Manuals / 3Com / Computer Equipment / Network Card

3Com 7600 manual Security

Models: 7600

1 210

Download 210 pages 23.06 Kb

Page 183

7600 Card Management 14-7

Security

SNMP security is provided through community strings. A community string is included in each SNMP protocol message sent between external management applications and the 7600 Card.

The default community strings are:

Access Unit agent -

Qread : ‘public AU’

Qwrite : ‘private AU’

Proxy to bridge agents -

Qread : ‘public’

Qwrite : ‘private’

The SNMP agent authorizes requests from the SNMP manager by comparing the community name in the received packet with the community string in the 7600 Card.

Local management security is provided through passwords. Three user access levels exist: read, write, admin.

Virtual Terminal A virtual terminal protocol is a software program, such as Rlogin or Protocols Telnet, that allows establishment of a management session from a PC or

a workstation. Since rlogin and Telnet run over TCP/IP, at least one IP address must be configured on the 7600 Card to access it with a virtual terminal protocol.

Terminal emulation differs from a virtual terminal protocol in that it connects a terminal directly to the serial line (out-of-band).

Figure 14-5 shows a 7600 Card being accessed by a workstation through a virtual terminal protocol and through a terminal.

Image 183

3Com 7600 manual Security

Contents

User Guide United States Government Legends Contents Parameter Entry Quick Key Functions Menu Index Power-UpNormal operation Fast Ethernet Status Indicators Rapid ConfigurationDisplay Bridge STP Attributes Remove a Static Address from FDB Display STP Enable StatusFast Ethernet Port Attributes and Statistics Display Broadcast Throttling AttributesManaging ATM Resources Display Current LEC ConfigurationDisplay Software Version 10-2 Display Snmp ConfigurationUpdate NMS IP Address Enable/Disable Event Messages 10-1412-7 12 ATM, LAN EMULATION, and Virtual Lans13-5 12-14Bridge Frame Forwarding Logic 12-15Fast Ethernet Card Specifications Physical C-1 Glossary About this Guide GuideIf you are looking for information about Turn to 7600 Card Documentation and Related Manuals ConventionsTables 1 and 2 list conventions used throughout this guide ConventionsIf you want to Read 7600 Card Documentation Road MapCard Overview of the 7600 CardAbout CardFront Panel of the 7600 Card with full configuration Capabilities 3Physical module with SC connector for fiber ports4CHAPTER 1 Overview of the 7600 Card Typical Applications of the 7600 Card 5Fast Ethernet backbone Server farm Starting UP Safety Precautions Installation and POWER-UPMesures de sécurité Vorsichtsmaßnahm en Installing RemovingCard Modules Connecting to Connection to a workstation or other DTE, using a normalNetwork Devices Connecting to a Local ManagementTerminal How they are indicated on the LED display System Power green Fail red Active orangeCard System StatesMode Meaning and User Action Power-UpPower-up phase and initiates the Power-On Self-Test When the 7600 Card is powered-up, it automatically beginsLED Color Meaning 4Fast Ethernet Port LEDsFast Setup ConfigurationRapid CELLplex SetupSetup Modes Full Setup ModeSwitch Setup Mode Setup Mode SelectionSetting Special Parameters Sections 1Integrated Fast Setup Procedure Sections2Setup Procedure Navigation Aids Setup Section DescriptionCELLplex 7000. The CELLplex Main Menu appears as follows Integrated Fast Setup is initiated from the LMA Main MenuSelect the menu item 9 FST Fast Setup OperationNetwork Prefix Section Example Dialog The following dialog appears on the screenLE Parameters Section Lecs Address SectionUNI/NNI Parameters Section Virtual Network Configuration Section LE Client Configuration SectionConfirmation Dialog Section Admin VN Management Configuration SectionContex Setup to perform a rapid configuration of the 7600 CardMulti-context Fast Port ContextType To go to 4Setup Procedure Navigation AidsAdmin Main Menu appears as in the following example Management Configuration Section Elan Configuration SectionNew configuration is displayed for this context System Mode Configuration SectionCard Management Tasks Local Management Basics ManagementMenu Hierarchy Main menu Keying in this submenu’s 4 option gives you the prompt ExampleFinally, entering 1 finalizes the prompt as Entry of the stp submenu’s 3 option produces the prompt3Editing Aids 2Menu Navigation FunctionsMenu Index Menu hierarchySystem Management Menu ATM Menu Bridge MenuLAN Emulation Menu Network Management Menu Virtual LAN MenuBridge Configuring Virtual LansConfiguring Bridges Display CurrentEnter 6 Following is displayed 2Bridge Configuration ParametersAttach Fast Ethernet Port toInternal ATM port is attached to bridge #0 Attach InternalATM Port to Bridge Fast Ethernet port #3 is attached to bridge #1Managing the Bridge Forwarding Database Management TasksManaging Fast Ethernet Ports Managing Ethernet BridgesManaging the Spanning Tree Protocol Bridge-wide Fast Ethernet PortAttributes StatisticsName Description 3Fast Ethernet Port Characteristics2Ethernet Port Attributes 4Ethernet Port Statistics1Fast Ethernet Port Attributes and Statistics Display Following information for Port #1 is displayedThrottling Disable a FastEthernet Port Display BroadcastEnable/Disable ThresholdBroadcast Throttling 10Task Actions for Fx Port Type 9Task Actions11Task Actions for Tx Port Type Example 1 for Tx port typeFast Ethernet Tx port #1 is set to half duplex Example 2 for Fx port type3Bridge Attributes and Statistics Display 13Bridge Attributes and StatisticsBridge-port UpdateBridge-aging Time4Bridge Attributes and Statistics Display 16Bridge-port Attributes and Statistics17 Task Actions Display All EntriesForwarding Database5Forwarding Database Display 19 Task Actions Display LearnedEntries Learning Station Addresses onDisplay Static Forwarding Database see Static Addresses on21Task Actions 22Static Table Fields Static Addresses Allowed-to Binary Table 23Hexadecimal Codes for Displaying Multiple Bridge PortsBridge Ports Hex Value Bridge Ports Hex Value 7Static Table Display Block a Static AddressStatic Forwarding Database of bridge #0, the MAC address Database see Static Addresses on Remove a StaticAddress from FDB Ports #4Status Display STP EnableDisable STP on About the STP enable status see Disabling the STP on30Bridge STP Attributes 9Bridge STP Attributes Display STP attributes for bridge #0 is displayed as followsParameters Bridge-wide STPUpdate Bridge-forward Delay Bridge-forward-delay for bridge #0 is set to 1500 secsExample Enter 36Bridge-port STP Attributes STP Attributes10Bridge-port STP Attributes Display Attributes of port #1 of bridge #0 are displayed as followsBridge-path-cost for port #1 of bridge #0 is set to Bridge-path-costManage Bridge ATM addresses Update ATM parametersManaging ATM Resources Manage ATM portDisplay ATM Port Attributes Statistics Enter 42ATM Port Attributes and Statistics Following sample ATM statistics report is displayed 4ATM Address FieldsField Description 2ATM Address Display Following is a sample ATM address displayDisplay TM More information about Traffic Management in the 7600 Card5Task Actions Toggles TM operation on and off Enable TMCharacteristic Range Default Meaning TM remote Client Database is displayed as follows9Task Actions Information see Display TM Clients on Add TM ClientSelected version is saved in flash Enable/Disable ATMPort Admin Status Up to enable the ATM port or down to disable the ATM portContext #0 Event ATM port Link Up Manage operational parameters Manage configuration parametersManaging LAN Emulation Clients Display statisticsTransmission over an Elan on Update Unknown Unicast-flood- ModeDisplay LEC Manage data-frame parametersEnter 5 1 4LEC Configuration and Status Information Lecs Information DescriptionLES Information Description BUS Information Description 2LEC Configuration and Status DisplayElan name for the LEC of bridge #0 is entered Update LecsEnter the bridge number and ATM address or ! to invalidate See LAN Emulation Overview onLAN Emulation Overview on Enable LecsAddress via Ilmi LES address for the LEC of bridge #0 is enteredLEC Parameter Description Operational10. For more information see LEC Parameters on 10LEC Operational ParametersControl-timeout parameter in seconds Update LECUpdate the LEC operational parameters control-timeout VCC-timeout-period, aging-time, forward-delay-timeEnter 533 0 Enter 535 0 18Task Actions 19Task Actions 20Task Actions Control-frameRefer to -21. For more information see Emulated LAN Connections onEnter 54 16CHAPTER 8 Managing LAN Emulation Clients Unknown Unicast Frames on Update UnknownUnicast-flood ModeLE flood mode for Bridge #0 is now NotFlood Display Snmp Configuration Update NMS IP Address Setting Network ParametersDisplay Current IP 2IP Configuration InformationDefault Gateway for bridge #0 is updated to Update DefaultIP Address for bridge #0 is updated to Default Gateway for the specified bridgeUpdate Subnet MaskDisplay Snmp Traps Update NMS IPManaging System Functions Manage event messages Resetting systemDisplay Software VersionDownload Status DownloadSoftware from Network Local Erase SoftwareFrom Flash Software fromDisplay Hardware Configuration Set System Current system configuration modeForward Mode After the next resetSet Store-and Display Timeout For descriptions of the timeout parameters9Timeout Parameters Following is a sample timeout parameters report CPI Delays Update HardwareTimeout Delay Software timeout mechanism Update SoftwarePassword UpdatedWrite-access Event Messages Admin-accessEnter 1 System hardware is reset and device is rebootedIII 7600 Card Capabilities Ethernet OverviewFast Ethernet Full or Half Duplex Mode 10/100 Mbps transmission speedAuto-negotiation 10 or 100 Mbps Speed 2Cable Support by Transceiver TypeTransceiver type Cable type Number Pairs fibers Fast Ethernet Ports 11-6CHAPTER 11 Ethernet Lans and Bridges in the 7600 Card Transparent Bridges Can be defined as follows Spanning TreeProtocol Address of a bridge port, called SelfSpanning Tree Protocol Designated Bridge on a LAN Spanning Tree port selection Parameters in -4 are set for individual bridge ports 3Port-independent Bridge Parameters4Port-dependent bridge parameters 11-12CHAPTER 11 Ethernet Lans and Bridges in the 7600 Card ATM Overview Virtual LansATM Basics Virtual Channels Interface Ilmi Interim LocalLAN Emulation BUS Control VCCs Emulated LANConnections LAN EmulationIllustrates the VCCs active among LAN Emulation Components Elan Name 3LEC Configuration and Status InformationBridges Both local and remote destination LANs in the ATM networkBridge acts like a standard transparent bridge 2Bridges in the 7600 Card 12-12CHAPTER 12 ATM, LAN EMULATION, and Virtual Lans Bridges in the 7600 Card Entry obtained by Topology flag Aged by Data Transmission over an Elan Unknown unicast flooding mode5Unknown Unicast Flooding Mode Mode Bridge actionBe set by management Parameter Description Minimum Default MaximumLEC Parameters Flush protocolVirtual LANs 12-18CHAPTER 12 ATM, LAN EMULATION, and Virtual Lans Virtual LANs in the 7600 Card 12-20CHAPTER 12 ATM, LAN EMULATION, and Virtual Lans Each vLAN communicates with its server Workgroups6Logical and Physical View of a Network With vLANs ATM Network Topics are discussedHow Traffic Management is implemented within the 7600 Card 1Example of a source to destination ABR control loop Generate backward RM-cells TrafficManagement Concepts This congestion informationFunctions TrafficFound in the connected device ConfigurationATM technology without having cell loss due to congestion 7600 Card checks connected devices for Traffic Management13-6CHAPTER 13 Traffic Management in the ATM Network 2Traffic Management control steps As shown. The traffic management is performed as followsProtocols Device ManagementOut-of-Band In-BandLocal Management 27600 Card Administration Console Snmp Agents Management Information Bases MIBs Bridge MIB AToM MIB LE Client MIBInterface Evolution MIB Ncdchass MIB private Security 5Local Management Protocol Access Store-and-Forward Mode TuningTerminating them as erred frames Timeout TuningCut-Through Mode Card for extended periods of time. This usually occurs whenConsole Passwords 3Com Bulletin Board ServicesService On-Line TechnicalTable A-2Automated Fax Service Press Enter to see the Ask3Com main menuCountry Fax Number Country Telephone Number Table A-3Telephone SupportCountry Telephone Number Fax Number Table A-6Local Access NumbersTable A-4Network Supplier Support Table A-5Obtaining an RMA NumberTroubleshooting Cleaning Dirty Fiber Optic Cables Related Diagnostic Procedures Interfaces Fast Ethernet Card C SpecificationsFast Ethernet Switching PhysicalEnvironmental IndicatorsStandards Compliance Glossary Equipment DCE Interface NNI Protocol Out-of-bandPoint-to-point call CallInterface UNI Numbers IndexBUS Elan LEC ID NNI STP VCC Index