Hirschmann HiSecOS EAGLE20 Reference Manual
  1. Manuals
  2. Brands
  3. Hirschmann Manuals
  4. Recording Equipment
  5. HiSecOS EAGLE20
  6. Reference manual

Hirschmann HiSecOS EAGLE20 Reference Manual

Industrial ethernet firewall, graphical user interface
Hide thumbs Also See for HiSecOS EAGLE20:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
Table of Contents

Advertisement

Quick Links

See also: User Manual
Reference Manual
Graphical User Interface
HiSecOS EAGLE20/30 (Industrial ETHERNET Firewall)
RM GUI HiSecOS EAGLE20/30
Technical Support
Release 3.0 09/2015
https://hirschmann-support.belden.eu.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the HiSecOS EAGLE20 and is the answer not in the manual?

Questions and answers

Related Manuals for Hirschmann HiSecOS EAGLE20

Summary of Contents for Hirschmann HiSecOS EAGLE20

  • Page 1 Reference Manual Graphical User Interface HiSecOS EAGLE20/30 (Industrial ETHERNET Firewall) RM GUI HiSecOS EAGLE20/30 Technical Support Release 3.0 09/2015 https://hirschmann-support.belden.eu.com...
  • Page 2 In addition, we refer to the conditions of use specified in the license contract. You can get the latest version of this manual on the Internet at the Hirschmann product site (http://www.hirschmann.com). Hirschmann Automation and Control GmbH Stuttgarter Str.

  • Page 3: Table Of Contents

    Graphical User Interface Basic Settings System Network Software Load/Save External Memory Port 1.6.1 Configuration 1.6.2 Statistics Restart Time Basic Settings Global Server Multicast Groups Device Security User Management Authentication List LDAP LDAP Configuration RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 4 4.9.1 Function Code Configurator 4.9.2 Function Code Configurator – Basic Configuration 4.9.3 Function Code Configurator – Advanced Configuration 4.9.4 Meaning of the Function Code values 4.10 Deep Packet Inspection OPC Enforcer 4.11 RADIUS 4.12 RADIUS Global RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 5 5.1.3 Connection Errors Virtual Private Network Certificates Connections 5.3.1 Wizard Switching Switching Global Rate Limiter Filter for MAC Addresses QoS/Priority Global Port Configuration 802.1D/p Mapping VLAN VLAN Global 6.10 VLAN Configuration 6.11 VLAN Port SHDSL/EFM RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 6 8.14 OSPF Interfaces 8.15 OSPF Virtual Links 8.16 OSPF Ranges 8.17 OSPF Diagnostics 8.17.1 Statistics 8.17.2 Link State Database 8.17.3 Neighbors 8.17.4 Virtual Neighbors 8.17.5 External Links State Database 8.18 Routing Table 8.19 Tracking RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 7 8.38 Masquerading NAT Mapping 8.39 Masquerading NAT Overview 8.40 Double NAT 8.41 Double NAT Rule 8.42 Double NAT Mapping 8.43 Double NAT Overview Diagnostics Status Configuration Device Status 9.2.1 Global 9.2.2 Port 9.2.3 Status RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 8 9.17 Topology Discovery 9.18 Report 9.19 Global 9.20 Persistent Logging 9.21 System Log 9.22 Audit Trail Advanced 10.1 DNS 10.2 DNS Client 10.3 DNS Client Global 10.4 DNS Client Current 10.5 DNS Client Static RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 9 Contents 10.6 DNS Cache 10.7 DNS Cache Global 10.8 Command Line Interface Appendix Technical Data List of RFCs Underlying IEEE Standards Maintenance Literature references Copyright of Integrated Software Readers’ Comments Index Further Support RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 10 Contents RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 11: Safety Instructions

    Before you start any machine which is controlled via data transmission, be sure to complete the configuration of all data transmission devices. Failure to follow these instructions can result in death, serious injury, or equipment damage. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 12 Safety instructions RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 13: About This Manual

    The document “HiView User Manual” contains information about the GUI application HiView. This application offers you the possibility to use the graphical user interface without other applications such as a Web browser or an installed Java Runtime Environment (JRE). RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 14 ActiveX control for SCADA integration  Auto-topology discovery  Browser interface  Client/server structure  Event handling  Event log  Simultaneous configuration of multiple devices  Graphical user interface with network layout  SNMP/OPC gateway RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 15: Key

     List Work step  Subheading  Link Cross-reference with link Note: A note emphasizes an important fact or draws your attention to a dependency. ASCII representation in the graphical user interface Courier RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 16 RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 17: Graphical User Interface

     Start HiView.  In the URL field of the start window, enter the IP address of your device.  Click "Open". HiView sets up the connection to the device and displays the login window. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 18  Select the user name and enter the password.  Select the language in which you want to use the graphical user interface.  Click "Ok". The Web browser displays the graphical user interface. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 19 Graphical User Interface Figure 2: Graphical user interface of the device RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 20 The graphical user interface of the device is divided as follows:  Tab area (at the upper edge)  Menu section (left)  Status line  Dialog section (right). Figure 3: Graphical user interface of the device RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 21 The device allows you to compare the current operating status with the operating status the device had at a given time in the past. Figure 4: "Online" tab with context menu RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 22 Exports the snapshot and saves the settings and operating parameters as a file on your PC. Close Closes the "Snapshot …" tab. Unsaved information are lost. Table 2: "Snapshot …" tab: functions in the context menu RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 23 Allows you to quickly jump back to a previously selected menu item. Forward Allows you to quickly jump forward to a previously selected menu item when you have previously used the "Back" function. Table 3: Menu section: Functions in the context menu RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 24 By right-clicking this symbol you can open the Diagnostics > System > Configuration Check dialog directly. Ends the session and terminates the connection to the device. Table 4: Buttons in the status line RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 25 "UDP Port" parameter – dialog, "Activate SysMon1" Diagnostics > System > Selftest parameter – dialog, "Load default config on error" Diagnostics > System > Selftest parameter Table 4: Buttons in the status line (cont.) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 26: Operating Instructions

     To sort the table entries in ascending order, click the header line of the corresponding column.  To sort the table entries in descending order, click again the header line of the corresponding column. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 27 – Press and hold the Strg button, and click into the row of the next table entry to be selected. – Repeat the previous work step until all desired table entries are selected. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 28 Graphical User Interface RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 29: Basic Settings

    This menu allows you to specify the basic settings of the device. The menu contains the following dialogs:  System  Network  Software  Load/Save  External Memory  Port  Restart RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 30: System

    To avoid this alarm, you deactivate the monitoring of the missing power supply units in the Diagnostics > Status Configuration > Device Status dialog. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 31 Symbol Displays the security status. Possible values: The device status is OK. The monitored parameters have the desired status. An alarm has occurred. At least one monitored parameter differs from the desired status. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 32: System Data

    Device Type Displays the product name of the device. Power Supply Displays the status of the power supply unit on the relevant voltage supply connection. Possible values:  present  not present  defective RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 33  -99..99 (integer) You activate the monitoring of the temperature thresholds in the dialog. Diagnostics > Status Configuration > Device Status The “Installation” user manual contains detailed information about setting the temperature thresholds. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 34 "Automatic Configuration" checkbox. AdminLink Port is deactivated, connection okay Port is deactivated, no connection set up See the dialog, "Configuration" tab, Basic Settings > Port "Port on" checkbox, and "Link/ Current Settings" field. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 35  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 36: Network

    After a short time the device is reachable over the new port in the new management VLAN. MAC Address Displays the MAC address of the device. The device management is accessible via the network using the MAC address. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 37 This frame allows you to specify settings for the access to the device using the HiDiscovery protocol. On a PC, the HiDiscovery software displays the Hirschmann devices that can be accessed in the network on which the HiDiscovery function is enabled.
  • Page 38  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 39: Software

    "Stored Version" and the "Backup Version" of the device software. Upon restart, the device loads the "Stored Version". Bootcode Displays the version number and creation date of the boot code. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 40: Software Update

    Interface Session Timeout [min]" before the software update. Alternatively, the device allows you to update the device software by right- clicking in the table if the image file is located in the external memory. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 41 Displays the version number of the FPGA module (if present). Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 42: Load/Save

    PC and the device to be terminated. To maintain the device accessible, enable the "Undo Modifications of Configuration" function before changing settings. If the connection terminates, the device loads the configuration profile saved in the non-volatile memory (NVM). RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 43 Someone has removed the external memory from the device during operation.  The external memory is connected and ready for operation.  outOfMemory The memory space is occupied on the external memory.  genericErr The device has detected an error. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 44 Basic Settings > System In the dialog, Diagnostics > Status Configuration > Security Status "Global" tab, "Monitor" column you specify whether the device monitors the "Load unencrypted config from external memory" parameter. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 45 Selected configuration profile in the non- volatile memory (NVM) and in the external memory. Note: If you keep additional encrypted configuration profiles in the memory, the device prevents you from activating or designating these configuration profiles as Selected. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 46 The configuration profiles differ. Possible causes: – No external memory is connected to the device. – In the dialog, the "Auto-save Basic Settings > External Memory config on external memory" function is disabled. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 47 Watchdog IP Displays the IP address of the PC on which you have enabled the function. Address Possible values:  IPv4 address (default setting: 0.0.0.0) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 48 "Save As..." button. Modification Date Displays the time (UTC) at which a user last saved the configuration (UTC) profile. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 49 The passwords are different. The device is unable to unencrypt the configuration profile. Software Version Displays the version number of the device software that the device ran when it saved the configuration profile. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 50  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 51 When you activate an older configuration profile, the device takes over the settings of the functions contained in this software version. The device sets the settings of new functions to the default value. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 52 Basic Settings > External Memory "Auto-save config on external memory" column is marked, the device designates the configuration profile of the same name on the external memory as “Selected”. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 53 Displays the settings of the configuration profile highlighted in the table in clear text as an XML. If the configuration profile is encrypted, enter the password in order to see the settings in clear text. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 54 If an external memory is connected, the device deletes the configuration profiles saved on the external memory.  After a brief period, the device reboots and loads the default values. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 55: External Memory

    Displays the revision number specified by the memory manufacturer. Version Displays the version number specified by the memory manufacturer. Name Displays the product name specified by the memory manufacturer. Serial Number Displays the serial number specified by the memory manufacturer. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 56 Load/Save dialog the "Save" button, the device generates a copy of the configuration profile on the active external memory.  unmarked Creating a copy is deactivated. The device does not generate a copy of the configuration profile. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 57  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 58: Port

    This dialog allows you to specify settings for the individual device ports. The dialog also displays the operating mode, connection status, bit rate and duplex mode for every device port. The dialog contains the following tabs:  Configuration  Statistics RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 59: Configuration

    Possible values:  no-power-save (default setting) The device port remains activated.  auto-power-down The device port changes to the energy-saving mode.  unsupported The device port does not support this function and remains activated. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 60 10 Mbit/s HDX Half duplex connection  10 Mbit/s FDX Full duplex connection  100 Mbit/s HDX Half duplex connection  100 Mbit/s FDX Full duplex connection  1000 Mbit/s FDX Full duplex connection RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 61 When you are using a redundancy function, you deactivate the flow control on the participating ports. If the flow control and the redundancy function are active at the same time, there is a risk that the redundancy function will not operate as intended. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 62 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Clear Port Statistics Resets the counter for the port statistics to 0. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 63: Statistics

    For example, to sort the table based on the number of received bytes in ascending order, click the header of the "Received Octets" column once. To sort in descending order, click the header again. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 64 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Clear Port Statistics Resets the counter for the port statistics to 0. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 65: Restart

    Clear Port Statistics Resets the counter for the port statistics to 0 - see the Basic Settings > Port dialog, "Statistics" tab. Delete Log File Removes the logged events from the log file - see the Diagnostics > Report dialog. > System Log RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 66 Network Security > ACL > IPv4 Rule MAC Rule Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 67: Time

    The hardware clock bridges a power supply downtime of 3 hours. The prerequisite is that the power supply of the device has been connected continually for at least 5 minutes beforehand. The menu contains the following dialogs:  Basic Settings  RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 68: Basic Settings

     -780..840 (default setting 60) Set Offset from PC The device determines the time zone on your PC and uses it to calculate the difference between the local time and "System Time (UTC)". RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 69  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 70: Ntp

    NTP server, it distributes time information to the clients in the subordinate network segment. The menu contains the following dialogs:  Global  Server  Multicast Groups RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 71: Global

    Time > NTP > Multicast Groups The device transmits the time information without authentication in the management VLAN as well as in layer 3 on the IP interfaces set up. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 72 The NTP server on the device is working in symmetric mode.  The device is using the local system clock as the time source. See the "Time Source" field in the dialog. Time > Basic Settings RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 73  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 74: Server

    Valid IPv4 address (default setting: 0.0.0.0) Port Specifies the UDP Port on which the NTP server provides the time information. Possible values:  1..65535 (default setting: 123) Exception: Port 2222 is reserved for internal functions. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 75 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 76: Multicast Groups

    Valid IPv4 address (default setting: 0.0.0.0) Port Specifies the UDP Port on which the broadcast or multicast provides the time information. Possible values:  1..65535 (default setting: 123) Exception: Port 2222 is reserved for internal functions. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 77 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 78 Time Time > NTP > Multicast Groups RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 79: Device Security

    This menu allows you to specify the settings for the access to the device. The menu contains the following dialogs:  User Management  Authentication List  LDAP  Management Access  Pre-login Banner RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 80: User Management

    The device accepts the password if it contains at least the number of Length characters specified here. The device checks the password according to this setting, regardless of the setting for the "Policy Check" checkbox. Possible values:  1..64 (default setting: 6) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 81 Minimum Special The device accepts the password if it contains at least as many special Characters characters as specified here. Possible values:  0..16 (default setting: 1) The value 0 deactivates this setting. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 82 If you mark the checkbox in the "Policy Check" field, the device checks the password according to the policy specified in the "Password Policy" frame. The device always checks the minimum length of the password, even if the checkbox in the "Policy Check" field is unmarked. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 83 The password check is activated. When you set up or change the password, the device checks the password according to the policy specified in the "Password Policy" frame.  unmarked (default setting) The password check is deactivated. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 84 In the "User Name" field, you specify the name of the user account. Possible values:  Alphanumeric ASCII character string with 1..32 characters Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 85: Authentication List

    In this dialog you manage the authentication lists. In a list you specify which method the device uses for the authentication. Here you have the option to differentiate the application with which the device is accessed, e.g. via a console or with the graphical user interface. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 86 – If the first policy in the authentication list is reject, then the devices immediately rejects the user login without attempting another policy. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 87 Displays the previous dialog again. Changes are lost. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Remove Removes the highlighted table entry. Create Adds a new table entry. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 88 – < : Moves the highlighted entries from the "Dedicated Applications" field to the "Possible Applications" field. – << : Moves every entry to the "Possible Applications" field. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 89: Ldap

    This speeds up the logon process when users logon again. In this case, no complex LDAP search operation is necessary. The menu contains the following dialogs:  LDAP Configuration  LDAP Role Mapping RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 90: Ldap Configuration

    This provides you access to the device as administrator after logging on through LDAP. Possible values:  "On" The "LDAP" client is enabled.  "Off" (default setting) The "LDAP" client is disabled. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 91 Specifies the character string which the device adds to user name of users logging on if the user name does not contain the @ character. Possible values:  Alphanumeric ASCII character string with 0..64 characters RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 92 Displays a sequential number which identifies the server. Description Specifies the description. If you wish, you describe the authentication server here or note additional information. Possible values:  Alphanumeric ASCII character string with 0..255 characters RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 93 Advanced > DNS > Client > Global If the certificate contains the IP address of the server in the “Subject Alternative Name” field , the device is able to verify the identity of the server without the DNS configuration. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 94 (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Flush Cache Removes the cached log on data of the successfully logged on users. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 95: Ldap Role Mapping

    Possible values:  highest (default setting) The device applies the role with more extensive authorizations.  first The device applies the rule to the user which has the lower value in the "Index" column. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 96 Specifies whether a group or an attribute with an attribute value is set in the "Parameter" column. Possible values:  attribute (default setting) The "Parameter" column contains an attribute with an attribute value.  group The "Parameter" column contains the “Distinguished Name” (DN) of a group. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 97 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Opens the "Create" dialog to add a new entry to the table. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 98: Management Access

    IP address ranges and individual management services. The menu contains the following dialogs:  Server  IP Access Restriction   Command Line Interface  SNMPv1/v2 Community RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 99: Server

    This dialog allows you to set up the server services with which users or applications can access the management functions of the device. The dialog contains the following tabs:  Information  SNMP  HTTP  HTTPS  RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 100: Information

    This server service allows access to the device through SSH, see the "SSH" tab. Status Displays whether the device port is currently physically enabled or disabled. Possible values:  marked Server service is enabled.  unmarked Server service is disabled. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 101  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 102: Snmp

    Activates/deactivates the access to the device with SNMP version 2. Possible values:  marked Access is activated.  unmarked (default setting) Access is deactivated. You specify the community name in the Device Security > Management dialog. Access > SNMPv1/v2 Community RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 103  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 104: Http

    TCP Port Specifies the number of the TCP port on which the web server receives HTTP requests from clients. Possible values:  1..65535 (default setting: 80) Exception: Port 2222 is reserved for internal functions. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 105  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 106: Https

    Note: When the HTTP protocol is disabled and you also disable HTTPS, then the graphical user interface is unaccessible. To work with the graphical user interface, enable the HTTP server via the Command Line Interface. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 107 Fingerprint Number sequence of the digital certificate used by the server. When you change the settings in the "Fingerprint Type" field, click afterwards the "Set" and "Reload" buttons to update the display. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 108 To load the graphical user interface, add an exception rule for the certificate in the Web browser. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 109  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 110: Ssh

    As an alternative, the device allows you to load the DSA/RSA key (host key) from an external memory upon restart. You activate this function in the Basic dialog, "Enable Automatic SSH Key Upload" Settings > External Memory field. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 111 Exception: Port 2222 is reserved for internal functions. The server restarts automatically after the port is changed. Existing connections remain in place. Session Count Displays how many SSH connections are currently established to the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 112 Number sequence of the public DSA key of the server. Number sequence of the public RSA key of the server. After importing a new RSA or DSA key, the device continues to display the existing fingerprint until you restart the server. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 113 Displays whether the device is generating a key (host key) at the moment. Possible values:  none The device does not create a key.  busy The device creates a key at the moment. It is possible that another user triggered this action. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 114 PC or on a network drive. Import Copies the key (host key) specified in the "URL" field to the device. To get the server to use this key, click the "Set" button and restart the server. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 115  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 116: Ip Access Restriction

    Otherwise, the connection to the device terminates when you change the settings. To access the management functions is possible solely using CLI through the V.24 interface of the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 117 Access is activated for the adjacent IP address range.  unmarked Access is deactivated. SNMP Activates/deactivates the SNMP access. Possible values:  marked (default setting) Access is activated for the adjacent IP address range.  unmarked Access is deactivated. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 118 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 119: Web

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 120: Command Line Interface

    With this dialog you specify settings for the Command Line Interface (CLI). You find detailed information about the Command Line Interface in the “Command Line Interface” reference manual. The dialog contains the following tabs:  Global  Login Banner RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 121: Global

    A change in the value takes effect the next time a user logs into the device. For Telnet and SSH, you specify the timeout in the Device Security > Management Access dialog. > Server RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 122  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 123: Login Banner

    (0x20..0x7E) including space character  Tab \t  Line break \n Remaining Displays how many characters are still remaining in the "Banner Text" field Characters for the text information. Possible values:  1024..0 RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 124  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 125: Snmpv1/V2 Community

    Name Specifies the community name for the adjacent authorization. Possible values:  alphanumeric ASCII character string with 0..32 characters private (default setting for read and write authorizations) public (default setting for read authorization) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 126  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 127: Pre-Login Banner

    The device does not display a text in the login dialog. If you entered a text in the "Banner Text" field, this text is saved on the device.  "On" The device displays the text specified in the "Banner Text" field in the login dialog. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 128  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 129: Network Security

    Network 2 Figure 8: Processing sequence of the data packets in the device The menu contains the following dialogs:  Network Security Overview  Packet Filter  Deep Packet Inspection  RADIUS   RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 130: Network Security Overview

    Routing > NAT > 1:1 NAT Marks the adjacent checkboxes. The device displays the related rules in the overview. None Unmarks the adjacent checkboxes. The device does not display any rules in the overview. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 131 Network Security Network Security > Overview Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 132: Packet Filter

    Packet filters process data traffic using software, resulting in slower transient times.  Packet filters provide fine filtering.  Packet filters process data traffic after ACL processing.  You assign Packet filters to a router interface. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 133 Figure 9: Processing sequence of the data packets in the device The menu contains the following dialogs:  Packet Filter Global  Firewall Learning Mode  Packet Filter Rule  Packet Filter Assignment  Packet Filter Overview RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 134: Packet Filter Global

     marked At least one of the packet filter rules saved in the device contains modified settings. By clicking the "Commit Changes" button, you apply the packet filter rules to the data stream. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 135 In the process, the device interrupts open communication connections. Note: While the device is activating the saved rules, the establishment of any new communication connections is impossible. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 136: Firewall Learning Mode

    Note: During the learning phase your network is temporarily exposed, because "Firewall Learning Mode" configures rules to accept every data packet on the selected ports. The dialog contains the following tabs:  Configuration  Rules RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 137: Configuration

    Displays a special status message. Information Learned Entries Displays the number of Layer 3 entries in the connection table. Free Memory for Displays the percentage of free memory available for learning data. learning Data [%] RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 138  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 139: Rules

    Displays the number of connections that match the rules set in the table covered by Rule below. Set: Connections Displays the number of connections that match the selections in the table covered by below. Selection: RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 140  An exclamation mark (!) preceding the IP address reverses the expression into its opposite. The device applies the rule to data packets which do not contain the destination address specified here. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 141 You can also combine ports and port ranges, e.g. 21,2000- 3000,65535. The field allows you to specify up to 15 numerical values. If you enter 21,2000-3000,65535, for example, you use 4 of 15 numerical values. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 142 Show only FLM Activates/deactivates the hiding of non-"Firewall Learning Mode" rules. Rules Possible values:  marked (default setting) Hiding non-"Firewall Learning Mode" rules is active.  unmarked Hiding non-"Firewall Learning Mode" rules is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 143  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 144: Packet Filter Rule

     An exclamation mark (!) preceding the IP address reverses the expression into its opposite. The device applies the rule to data packets which do not contain the source address specified here. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 145  Transmission Control Protocol (RFC 793)  User Datagram Protocol (RFC 768)  IPsec Encapsulated Security Payload (RFC 2406)  IPsec Authentication Header (RFC 2402)  icmpv6 Internet Control Message Protocol for IPv6 RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 146 You can also combine ports and port ranges, e.g. 21,2000- 3000,65535. The field allows you to specify up to 15 numerical values. If you enter 21,2000-3000,65535, for example, you use 4 of 15 numerical values. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 147 This rule applies to packets for which you set the syn, ack, or fin flag.  mac=de:ad:de:ad:be:ef,state=new|rel,flags=syn This rule applies to packets that come from the de:ad:de:ad:be:ef MAC address, are in a new or relative connection, and for which you set the syn flag. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 148 The sending of SNMP traps is deactivated. The prerequisite for sending SNMP traps is that you enable the function in dialog and Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 149 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 150 Network Security Network Security > Packet Filter > Rule RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 151: Packet Filter Assignment

    "Assign" button. Interface Displays the interface on which the device uses the rule. You specify the interface by clicking on the "Assign" button. The device displays ports on which you enable routing. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 152  Parameters Meaning Port Specifies which rules the table displays. Possible values:  The table displays all the rules.  <Port number> The table displays the rules that apply for the selected port. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 153 In the process, the device interrupts open communication connections. Note: While the device is activating the saved rules, the establishment of any new communication connections is impossible. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 154: Packet Filter Overview

     An exclamation mark (!) preceding the IP address reverses the expression into its opposite. The device applies the rule to data packets which do not contain the source address specified here. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 155 Possible values:  The device applies the rule to every data packet without considering the destination port.  1..65535 The device applies the rule exclusively to data packets containing the specified destination port. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 156 This rule applies to packets for which you set the syn, ack, or fin flag.  mac=de:ad:de:ad:be:ef,state=new|rel,flags=syn This rule applies to packets that come from the de:ad:de:ad:be:ef MAC address, are in a new or relative connection, and for which you set the syn flag. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 157  Parameters Meaning Port Specifies which rules the table displays. Possible values:  The table displays all the rules.  <Port number> The table displays the rules that apply for the selected port. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 158 Network Security > Packet Filter > Overview Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 159: Deep Packet Inspection

    If a violation is made, the device terminates the data connection on request. The menu contains the following dialogs:  Deep Packet Inspection Modbus Enforcer  Deep Packet Inspection OPC Enforcer RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 160: Deep Packet Inspection Modbus Enforcer

    At least one of the DPI Modbus Enforcer rules saved in the device contains modified settings. When you click the "Commit Changes" button, the device applies the specified DPI Modbus Enforcer rules and refreshes the display in the "Function Code" column. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 161 "Create" button with the desired value in the "Function Type" column. To apply the changes, click the buttons. The Commit Changes device enters the specified function code list in the "Function Code" column. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 162 126 (default setting for "Function Code" = programming)  1,2,..,255 (default setting for "Function Code" = all) You can find the meaning of the "Function Code" numbers in section “Meaning of the Function Code values” on page 168. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 163 Possible values:  marked (default setting) The rule is active. The device applies the DPI Modbus Enforcer rules specified in this table entry to the data packets.  unmarked The rule is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 164  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. If you mark the "Profile Active" checkbox for the rule, the device stops you from removing the rule. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 165: Function Code Configurator

    Displays the number (#) and the meaning of the available function codes for Function Code the DPI Modbus Enforcer rule. Possible values:  <1,2,..,255> You can find the meaning of the "Function Code" numbers in section “Meaning of the Function Code values” on page 168. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 166 << Moves all entries to the left column. Closes the "Create" window and transfers the changes to the volatile memory (RAM) of the device. Cancel Closes the "Create" window without saving the changes. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 167: Function Code Configurator - Advanced Configuration

    "Function Code" = 42. Buttons  Button Meaning Closes the "Create" window and transfers the changes to the volatile memory (RAM) of the device. Cancel Closes the "Create" window without saving the changes. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 168: Meaning Of The Function Code Values

    66 Scan Data Inc. - Expanded Read Holding Registers 67 Scan Data Inc. - Expanded Write Holding Registers - 90 unity Programming/OFS 100 Scattered Register Read 125 Schneider Electric - Firmware Replacement 126 Schneider Electric - Program RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 169: Deep Packet Inspection Opc Enforcer

    At least one of the DPI OPC Enforcer rules saved in the device contains modified settings. When you click the "Commit Changes" button, the device applies the specified DPI OPC Enforcer rules. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 170 Profile Active Activates/deactivates the rules. Possible values:  marked (default setting) The rule is active. The device applies the rule to the data packets.  unmarked The rule is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 171  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. If you mark the "Profile active" checkbox for the rule, the device stops you from removing the rule. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 172: Radius

    The authentication server decides whether the login data is valid and transfers the user’s authorizations to the device. The menu contains the following dialogs:  RADIUS Global  RADIUS Authentication Server  RADIUS Authentication Statistics RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 173: Radius Global

    IP address, and the authentication server receives the translated IP address of the device. The device transfers the IP address in this field unchanged across the Network Address Translation (NAT). RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 174 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Clear RADIUS Deletes the statistics in the Authentication Network Security > RADIUS > Statistics ... Statistics dialog. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 175: Radius Authentication Server

    To change the password, click the relevant field. Possible values:  alphanumeric ASCII character string with 1..64 characters You get the password from the administrator of the authentication server. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 176 Opens the "Create" dialog to add a new entry to the table. In the "Address" field, you specify the IP address of the server. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 177: Radius Authentication Statistics

    Displays the number of access request data packets that the device sent to the server to which it has not yet received a response from the server. Timeouts Displays how often no response to the server was received before the specified waiting time elapsed. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 178 Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 179: Dos

    (Denial of Service, DoS). With this menu you can use various filters to restrict the data traffic for Denial of Service attacks. The menu contains the following dialog:  DoS Global RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 180: Dos Global

    The device detects incoming data packets with the TCP flags FIN, URG and PUSH set simultaneously and the TCP sequence number reset to 0 and discards them.  unmarked (default setting) The Xmas scan is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 181 IP header less the outer IP header size is smaller than the minimum TCP header size. If this is the first fragment that the device detects, the device discards the data packet.  unmarked (default setting) The minimal header scan is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 182 Activates/deactivates the filter for fragmented ICMP packets. Packets Possible values:  marked The device detects fragmented ICMP packets and discards these.  unmarked (default setting) The filter for fragmented ICMP packets is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 183  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 184: Acl

    ACLs filter the data stream by using hardware, so the processing time is shorter.  ACLs provide coarse filtering.  ACLs process data traffic before packet filtering.  ACLs filter by IP or MAC address. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 185 Switching Chip Network 1 Network 2 Figure 10: Processing sequence of the data packets in the device The menu contains the following dialogs:  ACL IPv4 Rule  ACL MAC Rule  ACL Assignment RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 186: Acl Ipv4 Rule

    Possible values (for rules within an Access Control List):  marked (default setting) The rule is active. The device applies the rule to the data stream if the associated Access Control List is also active.  unmarked The rule is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 187 The inverse bit mask allows you to specify the address range with bit-level accuracy. Example 192.168.1.1/0.0.0.127: The device applies the rule to IP data packets with a destination address in the range from 192.168.1.0 to ….127. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 188 – (default setting) The device applies the rule to every IP data packet without considering the DSCP value.  0..63 The device applies the rule solely to IP data packets containing the specified DSCP value. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 189  <Port number> The device transmits the IP data packets on the specified port. The device does not provide the option of transmitting IP data packets across VLAN boundaries or to routing interfaces. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 190 "Unit" field. Unit Specifies the measurement unit for the data transfer rate specified in the "Rate Limit" field. Possible values:  kbps (default setting) kByte per second  Data packet per second RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 191 Remove Removes the highlighted table entry. ↑ Moves the highlighted table entry up one row. The device allows you to mark and move multiple lines simultaneously. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 192 If an Access Control List is highlighted, the device sets the counter in the associated rules to 0.  If multiple Access Control Lists are highlighted, the device resets the counter in every associated rule to 0. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 193: Acl Mac Rule

    Possible values (for rules within an Access Control List):  marked (default setting) The rule is active. The device applies the rule to the data stream if the associated Access Control List is also active.  unmarked The rule is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 194 The bit mask allows you to specify the address range with bit-level accuracy. Example 00:11:22:33:44:54/FF:FF:FF:FF:FF:FC: The device applies the rule to MAC data packets with a source address in the range from 00:11:22:33:44:54 to …:57. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 195  appletalk   ibmsna  ipv4  ipv6  ipxold  mplsmcast  mplsucast  netbios  novell  rarp  pppoedisc  ppoesess  ipx-new  profinet  powerlink  ethercat RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 196  <Port number> The device transmits the MAC data packets on the specified port. The device does not provide the option of mirroring MAC data packets across VLAN boundaries or to routing interfaces. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 197 "Unit" column. Unit Specifies the unit of measurement for the data transfer rate specified in the "Rate Limit" column. Possible values:  kbps (default setting) kByte per second  Data packet per second RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 198 Remove Removes the highlighted table entry. ↑ Moves the highlighted table entry up one row. The device allows you to mark and move multiple lines simultaneously. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 199 If an Access Control List is highlighted, the device sets the counter in the associated rules to 0.  If multiple Access Control Lists are highlighted, the device resets the counter in all associated rules to 0. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 200: Acl Assignment

    Otherwise, the connection to the device terminates when you change the settings. To access the management functions is possible solely using CLI through the V.24 interface of the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 201 Active Activates/deactivates the Access Control List on the port or in the VLAN. Possible values:  marked (default setting) The Access Control List is active.  unmarked The Access Control List is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 202  In the "Group Name" filed, you specify which rule the device assigns to the port or VLAN. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 203: Virtual Private Network

    The LED is a separate LED for VPN and as such is non-configurable for this device. The VPN LED only displays the status of the VPN tunnels. The menu contains the following dialogs:  VPN Overview  Virtual Private Network Certificates  Connections RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 204: Vpn Overview

    Displays the maximum number of active VPN tunnels supported. Connections 5.1.1 Overview Table  Parameters Meaning VPN Index Displays the row index for unique identification of a VPN tunnel. VPN Description Displays the user-defined name for the VPN tunnel. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 205 VPN tunnel setup. For example, the device has an unsuccessful hostname resolution.  re-keying The key exchange is in progress. The device displays the value after the expiration of either the IKE or the IPSEC lifetime timer. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 206 The device displays the current cipher suite used for the connection. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 207: Diagnostics

    Displays the remaining time, in seconds, before the next IKE re-key. The Keying [s] value 0 indicates that re-keying is unconfigured. Next IPsec Re- Displays the remaining time, in seconds, before the next IPsec re-key. Keying [s] RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 208 VPN tunnel. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 209: Connection Errors

    ASCII character string with 0..512 characters. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 210: Virtual Private Network Certificates

    Displays the row index of the certificate entry. Possible values:  1..100 File Name Displays the name of the file upload to the device. Possible values:  alphanumeric ASCII character string with 1..64 characters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 211 The device has located and uploaded the private key from the peer certificate.  notFound The device has located a private key, but the key is missing passphrase and the device has suspended the upload. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 212 "Browse..." button.  In the "Passphrase" field, you specify the passphrase used with this certificate. Possible values: Alphanumeric ASCII character string with 0..128 characters Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 213: Connections

    The device allows you to specify any available value within the given range. Traffic Selector Specifies the name of the traffic selector. Description Possible values:  alphanumeric ASCII character string with 0..128 characters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 214 /53 which is equal to any/53. Possible values:  alphanumeric ASCII character string with 0..32 characters (default setting: blank) When the field is blank, the device uses any/any as the destination restriction. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 215 IKE communications. Possible values:  main (default setting) The main mode for phase 1 provides identity protection.  aggressive You use the aggressive mode to reduce round trips. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 216 "IKE Auth. Cert. CA" field. Possible values:  alphanumeric ASCII character string with 0..128 characters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 217 Encrypted Key / Specifies the passphrase to use for the decryption of the private key in PKCS12 "Encrypted Private Key" or pkcs12 certificate container. Passphrase Possible values:  alphanumeric ASCII character string with 0..128 characters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 218 A FQDN web address, for example, foo.bar.com. Verify that the string is without any terminators. – A valid email address – A typical X.500 distinguished name Use the following syntax when creating the entry: CN=XY-D,C=DE,L=NT,ST=BW, O=COMPANY,OU=DEV, E=testuser@company.com RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 219 A FQDN web address, for example, foo.bar.com. Verify that the string is without any terminators – A valid email address – A typical X.500 distinguished name Use the following syntax when creating the entry: CN=XY-D,C=DE,L=NT,ST=BW, O=COMPANY,OU=DEV, E=testuser@company.com RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 220 SHA- 512.  hmacsha512 The device uses SHA-512, part of the version 2 family, for hash function calculation which the device computes with 64 bit words. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 221 CIDR notation, during IKE-SA establishment.  hostname alphanumeric ASCII character string with 0..128 characters. When you specify a hostname, then the device delays the VPN tunnel until it receives an IP address for the hostname. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 222 The value represents an RSA with 4096 bits modulus which is Diffie- Hellman Group 16.  none The value disables Perfect Forward Secrecy (PFS). With PFS enabled, if a compromise of a single key occurs, then the integrity remains for subsequently generated keys. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 223 SHA- 512.  hmacsha512 The device uses SHA-512, part of the version 2 family, for hash function calculation which the device computes with 64 bit words. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 224 The devices establish a security association after exchanging a set of pre-defined keys. Possible values:  300..28800 (default setting: 3600) The default setting is 1 hour and the maximum setting is 8 hours. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 225  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 226 In the "Traffic Selector Index" field, you specify the index of the VPN tunnel traffic selector. Possible values: 1..16 Remove Removes the highlighted table entry. Wizard Opens the Wizard to assist you in setting up IPSec VPN connections. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 227: Wizard

     responder If you specify the role of the device as a responder for the VPN tunnel, then it waits for the initiator to begin a key exchange (IKE) and connection parameter negotiation. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 228 Possible values:  0..256 The value 0 indicates that only assigned entries are available. Description Specifies the user-defined description for the VPN tunnel. Possible values:  alphanumeric ASCII character string with 1..128 characters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 229 Activates the"Pre-Shared Key" and "Confirm Pre-Shared Key" fields which allows you to enter and confirm a new key.  unmarked (default setting for pre-existing entries) The "Pre-Shared Key" and "Confirm Pre-Shared Key" fields are inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 230 The prerequisite for activating the field is that you select Individual Certificates (X.509) or Certificate Bundle (PKCS12) from the "Method" drop-down list and that you mark the "Change" checkbox. Possible values:  Alphanumeric ASCII character string with 0..128 characters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 231 Possible values:  marked (default setting) Activates the "Passphrase (PrivKey)" and "Confirm Passphrase" fields allowing you to enter and confirm a passphrase.  unmarked The "Passphrase (PrivKey)" and "Confirm Passphrase" fields are inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 232 Possible values:  1..16 Description Displays the user-defined description for the traffic selector. Possible values:  alphanumeric ASCII character string with 1..128 characters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 233 6/80, udp which is equal to udp/any or /53 which is equal to any/53. Possible values:  <blank> (default setting) The device uses any/any as the restriction.  alphanumeric ASCII character string with 0..32 characters RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 234: Advanced Configuration

    When the instance starts as an initiator it begins an IKE with the responder.  responder If you specify that the instance starts as a responder, then it waits for the initiator to start the IKE and parameter negotiation. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 235 A FQDN web address, for example, "foo.bar.com". Verify that the string is without any terminators – A valid email address – A typical X.500 distinguished name Use the following syntax when creating the entry: CN=XY-D,C=DE,L=NT,ST=BW, O=COMPANY,OU=DEV, E=testuser@company.com. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 236 A FQDN web address, for example, "foo.bar.com". Verify that the string is without any terminators – A valid email address – A typical X.500 distinguished name Use the following syntax when creating the entry: CN=XY-D,C=DE,L=NT,ST=BW, O=COMPANY,OU=DEV, E=testuser@company.com. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 237 Group 14.  modp3072 The value represents an RSA with 3072 bits modulus which is DH Group 15.  modp4096 The value represents an RSA with 4096 bits modulus which is DH Group 16. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 238 128 bits, and a key length of 192 key bits.  aes192 The device uses the Advanced Encryption Standard (AES) with a block size of 128 bits, and a key length of 256 key bits. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 239 The value represents an RSA with 4096 bits modulus which is Diffie- Hellman Group 16.  none The value disables Perfect Forward Secrecy (PFS). With PFS enabled, when a compromise of a single key occurs, then the integrity remains for subsequently generated keys. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 240 SHA- 512.  hmacsha512 The device uses SHA-512, part of the version 2 family, for hash function calculation which the device computes with 64 bit words. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 241 The device establishes a security association after exchanging a set of pre-defined keys. Possible values:  300..28800 (default setting: 3600) The default setting is 1 hour and the maximum setting is 8 hours. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 242 Valid IPv4 address with netmask in CIDR format  In the "Destination Restrictions" field you specify the optional destination restrictions. Possible values: Alphanumeric ASCII character string with 0..32 characters Remove Deletes the highlighted entry from the table. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 243: Switching

    This menu allows you to specify the switching settings for transmitting data on layer 2 of the ISO/OSI layer model. The menu contains the following dialogs:  Switching Global  Rate Limiter  Filter for MAC Addresses  QoS/Priority  VLAN RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 244: Switching Global

    On uplink ports, this can possibly cause undesired sending breaks in the higher-level network segment (“wandering backpressure”). Configuration  Parameters Meaning MAC Address Displays the MAC address of the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 245  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 246: Rate Limiter

    Activates/deactivates the rate limiter function for received broadcast data packets. Possible values:  unmarked (default setting)  marked If the threshold value is exceeded, the device discards the excess broadcast data packets on this port. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 247  Enter a percentage from 0 through 100 if you select in the "Threshold Unit" column the value "percent".  Enter an absolute value for the data rate if you select in the "Threshold Unit" column the value "pps". RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 248  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 249: Filter For Mac Addresses

    Address filter set up manually. The address filter stays set up permanently.  mgmt MAC address of the device. The address filter is protected against changes.  invalid Deletes a manually set up address filter. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 250 To manually adapt the settings for a table entry, click the "Edit Entry" button. Parameters Meaning Possible Ports This column displays the available ports. Dedicated Ports This column displays the ports that are assigned to the table entry. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 251 << : Moves every entry to the "Possible Ports" field. Reset MAC Removes the MAC addresses from the forwarding table that have the Address Table value learned in the "Status" field. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 252: Qos/Priority

    "Configuration" Switching > Global the "Activate Flow Control" checkbox is unmarked. The menu contains the following dialogs:  Global  Port Configuration  802.1D/p Mapping RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 253: Global

    Displays the number of priority queues per port. You assign very priority per Port queue to a specific traffic class (traffic class according to IEEE 802.1D). The device has 8 priority queues per port. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 254  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 255: Port Configuration

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 256: D/P Mapping

    Therefore, select another traffic class for application data. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 257 Time-critical data with a high priority. Video Video transmission with delays and jitter < 100 ms. Voice Voice transmission with delays and jitter < 10 ms. Network Control Data for network management and redundancy mechanisms. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 258: Vlan

    VLAN. This reduces the network load. The device learns the MAC addresses for every VLAN separately (independent VLAN learning). The menu contains the following dialogs:  VLAN Global  VLAN Configuration  VLAN Port RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 259: Vlan Global

    Caution: You block your access to the device if you have changed in the dialog the VLAN ID for the management Basic Settings > Network functions of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 260: Vlan Configuration

    VLANs with this setting remain set up after a restart, if you save the changes in the non-volatile memory. Creation time Displays the time of VLAN creation. The field displays the time stamp for the operating time (system uptime). RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 261 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Opens the "Create" dialog to add a new entry to the table. In the "VLAN ID" field, you specify the ID of the VLAN. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 262 Switching Switching > VLAN > Configuration Button Meaning Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 263: Vlan Port

    Frame Types" field the value admitAll. Possible values:  ID of a VLAN you set up (default setting: 1)  4043.. The device assigns values >4042 for internal functions for example, for port based router interfaces. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 264  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 265: Wan

    7 WAN This menu allows you to specify the settings for the WAN interfaces. The menu contains the following dialogs:  SHDSL/EFM RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 266: Shdsl/Efm

    The device supports only the EFM interface of SHDSL (2BASE-TL). This offers you the option of connecting 2 HiSecOS EAGLE20/30 devices over existing telephone lines using Ethernet in full-duplex mode. Depending on interference, line quality, and speed, the devices can be several kilometers apart.

  • Page 267: Shdsl/Efm Configuration

    This dialog allows you to specify the settings for the SHDSL ports. Note: Use the SHDSL ports exclusively for the purpose of connecting 2 HiSecOS EAGLE20/30 devices with each other. For data connections to public networks, you need an EFM connection on the provider side. Data connections between 2 devices are permitted only on 1 port.
  • Page 268 13.5 North America 16-TCPAM Standard (Annex A sec. A.4.1) 13.5 North America 16-TCPAM Standard (Annex A sec. A.4.1) 5696 5696 14.5 Europe 32-TCPAM Standard (Annex B sec. A.4.1) Table 5: Profiles with settings RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 269  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 270: Shdsl/Efm Statistics

    Contradictory operating modes are assigned to the pairs. See the WAN > SHDSL/EFM dialog, "Operation mode" field. > Configuration  lowRate The bandwidth falls below the threshold specified in the efmCuThreshLowRate MIB variable. Default setting: 192 kbit/s. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 271 Basic Settings > Load/Save  In the table, highlight the desired configuration profile.  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 272 No connection has been established. No handshake signals from the remote site can be detected.  downReady No connection has been established. Handshake signals from the remote site can be detected.  init The connection is being initialized. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 273 Possible values:  -127..128  65535 No connection has been established. The connection is being initialized. SNR Remote [dB] Currently the device does not support this function. Possible values:  65535 RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 274  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 275: Routing

    The menu contains the following dialogs:  Routing Global  Interfaces   Open Shortest Path First  Routing Table  Tracking  Loopback Interface  L3-Redundancy  RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 276: Routing Global

    Possible values:  "Off" (default setting) Routing function is disabled.  "On" Routing function is enabled. Also activate the routing function on the router interfaces, see the dialog. Routing > Interfaces > Configuration RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 277 In the case of bursts the interval is shorter than specified here. Possible values:  0..2147483647 (default setting: 1000) Rate Limit Burst Displays the maximum number of ICMP packets, the device sends during Size a burst to each receiver. Possible values:  RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 278  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 279: Interfaces

    Routing Routing > Interfaces 8.2 Interfaces Routing > Interfaces This menu allows you to specify the settings for the router interfaces. The menu contains the following dialogs:  Configuration  Secondary Interface addresses RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 280: Configuration

    Specifies the IP address for the router interface. Possible values:  Valid IPv4 address (default setting: 0.0.0.0) Netmask Specifies the network mask for the router interface. Possible values:  Valid IPv4 netmask (default setting: 0.0.0.0) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 281 The prerequisite is that on the ports belonging to the router interface you specify the maximum allowed size of Ethernet packets at least 18 bytes larger than specified here. See the dialog, Basic Settings > Port "MTU" field. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 282 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Remove Removes the highlighted table entry. Wizard Opens the Wizard that assists you in setting up VLAN-based router interfaces. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 283: Wizard

    Specifies the name of the VLAN. Possible values:  alphanumeric ASCII character string with 1..32 characters (0x20..0x7E) including space character This setting overwrites the setting specified for the port in the Switching > VLAN dialog. > Configuration RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 284 Specifies the primary IP address for the router interface. Possible values:  Valid IPv4 address (default setting: 0.0.0.0) Netmask Specifies the primary netmask for the router interface. Possible values:  Valid IPv4 netmask (default setting: 0.0.0.0) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 285 Back Displays the previous page again. Changes are lost. Next Saves the changes and opens the next page. Finish Saves the changes and closes the wizard. Cancel Closes the Wizard. Changes are lost. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 286: Secondary Interface Addresses

     In the "IP Address" field, you specify the IP address. Possible values: – Valid IPv4 address  In the "Netmask" field, you specify the netmask. Possible values: – Valid IPv4 netmask RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 287 Routing > Interfaces > Secondary Interface addresses Button Meaning Delete IP Address Opens the "Select secondary addresses to remove" dialog to remove IP addresses from the router interface highlighted in the table. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 288: Arp

    Routing > ARP The Address Resolution Protocol (ARP) determines the MAC address that belongs to an IP address. The menu contains the following dialogs:  ARP Global  ARP Current  ARP Static RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 289: Arp Global

    Addresses of the devices which are connected to the device management, see the dialog. Diagnostics > System > ARP Table Max. Number of Displays how many entries the ARP table can contain at a maximum. entries RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 290  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 291: Arp Current

    The entry remains when you remove the dynamically configured addresses from the ARP table using the "Reset ARP Table" button.  local Identifies the IP/MAC address assignment of the router interface.  invalid Invalid entry. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 292 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Remove Removes the highlighted table entry. Reset ARP Table Removes the dynamically set up addresses from the ARP table. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 293: Arp Static

     marked The IP/MAC address assignment is active. The ARP table of the device contains the IP/MAC address assignment as a static entry.  unmarked (default setting) The IP/MAC address assignment is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 294 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Remove Removes the highlighted table entry. Wizard Opens a wizard that helps you insert static entries in the ARP table. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 295: Wizard

    The device uses the IP addresses from this list for multinetting. Remove Removes the highlighted entry from the table on the left. Back Displays the previous page again. Changes are lost. Next Saves the changes and opens the next page. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 296 Routing Routing > ARP > Static Button Meaning Finish Saves the changes and closes the wizard. Cancel Closes the Wizard. Changes are lost. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 297: Open Shortest Path First

    The device allows you to use the md5 algorithm for secure data transmission. When you use the md5 mode, specify the same values on the devices in same area. Specify the area relevant values connected to the ABRs and ASBRs. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 298 The menu contains the following dialogs:  OSPF Global  OSPF Areas  OSPF Stub Areas  OSPF Not So Stubby Areas  OSPF Interfaces  OSPF Virtual Links  OSPF Ranges  OSPF Diagnostics RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 299: Ospf Global

    Operation  Parameters Meaning Operation Enables/disables the OSPF function on the device. Possible values:  "On" The OSPF function is active.  "Off" (default setting) The OSPF function is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 300 Specifies the maximum number of ECMP routes that OSPF adds to the routing table when multiple routes exist for a subnet with same path costs, but different next hops. Possible values:  (default setting: 4) 1..4 RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 301 Displays the link state checksums of the external LSAs contained in the Checksum link state database. This value helps to determine when changes occur in a link state database of the router, and to compare the link state database to other routers. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 302 When the router leaves the overflow state it transmits new non-default AS-external-LSAs. Possible values:  0..2147483647 (default setting: 0) The value 0 means that the router remains in the Overflow-State until restarted. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 303  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 304: Configuration

    (intra-area) and the other is outside the local area (inter-area or external). If the metric values are the same for intra, inter and external, then the order of preference is intra, inter then external. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 305 Specifies the "administrative distance" between routers in different areas (inter-area OSPF routes). Possible values:  1..255 (default setting: 110) Preference Specifies the "administrative distance" between routers external to the (external) areas (external OSPF routes). Possible values:  1..255 (default setting: 110) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 306 Includes both the external path cost from the ABR to the ASBR that originated the route plus the internal path cost to the ABR that advertised the route in the local area.  external type 2 (default setting) Includes only the external path cost. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 307  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 308: Redistribution

    Redistribution of routes learned from the source protocol is active.  unmarked (default setting) OSPF route redistribution is inactive. Metric Specifies the default metric used for redistributing a route from the source protocol into OSPF. Possible values:  1..16777214 (default setting: 0) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 309 "Access-List Number". Possible values:  marked The router filters redistribution of routes according to the specified access list.  unmarked (default setting) The router ignores access list filtering for this source protocol. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 310  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 311: Ospf Areas

    SPF Pass. AS Border Router Displays the total number of ASBRs reachable within this area. The number count of reachable ASBRs is initially zero, and OSPF calculates the number in each SPF Pass. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 312 Opens the "Create" dialog to add a new entry to the table.  Specifies the "Area ID" for the new table entry. Possible values: – valid IP address Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 313: Ospf Stub Areas

    Default Cost Specifies the external metric value for the metric type. Possible values:  0..16777215 The router sets the default value to equal the lower cost within the area for the metric type. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 314  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 315: Ospf Not So Stubby Areas

    When set to active, the NSSA ASBRs suppress external route redistribution into the NSSA. Furthermore, the ASBR ceases to create type 7 external LSAs for external routes.  unmarked The NSSA ASBRs redistribute external routes into the NSSA. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 316 When designated as the translator, the router translates type-7 LSAs to type-5 LSAs. To help prevent routing loops, OSPF performs a translator election. When multiple candidates exist, OSPF elects the router with the higher router ID as the translator. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 317  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 318: Ospf Interfaces

     marked The router advertises the values specified on the interface, and the interface as an OSPF internal route.  unmarked (default setting) This value indicates that the interface is external to OSPF. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 319 Possible values:  0..65535 (default setting: 40) The router considers values in excess as unnecessary and the values are prone to interoperability issues. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 320 Displays the IP Address of the Backup Designated Router. Designated Possible values: Router  Valid IPv4 address (default setting: 0.0.0.0) Events Displays the number of times this OSPF interface changed its state, or the router detected an error. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 321 When you set the "Auth Type" parameter to simple the device uses only 8 characters and when set to md5 the device uses 16 characters. Possible values:  alphanumeric ASCII character string with 1..16 characters RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 322 The router checks if neighbors are using the same MTU value on the interfaces.  unmarked (default setting) Disables the IP MTU check and allows adjacencies when the MTU value differs on the interfaces. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 323  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 324: Ospf Virtual Links

    Specifies the number of seconds between the LS advertisement retransmissions for adjacencies belonging to this interface. You also use this value when retransmitting Database Description (DD) and LS Request packets. Possible values:  0..3600 (default setting: 5) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 325 DR and BDR and tracks its network neighbors. Events Displays the number of times this interface changed its state due to a received event such as helloReceived or 2-way. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 326 The prerequisite for specifying this value is that you specify the "Auth Type" as md5. Possible values:  0..255 (default setting: 0) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 327 Possible values: – valid IP address  Specifies the "Neighbor ID" of the virtual neighbor. Possible values: – router ID (default setting: 0.0.0.0) Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 328: Ospf Ranges

    Displays the LSDB type to which this address range belongs. Possible values:  summaryLink The area range aggregates type 5 route information. Network Displays the IP address of the network or subnetwork of the range. Possible values:  Valid IPv4 address RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 329 Possible values: – Valid IP address  Specifies the "Netmask" that pertains to the network or subnetwork. Possible values: – Valid IP mask Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 330: Ospf Diagnostics

    The statistics displayed in the tabs assists you in analyzing the OSPF processes. The dialog contains the following tabs:  Statistics  Link State Database  Neighbors  Virtual Neighbors  External Links State Database RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 331: Statistics

    LSA for each broadcast and NBMA network it is connected to. The LSA describes every router attached to the network, including the DR itself. The router floods type 2 LSAs only across its own area. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 332 Displays the total number of OSPFv2 LS Update packets received since received resetting the counters. LS update packets Displays the total number of OSPFv2 LS Update packets transmitted since transmitted resetting the counters. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 333 Displays the number of type 5 external LSAs received since resetting the LSAs received counters. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 334: Link State Database

    A newer instance overwrites the LSA during the flooding process.  The router originates a newer instance of a self-originated LSA.  The LSA ages out and the router flushes the LSA from the routing domain. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 335 Router ID or an IP Address according to the LSA type. Possible values:  Valid router ID or IP address Router ID Displays the router ID uniquely identifying the originating router. Possible values:  router ID RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 336 Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 337: Neighbors

    For virtual links, the router learns the neighbor IP address while building the routing table. Possible values:  Valid IPv4 address Interface Displays the interface to which the entries in this row refer. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 338 LSAs and network LSAs. Dead Time Displays the amount of time remaining before the router declares the neighbor status as down. The timer initiates the count down after the router receives a hello packet. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 339 Routing Routing > OSPF > Diagnostics Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 340: Virtual Neighbors

    After virtual adjacencies form, the virtual link carries OSPF packets such as hello packets and LS update packets containing database information. When the LSAs of the neighbor router contain the router ID of the local router. Possible values:  router ID RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 341 The values indicate that the virtual neighbor supports multicast routing.  8,10,12,14,40,42,44,46 The values indicate that the virtual neighbor supports type 7 LSAs.  32,34,36,38,40,42,44,46 The values indicate that the virtual neighbor supports demand circuits. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 342 The neighboring routers are fully adjacent. The adjacencies now appear in router LSAs and network LSAs. Events Displays the number of times this interface changed its state due to a received event such as helloReceived or 2-way. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 343 The router transmits hello packets. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 344: External Links State Database

    The age field of the advertisement increases as the routers transmit the message across the network. Excluding the age field allows routers to transmit the message without needing to update the checksum field. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 345 Routing Routing > OSPF > Diagnostics Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 346: Routing Table

    Network Address Displays the address of the destination network. Netmask Displays the network mask. Next Hop IP Displays the IP address of the next router on the path to the destination Address network. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 347 Active Displays whether the route is active or inactive. Possible values:  marked The route is active; the device uses the route.  unmarked The route is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 348 Basic Settings > Load/Save  In the table, highlight the desired configuration profile.  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 349 Possible values: – Name of the tracking object, made up of "Type" and "Track ID". – – No tracking object selected. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 350: Tracking

    – You link virtual routers with a tracking object in the Routing > L3- dialog, "Track Name" field. Redundancy > VRRP > Statistics The menu contains the following dialogs:  Tracking Configuration  Applications RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 351: Tracking Configuration

    Monitoring is active. The device monitors the tracking object.  unmarked (default setting) Monitoring is inactive. Description Specifies the description. Here you describe what the device uses the tracking object for. Possible values:  alphanumeric ASCII character string with 0..255 characters RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 352 If the link has been active on the interface for longer than the period specified here, the "Status" field displays the value Possible values:  0..255  – (No tracking object of the interface type) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 353 "Status" field displays the value up. Possible values:  1..10 (default setting: 2)  – (No tracking object of the ping type) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 354 Links the tracking objects specified in the "Logical Operand A" and "Logical Operand B" fields. Possible values:  Logical AND link  Logical OR link  – (No tracking object of the logical type) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 355  In the "Track ID" field, you specify the identification number of the tracking object. Possible values: – 1..2147483647 Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 356: Applications

    Displays the name of the traffic object made up of "Type" and "Track ID". Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 357: Loopback Interface

    The loopback interface is inactive.  marked (default setting) The loopback interface is active. When sending SNMP traps, the device uses the IP address of the first loopback interface as the sender. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 358 Opens the "Create" dialog to create a loopback interface.  Index field Here you specify the number that uniquely identifies the loopback interface. Possible values: – 1..8 Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 359: L3-Redundancy

    Routing Routing > L3-Redundancy 8.23 L3-Redundancy Routing > L3-Redundancy This menu allows you to specify and monitor the settings for router redundancy mechanisms. The menu contains the following dialogs:  VRRP RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 360: Vrrp

    If the default gateway fails, VRRP ensures that the end devices find a redundant gateway. Note: You find detailed information on "VRRP" in the “Routing” user manual. The menu contains the following dialogs:  VRRP Configuration  VRRP Statistics  Tracking RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 361: Vrrp Configuration

    When you enable the function, the VRRP redundancy is active globally on the device. Possible values:  "Off" (default setting) The "VRRP" function is disabled.  "On" The "VRRP" function is enabled. Information + Configuration  Parameters Meaning Version Specifies the VRRP version. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 362 VRID Displays the Virtual Router IDentifier. Active Activates/deactivates the VRRP instance specified in this row. Possible values:  unmarked (default setting) The "VRRP" instance is inactive.  marked The "VRRP" instance is active. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 363 Displays the virtual IP address in the subnet of the primary IP address on the interface. If no match is found, the device returns an unspecified virtual address. If no virtual address is configured, 0.0.0.0 is returned. Possible values:  Valid IPv4 address RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 364 "VRID" text box. The device allows you to configure up to 8 virtual routers.  Click the "Next" button.  Open the "VRRP" tab. In the "Configuration" frame set the appropriate values for the following parameters: – "Priority" – "Preempt mode" RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 365  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 366: Wizard

    You specify this address in the Routing > Interfaces > Configuration dialog. Netmask Displays the netmask of primary IP address. You specify this subnet mask in the Routing > Interfaces > Configuration dialog. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 367 For example, assign the priority value of 50 to the primary router, the value of 100 to the next router. Repeat the steps with the value 150, and so on. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 368 (master down interval). Also, specify the same value on every participant in a given virtual router instance. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 369 The device monitors tracking objects logically linked to each other and thus enables complex monitoring tasks. Track ID Displays the identification number of the tracking object. Track Name Displays the name of the traffic object made up of "Type" and "Track ID". RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 370 Displays the secondary IP addresses of the port. The device allows you to specify 1 primary and 1 secondary multinetting addresses per port. Netmask Displays the subnet mask of the secondary IP addresses. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 371 Saves the changes and opens the next page. Finish Saves the changes and closes the wizard. Cancel Closes the Wizard. Changes are lost. After closing the Wizard, click the "Set" button to save your settings. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 372: Vrrp Statistics

    Priority Zero packets Displays the number of VRRP advertisements that the device sent sent with priority 0. Invalid Type packets Displays the number of VRRP advertisements received with an invalid received type. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 373 Displays the number of VRRP advertisements received with an incorrect packet length. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 374: Tracking

    Routing > L3-Redundancy > VRRP > Configuration dialog the value in the "Priority" column is 255, then the virtual router is the owner of the IP address. In this case the priority of the virtual router remains unchanged. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 375  In the "Track Name" field you specify the tracking object with which the device links the virtual router. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 376 Routing Routing > L3-Redundancy > VRRP > Tracking RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 377: Nat

    Apply the rule to the data stream; to do this, click in the Routing > NAT > NAT Global dialog the "Commit Changes" button. The menu contains the following dialogs:  NAT Global  1:1 NAT  Destination NAT  Masquerading NAT  Double NAT RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 378: Nat Global

    The device applies the saved NAT rules to the data stream.  marked At least one saved NAT rule contains modified settings. To apply the changes to the data stream, click the "Commit Changes" button. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 379 In the process, the device interrupts open communication connections. Note: While the device is activating the saved rules, the establishment of any new communication connections is impossible. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 380: 1:1 Nat

     To use the NAT process, set up a router interface for each network and turn on the routing function in the device. The data packets go through the filter functions of the device in the following sequence: RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 381 Double NAT Double NAT MAC-based ACL IP-based ACL Switching Chip Network 1 Network 2 Figure 12: Processing sequence of the data packets in the device The menu contains the following dialogs:  Rule RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 382: Rule

    No router interface is assigned to the NAT rule. Someone removed the router interface after the last edit of the NAT rule. You enable on the ARP proxy function on this router interface in the dialog. Routing > Interfaces > Configuration RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 383 The sending of SNMP traps is deactivated. The prerequisite for sending SNMP traps is that you enable the function in dialog and Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 384 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 385: Destination Nat

    PC in a production cell. The maintenance station establishes the communication link to the NAT router, and Destination NAT takes care of the routing to the production cell. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 386  To use the NAT process, set up a router interface for each network and turn on the routing function in the device. The data packets go through the filter functions of the device in the following sequence: RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 387 Network 1 Network 2 Figure 14: Processing sequence of the data packets in the device The menu contains the following dialogs:  Destination NAT Rule  Destination NAT Mapping  Destination NAT Overview RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 388: Destination Nat Rule

     An exclamation mark (!) preceding the IP address reverses the expression into its opposite. The device applies the NAT rule to data packets NOT containing the source address specified here. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 389  An exclamation mark (!) preceding the IP address reverses the expression into its opposite. The device applies the NAT rule to data packets NOT containing the destination address specified here. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 390 Possible values:  The device retains the original destination port in the data packet.  1..65535 The device replaces the destination port in the packet with this new destination port. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 391 Possible values:  marked Logging is activated. The device places an entry in the log file (system log) when it applies the rule to a data packet.  unmarked (default setting) Logging is deactivated. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 392 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 393: Destination Nat Mapping

    Routing > NAT > Destination NAT > Rule Direction Displays whether the device applies the rule to data packets received or sent. Possible values:  ingress The device applies the rule to data packets received on the router interface. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 394 (RAM) of the device. Assign Opens the "Assign" dialog. In this dialog, you assign a configured router interface of an existing NAT rule. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 395: Destination Nat Overview

    The device does not send a SNMP trap. The prerequisite for sending SNMP traps is that you enable the function in dialog and Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 396 The device applies rules to the data stream in ascending order starting with priority 1. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 397: Masquerading Nat

    IP address. In addition, the NAT router replaces the source port in the data packet with its own value in order to send the response data packets back to the original sender at a later point. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 398 Routing Packet Masquerading NAT Destination NAT Filter Filter Double NAT Double NAT MAC-based ACL IP-based ACL Switching Chip Network 1 Network 2 Figure 16: Processing sequence of the data packets in the device RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 399 Routing Routing > NAT > Masquerading NAT The menu contains the following dialogs:  Masquerading NAT Rule  Masquerading NAT Mapping  Masquerading NAT Overview RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 400: Masquerading Nat Rule

     An exclamation mark (!) preceding the IP address reverses the expression into its opposite. The device applies the NAT rule to data packets NOT containing the source address specified here. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 401 Possible values:  marked Logging is activated. The device places an entry in the log file (system log) when it applies the rule to a data packet.  unmarked (default setting) Logging is deactivated. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 402 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 403: Masquerading Nat Mapping

    Routing > NAT > Masquerading NAT > Rule Direction Displays whether the device applies the rule to data packets received or sent. Possible values:  egress The device applies the rule to data packets sent on the router interface. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 404 (RAM) of the device. Assign Opens the "Assign" dialog. In this dialog, you assign a configured router interface of an existing NAT rule. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 405: Masquerading Nat Overview

    NAT rule to data packets. Possible values:  marked The device places an entry in the log file (system log) when it applies the NAT rule to a data packet.  unmarked Logging is disabled. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 406 The device applies rules to the data stream in ascending order starting with priority 1. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 407: Double Nat

    NAT router virtually “shifts” the devices into the other network. To do this, the NAT router replaces the source address and the destination address in the data packet during sending. A typical application is the linking of controllers located in different networks. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 408  To use the NAT process, set up a router interface for each network and turn on the routing function in the device. The data packets go through the filter functions of the device in the following sequence: RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 409 Network 1 Network 2 Figure 18: Processing sequence of the data packets in the device The menu contains the following dialogs:  Double NAT Rule  Double NAT Mapping  Double NAT Overview RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 410: Double Nat Rule

    Specifies the actual IP address for the device placed in the second Address network. Possible values:  Valid IPv4 address The device applies the NAT rule exclusively to data packets containing the source address specified here. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 411 Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. Active Activates/deactivates the rule. Possible values:  marked The rule is active.  unmarked (default setting) The rule is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 412 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 413: Double Nat Mapping

    The device applies the rule to data packets sent on the router interface.  both The device applies the rule to data packets received or sent on the router interface. You can change the value when you click the "Assign" button. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 414 (RAM) of the device. Assign Opens the "Assign" dialog. In this dialog, you assign a configured router interface of an existing NAT rule. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 415: Double Nat Overview

    The device does not send a SNMP trap. The prerequisite for sending SNMP traps is that you enable the function in dialog and Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 416 The device applies rules to the data stream in ascending order starting with priority 1. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 417: Diagnostics

    In service cases, this information helps our support to diagnose the situation. The menu contains the following dialogs:  Status Configuration  System  Syslog  Ports  LLDP  Report RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 418: Status Configuration

    In the dialogs of this menu, you specify which functions, statuses, and events the device monitors and registers. The menu contains the following dialogs:  Device Status  Security Status  Signal Contact  Alarms (Traps) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 419: Device Status

    The device sorts the detected faults in the order in which they occur. The dialog contains the following tabs:  Global  Port  Status RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 420: Global

    The sending of SNMP traps is deactivated. The prerequisite for sending SNMP traps is that you enable the function in dialog and Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 421 The "Device status" changes to "Error" if you remove the active external memory from the device.  unmarked (default setting) Monitoring is inactive. You specify the active external memory in the Basic Settings > Load/Save dialog, "External Memory" frame. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 422  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 423: Port

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 424: Status

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 425: Security Status

    The device sorts the detected faults in the order in which they occur. The dialog contains the following tabs:  Global  Port  Status RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 426: Global

    The sending of SNMP traps is deactivated. The prerequisite for sending SNMP traps is that you enable the function in dialog and Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 427 Minimum Lower Cases – Minimum Numbers – Minimum Special Characters  unmarked Monitoring is inactive. You specify the policy settings in the Device Security > User Management dialog in the "Password Policy" frame. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 428 "SNMP Encryption Type" field. Management  unmarked Monitoring is inactive. You specify the settings for the SNMP agent in the Device Security > Management Access dialog, "SNMP" tab. > Server RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 429 The configuration profile stored in the external memory is unencrypted. – The "Config Priority" field in the Basic Settings > External dialog has the value first or second. Memory  unmarked Monitoring is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 430  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 431 Diagnostics Diagnostics > Status Configuration > Security Status RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 432: Port

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 433: Status

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 434: Signal Contact

    Note: The device can contain several signal contacts. Each contact contains the same monitoring functions. Several contacts allow you to group various functions together providing flexibility in system monitoring. The menu contains the following dialogs:  Signal Contact 1 / Signal Contact 2 RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 435: Signal Contact 1 / Signal Contact

    Signaling the device status of the device.  Signaling the security status of the device.  Controlling external devices by manually setting the signal contacts. The dialog contains the following tabs:  Global  Port  Status RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 436: Global

    Displays the status of the signal contact. Possible values:  "Opened" An event has occurred that triggers the signal contact. The signal contact is opened.  "Closed" Normal status. The signal contact is closed. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 437 The sending of SNMP traps is deactivated. The prerequisite for sending SNMP traps is that you enable the function in dialog and Diagnostics > Status Configuration > Alarms (Traps) specify at least 1 SNMP manager. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 438 The signal contact opens if you remove the active external memory from the device.  unmarked (default setting) Monitoring is inactive. You specify the active external memory in the Basic Settings > Load/Save dialog, "External Memory" frame. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 439  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 440: Port

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 441: Status

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 442: Alarms (Traps)

    Activates/deactivates the sending of SNMP traps to this SNMP manager. Possible values:  marked (default setting) The sending of SNMP traps to this SNMP manager is active.  unmarked The sending of SNMP traps to this SNMP manager is inactive. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 443 In the "Address" field you specify the IP address and the port number of the SNMP manager. If you choose not to enter a port number, the device automatically adds the port number 162. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 444: System

    The menu contains the following dialogs:  System Information  Configuration Check  ARP Table  Selftest RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 445: System Information

    Opens the "Search" dialog. The dialog allows you to search the log file for search terms or regular expressions. Save Opens the "Save" dialog. The dialog allows you to save the log file in HTML format on your PC. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 446: Configuration Check

    Number of Warnings Displays the number of warnings that the device detected during the configuration check. Amount of Information Displays the amount of information that the device detected during the configuration check. You will also find this information in the status bar above the menu. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 447 Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 448: Arp Table

    Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Reset ARP Table Removes the dynamically set up addresses from the ARP table. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 449: Selftest

     "Activate SysMon1" checkbox is unmarked.  "Load default config on error" checkbox is unmarked. To have the device unlocked again, contact your sales partner. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 450  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 451: Syslog

    Specifies the IP address of the syslog server. Possible values:  Valid IPv4 address (default setting: 0.0.0.0) Destination UDP Specifies the UDP Port on which the syslog server expects the log entries. Port Possible values:  1..65535 (default setting: 514) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 452 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 453: Ports

    Diagnostics > Ports 9.13 Ports Diagnostics > Ports The device allows you with the functions in this menu to monitor the operation of the device ports. The menu contains the following dialogs:  RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 454: Sfp

    Receiving power of the SFP transceiver in dBm. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 455: Lldp

    This menu allows you to configure the topology discovery and to display the information received in table form. The menu contains the following dialogs:  Configuration  Topology Discovery RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 456: Configuration

    Displays the delay in seconds for the reinitialization of a port. If in the "Operation" column the value Off is specified, the device tries to reinitialize the port after the time specified here has elapsed. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 457 The transmitting of the TLV is active. The device transmits the TLV with the port description.  unmarked The transmitting of the TLV is inactive. The device does not transmit a TLV with the port description. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 458 (default setting) If the device receives LLDP data packets at this port, the device works the same as with the lldpOnly setting. Otherwise, the device works the same as with the macOnly setting. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 459  If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 460: Topology Discovery

    Displays the IP address with which the management functions of the Address neighboring device can be reached. Neighbor Port Displays a description for the device port of the neighboring device. Description Neighbor System Displays the device name of the neighboring device. Name RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 461 Here the device uses information from its address table (FDB, Forwarding Database). Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 462: Report

    The device allows you to register events and user actions. In this menu, you specify the settings for the logging. The menu contains the following dialogs:  Global  Persistent Logging  System Log  Audit Trail RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 463: Global

    The device outputs the messages on the V.24 interface. Possible values:  emergency  alert  critical  error  warning (default setting)  notice  informational  debug RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 464  debug CLI Logging  Parameters Meaning Operation If the function is enabled, the device logs all commands received via the Command Line Interface (CLI). Possible values:  "On"  "Off" (default setting) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 465 Contains the logged events in the Log file, see the systemlog.html dialog. Diagnostics > Report > System Log Meaning of the severities for events  Severity Meaning Device not ready for operation emergency Immediate user intervention required alert RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 466 Diagnostics Diagnostics > Report > Global Severity Meaning Critical status critical Error status error Warning warning Significant, normal status notice Informal message informational Debug message debug RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 467: Persistent Logging

    When the function is enabled, the device saves the log entries in a file on the external memory. Possible values:  "On" (default setting)  "Off" Only activate this function when the external memory is available on the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 468  error  warning (default setting)  notice  informational  debug Target Specifies the external memory device for logging. Possible values:  External SD memory (ACA31)  External USB memory (ACA22) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 469 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Delete Persistent Removes the log files from the external memory. Log File Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 470: System Log

    Opens the "Save" dialog. The dialog allows you to save the log file in HTML format on your PC. Delete Log File Removes the logged events from the log file. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 471: Audit Trail

    Opens the "Search" dialog. The dialog allows you to search the log file for search terms or regular expressions. Save Opens the "Save" dialog. The dialog allows you to save the log file in HTML format on your PC. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 472 Diagnostics Diagnostics > Report > Audit Trail RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 473: Advanced

    Advanced 10 Advanced This menu allows you to specify advanced settings. The menu contains the following dialogs:   Command Line Interface RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 474: Dns

    IP addresses. This name resolution gives you the option of contacting other devices using their host names instead of their IP addresses. The menu contains the following dialogs:  DNS Client  DNS Cache RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 475: Dns Client

    IP address. If the DNS cache is active, the device saves the hostname and the corresponding IP address in the cache. The menu contains the following dialogs:  DNS Client Global  DNS Client Current  DNS Client Static RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 476: Dns Client Global

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 477: Dns Client Current

    IP addresses to the DNS server with this IP address. Buttons  Button Meaning Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 478: Dns Client Static

    The device uses the IP addresses which the DHCP server delivers to the device. Table  Parameters Meaning Index Displays the sequential number of the DNS server. The device automatically assigns this number. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 479 Updates the fields with the values that are saved in the volatile memory (RAM) of the device. Create Adds a new table entry. Remove Removes the highlighted table entry. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 480: Dns Cache

    10.6 DNS Cache Advanced > DNS > Cache The "DNS Cache" function enables the device to respond to requests for resolving hostnames in IP addresses. The menu contains the following dialogs:  DNS Cache Global RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 481: Dns Cache Global

     If in the "Selected" column the checkbox is unmarked, click the "Select" button.  Click the "Save" button. Reload Updates the fields with the values that are saved in the volatile memory (RAM) of the device. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 482 Advanced Advanced > DNS > Cache > Global Button Meaning Flush Cache Removes every entry from the DNS cache. Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 483: Command Line Interface

    Interface. Prerequisite is that you enable the SSH server in the device, see dialog, tab "SSH". Device Security > Management Access > Server For detailed information on CLI commands, review the “Command Line Interface” reference manual. Buttons  Button Meaning Help Opens the online help. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 484 Advanced Advanced > Command Line Interface RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 485: A Appendix

    Appendix A Appendix RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 486: Technical Data

    128 incl. max. 176 rules (plus 63 implicit Deny All rules) Assignment per port max. 956 (ingress) rules Assignment per VLANs max. 956 (ingress) Regeln Routing/Switching Maximum number of additional IP addresses RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 487 2048 Maximum number of 1:1 NAT rules Maximum number of Destination NAT rules Maximum number of Double NAT rules Maximum number of Masquerading NAT rules 128 Maximum number of Connection Tracking 7768 entries RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 488: List Of Rfcs

    RFC 2818 HTTP over TLS RFC 2851 Internet Addresses MIB RFC 2863 The Interfaces Group MIB RFC 2865 RADIUS Client RFC 3022 Traditional IP Network Address Translator RFC 3164 The BSD Syslog Protocol RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 489 RFC 4363 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual LAN Extensions RFC 4836 Definitions of Managed Objects for IEEE 802.3 Medium Attachment Units (MAUs) RFC 5905 NTPv4 RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 490: Underlying Ieee Standards

    Station and Media Access Control Connectivity Discovery IEEE 802.1D MAC Bridges (switching function) IEEE 802.1Q Virtual LANs (VLANs, MRP, Spanning Tree) IEEE 802.3 Ethernet IEEE 802.3ac VLAN Tagging IEEE 802.3x Flow Control IEEE 802.3af Power over Ethernet RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 491: Maintenance

    Hirschmann is continually working on improving and developing their software. Check regularly whether there is an updated version of the software that provides you with additional benefits. You find information and software downloads on the Hirschmann product pages on the Internet (http://www.hirschmann.com). RM GUI HiSecOS EAGLE20/30...

  • Page 492: Literature References

    Hirschmann “Installation” user manual  Hirschmann “Basic Configuration” user manual  Hirschmann “Routing Configuration” user manual  Hirschmann “GUI Graphical User Interface” reference manual  Hirschmann “Command Line Interface” reference manual  Hirschmann User Guide “Industry Protocol”  Hirschmann Manual “Network Management System Industrial HiVision”...

  • Page 493: Copyright Of Integrated Software

    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 494 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 495 This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 496 This product includes software developed by the NetBSD Foundation, Inc. and its contributors. 4. Neither the name of The NetBSD Foundation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 497 Livingston Enterprises, Inc. Livingston Enterprises, Inc. makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 498 HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ---------------------------------------------------------------- Copyright (c) 2004, 2005 Metaparadigm Pte Ltd RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 499 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE lldpd Copyright (c) 2008 Vincent Bernat <bernat@luffy.cx> RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 500 The licences which components of this software fall under are as follows. First, we will summarize and say that all components are under a BSD licence, or a licence more free than that. OpenSSH contains no GPL code. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 501 TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 502 * Copyright (c) 1983, 1990, 1992, 1993, 1995 The Regents of the University of California. All rights reserved. * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 503 Sun Microsystems The SCO Group Daniel Walsh Red Hat, Inc * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 504 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 505 OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 506 * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. * This library is free for commercial and non-commercial use as long as RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 507 CMU and The Regents of RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 508 The name of Cambridge Broadband Ltd. may not be used to endorse or promote products derived from this software without specific prior written permission. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 509 Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 510 Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 511 Neither the name of ScienceLogic, LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 512 Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 513 Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 514 (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 515 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 516 Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 517 For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 518 The former contains code derived from the library, whereas the latter must be combined with the library in order to run. GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 519 License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 520 Section 6, whether or not they are linked directly with the Library itself. 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 521 Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 522 Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 523 Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 524 Appendix Copyright of Integrated Software That's all there is to it! RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 525: B Readers' Comments

    Your assessment of this manual: Very Good Satisfactory Mediocre Poor Good Precise description Readability Understandability Examples Structure Comprehensive Graphics Drawings Tables Did you discover any errors in this manual? If so, on what page? RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 526 Please fill out and return this page  as a fax to the number +49 (0)7127/14-1600 or  per mail to Hirschmann Automation and Control GmbH Department 01RD-NT Stuttgarter Str. 45-51 72654 Neckartenzlingen RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 527: Index

    Login Prompt (CLI) Login window Double NAT Log file (HTML) Loopback interface Egress rate limiter MAC address table ENVM (external memory) Management access 36, 98 Encryption Management VLAN External memory Masquerading NAT Modbus Enforcer RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 528 VRRP Tracking Self-test Setting up the VLAN Severity for events Watchdog 42, 47 SFP module Web server 104, 106 SFP module temperature SFP status display Signal contact Zip archive (system information) Signature (SSH) RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

  • Page 529: D Further Support

    Further Support D Further Support Technical Questions  For technical questions, please contact any Hirschmann dealer in your area or Hirschmann directly. You will find the addresses of our partners on the Internet at http://www.hirschmann.com Contact our support at https://hirschmann-support.belden.eu.com...
  • Page 530 Further Support With the Hirschmann Competence Center, you have decided against making any compromises. Our client-customized package leaves you free to choose the service components you want to use. Internet: http://www.hicomcenter.com RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...
  • Page 531 Further Support RM GUI HiSecOS EAGLE20/30 Release 3.0 09/2015...

This manual is also suitable for:

Hisecos eagle30

Table of Contents