Lucent Technologies PortMaster User Manual

Download

PortMaster

Configuration Guide

Lucent Technologies

Remote Access Business Unit

4464 Willow Road

Pleasanton, CA 94588

925-737-2100 800-458-9966

May 1998

950-1182D

PortMaster, ComOS, and ChoiceNet are registered trademarks of Lucent Technologies. RADIUS ABM, PMVision, PMconsole, and IRX are trademarks of Lucent Technologies, Inc. ProVision is a service mark of Lucent Technologies, Inc. All other marks are the property of their respective owners.

Disclaimer

Lucent Technologies, Inc. makes no express or implied representations or warranties with respect to the contents or use of this manual, and specifically disclaims any implied warranties of merchantability or fitness for a particular purpose. Lucent Technologies, Inc. further reserves the right to revise this manual and to make changes to its content at any time, without obligation to notify any person or entity of such revisions or changes.

Contents

About This Guide

Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

PortMaster Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

Additional References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

RFCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

ITU-T Recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi

Books . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi

Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii

Document Advisories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii

Contacting Lucent Remote Access Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii

For the EMEA Region . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv

For North America, Latin America, and the Asia Pacific Region . . . . . . . . . . . . . . xxiv

PortMaster Training Courses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv

Subscribing to PortMaster Mailing Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv

1. Introduction

PortMaster Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Preconfiguration Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2

Configuration Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3

Basic Configuration Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4

2. How the PortMaster Works

Booting the PortMaster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

PortMaster Initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

iii

Contents

On-Demand Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4

PortMaster Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4

Port Status and Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5

3. Configuring Global Settings

Setting the System Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2

Setting the Administrative Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2

Setting the Dynamic Host Control Protocol (DHCP) Server . . . . . . . . . . . . . . . . . . . . . . 3-2

How the Cable Modem Telephone Return System Works . . . . . . . . . . . . . . . . . . . . 3-3

Setting the Default Route Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5

Configuring Default Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Configuring Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Using the Host Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7

Setting the Name Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7

Setting the Name Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8

Setting the Domain Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8

Setting the Telnet Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

Using the Telnet Port as a Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

Setting the Number of Management Application Connections . . . . . . . . . . . . . . . . . . . 3-9

Setting System Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

Setting the Loghost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10

Disabling and Redirecting Syslog Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10

Setting Administrative Logins to Serial Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-12

Configuring an IP Address Pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-12

Setting the Reported IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13

Configuring SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13

About the livingston.mib Definition File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-14

Examining the MIB Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-14

iv Configuration Guide for PortMaster Products

Contents

PortMaster Modem Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20

Setting SNMP Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-21

Setting SNMP Read and Write Community Strings . . . . . . . . . . . . . . . . . . . . . . . . . 3-21

Adding SNMP Read and Write Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22

Viewing SNMP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23

Monitoring SNMP Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23

Displaying the Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23

Setting Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24

Adding and Deleting a Static Route for IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24

Adding and Deleting a Static Route for IPX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25

Modifying the Static Netmask Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26

Enabling NetBIOS Broadcast Packet Propagation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29

Setting Authentication for Dial-In Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29

Setting Call-Check Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30

Setting the ISDN Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30

4. Configuring the Ethernet Interface

Setting General Ethernet Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Configuring RIP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Applying Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Setting IP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3

Setting the IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3

Setting the Subnet Mask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Setting the Broadcast Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Enabling or Disabling IP Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Setting Ethernet IPX Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Setting the IPX Network Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Enabling or Disabling IPX Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Setting the IPX Frame Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6

Contents

Configuring Ethernet Subinterfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7

Setting OSPF on the Ethernet Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8

5. Configuring an Asynchronous Port

Asynchronous Port Uses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

General Asynchronous Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Overriding Certain Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Setting the Port Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Parity Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

Setting Databits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

Setting Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

Setting the Dial Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Displaying Extended Port Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Setting the Login Prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Setting the Login Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

Setting an Optional Access Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

Setting Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

Allowing Users to Connect Directly to a Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

Setting a Port as the Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7

Setting the Port Idle Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7

Configuring a PortMaster for Login Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8

Setting the Port Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-9

Setting the Login Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10

Setting the Login Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11

Setting the Terminal Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11

Configuring a Port for Access to Shared Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11

Setting the Device Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-14

Configuring a Port for Network Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15

Network Dial-In-Only Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16

vi Configuration Guide for PortMaster Products

Network Dial-Out-Only Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17

Network Dial-In-and-Out (Two-Way) Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-18

Configuring a Port for a Dedicated Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20

Setting the Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22

Setting the MTU Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22

Setting the Destination IP Address and Netmask . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22

Setting the IPX Network Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22

Configuring RIP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23

Configuring Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23

Setting the PPP Asynchronous Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24

Setting Input and Output Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25

Connecting without TCP/IP Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25

6. Configuring a Synchronous WAN Port

Synchronous Port Uses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1

Contents

Configuring WAN Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4

General Synchronous Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4

Settings for Hardwired Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7

7. Configuring Dial-In Users

Configuring the User Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

Displaying User Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2

Adding Users to the User Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2

Deleting Users from the User Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3

User Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3

Network Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3

Login Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3

Configuring Settings for Network and Login Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4

Setting a Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4

vii

Contents

Setting the Idle Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4

Setting the Session Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4

Configuring Network Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4

Setting the Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5

Setting the User IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5

Setting the Subnet Mask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6

Setting the IPX Network Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6

Configuring RIP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6

Setting the Asynchronous Character Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7

Setting the MTU Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7

Setting the Maximum Number of Dial-In Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8

Setting Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8

Setting Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-9

Specifying a Callback Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-10

Configuring Login Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-10

Setting the Login Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-10

Applying an Optional Access Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11

Setting the Login Service Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-12

Specifying a Callback Telephone Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-13

8. Configuring Dial-Out Connections

Configuring the Location Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1

Creating a Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3

Setting the Connection Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3

Setting the Telephone Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5

Setting the Username and Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5

Setting the Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5

Setting the Destination IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6

Setting the Destination Netmask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6

Setting the IPX Network Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6

viii Configuration Guide for PortMaster Products

Contents

Setting RIP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7

Setting the Dial Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8

Setting the MTU Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8

Configuring Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8

Setting the Idle Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10

Setting Data over Voice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10

Setting CHAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10

Setting the Asynchronous Character Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11

Setting Multiline Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11

Setting the Maximum Number of Dial-Out Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12

Setting Bandwidth-on-Demand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12

Setting Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13

Input Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13

Output Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13

Testing Your Location Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14

9. Configuring Filters

Overview of PortMaster Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1

Filter Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

Filter Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3

How Filters Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4

Creating Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5

Creating IP Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6

Filtering TCP and UDP Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7

Creating IPX Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7

Displaying Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8

Deleting Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8

Example Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9

Simple Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9

Contents

Input Filter for an Internet Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-10

Input and Output Filters for FTP Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-11

Rule to Permit DNS into Your Local Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12

Rule to Listen to RIP Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12

Rule to Allow Authentication Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-13

Rule to Allow Networks Full Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-13

Restrictive Internet Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-13

Restricting User Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-15

10. Using Modems

Null Modem Cable and Signals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1

Modem Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2

Using Automatic Modem Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2

Displaying Modem Settings and Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2

Adding a Modem to the Modem Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3

Associating a Modem with a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6

Configuring Ports for Modem Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7

Setting the Port Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7

Setting Modem Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8

Setting Parity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8

Setting the Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8

Hanging Up a Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-9

11. Configuring the PortMaster 3

Configuring General Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1

Displaying Line Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2

Configuring Line Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2

Setting Channel Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2

Setting the Channel Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3

Setting the Inband Signaling Protocol for T1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3

x Configuration Guide for PortMaster Products

Contents

Setting the Inband Signaling Protocol for E1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-4

Configuring ISDN PRI Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5

Setting the ISDN PRI Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5

Setting the Framing Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5

Setting the Encoding Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6

Setting the Pulse Code Modulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7

Setting the Loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7

Setting the Directory Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7

Using True Digital Modems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8

Setting Digital Modems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8

Hot-Swapping Digital Modem Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9

Setting Digital Modems to Analog Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9

Using Channelized T1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-10

Why Use Channelized T1? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-10

How to Order DS-1 Service from the Telephone Company . . . . . . . . . . . . . . . . . . . 11-10

Configuring the PortMaster 3 for Channelized T1 . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11

Example Channelized T1 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11

Using the T1 Expansion Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12

Clocking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12

Configuring the T1 Expansion Card for Fractional T1 . . . . . . . . . . . . . . . . . . . . . . . 11-13

Troubleshooting the T1 Expansion Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-14

Using Multichassis PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15

Setting Multichassis PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15

Displaying Multichassis PPP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15

Disconnecting a User from a Virtual Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15

Troubleshooting the PortMaster 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-16

12. Using ISDN BRI

Overview of ISDN BRI Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1

Contents

Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3

Configuring ISDN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4

ISDN BRI Switch Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4

Setting the Switch Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5

Service Profile Identifier (SPID) for ISDN BRI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5

Terminal Identifier (TID) for ISDN BRI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6

Directory Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6

Information Elements (IEs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6

Multilink PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-7

Multiple Subscriber Network for an S/T Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8

Port Limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8

Data over Voice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8

ISDN Port Configuration Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-9

ISDN BRI Unnumbered IP Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-9

Configuration Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-9

Configuring the PortMaster in Denver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-11

Configuring the PortMaster in San Francisco . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-15

Testing the Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-20

Troubleshooting an ISDN BRI Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-21

Interpreting ISDN BRI Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-22

13. Using Frame Relay

Overview of Frame Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1

PVCs and DLCIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2

Line Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2

Port Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2

CIR and Burst Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2

Discarding Frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3

Ordering Frame Relay Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3

xii Configuration Guide for PortMaster Products

LMI Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3

Frame Relay Configuration on the PortMaster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4

Enabling LMI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-5

Enabling Annex-D . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-6

Listing DLCIs for Frame Relay Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-6

Configuration Steps for a Frame Relay Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-7

Configuring the PortMaster in Bangkok . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-8

Configuring the PortMaster in New York . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-9

Troubleshooting a Frame Relay Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-11

Frame Relay Subinterfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-12

Configuring Subinterfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-12

Troubleshooting Subinterfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-14

Example: Configuring a Frame Relay Subinterface . . . . . . . . . . . . . . . . . . . . . . . . . . 13-15

14. Using Synchronous V.25bis Connections

Contents

Overview of Synchronous V.25bis Dial-Up Connections . . . . . . . . . . . . . . . . . . . . . . . . . 14-1

Configuration Steps for a Synchronous V.25bis Connection . . . . . . . . . . . . . . . . . . . . . . 14-3

Configuring the PortMaster in Boston . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3

Configuring the PortMaster in Miami . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-7

Testing the Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-12

Troubleshooting a Synchronous V.25bis Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-13

15. Using Office-to-Office Connections

Overview of Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1

Configuration Steps for an Office-to-Office Connection . . . . . . . . . . . . . . . . . . . . . . . . . 15-3

Configuring the Office Router in London . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-4

Configuring the PortMaster in Paris . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-8

Testing the Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-12

Setting the Console Port for Multiline Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . 15-13

xiii

Contents

Using ISDN for On-Demand Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-15

16. Using Internet Connections

Overview of Continuous Internet Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-3

Configuration Steps for an Internet Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-3

Configuring Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-4

Configuring Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-4

Configuring a Dial-Out Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-7

Testing the Continuous Dial-Out Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-8

Testing the Network Hardwired Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-9

Providing Network Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-10

Using ISDN for Internet Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-11

17. Providing User Dial-In Access

Overview of Dial-In Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-1

Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-3

Configuration Steps for Dial-In Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-4

Connecting Modems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-5

Configuring Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-5

Configuring Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-6

Configuring Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-8

Dial-In Login Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-9

Dial-In Network Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-9

Testing the User Dial-In Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-10

18. Accessing Shared Devices

Overview of Shared Device Access Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-1

Host Device Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-1

Network Device Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-2

Configuration Steps for Shared Device Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-4

xiv Configuration Guide for PortMaster Products

Configuring Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-4

Configuring Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-5

Configuring a Network Device for Telnet Access . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-8

19. Using Synchronous Leased Lines

Overview of Leased Line Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1

Configuration Steps for Leased Line Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-3

Configuring the PortMaster Office Router in Rome . . . . . . . . . . . . . . . . . . . . . . . . . 19-4

Configuring the PortMaster Office Router in Florence . . . . . . . . . . . . . . . . . . . . . . . 19-6

Troubleshooting a Leased Line Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-8

A. Networking Concepts

Network Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1

IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1

IP Address Notation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-2

Reserved IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-5

Contents

Private IP Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-5

IP Address Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-6

IPX Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-6

Netmasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-7

Using Naming Services and the Host Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-8

Managing Network Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-9

RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-10

ChoiceNet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-10

B. TCP and UDP Ports and Services

Glossary

Command Index

Subject Index

Contents

xvi Configuration Guide for PortMaster Products

About This Guide

PortMaster® Configuration Guide

The network configuration as well as specific information needed to configure PortMaster products. Review this guide thoroughly before configuring your PortMaster. This guide provides the settings required for the most commonly used PortMaster configurations.

To use this guide you must have successfully installed your PortMaster according to the instructions provided in the relevant installation guide. This guide provides configuration information only.

You can use either of two interfaces to configure the PortMaster:

provides general information about networking and

• Command line interface—use this guide and the

Reference

• PMVision™ graphical user interface (GUI).

This guide assumes you are using the command line interface and provides examples of command line usage.

for more detailed command descriptions and instructions.

Audience

This guide is designed for qualified system administrators and network managers, and for persons with a working knowledge of networking and routing. Appendix A, “Networking Concepts,” provides an overview of network address conventions but is intended as a quick refresher and should not be used as a substitute for careful study of these principles.

Refer to “Additional References” in this Preface for appropriate RFCs and other suggested reading. See the protocols and routing with PortMaster products.

PortMaster Documentation

The following manuals are available from Lucent Technologies. The hardware installation guides are included with most PortMaster products; other manuals can be ordered through your

PortMaster

PortMaster Routing Guide

distributor or directly from Lucent.

PortMaster Command Line

for advanced information on routing

xvii

PortMaster Documentation

The manuals are also provided as PDF and PostScript files on the shipped with your PortMaster.

In addition, you can download PortMaster information and documentation from http://www.livingston.com.

• ChoiceNet® Administrator’s Guide

This guide provides complete installation and configuration instructions for ChoiceNet server software.

• PortMaster Command Line Reference

This guide provides the complete description and syntax of each command in the ComOS command set.

• PortMaster Configuration Guide

This guide provides a comprehensive overview of networking and configuration issues related to PortMaster products.

• PortMaster hardware installation guides

These guides contain complete hardware installation instructions. An installation guide is available for each PortMaster product line—IRX™, Office Router, Communications Server, and Integrated Access Server.

• PMconsole™ for Windows Administrator’s Guide

PortMaster Software CD

This guide covers PMconsole Administration Software for Microsoft Windows, a graphical tool for configuring the PortMaster. The majority of the material in this guide also applies to the UNIX version of PMconsole. Lucent recommends that you use the Java GUI PMVision rather than PMconsole to configure and manage a PortMaster.

• PortMaster Routing Guide

This guide describes routing protocols supported by PortMaster products, and how to use them for a wide range of routing applications.

xviii PortMaster Configuration Guide

• PortMaster Troubleshooting Guide

This guide can be used to identify and solve software and hardware problems in the PortMaster family of products.

• RADIUS Administrator’s Guide

This guide provides complete installation and configuration instructions for Lucent Remote Authentication Dial-In User Service (RADIUS) software.

Additional References

RFCs

Use any World Wide Web browser to find a Request for Comments (RFC) online.

Additional References

RFC 768, RFC 791, RFC 792, RFC 793, RFC 854, RFC 950, RFC 1058, RFC 1112, RFC 1144, RFC 1157, RFC 1166, RFC 1213,

MIB-II

RFC 1256, RFC 1321, RFC 1331,

over Point-to-Point Links

RFC 1332, RFC 1334, RFC 1349, RFC 1413, RFC 1490, RFC 1541, RFC 1542, RFC 1552

User Datagram Protocol Internet Protocol Internet Control Message Protocol Transmission Control Protocol Telnet Protocol Specification Internet Standard Subnetting Procedure

Routing Information Protocol Host Extensions for IP Multicasting Compressing TCP/IP Headers for Low-Speed Serial Links A Simple Network Management Protocol (SNMP) Internet Numbers Management Information Base for Network Management of TCP/IP-based Internets:

ICMP Router Discovery Messages The MD5 Message-Digest Algorithm

The Point-to-Point Protocol (PPP) for the Transmission of Multiprotocol Datagrams

The PPP Internet Protocol Control Protocol (IPCP) PPP Authentication Protocols Type of Service in the Internet Protocol Suite Identification Protocol Multiprotocol Interconnect Over Frame Relay Dynamic Host Configuration Protocol Clarifications and Extensions for the Bootstrap Protocol

, The PPP Internet Packet Exchange Control Protocol (IPXCP)

About This Guide xix

Additional References

RFC 1587, RFC 1597, RFC 1627, RFC 1634, RFC 1661, RFC 1700, RFC 1771, RFC 1812, RFC 1814, RFC 1818, RFC 1824, RFC 1825, RFC 1826, RFC 1827, RFC 1828, RFC 1829, RFC 1877, RFC 1878, RFC 1918, RFC 1965, RFC 1966, RFC 1974 RFC 1990 RFC 1994, RFC 1997, RFC 2003, RFC 2104, RFC 2125,

Control Protocol (BACP)

RFC 2138, RFC 2139, RFC 2178,

OSPF NSSA Options Address Allocations for Private Internets Network 10 Considered Harmful (Some Practices Shouldn’t be Codified) Novell IPX Over Various WAN Media (IPXWAN) The Point-to-Point Protocol (PPP)

Assigned Numbers

A Border Gateway Protocol 4 (BGP-4) Requirements for IP Version 4 Routers Unique Addresses are Good Best Current Practices Requirements for IP Version 4 Routers Security Architecture for the Internet Protocol IP Authentication Header IP Encapsulating Payload IP Authentication Using Keyed MD5 The ESP DES-CBC Transform PPP Internet Protocol Control Protocol Extensions for Name Server Addresses Variable Length Subnet Table for IPv4 Address Allocation for Private Internets Autonomous System Confederations for BGP

BGP Route Reflection, An Alternative to Full Mesh IBGP , PPP Stac LZS Compression Protocol , The PPP Multilink Protocol (MP)

PPP Challenge Handshake Authentication Protocol (CHAP)

BGP Communities Attribute

IP Encapsulation within IP

HMAC: Keyed-Hashing for Message Authentication

The PPP Bandwidth Allocation Protocol (BAP), The PPP Bandwidth Allocation

Remote Authentication Dial In User Service (RADIUS)

RADIUS Accounting

OSPF Version 2

xx PortMaster Configuration Guide

ITU-T Recommendations

The following documents are recommendations of the International Telecommunication Union Telecommunication Standardization Sector (ITU-T), formerly known as CCITT:

Additional References

Books

• Recommendation V.25bis (1988)—

general switched telephone network (GSTN) using the 100-series interchange circuits

• Recommendation V.120 (09/92)—

V-series type interfaces for statistical multiplexing

The Basics Book of ISDN.

Company, 1991. (ISBN 0-201-56368-1)

Building Internet Firewalls.

O’Reilly & Associates, Inc., 1995. (ISBN 1-56592-124-0)

DNS and BIND,

Associates, Inc., 1992. (ISBN 1-56592-236-0)

Firewalls and Internet Security: Repelling the Wily Hacker.

M. Bellovin. Reading, MA: Addison-Wesley Publishing Company, 1994. (ISBN 0-20163357-4) Japanese translation is available (ISBN 4-89052-672-2). Errata are available from ftp://ftp.research.att.com/dist/internet_security/firewall.book.

Internetworking with TCP/IP Volume 1: Principles, Protocols, and Architecture,

E. Comer. Englewood Cliffs, NJ: Prentice-Hall, Inc., 1995. (ISBN 0-13-216987-8)

The ISDN Consultant.

(ISBN 0-13-259052-2)

2nd ed. Paul Albitz and Cricket Liu. Sebastopol, CA: O’Reilly &

Motorola Codex. Reading, MA: Addison-Wesley Publishing

D. Brent Chapman and Elizabeth D. Zwicky. Sebastopol, CA:

Robert E. Lee. Upper Saddle River, NJ: Prentice-Hall, Inc. 1996.

Automatic calling and/or answering equipment on the

Support by an ISDN of data terminal equipment with

William R. Cheswick and Steven

3rd ed. Douglas

ISDN: How to Get a High-Speed Connection to the Internet.

Dunetz. New York, NY: John Wiley and Sons, Inc. 1996. (ISBN 0-47-113326-4)

TCP/IP Network Administration.

1992. (ISBN 0-937175-82-X)

About This Guide xxi

Craig Hunt. Sebastopol, CA: O’Reilly & Associates, Inc.,

Charles Summers and Bryant

Document Conventions

Routing in the Internet.

(ISBN 0-13-132192-7)

TCP/IP Illustrated, Volume 1: The Protocols

Company. 1994. (ISBN 0-201-63346-9)

Internet Routing Architectures

Document Conventions

The following conventions are used in this guide:

Convention Use Examples

Bold font Indicates a user

Italic font Identifies a

Christian Huitema. Prentice Hall PTR, 1995.

. W. Richard Stevens. Addison-Wesley Publishing

. Bassam Halabi. Cisco Press, 1997.

• Enter version to display the version

entry—a command, menu option, button, or key—or the name of a file, directory, or utility, except in code samples.

command-line placeholder. Replace with a real name or value.

number.

• Press Enter.

•Open the permit_list file.

set Ether0 address Ipaddress

•

•Replace OSPF area.

Area

with the name of the

set nameserver [2] Ipaddress

Square brackets ([ ]) Enclose optional

keywords and values in command syntax.

Curly braces ({ }) Enclose a

required choice between keywords and/or values in command syntax.

xxii PortMaster Configuration Guide

•

set S0 destination Ipaddress

•

[Ipmask]

set syslog Logtype {[disabled] [Facility.Priority]}

Convention Use Examples

Document Advisories

Vertical bar (|) Separates two or

more possible options in command syntax.

• set S0|W1 ospf on|off

• set S0 host default|prompt|Ipaddress

Document Advisories

Note – means take note. Notes contain information of importance or special interest.

✍

Caution – means be careful. You might do something—or fail to do something—that

Contacting Lucent Remote Access Technical Support

results in equipment failure or loss of data.

War ning – means danger. You might do something—or fail to do something—that results in personal injury or equipment damage.

The PortMaster comes with a 1-year hardware warranty.

For all technical support requests, record your PortMaster ComOS version number and report it to the technical support staff or your

authorized sales channel partner

New releases and upgrades of PortMaster software are available by anonymous FTP from ftp://ftp.livingston.com.pub/le/.

In North America you can schedule a 1-hour software installation appointment by calling the technical support telephone number listed below. Appointments must be scheduled at least one business day in advance.

About This Guide xxiii

PortMaster Training Courses

For the EMEA Region

If you are an Internet service provider (ISP) or other end user in Europe, the Middle East, Africa, India, or Pakistan, contact your local Lucent Remote Access sales channel partner. For a list of authorized sales channel partners, see the World Wide Web at

http://www.livingston.com/International/EMEA/distributors.html

If you are an authorized Lucent Remote Access sales channel partner in this region, contact the Lucent Remote Access EMEA Support Center Monday through Friday between the hours of 8 a.m. and 8 p.m. (GMT+1), excluding French public holidays.

• By voice, dial +33-4-92-92-48-88.

• By fax, dial +33-4-92-92-48-40.

• By electronic mail (email) send mail to emea-support@livingston.com

For North America, Latin America, and the Asia Pacific Region

Contact Lucent Remote Access Monday through Friday between the hours of 6 a.m. and 6 p.m. (GMT –8).

• By voice, dial 800-458-9966 within the United States (including Alaska and Hawaii), Canada, and the Caribbean, or +1-925-737-2100 from elsewhere.

• By fax, dial +1-925-737-2110.

• By email, send mail as follows:

– From North America and Latin America to support@livingston.com.

– From the Asia Pacific Region to asia-support@livingston.com.

• Using t he World Wid e Web, se e http://www.livingston.com/.

PortMaster Training Courses

Lucent Remote Access offers hands-on, technical training courses on PortMaster products and their applications. For course information, schedules, and pricing, visit the Lucent Remote Access website at http://www.livingston.com, click Services then click Training.

xxiv PortMaster Configuration Guide

and

Subscribing to PortMaster Mailing Lists

Lucent maintains the following Internet mailing lists for PortMaster users:

• portmaster-users—a discussion of general and specific PortMaster issues, including configuration and troubleshooting suggestions. To subscribe, send email to majordomo@livingston.com with subscribe portmaster-users in the body of the message.

The mailing list is also available in a daily digest format. To receive the digest, send email to majordomo@livingston.com with subscribe portmaster-users-digest in the body of the message.

• portmaster-radius—a discussion of general and specific RADIUS issues, including configuration and troubleshooting suggestions. To subscribe, send email to majordomo@livingston.com with subscribe portmaster-radius in the body of the message.

The mailing list is also available in a daily digest format. To receive the digest, send email to majordomo@livingston.com with subscribe portmaster-radius-digest in the body of the message.

Subscribing to PortMaster Mailing Lists

• portmaster-announce—announcements of new PortMaster products and software releases. To subscribe, send email to majordomo@livingston.com with subscribe portmaster-announce in the body of the message. All announcements to this list also go to the portmaster-users list. You do not need to subscribe to both lists.

About This Guide xxv

Subscribing to PortMaster Mailing Lists

xxvi PortMaster Configuration Guide

This chapter discusses the following topics:

• “PortMaster Software” on page 1-1

• “Preconfiguration Planning” on page 1-2

• “Configuration Tips” on page 1-3

• “Basic Configuration Steps” on page 1-4

PortMaster Software

All PortMasters are shipped with the following software:

•ComOS®—The communication software operating system already loaded in Flash RAM on each PortMaster. You can use the ComOS command line interface to configure your PortMaster through a console.

• PMVision—A GUI companion to the ComOS command line interface for Microsoft Windows, UNIX, and other platforms that support the Java Virtual Machine (JVM). Because PMVision also supports command entry, you can use a combination of GUI panels and ComOS commands to configure, monitor, and debug a PortMaster. When connected to one or more PortMaster products, PMVision allows you to monitor activity and edit existing configurations. PMVision replaces the PMConsole interface to ComOS.

Introduction

• pmd or in.pmd—The optional PortMaster daemon software that can be installed on UNIX hosts to allow the host to connect to printers or modems attached to a PortMaster. The daemon also allows the PortMaster to multiplex incoming users onto the host using one TCP stream instead of multiple streams like rlogin. The daemon is available for SunOS, Solaris, AIX, HP-UX, and other platforms.

For installation and configuration instructions, copy the PortMaster software to the UNIX host as described in the

PortMaster Software CD

booklet.

1-1

Preconfiguration Planning

• RADIUS—The RADIUS server, radiusd, runs as a daemon on UNIX systems, providing centralized authentication for dial-in users. The radiusd daemon is provided to customers in binary and source form for SunOS, Solaris, Solaris/X8.6, AIX, HP-UX, IRIX, Alpha OSF/1, Linux, and BSD/OS platforms.

For installation and configuration instructions, see the

• ChoiceNet—ChoiceNet is a security technology invented by Lucent to provide a traffic filtering mechanism for networks using dial-up remote access, synchronous leased-line, or Ethernet connections. When used with RADIUS, ChoiceNet provides exceptional flexibility in fine-tuning the level of access provided to users.

For installation and configuration instructions, see the

Guide

Preconfiguration Planning

Before the PortMaster can be used to connect wide area networks (WANs), you must install the hardware using the instructions in the installation guide for your system.

This configuration guide is designed to introduce the most common configuration options available for PortMaster products. Review this material before you configure your PortMaster and, if possible, answer the following questions:

• What general configuration do you want to implement?

• Do you want to use a synchronous connection to a high-speed line?

• Will your high-speed lines use Frame Relay, ISDN, switched 56Kbps, or PPP?

• If you want dial-on-demand routing, do you want multiline load-balancing?

RADIUS Administrator’s Guide.

ChoiceNet Administrator’s

• Do you want multilink PPP (RFC 1717)?

• Do you want packet filtering for Internet connections?

• Do you want packet filtering for connections to other offices?

• Do you want dial-in users to use SLIP, PPP, or both?

• If you use PPP, do you want PAP or CHAP authentication?

• Are you using a name service—DNS or NIS?

• Have you obtained the necessary network addresses?

1-2 PortMaster Configuration Guide

Configuration Tips

• Are you running IP, IPX, or both?

• Do you want to enable SNMP for network monitoring?

• Do you want dial-in only, dial-out only, or two-way communication on each port?

• What characteristics do you want to assign to the dial-out locations?

• How do you want to configure dial-in users?

• Do you want to use RADIUS to authenticate dial-in users, or the internal user table on the PortMaster?

• Do you want to use ChoiceNet to filter network traffic?

• Do you want to use the console port for administration functions, or do you want to attach an external modem to the port?

• For dial-in uses, do you receive service on analog lines, ISDN BRI, ISDN PRI, channelized T1, or E1?

Many other decisions must be made during the configuration process. This guide discusses the various configuration options and their implications.

Configuration Tips

PortMaster configuration can be confusing because settings can be configured for a port, a user, or a remote location. Use the following tips to determine how to configure your PortMaster:

If You Are Configuring... Then Configure Settings on...

A network hardwired port or hardwired multiline load balancing

One or more ports for dial-out operation

One or more ports for dial-in operation

A callback network user The callback location in the location table, and

Introduction 1-3

The port

Dial-out locations using the location table

Dial-in users using the user table or RADIUS

refer to the location name in the user table

Basic Configuration Steps

The exact PortMaster configuration steps you follow depend upon the hardware you are installing and your network configuration. However, the following general configuration steps are the same for all PortMaster products:

1. Install the PortMaster hardware and assign an IP address and a password as described in the installation guide shipped with your PortMaster.

Note – This guide assumes that you have completed Step 1 and does not give details on

hardware installation or IP address assignment.

✍

2. Boot the system and log in with the administrative password.

You can configure the PortMaster from a terminal attached to the console port, by an administrative Telnet session, or by a network connection.

3. If you want to use PMVision software to configure your PortMaster, install it on a workstation anywhere on your network.

See the PMVision online help for more information.

4. Configure the global settings.

PortMaster global settings are described in Chapter 3, “Configuring Global Settings.”

5. Configure the Ethernet settings, and configure the IP and IPX protocol settings for your network.

PortMaster Ethernet settings are described in Chapter 4, “Configuring the Ethernet Interface.”

6. Configure the asynchronous port(s).

PortMaster asynchronous port settings are described in Chapter 6, “Configuring a Synchronous WAN Port.”

7. Configure the synchronous port(s), if available.

PortMaster synchronous port settings are described in Chapter 6, “Configuring a Synchronous WAN Port.”

8. Configure ISDN BRI connection(s), if available.

1-4 PortMaster Configuration Guide

Basic Configuration Steps

ISDN PRI connection configuration is described in Chapter 11, “Configuring the PortMaster 3.” ISDN BRI connection configuration is covered in Chapter 12, “Using ISDN BRI.”

9. Configure dial-in users in the user table, or configure RADIUS.

The user table is described in Chapter 7, “Configuring Dial-In Users.” If you are using RADIUS security instead of the user table, see the

Guide

10. Configure ChoiceNet, if you are using it.

ChoiceNet is a traffic filtering mechanism for networks using dial-up remote access, synchronous leased-line, or Ethernet. Refer to the more information.

11. Configure dial-out locations in the location table.

The location table is described in Chapter 8, “Configuring Dial-Out Connections.”

12. Configure filters in the filter table.

Once the filters are created, they can be assigned as input or output filters for the Ethernet interface, users, locations, or hardwired ports. Filters are described in Chapter 9, “Configuring Filters.”

RADIUS Administrator’s

ChoiceNet Administrator’s Guide

for

13. Configure OSPF, if you are using this protocol.

OSPF is described in the

14. Configure BGP, if you are using this protocol.

BGP is described in the

15. Troubleshoot your configuration, if necessary, and back it up.

See the

Once you have correctly configured all the settings necessary for your circumstances, your PortMaster is ready to provide communication service and routing for your network.

Introduction 1-5

PortMaster Troubleshooting Guide

PortMaster Routing Guide

for instructions.

Basic Configuration Steps

1-6 PortMaster Configuration Guide

How the PortMaster Works

This chapter summarizes PortMaster operation and capabilities so you can choose how to configure your system. Consult the glossary for definitions of unfamiliar terms.

This chapter discusses the following topics:

• “Booting the PortMaster” on page 2-1

• “PortMaster Initialization” on page 2-3

• “On-Demand Connections” on page 2-4

• “PortMaster Security Management” on page 2-4

• “Port Status and Configuration” on page 2-5

See the instructions.

PortMaster Command Line Reference

Booting the PortMaster

When you start up the PortMaster, it carries out the following functions during the booting process:

1. Self-diagnostics are performed. The results are displayed to asynchronous console port C0 or S0 if the console DIP switch (first from the left, also known as DIP 1) is up.

2. ComOS is loaded.

– If the netboot DIP switch (second from the left, also known as DIP 2) is down,

the PortMaster boots from the ComOS stored in nonvolatile Flash RAM. The PortMaster uncompresses and loads the ComOS into dynamic RAM (DRAM). If a valid ComOS is not found in Flash, the PortMaster attempts to boot from the network as described in the next paragraph.

– If the netboot DIP switch is up, or if a valid ComOS is not found in Flash, the

PortMaster sends a Reserve Address Resolution Protocol (RARP) message to the Ether0 Ethernet interface to find its IP address. If it gets a reply, the PortMaster

for more detailed command descriptions and

2-1

Booting the PortMaster

then attempts to boot itself across the network using the Trivial File Transfer Protocol (TFTP) to download a netbootable ComOS image from the host that replied to the RARP.

The TFTP process begins by transferring the /tftpboot/

address

with the uppercase 8-character hexadecimal expression of the IP address

of the PortMaster and model of PortMaster, as shown in Table 2-1. If /tftpboot/ found, the PortMaster requests /tftpboot/

Tabl e 2-1

Boot Extension PortMaster Model

PM3 PM3

PM2 PM-2, PM-2E, PM-2R, PM-2ER, PM-2i, PM-2Ei

IRX IRX, any model

P25 PM-25

PMO PortMaster Office Router, any model

The netbootable ComOS can also be downloaded via serial cable through the console port. Refer to the

3. The user configuration is loaded from Flash RAM.

4. The IP address is located.

If no address is configured for the Ethernet interface and no address was obtained from netbooting, the PortMaster sends a RARP message to discover its IP address. If the PortMaster receives a reply to the RARP message, its IP address is set in dynamic memory.

Boot Extensions

typ

with the 3-character boot extension describing the

GENERIC.OS

PortMaster Troubleshooting Guide

address.typ

for details.

file, replacing

is not

At this point the PortMaster is fully booted with its configuration loaded into DRAM. This process takes less than a minute. After the PortMaster boots successfully, the status LED is on, blinking off once every 5 seconds. Refer to the hardware installation guide for your PortMaster for the location of the status LED and for troubleshooting procedures if the LED is not behaving as described.

2-2 PortMaster Configuration Guide

PortMaster Initialization

Once the PortMaster has successfully booted, it does the following:

1. Ethernet interfaces are started.

2. Modem initialization strings are sent to asynchronous ports that have modem table entries defined.

3. Network hardwired ports are initiated.

4. Continuous dial-out connections are initiated.

5. On-demand dial-out connections for locations that have routing enabled are initiated, and routing information is exchanged between the PortMaster and those locations.

6. Broadcasting and listening for routing packets are initiated on interfaces configured for routing.

7. TCP connections to PortMaster hosts are established.

8. TCP connections are established to ports configured as host devices by means of the PortMaster device service.

PortMaster Initialization

9. The PortMaster listens for TCP connections to any ports configured as network devices.

10. The PortMaster listens for activity on TCP and UDP ports, such as for administrative Telnet sessions on TCP port 23, PMconsole connections on TCP port 1643, and SNMP requests on UDP port 161.

11. Syslog starts, if configured.

12. RADIUS starts, if configured.

13. ChoiceNet starts, if configured.

The PortMaster is now ready to begin providing service.

How the PortMaster Works 2-3

On-Demand Connections

The PortMaster establishes on-demand connections in the following way:

• When the PortMaster receives packets going to an on-demand location that is suspended (not currently active), it dials out to that location if a line is available.

• If idle timers expire on a connection, the connection is brought down, freeing the port for other uses.

• At regular intervals, packet queues are checked for dial-out locations configured for multiline load balancing to determine if more bandwidth is needed. If it needs more bandwidth, the PortMaster dials out on an additional port and adds that port to the existing interface.

• When users dial in, they are authenticated and provided with their configured service.

PortMaster Security Management

The PortMaster provides security through the user table, or if configured, RADIUS security. When a dial-in user attempts to authenticate at the login prompt, or via PAP or CHAP authentication, the PortMaster refers to the entry in the user table that corresponds to the user. If the password entered by the user does not match, the PortMaster denies access with an “Invalid Login” message. If no user table entry exists for the user and port security is off, the PortMaster passes the user on to the host defined for that port using the selected login service. In this situation, the specified host is expected to authenticate the user.

If port security is on and the user was not found in the user table, the PortMaster queries the RADIUS server if one has been configured. If the username is not found in the user table, port security is on, and no RADIUS server is configured in the global configuration of the PortMaster, access is denied with an “Invalid Login” message. If the RADIUS server is queried and does not respond within 30 seconds (and neither does the alternate RADIUS server), access is denied with an “Invalid Login” message. If security is set to off, any username that is not found in the user table is sent to the port’s host for authentication and login. If security is set to on, the user table is checked first. If the username is not found and a RADIUS server is configured, RADIUS is consulted. When you are using RADIUS security, you must use the

set security

2-4 PortMaster Configuration Guide

command to set security to on.

Port Status and Configuration

Access can also be denied if the specified login service is unavailable—for example, if the PortMaster Login Service has been selected for the user but the selected host does not have the in.pmd PortMaster daemon installed. Access is denied with the “Host Is Currently Unavailable” message if the host is down or otherwise not responding to the login request.

If an access filter is configured on the port and the login host for the user is not permitted by the access filter, the PortMaster refuses service with an “Access Denied” message. If the access override parameter is set on the port, the PortMaster instructs the user to authenticate himself, even though the default access filter is set to deny access.

Refer to the

RADIUS Administrator's Guide

Port Status and Configuration

Use the following command to display the current status, active configuration, and default configuration of each port:

Command> show s0|W1|P0

Table 2-2 describes each possible status. Refer to the for verification information.

for more information about RADIUS.

PortMaster Troubleshooting Guide

How the PortMaster Works 2-5

Port Status and Configuration

Tabl e 2-2

Status Description

IDLE The port is not in use.

USERNAME The data carrier detect (DCD) signal has been asserted and

HOSTNAME The host: prompt has been sent to the port. The PortMaster

PASSWORD The Password: prompt has been sent to the port. The

CONNECTING A network connection is attempting to become established

PortMaster Port Status

observed on the port.

• On older PortMaster expansion cards (ports S10 through S29) and system cards (ports S0 through S9), DCD floats high when nothing is attached to the port.

• On newer cards, in two-way and device environments, DCD is high when the device is busy. When terminals are attached to the device port and modem control is set to off, USERNAME status indicates that the login: prompt has been sent to the port and should be displayed on the terminal. The PortMaster is waiting for a login request.

is waiting for a reply.

PortMaster is waiting for a reply.

on the port.

ESTABLISHED A connection is active on the port.

DISCONNECTING The connection has just ended, and the port is returning to

the IDLE state.

INITIALIZING The modem attached to the port is being initialized by the

modem table.

COMMAND The command line interface is being used on the port.

NO-SERVICE An ISDN port is not receiving service from the telephone

company.

2-6 PortMaster Configuration Guide

Configuring Global Settings

This chapter describes how to configure settings that the PortMaster uses across all its ports and interfaces.

This chapter discusses the following topics:

• “Setting the System Name” on page 3-2

• “Setting the Administrative Password” on page 3-2

• “Setting the Dynamic Host Control Protocol (DHCP) Server” on page 3-2

• “Setting the Default Route Gateway” on page 3-5

• “Configuring Default Routing” on page 3-6

• “Configuring Name Resolution” on page 3-6

• “Setting the Telnet Port” on page 3-9

• “Setting the Number of Management Application Connections” on page 3-9

• “Setting System Logging” on page 3-9

• “Setting Administrative Logins to Serial Ports” on page 3-12

• “Configuring an IP Address Pool” on page 3-12

• “Setting the Reported IP Address” on page 3-13

• “Configuring SNMP” on page 3-13

• “Displaying the Routing Table” on page 3-23

• “Setting Static Routes” on page 3-24

• “Enabling NetBIOS Broadcast Packet Propagation” on page 3-29

• “Setting Authentication for Dial-In Users” on page 3-29

• “Setting Call-Check Authentication” on page 3-30

• “Setting the ISDN Switch” on page 3-30

3-1

Setting the System Name

See the instructions.

PortMaster Command Line Reference

Setting the System Name

The system name is the name that identifies the PortMaster for SNMP queries, IPX protocol routing, and CHAP authentication. Enter a name that is valid for your network. The system name can have up to 16 characters, and appears in place of the Command> prompt on PortMaster products that have it set.

To set the system name, use the following command:

Command> set sysname String

Setting the Administrative Password

The PortMaster is shipped without a password. Press Enter at the password prompt when accessing the PortMaster for the first time. The password is an ASCII printable string of up to 16 characters used to access the PortMaster administration features. Only the administrator can change the password.

To set the password, use the following command

Command> set password [Password]

for more detailed command descriptions and

Using the set password command and pressing Enter resets the password to the default value, which is no password.

Setting the Dynamic Host Control Protocol (DHCP) Server

The set dhcp server command supports the Cable Modem Telephone Return Interface Specification (CMTRIS) developed by the Multimedia Cable Network System (MCNS) Partners Limited. The CMTRIS solves the problem of limited upstream bandwidth in a cable modem system by providing for the use of a standard telephone interface for upstream traffic. Downstream traffic travels on the coaxial cable.

The specification requires that a cable modem be able to use the telephone interface to request and receive the cable interface address and configuration information via a dynamic host control protocol (DHCP) request.

3-2 PortMaster Configuration Guide

Setting the Dynamic Host Control Protocol (DHCP) Server

Use the following command to configure a PortMaster product to forward a DHCP request from a cable modem to the DHCP server:

Command> set dhcp server address

Note – The ComOS does not support DHCP requests over Ethernet (nor requests from

✍

PortMaster OR-U dial-up routers).

How the Cable Modem Telephone Return System Works

After you set the IP address of the DHCP server on the PortMaster product, the cable modem dynamically configures itself so that all subsequent data travels upstream via the telephone interface, and downstream on the coaxial cable.

Figure 3-1, using sample IP addresses, illustrates the series of events that begin upon startup and culminate in the dynamic configuration of the cable modem.

Configuring Global Settings 3-3

Setting the Dynamic Host Control Protocol (DHCP) Server

Figure 3-1

DST 10.66.98.96 SRC

192.168.33.10

DHCP Request

Cable Modem Telephone Return Interface Startup

Internet

IP Packet

WAN

PM3

10.66.98.96

DHCP server

WAN

IP Packet DST 192.168.33.10 SRC

10.66.98.96

DHCP Response Coaxial cable interface address = 172.16.98.67 Configuration info.

asynchronous

IP Packet DST 255.255.255.255 SRC

192.168.33.10

DHCP Request

Telephone interface

PPP connection

192.168.33.10

Cable modem router

Dynamic configuration

172.16.98.67

Coaxial cable interface

Cable Headend

11820024

3-4 PortMaster Configuration Guide

Setting the Default Route Gateway

1. Using the telephone interface, the cable modem dials the PortMaster and establishes a PPP connection. The PortMaster assigns IP address 192.168.33.10 to the telephone interface of the cable modem.

2. Using the telephone interface, the cable modem broadcasts a DHCP request. The destination of the request is 255.255.255.255 and the source is 192.168.33.10.

3. The PortMaster forwards the request to the DHCP server by substituting the IP address of the DHCP server (10.66.98.96) for the broadcast destination address.

4. The DHCP server responds with configuration information for the cable modem and an IP address (172.16.98.67) for the coaxial cable interface on the cable modem.

5. Using the configuration information received from the DHCP server, the cable modem dynamically assigns 172.16.98.67 to the cable interface, and configures the cable modem so that upstream IP packets leave the cable modem via the interface with the IP address of the cable interface (172.16.98.67) as the source address. Because packets now carry the source address of the cable interface, response to these packets travels via the coaxial cable.

The ComOS does not add routes to its table when forwarding or returning DHCP requests. It transparently forwards and returns DHCP requests from dial-in clients to the specified server.

telephone

To view DHCP relaying information, use the set console command followed by the set debug 0x81 command. See the

information.

To disable DHCP reply information, enter the following command:

Command> set dhcp server 0.0.0.0.

The PortMaster does not forward packets to the address 255.255.255.255.

PortMaster Troubleshooting Guide

for debugging

Setting the Default Route Gateway

The default route gateway is the address of a router of last resort to which packets are sent when the PortMaster has no routing information for a packet. The default route gateway is also the destination address the PortMaster selects when it cannot locate the destination of a packet on the local Ethernet segment. You identify the default gateway by its IP address entered in dotted decimal notation. A PortMaster can never be its own default gateway.

Configuring Global Settings 3-5

Configuring Default Routing

You can set a metric between 1 and 15 for the IP and IPX gateways to indicate the hop count associated with the gateway route. The PortMaster uses the hop count value for comparisons if the PortMaster is set to listen for default routes from other routers.

Refer to Appendix A, “Networking Concepts,” for more information about address formats. Refer to the

To set the default gateway, use the following command:

Command> set gateway Ipaddress [Metric]

PortMaster Routing Guide

for more information about routing.

If you do not specify a value for

Configuring Default Routing

As described in the and accept route information as part of RIP messages if routing is turned on. If default routing is on, default routes are sent and accepted as part of the messages.

To configure default routing, use the following command:

Command> set default on|off|broadcast|listen

Table 3-1 describes the results of using each keyword.

Tabl e 3-1

Keyword Description

on The PortMaster broadcasts and listens for default route

off The PortMaster neither broadcasts nor listens for default route

broadcast The PortMaster broadcasts default route information, if it has a

Default Routing Keywords

PortMaster Routing Guide,

information.

information. This is the default.

default route.

Metric

, the PortMaster assumes a default value of 1.

PortMaster products can automatically send

listen The PortMaster listens for default route information.

Configuring Name Resolution

You can use either a network name service or the host table on the PortMaster to map hostnames to IP addresses.

3-6 PortMaster Configuration Guide

Using the Host Table

Each host attached to an IP network is assigned a unique IP address. Every PortMaster supports a local host table to map hostnames to IP addresses. If your network lacks a computer that can perform hostname resolution, the PortMaster allows entries in a local host table. Hostnames are used by the PortMaster only for your convenience when using the command line interface, or if you require users to enter hostnames at the host prompt.

To avoid confusion and reduce administrative overhead, Lucent recommends using the Domain Name System (DNS) or Network Information Service (NIS) for hostname resolution rather than the local host table. The PortMaster always checks the local host table before using DNS or NIS. For information on setting the NIS or DNS name service, refer to “Setting the Name Service” on page 3-7.

Setting the Name Service

The PortMaster can work with network name services such as the Network Information Service (NIS) or the Domain Name System (DNS). Appendix A, “Networking Concepts,” describes these name services. You must explicitly identify any name service used on your network.

Configuring Name Resolution

The PortMaster stores all information by address rather than name. As a result, configuring the name server is useful only if you are using the command line interface for administration or if you prompt a login user for a host. If you are not using either of these features, you do not need to set the name service.

Configuring Global Settings 3-7

Configuring Name Resolution

To set the name service, use the following command:

Command> set namesvc dns|nis

Once the name service is set, you must set the address of your NIS or DNS name server and enter the domain name of your network. See “Setting the Name Server” on page 3-8 for instructions.

Setting the Name Server

The PortMaster supports RFC 1877, which allows remote hosts also supporting RFC 1877 to learn a name server through PPP negotiation. You must provide the IP address of the name server if you use a name service.

You must set a name service before you set a name server. See “Setting the Name Service” on page 3-7. If you are not using a name service, you do not need a name server.

To set the name server, use the following command:

Command> set nameserver Ipaddress

You can set an alternate name server with the following command:

Command> set nameserver 2 Ipaddress

You must set a domain name for your network after you set a name server. See “Setting the Domain Name” on page 3-8.

You can disable the use of a name service by setting the name server’s IP address to

0.0.0.0.

Setting the Domain Name

The domain name is used for hostname resolution. If you are using DNS or NIS, you must set a domain name for your network.

To set the domain name of your network, use the following command:

Command> set domain String

3-8 PortMaster Configuration Guide

Setting the Telnet Port

The Telnet access port can be set to any number between 0 and 65535. The Telnet port enables you to access and maintain the PortMaster using a Telnet connection to this TCP port. If 0 (zero) is used, Telnet administration is disabled. The default value is 23. Ports numbered 10000 through 10100 are reserved and should not be used for this function. Up to four administrative Telnet sessions at a time can be used.

Setting the Telnet Port

To set the Telnet access port to port number

Command> set telnet Tport

Tport

, use the following command:

Using the Telnet Port as a Console Port

If the console port is set from a Telnet session, the current connection becomes the console. This feature is useful for administrators who log in to a port using Telnet and need to access the console for debugging purposes.

Note – Only one Telnet session can receive console messages at a time.

✍

To set the current Telnet access port as a console port, enter the following command:

Command> set console

Setting the Number of Management Application Connections

PMVision, ChoiceNet, and the ComOS utilities pmdial, pmcommand, pminstall, pmreadconf, pmreadpass, and pmreset all use port 1643. In order for more than

one of these applications to connect at the same time, you must set the maximum number of connections to two or higher. The maximum is 10 connections.

To set the maximum number of concurrent connections for management applications into the PortMaster, use the following command:

Command> set maximum pmconsole Number

Setting System Logging

PortMaster products enable you to log authentication information to a system log file for network accounting purposes.

Configuring Global Settings 3-9

Setting System Logging

Setting the Loghost

To set the IP address of the loghost—the host to which the PortMaster sends syslog messages—use the following command:

Note – Do not set a loghost at a location configured for on-demand connections, because doing so keeps the connection up or brings up the connection each time a

✍

syslog message is queued for the syslog host.

Setting the loghost’s IP address to 0.0.0.0 disables syslog from the PortMaster. This change requires a reboot to become effective.

RADIUS accounting provides a more complete method for logging usage information. Refer to the

Disabling and Redirecting Syslog Messages

By default, the PortMaster logs five types of events at the informational (info) priority level using the authorization (auth) facility on the log host. You can disable logging of one or more types of events and change the facility and/or priority of log messages.

Command> set loghost Ipaddress

RADIUS Administrator’s Guide

for more information on accounting.

To disable logging of a type of event, use the following command:

Command> set syslog Logtype disabled

Use the disable—or enable again:

Tabl e 3-2

3-10 PortMaster Configuration Guide

Logtype

Logtype Keyword Description

admin-logins !root and administrative logins.

user-logins Nonadministrative logins; you might want to disable this

packet-filters Packets that match rules with the log keyword.

commands Every command entered at the command line interface.

termination More detailed information on how user sessions terminate.

keyword described in Table 3-2 to identify the type of event you want to

Logtype Keywords

logtype if you are using RADIUS accounting.

Setting System Logging

You can change the facility, the priority, or both, of log messages.

To change the facility or priority of log messages, use the following command. Be sure to separate the

Command> set syslog Logtype Facility.Priority

The facility and priority can be set for each of the five types of logged events listed in Tabl e 3 -2 .

Table 3-3 and Table 3-4 show the keywords used to identify facilities and priorities. Lucent recommends that you use the auth facility or the local0 through local7 facilities to receive syslog messages from PortMaster products, but all the facilities are provided. See your operating system documentation for information on configuring syslog on your host.

Facility

and

Priority

keywords with a period (.).

Tabl e 3-3

Facility Facility Number Facility Facility Number kern user mail daemon auth syslog lpr news uucp

Tabl e 3 -4

Priority Number Typically Used for

emerg 0 System is unusable

alert 1 Action must be taken immediately

crit 2 Critical messages

Syslog Facility Keywords

0 1 2 3 4 5 6 7 8

Syslog Priority Keywords

cron local0 local1 local2 local3 local4 local5 local6 local7

15 16 17 18 19 20 21 22 23

err 3 Error messages

Configuring Global Settings 3-11

Setting Administrative Logins to Serial Ports

Tabl e 3-4

Priority Number Typically Used for

warning 4 Warning messages

notice 5 Normal but significant messages

info 6 Informational messages

debug 7 Debug-level messages

To determine current syslog settings, enter the following command:

Command> show syslog

Syslog Priority Keywords

(Continued)

Setting Administrative Logins to Serial Ports

When you log in using !root, administrative logins to the serial ports are enabled by default. You can disable or enable them by using the following command

Command> set serial-admin on|off

If administrative login is disabled, you can still use port S0 (or C0) by setting the console DIP switch (first from the left, also known as DIP 1) to the up position.

Configuring an IP Address Pool

You can dynamically assign IP addresses to PPP or SLIP dial-in users. By assigning addresses as needed from a pool, the PortMaster requires fewer addresses than if each user is assigned a specific address. When a dial-in connection is closed, the address goes back into the pool and can be reused.

When creating an address pool, you explicitly identify the first address in the sequence of addresses available for temporary assignment. The PortMaster allocates one address in the pool of addresses for each port configured for network dial-in.

To set the value of the first IP address to assign for dial-in ports, use the following command:

Command> set assigned_address Ipaddress

3-12 PortMaster Configuration Guide

The default number of addresses available for the address pool is equal to the number of ports configured for network dial-in. The address pool size is determined during the boot process. You can instead set the number of IP addresses assigned to the pool with the set pool command.

To limit the size of the IP address pool, use the following command:

Command> set pool Number

Note – If you decrease the number of addresses in the pool, you must reboot the PortMaster for the change to take effect.

✍

Setting the Reported IP Address

Some sites require a number of different PortMaster devices to appear as a single IP address to other networks. You can set a reported address different from the Ether0 address. For PPP connections, this address is reported to the outside and placed in the PPP startup message during PPP negotiation. For SLIP connections, this address is reported and placed in the SLIP startup message during SLIP startup.

To set a reported IP address, use the following command:

Setting the Reported IP Address

Command> set reported_ip Ipaddress

Configuring SNMP

The simple network management protocol (SNMP) is an application-layer protocol that allows devices to communicate management information. You can configure the PortMaster to provide network and device information via SNMP to a network management system (NMS). You must have NMS software to use SNMP.

SNMP consists of the following parts:

• SNMP agent (provided in ComOS)

• SNMP manager (not provided)

• Management Information Base (MIB)

SNMP specifies the message format for exchanging information between the SNMP manager and an SNMP agent.

Configuring Global Settings 3-13

Configuring SNMP

About the livingston.mib Definition File

The SNMP agent returns values for management information base (MIB) variables that can be changed or queried by the SNMP manager. The agent gathers information from the MIB, which resides on the target device. MIB information can include device parameters and network status. The agent is capable of responding to requests to get or set data from the manager.

PortMaster products support MIB II variables as specified in RFC 1213, along with a MIB specific to PortMaster products. SNMP management can be enabled for any PortMaster. Lucent Remote Access ships configuration files compatible with various network management packages along with the PMconsole software.

livingston.mib is the MIB definitions file that SNMP tools can read and use to query SNMP agents for information about PortMaster products. The PortMaster extensions to the MIB are located in the latter part of this file under

The livingston.mib file can be found in the SNMP directory of the ComOS software, or on the World Wide Web at: http://www.livingston.com/Forms/one-click- dnload.cgi. To view the file with a browser, scroll down to the Miscellaneous dropdown menu, select SNMP—Livingston MIB, and then click the Download button. When the Download page appears, click the livingston.mib link.

Livingston Extensions

Examining the MIB Structure

The entire management information base (MIB) hierarchy can be represented by a tree structure. In this representation, the unnamed “root” of the tree divides into the following main branches:

• Consultative Committee for International Telegraph and Telephone (CCITT)

• International Organization for Standardization (ISO)

•ISO/CCITT

Each branch and sub-branch in the tree structure is known as an object, and each object is represented by an object name and an object identifier (OID). Figure 3-2 traces the “path” from the ISO branch of the MIB to the

OIDs provide compact representations of object names. An OID shows the position of an object in the MIB hierarchy. As shown in Figure 3-2, the OID for the Livingston MIB is

1.3.6.1.4.1.307.

3-14 PortMaster Configuration Guide

Livingston

MIB.

Configuring SNMP

Figure 3-2

Management Information Base (MIB) Hierarchy

unnamed

CCITT

iso

org

dod

internet

joint

ISO/CCITT

PortMaster Modem Table

Table 3-8, lists the objects in the modem table from the Livingston Extensions section of the MIB. Modem objects are supported only on the PortMaster 3 Integrated Access Server.

Tabl e 3-8

Modem Table

(Continued)

signal

synchronizations

interface

the interface

Object Type Definition

livingstonModemIndex Unique value for each modem interface livingstonModemPortName Textual string containing the name of the serial

interface (for example, S0, S1, and so on) livingstonModemStatus Current state of the modem livingstonModemProtocol Error-correcting protocol being used in the

modem livingstonModemCompression Compression being used in the modem

interface livingstonModemInSpeed Estimate of the modem interface’s current

inbound bandwidth in bits per second livingstonModemOutSpeed Estimate of the modem interface’s current

outbound bandwidth in bits per second

3-20 PortMaster Configuration Guide

Configuring SNMP

Tabl e 3-8

Object Type Definition

livingstonModemInByteCount Total number of bytes received by the modem livingstonModemOutByteCount Total number of bytes transmitted by the

livingstonModemRetrains Number of retrains attempted by the modem livingstonModemRenegotiates Number of renegotiates attempted by the

livingstonModemCalls Number of times a call received by the modem livingstonModemDetects Number of analog calls received by the modem livingstonModemConnects Number of successful calls received by the

Modem Table

(Continued)

Setting SNMP Monitoring

Simple network management protocol (SNMP) monitoring is used to set and collect information on SNMP-capable devices. This feature is most often used to monitor network statistics such as usage and error rate.

If SNMP monitoring is on, the PortMaster accepts SNMP queries. If SNMP monitoring is off, all SNMP queries are ignored.

modem

To turn SNMP monitoring on or off, use the following commands:

Command> set snmp on|off Command> save all Command> reboot

Setting SNMP Read and Write Community Strings

Community strings allow you to control access to the MIB information on selected SNMP devices. The read and write community strings act like passwords to permit access to the SNMP agent information. The read community string must be known by any device allowed to access or read the MIB information. The default read community string is public. The write community string must be known by any device before

Configuring Global Settings 3-21

Configuring SNMP

information can be set on the SNMP agent. The default write community string is private. Community strings must be set on SNMP agents so that configuration information is not changed by unauthorized users.

To use this feature, you must set both a read community string and a write community string for your network.

To set SNMP read and write community strings, use the following command:

Command> set snmp readcommunity|writecommunity String

Note – Use of the default write community string—private—is strongly discouraged.

✍

Because it is the default, it is known to all users and therefore provides no security. Use another value for the write community string.

Adding SNMP Read and Write Hosts

PortMaster products allow you to control SNMP security by specifying the IP addresses of the hosts that are allowed to access SNMP information. The specification of read and write hosts allows another level of security beyond the community strings. If SNMP hosts are specified, each host attempting to access SNMP information must not only possess the correct community string, it must also be on the read or write host list. This additional level of security allows only authorized SNMP managers to access or change sensitive MIB information.

You can also specify a list of hosts allowed to read or write SNMP information. You can permit all hosts or you can deny all hosts.

Note – Permitting all hosts to read and write SNMP information can compromise

✍

security and is not recommended.

To add SNMP read and write hosts, use the following command:

Command> add snmphost reader|writer any|none|Ipaddress

To delete read and write hosts, use the following command:

Command> delete snmphost reader|writer Ipaddress

3-22 PortMaster Configuration Guide

Viewing SNMP Settings

Settings for SNMP monitoring, read and write community strings, and read and write hosts are stored in the SNMP table.

To display the SNMP table, enter the following command:

Command> show table snmp

Monitoring SNMP Alarms

When an interface or modem fails, the SNMP agent traps the error message generated by the failure and sends it to the SNMP Manager.

To view the status of failed modems or interfaces from the command line interface, enter the following command:

Command> show alarm

The output of this command lists alarm messages and associated alarm identification numbers. For details about a specific alarm, enter the following command:

Displaying the Routing Table

Command> show alarm [alarm-id]

To clear alarms from the SNMP alarm table, enter the following command:

Command> clear alarm alarm-id|all

Refer to the

PortMaster Command Line Reference

for more information.

Displaying the Routing Table

Use the following command to display the IP routing table entries:

Command> show routes [String|Prefix/NM]

You can re place

Prefix/NM

Enter the IP address prefix in dotted decimal format and the netmask as a number from 1 to 32, preceded by a slash—for example, /24. The netmask indicates the number of high-order bits in the IP prefix.

Configuring Global Settings 3-23

with an IP address prefix and netmask displays only routes to that destination.

String

ospf or bgp to display only OSPF or BGP routes. Replacing

with

Setting Static Routes

To display the IPX routing table entries, enter the following command:

Command> show ipxroutes

The routes appear in the following order:

1. Default route

2. Host routes

3. Network routes

4. Expired routes that are no longer being advertised

Setting Static Routes

Static routes provide routing information unavailable from the Routing Information Protocol (RIP), Open Shortest Path First (OSPF) protocol, or Border Gateway Protocol (BGP). RIP, OSPF, or BGP might not be running for one of the following two reasons.

• Network administrators choose not to run RIP, OSPF, or BGP.

• Hosts connected to the PortMaster do not support RIP, OSPF, or BGP.

Separate static routes tables are maintained for IP and for IPX, which you display with the show routes and show ipxroutes commands.

You construct a static route table manually on a PortMaster by adding and deleting static routes as described in the following sections. Refer to the information about routing and static routes.

PortMaster Routing Guide

for

Adding and Deleting a Static Route for IP

A static route for IP contains the following items:

• Destination—The IP address prefix of the host or the number of the IPX network

to which the PortMaster will be routing.

• Netmask —The static netmask in use at the destination. See “Modifying the Static

Netmask Table” on page 3-26 for more information about netmasks.

3-24 PortMaster Configuration Guide

✍

Setting Static Routes

• Gateway—The address of a locally attached router where packets are sent for

forwarding to the destination.

• Metric—The number of routers (or hops) a packet must cross to reach its

destination. The metric represents the cost of sending the packet through the gateway to the specified destination.

Note – Never set the gateway for the PortMaster to an address on the same PortMaster; the gateway must be on another router.

Use the following commands to add a static route for IP:

Command> add route Ipaddress[/NM] Ipaddress(gw) Metric Command> save all

Use the following commands to delete a static route for IP:

Command> delete route Ipaddress[/NM] Ipaddress(gw) Command> save all

You can delete only static routes.

Adding and Deleting a Static Route for IPX

A static route for IPX contains the following items:

• Destination—The number of the IPX network to which the PortMaster will be

routing.

• Gateway—The address of a locally attached router where packets are sent for

forwarding to the destination.

For IPX networks, the gateway address consists of 8 hexadecimal digits for the network address, a colon (:) and the node address of the gateway router expressed as 12 hexadecimal digits—for example, 00000002:A0B1C2D3E4F5.

The IPX node address is usually the media access control (MAC) address on a PortMaster.

• Metric—The number of routers (or hops) a packet must cross to reach its

destination. The metric represents the cost of sending the packet through the gateway to the specified destination.

Configuring Global Settings 3-25

Setting Static Routes

• Ticks—The time required to send the packet to its destination. Ticks are measured

Note – Never set the gateway for the PortMaster to an address on the same PortMaster;

the gateway must be on another router.

✍

Use the following commands to add a static route for IPX:

Use the following commands to delete a static route for IPX:

Use the following command to set a static default route for all IPX packets not routed by a more specific route:

Note – You can delete only static routes.

in 50ms increments.The ticks metric is used in addition to the hops metric only on IPX networks.

Command> add route Ipxnetwork Ipxaddress Metric Ticks Command> save all

Command> delete route Ipxnetwork Ipxaddress Command> save all

Command> set ipxgateway Network|Node Metric

✍

Modifying the Static Netmask Table

The netmask table is provided to allow routes advertised by RIP to remain uncollapsed on network boundaries in cases where you want to break a network into noncontiguous subnets. The PortMaster normally collapses routes on network boundaries as described in RFC 1058. However, in certain circumstances where you do not want to collapse routes, the netmask table is available.

Note – Do not use the static netmask table unless you thoroughly understand and need

✍

3-26 PortMaster Configuration Guide

its function. In most circumstances its use is can result from too much use of the netmask table, adversely affecting performance. In most cases it is easier to use OSPF instead of using the netmask table and RIP. Lucent strongly recommends you use OSPF if you require noncontiguous subnets or variablelength subnet masks (VLSMs).

not

necessary. Very large routing updates

Setting Static Routes

For example, suppose the address of Ether0 is 172.16.1.1 with a 255.255.255.0 subnet mask (a class B address subnetted on 24 bits) and the destination of ptp1 is 192.168.9.65 with a 255.255.255.240 subnet mask (a class C address subnetted on 28 bits). If routing broadcast is on, the PortMaster routing broadcast on Ether0 claims a route to the entire

192.168.9.0 network. Additionally, the broadcast on ptp1 claims a route to 172.16.0.0.

Sometimes, however, you want the PortMaster to collapse routes to some bit boundary, other than the network boundary. In this case, you can use the static netmask table. However, RIP supports only host and network routes, because it has no provision to include a netmask. Therefore, if you set a static netmask in the netmask table, the PortMaster collapses the route to that boundary instead, and broadcasts a host route with that value. Other PortMaster routers with the same static netmask table entry convert the host route back into a subnet route when they receive the RIP packet.

This work-around works only if all the products involved are from PortMaster products, with the following two exceptions:

• If you use a netmask table entry of 255.255.255.255. In this case, the routes broadcast as host routes really are host routes, so non-PortMaster routers can use them. Keep in mind that not all routers accept host routes.

• If the non-PortMaster router can convert host routes into subnet routes through some mechanism of its own.

Uses for Static Netmasks

The most common use for the static netmask table is to split a single class C network into eight 30-host subnets for use in assigned pools. Subnetting allows each PortMaster to broadcast a route to the subnet instead of claiming a route to the entire class C network. An example of that use is provided below.

The next most common use for the static netmask table is to allow dial-in users to use specified IP addresses across multiple PortMasters in situations where assigned IP addresses are not sufficient. This use can result in very large routing tables and is not recommended except where no other alternative is possible.

The netmask table can be accessed only through the command line interface. To add a static netmask, use the add netmask command. To delete a static netmask, use the delete netmask command. The show table netmask command shows both dynamic netmasks and static netmasks, marking them accordingly.

Configuring Global Settings 3-27

Setting Static Routes

Note – Static routes use the netmask table entries that are in effect when the routes are added. If the netmask table is changed, the static route must be deleted from the route

✍

table and added again.

Example of Applying Static Netmasks

Note – Lucent recommends that you use OSPF in this circumstance instead of static routes.

This static netmask example assumes the following:

• You have anywhere between 8 and 250 PortMaster routers.

• You assign all the user addresses from the dynamic address assignment pools on the

• You are using 27-bit subnets of these three class C networks 192.168.207.0,

• You are using the 192.168.206.0 network for your Ethernet.

• All PortMaster routers involved are running ComOS 3.1.2 or later.

PortMaster routers.

192.168.208.0, and 192.168.209.0.

• You do not use proxy ARP. Instead, you use your 192.168.206.0 network for the Ethernet, and divide your other networks up among the PortMaster routers.

• Each network provides 30 addresses for the assigned pool of each PortMaster.

To create the subnets defined in this example, enter the following commands on all the PortMaster routers:

Command> set Ether0 address 192.168.206.X (for some value of X) Command> set gateway 192.168.206.Y (where Y points at your gateway) Command> add netmask 192.168.207.0 255.255.255.224 Command> add netmask 192.168.207.0 255.255.255.224 Command> add netmask 192.168.207.0 255.255.255.224 Command> set Ether0 rip on Command> save all

The netmask table collapses routes on the boundaries specified. As a result, if one PortMaster has an assigned pool starting at 192.168.207.33, it broadcasts a host route to

192.168.207.32 instead of broadcasting a route to the 192.168.207.0 network. The other

PortMaster routers consult their own netmask tables and convert that route back into a subnet route to 192.168.207.33 through 192.168.207.32.

3-28 PortMaster Configuration Guide

Enabling NetBIOS Broadcast Packet Propagation

If your gateway on the Ethernet is not a PortMaster product, the netmask table is not supported. However, you can set a static route on the gateway for each of the three destination networks for your assigned pools (192.168.207.0, 192.168.208.0, and

192.168.209.0), pointing at one of the PortMaster routers. The identified PortMaster

then forwards packets to the proper PortMaster.

If you are using an IRX running ComOS 3.2R or later as your gateway, you can configure the netmask table on the router also. This allows your PortMaster to listen to RIP messages from the other PortMaster routers and route directly to each of them.

Enabling NetBIOS Broadcast Packet Propagation

NetBIOS is a programmable entry into the network that enables systems to communicate over multiple media. NetBIOS over IPX uses type 20 broadcast packets propagated to all networks to get and forward information about the named nodes on the network.

NetBIOS uses a broadcast mechanism to get this information because it does not implement a network layer protocol. Before forwarding the packets, the PortMaster performs loop detection as described by the IPX Router Specification available from Novell.

Full NetBIOS protocol compliance requires that the PortMaster be set to propagate and forward type 20 broadcast packets across your IPX network router. When the NetBIOS parameter is on, the PortMaster broadcasts type 20 packets. When the NetBIOS parameter is off, the type 20 packets are not broadcast across the router. The default is off.

To turn NetBIOS on or off, use the following command:

Command> set netbios on|off

Setting Authentication for Dial-In Users

You can configure the PortMaster for three authentication methods, PAP, CHAP, and username/password login.

By default, PAP and CHAP are set to on. Dial-in users are asked to authenticate with PAP when PPP is detected. If users refuse, they are asked to authenticate with CHAP.

Configuring Global Settings 3-29

Setting Call-Check Authentication

If you set PAP to off, and CHAP to on, dial-in users are asked to authenticate with CHAP. PAP authentication is neither requested nor accepted. If you set both PAP and CHAP to off, dial-in users must authenticate with a username/password login.

To set PAP authentication, use the following command:

Command> set pap on|off

To set CHAP authentication, use the following command:

Command> set chap on|off

Setting Call-Check Authentication

You can enable services without authenticating the user at the point of entry on PortMaster products that support PRI or in-band signaling. To enable the call-check feature in the ComOS, you must first configure call-check user entries on the RADIUS server.

To enable call checking on the PortMaster, use the following command:

Command> set call-check on|off

Note – The call-check feature is off by default.

✍

For more information about enabling RADIUS call checking, refer to the ComOS 3.8 Release Notes.

Setting the ISDN Switch

You can configure the switch provisioning for ISDN PRI and BRI connections to PortMaster ISDN ports. See Chapter 11, “Configuring the PortMaster 3,” for details on PRI connections. See Chapter 12, “Using ISDN BRI,” for details on BRI connections.

3-30 PortMaster Configuration Guide

Configuring the Ethernet Interface

This chapter describes how to configure PortMaster Ethernet interfaces and subinterfaces, and includes the following topics:

• “Setting General Ethernet Parameters” on page 4-1

• “Setting IP Parameters” on page 4-3

• “Setting Ethernet IPX Parameters” on page 4-5

• “Configuring Ethernet Subinterfaces” on page 4-7

• “Setting OSPF on the Ethernet Interface” on page 4-8

Before configuring the Ethernet interface, you must make the appropriate Ethernet connection for your needs. Refer to the relevant installation guide for your PortMaster product for information on making the Ethernet connection.

See the instructions.

PortMaster Command Line Reference

Setting General Ethernet Parameters

The commands described in this section allow you to configure your Ethernet interface. In addition to specifying the protocol type (IP, IPX, or both) and address, you must specify any routing and filtering you want on the Ethernet interface.

This subsection describes the general Ethernet settings that apply to your network regardless of the protocol you use.

Configuring RIP Routing

As described in the accept route information as RIP messages.

To configure RIP routing, use the following command:

Command> set Ether0 rip on|broadcast|listen|off

PortMaster Routing Guide

for more detailed command descriptions and

, PortMaster products automatically send and

4-1

Setting General Ethernet Parameters

Note – ComOS releases prior to 3.5 use the keyword routing instead of the rip keyword.

✍

Table 4-1 describes the results of using each keyword.

Tabl e 4-1

Keyword Description

on The PortMaster broadcasts and listens for RIP information

off The PortMaster neither broadcasts nor listens for RIP

broadcast The PortMaster broadcasts RIP information to the local

listen The PortMaster listens for RIP information from the local

See the

Keywords for Configuring RIP Routing

PortMaster Routing Guide

Applying Filters

Filters enable you to control network traffic. After you have created filters in the filter table, you can apply them to the Ethernet interface as either input or output filters. For more information about filters, see Chapter 9, “Configuring Filters.”

from other routers on the local Ethernet. This is the default.

information from the local Ethernet.

Ethernet.

for OSPF and BGP routing configuration instructions.

Filters applied to the Ethernet interface take effect immediately. If you change the filter, the change will not take effect until you set the filter on the interface again or you reboot the PortMaster.

Input Filters

When an input filter is used, all traffic coming into the PortMaster on the Ethernet interface is compared to the input filter rules. Only packets permitted by the filter rules are accepted by the PortMaster.

4-2 PortMaster Configuration Guide

✍

Setting IP Parameters

To apply an input filter to the Ethernet interface, use the following command:

Command> set Ether0 ifilter Filtername

To remove the input filter, omit the filter name when entering the command.

Output Filters

When an output filter is used, all traffic going out of the PortMaster on the Ethernet interface is compared to the output filter rules. Only packets permitted by the filter rules are sent by the PortMaster.

Note – ICMP and UDP packets generated by the PortMaster are never blocked by the output filter.

To apply an output filter to the Ethernet interface, use the following command:

Command> set Ether0 ofilter Filtername

To remove the output filter, omit the filter name when entering the command.

Setting IP Parameters

PortMaster products support both the IP and IPX protocols. When you select a protocol for the Ethernet interface, you must enter certain values appropriate for the selected protocol.

This section describes the IP commands, keywords, and values that must be entered if you select IP protocol support.

Setting the IP Address

During the PortMaster installation process, you set the IP address for the Ethernet interface.

To change the IP address of the Ethernet interface, use the following command:

Command> set Ether0 address Ipaddress

Note – If you change the IP address of the Ethernet interface, you must reboot the PortMaster for the change to take effect.

✍

Configuring the Ethernet Interface 4-3

Setting IP Parameters

Setting the Subnet Mask

The default subnet mask is 255.255.255.0. If you have divided your network into subnets, enter the subnet mask that identifies how your network addresses are divided between the network portion and the host portion.

To set the subnet mask, use the following command:

See Appendix A, “Networking Concepts,” for more information about using subnet masks.

Setting the Broadcast Address

You can define the IP address used as the local broadcast address. The RIP routing protocol uses this address to send information to other hosts on the local Ethernet network. The actual broadcast address is constructed from the IP address of the Ethernet interface and the netmask. The two valid values are high, where the host part of the address is all 1s (such as 192.168.1.255) or low, where the host part of the address is all 0s (such as 192.168.1.0). The PortMaster default is low. The standard for hosts is to broadcast high, but some hosts still use the low broadcast address, including hosts running SunOS 4.x (Solaris 1.x) and earlier.

Command> set Ether0 netmask Ipmask

The broadcast address you set for the Ethernet interface on the PortMaster must match the broadcast address set for other hosts on your local Ethernet segment.

To set the broadcast address, use the following command:

Command> set Ether0 broadcast high|low

Enabling or Disabling IP Traffic

IP traffic is sent and received through the PortMaster Ethernet interface. IP is enabled by default on PortMaster Ethernet ports. If the setting has been changed, you must enable IP on the Ethernet interface of all PortMaster products attached directly to a local Ethernet. Disable IP traffic on this port only if the PortMaster is not attached to a local Ethernet network.

4-4 PortMaster Configuration Guide

To enable or disable IP traffic, use the following command:

Command> set ether0 ip enable|disable

Note – This command is currently available only on the Ether0 port.

✍

Setting Ethernet IPX Parameters

You must set the following values to send IPX traffic on the Ethernet interface. IPX routing is enabled when routing is enabled.

• Network address

•Protocol

•Frame type

Setting the IPX Network Address

Setting Ethernet IPX Parameters

You must identify the IPX network of your local Ethernet segment. An IPX network address is a number entered in hexadecimal format, described in Appendix A, “Networking Concepts.”

To set the IPX network address, use the following command:

Command> set Ether0 ipxnet Ipxnetwork

Note – If you change the IPX network address of the Ethernet interface, you must reboot the PortMaster for the change to take effect.

✍

Enabling or Disabling IPX Traffic

Ethernet IPX traffic is sent and received through the PortMaster Ethernet interface. You may enable IPX on the Ethernet interface on any PortMaster products attached directly to a local Ethernet. Disable IPX traffic on this port only if the PortMaster is not attached to a local Ethernet network.

Configuring the Ethernet Interface 4-5

Setting Ethernet IPX Parameters

To enable or disable IPX traffic, use the following command:

Command> set ether0 ipx enable|disable

Note – This command is available only on the Ether0 port.

✍

Setting the IPX Frame Type

The IPX frame type must be identified and set to the value used on the local IPX network. The frame type identifies the encapsulation method used on your IPX ports. The IPX protocol can be implemented with one of the four commonly used IPX encapsulation and frame types shown in Table 4-2.

Tabl e 4 -2

IPX Frame Type Encapsulation

Ethernet_802.2 Consists of a standard 802.3 media access control (MAC)

Ethernet_802.2_II Not commonly used.

Ethernet_802.3 Consists of a standard 802.3 MAC header followed

Ethernet_II Uses Novell’s Ethernet_II and is sometimes used for

The encapsulation method and frame type were selected when your IPX network servers were installed. The IPX frame type you set on the PortMaster must match the frame type set for your network. Contact your IPX network administrator for information about the frame type used on your network.

To set the IPX frame type, use the following command—entered on one line:

Command> set Ether0 ipxframe ethernet_802.2|ethernet_802.2_ii|ethernet_802.3|ethernet_ii

Novell IPX Encapsulation and Frame Types

header followed by an 802.2 Logical Link Control (LLC) header. This is the default encapsulation used by Novell NetWare 4.0.

directly by the IPX header with a checksum of FFFF. This is the default encapsulation used by Novell NetWare

3.11.

networks that handle both TCP/IP and IPX traffic.

4-6 PortMaster Configuration Guide

Configuring Ethernet Subinterfaces

With the subinterface feature of the ComOS, you can create up to 512 subinterfaces (the total number of interfaces available on a PortMaster) on a single primary Ethernet interface. Because you have the bandwidth of only a single Ethernet interface, however, efficiency begins to degrade significantly when you add more than 8 subinterfaces.

Subinterfacing is essentially the segmenting of a single wire, or port, into multiple IP networks. Instead of subnetting and routing, you can create a subinterface and then set it up as you would a standard Ethernet interface. To avoid routing loops, however, you must be sure not to create two subinterfaces in the same TCP/IP network on the same port. Each Ethernet subinterface must have a unique network.

A drawback to subinterfacing is that it supports static routing only; IPX, RIP, OSPF, packet filtering, and route propagation are not supported on subinterfaces.

You must configure the primary Ethernet interface before adding subinterfaces (see “Setting General Ethernet Parameters” on page 4-1 for details). After you configure the primary Ethernet interface, follow this procedure to add a subinterface.

1. Create a subinterface.

Configuring Ethernet Subinterfaces

Command> add subinterface name

This command adds an entry to the subinterface table, which you can then view with the show subi command. Remove a subinterface from the subinterface table with the del subi command.

2. Associate the subinterface with a physical port.

Command> set subinterface name port-name portlabel

3. Assign an IP address or and IP address and net mask to the subinterface.

Command> set subinterface name Ipaddress [/NM]|[Ipaddress/NM]

You can specify the netmask in the configure the IP address and netmask separately (see the

Reference

4. Set the broadcast for the interface.

Command> set subinterface name broadcast high|low

Configuring the Ethernet Interface 4-7

for details

/NM

or dotted decimal format. You can also

PortMaster Command Line

Setting OSPF on the Ethernet Interface

You can view or modify a subinterface with the ifconfig command (see the

Command Line Reference

must reboot the PortMaster for the changes to take effect.

). If you modify the interface with the ifconfig command, you

Setting OSPF on the Ethernet Interface

You can enable or disable Open Shortest Path First (OSPF) routing protocol on an Ethernet interface.

To set OSPF on the interface, use the following command—entered all on one line:

Command> set Ether0 ospf on|off [cost Number] [hello-interval Seconds] [dead-time Seconds]

The on keyword enables OSPF on the specified Ethernet interface; off disables OSPF on that interface.

You can specify the cost of sending a packet on the interface with a link state metric by using the cost between 1 and 65535; the default is 1.

Routers in OSPF networks continually exchange hello packets with their neighbor routers. You can set the interval that elapses between the transmission of hello packets on the interface by using the hello-interval range from 10 to 120 seconds; the default is 10 seconds.

Number

keyword and value. The

Number

Seconds

metric is a 16-bit number

keyword and value.

Seconds

PortMaster

can

If the PortMaster stops receiving hello packets from a neighbor, it treats that router as inactive, or down. You can specify how long the PortMaster waits for hello packets from neighbors by using the dead-time 40 to 1200 seconds; the default is 40 seconds.

Note – You must set the same cost value, the same hello-interval value, and the same dead-time value on all routers attached to a common network.

Seconds

keyword and value.

Seconds

can range from

✍

To enable acceptance of RIP packets on the OSPF network, use the following command:

Command> set Ether0 ospf accept-rip on|off

See the

4-8 PortMaster Configuration Guide

PortMaster Routing Guide

for more information about OSPF.

Configuring an Asynchronous Port

Each asynchronous port can be configured for several different functions, giving the PortMaster configuration more flexibility. However, each port can carry out only one function at a time. For example, if a port receives a dial-in user login request, this port cannot be used for anything else until the current session is terminated. The port is then available for dial-out use or any other purpose specified when the port was configured.

This chapter discusses the following topics:

• “Asynchronous Port Uses” on page 5-1

• “General Asynchronous Port Settings” on page 5-3

• “Configuring a PortMaster for Login Users” on page 5-8

• “Configuring a Port for Access to Shared Devices” on page 5-11

• “Configuring a Port for Network Access” on page 5-15

• “Configuring a Port for a Dedicated Connection” on page 5-20

• “Connecting without TCP/IP Support” on page 5-25

See the instructions.

PortMaster Command Line Reference

Asynchronous Port Uses

The following examples describe various uses for asynchronous ports.

Connections between Offices. Office-to-office connections can be achieved with either dial-up asynchronous connections or dial-up synchronous connections, depending on your application. Chapter 15, “Using Office-to-Office Connections,” gives an example of a dial-up asynchronous office-to-office connection. Chapter 12, “Using ISDN BRI,” gives an example of a dial-up synchronous office-to-office connection.

Once a PortMaster is installed in each office and connected to the local Ethernet with an AUI, 10Base2, or 10BaseT connector, one or more asynchronous serial ports can be configured to dial another office or a set of offices when network traffic for the specified location exists. The two most common configurations are a star where multiple branch

for more detailed command descriptions and

5-1

Asynchronous Port Uses

offices dial into a central hub that routes among them, and a mesh where every office can speak to any other office on demand. Intermediate configurations between star and mesh are also possible.

To add network bandwidth on-demand, additional ports can be configured for loadbalancing. These ports can be configured to connect to a location when the network traffic exceeds a specific level. In this configuration, multiple ports are connected during times of heavy traffic, thereby adding bandwidth as needed, and are disconnected when traffic drops.

Connections to the Internet. You can set an asynchronous port for a continuous connection to an Internet service provider (ISP) by configuring it for continuous dialout. In this configuration if the dial-out line is dropped, the PortMaster automatically reestablishes the connection.

Connecting to the Internet should include packet filtering and security to ensure that access to the local network is restricted.

Chapter 16, “Using Internet Connections,” gives an example of an asynchronous continuous dial-out connection to the Internet.

Logging in to Remote Hosts. Communication servers are most commonly used to allow remote users to dial in to a network location and access a host with their local account. This configuration is also used by ISPs that provide many users access to shell accounts. PortMaster asynchronous ports can be configured for login by dial-in users. When users dial in, they are connected to a modem, are allowed to log in, and are then connected to a specified host for the current session.

Chapter 17, “Providing User Dial-In Access,” gives an example of an asynchronous remote log-in connection.

Dial-In Network Connectivity. A PortMaster asynchronous port can provide PPP or SLIP service to a dial-in user, allowing the user to route TCP/IP traffic across a modem to access the local network or the entire Internet. If the port is running PPP, the user can also route IPX traffic in this way. This configuration is very heavily used by ISPs and by corporations with remote users running client/server applications that require to access central hosts from home, field offices, or on the road.

Chapter 17, “Providing User Dial-In Access,” gives an example of an asynchronous dialin connection.

Sharing Devices across the Network. PortMaster asynchronous ports can be configured to allow network hosts access to shared devices connected directly to the PortMaster. If the network host is running the PortMaster in.pmd daemon, a

5-2 PortMaster Configuration Guide

connection can be established to a specified port on the PortMaster. Once the connection is established, the connected device such as a printer or modem can be accessed as if it were connected directly to the host.

Ports can also be configured to be accessed by programs using TCP/IP sockets, or by Telnet from the network.

Chapter 18, “Accessing Shared Devices,” gives an example of sharing devices across a network.

General Asynchronous Port Settings

Certain settings must be configured for every asynchronous port, regardless of the port type and configuration you select.

Overriding Certain Port Settings

If you configure a port as a host device, you can specify that the host device can override certain port settings. This feature allows the host running in.pmd to alter the active parameters through software control, by using operating system I/O calls (ioctl calls in UNIX). The settings that the host can override are speed, parity, databits, and flow control. These settings can be changed by the host using an ioctl() system call. All overrides are turned off by default. If you want to allow a host to override a port setting, turn override for the parameter on.

General Asynchronous Port Settings

You can override the settings for all asynchronous commands by using the set all override command.

To turn override on for a particular parameter, use the following command:

Setting the Port Speed

Modern modems should be set to run at a fixed rate. To define a fixed rate, lock the data terminal equipment (DTE) rate by setting all three speeds to the same value.

You can set the speed for all the asynchronous ports simultaneously by using the set all speed command.

Configuring an Asynchronous Port 5-3

General Asynchronous Port Settings

To set the port speed, use the following command—entered on one line:

Command> set S0|all speed [1|2|3] Speed

You can set

300 1200 4800 19200 57600 115200

600 2400 9600 38400 76800

speed

to any of the following standard modem speed settings:

Parity Checking

Parity checking is off by default.

Setting Databits

You can set the number of databits per byte for a single asynchronous port or all asynchronous ports. The default (8) is the most common.

You can set the databits for all the asynchronous ports simultaneously by using the set all databits command.

o set databits, use the following command:

Command> set S0|all databits 5|6|7|8

Setting Flow Control

The PortMaster can use either software or hardware flow control to communicate with the attached device to start and stop the flow of data. Because hardware flow control is more reliable, Lucent recommends that you set software flow control to off and hardware flow control to on.

To set software flow control to off, use the following command:

Command> set S0|all xon/xoff off

To set hardware flow control to on, use the following command:

Command> set S0|all rts/cts on

5-4 PortMaster Configuration Guide

Setting the Dial Group

You can create modem pools for dial-out connections by associating ports and dial-out locations with dial groups. Dial groups can be used to reserve ports for dial-out to specific locations, or to differentiate among different types of modems that are compatible with the remote location. Dial groups are numbered 0 to 99. The default dial group is 0.

To assign a port to a dial group, use the following command:

Command> set S0 group Group

Displaying Extended Port Information

The PortMaster can display port information in brief or extended modes. The default setting is off.

To enable or disable extended information for a port, use the following command:

Command> set S0 extended on|off

General Asynchronous Port Settings

Note – This command only affects the display of port information. It does not affect port behavior.

✍

Setting the Login Prompt

You can set a custom login prompt for each port using any valid ASCII characters. The default login prompt is $ login prompt is marketing login:. Double quotation marks and control characters must not be used inside the login prompt.

To set a login prompt for a port, use the following command:

Command> set S0 prompt String

For example

Command> set s1 prompt marketing

Configuring an Asynchronous Port 5-5

hostname

General Asynchronous Port Settings

Setting the Login Message

The PortMaster allows you to specify a message for each port, up to 240 characters long, that is displayed to the user before login. To insert a new line, use a caret (^). Do not include double quotation marks within the message.

To set a login message for a port, use the following command:

Command> set S0 message String

For example:

Command> set s1 prompt Welcome to the FTP Server

Setting an Optional Access Filter

An access filter can provide additional login security. To enable access security, you must define an access filter as described in Chapter 9, “Configuring Filters.”

Setting Port Security

Port security requires that each username be found in the user table or in the RADIUS database. If port security is on, all users who log in must have their usernames verified before they are allowed to connect to the specified host.

If security is turned off, any user not found in the user table is passed through to the host for authentication. If you are using RADIUS authentication, security must be turned on.

To turn security for a port on or off, use the following command:

Command> set S0 security on|off

Allowing Users to Connect Directly to a Host

With the automatic login feature, you can set up users so that they connect directly to a specified host without receiving a login prompt. When you set the set autolog command, the PortMaster product automatically substitutes that username for the login prompt and starts the host session.

5-6 PortMaster Configuration Guide

String

to a username with

To enable automatic login for a particular user on a particular port, use the following command:

Command> set S0 username|autolog String

Setting a Port as the Console

You can set any asynchronous port to be the console for administrative functions such as configuring the PortMaster. The set console command takes effect immediately. If you use the save console command, the port remains the console even after the current session is ended.

To set a port as the console port, use the following command:

Command> set console S0

Setting the Port Idle Timer

The idle timer is used to control how long the PortMaster waits after activity stops on a port before disconnecting a dial-in connection, and how long the PortMaster should wait for a response to a login, password, or host prompt.

General Asynchronous Port Settings

You can set the idle time in seconds or minutes, to any value from 0 to 240. The default setting is 0 minutes.

If set to the special value of 1 second, a dial-in user has 5 minutes to respond to a login, password, or host prompt. If the user does not respond, the port resets, making it available to another user. Setting the idle time to 1 second turns off the idle timer after the user logs in.

Note – The idle time special value of 1 second applies only to asynchronous ports that

✍

Configuring an Asynchronous Port 5-7

have modem control turned on with the set S0 cd on command. Ports that are in the command state—with an administrator logged on—are not timed out with the special value of 1 second. In ComOS releases earlier than 3.5, the idle time special value is 1 minute.

You can set the idle time of all the ports simultaneously by using the set all idletime command.

Configuring a PortMaster for Login Users

To enable the idle timer and set a timeout value, use the following command:

Command> set S0 |all idletime Number [minutes|seconds]

To disable the idle timer, set it to 0.

Configuring a PortMaster for Login Users

A PortMaster can be configured to allow dial-in users to log in to a specified host. This configuration is called user login. In user login mode, the user is prompted for his or her login name after the attached modem answers and completes rate negotiation. Once the user is identified as a valid user through the user table or RADIUS security, a login session is established on the host specified for the asynchronous port.

Figure 5-1

User Login Configuration

serial

connection

PortMaster

host sales

11820001

In Figure 5-1 the user named the host named

sales

, which has been specified as the host for this port.

user susan

workstation 1

susan

is verified as an authorized user and is connected to

workstation 2

5-8 PortMaster Configuration Guide

Configuring a PortMaster for Login Users

To configure a PortMaster for user login, use the following steps. These steps are described in more detail in later sections.

1. Set the port type to login.

Command> set S0 login

2. Set the login service.

Command> set S0 service_login portmaster|rlogin|telnet|netdata [Tport]

3. Set the login host.

4. Specify the terminal type.

Command> set S0|all termtype String

5. Reset the port and save the settings.

Command> reset S0 Command> save all

Setting the Port Type

If you use the set S0 login command, the port is set for user login. After being verified or authenticated, a login session is established to the host computer.

You can set the port type to login for all asynchronous ports simultaneously by using the set all command as shown in the following example:

Command> set all login

Configuring an Asynchronous Port 5-9

Configuring a PortMaster for Login Users

Setting the Login Service

The login service specifies how login sessions are established. Table 5-1 describes the four types of login services available.

Tabl e 5-1

portmaster PortMaster is the default login service and can be used to

rlogin The remote login service rlogin uses the rlogin protocol to

telnet Telnet is supported on most TCP/IP hosts. This login service

netdata The netdata login service creates a virtual connection

Types of Login Service

access any host that has the PortMaster in.pmd daemon installed. This type of login service is preferred because it makes the PortMaster port operate like a serial port attached to the host. This service is the most cost effective in terms of host resources.

establish a login session to the specified host. Generally, rlogin is used on mixed UNIX networks where the PortMaster login service is impractical to use.

should be selected when the PortMaster and rlogin protocols are not available.

The default port number is 23.

between the PortMaster port and another serial port on another PortMaster, or between the PortMaster port and a host. This login service creates a clear channel TCP connection. To connect to another PortMaster port using netdata, you must configure that port as /dev/network with the netdata device service and the same TCP port number.

The default netdata port is 6000; however, you can specify any TCP port number between 1 and 65535. This range allows TCP/IP to be used with a hardwired connection using an RS-232 cable. However, some serial communications protocols, such as FAX, might have latency problems with netdata.

5-10 PortMaster Configuration Guide

Setting the Login Host

You can specify how the login host is determined for the selected port. The three ways to determine the login host are described in Table 5-2.

Configuring a Port for Access to Shared Devices

Tabl e 5-2

Host Option Description

default The host used for this port is the default or alternate host

prompt The user is given the opportunity to enter a hostname or IP

Ipaddress

specified in the global settings.

address instead of the standard login prompt.

You set a primary host and up to three alternate hosts for this port. This option allows you to assign specific ports to specific hosts.

Setting the Terminal Type

You can set the terminal type for a port if it has been configured as a user login or twoway port and you have set the login service to PortMaster, rlogin, or Telnet. The terminal type is passed as an environment variable when a connection is established with a host. The terminal type should be compatible with the host you are logging in to.

You can set the terminal type for all asynchronous ports simultaneously using the set all termtype command.

Configuring a Port for Access to Shared Devices

One of the functions of a communications server is to provide network users access to shared devices such as printers and modems. The port connected to the printer or modem can provide shared access if it is configured as a host device port. This configuration is also useful when using the UNIX tip command and UNIX-to-UNIX Copy Protocol (UUCP) services.

Once a port is defined as host device, a device service must be selected that defines the method used to connect the user to the specified port and device. Host device services include PortMaster, Telnet, and netdata.

Configuring an Asynchronous Port 5-11

Configuring a Port for Access to Shared Devices

You can provide access to host device ports by establishing a pseudo-tty connection to the port from a UNIX host with the PortMaster daemon software installed. In this case, the port operates as a host-controlled device. Figure 5-2 shows a host device configuration using the PortMaster device service and a pseudo-tty connection. This configuration is most commonly used to provide access to shared devices such as printers.

Figure 5-2

Host Device Configuration

printer

√

PortMaster

pseudo-tty

11820002

Figure 5-3 shows a host device configuration where the device service is set as rlogin, Telnet, or netdata. In this configuration, the host device name is set as /dev/network. This configuration is used in cases where users want to log in remotely via Telnet or rlogin to the shared device before transferring data, such as with a modem.

5-12 PortMaster Configuration Guide

Configuring a Port for Access to Shared Devices

Figure 5-3

Network Device Configuration

modems

host: /dev/network

PortMaster

Telnet/rlogin/netdata

11820003

user 1

user 2

11820003

Once the port type is set to accommodate a host device, the device service must be selected and the hostname entered. If the device service selected is PortMaster for pseudo-tty service, a hostname must be specified either in the port configuration or as the global default host. In addition, the PortMaster in.pmd daemon must be installed on the specified host.

To configure a port for access to shared devices, follow these steps:

1. Set the port type to device.

Command> set S0 device Device

2. Set the device service.

Command> set S0 service_device portmaster|telnet|netdata [Tport]

3. Save the configuration.

Command> save all

Configuring an Asynchronous Port 5-13

Configuring a Port for Access to Shared Devices

Setting the Device Service

The device service defines the method used to connect a host to a host device port. The following device service options can be selected:

• PortMaster

•Telnet

•Netdata

Selecting the host device port type with the PortMaster device service is sometimes referred to as the host device configuration because the shared device you are connecting to through the PortMaster is known to the host as /dev/tty**, where the double asterisk (**) is the specific host device identifier.

Selecting the host device port type with the rlogin, Telnet, or netdata device service is sometimes referred to as the network device configuration because the shared device you are connecting to through the PortMaster is specified as /dev/network.

PortMaster Device Service

The PortMaster device service is the most efficient and highest-performance service. This service can be used with any workstation that has the PortMaster in.pmd daemon installed. PortMaster service is the default and preferred service because it allows the specified port to operate like a serial port installed on the host.

When using the PortMaster device service, you must use a host device name listed in the /dev directory of each UNIX host with access to the shared device. The standard device entries have ranges like the following:

• /dev/ttyp0 through /dev/ttypf

• /dev/ttyq0 through /dev/ttyqf

• /dev/ttyr0 through /dev/ttyrf

These tty devices can be dynamically selected for use by a variety of host programs. Most programs start their selection from the beginning of the device list. You should select devices at the end of the list to maximize the possibility of finding a device available.

5-14 PortMaster Configuration Guide

✍

Configuring a Port for Network Access

Telnet Device Service

Telnet is a remote terminal protocol supported by most computers using TCP/IP protocols. Telnet allows the user at one site to establish a TCP connection to a login server at another site. Once the connection is established, keystrokes are passed from one system to the other. Use Telnet service in networks where a variety of hardware devices with different operating systems must use the selected port.

In this configuration, the device name must be set to /dev/network.

The default TCP port number for Telnet is 23; however, another TCP port can be specified on a per-port basis. All ports with a common Telnet port number form a pool similar to the rlogin pool.

Note – If you use Telnet to administer the PortMaster, select a TCP port number for your shared device port that is different from your administrative Telnet port.

Netdata Device Service

The netdata device service provides a TCP clear channel on which 8-bit data is passed without interpretation. This service can be used to connect to the selected port from another serial port on a different PortMaster. This configuration can provide network connections between hosts on different networks. The netdata service is most commonly used for special applications which require the use of TCP-CLEAR channel access to a network socket. This device service provides a direct data link from the application to the device connected to the PortMaster port. With the socket connection, no special option negotiation or protocol is required.

The default TCP port number for the netdata service is 6000, but you can specify another port.

In this configuration, the device name must be set to /dev/network.

Configuring a Port for Network Access

You can configure PortMaster asynchronous ports for network dial-in-only access, dialout-only access, or both dial-in-and-out access (also known as two-way access). You can combine dial-in and dial-out access with the login and device services discussed in the previous sections.

Configuring an Asynchronous Port 5-15

Configuring a Port for Network Access

When you configure a port for network dial-in, dial-out, or two-way access, the port becomes available for connections to and from remote sites using modems and the Serial Line Internet Protocol (SLIP) or the Point-to-Point Protocol (PPP).

To configure a port for network access, follow these steps:

1. Set the port to network and choose the access type.

Command> set S0 network dialin|dialout|twoway

2. Save the configuration.

Command> save all

Note – In any of these dial modes (dial-in, dial-out, and two-way) you can also configure the port for other concurrent port types.

✍

Network Dial-In-Only Access

Network dial-in-only access can be set on ports dedicated to answering requests from mobile or home users. In this configuration, the selected port allows an authorized user to connect to the network for mail, file, and other services through SLIP or PPP encapsulation. Figure 5-4 shows how the PortMaster provides network connectivity for remote users.

5-16 PortMaster Configuration Guide

Configuring a Port for Network Access

Figure 5-4

Dial-In-Only Port Access

mobile or at-home user

dial-in connection

modems

PortMaster

11820017

workstation 1

Network Dial-Out-Only Access

workstation 2

Network dial-out-only access can be set on ports dedicated to Internet connections or connections to another office. In this configuration, the port is used to establish communication from the PortMaster to an outside location. SLIP or PPP is used for these types of connections. Figure 5-5 shows an example of a dial-out-only configuration.

Configuring an Asynchronous Port 5-17

Configuring a Port for Network Access

Figure 5-5

main office

modems

Dial-Out-Only Access

branch office

modem

dial-out connection

workstation 2

PortMaster

workstation 1

PortMaster

workstation 1

11820018

Network Dial-In-and-Out (Two-Way) Access

Dial-in-and-out service on a selected port is also called two-way access. Two-way access is specified for ports where both dial-in and dial-out access are needed. Dial-in modes with modems allow users to connect to the main network without the cost of a leasedline connection. This method can also be used for connecting to remote sites that need only occasional telecommuting or backup connectivity.

To configure two-way access, set the port type for network use and then set the network dial access for two-way use. The specified port operates in user login mode if DCD is detected on pin 8 of the RS-232 connector. Otherwise, it can be accessed as a host device on the computer through in.pmd or a Telnet session.

As mentioned in “Network Dial-In-Only Access” on page 5-16, SLIP or PPP is used to define the method for sending IP packets over standard asynchronous lines with a minimum line speed of 1200bps. These encapsulation methods allow you to establish connections on an as-needed basis to reduce telephone costs.

5-18 PortMaster Configuration Guide

✍

Configuring a Port for Network Access

To set a port for network two-way access, use the following commands

Command> set S0 network twoway Command> save all

PPP and SLIP Connections

The Serial Line Internet Protocol (SLIP) is an older protocol than PPP and not as robust. However, some hosts support only SLIP. The type of protocol allowed is specified for each dial-in user, dial-out location, or network hardwired port.

PPP is a method of encapsulating network layer IP protocol information on asynchronous point-to-point links. PPP is described in RFC 1331 and RFC 1332. Lucent’s implementation of PPP provides PPP autodetection support for the Challenge Handshake Authentication Protocol (CHAP) and Password Authentication Protocol (PAP) on serial ports running PPP. ComOS 3.3 and later releases support Multilink PPP as described in RFC 1717 on ISDN BRI ports, and all ports on the PortMaster 3.

Note – Be sure to use the set S0 rts/cts command to enable hardware flow control (RTS/CTS) for all SLIP and PPP connections.

PAP and CHAP Authentication

PAP and CHAP authentication occur in the following sequence:

1. A user dials in to a port and starts sending PPP packets.

2. The PortMaster negotiates the authentication protocol with the remote host.

3. If the host refuses PAP authentication, the PortMaster prompts the host to authenticate using CHAP. If the host refuses CHAP authentication, the PortMaster hangs up.

Both the local communications server and the remote device must support CHAP to use this protocol.

To configure PAP or CHAP for PPP users, the local user table or RADIUS must have an entry for each authorized user that includes the username and password. The passwords on both ends of the connection must be identical or the authentication process fails.

To disallow PAP authentication and accept only CHAP, enter the following command:

Command> set pap off

Configuring an Asynchronous Port 5-19

Configuring a Port for a Dedicated Connection

You can configure an asynchronous port for a permanent network connection (also known as a hardwired connection). Hardwired connections require no modem dialing or authentication protocol and are designed for connections to modems configured for leased line service, asynchronous-to-synchronous converters, or Frame Relay asynchronous devices (FRADs). Hardwired connections can use SLIP or PPP with IP and IPX.

Note – This type of configuration creates a continuous uninterrupted connection on

✍

this port. If the port is configured for a hardwired connection, it cannot be used for any other purpose.

Figure 5-6 illustrates an example of a hardwired connection.

Figure 5-6

Hardwired Port Configuration

analog leased line

leased line

modem

PortMaster

modem

workstation 2

workstation 1

PortMaster

11820019

Hardwired connections on asynchronous ports provide the continuous connection advantage of a synchronous port at lower bandwidth, but without the cost of T1 line connection.

5-20 PortMaster Configuration Guide

Configuring a Port for a Dedicated Connection

To configure a port for a hardwired connection, follow this procedure:

1. Set the port for network hardwired.

Command> set S0 network hardwired

2. Set the protocol.

Command> set S0 protocol slip|ppp

3. Set the maximum transmission unit (MTU) size.

Command> set S0 MTU MTU

4. Set the destination IP address.

Command> set S0 destination Ipaddress

5. Set the IPX network number if you are using IPX.

Command> set S0 ipxnet Ipxnetwork

6. Enable RIP routing.

Command> set S0 rip on|off|broadcast|listen

7. Set compression.

Command> set S0 compression on|off|stac|vj

8. Set the PPP asynchronous map (if required).

Command> set S0 map Hex

9. Set input and output filters (if using).

Command> set S0 ifilter [Filtername] Command> set S0 ofilter [Filtername]

Omitting the

10. Save the configuration.

Command> save all

Filtername

removes any filter previously set on the port.

[Ipmask]

11. Reset the port.

Command> reset S0

Configuring an Asynchronous Port 5-21

Configuring a Port for a Dedicated Connection

Setting the Protocol

The network protocol for the hardwired port can be set for PPP packet encapsulation or SLIP encapsulation as described in “PPP and SLIP Connections” on page 5-19. If you want to use PPP you have your choice of the following options:

• PPP with IP packet routing

• PPP with IPX packet routing

• PPP with both IP and IPX packet routing

You should select a protocol that is compatible with your network configuration.

Setting the MTU Size

The maximum transmission unit (MTU) defines the largest frame or packet that can be sent through this port. If a packet exceeds the specified MTU size, it is automatically fragmented if IP or discarded if IPX. PPP connections can have an MTU set from 100 to 1500 bytes. SLIP connections can have an MTU set from 100 to 1006 bytes. The remote host can negotiate smaller MTUs if necessary.

The MTU is typically set to the maximum allowed for the protocol being used, either 1500 or 1006 bytes. Setting smaller MTU values is useful for interactive (typing) users who send small packets, while larger values are better for multi-line load balance.

Setting the Destination IP Address and Netmask

The IP address or hostname of the machine on the other end of the hardwired connection must be entered to identify the port destination. For PPP, the IP destination can be set to negotiated (255.255.255.255). You can optionally specify the netmask of the system on the other end of the hardwired connection.

Setting the IPX Network Number

IPX traffic can be passed through a port if you assign an IPX network number to the hardwired network connection.

Note – The IPX network number must be different from the IPX networks used on the

✍

5-22 PortMaster Configuration Guide

Ethernets on either end of the connection.

Configuring RIP Routing

Configuring a Port for a Dedicated Connection

✍

As described in the accept route information as part of RIP messages if RIP routing is turned on.

To configure RIP routing for a network hardwired asynchronous port, use the following command:

Command> set S0 rip on|broadcast|listen|off

Note – ComOS releases prior to 3.5 use routing instead of the rip keyword.

Table 5-3 describes the results of using each keyword.

Tabl e 5-3

Keyword Description

on The PortMaster broadcasts and listens for RIP information

off The PortMaster neither broadcasts nor listens for RIP

broadcast The PortMaster broadcasts RIP information on this interface.

listen The PortMaster listens for RIP information on this interface.

Keywords for Configuring RIP Routing

PortMaster Routing Guide

from other routers on this interface. This is the default.

information on this interface.

, PortMaster products automatically send and

Refer to the

PortMaster Routing Guide

for OSPF and BGP configuration instructions.

Configuring Compression

Compression can increase the performance of interactive TCP sessions over network hardwired asynchronous lines. Lucent implements Van Jacobson TCP/IP header compression and Stac LZS data compression. Compression is on by default.

Compression should not be used with multiline load-balancing, but can be used with Multilink PPP.

Compression must be enabled on both ends of the connection if you are using SLIP. For PPP connections, the PortMaster supports both bidirectional and unidirectional compression. Refer to RFC 1144 for more information about header compression.

Configuring an Asynchronous Port 5-23

Configuring a Port for a Dedicated Connection

The PortMaster supports Stac LZS data compression only for PPP connections with bidirectional compression. Stac LZS data compression cannot be used for SLIP connections.

To configure compression, use the following command:

Command> set S0|W1 compression on|stac|vj|off

Table 5-4 describes the results of using each keyword.

✍

Tabl e 5-4

Keyword Description

on Enables compression. The PortMaster tries to negotiate both

off Disables compression.

stac Enables Stac LZS data compression only. Stac LZS

vj Enables Van Jacobson TCP/IP header compression only.

Note – This command is used only on network hardwired asynchronous ports. Dial-in

users must use the user table or RADIUS instead. Dial-out locations must use the location table instead.

To display compression information about a connection, enter the following command:

Command> show S0

Keywords for Configuring Compression

Van Jacobson and Stac LZS compression on PortMaster 3 and on leased lines on Office Router products, or Van Jacobson compression only on other PortMaster products. This is the default.

compression is supported only on PortMaster 3 and leased lines on Office Router products.

Setting the PPP Asynchronous Map

The PPP protocol supports the replacement of nonprinting ASCII characters found in the datastream. These characters are not sent through the connection but are instead replaced by a special set of characters that the remote system interprets as the original

5-24 PortMaster Configuration Guide

Lucent Technologies PortMaster User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

About This Guide

Audience

PortMaster Documentation

Additional References

RFCs

ITU-T Recommendations

Books

Document Conventions

Document Advisories

Contacting Lucent Remote Access Technical Support

PortMaster Training Courses

For the EMEA Region

For North America, Latin America, and the Asia Pacific Region

Subscribing to PortMaster Mailing Lists

PortMaster Software

Preconfiguration Planning

Configuration Tips

Basic Configuration Steps

Booting the PortMaster

PortMaster Initialization

On-Demand Connections

PortMaster Security Management

Port Status and Configuration

Setting the System Name

Setting the Administrative Password

Setting the Dynamic Host Control Protocol (DHCP) Server

How the Cable Modem Telephone Return System Works

Setting the Default Route Gateway

Configuring Default Routing

Configuring Name Resolution

Using the Host Table

Setting the Name Service

Setting the Name Server

Setting the Domain Name

Setting the Telnet Port

Using the Telnet Port as a Console Port

Setting the Number of Management Application Connections

Setting System Logging

Setting the Loghost

Disabling and Redirecting Syslog Messages

Setting Administrative Logins to Serial Ports

Configuring an IP Address Pool

Setting the Reported IP Address

Configuring SNMP

About the livingston.mib Definition File

Examining the MIB Structure

PortMaster Modem Table

Setting SNMP Monitoring

Setting SNMP Read and Write Community Strings

Adding SNMP Read and Write Hosts

Viewing SNMP Settings

Monitoring SNMP Alarms

Displaying the Routing Table

Setting Static Routes

Adding and Deleting a Static Route for IP

Adding and Deleting a Static Route for IPX

Modifying the Static Netmask Table

Enabling NetBIOS Broadcast Packet Propagation

Setting Authentication for Dial-In Users

Setting Call-Check Authentication

Setting the ISDN Switch

Setting General Ethernet Parameters

Configuring RIP Routing

Applying Filters

Setting IP Parameters

Setting the IP Address

Setting the Subnet Mask

Setting the Broadcast Address

Enabling or Disabling IP Traffic

Setting Ethernet IPX Parameters

Setting the IPX Network Address

Enabling or Disabling IPX Traffic

Setting the IPX Frame Type

Configuring Ethernet Subinterfaces

Setting OSPF on the Ethernet Interface

Asynchronous Port Uses