Part Number 10043337 AA
Release
OfficeConnect Remote ADSL Router CLI User’s Guide
Santa Clara, California
3Com Corporation
5400 Bayfront Plaza
95052-8145
CLI COMMAND CONVENTIONS AND TERMINOLOGY
Table of Contents
ACCESSING THE CONFIGURATION INTERFACE
CONFIGURATION METHODS
Starting QuickVC Setup
QUICKVC SETUP
MANUAL SETUP
IPX Routing Network Service PPP
Setting Up a Virtual Private Network VPN Tunnel
Providing TFTP Access
Configuring IPX for Remote Site Connections
Setting Date and Time Using Network Time Protocol NTP
Monitoring the DHCP Relay
OFFICECONNECT REMOTE 812 SAMPLE CONFIGURATION
CLI COMMAND DESCRIPTION
disable securityoption snmp useraccess
list processes
list access
list ip addresses
list services B list snmp communities or list snmp trapcommunities B
set system
TELNET
TCP COUNTERS
INPUT COUNTERS
POSITIONAL HELP B Command Completion B
3COM CORPORATION LIMITED WARRANTY FCC CLASS A VERIFICATION STATEMENT
FCC CLASS B STATEMENT FCC DECLARATION OF CONFORMITY
Output Pause
IBM-PC Compatible Computers
ACCESSING THE CONFIGURATION 1 INTERFACE
Establishing Communications with the OfficeConnect Remote
Macintosh Computers
UNIX-Based Computers
telnet ipaddress
add ip network is the command
CLI COMMAND CONVENTIONS AND 2 TERMINOLOGY
Command Structure
Parameters
Completion
Command
Abbreviation and
Help
Conventions Command Language Terminology
Page
QuickVC Setup Instructions
CONFIGURATION METHODS
Quick Setup Instructions
Manual Setup Instructions
3-2 CHAPTER 3 CONFIGURATION METHODS
Restoring the OfficeConnect Remote 812 to an Unconfigured State
QUICK SETUP
CLI Quick Setup Script
ADSL Router Installation Guide
Do you want to continue Quick Setup?
Quick Setup Script
Quick Setup Script Instructions
Password Protection
Quick Setup Identification Information
Quick Setup Management Information
4-4 CHAPTER 4 QUICK SETUP
Quick Setup IP Information
TELNET information
Quick Setup IPX Information
Management Information
Quick Setup Bridge Information
Sample Identification Information
TELNET Management
Sample Output Display as Quick Setup Executes
Page
Starting QuickVC Setup OCR-DSL quickvc
QUICKVC SETUP
CLI QuickVC Setup Script
Network Service PPP
CLI QuickVC Setup Script
IPX Routing Network
Service PPP
Service RFC
Bridging
Sample Output Display
Sample Identification
Information
as Quick Setup Executes
Page
MANUAL SETUP
Configuration Overview
Management
Remember to save your configuration using the save all command before
Remote Site
memory
set vc vc name networkservice ppp
Configuring Network Service Information
Currently, the SVC capability is disabled in the OCR
set vc vc name networkservice pppoe
set vc vc name networkservice pppoa
set vc vc name dynamicipaddressing dhcpclient
set vc vc name atm categoryofservice constant pcr cell rate
Setting Up a Virtual
set vc vc name atm categoryofservice unspecifed pcr cell rate
when transmitting data to the remote site
On the 812 ADSL Router “Client” Side
VPN Tunneling Overview Before You Begin Initiating a VPN Tunnel
On the Remote Private Network “Server” Side
Enabling and Disabling a
disable tunnel command
VPN Tunnel
list tunnel Use this command to list the name and status of tunnels
Values
Authentication and Encryption
To learn how to set up encryption using the CLI, see Configuring
MICROSOFT56BIT NONE REQUIRED
Configuring Windows 2000 Server to Support CHAP Authentication
Encryption
Router to Support Encryption for L2TP Tunnels
Value Name ProhibitIpSec
Configuring a Cisco Router to Support Encryption for L2TP Tunnels
aaa authentication login cisco local
terminate-from hostname OfficeConnect local name c7200
peer default ip address pool L2TP
vpdn-group 1 accept-dialin protocol l2tp virtual-template
interface Ethernet1/2
Debug vpdn command
ppp authentication pap
RIP Configuration router rip ver network IP Pool for L2TP Tunnel
error
IP Routing
6-14 CHAPTER 6 MANUAL SETUP
disable ip RIP
enable ip forwarding
enable ip RIP
show ip routing settings
negotiate
addressselection
Remote Site
The defaultrouteoption can only be enabled in one VC profile
set vc vc name
Configuring Static and Framed IP Routes
6-18 CHAPTER 6 MANUAL SETUP
Address Translation
used
For a vc added using QuickVC, NAT is enabled by default
continues to run until a NAT port frees up
port 80, private port 80, and the private address of the LAN Server
Use the following command to configure PAT in a vc profile
Intelligent PAT
6-22 CHAPTER 6 MANUAL SETUP
Enabling NAT
set vc vc name intelligentpatoption Enable/Disable
Please also note the following
set vc vc name natoption nat
Configuring NAT Static and Dynamic Mappings
6-24 CHAPTER 6 MANUAL SETUP
list nat vc vc name addr
add nat dynamic vc vc name publicpoolstart ip address count number
list nat vc vc name port port
AND / OR
Remote
Configuring the DHCP Mode
DHCP
set dhcp server lease seconds
set dhcp server startaddress ip address endaddress ip address
set dhcp server mask ip address
set dhcp server router ip address
show dhcp server counters
Configuring the DHCP
set dhcp mode relay
list dhcp server leases
timeout
enable dns
show dns settings
set dns
list dns servers
Access Lists
IPX Routing
6-32 CHAPTER 6 MANUAL SETUP
Enabling IPX Routing Configuring IPX for the LAN
Configuring IPX for Remote Site Connections
Configuring IPX Static and Framed Routes
add ipxroute vc vc name ipxnet ipx network address metric number
add ipxservice vc vc name hops number
Configuring IPX Static and Framed Services
delete ipx service name type hex number
6-34 CHAPTER 6 MANUAL SETUP
set ipx network network name
Configuring IPX RIP and SAP
Bridging
set ipx network network name
Configuring Bridging for the LAN
Configuring Bridging for the Remote Site Connections
Bridging IP Traffic
6-36 CHAPTER 6 MANUAL SETUP
Advanced Bridging Options
show ip settings
set bridge forwarddelay seconds
set bridge agingtime seconds
set bridge firewall discardroutedprotocols
set vc vcname macrouting enable
Simultaneous Bridging and Routing
System
Administration
Setting Date and Time
set bridge firewall fwdunicastonly
set disable ntp
Network Time Protocol CLI Commands
set enable ntp
For example set date 01-JAN-1998
set pollinginterval seconds
set timeout seconds
set secondaryserver ipnameoraddr
set retransmissions number
NTP Servers clock.psu.edu
list users
show system
set system name name location location contact contact
delete user name
Setting Password Protection
list tftp clients
exit cli
After logging in to the CLI, you can exit the CLI with the command
6-46 CHAPTER 6 MANUAL SETUP
OfficeConnect Remote 812 Filtering Capabilities
Data Filtering Overview
Filter Classes The OCR 812 supports three filter classes
Creating Filters
Creating Filters Using
Command Line
Overview
Protocol Rules
The OR operation can be implemented by successive rules
IP 1 ACCEPT src-addr=xxx 2 ACCEPT dst-addr=yyy 999 DENY
LENGTH - The number of bytes in the packet to compare to the value
IP Protocol Filtering Using CLI
IP Source and Destination Network Filtering Using CLI
IP Source and Destination Port Filtering Using CLI
IP RIP Packet Filtering Using CLI
IPX Source and Destination Socket Number Filtering Using CLI
IPX Source and Destination Network Filtering Using CLI
IPX Source and Destination Host Filtering Using CLI
Bridge / Generic Filtering Using CLI
IPX RIP Packet Filtering Using CLI
IPX SAP Packet Filtering Using CLI
IPX 1 ACCEPT src-socket = 999 DENY
memory
Using CLI
Creating Filter Files
Assigning Filters
by entering the CLI command set interface eth1 filteraccess off
Applying Filters Using
Interface Using CLI
VC/Remote Site Filters
Managing Filters
Using CLI
Filter List Using CLI
VPN Tunnel
VC/Remote Site Profile
an Interface Using CLI
Removing a Filter from
Deleting a Packet Filter
6-60 CHAPTER 6 MANUAL SETUP
OCR 812 features
OFFICECONNECT REMOTE 812 SAMPLE A CONFIGURATION
Sample Configuration
Overview
enable securityoption remoteuser administration
Configuring the
Global Configuration
add user root password !root
disable bridge spanningtree add bridge network bridge
add dns server * vc Internet enable dns
add ipx network ipx address 10 frame ethernetii enable yes
set dhcp server dns1 192.168.200.254 dns2
set vc Internet iprouting listen
set vc Internet sendname internet-user sendpassword 1a2b3c
set vc Internet defaultrouteoption enable enable vc Internet
Configuring the Sample Network A-5
set vc corp-net ipxaddress 0 ipxrouting all enable vc corp-net
set vc corp-net iprouting both
Page
add access
CLI Command Description
CLI Commands
vcblknetbios
primaryaddress ipaddress secondaryaddress ipaddress vcname vcname
iproute ipaddress metric number
add ip defaultroute
add framedroute vc name
metric
address ipnetaddress frame ETHERNETII SNAP LOOPBACK interface eth1
address ipxaddress interface eth1 enabled yes
add ip network networkname
gateway gatewayaddr metric hopcount
add ipx route ipxnetaddress
add ipx service servicename
type servicetype
gateway ipxhostaddress metric metricnumber ticks ticknumber
add ipxservice vc name
ipxnet ipxaddress metric hopcount ticks ticknumber
type servicetype
add ipxroute vc name
CLI Commands B-7
add network service servicename status
servertype servertype socket socketnumber enabled YES data “string”
address ipaddress access RO RW
Add network service example
add networkservice CLIaccess servertype TELNETD socket
closeactiveconnections TRUE FALSE
address ipaddress
add snmp trapcommunity name
ipnameoraddr
add tunnel
arp output outputfilename ipnameoraddr
add user name
add vc name
enabled yes
vcname
delete ipx route ipxnetaddress delete ipx service servicename
delete pat tcp vc
type servicetype
tunnelname
publicaddress ipaddress
publicpoolstart ipaddress
entries
DIAL
DISABLE
disable ip network
bridge forwarding
authentication traps
disable snmp
interfacename interface settings command
output outputfile
ENABLE
networks
interfacename
using list network services
HANGUP
interfacename interface settings command
KILL
HELP
HISTORY
LIST
mgmt - unknown, but filtering information exists
CLI Commands B-19
If Name - eth1, DA1 or loopback
Interface - eth1, DA1 or loopback
Prot - LOCAL or RIP
trapcommunities not list access
Continue printing
PAUSED COMMANDS
More or CR
Quit
RENAME
timeout timeoutvalue
PING
RESOLVE
SAVE
forwarddelay seconds
set command history numerical range idle timeout minutes
set bridge
set dhcp relay server2
enabled YES NO
set dhcp relay server1
address IPaddress
DNS1 IPaddress
set dns cachesize number numberretries number timeout seconds
set dhcp server
DNS2 IPaddress
routingprotocol NONE RIPV1 RIPV2
filteraccess ON OFF inputfilter filtername outputfilter filtername
set interface interfacename
B-28 APPENDIX B CLI COMMAND DESCRIPTION
routerid routerid
CLI Commands B-29
sap BOTH DISABLE LISTEN RESPONDONLY SEND sapagemultiplier number
rip BOTH DISABLE LISTEN RESPONDONLY SEND ripagemultiplier number
rippacketsize number ripupdateinterval number
sapupdateinterval number
Sets parameters for configured network services
set network service adminname
poolmembers number
Sets parameters for dynamic IPX networks
For in-depth information about CHAP and PAP, see RFC
A VPN tunnel can only be configured for MSCHAPv1 by using the CLI
Authentication Options
MPPE Options
address IPaddress access RO RW
NONE REQUIRED
name “name”
transmitauthenticationname name
set system
location “location”
set user username
password password
sessiontimeout seconds
message “message”
idletimeout seconds
bridging enable disable
defaultrouteoption enable disable
ip enable disable
CLI Commands B-37
set number
categoryofservice Unspecified UBR Variable VBR
set vc vcname atm
pcr number
Sets ATM parameters for VCs
Total errored seconds in 15 minutes
Total time since system reboot hours, minutes, seconds
Errored seconds since last link down
Total errored seconds in previous 15 minutes
Base Aging Time - time to age out a known MAC address, default
Fields
History Depth Current Prompt OCR-DSL Local Prompt OCR-DSL
settings
Problems with Name Server - internal server error
show dns counters show dns settings show filter filtername
SPECIFIC ERROR COUNTERS
OUTPUT COUNTERS
ICMP COUNTERS
INPUT COUNTERS
INPUT COUNTERS
show interface interfacename counters
show interface Displays
OUTPUT COUNTERS
IP Dynamic Address Pool Size - size of IP address range
Fragments Needing Reassembly - # of fragmented datagrams
IP Dynamic Address Pool Begin - start of IP address range
settings
INPUT COUNTERS
show ipx counters show ipx network networkname counters
OUTPUT COUNTERS
settings
show ipx rip
counters
settings
settings
show ipx sap
Dynamic Address Pool Begin - starting IPX address
Default Gateway - default IPX router address
vcname counters
vcname settings
name settings
name counters
SETTINGS for PPP LINK 1
SETTINGS for PPP BUNDLE
SETTINGS for PPP BUNDLE 1 COMPRESSION
Operational Status - opened or not opened
show snmp counters Displays many SNMP statistics
INPUT COUNTERS
System Descriptor - for example
System Contact - modify using set system
System Location - modify using set system
OUTPUT COUNTERS
INPUT COUNTERS
TCP SETTINGS
TCP COUNTERS
OUTPUT COUNTERS
VERIFY
Commands
TELNET
verify filter
CLI Exit Commands
Command Features
Comments
B-58 APPENDIX B CLI COMMAND DESCRIPTION
INDEX
Server
Input and Output filters contrasted
Static Services
Passwords
Page
Page
Page
HARDWARE
3Com Corporation LIMITED WARRANTY
STANDARD WARRANTY SERVICE
SOFTWARE
The Interference Handbook
FCC CLASS B STATEMENT
FCC DECLARATION OF CONFORMITY
ModelDescription
