Enterasys Networks XSR-3020 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Enterasys Networks XSR-3020. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Enterasys Networks XSR-3020 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Enterasys Networks XSR-3020 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Enterasys Networks XSR-3020 devrait contenir:
- informations sur les caractéristiques techniques du dispositif Enterasys Networks XSR-3020
- nom du fabricant et année de fabrication Enterasys Networks XSR-3020
- instructions d'utilisation, de réglage et d’entretien de l'équipement Enterasys Networks XSR-3020
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Enterasys Networks XSR-3020 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Enterasys Networks XSR-3020 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Enterasys Networks en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Enterasys Networks XSR-3020, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Enterasys Networks XSR-3020, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Enterasys Networks XSR-3020. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    X-Pedition ™ Security Router XSR-3020 Getting Started Guide V ersion 3.0 P/N 9033866-06 8.5x11-inch cover with bleed on 4 sides[...]

  • Page 2

    [...]

  • Page 3

    i Notice Enterasys Networks  reserv es  the  right  to  make  changes  in  s pecifications  and  other  information  contained  in  this  document  and  its  web  site  without  prior  no tice.  The  reader  should  in  all  cases  consult  Enterasys Networks [...]

  • Page 4

    ii Regulatory Compliance Information Federal Communications Commiss ion (FCC) Notice The  XSR  complies  with  Title  47,  Par t  15,  Class  A  of  FCC  rule s.  Operation  is  subject  to  the  following  tw o  conditions: •T h i s  device  may  no t  cause  harmful  [...]

  • Page 5

    iii Industry Canada Notices This  digital  apparatus  does  not  exceed  the  class  A  limits  for  radio  noise  emissions  from  di gital  apparatus  set  out  in  the  Radio  Interfer ence  Regulations  of  the  Canadian  Department  of  Communications. Le ?[...]

  • Page 6

    iv Product Safety This  product  complies  with  the  following:  UL  60950,  CSA  C22.2  No.  60950,  73/23/EEC,  EN  60950,  EN  60825,  IEC  60950. Use  the  XSR  with  the  Advanced  Pow e r  Soluti ons  (APS61ES ‐ 30)  power  supply  included  with  [...]

  • Page 7

    v ѻ ѻ ક䇈ᯢк䰘ӊ Supplement to Product Instructions ᳝↦᳝ᆇ⠽䋼៪ܗ㋴ (Hazardous Substance) 䚼ӊৡ⿄ (Parts) 䪙 3E ∲ +J 䬝 &G ݁Ӌ䫀 &U   ໮⒈㘨㣃 3%% ໮⒈Ѡ㣃䝮 3%'( 䞥ሲ䚼ӊ (Metal Parts) hƻ ƻ h ƻ ƻ ⬉䏃῵ഫ ( Circuit M[...]

  • Page 8

    vi VCCI Notice This  is  a  class  A  product  based  on  the  standard  of  the  V oluntary  Control  Council  for  Interference  by  Information  Te c h n o l o g y  Equipment  (VCCI)  V ‐ 3.  If  this  equipment  is  used  in  a  domestic  environment,[...]

  • Page 9

    vii Australian T elecom WA R N I N G :  Do  not  install  phone  line  connections  during  an  el ectrical  storm. WA R N I N G :  Do  not  connect  phone  line  until  the  inte rface  has  been  config ured  through  loca l  management.  The  serv ice  provider  [...]

  • Page 10

    viii Enterasys Networks, Inc. Firmware License Agreement BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This  document  is  an  agreemen t  (“ Agreement” )  betw een  the  end  user  (“Y ou”)  and  Enterasys  Networks,  Inc.,  on  behalf  of  its[...]

  • Page 11

    ix If  the  Program  is  exported  from  the  United  Stat es  pursuant  to  the  License  Ex ception  TSR  und er  the  U.S.  Export  Administration  Regulations,  in  addition  to  the  restriction  on  transfer  set  forth  in  Sec tion  1  or  [...]

  • Page 12

    x 11. ASSIGNMENT. You  may  not  assign,  transfer  or  sublicense  this  Agreement  or  any  of  Your  rights  or  obligations  under  this  Agreement,  except  that  You  may  assign  this  Agreem ent  to  any  person  or  entity  which  acquires  s[...]

  • Page 13

    xi Contents About This Guide Contents of the Guide ..... .................... ................... .................... ................... ................... ... .................... .......... xv Conventions Used in This G uid e ........... ................... .................... ................ ................... ........... .................[...]

  • Page 14

    xii Configuring the WAN Ports ...... .................... ................... ................... .................... ................. ..... .................. 3-8 PRI Configuration ......... ................... ................ .................... ................... ................... ....... ...................... .. 3-8 BRI Configuration ..[...]

  • Page 15

    xiii bu ................. ................ ................... ................... ................. ................... ................. ............ ................... 3-36 bU .......... ................... .................... ................ ................... .................... ................ .... ............ ................... 3-36 [...]

  • Page 16

    xiv[...]

  • Page 17

    xv About This Guide This guide provides a general overview of th e XSR-3020 hardwar e and softwar e features and describes how to quickl y install and configur e the XSR. Refer to the XSR CLI Reference Guide and XSR User ’ s Guide for information not contained in this document. This guide is w ritten for administrators who want to configure the X[...]

  • Page 18

    xvi Electrical Hazard : W arns against an action that could result in personal injury or dea th due to an electrical hazard. Riesgo Electric o: Advierte contra una acción que pudiera re sultar en lesión corporal o la muerte debido a un riesgo eléctrico. Elektrisch er Gefahr enhinweis: Installationen sollten nur durch ausgebilde tes und qualifizi[...]

  • Page 19

    xvii Getting Help For  additional  support  related  to  the  XSR,  contact  Enterasys  Netw orks  using  one  of  the  following  methods: Before  contacting  Ente rasys  Networks  for  technic al  support,  have  the  following  information  ready: •Y o u r  Entera[...]

  • Page 20

    xviii[...]

  • Page 21

    XSR Getting Started Guide 1-1 1 Overview This chapter introduces the key features of the XSR-3020 and briefly describes har dware installation. System Description The XSR is a networking device designed for enterp rise r egional offices that provides IP routing over GigabitEthe rnet LAN and T1/E1, S erial (RS 232, X.21, V .35, RS422/530, RS449), Di[...]

  • Page 22

    System Description 1-2 Overview Figure 1-1 T ypical XSR-3020 T opology Hardware Features The semi-modular XSR, shown in Figure 1-2 , comes equipped with the following featur es: • Standard 1U chassis (1-1 1/16 inches high by 17 in ches wide by 21 inches deep) mountable in a standard 19” rack. • Broadcom 1250 dual-CPU, 64-bit processor (1 700 [...]

  • Page 23

    System Description XSR Getting Started Guide 1-3 Figure 1-2 XSR-3020 • T wo Network Interface Modu le (NIM ) slots for these optional cards: • 1, 2, or 4 full, fractional and channeli zed T1/E1 W AN NIM with integral CSU/DSU or Primary Rate Interface (PRI) ports (RJ-48C). • 1-port T3/E3 channelized/unchannelized W A N NIM wi th BNC ports. Thi[...]

  • Page 24

    System Description 1-4 Overview • 14 diagnostic LEDs to displ ay port, and system st atus as well as indicate a Flash upgrade in progr ess. • Five system fans with failur e detection capability and thr ee fans dedicated to power supply cooling. Sof tware Features The XSR provides the following software featur es: Operating System • Multi-thre[...]

  • Page 25

    System Description XSR Getting Started Guide 1-5 • Simple Network T ime Protocol (SNTP) server •O S f a l l b a c k IP Routing • Static and multipl e routes to the same destination • Redistribution of r outes from RIP , OSPF , BGP , connected, or static into RIP , OSPF , and BGP •R I P - 1 & R I P - 2 •O p e n S h o r t e s t P a t [...]

  • Page 26

    System Description 1-6 Overview Security • Stateful inspection fi rewall engi ne • F TP , H.323, and RPC (SUN and Microsoft) ALG support • Application commands for F TP , SMTP , & HTTP • Firew all logging and authentication • Firew all interaction with NA T & VPN • Standard and Extended Access Control Lists • Denial of Service[...]

  • Page 27

    System Description XSR Getting Started Guide 1-7 • Periodic Keep-Alive message s to learn of connection problems • Multi-pr otocol interconnect over Frame Relay - RFC-2427 • RFC-2390 Frame Relay Inverse ARP to discover IP address of r emote peer when used in multi- point mode and responds to incoming Inverse ARP r equests independent of P2P o[...]

  • Page 28

    System Description 1-8 Overview • Bandwidth optimization (BoD) & Dial on Demand (DoD) • Bandwidth Allocation Protocol (BAP) • Security: P AP/CHAP • Call monitoring • Multilink PPP (MLPPP) • Per call activation for NTT switches • Frame Relay over ISDN Quality of Service (QoS) • T raffic classification using IP Precedence and Diff[...]

  • Page 29

    System Description XSR Getting Started Guide 1-9 SecurID (third-party plug-in) Certificates (embedded/smart cards) – Micr osoft only •E n c r y p t i o n • Advanced Encryption Standar d (AES), T rip le Data Encryption Standard (3DES), Data Encryption Standard (DES) • 3DES/DES acceleration • Data Integrit y • MD5 & SHA-1 algorithms ?[...]

  • Page 30

    System Description 1-10 Overview Asynchronous Digit al S ubscriber Line (ADSL) • POTS and ISDN circuit support • A TM Frame UN I (FUNI) data framing format • OAM cells: AIS, RDI, CC, Loopback ove r F4 and F5 flows • Up to 30 A TM Permanent V irtual Cir cuits (PVCs) • A TM U BR traffic class • A TM A daption Layers 0, 5 • PDU encapsula[...]

  • Page 31

    Installation Overview XSR Getting Started Guide 1-11 • Switched PPP Multilink connections • Backup using ISDN & MLPPP connections • Dialer interface spoofing • Dialer watch Inst allation Overview Installing the XSR consists of performing the fo llowing general steps. For detailed instructions, ref er to Chapters 2 and 3 of this manual. [...]

  • Page 32

    Installation Overview 1-12 Overview[...]

  • Page 33

    XSR Getting Started Guide 2-1 2 Hardware Installation Introduction This chapter provides a checklist to verify your shipment, suggestions for the installation si te, and describes how to instal l the following XSR har dware: • NIM cards • Optional - CompactFlas h card (standard with ADSL NIM) • Connecting cables V erifying Y our Shipment Befo[...]

  • Page 34

    Installing NIM Cards and Rack Mounting 2-2 Hardware Installation • Each XSR AC power supply requires a thr ee-pr onged power receptacle capable of delivering the current and voltage specified in Appendix A . An AC outlet on a separately fused circuit is requir ed for each XSR to provide power r edundancy , and must be located within 182 centimete[...]

  • Page 35

    Installing NIM Cards and Rack Mounting XSR Getting Started Guide 2-3 4. Remove the NIM slot cover , as shown in Figur e 2-2 , by grasping the handle and pulling it to the side befor e taking it out. Figure 2-2 Removing NIM Slot Cov er 5. Gently attach the NIM car d(s) to the connecto r on the motherboar d and secure with f our screws, as shown in F[...]

  • Page 36

    Installing NIM Cards and Rack Mounting 2-4 Hardware Installation 7. Attach the rack brackets to the chassi s with the scr ews supplied, as shown in Fi gure 2-4 . Figure 2-4 Fastening Rack Bracket s 8. Mount the bracketed XSR to your rack, as shown in Figur e 2-5 . Figure 2-5 Att aching XSR to Rack NIM 1 NIM 2 1000 GBIC Link TX 10/100/1000 10/100/10[...]

  • Page 37

    Installing a CompactFlash Memory Card XSR Getting Started Guide 2-5 Inst alling a Comp actFlash Memory Card An optional CompactFlash (CF) memory card provides additional non-volatile storage capabilities in various increments. The CF’s controll er interfaces with a host system allowing data to be written to and read from the CF’s flash memory m[...]

  • Page 38

    Installing a CompactFlash Memory Card 2-6 Hardware Installation 2. Seat the card in the PCMCIA interface as shown in Fi gure 2-8 . Gently insert the CF into the sl ot, taking care that the CF’s wider gr ooved edge fits into the wider track of the PCMCIA interfa ce. If the car d does not seat easily but stops halfway in to the slot, do not force i[...]

  • Page 39

    Connecting Cables XSR Getting Started Guide 2-7 Connecting Cables Perform any of the following steps to connect your cabling to optiona l W A N or LAN NIMs, GigabitEthernet ports, and power supply: 1. Connect the serial COM cable pro vided in the packing box to your P C connector , as shown in Figur e 2-9 . Figure 2-9 Connecting Seri al COM (Consol[...]

  • Page 40

    Connecting Cables 2-8 Hardware Installation Figure 2-1 1 Connecting High Speed Ser ial Connector Figure 2-12 Att aching T3/E3 BNC Connectors NIM 1 NIM 2 SECURITY ROUTERS XSR-3020 NIM 1 NIM 2 S E C U R ITY R O U TE R S XSR-3020 ALARM LOS ENABLE LOF Tx Rx id[...]

  • Page 41

    Connecting Cables XSR Getting Started Guide 2-9 Figure 2-13 Connecting ADSL Connector A CompactFlash card is provided with the XSR ADSL NIM. It is loaded with the Digital Signal Processing (DSP) firmware ( adsl.fls ) r equired to communicate with your DSLAM. When inserted into the Compa ct Flash slot - upon firs t configu ring an A TM interface - t[...]

  • Page 42

    Connecting Cables 2-10 Hardware Installation 3. Connect the Ethernet port(s) to your LAN connectors with a cable, as shown in Figure 2-15 . Figure 2-15 Att aching Ethernet Connector 4. Insert the Mini-GBIC module in the GBIC slot then connect the optical cable, as shown in Figure 2- 16 . Figure 2-16 Inserting Mini-GBIC Module 1000 G BIC Link TX 10/[...]

  • Page 43

    Connecting Cables XSR Getting Started Guide 2-11 5. Attach either the Ethernet or Fi ber E thernet LAN NIM, as shown in Figur e 2-17 and Figure 2- 18 , respectively . Figure 2-17 Att aching Ethernet LAN NIM Connector Figure 2-18 Att aching Ethernet Fiber LAN NIM Connector NIM 1 NIM 2 SECURITY ROUTERS XSR-3020 A C T LIN K N IM - ETH R - 01 NIM 1 NIM[...]

  • Page 44

    Connecting Cables 2-12 Hardware Installation 6. Attach the power supply cord to the connec tor at the r ear of the XSR, as shown in Figure 2-19 and plug in the country-specific power cor d co nnects to a wall socket. The XSR will power up. Figure 2-19 Connecting Power Supply Cord Y ou are now r eady to configure the softwar e and initialize the XSR[...]

  • Page 45

    XSR Getting Started Guide 3-1 3 Software Configuration This chapter describes how to init ializ e, quickly set up and verify your configurati on for the XSR. Refer to the XSR CLI Referenc e Guide for a more thor ough explanation of commands and parameter options. The chapter also includes sample co nfiguration scripts, de tailed XSR rebooting chara[...]

  • Page 46

    Initializing XSR Software 3-2 Software Configuration • ETH 10/100/1000 LEDs turn ON and OFF a fe w times during initialization as the XSR pro ce ed s f rom bo ot rom to po we r u p d ia gn os ti cs to so ft wa re i ma ge , t hen th e y rem ai n ON or OFF depending on the LA N type. • ETHERNET Activity LEDs bl ink when frames pass on the LAN. ?[...]

  • Page 47

    Opening a COM (Console) Session XSR Getting Started Guide 3-3 first error will be reported, along with a count of the sum of err ors incurred. In the case of a single err or , only the error line will be r eported. Error messages will be logged as well. Because the result of cont inuing to pr ocess a flawed startup-config is not pr edictable, the n[...]

  • Page 48

    Optional: Configuring Remote Auto In stall 3-4 Software Configuration same node - 10.10.1.2 (configuration of DNS and TF TP servers are not shown here). In short, the DNS server should map IP addresses 133.133.1.2 and 133.133.1.3 to hostnames. On the TF TP server , you should create a startup-config file with names <hostname>-confi g in a dir[...]

  • Page 49

    Optional: Configuring Remote Auto Install XSR Getting Started Guide 3-5 ****************** REMOTE AUTO INSTA LL TERMINATING***************** + The RAI process is complete and is preoceding to s ystem in itialization where it will process the new startup- config file. Configuring RAI fo r DHCP over LAN The following example configures DHCP server to[...]

  • Page 50

    Optional: Configuring Remote Auto In stall 3-6 Software Configuration virtual-template 1 pppoe limit per-mac 10 + This is an optional command. pppoe limit max-sessions 32000 + This is an optional command. interface GigabitEthernet1/0/0 no ip address negotiation auto ! interface GigabitEthernet1/0/0.10 encapsulation dot1Q 20 pppoe enable pppoe max-s[...]

  • Page 51

    Configuring the XSR Name and User Information XSR Getting Started Guide 3-7 + The XSR waits one minute for the PPPoE connection to come up. Phase 4 - ADSL - IP is connected on 0/35, prepare to load startup config + The XSR starts downloading the startup-file. Phase 6 - ATM/ADSL - retrieving file 0000019876543210-confg from tftp server 25 5.255.255.[...]

  • Page 52

    Configuring the LAN Ports 3-8 Software Configuration XSR(config)#sntp-server enable Remember to save your conf iguration after all edits. Configuring the LAN Port s 1. Enter interface gigabitethernet < 1 | 2 | 3 > to acquir e Interface mode and se lect the first, second or third GigabitEthernet port. 2. Enter ip address <xxx.xxx.xxx.xxx>[...]

  • Page 53

    Configuring the WAN Ports XSR Getting Started Guide 3-9 The value you set must match the type and format of fered by your service pr ovider and must correlate with the NIM card you ar e configuring: sf or esf for T1 cards , and crc4 or no-crc 4 for E1 cards. 7. Enter linecode < ami | b8zs | hdb3 > to configure the encoding type. Th i s s e tt[...]

  • Page 54

    Configuring the WAN Ports 3-10 Software Configuration 3. Enter no shutdown to keep the BRI interface enabled. 4. Enter frame-relay lmi-type <ilmi | ansi | q933a | auto | none > to select the Local Management Interface type. 5. Enter interface bri 0:<1 | 2>.<1-30> multi-point to acquire BRI Sub-interface mode and select the BRI por[...]

  • Page 55

    Configuring the WAN Ports XSR Getting Started Guide 3-11 ADSL Configuration ADSL can be configur ed using three dif ferent ty pes of encapsulatio n: PPPoA, PPPoE, and IPoA. Continue configuration with th e ADSL type of your choice. PPPoE The following commands configure a sample PPPoE topology . The first set configures the LAN interface with dire [...]

  • Page 56

    Firewall Sample Configuration 3-12 Software Configuration The commands below configur e the A TM interface and sub-interface with a negotiated IP address, CHAP username and pa sswor d, and bans keepalives. XSR(config)#interface ATM 0 XSR(config-if<ATM0/0>)#no shutdown XSR(config-if<ATM0/0.1>)#interface A TM 0.1 XSR(config-if<ATM0/0.1[...]

  • Page 57

    Firewall Sample Configuration XSR Getting Started Guide 3-13 Figure 3-1 XSR with Firewall T opology In this configuration , the firewall pr ovides protected access from th e private to dmz networks. That is, access is restricted to W eb and mail traffic onl y . The hosts in the private network ar e provided full access to the Internet but access is[...]

  • Page 58

    Setting Up RIP Routing 3-14 Software Configuration T rial load the completed configuration into the firewall engine, and if successful, load the configuration: XSR(config)#ip firewall load trial XSR(config)#ip firewall load Complete LAN and W AN interface configuration: XSR(config)#interface gigabitetherne t 1 XSR(config-if<G1>)#ip address 22[...]

  • Page 59

    Configure OSPF Routing XSR Getting Started Guide 3-15 12. Enter network < xxx.xxx.xxx.xxx > (IP address) of the network to be advertised. Repeat the command to configure additional networks. 13. Enter passive-interface type num if you want t o prevent RIP tr ansmissions on the interface. 14. Enter no receive-interface if you want to disable r[...]

  • Page 60

    Setting Up an SNMP Community String, Traps and V3 Values 3-16 Software Configuration 7. Enter map-class frame-relay < name > to designate this map-class and acquire Map-Class mode. 8. Enter frame-relay cir out < bits > to set the outgoing CIR (the de fault is 56000 bps). Refer to the XSR User ’ s Guide for more deta ils. 9. Enter fram[...]

  • Page 61

    Configuring Message Logging and Severity Level XSR Getting Started Guide 3-17 Groups of fer users authorization ch oices and read/write privileges. 6. Optional. For SNMPv3, enter snmp-server view < name > { oid-tree | treeEntryName }{ includ ed | excluded } to specify a view . V iews offer use rs selective access to the family tr ee or Object[...]

  • Page 62

    Connecting Remotely via the Web 3-18 Software Configuration Connecting Remotely via the W eb 1. Enter configure to acquire Configuration mode. 2. Enter ip http server enable to access the XSR over the W eb. 3. Point your terminal’s W eb browser at the XSR’s IP addr ess. Enter http://<XSR IP address> . The initial W eb access wind ow appea[...]

  • Page 63

    Connecting Remotely via the Web XSR Getting Started Guide 3-19 Click on Pr oduct V ersion to bring up the Pr oduct V ersion window for a hos t of hardwar e, bootrom, and softwar e information as shown in Figure 3-3 . Figure 3-3 Web Produc t V ersion Window Product V ersion Copyright 2004 by Enterasys Networks, Inc. Ha rdw are : Processor boar d ID:[...]

  • Page 64

    LAN-PPP Services Sample Configuration 3-20 Software Configuration LAN-PPP Services Sample Configuration The sample configuration below , see Figur e 3-4 , creates a PPP , fractional T1 leased line connection from the XSR branch node to the Central Site router and a backup serial dial up link to the Back up Si t e re g i on a l ro u te r . Figure 3-[...]

  • Page 65

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR Getting Started Guide 3-21 XSR(config-controller<T1-1/0>)#no sh utdown + Enables T1 controller XSR(config)#interface serial 1/0:0 + Configures Serial interface 1, port 1 us ing channel group 0 and acquires Interface mode XSR(config-if<S1/0:0>)#encapsulation ppp + Enables PPP [...]

  • Page 66

    Frame Relay WAN Link with PPP Backup Sample Configuration 3-22 Software Configuration Configure Users and Passwords XSR(config)#username bob password cl eartext bobspassword + Adds a user and unencrypted password Configure LAN Interface XSR(config)#interface gigabitetherne t 1 + Configures the local LAN port and acquires In terface mode XSR(config-[...]

  • Page 67

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR Getting Started Guide 3-23 XSR(config-pmap-c<priority-server>)# priority medium 20 6400 + Gives medium priority queue a peak 20% of bandw idth & burst size of 6400 bits per second XSR(config)#policy-map data_policy + Adds a policy map and acquires Policy Map mode XSR(config-pma[...]

  • Page 68

    Frame Relay WAN Link with PPP Backup Sample Configuration 3-24 Software Configuration Apply QoS XSR(config)#map-class frame-relay CL ASS-FRP + Adds a FR map class and acquires F R Map Class mode XSR(config-map-class<CLASS-FRP>)#fra me-relay cir out 48000 + Sets this map class’ CIR rate at 48000 bits per second XSR(config-map-class<CLASS-[...]

  • Page 69

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR Getting Started Guide 3-25 XSR(config)#access-list 125 deny ip host 192.168.1.15 any XSR(config)#access-list 125 permit i p 192.162.2.0 0.0.0.255 any XSR(config)#access-list 125 permit i p 192.162.2.0 0.0.0.255 XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip access-group[...]

  • Page 70

    VPN Site-to-Site Sample Configuration 3-26 Software Configuration Configure SNMP The previo usly configured ACL will be applied to all SNMP r equests. Stricter ACLs can be written if tighter security controls ar e required. XSR(config)#snmp-server community to Monitor1 ro 26 + Adds an SNMP community with read-only privileges at tached to ACL 26 XSR[...]

  • Page 71

    VPN Site-to-Site Sample Configuration XSR Getting Started Guide 3-27 Generate Master Encryption Key If you have not alr eady generated a master encryption key , you must do so now to confi gure the VPN. A master key need only be generated once. Generate the master key: XSR(config)#crypto key master genera te New key is 2173 4521 3764 2ff5 163b 4bdf[...]

  • Page 72

    VPN Site-to-Site Sample Configuration 3-28 Software Configuration Create a T ransform Set The following tra nsform-set specifies t he sp ecified encryption/data integrity choices, 768-bit Diffie-Hellman, and an SA lifetime expr essed in kilobytes . The SA seconds lifetime value is di sabled. Some commands are abbr eviated. XSR(config)#crypto ipsec [...]

  • Page 73

    VPN Sample Configuration with Network Extension Mode XSR Getting Started Guide 3-29 XSR(config)#interface vpn 57 multi-p oint XSR(config-int-vpn)#ip address 192.1 68.2.1 255.255.255.0 XSR(config)#router rip XSR(config-router)#network 112.16.10 .0 XSR(config-router)#passive-interface gigabitethernet 2 XSR(config-router)#no receive-interf ace gigabit[...]

  • Page 74

    VPN Sample Configuration with Network Extension Mode 3-30 Software Configuration Figure 3-6 VPN T opology with NEM, EZ-IPSec and Internet Access If you have not alr eady generated a master encryption key , you must do so now to confi gure the VPN. A master key need only be generated once. Generate the master key . Refer to the following sampl e key[...]

  • Page 75

    VPN Sample Configuration with Network Extension Mode XSR Getting Started Guide 3-31 Configur e AAA authenti cation by assignin g a virtual subnet t o the DEF AUL T AAA group, associate it with DNS and WINs servers, and add two AAA users with passwords. When a remote XSR tunnels into the local XSR, it will be assigned these DNS, WINS and PP TP value[...]

  • Page 76

    XSR Rebooting Characteristics 3-32 Software Configuration XSR(config)#access-list 103 permit i p any 10.10.10.0 0.0.0.255 Create crypto map statements for each ACL entry with the mor e protective tunnel mode set by default. Match statements r ender associated ACLs bi-directional: XSR(config)#crypto map test 101 XSR(config)#set transform-set ez-esp [...]

  • Page 77

    XSR Rebooting Characteristics XSR Getting Started Guide 3-33 CPU: Broadcom BCM1250 Rev 2 VxWorks version: VxWorks5.4.2 Bootrom version: 1.5 Creation date: Aug 26 2003, 10:12:36 Warm Start : from cli Testing Bootrom Integrity << PASSED >> auto-booting... Verifying flash:xsr3000.fls file ... Router S/W size=11989192 sum=0xedd1 compressed_[...]

  • Page 78

    XSR Rebooting Characteristics 3-34 Software Configuration Power-Up Reboot If you power cycle the XSR by flipping the switc h on the back panel, the XS R will cold r eboot. The startup-config file stor ed in Flash becomes the r unning configuration. Reload Command from the CLI Y ou can reboot the XSR firmwar e by issuing the com mand reload <cold[...]

  • Page 79

    Bootrom Monitor Mode Commands XSR Getting Started Guide 3-35 • Bootrom is valid. • The software image in Flash is valid. Bootrom Monitor Mode Commands Bootrom monitor mode of fers special user access when the XSR lacks val id softwar e or runs abnormally . Enter the mode by pressing the key combination ( CTRL-C ) during the first five seconds o[...]

  • Page 80

    Bootrom Monitor Mode Commands 3-36 Software Configuration XSR-3020:bp Enter current password: Enter new password: ****** Re-enter new password: ****** Password has changed. bu This command updates the bootrom from a local file. Y ou are pr ompted to enter data by the following script. When the “ Proceed with erasing Bootrom in flash ...” stat e[...]

  • Page 81

    Bootrom Monitor Mode Commands XSR Getting Started Guide 3-37 copy This command copies a file using the syntax copy <source name> <destination name> . Y ou can copy files from flash: to cflash: and vice versa. da This command shows system date/time with the sample output below: XSR-3020:da Date: Thursday, 29-MAY-2003. Time: 10:14:07 df T[...]

  • Page 82

    Bootrom Monitor Mode Commands 3-38 Software Configuration ff This command formats the Flash f ile system. W e recommend that you first save any .dat, .cert, .cfg , and your startup-config files t o cflash: or a PC since any fil es in flash: will be deleted. Y ou are pr ompt ed to enter data by the following script: XSR-3020: ff You will lose all fi[...]

  • Page 83

    Bootrom Monitor Mode Commands XSR Getting Started Guide 3-39 Local target name (robo1) : Autoboot (yes) : Quick boot (no) : Permanently save the network paramet ers? (y/n) ns This command saves a file over the network using a remote IP addr ess/file path. remove This command removes a file using the syntax remove <sour ce name> <destinatio[...]

  • Page 84

    Bootrom Monitor Mode Commands 3-40 Software Configuration BadVAddr=08112233 PP - Crashed Task Stack (sp=85febb90 ): 0x85feb790 ffffffff 00000000 00 000008 ffffffff 0x85feb7a0 00000000 00000001 00 000000 00000001 0x85feb7b0 00000000 8214ab00 00 00000a 82142ee0 0x85feb7c0 ffffffff 85feb7c0 ff ffffff bf3285a4 0x85feb7d0 00000000 00000002 ff ffffff 85f[...]

  • Page 85

    Bootrom Monitor Mode Commands XSR Getting Started Guide 3-41 Local target name : XSR1 Autoboot : enabled Quick boot : no Current GigabitEthernet 0 MAC addres s is: 00:01:f4:2b:3e:1b Current GigabitEthernet 1 MAC addres s is: 00:01:f4:2b:3e:1c Current GigabitEthernet 1 MAC addres s is: 00:01:f4:2b:3e:1d sv This command shows the bootr om version wit[...]

  • Page 86

    Bootrom Monitor Mode Commands 3-42 Software Configuration[...]

  • Page 87

    A-1 A Specifications System S pecifications This appendix details XSR data about har dware functionality including : • Process or , system memory , chassis, powe r supply , interfaces • Required cabling, optional Comp actFlash and other accessories • Pinout assignments for W AN and LAN interfaces •L E D b e h a v i o r Refer to tables throu[...]

  • Page 88

    Cable, CompactFlash and Accessory Specifications A-2 Cable, Comp actFlash and Accessory Specifications Refer to the following table for s pecifications of cables, CompactFlash and accessories for the XSR. This equipment can all be obtained separately fr om Enterasys Networks or thr ough any computer supply retailer . Power Consum ption T ypical val[...]

  • Page 89

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-3 2-port sy nch/asynch card 4-port sy nch/asynch card 68-pin, male SCSI III NIM-SER-02 NIM-SER-04 Serial NIM cards 6’ DB-15, X.21 DTE, twisted-pair cab le NIM-X21-CAB-04 Serial link to high speed serial line: 2 or 4 port 6’ DB-25, EIA -232/530 DTE twisted -pair cable N[...]

  • Page 90

    Cable, CompactFlash and Accessory Specifications A-4 COM (Console) Po rt The XSR comes equipped with a COM serial port useful for initial configuration and management. Using a serial ( null modem) cable, you can attach the router ’s DB-9 COM port to a data terminal port and directly configur e the XSR over th e asynchro nous connection. Then, ope[...]

  • Page 91

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-5 GigabitEtherne t Port s The XSR comes equipped with three GigabitEthernet (LAN) ports that support full-duplex 10, 100, or 1000 Mbps transmission. The ports conform to IEEE 802.3 standar d s with 8-pin modular RJ-45 connectors. Because these ports ha ve internal MDI cr o[...]

  • Page 92

    Cable, CompactFlash and Accessory Specifications A-6 Copper/Fiber-optic Ethernet NIMs The single-port Copper or Fiber - optic Ethernet NIMs, shown in Figure A-3 and Figure A-4 , provide interfaces for half and full-d uplex 10/10 0Base-T or fiber-optic 100Base-F transmission over LAN or W AN networks, respectively . The Co pp er Ethernet NIM incorpo[...]

  • Page 93

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-7 2/4-Port Serial NIM Card Port The High Speed Serial NIM car d, as shown in Figure A-6 , provides a W AN interface supporting a serial link to four differ ent types of DTEs: DB-15, 25 , 37, and V . 35. This interface supports dual and quad traffic up to 8 Mbps. Figure A-6[...]

  • Page 94

    Cable, CompactFlash and Accessory Specifications A-8 Figure A-8 E IA-232/5 30 DTE Pin Assignments 17 18 19 3 RxD2 + RxD 2 1 2 3 11 5 10 4 7 6 8 12 13 15 16 9 14 6 22 3 16 2 14 4 19 5 13 15 12 17 9 7 20 23 1 DSR0+ DS R0 - RxD0 + RxD 0- TxD 0 + TxD0- RTS 0 + RT S0- CTS 0 + CT S0- TxC 0 + TxC0- RxC0 + RxC 0- Si gnal GND Shield GND Si gnal GND DTR 0 + [...]

  • Page 95

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-9 Figure A-9 EIA-449 DTE Pin Assignment s 17 18 19 27 21 1 2 3 11 5 10 4 7 6 8 12 13 15 16 9 14 11 29 6 24 4 22 7 25 9 27 5 23 8 26 37 12 30 1 ON0+ ON0- RD0+ RD 0 - SD0+ SD 0 - RS0+ RS 0 - CS0+ CS 0 - ST0+ ST0 - RT0+ RT0 - SG0 Shie ld GND RC0 TR0+ TR 0 - 35 36 37 45 39 44 [...]

  • Page 96

    Cable, CompactFlash and Accessory Specifications A-10 Figure A-10 Combined V .35/EI A-232/530 DTE Pin Assignment s 1 2 3 11 5 10 4 7 6 8 12 13 15 16 9 14 3 16 2 14 4 19 5 13 15 12 17 9 7 20 23 1 RxD3+ RxD3- TxD3+ TxD3- RTS3+ RTS3- CTS3+ CTS3- TxC3+ TxC3- RxC3+ RxC3- Signal GND Signal GND DTR3+ DTR3- J1 J2 6 22 DSR3+ DSR3- 35 37 45 39 44 38 49 40 50[...]

  • Page 97

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-11 Figure A-1 1 V .35 DTE Pin Assignment s 17 19 27 21 1 3 11 5 10 4 15 6 16 12 13 9 14 E R T P S C D Y AA V X B H A DSR 0 RD0+ RD 0 - SD0+ SD 0 - RTS 0 CTS 0 SC T 0 + SC T0- SCR0 + SC R 0 - Si g nal GND Shield G ND Si g nal GND 35 37 45 39 44 38 40 46 47 49 50 43 48 J1 J2[...]

  • Page 98

    Cable, CompactFlash and Accessory Specifications A-12 T1/E1/ISDN PRI NIM Card Port s The T1/E1/ISDN PRI NIM comes equipped with either 1, 2 or 4 Ethernet (W AN) ports that support fractional T1/E1 transmissi on in full-channel, fractional or u nchannelized format with 8- pin modular RJ-48C connectors and includ e a built-in DSU/CSU, as shown in Fig[...]

  • Page 99

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-13 Balun for E1 or PRI NIM Cards Some overseas electrical systems r equire that yo u use a balun and grounding shunt when utilizing an E1 or PRI NIM card on the XSR. A balun is an adapte r employed to connect a 75-ohm coaxial cable pair (2 BNC connectors) to a 120- ohm twi[...]

  • Page 100

    Cable, CompactFlash and Accessory Specifications A-14 Inst alling Shunt/T erminal Strip T o install the shunt or terminal strip, attach two dual-pin units vertically to each four-pin jumper (P2, P3, P4, or P5) corresponding to the RJ-48C port using a balun, as shown in Figure A-16 . Any other RJ-48C ports on the NIM car d connected to 120-ohm lines[...]

  • Page 101

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-15 T3/E3 NIM Card The T3/E3 full and sub-rate NIM, as shown in Figur e A-17 , is equipped with 1 Ethernet (W AN) port that supports fractional T3 /E3 transm ission in un-channelize d or clear channel mode with BNC connectors. User data ar e encapsulated in HDLC packets bef[...]

  • Page 102

    Cable, CompactFlash and Accessory Specifications A-16 1/2-Port BRI-S/T NIM Card Port s The XSR offers a serial NIM car d for 1 or 2 W A N interfaces over an ISDN-S/T BRI line, as shown in Figure A -18 . Port 0 and 1 LEDs shine when the li nes are active and r eady to r eceive traf fic. Refer to Figure A-19 for pinout assignments. Figure A-18 ISDN B[...]

  • Page 103

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-17 T ermination Shunt for the ISDN BRI-S/T NIM Card ISDN BRI-S/T terminal equipment devices may be connected at ra ndom points of the cable in point-to-point or point-to-multipoint configuratio ns. Line termination resistors must be pr ovided at both ends of the transmit/r[...]

  • Page 104

    Cable, CompactFlash and Accessory Specifications A-18 1/2-Port BRI-U NIM Card Port s The XSR provides a serial NIM car d for 1 or 2 W A N interfaces over an ISDN BRI-U line, as shown in Figure A- 21 . The Port 0 and 1 LEDs shine when the line s are active and ready to r eceive traffic. Figure A-21 ISDN BR I-U NI M Card (RJ-49C port s shown) Refer t[...]

  • Page 105

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-19 1-Port ADSL NIM Card Port The XSR’s Asymmetric Digital Subscriber Line (A DSL) NIM card, as shown in Figur e A-23 , provides 1 W AN port on an ADSL over POTS (A nnex A/C) or ISDN (Annex B) line with a 6-pin RJ-1 1 connector . The ADSL NIM supports both G. dmt and G.li[...]

  • Page 106

    Cable, CompactFlash and Accessory Specifications A-20 T1/E1 Drop & Insert (D&I) NIM The XSR’s 2-port T1/E1 D& I NIM card, as shown in Figur e A-25 , is designed as an intermed iary between the Central Of fice T1/E1 line and a PBX. It de-couples Channel Associated Si gnaling (CAS) and V oice DS0 timeslots and redirects them to a PBX, a[...]

  • Page 107

    Cable, CompactFlash and Accessory Specifications XSR Getting Started Guide A-21 Comp actFlash Memory Card The optional plug-in CompactFlash (CF) memory card, shown in Figure A-27 , comprises a single chip controller and flash memory modules in a matchbook-sized package with a 50-pin, PC MCIA connector consisting of two r ows of 25 female contacts e[...]

  • Page 108

    Cable, CompactFlash and Accessory Specifications A-22 PWR ON XSR is powered up and Bootrom initi alized OFF XSR is powered down VPN ON/OFF VPN tunnel is up/No tunnel con nected COM(munication) Blinking/OFF Port is transmitting or receiving data/idle Ethernet Port 1, 2, 3 Amber only ON 10Base-T link is auto-detected Green only ON 100Base-T link is a[...]

  • Page 109

    Index-1 Index B Balun description A-13 Balun adapter A-3 BRI S/T card part numbers A-3 BRI S/Tpin assignments A-16 BRI U card part numbers A-3 BRI-U pin assignme nts A-18 , A-19 , A-20 Broadcom 1250 processor 1-2 C cable/accessory guide A-2 cabling part numbers A-2 Canadian notices iii channelized card specifications A-3 chassis dimensions 1-2 spec[...]

  • Page 110

    Index-2 how to attach the Ethernet serial cable 2-10 how to attach the internal power supply cord 2-12 how to attach the serial COM (console) cable 2-7 how to attach the WAN cables 2-7 how to configure Frame Relay 3-15 how to configure IP routing 3-14 how to configure the C OM port A-4 how to enable Web access 3-18 how to install a Co mpactFlash ca[...]