Avocent Cyclades-PR4000 - Manual

Cyclades-PR4000 10 Chapter 1 - How To Use This Manual Text Conventions Common text conventions are used. A summary is presented below: Convention Description CONFIG=>INTERFACE=>L A combination of menu items, with the last being either a menu item, aparameter, or a command. In this example, L l...

Cyclades-PR4000 11 Chapter 1 - How to Use This Manual Cyclades Technical Support and Contact Information All Cyclades products include limited free technical support, software upgrades and manual updates. These updates and the latest product information are available at: http://www.cyclades.comftp:/...

Cyclades-PR4000 12 Chapter 1 - How to Use This Manual The mailing address and general phone numbers for Cyclades Corporation are: Cyclades Corporation Phone: + 01 (510) 770-9727Fax: + 01 (510) 770-0355 41829 Albrae StreetFremont, CA 94538USA

Chapter 2 - What is in the Box 13 Cyclades-PR4000 CHAPTER 2 WHAT IS IN THE BOX The following are included with the PR4000: • PR4000 Main Unit • Quick Installation Manual and Documentation CD • Power Cord • Mounting Kit with Handles • Console Cable Expansion Slot Port 1 T1/E1 Console Port 10 BaseT 10...

Cyclades-PR4000 Chapter 2 - What is in the Box 14 SWAN Expansion Card The PR4000 is often sold with a SWAN card in the expansion slot. The SWAN can be connected to a modem orDSU/CSU as shown in Figure 2.3. Cables are not included with the product. or Straight Cable DB-25 Male V.35 Cable Set DB-25 Fe...

Cyclades-PR4000 Chapter 3 - Using CyROS Menus 18 Chapter 3 Using CyROS Menus This chapter explains CyROS menu navigation and special keys. There are four ways to interact with CyROS: • Traditional menu interface using a console or Telnet session,• CyROS Management Utility based on interactive HTML p...

Chapter 3 - Using CyROS Menus 19 Cyclades-PR4000 [PR4000] login : super[PR4000] Password : **** Cyclades Router (Router Name) – Main Menu 1 – Config 2 – Applications 3 – Logout 4 – Debug 5 – Info 6 – Admin Select Option ==> FIGURE 3.1 LOGIN PROMPT AND MAIN MENU All menus have the following elemen...

Cyclades-PR4000 Chapter 3 - Using CyROS Menus 20 Pressing <Enter> without typing a new value leaves the item unchanged. Special Keys <Enter> or <Ctrl+M> These keys are used to end the input of a value. <ESC> or <Ctrl+I> These keys are used to cancel a selection or retur...

Chapter 3 - Using CyROS Menus 21 Cyclades-PR4000 menu interface is the same as that described earlier in this section. Using Telnet instead of a console for the initialEthernet configuration is discussed in Appendix C of the Installation Manual. The CyROS Management Utility After one of the interfac...

Cyclades-PR4000 Chapter 3 - Using CyROS Menus 22 CyROS Management Utility Global Remote Access Table Port Status Seq# 1 2 3 4 5 6 7 8 Slot #2 Port#1 Slot #2 Port#3 Slot #2 Port#6 Slot #2 Port#7 Slot #2 Port#10 Slot #2 Port#11 Slot #2 Port#15 Slot #2 Port#17 Slot #2 Port# User Name Arlt Marquez Nerud...

Chapter 3 - Using CyROS Menus 23 Cyclades-PR4000 Clicking on one of the links in the Global RAS Table will provide more detailed information about the connectionand the user. An example is shown in Figure 3.4. The user can be disconnected with the hangup button and theinterface can be temporarily di...

Cyclades-PR4000 Chapter 3 - Using CyROS Menus 24 Returning to the CyROS Management Utility Home Page, clicking on a T1 or E1 port on the figure will display thechannel details. There is a toggle button in the upper-right-hand corner which toggles between name and speed.When set to name, as shown in ...

Chapter 3 - Using CyROS Menus 25 Cyclades-PR4000 Operating the Front-Panel Display The Cyclades logo appears on the front-panel display (shown in Figure 3.6) after a sucessful boot. LCD Cyclades - PR4000 Port 2 Port 1 WAN Connection Ethernet 2 10Base-T/ 100Base-T Ethernet 1 10Base-T LAN Connection 1...

Cyclades-PR4000 Chapter 3 - Using CyROS Menus 26 Modem Overview The status of each connection can be displayed by modem or by interface. Modem OrderThis menu item presents a screen with one box for each modem. Each row corresponds to a Modem board.When 64 modems are present, the screen will appear a...

Chapter 3 - Using CyROS Menus 27 Cyclades-PR4000 Slot/Link OrderThis menu item presents a screen with one box per T1/E1 channel. Figure 3.8 shows two lines with 30 channelseach. The box on the upper left is the first channel, the upper right is the eighth channel, and so forth for as manychannels as...

Cyclades-PR4000 Chapter 3 - Using CyROS Menus 28 Interface Overview This screen presents the status of each E1/T1 interface and indicates which modem has been allocated to eachchannel. The ordering of the channels is the same as for the previous screen 01 AD Not Configured Not Connected Connected (P...

Chapter 3 - Using CyROS Menus 29 Cyclades-PR4000 IP Traffic After choosing the interface desired, a bar graph showing bytes per second or packets per second is displayed. Itis a snapshot of the last 10 minutes of IP traffic through the interface (TX for transmitted and RX for received), witha refres...

Cyclades-PR4000 Chapter 4 - Step-By-Step Instructions for Common Applications 30 CHAPTER 4 STEP-BY-STEP INSTRUCTIONS FOR COMMON APPLICATIONS This chapter provides detailed examples that can be used as models for similar applications. Turn to the examplethat is closest to your application, read the e...

Cyclades-PR4000 Chapter 4 - Step-By-Step Instructions for Common Applications 31 T1/E1 Remote IP Address Assigned on Connection PC Radius Server PC Network Terminator IP Address: 100.130.130.200 _ _ _ _ _ _ _ _ _ _ Key: Pinocchio _ _ _ _ _ _ _ LAN ISDN-BRI Line IP Address: 100.130.130.1 _ _ _ _ _ _ ...

Cyclades-PR4000 Chapter 4 - Step-By-Step Instructions for Common Applications 32 STEP ONEThe first step is to determine the parameters needed to configure the Fast Ethernet interface (ETH0). The parametersin the Network Protocol Menu (IP) are shown in Figure 4.2. Fill in the blanks for your applicat...

Cyclades-PR4000 Chapter 4 - Step-By-Step Instructions for Common Applications 35 STEP FOURThe RAS Wizard can be used to set up a PPP Remote Access Server using modems or DSU/CSUs and dial-uplines. The wizard can be used for one port or a range of ports. If the Wizard is used for a range or all ports...

Cyclades-PR4000 37 Chapter 4 - Step-by-Step Instructions Example 2 Connection to an Internet Access Provider via Modem This section will guide you through a complete router installation for the connection of a LAN to an Internet accessprovider via PPP. The configuration of NAT (Network Address Trans...

Cyclades-PR4000 38 Chapter 4 - Step-by-Step Instructions STEP ONEThe first step is to determine the parameters needed to configure the Ethernet interface (ETH0). The parametersin the Network Protocol Menu (IP) are shown in Figure 4.7. Fill in the blanks for your application in the right-mostcolumn. ...

Cyclades-PR4000 41 Chapter 4 - Step-by-Step Instructions STEP FOURThe Encapsulation parameters for PPP are less straight-forward. Many of them are based on decisions thatcannot be shown in a diagram. Fortunately, the choices made here will mostly affect the performance of the link,rather than whethe...

Cyclades-PR4000 42 Chapter 4 - Step-by-Step Instructions STEP FIVEA static route must be added to tell the router that all traffic not intended for the local LAN should be sent to theAccess Provider. Chapter 12 of the Installation Guide explains static routes and other routing methods availablein Cy...

Chapter 5 - Configuration of the Ethernet Interface 45 Cyclades-PR4000 CHAPTER 5 CONFIGURATION OF THE ETHERNET INTERFACE The PR4000 has one Ethernet 10/100Base-T interface, provided in a standard RJ-45 modular jack, which shouldbe connected to an Ethernet hub or switch. Use a standard 10/100Base-T s...

Chapter 5 - Configuration of the Ethernet Interface 47 Cyclades-PR4000 IP Bridge An IP Bridge is used to divide a network without subnetting. Whenever a subnetwork is created, two IP numbersare lost — one describing the network and the other reserved for broadcast. This does not occur with an IPBrid...

Cyclades-PR4000 Chapter 5 - Configuration of the Ethernet Interface 48 In Figure 5.1, an example of the use of an IP Bridge is given. From the available IP addresses, the range200.240.240.4 to 200.240.240.8 is bridged to another physical location. The following parameters apply only forIP Bridge. Ne...

Chapter 6 - Configuration of the SWAN Interface 49 Cyclades-PR4000 CHAPTER 6 THE SWAN INTERFACE This chapter describes how to configure a SWAN interface. The physical link should be set up as shown inchapter 2, according to the type of modem or device at the other end of the connection and the type ...

Chapter 6 - Configuration of the SWAN Interface 50 Cyclades-PR4000 STEP TWOThe second step is to choose a data-link protocol in the Encapsulation menu. There are many encapsulationoptions on this interface. For synchronous communication: • Frame Relay: the Frame Relay Protocol is based on frame swit...

Cyclades-PR4000 Chapter 7 - The E1 and T1 Interfaces, Without Signaling 52 CHAPTER 7 THE E1 AND T1 INTERFACES, WITHOUT SIGNALING The menus relating to configuration of the E1 and T1 interfaces without signaling are given in this chapter. T1 isa standard used in the United States, Canada, and Japan. ...

Cyclades-PR4000 Chapter 7 - The E1 and T1 Interfaces, Without Signaling 55 Encapsulation Network Protocol [menu shown in a later figure]Routing Protocol [menu shown in a later figure] Traffic Control Authentication Keep Alive Interval BandwidthIP Traffic Control List Frame Relay [menu shown in a lat...

Cyclades-PR4000 Chapter 7 - The E1 and T1 Interfaces, Without Signaling 56 For channelized T1/E1: • PPP and HDLC. The Encapsulation options are described in chapter 10. STEP FOURThe Network Protocol Menu parameters must be set next. A description of these parameters appears in chapter9. The remainin...

57 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 CHAPTER 8 THE E1 AND T1 INTERFACES, WITH SIGNALING Two varieties of signaling are available. The older mode, called CAS, and the newer mode, called CCS (which isused for ISDN-PRI). The first step in the configuration process is ...

59 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 The CCS Signaling Mode (ISDN-PRI) ISDN, the Integrated Services Digital Network, was intended to be a digital upgrade to the current analog telephonesystem. The ISDN discussed in this chapter is N-ISDN, where the N is for Narrow...

60 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 After the channel groups are defined, the ISDN line and channels must be configured. The ISDN-PRI InterfaceConfiguration Menu tree is shown in Figure 8.3. T1/E1 (ISDN-PRI) Main PhoneIdle TimeoutT200N200T203 Add Entry Delete Entr...

61 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 The general ISDN options are explained first. ISDN General Menu CONFIG=>INTERFACE=>T1/E1(ISDN-PRI)=>ISDN Parameter Description Main Phone # Principal phone number assigned to the ISDN trunk line. Leave this parameter bl...

62 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 The CAS Signaling Mode A typical application that uses CAS Signaling is shown in Figure 8.4. PC PC Integrated RAS Remote Users Analog Line Analog Line CAS Line Application Server Router Telephone Network FIGURE 8.4 CAS APPLICATI...

63 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 EncapsulationNetwork ProtocolRouting ProtocolSignalingTraffic Control BandwidthIP Traffic Control List Config Interface E1/T1 (CAS) One Channel Same Parameters as One Channel Same Parameters as One Channel Wizards Authentication...

64 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 Channel Menu CONFIG=>INTERFACE=>T1/E1=> <CHANNEL> Menu Option Description Encapsulation Determines the data-link layer protocol to be used for this communication link. Network Protocol Provides menus for the IP an...

65 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 ISDN Modem Server LAN PR4000 MC PPP End Point Discriminator 11:22:33:44:55:66MC PPP IP Address (Ethernet IP Address): 200.200.200.1 MC PPP End Point Discriminator 11:22:33:44:55:66MC PPP IP Address (Ethernet IP Address): 200.200...

67 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 Multilink PPP (MLPPP) is similar in functionality to the Multichassis feature. The primary difference is that allphysical links reside in the same RAS/Router. It is similar to the CyROS Multilink capability described in section4...

71 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 T1/E1 <Channel> TS Profile RAS Profile LAN-to-LAN Profile Copy From Channel UsernamePhone #Digital Modem Profile ID Remote IP AddressPhone #Digital Modem Profile ID Primary IP AddressSubnet MaskSecondary IP AddressSubnet M...

72 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 Wizards Menu CONFIG =>INTERFACE =>T1/E1 => <CHANNEL> =>WIZARDS Menu Items Description TS Profile Used to create a local host Terminal Server. For CCS, the only parameter is theUsername. For CAS, the parameters ...

73 Chapter 8 - The E1 and T1 Interfaces, With Signaling Cyclades-PR4000 The parameters automatically configured by the RAS wizard are shown in Figure 8.12. EncapsulationIP ProtocolInterfacePrimary IP AddressSubnet MaskRemote IP Address TypeRemote IP AddressIP MTUNAT - Address ScopeICMP PortIncoming ...

Chapter 9 Network Protocols 75 Cyclades-PR4000 CHAPTER 9 NETWORK PROTOCOLS The second step in most interface configurations is to choose which network protocol to use and assign values tothe relevant parameters. At least one of IP, Transparent Bridge, or IPX (optional, and discussed in chapter 15)mu...

Cyclades-PR4000 Chapter 9 Network Protocols 76 The IP Protocol If the preset values provided by the operating system are accepted, the interface will work at a basic level. Themost common options are explained in the following table. Network Protocol (IP) Menu CONFIG=>INTERFACE=><LINK>=&...

Cyclades-PR4000 Chapter 9 Network Protocols 78 The Transparent Bridge Protocol The Transparent Bridge Protocol can be used in conjunction with either IP or IPX. A detailed explanation of its useappears in section 4.6 of the CyROS Reference Guide. Transparent Bridge Menu CONFIG=>INTERFACE=>SWAN...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 79 CHAPTER 10 DATA-LINK PROTOCOLS (ENCAPSULATION) Each encapsulation option is presented in a separate section in this chapter. Not all data-link protocols areavailable for all interfaces. PPP (The Point-to-Point Protocol) PPP is the o...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 80 PPP Menu (Continued) Parameter Description Disable LCP EchoRequests LCP (Link Control Protocol) messages are normally exchanged to monitor the statusof the link. Disabling these messages reduces traffic, but the link then has no way...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 81 CHAR The configuration of the CHAR data-link protocol is confined to one menu, CONFIG =>INTERFACE =><LINK>=>ENCAPSULATION =>CHAR. Information about all the parameters appearing in this menu is provided in thetable ...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 82 PPPCHAR The configuration of the PPPCHAR protocol is contained in the menu CONFIG =>INTERFACE =><LINK>=>ENCAPSULATION =>PPPCHAR. The parameters for PPPCHAR are a combination of those for PPP andCHAR. See the tables...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 83 STEP ONEThe first step is to set the general Frame Relay parameters, those applying to all DLCs. This is done in the FrameRelay Menu. The parameters are shown in the table below. Most of these depend on the standards used by theFram...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 84 STEP TWOAfter configuring the general parameters, each DLC must be defined. An example will be used to demonstrate theprocedure.A public Frame Relay network connecting offices in São Paulo, Rio de Janeiro, Salvador, and Recife is sh...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 85 Rio de JaneiroNetwork: 192.168.201.0 RecifeNetwork: 192.168.202.0 São PauloNetwork: 192.168.200.0 SalvadorNetwork: 192.168.203.0 Router Router Router Router 200.1.1.1 200.1.1.4 200.1.1.3 200.1.1.2 11 81 21 FIGURE 8.1 PERMANENT VIRTU...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 86 Add DLCI Menu CONFIG=>INTERFACE =><LINK> =>ENCAPS =>FRAME RELAY => <ESC> =>ADD DLCI Parameter Description DLCI Number Used to identify the DLC. This number is supplied by the Public Frame Relaynetwork p...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 89 X.25 Menu (Continued) Parameter Description Layer 3 Window Size The layer 3 (packet) level window represents the number of sequentiallynumbered packets that can be sent before an acknowledgement must bereceived. This number may be n...

Chapter 10 - Data-Link Protocols (Encapsulation) Cyclades-PR4000 90 STEP TWOThe next step is to create a static routing table associating each remote X.121 address with an IP address or aTCP Socket location. This is done in the Add DTE menu, which appears at the end of the X.25 parameter list. Itcan...

Cyclades-PR4000 Chapter 11 - Routing Protocols 91 CHAPTER 11 ROUTING PROTOCOLS Routing Strategies Routing can be done either statically or dynamically. Static Routing Static routing is recommended when the network contains a small number of routers and other equipment. Whena system is simple and wit...

Cyclades-PR4000 Chapter 11 - Routing Protocols 92 Static Routes Routers used in very small or simple networks may use static routes as the primary routing method. When RIP orOSPF are used, some static routes may still be needed. Configuration of static routes will be explained using twoexamples. 10....

Cyclades-PR4000 Chapter 11 - Routing Protocols 93 UnnumberedInterfaces Point-to-Point Connection Slot 1 ETH0 ETH0 Slot 3 Router 1 10.0.0.3 192.168.100.1 Router 2 A B E F Network 3 Network 1 FIGURE 12.2 STATIC ROUTING EXAMPLE 2 Figure 12.2 shows another static routing example to explain the Gateway o...

Cyclades-PR4000 Chapter 11 - Routing Protocols 95 RIP Configuration CyROS supports three basic types of RIP: 1 RIP1 [RFC 1058]2 RIP2 with broadcast (compatible with RIP1) [RFC 1723]3 RIP2 with multicast [RFC 1723] The primary difference between RIP1 and RIP2 is that only RIP2 advertises subnet masks...

Cyclades-PR4000 Chapter 11 - Routing Protocols 96 OSPF The OSPF (Open Shortest Path First) routing protocol is significantly more complicated than RIP. The determinationof which protocol is better suited to a given network is beyond the scope of this manual. An example networkusing OSPF is given in ...

Cyclades-PR4000 Chapter 11 - Routing Protocols 97 First, some definitions: • An Autonomous System (AS) is a portion of the network that will use a single routing strategy. It is made up of a backbone area and optionally of non-backbone areas. • OSPF Areas are sub-systems that have identical routing ...

Cyclades-PR4000 Chapter 11 - Routing Protocols 99 OSPF Global Configurations STEP THREEAfter completing the OSPF interface configuration for all interfaces (even those that will not use OSPF), navigateto the OSPF Menu, CONFIG=>IP=>OSPF. Enter into the OSPF Global Commands menu and set the para...

Cyclades-PR4000 Chapter 11 - Routing Protocols 103 BGP-4 Configuration The BGP-4 routing protocol is used for routing on the Internet, performed between Autonomous Systems (ASs).An autonomous system is defined as: · A set of routers and networks under the same administration.· An interconnected netw...

Cyclades-PR4000 Chapter 11 - Routing Protocols 104 The last option is to aggregate the addresses contained in the local autonomous system in order to present anaggregated route to the outside world. This is done in the last step. 8. Aggregate the addresses contained in the AS. The steps defined abov...

Cyclades-PR4000 Chapter 11 - Routing Protocols 108 1 2 3 4 5 6 ...... ...... ...... ...... ...... .... PR3000 100.10.0.0/16 Und esired Route Backup Route Pr te ef er red Rou FIGURE 12.5 MULTIPLE ROUTES CONTAINING AS 5 CONFIG=>IP=>BGP4=>ACCESS LIST=>ADD Parameter Description Access List N...

Cyclades-PR4000 Chapter 11 - Routing Protocols 109 STEP FOURAn access list needs at least one rule. The example in Figure 12.6 shows three access lists, each one withseveral rules. Each neighbor can be assigned up to 6 access lists, as seen in step 2. Route Map Discarded Routes Discarded Routes Disc...

Cyclades-PR4000 Chapter 11 - Routing Protocols 111 STEP SIXA route map can either apply to all routes not discarded by the access lists, as shown in Figure 12.6, or to routesfiltered by a particular access list, as shown in Figure 12.7. Route Map Discarded Routes Discarded Routes Seq. 4 Seq. 10 Acce...

Cyclades-PR4000 Chapter 11 - Routing Protocols 112 CONFIG=>IP=>BGP4=>ROUTE MAP=>ADD Parameter Description Route Map Number Identifies the route map Sequence Number Identifies the sequence within the route map. The numbers need not be consecutive. Match List Name Associates an access list...

Cyclades-PR4000 Chapter 11 - Routing Protocols 113 CONFIG=>IP=>BGP4=>AGGREGATE ADDRESSES=>ADD Parameter Description Number An ID for reference. Address The aggregated address. In the example, 200.50.50.0. Mask (bitlen) The mask for the aggregated address. In the example, 23. AS Set Yes c...

Cyclades-PR4000 Chapter 12 - CyROS, the Operating System 114 CHAPTER 12 CYROS, THE OPERATING SYSTEM This chapter explains various operating system features that are not covered in other chapters: • creation of the host table• creation of user accounts and passwords• IP Accounting Creation of the hos...

Cyclades-PR4000 Chapter 12 - CyROS, the Operating System 116 The super user has access to all menus. The usr user is shown a menu, upon sucessful login, with the items chosen in the user’s profile. The pppauto user is connected directly to the user via PPP. No menu appears. The auto user is connecte...

117 Cyclades-PR4000 Chapter 13 - NAT CHAPTER 13 NAT (NETWORK ADDRESS TRANSLATION) NAT exists to convert local IP addresses into Internet “global” IP addresses. Internet IP addresses are assignedby Internet providers. Due to the explosion of the internet, these numbers are scarce. Certain ranges of I...

119 Cyclades-PR4000 Chapter 13 - NAT NAT Static Translation Table # Global address / port local address / Port Protocol 1 200.240.230.225 / 20 192.168.0.30 / 20 TPC 2 200.240.230.225 / 21 192.168.0.30 / 21 TPC 3 200.240.230.225 / 80 192.168.0.31 / 80 TPC Types of Address Translation In dynamic addre...

121 Cyclades-PR4000 Chapter 13 - NAT STEP TWOThe parameters in the Timeout Menu are explained in more detail below. The preset values should be appropriatefor most applications. Timeout and Options Menu CONFIG =>SECURITY =>NAT =>TIMEOUT AND OPTIONS Parameter Description UDP Timeout Inactivi...

122 Cyclades-PR4000 Chapter 13 - NAT STEP FOURIf static translations are to be performed, as described in the example, the parameters in the Static TranslationMenu must be set. A brief explanation of each parameter is given in the table. Static Translation Menu CONFIG =>SECURITY =>NAT =>STA...

123 Cyclades-PR4000 Chapter 14 - Filters and Rules CHAPTER 14 RULES AND FILTERS There are four basic types of rules: 1 IP filter rules,2 Radius rules (actually a combination of previously defined IP filter rules),3 traffic control rules, and4 transparent bridge rules (similar to IP filter rules, but...

124 Chapter 14 - Filters and Rules Cyclades-PR4000 Config IP Rule List NameRule StatusRule List TypeDefault ScopeIncoming Rule List NameOutgoing Rule List NameLinked Rule List Name N Add Rule List Rules List Insert as Rule NumberRule StatusScopeRule Priority LevelReserved BandwidthBandwidth Priority...

125 Cyclades-PR4000 Chapter 14 - Filters and Rules Exterior Router Interior Router Router Extension to Network Bastion Host ETH0 ETH0 192.168.0.2 192.168.0.3 10.0.0.0 172.16.0.0 192.168.0.1 Perimeter Network192.168.0.0 Slot 1 Slot 1 FIGURE 12.2 FIREWALL EXAMPLE Figure 12.2 will be used to show how b...

126 Chapter 14 - Filters and Rules Cyclades-PR4000 Exterior Router The exterior router is the network’s first defense against attacks. For this reason, it is reasonable to prohibit allpackets except for those explicitly allowed. This is done by choosing the Default Scope to be Deny. Thus, ALL desire...

127 Cyclades-PR4000 Chapter 14 - Filters and Rules Steps necessary to activate filtering on the exterior router in the example: 1 There are two interfaces with two directions each. Filtering on link 1 requires the creation of two rule lists, called exterior_in and exterior_out . Create them using th...

129 Cyclades-PR4000 Chapter 14 - Filters and Rules Filter_list Name exterior_outRule 0Status Enabled Scope Permit Protocol TCP Source IP Operator Equal Source IP start 192.168.0.3 Source IP Mask 255.255.255.255 Destination IP Operator None Source Port Operator Equal Source Port Start SMTP Destinatio...

130 Chapter 14 - Filters and Rules Cyclades-PR4000 Stop Forged Packets World of Pos sib le Pa ck ets Don’t Allow Access to News PERMIT PERMIT PERMIT Stop Telnets From the Outside (Except Bastion Host) FIGURE 12.5 PERMIT DEFAULT SCOPE The configuration for “Stop forged packets” is shown in the follow...

131 Cyclades-PR4000 Chapter 14 - Filters and Rules Rules ListsRule List Name Rule Default List Linked Status Scope Type RuleList slot1_in Enabled Permit Filter Filter_list Name slot1_inRule 0Status Enabled Scope Deny Protocol 0 Source IP Operator Equal Source IP start 10.0.0.0 Source IP Mask 255.0.0...

132 Chapter 14 - Filters and Rules Cyclades-PR4000 Traffic Rule Lists There are three kinds of traffic rules that can be configured in CyROS. The first two determine a division ofbandwidth for traffic flowing out of the router: 1 Traffic Shaping (the division of bandwidth is strictly adhered to),2 B...

133 Cyclades-PR4000 Chapter 14 - Filters and Rules The third determines which services have priority flowing through the router: 3 Service Prioritization. An Internet provider has three clients connected to the same router. Client A is larger and without traffic controlwould overwhelm the router to ...

135 Cyclades-PR4000 Chapter 14 - Filters and Rules Rule 1Status Enabled Flow Priority 0 Rule bandwidth 25% Bandwidth priority 2 Protocol 0 Source IP Operator Equal Source IP start 22.22.22.0 Source IP Mask 255.255.255.0 Destination IP Operator None Source Port Operator None Destination Port Operator...

136 Chapter 14 - Filters and Rules Cyclades-PR4000 prioritize the access to his web server. He also wants to prioritize e-mail sent by his SMTP server, but the priorityshould be lower. All other traffic should have the lowest priority. For web server access, the important flowdirection is not the us...

137 Cyclades-PR4000 Chapter 14 - Filters and Rules The configured rules will appear as shown in the following listing. Note that for this type of traffic control, of the traffic-specific parameters only Flow Priority is used. The Reserved Bandwidth and Bandwidth Priority parameters are not important...

Cyclades-PR4000 Chapter 15 - IPX 138 CHAPTER 15 IPX (INTERNETWORK PACKET EXCHANGE) IPX is an alternative to IP, proprietary to Novell. When IPX is activated, many new menus appear to allowconfiguration of this type of network. IP and IPX can both be active in the router simultaneously, and an interf...

Cyclades-PR4000 Chapter 15 - IPX 139 Enabling IPX The first step is to activate the IPX feature in the router. This is accomplished using the menu option ADMIN=>ENABLE FEATURES => IPX. The IPX protocol must also be activated in the menu CONFIG =>IPX => GENERAL.In this menu, the Internal ...

Cyclades-PR4000 Chapter 15 - IPX 141 The routing table is displayed by the menu option INFO => SHOW ROUTING TABLE => IPX. For the example,and using only the static route created above, the routing table appears as in Figure 13.2. Destination Interface/ Subinterface/ Remote address hops ticks T...

Cyclades-PR4000 Chapter 16 - Virtual Private Network Configuration 142 CHAPTER 16 VIRTUAL PRIVATE NETWORK CONFIGURATION The Virtual Private Network utility can be used on any link using IP routing. It is used to provide greater securitybetween two or more networks connected through a public communic...

Cyclades-PR4000 Chapter 16 - Virtual Private Network Configuration 144 ETH0 PR3000 Router RSG3 - RemoteSecurity Gateway Router IP Address: 190.190.190.1 Link 2 IP: 190.190.190.1 Link 1 0.70.70.1 IP: 7 .16.0.0 IP:172 0.0.0.0 IP: 1 Link 1 IP: 50.50.50.1 IP Network IP:10..255.255.0 Router IP Address: 2...

Cyclades-PR4000 Appendix A - Troubleshooting 147 APPENDIX A TROUBLESHOOTING What to Do if the Login Screen Does Not Appear When Using a Console. 1 Check the configuration of the terminal. The correct values are given in chapter 2. 2 Check to see if the router booted correctly. Before the login scree...

Cyclades-PR4000 Appendix A - Troubleshooting 148 What to Do if the Router Does Not Work or Stops Working. 1 Check that the cables are connected correctly and firmly. 2 Confirm that the Link LED is lit for the (Fast) Ethernet Port being used, indicating proper Ethernet cable termination. If it is not...

Cyclades-PR4000 Appendix A - Troubleshooting 149 4 Make sure any external modem, DSU/CSU, or interface equipment is properly connected and that the interface configuration is correct. Many cables have the same connector, but are not interchangeable. 5 Make sure that the line (T1 or E1) is active. Th...

Cyclades-PR4000 Appendix A - Troubleshooting 150 Pinging the router from a host on the network should give similar results. If the test fails, confirm that the link LEDon the front panel is lit and that the IP Address and Subnet Mask parameters in the Network Protocol menu arecorrect for the network...

Cyclades-PR4000 Appendix A - Troubleshooting 151 Use of a Cross Cable for Testing T1/E1 Ports and ModemsTwo tests can be performed with the cross cable: one tests the two T1/E1 ports while the other tests the 2 portsand the modems. The pin diagram of the cross cable is shown in Appendix B. Before st...

Cyclades-PR4000 Appendix A - Troubleshooting 152 Let the test run for at least 1 minute. If both slots show no errors, the test was sucessful. How to Test the Modems 1. In the CyROS main menu, choose the following menu options: DEBUG=> HARDWARE TEST=>DSP TEST. 2. The first parameter will be Nu...

Cyclades-PR4000 Appendix B - Hardware Specifications 155 APPENDIX B. HARDWARE SPECIFICATIONS General Specifications The Cyclades-PR4000 power requirements, environmental conditions and physical specifications are listed in thetable below. Power RequirementsInput voltage range 115 to 230 VAC. Some mo...

Cyclades-PR4000 Appendix B - Hardware Specifications 156 External Interfaces Console Port An RS-232 DTE port is provided for communication with a configuration terminal. A maximum speed of 115.2kbpsis supported on this port. Use a straight-through cable to connect to DCE devices (modems, for example...

Cyclades-PR4000 Appendix B - Hardware Specifications 157 Ethernet Port The PR3000 Ethernet port meets IEEE I802.3 physical specifications. It provides a single Ethernet interface andsupports 10Base-T (Unshielded Twisted Pair) on a standard RJ-45 female connector. 8 1 ETHERNET PORT Pin Ethernet Signa...

Cyclades-PR4000 Appendix B - Hardware Specifications 158 T1 and E1 Both the T1 and E1 interfaces use an 8-pin RJ-48C female connector. T1/E1 Interface Pin Signal 1 RXTIP 2 RXRING 3 N.C. 4 TXTIP 5 TXRING 6 N.C. 7 N.C. 8 N.C. FIGURE B.3 T1 OR E1 - RJ-48C FEMALE CONNECTOR

Cyclades-PR4000 Appendix B - Hardware Specifications 159 Cables Please refer to chapter 2, What is in the Box, to see which cables are provided with the PR4000 and which cables are optional. Straight-Through Cable 2345678 1517202224 2345678 1517202224 TxDRxDRTSCTSDSRGndDCDTxClk_DTERxClkDTRRITxClk_DC...

Cyclades-PR4000 Appendix B - Hardware Specifications 160 Cross Cable DB-25 Male DB-25 Male Pin Pin Signal Signal 1 2 12 20 25 23 21 13 1 3 PGnd RxD 14 TxD V.35 - (A) RxClk RxD V.35 - (A) 20 DTR DTR 25 1318 6 DSR DSR 6 3 14 2 TxD RxD PGnd TxD 12 TxD V.35 - (A) TxClk DCE TxClk_DTE (A) 4 15 4 RTS RTS 2...

Cyclades-PR4000 Appendix B - Hardware Specifications 161 Router-MD / V.35 Cable 145678 11121314161819212325 1579 131015 2 17 4 16 3 2411 6 19 - A - C - D - E- B- F- S- P - T - R - AA - Y - W - U- V- X PGnd RTS CTS DSR Gnd DCD TxD/V.35 (B) TxD/V.35 (A) RxD/V.35 (B) RxD/V.35 (A) TxClk_DTE/V.35 (B) TxC...

Cyclades-PR4000 Appendix B - Hardware Specifications 163 Cross Cable for Testing the T1/E1 Ports Please see appendix A for a description of the use of this cable. 4 TxTip5 TxRing1 RxTip2 RxRing RxTip 1 RxRing 2 TxTip 4 TxRing 5 RJ-48C RJ-48C Loopback Cable FIGURE B.8 PINOUT DIAGRAM OF THE CROSS CABL...

Appendix C - Configuration Without a Console Cyclades-PR4000 166 APPENDIX C CONFIGURATION WITHOUT A CONSOLE When a terminal or PC is not available for use as a console, the router has a special feature that allows configurationof the Ethernet interface from any PC on the LAN. The router “adopts” the...

167 Appendix D - Installation of Additional Digital Modems Cyclades-PR4000 APPENDIX D INSTALLATION OF ADDITIONAL DIGITAL MODEMS The purpose of this appendix is to describe the correct procedure for the installation of the digital modem board inthe PR4000. When the PR4000 is purchased with modems, th...

Cyclades-PR4000 168 Appendix D - Installation of Additional Digital Modems Step Four:Attach the wrist-strap to your wrist. . Step Five:Remove the PR4000’s cover. Be careful to not touch any components inside the PR4000’s case, as they also canbe damaged by static electricity. LCD Display_ Cyclades -...

Cyclades-PR4000 170 Appendix D - Installation of Additional Digital Modems Step Eight:Insert the board carefully into the slot, aligning the indentations in the board with the guides of the slot. Forcing theboard or pushing it in at an angle can damage the board and the slot. Step Nine:Push the boar...

Cyclades-PR4000 172 Index Index B Bandwidth Reservation 132 C Cables console 13SWAN 14 CAS Signaling Mode 62CCS Signaling Mode 59Connection to an Internet Access Provider 37 Cyclades ftp site 11telephones 11 CyROS menus 18what is...? 8 D Dialing Method 17Download of the router configuration 36 E E1 ...

Cyclades Corporation 41829 Albrae Street Fremont, CA 94538 - USA Phone: (510) 770-9727 Fax: (510) 770-0355 www.cyclades.com Cyclades South America Phone: 55-11-5033-3333 Fax: 55-11-5033-3388 www.cyclades.com.br Cyclades Germany Phone: +49 (0)81 22 90 99-90 Fax: +49 (0)81 22 90 999-33 www.cyclades.de...