Enterasys Networks CSX5500, CSX6000, CSX7000 guide

USER’S GUIDE

OFF-NODE DEVICE DATABASE LOCATION CONFIGURATION ELEMENTS

DATABASE LOCATION

The database location for device level security. The choices for the off-node database location are None (Use on-node), CSM, or RADIUS. Choosing an off-node database location enables the particular database.

Note: Enabling CSM as the off-node device database location automatically enables CSM as a Call Control Manager. However, disabling CSM as the authentication agent will not disable CSM as a Call Control Manager. Refer to the SecureFast Virtual Remote Access User’s Guide or the Configuring Call Control chapter of this guide for more information.

OFF-NODE DEVICE DATABASE LOCATION BACKGROUND INFORMATION

An off-node, central database allows a network with more than one CyberSWITCH to access one database for device authentication. The CyberSWITCH will access the off-node database to locate authentication information on a remote device that is attempting to establish a connection.

If the On-node Device Database has been enabled, and either CSM or RADIUS has been selected as the off-node database location, both databases will be searched for the device attempting the incoming or outgoing call. The on-node database will be searched and then, if the correct device is not found, the off-node database will be searched. Authentication is based on device information received from the first matching database. Matching a device is defined in different ways, depending on the call is made. For example, if an outbound call is made on an IP WAN interface by using the ip ping command, the IP address is the method that is used to search the database. If a matching IP address is found, a connection is attempted. If the system is unable to authenticate the peer, the connection attempt is done. The system will not attempt to continue searching the remaining database entries or additional off-node database for the correct peer.

204 CyberSWITCH

Image 204

Enterasys Networks CSX5500, CSX6000, CSX7000 manual OFF-NODE Device Database Location Configuration Elements

Contents

USER’S Guide Virus Disclaimer Trademarks DOC Notice Contents Software Overview Hardware Installation Configuration Tools Cfgedit Security Overview Configuring System Options and Information Configuring Off-node Server Information Configuring Encryption Configuring Advanced Bridging Configuring IPX Central Site Remote Access Switch Configuring Snmp Configuring Other Advanced Options Verifying the Base System Verifying Routing Protocols LCD Messages System Commands System Statistics Routine Maintenance Cfgedit Map Using this Guide Documentation SET Cfgedit MAP Guide Conventions Cfgedit Screens User’s Guide CyberSWITCH System Overview Cyberswitch Unique System Features Hours of Usage USER’S Guide Central Site Remote Access Switch Interoperability Overview RadiusInteroperability Protocols Interoperability Devices Encryption Overview Network LayerLink Layer Security Overview Network Interface Overview Isdn System Components Remote Isdn Devices Switches Supported Hardware Overview System PlatformsPlatform Number Main Speed Slots CSX5500 System Platforms EMI To reduce the risk of electrical shock or energy hazards CSX6000 Cleaning the CSX6000 AIR Filter To reduce the risk of electrical shock or energy hazards CSX7000 Disk Drives Number of 1/3 height IDE disk drives supported NE 2000-II a Network Express Platform Front View Platform Characteristics NE 4000 a Network Express Platform USER’S Guide NE 5000 Platform a Network Express Platform Cleaning the NE 5000 AIR Filter EMI Hardware Characteristics System AdaptersEthernet Adapters Mtbf Basic Rate Adapters 75000hrs Primary Rate Adapters PRI-8PRI-23 PRI-23/30 Jumper Usage PRI-8, PRI-23, and PRI-23/30 Connection Expander Adapter Adapter 35 Pin Data Set Ready No Connect Gnd Signal Return No Connect Ring IndicatorTransmit Clock Receive Data No Connect With error control With error control and data compressionDigital Modems With data compression DM-8 LSI Logic LR33000RISCMvip DM-24 Encryption Adapter Administration Software Software OverviewOverview System Software Configuration Files System Files Operational Files User Level Security Files System Installation Accessing the CyberSWITCH Ordering Isdn Service US only Ordering NI-1 Lines Using EZ-ISDN CodesOrdering NI-1 Lines Using NI-1 Isdn Ordering Codes Ordering BRI Isdn Lines Using Provisioning Settings Provisioning Settings for AT&T 5ESS Switches NI-1 AT&T Custom Point-to-Point AT&T 5ESS NI-1 Service UnrestrictedCSV limit CSV NB limit CSD limit CSD NB limit Provision Settings for Northern Telecom DMS-100 Switches CSV limitAny CSD limit PVC Number of call Appearances Version Functional YesBasic Information for Ordering PRI Isdn Lines US Only Type of Switch DisabledOption Local Bell Operating Company Sprint Hardware Installation PRE-INSTALLATION RequirementsChoose a suitable setup location Verify system power requirements Verify administration console requirements Provide a diskette for configuration backupIf you are installing only WAN adapters If you are installing WAN adapters and DM adapters Adapter Settings If you are installing WAN adapters and an Encryption adapter Adapter Interrupt and I/O Address Settings Configured Slot Interrupt Jumper Address Switch Setting SW1 DM-24 Adapter Interrupt and I/O Address Settings SW2 SW3 Encryption Adapter Settings Mvip SettingsDES/RSA Adapter OFF Additional Adapter Settings Line Type SettingsTop Left Top Pair Right Pair PRI-23 Clock Settings Jumper Jumper Setting North AmericanJ10 J11 J12 J13 J14 JP1 JP3JP6 JP9 Mvip Inserting the Adapters Into the Cyberswitch Connecting Adapter INTER-BOARD Cables Connecting Multiple Adapters Flat Bus Ribbon Cable Connecting a WAN Adapter to the LCD Summary of Guidelines Accessing the Cyberswitch Making ConnectionsDirect Connection DCD DTR DSR RCV Xmit GND RTS CTS NULL-MODEM Connection to a PC Remote Connection Using Telnet On the CyberSWITCH side On the remote administration console sideRemote Connections Modem to Modem COM1 From Cfgedit Options, select Default Async Protocol Establishing AN Administration Session Accessing the Release Notes Installing Software Upgrading System Software Couldn’t open the file C\SYSTEM\PLATFORM.NEI Local Upgrade Upgrading System Software Remote Upgrade Accessing the Release Notes Basic Configuration Configuring Basic Bridging Configuration Tools Cfgedit Dynamic Management Executing CfgeditSaving Cfgedit Changes Executing Dynamic Management Utility Dynamic Management Commands Saving Dynamic Management Changes Using the Network Worksheets Using the Configuration Chapters Configuring Resources and Lines Configuring Resources Using CfgeditResources Resource Configuration Elements Resource Background Information PPP Configuring Lines Using Cfgedit Lines Characteristic PRI/T1 lines E1 line Multiframe CRCCommonChannel Select Change from the Data Lines menu of Physical Resources Line Configuration Elements Auto TEI Switch Type Number of Data Number of SPIDs Directory NumbersDMS100 custom NI-1 Directory Numbers Line Encoding Commport Information Line Background Information Configuring a Subaddress Using Cfgedit Subaddress Configuration ElementsSubaddresses Subaddresses Background Information Configuring Basic Bridging ENABLING/DISABLING Bridging Using CfgeditSelect Enable/Disable Bridging MAC Layer Bridging Configuration Elements MAC Layer Bridging Background Information Configuring Basic IP Routing Enabling IP Using CfgeditInternet Protocol IP Option IP Operating Mode IP Option Configuration ElementsConfiguring the IP Operating Mode Using Cfgedit IP Background Information IP Operating Mode Configuration Elements IP Operating Mode Background Information Configuring Interfaces Using Cfgedit IP Network Interfaces USER’S Guide Network Interface Configuration Elements MTU Transmit Broadcast IP Address Default switch for numbered WAN interfaces IP RIP Receive Control IP Network Interface Background Information IP Network Interface Type Associated Remote Device IP Host RFC1294WAN Direct Host IP Host RFC1294 Hdlc Bridge USER’S Guide Example 1 LAN, WAN and WAN Direct Host Interfaces Example 2 LAN, WAN UnNumbered, WAN Remote LAN Interfaces IP RIP and the IP Network Interfaces Isdn Isdn IP RIP Over Dedicated Connections Isdn Redundant Configurations for Backup Network FlatteningProxy ARP Secondary IP Addressing Example IP Host Communications in Flattened Networks Configuring Static Routes Static Routes IP address for the destination network or host Static Route Configuration Elements Central Site Remote Access Switch Isdn Static Route Background Information Default Routes Configuring Default RoutesDefault Route Configuration Elements ENABLING/DISABLING IP RIP Using Cfgedit Routing Information Protocol RIP Option IP RIP Configuration Elements IP RIP StatusIP RIP Background Information LAN Configuring Security Level Security and Encryption Options Security Overview Security Level System Options and Information Device Level Databases Network Login Information User Level DatabasesOFF-NODE Server Information Configuring Security Level Database Device Level User Level Administration Security On-Node Yes Configuring no Security Using Cfgedit No Security Configuring Device Level Security Using Cfgedit Device Level SecurityDevice Level Security Background Information Configuring User Level Security Using Cfgedit User Level SecurityUser Level Security Background Information User Level Security Isdn Responding to Login Prompts Making a Telnet Connection Configuring Device and User Level Security Using Cfgedit Device and User Level SecurityTacacs ACE Device and User Level Background Information Configuring System Options and Information Configuring System Options Using CfgeditSystem Options System Options Configuration Elements System Options Bridge MAC Calling Line Id Authentication Address PAP Chap System Options Background Information PAP Chap Configuring System Information Using Cfgedit System Information Configuration ElementsSystem Information Optional Calling Line Id Administrative Session Configuring Administrative Sessions Using CfgeditSystem Information Background Information Administrative Session Configuration Elements Administrative Session Background Information Emergency Telnet Server Port Number Background Information Configuring Device Level Databases Configuring AN ON-NODE Device DatabaseON-NODE Device Database Configuring ON-NODE Device Entries ON-NODE Device Entries On-node Device Entries No pvc configured for Device DAN SVC None 0.0 IP SubNetwork number ON-NODE Device Database Configuration Elements Base Data Rate Frame Relay Access Configuration Elements Chap Secret Outbound Authentication RIP/SAP Appletalk Information Configuration Elements Bridge Information Configuration Elements ON-NODE Device Database Background Information Bridging with Hdlc Bridge Devices Security Mode On-node Device Table Configuration Data IP Routing with Hdlc Bridge DevicesLine Id IP Routing with PPP IP Devices Using Ipcp IP Routing with IP Host Devices RFC1294PAP or Chap Bridging with PPP Bridge Devices Using BCP PAP Password orIP Routing with PPP Bridge Devices Using BCP Configuring OFF-NODE Device Database Location Using Cfgedit OFF-NODE Device Database Location OFF-NODE Device Database Location Configuration Elements OFF-NODE Device Database Location Background Information Configuring User Level Databases User Level Authentication Database LocationConfiguring Authentication Database Location Using Cfgedit Database Telnet Port Number Configuring OFF-NODE Server Information Multiple Administration Login NamesName John Doe Name mynode1 Address Remote Office1 Type communications server CSM Authentication Server Configuring CSM Authentication Server CSM Authentication Server Configuration Elements CSM Authentication Server Background InformationConfiguring a Radius Authentication Server Is SHAREDSECRET1234 Radius Authentication Server Configuration Elements Radius Authentication Server Background Information Configuring a Radius Accounting Server Select 5 Off-node Server Information Return to the Off-node Server Information Menu Radius Accounting Server Configuration Elements Radius Accounting Server Background Information Enabling Radius Type Using Cfgedit Radius RFC2138 Radius Type Configuration Elements Configuring the Dynamic Device Option Using CfgeditDynamic Device Option Radius Type Dynamic Device Configuration Elements Tacacs Authentication Server Configuring a Tacacs Authentication Server Tacacs Authentication Server Configuration Elements Tacacs Authentication Server Background Information ACE Authentication Server Configuring AN ACE Authentication Server ACE Authentication Server Configuration Elements ACE Authentication Server Background Information Configuring Network Login Information Network Login General ConfigurationConfiguring General Network Login Information Using Cfgedit Select the type of authentication desired Network Login Banners Network Login General Configuration Background InformationConfiguring Network Login Banners Using Cfgedit Login Configuration Specific to Radius Server Network Login Banners Background InformationConfiguring Radius Server Login Information Using Cfgedit Login Configuration Specific to Radius Server Login Configuration Specific to Tacacs Server Configuring Tacacs Server Login Information Using Cfgedit Login Configuration Specific to Tacacs Server USER’S Guide Configuring Encryption ConfigurationConfiguring AN Encryption Adapter Using Cfgedit Select Add a Resource Select IP Security Associations Select Add. Respond to the following series of questions Configuring Link Layer Encryption PPP Encryption only Select Device Level Databases Select On-node device entries Encryption Configuration Elements Final Destination IP Address Encryption Background Information IP Network Layer Encryption 12345678 8888CCCC 8888CCCC 12345678 Link Layer Encryption Isdn Interaction with Other Features For IP Layer encryption For Link Layer encryption Advanced Configuration Configuring Alternate Accesses Configuring Alternate Accesses Dedicated AccessesConfiguring a Dedicated Access Using Cfgedit Dedicated Access Configuration Elements Dedicated Access Background Information Accesses Configuring AN X.25 Access Accesses USER’S Guide Configuration Elements Lapb Configuration Elements Timers Maximum Window Size Nonstandard Default Transmit Window Size PVC Configuration Elements Access Background Information B1 B2 Frame Relay Accesses Configuring a Frame Relay AccessSelect Access Information Select Add a PVC Frame Relay General Configuration Elements Frame Relay PVC Configuration Elements LMILMI Format Dlci Value PVC Name Frame Relay Access Background Information Local Management Interface Overview Allowed Not Allowed Configuring Advanced Bridging Bridge Dial OUT Under ISDN, select Dial Out Phone Number Configuring Spanning Tree Protocol Using Cfgedit Spanning Tree Protocol Spanning Tree Protocol Configuration Elements Spanning Tree Protocol Background Information Bridge Mode of Operation Configuring the Bridge Mode of Operation Using CfgeditBridge Mode of Operation Configuration Elements Bridge Mode of Operation Background Information Configuring Bridge Filters Using Cfgedit Bridge Filters Protocol Definition Commands Source MAC Filter Commands Destination MAC Filter Commands Protocol Filter CommandsPacket Data Filter Commands Bridge Filter Configuration Elements Lsap in HEX Bridge Filters Background Information Filter Type Maximum Number of EachFilter Destination MAC Unrestricted Mode Bridge Filters Source Discard Connect Destination Protocol Packet Central Site Remote Access Switch Filter Action Distribution Result List Packet matching this filter will not be forwardedOn any LAN port. The packet will be sent to remote Sites connected over the WAN according to On LAN port 1. The packet will be sent to remote Sites connected over the WAN and to LAN portAccording to the normal learning bridge methods On LAN port 2. The packet will be sent to remote Restricted Mode Bridge Filters Restricted Mode Forwarding Action Central Site Remote Access Switch Filter Distribution Result Action List Packet matching this filter will only be forwardEd on the LAN ports. The packet will not be sent to Any remote sites connected over the WAN Ed on LAN port 1. The packet will not be sent to re Mote sites connected over the WAN or to LANPort Ed on LAN port 2. The packet will not be sent to re Packet matching this filter will be discarded on LAN ports. The packet will be sent to allPacket matching this filter will be discarded to Remote sites connected on the WAN. The packet Configuring a Destination MAC Address Filter Preliminaries Discard Connect Configuring the Known Connect List Known Connect List Known Connect List Configuration Elements Known Connect List Background Information Configuring Advanced IP Routing Static ARP Table Entries Configuring Static ARP Table Entries Using Cfgedit Static ARP Table Entries Configuration ElementsStatic ARP Table Entries Select Static ARP Table Entries from the IP menu Isolated Mode Static Route Lookup VIA Radius Static Route VIA Radius Configuration Elements Configuring AN IP Address Pool Using CfgeditIP Address Pool Configuration Elements IP Address Pool IP Filters IP Address Pool Background Information Initiating the IP Filter Configuration Using Cfgedit Configuring Packet Types Using Cfgedit TCP UDP Icpm Specify a control value any, established, or not established Select Icmp Type Configuring Forwarding Filters Select Add a Forwarding Filter Configuring Connection Filters Configuring Exception Filter Applying Filters Select IP InterfacesSelect Apply Global Forwarding Filter IP Filters Configuration Elements TCP and UDP Ports NEQ RangeIP Filters Background Information Packet Types Forwarding Filters Connection Filters Exception Filters Application to Network Interfaces Common Portion Limitations Example of AN IP Filter Configuration FTP WWW Sfvra Forward Configuring a Dhcp Relay Agent Using Cfgedit Dhcp Relay Agent Dhcp Configuration Elements Dhcp Background Information Bridge to Bridge Environment Router to Bridge Environment IP Router to IP Router with Relay Agents on both USER’S Guide Remote Bridge to IP Router w/Relay Agent = WAN Rlan Configuring the Dhcp Proxy Client Dhcp Proxy ClientSelect Dhcp Proxy Client Dhcp Proxy Client ENABLE/DISABLE Flag Sample Configuration IP Router with Dhcp Proxy Client Configuration for IP Router Chloe Configuring Security Associations Using CfgeditSecurity Associations DNS and Netbios Addresses Configuring DNS and Netbios Addresses Using Cfgedit DNS/NBNS Configuration Elements DNS/NBNS Background Information Configuring IPX Configuring IPX Information ENABLING/DISABLING IPX Using Cfgedit IPX Option Configuration ElementIPX Routing Option Configuring the IPX Internal Network Number Using Cfgedit IPX Internal Network Number Configuration ElementIPX Internal Network Number IPX Option Background Information Configuring IPX Network Interfaces Using Cfgedit IPX Network InterfacesIPX Network Number Background Information Displays the current IPX network interface data IPX Network Interface Configuration Elements SAP IPX Network Interface Configuration Elements IPX Network Interface Background Information Configuring IPX Routing Protocols Using Cfgedit IPX Routing Protocol Configuration ElementsIPX Routing Protocols IPX Routing Protocol Background Information SAP Special Considerations Remote LAN Interface Configuring IPX Static Routes Using Cfgedit IPX Static Routes IPX Static Routes Configuration Elements IPX Static Routes Background Information IPX Netware Static Services Configuring IPX Netware Static Services Using Cfgedit IPX Netware Static Services Configuration Elements IPX Netware Static Services Background Information Configuring IPX Spoofing Using CfgeditIPX Spoofing IPX Spoofing Configuration Elements IPX Spoofing Background Information Watchdog Protocol Configuring IPX Type 20 Packet Handling Using Cfgedit IPX Type 20 Packet Handling Configuration ElementsIPX Type 20 Packet Handling IPX Isolated Mode Configuring IPX Isolated Mode Using CfgeditIPX Isolated Mode Configuration Elements IPX Isolated Mode Background Information Configuring Triggered RIP/SAP Global Timers Using Cfgedit Displaying WAN Peer List Triggered RIP/SAP Background Information Configuring IPX Devices IPX-SPECIFIC Information for Devices IPX-Specific Information for Devices Remote LAN Devices Enable Bridging and disable Make calls for bridge data IPX Configuration Elements for Devices None IPX Background Information for Devices Configuring Snmp Configuring Snmp Configuring Snmp Snmp Configuration Elements Snmp Background Information WAN Central Site Remote Access Switch Using Cabletron NMS Systems CT-CONTAINER-MIB CT-WAN-MIB CTMIB2-EXT-MIB Configuring Appletalk Routing Enabling Appletalk Routing Using CfgeditAppletalk Routing Option Appletalk Routing Option Configuration Element Configuring Appletalk Ports Using CfgeditAppletalk Ports Appletalk Routing Background Information Appletalk Ports Configuration Elements Appletalk Ports Background Information Overview Configuration Configuring Appletalk Static Routes Using CfgeditAppletalk Static Routes Considerations Appletalk Routing Static Routes Configuration Elements Configuring Appletalk Capacities Using CfgeditAppletalk Capacities Configuration Elements Appletalk Capacities Appletalk Isolated Mode Configuring the Appletalk Isolated Mode Using CfgeditAppletalk Isolated Mode Configuration Elements Appletalk Capacities Background Information Configuring Call Control Call Control Menu Configuring the Throughput Monitor Throughput Monitor Throughput Monitor Configuration Elements Throughput Monitor Background Information Condition Trigger Number Window Size Utilization 90% Underload Condition Monitoring USER’S Guide Call Interval Parameters Monthly Call Charge Monthly Call Charge Configuration Elements Configuring Call Restrictions Using CfgeditCall Restrictions Monthly Call Charge Background Information Call Restriction Configuration Elements Maximum Calls PER DAY Maximum Call Minutes PER Month Configuring Bandwidth Reservation Bandwidth ReservationCall Restrictions Background Information Bandwidth Reservation Bandwidth Reservation Configuration Elements Select Bandwidth Reservation Configuring Semipermanent Connections Using Cfgedit Semipermanent ConnectionsBandwidth Reservation Background Information Semiperm Semipermanent Connections Configuration Elements Call Device CommandsSemipermanent Connections Background Information Call Restrictions Throughput Monitor Configuring CSM for Call Control Using Cfgedit CSM AS a Call Control Manager Call Control Management Configuring D Channel Callback Using Cfgedit Channel CallbackSelect D Channel Callback Channel Callback Configuration Elements Channel Callback Background Information Digital Modem Inactivity Timeout Modem Inactivity Timeout Configuration Elements Modem Inactivity Timeout Background Information Configuring Other Advanced Options Configuring for a Digital Modem Using CfgeditDigital Modem For IP routing For IPX routing For AppleTalk routingDigital Modem Background Information Digital Modem Default Async Protocol PPP Mode Using Cfgedit Terminal Mode Using Cfgedit Call Disconnect Using CfgeditDefault Async Protocol Configuration Elements Data Timeout Value Autosense Feature PPP Configuration Configuring PPPPPP Configuration Elements PPP Configuration PPP Background Information Default Line Protocol Configuring Default Line Protocol Using Cfgedit Default Line Protocol Configuration Elements Default Line Protocol Background InformationConfiguring LOG Options Using Cfgedit LOG Options From Log Options, select Authentication Message DA log LOG Options Configuration ElementsSelect Add a Syslog Server From Log Options, select Call Detail Recording UDP Port LOG Options Background Information Central Site Remote Access Switch System Messages CDR Log Report Event Report Contents Call Detail Recording Events Record Connect/Term Connect Event Report Contents Disconnect/Term Disconnect Event Report Contents Reject Event Report Contents Term Succ Event Report ContentsTerm Fail Event Report Contents System Up Event Report Contents Verify Event Report Contents Configuring Compression Options Using CfgeditCompression Options Compression Options Configuration Elements Compression Options Background Information Central Site Remote Access Switch Configuring Tftp Tftp Configuration ElementsTftp Background Information Configuring File Attributes File Attributes Configuration ElementsFile Attributes File Attributes Background Information Verification and Diagnosis ARP Verifying the Base System Hardware Resources OPERATIONAL?WAN Adapter INITIALIZED? To correct the problem, try the following LAN Adapter INITIALIZED? WAN Lines Available for USE? Verifying WAN Line Availability Dedicated Serial Connections LAN Connection OPERATIONAL? Try the following to correct the problem Bridge INITIALIZED?IP Router INITIALIZED? Remote Device Connectivity Set-up Security Rejection-Invalid Calling Line Id # MULTI-LEVEL Security To verify multi-level security IP Host Mode DisabledIP Host Mode OPERATIONAL? IP Host INITIALIZED? Try the following Alternate Accesses Dedicated Connections Frame Relay Connections Connections A Terminal Server Menu Verifying Routing Protocols IP Routing OPERATIONAL?IP Routing Over a LAN Interface IP Routing Over a WAN Interface Ping 192.100.1.1 return IP Routing Over a WAN Direct Host Interface 100.0.0.1 100.0.0.0 Host B 100.0.0.3 Host a 100.0.0.2 IP Routing Over a WAN Remote LAN Interface IP Routing Over a WAN Unnumbered Interface IP Filters Ip filter trace discard return If you are still experiencing problems Ip filter trace off returnIP RIP INITIALIZED? IP RIP Output Processing on a LAN Interface IP RIP Input Processing on a LAN Interface IP RIP Output Processing on a WAN Interface IP RIP Input Processing Operational on a WAN Interface IPX IPX Router INITIALIZED? IPX Routing OPERATIONAL? IPX Routing Over a LAN Connection IPX Remote LAN Connection Xxxx IPX Routing Over a WAN Connection Triggered RIP/SAP Ipx trigreq device Appletalk Routing Appletalk Routing INITIALIZED?Appletalk Routing OPERATIONAL? Appletalk Routing Over the LAN Connection Atalk port Appletalk Routing Over a WAN Connection USER’S Guide Verifying System Options Snmp USER’S Guide Dial OUT Set Up Call Detail Recording Compression CyberSWITCH does not have Compression Enabled Reserved BandwidthPeer Protocol-Rejects CCP Verifying the Relay Agent is Enabled Verifying Dhcp Relay Agent Initialization Verifying the Relay Agent is Operational USER’S Guide Verifying the Proxy Client is Enabled Verifying Dhcp Proxy Client Initialization Verifying the Proxy Client is Operational Ip addrpool return Modem Callback Verifying a Semipermanent Connection Proxy ARP Proxy ARP Troubleshooting LCD Messages LCD Messages LCD Message GroupsInitialization LCD Message Normal Operation LCD Messages Error LCD Messages LCD Message Groups Auto Over Max Charge System Messages Error Messages Informational MessagesInitialization Messages Normal Operation Messages Port LAN Adapter, operating in remote mode only Port LAN Adapter, operating in local and remote modeCall has exceeded the configured maximum duration System Message Summary Acct Warning code Timeout Adapter #’x’ failed to respond from bootstrapActivation Failure- Session not active Adapter does not respond adapter #’x’ Attempting to load FileName for Upgrade Attempt to initialize unconfigured DM card in slot slot #Auth ACE Could not create service file Auth ACE Could not write service file Auth ACE Error receiving server log message acknowledgment Auth ACE Login rejected user user nameAuth ACE Node verification received Client initialized Auth Radius Chap rejected for device device name Auth Radius Login rejected device device name Auth Radius IP Host rejected IP Host id IP host IdAuth Radius IP Resolve rejected IP Address IP address Auth Radius PAP rejected device device name Auth Tacacs Login rejected user user name Auth Warning code 0001 TimeoutAuth Warning code 0004 No authentication node available Auth Warning code 0007 Authentication mode mismatch Booting System Software Bootstrap came alive on DM card in slot slot #Bootstrap came alive on WAN card in slot slot # Bad auth result in smgrauthaanotify for device device name Call Restrictions have been disabled by user command Calculating CRC’sCallback type call back type ID is not currently supported CallID in use in Hostcallrequest Call Restrictions have been enabled by user command Call Restriction statistics reset for new dayCall Restriction statistics reset for new month Call Restrictions will allow calls to be made this hour Central Site Remote Access Switch Cause cause code received for Dlci dlci index Cause Code EventCCP Internal Decompression Failure CCP Option Negotiation Failure, Non-Convergence detected Chap Authentication Failure remote device not responding Channel in use in HostcallrequestCNTR-TMRTimed out waiting for TMR number interrupt Configured adapter # ’x’ type does not exist Couldn’t find speech service slot #, port #Current monthly charges reset for new month Connection disconnected for license violation Data link test successful DSL port # , CES DCE Data Rate is invalid on FrStartPVCDedicated connection down slot #, port # DHCP-P Failed to close UDP port x, erc = y DHCP-P Proxy Client disabled DHCP-P Proxy Client enabledDHCP-P Proxy Client initialization failed DHCP-P UDP port 67 closed DHCP-R Relay Agent disabled DHCP-R Relay Agent enabledDHCP-R Failed to close UDP port 67, erc = DHCP-R Failed to open UDP port 67, erc = DM card in slot slot # is not usable, could not upgrade DM card in slot slot # signals it is operationalDM card type configured in slot slot # does not exist DM card failed Flash download bad xx Srec DM card in slot slot # will not come out of reset DM upgrade started. Board=board #, Modem=modem #DM upgrade success. Board=board #, Modem=modem # Downloading Bootstrap to DM card in slot slot # Edrv transmit error error code Error closing file ’s’Error downloading bootstrap program to adapter #’x’ Error downloading operational software to adapter ’x’ Error during channel initialization Access access index Error during port initialization Access access indexError during PVC initialization Access access index Error initializing WAN card WAN card Id Error opening file \system\ethernt2.bin Error programming adapter #’x’ hardwareError reading file file name, section = section name Error reading sdconf.rec file Failed to get a tone signaling session Facility not subscribed Slot=slot # Port=port #Failed to allocate enough memory for Xilinx load file Failed to obtain Terminal info in smgrprocterminalauthsess Failure during read of file ’s’ Failure during Static RAM test on adapter # ’x’Failure to allocate enough memory for Xilinx load file Central Site Remote Access Switch File Access Err Formatting Flash MemoryFrietf detected PPP protocol from NAME, shutting down PVC Frame Relay event queue full Installing File Set into Flash Memory Interrupt fault on WAN Adapter in Slot slot #Invalid Cllm received on Access access index Invalid Password password given IP Error from ESP datagram discarded IP x.x.x.x not added to the pool Unknown error yInvalid SERIAL.001 file present, file is ignored Invalid serial number in SERIAL.001, file is ignored IP Default Route not added, invalid next hop IP address # IP Invalid configuration for Network Interface ddIP Cannot stop Proxy Arp for IP address #, no cmd buf avail IP Failed to de-register with IP Address Pool Manager erc=x IP Invalid Peer IP Address IP address, WAN IP Stream Closed IP IP host is initialized successfullyIP IP router is initialized successfully IP Network initialized successfully on ddd.ddd.ddd.ddd Ipcp IP Address Pool Out of IP addresses Ipcp Option Negotiation Failure, Non-Convergence detectedIpcp Remote device does not negotiate IP address IP Host Call Dropped XID was not received from remote IP RIP All network interfaces used IP RIP Buffers allocatedIP RIP Initialization failed, unable to allocate buffers IP RIP Send queue full IPX Invalid Ipxwc passed IPX Network initialized successfully onIPX Network Interface on LAN port port # not initialized IPX IPX router initialized successfully IPX SAP Space available in service table IPX SAP Unable to add service, service table fullIpxwan IPX Internal Network Number must be configured IPX SAP Buffers allocated LAN Adapter Command Timeout LAN Adapter configuration conflictLAN Adapter Fatal Error Reported LAN Adapter HW upgrade may be required LAN Adapter Reset LAN Adapter Response TimeoutLAN Adapter System resource error LAN Init Error LAN Xmit Error LMI alarm on Access access indexLMI alarm reset Access access index Manage Mode updates have been successfully committed Memory Access Timeout Mismatch of configured and installed DM card in slot slot #Manual restart initiated on DM board in slot slot # Max ATI3 retries exceeded on modem modem # of slot slot # Modem modem # of DM card in slot slot # is unusable Modem revision on modem modem # of slot slot # failedNegotiation Failure with Semipermanent device Network loop between site1 and site Network sent Cause Spid not supported slot #, port # Network sent Status with state = 0, tear down callNo Active Calls Active Sites No Active List entry available in INM Out of LAN Adapter transmit command descriptors No Sites ConnectedNot enough memory for Security module Offnode server lookup of Dial Out User failed Auto For over 5 minutes Report problem to Phone company PAP Identification timeout on remote devicePAP Invalid password for name given by remote device Out Svc # slot # , port # PAP Remote device rejected System Information error message PAP Unknown name name given by remote devicePost number, Hdlc #number External Loopback Test Failed Post number, Hdlc #number Internal Loopback Test Failed PVC for Dlci dlci index not Active PVC not allocated for dlci indexPVC rcv wait q already full R2 not capable of Multichannel or Non-circuit calls RBS LIFAddTimer failure RBSoutSMchannel # Timeout waiting for WinkReattempting to Install File Set into Flash Memory Rebooting Replace Lithium Battery Contact your Representative Reserved signalReceived charge amount charge amount Remote peer ID discrepancy Security Rejection Invalid Password password given Security Rejection No Password given by callerSecurity Rejection Timeout on Startup Complete Security Rejection Caller did not negotiate security Semipermanent. Device x disconnected by admin Semipermanent. Device x reconnected by adminSignal for unknown CallCmd task task Id Slot #, port # Cfg Error Snmp Authentication failure, unknown community name Snmp Snmp initialization failure unable to open UDP portSnmp Snmp initialized successfully Snmp Unable to obtain an Snmp Trap queue entry buffer SSB Post 27 i960timer82c54FAILURE SSB i960 Post number not equal to i386’sSSB Post 23 i960hostintreg Failure SSB Post 24 i960iointreg Failure SSB Post 32 i960hdlc1 Failure SSB Post 33 i960hdlc2 FailureSSB Post 34 i960hdlc3 Failure SSB Post 35 i960hdlc4 Failure Successfully Loaded Release X.Y Issue Z Switch could not recognize phone number nnnnnnnSystem Clock Fault on Wan Adapter in Slot slot # TCP Connection to CSM at IP address is UP Tftp Local error #2 Feature not initialized Tftp Local error #3 Server not initializedTftp Local error #4 UDP rejected packet filename Tftp Local error #5 UDP open failed Tftp Local error #14 Bad file name Tftp Local error #15 Bad mode stringTftp Local error #18 Unable to open file filename Tftp Local error #19 Disk full filename Tftp Remote error # 1 Text from Remote Host Tftp Remote error # 2 Text from Remote HostTftp Remote error # 3 Text from Remote Host Tftp Remote error # 4 Text from Remote Host This card does not support R2 Signaling Timeout detected on connection establishmentTimeout detected on receiving caller’s number Timeout on Startup Complete Type mismatch of configured & installed adapter # ’x’ Too many digits in TN in HostcallrequestTried to free unallocated buffer sub name, size=size Unable to Decrypt Datagram Unable to open \config\devdb.nei file Unable to open Modem Upgrade fileUnable to restore original ISRs for Interrupt interrupt # Unable to get Digital Modem resource to place call Unexpected error during transmission of LMI frame Unmatched Login TaskUpdating CyberSWITCH from FileName Unknown Calling Bridge MAC address WAN card in slot slot # signals it is operational Watchdog timeout detected on DM board in slot slot #Watchdog timeout detected on WAN board ’x’ X25 facilities error, facilities not allowed in PVC X25 facilities error, bad facility length X25 facilities error, invalid facilities lengthX25 facilities error, invalid DTE address X25 facilities error, facility not allowed X25 facilities error, facility not available X25 facilities error, packet length negotiation not allowedX25 facilities error, window size negotiation not available X25 facilities error, Rpoa not available Zone allocation failed, maximum capacity already configured Trace Messages Call Trace Messages Location Causes Call Trace Message Summary Configure ack slot # Inband treatment has been applied-BRD CFG ACK Slot=slot # Init data link slot #, port #, ces Out configure port # Interworking unspecified causeOff-hook warning tone on Origination call address is non-ISDN Received unknown signal value Out init data link slot #, port # , cesRecall dial tone on Received unknown progress value IP Filters Trace Messages PPP Packet Trace Messages Configure Request Configure ACKConfigure NAK Configure Reject Trace Messages Echo ReplyDiscard Request Trace Message Summary X25 Data LCN logical channel number, number of bytes bytes X25 DCE RR LCN logical channel number, number of bytes bytes System is sending a call request to the network Lapb Trace Messages Lapb Trace Message Summary Lapb Sabme Lapb UAOut Lapb Disc Out Lapb DM System Maintenance Remote Management Remote Management SITE.HQ Installation and Configuration Usage Instructions Telnet Isdn Earlier Releases Central Site Remote Access Switch Setting UP a NEW Number Setting UP Server TypeWIN95 DIAL-UP Networking General tab Dialing OUT Site HQ Isdn Users Report Files Statistics Files Config files Other Files Changing Carbon Copy Configuration Parameters Carbon Copy Modem Type COM1 Baud Rate Performing a File Transfer Using Carbon Copy Copy LCNETWORK.NEI HC\CONFIG\NETWORK.NEI Running Without Carbon Copy Removing Carbon Copy System Commands Accessing Administration Services Setting the IP Address Accessing Dynamic Management Viewing Operational Information Neif Connected Second column is the potential number of connections Viewing Throughput Information Throughput Monitor Contents Saving Operational Information Clearing Operational Information Terminating and Restarting the Cyberswitch CONFIGURATION-RELATED Commands Setting the Date and Time Terminating Administration SessionsLogin-Id Appletalk Routing Commands Type State Default zone Network rangeFlags Physical address Distance Zones valid Bridge Commands Zone Call Control Commands Indicates that a call request process has been initiated Call peer phone number data rate device bearer Calling phone number at data rate, device PPP Call Detail Recording Commands Call Restriction Commands Compression Information Commands CSM CommandsDhcp Commands Digital Modem Commands Frame Relay Commands Clears all statistics associated with the fr stat command IP Routing Commands Disables the trace Mask used for the destination Time since the last update was received IPX Routing Commands Ipx diag host ipx address timeout Isdn Usage Commands LAN Commands LOG Commands Packet Capture Commands Pkt display Banyan Vines Packet Detail Screen Bridged Packet Radius Commands Radius ipres Serial Interface Commands Snmp CommandsSpanning Tree Commands Spanning Tree Port Information Spanning Tree Bridge Information Bridge priority of the root bridge TCP Commands Telnet Commands Possible send parameters are defined as follows Terminal Commands Tftp Commands Tftp GET Trace Commands Tftp PUT UDP Commands User Level Security Commands WAN Commands Commands Clears the statistics for the default VC System Statistics Connectivity Statistics Call Restriction Statistics Call StatisticsThroughput Monitoring Statistics Appletalk Statistics Appletalk Protocol Statistics Number of AppleTalk Echo requests received Count of AppleTalk Echo replies received Number of NBP LookUp Requests received Appletalk Port Statistics Bridge Statistics Call Detail Recording Statistics Compression Statistics Compression Related StatisticsDecompression Related Statistics Dhcp Statistics Dhcp Relay Agent statistics and Dhcp Proxy Agent statisticsCommon Dhcp Statistics Dhcp Relay Agent Statistics Dhcp Proxy Client Statistics Access Related Statistics Digital Modem StatisticsFrame Relay Statistics Init PVC Related Statistics LAN Statistics IP Statistics IP Group Statistics Number of IP datagrams successfully reassembled Icmp Group Statistics IPX Statistics IPX General Statistics Network number portion of the IPX address of this system IPX RIP Statistics IPX Triggered RIP Statistics IPX Route Statistics IPX SAP Statistics IPX Triggered SAP Statistics IPX Service Statistics RIP StatisticsRIP Global Statistics RIP Interface Statistics Serial Interface Statistics Snmp Statistics SnmpInBadVersions SnmpInGetNexts TCP Statistics Tftp Statistics Statistics for Server or Remote Initiated Tftp ActivityStatistics for Local or Client Initiated Tftp Activity Statistics for ALL Tftp Activity WAN Frietf Statistics UDP Statistics Layer 1 PRI Error Statistics WAN L1P Statistics WAN Statistics Layer 1 General Statistics Statistics Maximum number of active VCs allowed at any time Virtual Circuit VC Related Statistics USER’S Guide Routine Maintenance INSTALLING/UPGRADING System SoftwareExecuting Configuration Changes Making Changes Using Cfgedit Configuration Backup and Restore Making Changes Using Manage ModeObtaining System Custom Information Appendices System Worksheets System Adapters Ethernet Adapter Side View Ethernet Adapter BRI-4 Adapter Side View Basic Rate Adapter Front View PRI-8 Adapter Side View Primary Rate Adapters PRI-8 PRI-23 Adapter PRI-23/30 Adapter Front View PRI-8 Expander Adapter Side View Front View Adapter Side View Front View RS232 Adapter Side View DM-8 Adapter Digital Modems DM-8 DM-24 Adapter OFF DM-24+ Adapter DM-24+/DM-30+ DM-24+ Adapter Back view USA System Worksheets Network Topology System Details ResourcesLines Accesses Over Isdn Authentication Information Frame Relay Information Device Information Bridging and Routing Information IP Routing IP Routing IPX Routing Appletalk Routing AppleTalk Routing/Port Information Main Menu IPXSnmp PPP FR DBU Physical Resources Menu Options Menu WAN RlanDhcp SPI Snmp FR DBU Security Menu CSM Radius Tacacs ACESVC, PVC PPP STAC-L25 CSM RadiusCSM TCP port Reporting Problems Getting AssistanceContacting Cabletron Systems To Customer Service From Phone FAX Cabletron Systems System Problem ReportNumber of Pages Including this Administrative Console Commands Table Command Use Cdr verify Verifies call detail recording servers are configuredClears administration screen Displays authentication messages Administrative Console Commands Table Generates a triggered RIP/SAP update request to Local log file only displays the call detail recording logLog cdr erase Local log file only erases the call detail recording log Changes password for current access level Displays system errors and system messages Displays the current Tftp statistics Writes current authentication messages to disk Access or the specified accessSets LCN index default value to m Specified X.25 access Manage Mode Commands Table Adds/changes/deletes an IPX address from the IPX Address pool Ipxsvc add/change/delete Adds/changes/deletes an IPX service Central Site Remote Access Switch Cause Codes Table Cause Codes Table USER’S Guide Central Site Remote Access Switch USER’S Guide Central Site Remote Access Switch Dec Value Hex Value Cause Unknown Index AtalkBr stat Clid 195 Cr stats 596 crossover cable Date Help 113 Ip addrpool Isdn usage commands 607 isolated mode Ipcp Modem devices Netstat -r 443 network flattening Offnode 213, 216 STAC-LZS Radius Server configuring Restart 585 restore Snmp 352 snmp stats 614 socket number 336 software Srcfilt 270 startne Terminal mode 33, 102, 392, 393 Trace lapb Wr 72, 584 ws 72 Wan