Interior Router | Avocent Cyclades-PR2000 specs

Cyclades-PR2000

Interior Router

If an interior router exists in the network, the administrator may decide to use a Default Scope of Permit. In this case, all undesired traffic must be excluded by a rule in the rule list. In Figure 12.5, a conceptual equivalent of the interface is shown.

All packets except those which fall into the holes in the ball will be allowed entry in to or out of the network.

PERMIT

World ofPo s si b l e

Stop	a
	P

Forged Packets	c
Forged Packets	e
	k
	t
	s

Don’t Allow

Access to News

PERMIT

Stop Telnets

From the Outside

(Except Bastion Host)

PERMIT

FIGURE 12.5 PERMIT DEFAULT SCOPE

Chapter 12 - Filters and Rules

103

Image 103

Avocent Cyclades-PR2000 installation manual Interior Router, Stop Forged Packets Don’t Allow Access to News

Contents

Cyclades-PR2000 FCC Warning Statement Cyclades-PR2000 Installation ManualCanadian DOC Notice Table of Contents Static Routing Dynamic Routing 112 127 HOW to USE this Manual Text Conventions Installation Assumptions Icon Meaning Why CONFIG=INTERFACE=LConvention Description Icons Cyclades Technical Support and Contact Information CONFIGURATION=ALL USA Cyclades Corporation To Wall Outlet Gender Changer DB-25 DB-9 Male What is in the BOXInterface DB-25 Male RS-232 Modem With DB-25 Interface RJ-45 Male RJ-45 to DB-25 Login Prompt and Main Menu Using CyROS Menus Lmi-typeANSI, Group of four, None Ansi Special Keys CONFIGURATION=TO Flash CyROS Management Utility Cyros Management Utility Cyclades-PR2000 PR2000 Host 192.168.0.30 255.255.255.0 STEP-BY-STEP Instructions for Common ApplicationsRS-232 Modem Network IP PC192.168.0.0 Host NAT Step ONEParameter Example Your Application IP MTU Step Three Step TWO Swan Network Protocol IP Menu Parameters Mlppp Step Four Step SIX Step Five Step Eight Step SevenStep Nine Instructions for listing the configuration Instructions for creating a backup of the configuration file 200.240.230.1 Example 2 a LAN-to-LAN Example Using Frame RelayNetwork IP Mask ETH0 PR2000 10 Ethernet Network Protocol Menu Parameters 11 Swan Physical Menu Parameters 12 Swan Network Protocol IP Menu Parameters LMI Snap IPCIR Dlci 14 DLC Configuration Menu Parameters 15 Static Route Menu Parameters Instructions for creating a backup of the configuration file Example 3 Link Backup 17 Traffic Control Parameters 18 Addition of the Primary Main Link Swan 20 Multilink Circuit Attributes This parameter has no effect for link backup. For load 21 Static Backup Route Parameters Instructions for creating a backup of the configuration file IP Network Protocol Configuration of the Ethernet InterfaceParameter Description Incoming IP Accounting Config =RULES LIST=IP=CONFIGURE RULES=ADD RULE=ALLOW 200.240.240.8 200.240.240.4 IP Bridge200.240.240.9 200.240.240.3 200.240.240.2 200.240.240.1 PR2000 Link PR3000 Other Parameters Clock Source is always External Swan and Async Interfaces Step TWO Protocol Be used for authentication Network Protocol Network Protocols IP Protocol Detailed Incoming IP Accounting Transparent Bridge Protocol PPP The Point-to-Point Protocol DATA-LINK Protocols Encapsulation PPP Menu Char Hdlc PppcharFrame Relay T391 Interval between the LMI Status Enquiry messages N391 CONFIG=INTERFACE=SWAN =TRAFFIC Control =GENERAL =BANDWIDTH 200.1.1.1 Dlci Salvador Recife Network São Paulo Rio de Janeiro Network For static address mapping Router / DTE Switch / DCE Menu CONFIG=INTERFACE=LINK=ENCAPSULATION =X.25 Menu With PAD Packet Assembler/Disassembler Dynamic Routing Routing ProtocolsRouting Strategies Static Routing 10.0.0.0 Static Routes142.10.0.0 Mask 192.168.100.0 Interfaces Unnumbered Add Static Route Menu Config =STATIC Routes =IP =ADD Route RIP Configuration Ospf Ospf Configuration on the Interface 10Mbps, 65 for T1, 1785 for 56kbps, etc Ospf Global Configurations =PASSWORD CONFIG=STATIC ROUTES=IP=ADD ROUTE=OSPF Advertises this=ROUTING Protocol =OSPF =ADVERTISE this NON-OSPF Interface Applies when Area Range N Status is Active =IP=OSPF=AREA=AUTHENTICATION Type Only when Virtual Link Status is Active BGP-4 Configuration 255.255.255.0 200.50.50.0 PR3000 200.200.200.2 Tele Brutus Example System with PR2000 in AS 100 Being Configured CONFIG=IP=BGP4=BGP NETWORK=ADD CONFIG=IP=BGP4=GLOBAL Route Reflector Client CONFIG=IP=BGP4=NEIGHBOR=ADD Step Three Up Ro 100.10.0.0/16 Route PR3000 RredParameter Description Seq Rule Message From Tele Popeye Route Map Routes Parameter Description DiscardedDiscarded RoutesRoutes Seq RuleMessage From Tele Popeye Rule CONFIG=IP=BGP4=ROUTE MAP=ADD CONFIG=IP=BGP4=AGGREGATE ADDRESSES=ADD CYROS, the Operating System Creation of user accounts and passwordsCreation of the host table Slip IP Accounting Detailed information can be accessed via Snmp Server 192.168.0.31 NAT Network Address TranslationGlobal Address Range Ftp Network Server Mask Networks 192.168.0.0 Translated Types of Address Translation Menu Option Description Interface. Five minutes is a reasonable time Step Four Rules and Filters Configuration of IP Filters Rule List Rules List Bastion Host 10.0.0.0 Extension to Network Exterior Router Perimeter Network Slot 192.168.0.0 Let Mail out Exterior RouterLet Telnet Connections Out Filters and Rules 100 Output for Exterior Router Example Filters and Rules 102 Interior Router Stop Forged Packets Don’t Allow Access to NewsStop Telnets From the Outside Except Bastion Host Output for Interior Router Example Link 33.33.33.1 25% or less Traffic Rule ListsClient B Filters and Rules 106 Output Showing Parameters for Traffic Rule Example Filters and Rules 108 Port 25 Smtp Mail Server Web ServerMail Server Web Client 10 Output Showing Parameters for Traffic Rule Example Internal Network IPX Internetwork Packet ExchangeNumber Mac Address 00 60 2E 00 11 Configuring Other Interfaces Configuring the Ethernet InterfaceEnabling IPX Routing Frame RelayParameter Value for the Example Routing Table for the Example SAP Service Advertisement Protocol Table Virtual Private Network Configuration Virtual Private Network Configuration 116 IP172.16.0.0 Link Link IP10..255.255.0Router IP Address RSG3 Remote IP Network 9.1 Security Gateway Router Link Virtual Private Network Configuration 118 Virtual Private Network Configuration 119 CPU Appendix a TroubleshootingBoot Code step Test Event CPU LED Morse code What to Do if the Router Does Not Work or Stops Working Host host00 Testing the Ethernet Interface Figure A.3 General Statistics Table Testing the WAN Interfaces Appendix a Troubleshooting 124 LEDs Cyclades PR2000 Appendix B Hardware Specifications WAN Interfaces External InterfacesLAN Interface Console Interface Asynchronous Interface Straight-Through Cable Cables TxClkDTE a Female Retention Screw Male DB-25 Female Signal Pin PGndDB-25 M.34 Adaptor TxClkDTE B Cross Cable ASY/Modem Cable Cross Cable Signal Pin Pin Signal PGnd TxD RxD20 DTR Figure B.10 Loopback Connector DB-25 Male DB-25 Loopback Connector Procedure Appendix C Configuration Without a ConsoleRequirements Snmp RIP Cyclades Philippines