Version
X-Pedition Security Router
XSR-3020 Getting Started Guide
Page
Enterasys Networks, Inc 50 Minuteman Road Andover, MA
Regulatory Compliance Information
Federal Communications Commission FCC Notice
Industry Canada Notices
R & TTE Directive Declaration
Class A ITE Notice
Clase A. Aviso de ITE
Product Safety
Seguridad del Producto
Produktsicherheit
Electromagnetic Compatibility EMC
Supplement to Product Instructions
VCCI Notice
BSMI EMC Statement - Taiwan
Declaration of Conformity
Manufacturer’s Name Enterasys Networks, Inc
Australian Telecom
Federal Information Processing Standard FIPS Certification
Independent Communications Authority of South Africa
VPN Consortium Interoperability
Enterasys Networks, Inc. Firmware License Agreement
BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT
CAREFULLY READ THIS LICENSE AGREEMENT
You and Enterasys agree as follows
5. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The enclosed Program i was developed solely at private expense ii contains “restricted computer software” submitted with restricted rights in accordance with section 52.227‐19 a through d of the Commercial Computer Software‐Restricted Rights Clause and its successors, and iii in all respects is proprietary data belonging to Enterasys and/or its suppliers. For Department of Defense units, the Program is considered commercial computer software in accordance with DFARS section 227.7202‐3 and its successors, and use, duplication, or disclosure by the U.S. Government is subject to restrictions set forth herein
11. ASSIGNMENT. You may not assign, transfer or sublicense this Agreement or any of Your rights or obligations under this Agreement, except that You may assign this Agreement to any person or entity which acquires substantially all of Your stock assets. Enterasys may assign this Agreement in its sole discretion. This Agreement shall be binding upon and inure to the benefit of the parties, their legal representatives, permitted transferees, successors and assigns as permitted by this Agreement. Any attempted assignment, transfer or sublicense in violation of the terms of this Agreement shall be void and a breach of this Agreement
Contents
Chapter 2 Hardware Installation
Chapter 3 Software Configuration
About This Guide
Configuring the WAN Ports
Appendix A Specifications
Index
Page
Contents of the Guide
About This Guide
Conventions Used in This Guide
Bold/En negrilla
Italics/It áli ca
Getting Help
Page
Overview
System Description
Hardware Features
Figure 1-1 Typical XSR-3020 Topology
Figure 1-2 XSR-3020
Software Features
Operating System
Industry-common CLI
IP Protocol
IP Routing
SNMP and Statistics Gathering
Security
Frame Relay
Dynamic Host Configuration Protocol DHCP
Integrated Services Digital Network ISDN - BRI/PRI
Quality of Service QoS
Virtual Private Network VPN
GRE over IPSec
Dial Service
Dial Backup
Asynchronous Digital Subscriber Line ADSL
Dial-on-Demand/Bandwidth-on-Demand DoD/BoD
Installation Overview
Installation Overview
1-12 Overview
Hardware Installation
Installation Site Suggestions
Introduction
Verifying Your Shipment
Installing NIM Cards and Rack Mounting
Figure 2-1 Removing XSR Cover
Figure 2-2 Removing NIM Slot Cover
Figure 2-3 Attaching NIM card to Motherboard
Figure 2-4 Fastening Rack Brackets
Figure 2-5 Attaching XSR to Rack
3020
3020
Installing a CompactFlash Memory Card
CompactFlash Card Installation
Figure 2-6 Typical CompactFlash Card
Figure 2-7 Removing CompactFlash Cover Plate
CompactFlash Card for the ADSL NIM
Formatting the CompactFlash Card
Figure 2-8 Installing CompactFlash Card
Connecting Cables
Figure 2-9 Connecting Serial COM Console Cable
Figure 2-10 Attaching T1/PRI or BRI Port Connector
Figure 2-11 Connecting High Speed Serial Connector
Figure 2-12 Attaching T3/E3 BNC Connectors
ALARM
ENABLE
Figure 2-13 Connecting ADSL Connector
Figure 2-14 Attaching T1 Drop & Insert Connector
3020
NIM1
Figure 2-15 Attaching Ethernet Connector
Figure 2-16 Inserting Mini-GBIC Module
Link TX G
ETH3
Figure 2-17 Attaching Ethernet LAN NIM Connector
Figure 2-18 Attaching Ethernet Fiber LAN NIM Connector
3020
3020
Figure 2-19 Connecting Power Supply Cord
100~125V~1
LINE
200~240V~0.25A
Software Configuration
Initializing XSR Software
ETHERNET Activity LEDs blink when frames pass on the LAN
Optional Configuring Remote Auto Install
Configuring RAI for Frame Relay
Opening a COM Console Session
Characteristics” on page
XSRconfig-ifS1/0.1#exit XSRconfigexit
Configuring RAI for DHCP over LAN
Configuring RAI over ADSL
Page
Configuring the XSR Name and User Information
Setting the Clock
Setting User Name, Privilege and Password
3. Enter hostname your XSR designation
Configuring the LAN Ports
Configuring the WAN Ports
PRI Configuration
BRI Configuration
BRI Leased Line
BRI Leased Frame Relay
BRI Switched Line
ADSL Configuration
PPPoE
PPPoA
Firewall Sample Configuration
IPoA
Figure 3-1 XSR with Firewall Topology
Setting Up RIP Routing
Setting Up RIP Routing
3-14 Software Configuration
Configure OSPF Routing
Configuring Frame Relay Point to Point Networks
Setting Up an SNMP Community String, Traps and V3 Values
Configuring Message Logging and Severity Level
Viewing Your Configuration
7. Optional. For SNMPv3, enter snmp-server user username group name
Connecting Remotely via the Web
Figure 3-2 Initial Web Access Window
Product Version
X-Pedition Products
Figure 3-3 Web Product Version Window
LAN-PPP Services Sample Configuration
Figure 3-4 Sample LAN-PPP Services Configuration
Backup Site Hostname branch2
Frame Relay WAN Link with PPP Backup Sample Configuration
Configure Users and Passwords
Configure LAN Interface
Configure Quality of Service
Configure WAN/Frame Relay Port
Configure OSPF Routing
Configure More Access Lists
Apply QoS
Configure DHCP/BOOTP Relay
Configure the Dial Backup Connection
VPN Site-to-Site Sample Configuration
Configure SNMP
Central Site
Branch Sites
Configure Access Control Lists
Set Up IKE Phase I Security
Configure IKE Policy for Remote Peer
Generate Master Encryption Key
Configure Crypto Maps
Configuring VPN at Interface Mode and Setting Up RIP
Create a Transform Set
VPN Sample Configuration with Network Extension Mode
Configuring Authentication AAA
Figure 3-6 VPN Topology with NEM, EZ-IPSec and Internet Access
GigabitEthernet 1 172.16.10/24
eth0 10.11.11.1/24
Gigabitethernet 2 26.26.26.10/24
Create the ISAKMP IKE global peer
XSR Rebooting Characteristics
Initialization Output
Reboot Triggers
Table 1 Reboot Triggers
Boot Type
Cause
Power-up Error Conditions
Table 1 Reboot Triggers continued
Power-Up Reboot
Reload Command from the CLI
Bootrom Monitor Mode Commands
Page
copy
Page
remove
rename
This command shows network values with the following sample output
This command shows the bootrom version with sample output below
Bootrom Monitor Mode Commands
3-42 Software Configuration
Specifications
System Specifications
Table A-1 XSR Hardware Specifications
Category
Cable, CompactFlash and Accessory Specifications
Table A-1 XSR Hardware Specifications continued
Table A-2 XSR Cabling/Accessory Guide
Connector
Table A-2 XSR Cabling/Accessory Guide continued
Connector
Cable, CompactFlash and Accessory Specifications
Part Description
COM Console Port
Signal
Figure A-1 COM Port Pinouts
GigabitEthernet Ports
Mini-GBIC Fiber, Copper Port
Signal
Figure A-2 GigaBitEthernet Port Pinouts Eth
Regulatory/Safety Compliance
Copper/Fiber-optic Ethernet NIMs
Signal
Figure A-3 Copper Ethernet NIM
2/4-Port Serial NIM Card Port
J1 68-pin male SCSI II type connector
J2 - J5 DB-15 type male connector
Figure A-6 High Speed Serial NIM Port
J1 68-pin male SCSI II type connector
J2 - J5 DB-25 type male RxD2+connector
Figure A-8
EIA-232/530 DTE Pin Assignments
J2 - J5 DB-37 type male connector
J1 68-pin male SCSI RD2+II type connector
Figure A-9
EIA-449 DTE Pin Assignments
J1 68-pin male SCSI III-type connector
J3, J5 V.35-type male connector
J2. J4 DB-25-type male connector Pins not shown are unused
Figure A-10 Combined V.35/EIA-232/530 DTE Pin Assignments
J1 68-pin male SCSI II type connector
J2 - J5 V.35 type male connector
Figure A-11
V.35 DTE Pin Assignments
T1/E1/ISDN PRI NIM Card Ports
Regulatory/Safety Compliance
Signal
Figure A-12 4-Port T1/E1/ISDN PRI NIM Card RJ-48C ports shown
Balun for E1 or PRI NIM Cards
Grounding Shunt for E1 NIM Cards
Figure A-14 Balun for E1 or PRI Connection
Figure A-15 Sample Grounding Shunt
Installing Shunt/Terminal Strip
Figure A-16 Installing a Grounding Shunt on the E1 NIM Card
T3/E3 NIM Card
Regulatory/Safety Compliance
Figure A-17 1-Port T3/E3 NIM Card
1/2-Port BRI-S/T NIM Card Ports
Signal
Figure A-18 ISDN BRI-S/T NIM Card RJ-45 ports shown
Figure A-19 ISDN BRI-S/T -NIM Pinouts
Termination Shunt for the ISDN BRI-S/T NIM Card
Installing Shunt/Terminal Strip
Figure A-20 Installing a Termination Shunt on BRI-S/T NIM Card
Receive Pair Termination
1/2-Port BRI-U NIM Card Ports
Regulatory/Safety Compliance
Signal
Figure A-21 ISDN BRI-U NIM Card RJ-49C ports shown
1-Port ADSL NIM Card Port
Regulatory/Safety Compliance
Signal
Figure A-23 ADSL NIM Card
T1/E1 Drop & Insert D&I NIM
Regulatory/Safety Compliance
Signal
Figure A-25 T1/E1 D&I NIM Card
CompactFlash Memory Card
LED Behavior
Figure A-27 CompactFlash Memory Card
Figure A-28 XSR LEDs
Table A-3 LED Description continued
State
Function
Index
how to attach the Ethernet serial cable
