Manuals / Enterasys Networks / Computer Equipment / Network Router

Enterasys Networks CSX7000, CSX5500, CSX6000 manual Packet Types, Forwarding Filters

Models: CSX7000 CSX6000 CSX5500

1 729

Download 729 pages 41.51 Kb

Page 302

USER’S GUIDE

IP Packet		FILTER
IP Packet
	Discard	Type 3
Conditions	Discard	Type 1
	Forward	Type 4

Packet Types:

Type 1: www,www,www

Type 2: xxx,xxx,xxx

Type 3: yyy,yyy

Type 4: zzz,zzz

	Final	Discard All Other Types
	Condition	Discard All Other Types
	Condition

Action:

Discard/Forward

Sample packet passing through a filter

FILTER COMPOSITION

The IP filtering mechanism is composed of three fundamental building blocks:

•Packet Types

The criteria for describing an IP datagram’s contents: IP Source and Destination Addresses, Protocol (TCP, UDP, etc.), Protocol-specific fields (TCP port, etc.). For example, Packet Types can be set up to specify such things as: “all packets arriving from IP Subnetwork X”, “Telnet packets destined for host Y”, or “All RIP packets”. Packet Types are independently defined and may be referenced by multiple filters.

•Conditions

A Packet Type combined with an Action to take when a datagram matches that type. The Actions are DISCARD or FORWARD.

•Filter

An ordered list of Conditions. When an IP datagram passes through a filter, a sequential pass is made through the individual conditions. The first complete match of a Packet Type dictates the action which is applied to the datagram. When the action is DISCARD, the datagram is dropped. The filter also contains a configurable Final Condition which specifies the action to take if no match is found.

TYPES OF FILTERS

Forwarding Filters

A Forwarding Filter is a filter which forwards or discards specific packets according to whether these packets fulfill a list of defined conditions.Forwarding Filters may be applied to packets in one of the following ways:

•Globally: independent of the packet’s input or output path.

•through the Input Network Interface: applies the filter only to packets arriving on a specific

302 CyberSWITCH

Image 302

Enterasys Networks CSX7000, CSX5500, CSX6000 manual Packet Types, Forwarding Filters

Contents

USER’S Guide Virus Disclaimer Trademarks DOC Notice Contents Software Overview Hardware Installation Configuration Tools CfgeditSecurity Overview Configuring System Options and Information Configuring Off-node Server Information Configuring Encryption Configuring Advanced Bridging Configuring IPX Central Site Remote Access Switch Configuring Snmp Configuring Other Advanced Options Verifying the Base System Verifying Routing Protocols LCD Messages System Commands System Statistics Routine Maintenance Cfgedit Map Using this Guide Documentation SET Cfgedit MAPGuide Conventions Cfgedit ScreensUser’s Guide CyberSWITCH System OverviewCyberswitch Unique System Features Hours of UsageUSER’S Guide Central Site Remote Access Switch Interoperability Protocols Interoperability OverviewRadius Interoperability Devices Link Layer Encryption OverviewNetwork Layer Security Overview Network Interface OverviewIsdn System ComponentsRemote Isdn Devices Switches Supported Platform Number Main Speed Slots Hardware OverviewSystem Platforms CSX5500 System Platforms EMI To reduce the risk of electrical shock or energy hazards CSX6000 Cleaning the CSX6000 AIR Filter To reduce the risk of electrical shock or energy hazards CSX7000 Disk Drives Number of 1/3 height IDE disk drives supported NE 2000-II a Network Express Platform Front ViewPlatform Characteristics NE 4000 a Network Express Platform USER’S Guide NE 5000 Platform a Network Express Platform Cleaning the NE 5000 AIR Filter EMI Ethernet Adapters Hardware CharacteristicsSystem Adapters MtbfBasic Rate Adapters 75000hrs PRI-23 Primary Rate AdaptersPRI-8 PRI-23/30 Jumper UsagePRI-8, PRI-23, and PRI-23/30 Connection Expander AdapterAdapter 35 Pin Transmit Clock Data Set Ready No Connect Gnd Signal ReturnNo Connect Ring Indicator Receive Data No ConnectDigital Modems With error controlWith error control and data compression With data compressionMvip DM-8LSI Logic LR33000RISC DM-24Encryption Adapter Overview Administration SoftwareSoftware Overview System SoftwareConfiguration Files System FilesOperational Files User Level Security Files System Installation Accessing the CyberSWITCHOrdering NI-1 Lines Using NI-1 Isdn Ordering Codes Ordering Isdn Service US onlyOrdering NI-1 Lines Using EZ-ISDN Codes Ordering BRI Isdn Lines Using Provisioning SettingsProvisioning Settings for AT&T 5ESS Switches NI-1 AT&T Custom Point-to-PointCSV limit CSV NB limit AT&T 5ESS NI-1 ServiceUnrestricted CSD limit CSD NB limitAny Provision Settings for Northern Telecom DMS-100 SwitchesCSV limit CSD limitPVC Basic Information for Ordering PRI Isdn Lines Number of call AppearancesVersion Functional Yes US Only Option Local Bell Operating Company Type of SwitchDisabled SprintChoose a suitable setup location Hardware InstallationPRE-INSTALLATION Requirements Verify system power requirementsIf you are installing only WAN adapters Verify administration console requirementsProvide a diskette for configuration backup If you are installing WAN adapters and DM adaptersAdapter Settings If you are installing WAN adapters and an Encryption adapterAdapter Interrupt and I/O Address Settings Configured Slot Interrupt Jumper Address Switch Setting SW1DM-24 Adapter Interrupt and I/O Address Settings SW2 SW3DES/RSA Adapter Encryption Adapter SettingsMvip Settings OFFTop Left Top Pair Right Pair Additional Adapter SettingsLine Type Settings J10 J11 J12 J13 J14 PRI-23 Clock SettingsJumper Jumper Setting North American JP6 JP1JP3 JP9 MvipInserting the Adapters Into the Cyberswitch Connecting Adapter INTER-BOARD Cables Connecting Multiple AdaptersFlat Bus Ribbon Cable Connecting a WAN Adapter to the LCD Summary of Guidelines Direct Connection Accessing the CyberswitchMaking Connections DCD DTR DSR RCV Xmit GND RTS CTS NULL-MODEM Connection to a PCRemote Connection Using Telnet Remote Connections Modem to Modem On the CyberSWITCH sideOn the remote administration console side COM1From Cfgedit Options, select Default Async Protocol Establishing AN Administration Session Accessing the Release Notes Installing Software Upgrading System SoftwareCouldn’t open the file C\SYSTEM\PLATFORM.NEI Local Upgrade Upgrading System SoftwareRemote Upgrade Accessing the Release Notes Basic Configuration Configuring Basic BridgingConfiguration Tools CfgeditSaving Cfgedit Changes Dynamic ManagementExecuting Cfgedit Executing Dynamic ManagementUtility Dynamic Management Commands Saving Dynamic Management ChangesUsing the Network Worksheets Using the Configuration ChaptersResources Configuring Resources and LinesConfiguring Resources Using Cfgedit Resource Configuration Elements Resource Background Information PPP Configuring Lines Using Cfgedit LinesCommonChannel Characteristic PRI/T1 lines E1 lineMultiframe CRC Select Change from the Data Lines menu of Physical Resources Line Configuration Elements Auto TEIDMS100 custom NI-1 Switch Type Number of Data Number of SPIDsDirectory Numbers Directory Numbers Line Encoding Commport Information Line Background InformationSubaddresses Configuring a Subaddress Using CfgeditSubaddress Configuration Elements Subaddresses Background InformationSelect Enable/Disable Bridging Configuring Basic BridgingENABLING/DISABLING Bridging Using Cfgedit MAC Layer Bridging Configuration ElementsMAC Layer Bridging Background Information Internet Protocol IP Option Configuring Basic IP RoutingEnabling IP Using Cfgedit Configuring the IP Operating Mode Using Cfgedit IP Operating ModeIP Option Configuration Elements IP Background InformationIP Operating Mode Configuration Elements IP Operating Mode Background InformationConfiguring Interfaces Using Cfgedit IP Network InterfacesUSER’S Guide Network Interface Configuration Elements MTU Transmit Broadcast IP Address Default switch for numbered WAN interfaces IP RIP Receive Control IP Network Interface Background Information WAN Direct Host IP Host RFC1294 IP Network Interface Type Associated Remote DeviceIP Host RFC1294 Hdlc BridgeUSER’S Guide Example 1 LAN, WAN and WAN Direct Host Interfaces Example 2 LAN, WAN UnNumbered, WAN Remote LAN Interfaces IP RIP and the IP Network Interfaces Isdn Isdn IP RIP Over Dedicated Connections Isdn Proxy ARP Redundant Configurations for BackupNetwork Flattening Secondary IP Addressing Example IP Host Communications in Flattened NetworksConfiguring Static Routes Static RoutesIP address for the destination network or host Static Route Configuration Elements Central Site Remote Access Switch Isdn Static Route Background InformationDefault Route Configuration Elements Default RoutesConfiguring Default Routes ENABLING/DISABLING IP RIP Using Cfgedit Routing Information Protocol RIP OptionIP RIP Background Information IP RIP Configuration ElementsIP RIP Status LANConfiguring Security Level Security and Encryption OptionsSecurity Overview Security LevelSystem Options and Information Device Level DatabasesOFF-NODE Server Information Network Login InformationUser Level Databases Configuring Security Level Database Device Level User Level Administration Security On-Node YesConfiguring no Security Using Cfgedit No SecurityDevice Level Security Background Information Configuring Device Level Security Using CfgeditDevice Level Security User Level Security Background Information Configuring User Level Security Using CfgeditUser Level Security User Level Security Isdn Responding to Login Prompts Making a Telnet ConnectionTacacs Configuring Device and User Level Security Using CfgeditDevice and User Level Security ACEDevice and User Level Background Information System Options Configuring System Options and InformationConfiguring System Options Using Cfgedit System Options Configuration Elements System OptionsBridge MAC Calling Line Id Authentication Address PAP ChapSystem Options Background Information PAP ChapSystem Information Configuring System Information Using CfgeditSystem Information Configuration Elements Optional Calling Line IdSystem Information Background Information Administrative SessionConfiguring Administrative Sessions Using Cfgedit Administrative Session Configuration Elements Administrative Session Background Information Emergency Telnet Server Port Number Background Information ON-NODE Device Database Configuring Device Level DatabasesConfiguring AN ON-NODE Device Database Configuring ON-NODE Device Entries ON-NODE Device EntriesOn-node Device Entries No pvc configured for Device DAN SVC None 0.0 IP SubNetwork number ON-NODE Device Database Configuration Elements Base Data Rate Frame Relay Access Configuration Elements Chap Secret Outbound Authentication RIP/SAP Appletalk Information Configuration Elements Bridge Information Configuration Elements ON-NODE Device Database Background Information Bridging with Hdlc Bridge DevicesLine Id Security Mode On-node Device Table Configuration DataIP Routing with Hdlc Bridge Devices PAP or Chap IP Routing with PPP IP Devices Using IpcpIP Routing with IP Host Devices RFC1294 IP Routing with PPP Bridge Devices Using BCP Bridging with PPP Bridge Devices Using BCPPAP Password or Configuring OFF-NODE Device Database Location Using Cfgedit OFF-NODE Device Database LocationOFF-NODE Device Database Location Configuration Elements OFF-NODE Device Database Location Background InformationConfiguring Authentication Database Location Using Cfgedit Configuring User Level DatabasesUser Level Authentication Database Location Database Telnet Port Number Name John Doe Name mynode1 Address Remote Office1 Configuring OFF-NODE Server InformationMultiple Administration Login Names Type communications serverCSM Authentication Server Configuring CSM Authentication ServerConfiguring a Radius Authentication Server CSM Authentication Server Configuration ElementsCSM Authentication Server Background Information Is SHAREDSECRET1234 Radius Authentication Server Configuration Elements Radius Authentication Server Background InformationConfiguring a Radius Accounting Server Select 5 Off-node Server InformationReturn to the Off-node Server Information Menu Radius Accounting Server Configuration Elements Radius Accounting Server Background InformationEnabling Radius Type Using Cfgedit Radius RFC2138Dynamic Device Option Radius Type Configuration ElementsConfiguring the Dynamic Device Option Using Cfgedit Radius TypeDynamic Device Configuration Elements Tacacs Authentication Server Configuring a Tacacs Authentication ServerTacacs Authentication Server Configuration Elements Tacacs Authentication Server Background InformationACE Authentication Server Configuring AN ACE Authentication ServerACE Authentication Server Configuration Elements ACE Authentication Server Background Information Configuring General Network Login Information Using Cfgedit Configuring Network Login InformationNetwork Login General Configuration Select the type of authentication desired Configuring Network Login Banners Using Cfgedit Network Login BannersNetwork Login General Configuration Background Information Configuring Radius Server Login Information Using Cfgedit Login Configuration Specific to Radius ServerNetwork Login Banners Background Information Login Configuration Specific to Radius Server Login Configuration Specific to Tacacs Server Configuring Tacacs Server Login Information Using CfgeditLogin Configuration Specific to Tacacs Server USER’S Guide Configuring AN Encryption Adapter Using Cfgedit Configuring EncryptionConfiguration Select Add a ResourceSelect IP Security Associations Select Add. Respond to the following series of questionsConfiguring Link Layer Encryption PPP Encryption only Select Device Level Databases Select On-node device entriesEncryption Configuration Elements Final Destination IP Address Encryption Background Information IP Network Layer Encryption12345678 8888CCCC 8888CCCC 12345678Link Layer Encryption IsdnInteraction with Other Features For IP Layer encryption For Link Layer encryptionAdvanced Configuration Configuring Alternate AccessesConfiguring a Dedicated Access Using Cfgedit Configuring Alternate AccessesDedicated Accesses Dedicated Access Configuration Elements Dedicated Access Background InformationAccesses Configuring AN X.25 AccessAccesses USER’S Guide Configuration Elements Lapb Configuration Elements Timers Maximum Window Size Nonstandard Default Transmit Window Size PVC Configuration Elements Access Background Information B1 B2 Select Access Information Frame Relay AccessesConfiguring a Frame Relay Access Select Add a PVC Frame Relay General Configuration Elements LMI Format Frame Relay PVC Configuration ElementsLMI Dlci ValuePVC Name Frame Relay Access Background Information Local Management Interface Overview Allowed Not Allowed Configuring Advanced Bridging Bridge Dial OUTUnder ISDN, select Dial Out Phone Number Configuring Spanning Tree Protocol Using Cfgedit Spanning Tree ProtocolSpanning Tree Protocol Configuration Elements Spanning Tree Protocol Background InformationBridge Mode of Operation Configuration Elements Bridge Mode of OperationConfiguring the Bridge Mode of Operation Using Cfgedit Bridge Mode of Operation Background InformationConfiguring Bridge Filters Using Cfgedit Bridge FiltersProtocol Definition Commands Source MAC Filter CommandsPacket Data Filter Commands Destination MAC Filter CommandsProtocol Filter Commands Bridge Filter Configuration Elements Lsap in HEXFilter Destination MAC Bridge Filters Background InformationFilter Type Maximum Number of Each Unrestricted Mode Bridge Filters Source Discard Connect Destination Protocol PacketCentral Site Remote Access Switch On any LAN port. The packet will be sent to remote Filter Action Distribution Result ListPacket matching this filter will not be forwarded Sites connected over the WAN according toAccording to the normal learning bridge methods On LAN port 1. The packet will be sent to remoteSites connected over the WAN and to LAN port On LAN port 2. The packet will be sent to remoteRestricted Mode Bridge Filters Restricted Mode Forwarding ActionCentral Site Remote Access Switch Ed on the LAN ports. The packet will not be sent to Filter Distribution Result Action ListPacket matching this filter will only be forward Any remote sites connected over the WANPort Ed on LAN port 1. The packet will not be sent to reMote sites connected over the WAN or to LAN Ed on LAN port 2. The packet will not be sent to rePacket matching this filter will be discarded to Packet matching this filter will be discarded onLAN ports. The packet will be sent to all Remote sites connected on the WAN. The packetConfiguring a Destination MAC Address Filter PreliminariesDiscard Connect Configuring the Known Connect List Known Connect ListKnown Connect List Configuration Elements Known Connect List Background InformationConfiguring Advanced IP Routing Static ARP Table EntriesStatic ARP Table Entries Configuring Static ARP Table Entries Using CfgeditStatic ARP Table Entries Configuration Elements Select Static ARP Table Entries from the IP menuIsolated Mode Static Route Lookup VIA RadiusIP Address Pool Configuration Elements Static Route VIA Radius Configuration ElementsConfiguring AN IP Address Pool Using Cfgedit IP Address PoolIP Filters IP Address Pool Background InformationInitiating the IP Filter Configuration Using Cfgedit Configuring Packet Types Using CfgeditTCP UDP Icpm Specify a control value any, established, or not established Select Icmp Type Configuring Forwarding Filters Select Add a Forwarding FilterConfiguring Connection Filters Configuring Exception Filter Select Apply Global Forwarding Filter Applying FiltersSelect IP Interfaces IP Filters Configuration Elements TCP and UDP PortsIP Filters Background Information NEQRange Packet Types Forwarding FiltersConnection Filters Exception FiltersApplication to Network Interfaces Common Portion LimitationsExample of AN IP Filter Configuration FTP WWW SfvraForward Configuring a Dhcp Relay Agent Using Cfgedit Dhcp Relay AgentDhcp Configuration Elements Dhcp Background InformationBridge to Bridge Environment Router to Bridge EnvironmentIP Router to IP Router with Relay Agents on both USER’S Guide Remote Bridge to IP Router w/Relay Agent = WAN Rlan Select Dhcp Proxy Client Configuring the Dhcp Proxy ClientDhcp Proxy Client Dhcp Proxy Client ENABLE/DISABLE Flag Sample Configuration IP Router with Dhcp Proxy Client Security Associations Configuration for IP Router ChloeConfiguring Security Associations Using Cfgedit DNS and Netbios Addresses Configuring DNS and Netbios Addresses Using CfgeditDNS/NBNS Configuration Elements DNS/NBNS Background InformationConfiguring IPX Configuring IPX Information IPX Routing Option ENABLING/DISABLING IPX Using CfgeditIPX Option Configuration Element IPX Internal Network Number Configuring the IPX Internal Network Number Using CfgeditIPX Internal Network Number Configuration Element IPX Option Background InformationIPX Network Number Background Information Configuring IPX Network Interfaces Using CfgeditIPX Network Interfaces Displays the current IPX network interface data IPX Network Interface Configuration Elements SAP IPX Network Interface Configuration Elements IPX Network Interface Background Information IPX Routing Protocols Configuring IPX Routing Protocols Using CfgeditIPX Routing Protocol Configuration Elements IPX Routing Protocol Background Information SAPSpecial Considerations Remote LAN Interface Configuring IPX Static Routes Using Cfgedit IPX Static RoutesIPX Static Routes Configuration Elements IPX Static Routes Background InformationIPX Netware Static Services Configuring IPX Netware Static Services Using CfgeditIPX Netware Static Services Configuration Elements IPX Spoofing IPX Netware Static Services Background InformationConfiguring IPX Spoofing Using Cfgedit IPX Spoofing Configuration Elements IPX Spoofing Background InformationWatchdog Protocol IPX Type 20 Packet Handling Configuring IPX Type 20 Packet Handling Using CfgeditIPX Type 20 Packet Handling Configuration Elements IPX Isolated Mode Configuration Elements IPX Isolated ModeConfiguring IPX Isolated Mode Using Cfgedit IPX Isolated Mode Background InformationConfiguring Triggered RIP/SAP Global Timers Using Cfgedit Displaying WAN Peer ListTriggered RIP/SAP Background Information Configuring IPX Devices IPX-SPECIFIC Information for DevicesIPX-Specific Information for Devices Remote LAN Devices Enable Bridging and disable Make calls for bridge data IPX Configuration Elements for DevicesNone IPX Background Information for Devices Configuring Snmp Configuring SnmpConfiguring Snmp Snmp Configuration Elements Snmp Background Information WAN Central Site Remote Access Switch Using Cabletron NMS Systems CT-CONTAINER-MIB CT-WAN-MIB CTMIB2-EXT-MIBAppletalk Routing Option Configuring Appletalk RoutingEnabling Appletalk Routing Using Cfgedit Appletalk Ports Appletalk Routing Option Configuration ElementConfiguring Appletalk Ports Using Cfgedit Appletalk Routing Background InformationAppletalk Ports Configuration Elements Appletalk Ports Background Information Overview Appletalk Static Routes ConfigurationConfiguring Appletalk Static Routes Using Cfgedit ConsiderationsAppletalk Capacities Configuration Elements Appletalk Routing Static Routes Configuration ElementsConfiguring Appletalk Capacities Using Cfgedit Appletalk CapacitiesAppletalk Isolated Mode Configuration Elements Appletalk Isolated ModeConfiguring the Appletalk Isolated Mode Using Cfgedit Appletalk Capacities Background InformationConfiguring Call Control Call Control MenuConfiguring the Throughput Monitor Throughput MonitorThroughput Monitor Configuration Elements Throughput Monitor Background InformationCondition Trigger Number Window Size Utilization 90%Underload Condition Monitoring USER’S Guide Call Interval Parameters Monthly Call ChargeCall Restrictions Monthly Call Charge Configuration ElementsConfiguring Call Restrictions Using Cfgedit Monthly Call Charge Background InformationCall Restriction Configuration Elements Maximum Calls PER DAY Maximum Call Minutes PER Month Call Restrictions Background Information Configuring Bandwidth ReservationBandwidth Reservation Bandwidth Reservation Bandwidth Reservation Configuration Elements Select Bandwidth ReservationBandwidth Reservation Background Information Configuring Semipermanent Connections Using CfgeditSemipermanent Connections Semiperm Semipermanent Connections Background Information Semipermanent Connections Configuration ElementsCall Device Commands Call Restrictions Throughput MonitorConfiguring CSM for Call Control Using Cfgedit CSM AS a Call Control ManagerCall Control Management Select D Channel Callback Configuring D Channel Callback Using CfgeditChannel Callback Channel Callback Configuration Elements Channel Callback Background InformationDigital Modem Inactivity Timeout Modem Inactivity Timeout Configuration ElementsModem Inactivity Timeout Background Information Digital Modem Configuring Other Advanced OptionsConfiguring for a Digital Modem Using Cfgedit For IP routingDigital Modem Background Information For IPX routingFor AppleTalk routing Digital Modem Default Async Protocol PPP Mode Using CfgeditDefault Async Protocol Configuration Elements Terminal Mode Using CfgeditCall Disconnect Using Cfgedit Data Timeout Value Autosense Feature PPP Configuration Elements PPP ConfigurationConfiguring PPP PPP Configuration PPP Background Information Default Line Protocol Configuring Default Line Protocol Using CfgeditConfiguring LOG Options Using Cfgedit Default Line Protocol Configuration ElementsDefault Line Protocol Background Information LOG OptionsSelect Add a Syslog Server From Log Options, select Authentication Message DA logLOG Options Configuration Elements From Log Options, select Call Detail RecordingUDP Port LOG Options Background InformationCentral Site Remote Access Switch System Messages CDR Log Report Event Report Contents Call Detail Recording EventsRecord Connect/Term Connect Event Report Contents Disconnect/Term Disconnect Event Report ContentsTerm Fail Event Report Contents Reject Event Report ContentsTerm Succ Event Report Contents System Up Event Report ContentsCompression Options Verify Event Report ContentsConfiguring Compression Options Using Cfgedit Compression Options Configuration Elements Compression Options Background Information Central Site Remote Access Switch Tftp Background Information Configuring TftpTftp Configuration Elements File Attributes Configuring File AttributesFile Attributes Configuration Elements File Attributes Background Information Verification and Diagnosis ARPWAN Adapter INITIALIZED? Verifying the Base SystemHardware Resources OPERATIONAL? To correct the problem, try the following LAN Adapter INITIALIZED?WAN Lines Available for USE? Verifying WAN Line AvailabilityDedicated Serial Connections LAN Connection OPERATIONAL? IP Router INITIALIZED? Try the following to correct the problemBridge INITIALIZED? Remote Device Connectivity Set-upSecurity Rejection-Invalid Calling Line Id # MULTI-LEVEL Security To verify multi-level securityIP Host Mode OPERATIONAL? IP Host ModeDisabled IP Host INITIALIZED?Try the following Alternate Accesses Dedicated ConnectionsFrame Relay Connections Connections A Terminal Server Menu IP Routing Over a LAN Interface Verifying Routing ProtocolsIP Routing OPERATIONAL? IP Routing Over a WAN Interface Ping 192.100.1.1 return IP Routing Over a WAN Direct Host Interface 100.0.0.1 100.0.0.0 Host B 100.0.0.3 Host a 100.0.0.2 IP Routing Over a WAN Remote LAN Interface IP Routing Over a WAN Unnumbered Interface IP Filters Ip filter trace discard returnIP RIP INITIALIZED? If you are still experiencing problemsIp filter trace off return IP RIP Output Processing on a LAN Interface IP RIP Input Processing on a LAN Interface IP RIP Output Processing on a WAN Interface IP RIP Input Processing Operational on a WAN Interface IPX IPX Router INITIALIZED?IPX Routing OPERATIONAL? IPX Routing Over a LAN ConnectionIPX Remote LAN Connection Xxxx IPX Routing Over a WAN Connection Triggered RIP/SAPIpx trigreq device Appletalk Routing OPERATIONAL? Appletalk RoutingAppletalk Routing INITIALIZED? Appletalk Routing Over the LAN Connection Atalk port Appletalk Routing Over a WAN Connection USER’S Guide Verifying System Options SnmpUSER’S Guide Dial OUT Set Up Call Detail Recording Compression Peer Protocol-Rejects CCP CyberSWITCH does not have Compression EnabledReserved Bandwidth Verifying the Relay Agent is Enabled Verifying Dhcp Relay Agent InitializationVerifying the Relay Agent is Operational USER’S Guide Verifying the Proxy Client is Enabled Verifying Dhcp Proxy Client InitializationVerifying the Proxy Client is Operational Ip addrpool return Modem Callback Verifying a Semipermanent Connection Proxy ARP Proxy ARP Troubleshooting LCD MessagesInitialization LCD Message LCD MessagesLCD Message Groups Normal Operation LCD MessagesError LCD Messages LCD Message Groups Auto Over Max Charge System Messages Initialization Messages Error MessagesInformational Messages Normal Operation MessagesCall has exceeded the configured maximum duration Port LAN Adapter, operating in remote mode onlyPort LAN Adapter, operating in local and remote mode System Message SummaryActivation Failure- Session not active Acct Warning code TimeoutAdapter #’x’ failed to respond from bootstrap Adapter does not respond adapter #’x’Auth ACE Could not create service file Attempting to load FileName for UpgradeAttempt to initialize unconfigured DM card in slot slot # Auth ACE Could not write service fileAuth ACE Node verification received Client initialized Auth ACE Error receiving server log message acknowledgmentAuth ACE Login rejected user user name Auth Radius Chap rejected for device device nameAuth Radius IP Resolve rejected IP Address IP address Auth Radius Login rejected device device nameAuth Radius IP Host rejected IP Host id IP host Id Auth Radius PAP rejected device device nameAuth Warning code 0004 No authentication node available Auth Tacacs Login rejected user user nameAuth Warning code 0001 Timeout Auth Warning code 0007 Authentication mode mismatchBootstrap came alive on WAN card in slot slot # Booting System SoftwareBootstrap came alive on DM card in slot slot # Bad auth result in smgrauthaanotify for device device nameCallback type call back type ID is not currently supported Call Restrictions have been disabled by user commandCalculating CRC’s CallID in use in HostcallrequestCall Restriction statistics reset for new month Call Restrictions have been enabled by user commandCall Restriction statistics reset for new day Call Restrictions will allow calls to be made this hourCentral Site Remote Access Switch CCP Internal Decompression Failure Cause cause code received for Dlci dlci indexCause Code Event CCP Option Negotiation Failure, Non-Convergence detectedCNTR-TMRTimed out waiting for TMR number interrupt Chap Authentication Failure remote device not respondingChannel in use in Hostcallrequest Current monthly charges reset for new month Configured adapter # ’x’ type does not existCouldn’t find speech service slot #, port # Connection disconnected for license violationDedicated connection down slot #, port # Data link test successful DSL port # , CESDCE Data Rate is invalid on FrStartPVC DHCP-P Failed to close UDP port x, erc = yDHCP-P Proxy Client initialization failed DHCP-P Proxy Client disabledDHCP-P Proxy Client enabled DHCP-P UDP port 67 closedDHCP-R Failed to close UDP port 67, erc = DHCP-R Relay Agent disabledDHCP-R Relay Agent enabled DHCP-R Failed to open UDP port 67, erc =DM card type configured in slot slot # does not exist DM card in slot slot # is not usable, could not upgradeDM card in slot slot # signals it is operational DM card failed Flash download bad xx SrecDM upgrade success. Board=board #, Modem=modem # DM card in slot slot # will not come out of resetDM upgrade started. Board=board #, Modem=modem # Downloading Bootstrap to DM card in slot slot #Error downloading bootstrap program to adapter #’x’ Edrv transmit error error codeError closing file ’s’ Error downloading operational software to adapter ’x’Error during PVC initialization Access access index Error during channel initialization Access access indexError during port initialization Access access index Error initializing WAN card WAN card IdError reading file file name, section = section name Error opening file \system\ethernt2.binError programming adapter #’x’ hardware Error reading sdconf.rec fileFailed to allocate enough memory for Xilinx load file Failed to get a tone signaling sessionFacility not subscribed Slot=slot # Port=port # Failed to obtain Terminal info in smgrprocterminalauthsessFailure to allocate enough memory for Xilinx load file Failure during read of file ’s’Failure during Static RAM test on adapter # ’x’ Central Site Remote Access Switch Frietf detected PPP protocol from NAME, shutting down PVC File Access ErrFormatting Flash Memory Frame Relay event queue fullInvalid Cllm received on Access access index Installing File Set into Flash MemoryInterrupt fault on WAN Adapter in Slot slot # Invalid Password password givenInvalid SERIAL.001 file present, file is ignored IP Error from ESP datagram discardedIP x.x.x.x not added to the pool Unknown error y Invalid serial number in SERIAL.001, file is ignoredIP Cannot stop Proxy Arp for IP address #, no cmd buf avail IP Default Route not added, invalid next hop IP address #IP Invalid configuration for Network Interface dd IP Failed to de-register with IP Address Pool Manager erc=xIP IP router is initialized successfully IP Invalid Peer IP Address IP address, WAN IP Stream ClosedIP IP host is initialized successfully IP Network initialized successfully on ddd.ddd.ddd.dddIpcp Remote device does not negotiate IP address Ipcp IP Address Pool Out of IP addressesIpcp Option Negotiation Failure, Non-Convergence detected IP Host Call Dropped XID was not received from remoteIP RIP Initialization failed, unable to allocate buffers IP RIP All network interfaces usedIP RIP Buffers allocated IP RIP Send queue fullIPX Network Interface on LAN port port # not initialized IPX Invalid Ipxwc passedIPX Network initialized successfully on IPX IPX router initialized successfullyIpxwan IPX Internal Network Number must be configured IPX SAP Space available in service tableIPX SAP Unable to add service, service table full IPX SAP Buffers allocatedLAN Adapter Fatal Error Reported LAN Adapter Command TimeoutLAN Adapter configuration conflict LAN Adapter HW upgrade may be requiredLAN Adapter System resource error LAN Adapter ResetLAN Adapter Response Timeout LAN Init ErrorLMI alarm reset Access access index LAN Xmit ErrorLMI alarm on Access access index Manage Mode updates have been successfully committedManual restart initiated on DM board in slot slot # Memory Access TimeoutMismatch of configured and installed DM card in slot slot # Max ATI3 retries exceeded on modem modem # of slot slot #Negotiation Failure with Semipermanent device Modem modem # of DM card in slot slot # is unusableModem revision on modem modem # of slot slot # failed Network loop between site1 and siteNo Active Calls Active Sites Network sent Cause Spid not supported slot #, port #Network sent Status with state = 0, tear down call No Active List entry available in INMNot enough memory for Security module Out of LAN Adapter transmit command descriptorsNo Sites Connected Offnode server lookup of Dial Out User failedPAP Invalid password for name given by remote device Auto For over 5 minutes Report problem to Phone companyPAP Identification timeout on remote device Out Svc # slot # , port #Post number, Hdlc #number External Loopback Test Failed PAP Remote device rejected System Information error messagePAP Unknown name name given by remote device Post number, Hdlc #number Internal Loopback Test FailedPVC rcv wait q already full PVC for Dlci dlci index not ActivePVC not allocated for dlci index R2 not capable of Multichannel or Non-circuit callsReattempting to Install File Set into Flash Memory RBS LIFAddTimer failureRBSoutSMchannel # Timeout waiting for Wink RebootingReceived charge amount charge amount Replace Lithium Battery Contact your RepresentativeReserved signal Remote peer ID discrepancySecurity Rejection Timeout on Startup Complete Security Rejection Invalid Password password givenSecurity Rejection No Password given by caller Security Rejection Caller did not negotiate securitySignal for unknown CallCmd task task Id Semipermanent. Device x disconnected by adminSemipermanent. Device x reconnected by admin Slot #, port # Cfg ErrorSnmp Snmp initialized successfully Snmp Authentication failure, unknown community nameSnmp Snmp initialization failure unable to open UDP port Snmp Unable to obtain an Snmp Trap queue entry bufferSSB Post 23 i960hostintreg Failure SSB Post 27 i960timer82c54FAILURESSB i960 Post number not equal to i386’s SSB Post 24 i960iointreg FailureSSB Post 34 i960hdlc3 Failure SSB Post 32 i960hdlc1 FailureSSB Post 33 i960hdlc2 Failure SSB Post 35 i960hdlc4 FailureSystem Clock Fault on Wan Adapter in Slot slot # Successfully Loaded Release X.Y Issue ZSwitch could not recognize phone number nnnnnnn TCP Connection to CSM at IP address is UPTftp Local error #4 UDP rejected packet filename Tftp Local error #2 Feature not initializedTftp Local error #3 Server not initialized Tftp Local error #5 UDP open failedTftp Local error #18 Unable to open file filename Tftp Local error #14 Bad file nameTftp Local error #15 Bad mode string Tftp Local error #19 Disk full filenameTftp Remote error # 3 Text from Remote Host Tftp Remote error # 1 Text from Remote HostTftp Remote error # 2 Text from Remote Host Tftp Remote error # 4 Text from Remote HostTimeout detected on receiving caller’s number This card does not support R2 SignalingTimeout detected on connection establishment Timeout on Startup CompleteTried to free unallocated buffer sub name, size=size Type mismatch of configured & installed adapter # ’x’Too many digits in TN in Hostcallrequest Unable to Decrypt DatagramUnable to restore original ISRs for Interrupt interrupt # Unable to open \config\devdb.nei fileUnable to open Modem Upgrade file Unable to get Digital Modem resource to place callUpdating CyberSWITCH from FileName Unexpected error during transmission of LMI frameUnmatched Login Task Unknown Calling Bridge MAC addressWatchdog timeout detected on WAN board ’x’ WAN card in slot slot # signals it is operationalWatchdog timeout detected on DM board in slot slot # X25 facilities error, facilities not allowed in PVCX25 facilities error, invalid DTE address X25 facilities error, bad facility lengthX25 facilities error, invalid facilities length X25 facilities error, facility not allowedX25 facilities error, window size negotiation not available X25 facilities error, facility not availableX25 facilities error, packet length negotiation not allowed X25 facilities error, Rpoa not availableZone allocation failed, maximum capacity already configured Trace Messages Call Trace Messages Location CausesCall Trace Message Summary -BRD CFG ACK Slot=slot # Configure ack slot #Inband treatment has been applied Init data link slot #, port #, ces Off-hook warning tone on Out configure port #Interworking unspecified cause Origination call address is non-ISDNRecall dial tone on Received unknown signal valueOut init data link slot #, port # , ces Received unknown progress valueIP Filters Trace Messages PPP Packet Trace Messages Configure NAK Configure RequestConfigure ACK Configure RejectDiscard Request Trace MessagesEcho Reply Trace Message SummaryX25 Data LCN logical channel number, number of bytes bytes X25 DCE RR LCN logical channel number, number of bytes bytesSystem is sending a call request to the network Lapb Trace Messages Lapb Trace Message SummaryOut Lapb Disc Lapb SabmeLapb UA Out Lapb DMSystem Maintenance Remote ManagementRemote Management SITE.HQ Installation and Configuration Usage InstructionsTelnet IsdnEarlier Releases Central Site Remote Access Switch WIN95 DIAL-UP Networking Setting UP a NEW NumberSetting UP Server Type General tabDialing OUT Site HQ Isdn Users Report Files Statistics Files Config files Other Files Changing Carbon Copy Configuration Parameters Carbon CopyModem Type COM1Baud Rate Performing a File Transfer Using Carbon Copy Copy LCNETWORK.NEI HC\CONFIG\NETWORK.NEI Running Without Carbon CopyRemoving Carbon Copy System Commands Accessing Administration ServicesSetting the IP Address Accessing Dynamic ManagementViewing Operational Information Neif Connected Second column is the potential number of connections Viewing Throughput Information Throughput Monitor Contents Saving Operational Information Clearing Operational InformationTerminating and Restarting the Cyberswitch CONFIGURATION-RELATED CommandsLogin-Id Setting the Date and TimeTerminating Administration Sessions Appletalk Routing Commands Type StateFlags Default zoneNetwork range Physical addressDistance Zones validBridge Commands ZoneCall Control Commands Indicates that a call request process has been initiated Call peer phone number data rate device bearer Calling phone number at data rate, device PPP Call Detail Recording Commands Call Restriction CommandsDhcp Commands Compression Information CommandsCSM Commands Digital Modem Commands Frame Relay Commands Clears all statistics associated with the fr stat command IP Routing Commands Disables the trace Mask used for the destination Time since the last update was received IPX Routing Commands Ipx diag host ipx address timeout Isdn Usage Commands LAN Commands LOG CommandsPacket Capture Commands Pkt display Banyan Vines Packet Detail Screen Bridged Packet Radius Commands Radius ipres Spanning Tree Commands Serial Interface CommandsSnmp Commands Spanning Tree Port InformationSpanning Tree Bridge Information Bridge priority of the root bridge TCP Commands Telnet Commands Possible send parameters are defined as follows Terminal Commands Tftp Commands Tftp GETTrace Commands Tftp PUTUDP Commands User Level Security CommandsWAN Commands Commands Clears the statistics for the default VC System Statistics Connectivity StatisticsThroughput Monitoring Statistics Call Restriction StatisticsCall Statistics Appletalk Statistics Appletalk Protocol StatisticsNumber of AppleTalk Echo requests received Count of AppleTalk Echo replies received Number of NBP LookUp Requests received Appletalk Port Statistics Bridge Statistics Call Detail Recording StatisticsDecompression Related Statistics Compression StatisticsCompression Related Statistics Common Dhcp Statistics Dhcp StatisticsDhcp Relay Agent statistics and Dhcp Proxy Agent statistics Dhcp Relay Agent Statistics Dhcp Proxy Client Statistics Frame Relay Statistics Access Related StatisticsDigital Modem Statistics Init PVC Related Statistics LAN Statistics IP Statistics IP Group StatisticsNumber of IP datagrams successfully reassembled Icmp Group Statistics IPX Statistics IPX General StatisticsNetwork number portion of the IPX address of this system IPX RIP Statistics IPX Triggered RIP Statistics IPX Route StatisticsIPX SAP Statistics IPX Triggered SAP StatisticsRIP Global Statistics IPX Service StatisticsRIP Statistics RIP Interface StatisticsSerial Interface Statistics Snmp StatisticsSnmpInBadVersions SnmpInGetNexts TCP Statistics Statistics for Local or Client Initiated Tftp Activity Tftp StatisticsStatistics for Server or Remote Initiated Tftp Activity Statistics for ALL Tftp Activity WAN Frietf Statistics UDP StatisticsLayer 1 PRI Error Statistics WAN L1P StatisticsWAN Statistics Layer 1 General StatisticsStatistics Maximum number of active VCs allowed at any time Virtual Circuit VC Related Statistics USER’S Guide Executing Configuration Changes Routine MaintenanceINSTALLING/UPGRADING System Software Making Changes Using CfgeditObtaining System Custom Information Configuration Backup and RestoreMaking Changes Using Manage Mode Appendices System WorksheetsSystem Adapters Ethernet Adapter Side View Ethernet AdapterBRI-4 Adapter Side View Basic Rate AdapterFront View PRI-8 Adapter Side View Primary Rate Adapters PRI-8PRI-23 Adapter PRI-23/30 Adapter Front View PRI-8 Expander Adapter Side View Front View Adapter Side View Front View RS232 Adapter Side View DM-8 Adapter Digital Modems DM-8DM-24 Adapter OFF DM-24+ Adapter DM-24+/DM-30+DM-24+ Adapter Back view USA System Worksheets Network Topology Lines System DetailsResources Accesses Over IsdnAuthentication Information Frame Relay Information Device InformationBridging and Routing Information IP RoutingIP Routing IPX RoutingAppletalk Routing AppleTalk Routing/Port InformationSnmp PPP Main MenuIPX FR DBUPhysical Resources Menu Dhcp Options MenuWAN Rlan SPISnmp FR DBU SVC, PVC Security MenuCSM Radius Tacacs ACE CSM PPP STAC-L25CSM Radius TCP port Contacting Cabletron Systems Reporting ProblemsGetting Assistance Number of Pages Including this To Customer Service FromPhone FAX Cabletron Systems System Problem Report Administrative Console Commands Table Clears administration screen Command Use Cdr verifyVerifies call detail recording servers are configured Displays authentication messagesAdministrative Console Commands Table Log cdr erase Generates a triggered RIP/SAP update request toLocal log file only displays the call detail recording log Local log file only erases the call detail recording logChanges password for current access level Displays system errors and system messages Displays the current Tftp statisticsSets LCN index default value to m Writes current authentication messages to diskAccess or the specified access Specified X.25 accessManage Mode Commands Table Adds/changes/deletes an IPX address from the IPX Address poolIpxsvc add/change/delete Adds/changes/deletes an IPX service Central Site Remote Access Switch Cause Codes Table Cause Codes Table USER’S Guide Central Site Remote Access Switch USER’S Guide Central Site Remote Access Switch Dec Value Hex Value Cause UnknownBr stat IndexAtalk Clid 195 Cr stats 596 crossover cable DateHelp 113 Ip addrpoolIsdn usage commands 607 isolated mode IpcpModem devices Netstat -r 443 network flatteningOffnode 213, 216 STAC-LZSRadius Server configuring Restart 585 restoreSnmp 352 snmp stats 614 socket number 336 software Srcfilt 270 startneTerminal mode 33, 102, 392, 393 Trace lapbWr 72, 584 ws 72 Wan