Manuel d'utilisation / d'entretien du produit Cyclades-PR2000 du fabricant Avocent
Aller à la page of 136
Cyclades-PR2000 Installation Manual Access Router Cyclades Corporation.
Cyclades-PR2000 Installation Manual V ersion 1.2 – May 2002 Copyright (C) Cyclades Corporation, 1998 - 2002 We believe the information in this manual is accurate and reliable. However , we assume no responsibility , financial or otherwise, for any consequences of the use of this Installation Manual.
Cyclades-PR2000 T able of Contents 3 T able of Contents CHAPTER 1 HOW TO USE THIS MANUAL .............................................................................................. .......... 7 Installation Assumptions .............................
Cyclades-PR2000 T able of Contents 4 The IP Protocol ................................................................................................................ ................................. 49 The Transparent Bridge Protocol ................
Cyclades-PR2000 T able of Contents 5 Creation of user accounts and passwords ........................................................................................ ............... 87 IP Accounting ....................................................
Cyclades-PR2000 T able of Contents 6 T esting the W AN Interfaces ..................................................................................................... ....................... 123 APPENDIX B HARDWA RE SPECIFICA TIONS ..................
Cyclades-PR2000 7 Chapter 1 - How T o Use This Manual CHAPTER 1 HOW TO USE THIS MANUAL Three Cyclades manuals are related to the PR2000. 1 The Quick Installation Manual -- provided with the router , 2.
Cyclades-PR2000 8 Chapter 1 - How T o Use This Manual Chapter 12 - Filters and Rules - demonstrates how to protect your router from undesired traffic. Chapter 13 - IPX - presents the hidden menus available only in routers with IPX activated. Chapter 14 - Virtual Private Network - describes CyROS’ VPN implementation.
Cyclades-PR2000 9 Chapter 1 - How T o Use This Manual Conventi on Descr iption CONFIG=>I NTERFACE=>L A combinatio n of menu ite ms, with the last being eit her a menu item, a parameter, or a command. In th is example, L lis ts the int erface configurat ion.
Cyclades-PR2000 10 Chapter 1 - How to Use This Manual Cyclades T echnical Support and Contact Information All Cyclades products include limited free technical support, software upgrades and manual updates. These updates and the latest product information are available at: http://www .
Cyclades-PR2000 11 Chapter 1 - How to Use This Manual The mailing address and general phone numbers for Cyclades Corporation are: Cyclades Corporation Phone: + 01 (510) 770-9727 Fax: + 01 (510) 770-03.
Cyclades-PR2000 Chapter 2 - What is in the Box 12 CHAPTER 2 WHA T IS IN THE BOX The Cyclades-PR2000 is accompanied by the following accessories: Back Panel of PR2000 Console Cable Labeled “Conf” T.
Chapter 2 - What is in the Box 13 Cyclades-PR2000 • Quick Installation Manual • Console Cable • Installation Manual & Reference Guide (on CD) • Mounting Kit • T wo straight-through cables • Power Source & Cable • T wo V .35 Adapters • Gender Changer Figure 2.
Cyclades-PR2000 Chapter 3 - Using CyROS Menus 14 Chapter 3 Using CyROS Menus This chapter explains CyROS menu navigation and special keys. There are four ways to interact with CyROS: • T raditional .
Chapter 3 - Using CyROS Menus 15 Cyclades-PR2000 Once the console connection is correctly established, a Cyclades banner and login prompt should appear on the terminal screen. If nothing appears, see the first section of the troubleshooting appendix for help.
Cyclades-PR2000 Chapter 3 - Using CyROS Menus 16 Special Keys <Enter> or <Ct rl + M> Th ese k e ys a re us ed t o en d t he i n put of a va lu e. <ESC> or <Ctrl+I> These ke ys are us ed to cancel a sel ection or ret u rn to the pre vious men u.
Chapter 3 - Using CyROS Menus 17 Cyclades-PR2000 The CyROS Management Utility After one of the interfaces has been connected and configured, there is another way to interact with CyROS. T ype the IP address in the location field in an HTML browser of a PC connected locally or remotely through the configured interface.
Cyclades-PR2000 Chapter 3 - Using CyROS Menus 18 The link Configuration Menu Interface will present an HTML version of the CyROS Main Menu, described previously . Clicking on an interface will show its current status and some additional information. Clicking on End HTTP Session will terminate the connection.
Cyclades-PR2000 19 Chapter 4 - Step-by-Step Instructions CHAPTER 4 STEP-BY-STEP INSTRUCTIONS FOR COMMON APPLICA TIONS This chapter provides detailed examples that can be used as models for similar applications.
Cyclades-PR2000 20 Chapter 4 - Step-by-Step Instructions STEP ONE The first step is to determine the parameters needed to configure the Ethernet interface (ETH0). The parameters in the Network Protocol Menu (IP) are shown in Figure 4.2. Fill in the blanks for your application in the right-most column.
Cyclades-PR2000 21 Chapter 4 - Step-by-Step Instructions STEP TWO No more parameters are necessary for the Ethernet interface. The other interface to be configured is the SW AN. The SWAN physical media parameters are shown in Figure 4.3. Fill in the values for your application.
Cyclades-PR2000 22 Chapter 4 - Step-by-Step Instructions Me nu CON FIG=>INTERFACE=>S W AN=>NETWORK PROTOCOL=>IP Para meter Exa mple You r Appl ica tion Act ive or I na c tiv e Act ive en able s I P co mmun icat ion (I PX an d Transparent Bridge are not used in this example).
Cyclades-PR2000 23 Chapter 4 - Step-by-Step Instructions STEP FOUR The Encapsulation parameters for PPP are less straight-forward. Many of them are based on decisions that cannot be shown in a diagram. Fortunately , the choices made here will mostly effect the performance of the link, rather than whether it works or not.
Cyclades-PR2000 24 Chapter 4 - Step-by-Step Instructions STEP FIVE A static route must be added to tell the router that all traffic not intended for the local LAN should be sent to the Access Provider . Chapter 9 of the Installation Manual explains static routes and other routing methods available in CyROS.
Cyclades-PR2000 25 Chapter 4 - Step-by-Step Instructions STEP SEVEN NA T parameters will now be determined for routing outside of the local LAN. Network Address Translation maps the local IP addresses, registered in the local address range menu below , to the one global IP address assigned by the access provider .
Cyclades-PR2000 26 Chapter 4 - Step-by-Step Instructions Instructions for creating a backup of the configuration file. Use the menu option ADMIN =>WRITE CONFIGURA TION =>TO FTP SERVER. Fill in the IP address of the computer where the configuration file should be saved, the file name, the directory name, and the user account information.
Cyclades-PR2000 27 Chapter 4 - Step-by-Step Instructions Example 2 A LAN-to-LAN Example Using Frame Relay This section will guide you through a complete router installation for the connection of two LANs via Frame Relay . Figure 4.9 shows the example system used in this section.
Cyclades-PR2000 28 Chapter 4 - Step-by-Step Instructions STEP ONE The first step is to determine the parameters needed to configure the Ethernet interface (ETH0). The parameters in the Network Protocol Menu (IP) are shown in Figure 4.10. Fill in the blanks for your application in the right-most column.
Cyclades-PR2000 29 Chapter 4 - Step-by-Step Instructions STEP TWO No more parameters are necessary for the Ethernet interface. The other interface to be configured is the SW AN in slot 1. The SWAN physical media parameters are shown in Figure 4.1 1. Fill in the values for your application.
Cyclades-PR2000 30 Chapter 4 - Step-by-Step Instructions STEP THREE The network protocol parameters, shown in Figure 4.12, are similar to those for the Ethernet interface.
Cyclades-PR2000 31 Chapter 4 - Step-by-Step Instructions STEP FOUR The Encapsulation parameters for Frame Relay are less straight-forward. Many of them are based on decisions that cannot be shown in a diagram. Fortunately , the choices made here will mostly effect the performance of the link, rather than whether it works or not.
Cyclades-PR2000 32 Chapter 4 - Step-by-Step Instructions Me nu CON FIG =>INT ERFACE=>SW AN=>ENCAPSULAT I ON=>FRAME RE LAY=><ESC>=>ADD DLCI Para meter Exa mple You r Appl icat ion DLCI Number Sixteen. This number is supplied b y the Pu bl ic F r am e Rel a y net wo r k pr ov i d er .
Cyclades-PR2000 33 Chapter 4 - Step-by-Step Instructions Me nu CON FIG=>STATIC RO UTES=>IP=>ADD ROUTE Para meter Exa mple You r Appl ica tion Destination I P Address 15.0.0.0 Subnet Ma sk 255.255.255.0 Gateway or Interface gateway Gateway I P Address 200.
Cyclades-PR2000 34 Chapter 4 - Step-by-Step Instructions Instructions for creating a backup of the configuration file. Use the menu option ADMIN =>WRITE CONFIGURA TION =>TO FTP SERVER. Fill in the IP address of the computer where the configuration file should be saved, the file name, the directory name, and the user account information.
Cyclades-PR2000 35 Chapter 4 - Step-by-Step Instructions Example 3 Link Backup This example shows the configuration of a backup link, with a swan connection to a public Frame Relay Network providing the primary link and a SW AN with a PPP connection providing the secondary link.
Cyclades-PR2000 36 Chapter 4 - Step-by-Step Instructions STEP ONE The bandwidth used by CyROS for multilink circuit calculations is that given in the traffic control menu, rather than the actual physical bandwidth available. If this bandwidth value is not set, the preset value (zero) will be used and the multilink circuit will not function.
Cyclades-PR2000 37 Chapter 4 - Step-by-Step Instructions Me nu CON FIG=>MULTILINK=>MULTILINK C IRCUIT NU MBER=>ADD/MODIFY INTERFACE Para meter Exa mple You r Appl ica tion Slot N SWAN 1 Ty pe of In t e rf a ce Ma i n Time to Activate Backup After Th is Link Goes Do wn 5 Time to Deactivate Backup After Th is Link Retu rns 20 FIGURE 4.
Cyclades-PR2000 38 Chapter 4 - Step-by-Step Instructions STEP THREE Up to this point, the configuration can be used either for link back up or for load back up. This example shows link back up, but parameters applicable to load back up will be mentioned when they appear .
Cyclades-PR2000 39 Chapter 4 - Step-by-Step Instructions STEP FOUR Now , a static backup route must be created for the secondary link. It is assumed that a route of some sort (static, RIP , etc.) already exists for the primary link. The static route parameters for the example secondary link are shown in Figure 4.
Cyclades-PR2000 40 Chapter 4 - Step-by-Step Instructions STEP SIX The multilink circuit can be tested by temporarily deactivating the interface on the primary link. This is done in the ADMIN=> ST ART/STOP INTERF ACE menu by selecting the SW AN interface.
Chapter 5 - Configuration of the Ethernet Interface 41 Cyclades-PR2000 CHAPTER 5 CONFIGURA TION OF THE ETHERNET INTERFACE The PR2000 has one Ethernet 10Base-T interface, provided in a standard RJ-45 modular jack, which should be connected to an Ethernet hub or switch.
Cyclades-PR2000 Chapter 5 - Configuration of the Ethernet Interface 42 Network Protocol Menu (Continued) Parameter Des cription Sec ondary IP Address App lies t o Numb ered interfaces. Indicates a second (or third, etc. up to eight) IP address that can be us ed to refer to this interface.
Chapter 5 - Configuration of the Ethernet Interface 43 Cyclades-PR2000 IP Bridge An IP Bridge is used to divide a network without subnetting. Whenever a subnetwork is created, two IP numbers are lost — one describing the network and the other reserved for broadcast.
Cyclades-PR2000 Chapter 5 - Configuration of the Ethernet Interface 44 Network Protocol Menu (Continued) -- (IP Bridge) Parameter Des cription IP Bridge Activ ates the IP B ridge functionality. The follow ing para met ers app ly only if I P Bridg e i s Active .
Chapter 6 - The SW AN and Async Interfaces 45 Cyclades-PR2000 CHAPTER 6 THE SW AN AND ASYNC INTERF ACES This chapter describes how to configure a SW AN interface. The physical link should be set up as shown in chapter 2, according to the type of modem or device at the other end of the connection and the type of SW AN port.
Chapter 6 - The SW AN and Async Interfaces 46 Cyclades-PR2000 STEP TWO The second step is to choose a data-link protocol in the Encapsulation Menu. There are many encapsulation options on this interface.
Chapter 6 - The SW AN and Async Interfaces 47 Cyclades-PR2000 STEP FOUR If PPP Encapsulation is being used, a type of authentication should be chosen. This is done in the authentication menu.
Cyclades-PR2000 Chapter 7 Network Protocols 48 CHAPTER 7 NETWORK PROTOCOLS The second step in most interface configurations is to choose which network protocol to use and assign values to the relevant parameters. At least one of IP , T ransparent Bridge, or IPX (optional, and discussed in chapter 13) must be activated.
Chapter 7 Network Protocols 49 Cyclades-PR2000 The IP Protocol If the preset values provided by the operating system are accepted, the interface will work at a basic level.
Cyclades-PR2000 Chapter 7 Network Protocols 50 Network Protocol (IP) Menu (Continued) Parameter Des cription IP MTU Assigns the si ze of the Maximum Tra nsmission Unit for t he interface. T his determines whether or not a given IP datagram is fragmented .
Chapter 7 Network Protocols 51 Cyclades-PR2000 The T ransparent Bridge Protocol The T ransparent Bridge Protocol can be used in conjunction with either IP or IPX.
Cyclades-PR2000 Chapter 8 - Data-Link Protocols (Encapsulation) 52 CHAPTER 8 DA T A-LINK PROTOCOLS (ENCAPSULA TION) Each encapsulation option is presented in a separate section in this chapter . Not all data-link protocols are available for all interfaces.
Cyclades-PR2000 53 Chapter 8 - Data-Link Protocols (Encapsulation) PPP Menu (Continued) Parameter Des cription Di sabl e LC P E c ho Requests LCP (Link Control Protoc ol) messages are normall y exchanged to monit or the status of the link.
Cyclades-PR2000 Chapter 8 - Data-Link Protocols (Encapsulation) 54 CHAR The configuration of the CHAR data-link protocol is confined to one menu, CONFIG =>INTERF ACE =><LINK> =>ENCAPSULA TION =>CHAR. Informa tion about all the parameters appearing in this menu is provided in the table below .
Cyclades-PR2000 55 Chapter 8 - Data-Link Protocols (Encapsulation) PPPCHAR The configuration of the PPPCHAR protocol is contained in the menu CONFIG =>INTERF ACE =><LINK> =>ENCAPSULA TION =>PPPCHAR. The parameters for PPPCHAR are a combination of those for PPP and CHAR.
Cyclades-PR2000 Chapter 8 - Data-Link Protocols (Encapsulation) 56 The Local Management Interface (LMI) Protocol provides services not available in simple Frame Relay . It is used for controlling the connection between the user and the network. It monitors this link, maintains the list of DLCs, and sends status messages about the PVCs.
Cyclades-PR2000 57 Chapter 8 - Data-Link Protocols (Encapsulation) STEP TWO After configuring the general parameters, each DLC must be defined. An example will be used to demonstrate the procedure. A public Frame Relay network connecting offices in São Paulo, Rio de Janeiro, Salvador , and Recife is shown in Figure 1 1.
Cyclades-PR2000 Chapter 8 - Data-Link Protocols (Encapsulation) 58 Rio de Janeiro Network: 192.168.201.0 Recife Network: 192.168.202.0 São Paulo Network: 192.168.200.0 Salvador Network: 192.168.203.0 Router Router Router Router 200.1.1.1 200.1.1.4 200.
Cyclades-PR2000 59 Chapter 8 - Data-Link Protocols (Encapsulation) Add DLCI Menu CONFIG=>INTERF ACE =><LINK> =>ENCAPS =>FRAME RELA Y => <ESC> =>ADD DLCI Parameter Des cription DLCI Number Used to identify the DLC. This number is supplied b y the Public Frame Relay network provider.
Cyclades-PR2000 Chapter 8 - Data-Link Protocols (Encapsulation) 60 Modem or DSU/CSU X.25 Switch / DCE Switch / DCE Router / DTE Router / DTE FIGURE 8.2 PUBLIC X.25 NETWORK EXAMPLE X.25 A Cyclades Router can act either as a DTE (Data-terminal Equipment) connected to a public X.
Cyclades-PR2000 61 Chapter 8 - Data-Link Protocols (Encapsulation) X.25 Menu CONFIG=>INTERF ACE=><LINK>=>ENCAPSULA TION =>X.25 Parameter Des cription X.121 (Local DTE) Addr ess Address assigned to this interf ace (provided b y the public X.
Cyclades-PR2000 Chapter 8 - Data-Link Protocols (Encapsulation) 62 X.25 Menu (Continued) Parameter Des cription Packet Size The packet size to be sent acr oss the interface. This n umber may be negotiated if the Packet Size Facility is utilized (s ee last parameter i n this table).
Cyclades-PR2000 63 Chapter 8 - Data-Link Protocols (Encapsulation) STEP TWO The next step is to create a static routing table associating each remote X.121 address with an IP address or a TCP Socket location. This is done in the Add DTE menu, which appears at the end of the X.
Cyclades-PR2000 Chapter 9 - Routing Protocols 64 CHAPTER 9 ROUTING PROTOCOLS Routing Strategies Routing can be done either statically or dynamically . Static Routing Static routing is recommended when the network contains a small number of routers and other equipment.
Cyclades-PR2000 Chapter 9 - Routing Protocols 65 Static Routes Routers used in very small or simple networks may use static routes as the primary routing method. When RIP or OSPF are used, some static routes may still be needed. Configuration of static routes will be explained using two examples.
Cyclades-PR2000 Chapter 9 - Routing Protocols 66 Unnumbered Interfaces Point-to-Point Connection Slot 1 ETH0 ETH0 Slot 3 Router 1 10.0.0.3 192.168.100.1 Router 2 A B E F Network 3 Network 1 FIGURE 9.2 ST A TIC ROUTING EXAMPLE 2 Figure 9.2 shows another static routing example to explain the Gateway or Interface parameter .
Cyclades-PR2000 Chapter 9 - Routing Protocols 67 Add Static Route Menu CONFIG =>ST A TIC ROUTES =>IP =>ADD ROUTE Parameter Des cription Destinat ion IP Address Add ress that r oute will lead to. To configur e a default route, type "default" for this parameter, oth erwis e enter 0.
Cyclades-PR2000 Chapter 9 - Routing Protocols 68 RIP Configuration CyROS supports three basic types of RIP: 1 RIP1 [RFC 1058] 2 RIP2 with broadcast (compatible with RIP1) [RFC 1723] 3 RIP2 with multicast [RFC 1723] The primary difference between RIP1 and RIP2 is that only RIP2 advertises subnet masks and next hops.
Cyclades-PR2000 Chapter 9 - Routing Protocols 69 OSPF The OSPF (Open Shortest Path First) routing protocol is significantly more complicated than RIP . The determination of which protocol is better suited to a given network is beyond the scope of this manual.
Cyclades-PR2000 Chapter 9 - Routing Protocols 70 First, some definitions: • An Autonomous System (AS) is a portion of the network that will use a single routing strategy . It is made up of a backbone area and optionally of non-backbone areas. • OSPF Areas are sub-systems that have identical routing databases.
Cyclades-PR2000 Chapter 9 - Routing Protocols 71 OSPF Menu (continued) Ex terna l Me tri c Def ines the metr ic tha t w ill be ad ver tised by OSPF . Ex ternal Me tri c Ty pe Fo r Type 1 , the total m.
Cyclades-PR2000 Chapter 9 - Routing Protocols 72 OSPF Global Configurations STEP THREE After completing the OSPF interface configuration for all interfaces (even those that will not use OSPF), navigate to the OSPF Menu, CONFIG=>IP=>OSPF . Enter into the OSPF Global Commands menu and set the parameters as indicated in the table below .
Cyclades-PR2000 Chapter 9 - Routing Protocols 73 OSPF Global Commands (Continued) Parameter Des cription RIP External Metric - Ty pe Applie s when Advertise RIP ro ut es is set to Yes .
Cyclades-PR2000 Chapter 9 - Routing Protocols 74 Area Menu (continued) Area Range N Status An Area Border Router (ABR) advertises link states f or all networks within the are a. The number of such advertisements can p otentially be reduced by condensing different IP networks in to a single range.
Cyclades-PR2000 Chapter 9 - Routing Protocols 75 STEP SIX It is not always possible to connect all areas directly to the backbone. When an area is connected to the backbone only through another area, two virtual links must be created. One from the backbone to the unattached area and one from the unattached area to the backbone.
Cyclades-PR2000 Chapter 9 - Routing Protocols 76 BGP-4 Configuration The BGP-4 routing protocol is used for routing on the Internet, performed between Autonomous Systems (ASs). An autonomous system is defined as: · A set of routers and networks under the same administration.
Cyclades-PR2000 Chapter 9 - Routing Protocols 77 The last option is to aggregate the addresses contained in the local autonomous system in order to present an aggregated route to the outside world. This is done in the last step. 8. Aggregate the addresses contained in the AS.
Cyclades-PR2000 Chapter 9 - Routing Protocols 78 CONFIG=>IP=>BGP4=>GLOBAL Parameter Des cription BGP4 Protocol Activates the protocol. Local AS Number This number is assigned by the service provider.
Cyclades-PR2000 Chapter 9 - Routing Protocols 79 STEP TWO The neighbor menu identifies the routers inside and outside the AS that will communicate with the router via BGP- 4.
Cyclades-PR2000 Chapter 9 - Routing Protocols 80 CONFIG=>IP=>BGP4=>NEIGHBOR=>ADD (continued) Keepalive Interva l between keepalive messag es sent to this neighbor. Connection Retr y Time W hen a connection wit h this nei ghbor is broken, the router try to rec onnect with frequency 1 divide d by the Connection R etry Time.
Cyclades-PR2000 Chapter 9 - Routing Protocols 81 1 2 3 4 5 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PR3000 100.10.0.0/16 U n d e s i r e d R o u t e B a c k u p R o u t e P r t e e f e r r e d R o u FIGURE 9.
Cyclades-PR2000 Chapter 9 - Routing Protocols 82 STEP FOUR An access list needs at least one rule. The example in Figure 9.6 shows three access lists, each one with several rules. Each neighbor can be assigned up to 6 access lists, as seen in step 2. Route Map Discarded Routes Discarded Routes Discarded Routes Seq.
Cyclades-PR2000 Chapter 9 - Routing Protocols 83 CONFIG=>IP=>BGP4=>ACCESS LIST=>CONFIGURE RULES=><ACCESS LIST NAME> =>ADD Parameter Des cription Rule Status Enables the rule. Scope See explanation of this parameter in step 3. Rule AS Position Applies only for Access L ist Type equal to AS Path.
Cyclades-PR2000 Chapter 9 - Routing Protocols 84 STEP SIX A route map can either apply to all routes not discarded by the access lists, as shown in Figure 9.6, or to routes filtered by a particular access list, as shown in Figure 9.7. Route Map Discarded Routes Discarded Routes Seq.
Cyclades-PR2000 Chapter 9 - Routing Protocols 85 CONFIG=>IP=>BGP4=>ROUTE MAP=>ADD Parameter Des cription Route Map Numb er Identifies the route map Sequence Number Identifies the sequence within the r oute map. The numbers n eed not be consecutive.
Cyclades-PR2000 Chapter 9 - Routing Protocols 86 CONFIG=>IP=>BGP4=>AGGREGA TE ADDRESSES=>ADD Parameter Des cription Num b er An ID f o r ref e r e nc e. Address T he aggregated address. In the e xample, 200.50.50.0. Mask (b i tle n) Th e m ask for th e a gg reg ate d add res s .
Cyclades-PR2000 Chapter 10 - CyROS, the Operating System 87 CHAPTER 10 CYROS, THE OPERA TING SYSTEM This chapter explains various operating system features that are not covered in other chapters: • .
Cyclades-PR2000 Chapter 10 - CyROS, the Operating System 88 Other users can be created and the user “usr” can be assigned a password. The password of the super user should be changed as soon as possible. The menu CONFIG=>SECURITY=>USERS allows addition, deletion, and modification of the list of users.
Cyclades-PR2000 Chapter 10 - CyROS, the Operating System 89 login name is indicated when the auto user is configured, the user is logged in to the remote host directly (though a password may be necessary , depending on the remote host configuration).
90 Cyclades-PR2000 Chapter 1 1 - NA T CHAPTER 1 1 NA T (NETWORK ADDRESS TRANSLA TION) NA T exists to convert local IP addresses into Internet “global” IP addresses. Internet IP addresses are assigned by Internet providers. Due to the explosion of the internet, these numbers are scarce.
91 Cyclades-PR2000 Chapter 1 1 - NA T There are two types of NA T available in CyROS -- Normal NA T and Expanded NA T . This chapter describes Expanded NA T .
92 Cyclades-PR2000 Chapter 1 1 - NA T NAT Sta tic Transla tion Tabl e # Gl oba l address / port local addr ess / Port Protoco l 1 20 0.2 40.230.225 / 20 19 2.168.0. 30 / 20 TPC 2 20 0.2 40.230.225 / 21 19 2.168.0. 30 / 21 TPC 3 20 0.2 40.230.225 / 80 19 2.
93 Cyclades-PR2000 Chapter 1 1 - NA T An overview of the NA T menu is shown in the table below. NA T Menu CONFIG =>SECURITY =>NA T Menu Option Description General P arameters for enabling NAT and c hoosing the NAT Mode. Also includes port translation option.
94 Cyclades-PR2000 Chapter 1 1 - NA T STEP TWO The parameters in the T imeout Menu are explained in more detail below. The preset values should be appropriate for most applications.
95 Cyclades-PR2000 Chapter 1 1 - NA T STEP FOUR If static translations are to be performed, as described in the example, the parameters in the Static T ranslation Menu must be set.
96 Chapter 12 - Filters and Rules Cyclades-PR2000 CHAPTER 12 RULES AND FIL TERS There are four basic types of rules: 1 IP filter rules, 2 Radius rules (actually a combination of previously defined IP .
97 Cyclades-PR2000 Chapter 12 - Filters and Rules Config IP Rule List Name Rule Status Rule List T ype Default Scope Incoming Rule List Name Outgoing Rule List Name Linked Rule List Name N Add Rule Li.
98 Chapter 12 - Filters and Rules Cyclades-PR2000 Exterior Router Interior Router Router Extension to Network Bastion Host ETH0 ETH0 192.168.0.2 192.168.0.3 10.0.0.0 172.16.0.0 192.168.0.1 Perimeter Network 192.168.0.0 Slot 1 Slot 1 FIGURE 12.2 FIREWALL EXAMPLE Figure 12.
99 Cyclades-PR2000 Chapter 12 - Filters and Rules Exterior Router The exterior router is the network’s first defense against attacks. For this reason, it is reasonable to prohibit all packets except for those explicitly allowed. This is done by choosing the Default Scope to be Deny .
100 Chapter 12 - Filters and Rules Cyclades-PR2000 Steps necessary to activate filtering on the exterior router in the example: 1 There are two interfaces with two directions each. Filtering on link 1 requires the creation of two rule lists, called exterior_in and exterior_out .
101 Cyclades-PR2000 Chapter 12 - Filters and Rules The configuration for “Let e-mail in” is shown in the following figure (obtained by selecting CONFIG =>RULES LIST =>IP =>L in the menus).
102 Chapter 12 - Filters and Rules Cyclades-PR2000 Filter_ list Name exter io r_out Rule 0 Status En abled Scope Pe rmit Protoco l TCP Source IP Operato r Equa l Source IP start 192.
103 Cyclades-PR2000 Chapter 12 - Filters and Rules Interior Router If an interior router exists in the network, the administrator may decide to use a Default Scope of Permit . In this case, all undesired traffic must be excluded by a rule in the rule list.
104 Chapter 12 - Filters and Rules Cyclades-PR2000 The configuration for “Stop forged packets” is shown in the following listing: Rules L ists Rule List Nam e Rule Defau lt List Linked Status Scop.
105 Cyclades-PR2000 Chapter 12 - Filters and Rules T raffic Rule Lists There are three kinds of traffic rules that can be configured in CyROS. The first two determine a division of bandwidth for traff.
106 Chapter 12 - Filters and Rules Cyclades-PR2000 The third determines which services have priority flowing through the router: 3 Service Prioritization. An Internet provider has three clients connected to the same router . Client A is larger and without traffic control would overwhelm the router to the exclusion of Clients B and C.
107 Cyclades-PR2000 Chapter 12 - Filters and Rules Rules L ists Rule Li st Name Rule Default List Linked Status Sc ope Type Rule List traffic _1 Enabled Traffic Filter_ list Name traffi c_1 Rule 0 Status En abled Flow pr iority 0 Rule ba ndwidth 50% Bandwid th priority 1 Protoco l 0 Source IP Op erator Equal Source IP st art 11.
108 Chapter 12 - Filters and Rules Cyclades-PR2000 Rule 1 Status En abled Flow Pr iority 0 Rule ba ndwidth 25% Bandwid th priority 2 Protoco l 0 Source IP Op erator Equal Source IP st art 22.
109 Cyclades-PR2000 Chapter 12 - Filters and Rules An example showing the third type of traffic control is given in Figure 12.8. The network administrator wants to prioritize the access to his web server . He also wants to prioritize e-mail sent by his SMTP server , but the priority should be lower .
110 Chapter 12 - Filters and Rules Cyclades-PR2000 The configured rules will appear as shown in the following listing. Rules L ists Rule Li st Name Rule De fault List Li nked Status Sc ope Type Rule L.
Cyclades-PR2000 Chapter 13 - IPX 111 CHAPTER 13 IPX (INTERNETWORK PACKET EXCHANGE) IPX is an alternative to IP , proprietary to Novell. When IPX is activated, many new menus appear to allow configuration of this type of network.
Cyclades-PR2000 Chapter 13 - IPX 112 Enabling IPX The first step is to activate the IPX feature in the router . This is accomplished using the menu option ADMIN =>ENABLE FEA TURES => IPX. The IPX protocol must also be activated in the menu CONFIG =>IPX => GENERAL.
Cyclades-PR2000 Chapter 13 - IPX 113 The parameter Send SAP Update can be set to Demand, Periodic, or None. This parameter affects both SAP and RIP . Periodic causes the router to send these messages every minute, while choosing Demand will cause the router to send messages only when a message request is received.
Cyclades-PR2000 Chapter 13 - IPX 114 The routing table is displayed by the menu option INFO => SHOW ROUTING T ABLE => IPX. For the example, and using only the static route created above, the routing table appears as in Figure 13.
Cyclades-PR2000 Chapter 14 - Virtual Private Network Configuration 115 CHAPTER 14 VIRTUAL PRIV A TE NETWORK CONFIGURA TION The Virtual Private Network utility can be used on any link using IP routing. It is used to provide greater security between two or more networks connected through a public communications network.
Cyclades-PR2000 Chapter 14 - Virtual Private Network Configuration 116 An example showing a local security network and two remote security networks is shown in Figure 14.
Cyclades-PR2000 Chapter 14 - Virtual Private Network Configuration 117 ETH0 PR3000 Router RSG3 - Remote Security Gateway Router IP Address: 190.190.190.1 Link 2 IP: 190.190.190.1 Link 1 0.70.70.1 IP: 7 .16.0.0 IP:172 0.0.0.0 IP: 1 Link 1 IP: 50.50.50.
Cyclades-PR2000 Chapter 14 - Virtual Private Network Configuration 118 STEP THREE Use the menu item INFO =>SHOW ROUTING T ABLE to confirm that the other Remote Security Gateways (RSGs), and all the networks included in the Remote Security Networks, are reachable.
Cyclades-PR2000 Chapter 14 - Virtual Private Network Configuration 119 STEP SIX Now , the Remote Security Networks must be defined. This is done in the CONFIG =>SECURITY =>VPN =>REMOTE IP NETWORKS =>ADD NETWORK menu.
Cyclades-PR2000 Appendix A - T roubleshooting 120 APPENDIX A TROUBLESHOOTING What to Do if the Login Screen Does Not Appear When Using a Console. 1 Check the configuration of the terminal. The correct values are given in chapter 2. 2 Check to see if the router booted correctly .
Cyclades-PR2000 Appendix A - T roubleshooting 121 What to Do if the Router Does Not Work or Stops W orking. 1 Check that the cables are connected correctly and firmly (see chapter 2, What is in the Box, for correct cable connection information). 2 Confirm that the Link LED is lit, indicating proper Ethernet cable termination.
Cyclades-PR2000 Appendix A - T roubleshooting 122 T esting the Ethernet Interface After configuring the Ethernet interface, return to the main menu using the <ESC> key as many times as is necessary . Save the configuration to flash memory (the operating system will ask how to save the configuration on the way back to the main menu).
Cyclades-PR2000 Appendix A - T roubleshooting 123 T esting the W AN Interfaces The W AN interface can be tested using ping as described in the previous section. If the ping is not successful, check the routing table to see if a route to the destination exists (INFO =>SHOW ROUTING T ABLE).
Cyclades-PR2000 Appendix A - T roubleshooting 124 • The S column reveals the stage of the test at the time the table was created — D = data transfer , S = synchronization. • The next 4 columns indicate bytes and packets sent and received. • The last three columns indicate the port with which the interface is communicating.
Cyclades-PR2000 Appendix A - T roubleshooting 125 LEDs The LEDs on the PR1000’s case display the following information: • Power - Lit when the PR1000 is turned on. • 10BT - Lit when the Ethernet link is being used for a fast Ethernet connection.
126 Cyclades-PR2000 Appendix B - Hardware Specifications APPENDIX B HARDW ARE SPECIFICA TIONS General Specifications The Cyclades-PR2000 power requirements and environmental restrictions are listed in Figure B.
Appendix B - Hardware Specifications 127 Cyclades-PR2000 External Interfaces The W AN Interfaces The W AN interfaces are provided on a DB-25 female connector. The pinout diagram is not shown here, as it depends on which protocol (RS-232, V .25 or X.21) is configured.
128 Cyclades-PR2000 Appendix B - Hardware Specifications The Asynchronous Interface ASYNCHRONOUS PORT Pin Signal 1 RTS 2 DTR 3 TxD 4 Ground 5 CTS 6 RxD 7 DCD 8D S R 1 8 FIGURE B.4 ASYNCHRONOUS INTERF ACE - RJ-45 FEMALE The Console Interface CONSOLE POR T Pin R S-232 S ig nal 1R T S 2D T R 3T X 4G r o u n d 5C T S 6R X 7 DCD 8D S R 1 8 FIGURE B.
Appendix B - Hardware Specifications 129 Cyclades-PR2000 Cables The Straight-Through Cable 2 3 4 5 6 7 8 15 17 20 22 24 2 3 4 5 6 7 8 15 17 20 22 24 TxD RxD RTS CTS DSR Gnd DCD TxClk_DTE RxClk DTR RI .
130 Cyclades-PR2000 Appendix B - Hardware Specifications DB-25 - M.34 Adaptor DB-25 Female Signal PGnd RTS CTS DSR Gnd DCD TxD/V .35 (B) TxD/V .35 (A) RxD/V .35 (B) RxD/V .35 (A) TxClk_DTE/V .35 (B) TxClk_DTE/V .35 (A) TxClk_DCE/V .35 (B) DTR TxClk_DCE/V .
Appendix B - Hardware Specifications 131 Cyclades-PR2000 The ASY/Modem Cable PR2000 RJ-45 / 8 pins Pin 3 6 2 5 1 7 8 4 Signal TxD RxD DTR CTS RT S DCD DSR Gnd Modem (DB-25) Pin 2 3 20 5 4 8 6 7 Signal TxD RxD DTR CTS RT S DCD DSR Gnd ASY/MODEM RJ-45 ASY/Modem Cable DB-25 Male FIGURE B.
132 Cyclades-PR2000 Appendix B - Hardware Specifications DB-25 Male DB-25 Male Pin 1 3 2 4 5 7 8 20 6 13 11 14 12 24 17 15 19 25 16 21 13 18 Signal PGnd RxD TxD RTS CTS Gnd DCD DTR DSR R x DV . 3 5+( B ) TxD V .35 + (B) RxD V .35 - (A) TxD V .35 - (A) TxD V .
Appendix B - Hardware Specifications 133 Cyclades-PR2000 DB-25 Loopback Connector 2 3 4 5 8 20 11 13 12 14 15 17 24 16 19 25 18 21 23 DB-25 Male FIGURE B.
Appendix C - Configuration Without a Console Cyclades-PR2000 134 APPENDIX C CONFIGURA TION WITHOUT A CONSOLE When a terminal or PC is not available for use as a console, the router has a special feature that allows configuration of the Ethernet interface from any PC on the LAN.
Cyclades-PR2000 Index 135 B Backup Link configuration 35 Bandwidth Reservation 105 Boot Messages 120 C Cables parallel 13 Router MD/V .35 13 with a DB-25 connector 121 Connection to an Internet Access.
Cyclades Corporation 41829 Albrae Street Fremont, CA 94538 - USA Phone: (510) 770-9727 Fax: (510) 770-0355 www .cyclades.com Cyclades South America Phone: 55-1 1-5033-3333 Fax: 55-1 1-5033-3388 www .cyclades.com.br Cyclades Germany Phone: +49 (0)81 22 90 99-90 Fax: +49 (0)81 22 90 999-33 www .
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté Avocent Cyclades-PR2000 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du Avocent Cyclades-PR2000 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation Avocent Cyclades-PR2000, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le Avocent Cyclades-PR2000 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le Avocent Cyclades-PR2000, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du Avocent Cyclades-PR2000.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le Avocent Cyclades-PR2000. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei Avocent Cyclades-PR2000 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.