H3C SecPath V100-S Installation Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Gateway
  5. SecPath V100-S
  6. Installation manual
H3C SecPath V100-S Installation Manual

H3C SecPath V100-S Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
H3C SecPath V100-S Security Gateway
Installation Manual
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Manual Version: T2-08044F-20070430-C-1.02

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SecPath V100-S and is the answer not in the manual?

Questions and answers

Related Manuals for H3C SecPath V100-S

Summary of Contents for H3C SecPath V100-S

  • Page 1 H3C SecPath V100-S Security Gateway Installation Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-08044F-20070430-C-1.02...
  • Page 2 Copyright © 2006-2007, Hangzhou H3C Technologies Co., Ltd. and its licensors All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
  • Page 3 About This Manual Related Documentation In addition to this manual, each H3C SecPath Series Security Products documentation set includes the following: Manual Description It introduces the functional features, H3C SecPath Series Security Products principles and guide to configuration and Operation Manual operation for H3C SecPath Series Security Gateways/Firewalls.
  • Page 4 Chapter Contents Discusses system software maintenance, including 5 Software Maintenance software upgrade and configuration file loading. Lists common system failures during installation 6 Troubleshooting and specific locating methods. Conventions The manual uses the following conventions: I. Command conventions Convention Description Boldface The keywords of a command line are in Boldface.
  • Page 5 II. GUI conventions Convention Description Button names are inside angle brackets. For example, click < > <OK>. Window names, menu items, data table and field names are inside square brackets. For example, pop up the [New User] window. Multi-level menus are separated by forward slashes. For example, [File/Create/Folder].

  • Page 6: Table Of Contents

    3.5 Connecting to the Ethernet Interface ................. 3-4 3.6 Connecting the Power Cord....................3-5 3.7 Verifying Installation......................3-6 Chapter 4 Booting and Configuring the SecPath V100-S............4-1 4.1 Booting..........................4-1 4.1.1 Setting Up a Configuration Environment..............4-1 4.1.2 Powering Up the SecPath V100-S ................4-4 4.1.3 Startup Process.......................
  • Page 7 Installation Manual H3C SecPath V100-S Security Gateway Table of Contents Chapter 5 Software Maintenance....................5-1 5.1 Boot Menu.......................... 5-1 5.2 Upgrading Application and Boot ROM Using XModem ............. 5-3 5.3 Backing Up and Restoring the Extended Segment of the Boot ROM ....... 5-6 5.4 Upgrading the Application Program Using TFTP ..............
  • Page 8 List of Figures List of Figures Figure 1-1 Front panel of the SecPath V100-S..............1-3 Figure 1-2 Rear panel of the SecPath V100-S ..............1-3 Figure 3-1 Installation flow ..................... 3-1 Figure 3-2 Rack-mounting the SecPath V100-S..............3-3 Figure 3-3 Console cable assembly..................3-4 Figure 3-4 Ethernet cable assembly ..................
  • Page 9 List of Tables List of Tables Table 1-1 SecPath V100-S system specifications..............1-3 Table 1-2 LEDs on the front panel of the SecPath V100-S............ 1-4 Table 1-3 Attributes of the console port.................. 1-5 Table 1-4 Attributes of the console port.................. 1-5 Table 1-5 Attributes of the Ethernet interfaces ...............

  • Page 10: Chapter 1 Product Introduction

    These enterprises have increasing demands for establishing secure, reliable private networks which can meet specific QoS requirements over public networks. The H3C SecPath V100-S can act as convergence and access gateways. The SecPath V100-S provides one fixed Fast Ethernet (FE) interface (WAN interface) and four 10/100 Mbps auto-sensing switched Ethernet interfaces (LAN interfaces), and offers hardware encryption function.
  • Page 11 V. Regulatory compliance Designed according to the standards dominant in China, North America, Europe, Australia, and Japan, the SecPath V100-S complies with the requirements of these countries and regions for EMC, safety standard, and network access.

  • Page 12: Figure 1-1 Front Panel Of The Secpath V100-S

    (13) Fixed LAN interface 1 (LAN 1) (14) Fixed LAN interface 0 (LAN 0) (15) Power LED (PWR) Figure 1-1 Front panel of the SecPath V100-S (1) Grounding screw (2) Power socket Figure 1-2 Rear panel of the SecPath V100-S 1.2.2 System Specifications...

  • Page 13: Table 1-2 Leds On The Front Panel Of The Secpath V100-S

    Boot read only memory (Boot ROM) stores the bootstrap program files. 1.2.3 LEDs See Table 1-2 for the meaning of the LEDs on the front panel of SecPath V100-S. Table 1-2 LEDs on the front panel of the SecPath V100-S...

  • Page 14: Table 1-3 Attributes Of The Console Port

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 1 Product Introduction Meaning OFF means packets are being transmitted/received at 10 Mbps on 100M the interface. ON means packets are being transmitted/received at 100 Mbps on the interface. OFF means the interface is operating in half-duplex mode. ON FULL means the interface is operating in full-duplex mode.

  • Page 15: Table 1-5 Attributes Of The Ethernet Interfaces

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 1 Product Introduction III. Ethernet interface The SecPath V100-S provides five 10/100 Mbps auto-sensing FE interfaces. The following table lists their attributes. Table 1-5 Attributes of the Ethernet interfaces Attribute Description Connector...

  • Page 16: Table 2-1 Temperature/Humidity Requirements In The Equipment Room

    Chapter 2 Installation Preparations Chapter 2 Installation Preparations 2.1 General Site Requirements The SecPath V100-S must be used indoors. To guarantee normal operation and longevity of your device, its installation site should meet the requirements described in this chapter. 2.1.1 Temperature and Humidity...

  • Page 17: Table 2-3 Harmful Gas Limits In The Equipment Room

    0.01 2.1.3 ESD Prevention By design, the SecPath V100-S is ESD preventative; but excessive buildup of static electricity can still damage the card circuitry and even the entire device. On the communication network connected to the SecPath V100-S, static electricity is...

  • Page 18: Lightning Protection

    Chapter 2 Installation Preparations 2.1.5 Lightning Protection By design, the SecPath V100-S is lightning protective; but excessive lightning may still damage the device. To protect the device better, you are recommended to: Ensure the PGND of the chassis is securely connected to the earth ground.

  • Page 19: Installation Tools, Meters And Equipment

    III. Meters and other equipment Hub or LAN switch Console terminal (it could be a PC) Multimeter Note: The SecPath V100-S was not shipped with any installation tools, meters, or other equipment. You must make sure that they are available.

  • Page 20: Figure 3-1 Installation Flow

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 3 Installing the SecPath V100-S Chapter 3 Installing the SecPath V100-S 3.1 Installation Flow Start Install the rack (optional) Mount the security gateway Connect the PGND Connect the power cord Connect the security gate-...

  • Page 21: Table 3-1 Dimensions Of The Secpath V100-S

    Step 1: Ensure that the rack is stable enough and properly grounded. Attach the rack-mounting ears to the front of the chassis with screws. Step 2: Place the SecPath V100-S on a shelf in the rack and slide it to a proper position along the guide rails.

  • Page 22: Figure 3-2 Rack-Mounting The Secpath V100-S

    Before installing or using your security gateway, properly connect the grounding cable to protect the device against lightning and other interference sources. The SecPath V100-S provides on its rear panel a grounding screw (with a grounding symbol, see Figure 1-2), which must be grounded properly to safely channel the faradic current and leakage current to the ground and to make the device less susceptible to electromagnetic interference (EMI).

  • Page 23: Figure 3-3 Console Cable Assembly

    Verify the connection and power up the security gateway and console terminal. The console terminal shows the startup information of the security gateway if the connection is correct. For details, see Chapter 4 “Booting and Configuring the SecPath V100-S”. 3.5 Connecting to the Ethernet Interface I.

  • Page 24: Figure 3-4 Ethernet Cable Assembly

    When preparing network cables, it is recommended to use shielded cables for the sake of electromagnetic compatibility. III. Connecting the Ethernet cable Take the LAN0 interface on the front panel of the SecPath V100-S for example. Follow these steps to connect its Ethernet cable: Caution: Read the mark above the interface carefully to avoid misconnection.

  • Page 25: Verifying Installation

    Step 5: Check that the SYS LED on the front panel is blinking. Blinking means the hardware system is operating normally. 3.7 Verifying Installation Each time you power up the SecPath V100-S during installation, verify that: Enough clearance has been reserved around the ventilation openings of the device and the workbench/rack is stable enough.

  • Page 26: Figure 4-1 Local Configuration Through The Console Port

    Chapter 4 Booting and Configuring the SecPath V100-S 4.1 Booting You can only configure the SecPath V100-S through the console port when you use it for the first time. 4.1.1 Setting Up a Configuration Environment I. Connecting the security gateway to a console terminal Connect the RJ45 connector of the console cable to the console port on the security gateway and the DB9 connector to the serial port on the PC (see Figure 4-1).

  • Page 27: Figure 4-2 Setting Up A New Connection

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 4 Booting and Configuring the SecPath V100-S Figure 4-2 Setting up a new connection Step 3: Enter the name of the new connection in the [Name] field and click <OK>. The dialog box as shown in Figure 4-3 pops up.

  • Page 28: Figure 4-4 Setting Communication Parameters

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 4 Booting and Configuring the SecPath V100-S Stop bits = 1 Flow control = none Figure 4-4 Setting communication parameters Step 6: Click <OK>. The HyperTerminal dialog box appears. Step 7: Select Properties.

  • Page 29: Powering Up The Secpath V100-S

    (POST), press <Enter> as prompted. When “<H3C>” is displayed, you can proceed to configure the security gateway. 4.1.3 Startup Process After being powered up, the SecPath V100-S first runs the Boot ROM program. The terminal screen displays the following system information.
  • Page 30 Installation Manual H3C SecPath V100-S Security Gateway Chapter 4 Booting and Configuring the SecPath V100-S Note: The contents displayed on the terminal may vary for different Boot ROM versions. ************************************************ H3C SecPath Series Gateway Boot ROM V1.00 ************************************************ Copyright(C) 2004-2007 by Hangzhou H3C Technologies CO., LTD.

  • Page 31: Configuration Fundamentals

    4.2 Configuration Fundamentals 4.2.1 Basic Configuration Procedures Following are the basic steps that you can follow to configure the SecPath V100-S. Step 1: Figure out detailed networking requirements, including networking objectives, the role of the security gateway in the network, transmission medium, security policy, and network reliability.
  • Page 32 Installation Manual H3C SecPath V100-S Security Gateway Chapter 4 Booting and Configuring the SecPath V100-S allowed to execute some common commands (such as ping, display, current-configuration, and interface) in any view.

  • Page 33: Chapter 5 Software Maintenance

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 5 Software Maintenance Chapter 5 Software Maintenance The security gateway contains three types of files: Boot ROM program files Application program files Configuration files Software maintenance mainly involves upgrading/downloading Boot ROM/application program files and uploading/downloading configuration files.
  • Page 34 Note that this option works only once when you select it. The system resumes version check after you reboot the security gateway. II. Boot ROM operation menu of the SecPath V100-S As mentioned previously, you can select <6> in the Boot menu to enter the Boot ROM...

  • Page 35: Upgrading Application And Boot Rom Using Xmodem

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 5 Software Maintenance Caution: You are recommended to upgrade the software under the guidance of technical support engineers. When upgrading the security gateway, make sure that the version of the Boot ROM software is consistent with the application program.

  • Page 36: Figure 5-1 The Send File Dialog Box

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 5 Software Maintenance Note: The new baud rate takes effect only after you disconnect and reconnect the terminal emulation program. Step 4: Select [Transmit/Send File] in the terminal window. The following dialog box...
  • Page 37 Installation Manual H3C SecPath V100-S Security Gateway Chapter 5 Software Maintenance Please wait, it may take a long time ######################################################## Writing FLASH Success. Please use 9600 bps.Press <ENTER> key to reboot the system. Restore the speed of the console terminal to 9600 bps as prompted, and then disconnect and reconnect the terminal.

  • Page 38: Backing Up And Restoring The Extended Segment Of The Boot Rom

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 5 Software Maintenance 5.3 Backing Up and Restoring the Extended Segment of the Boot ROM I. Backing up the extended segment of Boot ROM to Flash Follow these steps to back up the Boot ROM program.

  • Page 39: Upgrading The Application Program Using Tftp

    The TFTP server program is not delivered with the SecPath V100-S. You need to purchase and install it by yourself. The SecPath V100-S can only act as the TFTP client, so you can only upgrade the application program using TFTP in these steps:...

  • Page 40: Uploading/Downloading Application/File Using Ftp

    The downloading is successful. Press <Enter> to reboot the system. 5.5 Uploading/Downloading Application/File Using FTP The SecPath V100-S offers FTP Server function, which provides you another way of updating configuration files, and upgrading application and Boot ROM program. Any FTP client, local or remote, only needs to connect to the security gateway. When you...

  • Page 41: Figure 5-3 Setting Up The Local Upload/Download Environment

    Figure 5-3 Setting up the local upload/download environment Step 1: Connect the PC through the Ethernet port of SecPath V100-S. Step 1: Configure the IP address of the Ethernet port of SecPath V100-S. Here suppose it is 10.110.10.10. Step 3: Configure the IP address of the PC. Here suppose it is 10.110.10.13.

  • Page 42: Figure 5-4 Setting Up The Local Upload/Download Environment

    Step 1: Configure authentication mode. Note: You can perform AAA authentication configuration as needed. See the AAA and RADIUS configuration part in H3C SecPath Series Security Products Operation Manual for details. Step 2: Add a user name and the password.
  • Page 43 Installation Manual H3C SecPath V100-S Security Gateway Chapter 5 Software Maintenance After the above operation, the FTP server is enabled on the security gateway, and a user is set. Then, any FTP client program can access FTP server using this user name and its password.

  • Page 44: Password Lost

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 5 Software Maintenance After the upload, at the prompt of “ftp>”, you can input “dir” to view the filenames and file sizes on the security gateway. If the upload succeeds, the size of the configuration file is the same to that of the file on the host.

  • Page 45: Chapter 6 Troubleshooting

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 6 Troubleshooting Chapter 6 Troubleshooting 6.1 Troubleshooting PSU Symptom The power LED (PWR) is always off. Solution Check whether: The power switch of the security gateway is on. The PSU switch to the security gateway is on.

  • Page 46: Troubleshooting Application Upgrading

    Installation Manual H3C SecPath V100-S Security Gateway Chapter 6 Troubleshooting II. Troubleshooting illegible characters Symptom After the power-on of the security gateway, console terminal displays illegible characters Solution Confirm the parameters are configured at the terminal (such as HyperTerminal): Bits per second = 9600...
  • Page 47 Installation Manual H3C SecPath V100-S Security Gateway Chapter 6 Troubleshooting Boot the security gateway, upgrade Comware software using TFTP, and the system displays the following messages: Net Port Download Menu: Change Net Parameter Download From Net Exit to Main Menu Enter your choice(1-3): 2 Starting the TFTP download...
  • Page 48 Installation Manual H3C SecPath V100-S Security Gateway Chapter 6 Troubleshooting Note: There is a bar code pasted on the security gateway. Since the bar code contains product and maintenance information, you need to tell the agent about the information if you need to fix the device.

Table of Contents