3Com Router 5000 and Router 6000 Family

Release Notes v2.41 • Page 14

With CRL checking enabled by default, certificate enrollment cannot be performed and an IPsec tunnel cannot be established without the CRL on the router. CRL checking must be disabled for certificate enrollment and the IPsec tunnel if the CRL is not on the router.

If an undefined ACL is used in a configuration, a warning message is not displayed.

In X.509 the CRL URL format determines which protocol is used to retrieve CRL from the CA server. Use one of the following CLI commands depending on specific Server support:

HTTP: crl url http://<CA Server IP>/<CRL DP>

LDAP: crl url ldap://<CA Server IP>/<CRL DP>

SCEP: crl url "scep"

ACL matches for IPSec only count the first packet used to open the tunnel - subsequent packets will be logged in the IPSec SA.

Manual Ipsec only protects the first match in an ACL with multiple rules; Recommendation: make only one rule per ACL to protect all desired traffic.

IPSec transform negotiation is not compatible with Cisco; configure only one transform for any policy interacting with a Cisco router.

IKE Keepalive is not accepted by a Cisco router and tears down the tunnel. Do not use the ike sa keepalive-timer timeout command (default).

Juniper’s IPSec implementation does not interoperate with the 3Com Router 5000 Family with respect to IPSec Fragmentation. If possible, set the MTU to 1438 or lower on devices that will be using the tunnel to avoid having to fragment IPSec packets.

3.10Quality of Service (QoS)

CBR miscalculates the remaining Bandwidth available after multiple PVCs oversubscribe the link. An “undo service” will recover all but 32kbps of the available bandwidth. A router reboot will recover the rest.

QoS CBQ can be configured on a dialer interface but it has no effect. Place the QoS Policy on the physical interface rather than the logical dialer interface.

Once a QOS policy is applied use the CLI command “reset IP Fast Cache” to re-apply the QoS functions properly.

An under provisioned ATM service class results in link failure for that PVC only.

3.11MPLS

If there is no response, from pinging a CE Router from a PE Router within an MPLS/BGP L3 network use the command “ping -vpn -a xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx”, using the source address of the PE interface that is in the VPN of the intended target.

If Loopback0 and LSR ID ip addresses are different, MPLS LDP will not work properly. The Loopback0 and LSR ID ip addresses must be match.

3.12Interoperability Issues between the Router 5000/Router 6000 and 3Com VCX V7000

SIP compatibility mode is required for calls between 3Com Convergence Center Clients to router 5000/6000 analog phones. Execute the “sip-comp server” command from the voice view on the router.

Page 13 Page 15
Page 14
Image 14
3Com 6000, 5000 manual Quality of Service QoS, Mpls
Page 13 Page 15

5000, 6000 specifications

The 3Com 6000 series, launched in the late 1990s, was a significant advancement in networking technology, designed to meet the growing demands of enterprise-level networking. This series provided powerful solutions for businesses seeking reliable, efficient, and scalable networking capabilities.

At its core, the 3Com 6000 series featured a modular design, allowing companies to customize their networks according to specific needs. This flexibility meant that organizations could add or replace components as their networking requirements evolved, ensuring investment protection and a tailored approach to connectivity. The ability to scale was particularly important for businesses that anticipated growth or change in operational demands.

One of the standout features of the 3Com 6000 was its advanced switching capabilities. The series employed high-performance switching technologies that supported various protocols, including Fast Ethernet and Gigabit Ethernet. This versatility made it suitable for diverse environments, from small offices to large corporate settings. The 3Com 6000 switches were engineered to deliver high throughput and low latency, crucial for applications requiring real-time data transfer.

The series also supported a range of network management tools, enhancing operational efficiency. With SNMP (Simple Network Management Protocol) support, network administrators could easily monitor and manage network performance, troubleshoot issues, and configure devices from a centralized location. This capability significantly streamlined network operations, reducing downtime and optimizing resource allocation.

Security was another significant concern addressed by the 3Com 6000. The series incorporated robust security features, including access control lists (ACLs) and VLAN (Virtual Local Area Network) support. These features allowed network administrators to segment traffic and enforce security policies, protecting sensitive data and ensuring compliance with organizational standards.

Moreover, the 3Com 6000 series was designed with energy efficiency in mind, reflecting a growing awareness of the environmental impact of IT infrastructure. By implementing power-saving features, the series helped organizations reduce their overall energy consumption while maintaining optimal network performance.

In summary, the 3Com 6000 series stood out for its modularity, advanced switching capabilities, extensive management tools, strong security features, and energy efficiency. It represented a forward-thinking solution for enterprises aiming to build robust network infrastructures capable of supporting a wide range of applications and services. As organizations increasingly relied on networked systems, the 3Com 6000 played a crucial role in shaping the landscape of enterprise networking.
Top Page Image Contents