Manuals / RAD Data comm / Computer Equipment / Network Router

RAD Data comm Modular Access Device with Integrated Router Blocking, Forwarding, Multiple Filters

Models: E1/T1 Modular Access Device with Integrated Router

1 224

Download 224 pages 548 b

Page 173

FCD-IPMInstallation and Operation Manual	Chapter 5 Setup Menu

Link

LAN to Link Filter

Traffic is Regulated

FCD-IPM

Traffic is Regulated

Link to LAN Filter

Figure 5-87. Action of an Advanced Filter

There are two modes through which filtering can be implemented: blocking and forwarding.

Blocking

The block command causes FCD-IPM to test every packet of data that is sent to or from the LAN. If the packet passes the test, passage is denied.

Example:

You want to ensure that IP/UDP packets do not go on to the link in the direction of the Internet/Intranet. Thus, you design a filter, which tests each packet to see if it is an IP/UDP packet. If the packet tests positive, it is automatically blocked.

Forwarding

The forward command works in the same way as the block command. However, with forwarding, if the packet passes the test, the packet is allowed to pass to or from the LAN.

Example:

To allow a certain user on the Small Office LAN to access the Internet for FTP purposes, create a filter to test each packet for the IP host address of the specified user and the FTP socket of the packet. If the packet passes the test, the packet is forwarded to the Internet/Intranet.

Multiple Filters

Up to 18 filters can be defined. If there are 2 filters that have contradictory operations, forwarding takes precedence over blocking.

Example:

You want to allow only one particular user on the Small Office LAN to access the Internet for FTP purposes. To insure that no one else is able to access the Internet, create a blocking filter for all traffic going to the link. To do this, from the Blocking and Forwarding menu enter Block all traffic for Link1. In addition, create a filter to test each packet for the IP host address of the specified user and the FTP socket of the packet. Since forwarding takes precedence over blocking, that user's frames are forwarded.

WAN Economy Menu

5-83

Image 173

RAD Data comm Modular Access Device with Integrated Router, E1/T1 operation manual Blocking, Forwarding, Multiple Filters

Contents

FCD-IPM Page International Headquarters RAD Data Communications Inc FCD-IPM Limited Warranty Please observe the following precautions General Safety Instructions Connection of DC Mains General Safety PracticesConnection of AC Mains Connection of Data and Telecommunications Cables Ports Safety Status Electromagnetic Compatibility EMC Measures ConventionsPage To install FCD-IPM Installing and Operating FCD-IPM Quick Start Guide Contents View Menu ConfigurationSetup Menu Troubleshooting and Diagnostics Firewall Rules Menu FCD-IPM Main MenuView Menu Outline Routing Tables Menu Bridge Table Interface Routing Bridging Mode Menu WAN Economy Menu Outline 41. T1 Setup Menu56. E1 Setup Menu Interval Parameters Link Settings Device Security Identity Versions Overview E1/T1 over fiber optic links with interfaces Applications Backup Features Functional Description Physical Description FCD-IPM Functional Block Diagram Main Link and Sublink Characteristics System Timing Considerations IO Data Channel InterfacesE1 over Shdsl AWG line Integrated Router Time Slot HandlingBridging IP Router Management Protocols Management Using Dedicated Time Slot DTS Zero Suppression Compliance ITU G.703, G.704, G.706, G.732 DiagnosticsUnbalanced interface Two BNC coaxial Framing Options Impedance 135Ω Connector RJ-45 Protection ITU K.21, UL1950 Type Wire unconditioned dedicated line Line CodingFor direct connection to a 2-wire telephone Range Types WAN ProtocolsRouting Power indicator green Interface Options Nm LED Nm laser diode ConnectorsLink error red RED alarm red T1 only General Power consumption 12WRM-34 for 19-inch Rack Supply voltage Introduction Technical Specifications Site Requirements & Prerequisites Enable free airflow Equipment Needed Package ContentsInstallation and Setup Location of Internal BAL/UNBAL Jumpers Fuses IO Data Channel Connections Interfaces and ConnectionsE1/T1 Link Connections AC Power Connection Connecting the PowerDC Power Connection Control Port Connection Installation and Setup Introduction IndicatorsFront Panel Indicators Object Description Function Front Panel Indicator Functions Operating Instructions Rear Panel IndicatorsTurning On Normal Indications Operation Fault Indications Connecting to the Ascii TerminalConnecting the Terminal Emulator Turning Off To setup the terminal Password ProtectionTo initiate the login message Press Enter several times Main Menu has the following options Chapter Configuration To access the Quick Setup Menu Quick Setup MenuMain Menu To choose an option from the Main Menu To configure the setup parameters Quick Setup ParametersTo view the options To enter new information Parameters Type Options Quick Setup Parameters Quick Setup Quick Setup Menu ExamplesQuick Setup for T1 PPP, IP 3shows the Quick Setup menu for E1 Quick Setup for E1 PPP, IP + Isdn Backup, 128K, PPP, IP WAN Parameters WAN SettingsSet this parameter for the WAN configuration RFC-1490 Default PPPPPP LAN Parameters LAN SettingsSet the parameters in this section for each LAN connection Setting up the IP Mask Frame Relay Settings Isdn SettingsIsdn Settings Dlci Number Security Settings Async SettingsTwo settings that must be made V.24 Async Settings Security Setup options are described below Security Setup MenuTo access the Security Setup Menu Enabling Telnet Access Device Access RestrictionEnabling Snmp Access Changing Login Password To set a Monitor Supervisor Password Supervisor AccessFrom the Main menu, select option 2, Security Setup Firewall Option Select interface LAN Select direction outbound To define the Solid Firewall rulesFirewall Configuring Firewalls Firewall Rules IP Address Translation NAT Transparent PAT Port Address Translation IP Address Translation NAT Settings Setup Menu Advanced Setup MenuTo access the Advanced Menu Main Menu, press Advanced Menu appears refer to Figure Options in the Device Control menu are described below To access the Device Control menuDevice Control Menu Select this option to download a new software version Software Download Select option 1 from the Software Download menu Download from Tftp ServerTo download a new software version via Tftp server To upload device parameters Xmodem via Control Port Boot ManagerUpload Device Parameters to Tftp Server Download Device Parameters from Tftp Server Reset OptionsTerminal Type To download device parameters View Menu To access the View Menu 24. View Menu Configuration O1 FXS O2 FXS SHDSL+SUB Routing Tables Interface ConnectionsSelect this option to display different routing tables Options in the Routing Tables menu are described below IP Interfaces BridgeIP Routing Details the routing interfaces information Select this option to display information on IPX routing IPX RoutingIPX NET IPX Node Type Hops Ticks Ageing Interface NET RIP IPX Services Ospf Related Information IP Address Pool Dhcp F7FD IP Address Prio StateArea ID Type LS-ID Orig RTR SEQ NUM AGE Cksum Statistics To access the Shdsl Status screenShdsl Status and Statistics Displaying the Shdsl Status Shdsl Status Screen Parameters Data mode Shdsl Statistics Parameters Displaying the Shdsl StatisticsTo display statistics for specific intervals Display Description To refresh or clear statistics E1/T1 DiagnosticsT1 Diagnostics 10. Interval Parameters Interval Parameters Select this option to display the E1/T1 Alarms Log file E1/T1 Alarms Log FileE1/T1 Alarms Interface Type Status Days Hours MIN SEC To access the Diagnostic Tools menu Diagnostic Tools Menu 49. Ping Terminal Screen To ping another host Options in the Setup menu are described below To access the Setup menuAdvanced Menu, press Setup menu appears refer to Figure Host Parameters To access the Host Parameters menuHost Parameters Menu Options in the Host Parameters menu are described below Device IDTftp Radius Device ID Current NEW IP HostDevice ID Parameters IP Host Parameters Snmp Manager Table Default Gateway Tftp Parameters Tftp Trivial File Transfer Protocol 11. Radius Menu Radius Authentication and Billing Radius Menu Parameters Setup menu, press Routing/Bridging menu appears To access the Routing/Bridging menuRouting/Bridging Menu Select this option to enter FCD-IPM routing information PPP Interface Routing/Bridging ModeOptions in the Routing/Bridging menu are described below Slip Cslip Interface Routing/Bridging Mode Menu Parameters PPP Settings PPP SettingsThis option is only available for PPP link protocol BOD Does not remove static entries from the routing tables Static Stations and NetsCan be defined in 4 ways see Table Static Stations and Nets 16. Router 2 set to Next Hop in FCD-IPM Interface Address IP Routings Settings Routing Protocol IP Address Pool Setting DhcpMaximum Transmit Unit Dhcp Relay IP Address Pool FCD-IPM supports all these mechanisms simultaneouslySelect this option to define IP address information Dhcp 10. IP Address Pool Settings PC Remote Access FCD-IPM Ospf SettingsNothing Static Only RIP Only Static & RIP Link 1/CH2 Interfaces Area IDLink 1/CH1 Ospf Summaries Setup 12. Ospf Areas SetupNormal Stub IPX router IPX Routing Settings13. IPX Routing Settings LAN RIP/SAP RIP/SAP Mode 29. Station Aging Menu Station Ageing Interface Parameters Menu To access the Interface Parameters menuSetup menu, press Interface Parameters menu appears 31. Interface Parameters Link Settings Menu ON, Ignore 14. Link SettingsAnswer & Originate Even Shdsl SettingsOdd Shdsl Parameters To configure the Shdsl parameters15. Shdsl Parameters STU-C 16. Shdsl Loops To access the Shdsl Loops menuShdsl Loops Loopback E1/T1 Settings 38. FCD-IPM with an E1/T1 Interface E1 Features T1 Features 17. T1 Setup Parameters T1 Setup MenuO1 SUB T1 O2 SUB T1 FIX SUB T1 Time Slots Mapping TS1 Data LINK1 T1 Time Slots Mapping LinkTS2 Data LINK1 TS3 Loopback DisabledLoopback options are 45. Remote Analog Loopback for T1 and Sub T1 Links 49. Local Analog Loopback for T1 and Sub T1 Links 48. Local Analog Loopback ESF T1 Link ParametersB7ZS B8ZS Additional Cards Parameters T1 Parameters Link1 Parameters Fix Voice O1Voice O2 Voice VoiceFCD-IPM has optional voice capabilities Voice Parameters Bit FXO Voice Interface 52. FXO Voice Interface Ring Detection to T1 On Voice Interface This parameter is set toThis parameter specifies the interface type Type Time Slots for Voice Ports Typical screen is shown in Figure Management Host IP Address Management Time Slot NumberSelect this parameter to set a unique IP address AIS This section describes the parameters in the E1 Setup menu E1 Setup Menu19. E1 Setup Parameters O1 SUB E1 Time Slots Mapping TS3 FIX SUB-DATA TS2 FIX SUB-VOICETS4 O1 Voice TS5 O1 Voice 59. Remote Analog Loopback 60. Remote Analog Loopback for E1 and Sub E1 Links E1 Link Parameters Select this option to configure the parameters that follow Ccitt 20. E1 Link1 Parameters Law coding for E1 links TX/RX GainsCoding Law On/off hook to the E1 on Default Abcd to the E1On/off hook from the E1 on Law coding for E1 links On/off hook from the E1 on 65. FXO Voice Interface Ring Detection to E1 on Signaling FeedbackOut of Service Method Interface Type RX/TX Gains Refer to Table Typical screen is shown in Figure Law Coding for E1 links Signal from the E1 on 67. E1 Time Slots Mapping Link1 Screen Alarms Filter Management Host IP Address Isdn Settings MenuManagement Time Slot Number 21. Dialing Mode Parameters Isdn has the following features22. Answering Mode Parameters To activate the Isdn line Choose the Isdn protocol 70. Dialback Phone Number 23. Local Number for Dialback Link Dlci State CIR Excess Throughput Frame Relay Dlci Settings 73. Frame Relay Options in the Advanced Menu Implementing Frame Relay Enquiry frames in a sliding monitored events window 24. Frame Relay Link Parameters 74. Polling Intervals Dlci Frame Relay Dlci Parameters25. Frame Relay Dlci Parameters Select this option to perform security operations Access Control Security MenuTo access the Access Control menu 79. External Access Security Menu 78. Access Control Menu Radius 26. External Access Security Parameters FCD IPM Device Security Identity PPP only Security Host/Guest PPP only Login Script SetupLink Host Current Script for Link 28. Command Codes Command CodeCommand codes are described in Table Code to wait/send Control Sequence Argument29. Example of Argument WAN Economy Menu To access the WAN Economy menu Options in the WAN Economy menu are described below Filters 86. Action of a Quick Filter Multiple Filters BlockingForwarding Quick Filters Factory default Block Propagation To configure the broadcast controlToggle between Block and Forward No Filters Choose Advanced Filter Advanced FiltersAdd Filters Menu Advanced Filter Parameters 31. Advanced Filter Parameters 30. Add Filters Menu TermsTrue-False Menus NET MACFTP WWW UTP Saving Filter ParametersTCP Icmp 91. Connection On Demand Menu Connection on Demand 32. Connection On Demand Parameters You need to configure Start Connection Terminate Connection Example Following examples demonstrate how COD can be used 93. Any Frame Starts a Connection 94. Limiting Access to a Specific PC 95. Manual Connection Spoofing 33. IP/IPX Spoofing Parameters Enabled Enabled COD Factory Default Options Factory Default OptionsTo access the Factory Default menu Setup Menu Factory Default Options E1/T1 and Voice Troubleshooting General TroubleshootingGeneral Troubleshooting E1, T1 and Voice Troubleshooting Router Connections Troubleshooting Router Connections TroubleshootingIP Connection to WAN Troubleshooting IP connection to LAN is Down Troubleshooting and Diagnostics Troubleshooting and Diagnostics Table A-1. Interface Signal List Female Connectors Interface Signal List Female Connectors DTE DTR RS-530 21 / 15-pin RS-530 RS-449/V.36 37-pin Pin Designation Direction Function E1/T1 ConnectorsE1 over Shdsl Line Connector Control cable connection pinout is provided in Table A-3 Control Cable ConnectorTable A-3. Control Cable RJ-45 to DB-9 Connection DCE RJ-45 DB-9 Isdn connector pinout is provided in Table A-4 Isdn ConnectorTable A-5. Fiber Optic Interface Specifications Fiber Optic Interface FXO/FXS Connector E&M ConnectorTable A-6 RJ-45 E&M Connector Wiring Table A-7 Access via Software Download Menu Accessing Boot ManagerTo access Boot manager via Software Download menu Preface Rescue Boot Manager Menu Partitions Status Load New SoftwareStep Immediately after the change Reactivate Backup Partition Run Backup PartitionErase Configuration Duplicate Active Partition Immediately after performing the change Set Baud Rate Appendix B Boot Manager Boot Manager Menu Snmp Principles Snmp EnvironmentSnmp Operations This section describes the Snmp environment MIB Structure Management Information Base Snmp Communities Management Domains Under SnmpMIBs Supported by the FCD-IPM Snmp Agent Authentication Community Configuration Snmp ConfigurationTrap Configuration Indexing Convention Supported Traps Snmp Traps Appendix D Glossary Appendix D Glossary Appendix D Glossary Appendix D Glossary DC Power Supply Connection Terminal Block Connector TB Plug with Captive Screws optional DC Power Supply Wire Voltage Polarity Manual as a whole What did you like about the manual? Manual Name FCD-IPM Publication Number 702-200-08/03Excellent Good Fair Poor Very Poor Page Missing information Difficulty in finding needed informationIllogical flow of information Style spelling, grammar, references, etcPage Page Headquarters International Headquarters