Tut Systems manual SMS2000 User’s Guide

Page 2

No part of this publication may be reproduced or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written consent of the publisher. Information in this manual is furnished under license and may only be used in accordance with the

terms of the software license. This publication and the information herein is furnished AS IS, is subject to change without notice, and should not be construed as a commitment by Tut Systems. Tut Systems assumes no responsibility or liability for any errors or inaccuracies, makes no warranty of any kind (expressed, implied, or statutory) with respect to this publication, and expressly disclaims any and all warranties of merchantability, fitness for particular purposes, and noninfringement of third-party rights. Companies, names, and data used in the examples herein are fictitious unless otherwise noted.

Apache Copyright © 1995-1999 The Apache Group. All rights reserved.

agetty Copyright © 1989 The Regents of the University of California. All rights reserved.

Busybox mkswap Copyright © 1991 Linus Torvalds. tiny-ls(ls) Copyright © 1996 Brian Candler. cmu snmpd Copyright © 1988, 1989 by Carnegie Mellon University. All Rights Reserved.

klogd.h Copyright © 1995 Dr. G.W. Wettstein. (Main header file for Linux kernel log daemon.) inetd Copyright © 1983,1991 The Regents of the University of California. All rights reserved.

lilo Copyright © 1992-1998 Werner Almesberger. All rights reserved. Program code, documentation and auxiliary programs.

Linux Kernel snarf Copyright © Linus Torvalds and others. Linux GNU General Public License Version 2, June 1991 Copyright © 1989, 1991 Free Software Foundation, Inc.

Linux kernel src (/usr/src/linux/drivers/net) Copyright © 1993 United States Government as represented by the Director, National Security Agency.

loadkmap, tarcat, various fixes Copyright © 1998 Enrique Zanardi. more (v2), various fixes Copyright © 1998 Dave Cinege. Remaining code Copyright © 1995, 1996 Bruce Perens (unless otherwise noted).

logd Copyright © 1995 by Wietse Venema. All rights reserved. Individual files may be covered by other copyrights. Microsoft Windows, MS-DOS, Windows NT, and Windows 2000 are registered trademarks of Microsoft Corporation.

pax Copyright © 1989 Mark H. Colburn. All rights reserved.

ping Copyright © 1989 The Regents of the University of California. All rights reserved. php Copyright © 1998 The PHP Development Team. All rights reserved.

RADIUS Copyright © 1992 Livingston Enterprises, Inc.

sstrip, version 1.0 Copyright © 1999 by Brian Raiter, under the GNU General Public License. telnetd Copyright © 1983, 1986 Regents of the University of California. All rights reserved. thttpd Copyright © 1995 by Jef Poskanzer. All rights reserved.

SMS2000 is a registered trademark of Tut Systems in the United States and other countries. OCS is a registered trademark of Tut Systems in the United States and other countries.

Tut Systems, Inc. ™ is registered trademarks of Tut Systems in the United States and other countries.

Copyright © 2000-2002 Tut Systems, Inc. All rights reserved.

Tut Systems, Inc.™, IntelliPOP™, SMS2000™, and OCS™are registered tradmarks of Tut Systems in the United States and other countries.

Printed in the United States of America

SMS2000 Firmware Version: 2.3.6 and OCS software version 2.0.0 June 14, 2003

SMS2000 User’s Guide

Text part number: P/N 220-06288-20

TUT Systems, Inc

Page 2 of 104

P/N 220-06288-20

Image 2

Contents TUT Systems SMS2000 User Guide SMS2000 User’s Guide SMSUser’s Guide Contents Configuring Snmp Polling Configuring SmtpConfiguring NTP Connectivity and TestingAuthentication with Radius Authentication Configuring the Command ServerAuthentication AuthorizationGroups Using Rule PrioritiesConfiguring Radius SMS2000 RulesSMS2000 Troubleshooting Procedures Using Both Radius and OCS AuthenticationWeb Proxy Settings SMS2000 Status Attributes and StatisticsList of Figures Radius Attributes in Access-Accept PacketsList of Tables Documentation available for this Release PrefaceAudience Related DocumentationSubscriber Management Features IntroductionIntroduction Subscriber Management Components Subscriber Management ComponentsSMS2000 OCSIntroduction Getting Started User InterfaceIfconfig portnumber ipaddress /masklen Accessing Help for CommandsFor example restore config web original-confi g Style ConventionsCursor Movement Cursor Motion KeystrokesEstablishing a Connection with the SMS2000 Initial ConfigurationClick Configure Establishing a Connection Via a Serial InterfaceEstablishing a Connection Via Telnet Initial Configuration Setting the Quick Configuration Initial ConfigurationChanging Your Password Saving the Configuration Setting the HostnameDisabling Authentication Reboot Rebooting the SystemVerifying the Configuration Setting the Default Configuration E-mail System AdministrationConfiguration E-Mail Settings Set config-mailrecipient@SMTPserver SMTPserverDeleting the Configuration E-mail Configuration and System File ToolsMailing the Current Configuration Committing Configuration ChangesCommit auto Automatically Committing Configuration ChangesDisabling Automatic Configuration Changes Commit noautoRestoring a Previous Configuration Saving a ConfigurationLoading a Configuration File Setting the Smtp Server Configuring SmtpRestoring the Default Configuration Deleting the Smtp ServerSetting the Timezone Configuring NTPSetting the Smtp ID Set smtpid on offSetting the Time Configuring Snmp PollingConfiguring the NTP server Enabling Snmp PollingSnmp-pollmacaddress Testing to See if Snmp Polling will WorkDisabling Snmp Polling Setting Specialized System Options Connectivity and TestingTesting Connectivity System ToolsLeftrighthelp ? Setting and Deleting Static PortsDefining Ports Port-definition mixed tut vlanEvent Tracking Disconnecting a Session on a PortSetting the Syslog Server Displaying Log MessagesExiting the Management Session System Administration ToolsDisplaying Version Information Passwd Changing a PasswordDisplaying Control Keys KeysSnmp System Contact Snmp ManagementSnmp Agent Snmp System LocationSnmp Community Snmp Trap RecipientSMS2000% snmp delete trap-recipient Troubleshooting ToolsSystem Information Tools Show snmp trap-recipientSetting the ARP Failure Limit Subscriber Connectivity CommandsUpgrades Setting the ARP Polling PeriodUpgrading from Tut Systems’ Website Archiving SMS2000 Firmware and distributing it from a ServerLoading Another Image Verifying a Successful UpgradeReturning to an Older Firmware Version System Administration Authentication AuthenticationDeleting the Command Server Configuring the Command ServerSetting the Command Server for OCS Interaction Adding the OCS as the Authentication ServerAuth add web url secret secret cmd-serv Deleting an Authentication ServerTesting Authentication Auth onAuth off forcedweb authokurl blockall Setting the Authentication IntervalBypassing Authentication Auth interval minutes offAllow-Nets Setting the Http Request ThrottleHttp Request Throttle Deleting the Http Request ThrottleSetting an Allow-Net Set allow-netipaddress netmask dns-nameDeleting an Allow-Net Setting the Automatic Redirection URLAutomatic Redirection URLs Set authok urlAdding a Radius Server Authentication with RadiusDeleting the authok Delete authokCommand Syntax DescriptionUsage Guidelines Example DefaultDefault retrans-primary-only is Set nas-port-type Set NAS port type parameterSet nas-port-type integer Show status radius Testing Authentication on the Radius ServerConfiguring a Radius SSL Back Channel Show status radius ExampleAuthorization AuthorizationAuthorization Server FunctionalitySending Accounting Messages to a Syslog Server AccountingAccounting Sending Accounting Messages to a Radius Server Radius Accounting ConfigurationConfiguring Accounting Parameters Deleting a Radius Accounting ServerProvisioning ProvisioningBilling BillingAdding a Group Service Creation Using Groups and RulesGroups Group add groupname noinherit inherit groupnameSetting Maximum Users Per Port Setting the Active Group ContextSubscribers that Cannot Support Authentication Deleting a GroupDeleting a Rule SMS2000 RulesAdding a Rule Set rule rulename groupname priority rulestringMAC Address Rule Expression ComponentsIP Address Ip=ipaddress ,netmaskTut=ipaddress-linenum*-portnum Not OperatorVlan=vlanida-vlanidb Parenthesis OperatorOr Operator Expression and expressionUsing Rule Priorities Plug and Play With NAT IP AddressingIP Addressing Static Routable Addresses Dhcp PoolsStatic Non-Routable Addresses IP MulticastingUnderstanding 1to1 and 1to1 Unique IP Types Configuring IP TypesIptype default NAT static Dhcp 1to1 1to1Unique Source-Nets Setting a Source-NetDeleting a Configured Source-Net Set source-netstartaddress endaddress subnet-maskRemoving a Dhcp Assignment Setting the DNS Server AddressCreating Dhcp Pools Dhcp-server release macaddressAdding Routes Static RoutesDeleting the DNS Server Address Set dns add ipaddressSet lpr hostname off queuename maxpages maxbytes Setting up the LPR HostPrinting Obtaining the Radius Server Software Using SMS2000 with a Radius ServerConfiguring Radius Adding Users to the Radius Server Configuring Service ParametersAdding the SMS2000 as a Client on the Radius Server Using Real IP Addresses Radius PortsRadius Attributes Sent in Accounting Messages SMS2000 Status Attributes and StatisticsSMS2000 NAS File Radius Attributes Received in Access- Accept Packets Using Both Radius and OCS AuthenticationRadius Attributes Sent In Access Request Packets Shape xbps/rbps Setting Traffic ShapingDeleting Traffic Shaping Shape xbps/rbps deleteSetting the PMS Server SMS2000 and Property Management Systems PMSProtocol Modes TTY ACK-NAK ENQ-ACK-NAKENQ-ACK-NAK Mode Files For Groups Customizing SMS2000 Web Authentication with RadiusLoading and Deleting Customized Web Pages Loading Web Pages or FilesImage Links Load web url defaultsPath Components Deleting Web Pages or Files Customizing Web PagesUpgrading Preserving the Web FormSize For Web Pages and External Links Web Page RedirectionReference Active Page ComponentsViewing Customizations Setting the Wpad Curl Configuring Web Proxy SettingsWeb Proxy Settings Setting the Wpad TimeoutWeb Proxy Server Show proxy-ports Set proxy-ports portDelete proxy-ports port SMS2000 Troubleshooting SMS2000 Troubleshooting ProceduresBrowser Snmp PollingMultiple frames opened Unable to do credit cardVerify OCS screens off LineAppendix a Radius Access-Accept Dictionary File Radius Attributes in Access-Accept PacketsAppendix Appendix TUT Systems, Inc 100 Internet Telephone Appendix B Technical Assistance and Customer SupportTechnical Support Equipment Return and RepairLimitations of Warranty Appendix C SMS2000 Limited WarrantyHardware Limited Warranty Exclusive RemediesAssistance Electrical Safety AdvisoryTut Systems, Inc., Customer Service Department FCC Radio Frequency Interference StatementTUT Systems, Inc 104