Adit 3000 Series and Multi-Service Router (MSR) Card GUI REFERENCE MANUAL Part Number: 770-0169 BB Product Release: Adit 3000 Series - 1.6 MSR Card - 2.
Copyright 2008 Turin Networks Inc. All rights reserved. The information presented in this manual is subject to change without notice and does not represent a commitment on the part of Turin Networks Inc. The hardware and software described herein are furnished under a license or non-disclosure agreement. The hardware, software, and manual may be used or copied only in accordance with the terms of this agreement.
PREFACE Preface Safety Information CAUTION! WHEN USING YOUR TELEPHONE EQUIPMENT, BASIC SAFETY PRECAUTIONS SHOULD ALWAYS BE FOLLOWED TO REDUCE THE RISK OF FIRE, ELECTRIC SHOCK AND INJURY TO PERSONS, INCLUDING THE FOLLOWING: Do not use this product near water for example, near a bathtub, washbowl, kitchen sink or laundry tub, in a wet basement or near a swimming pool. Avoid using a telephone (other than a cordless type) during an electrical storm. There may be a remote risk of electric shock from lightning.
Preface Notices This manual contains important information and warnings that must be followed to ensure safe operation of the equipment. DANGER! A DANGER NOTICE INDICATES THE PRESENCE OF A HAZARD THAT CAN OR WILL CAUSE DEATH OR SEVERE PERSONAL INJURY IF THE HAZARD IS NOT AVOIDED. CAUTION! A CAUTION NOTICE INDICATES THE POSSIBILITY OF INTERRUPTING NETWORK SERVICE IF THE HAZARD IS NOT AVOIDED. WARNING! A WARNING NOTICE INDICATES THE POSSIBILITY OF EQUIPMENT DAMAGE IF THE HAZARD IS NOT AVOIDED.
TABLE OF CONTENTS Table of Contents Preface Safety Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iv 1 Web Based Management Overview of Supported Products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents DNS Static Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Viewing the DNS Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Adding a New Entry to the DNS Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Modifying an Entry in the DNS Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents 3 Network Connections Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Adit 3000 Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Adit MSR Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 Preconfigured Connections . . . . . . . . . . . . . .
Table of Contents Firewall Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37 Network Connection Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37 Firewall Processing Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-39 5 System Monitoring Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
CHAPTER 1 Web Based Management This Reference Manual covers the web-based Graphical User Interface (GUI) for the following products: Adit 3000 series (Adit 3104, Adit 3200, and Adit 3500) Multi-Service Router (MSR) Card (a service card for the Adit 600 platform) These products are generically referred to as "the Adit" in this manual. The web-based GUI provides a user-friendly interface for setup of the unit.
Web Based Management Overview of Supported Products Overview of Supported Products The following products have different hardware configurations, as well as optional features that can be purchased (for example, a VPN software keyed feature), therefore there are many possibilities for window options. For the most of the examples in this manual, the Adit 3500 is shown, as the majority of features are available on this product.
Web Based Management Accessing the GUI Accessing the GUI NOTE: The following instructions assume that you have connected your PC to the Ethernet port on the Adit 3000 (3104, 3200, or 3500) or MSR card. For additional connection options, see the User Manual for your product. 1. Launch a web browser on your PC from the same LAN as the Adit 3000 or MSR. 2. Enter the Adit 3000 or MSR card’s IP address or name in the address bar. The default IP address is http://192.168.1.1. The Login screen appears. 3.
Web Based Management Overview Overview The GUI management window contains two sections: Navigation Pane (on the left) – Provides a list of topics to view and configure. When you select an icon, the information is displayed on the right. Display window (on the right) – Displays the setup windows for a topic selected from the Navigation Pane or items that have been selected through a shortcut button.
Web Based Management Overview Navigation Pane Icons The following icons are available on the Navigation Pane: Home - Displays the Network Map. Quick Setup - Allows you to quickly configure your Internet connection. Network Connections - Allows you to create and configure network connections. Security - Allows you to configure the Firewall and regulate communication between the Internet and the network. Voice Over IP - Allows you to configure VoIP features.
Web Based Management Home Home The Home window displays the Network Map which shows the various elements in the network. Note: This window is modified as the configuration changes. Local network computers Firewall Adit 3000 or MSR External network interface (Internet connection) Internal network interface (Ethernet, etc.) 1-6 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Home Network Map The following icons appear on the Network Map. For all icons except the Internet, you can open the item’s configuration window by clicking on the icon. Symbol Represents WAN Internet. Opens the Quick Setup window. Ethernet WAN connection. Opens the Quick Setup window. Firewall. Opens the Security setup window. Note that the height of the wall corresponds to the security level currently selected. LAN Ethernet Local Area Network (LAN) connection.
Web Based Management Home Host Information Window To display this window, click on the Computer Host icon on the Network Map. The Host Information window displays network information for the corresponding computer. 1-8 Field Definition Host Displays the Host Name. IP Address Displays the Host IP Address. Subnet Mask Displays the Subnet Mask of the Host IP Address. Network Connection Displays the type of Network Connection. Lease Type Displays the type of lease.
Web Based Management Home Test Connectivity The Test Connectivity button brings up the Diagnostics window. This window will automatically ping the Host IP Address and display the results. NOTE: This window can also be accessed through Advanced/Diagnostics. See Diagnostics on page 2-16, for detailed information on this window. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Quick Setup Quick Setup The Quick Setup window enables quick configuration of your Internet connection. When subscribing to a broadband service, you should be aware of the method by which you are connecting to the Internet. Technical information regarding the properties of your Internet connection should be provided by your Internet Service Provider (ISP).
Web Based Management Quick Setup Internet Connection Connection Type The WAN connection can be configured using any of the following methods. With each of these connection types, the window displays a different set of field options. See the following sections for information on each of these connection types and the associated options.
Web Based Management Quick Setup Manual IP Address Ethernet Connection This window is used to manually configure the Internet Connection with a specific IP Address. 1-12 Field Definition IP Address Enter the IP Address for the Ethernet connection of this device. Subnet Mask Enter the Subnet Mask for the IP Address above. Default Gateway Enter the Default Gateway address for this device. Primary DNS Server Enter the Primary DNS Service address.
Web Based Management Quick Setup Automatic IP Address Ethernet Connection With this selection, the device uses DHCP to find and set an address for this connection. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Quick Setup Point-to-Point Protocol over DS0 (Serial) With this selection, the MSR card uses a single Link Cross-Connect (LCC) PPP WAN for Internet connectivity. Field Definition Login User Name Enter the user name for this unit. Login Password Enter the password for this unit. Connection Shows the LCCs available for the connection. NOTE: For the MSR card, cross-connects from Adit 600 resources (T1 lines or WAN-capable cards) must be made before setting up the WAN link.
Web Based Management Quick Setup Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Quick Setup Multilink Point-to-Point Protocol over DS0 (Multilink) With this selection, the MSR card uses a multiple Link Cross-Connect (LCC) WAN for Internet connectivity. Field Definition Login User Name Enter the user name for this unit. Login Password Enter the password for this unit. Connection Shows the LCCs available for the connection.
Web Based Management Quick Setup Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Quick Setup Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling is a technology for creating Virtual Private Networks (VPNs). A VPN is a private network of computers that uses the public Internet to connect some nodes. Because the Internet is essentially an open network, the Point-to-Point Tunneling Protocol (PPTP) is used to ensure that messages transmitted from one VPN node to another are secure. With PPTP, users can dial in to their corporate network via the Internet.
Web Based Management Quick Setup No Internet Connection This option disables the Internet connection on the device. Administrator The following section appears on all Quick Setup windows (located at the bottom of the window). Field Definition Adit 3000’s or Adit MSR’s Hostname Display/set the current the Host Name for this device. E-Mail Enter an E-Mail address to be used for monitoring and alert purposes. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Network Connections Network Connections Main Window The Network Connection window allows the user to create and configure network connections. For the Adit 3000, the basic connections for this system are preconfigured. Additional connections can be set up with the New Connection option. For detailed information on Network Connections, see Chapter 3, Network Connections. Adit 3500 1-20 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Network Connections Adit MSR Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Security Security The Adit 3000 and MSR include comprehensive and robust security services: Stateful Packet Inspection Firewall User authentication protocols Password protection mechanisms For detailed information on security features, see Chapter 4, Security. 1-22 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Voice over IP Voice over IP The VoIP feature allows you to connect multiple phones over a single broadband connection, providing the benefits and quality of digital voice. The Adit 3104, 3500, and MSR enable you to place and receive calls over the Internet using a standard telephone set connected to the Adit. For detailed information on VoIP features, see Chapter 6, Voice Over IP. NOTE: This feature is not supported by the Adit 3200.
Web Based Management Voice over IP 1-24 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Advanced Advanced This section of the Management Console is intended primarily for more advanced users. Some changes to settings within this section could adversely affect the operation of the Adit and the network, and should be made with caution. For detailed information on Advanced features, see Chapter 2, Advanced. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management System Monitoring System Monitoring The System Monitoring window displays important system information that can be used to monitor and troubleshoot the system. Connection status, alarms, system information, and logs are all accessible through this window. Adit 3500 1-26 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management System Monitoring Adit MSR Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Web Based Management Logout Logout The Logout feature logs the user out of the system and returns to the Login window. 1-28 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
CHAPTER 2 Advanced In this Chapter Overview ARP Certificates Date and Time Diagnostics DNS Static Entries Dynamic DNS IP Address Distribution (DHCP) IPSec (IP Security) NAT/FW Connections Network Objects PPTP (Point-to-Point Tunneling Protocol) RADIUS Client Remote Administration Restart Restore Defaults Routing Scheduler Rules Simple Network Management Protocol System Settings Technical Information Upgrade From a Local Computer Users VLAN Configuration
Advanced Overview Overview This section of the Management Console is intended primarily for more advanced users. Some changes to settings within this section could adversely affect the operation of the system and the network, and should be made with caution. 2-2 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced ARP ARP The ARP (Address Resolution Protocol) window displays the current ARP table. There are display options: eth-1 - When checked, displays the LAN Ethernet ARP. eth-2 - When checked, displays the WAN Ethernet ARP. Clear - Clears those entries related with the interface(s) from the display. Refresh - Refreshes the ARP table. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Certificates Certificates Public-key cryptography uses a pair of keys: Public Key, which encrypts data (known to the world) A corresponding private key for decryption (secret) Anyone with access to your public key can encrypt information, but only the person who has the corresponding private key can decrypt the information. Digital Certificates When working with public-key cryptography, the user must be careful and verify that the correct public key is used.
Advanced Certificates X.509 Certificate Format The Adit 3000 and Adit MSR support X.509 certificates that comply with the ITU-T X.509 international standard. An X.509 certificate is a collection of a standard set of fields containing information about a user or device and their corresponding public key. The X.509 standard defines what information goes into the certificate, and describes how to encode it (the data format). All X.
Advanced Certificates Obtaining and Loading an X.509 Certificate To obtain an X509 certificate, you must ask a CA to issue you one. You provide your public key, proof that you possess the corresponding private key, and some specific information about yourself. You then digitally sign the information and send the whole package (the certificate request) to the CA.
Advanced Certificates 2. On the Adit 3000 or Adit MSR’s Local tab, select the Create Certificate Request button. 3. Fill in your current information and select the Generate button. Note: It may take a minute or so to get the certificate, and you may need to refresh the window. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Certificates 4. Copy and store the exact contents of the certificate to a file, and send it to a CA for signing. 2-8 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Certificates 5. Select the Close button. The Certificates window appears, listing the certificate as Unsigned. 6. After receiving the signed certificate from the CA, select Load Certificate. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Certificates 7. Paste the signed certificate. 8. Select the Load button. The Certificates window appears, displaying the name and issuer of the certificate. 2-10 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Certificates Registering the CA’s Certificate After receiving the signed certificate from the CA: 1. Select the CA’s tab on the Advanced/Certificates window. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Certificates 2. Select Load Certificate, and paste the CA’s certificate into the window. 3. Select the Load button to register the signed Certificate. The Certificates window appears, displaying the name and issuer of the certificate. 2-12 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Date and Time Date and Time This window allows the user to configure the date and time parameters for the unit. NOTE: By default, Time of Day management for the MSR is provided by the Adit 600 controller. Use the settings in this window for the MSR only if you are using NTP or another time service and need to manually adjust the time due to a loss of contact with the server. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Date and Time Setting the Date and Time 1. Select Advanced/ Date and Time. 2. Set the Time Zone of this unit from the Time Zone pulldown menu. 3. Set Daylight Saving Time as necessary: Field Definition Enabled Check box to enable Daylight Saving Time. Start Set the date and time when Daylight Saving starts. End Set the date and time when Daylight Saving ends. Offset Set the Daylight Saving Time offset. 4. To configure the current date, select the Clock Set button.
Advanced Date and Time Field Definition Enabled Check box to enable the Automatic Time Update. Protocol Select the protocol to be used to perform the time update. Time of Day - Retrieves the time from the TOD server (defined in the Time Server field below). Network Time Protocol - Retrieves the time from the network (Network Time Server defined in the Time Server field below). Update Every Range 1-480 hours. Time Server Select New Entry and enter the IP Address or domain name of the Time Server.
Advanced Diagnostics Diagnostics The Diagnostics window allows the user to test network connectivity using the following methods: Ping an IP address and view the statics Perform a Traceroute 2-16 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Diagnostics Pinging an IP Address 1. Select Advanced/ Diagnostics. 2. Enter the IP address in the Ping/Destination field. 3. Select the Go button. The results of the Ping will be displayed. Performing a Traceroute 1. Select Advanced/ Diagnostics. 2. Enter the IP address in the Traceroute/Destination field. 3. Select the Go button. The results of the Traceroute will be displayed. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced DNS Static Entries DNS Static Entries The Domain Naming System (DNS) provides a service that translates domain names into IP addresses and vice versa. The Adit’s DNS server is an auto-learning DNS, which means that when a new computer is connected to the network, the DNS server learns its name and automatically adds it to the DNS table. Other network users may immediately communicate with this computer using either its name or its IP address.
Advanced DNS Static Entries Adding a New Entry to the DNS Table 1. Select Advanced/ DNS Static Entries. 2. Select New DNS Entry. 3. Enter the computer’s Host Name and IP Address. 4. Select OK. The new DNS entry is displayed in the DNS Static Entries table. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced DNS Static Entries Modifying an Entry in the DNS Table 1. Select Advanced/ DNS Static Entries. 2. Select an entry on the list to modify. 3. The DNS Entry window appears. Modify the Host Name and IP Address, as needed. 4. Select OK. The modified DNS entry is displayed in the DNS Static Entries table. NOTE: An entry can be deleted by selecting the Action/Delete button. 2-20 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Dynamic DNS Dynamic DNS The Dynamic DNS service allows you to alias a dynamic IP address to a static host name, allowing your computer to be more easily accessible from various locations on the Internet. Typically, when you connect to the Internet, your service provider assigns an unused IP address from a pool of IP addresses, and this address is used only for the duration of a specific connection.
Advanced Dynamic DNS Using Dynamic DNS 1. Select Advanced/ Dynamic DNS. 2. Specify the Dynamic DNS operating parameters: Field Definition Connection to Update Select the connection to be used for the update from the pulldown menu. Offline Select the checkbox to work offline. Status The status field displays relevant information regarding the information exchange between the Adit and DDNS. The Manual Update button invokes a manual update of the DDNS parameters.
Advanced IP Address Distribution (DHCP) IP Address Distribution (DHCP) The Adit’s DHCP server makes it possible to easily add computers that are configured as DHCP clients to the network. It provides a mechanism for allocating IP addresses to these hosts and for delivering network configuration parameters to them. The DHCP-based autoconfiguration feature provides a method of updating the Adit’s firmware and configuration automatically.
Advanced IP Address Distribution (DHCP) Editing DHCP Server Settings To edit the DHCP server setting for a device: 1. Select Advanced/ IP Address Distribution. 2. Select the interface to configure (Ethernet 1/Ethernet 2). 3. Edit the DHCP settings by completing the following fields: Field Definition IP Address Distribution Disabled - Disables DHCP. DHCP Server - Assigns addresses to LAN clients.
Advanced IP Address Distribution (DHCP) Field Provide Host Name if Not Specified by Client Definition (Continued) If the DHCP client does not have a host name, the Adit will assign the client a default name. DHCP Relay New IP Address Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI Opens a new window for entering an IP address.
Advanced IP Address Distribution (DHCP) Defining a New Connection with a Fixed IP Address 1. Select Advanced/ IP Address Distribution. 2. Select the Connection List button. 2-26 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced IP Address Distribution (DHCP) 3. Select New Static Connection. 4. Enter the host information in the following fields: Field Definition Host Name Enter the host name for this connection. IP Address Enter a fixed IP address to assign to the computer. MAC Address Enter the MAC address of the computer’s network card. 5. Select OK to save the configuration. The DHCP Connections window will display the Static Connection. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced IPSec (IP Security) IPSec (IP Security) IPSec (IP security) is a standard for securing IP communications by encrypting and/or authenticating all IP packets. IPSec provides security at the network level. The Internet Protocol Security (IPSec) window allows display/modification of IPSec settings: General IPSec settings Key management settings Log settings Advanced IPSec Connection settings 2-28 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced IPSec (IP Security) General IPSec Settings Field Definition Block Unauthorized IP When an IP address fails to register with IPSec connection, it can be blocked for a set amount of time by the firewall. Enabled Checked box enables the blocking of unauthorized IP access. Maximum number or authentication failures Maximum number of failures before a block takes effect. Range 0 - 2147483647 failures. Block Period Sets the number of seconds for the IP address to be blocked.
Advanced IPSec (IP Security) Key Management 1. Select Advanced/ IPSec. 2. Select the Settings button. 3. The Settings window displays the Adit’s public key. If necessary, you can copy the public key from this window. Field 2-30 Definition Recreate Key (button) Recreate the public key. Refresh (button) Refresh the public key displayed. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced IPSec (IP Security) Log Settings Use the IPSec Log Settings window to specify the type of information to be displayed in the IPSec Log. NOTE: The IPSec log is displayed in the System Log (System Monitoring/System Log). Events can also be forwarded to another location. 1. Select Advanced/ IPSec. 2. Select the Log Settings button. 3. Select the check boxes next to the information you would like recorded in the IPSec log. Click OK. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced IPSec (IP Security) Creating a New Secured Connection 1. Select New Connection on the Internet Protocol Security (IPSec) window. 2. Follow the instructions provided in the series of screens presented. 2-32 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced NAT/FW Connections NAT/FW Connections The NAT Firewall Connections table displays all active NAT and Firewall connections. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Network Objects Network Objects The Network Objects window will create a Network Object, which is a set of host names, IP address or MAC addresses. Network Objects allow security rules to be applied to a distinct LAN subset. 1. Select Advanced/ Network Objects. 2. Select New Entry. 3. Name the Network Object in the Description field. 4. Select New Entry under Items.. 2-34 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Network Objects 5. Set the following fields: Field Network Object Type Definition IP Address - Enter the IP address of the Network Object. MAC Address - Enter the MAC address of the Network Object. Host Name - enter the Host Name of the Network Object. 6. Click OK. The newly created Network Object appears in the Network Objects table. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced PPTP (Point-to-Point Tunneling Protocol) PPTP (Point-to-Point Tunneling Protocol) The Adit can be configured as a Point-to-Point Tunneling Protocol Server (PPTP Server), accepting PPTP client connection requests. 2-36 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced RADIUS Client RADIUS Client For authentication to function, the client’s transmission must go through the Adit and reach the backend server that performs the actual authentication. The wireless client contacts the access point, which in-turn, communicates with the RADIUS (Remote Authentication Dial-in User Service) server. The RADIUS server verifies the client’s credentials to determine whether the device is authorized to connect to the LAN.
Advanced Remote Administration Remote Administration In it’s default state, the Adit locks all external users from connecting to or communicating with your network. Therefore the system is safe from hackers who may try to intrude on the network and damage it. However, you may wish to enable certain services that grant remote users administrative privileges in your network. Configuring Remote Administration Services 1. Select Advanced/ Remote Administration. 2. Select the services you wish to enable. 3.
Advanced Restart Restart This option allows the user to reboot the Adit 3000 or MSR card. Restarting the System 1. Select Advanced/ Restart. 2. Select OK to reboot the system. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Restore Defaults Restore Defaults The Restore Defaults option sets the Adit back to its factory settings. IMPORTANT: All Web-based management settings and parameters will be restored to their default values, including: Administrator password and all user-specified passwords IP address for configuration access After the restore defaults function is complete, the Adit will reboot. Restoring Default Settings 1. Select Advanced/ Restore Defaults. 2. Select OK to restore the defaults.
Advanced Routing Routing The Advanced/Routing feature provides access to configuration options for the following: Static Routing RIP OSPF Static Routing Select Advanced/Routing to view the routing table rules. This window displays the following: Static Routing - Displays all static routes. This table provides access to create, modify, and delete routes. Routing Table - Displays the current routing table. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Routing Adding a New Route 1. Select Advanced/ Routing. 2. Select New Route. 2-42 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Routing 3. Set the following fields: Field Definition Name Select a name from the Pulldown menu. Destination This is the destination host, subnet address, network address, or default route. The destination for a default route is 0.0.0.0 Netmask The Network mask is used in conjunction with the destination to determine when a route is used. Gateway Enter the gateway IP address. Metric A measurement of the preference of a route. Typically, the lowest metric is the most preferred route.
Advanced Routing Editing a Route 1. Select Advanced/ Routing. 2. Select a Route listed on the Routing Table (click on the name, or select the edit icon). 3. Modify settings as needed and select OK. 2-44 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Routing Deleting a Route 1. Select Advanced/ Routing. 2. Select Action/Delete icon, to remove the Route listed on the table. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Routing RIP Select Advanced/Routing and click on the RIP tab. The RIP window allows you to enable RIP routing. 2-46 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Routing OSPF Select Advanced/Routing and click on the OSPF tab. The OSPF window allows you to enable OSPF routing. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Routing OSPF Field Definitions When the Open Shortest Past First (OSPF) option is enabled, the window displays additional fields: Field Definition Routing Protocols Open Shortest Path First (OSPF) Enables OSPF. General Parameters Compatible RFC 1583 Enables the method used to calculate summary route costs per RFC 1583. Router ID Null - Do not use a fixed router ID. Input Router ID - Define a fixed router ID to be used. Enter a router IP address.
Advanced Routing Field Area Authentication Type Network Address Table New Entry Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI Definition (Continued) None - Set the Area Authentication to none. Simple Authentication - Enable Simple Authentication Authentication on the OSPF Area. Message-Digest - Enable Message-Digest Authentication on the Area. Displays the current OSPF neighbors. Select this option to open a configuration window to enter OSPF neighbors.
Advanced Routing Configuring OSPF NOTE: For interface OSPF configuration information, see OSPF Configuration on the Network Connection on page 3-40. 1. Select Advanced/ Router. 2. Select the OSPF tab. 3. Enable OSPF by checking the Open Shortest Path First (OSPF) checkbox. 4. Set Enable Compatible RFC 1583, if required. 5. Set Router ID as needed. 6. Define the Area ID with the Area number or Area IP Address. Note: 0.0.0.0 is not accepted in this field. 7. Define the Area as Stub, if required. 8.
Advanced Routing 10. Enter the Network IP Address of the Neighbor to add to the OSPF Network. 11. Enter an IP address mask that includes "don’t care" bits. 12. Select OK. The new address appears in the Network Address Table. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Scheduler Rules Scheduler Rules To create a scheduling rule: 1. Select Advanced/Scheduler Rules. 2. Select New Scheduler Entry. 3. Enter a name for the rule in the Name field (maximum of 64 characters). 4. Under Rule Activity Setting, indicate whether the rule will be active or inactive at the scheduled time. 2-52 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Scheduler Rules 5. Select New Time Segment Entry to define the day(s) of the week to apply the rule to. Note: At a minimum, one day must be selected. 6. Under Hours Range, select New Time Segment Entry to define the Start and End time. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Scheduler Rules 7. Select OK for each window until at the Scheduler Rules table. The new rule appears in the table. 2-54 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Simple Network Management Protocol Simple Network Management Protocol SNMP enables network management systems to remotely configure and monitor the Adit. Your Internet Service Provider (ISP) may use SNMP to identify and resolve technical problems. Configuring the Adit’s SNMP Agent Technical information regarding the properties of the Adit’s SNMP agent should be provided by your ISP. Note: SNMP community strings are passwords used in SNMP messages between the management system and the Adit. 1.
Advanced Simple Network Management Protocol 3. Set the Trusted Peer. This is the IP address and subnet that identifies which remote management stations are allowed to perform SNMP operation on the Adit. Field Definition Any Address No restriction to remote access. Specify an IP Address Requires an IP address. Specify a Subnet Requires an IP address and Subnet. 4. Enable the SNMP Traps, if desired.
Advanced System Settings System Settings Select Advanced/System Settings to view and modify general system settings. As shown in the screen shots on the following pages, the system settings differ slightly between the Adit 3000 and MSR. For example, the MSR does not support the Clock Source fields, and T1 Logging is replaced by LCC (Link Cross-Connect) Logging. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced System Settings Adit 3500 2-58 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced System Settings Adit MSR Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced System Settings Defining an Outgoing Mail Server Features that require the Adit to send e-mail (example: e-mail notification) require an outgoing SMTP server to be defined. 1. Enter the host name of your outgoing SMTP server in the Server field. 2. Enter a “from” e-mail address in the From E-mail Address field. Each e-mail requires a “from” address. Some outgoing servers refuse to forward e-mail without a valid “from” address for anti-spam considerations. 2-60 Adit 3000 (Rel. 1.
Advanced Technical Information Technical Information Select Advanced/Technical Information to view technical information about the system, including software version numbers and contact information. As shown in the following screen shots, the technical information differs slightly between the Adit 3000 and MSR. For example, the MSR technical information includes the boot version, memory size, and slot position in the Adit 600 chassis. Adit 3500 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Technical Information Adit MSR 2-62 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Technical Information Configuration File The Configuration File button on the Technical Information window displays the current configuration file for the system. The configuration file can be saved, modified, and reloaded, if necessary. This feature can simplify the process of modifying one or more variables of a configuration and loading it onto the original or other Adits.
Advanced Upgrade From a Local Computer Upgrade From a Local Computer This feature allows the user to easily upgrade the Adit software. Upgrading the Software 1. Select Advanced/ Upgrade From a Local Computer. 2. Select the Browse button and select the upgrade file (example: adit3000_1_6.rmt). 3. Select OK to download the file. 4. If the download was successful, select OK to upgrade the system. 2-64 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Users Users Use this feature to view, add, edit, and delete users on the device, and to configure e-mail notification. NOTE: Do not add more that 25 users to the system. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Users Adding a User 1. Select Advanced/ Users. 2. Select New User and enter the following General information: Field Definition General Full Name The user’s full name. User Name The name this user will enter (as user name) to access this network. New Password The password for this user. Retype New Password Retype password to confirm. Permissions Administrator Privileges - Full access to system. Operator Privileges - Access to all but user management.
Advanced Users Editing a User 1. Select Advanced/ Users. 2. Select the Action/Edit icon of an existing User. 3. Modify fields as needed. 4. Select the OK button to save. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced Users Configuring E-mail Notification for Users The e-mail notification feature allows users to receive e-mail notification of system events of a defined type or severity. 1. Select Advanced/ Users. 2. If you have not already done so, configure the Outgoing Mail Server. Select Configure Mail Server, which opens the System Settings window. See System Settings on page 2-57 for information on setting the Mail Server. 3. Enter the user’s e-mail address in the Address field. 4.
Advanced VLAN Configuration VLAN Configuration The Virtual Local Area Network (VLAN) feature provides a way to logically group network devices that are in a Wide Area Network (WAN) and enable them to communicate as if they were in a Local Area Network (LAN). This is a broadcast domain where the members of the domain can be on multiple physical LAN segments. Creating a VLAN segment requires a VLAN aware switch. The switch can be configured to create different VLAN segments.
Advanced VLAN Configuration Configuring a VLAN 1. Select Advanced/ VLAN Configuration. 2. Select Enable VLAN (dot1q) Tagging in all Ports. 3. Select New Entry. 2-70 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced VLAN Configuration 4. Enter a VID (VLAN ID number) for the VLAN. Range is 2-4094. 5. Set the Priority level, if needed. Range is 7-0. 6. Select the VLAN Members (Ethernet or VoIP) of this VLAN by checking the associated box. Each port can be a member of up to 4 VLANs. Ports are identified as {port-number}-{subinterface}. 7. Select OK. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced VLAN Configuration Configuring the VLAN Port Setting 1. Select Advanced/ VLAN Configuration. 2. Select the VLAN port to configure. 2-72 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Advanced VLAN Configuration 3. Configure the port as needed. Field Definition Enable VLAN (dot1q) tagging This checkbox enables VLAN tagging on this port. Default is disabled (unchecked). Enable VLAN protocol filtering This checkbox enables frame filtering on this port. Default is disabled (the frame will go through the normal forwarding/bridging process). PVID Port VLAN ID. Priority VLAN priority setting. Range is 0-7 (0-2 = low, 3-6 = medium, 7 = high) 4. Select OK to save changes.
Advanced VLAN Configuration 2-74 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
CHAPTER 3 Network Connections In this Chapter Overview - Adit 3000 Connections - Adit MSR Connections Preconfigured Connections - Ethernet 1 Ethernet 2 Serial 1 (Adit 3000 Only) T1 1 - T1 4 (Adit 3000 Only) Connections that Require Configuration - Multilink - Serial (PPPoDS0) New Connection - Point-to-Point Protocol over DS0 (Serial) Multilink Point-to-Point Protocol over DS0 (Multilink) Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling Protocol Server (PPTP Server) Layer Two Tunneling
Network Connections Overview Overview The Network Connection window allows the user to create and configure network connections. For the Adit 3000, the basic connections for the system are preconfigured. For the Adit MSR, only the Ethernet connections are preconfigured. Additional connections can be set up with the New Connection option. Adit 3000 Connections When the Adit 3000 boots up, it detects the number of T1s on the configured system and creates the appropriate T1, Ethernet, and Serial connections.
Network Connections Overview Adit MSR Connections The MSR provides the following connections: LCC 1-8 – Link Cross-Connects (LCCs) are resources that can be cross-connected to Adit 600 resources. There are three user-configurable types of LCCs: - Data - Data-typed LCCs are used for PPP or MLPPP WAN links between the MSR card and any available Adit 600 WAN destination, such as T1 lines or WAN-capable cards.
Network Connections Overview 3-4 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections Preconfigured Connections Preconfigured Connections The following connections that may be preconfigured on the system. Note: When the system is set back to its default settings, these connections will all be reset to this original configuration. Ethernet 1 Ethernet 2 Serial 1 (Adit 3000 Only) T1 1 - T1 4 (Adit 3000 Only) Ethernet 1 NOTE: For the MSR, DHCP is disabled by default. For the Adit 3000, Ethernet 1 is automatically configured as the DHCP server.
Network Connections Preconfigured Connections Configuring Ethernet 1 To change the configuration of Ethernet 1, select the Settings button and modify the settings as necessary. Select Apply when finished. The following are the field definitions for the Ethernet 1 settings: Field Definition General Device Name Displays the device name. Status Displays the current status (Disabled, Connected, ...) Schedule Availability Defines when the LAN is available. The default is Always.
Network Connections Preconfigured Connections Field Definition (Continued) IP Address Distribution (This name is a link to the Advanced/IP Address Distribution (DHCP) window.) Disabled Disables this feature. DHCP Server Configures DHCP Server. Start IP Address - Client address pool starting address End IP Address - Client address pool ending address Subnet Mask - Subnet mask of the Start/End IP address listed above. WINS Server IP Address - Windows Internet Name Service Server IP address.
Network Connections Preconfigured Connections Configuring DHCP Options To configure DHCP options: 1. From the Configure Ethernet 1 window, select DHCP Server for IP Address Distribution. 2. Select the DHCP Options field. 3. Select New Entry. 4. At the DHCP Option Number pulldown field, select one of the following: 66, TFTP Server Name 67, Boot File Name 5. On the Data field enter the IP address or host name. 6. Select OK. The information appears in the DHCP Options table. 3-8 Adit 3000 (Rel. 1.
Network Connections Preconfigured Connections Ethernet 2 The Ethernet 2 Properties window displays the current settings of the connection. This connection is set up as a default, and can be enabled or disabled, but cannot be deleted. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections Preconfigured Connections Configuring Ethernet 2 To change the configuration of Ethernet 2, select the Settings button and modify the settings as necessary. Select Apply when finished. The following are the field definitions for the Ethernet 2 settings: Field Definition General Device Name Displays the device name. Status Displays the current status (Disabled, Connected, ...). Schedule Availability Defines when the WAN is available. The default is Always.
Network Connections Preconfigured Connections Field Definition (Continued) IP Address Distribution (This name is a link to the IP Address Distribution (DHCP) window.) Disabled Disables address distribution. Default. DHCP Server Configures DHCP Server. Start IP Address - Starting address of the client address pool End IP Address - Ending address of the client address pool Subnet Mask - Subnet mask of the Start/End IP address listed above.
Network Connections Preconfigured Connections Serial 1 (Adit 3000 Only) The Serial 1 (PPPoDS0) Properties window will display the current settings of the connection., and can be enabled, disabled, deleted or modified from this window. This is a preconfigured connection on the Adit 3000, however, this is the only preconfigured connection that can be deleted and a new Serial 1 connection can be created based on a different T1.
Network Connections Preconfigured Connections T1 1 - T1 4 (Adit 3000 Only) There can be up to four preconfigured T1 connections on the Adit 3000. To view/modify the configuration, click on the T1 n name on the Network Connections window. This will open the T1 Properties window, which displays the basic information on the T1.
Network Connections Preconfigured Connections Configuring a T1 (1-4) The Configure T1 n (1-4) window displays all of the T1 configuration parameters and the default settings for each. To configure a T1, select the Settings button, the Configuration window will display. Field definitions for this window are as follows: Field Definition General Device Name Displays the device name (t1-n). Status Displays the current status. Schedule Availability Defines when the T1 is available.
Network Connections Preconfigured Connections Field Definition (Continued) Threshold Settings Daily (default) 15 Minute (default) Bursty Errored Seconds Defect Threshold (BES) Default is 0. Range is 0 - 86400 Default is 0. Range is 0 - 900 Controller Slip Seconds Defect Threshold (CSS) Default is 0. Range is 0 - 86400 Default is 0. Range is 0 - 900 Degraded Minutes Threshold (DM) Default is 0. Range is 0 - 1440 Default is 0. Range is 0 - 15 Errored Seconds Defect Threshold (ES) Default is 0.
Network Connections Connections that Require Configuration Connections that Require Configuration The following connection types must be configured using the New Connection selection. Multilink Serial (PPPoDS0) NOTE: For the Adit 3000, you must first deleted the pre-configured Serial 1 connection before adding either of these connection types. (For the MSR, there is no pre-configured Serial 1 connection.) 3-16 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections Connections that Require Configuration Multilink The Multilink Properties window displays the settings of a Multilink PPP over DS0 connection configured with the New Connection option. (See New Connection on page 3-27.) Once the connection is configured, you can select the connection to view its properties, modify its settings, or disable/enable it. A sample Multilink Properties window for the Adit MSR is shown below. Note that the Underlying Devices are LCCs.
Network Connections Connections that Require Configuration 3-18 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections Connections that Require Configuration The following are field definitions for the Configure Multilink 1 window: Field Definition General Device Name Displays the device name. Status Displays the current status. Schedule Availability Defines when the WAN is available. The default is Always. To create a Schedule Availability rule, click New. Network Defines the network type: WAN - Wide Area Network (Default).
Network Connections Connections that Require Configuration Field Definition (Continued) Internet Protocol Unnumbered Treat this as an un-numbered interface, as per RFC 1812. Obtain an IP Address Automatically Sets the WAN to use DHCP to obtain an IP address. Override Subnet Mask - Set mask, override any previous setting. Use the Following IP Address IP Address - Sets the IP Address Override Subnet Mask - Set mask, override any previous setting.
Network Connections Connections that Require Configuration Serial (PPPoDS0) The Serial Properties window displays the settings of a Serial PPP over DS0 connection. For the MSR, this connection must be configured with the New Connection option. (See New Connection on page 3-27.) For the Adit 3000, Serial 1 is a preconfigure connection. You can select the connection to view its properties, modify its settings, or disable/enable it. A sample Serial Properties window for the Adit MSR is shown below.
Network Connections Connections that Require Configuration 3-22 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections Connections that Require Configuration The following are field definitions for the Configure Serial 1 window: Field General Definition Device Name Displays the device name. Status Displays the current status. Schedule Availability Defines when the WAN is available. The default is Always. To create a Schedule Availability rule, click New. Network Defines the type of network: WAN - Wide Area Network (Default).
Network Connections Connections that Require Configuration Field Definition (Continued) DNS Static Entries (This name is a link to the Advanced/DNS Static Entries window.) Obtain DNS Server Address Automatically Sets the interface to obtain a DNS Server address. Use the Following DNS Server Address Sets the DNS Server Address. Primary DNS Server - Enter the specific DNS server address to use. Secondary DNS Server - Enter a secondary DNS server address to use.
Network Connections Connections that Require Configuration Underlying Device - High Speed Serial Configuration (Adit 3000 Only) To configure the individual channels in the Serial 1 (PPPoT1) or Multilink connection, select the T1 name listed in the Underlying Device field. The High Speed Serial Configuration window is shown on the following page. Use this window to set the channel assignments. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections Connections that Require Configuration Field Assignment 3-26 Definition Data - Sets the channel type to Data. Unassigned - Puts the channel out-of-service (down). Default. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections New Connection New Connection There are a variety of options for creating a New Connection. The following sections walk through each option.
Network Connections New Connection New Connection Window 3-28 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections New Connection Point-to-Point Protocol over DS0 (Serial) PPPoDS0 (Serial) creates a connection to the Internet using a PPP tunnel over HDLC. This configuration creates a Serial 1 connection listed on the Network Connections table. This connection can be enabled, disabled, modified, and deleted. NOTE: For the Adit MSR, cross-connects from Adit 600 resources (T1 lines or WAN-capable cards) must be made before setting up the WAN link.
Network Connections New Connection 5. Select Next >. 6. The Connection Summary window displays the current configuration. Select 3Finish if information is correct. Select < Back to modify the configuration. Select X Cancel to stop this setup and return to the Network Connections window. 3-30 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections New Connection 7. The new Serial connection appears on the Network Connections window. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections New Connection Multilink Point-to-Point Protocol over DS0 (Multilink) Multilink creates a connection to the Internet using a MLPPP tunnel over HDLC. This configuration creates a Multilink 1 connection listed on the Network Connections table. This connection can be enabled, disabled, modified, and deleted. NOTE: For the Adit MSR, cross-connects from Adit 600 resources (T1 lines or WAN-capable cards) must be made before setting up the WAN link.
Network Connections New Connection 5. Select Next >. 6. The Connection Summary window displays the current configuration. Select 3Finish if information is correct. Select < Back to modify the configuration. Select X Cancel to stop this setup and return to the Network Connections window. 7. The new Multilink connection appears on the Network Connections window. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections New Connection Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling Protocol enables secure transfer of data to another location over the Internet. 1. Select Network Connections/New Connection. 2. Select Point-to-Point Tunneling Protocol (PPTP), then select Next >. 3. Configure the Client Connection Properties: Field Host Name or IP Address of Destination Login User Name Login Password Definition Enter the Remote Server Host Name or IP Address.
Network Connections New Connection Point-to-Point Tunneling Protocol Server (PPTP Server) PPTP Server enables Virtual Private Network (VPN) connections to your home network from other locations. 1. Select Network Connections/New Connection. 2. Select Point-to-Point Tunneling Protocol Server (PPTP Server), then select Next >. 3. Add a User by selecting New User. See Adding a User on page 2-66 for more information. 4. Select Next >. 5. The Start and End Remote Address Range are automatically supplied.
Network Connections New Connection 6. Select Next >. 7. Select 3-36 3Finish. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections New Connection Layer Two Tunneling Protocol (L2TP) L2TP enables secure transfer of data to another location over the Internet. 1. Select Network Connections/New Connection. 2. Select Layer Two Tunneling Protocol (L2TP), then select Next >. 3. Configure the L2TP client connection properties: Field Host Name or IP Address of Destination Shared Secret Use IPSec Login User Name Login Password Definition Enter the Remote Server Host Name or IP Address.
Network Connections New Connection Internet Protocol Security (IPSec) IPSec enables secure transfer of data to another location over the Internet, using private and public keys for encryption, and digital certificates for authentication. 1. Select Network Connections/New Connection. 2. Select Internet Protocol Security (IPSec), then select Next >. Note: There are multiple options at each window. The displays vary depending on selections made on the previous window. 3.
Network Connections New Connection 4. Select the Remote Address and Subnet types, and select Next >. Note: The following example assumes a selection of Network-to-Network/Remote Gateway Address and Remote Subnet. This example displays the most options. 5. Configure the IPSec connection properties: Field Remote Tunnel Endpoint Address Remote Subnet Shared Secret Definition Enter the Remote Server IP Address.
Network Connections OSPF Configuration on the Network Connection OSPF Configuration on the Network Connection OSPF can be set as the routing protocol on the following network connections: Ethernet 1 Ethernet 2 Serial Multilink NOTE: The following example uses the Ethernet 1 network connection. Configuration is the same for the Ethernet 2, Serial 1, and Multilink connections. To configure OSPF on a network connection: 1.
Network Connections OSPF Configuration on the Network Connection 3. At the Configure Ethernet 1 window, select OSPF from the Routing Protocols pulldown menu. Click on the OSPF Configuration link under the pulldown menu. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections OSPF Configuration on the Network Connection 4. Set the OSPF interface parameters as needed: Field Definition Interface Authentication Interface Authentication Type None - Set the OSPF Authentication to none. Simple Authentication - Enable Simple Authentication on the OSPF Interface. Authentication Password - Enter password with a maximum 8 characters. Message-Digest - Enable Message-Digest Authentication on the OSPF Interface.
Network Connections OSPF Configuration on the Network Connection Interface Cost Defines the cost of sending a packet on this interface. Range is 1-65535, with a default of 0. Interface Priority Defines the router priority, which determines the designated router for this network. Enter an ID for this key. Range is 1-255, with a default of 1. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Network Connections OSPF Configuration on the Network Connection 3-44 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
CHAPTER 4 Security In this Chapter Overview General Access Control Local Servers DMZ Host Port Triggering Remote Administration IP/Hostname Filtering Advanced Filtering NAT Bypass Security Log Firewall Implementation
Security Overview Overview The Adit 3000 and MSR include comprehensive and robust security services: Stateful packet inspection firewall User authentication protocols Password protection mechanisms The firewall provides both the security and flexibility that users seek and is preconfigured to provide optimum security. It supports advanced filtering, designed to allow comprehensive control over the firewall’s behavior.
Security Overview The following sections describe each of the tabs available at the Security window: General Access Control Local Servers DMZ Host Port Triggering Remote Administration IP/Hostname Filtering Advanced Filtering NAT Bypass Security Log In addition, the following section provides firewall implementation details for users who need more indepth information: Firewall Implementation Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security General General Use the General tab to configure the Adit’s basic security settings. The firewall regulates the flow of data between the network and the Internet. Both incoming and outgoing data are inspected and then accepted (allowed to pass through the Adit) or rejected (barred from passing through the Adit) according to a flexible and configurable set of rules.
Security General The important thing to note is that it is the origin of the request, not subsequent responses to this request, that determines whether a session can be established or not. You can choose from among three pre-defined security levels: Minimum, Typical (default setting), and Maximum. The following table defines the behavior of the Adit for each of the three security levels.
Security Access Control Access Control Use the Access Control tab to define a rule to block specific network devices within the network from accessing certain services on the Internet. For example, you might prohibit one computer from surfing the Web, another from transferring files using FTP, or the whole network from receiving incoming emails.
Security Access Control Adding an Access Control Rule To add an access control rule: 1. Select New Entry on the Security/Access Control window to display the Add Access Control Rule window. At this window, you will define what interface to apply the rule to, the time parameters, and the services to be blocked. . . . 2. Select a Network Object from the Applied To pulldown menu (located at the top of the window), or select New to define a new Network Object that will be displayed in the pulldown menu.
Security Access Control 4. Select the service(s) to block. Note: The Service table is used by multiple windows; the standard services and the UserDefined services created on any of these windows will appear here. NOTE: To block a service that is not included in the list, select New User-Defined Service, then define and save the service. See Creating a User-Defined Rule on page 4-10 for more information. Service table is referenced from multiple windows 5. Select OK to save the rule.
Security Access Control Modifying an Access Control Rule Rules can be enabled/disabled by checking/unchecking the rule listed on the Security window. Rules can be modified by selecting the Edit button for the rule and modifying the configuration. Rules can be deleted by selecting the Delete button for the rule. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Access Control Creating a User-Defined Rule 1. At the Add Access Control Rule window, select the New User-Defined Service field. 2. Name the service and give a description, if needed. 3. Select a Server Port from the list, or select New Server Ports to create one. 4-10 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Access Control 4. Configure the Service port protocol: Field Definition Protocol TCP - Transmission Control Protocol. TCP is a transport layer, connection-oriented, end-to-end protocol. It provides reliable, sequenced, and unduplicated delivery of bytes to a remote or local user. Source Ports and Destination Ports: Any - Applies to any port. Single - Enter specific port (range 0 - 65535) Range - Enter Range of ports (range 0 - 65535) UDP - User Datagram Protocol.
Security Access Control Field Definition (Continued) AH - Authentication Header Protocol. A protocol used in IPSec that authenticates a packet IP header and payload (content). If a packet is modified during transmission, the recipient is notified. Other - Covers protocols not listed above. This option requires a Protocol Number to be entered. Range is 0- 65535. 5. Select OK to save. The newly created service port is listed in the table. 6. Select OK to save the User-Defined Service.
Security Local Servers Local Servers By default, the Adit blocks all external users from connecting to or communicating with your network. Therefore the system is safe from hackers who may try to intrude on the network and damage it. However, you may need to expose your network to the Internet in certain limited and controlled ways to enable some applications to work from the LAN and to establish servers in the network. The Local Servers feature supports both of these functions.
Security Local Servers Additionally, Local Servers enable you to redirect traffic to a port different than the specified port. For example, if you have a web server running on your PC on port 8080, and you want to grant access to this server to anyone who accesses the Adit via HTTP, you can do the following: Define a Local Host for the HTTP service, with the PC’s IP or hostname. Specify 8080 in the Forwarded Port field.
Security Local Servers 2. Enter the local IP address of the computer that will provide the service (server) in the Local Host field. Note: Only one LAN computer an be assigned to provide a specific service or application. 3. Enter a forwarding port in the Forwarded Port field. Range is 0 - 65535. 4. Scheduled Availability - To set this to a setting other that Always, select New and specify the schedule on the Schedule Rule Edit window.
Security Local Servers Modifying a Local Server A Local Server can be enabled/disabled by simply checking/unchecking the server listed on the Security window. A Local Server can be modified by selecting the Edit button for the server and modifying the configuration. A Local Server can be deleted by selecting the Delete button for the server. 4-16 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security DMZ Host DMZ Host The DMZ (Demilitarized Zone) Host feature allows one local computer to be exposed to the Internet. Designate a DMZ host when: Using a special-purpose Internet service, such as a video-conferencing program, that is not present in the Local Servers list and where no port range information is available. You are not concerned with security and choose to expose one computer to all services without restriction. The DMZ host is an NAPT function.
Security DMZ Host Designating a Local Computer as a DMZ Host To designate a local computer as a DMZ host, enter the IP address of the computer at the Security/DMZ Host window. You can enable/disable the DMZ host at any time by checking/unchecking the checkbox next to the host. NOTE: Only one LAN computer can be a DMZ host at any time. 4-18 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Port Triggering Port Triggering Port triggering can be used for dynamic port forwarding. By setting port triggering rules, you can allow inbound traffic to arrive at a specific LAN host, using ports different than those used for the outbound traffic. For example, you might access a gaming server on port 2222 using the TCP protocol. The gaming server responds by connecting you using TCP on port 3333 to start the gaming session.
Security Port Triggering Setting up Port Triggering To set up port triggering: 1. Select New Entry on the Security/Port Triggering window. 2. Select a previously defined service under User-Defined Services, or select New User-Defined Service. 4-20 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Port Triggering 3. If creating a New User-Defined Service: a. Enter a Service Name and Service Description. b. Under Server Ports, select a configured port from the list, or create a new port by selecting New Server Ports (see Configure the Service port protocol: on page 4-11). c. Under Opened Ports, select a configured port from the list, or create a new port by selecting New Opened Ports (see Configure the Service port protocol: on page 4-11). Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Port Triggering d. Select OK. The new triggering service is listed in the table. e. Select the checkbox next to the new service, and select OK. The new triggering service is enabled and available for selection. You can enable/disable the service at any time by selecting/un-selecting the checkbox. 4. Select OK. 4-22 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Remote Administration Remote Administration It is possible to access and control the Adit not only from within the network, but also from the Internet. This allows you to view or change settings while traveling. It also enables your ISP to change settings or help you troubleshoot functionality or communication issues from a remote location. Remote access is blocked by default to ensure the security of your network.
Security Remote Administration Configuring Remote Administration To configure remote access to Adit administration services: 1. Select Security/Remote Administration. 2. Select the services that you would like to make available to computers on the Internet. By default, all fields are unselected (disabling all remote services): Field Definition Allow Incoming Access to the Telnet Server Grants command-line access to the Adit.
Security IP/Hostname Filtering IP/Hostname Filtering You can configure the Adit to block specific IP addresses or hostnames so that they can not be accessed from computers in the network. Moreover, restrictions can be applied to a comprehensive automatically updated list of sites to which access is not recommended. The IP/Hostname Filtering window displays a list of all restricted IP addresses or hostnames. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security IP/Hostname Filtering Adding an Address/Hostname to the Restricted List To add a restricted IP address or hostname: 1. Select New Entry on the Security/ IP/Hostname Filtering window. 2. Enter an IP Address or Hostname. 3. Applied To - To set this to a setting other than Entire LAN, select New and define a set of Network Objects that will be restricted. For information on configuring a Network Object, see Network Objects on page 2-34. 4.
Security IP/Hostname Filtering 5. Select OK to add the Address to the Restricted list. 6. If the site is successfully located, the Status on the IP/Hostname Filtering window will transition from Resolving... to Active. Restricted access to the site can be enabled/disabled at any time with the checkbox next to the address/hostname. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Advanced Filtering Advanced Filtering Advanced filtering is designed to allow comprehensive control over the firewall’s behavior. You can define specific input and output rules, control the order of logically similar sets of rules, and make a distinction between rules that apply to WAN and LAN network devices.
Security Advanced Filtering Adding an Advanced Filtering Rule To add a new advanced filtering rule: 1. Select Security/ Advanced Filtering. 2. Select the rule set to modify (for example, in the Input Rule Sets, select Initial Rules). 3. On the Configure Initial Rules window, select New Entry. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Advanced Filtering 4. On the Add Advanced Filter window, define the filter (see field definitions below). Service table is referenced from multiple windows 4-30 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Advanced Filtering Field Definition Matching - Use this section to define the rule’s conditions. Source IP Address The Source IP address of packets sent or received from the LAN computer. This entry is mandatory when defining a rule. Any - Apply this rule to any Source IP Address. Single - Apply this rule only to this Source IP Address. Range - Apply this rule to the following range of Source IP addresses (enter IP address and subnet mask).
Security Advanced Filtering 5. Select OK to save and enable the rule. The rule is listed in the Configure Initial Rules table. You can disable/enable the rule at any time using the checkbox. 4-32 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security NAT Bypass NAT Bypass The Security/NAT Bypass feature allows network address translation to be bypassed for specific addresses or networks. You can add, modify, and remove NAT bypass rules. The changes take effect immediately. NAT bypass must be set on the WAN network interface. Adding/Modifying a NAT Bypass Rule 1. Select Security/ NAT Bypass. 2. Select the New Entry (or select the edit icon for an existing entry), and enter/modify the network address and mask:.
Security Security Log Security Log The Security Log displays a list of firewall-related events, including attempts to establish inbound and outbound connections, attempts to authenticate at an administrative interface, firewall configuration, and system startup. The following are the events and event types that are automatically recorded in the Security Log: Field Definition Inbound/Outbound Traffic Connection accepted Access request complies with the Firewall’s security policy.
Security Security Log Changing the Security Log Settings To change the settings for the Security Log: 1. Select Security/ Security Log. 2. Select Settings. 3. Modify the settings as necessary (see the following table), then select OK. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Security Security Log Security Log Settings Field Definition Accepted Events Accepted Incoming Connections Sessions originated from the Internet that have been allowed by the firewall. Accepted Outgoing Connections Sessions originated from the network that have been allowed by the firewall. Blocked Events Blocked Connection Attempts Sessions that have been blocked by the firewall. Winnuke Detection of the Winnuke DOS attack.
Security Firewall Implementation Firewall Implementation The Adit provides very powerful NAT and firewall capabilities. This section provides some of the underlying implementation details so that users who are familiar with the low-level action of firewalls will know what behaviors to expect from the Adit. Users who do not need this level of detail can skip this section.
Security Firewall Implementation Routing Mode The routing mode determines whether NAPT (Network Address Port Translation) is applied to sessions that are created through this interface. NAPT When set to NAPT mode, dynamic sessions initiated by hosts in the LAN subnets to hosts reachable through this interface will have NAPT applied to them. For these sessions, the local IP address will be translated to the WAN IP address of the Adit, and the local port will be retained if possible.
Security Firewall Implementation Firewall Processing Sequence This section details the sequence of processing that is used by the firewall when examining packets. This detail can help an experienced user better understand the order of application of each of the various security settings. The order processing is separately described for both inbound processing and outbound processing at an interface that has firewall and/or NAPT enabled.
Security Firewall Implementation Outbound Firewall Processing The following table describes the sequence of examination of packets departing from the interface. This firewall processing is applied after the IP stack and before passing the outbound packet down to the layer 2 driver. If the action for matching packets at a particular step is described as PASS, no further firewall examination is applied and the packet is passed down to the driver.
CHAPTER 5 System Monitoring In this Chapter Overview Connections Traffic System Log T1 Log (Adit 3000 Only) SIP Log PRI Log T1 Performance (Adit 3000 Only) Alarms System
System Monitoring Overview Overview The System Monitoring window displays information that can be used for monitoring and troubleshooting the system. As shown in the following figures, the types of information provided through the System Monitoring window differs between the Adit 3000 and Adit MSR. Adit 3500 5-2 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring Overview Adit MSR Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring Connections Connections The Connections tab displays all the connections, their status, and other information specific to each connection. 5-4 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring Traffic Traffic The Adit is constantly monitoring traffic within the local network and between the local network and the Internet. Select the Traffic tab to view the current statistical information about data received from and transmitted to the Internet (WAN), and about data received from and transmitted to computers in the local network (LAN). Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring System Log System Log The System Log displays a list of the most recent activity that has taken place on the network. 5-6 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring T1 Log (Adit 3000 Only) T1 Log (Adit 3000 Only) The T1 Log displays all T1 related alarms and events for the Adit 3000. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring SIP Log SIP Log The SIP Log displays all SIP related alarms and events. Field 5-8 Definition Enable SIP Logging Use this checkbox to enable (check) or disable (unchecked) SIP logging. SIP Log Size Configure the SIP log size. Range is 1 - 250KB, with a default of 250KB. Buffer Fill Method Define the method of loading the buffer. Circular Buffer - the buffer will store a continuous stream of data by starting again at the beginning of the buffer after reaching the end. Default.
System Monitoring PRI Log PRI Log The PRI Log displays all PRI related alarms and events. Field Definition Enable PRI Logging Use this checkbox to enable (check) or disable (unchecked) PRI logging. PRI Log Size Configure the PRI log size. Range is 1 - 50KB, with a default of 50KB. Buffer Fill Method Define the method of loading the buffer. Circular Buffer - the buffer will store a continuous stream of data by starting again at the beginning of the buffer after reaching the end. Default.
System Monitoring T1 Performance (Adit 3000 Only) T1 Performance (Adit 3000 Only) The T1 1 through T1 4 Performance tabs display the performance statistics for each of the Adit 3000’s T1s. 5-10 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring Alarms Alarms The Alarms tab displays the system alarms, their severity, and the time at which each event occured. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
System Monitoring System System The System tab displays the amount of time that has passed since the system was last started or reset. 5-12 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
CHAPTER 6 Voice Over IP NOTE: This feature is not available on the Adit 3200.
Voice over IP Overview Overview The VoIP feature allows you to connect multiple phones over a single broadband connection, providing the benefits and quality of digital voice. The Adit enables you to place and receive calls over the Internet using a standard telephone set connected to the Adit. WARNING! ANY CHANGES TO THE VOIP SETTINGS WILL RESTART THE VOIP TASK AND WILL CAUSE ANY ACTIVE CALLS TO BE DROPPED. 6-2 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP IP Telephony IP Telephony Use the IP Telephony tab to configure VoIP dialing parameters, signaling protocols, and codecs. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP IP Telephony Field Definition Dialing Parameters Dialing Timeout Determines how long the system will wait for the next dialed digit before stopping digit-collection. If a digit has been dialed and the number of seconds entered in this field expire, that will be the last digit in the dialed number. Default is 5 seconds. Phone Number Size Defines the maximum number of digits in a phone number, range is 324.
Voice over IP IP Telephony Field Definition (Continued) Proxy Servers Proxy Type This drop-down menu allows users to select the proxy type: Generic BroadSoft (Info) Sylantro Lucent (Info) Route Direct Phone Entries in Phone book through Proxy Select the checkbox to enable. Enabled/Disable Enable or disable the features listed below. Use SIP Proxy Select to enable, and enter the IP/DNS address of the SIP Proxy. Port Enter SIP Proxy port where SIP requests are to be sent.
Voice over IP IP Telephony Configuring the Digit Map The Digit Map is used to define phone-specific dialing behavior. A dial plan allows the phone to identify that an entered number is complete and the call should be initiated. If the phone digit map is not defined properly, a (SIP) call may be initiated before the user is done dialing. To configure the digit map: 1. Select Voice over IP. 2. Select the IP Telephony tab. 3. Select FXS Digit Map. 6-6 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP IP Telephony 4. Select New Entry to create a new Digit Map pattern, or select the Edit icon to modify an existing one. 5. Enter the new digit map pattern and select OK. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP IP Telephony Digit Map Pattern A Digit Map Pattern consists of a sequence of one or more of the following character or string elements: Character/String Definition digit 1-9 special keypad character *, #, a, b, c or d wildcard digit x or ? (which represents any numerical digit) super wildcard .
Voice over IP IP Telephony Advanced (Button) The Advanced button at the bottom of the IP Telephony window opens a window for configuring the Advanced VoIP (SIP) settings. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP IP Telephony Field Definition SIP Interop Calling Feature Mode Determines where the intelligence for the calling features will lie, offering a choice between server-based (Info) and device-based (local) features. Info - This selection is used with BroadSoft 11.1 Info Mode Proxy. Note: On a BroadSoft server, the Adit must be configured as “Generic SIP Standard (Proxy Address)”. Local - Default. Privacy Mode None - Disables the Privacy Mode. Default.
Voice over IP IP Telephony Field Definition (Continued) FXS Signaling Calling Party Disconnect (CPD) Duration Allows the user to configure the disconnect timeout for individual lines. Range is 500 - 3000. Default is 900. Features Sylantro Centralized Conferencing Enables the “Centralized Three-Way Calling” feature with the Sylantro application server. This provides the means for an FXS telephone user to place an existing SIP call on hold, dial a second SIP call, then connect all 3 parties together.
Voice over IP IP Telephony Redundancy (Button) The Redundancy button at the bottom of the IP Telephony window opens a window for configuring VoIP proxy redundancy. Note: This window is modified upon selection of the Global Redundancy Configuration field. 6-12 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP IP Telephony When the primary proxy is not reachable or returns an error, the system initiates a rollover (the next server in the list is used, until a working server replies). When the last server in the list fails, the rollover is considered a rollback. The route advance timeout will not take effect for 30 seconds and retransmission timers will take precedence. After 30 seconds, the primary proxy (first in the list) will be treated as active again.
Voice over IP Phone Settings Phone Settings Use the Phone Settings tab to configure each line for VoIP. NOTE: When connecting analog lines to the PBX, impedance settings can be used to match impedance between the analog interfaces. Consult the PBX, Key System, or connecting equipment manual. Adit 3500 6-14 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Phone Settings Adit MSR NOTE: To display all available lines on the MSR, select Display All Lines. To display only cross-connected lines, select Display Cross Connect Lines. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Phone Settings Configuring Phone Settings 1. Select the Phone Settings tab on the Voice over IP window. 2. Select the Action icon for the line to configure. 3. Set the Line Settings as desired. See the following table for field definitions. 6-16 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Phone Settings Field Identification Definition Begin Line Number Displays the line number that was selected to edit. End Line Number Specifying a line number here allows a user to define a range to apply the settings to. Settings will be applied to all the lines between “begin line number” and “end line number”. User ID Display/Edit the current User ID. Note: A maximum of 20 characters is allowed. Cross Connect Name This field appears for the MSR only.
Voice over IP Phone Settings Field Signaling Definition (Continued) Protocol Select the analog signaling mechanism: Loop Start - Sets the line to Loop Start signaling. Ground Start - Sets the line to Ground Start signaling. Note: For the MSR, this field is not selectable. The setting is based on the cross-connect type info. Calling Party Disconnect (CPD) Enables/disables Calling Party Disconnect capability for this line.
Voice over IP Phone Book Phone Book Use the Phone Book tab to define the Speed Dial settings. You can define a maximum of 50 entries. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Phone Book Configuring Phone Book Settings 1. Select Voice over IP/Phone Book tab. 2. Select New Entry. Note: This window modifies as the Destination field is changed. See the following table for field definitions. 6-20 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Phone Book Field Definition Phone Book Enter the Speed Dial number. Range is 3-10 digits. This is the number that needs to be dialed to get to this entry. Digits allowed 0-9, #, *, ?, $. Destination Phone destination is used to identify the destination of the incoming phone call. The options below are selected from the pulldown menu. Proxy Will send INVITE to defined SIP Proxy from IP Telephony tab. Callsetup information is routed through the proxy.
Voice over IP Line Monitoring Line Monitoring The Line Monitoring tab displays current information for each line. Adit 3500 6-22 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Line Monitoring Adit MSR Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Line Monitoring The following table defines the fields displayed in the Line Monitoring window: Field 6-24 Definition Registration Address Adit WAN IP address. Blank if a proxy has not been selected. SIP Proxy Indicates if SIP proxy is selected or not. Line Specific FXS line. User ID Displays the User ID. Phone Status Displays the Phone status - Idle, dialing in progress, ringing, call in progress, etc. Registration Status Displays registration status - Registered or failed.
Voice over IP Trunk Settings Trunk Settings NOTE: The Trunk Settings tab is only available on the Adit 3500 and Adit MSR. Use the Trunk Settings tab to configure settings for the trunk. Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Trunk Settings Configuring Trunk Settings To configure the trunk: 1. Select the Voice Over IP/Trunk Settings tab. 2. Select the Trunk. The Trunk Settings window appears. See the following table for field definitions. 6-26 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Trunk Settings Field Definition General Connection Adit 3500: Connections are T1 #1 through T1 #4. Select the checkbox for the T1 to apply the trunk settings to. Note: A red X indicates that the T1 is not available. Adit MSR: Connections are LCC #1 through LCC #8. Select the checkbox for the LCC to apply the trunk settings to. Note: A red X indicates that the LCC is not available.
Voice over IP Trunk Settings Field Definition (Continued) Identification Trunk ID Display/edit the Trunk ID. A default ID is assigned. The Trunk ID can have up to 20 characters. Description Display/edit a Trunk Description. By default they are named Trunk n. Packet Processing Codec Pref1 Codec Pref2 Codec Pref3 Define the preference order of the Codecs. G.711u - G.711 mu-law G.711A - G.711 A-law G.729A - G.729 A-law None Fax Mode None - A Fax call will be treated as a normal voice call. Default.
Voice over IP Trunk Settings Field Definition (Continued) Digit Map Per Trunk Digit Map Disabled - Use the phone book, maximum digits, or dialing timeout to determine end of dialing. Default. Default Digit Map - Pass dialed number as a complete number for routing to the phone book, or to the proxy if there are no9 phone book entries. Custom Digit Map - Process as for the default digit map. Note: The field name is a link to the Digit Map configuration window. See Configuring the Digit Map on page 6-6.
Voice over IP Trunk Settings Channel Configuration The Channel Configuration window displays the communication assignment for each channel in the trunk. For the Adit 3500, you can change the channel assignments at this window. For the Adit MSR, the assignments are fixed. To view the Channel Configuration window, select one of the connections listed in the Connection field on the the Voice Over IP/Trunk Settings tab. (Adit 3500 shown below.) 6-30 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Trunk Settings Field Assignment Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI Definition in-out - Allows comminution in both directions. Default. in - Allows communication in the IN direction only. out - Allows communication in the OUT direction only. unassigned - Puts the channel out-of-service (down).
Voice over IP Trunk Monitoring Trunk Monitoring NOTE: The Trunk Monitoring tab is only available on the Adit 3500 and Adit MSR. The Trunk Monitoring window displays current status and statistics for trunk channels. Adit 3500 6-32 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Trunk Monitoring Adit MSR Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Trunk Monitoring The following table defines the fields displayed in the Trunk Monitoring window: Field Definition PRI Interface - For each PRI interface the following is displayed: 6-34 LapdStatus The operational status of the LAPD (Link Access Procedure on the D channel) status. (Inactive, Layer1Active, Layer2Active. Sabme The number of peer SABME (Asynchronous Balanced Mode Extended) frames received on this interface.
Voice over IP Trunk Registration Trunk Registration NOTE: The Trunk Registration tab is only available on the Adit 3500 and Adit MSR. The Trunk Registration tab displays all configured PBX phone lines. Field Definition Trunk Group Phone Registration Enable/disable the trunk group phone registration feature. Line Displays the line number. The checkbox allows this line to be disabled (unchecked) without having to delete the configuration. Number Displays the defined phone number.
Voice over IP Trunk Registration Adding a PBX Phone Line To add a new PBX phone line: 1. Select New Entry from the Voice Over IP/Trunk Registration window. 6-36 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Voice over IP Trunk Registration 2. Enter the PBX line information. See the following table for field definitions. Field Definition Fast Configuration First Phone Number Index Enter an index number for the phone number. If a number entered is already listed, it will be overwritten. If the number is left at "0" then the next available index number will be selected. First Phone Number Enter a PBX phone number for this line.
Voice over IP Trunk Registration 3. Select OK to enter the number and return to the Trunk Registration window. 6-38 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
GLOSSARY Glossary AMI Automatic Mark Inversion ARP Address Resolution Protocol B8ZS Bipolar with 8 Zero Substitution BIT Binary Digit BPS Bits Per Second BPV Bipolar Violation CA Certificate Authority CAS Channel Associated Signaling CCS Common Channel Signaling CHAP Challenge Handshake Authentication Protocol CID Caller ID CIDR Classless Inter-Domain Routing CLASS Custom Local Area Signaling Service CLEI Common Language Equipment Identification CLI Command Line Interface CO C
Glossary DLC Digital Loop Carrier DLCI Data Link Connection Identifier DMZ Demilitarized Zone DNS Domain Naming System DS0 Digital Signal Level Zero (64 kbps) (1 voice channel) DS1 Digital Signal Level 1 (1.
Glossary MPPE Microsoft Point-to-Point Encryption MS-CHAP Microsoft CHAP MVEC Majority Vote Error Correction NAT Network Address Translation NCS Network-based Call Signaling NEBS Network Equipment Building Standards NRZ Non-Return to Zero NSE Named Service Event NTP Network Time Protocol OSPF Open Shortest Path First PAP Password Authentication Protocol PHY Physical specifications POTS Plain Old Telephone Service PPP Point-to-Point Protocol PRI Primary Rate Interface PVC Perm
Glossary UAS User Agent Server VC Virtual Channel VLAN Virtual Local Area Network VPN Virtual Private Network WAN Wide Area Network WINS Windows Internet Naming Service Glossary-4 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
Glossary 10Base-T The most widely installed Ethernet local area networks (LANs) use ordinary telephone twisted-pair wire. When used on Ethernet, this carrier medium is known at 10BASE-T. 10BASE-T supports Ethernet’s 10 Mbps transmission speed. 100Base-TX Also called “Fast Ethernet”, it is a 100 Mbps version of Ethernet. 100Base-T transmits at 100 Mbps rather than 10 Mbps. Like regular Ethernet, Fast Ethernet is a shared media LAN. All nodes share the 100 Mbps bandwidth.
Glossary Central Office (CO) Where telephone companies terminate customer lines and locate switching equipment to interconnect those lines with other networks. channel A generic term for a communications path on a given medium; multiplexing techniques allow providers to put multiple channels over a single medium. Channel Associated Signaling (CAS) Carrying signaling information within the data channels of a T1 line (in band) rather than on a separate control channel.
Glossary Electro-magnetic Interference (EMI) Equipment used in high speed data systems, including ATM, that generate and transmit many signals in the radio frequency portion of the electromagnetic spectrum. Interference to other equipment or radio services may result if sufficient power from these signals escape the equipment enclosures or transmission media. National and international regulatory agencies (FCC, CISPR, etc.) set limits for these emissions.
Glossary gateway An entrance and exit into a communications network Graphical User Interface (GUI) GUI, pronounced “GOOEY”. A set of screen presentations and metaphors that utilize graphic elements such as icons in an attempt to make an operating system easier to use. ground A physical connection to the earth or other reference point.
Glossary Local Area Network (LAN) A short distance data communications network (typically within a building or campus) used to link together computers and peripheral devices under some form of standard control. Line Build Out (LBO) T1s require the last span to lose 15 - 22.5 dB, a selectable output attenuation is generally required of DTE equipment. Line Coding Violation (LCV) This parameter is a count of both BPVs and EXZs occurring over the accumulation period.
Glossary Multilink PPP (MLPPP) MultiLink PPP. An extension to the point-to-point protocol that enables two channels to be linked together to double the throughput. It is used for ISDN transmission and channel bonding Microsoft Point-to-Point Encryption (MPPE) A 128-bit key or 40-bit key encryption algorithm using RSA RC4. MPPE provides for packet confidentiality between the remote access client and the remote access or tunnel server and is useful where IP security (IPSec) is not available.
Glossary PHY PHY as in physical specifications. OSI Physical Layer, which provides for transmission of cells over a physical medium connecting two ATM devices. ping Packet InterNet Grouper. PING is a program used to test whether a particular network destination on the Internet is online (i.e. working) by repeatedly bouncing a "signal" off a specified address and seeing how long that signal takes to complete the round trip. No return signal - site is down or unreachable.
Glossary Router Information Protocol (RIP) RIP is based on distance vector algorithms that measure the shortest path between two points on a network, based on the addresses of the originating and destination devices. The shortest path is determined by the number of hops between those points.
Glossary ticks The distance between two networks, measured in time increments. Ticks may be used to designate primary and secondary routes to the same network. traffic The load of packets carried by a network or portion of a network. Heavy traffic slows down the response time of the individual packets. trunk A communication line between two switching systems. tunneling To provide a secure, temporary path over the Internet. User Agent Client (UAC) One of the two types of User Agents in SIP.
Glossary Glossary-14 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.
INDEX Index A D Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6 Action icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5 add a user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-66 Advanced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-25, 2-1 ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Index Redundancy button . . . . . . . . . . . . . . . . . . . . . . . . 6-12 IP Telephony tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3 IP/Hostname Filtering . . . . . . . . . . . . . . . . . . . . . . . . 4-25 IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-28, 3-38 K Key Management . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-30 L L2TP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-37 LAN . . . . . . . . . . . . . . . .
Index S U Scheduler Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-52 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-22, 4-1 Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6 Advanced Filtering . . . . . . . . . . . . . . . . . . . . . . . . 4-28 DMZ Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37 General tab . . . . . . . . . . .
Index Remote Administration . . . . . . . . . . . . . . . . . . . . . Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Restore Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Scheduler Rules . . . . . . . . . . . . . . . . . . . . . . . . . . Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Simple Network Management Protocol . . . . . . . . System Monitoring . . . . .
