, see the related ACS configuration guide. This topic only lists TR-069 parameters for the ACS to connect to EGW1520, as shown in Table
7-69.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
369
Table 7-69 TR-069 connection parameters
Parameter
Description
ACS URL
Indicates the ACS URL. For example, http://www.acs.com.
ACS User Name
Indicates the user name for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS.
ACS Password
Indicates the password for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS.
Connection Request User Name
Indicates the user name for the TR-069 client to authenticate the ACS, which must be the same as the user name on the TR-069 client.
Connection Request Password
Indicates the password for the TR-069 client to authenticate the ACS, which must be the same as the user name on the TR-069 client.
Connection Request URL
Indicates the URL of the TR-069 client. For example, http://192.168.1.1:8081/CPE. 192.168.1.1 is the IP address of the EGW1520 local area network (LAN) gateway.
Setting TR-069 Parameters on the CPE
This topic describes how to set TR-069 parameters on the EGW1520.
Prerequisites
You have logged in to the web management system. For details, see 7.7.1 Web Management.
Procedure
Step 1 On the web management system, choose Management > TR-069 Client from the navigation
tree. The page shown in Figure 7-283 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
370
Figure 7-283 TR-069 client configuration
Parameter
Description
Manufacturer
Indicates the device manufacturer.
Manufacturer OUI
Indicates the organizationally Unique Identifier (OUI) of the manufacturer.
Product Class
Indicates the device model.
Device SN
Indicates the device sequence number.
WAN Interface Used by TR-069 Client
Indicates the WAN port on the TR-069 client connected to the ACS.
ACS URL
Indicates the ACS URL. For example, http://www.acs.com.
ACS User Name
Indicates the user name for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS.
ACS Password
Indicates the password for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS.
Connection Request URL
Indicates the URL of the TR-069 client.
Connection Request User Name
Indicates the user name for the TR-069 client to authenticate the ACS, which must be the same as the user name on the TR-069 client.
Connection Request Password
Indicates the password for the TR-069 client to authenticate the ACS, which must be the same as the
Step 2 Set parameters according to Table 7-70.
Table 7-70 Parameter description
eSpace EGW1520 Enterprise Gateway Product Documentation
7 Feature Description and Implementation
Issue 01 (2012-05-15)
371
Parameter
Description
user name on the TR-069 client.
Manual Trigger
Initiates the session to the ACS manually by clicking Trigger.
Inform
Indicates whether to initiate a session to the ACS periodically.
Inform Interval(Sec)
Indicates the interval to initiate a session to the ACS, in seconds. The default value is 1800.
Result
Step 3 Click to save the settings.
----End
After the EGW1520 is connected to the ACS by using TR-069, use ACS to configure and manage the EGW1520. TR-069 parameters reference lists parameters in the TR-069 data model.
eSpace EGW1520 Enterprise Gateway Product Documentation
8 Diagnosis Mode
Issue 01 (2012-05-15)
372
About This Chapter
This topic describes diagnosis modes for the EGW1520.
8.1 Enabling the Debug Log
This topic describes how to enable the debug log for each process. The system can generate the debug logs for different processes.
8 Diagnosis Mode
8.2 Configuring Traffic Mirroring
This section describes how to configure traffic mirroring to capture packets. Traffic mirroring allows you to use a packet capture tool on the mirroring port to obtain information about packets entering or leaving the monitored port.
8.3 Downloading Black Box Files
This topic describes how to download black box files.
8.4 Pinging IP Addresses
This topic describes how to ping an IP address. Using the ping function, you can ping the peer device of the EGW1520 to check the connection between them.
8.1 Enabling the Debug Log
This topic describes how to enable the debug log for each process. The system can generate the debug logs for different processes.
Large amounts of logs are generated during the EGW1520 running process. By default, the system does not generate the debug logs. To generate the debug logs, enable
the debug log and log generation function, set the log level to debug, and configure the log saving mode. For details, see 9.4 Managing System Logs.
Procedure
Step 1 On the web management system, choose Diagnose > Debug Logs from the navigation tree.
The page shown in Figure 8-1 is displayed.
eSpace EGW1520 Enterprise Gateway Product Documentation
8 Diagnosis Mode
Issue 01 (2012-05-15)
373
Figure 8-1 Enabling the debug logs for each module
Parameter
Description
Output debug-level log in start-up process
Debug logs are generated when the system starts. For example, when you want to debug the system during system startup, enable this function.
Voice services
Debug logs for voice services are generated. For example, when the synchronization server cannot synchronize service data, enable this function.
Network services
Debug logs for network services are generated. For example, when you want to view the IP address obtained by EGW1520 that functions as a client, enable this function.
System management
Debug logs for system management are generated. For example, when you want to view message sending and receiving information in the system, enable this function.
Configuration management
Debug logs for configuration management are generated. For example, when you want to monitor network time synchronization, enable this function.
Step 2 Enable the debug logs for modules according to Table 8-1.
Table 8-1 Parameter description
Step 3 Click to save the settings.
----End
eSpace EGW1520 Enterprise Gateway Product Documentation
8 Diagnosis Mode
Issue 01 (2012-05-15)
374
8.2 Configuring Traffic Mirroring
Item
Description
Monitored port
Port that the mirroring port monitors.
Direction
Direction in which packets are monitored:
IN: Only the packets that the EGW1520 receives on the monitored port are monitored.
OUT: Only the packets that the EGW1520 sends from the monitored port are monitored.
BOTH: The packets that the monitored port receives and sends out are monitored.
Mirroring port
Port that captures packets from the monitored port. As shown in Figure
This section describes how to configure traffic mirroring to capture packets. Traffic mirroring allows you to use a packet capture tool on the mirroring port to obtain information about packets entering or leaving the monitored port.
Procedure
Step 1 On the web management system, choose Diagnose > Packet Mirroring from the navigation
tree. The page shown in Figure 8-2 is displayed.
Figure 8-2 Traffic mirroring
Step 2 Set parameters according to Table 8-2.
Table 8-2 Parameters
eSpace EGW1520 Enterprise Gateway Product Documentation
8 Diagnosis Mode
Issue 01 (2012-05-15)
375
Item
Description
8-2, interface LAN3 captures the incoming and outgoing packets on
interface LAN1.
NOTE
Manage the captured packets carefully.
Step 3 Click to save the settings.
----End
8.3 Downloading Black Box Files
This topic describes how to download black box files. Critical or minor defects that occur during the EGW1520 running process are recorded in
black box files. You can view black box files to analyze system exceptions.
Procedure
Step 1 On the web management system, choose Diagnose > Black Box from the navigation tree.
The page shown in Figure 8-3 is displayed.
Figure 8-3 Downloading black box files
Step 2 Select a black box file to download.
Step 3 Click to save the file to the local host or other hosts on the network as
prompted.
eSpace EGW1520 Enterprise Gateway Product Documentation
8 Diagnosis Mode
Issue 01 (2012-05-15)
376
To delete a black box file, select the file and click .
----End
8.4 Pinging IP Addresses
This topic describes how to ping an IP address. Using the ping function, you can ping the peer device of the EGW1520 to check the connection between them.
Procedure
Step 1 On the web management system, choose Diagnose > Ping Diagnose from the navigation tree.
The page shown in Figure 8-4 is displayed.
Figure 8-4 IPPing Diagnose page
Step 2 Select Bind Interface. Step 3 Set parameters according to Table 8-3.
eSpace EGW1520 Enterprise Gateway Product Documentation
8 Diagnosis Mode
Issue 01 (2012-05-15)
377
Table 8-3 Parameter settings
Parameter
Description
IP/Domain
The IP address that will be pinged.
Packet Length
Size of packets that are sent during the ping operation. The packet size ranges from 20 bytes to 1500 bytes.
Step 4 Click .
The page shown in Figure 8-5 is displayed.
Figure 8-5 Diagnosis result
----End
eSpace EGW1520 Enterprise Gateway Product Documentation
9 System Management
Issue 01 (2012-05-15)
378
About This Chapter
This topic describes how to manage and maintain the EGW1520 in different modes.
9.1 Configuring the System Time
This topic describes how to configure the system time manually and how to synchronize the NTP server time.
9 System Management
9.2 Managing the Configuration File
This topic describes how to back up and load the configuration file.
9.3 Restoring Factory Settings
This topic describes how to restore factory settings.
9.4 Managing System Logs
This topic describes how to manage system logs.
9.5 Viewing Alarms
This topic describes how to view alarms. You can analyze the exceptions occur during system running according to the alarms.
9.6 Viewing Security Logs
This topic describes how to view security logs to query the recent operations.
9.7 Viewing Electronic Labels
You can learn about the device information based on its electronic label.
9.8 Downloading Call Records
This topic describes how to back up call records on the local computer.
9.9 One-Click Download
This topic describes how to use the one-click download function to collect system information. If the system is faulty, you can download system information and send it to the maintenance personnel for fault location.
9.10 Changing the Password
Loading...
+ 155 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use