HP VCX Software manual Tools Any

Page 226

Chapter 12. Tools

 

A any

Packets to or from the IP address in field A matches. Field B is

 

ignored.

A to B

Packets from A to B matches.

B to A

Packets from B to A matches.

Between A&B

Packets from A to B, or from B to A, matches.

not this combination

Packets that do not match the given combination of A and B are

 

shown in the log.

If you, for example, want to study all packets to or from 10.3.27.18, except those to the file server 10.3.27.2, you should fill in the form like this:

Protocol/Port Selection

You can limit the selection by specifying certain protocols.

All IP protocols

No restriction regarding protocols.

TCP/UDP

When selecting TCP or UDP, you can choose all packets or packets to certain ports only.

In these fields, you can enter a single port number (32), a range of port numbers (1-1023), a list of port numbers and ranges separated by commas (53, 1024-65535) or nothing at all. If the field is empty, any port will match. See appendix G, Lists of ports, ICMP and protocols, for more information on port numbers.

If you want to study all traffic except the one to or from a specific port or group of ports, enter the port number(s) here and mark the "not this port" box.

The selection can be modified by the control boxes under the fields A and B:

A src

Packets from the port number in field A matches. Field B is

 

ignored.

A dst

Packets to the port number in field A matches. Field B is ignored.

A any

Packets to or from the port number in field A matches. Field B is

 

ignored.

A to B

Packets from A to B matches.

B to A

Packets from B to A matches.

Between A&B

Packets from A to B, or from B to A, matches.

218

Page 225 Page 227
Image 226
Page 225 Page 227
Contents 3Com Telecommuting Module VersionPage United States Government Legend Page Table of Contents Page Part I. Introduction to 3Com VCX IP Telecommuting Module Page Introduction to 3Com VCX IP Telecommuting Module What is a Telecommuting Module?Configuration alternatives DMZ Configuration DMZ/LAN ConfigurationQuick guide to 3Com VCX IP Telecommuting Module installation Standalone ConfigurationIntroduction to 3Com VCX IP Telecommuting Module About settings in 3Com VCX IP Telecommuting Module Introduction to 3Com VCX IP Telecommuting Module Installation with magic ping Installing 3Com VCX IP Telecommuting ModuleInstallation Installation with a serial cablePage Page Page Page Installation with a diskette Page Page Turning off a Telecommuting Module Remember to lock up the Telecommuting ModuleInstalling 3Com VCX IP Telecommuting Module Logging on Configuring 3Com VCX IP Telecommuting ModuleLog on again Log out NavigationSite Map Basic Configuration AdministrationSIP Services Network ConfigurationFailover Quality of ServiceOverview of configuration Virtual Private NetworksPreliminary and permanent configuration Page IP address Mask/BitsName queries in 3Com VCX IP Telecommuting Module No. of computers Mask BitsPage Configuring 3Com VCX IP Telecommuting Module Part II. How To Page DMZ Telecommuting Module, SIP server on the WAN How To Configure SIPNetworks and Computers Surroundings Basic Settings InteroperabilityFiltering RoutingDMZ Telecommuting Module, SIP server on the LAN Save/Load ConfigurationNetworks and Computers Basic Settings Routing Standalone Telecommuting Module, SIP server on the WAN Basic Settings Filtering Client Settings Standalone Telecommuting Module, SIP server on the LANBasic Settings Interoperability DMZ/LAN Telecommuting Module, SIP server on the WAN Basic Settings Filtering DMZ/LAN Telecommuting Module, SIP server on the LAN Interoperability Filtering LAN Telecommuting Module Surroundings Filtering Remote SIP Connectivity Firewall How To Configure SIP How To Configure Advanced SIP Outgoing CallsShow One Number When Calling Show Different Numbers When Calling Incoming Calls Page Authentication by Accounts a.k.a SIP Trunk via SIP accounts Page Page Page Incoming Calls Page Multiple Operators Least Cost Routing Page Multiple PBXs How To Configure Advanced SIP How To Configure Advanced SIP Page Page Page Page General Basic ConfigurationBasic Configuration Name of this Telecommuting ModuleDNS Servers Default domain IP PolicyPolicy For Ping To Your 3Com VCX IP Telecommuting Module Save Access ControlCancel Look up all IP addresses againConfiguration Allowed Via Interface User Authentication For Web Interface AccessConfiguration Transport Configuration via Http Configuration via HttpsConfiguration via SSH Configuration ComputersDNS Name Or Network Address Range Network addressNetmask/Bits Via IPsec PeerRadius Port Radius ServersRadius server SecretContact IP Address IdentifierStatus for Radius Servers Received replies ScoreSent requests Consecutive sendsConfiguration of a Radius server ValueContact person Snmp v1 and v2cTelecommuting Module IP address to respond to Snmp requests Node locationSnmp Access via SNMPv1 and SNMPv2cAccess via SNMPv3 CommunitySnmp Traps PasswordAuthentication UserTrap receiver Resource MonitoringTrap sending function VersionSIP User Registrations Trap Levels Download the 3Com MIBSIP Sessions Trap Levels CPU Load Trap LevelsDynDNS General Configuration Dynamic DNS updateDynDNS service Use DynDNSWildcard hostnames Offline URL redirection IP address for updatesUser, Smtp Server UsernameSmtp server DNS Names to Update at DynDNSSmtp server is backup DNS NameName CertificatesPrivate Certificates CertificateCreate certificate or certificate request CA Certificates Advanced TimeoutsCA Certificate Timeout for established TCP connections Timeout for one-way UDP connectionsTimeout for two-way UDP connections Timeout for Icmp connectionsDMZ/LAN Configuration Current Telecommuting Module Type Telecommuting Module Type configurationChange Telecommuting Module Type to Change type Save/Load Configuration AdministrationDuration of limited test mode Test Preliminary ConfigurationShow Message About Unapplied Changes BackupApply configuration Save/Load CLI Command File Abort All Edits Show ConfigurationRevert to Old Configurations Reload Factory ConfigurationPassword For the ’admin’ Account User AdministrationOld password Other Accounts New password, Confirm passwordChange administration password Account TypeCurrently Logged In Administrators Log Out UpgradeUpgrade StepAbort upgrade Try the upgradeAccept upgrade Table LookEdit Column Date and Time Change Time ZoneTime Change Date and Time ManuallyDate Set date and time manuallyChange Date and Time With NTP NTP Servers To Use If NTP Is EnabledSynchronize time with NTP Restart the SIP Module Reboot Your 3Com VCX IP Telecommuting ModuleRestart Automatic Restart of the SIP ModuleAdministration Administration 118 Network Configuration Networks and ComputersSubgroup NameLower Limit Delete Row Upper LimitInterface/VLAN CreatePriority Default GatewayMain Default Gateways InterfacePolicy For Packets From Unused Gateways Gateway Reference HostsPhysical device Interface Network Interface 1Interface name Directly Connected Networks Obtain IP Address DynamicallyVlan Id AliasBroadcast address Vlan NameStatic Routing Routed network RouterVlan Named VLANsInterface Status Interface StatusDhcp Client Status PPPoE Client StatusPPPoE AuthenticationKeep Alive LCP echo-request interval SurroundingsLog class for PPPoE negotiations Network Data InterfacesAdditional Negotiators Select a data interface here Network Configuration 136 Search the Log LoggingDisplay Log Display logSupport Report Packet SelectionProtocol/Port Selection Packet Type SelectionIP Address Selection All IP protocolsIcmp SIP Methods SIP Packet SelectionCall-ID IP addressesTime Limits Export the Log Show ThisShow newest at top Log Clear formDisplay Load RSTDirection Packet LoadTime Period UnitValue Diagram Heading DiagramDiagram Size View diagramLog class for spoofed packets Inbound TrafficLog class for non-SIP packets Log class for broadcast packetsLog class for Snmp errors Log class for email errorsLog class for Radius errors Log class for Dhcp requestsLog class for IPsec key negotiation debug messages VPN EventsLog class for IPsec key negotiations Log class for ESP packetsSIP Events Other Email Address Log ClassesLocal Log Log Sending SyslogStatus for Outbound Email Smtp ServerSyslog Servers Reverts the fields to the previous configuration 157 Logging 158 Basic Settings SIP ServicesAdministration of SIP SIP ModuleTransport Additional SIP Signaling PortsProvisioning Relay CommentPublic IP address for NATed Telecommuting Module SIP Media Port RangeSIP Servers To Monitor SIP Logging ServerLog class for SIP signaling Loose Routing InteroperabilityRelaxed Refer-To SIP Server Remove Via HeadersTranslation Exceptions Except this from translationForce Translation Expires HeaderAlways Translate This URI Encoding Loose Username Check Signaling Order of Re-INVITEsUser Matching Force Record-Route for Outbound Requests Accept RTP/AVP With sdescriptionsTransmit RTP/AVP With sdescriptions Force Record-Route for All RequestsForce Remote TLS Connection Reuse Accept TCP Marked As TLSAllow Large UDP Packets Remove Headers in 180 ResponsesUse Cancel Body In ACK Forward Cancel BodyPreserve RFC 2543 Hold Open Port 6891 For File Transfer Allow RFC 2069 AuthenticationConvert Escaped Whitespaces in URIs Strip ICE Attributes Keep User-Agent Header When Acting as B2BUAPorts and the maddr Attribute Sessions and Media Session timerTimeout for SIP over TCP/TLS Session ConfigurationAllowed number of concurrent sessions Media ConfigurationLimitation of sender of media streams Limitation of RTP Codecs Name CodecsType This Codec Is AllowedLocal Ringback Played at Call Transfer Local RingbackMusic on Hold Redirection Ring Tone for Local RingbackRequests Default timeout for Invite requestsMaximum timeout for Invite requests SIP blacklist intervalMaximum number of retransmissions for Invite requests Base retransmission timeout for SIP requestsRemote SIP Connectivity Maximum number of retransmissions for non-INVITE requestsStun server IP addresses Stun ServerStun server Stun portsRemote NAT traversal Remote Clients Signaling ForwardingRemote NAT Traversal IP Address for Remote ClientsForward Signaling from IP Address NAT timeout for UDPNAT timeout for TCP NAT keepalive methodSIP Traffic SIP MethodsAllow MethodTraffic To AuthFrom Network FilteringSender IP Filter Rules ActionContent Type Content TypesDefault Policy For SIP Requests AllowHeader Filter Rules Local Registrar Default Header Filter PolicyLocal SIP Domains Local SIP User Database DomainAuthentication Name Authentication and AccountingRegister From Authentication settings SIP User DatabaseTrusted Domains Asserted-IdentityUse P-Asserted-Identity NetworkUse Dial Plan Dial PlanRadius Accounting Emergency NumberMatching From Header Reg ExprHead Matching Request-URIPrefix TailForward To Min. TailReplacement URI SubnoDial Plan Add Prefix Request-URIForward To Enum RootMethod Methods in Dial PlanRegister in Dial Plan Routing Enum RootDNS Override For SIP Requests Relay To WeightSIP Routing Order PortClass 3xx Message Processing Routing FunctionAlso Forward To Static RegistrationsRequests To User UserFor clients not supporting Refer Local Refer HandlingAlways handle Refer locally Sip/sipsFor dialogs with specified User-Agent header For clients not supporting replacesFor dialogs with specified From URI From URIs For Which Refer is Handled LocallyAlias User RoutingRestrict Incoming Callers Send To Voice Mail ForwardAction Voice Mail Server Request-URI Domain Outbound ProxyFrom Domain Domain or IP AddressTel URIs Gateway Active Sessions Registrar and Session Status Monitored SIP Servers Monitored SIP server status Registered UsersMonitored SIP server Registered fromNetwork Interface Selection ToolsPacket Capture IP Address SelectionTools Any Icmp Check Network Check NetworkCollect data Test ResultsPage Tools 222 SIP over UDP Firewall and Client ConfigurationDMZ type SIP over TCP/TLSDMZ/LAN type SIP clientsStandalone type SIP clients Part IV Com VCX IP Telecommuting Module Serial Console Page Connecting to the serial console Basic AdministrationMain Menu Exit admin Set passwordCommand line interface Wipe email logsPhysical device name Deactivate other interfacesConfigure from a single computer Configure from multiple computersPassword Wipe email logs Set password Exit adminBasic Administration 236 Command Reference Command Line ReferenceHelp and Troubleshooting Modifying Tables Modify-row List-tablesLoad-factory Revert-editsTable Definitions Config.allowviainterface Config.allowconfigConfig.authlogclass Config.httpsservers Config.authenticationConfig.httpservers Config.mgmtlogclassFentalwaysfentexceptions Failover.ifacerefhostsFent.alwaysfent FentalwaysfentinterfacesFent.fentkeepalive Fent.mapsignaladdressField Name Field Type Explanation Enabled OnOffToggle Fent.mediareleasefirewall.broadcastlogclass firewall.defaultpolicyfirewall.blindroutepolicy firewall.dhcplogclassfirewall.ownlogclass firewall.networkgroupsfirewall.pingpolicy firewall.spoofinglogclass firewall.servicesfirewall.policylogclass firewall.timeclassesIdsips.active Idsips.predefinedipsrulesIpsec.espproposals Idsips.ratelimitedipsIpsec.cryptodef Ipsec.espahlogclassIpsec.ipsecnets Ipsec.ikelogclassIpsec.ikeproposals Ipsec.nattkeepaliveIpsec.radiusauthserver Ipsec.plutologclassIpsec.plutoverboselogclass Field Name Field TypeIpsec.userauthlogclass Ipsec.tunnelednetsIpsec.x509cacerts Misc.dnsservers Misc.conntracktimeoutsIpsec.x509cert Misc.dyndnsMisc.ntpservers Misc.dyndnsnameMisc.fversion Field Name Field Type Explanation DomainNameMisc.usentp Monitor.cpuloadlevelalarmMisc.unitname Monitor.emailalertlogclassMonitor.hardwarelogclass Monitor.memorylevelalarmMonitor.radiuserrorslogclass Monitor.logclassesMonitor.snmpagentaddress Monitor.siplevelalarmsMonitor.snmpagentlogclass Monitor.snmpnodelocation Monitor.snmpcontactpersonMonitor.snmpmanagementstations Monitor.snmppacketlogclassMonitor.snmptrapsending Monitor.snmpv1v2caccessMonitor.snmpv3access Monitor.snmpv1v2cauthMonitor.watchdogs Network.extradefaultgatewaysMonitor.syslogservers Network.aliasaddressesNetwork.localnets Network.interfacesNetwork.pppoe Network.vlans Network.routetestserversNetwork.routes Field Name Field Type Explanation Server DnsIpAddressPptp.grelogclass Password.adminusersPptp.pptpenable Pptp.pptplogclassPptp.pptpneglogclass Pptp.pptpserveripPptp.pptpusers Field Name Field Type Explanation PPTPOwnIpReferenceQos.bandwidths Qos.classesQos.ingressdefaultqueueing Qos.egressdefaultqueueingQos.egressqueueing Qos.status Qos.ingressqueueingQos.sipcac Qos.taggingSip.addexpireheader Sip.acceleratedtlsSip.active Sip.allowedcodecsSip.b2buaofferfromtemplate Sip.defaultgatewaySip.authmethods Sip.codecfilteringSip.externalrelay Sip.emergencySip.externradiusdb Field Name Field Type Explanation DnsIpAddressSip.forcemodify Sip.forwardcancelbodySip.fixfiletransferport Sip.forwardtoheaderSip.ignoreuriportwhenmaddr Sip.headerfilterdefaultSip.headerfilterrules Field Name Field Type Explanation Action SipfilteractionselSip.listen Sip.largeudpSip.lcscompanion Sip.localdomainsSip.lrtrue Sip.looserefertoSip.looseusernamecheck Sip.mediaencryptionpolicySip.mediaports Sip.mediaencryptionsettingsSip.mediaencryptionsuite Field Name Field Type Explanation Portslower PortNumberSip.message Sip.mediatimeoutsSip.mediarestriction Sip.mfullSip.monitorserver Sip.optiontimeoutSip.mimetypes Sip.musiconholdSip.percent20towhitespace Field Name Field Type Explanation Timeout OptionTimeoutSip.outboundproxy Sip.preserve2543holdSip.registrarlimits Sip.radiusacctSip.recurseon3xxinb2bua Sip.relayrulesSip.rewritetoforregisterindp Sip.removeviaSip.replyconfig Sip.ringbackSip.rroutealways Sip.routeusesportSip.routingorder Sip.rrouteoutboundSip.sessionlimits Sip.signaladdressfordestinationSip.siperrorslogclass Sip.sipaliasSip.sipmedialogclass Sip.sipsignalinglogclassSip.siplicenselogclass Sip.sipmessagelogclassSip.stripiceattributes Sip.tcptimeoutSip.sttype Sip.surroundingsSip.tlsclientcfg Sip.tlssettingsSip.tlscacerts Sip.tlsservercfgSip.uriencoding Sip.transactionconfigSip.trusteddomain Field Name Field Type Explanation UriencodingselSipswitch.b2buatransferenable Sip.usecancelbodyinackSipswitch.accounts Sip.uaregisterSipswitch.dialplanenable Sipswitch.b2buatransferfromuserSipswitch.dialplan Field Name Field Type Explanation User AliasAliasSipswitch.forwardto Sipswitch.dialplanmethodsSipswitch.enumroot Field Name Field Type Explanation Enabled FallbackselSipswitch.requestto Sipswitch.incomingunauthSipswitch.requestfrom Field Name Field Type Explanation Url SipWildcardUrlSipswitch.userrouting Sipswitch.usersUserdb.radiusservers Sipswitch.voicemailUserdb.radiuslocalendpoint Voipsm.voipsmField Types AdminPasswordAdminTypeSel Voipsm.voipsmdomainsAliasIpReference AliasUser AdminUserAliasAlias AuthDataCryptoDefReference DepUsableVlanInterface DnsDynIpAddress CaReferenceCertReference DnsDynIpNetworkInterface DnsDynIpOtherHostEnumReference DyndnsPasswordDyndnsServiceSel EspCryptoReference FirewallLogclassReferenceIpsRuleName InterfaceSelInviteRetransmitCount IpsecAuthSelMaxMessageSizeInteger IsakmpSALifeLogclassReference MaxRegOnOffToggle NonemptyStringOnOffButton OnOffToggleOnOptDSCPInteger OptDnsAutoRuntimeReachableHost OptDnsIpAddressOptComment OptDepOwnIpReferenceOptIpsecNetReference OptForwardToReferenceOptIcmpRangeList OptIpsecPeerReferenceOptPercent OptPasswordOptServicesReference OptPercentFloatOptString OptionTimeoutOptSipUserDomain OptTimeclassReferencePPTPOwnIpReference PptpPasswordRegTimeout PercentSipUserPassword SessionTimeoutSipUserDomainDefaultAll SIPRadiusSelSipWildcardUrl SnmpPasswordTimerAFloat SubGroupAccounttypesel AccountvoicemailselBlindsel AddexpireheaderselAutonegsel BypasstransportselFallbacksel ConfigauthselDpactionsel FentkeepaliveselHitsnumber FunctionselFwtypesel MediaencryptionsuiteselPqueuesel PingpolicyselPolicysel QostypeselRestfuncsel Rfc2782weightRegexpwithAt Rfc2782prioritySipfunctionsel SipauthdirselSipfilteractionsel SipselSnmpv3privacysel SnmptrapversionselSnmpv3authsel SttypeselTlsclientmethods SysloglevelselTlsservermethods Uriencodingsel TlsconfselTrusteddomaintransportsel VoipsmmethodselAdd and change firewall rules CLI command examplesWindownumber Apply a configuration Part V. Appendices Page Appendix A. More About SIP Why use SIP?SIP Protocol SIP and Firewalls Managing Your Own SIP DomainConfiguring the 3Com VCX IP Telecommuting Module Page Configuring the DNS Server Configuring the PBXConfiguring the SIP Clients SIP in 3Com VCX IP Telecommuting Module SIP SessionsEstablishing a SIP session SIP Packet Headers ContactRecord-Route Content-TypeVia RouteAppendix A. More About SIP 328 No traffic shown in the log Appendix B. TroubleshootingNetwork troubleshooting Traffic discarded as spoofedSIP users can’t register through the Telecommuting Module SIP troubleshootingSIP users can’t register on the Telecommuting Module SIP Trunking calls via SIP operatorAdministration troubleshooting Call is established, but there is no voiceSIP send failure -1 on socket -1 event number SIP errorsLog Messages Destination IP addressport is known bad. SkippingStarting SIP UDP server at port IPsec key negotiationsStarting SIP TCP server at port Stopped SIP TCP serverConfiguration server logins List of the most important reserved ports Name Port/protocol DescriptionWWW Cmip Krcmd Kerberos encrypted remote shell -kfall List of Icmp types Type NameType Name Reference Icmp codesIcmp type Name Code Description Unreachable for Type Internet protocols and their numbers Protocol number KeywordIP intervals Set bits Mask IP address class Reserved IP addresses Class IP in- tervalsPage Appendix D. Definitions of terms ARPDMZ 349 Https NAT Nntp 353 PPP SIP Uucp 357 Appendix D. Definitions of terms 358 BSD derived licenses Appendix E. License ConditionsSoftware developed by Peter Åstrand TermsSoftware developed by Carnegie Mellon University Software developed by Gregory M Christy Software developed by Cisco SystemsSoftware developed by Digital Equipment Corporation Dhcp license Software developed by Jason DownsSoftware developed by Brian Gladman Version 2, June Software developed by Google, IncGNU General Public License GPL PreambleGNU General Public License 367 368 No Warranty IBM Public License Software developed by Ingate Systems Software developed in the GIE Dyade cooperationSoftware developed by Tommi Komulainen GNU Library General Public License Lgpl v USA374 GNU Library General Public License 376 377 Page 379 380 GNU Lesser General Public License Lgpl v Version 2.1, February382 GNU Lesser General Public License 384 385 386 Page Glibc Tzdata 2006a 388 Software in the GNU C distribution Appendix E. License Conditions Appendix E. License Conditions 392 More software in the GNU C distribution 394 License exceptions for gcc/libgcc2.c License License exceptions for libstdc++License for lilo DisclaimerSoftware developed by Paul Mackerras Software developed by Pedro Roque Marques Software developed at M I TLicense for Net-SNMP Part 1 CMU/UCD copyright notice BSD likePart 4 Sun Microsystems, Inc. copyright notice BSD Part 5 Sparta, Inc copyright notice BSD Part 6 Cisco/BUPTNIC copyright notice BSD License for NTP License for OpenSSH404 Appendix E. License Conditions 406 407 Snprintf replacement Copyright Patrick Powell 409 License for OpenSSL License for OpenSWAN Python license Release Derived Year Owner GPL- compatible? FromTerms and Conditions for Accessing or Otherwise Using Python Beopen Python Open Source License Agreement Version Cnri License Agreement for Python License for Python Imaging Library CWI License Agreement for Python 0.9.0 ThroughLicense for Rdisc Software developed by RSA Data Security, Inc More software developed by RSA Data Security, IncLicense for SSL License for stunnel Software developed by Sun Microsystems, IncMore software developed by Sun Microsystems, Inc License for Sun RPCLicense for termcap Software developed by Trusted Information Systems, IncSoftware developed by Andrew Tridgell Software developed by Paul VixieSoftware developed by Rayan S Zachariassen Vovida Software License vVovida Software License, Version License for zlib Software developed at University of CaliforniaOpenswan-kernel 427 Appendix E. License Conditions Appendix E. License Conditions Readlink Appendix E. License Conditions 430 Purchase Extended Warranty Professional Services Register Your Product to Gain Service BenefitsSolve Problems Online Appendix F. Obtaining Support for Your 3Com ProductsTelephone Technical Support and Repair Access Software DownloadsContact Us Asia, Pacific Rim Telephone Technical Support and RepairLatin America Telephone Technical Support and Repair Country Telephone NumberUS and Canada Telephone Technical Support and Repair For administration IndexConfiguration logins From the Telecommuting Module MIBs
Related manuals
Manual 70 pages 30.95 Kb
Top Page Image Contents