Configuring User Level Databases | Enterasys Networks CSX6000

CONFIGURING USER LEVEL DATABASES

OVERVIEW

User level security is an authentication process between a specific user and a device. The authentication process is interactive; users connect to a terminal server and need to interact with it in order to communicate with other devices beyond the server. The CyberSWITCH supports user level security through the RADIUS, TACACS, or ACE Server.

This chapter provides information for enabling an off-node user level database. Refer to the chapter Configuring Off-node Server Information for configuration instructions for specific servers.

USER LEVEL AUTHENTICATION DATABASE LOCATION

CONFIGURING AUTHENTICATION DATABASE LOCATION

USING CFGEDIT

1.Select Security from the main menu.

2.Select option (4), User Level Databases (Enable/Disable) from the Security Menu. The following screen be displayed:

User Level Databases Menu:
Authentication Database Location:		Status	Telnet Port
--------------------------------------------------------------------
1)	RADIUS Authentication Server	ENABLED	7001
2)	TACACS Authentication Server	ENABLED	7000
3)	ACE Authentication Server	ENABLED	7003
Select function from above or <RET> for previous menu:

3.Select the option you wish to configure and press <RET>. This prompt acts like a toggle switch. If you select a server that is currently enabled, the system will prompt you to disable it. If you select a server that is currently disabled, follow the onscreen instructions to enable the server, including entering the Telnet port number for the server. If you answer yes, you will need to provide the Telnet port number.

USING MANAGE MODE

seclevel

Displays the current security level configuration data.

Image 205

Enterasys Networks CSX6000, CSX5500, CSX7000 Configuring User Level Databases, User Level Authentication Database Location

Contents

USER’S Guide Virus Disclaimer Trademarks DOC Notice Contents Software Overview Hardware Installation Cfgedit Configuration Tools Security Overview Configuring System Options and Information Configuring Off-node Server Information Configuring Encryption Configuring Advanced Bridging Configuring IPX Central Site Remote Access Switch Configuring Snmp Configuring Other Advanced Options Verifying the Base System Verifying Routing Protocols LCD Messages System Commands System Statistics Routine Maintenance Cfgedit Map Using this Guide Cfgedit MAP Documentation SET Cfgedit Screens Guide Conventions User’s Guide System Overview CyberSWITCH Cyberswitch Hours of Usage Unique System Features USER’S Guide Central Site Remote Access Switch Radius Interoperability OverviewInteroperability Protocols Interoperability Devices Network Layer Encryption OverviewLink Layer Network Interface Overview Security Overview System Components Isdn Remote Isdn Devices Switches Supported System Platforms Hardware OverviewPlatform Number Main Speed Slots CSX5500 System Platforms EMI To reduce the risk of electrical shock or energy hazards CSX6000 Cleaning the CSX6000 AIR Filter To reduce the risk of electrical shock or energy hazards CSX7000 Disk Drives Number of 1/3 height IDE disk drives supported Front View NE 2000-II a Network Express Platform Platform Characteristics NE 4000 a Network Express Platform USER’S Guide NE 5000 Platform a Network Express Platform Cleaning the NE 5000 AIR Filter EMI System Adapters Hardware CharacteristicsEthernet Adapters Mtbf Basic Rate Adapters 75000hrs PRI-8 Primary Rate AdaptersPRI-23 Jumper Usage PRI-23/30 Expander Adapter PRI-8, PRI-23, and PRI-23/30 Connection Adapter 35 Pin No Connect Ring Indicator Data Set Ready No Connect Gnd Signal ReturnTransmit Clock Receive Data No Connect With error control and data compression With error controlDigital Modems With data compression LSI Logic LR33000RISC DM-8Mvip DM-24 Encryption Adapter Software Overview Administration SoftwareOverview System Software System Files Configuration Files Operational Files User Level Security Files Accessing the CyberSWITCH System Installation Ordering NI-1 Lines Using EZ-ISDN Codes Ordering Isdn Service US onlyOrdering NI-1 Lines Using NI-1 Isdn Ordering Codes Ordering BRI Isdn Lines Using Provisioning Settings NI-1 AT&T Custom Point-to-Point Provisioning Settings for AT&T 5ESS Switches Unrestricted AT&T 5ESS NI-1 ServiceCSV limit CSV NB limit CSD limit CSD NB limit CSV limit Provision Settings for Northern Telecom DMS-100 SwitchesAny CSD limit PVC Version Functional Yes Number of call AppearancesBasic Information for Ordering PRI Isdn Lines US Only Disabled Type of SwitchOption Local Bell Operating Company Sprint PRE-INSTALLATION Requirements Hardware InstallationChoose a suitable setup location Verify system power requirements Provide a diskette for configuration backup Verify administration console requirementsIf you are installing only WAN adapters If you are installing WAN adapters and DM adapters If you are installing WAN adapters and an Encryption adapter Adapter Settings Configured Slot Interrupt Jumper Address Switch Setting SW1 Adapter Interrupt and I/O Address Settings DM-24 Adapter Interrupt and I/O Address Settings SW3 SW2 Mvip Settings Encryption Adapter SettingsDES/RSA Adapter OFF Line Type Settings Additional Adapter SettingsTop Left Top Pair Right Pair Jumper Jumper Setting North American PRI-23 Clock SettingsJ10 J11 J12 J13 J14 JP3 JP1JP6 JP9 Mvip Inserting the Adapters Into the Cyberswitch Connecting Multiple Adapters Connecting Adapter INTER-BOARD Cables Flat Bus Ribbon Cable Connecting a WAN Adapter to the LCD Summary of Guidelines Making Connections Accessing the CyberswitchDirect Connection NULL-MODEM Connection to a PC DCD DTR DSR RCV Xmit GND RTS CTS Remote Connection Using Telnet On the remote administration console side On the CyberSWITCH sideRemote Connections Modem to Modem COM1 From Cfgedit Options, select Default Async Protocol Establishing AN Administration Session Accessing the Release Notes Upgrading System Software Installing Software Couldn’t open the file C\SYSTEM\PLATFORM.NEI Upgrading System Software Local Upgrade Remote Upgrade Accessing the Release Notes Configuring Basic Bridging Basic Configuration Cfgedit Configuration Tools Executing Cfgedit Dynamic ManagementSaving Cfgedit Changes Executing Dynamic Management Saving Dynamic Management Changes Utility Dynamic Management Commands Using the Configuration Chapters Using the Network Worksheets Configuring Resources Using Cfgedit Configuring Resources and LinesResources Resource Configuration Elements Resource Background Information PPP Lines Configuring Lines Using Cfgedit Multiframe CRC Characteristic PRI/T1 lines E1 lineCommonChannel Select Change from the Data Lines menu of Physical Resources Auto TEI Line Configuration Elements Directory Numbers Switch Type Number of Data Number of SPIDsDMS100 custom NI-1 Directory Numbers Line Encoding Line Background Information Commport Information Subaddress Configuration Elements Configuring a Subaddress Using CfgeditSubaddresses Subaddresses Background Information ENABLING/DISABLING Bridging Using Cfgedit Configuring Basic BridgingSelect Enable/Disable Bridging MAC Layer Bridging Configuration Elements MAC Layer Bridging Background Information Enabling IP Using Cfgedit Configuring Basic IP RoutingInternet Protocol IP Option IP Option Configuration Elements IP Operating ModeConfiguring the IP Operating Mode Using Cfgedit IP Background Information IP Operating Mode Background Information IP Operating Mode Configuration Elements IP Network Interfaces Configuring Interfaces Using Cfgedit USER’S Guide Network Interface Configuration Elements MTU Transmit Broadcast IP Address Default switch for numbered WAN interfaces IP RIP Receive Control IP Network Interface Background Information IP Host RFC1294 IP Network Interface Type Associated Remote DeviceWAN Direct Host IP Host RFC1294 Hdlc Bridge USER’S Guide Example 1 LAN, WAN and WAN Direct Host Interfaces Example 2 LAN, WAN UnNumbered, WAN Remote LAN Interfaces IP RIP and the IP Network Interfaces Isdn Isdn IP RIP Over Dedicated Connections Isdn Network Flattening Redundant Configurations for BackupProxy ARP Example IP Host Communications in Flattened Networks Secondary IP Addressing Static Routes Configuring Static Routes IP address for the destination network or host Static Route Configuration Elements Central Site Remote Access Switch Static Route Background Information Isdn Configuring Default Routes Default RoutesDefault Route Configuration Elements Routing Information Protocol RIP Option ENABLING/DISABLING IP RIP Using Cfgedit IP RIP Status IP RIP Configuration ElementsIP RIP Background Information LAN Security and Encryption Options Configuring Security Level Security Level Security Overview Device Level Databases System Options and Information User Level Databases Network Login InformationOFF-NODE Server Information Configuring Security Level On-Node Yes Database Device Level User Level Administration Security No Security Configuring no Security Using Cfgedit Device Level Security Configuring Device Level Security Using CfgeditDevice Level Security Background Information User Level Security Configuring User Level Security Using CfgeditUser Level Security Background Information User Level Security Isdn Making a Telnet Connection Responding to Login Prompts Device and User Level Security Configuring Device and User Level Security Using CfgeditTacacs ACE Device and User Level Background Information Configuring System Options Using Cfgedit Configuring System Options and InformationSystem Options System Options System Options Configuration Elements PAP Chap Bridge MAC Calling Line Id Authentication Address PAP Chap System Options Background Information System Information Configuration Elements Configuring System Information Using CfgeditSystem Information Optional Calling Line Id Configuring Administrative Sessions Using Cfgedit Administrative SessionSystem Information Background Information Administrative Session Configuration Elements Administrative Session Background Information Emergency Telnet Server Port Number Background Information Configuring AN ON-NODE Device Database Configuring Device Level DatabasesON-NODE Device Database ON-NODE Device Entries Configuring ON-NODE Device Entries On-node Device Entries No pvc configured for Device DAN SVC None 0.0 IP SubNetwork number ON-NODE Device Database Configuration Elements Base Data Rate Frame Relay Access Configuration Elements Chap Secret Outbound Authentication RIP/SAP Appletalk Information Configuration Elements Bridge Information Configuration Elements Bridging with Hdlc Bridge Devices ON-NODE Device Database Background Information IP Routing with Hdlc Bridge Devices Security Mode On-node Device Table Configuration DataLine Id IP Routing with IP Host Devices RFC1294 IP Routing with PPP IP Devices Using IpcpPAP or Chap PAP Password or Bridging with PPP Bridge Devices Using BCPIP Routing with PPP Bridge Devices Using BCP OFF-NODE Device Database Location Configuring OFF-NODE Device Database Location Using Cfgedit OFF-NODE Device Database Location Background Information OFF-NODE Device Database Location Configuration Elements User Level Authentication Database Location Configuring User Level DatabasesConfiguring Authentication Database Location Using Cfgedit Database Telnet Port Number Multiple Administration Login Names Configuring OFF-NODE Server InformationName John Doe Name mynode1 Address Remote Office1 Type communications server Configuring CSM Authentication Server CSM Authentication Server CSM Authentication Server Background Information CSM Authentication Server Configuration ElementsConfiguring a Radius Authentication Server Is SHAREDSECRET1234 Radius Authentication Server Background Information Radius Authentication Server Configuration Elements Select 5 Off-node Server Information Configuring a Radius Accounting Server Return to the Off-node Server Information Menu Radius Accounting Server Background Information Radius Accounting Server Configuration Elements Radius RFC2138 Enabling Radius Type Using Cfgedit Configuring the Dynamic Device Option Using Cfgedit Radius Type Configuration ElementsDynamic Device Option Radius Type Dynamic Device Configuration Elements Configuring a Tacacs Authentication Server Tacacs Authentication Server Tacacs Authentication Server Background Information Tacacs Authentication Server Configuration Elements Configuring AN ACE Authentication Server ACE Authentication Server ACE Authentication Server Configuration Elements ACE Authentication Server Background Information Network Login General Configuration Configuring Network Login InformationConfiguring General Network Login Information Using Cfgedit Select the type of authentication desired Network Login General Configuration Background Information Network Login BannersConfiguring Network Login Banners Using Cfgedit Network Login Banners Background Information Login Configuration Specific to Radius ServerConfiguring Radius Server Login Information Using Cfgedit Login Configuration Specific to Radius Server Configuring Tacacs Server Login Information Using Cfgedit Login Configuration Specific to Tacacs Server Login Configuration Specific to Tacacs Server USER’S Guide Configuration Configuring EncryptionConfiguring AN Encryption Adapter Using Cfgedit Select Add a Resource Select Add. Respond to the following series of questions Select IP Security Associations Select Device Level Databases Select On-node device entries Configuring Link Layer Encryption PPP Encryption only Encryption Configuration Elements Final Destination IP Address IP Network Layer Encryption Encryption Background Information 8888CCCC 12345678 12345678 8888CCCC Isdn Link Layer Encryption Interaction with Other Features For Link Layer encryption For IP Layer encryption Configuring Alternate Accesses Advanced Configuration Dedicated Accesses Configuring Alternate AccessesConfiguring a Dedicated Access Using Cfgedit Dedicated Access Background Information Dedicated Access Configuration Elements Configuring AN X.25 Access Accesses Accesses USER’S Guide Configuration Elements Lapb Configuration Elements Timers Maximum Window Size Nonstandard Default Transmit Window Size PVC Configuration Elements Access Background Information B1 B2 Configuring a Frame Relay Access Frame Relay AccessesSelect Access Information Select Add a PVC Frame Relay General Configuration Elements LMI Frame Relay PVC Configuration ElementsLMI Format Dlci Value PVC Name Frame Relay Access Background Information Local Management Interface Overview Allowed Not Allowed Bridge Dial OUT Configuring Advanced Bridging Under ISDN, select Dial Out Phone Number Spanning Tree Protocol Configuring Spanning Tree Protocol Using Cfgedit Spanning Tree Protocol Background Information Spanning Tree Protocol Configuration Elements Configuring the Bridge Mode of Operation Using Cfgedit Bridge Mode of OperationBridge Mode of Operation Configuration Elements Bridge Mode of Operation Background Information Bridge Filters Configuring Bridge Filters Using Cfgedit Source MAC Filter Commands Protocol Definition Commands Protocol Filter Commands Destination MAC Filter CommandsPacket Data Filter Commands Lsap in HEX Bridge Filter Configuration Elements Filter Type Maximum Number of Each Bridge Filters Background InformationFilter Destination MAC Source Discard Connect Destination Protocol Packet Unrestricted Mode Bridge Filters Central Site Remote Access Switch Packet matching this filter will not be forwarded Filter Action Distribution Result ListOn any LAN port. The packet will be sent to remote Sites connected over the WAN according to Sites connected over the WAN and to LAN port On LAN port 1. The packet will be sent to remoteAccording to the normal learning bridge methods On LAN port 2. The packet will be sent to remote Restricted Mode Forwarding Action Restricted Mode Bridge Filters Central Site Remote Access Switch Packet matching this filter will only be forward Filter Distribution Result Action ListEd on the LAN ports. The packet will not be sent to Any remote sites connected over the WAN Mote sites connected over the WAN or to LAN Ed on LAN port 1. The packet will not be sent to rePort Ed on LAN port 2. The packet will not be sent to re LAN ports. The packet will be sent to all Packet matching this filter will be discarded onPacket matching this filter will be discarded to Remote sites connected on the WAN. The packet Preliminaries Configuring a Destination MAC Address Filter Discard Connect Known Connect List Configuring the Known Connect List Known Connect List Background Information Known Connect List Configuration Elements Static ARP Table Entries Configuring Advanced IP Routing Static ARP Table Entries Configuration Elements Configuring Static ARP Table Entries Using CfgeditStatic ARP Table Entries Select Static ARP Table Entries from the IP menu Static Route Lookup VIA Radius Isolated Mode Configuring AN IP Address Pool Using Cfgedit Static Route VIA Radius Configuration ElementsIP Address Pool Configuration Elements IP Address Pool IP Address Pool Background Information IP Filters Configuring Packet Types Using Cfgedit Initiating the IP Filter Configuration Using Cfgedit TCP UDP Icpm Specify a control value any, established, or not established Select Icmp Type Select Add a Forwarding Filter Configuring Forwarding Filters Configuring Connection Filters Configuring Exception Filter Select IP Interfaces Applying FiltersSelect Apply Global Forwarding Filter TCP and UDP Ports IP Filters Configuration Elements Range NEQIP Filters Background Information Forwarding Filters Packet Types Exception Filters Connection Filters Application to Network Interfaces Limitations Common Portion FTP WWW Sfvra Example of AN IP Filter Configuration Forward Dhcp Relay Agent Configuring a Dhcp Relay Agent Using Cfgedit Dhcp Background Information Dhcp Configuration Elements Router to Bridge Environment Bridge to Bridge Environment IP Router to IP Router with Relay Agents on both USER’S Guide Remote Bridge to IP Router w/Relay Agent = WAN Rlan Dhcp Proxy Client Configuring the Dhcp Proxy ClientSelect Dhcp Proxy Client Dhcp Proxy Client ENABLE/DISABLE Flag Sample Configuration IP Router with Dhcp Proxy Client Configuring Security Associations Using Cfgedit Configuration for IP Router ChloeSecurity Associations Configuring DNS and Netbios Addresses Using Cfgedit DNS and Netbios Addresses DNS/NBNS Background Information DNS/NBNS Configuration Elements Configuring IPX Configuring IPX Information IPX Option Configuration Element ENABLING/DISABLING IPX Using CfgeditIPX Routing Option IPX Internal Network Number Configuration Element Configuring the IPX Internal Network Number Using CfgeditIPX Internal Network Number IPX Option Background Information IPX Network Interfaces Configuring IPX Network Interfaces Using CfgeditIPX Network Number Background Information Displays the current IPX network interface data IPX Network Interface Configuration Elements SAP IPX Network Interface Configuration Elements IPX Network Interface Background Information IPX Routing Protocol Configuration Elements Configuring IPX Routing Protocols Using CfgeditIPX Routing Protocols SAP IPX Routing Protocol Background Information Special Considerations Remote LAN Interface IPX Static Routes Configuring IPX Static Routes Using Cfgedit IPX Static Routes Background Information IPX Static Routes Configuration Elements Configuring IPX Netware Static Services Using Cfgedit IPX Netware Static Services IPX Netware Static Services Configuration Elements Configuring IPX Spoofing Using Cfgedit IPX Netware Static Services Background InformationIPX Spoofing IPX Spoofing Background Information IPX Spoofing Configuration Elements Watchdog Protocol IPX Type 20 Packet Handling Configuration Elements Configuring IPX Type 20 Packet Handling Using CfgeditIPX Type 20 Packet Handling Configuring IPX Isolated Mode Using Cfgedit IPX Isolated ModeIPX Isolated Mode Configuration Elements IPX Isolated Mode Background Information Displaying WAN Peer List Configuring Triggered RIP/SAP Global Timers Using Cfgedit Triggered RIP/SAP Background Information IPX-SPECIFIC Information for Devices Configuring IPX Devices IPX-Specific Information for Devices Remote LAN Devices IPX Configuration Elements for Devices Enable Bridging and disable Make calls for bridge data None IPX Background Information for Devices Configuring Snmp Configuring Snmp Configuring Snmp Snmp Configuration Elements Snmp Background Information WAN Central Site Remote Access Switch CT-CONTAINER-MIB CT-WAN-MIB CTMIB2-EXT-MIB Using Cabletron NMS Systems Enabling Appletalk Routing Using Cfgedit Configuring Appletalk RoutingAppletalk Routing Option Configuring Appletalk Ports Using Cfgedit Appletalk Routing Option Configuration ElementAppletalk Ports Appletalk Routing Background Information Appletalk Ports Configuration Elements Appletalk Ports Background Information Overview Configuring Appletalk Static Routes Using Cfgedit ConfigurationAppletalk Static Routes Considerations Configuring Appletalk Capacities Using Cfgedit Appletalk Routing Static Routes Configuration ElementsAppletalk Capacities Configuration Elements Appletalk Capacities Configuring the Appletalk Isolated Mode Using Cfgedit Appletalk Isolated ModeAppletalk Isolated Mode Configuration Elements Appletalk Capacities Background Information Call Control Menu Configuring Call Control Throughput Monitor Configuring the Throughput Monitor Throughput Monitor Background Information Throughput Monitor Configuration Elements 90% Condition Trigger Number Window Size Utilization Underload Condition Monitoring USER’S Guide Monthly Call Charge Call Interval Parameters Configuring Call Restrictions Using Cfgedit Monthly Call Charge Configuration ElementsCall Restrictions Monthly Call Charge Background Information Call Restriction Configuration Elements Maximum Calls PER DAY Maximum Call Minutes PER Month Bandwidth Reservation Configuring Bandwidth ReservationCall Restrictions Background Information Bandwidth Reservation Select Bandwidth Reservation Bandwidth Reservation Configuration Elements Semipermanent Connections Configuring Semipermanent Connections Using CfgeditBandwidth Reservation Background Information Semiperm Call Device Commands Semipermanent Connections Configuration ElementsSemipermanent Connections Background Information Throughput Monitor Call Restrictions CSM AS a Call Control Manager Configuring CSM for Call Control Using Cfgedit Call Control Management Channel Callback Configuring D Channel Callback Using CfgeditSelect D Channel Callback Channel Callback Background Information Channel Callback Configuration Elements Modem Inactivity Timeout Configuration Elements Digital Modem Inactivity Timeout Modem Inactivity Timeout Background Information Configuring for a Digital Modem Using Cfgedit Configuring Other Advanced OptionsDigital Modem For IP routing For AppleTalk routing For IPX routingDigital Modem Background Information Digital Modem PPP Mode Using Cfgedit Default Async Protocol Call Disconnect Using Cfgedit Terminal Mode Using CfgeditDefault Async Protocol Configuration Elements Data Timeout Value Autosense Feature Configuring PPP PPP ConfigurationPPP Configuration Elements PPP Configuration PPP Background Information Configuring Default Line Protocol Using Cfgedit Default Line Protocol Default Line Protocol Background Information Default Line Protocol Configuration ElementsConfiguring LOG Options Using Cfgedit LOG Options LOG Options Configuration Elements From Log Options, select Authentication Message DA logSelect Add a Syslog Server From Log Options, select Call Detail Recording LOG Options Background Information UDP Port Central Site Remote Access Switch System Messages CDR Log Report Call Detail Recording Events Event Report Contents Record Disconnect/Term Disconnect Event Report Contents Connect/Term Connect Event Report Contents Term Succ Event Report Contents Reject Event Report ContentsTerm Fail Event Report Contents System Up Event Report Contents Configuring Compression Options Using Cfgedit Verify Event Report ContentsCompression Options Compression Options Configuration Elements Compression Options Background Information Central Site Remote Access Switch Tftp Configuration Elements Configuring TftpTftp Background Information File Attributes Configuration Elements Configuring File AttributesFile Attributes File Attributes Background Information ARP Verification and Diagnosis Hardware Resources OPERATIONAL? Verifying the Base SystemWAN Adapter INITIALIZED? LAN Adapter INITIALIZED? To correct the problem, try the following Verifying WAN Line Availability WAN Lines Available for USE? Dedicated Serial Connections LAN Connection OPERATIONAL? Bridge INITIALIZED? Try the following to correct the problemIP Router INITIALIZED? Set-up Remote Device Connectivity Security Rejection-Invalid Calling Line Id # To verify multi-level security MULTI-LEVEL Security Disabled IP Host ModeIP Host Mode OPERATIONAL? IP Host INITIALIZED? Try the following Dedicated Connections Alternate Accesses Frame Relay Connections Connections A Terminal Server Menu IP Routing OPERATIONAL? Verifying Routing ProtocolsIP Routing Over a LAN Interface IP Routing Over a WAN Interface Ping 192.100.1.1 return IP Routing Over a WAN Direct Host Interface 100.0.0.1 100.0.0.0 Host B 100.0.0.3 Host a 100.0.0.2 IP Routing Over a WAN Remote LAN Interface IP Routing Over a WAN Unnumbered Interface Ip filter trace discard return IP Filters Ip filter trace off return If you are still experiencing problemsIP RIP INITIALIZED? IP RIP Output Processing on a LAN Interface IP RIP Input Processing on a LAN Interface IP RIP Output Processing on a WAN Interface IP RIP Input Processing Operational on a WAN Interface IPX Router INITIALIZED? IPX IPX Routing Over a LAN Connection IPX Routing OPERATIONAL? IPX Remote LAN Connection Xxxx Triggered RIP/SAP IPX Routing Over a WAN Connection Ipx trigreq device Appletalk Routing INITIALIZED? Appletalk RoutingAppletalk Routing OPERATIONAL? Appletalk Routing Over the LAN Connection Atalk port Appletalk Routing Over a WAN Connection USER’S Guide Snmp Verifying System Options USER’S Guide Dial OUT Set Up Call Detail Recording Compression Reserved Bandwidth CyberSWITCH does not have Compression EnabledPeer Protocol-Rejects CCP Verifying Dhcp Relay Agent Initialization Verifying the Relay Agent is Enabled Verifying the Relay Agent is Operational USER’S Guide Verifying Dhcp Proxy Client Initialization Verifying the Proxy Client is Enabled Verifying the Proxy Client is Operational Ip addrpool return Modem Callback Verifying a Semipermanent Connection Proxy ARP Proxy ARP LCD Messages Troubleshooting LCD Message Groups LCD MessagesInitialization LCD Message Normal Operation LCD Messages Error LCD Messages LCD Message Groups Auto Over Max Charge System Messages Informational Messages Error MessagesInitialization Messages Normal Operation Messages Port LAN Adapter, operating in local and remote mode Port LAN Adapter, operating in remote mode onlyCall has exceeded the configured maximum duration System Message Summary Adapter #’x’ failed to respond from bootstrap Acct Warning code TimeoutActivation Failure- Session not active Adapter does not respond adapter #’x’ Attempt to initialize unconfigured DM card in slot slot # Attempting to load FileName for UpgradeAuth ACE Could not create service file Auth ACE Could not write service file Auth ACE Login rejected user user name Auth ACE Error receiving server log message acknowledgmentAuth ACE Node verification received Client initialized Auth Radius Chap rejected for device device name Auth Radius IP Host rejected IP Host id IP host Id Auth Radius Login rejected device device nameAuth Radius IP Resolve rejected IP Address IP address Auth Radius PAP rejected device device name Auth Warning code 0001 Timeout Auth Tacacs Login rejected user user nameAuth Warning code 0004 No authentication node available Auth Warning code 0007 Authentication mode mismatch Bootstrap came alive on DM card in slot slot # Booting System SoftwareBootstrap came alive on WAN card in slot slot # Bad auth result in smgrauthaanotify for device device name Calculating CRC’s Call Restrictions have been disabled by user commandCallback type call back type ID is not currently supported CallID in use in Hostcallrequest Call Restriction statistics reset for new day Call Restrictions have been enabled by user commandCall Restriction statistics reset for new month Call Restrictions will allow calls to be made this hour Central Site Remote Access Switch Cause Code Event Cause cause code received for Dlci dlci indexCCP Internal Decompression Failure CCP Option Negotiation Failure, Non-Convergence detected Channel in use in Hostcallrequest Chap Authentication Failure remote device not respondingCNTR-TMRTimed out waiting for TMR number interrupt Couldn’t find speech service slot #, port # Configured adapter # ’x’ type does not existCurrent monthly charges reset for new month Connection disconnected for license violation DCE Data Rate is invalid on FrStartPVC Data link test successful DSL port # , CESDedicated connection down slot #, port # DHCP-P Failed to close UDP port x, erc = y DHCP-P Proxy Client enabled DHCP-P Proxy Client disabledDHCP-P Proxy Client initialization failed DHCP-P UDP port 67 closed DHCP-R Relay Agent enabled DHCP-R Relay Agent disabledDHCP-R Failed to close UDP port 67, erc = DHCP-R Failed to open UDP port 67, erc = DM card in slot slot # signals it is operational DM card in slot slot # is not usable, could not upgradeDM card type configured in slot slot # does not exist DM card failed Flash download bad xx Srec DM upgrade started. Board=board #, Modem=modem # DM card in slot slot # will not come out of resetDM upgrade success. Board=board #, Modem=modem # Downloading Bootstrap to DM card in slot slot # Error closing file ’s’ Edrv transmit error error codeError downloading bootstrap program to adapter #’x’ Error downloading operational software to adapter ’x’ Error during port initialization Access access index Error during channel initialization Access access indexError during PVC initialization Access access index Error initializing WAN card WAN card Id Error programming adapter #’x’ hardware Error opening file \system\ethernt2.binError reading file file name, section = section name Error reading sdconf.rec file Facility not subscribed Slot=slot # Port=port # Failed to get a tone signaling sessionFailed to allocate enough memory for Xilinx load file Failed to obtain Terminal info in smgrprocterminalauthsess Failure during Static RAM test on adapter # ’x’ Failure during read of file ’s’Failure to allocate enough memory for Xilinx load file Central Site Remote Access Switch Formatting Flash Memory File Access ErrFrietf detected PPP protocol from NAME, shutting down PVC Frame Relay event queue full Interrupt fault on WAN Adapter in Slot slot # Installing File Set into Flash MemoryInvalid Cllm received on Access access index Invalid Password password given IP x.x.x.x not added to the pool Unknown error y IP Error from ESP datagram discardedInvalid SERIAL.001 file present, file is ignored Invalid serial number in SERIAL.001, file is ignored IP Invalid configuration for Network Interface dd IP Default Route not added, invalid next hop IP address #IP Cannot stop Proxy Arp for IP address #, no cmd buf avail IP Failed to de-register with IP Address Pool Manager erc=x IP IP host is initialized successfully IP Invalid Peer IP Address IP address, WAN IP Stream ClosedIP IP router is initialized successfully IP Network initialized successfully on ddd.ddd.ddd.ddd Ipcp Option Negotiation Failure, Non-Convergence detected Ipcp IP Address Pool Out of IP addressesIpcp Remote device does not negotiate IP address IP Host Call Dropped XID was not received from remote IP RIP Buffers allocated IP RIP All network interfaces usedIP RIP Initialization failed, unable to allocate buffers IP RIP Send queue full IPX Network initialized successfully on IPX Invalid Ipxwc passedIPX Network Interface on LAN port port # not initialized IPX IPX router initialized successfully IPX SAP Unable to add service, service table full IPX SAP Space available in service tableIpxwan IPX Internal Network Number must be configured IPX SAP Buffers allocated LAN Adapter configuration conflict LAN Adapter Command TimeoutLAN Adapter Fatal Error Reported LAN Adapter HW upgrade may be required LAN Adapter Response Timeout LAN Adapter ResetLAN Adapter System resource error LAN Init Error LMI alarm on Access access index LAN Xmit ErrorLMI alarm reset Access access index Manage Mode updates have been successfully committed Mismatch of configured and installed DM card in slot slot # Memory Access TimeoutManual restart initiated on DM board in slot slot # Max ATI3 retries exceeded on modem modem # of slot slot # Modem revision on modem modem # of slot slot # failed Modem modem # of DM card in slot slot # is unusableNegotiation Failure with Semipermanent device Network loop between site1 and site Network sent Status with state = 0, tear down call Network sent Cause Spid not supported slot #, port #No Active Calls Active Sites No Active List entry available in INM No Sites Connected Out of LAN Adapter transmit command descriptorsNot enough memory for Security module Offnode server lookup of Dial Out User failed PAP Identification timeout on remote device Auto For over 5 minutes Report problem to Phone companyPAP Invalid password for name given by remote device Out Svc # slot # , port # PAP Unknown name name given by remote device PAP Remote device rejected System Information error messagePost number, Hdlc #number External Loopback Test Failed Post number, Hdlc #number Internal Loopback Test Failed PVC not allocated for dlci index PVC for Dlci dlci index not ActivePVC rcv wait q already full R2 not capable of Multichannel or Non-circuit calls RBSoutSMchannel # Timeout waiting for Wink RBS LIFAddTimer failureReattempting to Install File Set into Flash Memory Rebooting Reserved signal Replace Lithium Battery Contact your RepresentativeReceived charge amount charge amount Remote peer ID discrepancy Security Rejection No Password given by caller Security Rejection Invalid Password password givenSecurity Rejection Timeout on Startup Complete Security Rejection Caller did not negotiate security Semipermanent. Device x reconnected by admin Semipermanent. Device x disconnected by adminSignal for unknown CallCmd task task Id Slot #, port # Cfg Error Snmp Snmp initialization failure unable to open UDP port Snmp Authentication failure, unknown community nameSnmp Snmp initialized successfully Snmp Unable to obtain an Snmp Trap queue entry buffer SSB i960 Post number not equal to i386’s SSB Post 27 i960timer82c54FAILURESSB Post 23 i960hostintreg Failure SSB Post 24 i960iointreg Failure SSB Post 33 i960hdlc2 Failure SSB Post 32 i960hdlc1 FailureSSB Post 34 i960hdlc3 Failure SSB Post 35 i960hdlc4 Failure Switch could not recognize phone number nnnnnnn Successfully Loaded Release X.Y Issue ZSystem Clock Fault on Wan Adapter in Slot slot # TCP Connection to CSM at IP address is UP Tftp Local error #3 Server not initialized Tftp Local error #2 Feature not initializedTftp Local error #4 UDP rejected packet filename Tftp Local error #5 UDP open failed Tftp Local error #15 Bad mode string Tftp Local error #14 Bad file nameTftp Local error #18 Unable to open file filename Tftp Local error #19 Disk full filename Tftp Remote error # 2 Text from Remote Host Tftp Remote error # 1 Text from Remote HostTftp Remote error # 3 Text from Remote Host Tftp Remote error # 4 Text from Remote Host Timeout detected on connection establishment This card does not support R2 SignalingTimeout detected on receiving caller’s number Timeout on Startup Complete Too many digits in TN in Hostcallrequest Type mismatch of configured & installed adapter # ’x’Tried to free unallocated buffer sub name, size=size Unable to Decrypt Datagram Unable to open Modem Upgrade file Unable to open \config\devdb.nei fileUnable to restore original ISRs for Interrupt interrupt # Unable to get Digital Modem resource to place call Unmatched Login Task Unexpected error during transmission of LMI frameUpdating CyberSWITCH from FileName Unknown Calling Bridge MAC address Watchdog timeout detected on DM board in slot slot # WAN card in slot slot # signals it is operationalWatchdog timeout detected on WAN board ’x’ X25 facilities error, facilities not allowed in PVC X25 facilities error, invalid facilities length X25 facilities error, bad facility lengthX25 facilities error, invalid DTE address X25 facilities error, facility not allowed X25 facilities error, packet length negotiation not allowed X25 facilities error, facility not availableX25 facilities error, window size negotiation not available X25 facilities error, Rpoa not available Zone allocation failed, maximum capacity already configured Trace Messages Location Causes Call Trace Messages Call Trace Message Summary Inband treatment has been applied Configure ack slot #-BRD CFG ACK Slot=slot # Init data link slot #, port #, ces Interworking unspecified cause Out configure port #Off-hook warning tone on Origination call address is non-ISDN Out init data link slot #, port # , ces Received unknown signal valueRecall dial tone on Received unknown progress value IP Filters Trace Messages PPP Packet Trace Messages Configure ACK Configure RequestConfigure NAK Configure Reject Echo Reply Trace MessagesDiscard Request Trace Message Summary X25 DCE RR LCN logical channel number, number of bytes bytes X25 Data LCN logical channel number, number of bytes bytes System is sending a call request to the network Lapb Trace Message Summary Lapb Trace Messages Lapb UA Lapb SabmeOut Lapb Disc Out Lapb DM Remote Management System Maintenance Remote Management SITE.HQ Usage Instructions Installation and Configuration Isdn Telnet Earlier Releases Central Site Remote Access Switch Setting UP Server Type Setting UP a NEW NumberWIN95 DIAL-UP Networking General tab Dialing OUT Site HQ Isdn Users Report Files Statistics Files Config files Other Files Carbon Copy Changing Carbon Copy Configuration Parameters COM1 Modem Type Baud Rate Performing a File Transfer Using Carbon Copy Running Without Carbon Copy Copy LCNETWORK.NEI HC\CONFIG\NETWORK.NEI Removing Carbon Copy Accessing Administration Services System Commands Accessing Dynamic Management Setting the IP Address Viewing Operational Information Neif Connected Second column is the potential number of connections Viewing Throughput Information Throughput Monitor Contents Clearing Operational Information Saving Operational Information CONFIGURATION-RELATED Commands Terminating and Restarting the Cyberswitch Terminating Administration Sessions Setting the Date and TimeLogin-Id Appletalk Routing Commands State Type Network range Default zoneFlags Physical address Zones valid Distance Zone Bridge Commands Call Control Commands Indicates that a call request process has been initiated Call peer phone number data rate device bearer Calling phone number at data rate, device PPP Call Restriction Commands Call Detail Recording Commands CSM Commands Compression Information CommandsDhcp Commands Digital Modem Commands Frame Relay Commands Clears all statistics associated with the fr stat command IP Routing Commands Disables the trace Mask used for the destination Time since the last update was received IPX Routing Commands Ipx diag host ipx address timeout Isdn Usage Commands LOG Commands LAN Commands Packet Capture Commands Pkt display Banyan Vines Packet Detail Screen Bridged Packet Radius Commands Radius ipres Snmp Commands Serial Interface CommandsSpanning Tree Commands Spanning Tree Port Information Spanning Tree Bridge Information Bridge priority of the root bridge TCP Commands Telnet Commands Possible send parameters are defined as follows Terminal Commands Tftp GET Tftp Commands Tftp PUT Trace Commands User Level Security Commands UDP Commands WAN Commands Commands Clears the statistics for the default VC Connectivity Statistics System Statistics Call Statistics Call Restriction StatisticsThroughput Monitoring Statistics Appletalk Protocol Statistics Appletalk Statistics Number of AppleTalk Echo requests received Count of AppleTalk Echo replies received Number of NBP LookUp Requests received Appletalk Port Statistics Call Detail Recording Statistics Bridge Statistics Compression Related Statistics Compression StatisticsDecompression Related Statistics Dhcp Relay Agent statistics and Dhcp Proxy Agent statistics Dhcp StatisticsCommon Dhcp Statistics Dhcp Relay Agent Statistics Dhcp Proxy Client Statistics Digital Modem Statistics Access Related StatisticsFrame Relay Statistics Init PVC Related Statistics LAN Statistics IP Group Statistics IP Statistics Number of IP datagrams successfully reassembled Icmp Group Statistics IPX General Statistics IPX Statistics Network number portion of the IPX address of this system IPX RIP Statistics IPX Route Statistics IPX Triggered RIP Statistics IPX Triggered SAP Statistics IPX SAP Statistics RIP Statistics IPX Service StatisticsRIP Global Statistics RIP Interface Statistics Snmp Statistics Serial Interface Statistics SnmpInBadVersions SnmpInGetNexts TCP Statistics Statistics for Server or Remote Initiated Tftp Activity Tftp StatisticsStatistics for Local or Client Initiated Tftp Activity Statistics for ALL Tftp Activity UDP Statistics WAN Frietf Statistics WAN L1P Statistics Layer 1 PRI Error Statistics Layer 1 General Statistics WAN Statistics Statistics Maximum number of active VCs allowed at any time Virtual Circuit VC Related Statistics USER’S Guide INSTALLING/UPGRADING System Software Routine MaintenanceExecuting Configuration Changes Making Changes Using Cfgedit Making Changes Using Manage Mode Configuration Backup and RestoreObtaining System Custom Information System Worksheets Appendices System Adapters Ethernet Adapter Ethernet Adapter Side View Basic Rate Adapter BRI-4 Adapter Side View Primary Rate Adapters PRI-8 Front View PRI-8 Adapter Side View PRI-23 Adapter PRI-23/30 Adapter Front View PRI-8 Expander Adapter Side View Front View Adapter Side View Front View RS232 Adapter Side View Digital Modems DM-8 DM-8 Adapter DM-24 Adapter OFF DM-24+/DM-30+ DM-24+ Adapter DM-24+ Adapter Back view USA System Worksheets Network Topology Resources System DetailsLines Over Isdn Accesses Device Information Authentication Information Frame Relay Information IP Routing Bridging and Routing Information IPX Routing IP Routing AppleTalk Routing/Port Information Appletalk Routing IPX Main MenuSnmp PPP FR DBU Physical Resources Menu WAN Rlan Options MenuDhcp SPI Snmp FR DBU CSM Radius Tacacs ACE Security MenuSVC, PVC CSM Radius PPP STAC-L25CSM TCP port Getting Assistance Reporting ProblemsContacting Cabletron Systems Phone FAX Cabletron Systems System Problem Report To Customer Service FromNumber of Pages Including this Administrative Console Commands Table Verifies call detail recording servers are configured Command Use Cdr verifyClears administration screen Displays authentication messages Administrative Console Commands Table Local log file only displays the call detail recording log Generates a triggered RIP/SAP update request toLog cdr erase Local log file only erases the call detail recording log Changes password for current access level Displays the current Tftp statistics Displays system errors and system messages Access or the specified access Writes current authentication messages to diskSets LCN index default value to m Specified X.25 access Manage Mode Commands Table Address pool Adds/changes/deletes an IPX address from the IPX Ipxsvc add/change/delete Adds/changes/deletes an IPX service Central Site Remote Access Switch Cause Codes Table Cause Codes Table USER’S Guide Central Site Remote Access Switch USER’S Guide Central Site Remote Access Switch Unknown Dec Value Hex Value Cause Atalk IndexBr stat Clid 195 Date Cr stats 596 crossover cable Ip addrpool Help 113 Ipcp Isdn usage commands 607 isolated mode Netstat -r 443 network flattening Modem devices STAC-LZS Offnode 213, 216 Restart 585 restore Radius Server configuring Srcfilt 270 startne Snmp 352 snmp stats 614 socket number 336 software Trace lapb Terminal mode 33, 102, 392, 393 Wan Wr 72, 584 ws 72