AI296 Version 9.8x User’s Guide | Kentrox specification

AI296 Version 9.8x User’s Guide

AI296 Commands: aaa

profile Associates a custom profile with a privilege level or range of privilege levels. The following rules apply:

z TACACS+ privilege levels range from 0 to 15.

z Custom profiles can be associated with privilege levels 2 through 14.

z Privilege levels 2 through 14 default to the management system profile.

z Privilege levels 0, 1, and 15 are reserved for the Status, Management, and Supervisor system profiles (respectively).

Note: For information on creating custom profiles, refer to command profile on page 9-76.

Privilege levels are used only if the authorization method is set to priv-lvl. The only exception to this occurs under all of the following conditions:

1.The authentication server returns a privilege level.

2.The authorization server cannot be reached.

3.The authorization is set to per-command and fallback is enabled.

Note: For information on configuring the authorization method, refer

to command aaa author.

The following parameters are accepted:

zdefault—Removes the association between a range of privilege levels and a profile.

zpriv_range—Defines the range of privilege levels that will be associated with the profile. Individual values are separated by commas (,) and hyphens (-). For example, 1,4-6specifies privilege levels 1, 4, 5, and 6.

zprofile_name—Specifies the name of an existing profile.

retry Configures the number of consecutive connection attempts that are made to a TACACS+ server before the attempt fails. Consecutive attempts are only made if the TACACS+ server responds but refuses a connection. If no response is received from a TACACS+ server before the configured timeout period, then no further connection attempts are made. For information on configuring the timeout period, refer to command aaa on page 9-6.

The following parameters are accepted:

zretry_count—Defines the number of consecutive connection attempts that are made. Valid values are 1 to 100.

zdefault—Resets the number of connection attempts to the default value.

9-9

Image 267

Kentrox manual AI296 Version 9.8x User’s Guide

Contents

AI296TM Page About this Document Tip Document ConventionsConvention Meaning Labels Iii Ground Caution Proper Cooling Caution Electrostatic Discharge Caution FCC Warning Phone Support Customer AssistanceWeb Site Support Email Support Table of Contents Exiting the Menu System AI296 Local Menu System AI296 Link Types Asynchronous Asynchronous PPP HDLC-Bridge IP Over X.25 Subnet Configuration TOC-4 TID Multiplexing Diagnostics for TID Multiplexing AI296 Commands Appendix a AI296 System Codes AI296 Commands AI296 Menu Aliases FTP Sessions Appendix B Standalone Mode and Switch Mode Product Description Features Link-to-Link Call Routing Performance Monitoring, Maintenance, TroubleshootingRemote and Local Configuration Standalone Configuration TID Multiplexing System Diagnostics AI296 Hardware Components Links 9-12 Connector Links 5-8 ConnectorLinks 13-16 Connector Links 1-4 Connector Component Description Technical Specifications DP196 Distribution Panel Individual Port AccessDescription Specification CAB257 Cable Pin Signal Direction DB-25 Connectors Displays the RJ45 10BaseT connector Pin RJ45 10BaseT Connectors Asynchronous to TCP/IP Application Typical Applications Illustrates a common IP over X.25 application IP Over X.25 Networks AI296 Version 9.8x User’s Guide Mixed Asynchronous and X.25 Network Mixed Asynchronous and X.25 Networks AI296 Version 9.8x User’s Guide X.25 to TCP/IP Application To TCP/IP Application Illustrates a common X.25 trunking application Trunking AI296 Version 9.8x User’s Guide Using the AI198TM Menu System Accessing the Menu System Following four types of menu items are available Navigating the Menu SystemMenu Numbering Structure Types of Menu Items Menu re-appears with the entered IP address SubmenusToggles Data Functions Menu Item DescriptionsMenu Item Description Exiting the Menu System AI296 Local Menu System PPP Authentication Protocols PAP and Chap Multilevel User Name and Password SecurityRadius Authentication TACACS+ Authentication Logging Into AI296 Using a Telnet Connection for Login Consecutive failed login attempts Using an Asynchronous Port for Login Number of consecutive failed login attempts Accessing the Local Menu System Direction Keys Navigating the Local Menu SystemIdentifying Types of Menu Items Data Entry Items Toggle Items Send Accessing the Help Menu Save the changes Exiting the Local Menu System System Configuration Format General System Properties ConfigurationDestination Menu Break Sequence Description Menu Item Type Configuration in the AI198 Menu System Ethernet Port Settings Configuration in the AI296 Local Menu SystemToggle for both menu items This menu item sets the FTP server port number FTP Port This example displays 16 FTP port number set to IP Settings Menu Item Types Access Menu Passive Link Settings Access the System Menu Default is NoMinimum value is 25 seconds and the default is 60 seconds This item sets the system prompt value in the CLI System Prompt TCP Settings ToggleTo on This item sets the Telnet port value for AI296 Telnet Port This example displays Telnet Port set to Server Settings Radius Configuration Enabled To configure the shell/FTP Radius option Access Menu FALLBACK. The default is DisabledShell/FTP Options Enabled TACACS+ Configuration Shell/FTP Options 00049 Snmp Configuration Authentication TrapsAI296 Local Menu Item Configuration Data for all menu items Community Names WriteComm Menu Following example displays Node Information Contact Persons Snmp Manager 10.65.32.4 IP Address Settings Static Route Configuration TID to Modem Mux Configuration Inactivity TimeoutFollowing are available Initialization String This example displays Inactivity Timeout set to Port Bit Settings This example displays Init String set to conn23Toggle for all menu items TID to Route AI296 Local Menu Item Configuration Daylight Savings Time Time Configuration Sntp Settings Access the Time Menu located under the System Menu Settings Time Zone IP Over X.25 Subnet Configuration Before Configuration Configuration Overview Local IP Address for this Subnet Local Settings Local IP Subnet Mask Local X.25 Link Number This menu item configures the local IXE doorway link number Remote IP Address for this Subnet Remote Settings Remote X.121 Address 93.67.158.56 Link Configuration Asynchronous PPP AI296 has six configurable link typesAI296 Link Types Asynchronous Synchronous PPP HDLC-Bridge See Also BX.25 Configuration BX.25 Configuration Values UsageDefault is Enabled BX.25 Modulo BX.25 Support This example displays BX.25 Support set to Enabled BX.25 Timer Settings 00033 Link Type Availability Connect Options ConfigurationAccess Menu For 02 Alias, enter 2, and the alias name Alias This example displays 02 Alias set to async.4.1 Call Retry Interval This example displays 03 Call retry interval set to Connect String When Is on Connection SettingsConnection settings are configured using three menu items Default is OFF 00030 Link Application Destination AppAlias Disconnect Options Configuration Disconnect Inactivity Timer SettingsDisconnect inactivity timer when the link receives a call Select on or OFF. The default is on This example displays Off. The default is On This example displaysIs Off Disconnect Settings Disconnect settings are configured using two menu itemsDefault is on Disconnect String Disconnect General Link Properties Configuration Auto Disable Error LimitAsync, AsyncPPP, HDLC-Bridge, MLT, SyncPPP, Async and AsyncPPP Flow Control Access the Link Menu Hardware Interface Interface TypeThis example displays SW Flow Control set to XonXoff This example displays Interface Type set to Interface Mode Access menu 4.2.11.12.8 for MLT or menu 4.2.11.12.7 forMLT This menu item defines a description for a link Link Description This example displays Link Description set to New X.25 Link Link Mode Link Number This example displays 05*Link mode set to Passive This menu item enables or disables a link Link StateThis example displays 01 Link number set to This example displays Link state set to Down Link Type Passive Link with Clocking Default is Disabled This menu item defines the number of databits in a data byte Port Data Bits This example displays Port data bits set to Seven Port Parity Data in the AI296 local menu system Port SpeedThis example displays Port parity set to Odd This menu item defines the baud rate for a port Hdlc Menu 4.2.11.12.5 appears Port Stop Bits This menu item sets the binary encoding on a port Sync Port Encoding Aysnc and AsyncPPP Xon Repeat Interval This example displays 10 Xon Repeat interval set to AsyncPPP and SyncPPP General PPP Properties ConfigurationIpcp Address Settings Following menu items are available for PPP configuration Ipcp Address Parameters Set to Maximum Unit Settings For an Ipcp network control protocol Network Control Protocol Ipcp Frame Settings Lapb Parameters Configuration Size set to For Frame Window Size, enter the window size. The default is Lapb Timer Settings N2 Retry Counter 150 Modem String Modem Option Configuration Dialing Time-out Interval This example displays Dialing time-outset to Number of Dial Attempts This example displays Number of dial attempts set to Modem Setup Menu Local Authentication Settings PPP Authentication Configuration PAP RAS Option Radius Remote Authentication Settings Chap Quick X.25 Configuration Active Number of PVCs Packet Settings This example displays Number of PVCs set toToggle for max packet size Data for packet window size 128 256 512 Normal Passive Extended SVC Settings This example displays SVC Low set to 250 and SVC High set to Local Address This example displays X121 Local Address set to RTS/DTR Lead Control Configuration DTR State ConfigurationAsync and AsyncPPP and SyncPPP RTS State Configuration Flow Control DTR connect state Off DTR disconnect state Maximum Packet Size Parameters Configuration This example displays Max Packet Size set to Packet Window Size This example displays Packet Window Size set to Protocol Version Counter Settings Default is This example displays Facilities Negotiation Timer Settings 12,90000 Parameters Menu 43729 Virtual Circuit Configuration PVCs are configured using four menu items PVC Configuration Settings Menu PVC Type LCN Range CallTmr ResetTmr PVC Type Timer Type Range Default For Timer Value, select the timer interval value Passive Reset Timer This example displays SVC Configuration Settings Menu Item Type 0005 TID Multiplexing Overview AI296 Version 9.8x User’s Guide TID Multiplexing Configuration Configuring the Parent AliasMenu appears Values are 1 to Destination TidforAI296 Defines the terminal identifier for AI296 Configuring the Children Aliases During the parent alias configuration TIDtid For Alias name, enter Example Configurations YES Alias Edit Menu Alias Name 172.16.1.23#1000 TL1DM.1 Alias Edit Menu Alias Name Response Item Description TID Multiplexing TroubleshootingParameters Normal Response Format Normal Response Example Error Response Format Diagnostics for TID Multiplexing Error Response ExampleErrcde AI296 Version 9.8x User’s Guide Alias and Call Routing Configuration AI296 Card B IP address DownstreamIncoming Outgoing Call Tocardb X25.2.67891 Call Routing Configuring an Alias in the AI198 Menu System AI296 Version 9.8x User’s Guide Configuring an Alias in the AI296 Menu System Alias Edit Menu Arranging Aliases in the Alias Table Configuring an Alias with X.25 Keep-Alive Where Notifies the 296 that this is the X-25 keep-alive feature Source/Destination Protocol Tables Following options are available Asynchronous Source Without Breaks AI198Source Destination Menu Item Information Async 25 SVC On a CR Asynchronous Source With Breaks AI198Async With Following options are available TL1 Break Packetized Option X.25 SVC Source Without Breaks AI198 Time X.25 SVC Source With Breaks AI198Called Packetizing With async Break Address Async Call data 25 PVC Alias name X.25 PVC Source Without Breaks AI19825 PVC 25 SVC Alias name Called Following options are available Address TCP/IP Source Without Telnet Breaks AI198 25 PVC Async with Alias name25 PVC Async break Called 25 PVC TL1 PAD TL1 With Called Async Alias nameTCP/IP Source With Telnet Breaks AI198 With Called Following options are available Break Address Async with Alias name Async break CalledAsynchronous Source Without Breaks AI296 Async 25 PVC Alias name Async 25 SVC Alias name TL1 Break Async Address Packetized Call data 10 Asynchronous Source With Breaks AI296Protocol Async 25 PVC Alias name Async With Called 11 X.25 SVC Source Without Breaks AI296 Break Address Caller’s 12 X.25 SVC Source With Breaks AI296 14 X.25 PVC Source With Breaks AI296 13 X.25 PVC Source Without Breaks AI296 15 TCP/IP Source Without Telnet Breaks AI296 16 TCP/IP Source With Telnet Breaks AI296 Async with Alias name Module Types Protocol Processing Modules Aepx Causes the PAD protocol to reply to X.25 breaks Enables Macstar compatibilityPrevents the PAD protocol from passing breaks upstream Prevents the PAD protocol from passing breaks downstream Specify up to 16 characters An X.25 when X.3 parameter 3 is set toProvides packetizing and sets the packetizing timer to To zero, the option is turned off Propagated upstream Carriage return and semi-colonFeed and delete Provides packetizing but prevents breaks from being To zero, this option is turned off Provides TL1 packetizing and prevents breaks from passing Provides TL1 packetizing and sets the packetizing timer toSeconds Feed and delete Module Arguments Module Properties Entry Description Comments Start SymbolsAlias Macros Alias Macro Components Variable Value Wildcard SymbolsConstants Variables Operator Description Operators Character in a string 20 Alias Macro FunctionsAlias Macro Function Description of Operation Returns the Ascii integer value of the first Xth character and continuing to the right-most end Match any of the expressions, then default is20 Alias Macro Functions Returns characters from string starting with Configuration Examples Alias Macro Configuration =LA,PA,’#’,1-1=MYIP1 Alias Configuration Examples SVC to SVC ConnectionExamples are given for the following connections TL1 SVC to PVC Connection SVC to PVC Connection Diagram PVC Called address PVC to SVC Connection 16.X25.2.3 MLT Call Routing Example MLT Route MLT6 Link-to-Link Routing Example Menu F1 Help F2 Send F4 Close Ctrl-R Return to Main Menu AI296 Commands Establishing a Local Shell Connection Commands OverviewShell Commands Shell Connections Establishing a Remote Shell Connection Log/Alarm Message Header Winslc CommandsDisplaying winslc Command Logging Using winslc Commands Header Element Description Shell Command TypeAaa Formats Enable-Enables TACACS+ authentication All-Enables or disables TACACS+ authentication on allAsync-Enables or disables TACACS+ authentication on Disable-Disables TACACS+ authentication AI296 Version 9.8x User’s Guide AI296 Version 9.8x User’s Guide Examples Command Defaults AAA Alarm HyphensFollowing parameters is accepted Unmask. Valid values are existing alarm groups Alarm groupSelf-clearing alarms clear themselves when the problem that Caused the alarm is resolved This example displays all system alarms in group links This example displays alarms for links 5-8in group linksThis example displays all alarms by severity level This example displays the unmasking of alarm group links Arp Command Types Column Description 296arp -d Mapping for 10.40.53.2 deleted Break 296break 10.40.5.11#1821 Breaking connection 10.40.5.11#1821 This example displays the dumping of the bridge table Bridge Example, 1,2-3 to reset error counters for links 1, 2, CresetTo reset error counters for links 1, 2, Reset error counters for links 1 Date Debug This example displays the enabling of all debug data logging This example displays the deletion of file log.txt This command deletes a specified file that resides on AI296Delete Filename Defines the name of the file to delete Display Item Description Diag-conn Logic 4 and Pattern 5 are considered This option prompts for the ID of the connection to viewDisplays details for that connection Pattern 1, Logic 2, and Pattern 3 are evaluated before Diag-eth Using Interpretation Mode Using the Help Option Defines the source address MAC, IP, or TCP/UDP Following formats apply to filtersAdds a filter Deletes a filter Protocol filters are MAC/IP address settingsDefines the TCP/UDP port number regardless Adds or deletes a specific protocol filter. Available This example displays Ethernet diagnostic help information Ijkl FF FC This example displays the deletion of all filters This example displays the deletion of filter protocol tcp Diag-info Buffers were available Displays the link numberMeans the X.25 frame level is not established Means the X.25 frame level is established Displays the number of free or available Streams resources Last rebootedRebooted Displays the name of the Streams resource Displays the number of bytes coming into the link Connection to be enabledDisplays the state of the driver. Two states are available Specifies that the link is not established Displays the number of short received frames Had CRC errorsDisplays the number of frame length violations Received packets Displays the number of times transmitted frames Displays the number of frames received onConnection Displays the number of bytes received on Displays the number of bytes received on the connection Does not indicate an errorDisplays the number of transmit errors that have occurred Displays the number of frames received on the connection Error is recorded when the following events occur ErrorsDisplays the number of alignment errors Excessive deferral timer is exceeded. An excessive deferral Ethernet interface is uninitialized Ethernet interface needs to be resetDisplays the current state of the Ethernet interface. Following values may appear Option Function Diag-line Diag-line Displayed as Ascii String Only present in data packets, then the data byte count is Baseport Defines the baseport number for AI296 Diag-tconn This example displays all available files Dir This example displays an exit from the current shell session Exit Defines the name of the file to display This command displays the first few lines of a fileDefines the number of lines to display. The default is Head Help This example displays a list of all available commands This example displays help information for command show This command displays the current user name and profile Formats ExamplesThis example displays the current user name and profile This example displays the configured IP address information Ip init Enter IP Address Range default 1 Setting range to 296 Link This example displays the stopping of links 6 This example displays the starting of links 1 through 4 Baseport Indicates the baseport number of AI296 This command displays link statistic informationFor the AI296 system command Linkstat C D 9600 RS-232 @AI198154041 072204 Sev=F Base=064 Msg Log This command turns the display of log messages on or off This command closes a shell session LogoutThis example displays the closing of a shell session This command displays a list of available files This command accesses the AI296 main menu system MenuThis example displays the AI296 Main Menu More Pad Sets page wait to n lines Resets the current callEnables the transparent mode of operation This example displays the setting of the PAD profile Baseport Defines the AI296 baseport number This command forces AI296 to crash dump and haltPanic Winslc Passwd This command changes an existing user’s password Ping Pppstatus IP address of AI296 if the link status is Running Displays one of the following Have write permission Command Type shell FormatsProfile Profilename-Defines the name of a user profile Newprofile-Defines the name of a new user profile Lists all user profile namesRemoves a user profile. The following parameter is accepted Pvcedit Forces the PVC to become passive This example displays PVC information for link Pvclist Column Description Reset This command resets AI296This example displays the resetting of AI296 This example displays AI296 receiving two files from a PC Configuration file SelcnfCnf extension Sholog PDisplays the content of the file one page at a time Displays crash dump information ShowDisplays comments Displays all active connections Displays link data. The following parameters are accepted MAC address when in standalone modeDisplays the default and backup gateway IP address Displays WAN diagnostic information This example displays the serial link performance for links This example displays the AI296 version number This command displays the status of the EIA leads StaeiaLead is negated CTS Standalone This example displays the current standalone mode status Staslc Displays the number of overrun errors Is asserted and means the signal is negatedDisplays the number of parity errors Displays the number of framing errors Syncflash Sz filename Tacacs Made to the TACACS+ server This example displays a TACACS+ debug log fileTACACS+ server Displays the number of failed connection attempts that were Configuring the time out value, refer to command aaa on Displays the number of errors that occurred when AI296When AI296 attempted to read a packet from the TACACS+ Were received when AI296 attempted to read them from Tacacs server Authen-Enables or disables the authentication phase for Configures the AAA phases that are allowed for specifiedAccount-Enables or disables the accounting phase for All-Enables or disables all AAA phases for the specified Disabled Associated servers are enabled + or disabledDisplays the server numbers. The +/ signs indicate if Servers Displays the TACACS+ shared secrets passwords for specified This example displays the last 10 lines of file userlog.txt This command displays the last few lines of a fileTail Specifies that a line number value will be entered Tcpoutconn Tftp Tftp 106 File Downloaded successfully 296 Tftpboot 109 Timezone 111 Default TracePriority Level This example displays the configuration of trace This example displays the traceroute to IP address Traceroute Defines the file for which you want to view the contents TypeDisplays text from the file one page at a time Defines the source file to copy Update Uptime Profilename Permission Useradd Description of Permissions Profilename Specifies a user who can only execute the following commands Userdel Users Who Xvc 124 This appendix provides information about AI296 system codes AI296 System Codes Cause Codes and Diagnostic Codes Standard Reset Indication Cause CodesCause Code Description Standard Clear Indication Cause Codes Kentrox-Specific Reset Indication Cause Codes0X1D Reset due to network out of order 0x9B Remote DTE originated reset Standard ISO Diagnostic Codes Ccitt Diagnostic Codes0x39 Ship absent 0x7F Registration/cancellation confirmed Cause Code Description Cause Code Description Kentrox-Specific Diagnostic Codes Error Code Description Hexadecimal Decimal Crash CodesCommon Crash Codes AI296 Crash Codes System Failure Crash Reports Kentrox Technical Support AI296 Version 9.8x User’s Guide Standalone Mode and Switch Mode Transfer the software image to AI296 Standalone ModeDownloading Software for a Standalone AI296 At the FTP prompt, open AI296 Configuring BOOTP/TFTP Switch Mode Downloading Software for AI296 in Switch ModeAt the FTP prompt, open AI198 Defines the software image file name Transfer the software image to AI198 AI296 Version 9.8x User’s Guide Commands for AI296 TACACS+ Server Enhancements Following keyword lets users access destinations AI296 Commands Menu Menualias AI296 Menu Aliases Following AI296 keywords apply to FTP access Provides FTP read accessFTP Sessions