How it Works
RuggedCom
Loading...
RX1100
User Manual
312 pgs5.69 Mb1
User Manual
341 pgs7.57 Mb1
User Manual
284 pgs4.76 Mb0
Table of contents
Loading...

RuggedCom RX1100, RX1000 User Manual

RuggedRouter
RX1000/RX1100 User Guide
®
RuggedCom Inc. 30 Whitmore Road, Woodbridge, Ontario, Canada L4L 7Z4
Web: www.ruggedcom.com Tel: (905) 856-5288 Fax: (905) 856-1995 Toll Free: (888) 264-0006
FOR USE WITH RX1000/RX1100 PRODUCTS
RuggedCom
30 Whitmore Road
RUGGEDROUTER® USER GUIDE
Version 1 .13.1 – August 6, 200 8
Disclaimer
RuggedCom Inc. makes no wa rr an ty o f any kind with regar d to this mater ial.
Woodbridge, Ontario
Canada L4L7Z4
Tel: (905) 856-5288
Fax: (905) 856-1995
Toll Free: (888) 264-0006
support@ruggedcom.com
http://www.ruggedcom.com
RuggedCom shall not be liable for errors conta in ed herein or fo r consequ ential damages in con nection wit h the furnish in g, performan ce, or use of this material.
Warranty
Five (5) years from date of purchase , return to factory. For warranty detai ls , visi t www.rugged com.com or contac t your customer servi ce repre sentative.
COPYR IG HT © A ug ust 2008 RuggedCom Inc.
ALL RIGHTS RESERVED
Thi s do cu ment contains proprietary i nformation, which is protected by copyright. All righ ts are reserved.
The R ugge dR outer® includes components licensed under the GPL and BSD style lic enses. The f ull licences of such are included in an associa ted document.
No pa rt of this document may be photoco pied, repr od uced o r trans lated to another language with ou t the pri or wri tt en consent of RuggedCom Inc.
Lin ux ® is the regi st ered t rademark of Linus Tor va ld s in the U.S. and other countries.
Gaunt let® is the registered trademark of Industri al Defender Corporation .

About this User Guide

This guide is concerned with aiding the user in the configuration and operation of the RuggedRouter® using the RuggedCom command line, setup menu and web management interfaces. Specifically, this guide details aspects of:
Accessing the User Interfaces
Security
Configuring the router
Status determination
Performance measurement
Uploading and downloading files
Dealing with alarms
This guide also details operation of the RX1100 Gauntlet security appliance.
This guide is intended solely for the purpose of familiarizing the reader with the ways that the RuggedRouter can be used to support routing over Ethernet, T1/E1, T3 ADSL, DDS and Frame Relay as well as act as a Serial server and time synchronization device.
About this User Guide

Applicable Firmware Revision

This guide is applicable to RuggedRouter ROX 1.13.1 software revision.

Who Should Use This User Guide

This guide is to be used by network technical support personnel who are familiar with the operation of networks. Others who might find the book useful are network and system planners, system programmers and line technicians.

How To Use This User Guide

Each chapter has been prepared with a feature description, an application section and a description of the default mode of operation. It is recommended that you use this guide along with the following applicable documents.
RuggedRouter® Installation Guide
Rugged MediaConverter Installation Guide
RuggedCom Fiber Guide
Gauntlet® Command and Control Center (CCC) User Manual,
Gauntlet Virtual Polling Controller (VPC) User Manual
Gauntlet System Installation Manual
Gauntlet System Best Practices
RuggedCom 1
RuggedRouter® User Guide

Document Conventions

This publication uses the following conventions:
Note: Means reader take note. Notes contain helpful suggestions or references to materials
not contained in this guide.
Helpful Hint
This type of note often indicates useful shortcuts or methods employed by other RuggedCom customers.

Quick Start Recommendations

The following description is included to aid those users experienced with communications equipment that may wish to attempt to configure the router without fully reading the guide.
1. Locate/mount the chassis in its final resting place and apply power.
2. The router can be configured through its web management interface, or for advanced users, through ssh. The default Ethernet addresses for ports one through four are 192.168.1.1 through 192.168.4.1. Two shell accounts, rrsetup and root, are provided. Both accounts have a default password of “admin”. The web management interface uses the root account password. The rrsetup account provides a shell that configures such items as passwords, addresses, date/time and services offered by the router. The root account provides a full shell.
3. Attach a PC running terminal emulation software to the RS232 port and apply power to the chassis (default baud rate, data bits, parity - “38400 8 n 1”, no hardware/software flow control). Set the terminal type to VT100. Press ENTER to obtain a login prompt.
Initial Configuration Before Attaching To The Network
4. Login as the rrsetup user with password “admin”.
5. Change the root and rrsetup passwords from the shell. Record the passwords in a secure manner. If RADIUS authentication will be employed,
configure at least one authentication server address.
6. Configure the router’s hostname, IP address, subnet mask, and gateway addresses for the built-in Ethernet ports.
7. For an RX1100 router, the Gauntlet Security application may be configured with the passphrase allocated to the network the network address of the Command and Control Center (CCC). Note that you must also configure and activate the firewall before using the Gauntlet.
8. Ensure that the date, time and timezone fields are correctly set.
9. If Web or SSH services will not be used, these can be disabled from the setup shell.
2 RuggedCom
About this User Guide
10. All further configuration is accomplished through the web management interface. Attach the configuring host to one of the Ethernet ports configured above. Point your web browser at the address for that port, use https and specify a port number of 10000, e.g. https://192.168.1.1:10000 (or otherwise if configured in step 4). Login with the root user and password (configured above). If RADIUS authentication is configured and a server is available, you may also login via a RADIUS user.
Basic Web Based Configuration
11. Change the router password from the System menu, Change Password sub­menu.
12. If you are using the web management interface you may wish to restrict the allowed users to a specific subnet. This can be done in the Webmin menu, Webmin Configuration, IP Access Control sub-menu.
13. If you are planning to SSH in to the router you may wish to restrict the allowed users to a specific subnet. This can be done in the Servers menu, SSH Server, Networking sub-menu.
14. The router's local hostname may configured in the System Menu, System Hostname sub-menu.
15. The router may be configured to log to a remote server by the Maintenance menu, System Logs sub-menu. See the chapter “Maintaining The Router” for more details.
16. The router's DNS settings may configured in the DNS Clients sub-menu. You may also specify the IP addresses of frequently used hosts. See the chapter “Configuring Networking” for more details.
Physical Interface Related
17. Ethernet port parameters may be changed in the Networking menu, Ethernet sub­menu. The Ethernet Interfaces sub-menu will configure the IP address, subnet mask, gateway address, proxy arping and media type of each interface. See the chapter “Configuring Ethernet Interfaces” for more details.
18. If your router is equipped with T1/E1 WAN interfaces, the Networking menu, T1/E1 sub-menu will allow you to configure them with Frame Relay or PPP connections. See the chapter “Configuring Frame Relay/PPP And T1/E1” for more details.
19. If your router is equipped with T3 WAN interfaces, the Networking menu, T3 sub-menu will allow you to configure them with Frame Relay or PPP connections. See the chapter “Configuring Frame Relay/PPP And T3” for more details.
20. If your router is equipped with DDS interfaces, the Networking menu, DDS sub­menu will allow you to configure them with Frame Relay or PPP connections. See the chapter “Configuring Frame Relay/PPP And DDS” for more details.
21. If your router is equipped with ADSL interfaces, the Networking menu, ADSL sub-menu will allow you to configure them. See the chapter “Configuring PPPoE On ADSL” for more details. If you wish to use PPPOE with an external ADSL modem, the Networking menu, Ethernet sub-menu will configure it.
RuggedCom 3
RuggedRouter® User Guide
22. If your router is equipped with an embedded modem, the Networking menu, Modem sub-menu will allow you to configure it with PPP or incoming console connections. See the chapter “Configuring PPP And Modem” for more details.
23. If your router is equipped with Serial Interfaces, the Servers menu, Serial Protocols sub-menu will allow you to configure them with an operating protocol. See the chapter “Configuring Serial Protocols” for more details.
24. If your router is equipped with a Precision Time Protocol Card, the Servers menu, IRIGB sub-menu will allow you to enable and configure its output ports. See the chapter “Configuring IRIGB” for more details.
Additional Configuration
25. You may wish to configure a backup interface to use in the event of a failure of your default gateway interface. This can be done in the Networking menu, Network Configuration, End To End Backup sub-menu.
26. If you are planning to connect your router to the Internet, configure the firewall and then activate it. This can be done in the Networking menu, Shorewall Firewall sub-menu.
27. The router provides a default event logging configuration. You can modify this configuration through the Maintenance menu, System Logs sub-menu. Remote logging can be activated here.
28. The routers SSH and Web Management interfaces are enabled by default. The routers DHCP server, IPsec VPN server, NTP server, OSPF/RIP protocol, VRRP protocol and firewall are disabled by default. To changes these services visit the System menu, Bootup and Shutdown sub-menu.
29. You can install static IP and Multicast routings for Ethernet and WAN interfaces via the Networking menu, Network Configuration, Routing and Default Route and Static Multicast Routing sub-menus.
30. You can configure the NTP server through the Servers menu, NTP Server sub­menu. See the chapter “Configuring NTP” for more details.
31. You can configure SSH through the Servers menu, SSH Server sub-menu. SSH can be set-up to issue a login banner from this menu. See the chapter “Configuring SSH” for more details.
32. Traffic prioritization can be configured on the network interfaces through the Networking menu, Traffic Prioritization sub-menu.. See the chapter “Traffic Prioritization” for more details.
33. SNMP is disabled by default. You can configure SNMP by following the instructions in the Appendix on SNMP. You may allow read and write access, set community names, enable traps and program the router to issue traps with a specific client address.
34. If your router is an RX1100 you may configure and activate the Snort Intrusion Detection system and the Gauntlet Security Appliance. If you decide to forward daily email summaries you must configure a mail forwarder in the Maintenance menu Miscellaneous sub-menu Outgoing Mail sub-menu.
4 RuggedCom
About this User Guide
35. When your routers configuration is stable, it is recommended that the configuration should be uploaded from the router and stored as a backup. The Maintenance menu Backup And Restore sub-menu will be useful.
36. Should you need to transfer files to or from the router, the Maintenance menu Upload/Download Files sub-menu will be useful.
37. Further concerns such as ensuring robustness, measuring and optimizing performance are dealt with by reading the guide fully.
RuggedCom 5
RuggedRouter® User Guide

Table Of Contents

About this User Guide............................................................................................................................1
Applicable Firmware Revision..........................................................................................................1
Who Should Use This User Guide.....................................................................................................1
How To Use This User Guide............................................................................................................1
Document Conventions......................................................................................................................2
Quick Start Recommendations...........................................................................................................2
Table Of Contents..................................................................................................................................6
Table Of Figures..................................................................................................................................19
Chapter 1 - Setting Up And Administering The Router......................................................................25
Introduction ...............................................................................................................................25
Access Methods.......................................................................................................................25
Accounts And Password Management.....................................................................................25
Default Configuration..............................................................................................................25
Accessing The RuggedRouter Command Prompt...........................................................................26
From the Console Port ...............................................................................................................26
From SSH ....................................................................................................................................26
The RuggedRouter Setup Shell........................................................................................................26
Configuring Passwords................................................................................................................27
Configuring IP Address Information ...........................................................................................27
Setting The Hostname .................................................................................................................28
Configuring RADIUS Authentication..........................................................................................28
Enabling And Disabling The SSH and Web Server ....................................................................28
Enabling And Disabling The Gauntlet Security Appliance.........................................................28
Configuring The Date, Time And Timezone .........................................................................29
Displaying Hardware Information................................................................................................29
Restoring A Configuration ..........................................................................................................30
The RuggedRouter Web Interface....................................................................................................31
Using a Web Browser to Access the Web Interface....................................................................31
SSL Certificate Warnings ...........................................................................................................31
The Structure of the Web Interface..............................................................................................32
Using The LED Status Panel .........................................................................................................33
Obtaining Chassis Information .......................................................................................................34
Chapter 2 - Webmin Configuration.....................................................................................................35
Introduction......................................................................................................................................35
Webmin Configuration Menu .........................................................................................................35
IP Access Control ........................................................................................................................35
Ports And Addresses ...............................................................................................................36
Change Help Server.....................................................................................................................36
Logging .......................................................................................................................................37
Authentication .............................................................................................................................38
Webmin Events Log ....................................................................................................................38
Chapter 3 - Configure Webmin Users..................................................................................................39
Introduction......................................................................................................................................39
6 RuggedCom
Table Of Contents
Webmin User and Group Fundamentals..........................................................................................39
RADIUS User Access Control Fundamentals.................................................................................39
Webmin Users Menu.......................................................................................................................40
Edit Webmin User menu..................................................................................................................41
Current Login Sessions Menu..........................................................................................................41
Password Restrictions Menu............................................................................................................42
Chapter 4 - Configuring The System...................................................................................................43
Introduction......................................................................................................................................43
Bootup And Shutdown ....................................................................................................................43
Change Password Command ........................................................................................................44
Scheduled Commands .....................................................................................................................44
Scheduled Cron Jobs .......................................................................................................................46
System Hostname.............................................................................................................................47
System Time ...................................................................................................................................47
Chapter 5 - Configuring Networking...................................................................................................49
Introduction......................................................................................................................................49
Network Configuration....................................................................................................................49
Core Settings................................................................................................................................50
Dummy Interface..........................................................................................................................51
Routing And Gateways................................................................................................................51
Default Route Table.................................................................................................................51
Configured Static Routes.........................................................................................................52
Manually Entered Static Routes ..............................................................................................52
Static Multicast Routing...............................................................................................................53
DNS Client...................................................................................................................................54
Host Addresses.............................................................................................................................54
End To End Backup.....................................................................................................................55
Configuring End To End Backup.............................................................................................56
Current Routing & Interface Table .............................................................................................56
Chapter 6 - Configuring Ethernet Interfaces........................................................................................57
Introduction......................................................................................................................................57
Ethernet Interface Fundamentals..................................................................................................57
LED Designations ...................................................................................................................57
VLAN Interface Fundamentals....................................................................................................57
VLAN Tag...............................................................................................................................57
RuggedRouter Functions Supporting VLANs.........................................................................58
PPPoE On Native Ethernet Interfaces Fundamentals .................................................................58
Ethernet Configuration.....................................................................................................................59
Ethernet Interfaces........................................................................................................................59
Editing Currently Active Interfaces ............................................................................................60
Virtual Interfaces .....................................................................................................................61
Virtual Lan Interfaces...............................................................................................................61
Edit Boot Time Interfaces ...........................................................................................................61
PPPoE On Native Ethernet Interfaces..........................................................................................62
Edit PPPoE Interface....................................................................................................................63
PPP Logs......................................................................................................................................63
Current Routes & Interface Table................................................................................................64
RuggedCom 7
RuggedRouter® User Guide
Chapter 7 - Configuring Frame Relay/PPP And T1/E1.......................................................................65
Introduction......................................................................................................................................65
T1/E1 Fundamentals....................................................................................................................65
Frame Relay.............................................................................................................................65
Location Of Interfaces And Labeling.......................................................................................66
LED Designations ...................................................................................................................66
Included With T1E1.................................................................................................................66
T1/E1 Configuration .......................................................................................................................67
T1/E1 Network Interfaces............................................................................................................67
Strategy For Creating Interfaces...............................................................................................67
Naming Of Logical Interfaces..................................................................................................68
Editing A T1/E1 Interface ...........................................................................................................69
T1 Settings ..............................................................................................................................69
E1 Settings ..............................................................................................................................69
Editing A Logical Interface (Frame Relay) .................................................................................70
Frame Relay Link Parameters..................................................................................................70
Frame Relay DLCIs..................................................................................................................71
Editing A Logical Interface (PPP) ...............................................................................................71
T1/E1 Statistics............................................................................................................................72
Link Statistics...........................................................................................................................72
Frame Relay Interface Statistics...............................................................................................73
PPP Interface Statistics............................................................................................................74
T1/E1 Loopback...........................................................................................................................75
Current Routes & Interface Table................................................................................................76
Upgrading Software ....................................................................................................................76
Upgrading Firmware ...................................................................................................................76
Chapter 8 - Configuring Frame Relay/PPP And T3.............................................................................77
Introduction......................................................................................................................................77
T3 Fundamentals..........................................................................................................................77
Location Of Interfaces And Labeling.......................................................................................77
LED Designations ...................................................................................................................77
T3 Configuration .........................................................................................................................78
T3 Network Interfaces..................................................................................................................78
Naming Of Logical Interfaces..................................................................................................78
Editing A T3 Interface .................................................................................................................79
Editing A Logical Interface (Frame Relay) .................................................................................79
Editing A Logical Interface (PPP) ...............................................................................................80
T3 Statistics..................................................................................................................................80
Current Routes & Interface Table................................................................................................80
Upgrading Software ....................................................................................................................81
Chapter 9 - Configuring Frame Relay/PPP And DDS.........................................................................83
Introduction......................................................................................................................................83
DDS Fundamentals......................................................................................................................83
Location Of Interfaces And Labeling.......................................................................................83
LED Designations ...................................................................................................................83
DDS Configuration .........................................................................................................................84
DDS Network Interfaces..............................................................................................................84
Naming Of Logical Interfaces..................................................................................................85
Editing A Logical Interface (Frame Relay) .................................................................................85
8 RuggedCom
Table Of Contents
Editing A Logical Interface (PPP) ...............................................................................................86
DDS Statistics..............................................................................................................................86
Link Statistics...........................................................................................................................86
Frame Relay And PPP Interface Statistics...............................................................................87
DDS Loopback.............................................................................................................................87
Current Routes & Interface Table................................................................................................87
Upgrading Software ....................................................................................................................87
Chapter 10 - Configuring PPPoE/Bridged Mode On ADSL................................................................89
Introduction......................................................................................................................................89
ADSL Fundamentals....................................................................................................................89
PPPoE/Bridged Mode Fundamentals...........................................................................................89
Authentication, Addresses and DNS Servers .........................................................................90
PPPoE MTU Issues ...............................................................................................................90
Bridged Mode...........................................................................................................................90
Location Of Interfaces And Labeling.......................................................................................90
LED Designations ...................................................................................................................90
ADSL Configuration .......................................................................................................................91
ADSL Network Interfaces............................................................................................................91
Editing A Logical Interface (PPPoE) ..........................................................................................92
Editing A Logical Interface (Bridged) ........................................................................................93
ADSL Statistics............................................................................................................................94
Current Routes & Interface Table................................................................................................94
Upgrading Software ....................................................................................................................94
Chapter 11 - Configuring PPP and Modem.........................................................................................95
Introduction......................................................................................................................................95
PPP and Modem Fundamentals...................................................................................................95
PPP Interface............................................................................................................................95
Authentication, Addresses and DNS Servers...........................................................................95
When the Modem Connects.....................................................................................................95
LED Designations....................................................................................................................95
PPP Modem Configuration .............................................................................................................96
Modem Configuration .................................................................................................................96
Modem PPP Client Connections..................................................................................................98
Modem PPP Client ......................................................................................................................99
Modem PPP Server....................................................................................................................100
Modem Incoming Call Logs .....................................................................................................101
Modem PPP Logs ......................................................................................................................101
Modem PPP Connection Logs ..................................................................................................102
Current Routes & Interface Table..............................................................................................102
Chapter 12 - Configuring PPP and Cellular Modem.........................................................................103
Introduction....................................................................................................................................103
PPP and Cellular Modem Fundamentals...................................................................................103
PPP Interface..........................................................................................................................103
Authentication, Addresses and DNS Servers .......................................................................103
When the Modem Connects...................................................................................................103
LED Designations .................................................................................................................103
PPP Cellular Modem Configuration..............................................................................................104
Cellular Modem Configuration..................................................................................................104
RuggedCom 9
RuggedRouter® User Guide
Modem Status............................................................................................................................105
Modem PPP Client Connections................................................................................................106
Modem PPP Client ....................................................................................................................106
PPP Logs, PPP Connection Logs...............................................................................................107
Current Route and Interfaces Table...........................................................................................107
Chapter 13 - Configuring The Firewall..............................................................................................109
Introduction....................................................................................................................................109
Firewall Fundamentals ..................................................................................................................109
Stateless vs Stateful Firewalls................................................................................................109
Linux® netfilter, iptables And The Shoreline Firewall ........................................................109
Network Address Translation................................................................................................110
Port Forwarding.....................................................................................................................111
Shorewall Quick Setup...................................................................................................................111
ShoreWall Terminology And Concepts.........................................................................................113
Zones......................................................................................................................................113
Interfaces................................................................................................................................113
Hosts.......................................................................................................................................114
Policy......................................................................................................................................114
Masquerading And SNAT......................................................................................................115
Rules.......................................................................................................................................116
Configuring The Firewall And VPN..............................................................................................117
Route Based Virtual Private Networking...............................................................................117
Policy Based Virtual Private Networking..............................................................................118
Virtual Private Networking To A DMZ.................................................................................118
Firewall Configuration...................................................................................................................119
Network Zones...........................................................................................................................121
Network Interfaces.....................................................................................................................121
Network Zone Hosts..................................................................................................................123
Default Policies..........................................................................................................................124
Masquerading.............................................................................................................................125
Firewall Rules............................................................................................................................126
Static NAT.................................................................................................................................127
TC (Traffic Control) Interfaces, Classes, and Rules..................................................................128
Actions When Stopped...............................................................................................................128
Chapter 14 - Traffic Control..............................................................................................................129
Traffic Control (TC) Fundamentals...............................................................................................129
Traffic Control Example............................................................................................................129
TC Interfaces..........................................................................................................................129
TC Classes..............................................................................................................................130
TC Rules................................................................................................................................130
Traffic Control Configuration........................................................................................................131
TC Interfaces (tcdevices)...........................................................................................................131
TC Classes..................................................................................................................................132
TC Rules....................................................................................................................................134
Hints on optimizing the TC Rule table..................................................................................136
Chapter 15 - Configuring IPsec VPN ................................................................................................137
Introduction....................................................................................................................................137
VPN Fundamentals ...................................................................................................................137
10 RuggedCom
Table Of Contents
IPsec Modes...........................................................................................................................137
Policy Vs Route Based VPNs................................................................................................138
Supported Encryption Protocols ...........................................................................................138
Public Key And Pre-shared Keys...........................................................................................139
X509 Certificates...................................................................................................................139
NAT Traversal.......................................................................................................................139
Other Configuration Supporting IPSec..................................................................................139
The Openswan Configuration Process...................................................................................140
IPsec and Router Interfaces....................................................................................................140
Ipsec VPN Configuration...............................................................................................................141
VPN Main Menu Before Key Generation..................................................................................141
VPN Main Menu ......................................................................................................................141
Server Configuration .................................................................................................................142
Public Key .................................................................................................................................143
Preshared Keys ..........................................................................................................................143
List Certificates..........................................................................................................................144
VPN Connections ......................................................................................................................144
IPsec VPN Connection Details..............................................................................................145
Left/Right System's Settings..................................................................................................146
Export Configuration.............................................................................................................146
Showing IPsec Status ................................................................................................................147
IPSec X.509 Roaming Client Example......................................................................................148
Select A Certificate Authority................................................................................................148
Generate X.509 Certificates .................................................................................................149
VPN Networking Parameters.................................................................................................149
Client Configuration..............................................................................................................149
Router IPSec Configuration...................................................................................................149
Firewall IPSec Configuration.................................................................................................150
Ethernet Port Configuration...................................................................................................150
Chapter 16 - Configuring Dynamic Routing .....................................................................................151
Introduction....................................................................................................................................151
Quagga, RIP and OSPF..............................................................................................................151
RIP Fundamentals......................................................................................................................151
OSPF Fundamentals...................................................................................................................152
Link State Advertisements.....................................................................................................152
Key OSPF And RIP Parameters.................................................................................................152
Network Areas.......................................................................................................................152
Router-ID...............................................................................................................................153
Hello Interval and Dead Interval............................................................................................153
Active/Passive Interface Default............................................................................................153
Redistributing Routes.............................................................................................................153
Link Detect.............................................................................................................................154
Configuring OSPF Link Costs...............................................................................................154
OSPF Authentication.............................................................................................................154
RIP Authentication.................................................................................................................154
OSPF And Antispoofing........................................................................................................154
Administrative Distances.......................................................................................................155
OSPF And VRRP Example Network.........................................................................................155
Area And Subnets..................................................................................................................155
VRRP Operation....................................................................................................................156
RuggedCom 11
RuggedRouter® User Guide
Dynamic Routing Configuration....................................................................................................157
Enable Protocols........................................................................................................................157
Core............................................................................................................................................158
Core Global Parameters.........................................................................................................158
Core Interface Parameters......................................................................................................159
View Core Configuration.......................................................................................................159
OSPF..........................................................................................................................................159
OSPF Global Parameters.......................................................................................................160
OSPF Interfaces.....................................................................................................................162
OSPF Network Areas.............................................................................................................163
OSPF Status...........................................................................................................................163
View OSPF Configuration.....................................................................................................163
RIP.............................................................................................................................................164
RIP Global Parameters...........................................................................................................164
RIP Key Chains......................................................................................................................165
RIP Interfaces.........................................................................................................................166
RIP Networks.........................................................................................................................167
RIP Status...............................................................................................................................167
View RIP Configuration........................................................................................................167
Chapter 17 - Link Backup..................................................................................................................169
Introduction....................................................................................................................................169
Link Backup Fundamentals........................................................................................................169
Path Failure Discovery...........................................................................................................169
Use Of Routing Protocols And The Default Route................................................................170
Link Backup Configuration............................................................................................................170
Link Backup Main Menu...........................................................................................................170
Link Backup Configurations......................................................................................................170
Edit Link Backup Configuration................................................................................................171
Link Backup Logs......................................................................................................................172
Link Backup Status....................................................................................................................172
Test Link Backup.......................................................................................................................172
Chapter 18 - Configuring VRRP........................................................................................................175
Introduction....................................................................................................................................175
VRRP Fundamentals .................................................................................................................175
The Problem With Static Routing..........................................................................................175
The VRRP Solution...............................................................................................................175
VRRP Terminology...............................................................................................................175
VRRP Configuration......................................................................................................................178
VRRP Main Menu.....................................................................................................................178
VRRP Configuration Menu.......................................................................................................178
Editing A VRRP Instance..........................................................................................................179
Editing A VRRP Group.............................................................................................................180
Viewing VRRP Instances Status ...............................................................................................180
Chapter 19 - Configuring Traffic Prioritization ................................................................................181
Introduction....................................................................................................................................181
Traffic Prioritization Fundamentals ..........................................................................................181
Priority Queues.......................................................................................................................181
Filters.....................................................................................................................................181
12 RuggedCom
Table Of Contents
TOS Prioritization..................................................................................................................182
Prioritization Example...............................................................................................................183
Configuring Traffic Prioritization..................................................................................................184
Traffic Prioritization Main Menu...............................................................................................184
Interface Prioritization Menu.....................................................................................................184
Prioritization Queues..............................................................................................................185
Prioritization Filters...............................................................................................................185
Prioritization Transmit Queue Length...................................................................................186
Prioritization Statistics...............................................................................................................186
Chapter 20 – Configuring Generic Routing Encapsulation ..............................................................187
Introduction....................................................................................................................................187
GRE Fundamentals ...................................................................................................................187
GRE Configuration........................................................................................................................188
GRE Main Menu........................................................................................................................188
GRE Configuration Menu..........................................................................................................188
Chapter 21 - Network Utilities ..........................................................................................................191
Introduction....................................................................................................................................191
Network Utilities Main Menu........................................................................................................191
Ping Menu......................................................................................................................................192
Traceroute Menu............................................................................................................................192
Host Menu......................................................................................................................................193
Trace Menu....................................................................................................................................193
Tcpdump A Network Interface..............................................................................................193
Frame Relay Link Layer Trace A WAN Interface.................................................................194
Serial Trace A Serial Server Port...........................................................................................194
Interface Statistics Menu................................................................................................................195
Current Routing & Interface Table ...........................................................................................195
Interface Status.......................................................................................................................196
Chapter 22 - Configuring Serial Protocols ........................................................................................197
Introduction....................................................................................................................................197
Serial IP Port Features................................................................................................................197
LED Designations .................................................................................................................197
Serial Protocols Applications.....................................................................................................198
Character Encapsulation.........................................................................................................198
RTU Polling...........................................................................................................................198
Broadcast RTU Polling..........................................................................................................198
Serial Protocols Concepts And Issues........................................................................................199
Host And Remote Roles.........................................................................................................199
Use Of Port Redirectors.........................................................................................................199
Message Packetization...........................................................................................................199
Use of Turnaround Delays.....................................................................................................200
TcpModBus Server Application................................................................................................200
Local Routing At The Server Gateway..................................................................................200
MultiMaster Capability..........................................................................................................200
TcpModbus Concepts And Issues..............................................................................................200
Host And Remote Roles.........................................................................................................200
Port Numbers.........................................................................................................................201
Retransmissions.....................................................................................................................201
RuggedCom 13
RuggedRouter® User Guide
ModBus Exception Handling.................................................................................................201
TcpModbus Performance Determinants................................................................................202
A Worked Example................................................................................................................203
DNP (Distributed Network Protocol)........................................................................................204
Address Learning for DNP.....................................................................................................204
DNP Broadcast Messages......................................................................................................204
Serial Protocols Configuration.......................................................................................................205
Serial Protocols Main Menu......................................................................................................205
Assign Protocols Menu..............................................................................................................206
Port Settings Menu.....................................................................................................................206
RawSocket Menu.......................................................................................................................206
TcpModBus Menu.....................................................................................................................207
DNP Menu.................................................................................................................................208
Serial Protocols Statistics Menu................................................................................................210
Protocol Specific Packet Error Statistics...............................................................................210
Serial Protocols Trace Menu......................................................................................................211
Serial Protocols Sertrace Utility.................................................................................................212
Chapter 23 - Configuring GOOSE Tunnels.......................................................................................213
Introduction....................................................................................................................................213
IEC61850 GOOSE Fundamentals..............................................................................................213
Layer 2 Tunnel Daemon Details............................................................................................213
Layer 2 Tunnel Configuration........................................................................................................214
Layer 2 Tunnels Main Menu......................................................................................................214
General Configuration Menu.....................................................................................................215
GOOSE Tunnels Menu..............................................................................................................215
GOOSE Statistics Menu.............................................................................................................216
Activity Trace Menu..................................................................................................................217
Chapter 24 - Configuring The DHCP server......................................................................................219
Introduction....................................................................................................................................219
DHCP Fundamentals..................................................................................................................219
DHCP Network Organizations...............................................................................................219
DHCP Client Options............................................................................................................219
Option 82 Support with Disable NAK ..................................................................................221
Example DHCP Scenarios And Configurations........................................................................221
Single Network With Dynamic IP Assignment.....................................................................221
Single Network With Static IP Assignment...........................................................................222
Single Network With Option82 Clients On One Switch.......................................................222
Multiple Subnets On Separate VLANs Using Option82 On One Switch..............................223
DHCP Configuration......................................................................................................................225
DHCP Server Main Menu..........................................................................................................225
DHCP Shared Network Configuration.......................................................................................226
DHCP Subnet Configuration.....................................................................................................227
DHCP Group Configuration......................................................................................................228
DHCP Host Configuration.........................................................................................................228
DHCP Pool Configuration.........................................................................................................229
Chapter 25 - Configuring NTP ..........................................................................................................231
Introduction....................................................................................................................................231
NTP Fundamentals ....................................................................................................................231
14 RuggedCom
Table Of Contents
The NTP Sanity Limit ...........................................................................................................232
NTP And The Precision Time Protocol Card........................................................................232
Included With NTP ...............................................................................................................232
NTP Configuration.........................................................................................................................233
NTP Server Main Menu.............................................................................................................233
Generic Options.........................................................................................................................233
Servers Configuration................................................................................................................234
Peers Configuration....................................................................................................................234
Viewing NTP Status...................................................................................................................234
Viewing The NTP Log ..............................................................................................................235
Viewing GPS Status...................................................................................................................236
Viewing The GPS Log ..............................................................................................................236
Chapter 26 - Configuring SSH ..........................................................................................................237
Introduction....................................................................................................................................237
SSH Fundamentals ....................................................................................................................237
Included With SSH................................................................................................................237
SSH Configuration.........................................................................................................................237
SSH Main Menu.........................................................................................................................237
Authentication ...........................................................................................................................238
Networking ................................................................................................................................238
Access Control .......................................................................................................................239
Chapter 27 - Configuring IRIGB And IEEE1588..............................................................................241
Introduction....................................................................................................................................241
IEEE1588 Fundamentals............................................................................................................241
PTP Network Roles................................................................................................................241
PTP Master Election..............................................................................................................242
Synchronizing NTP from IEEE1588......................................................................................242
IRIGB Fundamentals..................................................................................................................242
IRIGB Output Formats...........................................................................................................243
Reference Clocks...................................................................................................................243
How The Router Selects A Reference Clock.........................................................................243
GPS Cable compensation...........................................................................................................243
IRIGB/IEEE1588 Configuration....................................................................................................244
IRIGB/IEEE1588 Main Menu....................................................................................................244
General Configuration ...............................................................................................................244
IRIGB Configuration .................................................................................................................245
IEEE1588 Configuration............................................................................................................245
IRIGB Status..............................................................................................................................246
IEEE1588 Status........................................................................................................................246
IRIGB Log..................................................................................................................................246
Chapter 28 - Configuring the Intrusion Detection System.................................................................247
Introduction....................................................................................................................................247
Snort Fundamentals....................................................................................................................247
Which Interfaces To Monitor.................................................................................................247
Snort Rules.............................................................................................................................247
Alerting Methods...................................................................................................................247
Performance And Resources..................................................................................................248
IDS Configuration..........................................................................................................................249
RuggedCom 15
RuggedRouter® User Guide
Snort IDS Main Menu................................................................................................................249
Global Configuration.............................................................................................................249
Interfaces................................................................................................................................249
Rulesets..................................................................................................................................250
Rule Lookup by SID ............................................................................................................250
Network Settings .......................................................................................................................251
PreProcessors.............................................................................................................................251
Alerts & Logging.......................................................................................................................252
Edit Config File..........................................................................................................................252
Chapter 29 - Maintaining The Router................................................................................................253
Introduction....................................................................................................................................253
Alert System...................................................................................................................................253
Alert Main Menu........................................................................................................................253
Alert Configuration....................................................................................................................254
Alert Filter Configuration .....................................................................................................255
Alert Definition Configuration...............................................................................................255
Change Alert Definition.........................................................................................................256
Industrial Defender.........................................................................................................................258
What information is sent to an SEM unit...............................................................................258
Industrial Defender Configuration.............................................................................................258
Configuring Industrial Defender Addresses...........................................................................259
Retrieving an Industrial Defender Key..................................................................................259
Configuring remote syslogging..............................................................................................260
Gauntlet Security............................................................................................................................261
What And How Gauntlet Protects..............................................................................................261
Gauntlet And The Firewall.........................................................................................................261
Gauntlet Status Menu.................................................................................................................262
Upgrading Gauntlet....................................................................................................................262
Backup And Restore .....................................................................................................................263
General Configuration................................................................................................................264
Configuration Rollback..............................................................................................................265
Archive History..........................................................................................................................266
Archive Backup..........................................................................................................................266
Archive Restore..........................................................................................................................267
Archive Difference Tool............................................................................................................269
SNMP Configuration.....................................................................................................................271
SNMP Configuration Main Menu..............................................................................................271
System Configuration.................................................................................................................272
Network Addressing Configuration...........................................................................................272
Access Control...........................................................................................................................273
Trap Configuration.....................................................................................................................274
MIB Support...............................................................................................................................276
RADIUS Authentication................................................................................................................277
RADIUS Authentication Configuration.....................................................................................278
Edit RADIUS Server Parameters...............................................................................................278
Outgoing Mail................................................................................................................................280
Chassis Parameters.........................................................................................................................281
Power over Ethernet.......................................................................................................................282
Power over Ethernet Menu.........................................................................................................283
System Logs...................................................................................................................................284
16 RuggedCom
Table Of Contents
Syslog Factory Defaults.............................................................................................................284
Remote Logging.........................................................................................................................285
Upgrade System.............................................................................................................................286
RuggedRouter Software Fundamentals......................................................................................286
When A Software Upgrade Requires A Reboot........................................................................287
Automatic Upgrade....................................................................................................................287
Upgrade to RX1100...................................................................................................................288
Change Repository Server..........................................................................................................288
Automatic Upgrading.................................................................................................................289
Upgrading All Packages.............................................................................................................289
Installing A New Package..........................................................................................................289
Pre-upgrade/Post-upgrade scripts...............................................................................................290
Uploading And Downloading Files...............................................................................................291
Chapter 30 - Security Considerations................................................................................................293
Introduction....................................................................................................................................293
Security Actions ........................................................................................................................293
Appendix A - Setting Up A Repository ............................................................................................294
Repository Server Requirements ..............................................................................................294
Initial Repository Setup..............................................................................................................294
Upgrading The Repository.........................................................................................................295
Setting Up The Routers..............................................................................................................295
An Alternate Approach..........................................................................................................295
Upgrading Considerations .....................................................................................................296
Appendix B - Re-Flashing Router Software .....................................................................................297
Appendix C - Installing Apache Web Server On Windows..............................................................298
Appendix D - Installing IIS Web Server On Windows......................................................................300
Appendix E - RADIUS Server Configuration...................................................................................301
FreeRadius.............................................................................................................................301
Windows Internet Authentication Service.............................................................................301
Appendix F - VPN/L2TP Configuration in Windows.......................................................................304
Index...................................................................................................................................................305
RuggedCom 17
RuggedRouter® User Guide
This page intentionally blank
18 RuggedCom

Table Of Figures

Table Of Figures
Figure 1: RuggedRouter Setup Main Menu.....................................................................................26
Figure 2: RuggedRouter Setup Password Change Menu.................................................................27
Figure 3: RuggedRouter Interfaces Setup Menu..............................................................................27
Figure 4: RuggedRouter DNS Client Menu.....................................................................................27
Figure 5: RADIUS Server Configuration menu...............................................................................28
Figure 6: Gauntlet Setup Menu........................................................................................................28
Figure 7: RuggedRouter Date/Time/Timezone Menu.....................................................................29
Figure 8: RuggedRouter Hardware Information Menu....................................................................29
Figure 9: Selecting a configuration to reload...................................................................................30
Figure 10: Selecting a previously made configuration.....................................................................30
Figure 11: Signing On To The Router With A Web Browser.........................................................31
Figure 12: RuggedRouter Web Interface Main Menu Window.......................................................32
Figure 13: LED Status Panel............................................................................................................34
Figure 14: Meaning of LEDs...........................................................................................................34
Figure 15: Webmin Configuration Menu.........................................................................................35
Figure 16: Webmin Configuration Menu, IP Access Control..........................................................35
Figure 17: Webmin Configuration Menu, Ports and Addresses......................................................36
Figure 18: Webmin Configuration Menu, Change Help Server......................................................36
Figure 19: Webmin Configuration Menu, Logging.........................................................................37
Figure 20: Webmin Configuration Menu, Authentication...............................................................38
Figure 21: Webmin Events Log.......................................................................................................38
Figure 22: Webmin users menu.......................................................................................................40
Figure 23: Edit Webmin User Menu................................................................................................41
Figure 24: Current login sessions menu...........................................................................................41
Figure 25: Password Restrictions Menu..........................................................................................42
Figure 26: Bootup and Shutdown, Part 1.........................................................................................43
Figure 27: Bootup and Shutdown, Part 2.........................................................................................44
Figure 28: System Menu Change Password Command...................................................................44
Figure 29: Scheduled Commands....................................................................................................44
Figure 30: Scheduled Commands Displaying a Command.............................................................45
Figure 31: Webmin Scheduled Cron Jobs........................................................................................46
Figure 32: Creating a Cron Job........................................................................................................46
Figure 33: Scheduled Cron Jobs menu displaying cron jobs...........................................................47
Figure 34: System Hostname...........................................................................................................47
Figure 35: System Time...................................................................................................................47
Figure 36: Network Configuration Menu........................................................................................49
Figure 37: Core Networking Settings..............................................................................................50
Figure 38: Dummy Interface............................................................................................................51
Figure 39: Routing And Gateways...................................................................................................51
Figure 40: Static Multicast Routing.................................................................................................53
Figure 41: DNS Client.....................................................................................................................54
Figure 42: Host Addresses...............................................................................................................54
Figure 43: End To End Backup Example........................................................................................55
Figure 44: End To End Backup........................................................................................................56
Figure 45: Ethernet Menu................................................................................................................59
Figure 46: Current and Boot Time Ethernet Configuration.............................................................59
Figure 47: Editing a Network Interface............................................................................................60
Figure 48: Creating a Virtual Interface............................................................................................61
Figure 49: Creating a Virtual Lan Interface.....................................................................................61
RuggedCom 19
RuggedRouter® User Guide
Figure 50: Editing a Boot Time Interface........................................................................................61
Figure 51: List PPPoE Interfaces.....................................................................................................62
Figure 52: Editing a PPPoE Interface..............................................................................................63
Figure 53: Display PPP Logs...........................................................................................................63
Figure 54: T1/E1 Trunks And Interfaces.........................................................................................67
Figure 55: T1/E1 Network Interfaces Initial Configuration.............................................................67
Figure 56: T1/E1 Network Interfaces After Channel Creation........................................................67
Figure 57: T1/E1 Network Interfaces After Interface Creation.......................................................68
Figure 58: Edit T1 Interface.............................................................................................................69
Figure 59: Edit Logical Interface (Frame Relay).............................................................................70
Figure 60: Edit Logical Interface (PPP)...........................................................................................71
Figure 61: T1/E1 Link Statistics......................................................................................................72
Figure 62: Frame Relay Statistics....................................................................................................73
Figure 63: PPP Link Statistics.........................................................................................................74
Figure 64: T1/E1 Loopback Menu...................................................................................................75
Figure 65: T1/E1 Loopback.............................................................................................................75
Figure 66: T3 Trunks And Interfaces...............................................................................................78
Figure 67: T3 Network Interfaces Initial Configuration..................................................................78
Figure 68: T3 Network Interfaces Initial Configuration..................................................................78
Figure 69: Edit T3 Interface.............................................................................................................79
Figure 70: Edit T1 Interface.............................................................................................................79
Figure 71: Edit Logical Interface (Frame Relay).............................................................................80
Figure 72: Edit Logical Interface (PPP)...........................................................................................80
Figure 73: DDS Trunks And Interfaces...........................................................................................84
Figure 74: DDS WAN Interfaces.....................................................................................................84
Figure 75: DDS WAN Interfaces after logical interface assignment...............................................84
Figure 76: Edit Logical Interface (Frame Relay), single DLCI........................................................85
Figure 77: Edit Logical Interface (Frame Relay), multiple DLCIs..................................................85
Figure 78: Edit Logical Interface (PPP)...........................................................................................86
Figure 79: DDS Link Statistics........................................................................................................86
Figure 80: ADSL Interfaces.............................................................................................................91
Figure 81: ADSL WAN Interfaces...................................................................................................91
Figure 82: Edit Logical Interface (PPPoE).......................................................................................92
Figure 83: Edit Logical Interface (Bridged).....................................................................................93
Figure 84: ADSL Link Statistics......................................................................................................94
Figure 85: Modem Configuration Main Menu.................................................................................96
Figure 86: Edit Internal Modem Configuration...............................................................................96
Figure 87: Edit External Modem Configuration..............................................................................96
Figure 88: Modem PPP Client Connections....................................................................................98
Figure 89: Configure Modem PPP Client........................................................................................99
Figure 90: Configure Modem PPP Server.....................................................................................100
Figure 91: Incoming Call Logs......................................................................................................101
Figure 92: PPP Logs.......................................................................................................................101
Figure 93: PPP Connection Logs...................................................................................................102
Figure 94: Cellular Modem Interface.............................................................................................104
Figure 95: Cellular Modem configuration.....................................................................................104
Figure 96: Modem PPP Client Connections..................................................................................106
Figure 97: Configure Modem PPP Client......................................................................................106
Figure 98: Starting Shorewall Firewall Menu................................................................................119
Figure 99: Shorewall Firewall Menu.............................................................................................120
Figure 100: Firewall Network Zones.............................................................................................121
20 RuggedCom
Table Of Figures
Figure 101: Firewall Network Interfaces.......................................................................................121
Figure 102: Editing a Firewall Network Interfaces........................................................................122
Figure 103: Firewall Zone Hosts....................................................................................................123
Figure 104: Firewall Default Policies............................................................................................124
Figure 105: Editing A Firewall Default Policy..............................................................................124
Figure 106: Firewall Masquerading And SNAT............................................................................125
Figure 107: Editing A Masquerading Rule....................................................................................125
Figure 108: Firewall Rules.............................................................................................................126
Figure 109: Editing A Firewall Rule..............................................................................................126
Figure 110: Static NAT..................................................................................................................127
Figure 111: Creating a Static NAT Entry.......................................................................................127
Figure 112: Actions When Stopped...............................................................................................128
Figure 113: TC Interfaces..............................................................................................................131
Figure 114: Edit TC Interface........................................................................................................131
Figure 115: TC Classes..................................................................................................................132
Figure 116: Edit TC Classes..........................................................................................................132
Figure 117: TC Rules.....................................................................................................................134
Figure 118: Edit TC Rule...............................................................................................................135
Figure 119: IPsec VPN Configuration Menu Before Key Generation...........................................141
Figure 120: IPsec VPN Configuration Menu Before After Generation.........................................141
Figure 121: IPsec VPN Configuration After Connections Have Been Created.............................142
Figure 122: Server Configuration..................................................................................................142
Figure 123: Show Public Key........................................................................................................143
Figure 124: Preshared Keys...........................................................................................................143
Figure 125: List Certificates...........................................................................................................144
Figure 126: Editing A VPN Connection, Part 1.............................................................................145
Figure 127: Editing A VPN Connection, Part 2.............................................................................146
Figure 128: IPsec Status.................................................................................................................147
Figure 129: End To End Backup Example....................................................................................148
Figure 130: OSPF And VRRP Example........................................................................................155
Figure 131: Dynamic Routing Menu.............................................................................................157
Figure 132: Enable Protocols Menu...............................................................................................157
Figure 133: Core Menu..................................................................................................................158
Figure 134: Core Global Parameters..............................................................................................158
Figure 135: Core Interface Parameters...........................................................................................159
Figure 136: OSPF Menu................................................................................................................159
Figure 137: OSPF Global Parameters............................................................................................160
Figure 138: OSPF Interfaces..........................................................................................................162
Figure 139: Network Areas............................................................................................................163
Figure 140: RIP Menu....................................................................................................................164
Figure 141: RIP Global Parameters...............................................................................................164
Figure 142: RIP Interfaces.............................................................................................................166
Figure 143: RIP Networks.............................................................................................................167
Figure 144: Link Backup Main Menu............................................................................................169
Figure 145: Link Backup Main Menu............................................................................................170
Figure 146: Link Backup Configurations.......................................................................................170
Figure 147: Edit Link Backup Configuration................................................................................171
Figure 148: Link Backup Log........................................................................................................172
Figure 149: Link Backup Status.....................................................................................................172
Figure 150: Test Link Backup........................................................................................................172
Figure 151: VRRP Example..........................................................................................................176
RuggedCom 21
RuggedRouter® User Guide
Figure 152: VRRP Group Example...............................................................................................177
Figure 153: VRRP Main Menu......................................................................................................178
Figure 154: VRRP Configuration Menu........................................................................................178
Figure 155: VRRP Instance...........................................................................................................179
Figure 156: VRRP Group..............................................................................................................180
Figure 157: VRRP Instances Status...............................................................................................180
Figure 158: Traffic Prioritization Main Menu...............................................................................184
Figure 159: Interface Prioritization Menu.....................................................................................184
Figure 160: Prioritization Queue Configuration...........................................................................185
Figure 161: Prioritization Filter Configuration.............................................................................185
Figure 162: Prioritization Statistics...............................................................................................186
Figure 163: VRRP Example..........................................................................................................187
Figure 164: GRE Main Menu........................................................................................................188
Figure 165: GRE Tunnel Configuration Menu.............................................................................188
Figure 166: Network Utilities Main Menu....................................................................................191
Figure 167: Ping Menu..................................................................................................................192
Figure 168: Traceroute Menu........................................................................................................192
Figure 169: Host Menu.................................................................................................................193
Figure 170: Tcpdump Menu..........................................................................................................193
Figure 171: Frame Relay Trace Menu..........................................................................................194
Figure 172: Serial Server Port Trace Menu..................................................................................194
Figure 173: Interface Statistics Menu..........................................................................................195
Figure 174: Current Routing & Interface Table.............................................................................195
Figure 175: Sources of Delay and Error in an End to End Exchange ...........................................202
Figure 176: Serial Protocols Server Main Menu............................................................................205
Figure 177: Assign Protocols Menu...............................................................................................206
Figure 178: Port Settings Menu.....................................................................................................206
Figure 179: Raw Socket Menu.......................................................................................................206
Figure 180: TcpModbus Menu.......................................................................................................207
Figure 181: DNP Settings..............................................................................................................208
Figure 182: DNP Device Table Settings........................................................................................209
Figure 183: Serial Protocols Statistics Menu.................................................................................210
Figure 184: Serial Protocols Trace Menu......................................................................................211
Figure 185: Layer 2 Tunnels Main Menu.....................................................................................214
Figure 186: General Configuration Menu......................................................................................215
Figure 187: GOOSE Menu.............................................................................................................215
Figure 188: GOOSE Menu.............................................................................................................215
Figure 189: GOOSE Statistics Menu.............................................................................................216
Figure 190: Activity Trace Menu...................................................................................................217
Figure 191: DHCP Server Menu....................................................................................................225
Figure 192: DHCP Shared Network Configuration......................................................................226
Figure 193: DHCP Subnet Configuration......................................................................................227
Figure 194: DHCP Group Configuration......................................................................................228
Figure 195: DHCP Host Configuration.........................................................................................228
Figure 196: DHCP Pool Configuration.........................................................................................229
Figure 197: NTP Server.................................................................................................................233
Figure 198: NTP Generic Options.................................................................................................233
Figure 199: NTP Server List..........................................................................................................234
Figure 200: NTP Status..................................................................................................................234
Figure 201: NTP Log.....................................................................................................................235
Figure 202: GPS Status..................................................................................................................236
22 RuggedCom
Table Of Figures
Figure 203: GPS Log.....................................................................................................................236
Figure 204: SSH Server.................................................................................................................237
Figure 205: SSH Server Authentication Menu..............................................................................238
Figure 206: SSH Server Networking.............................................................................................238
Figure 207: SSH Server Access Control........................................................................................239
Figure 208: IRIGB/1588 Main Menu.............................................................................................244
Figure 209: IRIGB/IEEE1588 General Configuration menu........................................................244
Figure 210: IRIGB Configuration menu.......................................................................................245
Figure 211: IEEE1588 Configuration Menu.................................................................................245
Figure 212: IRIGB GPS Status.....................................................................................................246
Figure 213: IEEE1588 Status........................................................................................................246
Figure 214: IRIGB GPS Status.....................................................................................................246
Figure 215: Snort Main Menu part 1..............................................................................................249
Figure 216: Snort Main Menu part 2.............................................................................................249
Figure 217: Snort Main Menu part 3..............................................................................................250
Figure 218: Snort Ruleset Edit......................................................................................................250
Figure 219: Snort Network Settings..............................................................................................251
Figure 220: Snort Preprocessors...................................................................................................251
Figure 221: Snort Alerts................................................................................................................252
Figure 222: Alert Main Menu........................................................................................................253
Figure 223: Alert Configuration Menu..........................................................................................254
Figure 224: Alert Filter Configuration Menu.................................................................................255
Figure 225: Alert Definition Configuration Menu.........................................................................255
Figure 226: Change Alert Definition Menu...................................................................................256
Figure 227: Industrial Defender Agent Configuration...................................................................258
Figure 228: Industrial Defender Configuration – IP addresses saved............................................259
Figure 229: Industrial Defender Configuration - key obtained......................................................259
Figure 230: Gauntlet Security Appliance Menu............................................................................262
Figure 231: System Backup And Restore......................................................................................263
Figure 232: Backup and Restore General Configuration...............................................................264
Figure 233: Configuration Rollback menu....................................................................................265
Figure 234: Ethernet main menu while Configuration Rollback is active.....................................265
Figure 235: Configuration Rollback menu ready to accept changes..............................................265
Figure 236: Archive History..........................................................................................................266
Figure 237: Archive Backup..........................................................................................................267
Figure 238: Archive Backup, Complete.........................................................................................267
Figure 239: Archive Restore Menu................................................................................................268
Figure 240: Start Restore...............................................................................................................268
Figure 241: Archive Differences Menu.........................................................................................269
Figure 242: Archive Differences List.............................................................................................269
Figure 243: Show Difference for selected file between two targets..............................................270
Figure 244: SNMP Main Configuration Menu..............................................................................271
Figure 245: System Configuration Menu.......................................................................................272
Figure 246: Network Addressing Configuration Menu, Client Address.......................................272
Figure 247: Network Addressing Configuration Menu, Addresses to listen on...........................272
Figure 248: Access Control Menu, SNMP V1 and V2c................................................................273
Figure 249: Access Control Menu, SNMP V3...............................................................................273
Figure 250: Trap Configuration Menu, Trap Options....................................................................274
Figure 251: Trap Destinations V1 and V2c...................................................................................274
Figure 252: Trap Destinations V3..................................................................................................275
Figure 253: RADIUS Authentication Main Menu.........................................................................278
RuggedCom 23
RuggedRouter® User Guide
Figure 254: RADIUS Authentication Server Parameters..............................................................278
Figure 255: RADIUS Authentication Main Menu.........................................................................280
Figure 256: Chassis Parameters Menu...........................................................................................281
Figure 257: PoE pinout on 10/100BaseT ports..............................................................................282
Figure 258: Power over Ethernet Menu.........................................................................................283
Figure 259: System Logs................................................................................................................284
Figure 260: Changing a Syslog entry to remote log.......................................................................285
Figure 261: Software Upgrade System..........................................................................................286
Figure 262: Upgrade to RX1100....................................................................................................288
Figure 263: Change Repository Server..........................................................................................288
Figure 264: Automatic Upgrade.....................................................................................................289
Figure 265: Upgrading All Packages.............................................................................................289
Figure 266: Installing A New Package...........................................................................................289
Figure 267: Upload/Download menu.............................................................................................291
Figure 268: Apache Default Web Page..........................................................................................298
Figure 269: Installing IIS...............................................................................................................300
Figure 270: IAS Window - Edit Remote Access Policy................................................................302
Figure 271: IAS Window - Edit Profile.........................................................................................302
Figure 272: IAS Window – Add Attribute.....................................................................................302
Figure 273: IAS Window – Multivalued Attribute Information....................................................303
Figure 274: IAS Window – Vendor-Specific Attribute Information.............................................303
Figure 275: IAS Window – Configure VSA (RFC compliant)......................................................303
24 RuggedCom

Chapter 1 - Setting Up And Administering The Router

Chapter 1 - Setting Up And Administering The Router

Introduction

This chapter familiarizes the user with the RuggedCom Serial Console interface, the RuggedRouter Setup script and signing on to the Web interface. This chapter describes the following procedures:
Running the Setup Script
Signing on the Web Interface
Signing on to the Command Prompt
Restoring the default configuration

Access Methods

You can access the router through the console, Ethernet ports, WAN ports and the modem port.

Accounts And Password Management

The router provides an “rrsetup” account which provides a shell that quickly configures such items as passwords, addresses, date/time and services offered by the router. It is very useful to sign-in to this shell first, harden the router, and configure network addresses in order that the router be reachable from the network through Web Management. The rrsetup password should be changed, recorded securely and
restricted to qualified personnel.
The root account provides a superuser capability for SSH shell access and the Web server. The password should be changed, recorded securely and restricted to qualified personnel.
The root and rrsetup accounts may be also be managed through RADIUS authentication.
The Web management agent can be accessed through the root account. It may also be accessed through a number of RADIUS accounts via RADIUS authentication. This offers the advantage of attributing actions in logs to the specific user, as opposed to the root user.

Default Configuration

Your RuggedRouter is shipped from the factory with the following defaults:
Ethernet ports are enabled and have an address of 192.168.X.1 where X is
the port number,
WAN and modem ports are disabled,
IRIG-B output ports are disabled,
Setup account “rrsetup”, password “admin”,
Superuser account “root”, password “admin”,
SSH and Web Management interfaces are enabled by default. All other services
(including Serial Protocol Server, DHCP server, NTP server, End to End Backup Server, VPN Server, NFS, OSPF/RIP protocol and firewall) are disabled by default.
RuggedCom 25
RuggedRouter® User Guide

Accessing The RuggedRouter Command Prompt

From the Console Port

Attach a terminal (or PC running terminal emulation software) to the RS232 port on the rear of the chassis. The terminal should be configured for 8 bits, no parity operation at 38.4 Kbps. Hardware and software flow control must be disabled. Select a terminal type of VT100.
Once the terminal is connected, pressing <CR> will prompt for the user to login as and that user's password. Sign-in as either the rrsetup or root user. The router is shipped with default passwords of “admin” for either of these accounts.

From SSH

Use an SSH agent running the version 2 protocol. SSH to either the rrsetup or root accounts of the router at one of its IP addresses described above. The router is shipped with default passwords of “admin” for either of these accounts.

The RuggedRouter Setup Shell

Signing-in as the rrsetup user will automatically enter the configuration shell shown below. Quitting the shell (with cancel, or by entering escape) will cause the connection to close.
Figure 1: RuggedRouter Setup Main Menu
The shell provides a number of configuration commands, described below.
26 RuggedCom
Chapter 1 - Setting Up And Administering The Router

Configuring Passwords

The Change Passwords command changes the rrsetup and root account passwords. These passwords should be changed before installing the router on the network.
Figure 2: RuggedRouter Setup Password Change Menu

Configuring IP Address Information

The Change Port IP Address command configures port IP addresses and gateways.
Figure 3: RuggedRouter Interfaces Setup Menu
Each port number X has a default address of 192.168.X.1 and a mask of
255.255.255.0.
The Configure Default Gateway Settings command configures the default gateway.
The Configure DNS Client Settings command configures the DNS server address. If the router is part of a domain, enter the domain name in the “Search Domain” field.
Figure 4: RuggedRouter DNS Client Menu
RuggedCom 27
RuggedRouter® User Guide

Setting The Hostname

The Set Hostname command sets the hostname, shown in shell prompts and Web Management.

Configuring RADIUS Authentication

The Set RADIUS Authentication command configures the address of a RADIUS server, if available.
Figure 5: RADIUS Server Configuration menu
The Hostname/IP and Port Number fields configures the server location.
The Shared Secret field configures the unique password used by this server.
The time Timeout field selects the maximal time to wait before trying the next server.
The entry, created for both LOGIN and PPP Login, can be changed from the web interface.

Enabling And Disabling The SSH and Web Server

By default SSH and Web Management are enabled. The Disable SSH and Disable Web Management commands allows these services to be disabled. The servers will
be immediately stopped. If access to the shell has been made through ssh the session will continue, but no new sessions will be allowed.
Upon disabling the services, the titles in the main menu will change to Enable SSH and Enable Web Management to reflect the disabled state. Enabling a service automatically restarts it.

Enabling And Disabling The Gauntlet Security Appliance

The Gauntlet security Appliance requires a pass phrase unique to your network. This menu will configure it.
Figure 6: Gauntlet Setup Menu
28 RuggedCom
Loading...
+ 282 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use