RuggedCom RX1000, RX1100 User Manual

4 (1)

RuggedRouterä

RX1000/RX1100 User Guide

RuggedCom Inc.

30 Whitmore Road,

Woodbridge, Ontario, Canada

L4L 7Z4

Web: www.ruggedcom.com

Tel:

(905) 856-5288

Fax:

(905) 856-1995

Toll Free: (888) 264-0006

RUGGEDROUTERä USER GUIDE

FOR USE WITH RX1000/RX1100 PRODUCTS

Version 1.12.6 – May 14th , 2008

RuggedCom

30 Whitmore Road

Woodbridge, Ontario

Canada L4L7Z4

Tel:

(905) 856-5288

Fax:

(905)

856-1995

Toll Free: (888)

264-0006

support@ruggedcom.com

Disclaimer

RuggedCom Inc. makes no warranty of any kind with regard to this material.

RuggedCom shall not be liable for errors contained herein or for consequential damages in connection with the furnishing, performance, or use of this material.

Warranty

Five (5) years from date of purchase, return to factory. For warranty details, visit www.ruggedcom.com or contact your customer service representative.

COPYRIGHT © Apr 2008 RuggedCom Inc.

ALL RIGHTS RESERVED

http://www.ruggedcom.com This document contains proprietary information, which is protected by copyright. All rights are reserved.

The RuggedRouter includes components licensed under the GPL and BSD style licenses. The full licences of such are included in an associated document.

No part of this document may be photocopied, reproduced or translated to another language without the prior written consent of RuggedCom Inc.

Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

Gauntlet® is the registered trademark of Teltone Corporation.

About this User Guide

About this User Guide

This guide is concerned with aiding the user in the configuration and operation of the RuggedRouterä using the RuggedCom command line, setup menu and web management interfaces. Specifically, this guide details aspects of:

Accessing the User Interfaces

Security

Configuring the router

Status determination

Performance measurement

Uploading and downloading files

Dealing with alarms

This guide also details operation of the RX1100 Gauntlet security appliance.

This guide is intended solely for the purpose of familiarizing the reader with the ways that the RuggedRouterä can be used to support Routing over Ethernet, T1/E1, T3

ADSL, DDS and Frame Relay as well as act as a Serial server and time synchronization device.

Applicable Firmware Revision

This guide is applicable to RuggedRouterä ROX 1.12.6 software revision.

Who Should Use This User Guide

This guide is to be used by network technical support personnel who are familiar with the operation of networks. Others who might find the book useful are network and system planners, system programmers and line technicians.

How To Use This User Guide

Each chapter has been prepared with a feature description, an application section and a description of the default mode of operation. It is recommended that you use this guide along with the following applicable documents.

RuggedRouterä Installation Guide

Rugged MediaConverterä Installation Guide RuggedCom Fiber Guide

Gauntlet Command and Control Center (CCC) User Manual, Gauntlet Virtual Polling Controller (VPC) User Manual Gauntlet System Installation Manual

Gauntlet System Best Practices

RuggedCom

1

RuggedRouterä User Guide

Document Conventions

This publication uses the following conventions:

Note: Means reader take note. Notes contain helpful suggestions or references to materials not contained in this guide.

Helpful Hint

This type of note often indicates useful shortcuts or methods employed by other RuggedCom customers.

Quick Start Recommendations

The following description is included to aid those users experienced with communications equipment that may wish to attempt to configure the router without fully reading the guide.

1.Locate/mount the chassis in its final resting place and apply power.

2.The router can be configured through its web management interface, or for advanced users, through ssh. The default Ethernet addresses for ports one through four are 192.168.1.1 through 192.168.4.1. Two shell accounts, rrsetup and root, are provided. Both accounts have a default password of “admin”. The web management interface uses the root account password. The rrsetup account provides a shell that configures such items as passwords, addresses, date/time and services offered by the router. The root account provides a full shell.

3.Attach a PC running terminal emulation software to the RS232 port and apply power to the chassis (default baud rate, data bits, parity - “38400 8 n 1”, no hardware/software flow control). Set the terminal type to VT100. Press ENTER to obtain a login prompt.

Initial Configuration Before Attaching To The Network

4.Login as the rrsetup user with password “admin”.

5.Change the root and rrsetup passwords from the shell. Record the passwords in a secure manner. If Radius authentication will be employed, configure at least one authentication server address.

6.Configure the router’s hostname, IP address, subnet mask, and gateway addresses for the built-in Ethernet ports.

7.For an RX1100 router, the Gauntlet Security application may be configured with the passphrase allocated to the network the network address of the Command and Control Center (CCC). Note that you must also configure and activate the firewall before using the Gauntlet.

8.Ensure that the date, time and timezone fields are correctly set.

9.If Web or SSH services will not be used, these can be disabled from the setup shell.

2

RuggedCom

About this User Guide

10.All further configuration is accomplished through the web management interface. Attach the configuring host to one of the Ethernet ports configured above. Point your web browser at the address for that port, use https and specify a port number of 10000, e.g. https://192.168.1.1:10000 (or otherwise if configured in step 4). Login with the root user and password (configured above). If radius authentication is configured and a server is available, you may also login via a radius user.

Basic Web Based Configuration

11.Change the router password from the System menu, Change Password submenu.

12.If you are using the web management interface you may wish to restrict the allowed users to a specific subnet. This can be done in the Webmin menu,

Webmin Configuration, IP Access Control sub-menu.

13.If you are planning to SSH in to the router you may wish to restrict the allowed users to a specific subnet. This can be done in the Servers menu, SSH Server,

Networking sub-menu.

14.The router's local hostname may configured in the System Menu, System Hostname sub-menu.

15.The router may be configured to log to a remote server by the Maintenance menu, System Logs sub-menu. See the chapter “Maintaining The Router” for more details.

16.The router's DNS settings may configured in the DNS Clients sub-menu. You may also specify the IP addresses of frequently used hosts. See the chapter “Configuring Networking” for more details.

Physical Interface Related

17.Ethernet port parameters may be changed in the Networking menu, Ethernet sub-menu. The Ethernet Interfaces sub-menu will configure the IP address, subnet mask, gateway address, proxy arping and media type of each interface. See the chapter “Configuring Ethernet Interfaces” for more details.

18.If your router is equipped with T1/E1 WAN interfaces, the Networking menu, T1/E1 sub-menu will allow you to configure them with Frame Relay or PPP connections. See the chapter “Configuring Frame Relay/PPP And T1/E1” for more details.

19.If your router is equipped with T3 WAN interfaces, the Networking menu, T3 sub-menu will allow you to configure them with Frame Relay or PPP connections. See the chapter “Configuring Frame Relay/PPP And T3” for more details.

20.If your router is equipped with DDS interfaces, the Networking menu, DDS submenu will allow you to configure them with Frame Relay or PPP connections. See the chapter “Configuring Frame Relay/PPP And DDS” for more details.

21.If your router is equipped with ADSL interfaces, the Networking menu, ADSL sub-menu will allow you to configure them. See the chapter “Configuring PPPoE On ADSL” for more details. If you wish to use PPPOE with an external ADSL modem, the Networking menu, Ethernet sub-menu will configure it.

RuggedCom

3

RuggedRouterä User Guide

22.If your router is equipped with an embedded modem, the Networking menu, Modem sub-menu will allow you to configure it with PPP or incoming console connections. See the chapter “Configuring PPP And Modem” for more details.

23.If your router is equipped with Serial Interfaces, the Servers menu, Serial Protocols sub-menu will allow you to configure them with an operating protocol. See the chapter “Configuring Serial Protocols” for more details.

24.If your router is equipped with a Precision Time Protocol Card, the Servers menu, IRIGB sub-menu will allow you to enable and configure its output ports. See the chapter “Configuring IRIGB” for more details.

Additional Configuration

25.You may wish to configure a backup interface to use in the event of a failure of your default gateway interface. This can be done in the Networking menu,

Network Configuration, End To End Backup sub-menu.

26.If you are planning to connect your router to the Internet, configure the firewall and then activate it. This can be done in the Networking menu, Shorewall Firewall sub-menu.

27.The router provides a default event logging configuration. You can modify this configuration through the Maintenance menu, System Logs sub-menu. Remote logging can be activated here.

28.The routers SSH and Web Management interfaces are enabled by default. The routers DHCP server, IPsec VPN server, NTP server, OSPF/RIP protocol, VRRP protocol and firewall are disabled by default. To changes these services visit the

System menu, Bootup and Shutdown sub-menu.

29.You can install static IP and Multicast routings for Ethernet and WAN interfaces via the Networking menu, Network Configuration, Routing and Default Route and Static Multicast Routing sub-menus.

30.You can configure the NTP server through the Servers menu, NTP Server submenu. See the chapter “Configuring NTP” for more details.

31.You can configure SSH through the Servers menu, SSH Server sub-menu. SSH can be set-up to issue a login banner from this menu. See the chapter “Configuring SSH” for more details.

32.Traffic prioritization can be configured on the network interfaces through the Networking menu, Traffic Prioritization sub-menu.. See the chapter “Traffic Prioritization” for more details.

33.SNMP is disabled by default. You can configure SNMP by following the instructions in the Appendix on SNMP. You may allow read and write access, set community names, enable traps and program the router to issue traps with a specific client address.

34.If your router is an RX1100 you may configure and activate the Snort Intrusion Detection system and the Gauntlet Security Appliance. If you decide to forward daily email summaries you must configure a mail forwarder in the Maintenance menu Miscellaneous sub-menu Outgoing Mail sub-menu.

4

RuggedCom

About this User Guide

35.When your routers configuration is stable, it is recommended that the configuration should be uploaded from the router and stored as a backup. The

Maintenance menu Backup And Restore sub-menu will be useful.

36.Should you need to transfer files to or from the router, the Maintenance menu Upload/Download Files sub-menu will be useful.

37.Further concerns such as ensuring robustness, measuring and optimizing performance are dealt with by reading the guide fully.

RuggedCom

5

RuggedRouterä User Guide

Table Of Contents

About this User Guide...........................................................................................................................

1

Applicable Firmware Revision..........................................................................................................

1

Who Should Use This User Guide.....................................................................................................

1

How To Use This User Guide............................................................................................................

1

Document Conventions......................................................................................................................

2

Quick Start Recommendations..........................................................................................................

2

Table Of Contents..................................................................................................................................

6

Table Of Figures..................................................................................................................................

18

Chapter 1 – Setting Up And Administering The Router......................................................................

28

Introduction ...............................................................................................................................

28

Access Methods.......................................................................................................................

28

Accounts And Password Management....................................................................................

28

Default Configuration..............................................................................................................

28

Accessing The RuggedRouterä Command Prompt........................................................................

29

From the Console Port ...............................................................................................................

29

From SSH ....................................................................................................................................

29

The RuggedRouter Setup Shell........................................................................................................

29

Configuring Passwords................................................................................................................

30

Configuring IP Address Information ..........................................................................................

30

Setting The Hostname .................................................................................................................

31

Configuring Radius Authentication.............................................................................................

31

Enabling And Disabling The SSH and Web Server ....................................................................

31

Enabling And Disabling The Gauntlet Security Appliance.........................................................

32

Configuring The Date, Time And Timezone .........................................................................

32

Displaying Hardware Information...............................................................................................

33

Restoring A Configuration ..........................................................................................................

34

The RuggedRouterä Web Interface................................................................................................

35

Using a Web Browser to Access the Web Interface....................................................................

35

SSL Certificate Warnings ...........................................................................................................

35

The Structure of the Web Interface..............................................................................................

35

Using The LED Status Panel ........................................................................................................

37

Obtaining Chassis Information .......................................................................................................

38

Chapter 2 – Webmin Configuration.....................................................................................................

39

Introduction......................................................................................................................................

39

Webmin Configuration Menu .........................................................................................................

39

IP Access Control ........................................................................................................................

39

Ports And Addresses ...................................................................................................................

40

Change Help Server.....................................................................................................................

41

Logging .......................................................................................................................................

41

Authentication .............................................................................................................................

42

Webmin Events Log ...................................................................................................................

43

Chapter 3 – Configuring The System..................................................................................................

45

Introduction......................................................................................................................................

45

 

 

 

6

RuggedCom

 

Table Of Contents

Bootup And Shutdown ....................................................................................................................

45

Change Password Command ........................................................................................................

46

Scheduled Commands .....................................................................................................................

46

Scheduled Cron Jobs .......................................................................................................................

48

System Hostname............................................................................................................................

49

System Time ..................................................................................................................................

49

Chapter 4 – Configuring Networking..................................................................................................

51

Introduction......................................................................................................................................

51

Network Configuration....................................................................................................................

51

Core Settings................................................................................................................................

52

Dummy Interface.........................................................................................................................

52

Routing And Gateways................................................................................................................

53

Default Route Table.................................................................................................................

53

Configured Static Routes.........................................................................................................

53

Manually Entered Static Routes .............................................................................................

54

Static Multicast Routing..............................................................................................................

55

DNS Client...................................................................................................................................

56

Host Addresses.............................................................................................................................

56

End To End Backup.....................................................................................................................

56

Configuring End To End Backup.............................................................................................

58

Current Routing & Interface Table .............................................................................................

58

Chapter 5 – Configuring Ethernet Interfaces.......................................................................................

59

Introduction......................................................................................................................................

59

Ethernet Interface Fundamentals.................................................................................................

59

LED Designations ...................................................................................................................

59

VLAN Interface Fundamentals....................................................................................................

59

VLAN Tag...............................................................................................................................

59

RuggedRouter Functions Supporting VLANs.........................................................................

60

PPPoE On Native Ethernet Interfaces Fundamentals .................................................................

60

Ethernet............................................................................................................................................

61

Ethernet Interfaces.......................................................................................................................

61

Editing Currently Active Interfaces ............................................................................................

62

Virtual Interfaces ....................................................................................................................

63

Virtual Lan Interfaces..............................................................................................................

63

Edit Boot Time Interfaces ...........................................................................................................

63

PPPoE On Native Ethernet Interfaces.........................................................................................

64

Edit PPPoE Interface....................................................................................................................

65

PPP Logs......................................................................................................................................

66

Current Routes & Interface Table................................................................................................

66

Chapter 6 – Configuring Frame Relay/PPP And T1/E1......................................................................

67

Introduction......................................................................................................................................

67

T1/E1 Fundamentals....................................................................................................................

67

Frame Relay.............................................................................................................................

67

Location Of Interfaces And Labeling......................................................................................

68

LED Designations ...................................................................................................................

68

Included With T1E1.................................................................................................................

68

T1/E1 ...............................................................................................................................................

68

T1/E1 Network Interfaces............................................................................................................

69

RuggedCom

7

RuggedRouterä User Guide

Strategy For Creating Interfaces..............................................................................................

69

Naming Of Logical Interfaces..................................................................................................

70

Editing A T1/E1 Interface ...........................................................................................................

71

T1 Settings ..............................................................................................................................

71

E1 Settings ..............................................................................................................................

71

Editing A Logical Interface (Frame Relay) ................................................................................

72

Frame Relay Link Parameters.................................................................................................

72

Frame Relay DLCIs.................................................................................................................

73

Editing A Logical Interface (PPP) ..............................................................................................

73

T1/E1 Statistics............................................................................................................................

74

Link Statistics...........................................................................................................................

74

Frame Relay Interface Statistics..............................................................................................

75

PPP Interface Statistics............................................................................................................

76

T1/E1 Loopback...........................................................................................................................

77

Current Routes & Interface Table................................................................................................

78

Upgrading Software ....................................................................................................................

78

Upgrading Firmware ...................................................................................................................

78

Chapter 7 – Configuring Frame Relay/PPP And T3............................................................................

79

Introduction......................................................................................................................................

79

T3 Fundamentals..........................................................................................................................

79

Location Of Interfaces And Labeling......................................................................................

79

LED Designations ...................................................................................................................

79

T3 Configuration..............................................................................................................................

80

T3 Network Interfaces.................................................................................................................

80

Naming Of Logical Interfaces..................................................................................................

80

Editing A T3 Interface ................................................................................................................

81

Editing A Logical Interface (Frame Relay).................................................................................

81

Editing A Logical Interface (PPP) ..............................................................................................

82

T3 Statistics..................................................................................................................................

82

Current Routes & Interface Table................................................................................................

82

Upgrading Software ....................................................................................................................

83

Chapter 8 – Configuring Frame Relay/PPP And DDS........................................................................

85

Introduction......................................................................................................................................

85

DDS Fundamentals......................................................................................................................

85

Location Of Interfaces And Labeling......................................................................................

85

LED Designations ...................................................................................................................

85

DDS Configuration .........................................................................................................................

86

DDS Network Interfaces..............................................................................................................

86

Naming Of Logical Interfaces..................................................................................................

87

Editing A Logical Interface (Frame Relay) ................................................................................

87

Editing A Logical Interface (PPP) ..............................................................................................

88

DDS Statistics..............................................................................................................................

88

Link Statistics...........................................................................................................................

88

Frame Relay And PPP Interface Statistics...............................................................................

89

DDS Loopback.............................................................................................................................

89

Current Routes & Interface Table................................................................................................

89

Upgrading Software ....................................................................................................................

89

Chapter 9 – Configuring PPPoE/Bridged Mode On ADSL.................................................................

91

 

 

 

8

RuggedCom

 

Table Of Contents

Introduction......................................................................................................................................

91

ADSL Fundamentals....................................................................................................................

91

PPPoE/Bridged Mode Fundamentals...........................................................................................

91

Authentication, Addresses and DNS Servers .........................................................................

92

PPPoE MTU Issues ...............................................................................................................

92

Bridged Mode...........................................................................................................................

92

Location Of Interfaces And Labeling......................................................................................

92

LED Designations ...................................................................................................................

92

ADSL Configuration .......................................................................................................................

93

ADSL Network Interfaces...........................................................................................................

93

Editing A Logical Interface (PPPoE) ..........................................................................................

94

Editing A Logical Interface (Bridged) ........................................................................................

95

ADSL Statistics............................................................................................................................

96

Current Routes & Interface Table................................................................................................

96

Upgrading Software ....................................................................................................................

96

Chapter 10 – Configuring PPP and Modem........................................................................................

97

Introduction......................................................................................................................................

97

Modem Fundamentals..................................................................................................................

97

PPP Mode Fundamentals.............................................................................................................

97

Authentication, Addresses and DNS Servers .........................................................................

97

When the Modem Connects.....................................................................................................

97

LED Designations....................................................................................................................

97

Modem Main Menu ........................................................................................................................

98

Modem Configuration .................................................................................................................

98

Modem PPP Client Connections...............................................................................................

100

Modem PPP Client ....................................................................................................................

100

Modem PPP Server....................................................................................................................

101

Modem Incoming Call Logs .....................................................................................................

102

Modem PPP Logs .....................................................................................................................

102

Modem PPP Connection Logs ..................................................................................................

103

Current Routes & Interface Table..............................................................................................

103

Chapter 11 – Configuring The Firewall.............................................................................................

105

Introduction....................................................................................................................................

105

Firewall Fundamentals ..............................................................................................................

105

Stateless vs Stateful Firewalls...............................................................................................

105

Linux® netfilter, iptables And The Shoreline Firewall ........................................................

105

Network Address Translation................................................................................................

106

Port Forwarding.....................................................................................................................

107

Shorewall Quick Setup..............................................................................................................

107

ShoreWall Terminology And Concepts.....................................................................................

108

Zones......................................................................................................................................

108

Interfaces................................................................................................................................

108

Hosts.......................................................................................................................................

109

Policy.....................................................................................................................................

109

Masquerading And SNAT......................................................................................................

110

Rules......................................................................................................................................

111

Configuring The Firewall And VPN..........................................................................................

113

Route Based Virtual Private Networking..............................................................................

113

Policy Based Virtual Private Networking..............................................................................

113

RuggedCom

9

RuggedRouterä User Guide

Virtual Private Networking To A DMZ.................................................................................

114

Firewall Main Menu......................................................................................................................

114

Network Zones...........................................................................................................................

116

Network Interfaces.....................................................................................................................

117

Network Zone Hosts..................................................................................................................

119

Default Policies..........................................................................................................................

119

Masquerading.............................................................................................................................

120

Firewall Rules............................................................................................................................

121

Static NAT.................................................................................................................................

122

Actions When Stopped..............................................................................................................

123

Chapter 12 – Configuring An IPsec VPN .........................................................................................

125

Introduction....................................................................................................................................

125

VPN Fundamentals ...................................................................................................................

125

IPsec Modes...........................................................................................................................

125

Policy Vs Route Based VPNs................................................................................................

126

Supported Encryption Protocols ...........................................................................................

126

Public Key And Pre-shared Keys..........................................................................................

127

X509 Certificates...................................................................................................................

127

NAT Traversal.......................................................................................................................

127

Other Configuration Supporting IPSec..................................................................................

128

The Openswan Configuration Process...................................................................................

128

IPsec and Router Interfaces....................................................................................................

128

VPN Main Menu Before Key Generation.....................................................................................

128

VPN Main Menu ..........................................................................................................................

129

Server Configuration .................................................................................................................

130

Public Key .................................................................................................................................

131

Preshared Keys ..........................................................................................................................

131

List Certificates..........................................................................................................................

132

VPN Connections ......................................................................................................................

132

IPsec VPN Connection Details..............................................................................................

132

Left/Right System's Settings..................................................................................................

134

Export Configuration.............................................................................................................

134

Showing IPsec Status ................................................................................................................

135

IPSec X.509 Roaming Client Example......................................................................................

136

Select A Certificate Authority...............................................................................................

136

Generate X.509 Certificates .................................................................................................

137

VPN Networking Parameters.................................................................................................

137

Client Configuration..............................................................................................................

137

Router IPSec Configuration...................................................................................................

137

Firewall IPSec Configuration................................................................................................

138

Ethernet Port Configuration...................................................................................................

139

Chapter 13 – Configuring Dynamic Routing ....................................................................................

141

Introduction....................................................................................................................................

141

Quagga, RIP and OSPF..............................................................................................................

141

RIP Fundamentals......................................................................................................................

141

OSPF Fundamentals..................................................................................................................

142

Link State Advertisements.....................................................................................................

142

Key OSPF And RIP Parameters................................................................................................

143

Network Areas.......................................................................................................................

143

 

 

 

10

RuggedCom

 

Table Of Contents

Router-ID...............................................................................................................................

143

Hello Interval and Dead Interval............................................................................................

143

Active/Passive Interface Default...........................................................................................

143

Redistributing Routes.............................................................................................................

144

Link Detect.............................................................................................................................

144

Configuring OSPF Link Costs...............................................................................................

144

OSPF Authentication.............................................................................................................

144

RIP Authentication.................................................................................................................

144

OSPF And Antispoofing........................................................................................................

145

Administrative Distances.......................................................................................................

145

OSPF And VRRP Example Network........................................................................................

146

Area And Subnets..................................................................................................................

146

VRRP Operation....................................................................................................................

146

Dynamic Routing...........................................................................................................................

147

Enable Protocols........................................................................................................................

148

Core................................................................................................................................................

148

Core Global Parameters.............................................................................................................

148

Core Interface Parameters..........................................................................................................

149

View Core Configuration...........................................................................................................

149

OSPF..............................................................................................................................................

150

OSPF Global Parameters...........................................................................................................

150

OSPF Interfaces.........................................................................................................................

152

OSPF Network Areas.................................................................................................................

153

OSPF Status...............................................................................................................................

153

View OSPF Configuration.........................................................................................................

153

RIP.................................................................................................................................................

154

RIP Global Parameters...............................................................................................................

154

RIP Key Chains......................................................................................................................

155

RIP Interfaces.............................................................................................................................

156

RIP Networks.............................................................................................................................

157

RIP Status...................................................................................................................................

157

View RIP Configuration............................................................................................................

157

Chapter 14 – Configuring Link Backup............................................................................................

159

Introduction....................................................................................................................................

159

Link Backup Fundamentals.......................................................................................................

159

Path Failure Discovery...........................................................................................................

159

Use Of Routing Protocols And The Default Route...............................................................

160

Link Backup Main Menu...............................................................................................................

160

Link Backup Configuration.......................................................................................................

160

Edit Link Backup Configuration................................................................................................

161

Link Backup Logs......................................................................................................................

162

Link Backup Status....................................................................................................................

162

Test Link Backup.......................................................................................................................

162

Chapter 15 – Configuring VRRP.......................................................................................................

165

Introduction....................................................................................................................................

165

VRRP Fundamentals .................................................................................................................

165

The Problem With Static Routing..........................................................................................

165

The VRRP Solution...............................................................................................................

165

VRRP Terminology...............................................................................................................

166

RuggedCom

11

RuggedRouterä User Guide

 

VRRP Main Menu.........................................................................................................................

168

VRRP Configuration..................................................................................................................

168

Editing A VRRP Instance..........................................................................................................

169

Viewing VRRP Instances Status ...............................................................................................

170

Chapter 16 – Configuring Traffic Prioritization ...............................................................................

171

Introduction....................................................................................................................................

171

Traffic Prioritization Fundamentals ..........................................................................................

171

Priority Queues......................................................................................................................

171

Filters.....................................................................................................................................

171

TOS Prioritization..................................................................................................................

172

Included With Traffic Prioritization .....................................................................................

172

Prioritization Example...............................................................................................................

173

Traffic Prioritization Main Menu...................................................................................................

174

Interface Prioritization Menu.....................................................................................................

174

Prioritization Queues.............................................................................................................

175

Prioritization Filters...............................................................................................................

175

Prioritization Transmit Queue Length...................................................................................

176

Prioritization Statistics...............................................................................................................

176

Chapter 17 – Configuring Generic Routing Encapsulation ..............................................................

177

Introduction....................................................................................................................................

177

GRE Fundamentals ...................................................................................................................

177

GRE Main Menu............................................................................................................................

178

GRE Configuration Menu..........................................................................................................

178

Chapter 18 – Network Utilities .........................................................................................................

181

Introduction....................................................................................................................................

181

Network Utilities Main Menu........................................................................................................

181

Ping Menu......................................................................................................................................

182

Traceroute Menu............................................................................................................................

182

Host Menu......................................................................................................................................

183

Trace Menu....................................................................................................................................

183

Tcpdump A Network Interface..............................................................................................

183

Frame Relay Link Layer Trace A WAN Interface................................................................

184

Serial Trace A Serial Server Port...........................................................................................

185

Interface Statistics Menu................................................................................................................

185

Current Routing & Interface Table ...............................................................................................

186

Interface Status.......................................................................................................................

187

Chapter 19 – Configuring Serial Protocols .......................................................................................

189

Introduction....................................................................................................................................

189

Serial IP Port Features...................................................................................................................

189

LED Designations .................................................................................................................

189

Serial Protocols Applications.........................................................................................................

190

Character Encapsulation........................................................................................................

190

RTU Polling...........................................................................................................................

190

Broadcast RTU Polling..........................................................................................................

190

Serial Protocols Concepts And Issues............................................................................................

191

Host And Remote Roles.........................................................................................................

191

Use Of Port Redirectors.........................................................................................................

191

12

RuggedCom

Table Of Contents

Message Packetization...........................................................................................................

191

Use of Turnaround Delays.....................................................................................................

192

Serial Protocols Main Menu..........................................................................................................

192

Assign Protocols Menu..............................................................................................................

193

Port Settings Menu.....................................................................................................................

193

RawSocket Menu.......................................................................................................................

194

Serial Protocols Statistics Menu................................................................................................

195

Protocol Specific Packet Error Statistics...............................................................................

195

Serial Protocols Trace Menu......................................................................................................

196

Serial Protocols Sertrace Utility.................................................................................................

197

Chapter 20 – Configuring GOOSE Tunnels......................................................................................

199

Introduction....................................................................................................................................

199

IEC61850 GOOSE Fundamentals.............................................................................................

199

Layer 2 Tunnel Daemon Details............................................................................................

199

Layer 2 Tunnels Main Menu.........................................................................................................

200

General Configuration Menu.....................................................................................................

201

GOOSE Tunnels Menu..............................................................................................................

201

GOOSE Statistics Menu............................................................................................................

202

Activity Trace Menu..................................................................................................................

203

Chapter 21 - Configuring The DHCP server.....................................................................................

205

Introduction....................................................................................................................................

205

DHCP Fundamentals.................................................................................................................

205

DHCP Network Organizations..............................................................................................

205

DHCP Client Options............................................................................................................

205

Option 82 Support with Disable NAK ..................................................................................

207

Example DHCP Scenarios And Configurations........................................................................

208

Single Network With Dynamic IP Assignment.....................................................................

208

Single Network With Static IP Assignment...........................................................................

208

Single Network With Option82 Clients On One Switch.......................................................

208

Multiple Subnets On Separate VLANs Using Option82 On One Switch.............................

209

DHCP Server Main Menu..............................................................................................................

212

DHCP Shared Network Configuration......................................................................................

213

DHCP Subnet Configuration.....................................................................................................

214

DHCP Group Configuration......................................................................................................

215

DHCP Host Configuration.........................................................................................................

215

DHCP Pool Configuration.........................................................................................................

216

Chapter 22 – Configuring NTP .........................................................................................................

217

Introduction....................................................................................................................................

217

NTP Fundamentals ....................................................................................................................

217

The NTP Sanity Limit ...........................................................................................................

218

NTP And The Precision Time Protocol Card........................................................................

218

Included With NTP ...............................................................................................................

218

NTP Server Main Menu.................................................................................................................

219

Generic Options.........................................................................................................................

219

Servers Configuration................................................................................................................

220

Peers Configuration...................................................................................................................

220

Viewing The NTP Status...........................................................................................................

221

Viewing The NTP Log ..............................................................................................................

221

RuggedCom

13

RuggedRouterä User Guide

 

Viewing The GPS Status...........................................................................................................

222

Viewing The GPS Log ..............................................................................................................

222

Chapter 23 – Configuring SSH .........................................................................................................

223

Introduction....................................................................................................................................

223

SSH Fundamentals ....................................................................................................................

223

Included With SSH................................................................................................................

223

SSH Main Menu............................................................................................................................

224

Authentication ...........................................................................................................................

224

Networking ................................................................................................................................

225

Access Control .......................................................................................................................

225

Chapter 24 – Configuring IRIGB And IEEE1588.............................................................................

227

Introduction....................................................................................................................................

227

IEEE1588 Fundamentals...........................................................................................................

227

PTP Network Roles................................................................................................................

227

PTP Master Election..............................................................................................................

227

Synchronizing NTP from IEEE1588.....................................................................................

228

IRIGB Fundamentals.................................................................................................................

228

IRIGB Output Formats..........................................................................................................

228

Reference Clocks...................................................................................................................

229

How The Router Selects A Reference Clock.........................................................................

229

GPS Cable compensation...........................................................................................................

229

IRIGB/IEEE1588 Main Menu.......................................................................................................

230

General Configuration ..............................................................................................................

230

IRIGB Configuration ................................................................................................................

231

IEEE1588 Configuration...........................................................................................................

231

IRIGB Status..............................................................................................................................

232

IEEE1588 Status........................................................................................................................

232

IRIGB Log.................................................................................................................................

233

Chapter 25 – Configuring The Snort IDS..........................................................................................

235

Introduction....................................................................................................................................

235

Snort Fundamentals...................................................................................................................

235

Which Interfaces To Monitor.................................................................................................

235

Snort Rules.............................................................................................................................

235

Alerting Methods...................................................................................................................

236

Performance And Resources..................................................................................................

236

Snort IDS Main Menu....................................................................................................................

236

Global Configuration.................................................................................................................

236

Interfaces................................................................................................................................

236

Rulesets..................................................................................................................................

237

Rule Lookup by SID ............................................................................................................

238

Network Settings .......................................................................................................................

238

PreProcessors.............................................................................................................................

238

Alerts & Logging.......................................................................................................................

239

Edit Config File..........................................................................................................................

239

Chapter 26 – Maintaining The Router...............................................................................................

240

Introduction....................................................................................................................................

240

Alert System...................................................................................................................................

240

14

RuggedCom

 

Table Of Contents

Alert Menu.................................................................................................................................

240

Alert Configuration....................................................................................................................

241

Alert Filter Configuration .........................................................................................................

242

Alert Definition Configuration..................................................................................................

242

Change Alert Definition.........................................................................................................

243

Gauntlet Security...........................................................................................................................

245

What And How Gauntlet Protects..........................................................................................

245

Gauntlet And The Firewall....................................................................................................

245

Gauntlet Status Menu.................................................................................................................

246

Upgrading Gauntlet................................................................................................................

246

Backup And Restore .....................................................................................................................

247

General Configuration...............................................................................................................

248

Archive History..........................................................................................................................

249

Archive Backup.........................................................................................................................

249

Archive Restore.........................................................................................................................

250

Archive Difference Tool............................................................................................................

251

SNMP Configuration.....................................................................................................................

252

SNMP Configuration Main Menu.............................................................................................

253

System Configuration................................................................................................................

253

Network Addressing Configuration...........................................................................................

253

Access Control...........................................................................................................................

254

Trap Configuration.....................................................................................................................

256

MIB Support..............................................................................................................................

257

Radius Authentication....................................................................................................................

258

Radius Authentication Configuration........................................................................................

259

Edit Radius Server Parameters..................................................................................................

259

Outgoing Mail............................................................................................................................

260

Chassis Parameters........................................................................................................................

261

System Logs...................................................................................................................................

262

Syslog Factory Defaults.............................................................................................................

262

Remote Logging.........................................................................................................................

263

Upgrade System.............................................................................................................................

265

RuggedRouter Software Fundamentals.....................................................................................

265

When A Software Upgrade Requires A Reboot........................................................................

266

Automatic Upgrade....................................................................................................................

266

Upgrade to RX1100...................................................................................................................

267

Change Repository Server.........................................................................................................

267

Automatic Upgrading.................................................................................................................

268

Upgrading All Packages.............................................................................................................

268

Installing A New Package..........................................................................................................

269

Pre-upgrade/Post-upgrade scripts..............................................................................................

269

Uploading And Downloading Files...............................................................................................

271

Chapter 27 – Security Considerations...............................................................................................

272

Introduction....................................................................................................................................

272

Security Actions ............................................................................................................................

272

Appendix A – Setting Up A Repository ...........................................................................................

274

Repository Server Requirements .................................................................................................

274

Initial Repository Setup.................................................................................................................

274

Upgrading The Repository.............................................................................................................

275

RuggedCom

15

RuggedRouterä User Guide

 

Setting Up The Routers..................................................................................................................

275

An Alternate Approach..............................................................................................................

275

Upgrading Considerations .........................................................................................................

276

Appendix B – Downgrading Router Software ..................................................................................

277

Appendix C – Installing Apache Web Server On Windows..............................................................

278

Appendix D – Installing IIS Web Server On Windows.....................................................................

280

Appendix E – Radius Server Configuration......................................................................................

281

FreeRadius.............................................................................................................................

281

Windows Internet Authentication Service.............................................................................

281

Index...................................................................................................................................................

285

16

RuggedCom

 

Table Of Figures

Table Of Figures

 

Figure 1: RuggedRouter Setup Main Menu.........................................................................................

29

Figure 2: RuggedRouter Setup Password Change Menu....................................................................

30

Figure 3: RuggedRouter Interfaces Setup Menu.................................................................................

30

Figure 4: RuggedRouter DNS Client Menu.........................................................................................

30

Figure 5: Radius Server Configuration menu......................................................................................

31

Figure 6: Gauntlet Setup Menu............................................................................................................

32

Figure 7: RuggedRouter Date/Time/Timezone Menu.........................................................................

32

Figure 8: RuggedRouter Hardware Information Menu.......................................................................

33

Figure 9: Selecting a configuration to reload.......................................................................................

34

Figure 10: Selecting a previously made configuration........................................................................

34

Figure 11: Signing On To The Router With A Web Browser.............................................................

35

Figure 12: RuggedRouter Web Interface Main Menu Window..........................................................

36

Figure 13: LED Status Panel...............................................................................................................

37

Figure 14: Meaning of LEDs...............................................................................................................

38

Figure 15: Webmin Configuration Menu............................................................................................

39

Figure 16: Webmin Configuration Menu, IP Access Control.............................................................

39

Figure 17: Webmin Configuration Menu, Ports and Addresses..........................................................

40

Figure 18: Webmin Configuration Menu, Change Help Server..........................................................

41

Figure 19: Webmin Configuration Menu, Logging.............................................................................

41

Figure 20: Webmin Configuration Menu, Authentication..................................................................

42

Figure 21: Webmin Events Log...........................................................................................................

43

Figure 22: Bootup and Shutdown, Part 1.............................................................................................

45

Figure 23: Bootup and Shutdown, Part 2.............................................................................................

46

Figure 24: System Menu Change Password Command......................................................................

46

Figure 25: Scheduled Commands........................................................................................................

46

RuggedCom

17

RuggedRouterä User Guide

 

Figure 26: Scheduled Commands Displaying a Command.................................................................

47

Figure 27: Webmin Scheduled Cron Jobs............................................................................................

48

Figure 28: Creating a Cron Job............................................................................................................

48

Figure 29: Scheduled Cron Jobs menu displaying cron jobs...............................................................

49

Figure 30: System Hostname...............................................................................................................

49

Figure 31: System Time.......................................................................................................................

49

Figure 32: Network Configuration Menu............................................................................................

51

Figure 33: Core Networking Settings..................................................................................................

52

Figure 34: Dummy Interface................................................................................................................

52

Figure 35: Routing And Gateways......................................................................................................

53

Figure 36: Static Multicast Routing.....................................................................................................

55

Figure 37: DNS Client.........................................................................................................................

56

Figure 38: Host Addresses...................................................................................................................

56

Figure 39: End To End Backup Example............................................................................................

57

Figure 40: End To End Backup...........................................................................................................

58

Figure 41: Ethernet Menu....................................................................................................................

61

Figure 42: Current and Boot Time Ethernet Configuration.................................................................

61

Figure 43: Editing a Network Interface...............................................................................................

62

Figure 44: Creating an Virtual Interface..............................................................................................

63

Figure 45: Creating an Virtual Lan Interface.......................................................................................

63

Figure 46: Editing a Boot Time Interface............................................................................................

63

Figure 47: List PPPoE Interfaces.........................................................................................................

64

Figure 48: Editing a PPPoE Interface..................................................................................................

65

Figure 49: Display PPP Logs...............................................................................................................

66

Figure 50: T1/E1 Trunks And Interfaces.............................................................................................

68

Figure 51: T1/E1 Network Interfaces Initial Configuration................................................................

69

Figure 52: T1/E1 Network Interfaces After Channel Creation............................................................

69

18

RuggedCom

 

Table Of Figures

Figure 53: T1/E1 Network Interfaces After Interface Creation...........................................................

70

Figure 54: Edit T1 Interface.................................................................................................................

71

Figure 55: Edit Logical Interface (Frame Relay).................................................................................

72

Figure 56: Edit Logical Interface (PPP)...............................................................................................

73

Figure 57: T1/E1 Link Statistics..........................................................................................................

74

Figure 58: Frame Relay Statistics........................................................................................................

75

Figure 59: PPP Link Statistics.............................................................................................................

76

Figure 60: T1/E1 Loopback Menu.......................................................................................................

77

Figure 61: T1/E1 Loopback.................................................................................................................

77

Figure 62: T3 Trunks And Interfaces...................................................................................................

80

Figure 63: T3 Network Interfaces Initial Configuration......................................................................

80

Figure 64: T3 Network Interfaces Initial Configuration......................................................................

80

Figure 65: Edit T3 Interface.................................................................................................................

81

Figure 66: Edit T1 Interface.................................................................................................................

81

Figure 67: Edit Logical Interface (Frame Relay).................................................................................

82

Figure 68: Edit Logical Interface (PPP)...............................................................................................

82

Figure 69: DDS Trunks And Interfaces...............................................................................................

86

Figure 70: DDS WAN Interfaces.........................................................................................................

86

Figure 71: DDS WAN Interfaces after logical interface assignment..................................................

86

Figure 72: Edit Logical Interface (Frame Relay), single DLCI...........................................................

87

Figure 73: Edit Logical Interface (Frame Relay), multiple DLCIs.....................................................

87

Figure 74: Edit Logical Interface (PPP)...............................................................................................

88

Figure 75: DDS Link Statistics............................................................................................................

88

Figure 76: ADSL Interfaces.................................................................................................................

93

Figure 77: ADSL WAN Interfaces......................................................................................................

93

Figure 78: Edit Logical Interface (PPPoE)..........................................................................................

94

Figure 79: Edit Logical Interface (Bridged).........................................................................................

95

RuggedCom

19

RuggedRouterä User Guide

 

Figure 80: ADSL Link Statistics..........................................................................................................

96

Figure 81: Modem Interface................................................................................................................

98

Figure 82: Edit Modem Configuration................................................................................................

98

Figure 83: Configure Modem PPP Client..........................................................................................

100

Figure 84: Configure Modem PPP Client..........................................................................................

100

Figure 85: Configure Modem PPP Server.........................................................................................

101

Figure 86: Incoming Call Logs..........................................................................................................

102

Figure 87: PPP Logs..........................................................................................................................

102

Figure 88: PPP Connection Logs.......................................................................................................

103

Figure 89: Starting Shorewall Firewall Menu...................................................................................

114

Figure 90: Shorewall Firewall Menu.................................................................................................

115

Figure 91: Firewall Network Zones...................................................................................................

116

Figure 92: Firewall Network Interfaces.............................................................................................

117

Figure 93: Editing a Firewall Network Interfaces.............................................................................

117

Figure 94: Firewall Zone Hosts.........................................................................................................

119

Figure 95: Firewall Default Policies..................................................................................................

119

Figure 96: Editing A Firewall Default Policy....................................................................................

120

Figure 97: Firewall Masquerading And SNAT..................................................................................

120

Figure 98: Editing A Masquerading Rule..........................................................................................

120

Figure 99: Firewall Rules..................................................................................................................

121

Figure 100: Editing A Firewall Rule.................................................................................................

121

Figure 101: Static NAT......................................................................................................................

122

Figure 102: Creating a Static NAT Entry..........................................................................................

122

Figure 103: Actions When Stopped...................................................................................................

123

Figure 104: IPsec VPN Configuration Menu Before Key Generation .............................................

128

Figure 105: IPsec VPN Configuration Menu Before After Generation ...........................................

129

Figure 106: IPsec VPN Configuration After Connections Have Been Created................................

130

20

RuggedCom

 

Table Of Figures

Figure 107: Server Configuration......................................................................................................

130

Figure 108: Show Public Key............................................................................................................

131

Figure 109: Preshared Keys...............................................................................................................

131

Figure 110: List Certificates..............................................................................................................

132

Figure 111: Editing A VPN Connection, Part 1................................................................................

132

Figure 112: Editing A VPN Connection, Part 2................................................................................

134

Figure 113: IPsec Status.....................................................................................................................

135

Figure 114: End To End Backup Example........................................................................................

136

Figure 115: OSPF And VRRP Example............................................................................................

146

Figure 116: Dynamic Routing Menu.................................................................................................

147

Figure 117: Enable Protocols Menu..................................................................................................

148

Figure 118: Core Menu......................................................................................................................

148

Figure 119: Core Global Parameters.................................................................................................

148

Figure 120: Core Interface Parameters..............................................................................................

149

Figure 121: OSPF Menu....................................................................................................................

150

Figure 122: OSPF Global Parameters................................................................................................

150

Figure 123: OSPF Interfaces..............................................................................................................

152

Figure 124: Network Areas................................................................................................................

153

Figure 125: RIP Menu.......................................................................................................................

154

Figure 126: RIP Global Parameters...................................................................................................

154

Figure 127: RIP Interfaces.................................................................................................................

156

Figure 128: RIP Networks.................................................................................................................

157

Figure 129: Link Backup Main Menu...............................................................................................

160

Figure 130: Link Backup Main Menu...............................................................................................

160

Figure 131: Link Backup Configuration............................................................................................

160

Figure 132: Link Backup Configuration............................................................................................

161

Figure 133: Link Backup Log............................................................................................................

162

RuggedCom

21

RuggedRouterä User Guide

 

Figure 134: Link Backup Status........................................................................................................

162

Figure 135: Test Link Backup...........................................................................................................

162

Figure 136: VRRP Example..............................................................................................................

166

Figure 137: VRRP Main Menu..........................................................................................................

168

Figure 138: VRRP Configuration......................................................................................................

168

Figure 139: VRRP Instance...............................................................................................................

169

Figure 140: VRRP Instances Status...................................................................................................

170

Figure 141: Traffic Prioritization Main Menu...................................................................................

174

Figure 142: Interface Prioritization Menu........................................................................................

174

Figure 143: Prioritization Queue Configuration...............................................................................

175

Figure 144: Prioritization Filter Configuration.................................................................................

175

Figure 145: Prioritization Statistics..................................................................................................

176

Figure 146: VRRP Example..............................................................................................................

177

Figure 147: GRE Main Menu............................................................................................................

178

Figure 148: GRE Tunnel Configuration Menu.................................................................................

178

Figure 149: Network Utilities Main Menu.......................................................................................

181

Figure 150: Ping Menu.....................................................................................................................

182

Figure 151: Traceroute Menu...........................................................................................................

182

Figure 152: Host Menu.....................................................................................................................

183

Figure 153: Tcpdump Menu.............................................................................................................

183

Figure 154: Frame Relay Trace Menu..............................................................................................

184

Figure 155: Serial Server Port Trace Menu......................................................................................

185

Figure 156: Interface Statistics Menu..............................................................................................

185

Figure 157: Current Routing & Interface Table................................................................................

186

Figure 158: Serial Protocols Server Main Menu...............................................................................

192

Figure 159: Assign Protocols Menu..................................................................................................

193

Figure 160: Port Settings Menu.........................................................................................................

193

22

RuggedCom

 

Table Of Figures

Figure 161: Raw Socket Menu..........................................................................................................

194

Figure 162: Serial Protocols Statistics Menu.....................................................................................

195

Figure 163: Serial Protocols Trace Menu..........................................................................................

196

Figure 164: Layer 2 Tunnels Main Menu.........................................................................................

200

Figure 165: General Configuration Menu.........................................................................................

201

Figure 166: GOOSE Menu................................................................................................................

201

Figure 167: GOOSE Menu................................................................................................................

201

Figure 168: GOOSE Statistics Menu.................................................................................................

202

Figure 169: Activity Trace Menu......................................................................................................

203

Figure 170: DHCP Server Menu.......................................................................................................

212

Figure 171: DHCP Shared Network Configuration..........................................................................

213

Figure 172: DHCP Subnet Configuration..........................................................................................

214

Figure 173: DHCP Group Configuration..........................................................................................

215

Figure 174: DHCP Host Configuration............................................................................................

215

Figure 175: DHCP Pool Configuration.............................................................................................

216

Figure 176: NTP Server.....................................................................................................................

219

Figure 177: NTP Generic Options.....................................................................................................

219

Figure 178: NTP Server List..............................................................................................................

220

Figure 179: NTP Status......................................................................................................................

221

Figure 180: NTP Log.........................................................................................................................

221

Figure 181: GPS Status......................................................................................................................

222

Figure 182: GPS Log.........................................................................................................................

222

Figure 183: SSH Server.....................................................................................................................

224

Figure 184: SSH Server Authentication Menu..................................................................................

224

Figure 185: SSH Server Networking.................................................................................................

225

Figure 186: SSH Server Access Control............................................................................................

225

Figure 187: IRIGB/1588 Main Menu...............................................................................................

230

RuggedCom

23

RuggedRouterä User Guide

 

Figure 188: IRIGB/IEEE1588 General Configuration menu...........................................................

230

Figure 189: IRIGB Configuration menu...........................................................................................

231

Figure 190: IEEE1588 Configuration Menu....................................................................................

231

Figure 191: IRIGB GPS Status.........................................................................................................

232

Figure 192: IEEE1588 Status...........................................................................................................

232

Figure 193: IRIGB GPS Status.........................................................................................................

233

Figure 194: Snort Main Menu part 1................................................................................................

236

Figure 195: Snort Main Menu part 2................................................................................................

236

Figure 196: Snort Main Menu part 3................................................................................................

237

Figure 197: Snort Ruleset Edit..........................................................................................................

237

Figure 198: Snort Network Settings.................................................................................................

238

Figure 199: Snort Preprocessors.......................................................................................................

238

Figure 200: Snort Alerts....................................................................................................................

239

Figure 201: Alert Main Menu............................................................................................................

240

Figure 202: Alert Configuration Menu..............................................................................................

241

Figure 203: Alert Filter Configuration Menu....................................................................................

242

Figure 204: Alert Definition Configuration Menu............................................................................

242

Figure 205: Change Alert Definition Menu.......................................................................................

243

Figure 206: Gauntlet Security Appliance Menu...............................................................................

246

Figure 207: System Backup And Restore..........................................................................................

247

Figure 208: General Configuration Setup..........................................................................................

248

Figure 209: Archive History..............................................................................................................

249

Figure 210: Archive Backup..............................................................................................................

249

Figure 211: Archive Backup, Complete............................................................................................

249

Figure 212: Archive Restore Menu...................................................................................................

250

Figure 213: Start Restore...................................................................................................................

250

Figure 214: Archive Differences Menu.............................................................................................

251

24

RuggedCom

 

Table Of Figures

Figure 215: Archive Differences List................................................................................................

251

Figure 216: Show Difference for selected file between two targets..................................................

252

Figure 217: SNMP Main Configuration page....................................................................................

253

Figure 218: System Configuration page............................................................................................

253

Figure 219: Network Addressing Configuration page, Client Address.............................................

253

Figure 220: Network Addressing Configuration page, Addresses to listen on.................................

254

Figure 221: Access Control page, SNMP V1 and V2c......................................................................

254

Figure 222: Access Control page, SNMP V3....................................................................................

255

Figure 223: Trap Configuration page, Trap Options.........................................................................

256

Figure 224: Trap Destinations V1 and V2c.......................................................................................

256

Figure 225: Trap Destinations V3......................................................................................................

256

Figure 226: Radius Authentication Main Menu................................................................................

259

Figure 227: Radius Authentication Server Parameters......................................................................

259

Figure 228: Radius Authentication Main Menu................................................................................

260

Figure 229: Chassis Parameters Menu..............................................................................................

261

Figure 230: System Logs...................................................................................................................

262

Figure 231: Changing a Syslog entry to remote log..........................................................................

263

Figure 232: Software Upgrade System..............................................................................................

265

Figure 233: Upgrade to RX1100........................................................................................................

267

Figure 234: Change Repository Server..............................................................................................

267

Figure 235: Automatic Upgrade........................................................................................................

268

Figure 236: Upgrading All Packages.................................................................................................

268

Figure 237: Installing A New Package..............................................................................................

269

Figure 238: Upload/Download menu................................................................................................

271

Figure 239: Apache Default Web Page.............................................................................................

278

Figure 240: Installing IIS...................................................................................................................

280

Figure 241: IAS Window - Edit Remote Access Policy....................................................................

282

RuggedCom

25

RuggedRouterä User Guide

 

Figure 242: IAS Window - Edit Profile.............................................................................................

282

Figure 243: IAS Window – Add Attribute.........................................................................................

283

Figure 244: IAS Window – Multivalued Attribute Information........................................................

283

Figure 245: IAS Window – Vendor-Specific Attribute Information.................................................

283

Figure 246: IAS Window – Configure VSA (RFC compliant).........................................................

284

26

RuggedCom

Chapter 1 – Setting Up And Administering The Router

Chapter 1 – Setting Up And Administering The

Router

Introduction

This chapter familiarizes the user with the RuggedCom Serial Console interface, the RuggedRouterä Setup script and signing on to the Web interface. This chapter describes the following procedures:

·Running the Setup Script

·Signing on the Web Interface

·Signing on to the Command Prompt

·Restoring the default configuration

Access Methods

You can access the router through the console, Ethernet ports, WAN ports and the modem port.

Accounts And Password Management

The router provides an “rrsetup” account which provides a shell that quickly configures such items as passwords, addresses, date/time and services offered by the router. It is very useful to sign-in to this shell first, harden the router, and configure network addresses in order that the router be reachable from the network through Web Management. The rrsetup password should be changed, recorded securely and restricted to qualified personnel.

The root account provides a superuser capability for SSH shell access and the Web server. The password should be changed, recorded securely and restricted to qualified personnel.

The root and rrsetup accounts may be also be managed through radius authentication.

The Web management agent can be accessed through the root account. It may also be accessed through a number of radius accounts via radius authentication. This offers the advantage of attributing actions in logs to the specific user, as opposed to the root user.

Default Configuration

Your RuggedRouterä is shipped from the factory with the following defaults:

·Ethernet ports are enabled and have an address of 192.168.X.1 where X is the port number,

·WAN and modem ports are disabled,

·IRIG-B output ports are disabled,

·Setup account “rrsetup”, password “admin”,

·Superuser account “root”, password “admin”,

·SSH and Web Management interfaces are enabled by default. All other services (including Serial Protocol Server, DHCP server, NTP server, End to

RuggedCom

27

RuggedCom RX1000, RX1100 User Manual

RuggedRouterä User Guide

End Backup Server, VPN Server, NFS, OSPF/RIP protocol and firewall) are disabled by default.

Accessing The RuggedRouterä Command Prompt

From the Console Port

Attach a terminal (or PC running terminal emulation software) to the RS232 port on the rear of the chassis. The terminal should be configured for 8 bits, no parity operation at 38.4 Kbps. Hardware and software flow control must be disabled. Select a terminal type of VT100.

Once the terminal is connected, pressing <CR> will prompt for the user to login as and that user's password. Sign-in as either the rrsetup or root user. The router is shipped with default passwords of “admin” for either of these accounts.

From SSH

Use an SSH agent running the version 2 protocol. SSH to either the rrsetup or root accounts of the router at one of its IP addresses described above. The router is shipped with default passwords of “admin” for either of these accounts.

The RuggedRouter Setup Shell

Signing-in as the rrsetup user will automatically enter the configuration shell shown below. Quitting the shell (with cancel, or by entering escape) will cause the connection to close.

Figure 1: RuggedRouter Setup Main Menu

The shell provides a number of configuration commands, described below.

Configuring Passwords

The Change Passwords command changes the rrsetup and root account passwords. These passwords should be changed before installing the router on the network.

28

RuggedCom

Loading...
+ 254 hidden pages