Manuals / NEC / Computer Equipment / Network Router

NEC NWA-008869-001 manual Telnet Security, Changing the telnet port number

Models: NWA-008869-001

1 180

Download 180 pages 45.76 Kb

Page 161

Image 161

CHAPTER 6 MANAGEMENT AND MAINTENANCE

TELNET SECURITY

The telnet-server ip enable or telnet-server ipv6 command permits all hosts connected to the In-Skin Rout- er to establish a connection. You can increase the security of telnet in two ways:

(1)Change the telnet port number

(2)Permit only a specific host to gain access with telnet

Changing the telnet port number

In this example, the port number 2323 is set.

Router # enable − config Enter

Router (config) # telnet − server ip port 2323 Enter

Router (config) #

Permitting only a specific host to gain access with telnet

In this example, only the source address “1.1.1.1/32” is permitted to gain access. “tokyo” is set as an access list name.

Router # enable − config Enter

Router (config) # ip access − list tokyo permit ip src 1.1.1.1/32 dest any Enter

Router (config) # telnet − server ip access − list tokyo Router (config) #

Enter

– 151 –	NWA-008869-001 Rev.1.0
	atch6001.fm

Page 161

Image 161

NEC NWA-008869-001 manual Telnet Security, Changing the telnet port number

Contents

NWA-008869-001 ISSUE In-Skin Router Installation GuideNEC Corporation JUNENEC Corporation LIABILITY DISCLAIMERNWA-008869-001 In-Skin Router Installation GuideNEAX IPS NWA-008869-001 In-Skin Router Installation GuideNEAX IPS NWA-008869-001 In-Skin Router Installation GuideNEAX IPS THIS PAGE LEFT BLANK INTENTIONALLY NEAX IPS In-Skin Router Installation GuideTABLE OF CONTENTS TABLE OF CONTENTS TABLE OF CONTENTS INTRODUCTION PURPOSEOUTLINE OF THIS MANUAL This appendix explains specifications related to the In-Skin Router APPENDIX SPECIFICATIONSINTRODUCTION OUTLINE OF THIS MANUALTerminal Name TERMS IN THIS MANUALPBX System Designation During installation, refer also to the manuals below System Manual REFERENCE MANUALInstallation Procedure Manual Contains the installation procedure for the PBX systemNWA-008869-001 Rev.1.0 CHAPTER GENERAL INFORMATIONCHAPTER 1 GENERAL INFORMATION Backup Power Main Feature of In-Skin RouterSYSTEM OUTLINE High-speed transfer capabilityIPv6 over IPv4 IPv6/IPv4 TunnelingBroadband Service Support Broadband Service SupportNetwork Connection Network ConnectionIn-Skin Router Card Name and Function CARD NAME AND FUNCTIONCARD NAME FUNCTIONALSYSTEM CONDITIONS SettingEthernet Connection Digital Private Line ConnectionNWA-008869-001 Rev.1.0 THIS PAGE LEFT BLANK INTENTIONALLYatch1001.fm NWA-008869-001 Rev.1.0 CHAPTER INSTALLATIONCHAPTER 2 INSTALLATION Static Electricity Guard PRECAUTIONSStatic Electricity Guard CHAPTER 2 INSTALLATIONStatic Electricity Guard WHEN MAKING A SWITCH SETTING ON A CIRCUIT CARDWHEN CARRYING A CIRCUIT CARD NWA-008869-001 Rev.1.0 CHAPTER 2 INSTALLATIONPRECAUTIONS Required Equipment for In-Skin Router REQUIRED EQUIPMENTEQUIPMENT DESCRIPTIONREQUIRED EQUIPMENT CHAPTER 2 INSTALLATIONInstallation Procedure INSTALLATION PROCEDUREPage Page PagePage Page Installation ProcedurePage PagePN-CP24-A/PN-CP24-B Switch Settings of MP CardCOLOR LAMPFUNCTION NAMESWITCH SWITCH NAMESETTING CHECKSWITCH SWITCH NAMESETTING FUNCTIONSWITCH SWITCH NAMESETTING FUNCTIONJP0 Jumper pin Battery backup ONFor normal operation SWITCH NAMELocations of Lamps, Switches, and Connectors PN-CP27-ACOLOR LAMPFUNCTION NAMESWITCH SWITCH NAMESETTING FUNCTIONSWITCH SWITCH NAMESETTING FUNCTIONNot used SW4 Dip SWNOTE3 SWITCH NAMESWITCH SWITCH NAMESETTING FUNCTIONCHAPTER 2 INSTALLATION Switch Settings of PN-RTA CardINSTALLATION PROCEDURE Contents Static Sensitive Handling Precautions RequiredSWITCH SWITCH NAMESETTING LAMPSWITCH SWITCH NAMESETTING FUNCTIONLAMP Switch Settings of PZ-M649 CardCOLOR FUNCTIONSWITCH SWITCH NAMESETTING FUNCTIONDTI1 DTI0DTI2 DTI7LAMP Switch Settings of PZ-M650 CardCOLOR FUNCTIONSWITCH SWITCH NAMESETTING FUNCTIONDTI1 DTI0DTI2 DTI7INSTALLATION PROCEDURE Switch Settings of PN-24DTA-C CardCHAPTER 2 INSTALLATION COLOR LAMPFUNCTION NAMESWITCH SWITCH NAMESETTING FUNCTIONSWITCH SWITCH NAMESETTING FUNCTIONHong Kong/Taiwan North America onlySWITCH NAME SWITCHSWITCH SWITCH NAMESETTING FUNCTIONCHAPTER 2 INSTALLATION Switch Settings of PN-30DTC-C CardINSTALLATION PROCEDURE Contents Static Sensitive Handling Precautions RequiredCOLOR LAMPFUNCTION NAMESWITCH SWITCH NAMESETTING FUNCTIONSWITCH SWITCH NAMESETTING FUNCTIONSWITCH SWITCH NAMESETTING FUNCTIONLAMP Locations of Lamps and Connectors of PZ-M623 CardCOLOR FUNCTIONMounting PZ-M649 Card/PZ-M650 Card/PZ-M623 Card on PN-RTA Card Mounting PZ-M649 Card/PZ-M650 Card/PZ-M623 CardTaking off Screws PN-RTA Card Mounting Slots Mounting PN-RTA CardCHAPTER 2 INSTALLATION PIM for Backup CPU SystemINSTALLATION PROCEDURE For Backup CPUPN-RTA - IP network Cable Connection LAN Cable Connection of PN-RTA CardCHAPTER 2 INSTALLATION INSTALLATION PROCEDURECable Connection of PZ-M649 Card PZ-M649 - Digital private network T1 Cable Connection Cable Connection of WAN connector on PZ-M649 CardCHAPTER 2 INSTALLATION Location of AP Slots and LTC Connectors for PN-24DTA-C DTIINSTALLATION PROCEDURE L L L L L L L L L L L L T T T T T T T T T T T TCHAPTER 2 INSTALLATION Example of MDF Cross Connection for PN-24DTA-C DTIINSTALLATION PROCEDURE Continued on next pageExample of MDF Cross Connection for PN-24DTA-C DTI CHAPTER 2 INSTALLATIONINSTALLATION PROCEDURE Cable Connection of PZ-M650 Card PZ-M650 - Digital private network E1 Cable Connection Cable Connection of WAN connector on PZ-M650 CardCHAPTER 2 INSTALLATION INSTALLATION PROCEDURECHAPTER 2 INSTALLATION Location of AP Slots and LTC Connectors for PN-30DTC-C DTIINSTALLATION PROCEDURE L L L L L L L L L L L L T T T T T T T T T T T TCHAPTER 2 INSTALLATION Example of MDF Cross Connection for PN-30DTC-C DTIINSTALLATION PROCEDURE Continued on next pageExample of MDF Cross Connection for PN-30DTC-C DTI CHAPTER 2 INSTALLATIONINSTALLATION PROCEDURE PZ-M623 - IP network Cable Connection LAN Cable Connection of PZ-M623 CardCHAPTER 2 INSTALLATION INSTALLATION PROCEDUREConnecting Local Console to PN-RTA Card Connecting Local Console to PN-RTA CardCHAPTER 2 INSTALLATION INSTALLATION PROCEDURENWA-008869-001 Rev.1.0 THIS PAGE LEFT BLANK INTENTIONALLYatch2001.fm NWA-008869-001 Rev.1.0 CHAPTER BASICOPERATIONS AND VARIOUS EXPLANATIONSCHAPTER 3 BASICOPERATIONS AND VARIOUS EXPLANATIONS Error message that may be displayed during command entry COMMAND ENTRYCommands Moving the cursor Editing characters on the command lineKEY OPERATIONS AND SCREEN DISPLAYS MEMO Upon a restart, the command history is cleared Calling previously entered commandsGetting assistance in command entry Help functions Entering an abbreviation of a commandScreen displays Notes on command entryUse of ASCII characters not including control characters Double quotation marks “MODES Mode configurationMode Configuration From config mode to operation mode Changing the In-Skin Router between operation and config modesFrom operation mode to config mode From operation mode to login authentication logout Changing the In-Skin Router between different config modesFrom global config mode to interface or device config mode From interface or device config mode to global config modeRegistering users and setting user rights LOGIN AND USER RIGHTSIf you have logged in with the administrator right User rightsChanging passwords Erasing users LoginUse of modes by more than one user Forced logout due to timeoutSetting data and programs SETTING DATA AND PROGRAM FILESSetting data ProgramFlash memory Locations used to store setting data and the programLocations Used to Store Setting Data At startup by turning ON the power switch Startup config and running configStartup sequence Operation area DRAMBoot program At a restart with the reload commandCommand prompt display Self − diagnosisCHAPTER 3 BASICOPERATIONS AND VARIOUS EXPLANATIONS At a restart with the restart commandNWA-008869-001 Rev.1.0 THIS PAGE LEFT BLANK INTENTIONALLYatch3001.fm CHAPTER 4 INITIALIZATION CHAPTER INITIALIZATIONINITIALIZATION PROCEDURE TURNING ON THE POWER REGISTERING USERS AND SETTING PASSWORDS Checking SettingChecking SETTING THE DATE AND TIMESetting Setting and checking SETTING DEVICE NAMESSaving SAVING RUNNING CONFIGRestarting with a command RESTARTING THE IN-SKIN ROUTER WITH A COMMAND AND LOGGING INTURNING OFF THE POWER TO TERMINATE THE IN-SKIN ROUTER TURNING OFF THE POWER TO TERMINATE THE IN-SKIN ROUTERCHAPTER 4 INITIALIZATION NWA-008869-001 Rev.1.0Setup method SETTING UP THE LAN PORTS FOR SUITABLE COMMUNI- CATION MODESSetting the communication rate Setting the communication directionChecking of the settings Setting in the In-Skin RouterCommunication rate and direction assumed if both the rate and direction of the oppositeSetting up the 10BASE-T port Setting line attributes for a T1 Line SETTING UP THE WAN PRIVATE LINE T1Checking the status of interface Saving setting dataSetting line attributes for an E1 Line SETTING UP THE WAN PRIVATE LINE E1Checking the status of interface Saving setting dataRemote Console SETUP FOR A REMOTE CONSOLEand “ROUTING SETUP EXAMPLES IPv6” Page 120 in Chapter Setting the IP address Setting an IP address and validating the interfaceChecking the IP address Checking the settingsValidating the interface Checking that the interface is validated ERS AND SETTING PASSWORDS” Page 94 in this chapterStarting up the telnet server Checking Checking the communication stateStartup Page Saving setting data CHAPTER 5 EXAMPLES OF SETUP ON NETWORKS CHAPTER EXAMPLES OF SETUP ON NETWORKSRouting Setup Examples IPv4 ROUTING SETUP EXAMPLES IPv4Checking Setting a static routeSetting Setting Setting RIP and RIPv2Starting RIP Router config # show ip route Enter IP Routing Table − 3 entry Checking the routing tableChecking the communication state CheckingRouting Setup Example IPv6 ROUTING SETUP EXAMPLES IPv6Setting a static route Enabling automatic address settingSetting SettingUse the show ipv6 route command to check the settings Setting RIPngSetting The following explains an example of setting RIPngChecking the communication state Starting RIPngChecking the routing table CheckingPPPoE Setup Example PPPoE SETUP EXAMPLESetting PPPoE Setup procedureSetting the route Setting the terminal-side networkShutting down a PPPoE connection Setting the DNS serverDIGITAL PRIVATE LINE NETWORK EXAMPLE T1 DIGITAL PRIVATE LINE NETWORK EXAMPLE T1Assigning an IP address to the serial interface and setting PPP Setting the digital private line T1T1”. Page Setup procedureSetting the route Setting DTI cardSetting for router B DIGITAL PRIVATE LINE NETWORK EXAMPLE E1 DIGITAL PRIVATE LINE NETWORK EXAMPLE E1E1”. Page Setting the digital private line E1Setup procedure Assigning an IP address to the serial interface and setting PPPCHAPTER 5 EXAMPLES OF SETUP ON NETWORKS Setting for router ASetting for router B NOTE The time slot number of both PN-RTA card side PZ-M650 card and PN-30DTC-C card side have to be the same. Therefore, in the office data programming for Direct Digital Interface, as- sign the same time slot number as PN-RTA card side by using CM07 Y=01 Setting the routeSetting DTI card NWA-008869-001 Rev.1.0 THIS PAGE LEFT BLANK INTENTIONALLYatch5001.fm CHAPTER 6 MANAGEMENT AND MAINTENANCE CHAPTER MANAGEMENT AND MAINTENANCEdress and validating the interface” Page 109 in Chapter TFTP SETUP FOR FILE MANAGEMENTSaving with the write memory command CONFIG MANAGEMENTConfig management with text files Upgrading the Program UPGRADING THE PROGRAMPreparations Upgrading procedureSetting up network boot and saving the settings Downloading the new program file from the TFTP server Deleting the current program fileChecking that the downloaded file is normal Deleting network boot settings and saving the new settingsRestarting the router Types of traps to be sent MANAGEMENT WITH SNMPSetup procedure Community nameSpecifying a trap source interface Setting a community name and an access typeSetting the IP address of the trap destination Checking the settings Setting the type of trap to be sentSaving the settings Starting an SNMP agentSETTING UP EVENT INFORMATION COLLECTION Displaying event information on a console Setup for displayStarting the display of event information Stopping the display of event informationRouter config # syslog host 192.168.47.100 Enter Router config # Transferring event information to a syslog serverChanging the telnet port number Permitting only a specific host to gain access with telnetTELNET SECURITY Restarting with the reload command Restarting by turning the power switch OFF and back ONRestarting procedure RESTARTING THE IN-SKIN ROUTER DURING OPERATIONRestarting procedure Restarting with the restart commandCHAPTER 6 MANAGEMENT AND MAINTENANCE OmittedProcedure for performing a super reset SUPER RESET2 Turning OFF the power switch 3 Setting the Piano key switch5 Turning OFF the power switch 4 Turning ON the power switch to start the deviceTurn OFF the power switch PWRSW to stop the In-Skin Router CHAPTER 6 MANAGEMENT AND MAINTENANCE7 Turning ON the power switch to start the device 6 Setting bit 4 of the Piano key switch to OFFCHAPTER 7 TROUBLESHOOTING CHAPTER TROUBLESHOOTING2 The power to the In-Skin Router has been turned ON IF THE LOCAL CONSOLE CANNOT BE USEDCHAPTER 7 TROUBLESHOOTING Check the followingIF A REMOTE CONSOLE CANNOT BE USED IF A REMOTE CONSOLE CANNOT BE USEDIf communication with a specific network is impossible IF COMMUNICATION IS IMPOSSIBLEIf communication is sometimes possible and sometimes impossible If no communication is possibleIf the boot monitor mode screen is displayed If the ALARM lamp on the PN-RTA card is litIF THE IN-SKIN ROUTER DOES NOT START If none of the lamps on the PN-RTA card is litRecovery procedure Omitted CHAPTER 7 TROUBLESHOOTINGUse either the LAN1 port or LAN2 port of the PN-RTA card Fault information display COLLECTING FAULT INFORMATIONIf you want to erase all settings of config IF YOU WANT TO ERASE CONFIGIF SELF-DIAGNOSIS DOSE NOT TERMINATES NORMALLY IF SELF-DIAGNOSIS DOES NOT TERMINATES NORMALLYNWA-008869-001 Rev.1.0 APPENDIX SPECIFICATIONSAPPENDIX SPECIFICATIONS SPECIFICATIONS SPECIFICATIONSSPECIFICATIONS NWA-008869-001 Rev.1.0 THIS PAGE LEFT BLANK INTENTIONALLY