Manuals / ADTRAN / Computer Equipment / Network Router

ADTRAN L128T user manual Radius Server/Retry Count, Security/PPP

Models: L128T L128

1 200

Download 200 pages 61.82 Kb

Page 75

Radius Server/Retry Count

Chapter 3: Terminal Menu Operation and Structure

Radius Server/Retry Count

Write security: 1; Read security: 2

This is the number of times the Express L128/L128T should send a request packet to the RADIUS server without a response before giving up. If the num- ber of attempts to communicate with the primary server is equal to the retry count, the secondary server (if defined) is tried. If the secondary server does not respond within the retry count, the PPP peer (or Telnet session) is not au- thenticated and is dropped. The default is 5.

Security/PPP

Write security: 1; Read security: 2

The PPP peer can be authenticated using three standard methods: PAP (Pass- word Authentication Protocol), CHAP (Challenge Handshake Protocol) and EAP (Extensible Authentication Protocol). The strength of the authentication is determined in the order EAP, CHAP, followed by PAP, where EAP is the strongest and PAP is the weakest. PAP is a clear-text protocol, which means it is sent over the PPP link in a readable format. Care must be taken not to al- low highly sensitive passwords to become compromised using this method. CHAP and EAP use a one-way hashing algorithm which makes it virtually im- possible to determine the password. EAP has other capabilities which allow more flexibility than CHAP.

The following selections are possible:

PAP, CHAP, or EAP (def) - The Express L128/L128T will ask for EAP during the first PPP LCP negotiation and allow the PPP peer to negotiate down to CHAP or PAP.

CHAP or EAP - The Express L128/L128T will ask for EAP during the first PPP LCP negotiation and allow the PPP peer to negotiate down to CHAP but not PAP.

EAP - The Express L128/L128T will only allow EAP to be negotiated. If the PPP peer is not capable of doing EAP, then the connection will not succeed.

58

Express L128/L128T User Manual

61202.070L1-1

Image 75

ADTRAN L128T user manual Radius Server/Retry Count, Security/PPP

Contents

Express L128, Data Only USER MANUALExpress L128 and Express L128T ISDN Router/BridgeTrademark RADIO FREQUENCY INTERFERENCE STATEMENT FEDERAL COMMUNICATIONS COMMISSIONCANADIAN EQUIPMENT LIMITATIONS CANADIAN EMISSIONS REQUIREMENTSIMPORTANT SAFETY INSTRUCTIONS SAVE THESE INSTRUCTIONSTable of Contents Chapter 3. Terminal Menu Operation and Structure Table of ContentsNAT/Web Server Table of ContentsStatic Routes/Active Static Routes/Subnet MaskBridge/Spanning Tree Connection List/Bridge Connection List/Dial OutConnection List/IP Connection List/IPXConnection List/Bandwidth Call Sessions/Spanning Tree Upgrade/Transfer MethodUpgrade/TFTP Host Upgrade/FilenameChapter 4. Troubleshooting List of Figures List of Figures Express L128/L128T User Manual61202.070L1-1 Table D-A IBM/AT Style EIA-232 Interface Table 2-A Using the Flash-HookTable 4-A Troubleshooting Calls List of TablesList of Tables Express L128/L128T User Manual61202.070L1-1 Quick Startup Guide SETTING UP THE ISDN LINECONNECTING TO AN INTERNET SERVICE PROVIDER Internet Access using Network Address Translation NAT14. Go into the Configuration/IP/NAT submenu and set DHCP Mode to On MULTIPROTOCOL ROUTING BETWEEN TWO LANS Remote/Home Office Accessing the Corporate LANSave Connection List changes? enter y When the computer which is attached to the local LAN attempts to access a host on the access server, the Express L128/L128T will dial the number pro- vided in the Connection List profile. The Express L128/L128T will provide one of two B-channels based on traffic demand and POTS port usage Express XLT model only. If no packet traffic is transmitted or received for the speci- fied number of seconds, the Express L128/L128T will disconnect the link until a computer on the local LAN again attempts to access a host on the access serv- er Quick Startup Guide Express L128/L128T User Manual61202.070L1-1 Express L128/L128T Chapter Understanding ISDN and the Express L128/L128TISDN OVERVIEW THE EXPRESS L128/L128TApplications Single User to Corporate LANSingle User to Corporate LAN Provides high speed home access to the Internet Single User to Internet Service ProviderMultiple User to Internet Service Provider Multiple Users to Internet Service Provider ISP using NATSOHO to Corporate LAN Small Office - Home Office SOHO to Corporate LANDemand Routing and Bridging with the Express L128/L128T Factory DefaultBridging IP Routing Connection List - Simplifying and Enhancing the Dial Function Concurrent Routing and BridgingRouting over PPP Bridging IPX RoutingLAN Indicators Network Address Translation ModeFront Panel WAN Indicators Test IndicatorsExpress L128/L128T LEDs Express L128/L128T Rear Panel ISDN ConnectionConnecting to the Internet Ordering ISDNInteroperability Security ConfigurationChapter Installation ISDN NETWORK CONNECTIONLOCAL AREA NETWORK CONNECTION Press **8XXXXXXX TELEPHONE CONNECTION L128T ONLY Basic Telephone ServiceSupplementary Services DTMF KeypadCalling a second party with an active call Customer Premises WiringUsing the Flash-Hook Table 2-ATo Telephone Company New Wiring SchemeTo Telephone Company Yellow Red Green BlackTo Telephone Company New Wiring SchemeTo Telephone Company Yellow Red Green BlackChapter 2 Installation Express L128/L128T User Manual61202.070L1-1 Configuration Chapter 3 Terminal Menu Operation and StructureTERMINAL MENU STRUCTURE DialMode Right PaneTop Level Terminal Menu Left PaneUtilities StatusTest LogsMoving Around NAVIGATING THE TERMINAL MENUSGeneral Layout Menu PathEscape Navigation with the KeyboardGeneral Navigation EnterConÞguration Level Security LevelsSystem Location CONFIGURATION MENU Configuration/System InfoConfiguration/System Info Screen System NameDate/Time System ContactFirmware Revision System UptimeISDN/Dial Line Configuration/WANConfiguration/WAN Screen WAN/ISDNDial Line/Area Code LUCENT 5ESS defDMS-100 National ISDN1Master LDN 1 = 5 5 5 1 2 1 LDN 2 = 5 5 5 1 2ISDN/Leased Line Slave defPOTS/NI-1 Conference FI ISDN/FEBEsWAN/POTS POTS/POTS AssignmentIP/Subnet Mask Configuration/IPConfiguration/IP Screen IP/IP AddressStatic Routes/IP Address IP/Default GatewayIP/Static Routes Static Routes/ActiveIP/RIP Static Routes/PrivateIP/IP Router IP Router/ModeIP/NAT RIP/MethodRIP/Direction RIP/V2 SecretDNS/Domain Name NAT/DHCP Renewal TimeNAT/Web Server IP/DNSUDP Relay List/UDP Port Type IP/UDP RelayUDP Relay/Mode UDP Relay/UDP Relay ListIP/Proxy ARP IPX/Network Configuration/IPXConfiguration/IPX Screen IPX/ModeIPX/RIP Timer IPX/Frame TypeIPX/Seed Status IPX/SAP Timer Bridge/WAN IP Bridge Configuration/BridgeConfiguration/Bridge Screen Bridge/ModeWAN IP Bridge/Proxy ARP WAN IP Bridge/NetworkWAN IP Bridge/Netmask WAN IP Bridge/TriggeredWAN IPX Bridge/Triggered WAN IPX Bridge/NetworkWAN IPX Bridge/Frame Type WAN IPX Bridge/Seed StatusSpanning Tree/Hello Time Spanning Tree/Forward DelaySpanning Tree/Priority Spanning Tree/Maximum AgeSpanning Tree/WAN Port LAN Port/Path Cost Write security 2 Read securitySpanning Tree/WAN Port Bridge/Address Table WAN Port 1/ActiveWAN Port 1/Path Cost WAN Port 1/PriorityConfiguration/Security Configuration/Security ScreenSecurity/Authentication Radius Server/Secondary Server Security/WhenSecurity/Radius Server Radius Server/Primary ServerSecurity/PPP Radius Server/Retry CountSrc Addr Security/Filter DefinesFilter Defines /MAC Filter Defines NameMask Filter Defines /Pattern Filter DefinesOffset PatternTCP Est Dst Port CmprProto Proto CmprType Comp TypeConfiguration/Connection List Screen Configuration/Connection ListConnection List/Active Connection List/AuthenticationConfiguration/Security/PPP Connection List/DescriptionIf the Configuration/Security/Authentication parameter is set Authentication/Tx MethodConfiguration/Security/PPP Authentication/Rx Password Authentication/Tx UsernameAuthentication/Tx Password Authentication/Rx UsernameIP/Route Authentication/Call IDConnection List/IP IP/ModeRoute/Hops Route/IP/NetRoute/Netmask Route/PrivateRIP/Protocol RIP/TriggeredIP/RIP RIP/ModeIPX/Triggered RIP/RetainConnection List/IPX IPX/Remote NetworkIPX/Type 20 Packets IPX/RetainProbe/Interval Connection List/BridgeConnection List/Probe Probe/ActiveMultilink/Mode Probe/Update WindowConnection List/PPP PPP/MultilinkPPP/VJ Compression PPP/Max ConfigMultilink/BACP PPP/CompressionDial Out/Number PPP/Max TimerPPP/Max Failure Connection List/Dial OutDial Out/Delay Dial Out/Connection TimeoutDial Out/Redial at 56K Bandwidth/On Demand Dial Out/AttemptsDial Out/Initial Channels Connection List/BandwidthBandwidth/Samples Filters/WAN-to-LAN In Connection List/FiltersDefines/Pattern Filter Defines list from the Configuration/Security/FilterFilters/In Exceptions Defines/MAC Filter Defines listIn Exceptions list Filters/Demand Dial Filters/Out Exceptions61202.070L1-1 Filters/Dem Dial ExceptionsWrite security 2 Read security Express L128/L128T User ManualManagement/Telnet Configuration/ManagementConfiguration/Management Screen Telnet/Server AccessUser List/Level Telnet/User ListUser List/Name User List/Authen MethodCommunities/Name SNMP AccessManagement/SNMP SNMP/CommunitiesManagement/Maint Port Maint Port/Password ProtectMaint Port/Password Traps/Manager IPConfiguration/Terminal Mode Maint Port/ParityMaint Port/Stop Bits Dial Screen DIAL MENUDial/Description Dial/DialDial/Number Dial/Hang UpDial/Status Dial/ChannelsSTATUS MENU Status/Call SessionsStatus Screen Call Sessions/Session1 and Call Sessions/Session2 Call Sessions/Spanning Tree Status/ARP CacheStatus/Bridge Table Status/IP RoutesBridge Cache/Port - Port device learned from LAN, WAN0, or WAN1 Status/IPX Routes HDLC Port Status/IPX ServersStatus/WAN Stats IPX Servers/Type - The server type IPX Servers/Name - The server nameTCP failed attempts TCP passive connections TCP current connections TCP segments sent TCP segments received Total TCP resetsStatus/LAN Stats Status/IP StatsIP reassembly failures Disassembled fragments Errorfree discards ICMP redirected messages ICMP packet errors ICMP timeouts receivedICMP messages sent ICMP messages received ICMP specif if errors Total forwarded datagrams IP reassembly timeoutTest Screen TEST MENUTest Menu/Echo Request Test Menu/Dial SelfLogs Screen LOGS MENULogs/Sys log Host Logs/PPP LogPPP Log/Level Logs/Call LogPPP Log/Active PPP Log/WrapCall Log/View Logs/Network LogCall Log/Wrap Call Log/LevelNetwork Log/Level Network Log/ViewNetwork Log/Clear UTILITIES MENU Utilities/PingUtilities Screen Upgrade/Filename Utilities/Upgrade MenuUpgrade/Transfer Method Upgrade/TFTP HostUtilities/Exit Upgrade/Start TransferUpgrade/Abort Transfer Upgrade/TFTP ServerChapter 3 Terminal Menu Operation and Structure Express L128/L128T User Manual61202.070L1-1 Chapter Troubleshooting IF SELF-TEST FAILSIF THE EXPRESS L128/L128T DOES NOT READ READY The Express L128/L128T software setup The Express L128/L128T hardware The Express L128/L128T software setup SPID1 = SPID2 = LDN 1 = LDN 2 = The Express L128/L128T software setup To isolate the problem, perform the following procedure Troubleshooting Calls IF YOU ARE UNABLE TO CONNECT CALLSTable 4-A Chapter 4 Troubleshooting Express L128/L128T User Manual61202.070L1-1 Network Interface Chapter SpecificationsSPECIFICATIONS AND FEATURES Switch CompatibilityPhysical PowerDisplay EnvironmentalAutoSpid DISCONNECTINGAppendix A Loop Status Messages AutoSpid DownloadISDN-1 Ready Echo Tx X Rx YGetting TEI #1 Getting TEI #2Dialing B1 and B2 Bearer Channel Status MessagesRINGING AudioIncoming call state in transition RoutingWaiting Call is between states or waiting for switchPPP Log Messages Appendix B Log MessagesAppendix B Log Messages IPXCP X down level No IP addr for peer level Call Log Messages AutoSpid Download Started level Bandwidth drop level CallID 1 in use level NETWORKCONGESTION NETWORKOUTOFORDER NOCIRCUITAVAILABLE NOROUTE Dialing Connected number levelFallback to 56K level L2 #2 not up level NOT end2end ISDN level Attempting to add bad IP iface route ifnum=inter dest=ip level Network Log MessagesRejecting packet with Source Routing option - src=srcip dest=destip Installing bad default route ifnum=inter metric=hops gw=iptelclient bad host level TELNETD Clr TCBFBUFFER flag failed level Appendix B Log Messages Express L128/L128T User Manual61202.070L1-1 Understanding SNMP Appendix C SNMPSNMP Embedded Agent Traps CommunitiesAppendix C SNMP Express L128/L128T User Manual61202.070L1-1 Table D-B Appendix D Connector PinoutsTable D-A IBM/AT Style EIA-232 Interface10BaseT Ethernet Table D-CRJ-11 POTS Table D-DMenu Commands Appendix E Terminal Mode CommandsGoes directly to ConÞguration/Management/SNMP menu Goes directly to ConÞguration/System Info menuGoes directly to ConÞguration/Connection List menu Goes directly to ConÞguration/Management/Telnet menuDownload/Uploading Configuration Additional CommandsAppendix E Terminal Mode Commands Express L128/L128T User Manual61202.070L1-1 Figure F-01 Configuration/Frame RelayConfiguration/Frame Relay Screen Appendix F Frame Relay Firmware VersionAppendix F Frame Relay Firmware Version Frame Relay/Maintenance ProtocolFrame Relay/Polling Frequency Frame Relay/DLCI MappingIP Map/Active DLCI Mapping/ActiveDLCI Mapping/DLCI DLCI Mapping/IP MapIP Map/RIP Protocol IP Map/IARPIP Map/NAT DLCI Mapping/IPX MapIPX Map/Active DLCI Mapping/Bridge Map IPX Map/IARPfrom the Configuration/Security/Filter DLCI Mapping/Filtersfrom the Configuration/Security/Filter from the Configuration/Security/FilterIn Exceptions list Sessions/PPP Session Status/SessionsFigure F-02 Status/Sessions Screen with Frame RelaySessions/DLCI Table Sessions/Spanning Tree Appendix F Frame Relay Firmware Version Express L128/L128T User Manual61202.070L1-1 10Base2 bearer serviceBOOTP GlossaryD-channel four-wire circuitscentral office CO CSMA/CDIEEE 802.1d in-band signallinghop count IEEEISDN Media Access Control MACinterworking Internet ProtocolName Binding Protocol NBP phase jittermessage multipoint linerouter service advertising protocol SAPpoint-to-point protocol PPP poison routesSPCS serving areaSNMP spanning treetwisted pair two-wire circuitTelnet TCP/IPZombie Routes U-interfaceGlossary Express L128/L128T User Manual61202.070L1-1 Acronyms B ChannelBONDING Acronyms Numerics IndexPage Page Page Page PPP 19, 58 Page Page Page Index Express L128/L128T User Manual61202.070L1-1 Presales Inquiries and Applications Support Product Support InformationTechnical Support CAPS Department