MA30120 User Guide
User Guide MultiAccess Communications Server MultiAccess S000255D Revision D All rights reserved. This publication may not be reproduced, in whole or in part, without prior expressed written permission from Multi-Tech Systems, Inc. Copyright © 2006 by Multi-Tech Systems, Inc. Multi-Tech Systems, Inc. makes no representations or warranty with respect to the contents hereof and specifically disclaims any implied warranties of merchantability or fitness for any particular purpose.
Contents Chapter 1 - Introduction and Description .................................................................................5 WAN Communications ..........................................................................................................5 Management..........................................................................................................................5 Remote Access ........................................................................................................
“AT” Commands Accepted with No Effect .........................................................................147 S-Registers........................................................................................................................148 Advanced MultiAccess Modem Commands ......................................................................152 Application Notes...............................................................................................................
Chapter 1 – Introduction and Description Chapter 1 - Introduction and Description Welcome to Multi-Tech’s new MultiAccess Communications Server, Model MultiAccess. The MultiAccess Communications Server is a high-performance digital remote access solution for Enterprise LANs and Intranets or Internet service providers. MultiAccess is a V.
Chapter 1 – Introduction and Description Features • • • • • • • • • • • • • • Compact design that supports up to four channelized T1 and/or IDSN PRI interfaces per rack unit Dial-in scalability for up to 96/120 users Terminates both analog and digital (ISDN) calls Client authentication provided through industry standard Radius® V.92 modem-on-hold V.92 quick connect V.44 data compression 10/100 Mb Ethernet Lan/Wan connectivity Simultaneous V.
Chapter 1 – Introduction and Description Front Panel The front panel has 16 front panel LEDs that provide operating status. The Front Panel Front Panel LED Descriptions LED Description of LAN 1 & 2 LEDs LINK The LINK LED indicates link integrity for the LAN Ethernet port. If the Ethernet link is valid at either 10 Mbps or 100 Mbps, the LINK LED is lit. If the Ethernet link is invalid, the LINK LED is off.
Chapter 1 – Introduction and Description Back Panel The MultiAccess back panel has a fan, a power plug, the POWER Switch (| / O), an RJ-11 phone LINE jack, a DB-9 COM1 jack, a DB-15 High-density DSUB (VIDEO) jack, two USB (Revision 1.1 compliant) jacks, four RJ-45 T1/E1/PRI line jacks, and two Ethernet RJ-45 (Ethernet 1 & Ethernet 2) jacks. The MultiAccess back panel is illustrated and described below.
Chapter 1 – Introduction and Description Typical Application Internet Service Provider (ISP) Application- Only one Ethernet interface on the MultiAccess is used. The IP address of the MultiAccess and the pool of IP addresses for the dial-in users are of the same network and normally are public addresses. The modems of the MultiAccess are configured for RAS usage. PPP clients dial into the system, authenticate, via RADIUS, and establish a LAN to Client PPP session (remote note).
Chapter 1 – Introduction and Description Corporate Application-One or both Ethernet interfaces can be used. When both interfaces are used, they are commonly configured with separate network addresses. The MultiAccess can provide dial-in RAS to one or both networks and provide modem sharing and faxing for network workstations. Workstations on the corporate LAN can be a Comm Port Redirector (e.g., Multi-Tech’s WINMCSI) for accessing MultiAccess’s modems.
Chapter 1 – Introduction and Description Specifications System LAN Ports Server Operating System System Management Security Modem ISDN PRI Channelized T1 Power Physical Description Operating Environment Approvals Processor: 566 MHz Celeron RAM: 256 MB Number of Ports: 2 (LAN 1 and LAN 2 ports) Interface: 2 x 10BaseT/100BaseT (UPT) Format: Ethernet 802.3, 802.
Chapter 2 – Installation Chapter 2 - Installation Safety Warnings • Use this product only with UL- and CUL-listed computers. • To reduce the risk of fire, use only 26 AWG or larger telephone wiring. • Never install telephone wiring during a lightning storm. • Never install a telephone jack in a wet location unless the jack is specifically designed for wet locations. • Never touch uninsulated telephone wires or terminals unless the telephone line has been disconnected at the network interface.
Chapter 2 – Installation Site Planning With proper planning, your MultiAccess system can be installed quickly and in a short time. To implement the suggested planning process, you must: 1. Plan for physical space, environmental, electronic and electrical needs. Identify physical installation site. The environment should be properly ventilated with controlled temperature and humidity. • Good AC power source with proper Earth Ground. • EIA 19” rack, MultiComTower, or standalone installation.
Chapter 2 – Installation Hardware Installation Procedure The MultiAccess is designed to install either on a desktop or in a standard EIA 19“ rack, and is shipped with the mounting hardware to install the MultiAccess in the rack. If installing in a rack, use the provided mounting hardware and follow the rack enclosure manufacturer’s instructions to safely and securely mount the MultiAccess in the rack enclosure. Proceed to the cabling procedure.
Chapter 2 – Installation Starting Your MultiAccess This section covers the steps for connecting a workstation to the MultiAccess, starting up the MultiAccess, opening the MultiAccess Communications Server Web Management program, performing the time zone setup, and using the menu bar to navigate through the Web Management software screens. 1. Set the workstation IP address to 192.168.2.x subnet other than 192.168.2.1 which is the IP address of Ethernet 1 (eth0) and 192.168.2.
Chapter 2 – Installation Changing the Password: You should change the default User and Password entries. This can be accomplished in the WEB Admin screen of the Administration menu. Caution: Use a safe password! Your first name spelled backwards is not a sufficiently safe password; a password such as xfT35$4 is better. 2. If someone else is already logged onto the MultiAccess or you were logged in recently, the following message displays. At the prompt Do you want to log the user out? Click Yes.
Chapter 2 – Installation Navigating Through the Screens When you click one of the MultiAccess Menu Bar buttons, the first screen for that function displays. Once the first screen opens, you can navigate to other screens within this function; they are listed on the left side of the screen. Home: The main screen. Administration: System setup such as Time & Date, Web management, and certificate.
Chapter 2 – Installation Setup Your Time Zone 4. Click Administration on the menu bar. The System Setup screen displays. Set the System Time by selecting your Time Zone, the current Day, Month, Year, Hour, and Minute.
Chapter 2 – Installation Network Setup In the Network Setup > Interface you can define a host name for your MultiAccess, change the Ethernet 1 (eth0) to your local IP and subnet mask for your local network, and change the IP address of the default Gateway to your local gateway address. 1. 2. 3. 4. Enter the Host name you have established for your local MultiAccess. Click Save. Enter in the External Name server window the IP address of your domain name server (DNS).
Chapter 2 – Installation Line Interfaces To establish your line interfaces for the four LI1 through LI4 interfaces, click on Line Interfaces. The Current Setup section reflects the current operating parameters for the indicated Line Interface. 1. Click on the Line Type down arrow and select your type of line interface; T1 RBS or T1 PRI for North America or E1 PRI for the rest of the world, then wait for the screen to refresh. 2.
Chapter 2 – Installation Modem Setup The Modem Setup group of menus configure the modems for usage with RAS, modem sharing, and faxing. The default usage for each modem is RAS. The Modem Setup menu controls the parameters of the modems set to RAS. If the MultiAccess modems are to be used for dialout, in a networking modem sharing environment, then use the Modem Usage menu to change the usage to Modem Sharing.
Chapter 2 – Installation If you are using your MultiAccess as a network modem pool, you will need to set up the Modem Usage menu to support your configuration. 1. Click on the Usage drop down arrow and chose the Modem Sharing – authentication type that suits your applicational needs. 2. Click on the Modem drop up or down arrow and select the tty modem(s) for modem sharing. You can choose multiple modems by holding down the shift key. 3.
Chapter 2 – Installation Raw Mode - If Yes, this sets the TCP port to a RAW socket. User data is treated “as is” and the Telnet Command Escape capability is disabled. If No, this allows the Telnet command parser to look for escape sequences that are used to communicate control functions. A common example is to support RFC-2217 Com Port Control. Pool - If you want to access a specific modem, accept the default of No. Each modem will be given a specific TCP port number, starting at 7000+.
Chapter 2 – Installation If you are using your MultiAccess as a network fax server, you need to set up the Modem Usage menu to support your configuration. 5. Click on the Usage drop down arrow and select Fax. 6. Click on the Modem up or down arrow and select the tty modem(s) for faxing. You can choose multiple modems by holding down the shift key. 7. Click on the Save button.
Chapter 2 – Installation Modem Setup Modem Setup screen only applies when the Modem Usage is set for RAS (Dial-in PPP). RAS usage is defined in the Modem Usage Setup field of the Modem Usage screen. 1. Verify that the V.92 Setup parameters conform to your client’s characteristics. 2. Multi-Tech recommends that you set Retrain Limit to 4 and due to compatibility issues seen with various modems, you may wish to disable Quick Connect and V.8bis. 3.
Chapter 2 – Installation Fax Setup Fax setup is initiated when you allocate modem(s) to the integrated Hylafax™ Fax Server. This is achieved by setting the selected modem’s usage to Fax. If no modems are set for fax usage, then only the General Fax Setup section is displayed. The Fax Setup screen is used to configure the integrated Hlyfax Server for sending and receiving faxes. The sending of outbound faxes via the Hylafax Server requires the use of a Hylafax compatible Fax Client software, e.g.
Chapter 2 – Installation Outbound Fax Client Data Base The outbound fax client data base is generated in the General Fax Setup group. The current outbound fax client data base is shown in the table at the bottom of the General Fax Setup group. The credentials defined here are to be used by the fax client. The fax client uses these credentials when accessing the Hylafax server. 1.
Chapter 2 – Installation User Authentication User authentication is established using Radius Client and Radius Server screens. The Radius Client informs the MultiAccess of where the Radius Server is located. If your network already has a Radius Server, you do not have to enter the Radius Server screens. The Radius Server screens are only used when the Radius Server in the MultiAccess is going to be used.
Chapter 2 – Installation 3. Choose the Authentication Type that is being used in your situation by clicking on the down arrow and highlighting the Authentication Type. Radius is the default. You can choose from none, radius, tacacs, remote, local, and radius/local. 4. We recommend that you leave Allow Local Logins set to the default of no. Caution: If you change this to yes and put a “!” before the login name, you could be setting up a potential security risk.
Chapter 2 – Installation Radius Server > General Setup If you are going to use the Radius Server that comes with your MultiAccess, then you need to tell the Radius Server who the Radius Clients are. You need one entry for each Network Access Server (NAS) in your network. Note: When using the internal Radius Server, you must use the IP address of network card 1 (eth0). 1. You can enable status by clicking on the Enabled window. 2. Enter the IP address of network card 1 (eth0) in the Client window.
Chapter 2 – Installation Radius Server > User Setup The User Setup screen establishes who the remote access user is. A user name and password has to be entered for each remote user that is dialing in to the MultiAccess. The User name and password of the remote user is all that is needed initially. If you check or enable Service Type through IP Address windows you will over ride the Default User Setup. 1. Enter the remote user’s name in the Username window. 2.
Chapter 3 – Software Chapter 3 - Software This chapter describes each screen and its function in the MultiAccess™ Communications Server software. The aim of the administrator in setting the options in the software should be to let as little as possible and as much as necessary through the MultiAccess, for both incoming as well as outgoing connections. The Menu bar provides the organization of this chapter. Home: The main screen.
Chapter 3 – Software Home and Logout Home and Logout Options Home This is the opening screen of the MultiAccess™ Communication Server Web Management software.
Chapter 3 – Software Home and Logout Logout - How to Exit MultiAccess Communications Server Software The best way to exit the MultiAccess Communications Server system is to choose Logout from the Menu bar. If you close the browser in the middle of a session without logging out, the session stays active until the end of the time-out.
Chapter 3 – Software Administration > System Setup Administration Administration > System Setup In the Administration section, you can perform the general system-based settings for the MultiAccess Communications Server functions. System Setup includes general system parameters such as the email address of the administrator, remote syslog host, and the system time can be set through these settings.
Chapter 3 – Software Administration > System Setup Notification - Email Address This field defines the email address of the administrator to whom emails must be sent in case of any particular event. The email address has to be entered in proper user@domain format. Emails will be sent to the administrator on hard disk usage exceeding 70%, Intrusion Detections, backups, license key expire, self monitor problems, invalid web logins, and invalid SSH logins.
Chapter 3 – Software Administration > SSH Administration > SSH SSH (Secure Shell) is a program to log into another computer over a network to execute commands in a remote machine and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels. It is intended as a replacement for rlogin, rsh, and rcp. SSH is a command line interface. Access via SSH is encrypted.
Chapter 3 – Software Administration > SNTP Client Administration > SNTP Client SNTP (Simple Network Time Protocol) is an Internet protocol used to synchronize the clocks of computers to the same time source. Clicking the SNTP Client check box enables the MultiAccess to act as a SNTP client. SNTP Client Check the SNTP Client box to activate SNTP Client. SNTP Server Address Enter the IP address of the SNTP Server for which the firewall will contact to synchronize its clock. Then click the Save button.
Chapter 3 – Software Administration > Web Admin Administration > Web Admin From this screen you can regulate Web Admin access. The Web Admin interface uses the Secure HTTP protocol (S-HTTP, aka HTTPS) for secure transactions. Secure HTTP provides communication between your browser and the MultiAccess. S-HTTP supports end-to-end secure transactions, in contrast with the original HTTP authorization mechanisms, which require the client to attempt access and be denied before the security mechanism is employed.
Chapter 3 – Software Administration > Web Admin Change Password You should change the password immediately after initial installation and configuration, and also change it regularly thereafter. Only alphanumeric characters are allowed. To change the password, enter the existing password in the Old Password field, enter the new password into the New Password field, and confirm your new password by re-entering it into the Confirmation entry field.
Chapter 3 – Software Administration > Site Certificate Administration > Site Certificate Public keys are used as the encryption algorithm for security systems. For the validity of public keys, certificates are issued by a Certificate Authority. The Certificate Authority certifies that the person or the entity is authenticated and that the present public key belongs to that same person or entity.
Chapter 3 – Software Administration > Database Setup Administration > Database Setup Database Setup defines where the call history database is located and maintained. If the database is to be located on this machine and other MultiAccess units are joining the data base as clients, you will need to provide client access by entering the Client IP Address, Mask, and the access method.
Chapter 3 – Software Administration > Backup Setup Administration > Backup Setup The Backup Setup allows you to enable and control specific aspects of the periodic back-up process. This process allows you to save your settings as .tar file either on your local system or up loaded to an FTP server. The Backup process consists of copying hundreds of configuration files into one .tar file. The .tar is then zipped and named per “config-year month day hour minute.tar.gz”.
Chapter 3 – Software Administration > Available Backups Administration > Available Backups Available Backups allow you restore a previous saved configuration. The number set in the Maximum Backups field in the Backup Setup determines the number of backups listed here. Backups You can Get, Restore, and Delete backups. To Restore a backup, simply click on the Options Restore. Your system will be restored from the file and rebooted.
Chapter 3 – Software Administration > Intruder Detection Administration > Intrusion Detection The Intrusion Detection mechanism is used to notify the administrator if there has been any tampering with the files on the server. Intrusion Detection Enable File Integrity Check Check the box to enable File Integrity Checking. Select the amount of time you would like the system to conduct this check. Options are every 5 Minutes, Hourly, or Daily. Then click the Save button.
Chapter 3 – Software Administration > Intruder Detection Protocol This selection allows you to choose the type of protocol, i.e., TPC or UDP. Service This selection allows you to choose the corresponding service. The service must have been previously defined in the Services menu. Select intrusion detection rules from the following dropdown list boxes: Add After the rules are defined/selected, click the Add button. The commands can be deleted by clicking Delete under the Command option.
Chapter 3 – Software Administration > Network Tools Administration > Network Tools There are three tools that can help you test the network connections and functionality. Ping and Trace Route test the network connections on the IP level. TCP Connect tests TCP services for availability. PING Ping is an acronym for Packet Internet Groper. The PING utility is used as a diagnostic tool to determine if a TCP/IP communication path exists to a remote host.
Chapter 3 – Software Administration > Network Tools Trace Route Trace Route is a tool for finding errors in the network routing. It lists each router/hop/network on the way to remote host. If the path for the data packets is temporarily unavailable, the interruption is indicated by asterisks (*). After a number of tries, the attempt is aborted. The interrupted connection can have many causes, including the packet filter on the MultiAccess not allowing the operation of Trace Route.
Chapter 3 – Software Administration > System Tools Administration > System Tools System tool includes Restart, and Shutdown. Restart allows the MultiAccess to be shut down and restarted. Shut down ensures that all services are shut down correctly. Restart By clicking the Restart button, the MultiAccess is shut down and rebooted. The message Are you sure you want to restart the system? is displayed. By clicking the OK button you confirm that you want to restart the MultiAccess.
Chapter 3 – Software Networks & Services > Networks Networks & Services Networks & Services > Networks A network consists of a unique name, an identifying network number, and a Subnet Mask. Once you add a network, the information displays at the bottom of the screen. This network table contains the default networks which cannot be deleted or edited. Important Notes: • IP address (network number) will change if changes are made to the IP addresses in Network Setup of Ethernet 1 and Ethernet 2.
Chapter 3 – Software Networks & Services > Networks Confirm your entries by clicking the Add button. After a successful definition, the new network is entered into the network table. This network will now be referenced in other menus under this name. You can edit and delete networks by clicking Edit or Delete in the Options column for the network you want to change. The name of the network can not be changed, but the IP Address and Subnet Mask can be edited.
Chapter 3 – Software Networks & Services > Services Networks & Services > Services On this screen you can set the MultiAccess protocol services. Protocols make ongoing administration easier. You will define data traffic as it travels the networks (e.g., the Internet). A service protocol setting consists of a Name, the Protocol, the S-Port/Client (source port), and the D-Port/Server (destination port). When entering the ports, you can enter a single port or a port range separated by a colon (:).
Chapter 3 – Software Networks & Services > Services Add Services Name Enter a unique name in Name entry field. You will need this later (e.g., to set packet filter rules). Protocol Select from the following protocols: TCP, UDP, TCP & UDP, ANY, ICMP, AH, and ESP. ICMP Type Select the ICMP type (e.g., echo reply, echo request, time to live exceeded, etc.). It will display if the protocol type is ICMP> ICMP Code Select the ICMP code (e.g., all).
Chapter 3 – Software Networks & Services > Network Groups Networks & Services > Network Groups On this screen you can group various networks into a group. The networks that were added in the Network & Services > Networks section can be placed into a group. A network, which is already a part of a group, cannot be added to any other group. It is suggested that you start a group name with a G- or Group-. This will identify group network names in contrast to network names.
Chapter 3 – Software Networks & Service > Service Groups Networks & Services > Service Groups On this screen you can combine multiple Services (see Services section) into groups, called Service Groups. Service Groups are treated like single services. A service that is already a part of a group cannot be added to any other group. A service can also be deleted from a group. Note: Every change made to Service Groups is effective immediately. Add Service Group Name Assign a unique name for the Service Group.
Chapter 3 – Software Network Setup > Interfaces Network Setup The Network Setup menus consist of Interface, Routes, Masquerading, SNAT, and DNAT screens. The Interface screen is used to set up two Ethernet interfaces with funtional IP parameters for your network or networks. Routes screen is used to define additional (network specific) IP routes. The Masquerading screen is used to hide private addresses behind public addresses.
Chapter 3 – Software Network Setup > Interfaces Network Setup > Interface When you view this screen on your PC, you will see an additional section for entering Network Card 2 information. Since the input fields are the same as those for Network Card 1, they are not included in this graphic. Local Host Host Name Enter a name for the MultiAccess into the Host Name field. An example is MultiAccess.mydomain.com. Click the Save button after entering the Host Name.
Chapter 3 – Software Network Setup > Interfaces Domain Name Server Configure the remaining basic parameters; Defining the default gateway, adding at least one DNS server (this is used by the operating system to resolve names), and define a host name for the MultiAccess. Dial in clients use the DNS server defined in the Radius Client screen. External Name Server Enter the IP address of the name server in this field. Click the Add button.
Chapter 3 – Software Network Setup > Interfaces IP Aliases From this part of the Interface screen you can add Aliase IP addresses to the network interface of the MultiAccess. With IP aliases, you can assign several additional IP addresses to a network interface. The MultiAccess will treat the additional addresses as equals to the primary network interface address. IP aliases are required to administer several logical networks on one network interface.
Chapter 3 – Software Network Setup > Routes Network Setup > Routes The Routes menu allows you to define additional IP routes. When you add a route, you are modifying the internal routing table of the MultiAccess. There are two types of routes used by the MultiAccess; Interface routes and Static routes. Depending on the situation, you may need to create just an Interface route or just a Static route, or possibly both.
Chapter 3 – Software Network Setup > Masquerading Network Setup > Masquerading Masquerading is a process which allows a whole network to hide behind one address. The MultiAccess can use this to your advantage by allowing dial-up users access to your private and public networks yet hiding your internal IP addresses and network information from the public network. Masquerading is also helpful when there is a limited number of available IP addresses.
Chapter 3 – Software Network Setup > Masquerading Small Office Example Solution: Create a private network just for the dial-in users and then masquerade it to the MultiAccess interface that is on your LAN. This example is based on the premise the MultiAccess is a 24-port server, full or near full capacity is expected to be reached on a regular basis and most dial-in users only require a dynamic IP address. This means the IP address pool for the dial-up connections should be a contiguous group of 24.
Chapter 3 – Software Network Setup > SNAT Network Setup > SNAT The SNAT (Source Network Address Translation) process allows attaching private networks to public networks. SNAT is used when you want to have a private IP network connected to the Internet via the MultiAccess, since the private IP addresses are not routed on the Internet, you have to apply SNAT on the MultiAccess’s public interface. The MultiAccess’s internal interface serves as the default gateway for the LAN.
Chapter 3 – Software Network Setup > DNAT Network Setup > DNAT On this screen you can set up DNAT re-routing. DNAT (Destination Network Address Translation) allows you to place servers within the private network and make them available for a certain service to the public network. Normally the network has a server running on the LAN, providing a network service, with an address in the specified range and wants this service accessible to the outside world.
Chapter 3 – Software Network Setup > DNAT DNAT Example In this example, your private network is 192.168.0.0/255.255.255.0 and an IP address 192.168.0.20 for the Web server provides accessibility for clients outside your LAN. These clients cannot contact its address directly, as the IP address is not routed in the Internet. It is, however, possible to contact an external address of your MultiAccess from the Internet.
Chapter 3 – Software DHCP Server > Subnet Settings DHCP Server DHCP Server > Subnet Settings DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of the DHCP is to make it easier to administer a large network. The DHCP package includes the DHCP server and a DHCP relay agent.
Chapter 3 – Software DHCP Server > Fixed Addresses DHCP Server > Fixed Addresses The DHCP server can be made to assign a fixed IP address for a particular user by identifying the MAC address. This binding can be made permanent by configuring the same using this screen. The same IP address would not be used for any DHCP client with a different MAC address, even if there were no active DHCP connection with that IP address. DHCP Server Fixed Addresses Add Enter both a MAC address and an IP address.
Chapter 3 – Software System Update > Available/Applied System Update > Available When you select System Update from the main menu bar, you are brought to the “Available” screen. This screen invokes the MultiAccess “update client”, which checks for “Available” updates. The update client checks by opening an FTP connection to the host defined on the “Setup” screen. The default update server is a server at Multi-Tech Systems (update.multitech.com).
Chapter 3 – Software Applied This menu lists updates that have been applied to the unit since it’s hard drive image was created. This menu also provides the ability to remove updates. The screen shot below indicates this unit’s original version was 1.10 and that version 1.11 and 1.12 have been applied to it. Setup The Setup menu allows for the administrator to define the location of the update server. This would be necessary in situations were network security is foremost.
Chapter 3 – Software Tracking > Accounting Tracking Tracking > Accounting The Accounting function records all the IP packets through the network cards and sums up their size. The traffic sum for each day is calculated once a day. Additionally, the traffic sum for the current month is calculated and displayed. This is the amount that your ISP (Internet Service Provider) will charge to you if your payment plan is based on the amount of data you transfer.
Chapter 3 – Software Packet Filters Rules > Add User Defined Filters Packet Filters Packet Filter Rules > Add User Defined Filters The Packet Filter is a key element of the MultiAccess. Packet Filter Rules define the type of data traffic allowed between networks and hosts. You can specify whether particular packets are to be passed through the system or filtered. The rules are created with the help of the definitions you set up previously in the Networks & Services section of this software.
Chapter 3 – Software Packet Filters > Packet Filter Rules Example: Network A is contained in network B. Rule 1 allows network A to use the SMTP service. Rule 2 forbids network B to use SMPT. Result: Only network A is allowed SMPT. SMPT packets from all other network B IP addresses are not allowed to pass and are logged. Caution: Re-sorting the rules may change how the MultiAccess operates. Be very careful when defining the rule set. It determines the security of your MultiAccess.
Chapter 3 – Software Packet Filters > Packet Filter Rules To Broadcast on the Whole Internet: 1. Open the Networks menu in the Definitions directory and enter the following data: Name: Broadcast32 IP Address: 255.255.255.255 Subnet Mask: 255.255.255.255 2. Confirm your entries by clicking the Add button. 3. Open the Rules menu in the Packet Filter directory and set the packet filter rules: From (Client): Any Service: Any To (Server): Broadcast32 Action: Drop 4.
Chapter 3 – Software Packet Filters > ICMP Packet Filters > ICMP ICMP (Internet Control Message Protocol) is necessary to test network connections and to test functionality of your firewall. ICMP-forwarding and ICMP-on-firewall always apply to all IP addresses (“Any”). When these are enabled, all IPs can ping the firewall (ICMP-on-firewall) or the network behind it (ICMP-forwarding). Separate IP addresses can then no longer be ruled out with packet filter rules.
Chapter 3 – Software User Authentication > Local Users User Authentication User Authentication consists of three menus, Local Users, Radius Client, and Radius Server. These menus are used to define user credentials (user name and passwords), and database access details (client/server locations, etc). User Authentication > Local Users User’s added to this data base can access the MultiAccess via command shell (limited to user level access rights).
Chapter 3 – Software User Authentication > Local Users Add Button Click the Add button after all the parameters are entered. After a successful definition, the new user is entered into the user table. Edit or Delete You can edit or delete entries in the table by clicking on either the Edit button or Delete button listed under Options.
Chapter 3 – Software User Authentication > RADIUS Client User Authentication > RADIUS Client The RADIUS client menu must be used when the a modem’s usage is setup for RAS or Modem Sharing with RADIUS Authentication. The Radius Client is responsible for making authentication requests to the Radius server and then acting upon the response from the Radius server. The Radius Client screen allows you to select which Digital Line Interface and ports are to be used.
Chapter 3 – Software User Authentication > RADIUS Client Radius Client Settings When you first enter the Radius Client settings, you first have to identify the line interface and ports accessible to Radius. Authentication Type This option tictates the authorization process performed by the Radius Client. You can choose the Authentication Type by clicking on the down arrow and choosing from none or radius (the default). None accepts all request with no security.
Chapter 3 – Software User Authentication > RADIUS Client Remote Host Address Remote Host Address is an address pool that is assigned to dial in users. Click on the check mark window and enter the starting IP address of your pool. The IP address needs to have a + (plus symbol) after the number (e.g., 192.168.1.150+). The plus symbol instructs the “portslave” to create an address pool starting with the address you have entered.
Chapter 3 – Software User Authentication > RADIUS Server > General Setup User Authentication > RADIUS Server > General Setup RADIUS (Remote Authentication Dial-In User Service) is a protocol responsible for receiving user connection requests, authenticating the user, and then returning all configuration information necessary for the client to deliver service to the user. The Radius Server menu consists of three screens, General Setup, User Setup and Default User Setup.
Chapter 3 – Software User Authentication > RADIUS Server > General Setup The RADIUS protocol implements a client to server relationship. The server is most commonly software running on a network computer (server or workstation), i.e. IAS service on Windows 2003 or Free RADIUS running on Linux. The client is most commonly a communication appliance on the network (such as a remote access server or VPN gateway). RADIUS uses the TCP/IP protocol UDP to communicate between client and server.
Chapter 3 – Software User Authentication > RADIUS Server > General Setup Type Type is the manufacture of the Radius client, such as MultiTech, Livingston, etc. Click on the drop down arrow and high light the manufacture of the Radius Client (NAS). IP Address*/Login Name*/Password* All three optional and currently not used. Add Click the Add button to configure the Radius Server with the MultiAccess and the above client information.
Chapter 3 – Software User Authentication > RADIUS Server > User Setup User Authentication > RADIUS Server > User Setup This menu establishes a RADIUS User database within the MultiAccess. These users will have rights to use the modems configured for Modem Sharing with RADIUS Authentication and the modems configured for RAS. Internally, these user accounts are contained in a file called “users”.
Chapter 3 – Software User Authentication > RADIUS Server > User Setup Confirm Password Confirm the password entered above by entering it again. Auth Type This field defines where the Radius Server is to look for the user’s credentials and dictates the format of how the password is stored. The default value is “Local” and currently this is the only option supported. Local means the value of Password is clear text.
Chapter 3 – Software User Authentication > RADIUS Server > Default User Setup User Authentication > Radius Server > Default User Setup The Radius Server > Default User Setup screen displays the factory default settings and allows for changes to be made to the default. Default Settings The Default Settings apply to all users of the Local Users data base. If you want to add a New Default, click on the Add New Default buttton and the Add New Default Setup screen appears.
Chapter 3 – Software User Authentication > RADIUS Server > Default User Setup User Authentication > Radius Server > Default User Setup This Add New Default User Setup screen is displayed by clicking on the Add New Default button from the Radius Server > Default User Setup screen. Auth Type This field is for selecting the type of authentication. This field must be set to System. Service Type This field is for selecting the type of service the user will be requesting or provided to them.
Chapter 3 – Software Protocol This field is for selecting the protocol to be used for framed access. IP Address This field indicates the IP address the framed user is to use. A value of 255.255.255.255.254 instructs the NAS equipment to give the user an IP address from an address pool defined within the NAS equipment, referred to as a dynamic IP address. A value of 255.255.255.255 instructs the NAS equipment to let the user pick it’s own IP address. A unique specific value can also be defined, i.e., 206.
Chapter 3 – Software Modem Setup Modem Setup The Modem Setup menu consists of three screen, Modem Usage, Modem Setup and Fax Setup. The Modem Usage screen is used to define the role of the modem. The Modem Setup screen is used to define the operating parameters of the modems set to a usage of RAS. The Fax Setup screen is used to configure various faxing parameters when at least one modem is set to the usage of Fax.
Chapter 3 – Software Modem Setup > Modem Usage Modem Setup > Modem Usage The modem usage screen defines whether your modems are used for standard RAS (Dial in PPP), Modem Sharing (network resource / modem pool for inbound calls with com port redirectors or proprietary inbound or outbound data), or Fax (Hylafax Server). Defining a usage allocates the modem to a specific process within the MultiAccess operating system. Each modem is set (allocated) individually.
Chapter 3 – Software Modem Setup > Modem Usage Note: Mixing usages usually requires hunt group coordination with your local telephone company, especially when mixing usages within the same Line Interface. This coordination is to avoid the collision of inbound and outbound calls or to avoid the routing of calls to a modem not set to the appropriate usage. Modem Usage Setup The Modem Usage Setup field contains 2 control boxes and a save button, used to change the usage of each modem.
Chapter 3 – Software Modem Setup > Modem Usage A common dial in modem sharing application is where a proprietary host application, running on a sever that has IP access to MultiAccess, opens multiple telnet sockets (one to each modem) to the MultiAccess. When the sockets are opened, the application can look for incoming calls\rings, instruct the modem to answer and then process data from the remote end.
Chapter 3 – Software Modem Setup > Modem Usage Raw Mode “Yes” sets the Telnet TCP port to a RAW socket. User data is treated “as is” (without interpretation) and Telnet Command Escape capability is disabled. “No” allows the Telnet command parser to look for escape sequences that are used to communicate control fucntions. A common example is to support RFC-2217 Com Port Control. Pool Selecting yes or no determines the TCP port number that is assigned to the modem.
Chapter 3 – Software Modem Setup > Modem Setup Modem Setup > Modem Setup This screen applies to all the modems set to a RAS usage. This screen allows you to set the parameters most important for modem performance. Parameters such as the time to establish a connection, whether to enable the modem-on-hold feature, error recovery, etc. V.92 Setup Quick Connect – You can enable or disable Quick Connect or select Short Phase 1 only or Short Phase 2 only.
Chapter 3 – Software Modem Setup > Modem Setup Modem On Hold – You can enable or disable the Modem-On-Hold feature from the drop down box. Modem On Hold (MOH) requires the remote MOH capable V92 client to use a line that has a subscriber service of “Call Waiting” or “Caller ID Call Waiting”. MOH allows the client system to put the RAS call (Internet Connection) on hold so it can answer the call waiting. MOH Timeout – You can select the timeout period for the Modem-On-Hold feature.
Chapter 3 – Software Modem Setup > Fax Setup Modem Setup > Fax Setup The Fax Setup screen is used to configure the internal Hylafax server. If no modems are set for fax usage, only the General Fax Setup section is displayed. A Hylafax compatible fax client, like the Multi-Tech FaxFinder Client (a copy of which is found on the software CD that ships with the MultiAccess) is needed to send faxes via the MultiAccess to remote dial-up fax destinations.
Chapter 3 – Software Modem Setup > Fax Setup be “fax##########.tif” were ###…is equal to the numeric value of the total number of faxes received by the Hylafax server. The sender of the email (“From” header) will be identified as “The HylaFax Receive Agent”. The subject of the email will identify who sent the facsimile, “Facsimile Received From CSID”, if the CSID is provided by the remote fax location.
Chapter 3 – Software Modem Setup > Fax Setup Route by Called Number Route by Called Number is a dynamic delivery method that requires the use of a PRI line (T1-PRI or E1-PRI line type). The “Called Number” refers to the DNIS information provided per call by Telco. The objective is to associate the DNIS information to an email address. The Route by Called Number feature requires the modem(s) to answer on two rings.
Chapter 3 – Software Statistics & Logs Statistics & Logs The Statistics & Logs group of menus is used to view current status and obtain historical information of the MultiAccess system. The Statistics & Logs menu contains the follow sub menus: • Setup - Defines the refresh rate for certain menus. • Uptime - Displays the duration of continuous operation and the date and time since the server last booted. • Networks - Displays; Interface Details, Routing Table, and Network Connections.
Chapter 3 – Software Statistics & Logs > Setup Statistics & Logs > Setup Certain screens within the Statistics & Log menu group will automatically refresh. An automatic screen refresh is equivalent to clicking on the refresh icon in your browser’s tool bar (or pressing the F5 key). The value selected applies to all of the menus that automatically refresh (Line Interface Status, Modem Connections, Modem Connection Details, Modem Connection Caller ID, and Server Connections).
Chapter 3 – Software Statistics & Logs > Uptime Statistics & Logs > Uptime Uptime tells you how long the system has been running. The first line displays the date and time the system was started. The second line displays the total time elapsed since the system was started in days, hours, minutes, and seconds.
Chapter 3 – Software Statistics & Logs > Networks Statistics & Logs > Networks The Interface Details screen will summarize configuration and performance information for each network interface. Both Ethernet interfaces and the internal Loopback interface will always be present in this screen. PPP interfaces will be added and removed automatically to and from the table, as the PPP connections are established and relinquished.
Chapter 3 – Software Statistics & Logs > Networks Routing Table This screen displays the current kernel routing table. The table will always reflect the two permanent ethernet interface routes. Routes pertaining to PPP connections are automatically added and removed as the connections are established and relinquished. This table will also reflect static and interface routes added manually via the Network Setup>Routes menu.
Chapter 3 – Software Statistics & Logs > Networks Network Connections Click the Network Connections to display the status of all current (active) network connections to or from your system. Information on the active protocol, receive queue, send queue, local address, foreign address, and current state is shown for each of the MultiAccess‘s active Internet connections.
Chapter 3 – Software Statistics & Logs > Networks How to Read the Network Connections Table - Example 1 Proto tcp Recv-Q 0 Send-Q 0 Local Address 65.126.90.16:22 Foreign Address 65.126.90.4:1918 State ESTABLISHED This output tells you there is an active (ESTABLISHED) connection from 65.126.90.16 port 22 (http) to 65.126.90.4 port 1918. How to Read the Network Connections Table - Example 2 Proto tcp Recv-Q 0 Send-Q 0 Local Address 0.0.0.0:22 Foreign Address 0.0.0.
Chapter 3 – Software Statistics & Logs > Line Interface Status Statistics & Logs > Line Interface Status This screen displays a snap shot of the layer one status of each digital line interface that is enabled. The digital line interfaces will automatically be enabled upon installation of an MA30EXP modem module (into the corresponding slot on the motherboard). The information displayed reflects the status of the interface’s receiver circuitry.
Chapter 3 – Software Statistics & Logs > Line Interface Status working properly and that the problem is at T1/E1 equipment down the line from (remote to) the MultiAccess. The front panel LEDs will reflect the LS on solid, with the LA and LC off. Loss of Frame Alignment - is reported by the line interface when it is unable to synchronize with the incoming signal. This is most likely due to a timing problem on the line or a mismatch in framing format settings.
Chapter 3 – Software Statistics & Logs > Modem Connections Statistics & Logs > Modem Connections The Modem Connections group of menus contains Connections, Connection Details, Caller Id and Call History screens. The Connections, Connection Details and Caller ID screens provide various details about the current state of each modem in the system. The Call History screen maintains a record of all calls that establish carrier.
Chapter 3 – Software Statistics & Logs > Modem Connections >Connection Details Connection Details This screen displays the modem protocol and performance details for currently connected ports.
Chapter 3 – Software Statistics & Logs > Modem Connections >Caller ID Calling Information This screen displays the telephone number dialed by the caller and the telephone number of that caller. This information is available when the call is inbound to the MultiAccess and when the line type is PRI (T1PRI or E1 PRI). The exact digits displayed is controlled by Telco’s implementation of DNIS (Dialed Number Identification Service) and Caller ID services.
Chapter 3 – Software Statistics & Logs > Modem Connections >Call History Call History This screen displays and maintains a call history database. The call history is displayed as a table at the bottom of the page. Available page navigation buttons are Next, Previous, First and Last. A call (for this database) is defined as an inbound or outbound call with modem carrier being established. Calls that fail to connect are not added to this database. The Call History is maintained in an SQL database.
Chapter 3 – Software Statistics & Logs > Modem Connections >Call History The number of records kept in the database is limited to the amount of system resources available. The time it takes to assemble and display the data structure depends on the number of records in the database, the available system resources and network performance between the MultiAccess and your browser. The larger the database, the longer it takes to display and search the call history.
Chapter 3 – Software Statistics & Logs > Server Connections Statistics & Logs > Server Connections The Server Connections screen displays active command shell PPP sessions and activity.
Chapter 3 – Software Statistics & Logs > Interfaces Statistics & Logs > Interfaces This screen displays graphically the network traffic load on each interface (Ethernet 1 and Ethernet 2) separated by days, weeks, months, and years. Ethernet 1 Traffic – Ethernet 1 traffic is displayed by default. Ethernet 2 Traffic – Click on Ethernet 2 traffic to graphically display the traffic on Ethernet 2.
Chapter 3 – Software Statistics & Logs > Accounting Statistics & Logs > Accounting This screen displays daily byte totals of network traffic transferred through each MultiAccess Ethernet interface. This network traffic Accounting feature is off by default. Use the Tracking> Accounting menu to enable accounting per Ethernet interface.
Chapter 3 – Software Statistics & Logs > Self Monitor Statistics & Logs > Self Monitor The Self Monitoring function informs the administrator when important internal processes have stopped running. The Self Monitoring function will check every 10 minutes to see if certain process are running. If a particular process is no longer running, it will send an email stating which process is not running and is trying to be restarted. How to Add, Edit, or Delete Email Addresses for Self Monitoring: 1.
Chapter 3 – Software Statistics & Logs > View Logs Statistics & Logs > View Logs This screen allows you to display, download, and search a pattern in various logs maintained by the MultiAccess. Select a Date and log file type from the pull down window, and click Continue. A detailed log file is displayed. The type of log file selected effects the behavior and results of the time and date options. When the log file type is kernel, the time option specifies the ending point you are interested in.
Chapter 3 – Software Line Interfaces Line Interfaces The Line Interfaces menu is used to configure the active (enabled) digital communication line interfaces within the MultiAccess. All MultiAccess units come with four built in digital line interfaces. The first line interface is enabled by default because all units come pre-installed with one 30-modem module.
Chapter 3 – Software Line Interfaces > Line x Setup Line Interfaces > Line x Setup The Line Setup screen is made up of two fields, Current Setup (which displays the saved and active settings) and Setup. The contents of the Current Setup field will not change until after the setup parameters have been properly loaded. The Setup field is used to load the parameters into the line interface. The parameters you select should match the parameters of the digital communication line provided by your Telco.
Chapter 3 – Software Line Interfaces > Line x Setup> T1RBS Interfaces > Line x Setup> T1 RBS The Line Setup screen is made up of two fields, Current Setup (which displays the saved and active settings) and Setup. The contents of the Current Setup field will not change until after the setup parameters have been properly loaded. The Setup field is used to load the parameters into the line interface.
Chapter 3 – Software Line Interfaces > Line x Setup> T1RBS Line Type Three selections are available, T1-RBS, T1-PRI and E1-PRI. Units leave the factory set to E1-PRI. Line Interfaces that are activated in the field (when an MA30EXP port expansion module is installed) will default to T1-RBS. Whenever the line type setting is changed form E1-PRI to a T1 choice (or from a T1 choice to E1PRI), after saving and sending the configuration change, the unit MUST be restarted.
Chapter 3 – Software Line Interfaces > Line x Setup> T1RBS Long Haul Mode (-36db) Setting the receive sensitivity to Long Haul Mode means the MultiAccess receiver expects the size of the incoming signal to be between -10db and -36db. If the incoming signal is smaller than -36 dB, the interface will not be able to recover it and will indicate a Red Alarm condition.
Chapter 3 – Software Line Interfaces > Line x Setup> T1RBS The AB bits transmitted by the MultiAccess will “wink” back to the Central Office upon detection of an inbound call. The sequence of events is as follows: • • • • • • No call = both sides (Telco equipment and MultiAccess) indicate idle (transmit 00). Telco indicates off hook (transmits 11 to MultiAccess). MultiAccess receives 11 (off hook) from Telco, causing the MultiAccess modem to indicate Ring detected.
Chapter 3 – Software Line Interfaces > Line 1 Setup > T1 PRI Line Interfaces > Line x Setup > T1 PRI The Line Setup screen is made up of two fields, Current Setup (which displays the saved, active, settings) and Setup. The contents of the Current Setup field will not change until after the setup parameters have been properly loaded. The Setup field is used to load the parameters into the line interface.
Chapter 3 – Software Line Interfaces > Line 1 Setup > T1 PRI Network Switch Type This parameter only applies (and is made available) when the line type implements PRI_ISDN signaling (T1PRI). This parameter selects the specific messaging protocol that runs within the D_Channel between the Central Office switch and the MultiAccess. Remote (Yellow) Alarm Format This parameter only applies (and is made available) when the Line Type is set to T1.
Chapter 3 – Software Line Interfaces > Line 1 Setup > T1 PRI Receive Sensitivity This layer 1 parameter configures (tunes) the interface’s receiver circuit. There are two choices to select from, Short Haul Mode (-10db) and Long Haul Mode (-36 dB). T1 signals are full duplex. A T1 digital interface generates and transmits a signal onto the line, while at the same time it receives and recovers a signal from the line.
Chapter 3 – Software Line Interfaces > Line 1 Setup > E1 PRI Line Interfaces > Line x Setup > E1 PRI The Line Setup screen is made up of two fields, Current Setup (which displays the saved, active, settings) and Setup. The contents of the Current Setup field will not change until after the setup parameters have been properly loaded. The Setup field is used to load the parameters into the line interface.
Chapter 3 – Software Line Interfaces > Line 1 Setup > E1 PRI Line Type Three selections are available, T1-RBS, T1-PRI and E1-PRI. Units leave the factory set to E1-PRI. Line Interfaces that are activated in the field (when an MA30EXP port expansion module is installed) will default to T1-RBS. Whenever the line type setting is changed form E1-PRI to a T1 choice (or from a T1 choice to E1PRI), after saving and sending the configuration change, the unit MUST be restarted.
Chapter 3 – Software Line Interfaces > Line 1 Setup > E1 PRI High Density Bipolar of order 3 (HDB3) line code is an AMI code working similar to B8ZS but with a much less tolerance for consecutive zeros. 4 consecutive zeros are substituted with an HDB3 pattern. Receive Sensitivity This layer 1 parameter configures (tunes) the interface’s receiver circuit. There are two choices to select from, Short Haul Mode (-10db) and Long Haul Mode (-36 dB). E1 signals are full duplex.
Chapter 4 – Troubleshooting Chapter 4 - Troubleshooting 1. Verify that the site planning requirements are met. Refer to Chapter 2 of this manual. 2. Verify that the Administrations PC requirements are met (correct Default Gateway configuration, using an HTTPS-compatible Browser, JavaScript and Cascading Style active, and Proxies deactivated in the browser). 3.
Chapter 5 – MultiAccess Maintenance Chapter 5 - MultiAccess Maintenance This chapter covers issues related to routinely maintaining the MultiAccess, including: • Housekeeping • Monitoring Housekeeping Housekeeping includes the on-going list of tasks that you need to perform to keep your environment safe and clean. The three main housekeeping tasks that you'll need to revisit periodically are: • System backups – This includes regular backups of MultiAccess configurations.
Chapter 6 – Warranty and Service Chapter 6- Warranty and Service Warranty Multi-Tech Systems, Inc., (hereafter “MTS”) warrants that its products will be free from defects in material or workmanship for a period of two, five, or ten years (depending on model) from date of purchase, or if proof of purchase is not provided, two, five, or ten years (depending on model) from date of shipment.
Chapter 6 – Warranty and Service Repair Procedures for International Customers (Outside U.S.A. and Canada) Your original point of purchase Reseller may offer the quickest and most economical repair option for your Multi-Tech product. You may also contact any Multi-Tech sales office for information about the nearest distributor or other repair service for your Multi-Tech product. http://www.multitech.com/COMPANY/offices/DEFAULT.
Chapter 6 – Warranty and Service Regulatory Compliance FCC Part 15 Regulation This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
Chapter 6 – Warranty and Service Canadian Limitations Notice Notice: The ringer equivalence number (REN) assigned to each terminal device provides an indication of the maximum number of terminals allowed to be connected to a phone interface. The termination on an interface may consist of any combination of devices subject only to the requirement that the sum of the ringer equivalence numbers of all the devices does not exceed 5. Notice: The Industry Canada label identifies certified equipment.
Chapter 6 – Warranty and Service Recording MultiAccess Information Please fill in the following information on your Multi-Tech MultiAccess. This will help tech support in answering your questions. (The same information is requested on the Warranty Registration Card.) Model No.: _________________________ Serial No.: _________________________ Software Version: ____________________ These numbers are located on the bottom of your MultiAccess. The Software Version is displayed at the top of the Home screen.
Appendix A – License Agreements Appendix A - License Agreements This section provides the Multi-Tech Systems, Inc. End User License Agreement (EULA) as well as other applicable Licensing Agreements. Multi-Tech Systems, Inc. End User License Agreement (EULA) IMPORTANT - READ BEFORE OPENING THE SOFTWARE PACKAGE This is a basic multi-user software license granted by Multi-Tech Systems, Inc., a Minnesota corporation, with its mailing address at 2205 Woodale Drive, Mounds View, MN 55112.
Appendix A – License Agreements This is the complete and exclusive statement of the Agreement between the parties, which supersedes all proposals, oral, written and all other communications between the parties relating to the subject matter of this Agreement. This Agreement may only be amended or modified in writing, signed by authorized representatives of both parties. This Agreement shall be governed by the laws of the State of Minnesota.
Appendix A – License Agreements GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it.
Appendix A – License Agreements These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works.
Appendix A – License Agreements later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission.
Appendix B – Modem Commands Appendix B – Modem Commands This appendix describes the AT commands supported by the MultiAccess MA30120 modems along with application specific usage. The primary purpose of this appendix is for use with Customer specific inbound or outbound data applications that use the MultiAccess modems set to a usage of “Modem Sharing”. COMPATIBILITY: The industry standard AT Command set, was devised to control the operation of standalone (traditional) modems.
Appendix B – Modem Commands Parser Character Settings Certain characters used by the “AT” command parser and response generator are settable if the provided defaults are unsuitable. They can be changed via the appropriate S-register.
Appendix B – Modem Commands the escape sequence. If four or more octets are present or any of the characters are not the escape character, then escape sequence detection is restarted. The sequence is detected when exactly three escape characters have been collected. The figure below shows the only four possible sequences of buffers that result in escape sequence detection. +++ Sn=# + ++ ++ + + + + Set the Value of an S-Register The command “Sn=#” enters the value # into S-register Sn.
Appendix B – Modem Commands “AT” Commands Supported A/ Repeat Previous Command The “A/” command causes the previous command input string to be re-parsed and commands re-executed exactly as before. This command must appear alone in a command input string and must not have an “AT” prefix. It does not require a carriage return since the parser begins re-parsing the previous command input string upon receipt of the ‘/’ character. A Answer a call The “A” command causes the modem to answer.
Appendix B – Modem Commands In Information The “In” command returns text to the host containing information about the MultiAccess modem devices. The valid range of n is 0 to 4. “i0”, “i2” and “i4” returns a basic identification of “Mapletree Networks UniPorte Architecture”. “i1” identifies which modem port of the total possible modems you are currently communicating with. “Port n of 0 to m” where n is the zero-based index of the port and m is the total number of ports. For example, “Port 0 of 0 to 29”.
Appendix B – Modem Commands \Vn Extended Connect Message The “\Vn” command controls the presentation of the connect message after the “CONNECT” result code. The valid range of n is 0 to 1. The default setting is 1. This parameter does not apply when the “Result Code Format” (Vn) command is “Numeric” (V0). “\V0” causes the “CONNECT” result code to consist only of the text “CONNECT”. “\V1” causes the “CONNECT” (e.g., CONNECT 33600 /LAPM /V.
Appendix B – Modem Commands “AT” Commands Accepted with No Effect This section lists the “AT” Commands that are accepted by the MultiAccess modems but have no effect. When they are met in the command input parser, any numerical argument is checked for validity, but it is otherwise ignored. The result code remains “OK” unless the numerical argument is out of range, in which case it is set to “ERROR”.
Appendix B – Modem Commands S-Registers This section describes the S-Registers supported by the MultiAccess modems. S0 Auto Answer Compatibility: Superficial. Default: 1 Min: 0 Max: 255 In standalone modems, S0 is the number of ring cycles before automatic answer and, if zero, disables automatic answer. In the MultiAccess, upon the onset of ringing, the modem will not act until the “A” (answer) command is received from the User specific application. Traditional auto answer is not supported.
Appendix B – Modem Commands S11 DTMF Tone Duration Unit Value: milliseconds Default: 70 Min: 50 Max: 255 This object defines the timing of transmitted DTMF digits. The value is the digit pulse width (on time) and interdigit pause (off time) in milliseconds. The width and pause time cannot be defined independently.
Appendix B – Modem Commands S36 Error Correction LAPM Failure Control Default: 7 Min: 0 Max: 7 This register defines the action taken if the primary error control protocol (LAPM) is disabled or cannot be established with the peer. The options are to disconnect (terminate the link), to establish a normal (non errorcontrolled) connection or to try to negotiate MNP error control. These are selected by this object’s value as shown in the table below.
Appendix B – Modem Commands S50 Error Correction Auto Detection Timeout Default: 50 (5 sec) Min:1 Max: 255 This register defines how long, in units of 100ms, a modem will attempt auto-detection of an error control protocol (in answer mode) before giving up and establishing a normal (non error-controlled) connection. During the auto-detection phase the modem will respond to an ODP sequence, HDLC flags, the configured fallback character, or MNP2 flags.
Appendix B – Modem Commands Advanced MultiAccess Modem Commands Advanced MultiAccess modem commands implement a unique syntax as compared to standard modem commands. The syntax includes “:m” & “index number” preceded by “at”. Format = AT:Mindex# =value Companding Law COUNTRY CODE Index 101 Default =1 (United States) This index sets the companding law on the modem’s telephony interface to either μ-law or A-law. The allowed values are defined below.
Appendix B – Modem Commands For inbound calls the Call Type index must preceed the “A” (answer) command within the same string. To answer an incoming HDLC call issue “at:m112=32A”. If the MultiAccess is to answer a standard analog data modem call, the answer command would simply be “ata” (including the Call Type index is NOT needed because Data Modem is the default call type).
Appendix B – Modem Commands Asynchronous Data Handling The default asynchronous handling of data to be transmitted to the remote pier is 8 data bits, 1 stop bit and no parity. Asynchronous character handling can be configured to support any combination of the following: 7 or 8 data bits, 1 or 2 stop bits, and No, Even, Odd, Space, Mark parity The modem will perform parity insertion on transmission.
Appendix B – Modem Commands V.34 Bit Rate Restriction Index 270 Default = 13 (33600 bps) This index selects the max allowable V.34 bit rate of the physical connection when the Modulation Strap of V34bis_V34 is selected. For instance, setting :m256=3:m270=10 will result in a 26400 speed connection or lower.
Appendix B – Modem Commands V.8BIS and V90 Control Index 115 Default = 2 V.8bis is used to negotiate K56Flex™ connections. V.8bis can also advertise V.90. A value of 0 disables V.8bis. A value of 1 enables V.8bis but without it advertising V.90. A value of 2 enables the advertising of V.90 within V.8bis along with advertising K56Flex. This provides support for early implementations of V.90. Please Note: Selecting a value of 0 or 1 does not disable the ability to establish V.
Appendix B – Modem Commands POS V22 Direct Commands The following parameters within this section are available when the Call Type index is set to POS V22 Direct (:m112=64). The values of the following timing control parameters (indexes) are configured in milliseconds, but the DSP processing cycle occurs once every 6 ms. As a result, the timing that can be expected is as if the value is rounded up to the next higher 6 ms interval. A setting of 0 will result in a 6 ms interval.
Appendix B – Modem Commands V22BIS TX BINARY ONES 1200 DURATION Index 179 Default = 444 The minimum setting is 0. The maximum setting is 600. This index controls the length of time that the answering modem transmits scrambled-ones at 1200 bits/s following S1 detection during a V.22bis connection attempt. BELL212A V22 TX BIN. ONES 1200 DURATION Index 180 Default = 6 The minimum setting is 0. The maximum setting is 300.
Appendix B – Modem Commands Application Notes GENERAL After each attempted call (answer or originate, successful or incomplete), the modem is automatically reset to factory default parameters. Default modem operation and behavior: Call type is analog Data Modem. Auto answer is disabled (not supported). V.92 enabled (auto negotiate fastest carrier rate possible with pier starting at V.92 and working it’s way down to Bell 103). V.44 enabled (Auto negotiate reliable connection with pier starting with V.
Appendix B – Modem Commands Data Modem - Connection Rate and Error Correction. The MA30120 modem by default will auto negotiate the “carrier speed” (modulation protocol) and “type” (error control protocol) with the remote modem. The auto negotiation process starts at V92 speeds and works it way down to 300bps. The connection type refers to 1 of 2 basic methods of handling user data, with error correction or without it. A carrier without error correction is referred to as a “Normal” mode connection.
Appendix B – Modem Commands ASCII Conversion Chart CTRL CODE HEX DEC @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ NUL SOH STX ETX EOT ENQ ACK BEL BS HT LF VT FF CR SO SI DLE DC1 DC2 DC3 DC4 NAK SYN ETB CAN EM SUB ESC FS GS RS US 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 CODE HEX DEC SP ! " # $ % & ’ ( ) * + , .
Appendix C – How to Update Appendix C – How to Update There are two methods to update your MultiAccess: 1) Menu driven using the System Update on the Menu bar, and 2) the Manual Method described below. Menu Driven: If the IP address assigned to your MultiAccess has access to the Internet, the MultiAccess has a very userfriendly menu called “System Update”. Just click on the System Update link of the main menu bar.
Appendix C – How to Update General steps for a manual update, where the version level is incrementing by multiple versions (For example, updating a 1.06 unit to 1.10). 1. Place these files into the /opt/multiaccess/htdocs directory. multiaccess-1.07.tar.gz and multiaccess-1.07.html multiaccess-1.08.tar.gz and multiaccess-1.08.html multiaccess-1.09.tar.gz and multiaccess-1.09.html multiaccess-1.10.tar.gz and multiaccess-1.10.html 2. cd /opt/multiaccess/htdocs directory. 3.
Appendix C – How to Update 3. Connect Your CD-ROM drive to the extra IDE connection on the existing IDE Cable (noting the above details regarding 40 pin verses 44 pin). Do not remove the IDE Cable from the motherboard. 4. Insert the recovery CD into the CD-ROM drive and power-up the unit. The Unit will boot off the CD and prompt you to continue. When the process is finished, the CD-ROM drive will eject the disk and the unit will reboot.
Appendix D – WEEE Statement Appendix D – Waste Electrical and Electronic Equipment (WEEE) Statement July, 2005 The WEEE directive places an obligation on EU-based manufacturers, distributors, retailers and importers to take-back electronics products at the end of their useful life. A sister Directive, ROHS (Restriction of Hazardous Substances) complements the WEEE Directive by banning the presence of specific hazardous substances in the products at the design phase.
Glossary Glossary * (Asterisk character) – The ‘wildcard’ character, used to signify “all within this group or function” (e.g., use * to specify all domain names). A special symbol that stands for one or more characters. Many operating systems and applications support wildcards for identifying files and directories. This lets you select multiple files with a single specification. For example, in DOS and Windows, the asterisk (*) is a wild card that stands for any combination of letters.
Glossary particular HTML element once, and then use it over and over on any number of Web pages. To change how an element looks, you just change the style; the element automatically changes wherever it appears. (Before CSS, you had to change the element individually, each time it appeared.) Style sheets let Web designers more quickly create consistent pages and more consistent web sites. Browsers began supporting the first CSS Specification, Cascading Style Sheets, Level 1 (CSS1), in versions 3.
Glossary Default Route – A routing table entry that is used to direct packets addressed to networks not explicitly listed in the routing table. DES (Data Encryption Standard) – A secret key encryption scheme; contrast with “public key”. DES is an NIST standard for a secret key cryptography method that uses a 56-bit key. Destination Port Number ZZZZ – All the traffic going through the firewall is part of a connection.
Glossary header from the physical layer, followed by a header from the datalink layer (e.g., Ethernet), followed by a header from the network layer (IP), followed by a header from the transport layer (e.g. TCP), followed by the application protocol data. Encryption – A form of security wherein readable data is changed to a form that is unreadable to unauthorized users. Encryption involves the conversion of data into a secret code for transmission over a public network.
Glossary Hash – A one-way security function that takes an input message of arbitrary length and produces a fixedlength digest. Used in SHA (Secure Hash Algorithm). Header – The portion of a packet, preceding the actual data, containing source and destination information. It may also error checking and other fields.
Glossary IP Header – The part of the IP packet that carries data used on packet routing. The size of this header is 20 bytes, but usually the IP options following this header are also calculated as header. The maximum length of the header is 60 bytes. The header format is defined in RFC 791.
Glossary NAT (Network Address Translation) – IP NAT is comprised of a series of IETF standards covering various implementations of the IP Network Address Translator. NAT translates multiple IP addresses on the private LAN to one public address that is sent out to the Internet. This adds a level of security since the address of a PC connected to the private LAN is never transmitted on the Internet.
Glossary Proxy (Application Gateway) – The task of a proxy (Application Gateway) is to completely separate the communication connections between the external network (Internet) and the internal network (LAN). There must be no direct connection between an internal system and an external computer. The proxies work exclusively on the application level. Firewalls that are based on proxies use a dual homed gateway that does not transfer any IP packets.
Glossary Router (Gateway) – A router is a device that selects intelligent pathways for network packets. Strictly speaking, a gateway is something different than a router, but in connection with TCP/IP, both terms are synonyms. To establish connections throughout world and not just stay within one’s own network, one has to introduce this router (gateway) to one’s computer. Normally, the highest address on the network 134.93.178.0 is the address 134.93.179.254 (since 134.93.179.255 is the broadcast).
Glossary SNAT (Source NAT) – A functionality equivalent to DNAT, except that the source addresses of the IP packets are converted instead of the target address. This can be helpful in more complex situations (e.g., for diverting reply packets of connections to other networks or hosts). In contrast to Masquerading, SNAT is a static address conversion, and the rewritten source address does not need to be one of the firewall’s IP addresses.
Glossary URL (Universal Resource Locator) – URLs are used to describe the location of web pages, and are also used in many other contexts. An example of an URL is http://www.ssh.com/ipsec/index.html. URLs are defined in IETF RFCs 1738 and 1808. Verification – The act of recognizing that a person or entity is who or what it claims to be. VLAN (Virtual Local Area Network) – A function allowing some Ethernet switches to be divided into smaller logical groups known as VLANs.
Index Index A Accounting............................................................................. 70 Add a Network....................................................................... 50 Add Services.......................................................................... 53 Administration ....................................................................... 17 Administration > Intrusion Detection .................................... 45 Administration > Site Certificate ...........................
Index ICMP ................................................................................. 52 TCP & UDP....................................................................... 52 R Rack Installation .................................................................... 12 RADIUS ................................................................................ 80 Recording RouteFinder Information .................................... 135 Regulatory Information...................................................
