TMENTERPRISE NETWORK HUB SYSTEM Command Reference3.1VersionNETServer/16NETServer/8NETServer/8NETServer/16
1-2 OverviewNetmask TableCIDR (Classless Interdomain Routing) or host-based routingrequires special netmasks. Special netmasks may also be usefulf
6-26 LAN-to-LAN RoutingThis example will set up two NETServers for LAN-to-LANrouting. NETServer B will be configured to dial NETServer Aon demand.
LAN-to-LAN Routing 6-27Setting Up NETServer BNETServer B (a 16 port NETServer) will dial out to NETServerA using ports 10 and 11 (The port def
6-28 LAN-to-LAN RoutingSince this dial script expects the verbal result code “CONNECT”from the modem, we should make sure the the init script forea
LAN-to-LAN Routing 6-29Testing the ConnectionYou can test the connection by setting the location for manualdialing.set location nsb manualdial
6-30 LAN-to-LAN RoutingConnecting to NETServer A from NETServer BWhen a user on LAN2 tries to connect with a host on LAN1,NETServerB dials NETServe
Talking to the Modems 7-1Chapter 7Talking to the ModemsThis chapter discusses use and configuration of the NETServer’sinternal modems. The followin
7-2 Talking to the Modems<TCP port#> can be any number not already used by theNETServer. We suggest 6000 plus the modem number. Assign-ing
Talking to the Modems 7-3Implementing Security with Host Device Dial OutTo authenticate a host device dial out user, configure a hostdevice port wit
7-4 Talking to the ModemsConfiguring modems as UNIX pseudo TTYsA pseudo tty device acts like a serial device, but is actuallysomething else entirel
Talking to the Modems 7-5Keep in mind that other programs on the host may use thesepseudo-tty devices, but usually select the pseudo-tty driversfrom
Overview 1-3RADIUS Accounting and ANI/DNISRelease 3.1 of the NETServer supports the current RADIUSAccounting Internet Draft. The NETServer can
7-6 Talking to the ModemsModem Initialization ScriptsAn initialization string may be sent to any one of theNETServer’s S-ports every time the port
Talking to the Modems 7-7Caution: Avoid using commands that write to the modem’sNVRAM (such as &W) in an initialization script that you plan to
7-8 Talking to the ModemsInitialization Script ExampleSetting up a new initialization script is a four step process. Theexample given below forces
Talking to the Modems 7-9Sending AT commands to the modemsVersion 3.1 of the NETServer/8 and NETServer/16 firmwareallows you to send AT commands to
7-10 Talking to the Modems
Packet Filters 8-1Chapter 8Packet FiltersThis chapter covers setting up packet filters for the NETServer.The following topics are included:• Fi
8-2 Packet FiltersTypes of FiltersThe NETServer supports the following types of packet filters:• Input and output filters; packet filters can be cr
Packet Filters 8-3Information SourcesInternet packet filtering and security are complex issues whichthis chapter can barely scratch the surface
8-4 Packet FiltersAdding Packet Filters1. To create a new filter, type the following command:add filter <filter name>The filter name can be u
Packet Filters 8-5Input filters vs. Output filtersYou can assign two packet filters to each interface: an input filterand an output filter. In
1-4 OverviewNew Modem Port FeaturesRelease 3.1 of the NETServer Command Line and NETServerManager software now support the following modem portfeat
8-6 Packet FiltersFilter Rule FormatA packet filter consists of a set of rules which you must create.A newly created packet filter contains no rule
Packet Filters 8-7Rule NumberThis is a number up to the highest previously set Rule # plusone. For example, if a packet filter currently has f
8-8 Packet FiltersTCP/IP packet filteringAfter the filter name, rule number and permit/deny, IP rules startwith the following parameters:<sourc
Packet Filters 8-9Destination AddressThe address given here is compared to the destination addressof the packet. Note that only the part of th
8-10 Packet FiltersTCP and UDP parametersTCP and UDP packets can be filtered by source and destinationsocket numbers. This allows you permit or de
Packet Filters 8-11Standard Port NumbersThe table below contains information on standard port numbersfor some common services. For a complete
8-12 Packet FiltersTCP UDP Description518 518 ntalk (new terminal chat)- 520 RIP540 540 uucp (UNIX to UNIX copy)540 540 uucp-rlogin543 543 klogin
Packet Filters 8-13Step 2 - The client opens a control channelTo initiate an FTP session, the client opens a control channel onthe well-known F
8-14 Packet FiltersFTP Example 2If you also wanted to allow external clients access to a specificFTP server on your network, you could add a few mo
Packet Filters 8-15Filtering ICMP packetsICMP packets can only be filtered by type. So, the only optionis:type <icmp message type>The IC
Overview 1-5NETServer OverviewThe NETServer allows you to implement four basic applications:IP Terminal Service, IP modem sharing, IP/IPX Netwo
8-16 Packet FiltersIPX packet filteringIPX packets can be filtered by source and destination host,network or socket. Additionally, SAP packets can
Packet Filters 8-17dsthostCompare the destination IPX node address contained in thepacket to the address given. The IPX address should be inhe
8-18 Packet FiltersSAP Rule OptionsSAP rules are only used in output filters. The rule format is asfollows:<permit | deny> <keyword> &
Packet Filters 8-19Editing Packet FiltersEdit a Packet FilterSee Filter Rule Format, earlier in the chapter for a description offilter rule for
8-20 Packet FiltersView a Packet FilterIf you want to check to view a specific packet filter, use thefollowing command:show filter <name>You’
Administrative Tools 9-1Chapter 9Administrative ToolsThis chapter covers commands whose functions are purelyadministrative.• Configuring the !root
9-2 Administrative ToolsNote: You can also disable Telnet access to the !root account.For more information, see Telnet Access Port below.Telnet Ac
Administrative Tools 9-3Manually Connecting to a Remote SiteYou can dial a remote (or local) site from the Command Linesoftware with the dial comma
9-4 Administrative ToolsTroubleshooting CommandsTroubleshooting commands are described in the followingsections.Viewing DEBUG messagesThe debug com
Administrative Tools 9-54. When you are finished viewing debug messages, tell theNETServer not to display messages.set debug 0x005. Turn off the ou
1-6 OverviewIP Modem SharingHosts on a local IP network can use a chassis modem to dial out.Moreover, the NETServer can create pools of modems that
9-6 Administrative ToolsIfconfigThis command displays the current (active) configuration of aninterface. Note that the configuration of a serial p
Administrative Tools 9-7The second line contains the following information:Broadcast The Ethernet broadcast address.Dest Displays the IP address of
9-8 Administrative ToolsPingThis verifies that the NETServer can communicate with otherdevices on the network. Use the following command:ping <
Administrative Tools 9-9PtraceThis command lets you monitor network traffic at the packetlevel. Use the following command:ptrace <filter name&g
9-10 Administrative ToolsTracerouteThis command identifies the routers (and the path) to a remotehost/system. The name or IP address of the remote
Administrative Tools 9-11The SHOW commandThe show command can be used to view the NETServer’scurrent configuration and its routing activity. The c
9-12 Administrative Toolsshow arpShow arp allows you to view IP address resolution informationfor the given interface. To use this command, types
Administrative Tools 9-13show memoryUse the following command to see the NETServer’s DRAMmemory utilization:show memoryThe information you see migh
9-14 Administrative ToolsForeign Address The address of the port on the remote side of apoint-to-point connection. IPX port addressesappear as 000
Administrative Tools 9-15show sapUse the following command to view the SAP interfaces:show sapThe information you see might look something like thi
Overview 1-7Dial-Up RoutingThe same routing engine that allows network dial in accessallows the NETServer to establish dial up routing sessions
9-16 Administrative ToolsTy pe This is the type of service that the port hasbeen configured to support. Possible PortTypes are:Login User login po
Command Reference 10-1Chapter 10Command ReferenceThis chapter contains a complete listing of all the commands forconfiguring the following (in alph
10-2 Command ReferenceHow to . . .Get helpTo bring up a list of command options for Global Configuration,use the following command:help set globalS
Command Reference 10-3Global user parametersThe following parameters apply to all users in the user table.Assigned AddressOptional. The Assigned A
10-4 Command ReferenceRandomize HostsThis command is used to relieve the burden on frequently-usedglobal default, port default and RADIUS user tabl
Command Reference 10-5Global routing parametersThe parameters in this section configure routing on all ports.Default GatewaysIf the NETServer does
10-6 Command ReferenceDefault RouteThis command determines whether the NETServer will dynami-cally update IP default gateway information. The defa
Command Reference 10-7NetBIOS Packet PropagationOn an IPX network, NetBIOS obtains information by broadcast-ing type 20 packets to all networks. I
10-8 Command ReferenceName ServiceThese commands configure the name service your network uses.A name service allows you to use host names rather th
Command Reference 10-9Domain nameThis is the name of the domain the NETServer belongs to. Boththe primary and the secondary name servers must belo
1-8 OverviewSecurityThe NETServer supports IP and IPX packet filtering in both theinbound and the outbound directions of ports, users, and dialout
10-10 Command ReferenceRADIUS securityThe following commands configure the NETServer’s use ofRADIUS security servers. See Appendix F for more info
Command Reference 10-11Accounting serversThe following commands configure the NETServer’s communi-cations with accounting servers.RADIUS Accounting
10-12 Command ReferenceICMP LoggingThis command determines whether the NETServer sends ICMPerrors such as Host Unreachable to the Syslog server. T
Command Reference 10-13Hosts TableLike a name service, the hosts table translates names to IPaddresses and vice versa. However, the hosts table is
10-14 Command ReferenceLocation TableUse the location table to define sites that the NETServer can dialout to. (As opposed to dialing in, which r
Command Reference 10-15Save Location Table ChangesTo save changes you have made, use the following command:save locationView the Location TableTo v
10-16 Command ReferenceLocation Table ParametersConnection TypeThis determines when then the NETServer will dial the remotehost or site. Your opti
Command Reference 10-17IP AddressThis command is used to tell the NETServer what IP addresswill be used by the remote device. The default is 0.0.0
10-18 Command ReferenceProtocolDefault is SLIP. This field indicates what protocol theNETServer should use to encapsulate packets bound for therem
Command Reference 10-19Dial GroupThis field specifies which group of modems will dial-out to aremote location. Group numbers can range from 0 to 9
Basic Installation 2-1Chapter 2Basic InstallationThis chapter contains information on the following:• System Administrator Requirements• Loggi
10-20 Command ReferenceIdle Time-outApplies to Manual and On Demand locations only. Idletimespecifies how many minutes a dial out connection to th
Command Reference 10-21MTUThis is the Maximum Transmission Unit (MTU) used with thisinterface. MTU sets the largest frame or packet size that acon
10-22 Command ReferenceOutput FilterPackets being sent to the remote location are evaluated againstthis filter and are discarded or accepted accord
Command Reference 10-23Special CharactersThe send or reply strings can contain any printing ASCIIcharacter. Also, you may use the following specia
10-24 Command ReferenceLAN Port (Net0) ConfigurationLAN port configuration lets you configure the NETServer’sEthernet interface.If you have changed
Command Reference 10-25View LAN Port ConfigurationUse the following command:show net0The information you see might look something like this:Etherne
10-26 Command ReferenceConfigured Ethernet MediaPrevious versions of the NETServer firmware automaticallydetected which type of Ethernet cable was
Command Reference 10-27NetmaskThis is the IP subnet mask of the subnet attached to theNETServer’s LAN interface. The default is 255.255.255.0, whi
10-28 Command ReferenceIPX Frame TypeThis sets the IPX frame type for the NETServer’s LAN interface.The default is 802.2 Ethernet.If the network at
Command Reference 10-29Input FilterThis filter controls packets coming into the NETServer throughthe LAN interface. Use the following command:set
2-2 Basic InstallationTCP/IP Reference MaterialIt is the responsibility of the Network Manager to devise anaddressing strategy appropriate for the
10-30 Command ReferenceNetmask TableThe netmask table is used to define netmasks for Supernetting(Classless InterDomain Routing). See Appendix B f
Command Reference 10-31Ports Table (S-port configuration)The S-Port table is used to configure the external serial port andall the internal serial
10-32 Command ReferenceWhen a NETServer reboots, it copies configuration data fromthe permanent configuration saved in flash memory to thedefault c
Command Reference 10-33Host This column displays IP addresses. The addressdisplayed is dependent on what kind of connectioncurrently exists on the
10-34 Command ReferenceView an Individual PortTo view a specific port, use the following command:show s<port #>The information that appears m
Command Reference 10-35Determining a Port’s TypeThree settings determine what type of connection a port per-mits: User Login, Host Device and Netwo
10-36 Command ReferenceYou can find these drivers (daemons called nettty and in.pmd) onthe U.S. Robotics web site.To configure a port for Host Devi
Command Reference 10-37NetworkThe Network field determines if the port permits PPP or SLIPconnections. You may also enable User Login and Host Dev
10-38 Command ReferenceSpecifying a dial group lets you reserve a modem for dial-up tospecific locations, or ensure that the modem used to make the
Command Reference 10-39The Login Message can be up to 240 characters in length. Usethe carat ( ^ ) to designate the start of a new line.Login P
Basic Installation 2-3Accessing the Command LineTo configure the NETServer from the command line, you mustlog in as the supervisor.1. In order
10-40 Command ReferenceIMPORTANT: Without a user table entry, the NETServer can’ttell what type of user is dialing in. If security is off, networ
Command Reference 10-41HostThis is the host for users whose user table host is set to Default.If security for the port is off, this is also the hos
10-42 Command ReferenceLogin ServiceThe NETServer uses the service specified here to connect usersnot in the user table to the port default host.
Command Reference 10-43Netdata Unlike Telnet, Rlogin, and PortMux, Netdata is notactually a login service. Netdata is a direct (clearTCP) connecti
10-44 Command ReferenceHardwired Port ParametersThe parameters described below apply to port s0 if it has beenconfigured as network hardwired.Compr
Command Reference 10-45PPP connections are set between 100 and 1500 (default 1500).SLIP connections are set between 100 and 1006 (default 1006).Net
10-46 Command ReferenceFor example to escape the ASCII null character, the commandwould beset s0 map 00000001The default is 00000000 (do not escape
Command Reference 10-47Serial Communications ParametersThe following parameters configure the connection between theNETServer and the devices attac
10-48 Command ReferenceParityThis is the parity of the data. The default is none.set s<port #> parity <odd | even | strip | none>Flow C
Command Reference 10-49Routes Table ConfigurationThe routes table contains both static and dynamic routinginformation. Dynamic routes are updated
iiCopyright 1996 by U.S. Robotics Access Corp.8100 North McCormick Blvd.Skokie, Illinois 60076All Rights ReservedU.S. Robotics and the U.S. Robotics
2-4 Basic InstallationGetting StartedName your NETServer. Among other things, this name will beused for the NETServer’s DNS system name and its SN
10-50 Command ReferenceDelete a Routes Table EntryTo delete an IP route, use the following command:delete route <destination>To delete an IPX
Command Reference 10-51Viewing the IPX Routes TableTo view the IPX Routes Table, use the following command:show ipxroutesThe information you see mi
10-52 Command ReferenceIP ParametersDestinationThis is the IP address or name of the host or network to whichthe NETServer needs to send packets.Ga
Command Reference 10-53IPX ParametersDestinationThis is the IPX network number of the network to which theNETServer needs to send packets.NetworkTh
10-54 Command ReferenceSNMP TableThe NETServer provides support for using the Simple NetworkManagement Protocol (SNMP) and supports industry standa
Command Reference 10-55View SNMP TableTo view the SNMP settings, use the following command:show table snmpThe information you see might look someth
10-56 Command ReferenceRead HostsThis defines which host(s) can perform SNMP GET operationson the NETServer MIB objects. Use the following command
Command Reference 10-57User TableThe User Table defines users who dial in to the local network tobecome virtual nodes or to establish login session
10-58 Command ReferenceChange a User’s Parameter(s)To change a user’s parameters, use the following command:set user <user name> <option&g
Command Reference 10-59The information displayed for a network user might looksomething like this:Username: Ed Type: Dial-In Network UserAddress: N
Basic Installation 2-5Getting the LAN port up and runningFirst step for IPX or IP/IPX networksIf your network uses the IPX protocol, you must e
10-60 Command ReferenceHostThis field defines which network host the user’s session isforwarded to. Use the following command:set user <user na
Command Reference 10-61Netdata Unlike Telnet, Rlogin and PortMux, Netdata is notactually a login service. Netdata is a direct (clearTCP) connectio
10-62 Command ReferenceNetwork User ParametersDialbackThis is the location that the NETServer will dial after verifyingthe user’s name and password
Command Reference 10-63ProtocolDefault is SLIP. This is the protocol the NETServer should use toencapsulate packets bound for the user.set user &l
10-64 Command ReferenceRoutingDefault is off. This determines whether the NETServer ex-changes routing information (RIP messages) with the dial in
Command Reference 10-65Output FilterOptional. This is a packet filter that screens all packets sent tothe user. See Chapter 8 for more informatio
10-66 Command Reference
Technical Specifications A-1Appendix ATechnical Specifications8 and 16 port NETServer HardwareCertificationComplies with FCC Part 15 and Part 68, U
A-2 Technical SpecificationsEnvironmentShipping and StorageTemperature: -25° to +75° Celsius, -13° to +167°FahrenheitRelative Humidity: 0 to 100% n
Technical Specifications A-3External Serial Port (“Console”)8-Position Circuit Function DirectionModular Jack1CC Data Set Ready Inbound2CF Carrier
2-6 Basic InstallationThis is an example of the information returned for oneversion 3.xx card that has two different frame types. Thecard has one
A-4 Technical SpecificationsNominal direct current resistance:Center conductor: 24 gage (7 strands 32 gage);.61 millimeter diameter;23.7 ohms/1000
Technical Specifications A-5Connector: 8-position modular jack, Stewart 88-360808 or equivalentCable SpecificationsWire Type: .5mm or 24 AWG twiste
A-6 Technical SpecificationsCable SpecificationsWire Type: Coaxialcenter conductor .89 ± .05 mm diameter stranded,tinned copperShield 2.95 ± .15 m
Technical Specifications A-7Token Ring Network Interface CardToken RingSTP ConnectorData Transfer Rate: 4 or 16 MbpsAccessing Scheme: Token Pa
A-8 Technical SpecificationsToken RingUTP ConnectorData Transfer Rate: 4 or 16 Mbps (megabits per second)Accessing Scheme: Token PassingTopolo
Technical Specifications A-9NETServer Firmware SpecificationsRouting SupportTransparent On-Demand routingIP and IPX protocol routingInverse multipl
A-10 Technical SpecificationsPPP Specific FeaturesAddress and control field compressionProtocol field compressionPAP and CHAP authentication protoc
Technical Specifications A-11SLIP and PPP Client Software SupportNovell LAN WorkPlace TCP/IPNetManage ChameleonSun PC/NFSFTP PC/TCPWindows ‘95Stamp
A-12 Technical Specifications
Addressing Schemes B-1Appendix BAddressing SchemesThis appendix contains a brief introduction to the IP and IPXaddressing schemes for administrator
Basic Installation 2-7IP Configuration1.IP Network Address: You must assign an IP address to theNETServer’s LAN interface (Ethernet or Token R
B-2 Addressing SchemesThese 32 bits are structured very differently from IPX addresses,in which you always have an 8 hex digit network numberfollow
Addressing Schemes B-3For example, a netmask of 255.255.255.0 on a Class B networkwould indicate that the network is divided into 254 subnet-works
B-4 Addressing SchemesTwo important things must be noticed about the address divi-sions created by a subnet mask.1. RFC 950 requires that the first
Addressing Schemes B-5Supernetting (Advanced TCP/IP)Because Class B Internet addresses are in short supply, largernetworks are now usually granted
B-6 Addressing SchemesCIDR - Each Supernet is treated as a single entitySince supernet addressing is a fairly complex mechanism, theeasiest way to
Addressing Schemes B-7Notice that the number of zero bits in the third octet will actu-ally dictate the number of Class C networks in the supernet.
B-8 Addressing SchemesStep two - Select a range of addresses for each supernetThe range of addresses in a supernet must fit exactly into aspace th
Addressing Schemes B-9Supernet ExampleThe four networks in the example below are all connected to thesame Internet service provider (ISP). The ISP
B-10 Addressing SchemesSince supernet 4 can fit entirely in a single Class C addressspace, it can use supernet 3’s surplus space. It is therefore
Software Download C-1Appendix CSoftware DownloadSoftware download is a means by which the executable softwaresaved in the NETServer’s flash mem
2-8 Basic Installation3. You must also set the Broadcast Address. Type thefollowing:set net0 broadcast <high or low> EnterHigh The bits of t
C-2 Software DownloadLoading the Software Download (SDL) ProgramEach NETServer is shipped with a disk containing replacementfirmware. This disk al
Software Download C-3PCSDL commands can be in either upper or lower case letters.Leave one space after each command line parameter. The dcomma
C-4 Software Download-nna specifies the .nac filename prefix (required):(pn = NETServer/8 and NETServer/16 NACfile)-d specifies the directory path
Software Download C-5Entering SDL ModeOnce the PC is connected to the NETServer and is running thedownload software, turn the NETServer off and
C-6 Software DownloadFrom the Windows Management SoftwareIn addition to being able to SDL new operating firmware to theNETServer, version 3.2 of th
Software Download C-73. A series of dialog boxes appear, informing you of the statusof the software download process. Some of these include:Do
C-8 Software Download4. Enter the name of the NAC and SDL files you wish to sendto the modems. For the analog (i.e. V.34) NETServer, the filenames
Software Download C-9Error MessagesAll of the following errors are considered fatal and will causethe PC SDL software to abort. If one of thes
C-10 Software DownloadBad Message LengthThe SDL program detects an invalid message length at the datalink layer. The message length is either larg
Software Download C-11Insufficient Number of ArgumentsThe number of arguments in the command line is less than thenumber of required arguments.
Basic Installation 2-9IPX ConfigurationIMPORTANT: Even if your network uses only the IPX protocol,you must set up an IP address for the NETServ
C-12 Software DownloadInvalid Control WordThe SDL application layer does not recognize the control wordreturned from the NETServer.Invalid Device/M
Software Download C-13Missing Required ArgumentThere is a sufficient number of arguments, but some requiredarguments are missing. The required
C-14 Software DownloadUnknown Information Received from NACThe CRC is good, but the application layer detected unrecog-nized information, for examp
The Boot Process D-1Appendix DThe Boot ProcessWhen you flip the power switch to the ON position. The row ofLEDs on each set of 8 modems will cycle
D-2 The Boot Process
Syslog Accounting E-1Appendix ESyslog AccountingThis appendix includes information on UNIX syslog networkaccounting and samples of system messages.
E-2 Syslog AccountingSpotting Unused PortsA quick way to spot serial ports that should be active, but arenot, is to issue a grep command for the na
Syslog Accounting E-3Syslog System Message Examplesrouter1 dialnet: port S16 ppp_sync failed dest caneRouter1 is unable to establish a PPP connecti
E-4 Syslog Accountingusr1 dialnet: port S8 PPP succeeded dest NegotiatedHardwired network port S8 has established a PPP negotiation toa negotiated
Syslog Accounting E-5usr1 S15 to 192.77.203.2 port 1 connection establishedA TCP/IP connection has been established between port 1 andan IP host.u
2-10 Basic InstallationFinal StepsSave your configuration and reboot the NETServer. Note thatthe LAN port settings are the only configuration chan
E-6 Syslog Accounting
RADIUS F-1Appendix FRADIUSRemote Authentication Dial In User Service (RADIUS) is aproposed standard Internet protocol for security andaccounting.•
F-2 RADIUSSecurity - A Centrally Managed User TableThe RADIUS security server is based on a model of distributedsecurity previously defined by the I
RADIUS F-3Setting Up RADIUS User Table EntriesRADIUS servers store their user data in a human readable (text)database. The information following s
F-4 RADIUSClient-IdAdding this optional parameter will limit a network dial in(framed) user to the specified NETServer rather than allowingthe user
RADIUS F-5Framed-AddressThis is the user’s IP address for the duration of the connection.If this line is omitted, NETServers which have a pool of a
F-6 RADIUSFramed-NetmaskDefault is 255.255.255.255. This is the user’s IP subnet mask.Example:Framed-Netmask=255.255.255.0Framed-ProtocolDefault is
RADIUS F-7Framed-RoutingDefault is None. This determines whether the NETServerpermits RIP packets to be sent to or received from the remoteuser.
F-8 RADIUSUser TypesThere are five types of users in the RADIUS users file:• Login-User• Dialback-Login-User• Framed-User• Dialback-Framed-User• Out
RADIUS F-9For example:cindyg Password=“billthecat”User-Service-Type=Dialback-Login-User,Dialback-No=“19195551234”,Login-Host=NY_Sales,Login-Service
Basic Installation 2-11 Recommended Global ConfigurationFollowing is a list of global fields that we recommend youconfigure.PasswordThis is th
F-10 RADIUSOutbound-UserThe RADIUS protocol defines this user type as a user on thelocal network who is using the modems to dial out (Similar tothe
RADIUS F-11CHAP authentication using RADIUSIf the NETServer wishes to use RADIUS to authenticate theremote device, the user name and the password o
F-12 RADIUSRADIUS AccountingRADIUS accounting is uses the same basic protocol as theRADIUS security server. Both servers may run on the samehost, b
RADIUS F-13Acct-AuthenticThis attribute indicates how the user was authenticated. Thereare three possible values:None Used for Stop records and Pa
F-14 RADIUSIf a SLIP or PPP user begins a session with the network, a recordlike the one below is sent to the accounting server:Thurs Jan 16 16:15:5
Index 1Alphabetical IndexSymbols!ROOTACCESS 9-1AAccess filter 10-59ACCESS parameter 10-41Accounting serverICMP logging 1-3, 10-12RADIUS F-12–F
2 IndexDefault hostGlobal 3-6, 4-3, 4-5, 4-13, 10-3, 10-41Port 4-3, 4-5, 4-9, 4-13, 10-41, 10-60Default route 10-6DELETE command 3-5Filter 8-1
Index 3Global default host 3-6, 4-3, 4-5, 4-13,10-41Group number (location) 5-13, 6-13, 6-17,6-27, 10-19, 10-37HHardwired portCompression 10-44C
4 IndexLLAN port 3-4, 10-24–10-29Basic configuration 2-5–2-10Broadcast address B-4, 2-7, 10-27Help 10-24IP address 2-7, 10-26IP/IPX enable 10
Index 5NNameAutolog 10-40Domain 10-9Location 6-14, 6-27, 10-14Login user 4-9, 10-57Network dial in user 5-7, 10-57Packet filter 8-4RADIUS use
2-12 Basic InstallationTo set the IP gateway, type the following:set gateway <IP address> <metric> EnterThe following example configure
6 IndexIP rules 8-7IPX rules 8-16–8-18LAN port 10-29Location 10-22Login user 10-59Network dial in user 10-64Overview 3-8Permit/Deny 8-7PTRA
Index 7REPORTED_IP 10-6RequirementsSystem administrator 2-1–2-2RESET command 3-4, 4-8, 5-6, 6-13, 10-24RIP messagingFiltering 8-12Hardwired por
8 IndexSHOW command 3-5, 9-11ARP 9-12Filter 8-20Flash 9-12Global configuration 10-2Help 3-5Hosts 10-13Init 7-7Locations 10-15Memory 9-13N
Index 9WWarranty viWeb site, U.S. Robotics viiWelcome message 4-7, 5-5, 5-11, 5-14,10-38Windows management software 2-9, 2-10Write community na
10 Index
Basic Installation 2-13Name ServiceThis is the server that translates your host names into theircorresponding IP addresses.. The NETServer sup
iiiTable of ContentsWarranty and ServiceChapter 1 OverviewWhat’s New in 3.1? 1-1NETServer Overview 1-5Chapter 2 Basic InstallationSystem Adminis
2-14 Basic Installation
Configuration Overview 3-1Chapter 3Configuration OverviewThe internal firmware lets you manage and configure theNETServer by typing commands. This
3-2 Configuration OverviewWhere do I go from here?Each of the three applications has a section of this manualdevoted to its setup. If you want to
Configuration Overview 3-3The Command LineThe Command Line Interface is similar to DOS, UNIX orNetware in that you can type commands to view inform
3-4 Configuration OverviewSave your changesYou can save all of your changes, or you can save changes to aspecific table only.Note: We recommend us
Configuration Overview 3-5Quick Command OverviewThe NETServer’s configuration data is stored in several tables,including the user table and the loc
3-6 Configuration OverviewOverview of configurable tablesThis section contains a brief description of each of theNETServer’s internal databases.Glo
Configuration Overview 3-7Initialization Script ConfigurationA Port Initialization Script is a string of text that is sent to amodem (or S0, the e
3-8 Configuration OverviewPacket Filter TablePacket filters may be created to control which packets arepermitted to pass through given interfaces.
Configuration Overview 3-9Port ConfigurationPort Configuration controls the modem ports and the externalserial port. The configuration of these po
ivChapter 5 Network Dial-in AccessDial-In User Setup 5-1NETServer Dial-In Setup (Overview) 5-2NETServer Dial-In (Detailed Setup) 5-4Configuring a P
3-10 Configuration OverviewHardwired A hardwired port is a serial port that is connecteddirectly to another device via a serial cable (this isonly
Configuration Overview 3-11User TableThe User Table contains authentication and configurationinformation for two types of users: Login Users and N
3-12 Configuration Overview
IP Terminal Server Setup 4-1Chapter 4IP Terminal Server SetupIf you have workstations or terminals at a remote site thatrequire access to a host on
4-2 IP Terminal Server SetupNETServer Terminal Server Setup (Overview)A. Find out what kind of terminals are being used (or whatkind of terminal w
IP Terminal Server Setup 4-3A Note About HostsWhen a login user dials in, he or she is forwarded to a host.Which host the user is forwarded to depe
4-4 IP Terminal Server SetupTerminal Server (Detailed Setup)The following section give details on configuring the NETServeras a terminal server fr
IP Terminal Server Setup 4-5Step 3 - Create default user settings for the portIf you turned security off in Step 2, port defaults must be set totel
4-6 IP Terminal Server SetupPort Default - Login ServiceThe NETServer uses the service specified here to connect usersnot in the user table with th
IP Terminal Server Setup 4-7Port Default - Terminal Type:This value is used by all login users connected to this port. Thepurpose is to inform the
vChapter 9 Administrative ToolsConfiguring the !root Account 9-1Manually Connecting to a Remote Site 9-3Troubleshooting Commands 9-4The SHOW commma
4-8 IP Terminal Server SetupMany automated login scripting systems expect a login promptto end in login:. Putting any character after the colon (i
IP Terminal Server Setup 4-9Adding a Remote User to the User TableUsers for terminal server applications are configured as loginusers.Step 1 - Add
4-10 IP Terminal Server SetupLogin ServiceThe NETServer uses the service specified here to connect theuser to the selected host. Note that the rem
IP Terminal Server Setup 4-11Step 3 - Configure for dialback use?Normally, after a user enters his or her user name and password,the connection to
4-12 IP Terminal Server SetupIP Terminal Server Case StudiesThe following examples set up users to log into the two hosts inthe illustration below.
IP Terminal Server Setup 4-13This example also assumes that Sun1 is the NETServer’s globaldefault host. The command to do this is:set host 192.77.
4-14 IP Terminal Server SetupUsers connecting to the info line will be connected directly to adatabase application running on VAX1 and will have no
IP Terminal Server Setup 4-15Example 2Suppose you have a lot of potential users, but only a couple ofhosts, each of which has its own login securit
4-16 IP Terminal Server Setup
Network Dial In Access 5-1Chapter 5Network Dial In AccessNetwork dial in users establish PPP or SLIP connections withthe NETServer and the local ne
viWarranty and ServiceLimited WarrantyU.S. Robotics Access Corp. warrants to the original consumer orother end user purchaser that all U.S. Robotics T
5-2 Network Dial In AccessNETServer Setup for Network Dial-In (Overview)This setup configures a NETServer for users to dial in to.Note: This is a
Network Dial In Access 5-3ConfigurationA.Configure at least one port for a network dial in connection.See Configuring a Port, later in this chapter
5-4 Network Dial In AccessNETServer Dial-In (Detailed Setup)To set up the NETServer software for this application:• Configure at least one port• C
Network Dial In Access 5-5Step 2 - Optional friendly stuffThe following two parameters allow you to customize the port’sprinted response to dial in
5-6 Network Dial In AccessStep 4 - Save your changesSave the changes to flash memory:save s<port #>Reset the port so the changes take effect:
Network Dial In Access 5-7Step 1 - Create a new userAdd the remote user to the User Table. Use the followingcommand:add netuser <name> passw
5-8 Network Dial In AccessStep 3 - Add configuration information for the userYou must set the following parameters. All other parameters areoption
Network Dial In Access 5-9ProtocolSelect the protocol to be used for the connection (PPP or SLIP).Use the following command:set user <name> p
5-10 Network Dial In AccessRoutingSet the level of RIP messaging that the two devices will ex-change during the connection. Use the following comm
Network Dial In Access 5-11IP Remote Access Case StudyUserA, UserB and UserC will be dialing to connect with thelocal network. UserC will be a di
viiService and SupportTo obtain service, contact the U.S. Robotics Systems ProductSupport Department as described below. Whichever methodyou use to c
5-12 Network Dial In AccessCreate user table entries for the dial in usersUse the following commands to create User A:add netuser userA password us
Network Dial In Access 5-13A modem group must be defined to tell the NETServer whichmodems it can use to dial out to the location. Note that since
5-14 Network Dial In AccessConnecting to the NETServerThe users are now ready to connect to the local network. Whenthey dial into the NETServer fr
Network Dial In Access 5-15IPX Remote AccessThis case study assumes the following:• The configuration will take place from the Command Linesoftware
5-16 Network Dial In AccessCreate User Table entries for the dial in usersUse the following commands to create an IPX user account forUserA:add net
LAN-to-LAN Routing 6-1Chapter 6LAN-to-LAN RoutingThe NETServer can perform IP or IPX LAN-to-LAN routingwith a remote NETServer or third party r
6-2 LAN-to-LAN RoutingIPX routing• An IPX network number that will represent the connectionbetween the two devices. This number must not alreadyex
LAN-to-LAN Routing 6-3F. Test the connection from both sites. See Testing the Connec-tion, later in this chapter for details.
6-4 LAN-to-LAN RoutingAn Introduction to NETServer RoutingSome network devices, such as Router 1 and Router 2 in thedrawing below, have more than o
LAN-to-LAN Routing 6-5addresses of “Gateways” (next hops) through which packetsshould be forwarded when they are headed for given destina-tio
viiiWe welcome your suggestions for better documentationEvery effort has been made to provide useful, accurate informa-tion. If you have any comments
6-6 LAN-to-LAN RoutingStatic vs. Dynamic RoutesStatic routes are user-defined. By adding entries to the RoutesTable, you tell the NETServer how to
LAN-to-LAN Routing 6-7How Packets are RoutedWhen the NETServer receives a packet, it looks up the packet’sdestination in its routing table. I
6-8 LAN-to-LAN RoutingTMNETServer/16Destination X PacketNoYesNoIncomingPacketStatic (user defined) next hop in Routes Table?Establish connection to
LAN-to-LAN Routing 6-9PAP/CHAP AuthenticationThe NETServer supports auto-detecting the PAP and CHAPmethods of login authentication on PPP conne
6-10 LAN-to-LAN Routing• A “challenge value” (a randomly generated string ofcharacters)The challenged system then concatenates the challenge valuew
LAN-to-LAN Routing 6-11A CHAP Challenge ExampleAt the Corporate site is a NETServer with the Sysname ofNETSERVE. A typical authentication migh
6-12 LAN-to-LAN RoutingLAN-to-LAN Routing (Detailed Setup)The following section gives details on configuring routing fromthe command line. To att
LAN-to-LAN Routing 6-13Step 2 - Creating a Dial-Out GroupDialout and Twoway ports only. If the NETServer will dial outto a remote location, yo
6-14 LAN-to-LAN RoutingAdding a Remote Device to the Location TableThis is required only if the NETServer will dial out to the remotelocation. If t
LAN-to-LAN Routing 6-15Manual (Used for debugging) The NETServer dials outonly when it receives a dial command from thecommand line.Continuous
Overview 1-1Chapter 1OverviewThis chapter provides an overview of the Total ControlNETServer/8 and NETServer/16. It also contains informationo
6-16 LAN-to-LAN RoutingNetmaskThis is the remote network’s IP subnet mask. Use the followingcommand:set location <location name> netmask <
LAN-to-LAN Routing 6-17CompressionIf using SLIP, enable Van Jacobson IP header compression only ifboth networks use CSLIP (compressed SLIP).If
6-18 LAN-to-LAN RoutingStep 3 - Multiple lines for a single connectionWhen talking to other NETServers, the NETServer can spread asingle TCP/IP con
LAN-to-LAN Routing 6-19Maximum PortsSets the maximum number of ports the NETServer can use for asingle connection to the remote location. Use
6-20 LAN-to-LAN RoutingThe second method is to configure each modem to dial a differ-ent stored number. This is done using the modem’s AT&Zco
LAN-to-LAN Routing 6-21If you had configured this location to use multiple lines withouta hunt group (see Step 3), you would configure the NETS
6-22 LAN-to-LAN RoutingAdding the Remote Device to the User TableAdding a user table entry is required if the remote device will bedialing into the
LAN-to-LAN Routing 6-23ProtocolSelect the protocol to be used for the connection (PPP or SLIP).Use the following command:set user <user name
6-24 LAN-to-LAN RoutingRoutingSet the level of RIP messaging that the two devices will ex-change during the connection. Use the following command:
LAN-to-LAN Routing 6-25LAN-to-LAN Routing Case StudyThe following example shows routing between two NETServersin order to demonstrate how each
Komentáře k této Příručce