Planet Technology ERT-805 инструкция обслуживания

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104

Идти на страницу of

Хорошее руководство по эксплуатации

Законодательство обязывает продавца передать покупателю, вместе с товаром, руководство по эксплуатации Planet Technology ERT-805. Отсутствие инструкции либо неправильная информация, переданная потребителю, составляют основание для рекламации в связи с несоответствием устройства с договором. В законодательстве допускается предоставлении руководства в другой, чем бумажная форме, что, в последнее время, часто используется, предоставляя графическую или электронную форму инструкции Planet Technology ERT-805 или обучающее видео для пользователей. Условием остается четкая и понятная форма.

Что такое руководство?

Слово происходит от латинского "instructio", тоесть привести в порядок. Следовательно в инструкции Planet Technology ERT-805 можно найти описание этапов поведения. Цель инструкции заключается в облегчении запуска, использования оборудования либо выполнения определенной деятельности. Инструкция является набором информации о предмете/услуге, подсказкой.

К сожалению немного пользователей находит время для чтения инструкций Planet Technology ERT-805, и хорошая инструкция позволяет не только узнать ряд дополнительных функций приобретенного устройства, но и позволяет избежать возникновения большинства поломок.

Из чего должно состоять идеальное руководство по эксплуатации?

Прежде всего в инструкции Planet Technology ERT-805 должна находится:
- информация относительно технических данных устройства Planet Technology ERT-805
- название производителя и год производства оборудования Planet Technology ERT-805
- правила обслуживания, настройки и ухода за оборудованием Planet Technology ERT-805
- знаки безопасности и сертификаты, подтверждающие соответствие стандартам

Почему мы не читаем инструкций?

Как правило из-за нехватки времени и уверенности в отдельных функциональностях приобретенных устройств. К сожалению само подсоединение и запуск Planet Technology ERT-805 это слишком мало. Инструкция заключает ряд отдельных указаний, касающихся функциональности, принципов безопасности, способов ухода (даже то, какие средства стоит использовать), возможных поломок Planet Technology ERT-805 и способов решения проблем, возникающих во время использования. И наконец то, в инструкции можно найти адресные данные сайта Planet Technology, в случае отсутствия эффективности предлагаемых решений. Сейчас очень большой популярностью пользуются инструкции в форме интересных анимаций или видео материалов, которое лучше, чем брошюра воспринимаются пользователем. Такой вид инструкции позволяет пользователю просмотреть весь фильм, не пропуская спецификацию и сложные технические описания Planet Technology ERT-805, как это часто бывает в случае бумажной версии.

Почему стоит читать инструкции?

Прежде всего здесь мы найдем ответы касательно конструкции, возможностей устройства Planet Technology ERT-805, использования отдельных аксессуаров и ряд информации, позволяющей вполне использовать все функции и упрощения.

После удачной покупки оборудования/устройства стоит посвятить несколько минут для ознакомления с каждой частью инструкции Planet Technology ERT-805. Сейчас их старательно готовят или переводят, чтобы они были не только понятными для пользователя, но и чтобы выполняли свою основную информационно-поддерживающую функцию.

Содержание руководства

  • Страница 1

    Serial W AN Router ER T -805 User ’ s M an u al[...]

  • Страница 2

    2 T rademarks Copyright  PLANET Technology Corp. 2004. Conten t s subject to revision w ithout prior no t ice. PLANET is a registered trademark o f PLANET Technology Corp. All o t her tradema r ks belon g to their respective o w ners. Disc l aim e r PLANET Technology does no t w arrant that the hard w are w ill w ork properly in all envi r onmen[...]

  • Страница 3

    3 T A BLE OF CONTENTS Chapter 1 Introductio n ........................................................................................................... .1 1.1 C HECKLIST ........................................................................................................................ .1 1.2 A BOUT ER T -80 5 ................................[...]

  • Страница 4

    4 4.7 X.2 5 P ROTOCOL ............................................................................................................. . 33 4.8 F RAME R ELAY P ROTOC OL ................................................................................................ . 37 Chapter 5 S e curi t y ...........................................................[...]

  • Страница 5

    1 Chapter 1 I ntroduction 1.1 Checklist T han k y o u f or purcha s in g Pl a net ’ s E R T -805 En t erprise Se r i a l R o ute r . Be f ore c ontin u ing , pl e ase chec k the cont e n t s o f y our p ac k age f or f oll o wi n g p ar t s: Ø E R T -805 Se r i a l W AN Router Ø P o w er Cord Ø DB9 ad a pter Ø RJ-45 to RJ-4 5 m od e m cable ?[...]

  • Страница 6

    2 Ø E R T -805 sup p or t s SNMP a nd can be m anag e d b y u s ing SNM P m anage m ent software 1.3 Pr o duct Fea t ure Ø Su p port PP P , F R , X.25 , H D LC, L APB, SD L C, SLI P an d S t u n Ø Co m plies w i t h I EEE8 0 2.3 1 0Base- T , IEEE 8 02 . 3u 10 0 Base- T X S t andard Ø One seri a l WAN port, on e RJ-45 10 / 10 0 Mb p s L AN p o r[...]

  • Страница 7

    3 P o w er In p ut 100 ~ 2 4 0 V AC (+/- 1 0%); 5 0/60 H z ( +/-3%) a uto-sensi n g P o w er Consu m ption 10 w a tts / 3 4B T U Di m ensions 217 x 1 35 x 4 3 m m (1U height) W eight 1 Kg T e m perature 0 to 50 d egr e e C (o p era t in g ) -20 to 70 d egr e e C (stora g e) Hu m idi t y 10 ~ 90 % RH ( n on-con d e n sing) Reg u la t o r y FCC, CE c[...]

  • Страница 8

    4 Chapter 2 HARDWARE I NSTALLATION 2.1 Pack a ge Co n tents Ite m includes wit h ER T -80 5 serial r outer. Ø E R T -805 Se r i a l W AN Router Ø P o w er Cord Ø DB9 t o RJ-45 c h an g er Ø Console ca b le Ø Quic k Ins t alla t io n Guide an d CD-ROM 2.2 ERT-805 outlook 2.2. 1 Front Pa n el P WR 100 SYN C A S Y NC E n t e r p ri s e W A N R ou[...]

  • Страница 9

    5 Green blink This indicator light blink w hen packe t s is transmit LNK/ ACT Green This indicator light green w hen port is connec t ed Green This indicator light green w hen port is connect w ith serial port Serial Blink This indicator light blink w hen packe t s is transmit Green blink Configu r ation p r ocess Console Ligh t s O f f Not in con [...]

  • Страница 10

    6 2.3 Installation r equi r e m ents & Physical Installati o n T o install th e ER T -805 se r ial ro u ter, t he f oll o wing is r e quir e d: Ø An Et h ernet d e vice , h u b or s w itch w ith a f ree MDI-X RJ-45 i n ter f ace Ø One Ca t ego r y 3 , 4, 5, EIA 5 68A str a i g ht U T P ca b le wi t hin 10 0 m eters Ø T he a s y nchro n ous m[...]

  • Страница 11

    7 A v a il a ble co n nection is as tables b e l o w: W A N Option W A N En c a p sulation RS-2 3 2 X.21 V . 2 4 V . 3 5 Lin k control (H D LC) or pp p Fr a m e-rel a y X.25 2.3.4 Power on the device E R T -805 accep t s p o wer i np ut f r o m 100 to 2 40 V AC, 50 / 60 H z p o wer source. Be f ore connect t he p o w er c a bl e to t he r o ute r ,[...]

  • Страница 12

    8 Chapter 3 Command Line Interface T his chapter describes t he basic co m m ands to access the rou t er thr o ugh c o nsol e inter f ace o r tel n et. Be no t ed i f y ou w a nt to l o gin t o E R T -805 thr o ugh t h e telnet, t hen e n ab l e p ass w ord m u st be con f igur e . T he user can i n put s y s t e m c o m m and con f iguri n g s y s[...]

  • Страница 13

    9 ERT_805> ? disable Turn off privileged commands, enter GUEST user mode enable Turn on privileged commands exit Exit from the EXEC help Description of the interactive help system logout Exit from the EXEC pad Open a X.29 PAD connection ping Send echo messages ppp Start IETF Point-to-Point Protocol (PPP) schedule Schedule one task show Show runn[...]

  • Страница 14

    10 clockrate 48000 ! ERT_805(config-serial0/0)# 3.4 Ctrl- Z , Ctrl - C and exit T o exit f r o m the con f iguration m ode direc t l y to privile g e m ode, y o u sh o ul d t y p e Ct rl-Z or Ctrl- C or t y p e exit. C trl-C c a n b e av a ila b l e i n o the r occasi on s .For exa m pl e i t ca n sto p th e curren t opera t i o n t h at h asn ’ [...]

  • Страница 15

    11 tel n et. I f con f igures li k e bel o w , t he s y s t e m w ill o n l y ask f or p ass w ord w h en a n y o ne access. For exa m ple set the p as s w ord as “ 1234 ” . ERT805> enable ERT805# config t ERT805(config)# enable password 1234 ERT805(config)#line vty 0 4 ERT805 (con f ig-li n e)# lo g i n ERT805(config-line)# password cisco E[...]

  • Страница 16

    12 Router Software Version 4.2c on Hex_1f73 (3805a) User Access Verification Username: rr Password: (type the password cisco) ERT805> 3.7 Pas s word E n cryption Securi t y is a m ost i m por t ant issue f or all t h e co m p a n y in th e w orld b ecause a ll th e s y s t e m is requir e p as s w ord t o pro t ec t i m por t ant in f or m ation[...]

  • Страница 17

    13 crypto isakmp key 12345678 address 10.0.0.2 255.255.255.192 ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.1 255.255.255.192 crypto map dynmap clockrate 48000 ! interface async 0/0 ! line vty 0 5 login password 7 wAVcXxom8sGSOA ! ip route 0.0.0.0 0.0.0.0 10.0.0.2 ! a[...]

  • Страница 18

    14 Chapter 4 Router Communication Protocol 4.1 RIP- Router Information Pro to col T he routi n g in f or m ation Pr o tocol (R I P) is a dis t a nce-v e ctor protoc o l t h at us e d to e xchange routi n g in f or m ation be t we e n routers. R I P uses br o ad c ast User Da t a gra m Protoc o l (UDP) da t a p ac k e t s to exchange r o uti n g in [...]

  • Страница 19

    15 conver g ence . W henever a router ch a nges t he m etric o f a route, it is r e q u ired t o s e nd u pda t e m e ssages al m ost i mm edia t e l y 4.1.1.5 RIP Command router rip – e na b l e rip in glob a l con f igu r ation m ode v ersion - T o speci f y a R I P versi o n us e d g lo b all y b y t h e router ( versi o n 1 an d 2) auto-summa[...]

  • Страница 20

    16 Building configuration ... description fault service password-encryption service timestamps debug ! hostname ERT_805 ! enable password 7 3EDRIxtqRWCA ! username router password 7 65WeJR6evnrR3mP crypto ipsec transform-set transform-1 esp-3des esp-md5-hmac ! crypto map dynmap 1 ipsec-isakmp set transform-set transform-1 set peer 10.0.0.2 match ad[...]

  • Страница 21

    17 network 10.0.0.0 network 192.168.99.0 ! line vty 0 5 login password 7 wAVcXxom8sGSOA ! ip route 0.0.0.0 0.0.0.0 10.0.0.2 ! access-list 100 per m it ip 192.168.99.0 0 . 0.0.255 192.168.98.0 0.0.0.255 ! end ERT_805# ERT_805# show ip route Codes: A--all O--ospf S--static R--rip C--connected E--egp T--tunnel o--cdp D--EIGRP [Distance/Metric] g<Gr[...]

  • Страница 22

    18 Bind-interface – e na b le E I GR P protoc o l o n so m e int e r f ace Dis t ance – de f i n e a n a d m i nistrativ e d is t ance Distribute-list – f ilter ne t works in rou t in g u p dates M etric/e – m odi f y EI R E P r o uti n g m etrics and p ara m et e rs Pa s si v e-interfa ce - T o disable s e n d ing r ou t ing up d at e s on[...]

  • Страница 23

    19 authentication pre-share group 1 hash md5 ! crypto isakmp key 12345678 address 10.0.0.2 255.255.255.192 ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.1 255.255.255.192 crypto map dynmap ip hold-time eigrp 1 20 clockrate 48000 ! interface async 0/0 ! router eigrp 1 n[...]

  • Страница 24

    20 in f or m ation be t we e n n o n- b ac k bone areas S tub area – t his ar e a d o n o t accept ro u ter t h at b elong t o extern a l a ut o no m ous s y s t e m (AS). T he routers in st u b ar e a u s e a d e f ault r o ute to r e ach o u t side au t ono m ous s y s t e m . T o t all y stubby area – T his area t h at d oes n ot acce p t ro[...]

  • Страница 25

    21 are a area - id authentificat i on -speci f y ing the au t he n ti f ication t y p e is single a ut he nti f ication area area - id authentificat i on messa g e-digest -speci f y ing t he aut h en t i f icati o n t ype is C r y pt o gra p hic a ut h en t icati o n*/ area area - id stub [no-summar y ] - spe c i f y i n g t h e ar ea is stub area*[...]

  • Страница 26

    22 Password: ERT_805# show run Building configuration ... service password-encryption service timestamps debug ! hostname router ! enable password level 15 7 aNTUS0QSfz8T ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation hdlc ip address 10.0.0.1 255.255.255.192 ip ospf priority 255 clockrate 48[...]

  • Страница 27

    23 Ø PP P has a m etho d f or enc a p sula t in g m ulti-protoc o l d atagra m s Ø Lin k Contr o l P r otoc o l (L C P) es t ablishes, c o n f igures, au then t icates and testing t he da t a-lin k connection. Ø Ne t w or k Control Pro t ocol ( NCP) es t a blish a n d con f i gu re dif f erent ne t w or k -l a y er protocol. PP P pr o vi d es t [...]

  • Страница 28

    24 enca p sulation ppp – enc a p sula t io n s t y le t o p p p s t y le (inter f ace co m m and) ppp authentication [ p ap | chap - e n able t h e P A P or C HA P a ut h en t ication userna m e user n a me p ass w ord p ass w ord [ca l lba c k-dialstring] – ad d th e user n a m e and p ass w or d o f the peer in t o t he local use r . C all b [...]

  • Страница 29

    25 hostname router ! enable password level 15 7 aNTUS0QSfz8T ! username ERT-805 password 7 SBFV4NgG60tV ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.1 255.255.255.192 ppp authentication chap clockrate 48000 ! interface async 0/0 ! line vty 0 4 login password 7 hd3cpRj[...]

  • Страница 30

    26 ip address 192.168.98.63 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.2 255.255.255.192 ppp authentication chap ! interface async 0/0 ! line vty 0 4 login password 7 o2EUq2a6AFiY4D ! ip route 192.168.99.0 255.255.255.0 10.0.0.1 ! end P AP e xample outer# show run Building configuration ... service password-encryption [...]

  • Страница 31

    27 interface async 0/0 ! line vty 0 4 login password 7 hd3cpRj4s14LeA ! ip route 192.168.98.0 255.255.255.0 10.0.0.2 ! end router# ERT-805# show run Building configuration ... service password-encryption service timestamps debug ! hostname ERT-805 enable password 7 5EVbxkwzBvfT ! username router password 7 qBjbURagjK0L ! interface fastethernet 0/0 [...]

  • Страница 32

    28 ! ip route 192.168.99.0 255.255.255.0 10.0.0.1 ! end ERT-805# 4.5 HD L C Proto c ol Onl y wh e n t h e inter f ace o p erates in t h e s y n c hron o us m ode, can it b e e ncaps u la t ed with HDLC. enca p sulation hd l c – en c a p sul a ti o n with h d lc t y p e router# show run Building configuration ... service password-encryption servic[...]

  • Страница 33

    29 end router# router# debug hdlc s0/0 router# 03:59.544 %serial0/0 Hdlc Port debug turn on 04:01.399 serial0/0 HDLC O(len=162):CDP 01 b4 cc 27 00 01 00 0a 72 6 f 75 74 65 04:01.399 72 00 02 00 11 00 00 00 01 01 01 cc 00 04 0a 00 00... 04:03.094 serial0/0 HDLC I(len=22):lmi peer_seq=155,local's=159 04:03.753 %HDLC serial0/0 Keepalive 04:03.753[...]

  • Страница 34

    30 router# no 05:13.094 serial0/0 HDLC I(len=22):lmi peer_seq=162,local's=166de 05:13.753 %HDLC serial0/0 Keepalive 05:13.753 serial0/0 HDLC O(len=22):lmi local_seq=167,peer's=162 4.6 SNA 4.6.1 Introduction S w itch- t o-Switch Protoc o l ( SSP) is a protoc o l s p eci f ie d in t he D LSw s t an d ard t h at routers use to es t a b lis h[...]

  • Страница 35

    31 sdlc ro l e – es t a b lish r o le o f the in t er f ace sdlc-lar g est-fra me - S e t t h e lar g est I- f r a m e si z e t hat c an b e sent or receiv e d b y t he desi g nat e d SDLC s t a ti o n sdlc s i mul t aneous [full-datemode | h alf-da t amode] - full-datemode is e na b le t he pri m a r y s t atio n to s e nd d a t a t o a nd recei[...]

  • Страница 36

    32 hostname RouterA ! source-bridge ring-group 2000 dlsw local-peer peer-id 150.150.10.2 dlsw remote-peer 0 TCP 150.150.10.1 ! interface serial 8 IP address 150.150.10.2 255.255.255.192 clockrate 56000 ! interface tokening 0 no Ip address ring-speed 16 source-bridge 500 1 2000 source-bridge spanning Configuration for Router B hostname RouterB ! dls[...]

  • Страница 37

    33 4.7 X.25 Pr o toco l T he X.25 protoc o l is de f in e s the co n nection b e t w e en d a t a ter m inal eq u ip m ent (D T E) a n d circuit-ter m inati n g e q uip m e nt (DCE). X . 25 is the proto c ol o f p o int- t o-p o int in t eraction b e t w e en D T E and D C E e q u ip m ent. D T E usuall y r e f ers to the h ost or ter m inal a t t [...]

  • Страница 38

    34 t y p es o f VC, which is per m ane n t virtu a l circ u it (PVC) a nd s w itc h virtu a l circuit (SVC). T he dif f erent be t w e en PV C a n d SV C is PVC is per m anen t ly esta b lish e d co n nections u sed f or f requent a nd c o nsisten t da t a trans f ers and n ot us e call setup and c a ll clear. enca p sulation x25 [d c e | d te] –[...]

  • Страница 39

    35 X. 2 5 f a c il i t y f a c ilit y -n u m b er wi ndow s i ze in- s i z e out-si z e Requ e st re ver s e c h arging while ini tiatin g a ca ll X. 2 5 f a c il i t y f a c ilit y -n u m b er re ver se Requ e st t h rough p u t -le ve l negoti a tio n w hile initiating a ca ll X. 2 5 f a c ilit y f acilit y -n u m b er t h rou g hpu t i n out Net[...]

  • Страница 40

    36 x25 address 8 7 65 4 321 x25 m ap ip 10. 1 .1. 2 1 23 456 7 8 cloc k rate 9600 Router2 : inter f ace seri a l 1 enca p sula t io n x25 d t e ip add r ess 10.1 . 1.2 25 5. 255 . 0.0 x25 address 1 2 34 5 678 x25 m ap ip 10. 1 .1. 1 8 76 543 2 1 A c c e ss p a c ket s w itching net w ork s1: 1 4.1 . 1.1/ 24 x1 2 1:1 4 111 Ro u ter1 X25 s 1:14 . 1[...]

  • Страница 41

    37 x25 m ap ip 14. 1 .1. 2 14 1 1 2 Set up net w ork w ith PVC Router1 : inter f ace seri a l 1 enca p sula t io n x25 ip add r ess 14.1 . 1.1 25 5. 255 . 255 . 0 x25 address 14 1 1 1 x25 ltc 3 x25 pvc 1 ip 14. 1 .1.2 x25 pvc 2 ip 14. 1 .1.3 Router2 : inter f ace seri a l 1 enca p sula t io n x25 ip add r ess 14.1 . 1.2 25 5. 255 . 255 . 0 x25 [...]

  • Страница 42

    38 T he f r a m e rel a y s w itch , w h ich is respo n ds o n e or m ore LMI t y p es. T here are thr ee dif f erent LMI t y p es: cisco, an s i a nd q93 3 a. enca p sulation frame-rel ay – e nca p sulation f ra m e rel a y t y p e o n seri a l inter f ac e frame-rel a y map ip proto c ol a ddress dlci [br o adc a st | gate wa y -do w n | interf[...]

  • Страница 43

    39 S1:192.1.1.2 / 24 S1:192.1.1.1 / 24 E1:142.10.2. 7/24 E1:142.10.3. 7/24 142.10.2.6/ 24 142.10.3.6/ 24 FR 142.10.4.6/ 24 S1:192.1.1.3 / 24 E1:142.10.4. 7/24 16 17 16 16 host_a host_ c host_b Router1 Router3 Router2 Figure 2-1 Configuration Example (1) Route r 1 C o n f igura t io n: Router1>enable Router1#conf term Router1 (config)#interface s[...]

  • Страница 44

    40 Router2#conf term Router2 (config)#interface s1 Router2 (config-if)#enca fram Router2 (config-if)#no sh Router2 (config-if)#Ip addr 192.1.1.2 255.255.255.0 Router2 (config-if)#fram first-dlci 16 Router2 (config-if)#fram map IP 192.1.1.1 16 Router2 (config-if)#exit Router2 (config)#int e1 Router2 (config-if)#no shut Router2 (config-if)#Ip addr 14[...]

  • Страница 45

    41 Chapter 5 Security 5.1 Access-list T he purpose f or access-list is p ac k et f ilteri n g to co n trol , w h ich p ac k e t s m ove thro u gh the ne t wor k . Such control c a n h el p li m it ne t w o r k tr a f f ic and restrict ne t wor k use b y cer t ai n user or d e vice. Access-list is use as a p ac k et f ilt e r , t h is f uncti o n h [...]

  • Страница 46

    42 ip address 10.0.0.2 255.255.255.192 ip access-group 1 out clockrate 48000 ! interface async 0/0 ! router rip network 192.168.98.0 network 10.0.0.0 ! line vty 0 4 login password 7 o2EUq2a6AFiY4D ! ip route 0.0.0.0 0.0.0.0 10.0.0.1 ! access-list 1 permit host 192.168.98.62 access-list 1 permit host 192.168.98.63 access-list 1 permit host 192.168.9[...]

  • Страница 47

    43 enable password 7 5EVbxkwzBvfT ! username router password 7 qBjbURagjK0L ! interface fastethernet 0/0 ip address 192.168.98.63 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.2 255.255.255.192 ip access-group 100 out clockrate 48000 ! interface async 0/0 ! router rip network 192.168.98.0 network 10.0.0.0 ! line vty 0 4 l[...]

  • Страница 48

    44 5.2 NAT – Ne t w o rk A d dress Tran s lation I P add r ess de p le t ion is a m ain pro b le m that f acing in t he p ublic n et w or k . N A T (networ k address transla t i o n) is a s o lu t i o n t ha t all o w s t he I P ne t wor k o f a n org a niza t i o n to ap p ear f ro m the ou t side t o use dif f erent I P address t h en it o w n [...]

  • Страница 49

    45 St atic N A T Configuratio n ERT-805# show run Building configuration ... service password-encryption service timestamps debug ! hostname ERT-805 ! enable password 7 5EVbxkwzBvfT ! username router password 7 qBjbURagjK0L ! interface fastethernet 0/0 ip address 192.168.98.63 255.255.255.0 ip nat inside ! interface serial 0/0 encapsulation ppp ip [...]

  • Страница 50

    46 ERT-805# Figure of st a t i c N A T e x a m p le resu l t ERT-805# show ip nat translations Total 1 NAT translations Pro Inside Local Inside Global Outside Global TTL --- 192.168.98.62:0 10.0.1.1:0 ERT-805# D y nami c N A T Configurat i on ERT-805# show run Building configuration ... service password-encryption service timestamps debug ! hostnam[...]

  • Страница 51

    47 ip address 10.0.1.1 255.255.255.192 secondary ip nat outside ip access-group 1 out clockrate 48000 ! interface async 0/0 ! router rip network 192.168.98.0 network 10.0.0.0 ! line vty 0 4 login password 7 o2EUq2a6AFiY4D ! ip nat pool overload 10.0.1.1 10.0.1.1 netmask 255.255.255.192 ip nat inside source list 1 pool overload overload ! access-lis[...]

  • Страница 52

    48 cr y pto i p s e c s e curi t y - as s ociation lifetime [ k ilo b y t e s | seconds ] – to m odi f y t he ti m e value whe n neg o ti a ti n g I p sec securi t y . cr y pto map m ap-na m e m ap nu m ber [ i p sec-i s akmp | i p sec-manual] – creat e a cr y pto m ap e n t r y . I p sec-isak m p is used to establish t h e I p sec securi t y f[...]

  • Страница 53

    49 cr y pto i s akmp k e y ke y string address p e er-address – con f igure p r eshare d au t h e ntica t io n ke y cr y pto i s akmp pol ic y prio r i t y – t o de f i n e I n terne t K e y exchang e (IKE) p o li c y - hash - encr y ption - group - authentication - lifetime sho w cr y pto i p s e c s a – s ho w s current co n nections an d i[...]

  • Страница 54

    50 match address 100 ! crypto isakmp policy 1 authentication pre-share group 1 hash md5 ! crypto isakmp key 12345678 address 10.0.0.2 255.255.255.192 ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.1 255.255.255.192 crypto map dynmap clockrate 48000 ! interface async 0/0[...]

  • Страница 55

    51 ! hostname router ! enable password 7 7JDUhlA4A907 ! username scott password 7 phTLTNmZFcwY3D crypto ipsec transform-set transform-1 esp-3des esp-md5-hmac ! crypto map dynmap 1 ipsec-isakmp set transform-set transfrom-1 set peer 10.0.0.1 match address 100 ! crypto isakmp policy 1 authentication pre-share group 1 hash md5 ! crypto isakmp key 1234[...]

  • Страница 56

    52 router# router# debug crypto isakmp router# 22:34.011 Crypto ISAKMP debugging is on router# term router# terminal m router# terminal monitor router# 23:03.993 IPSEC: SEND KEEYALIVE ON PEER 10.0.0.2 23:03.993 recv msg type=331, msg=08 0a 00 00 01 0a 00 00 02 23:03.993 recv Ipsec Msg 23:03.994 recv DPD req 23:03.994 creat a DPD struct 23:03.994 se[...]

  • Страница 57

    53 router# show crypto ipsec sa interface: serial0/0 Crypto map tag:dynmap, local addr:10.0.0.1 Local ident (addr/mask/prot/port):192.168.99.0/255.255.255.0/0/0 Remotel ident (addr/mask/prot/port):192.168.98.0/255.255.255.0/0/0 PERMIT,flags={origin_is_acl,} Current Peer:10.0.0.2 #pkts encaps:1160 ,pkts encrypts:1160, pkts digest:1160 #pkts decaps:1[...]

  • Страница 58

    54 Configure I p se c M anual bet w een routers Router 2 Router 1 eth: 1 92 . 168 . 98 . 63 s0/0 1 0.0 . 0.2 s0/0 10.0 . 0.1 et h :1 9 2.1 6 8.9 9 .64 Router 1 con f i g uration ERT-805# show run Building configuration ... service password-encryption service timestamps debug ! hostname ERT-805 ! enable password level 15 7 EJketQjD8uBh ! crypto ipse[...]

  • Страница 59

    55 ! router rip network 192.168.98.0 network 10.0.0.0 ! line vty 0 4 login password 7 iFEdTlElgPbW4D ! ! access-list 100 permit ip 192.168.98.0 0.0.0.255 192.168.99.0 0.0.0.255 ! end Router 2 con f i g uration ERT-805# router# show run Building configuration ... service password-encryption service timestamps debug ! hostname router ! enable passwor[...]

  • Страница 60

    56 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.1 255.255.255.192 crypto map dynmap ! interface async 0/0 ! router rip network 192.168.99.0 network 10.0.0.0 ! line vty 0 4 login password 7 hd3cpRj4s14LeA ! ip route 0.0.0.0 0.0.0.0 10.0.0.2 ! access-list 100 permit ip 192.168.99.0 0.0.0.255 192.16[...]

  • Страница 61

    57 match address 100 ! crypto map mm 1 ipsec-isakmp dynamic dy crypto isakmp policy 1 authentication pre-share hash md5 ! crypto isakmp key 1234 address 10.0.0.2 255.255.255.192 ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.1 255.[...]

  • Страница 62

    58 Building configuration ... service password-encryption service timestamps debug ! hostname ERT-805 ! enable password 7 uh4a5s35v9i6 ! crypto ipsec transform-set scott esp-des ah-md5-hmac ! crypto map mm 1 ipsec-isakmp set transform-set scott set peer 10.0.0.1 match address 100 ! crypto isakmp policy 1 authentication pre-share hash md5 ! crypto i[...]

  • Страница 63

    59 ! ip route 0.0.0.0 0.0.0.0 serial 0/0 ! access-list 100 permit ip 192.168.98.0 0.0.0.255 192.168.99.0 0.0.0.255 ! end ERT-805# router# show crypto ipsec sa interface: serial0/0 Crypto map tag:dynmap, local addr:10.0.0.1 Local ident (addr/mask/prot/port):192.168.99.0/255.255.255.0/0/0 Remotel ident (addr/mask/prot/port):192.168.98.0/255.255.255.0[...]

  • Страница 64

    60 crypto map: dynmap no sa timing: IV size: 8 bytes replay detection support: Y outbound pcp sas: router# GRE Examp l e Router 1 ERT-805> enable Password: ERT-805# show run Building configuration ... service password-encryption service timestamps debug ! hostname ERT-805 ! enable password 7 at1a2V/tbD6b ! crypto ipsec transform-set marc esp-3de[...]

  • Страница 65

    61 ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ! interface serial 0/0 encapsulation hdlc ip address 130.0.1.2 255.255.0.0 tunnel 10.0.0.1 10.0.0.2 ip address 10.0.0.1 255.0.0.0 secondary crypto map mm clockrate 128000 ! interface async 0/0 ! router rip version 1 network 192.168.99.0 network 10.0.0.0 ! line vty 0 31 ! access-[...]

  • Страница 66

    62 ! crypto map mm 1 ipsec-isakmp set transform-set marc set peer 10.0.0.1 match address 100 ! crypto isakmp policy 1 authentication pre-share hash sha ! crypto isakmp key 1234 address 10.0.0.1 255.0.0.0 ! interface fastethernet 0/0 ip address 192.168.98.63 255.255.255.0 ip nat inside ! interface serial 0/0 encapsulation hdlc ip address 130.0.1.1 2[...]

  • Страница 67

    63 access-list 1 permit 192.168.98.62 0.0.0.255 access-list 100 permit ip 10.0.0.0 0.0.0.255 192.168.99.61 0.0.0.255 ! end router# ERT-805# show ip route Codes: A--all O--ospf S--static R--rip C--connected E--egp T--tunnel o--cdp D--EIGRP, EX--EIGRP external, O--OSPF, IA--OSPF inter area N1--OSPF NSSA external type 1, N2--OSPF NSSA external type 2 [...]

  • Страница 68

    64 Ø Nei g hbor r o uter aut h en t ica t ion Ø Even lo g ging CBAC uses t i m eout an d th r esholds to d eter m ine ho w long t o m anage in f or m ation f or a session a n d when to dr o p t he sessi o n t h at con n ec t s is f ail e d. C BA C is o n l y c hec k w i t h T C P an d UD P b u t n o t I C M P . T he f oll o w ing exa m ple is sh [...]

  • Страница 69

    65 sho w ip inspect interfa c e – sh o w in t er f ace con f igura t ion with inspec t io n rule a n d access-list sho w ip inspect se s sion – dis p l a y t he curren t sessi o n th a t h a v e b e en es t a blish e d debug ip inspect e v en t s – dis p l a y t h e in f or m ation ab o ut CBAC even t s debug ip inspect ob j ect- c reation ?[...]

  • Страница 70

    66 ip route 0.0.0.0 0.0.0.0 10.0.0.1 ip inspect audit-trail ip inspect max-incomplete low 100 ip inspect max-incomplete high 120 ip inspect one-minute low 100 ip inspect one-minute high 120 ip inspect tcp synwait-time 50 ip inspect name test http ip inspect name test ftp ip inspect name test udp ip inspect name test tcp ip inspect name test smtp ip[...]

  • Страница 71

    67 25:54.379 CBAC: RCV TCP packet 192.168.99.61:21=>192.168.98.62:1412 serial0/0 25:54.569 CBAC: RCV TCP packet 192.168.98.62:1412=>192.168.99.61:21 fastethern 25:54.569 et0/0 25:58.813 CBAC: RCV TCP packet 192.168.98.62:1412=>192.168.99.61:21 fastethern 25:58.813 et0/0 25:58.850 CBAC: RCV TCP packet 192.168.99.61:21=>192.168.98.62:1412[...]

  • Страница 72

    68 29:37.201 CBAC: delete a session table (40235) 29:40.059 CBAC: delete a session table (40232) 29:45.059 CBAC: delete a session table (40230) 29:58.059 CBAC: delete a host session table 29:58.059 CBAC: delete a session table (40236) 5.5 Radius Secu r ity (AAA) AA A ( A uth e nticati o n Au t horization A ccount i ng) is t he w a y that all o w s [...]

  • Страница 73

    69 router# show run Building configuration ... service password-encryption service timestamps debug ! hostname router ! enable password 7 St3Yuxw1NBTq ! aaa authentication ppp scott radius aaa accounting network scott start-stop radius username scott password 7 1clZ5Mnm-XEu ! interface fastethernet 0/0 ip address 192.168.99.64 255.255.255.0 ! inter[...]

  • Страница 74

    70 radius-server host 192.168.99.63 ! end router# Router 2 ERT-805> enable Password: ERT-805# show run Building configuration ... service password-encryption service timestamps debug ! hostname ERT-805 ! enable password 7 uh4a5s35v9i6 ! interface fastethernet 0/0 ip address 192.168.98.63 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip [...]

  • Страница 75

    71 ip route 0.0.0.0 0.0.0.0 serial 0/0 ! end ERT-805# C H AP Examp l e Router 1 router# show run Buil d i n g con f igu r ation . . . service password-enc r y p ti o n service t i m es ta m p s debu g ! hostna m e router ! ena b le p assword 7 S t3 Y u x w1NB T q ! aaa authentication ppp s c ott radius aaa accounting net w ork s cott s t art-stop r[...]

  • Страница 76

    72 ! li n e v t y 0 4 login p ass w ord 7 k d W L6UX P kdPV/B ! ip ro u te 0 .0. 0 .0 0 .0 . 0.0 serial 0 /0 radius-server key 7 DRjQtY26F/tc radius- s er v er d ea d time 2 radius- s er v er retransmit 4 radius- s er v er host 19 2 .1 6 8.99 . 63 acct-port 1 646 auth-port 1645 ! end router# Router 2 ERT-805> enable Password: Password: ERT-805# [...]

  • Страница 77

    73 ! interface async 0/0 ! router rip network 10.0.0.0 network 192.168.98.0 ! line vty 0 4 login password 7 3Z4SNtmYpBT6BC ! ip route 0.0.0.0 0.0.0.0 serial 0/0 ! end ERT-805# Debug radi u s 13:51.914 #Line serial0/0 Protocol Up 13:51.921 Radius: Send to 192.168.99.63:1646, Accounting_Request, id 0xfe, len 13:51.921 52 13:51.922 Attri b ute type: A[...]

  • Страница 78

    74 Chapter 6 QOS Quali t y o f service (QOS) is use to i m prove t h e n et w or k e f f icien c y . E R T -805 pr o vi d es so m e di f f erent QOS, w h ich are CAR , Polic y - base d R o uting, W eight f air que u i n g a n d class- m ap 6.1 CAR – C o m m itted A c ce s s Rate CAR (Co m m itted Access Rate) is a ll o w s user t o li m it the o [...]

  • Страница 79

    75 Violate- a ction • continue – Eval u ates t he o ther rate - li m it • drop – Dro p s t he pac k et • transmit – S e nds sho w interface ra t e-limit – dis p l a y in f or m ation a b out CAR f or an in t er f ace Configuration E x ample router# show run Building configuration ... service password-encryption service timestamps debu[...]

  • Страница 80

    76 password 7 3Z4SNtmYpBT6BC ! ip route 0.0.0.0 0.0.0.0 serial 0/0 ! access-list 100 permit tcp any any eq www access-list 101 permit tcp any any eq ftp ! end router# router# show interface s0/0 rate-limit Output matches: access-group 100 params: 9600 bps, 24000 limit, 32000 extended limit conformed 3582 packets, 219373 bytes; action: transmit exce[...]

  • Страница 81

    77 6.2 Policy - based Routing PB R (poli c y - b ased r o uting) is all o w s user m anu a l l y t o d e f ined poli c y tha t h o w to r e ceived pac k e t s should b e rou t ed a nd also all o w s user t o iden t i f y p ac k e t s usin g several attributes to speci f y t he next hop t o w h ich t he pac k et should b e sent. route-map m ap-na m [...]

  • Страница 82

    78 router rip version 2 network 10.0.0.0 network 192.168.98.0 ! line vty 0 4 login password 7 k2CZPVdrqEggyC ! route-map richard match ip address 1 set interface serial 0/0 set ip next-hop 10.0.0.1 ! access-list 1 permit 192.168.98.62 0.0.0.255 ! end router# 6.3 Class - map a nd policy - map Class- m ap c o m m and is a g lo b al co m m and whic h [...]

  • Страница 83

    79 a n y – m atch a n y p ac k ets match input-interface – s peci f y a n inpu t i n ter f ace to m atch match cl a ss-map c lass- m ap n a m e – speci f y th e tra ff ic class as a m atch criterio n . match ip rtp l o w er bo u nd o f UDP des t i n ation pr o t – c on f igure c lass- m ap that use rtp pr o tocol port as m atch criterion ma[...]

  • Страница 84

    80 enable password 7 wonRBhc01DcE ! class-map match-any test match access-group 101 match protocol ip tcp 80 match input-interface serial 0/0 ! class-map match-any test1 match access-group 102 match protocol ip tcp 80 match input-interface serial 0/0 ! policy-map richard class test bandwidth percent 60 queue-limit 2 ! class test1 bandwidth percent [...]

  • Страница 85

    81 login password 7 k2CZPVdrqEggyC ! ip route 192.168.99.0 255.255.255.0 10.0.0.1 ! access-list 1 permit 192.168.98.62 0.0.0.255 access-list 101 permit ip host 192.168.98.62 any access-list 102 permit ip host 192.168.98.63 any ! end router# router# show policy-map interface s0/0 serial0/0 Service-policy output: marc Class-map: test (match-any) 1376[...]

  • Страница 86

    82 Weighted Fair Queueing Output Queue: Conversation Bandwidth 40 (%) Max Thresh 2 (packets) (pkts matched/bytes matched) 0/0 Class-map: class-default (match-all) 137 packets, 8713 bytes 5 minute offered rate 153 bps, drop rate 0 bps Match any router# router# show class-map Class Map match-any class-default (id 0) Match any Class Map match-any test[...]

  • Страница 87

    83 pac k ets in a q ue u e f or tra n s m ission. ER T -805 is pr o vides f our di ff erent t y p es o f q ueu e th a t is FIFO (de f ault in a ll rou t er), W FQ ( W eighed f air q u e u ing), priori t y q u e u ing an d custo m que u ing. 6.4.1 FIFO- First IN First Out T he tra f f ic f or FIFO is tran sm itted i n t h e o r der rec e ive d , w i[...]

  • Страница 88

    84 inter f ace a s y n c 0 / 0 ! router rip network 192.168.98.0 network 10.0.0.0 ! line vty 0 4 login password 7 kdWL6UXPkdPV/B ! ip route 0.0.0.0 0.0.0.0 serial 0/0 router# show queueing fair Current fair queue configuration: Interface Discard Dynamic Reserved threshold queue count queue count serial0/0 64 2 0 router# show queue s0/0 Weighted Fai[...]

  • Страница 89

    85 priori t y qu e ui n g b ased on p rotocol t y p e priori t y -l i st list nu m ber interfa ce inter f ace t y p e in t erface no [high | medium | n ormal | lo w ] – Es t ablish p r iori t y qu e uing fo r all traf f ic entering on a n i n c o m ing inter f ace priori t y -l i st list nu m ber default [high | medium | normal | lo w ] - Assign [...]

  • Страница 90

    86 interface async 0/0 ! router rip network 10.0.0.0 network 192.168.98.0 ! line vty 0 5 login password 7 tF4VZx7eRx5VcC ! ip route 0.0.0.0 0.0.0.0 10.0.0.1 ! access-list 100 permit tcp host 192.168.99.61 host 192.168.98.62 access-list 100 permit ip any any priority-list 2 protocol ip high tcp 80 priority-list 2 protocol ip high list 100 priority-l[...]

  • Страница 91

    87 2 low limit 30 router# router# show queue s0/0 Priority Queueing, priority-list 2 router# router# show int s0/0 serial0/0 is administratively up, line protocol is up Hardware is RT800-E Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open IPCP Open, CCP Closed, CDP Open, MPLSCP Close Queueing strategy: priority-list 2 Output queu[...]

  • Страница 92

    88 Queu e- ke yw ord ke yw ord-value E xp lain Frag m en t s NULL A n y fr ag m en ts ip p ac ke t List Lis t -n u m b er Assig n s t r a ff i c p ri o riti es ac c o rding to a sp e c i fied l i s t . Lt B y te-cou n t S peci f ies a less-than c o unt . T he priori t y l e vel assig n ed goes in t o effect w h e n a p ac k et size is less th a n t[...]

  • Страница 93

    89 Configuration E x ample router# show run Building configuration ... service password-encryption service timestamps debug ! hostname router ! enable password 7 Pl2cGlY8liD4 ! interface fastethernet 0/0 ip address 192.168.98.63 255.255.255.0 ! interface serial 0/0 encapsulation ppp ip address 10.0.0.2 255.255.255.192 custom-queue-list 10 ! interfa[...]

  • Страница 94

    90 queue-list 10 default 5 queue-list 10 protocol ip 1 list 1 ! end router# router# show int s0/0 serial0/0 is administratively up, line protocol is up Hardware is RT800-E Encapsulation PPP, loopback not set, keepalive set (10 sec! IPCP Open, CCP Closed, CDP Open, MPLSCP Close Queueing strategy: custom-queue-list 2 Output queues: (queue #: size/max[...]

  • Страница 95

    91 router# show queueing custom Current custom queue configuration: List Queue Args 10 5 default 10 1 protocol ip tcp port 80 10 2 interface serial0/0 10 3 protocol ip 10 1 protocol ip list 1 10 4 byte-count 115200 limit 10 router#[...]

  • Страница 96

    92 Appendix A Upgrade firmware Pl e ase f oll o w t he st e p s to u pgra d e f ir m w are: 1. Find and d o wnload the la te st f ir m w are f r o m PLA N ET W e b site. 2. Con n ect Cons o le port t o E R T -805 Seri a l WAN Route r 3. Cha n ge t o D PS- m ode a n d run m rc o m 32.exe (this pro g ra m can be f ou n d in t h e C D -ROM m enu, dire[...]

  • Страница 97

    93 T hen press enter s t ill see t he Input File Name , t y p e in th e f ile ’ s n a m e and press enter a g a in ] 10 . T hen press 3 to res t art Ro u ter N o w , the E R T -805 is wi t h t h e f ir m w are f ile just d o wnlo a ded.[...]

  • Страница 98

    94 Appendix B Router Dialing E R T -805 is support dial-up fr o m m od e m w hi c h i s all o w user to re m ote to o f fice fr o m o t her place. And the comm a nds are: P h y s i cal-l a y e r a s ync – c o n f igure serial in t er f ace as a n a s y nc in t er f ace a s y nc mode [dedi c ated | i nteracti v e ] – s p eci f y li n e m ode f o[...]

  • Страница 99

    95 ip route 12.0.0.0 255.0.0.0 10.1.1.2 dialer- list 1 protocol ip permit Con f igu r ing r o uter R ou t er 2 int s1 encap ppp ip address 10.1.1.2 255.0.0.0 physical-layer async async mode dedicate line flowcontrol hardware line cd normal line speed 9600 dialer in-band line i nact i ve- ti m er 60 dialer- list 1 protocol ip permit[...]

  • Страница 100

    96 Appendix C Cables / Pin-assignment for ERT-805 C.1 V .35 DTE – CB-ERTV35-MT Pin to ERT-805 Description Pin to device Description 21 MODE_1 18 MODE_0 GND 25 MODE_DCE 1 Shield A Shield_GND 08 B_DCD/DCD+ Twisted pair no. 1 < — F RLSD 7 GND+ B GND 03 I_RXD/TXD+ Twisted pair no. 9 < — R RD+ 16 I_RXD/TXD – < — T RD – 02 O_TXD/RXD+[...]

  • Страница 101

    97 03 I_RXD/TXD+ Twisted pair no. 3 < — P SD+ 16 I_RXD/TXD – < — S SD – 02 O_TXD/RXD+ Twisted pair no. 5 — > R RD+ 14 O_TXD/RXD – — > T RD – 05 I_CTS/RTS+ Twisted pair no. 2 < — C RTS 06 I_DSR/DTR+ < — H DTR 04 O_RTS/CTS Twisted pair no. 4 — > D CTS 20 O_DTR/DSR+ — > E DSR 17 I_RXC/TXCE+ Twisted pair [...]

  • Страница 102

    98 12 GND GND C.4 V .24 DCE – CB-ERT232-FC Pin to ERT-805 Description Pin to device Description 21 MODE_1 18 MODE_0 25 MODE_DCE GND 1 Shield 1 Shield_GND 08 B_DCD/DCD+ Twisted pair no. 1 — > 8 CD 7 GND 7 GND 03 I_RXD/TXD+ Twisted pair no. 3 < — 2 TXD 16 GND GND 02 O_TXD/RXD+ Twisted pair no. 5 — > 3 RXD 14 GND GND 05 I_CTS/RTS+ Twi[...]

  • Страница 103

    99 14 O_TXD/RXD- 9 TXD- 05 I_CTS/RTS+ Twisted pair no. 2 < — 5 INDIC A T ION+ 06 I_DSR/DTR+ < — 12 INDIC A T ION- 04 O_RTS/CTS Twisted pair no. 4 — > 3 CON T ROL+ 20 O_DTR/DSR+ — > 10 CON T ROL- 17 I_RXC/TXCE+ Twisted pair no. 8 < — 6 T IMING+ 09 I_RXC/TXCE- <- 13 T IMING- Twisted pair no. 6 — > — > Twisted pai[...]

  • Страница 104

    100 C.7 RJ-45 Con s o l e Cab l e T he ping out o f the RJ-4 5 console ca b le b u n dl e d in t he p ac k age is as f oll o w ing: 1 … … …… … …… … ……… …… ..8 2 … ……… … …… …… ………… ..7 3 … ……… … …… …… ……… …… 6 4 … ……… … …… …… ………… ..5 5 … …?[...]