Multitech MultiAccess MA30120 User Manual
MA30120
User Guide
User Guide
MultiAccess Communications Server
MultiAccess
S000255E Revision E
All rights reserved. This publication may not be reproduced, in whole or in part, without prior expressed
written permission from Multi-Tech Systems, Inc.
Copyright © 2012 by Multi-Tech Systems, Inc.
Multi-Tech Systems, Inc. makes no representations or warranty with respect to the contents hereof and
specifically disclaims any implied warranties of merchantability or fitness for any particular purpose.
Furthermore, Multi-Tech Systems, Inc. reserves the right to revise this publication and to make changes
from time to time in the content hereof without obligation of Multi-Tech Systems, Inc. to notify any person
or organization of such revisions or changes.
Record of Revisions
Revision Date Description
A 11/17/03 Manual released.
B 12/06/04 Manual revised to include an appendix on modem commands and
version 1.08 of the MultiAccess software.
C 07/05/05 Manual revised to include software release version 1.12.
D 10/04/06 Manual revised to update AT Commands in Appendix B and includes
software version 1.14.
E 09/18/12 Updated RoHS.
Patents
This device covered by one or more of the following patents: 6,031,867; 6,012,113; 6,009,082; 5,864,560;
5,815,503; 5,812,534; 5,790,532; 5,764,628; 5,764,627; 5,754,589; 5,724,356; 5,673,268; 5,673,257;
5,628,030; 5,619,508; 5,617,423; 5,600,649; 5,592,586; 5,577,041; 5,574,725; 5,559,793; 5,546,448;
5,546,395; 5,535,204; 5,500,859; 5,471,470; 5,463,616; 5,453,986; 5,452,289; 5,450,425; 5,309,562;
5,301,274
Trademarks
Trademarks of Multi-Tech Systems, Inc.: Multi-Tech, and Multi-Tech logo.
HylaFAX is a trademark of Silicon Graphics Corporation. Windows is a registered trademark of Microsoft
Corporation in the United States and other countries.
All products or technologies are the trademarks or registered trademarks of their respective holders.
Technical Support
Country By Email By Phone
France: support@multitech.fr +(33) 1-64 61 09 81
India: support@multitechindia.com +91 (124) 2340780
Europe, Asia, Africa: support@multitech.co.uk +(44) 118 959 7774
U.S., Canada, all others: support@multitech.com (800) 972-2439 or +763-717-5863
World Headquarters
Multi-Tech Systems, Inc.
2205 Woodale Drive
Mounds View, Minnesota 55112
(763) 785-3500 or (800) 328-9717
Fax 763-785-9874
Internet Address: http://www.multitech.com
Contents
Chapter 1 - Introduction and Description ................................................................................. 5
WAN Communications .......................................................................................................... 5
Managemen
Remote Access
Features ................................................................................................................................ 6
Ship Kit Contents
Front Panel
Back Panel
Typical Application
Specificat
t .......................................................................................................................... 5
..................................................................................................................... 5
................................................................................................................... 6
............................................................................................................................ 7
............................................................................................................................ 8
................................................................................................................. 9
ions ...................................................................................................................... 11
Chapter 2 - Installation
Safety Warn
Safety Reco
Site Plannin
Hardware Installation Procedure
Starting Your MultiAccess
Network Setup
Line Interfaces
Modem Set
User Authentication
Chapter 3 - Softw
Home and L
Administration ...................................................................................................................... 35
Networks & Services
Network Setup
DHCP Server
Tracking
Packet Filter
User Authentication
Modem Set
Statistics & Logs
Line Interfaces
ings .................................................................................................................. 12
mmendations for Rack Installations ................................................................. 12
g ....................................................................................................................... 13
up ...................................................................................................................... 21
are ................................................................................................................. 32
ogout Options ................................................................................................... 33
....................................................................................................................... 66
............................................................................................................................... 70
s ....................................................................................................................... 71
up ...................................................................................................................... 88
............................................................................................................. 12
......................................................................................... 14
................................................................................................... 15
..................................................................................................................... 19
..................................................................................................................... 20
............................................................................................................. 28
........................................................................................................... 50
..................................................................................................................... 56
............................................................................................................. 75
.................................................................................................................. 98
................................................................................................................... 117
Chapter 4 - Troubleshooting
Chapter 5 - MultiAcces
Chapter 6- Warranty
Regulatory Compliance
Recording MultiAccess
Appendix A - License Agreements
GENERAL PUBLIC LICENSE .................................................................................. 138
GNU
Appendix B – Modem Commands ......................................................................................... 141
“AT” Command Syntax Convention ................................................................................... 141
“AT” Commands Suppo
“AT” Commands Accept
s Maintenance .................................................................................. 130
and Service .......................................................................................... 131
.................................................................................................. 129
..................................................................................................... 133
Information ................................................................................... 135
........................................................................................ 136
rted ............................................................................................... 144
ed with No Effect ......................................................................... 147
S-Registers ........................................................................................................................ 148
Advanced MultiAccess Modem Commands ...................................................................... 152
Application Notes
ASCII Con
version Chart .................................................................................................... 161
............................................................................................................... 159
Appendix C – How
Menu Drive
Manual Met
Appendix D – Waste Electrical and Electronic Equipment (WEEE) Sta
Appendix E – Restriction of the Use of Hazardous Substances (RoHS)
to Update ................................................................................................. 162
n: ..................................................................................................................... 162
hod (via Linux command line): ........................................................................ 162
tement ................. 165
........................... 166
Glossary ................................................................................................................................... 167
Index ......................................................................................................................................... 178
Chapter 1 – Introduction and Description
Chapter 1 - Introduction and
Description
Welcome to Multi-Tech’s new MultiAccess Communications Server, Model MultiAccess. The MultiAccess
Communications Server is a high-performance digital remote access solution for Enterprise LANs and
Intranets or Internet service providers. MultiAccess is a V.92 remote access server (RAS) supporting up to
four T1 line interfaces implementing either RBS or PRI signaling for use in North America or up to four E1
line interfaces implementing PRI signaling for the rest of the world. The MultiAccess Communications Server
uses a web based Graphical User Interface (GUI) for configuration, is a 1U (one-up) rackmountable unit that
contains up to four universal modem ports for dial-in communications.
WAN Communications
MultiAccess ships turnkey for T1/RBS or T1/E1 PRI ISDN and populated with 30 modems on line interface 1
for the basic configuration. Additional modem modules can be added to support up to four T1/E1 line
interfaces. The high-density modems provide V.92/56K dial-up speeds. In addition, they are manageable
from remote locations using platform-independent, industry standard protocols.
Management
MultiAccess includes robust management support allowing a network administrator to securely manage the
devices either through a web browser or at the command line. The browser-based option uses the HTTPS
protocol, also know as SSL (Secure Sockets Layer) to provide 128-bit encryption to secure the management
session. The command line interface is accessible via SSH (Secure Shell) and supports SCP (Secure Copy)
and sftp (Secure File Transfer Protocol) to help provide maintenance support.
SNTP Support. MultiAccess includes an industry standard Simple Network Time Protocol (SNTP) client that
enables it to synchronize its clock with a remote time/clock server on the Internet. This feature is useful for
accounting purposes.
Remote Access
Comprehensive Security. MultiAccess provides an industry standard Radius Server and Radius Client for
authentication and authorization of thousands of user profiles using PAP and CHAP. In addition, it uses
Network Address Translation (NAT) to hide internal, non-routable IP addresses. If a Radius Server does not
exist, one is provided as part of the MultiAccess system. This Radius Server could provide authentication
and authorization information for this and other Radius Clients in use at your site.
MultiAccess Communications Server MA30120 User Guide 5
Chapter 1 – Introduction and Description
Features
Compact design that supports up to four channelized T1 and/or IDSN PRI interfaces per rack unit
Dial-in scalability for up to 96/120 users
Terminates both analog and digital (ISDN) calls
Client authentication provided through industry standard Radius
V.92 modem-on-hold
V.92 quick connect
V.44 data compression
10/100 Mb Ethernet Lan/Wan connectivity
Simultaneous V.92/56K and 128 BRI ISDN sessions
Industry-standard PPP client support
PAP and CHAP authentication
Secure, graphical local or remote management using HTTPS or SSH
Standard 19” rackmountable chassis (1U)
Two-year warranty
Ship Kit Contents
The MultiAccess is shipped with the following:
1 MultiAccess
4 power cords (US, Euro, Austral, & UK)
1 printed Quick Start Guide
1 Document CD
1 Recovery Image CD
2 Rack Mounting Brackets and four mounting screws
If any of these items are missing, contact Multi-Tech Systems or your dealer or distributor. Inspect the
contents for signs of any shipping damage. If damage is observed, do not power up the MultiAccess. Contact
Multi-Tech’s Tech Support
for advice.
MultiAccess Communications Server MA30120 User Guide 6
Chapter 1 – Introduction and Description
Front Panel
The front panel has 16 front panel LEDs that provide operating status.
The Front Panel
Front Panel LED Descriptions
LED Description of LAN 1 & 2 LEDs
LINK
ACT
100MB
LED Description of LIne LI-1 thru LI-4 LEDs
LA
LC
LS
LED Description of Support Modem LEDs
CD
The LINK LED indicates link integrity for the LAN Ethernet port. If the Ethernet link is valid at
either 10 Mbps or 100 Mbps, the LINK LED is lit. If the Ethernet link is invalid, the LINK LED is off.
The ACT (Activity) LED indicates either transmit or receive activity on the LAN Ethernet port.
When activity is present on the LAN Ethernet port, the ACT LED is lit. When no activity is present
on the LAN Ethernet port, the ACT LED is off.
The 100MB LED indicates the speed of the LAN Ethernet port. The 100MB LED is lit if the LAN
Ethernet port is linked at 100 Mbps. The 100 MB LED is off at 10 Mbps.
The LA (Link Active) indicates layer 1 is up. LA blinks when Los of Frame Alignment (LFA) but not
Loss of Signal (LOS).
The LC indicates a red alarm.
The LS indicates a yellow alarm.
The CD (Carrier Detect) LED lights when the modem detects a valid carrier signal from another
modem. It is on when the modem is communicating with the other modem. It is off when the link is
broken.
RD
DTR
TD
LED Description of System LEDs
HDD
ACT
ALERT
POWER
The RD (Read Data) LED flashes when the modem is receiving data from another modem.
The DTR (Data Terminal Ready) LED lights when the operating system detects and initializes the
modem.
The TD (Transmit Data) LED flashes when the modem is transmitting data to another modem.
The HDD ACT (Hard Disk Drive Activity) LED lights when the MultiAccess hard disk drive is
accessed.
The ALERT LED lights and the system beeps when memory DIMM is bad, missing, or if other
rudimentary hardware failure.
The POWER LED is off when the MultiAccess is in a reset state. When the POWER LED is lit, the
MultiAccess is not in a reset state.
MultiAccess Communications Server MA30120 User Guide 7
Chapter 1 – Introduction and Description
Back Panel
The MultiAccess back panel has a fan, a power plug, the POWER Switch (| / O), an RJ-11 phone LINE jack,
a DB-9 COM1 jack, a DB-15 High-density DSUB (VIDEO) jack, two USB (Revision 1.1 compliant) jacks, four
RJ-45 T1/E1/PRI line jacks, and two Ethernet RJ-45 (Ethernet 1 & Ethernet 2) jacks.
The MultiAccess back panel is illustrated and described below.
Back panel
The back panel components are described in detail in the Cabling Procedure section in Chapter 2 of this
manual.
MultiAccess Communications Server MA30120 User Guide 8
Chapter 1 – Introduction and Description
Typical Application
Internet Service Provider (ISP) Application- Only one Ethernet interface on the MultiAccess is used.
The IP address of the MultiAccess and the pool of IP addresses for the dial-in users are of the same network
and normally are public addresses. The modems of the MultiAccess are configured for RAS usage. PPP
clients dial into the system, authenticate, via RADIUS, and establish a LAN to Client PPP session (remote
note).
MultiAccess Communications Server MA30120 User Guide 9
Chapter 1 – Introduction and Description
Corporate Application-One or both Ethernet interfaces can be used. When both interfaces are used, they
are commonly configured with separate network addresses. The MultiAccess can provide dial-in RAS to one
or both networks and provide modem sharing and faxing for network workstations. Workstations on the
corporate LAN can be a Comm Port Redirector (e.g., Multi-Tech’s WINMCSI) for accessing MultiAccess’s
modems. Authentication can be performed before granting access to the modem sharing resource, providing
another layer of security to your network’s infrustructure.
If some or all the MultiAccess’s modems are configured for faxing, the HylaFAX server software needs to
be operating on the MultiAccess and the HylaFAX client software operating on the network workstation.
MultiAccess Communications Server MA30120 User Guide 10
Specifications
System
LAN Ports
Server Operating
System
System Management
Security
Modem
ISDN PRI
Channelized T1
Power
Physical Description
Operating Environment
Approvals
Processor: 566 MHz Celeron
RAM: 256 MB
Number of Ports: 2 (LAN 1 and LAN 2 ports)
Interface: 2 x 10BaseT/100BaseT (UPT)
Format: Ethernet 802.3, 802.2, Ethernet II or SNAP
Linux Open Source Software
Web based (HTTPS/SSL)
Port and IP Filtering, Network Address Translation (NAT), Radius support
Analog Data Rates: V.92/56K, enhanced V.34/33.6K
ISDN Data Rates: 64K HDLC, V110 at 19.2K bps & slower
Fax Rates: 14.4K bps
Error Correction: V.42
Data Compression: V.44, MN5, and V.42bis
Fax: V.17, Group 3
Channels: 23 (T1 PRI) or 30 (E1 PRI)
B-Channel Protocols: PPP, ML-PPP, V.110
Switch Types: NI2, 4ESS, 5ESS custom, DMS100, ETSI, VN6, NTT
T1 Frame Formats: Extended Super Frame (ESF), 12 Frame Multiframe
(F12), 4 Frame Multiframe (F4), & 72 Frame Multiframe – Remote Switch
Mode (F72)
T1 Line Code: AMI or B8ZS
E1 Frame Formats: Extended Super Frame (ESF) w/ CRC4, Extended
Super Frame (ESF) w/o CRC4 (Double Fame)
E1 Line Code: AMI or HDB3
Channels: 24 DSU/CSU operation for T1 WAN service
Frame Format: Extended Super Frame (ESF), 12 Frame Multiframe (F12),
4 Frame Multiframe (F4), & 72 Frame Multiframe – Remote Switch Mode
(F72)
Line Code: AMI or B8ZS
Signaling Methods: E&M Immediate, E&M Wink, FXS ground start, FXS
loop start
Voltage & Frequency:100-240v AC, 50-60 Hz,1.2-0.6 amps universal input
Power Consumption: 30 Watts
17" w × 1.75" h × 10.5" d; 10 lbs. (1U rackmountable)
(43.18 cm × 4.45 cm × 26.67 cm; 4.54 kg)
Temperature Range: 0° to 50° C (32° to 120° F)
Humidity: relative 25-85% noncondensing
CE Mark
EMC: FCC Part 15 Class A, EN 55022, EN 55024, EN 61000-3-2,
EN 61000-3-3
Safety: UL 60950, EN 60950
Telecom: CS03, FCC Part 68, TBR4
Chapter 1 – Introduction and Description
MultiAccess Communications Server MA30120 User Guide 11
Chapter 2 – Installation
Chapter 2 - Installation
Safety Warnings
Use this product only with UL- and CUL-listed computers.
To reduce the risk of fire, use only 26 AWG or larger telephone wiring.
Never install telephone wiring during a lightning storm.
Never install a telephone jack in a wet location unless the jack is specifically designed for wet locations.
Never touch uninsulated telephone wires or terminals unless the telephone line has been disconnected
at the network interface.
Use caution when installing or modifying telephone lines.
Avoid using a telephone during an electrical storm; there is a risk of electrical shock from lightning.
Do not use a telephone in the vicinity of a gas leak.
Caution: Danger of explosion if battery is incorrectly replaced. A lithium battery on the MultiAccess board
provides backup power for the time-keeping capability. The battery has an estimated life expectancy of ten
years. Contact Multi-Tech if you suspect a failed battery. If date and time is incorrect after having the unit
powered off, it may be due to a weak battery or incorrect setup.
Caution: The Ethernet ports are not designed to be connected to a Public Telecommunication Network.
Safety Recommendations for Rack
Installations
Ensure proper installation of the MultiAccess in a closed or multi-unit enclosure by following the
recommended installation as defined by the enclosure manufacturer. Do not place the MultiAccess
directly on top of other equipment or place other equipment directly on top of the MultiAccess.
If installing the MultiAccess in a closed or multi-unit enclosure, ensure adequate airflow within the rack so
that the maximum recommended ambient temperature is not exceeded.
Ensure that the MultiAccess is properly connected to earth ground via a grounded power cord. If a power
strip is used, ensure that the power strip provides adequate grounding of the attached apparatus.
Ensure that the main supply circuit is capable of handling the load of the MultiAccess. Refer to the power
label on the equipment for load requirements.
Maximum ambient temperature for the MultiAccess is 40 degrees Celsius (104 F).
Properly qualified service personnel should only install this equipment.
Connect like circuits. In other words, connect SELV (Secondary Extra Low Voltage) circuits to SELV
circuits and TN (Telecommunications Network) circuits to TN circuits.
MultiAccess Communications Server MA30120 User Guide 12
Chapter 2 – Installation
Site Planning
With proper planning, your MultiAccess system can be installed quickly and in a short time. To implement the
suggested planning process, you must:
1. Plan for physical space, environmental, electronic and electrical needs. Identify physical installation site.
The environment should be properly ventilated with controlled temperature and humidity.
• Good AC power source with proper Earth Ground.
• EIA 19” rack, MultiComTower, or standalone installation.
• Determine where the termination point is for each T1, PRI, or E1 line.
• Determine physical access point to the Ethernet network.
• Identify high quality category 5 cable for Ethernet & T1 cabling. Depending on environment
characteristics, shielded T1 cable may be necessary.
• For initial setup and administrative purposes, a network workstation with a WEB browser supporting
HTTPS will be needed.
2. Define your users’ client computer needs
• Determine the number of dial in analog modem users
• Identify client workstation OS (PC running Windows98/XP/2000, or MAC OS10)
• Identify client modem types (V.34, V.90, V.92)
• Identify dial up security protocol (CHAP & PAP)
• Third-Party Security Devices (SecurID)
• Identify the Security Database (i.e. user file in RADIUS server or Microsoft SAM\Active directory with
IAS) and make sure users have dial in rights with framed protocol PPP attribute
3. Identify applicable network resources (IP address of; gateway/default route, DNS, WINS, RADIUS
server(s), etc)
• Identify the network MASK
• Identify available IP addresses (determine the static IP address that is to be assigned to the Multi
Access)
• Determine IP assignment method (predefined pool/range) to be implemented by the MultiAccess
(regarding the IP addresses to be assigned to the remote dial in users).
• When Implementing RADIUS Authentication and Accounting, identify the UDP ports used by the RADIUS
server(s)
4. Define your line interfaces
• Obtain T1 or E1 PRI line provisioning information for your LEC
• Identify the telephone number(s) of the line or lines
• Identify the Framing Format
• Identify the Line Coding
• Identify the type of signaling (RBS or PRI for T1 or E1 PRI)
• For RBS, the signaling type can be referred to as the start method and/or the FXS signaling method (i.e.
Immediate, Wink, Ground, and Loop)
• For PRI signaling identify the type of central office switch\protocol, i.e. AT&T5ESS, DMS100/250,
National ISDN2
• Identify the Line Build-Out (LBO) i.e. what db level is presented on premise by the provider and what db
level should the premise equipment transmit at.
Note: For E1 lines the signaling type must be PRI. R2 signaling methods are not supported.
MultiAccess Communications Server MA30120 User Guide 13
Chapter 2 – Installation
Hardware Installation Procedure
The MultiAccess is designed to install either on a desktop or in a standard EIA 19“ rack, and is shipped with the
mounting hardware to install the MultiAccess in the rack. If installing in a rack, use the provided mounting
hardware and follow the rack enclosure manufacturer’s instructions to safely and securely mount the
MultiAccess in the rack enclosure. Proceed to the cabling procedure.
Cabling
Cabling your MultiAccess involves making the proper power, phone, and line (T1/E1/PRI) connections as
described and illustrated below.
The MultiAccess back panel has a fan, a power plug, POWER Switch (| / O), a RJ-11 phone LINE jack, a DB-9
COM1 jack, a DB-15 High-density DSUB (VIDEO) jack, two USB (Revision 1.1 compliant) jacks, four RJ-45
T1/E1/PRI line jacks, and two Ethernet RJ-45 (Ethernet 1 & Ethernet 2) jacks.
1. Using an RJ-45 cable, connect one end to LI-1 (Line 1 Interface) on the back of the MultiAccess and the
other end to your first T1/E1/PRI line connection. If a second, third, or fourth line connection is required,
connect an RJ-45 cable for each of the line connections being used.
2. Connect a workstation to your local network; connect one end of a RJ-45 cable to the Ethernet 1 jack on
the back of the MultiAccess and the other end to the hub on your local network.
3. For advanced users, the Video and Keyboard connections are for manual intervention of the Operating
System.
The default root level login password is linux (lower case) and the command to change the root level
password is “passwd”. The recommended mimimum password length is 8-characters. However, the
MultiAccess will accept less than 8-characters.
The Linux command to properly shut down (halt) the MultiAccess is shutdown –h now. The command to
restart is r.
4. With the MultiAccess Power switch in the off () position and using the supplied power cord, connect the
MultiAccess power plug to a live power outlet.
5. Place the MultiAccess Power switch to the on () position to turn on the MultiAccess
Caution:
Refer to Administration > System Tools in Chapter 3 of this User Guide. If the MultiAccess is not properly
shut down before switching off Power, the next start may take a little longer, or in the worst case, data could be
lost.
Never switch off MultiAccess Power until after you have performed the Shutdown process.
6. Proceed to Starting the MultiAccess.
MultiAccess Communications Server MA30120 User Guide 14
Chapter 2 – Installation
Starting Your MultiAccess
This section covers the steps for connecting a workstation to the MultiAccess, starting up the MultiAccess,
opening the MultiAccess Communications Server Web Management program, performing the time zone setup,
and using the menu bar to navigate through the Web Management software screens.
1. Set the workstation IP address to 192.168.2.x subnet other than 192.168.2.1 which is the IP address of
Ethernet 1 (eth0) and 192.168.2.5 which is already assigned to Ethernet 2 (eht1).
2. Turn on power to the MultiAccess. When you hear 5 beeps, approximately 2 minutes after applying
power, continue with the next step.
Note: Depending on the version of MultiAccess (and other variables, like the previous shutdown and
the number of expansion modules) the duration needed to boot may vary. It may be helpful to connect
an external monitor and keyboard to determine the current status of the system. Five seconds after
turning on power, one beep is heard, indicating a successful POST of the mother board, next the BIOS
detects the hard drive from which the Linux operating system and appropriate drivers are loaded.
3. Bring up a Web browser on the workstation. At the browser's address line, enter https://192.168.2.1
and press the Enter key.
Important: Be sure to type https (http will not work).
4. In some environments, one or more Security Alert screen(s) may display. At the initial Security Alert
screen, click Yes and follow any additional on-screen prompts.
Login
1. The Login screen is displayed.
Type the default User name: admin (all lower-case)
Tab to the Password entry and type the default password: admin (all lower-case).
Click the Login button.
Note: User name and Password are case-sensitive (both must be all lower-case) and can be up to
12 characters each. Later, you will want to change the password from the default (admin) to
something else. (If Windows displays the AutoComplete screen, for security reasons, you may
want to click No to tell Windows OS to not remember the password.)
MultiAccess Communications Server MA30120 User Guide 15
Chapter 2 – Installation
Changing the Password: You should change the default User and Password entries. This can be
accomplished in the WEB Admin screen of the Administration menu.
Caution: Use a safe password! Your first name spelled backwards is not a sufficiently safe
password; a password such as xfT35$4 is better.
2. If someone else is already logged onto the MultiAccess or you were logged in recently, the following
message displays.
At the prompt Do you want to log the user out? Click Yes. If you click No, you are returned to the
Login screen.
3. The MultiAccess Communications Server Web Management Home screen is displayed.
MultiAccess Communications Server MA30120 User Guide 16
Chapter 2 – Installation
r
Navigating Through the Screens
When you click one of the MultiAccess Menu Bar buttons, the first screen for that function displays. Once the
first screen opens, you can navigate to other screens within this function; they are listed on the left side of the
screen.
Home: The main screen.
Administration: System setup such as Time & Date, Web management, and certificate. Provides for system
shutdown and restart, plus other administrative tools such as PING, Trace Route, and TCP Connect.
Networks & Services: Define networks, services, and groups to make them available to be used by other
functions such as allowed networks, and packet filters.
Network Setup: Set up the LAN 1, and LAN 2 Ethernet ports, etc.
DHCP Server: Configure the DHCP server settings.
System Update: Update services can be downloaded from the update server to keep your system
continually updated.
Logout: Logout and return to the login screen
Tracking: Set up tracking of all packets through the network ports in the MultiAccess.
Packet Filters: Define filter rules and ICMP rules.
User Authentication: Defines security protocol methods, passwords, and user database details.
Modem Setup: Defines the primary role of the modem; RAS, fax, or network modem pool.
Statistics & Logs: View and download all the statistics and log files maintained by your system.
Line Interfaces: Defines setup information of your PSTN lines.
Help: (Online Help) Describes what to do on each screen.
Options Under Each Menu
Home Administration Networks &
Services
Return to the
Main Menu
Tracking Packet Filters
Accounting Packet Filter Rules
System Setup
SSH
SNTP Client
Web Admin
Site Certificate
Database Setup
Backup Setup
Available Backups
Intrusion Detection
Network Tools
System Tools
Add User Defined
Filters
ICMP
Networks
Services
Network Groups
Service Groups
User
Authentication
Local Users
Radius Client
Radius Server
Network
Setup
Interface
Routes
Masquerading
SNAT
DNAT
Modem
Setup
Modem Setup
Modem Usage
Fax Setup
DHCP Serve
Subnet Settings
Fixed Addresses
Statistics &
Logs
Setup
Uptime
Networks
Interface Details,
Routing Table,
Network Connections
Line Interfaces Status
Modem Connections
Connections,
connection Details,
Caller ID, Call History
Server Connections
Interface
Accounting
Self Monitor
View Logs
System Update Logout
Available
Applied
Setup
Line
Interfaces
Line 1 Setup
Line 2 Setup
Line 3 Setup
Line 4 Setup
Exit the
Program
Help
Administration
Networks &
Services
Network Setup
DHCP Server
System Update
Tracking
Packet Filters
User
Authentication
Modem Setup
Statistics & Logs
Line Interfaces
MultiAccess Communications Server MA30120 User Guide 17
Chapter 2 – Installation
Setup Your Time Zone
4. Click Administration on the menu bar. The System Setup screen displays.
Set the System Time by selecting your Time Zone, the current Day, Month, Year, Hour, and
Minute.
Administration
System Setup
System Time
MultiAccess Communications Server MA30120 User Guide 18
Chapter 2 – Installation
Network Setup
In the Network Setup > Interface you can define a host name for your MultiAccess, change the Ethernet 1
(eth0) to your local IP and subnet mask for your local network, and change the IP address of the default
Gateway to your local gateway address.
1. Enter the Host name you have established for your local MultiAccess. Click Save.
2. Enter in the External Name server window the IP address of your domain name server (DNS).
3. Click the Add button to connect to your name server.
4. Change the default IP Address for the Network Card 1 to the IP address of your local network and change
the default Subnet Mask for the Network Card 1 to the subnet mask for your local network. Click Save.
5. Change your web browser address to the new address of your local network.
6. Change the Default Gateway IP address to the IP address of your gateway. Click Save.
The options for Network Card 2 are not shown in the above screen due to space limitation. The options
Note:
are the same as for Network Card 1.
MultiAccess Communications Server MA30120 User Guide 19
Chapter 2 – Installation
Line Interfaces
To establish your line interfaces for the four LI1 through LI4 interfaces, click on Line Interfaces. The Current
Setup section reflects the current operating parameters for the indicated Line Interface.
1. Click on the Line Type down arrow and select your type of line interface; T1 RBS or T1 PRI for North
America or E1 PRI for the rest of the world, then wait for the screen to refresh.
2. Use the various pull down menus to match the parameters of the Line Interface with the line provisioning
information from your Telco.
Note: A common provisioning issue is the type of framing format which the telco usually refers to as ESF.
But, the MultiAccess gives you a choice of ESF or ESF with error correction. Multi-Tech recommends that
you choose ESF with Error Correction.
3. Click Save and the send button will become active.
4. Click the Send button to cause the new parameters to become active. You must wait 45 seconds for the
screen to refresh and the new configuration to apply, then Current Setup section is updated.
MultiAccess Communications Server MA30120 User Guide 20
Chapter 2 – Installation
Modem Setup
The Modem Setup group of menus configure the modems for usage with RAS, modem sharing, and faxing.
The default usage for each modem is RAS. The Modem Setup menu controls the parameters of the modems
set to RAS. If the MultiAccess modems are to be used for dialout, in a networking modem sharing
environment, then use the Modem Usage menu to change the usage to Modem Sharing. If the MultiAccess
modems are to be used for faxing with the integrated Hylafax™ Server, then use the Modem Usage menu to
change the usage to Fax. The Fax Setup menu is used to configure the Hylafax Server for sending and
receiving faxes.
Note: The MultiAccess modems also support faxing with fax servers that are external to the MultiAccess via the
Modem Sharing usage.
Modem Usage
If you are using all your MultiAccess modems to provide dial-in PPP access, you do not have to modify the
default Modem Usage settings. The default usage is RAS. If you plan to use all or part of your MultiAccess
modems for dial-out, you will have to change the Modem usage settings for the selected modems to one of the
Modem Sharing options that best fit your needs. If you plan to use some or all your modems for faxing, you will
have to change the Modem Usage setting for the selected modems to Fax.
If you are using your MultiAccess in an RAS inbound PPP environment, you do not
have to make any changes in the Modem Usage menu.
Note: When implementing a combination of usage options, care must be given so that inbound calls do not
conflict with outbound calls. This may require changing the hunt group call distribution at the central office and
should be addressed with the provider of your T1/E1 digital line.
Caution: Modem sharing is accomplished by implementing a Telnet interface to the MultiAccess modems.
Make sure that care is taken to secure access to these ports via firewall or IP filter settings to prevent
unauthorized use of your modem resources.
MultiAccess Communications Server MA30120 User Guide 21
Chapter 2 – Installation
If you are using your MultiAccess as a network modem pool, you will need to set up
the Modem Usage menu to support your configuration.
1. Click on the Usage drop down arrow and chose the Modem Sharing – authentication type that suits your
applicational needs.
2. Click on the Modem drop up or down arrow and select the tty modem(s) for modem sharing. You can
choose multiple modems by holding down the shift key.
3. When the Modem Usage is set to Modem Sharing, the following options become available:
Display Called Number - This parameter applies to inbound (received) calls when the Line Interface type
is PRI. The telephone number (or final digits) dialed by the originator will be displayed into the telnet socket
following the first “ring” message. The Called Number information (string of digits) is provided by the
central office switch and is commonly referred to as DNIS. The MultiAccess does not support DNIS when
the Line Interface type is T1-RBS.
Reverse Dial - This parameter enables two features, comma dialing and reverse dial mode. When
enabled, the dial string can include the use of commas, used to create a pause between digits of the dial
string (most commonly used to specify the extension of the answering modem).
Example: “atdt18003334444,,,,,4321”. Each comma creates a 2 second pause. 4321 is the extension of
the desitination phone line\modem.
Reverse dial mode is where the dial string includes the letter “r” at the very end of the dial string, the
purpose of which is to instruct the MultiAccess modem to switch from originate to answer mode after
dialing. For example: “atdt17637175549r”.
Please Note: When Reverse Dial is enabled, the dial string must include the tone (t) command, for
example, atdtstring .
MultiAccess Communications Server MA30120 User Guide 22
Chapter 2 – Installation
Raw Mode - If Yes, this sets the TCP port to a RAW socket. User data is treated “as is” and the Telnet
Command Escape capability is disabled. If No, this allows the Telnet command parser to look for escape
sequences that are used to communicate control functions. A common example is to support RFC-2217
Com Port Control.
Pool - If you want to access a specific modem, accept the default of No. Each modem will be given a
specific TCP port number, starting at 7000+. If you select pool = Yes, then all selected modems are
accessed via port number 6000 – creating a first available pool, starting with the lowest numbered tty port.
SSL - Support is made available when the usage is Modem Sharing with Authentication. This is only
used with SSL capable Telnet Clients. Site Certificate information needs to be configured appropriately.
Contact Multi-Tech Tech Support for additional information.
Idle Timer (seconds) - The Idle Timer, upon expiring, will hangup the modem and close the telnet socket.
Idle time is defined as no data flow in both directions. Any data sent or received across the socket will
cause the Idle Timer to start over. When there has been no data activity for the duration specified, the idle
timer will expire.
Monitor CD - Upon the modem disconnecting, the MultiAccess will close the telnet socket to the host
application server.
4. Click on the Save button.
MultiAccess Communications Server MA30120 User Guide 23
Chapter 2 – Installation
If you are using your MultiAccess as a network fax server, you need to set up the
Modem Usage menu to support your configuration.
5. Click on the Usage drop down arrow and select Fax.
6. Click on the Modem up or down arrow and select the tty modem(s) for faxing. You can choose multiple
modems by holding down the shift key.
7. Click on the Save button.
MultiAccess Communications Server MA30120 User Guide 24
Chapter 2 – Installation
Modem Setup
Modem Setup screen only applies when the Modem Usage is set for RAS (Dial-in PPP). RAS usage is defined
in the Modem Usage Setup field of the Modem Usage screen.
1. Verify that the V.92 Setup parameters conform to your client’s characteristics.
2. Multi-Tech recommends that you set Retrain Limit to 4 and due to compatibility issues seen with
various modems, you may wish to disable Quick Connect and V.8bis.
3. If additonal modem commands are required, refer to Appendix B, Advanced Commands.
MultiAccess Communications Server MA30120 User Guide 25
Chapter 2 – Installation
Fax Setup
Fax setup is initiated when you allocate modem(s) to the integrated Hylafax™ Fax Server. This is achieved by
setting the selected modem’s usage to Fax. If no modems are set for fax usage, then only the General Fax
Setup section is displayed. The Fax Setup screen is used to configure the integrated Hlyfax Server for sending
and receiving faxes.
The sending of outbound faxes via the Hylafax Server requires the use of a Hylafax compatible Fax Client
software, e.g., Multi-Tech’s FaxFinder Client. The General Fax Setup group is used to add Fax Clients to the
Hylafax server.
The Fax Client must be installed on each workstation that you wish to send faxes from. The Fax Client must
use the credentials defined in the General Fax Setup group to submit faxes for sending. The Fax Client is not
used for receiving faxes.
Inbound faxes received from the T1/E1 digital line are converted to tiff files and then emailed from the Hylafax
server to the specified recepient. The Fax Delivery Setup group is used to configure the routing of inbound
faxes.
MultiAccess Communications Server MA30120 User Guide 26
Chapter 2 – Installation
Outbound Fax Client Data Base
The outbound fax client data base is generated in the General Fax Setup group. The current outbound fax
client data base is shown in the table at the bottom of the General Fax Setup group. The credentials defined
here are to be used by the fax client. The fax client uses these credentials when accessing the Hylafax server.
1. To establish a fax client data base, enter each user name and password in their respective windows and
click the Add button for each entry.
Note: All fax clients can use the same set of credentials, or a unique set for each client can be added.
Fax Modem Settings
These settings are used to define the fax station identity and other administrative variables. The default
settings are normally sufficient with the exception of the “Rings Before Answer” parameter. When the Called
Number feature is used, the Rings Before Answer must be set to 2 for all the ports. Each Fax Modem is to be
configured with a unique Local Identifier, which is used as the TSI (Transmit Station Identifier) when sending
faxes and is included in the body of the email when receiving faxes. You can limit the maximum number of
pages being received.
Inbound Fax Data Base
The Fax Delivery Setup group is used to configure the routing of inbound faxes. The current fax routing table is
shown at the bottom of this group. Who the fax should be delivered to (routed to) is determined by one of two
routing methods:
A) “Route by Device” (what tty port the fax was received on),
B) Route by Called Number” (number dialed by the remote sender).
Route by Device is a static delivery method, where all faxes that are received on that particular port will be
sent to the email address defined for that port.
8. To deliver the fax based on the port (device) it was received on, select the radio button “Route by Device”
and then highlight the ttyMXxx port(s) from the corresponding window in the Fax Delivery Setup group,
1. Enter the email address of the fax recipient in the Email window and then click add.
Route by Called Number is a dynamic delivery method that requires the use of a PRI line (T1-PRI or E1-PRI
line type). Route entries are to match the DNIS information (provided by Telco per call) to an email address.
The Telco switch will (via PRI signaling) provide DNIS digits to the MultiAccess at the time of ringing (call
setup). How many digits will Telco be providing? The remote originator of the fax may dial 11 digits (1-800333-4444) but Telco may only provide the last x number of digits (where x is commonly = 4). DNIS digits
provided by Telco is a variable to be determined at the time of ordering and installing the PRI service. If no
Called Number route entries can be matched to the DNIS provided for that call - the default route entry will be
used.
1. To deliver the fax based on the number dialed, select the radio button “Route by Called Number”.
2. Enter the email address of the fax recipient in the Email window.
3. Enter the DNIS string matching the number dialed and then click add.
9. The entry should be added to the route table found at the bottom of the screen.
MultiAccess Communications Server MA30120 User Guide 27
Chapter 2 – Installation
User Authentication
User authentication is established using Radius Client and Radius Server screens. The Radius Client informs
the MultiAccess of where the Radius Server is located. If your network already has a Radius Server, you do not
have to enter the Radius Server screens. The Radius Server screens are only used when the Radius Server in
the MultiAccess is going to be used. Initially the Radius Server > Default User Setup screen displays the default
settings that are used for dial in network access. Initially these default settings are all that you should need to
authenticate a remote user.
Note: When using the internal Radius Server, you must use the IP address of network card 1 (eth0).
Radius Client
1. Choose User Authentication >Radius Client.
2. Click on Line Interface and select the Line number you selected in the Line Interface screen.
MultiAccess Communications Server MA30120 User Guide 28
Chapter 2 – Installation
3. Choose the Authentication Type that is being used in your situation by clicking on the down arrow and
highlighting the Authentication Type. Radius is the default. You can choose from none, radius, tacacs,
remote, local, and radius/local.
4. We recommend that you leave Allow Local Logins set to the default of no.
Caution: If you change this to yes and put a “!” before the login name, you could be setting up a potential
security risk. You can use this in an emergency situation if your radius server goes down.
5. Enter the IP address of your main Radius server in RADIUS Server Address 1 window.
Note: When using the internal Radius Server, both server and client must used the IP address network card
1 (eht0).
6. Enter the UDP port number used by your main Radius server in the first Port window.
7. Enter the IP address of your main Radius Accounting host in the RADIUS Accounting Address 1 window.
8. Enter the UDP port number used by your main Radius Accounting host in the second Port window.
9. If you have a second (backup) Radius server, enter the IP address for the backup Radius server in the
RADIUS Server Address 2 window. Follow that by entering the port number of the backup Radius server
in the third Port window. Then enter the backup Radius Accounting host in the RADIUS Accounting
Address 2 window followed by the port number for the backup host in the fourth Port window.
10. Enter your Shared Secret for the Radius Server in the RADIUS Shared Secret window.
11. In the Remote Host Address window, set the starting IP address of your IP address pool (addresses that
are to be assigned to the dial in users). The IP address needs to have a + (plus symbol) after the number
(e.g., 192.168.1.150+). The plus symbol instructs “Portslave” to create an address pool starting with the
address you have entered. Portslave determines the “ending” address number by adding up all the Line
Interface selections that have their “Port Selection” set to “All”. If the MultiAccess server has multiple line
interface modules and all ports are to use an address pool, set this field to the same address
(192.168.1.150+) for each line interface.
12. Enter the IP address of your primary name server in the DNS Server Address 1. This establishes the
name server for remote access users. If you have a backup DNS server, enter the IP address of your
backup DNS Server in the DNS Server Address 2 window.
13. Click the Save button when you are finished.
14. Repeat the above procedure for each line interface.
MultiAccess Communications Server MA30120 User Guide 29
Chapter 2 – Installation
Radius Server > General Setup
If you are going to use the Radius Server that comes with your MultiAccess, then you need to tell the Radius
Server who the Radius Clients are. You need one entry for each Network Access Server (NAS) in your
network.
Note: When using the internal Radius Server, you must use the IP address of network card 1 (eth0).
1. You can enable status by clicking on the Enabled window.
2. Enter the IP address of network card 1 (eth0) in the Client window. This IP address tells the Radius Server
where the Radius Client is located.
3. Enter the same Shared Radius Secret used in the Radius Client screen in the Shared Secret window. The
Shared Secret in the Radius Server and the Radius Server Secret in the Radius Client have to be the same
in order for the two to communicate.
4. You can enter an arbitrary name, unique name for each NAS in the Short Name window.
5. Select the manufacture of radius client/NAS that is being used in your system from the Type drop down
arrow. For example, multitech, livingston, or etc.
6. The three optional items are to restrict logins.
7. Click Add when you are finished.
MultiAccess Communications Server MA30120 User Guide 30
Loading...