H3C SecPath F5020 Installation Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Firewall
  5. SecPath F5020
  6. Installation manual
H3C SecPath F5020 Installation Manual

H3C SecPath F5020 Installation Manual

Hide thumbs Also See for SecPath F5020:
Table of Contents

Advertisement

Quick Links

Download this manual
H3C SecPath F5020/F5040 Firewalls
Installation Guide
New H3C Technologies Co., Ltd.
http://www.h3c.com
Document version: 6W101-20190329

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SecPath F5020 and is the answer not in the manual?

Questions and answers

Related Manuals for H3C SecPath F5020

Summary of Contents for H3C SecPath F5020

  • Page 1 H3C SecPath F5020/F5040 Firewalls Installation Guide New H3C Technologies Co., Ltd. http://www.h3c.com Document version: 6W101-20190329...
  • Page 2 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 3 Preface The installation guide describes preparing for installation, installing the firewall, logging in to the firewall, hardware replacement, hardware management and maintenance, and troubleshooting. This preface includes the following topics about the documentation: • Audience. • Conventions. • Documentation feedback. Audience This documentation is intended for: •...
  • Page 4 Symbols Convention Description An alert that calls attention to important information that if not understood or followed WARNING! can result in personal injury. An alert that calls attention to important information that if not understood or followed CAUTION: can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information.
  • Page 5 Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.

  • Page 6: Table Of Contents

    Contents Preparing for installation ···································································· 1   Safety recommendations ············································································································· 1   Safety symbols ··················································································································· 1   General safety recommendations ··························································································· 1   Electrical safety ··················································································································· 2   Laser safety ······················································································································· 2   Moving safety ····················································································································· 2   Examining the installation site ······································································································· 3  ...
  • Page 7 Hardware management and maintenance ··········································· 32   Displaying detailed information about the device ············································································· 32   Displaying the software and hardware version information for the device ············································· 32   Displaying the electrical label information for the device ··································································· 33   Displaying the CPU usage of the device ·······················································································...

  • Page 8: Preparing For Installation

    Preparing for installation Safety recommendations To avoid any equipment damage or bodily injury, read the following safety recommendations before installation. Note that the recommendations do not cover every possible hazardous condition. Safety symbols When reading this document, note the following symbols: WARNING means an alert that calls attention to important information that if not understood or followed can result in personal injury.

  • Page 9: Electrical Safety

    • Make sure the operating voltage for the power module is in the required range. • Use a screwdriver to fasten screws. • Take away the packaging materials and installation tools after installation. Electrical safety • Carefully examine your work area for possible hazards such as moist floors, ungrounded power extension cables, and missing safety grounds.

  • Page 10: Examining The Installation Site

    Examining the installation site The device can only be used indoors. To ensure correct operation and a long lifespan for your device, the installation site must meet the following requirements. Weight support Make sure the floor can support the total weight of the rack, chassis, modules, and all other components.

  • Page 11: Cooling System

    Max. (mg/m 0.05 0.01 0.04 Cooling system The device provides left-side intake and right-side exhaust airflow. For adequate cooling, make sure the following requirements are met: • A minimum clearance of 100 mm (3.94 in) is reserved around the inlet and outlet air vents. •...

  • Page 12: Emi

    Secure the wrist strap lock and the alligator clip lock together. Attach the alligator clip to the rack. Figure 2 Attaching an ESD wrist strap (1) ESD wrist strap (2) Lock (3) Alligator clip All electromagnetic interference (EMI) sources, from outside or inside of the device and application system, adversely affect the device in the following ways: •...

  • Page 13: Power Supply

    • Install a power lightning arrester at the input end of the power module to enhance the lightning protection capability of the power module. Power supply Verify that the power system at the installation site meets the power requirements of the device, including the power input method and rated input voltage.

  • Page 14: Pre-Installation Checklist

    Pre-installation checklist Table 5 Pre-installation checklist Item Requirements Result • There is a minimum clearance of 10 cm (3.94 in) around the inlet and outlet air vents for heat dissipation of the device chassis. Ventilation • A ventilation system is available at the installation site.
  • Page 15 Item Requirements Result • Accessories provided with the device are available. Tools and • accessories Installation tools are available. • Documents shipped with the device are available. Reference • Online documents are available.

  • Page 16: Installing The Device

    Keep the tamper-proof seal on a mounting screw on the chassis cover intact, and if you want to open the chassis, contact the local agent of H3C for permission. Otherwise, H3C shall not be liable for any consequence caused thereby.

  • Page 17: Mounting The Device On A Workbench

    Figure 5 Installation flow Start Determine the installation position Mount the device on a Mount the device in a rack workbench Ground the device Install power modules Install optional components Connect interface cables Connect power cords Verify the installation Power on the device Troubleshoot the device Operating correctly? Power off the device...

  • Page 18: Installing The Device In A Standard 19-Inch Rack

    If a standard 19-inch rack is not available, you can place the device on a clean, flat workbench. To mount the device on a workbench: Unpack the device and its accessories. Place the device with bottom up. Clean the recessed areas on the chassis bottom with a dry cloth.
  • Page 19 Figure 7 Installing cage nuts Use the supplied M4 screws to attach the mounting brackets to the device. Figure 8 Attaching the mounting brackets to the device Mount the device in the rack.

  • Page 20: Grounding The Device

    Figure 9 Mounting the device in the rack Use M6 screws to secure the mounting brackets to the front rack posts. Figure 10 Securing the device to the rack Grounding the device CAUTION: • Correctly connecting the device grounding cable is crucial to lightning protection and EMI protection.

  • Page 21: Grounding The Device By Using A Grounding Strip

    Grounding the device by using a grounding strip Connect the grounding cable to the device. a. Remove the grounding screw from the grounding hole in the rear panel of the chassis. b. Use the grounding screw to attach the ring terminal of the grounding cable to the grounding hole and fasten the screw.

  • Page 22: Grounding The Device By Using A Grounding Conductor Buried In The Earth

    Figure 12 Grounding the device by using the grounding terminal on the rack Grounding the device by using a grounding conductor buried in the earth If earth is available at the installation site, hammer a 0.5 m (1.64 ft) or longer angle iron or steel tube into the earth to serve as a grounding conductor.

  • Page 23: Installing A Power Module

    Figure 13 Grounding the device by burying a grounding conductor into the earth (1) Joint (2) Grounding conductor Installing a power module CAUTION: • Before installing a power module, make sure the power is disconnected and the grounding cable is connected reliably. •...

  • Page 24: Installing Optional Components

    Figure 14 Installing a power module Installing optional components (Optional) Installing an interface module CAUTION: The NSQ1G24XS60 interface module is available for the device. It is not hot swappable. To install an interface module: Face the front panel of the device. Use a Phillips screwdriver to loosen the screws on the filler panel and remove the filler panel.

  • Page 25: (Optional) Installing Network Signal Lightning Arresters

    Figure 15 Installing an NSQ1G24XS60 interface module (Optional) Installing network signal lightning arresters IMPORTANT: Before installing a network signal lightning arrester, read the instructions in the document that comes with the arrester. No network signal lightning arresters are provided with the device. Purchase them yourself as required.

  • Page 26: Connecting Ethernet Cables

    No power lightning arrester is provided with the device. Purchase one if required. If the AC power cord for an AC power module is routed from outdoors, use a power lightning arrester for the device to protect against damages caused by lightning strikes. First connect the AC power line routed from outdoors to the arrester and then connect the power cord from the device to the arrester.
  • Page 27 "Appendix A Chassis and FRU views and technical specifications." No transceiver modules are provided with the device. As a best practice, use H3C transceiver modules for the device. Figure 16 GE SFP transceiver module...

  • Page 28: Connecting The Power Cord

    Identify the Rx and Tx ports on the transceiver module. Use the optical fiber to connect the Rx port and Tx port on the transceiver module to the Tx port and Rx port on the peer end, respectively. Figure 18 Connecting an optical fiber Connecting the power cord CAUTION: Before powering on the device, make sure the grounding cable is reliably connected and the power...

  • Page 29: Connecting The Dc Power Cord

    Figure 19 Connecting the AC power cord Connecting the DC power cord Correctly orient the DC power cord connector and insert the connector into the receptacle. Use a cable tie to secure the DC power cord to the power module handle. Connect the other end of the power cord to a DC power source.

  • Page 30: Verifying The Installation

    Figure 20 Connecting the DC power cord Verifying the installation Verify the following items to ensure correct installation: • There is enough space around the device for heat dissipation. • The device and its components are installed securely. The screws are fastened tightly. •...

  • Page 31: Accessing The Device For The First Time

    The fan blades are rotating and air is exhausted from the air outlet vents. • The configuration terminal displays the following: System is starting... Press Ctrl+D to access BASIC-BOOTWARE MENU... Press Ctrl+T to start heavy memory test Booting Normal Extended BootWare The Extended BootWare is self-decompressing..Done. **************************************************************************** H3C SecPath BootWare, Version 2.01 ****************************************************************************...

  • Page 32: Logging In To The Device

    Compiled Date : Sep 2 2013 CPU Type : XLP432 CPU Clock Speed : 1400MHz Memory Type : DDR3 SDRAM Memory Size : 16384MB Memory Speed : 1333MHz BootWare Size : 768KB Flash Size : 8MB cfa0 Size : 4090MB CPLD_A Version : 1.0 CPLD_B Version...

  • Page 33: Logging In From The Web Interface

    • Username—admin • Password—admin To access the device from the console port: Use a console cable to connect the console port on the device to a configuration terminal, for example, a PC. Run a terminal emulator program, TeraTermPro or PuTTY, on your configuration terminal. For more information about the terminal emulator programs, see the user guides for these programs.
  • Page 34 Run the Telnet client on the PC and enter the login information.

  • Page 35: Hardware Replacement

    Hardware replacement CAUTION: Wear an ESD wrist strap or ESD gloves for hardware maintenance. The device is not provided with an ESD wrist strap or ESD gloves. Prepare them yourself. Replacing a power module WARNING! Before you remove a power module, turn off the switch on the power module and remove the power cord from the power module.

  • Page 36: Replacing A Transceiver Module

    Use a Phillips screwdriver to loosen the captive screws on the interface module. Open the ejector levers of the interface module. Pull the module part way out of the slot along the guide rails. Supporting the bottom of the module with one hand, use the other hand to gently pull the module out of the slot.

  • Page 37: Replacing The Fan Tray

    To replace a transceiver module: Use the shutdown command in interface view at the CLI to shut down the port. Remove the LC connectors of the optical fiber from the transceiver module. Install dust caps for the LC connectors to prevent contamination and ESD damage. Pivot the clasp of the transceiver module down to the horizontal position, and then gently pull the transceiver module out.
  • Page 38 Install a new fan tray. Grasping the fan tray handle with one hand and supporting the fan tray bottom with the other, push the fan tray slowly into the slot along the guide rails. Make sure the fan tray is seated securely in the slot. Use a Phillips screwdriver to fasten the captive screws on the fan tray.

  • Page 39: Hardware Management And Maintenance

    <Sysname> display version H3C Comware Software, Version 7.1.052, Alpha 8203 Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. All rights reserved. H3C SecPath F5020 uptime is 0 weeks, 0 days, 0 hours, 5 minutes Last reboot reason: User reboot Boot image: cfa0:/blade3fw-cmw710-boot-A8203.bin Boot image version: 7.1.052, Alpha 8203...

  • Page 40: Displaying The Electrical Label Information For The Device

    Displaying the electrical label information for the device Use the display device manuinfo command to display the electrical label information for the device. <Sysname> display device manuinfo Slot 1 CPU 0: DEVICE_NAME : SecPath F5020 DEVICE_SERIAL_NUMBER : 210235A1CD0000022222 MAC_ADDRESS : 2222-5555-4444 MANUFACTURING_DATE : 2014-03-21 VENDOR_NAME...

  • Page 41: Displaying The Memory Usage Of The Device

    Displaying the memory usage of the device Use the display memory command to display the memory information of the device. <Sysname> display memory The statistics about memory is measured in KB: Slot 1: Total Used Free Shared Buffers Cached FreeRatio Mem: 15091520 2862976...

  • Page 42: Displaying The Operational Status Of Fans

    Field Description Subslot number. Its value is 0. Operational status of the CF card: • Absent—No CF card is present in the slot. Normal • Fault—The CF card has failed. • Normal—The CF card is operating correctly. 4090 Storage capacity of the CF card, in MB. Displaying the operational status of fans Use the display fan command to display the operational status of fans.

  • Page 43: Displaying The Temperature Information Of The Device

    Displaying the temperature information of the device Use the display environment command to display the temperature information of the device. <Sysname> display environment System Temperature information (degree centigrade): -------------------------------------------------------------------------------- --------- Sensor Temperature LowerLimit Warning-UpperLimit Alarm-UpperLimit Shutdown-U pperLimit inflow 1 outflow 2 Table 12 Output description Field Description...

  • Page 44: Displaying Transceiver Module Information

    ===============display version=============== H3C Comware Software, Version 7.1.052, Alpha 8203 Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. All rights reserved. H3C SecPath F5020 uptime is 0 weeks, 0 days, 1 hour, 31 minutes Last reboot reason: User reboot Boot image: cfa0:/blade3fw-cmw710-boot-A8203.bin Boot image version: 7.1.052, Alpha 8203...
  • Page 45 • Use the reboot command to reboot the device immediately. • Schedule a reboot to occur at a specific time or date or after a delay by using the schedule reboot command. • Power cycle the device. This method cuts off the power of the device forcibly, which might cause data loss or hardware damage.

  • Page 46: Troubleshooting

    Verify that the power source meets the power module requirements. Verify that the power cord is connected securely. Verify that the power cord is in good condition. If the issue persists, contact H3C Support. Fan tray failure Symptom After the device is booted, the following information is displayed on the configuration terminal: %Jun 22 16:11:37:485 2014 H3C DEV/4/FAN FAILED: Fan 1 failed.

  • Page 47: Password Loss

    If the temperature of the device exceeds 60°C (140°F), the following alarm information is displayed on the configuration terminal: %Jun 27 11:34:39:949 2013 H3C DRVMSG/3/Temp2High:Temperature Point 0/0 Too High. %Jun 27 11:34:42:557 2013 H3C DEV/4/BOARD TEMP TOOHIGH: Board temperature is too high on Chassis 0 Slot 0, type is RPU.

  • Page 48: Appendix A Chassis Views And Technical Specifications

    Appendix A Chassis views and technical specifications Chassis views Front view On the front panel, the device provides the following ports: • Twelve 10/100/1000BASE-T autosensing copper Ethernet ports • Twelve 1000BASE-X fiber Ethernet ports • Four 10GBASE-R fiber Ethernet ports •...

  • Page 49: Rear View

    Rear view Figure 27 Rear view (1) Fan tray (2) Power module slot 1 (3) Power module slot 2 (4) Grounding screw Technical specifications Dimensions and weights Table 13 Dimensions and weights Item Specification Dimensions (H × W × D), excluding rubber feet and 88.1 ×...

  • Page 50: Power Consumption

    Power consumption Table 15 Power consumption Item Specification System power consumption 260 W Fan tray power consumption 45 W NSQ1G24XS60 interface module 65 W power consumption...

  • Page 51: Appendix B Frus

    Appendix B FRUs Interface module The NSQ1G24XS60 interface module is available for the device. It provides the following ports: • Twelve 10/100/1000BASE-T copper Ethernet ports • Twelve 1000BASE-X fiber Ethernet ports • Six 10GBASE-R fiber Ethernet ports Figure 28 Front panel (1) 10/100/1000BASE-T copper Ethernet ports 0 to 11 (2) 1000BASE-X fiber Ethernet ports 12 to 23 (3) 10BASE-R fiber Ethernet ports 24 to 29...

  • Page 52: Dc Power Module

    Figure 29 PSR300-12A2 AC power module (1) Power switch (2) Handle (3) Power receptacle Table 16 PSR300-12A2 AC power module specifications Item Specification Rated input voltage range 100 VAC to 240 VAC @ 50 Hz or 60 Hz Maximum input current Maximum power 300 W DC power module...

  • Page 53: Fan Tray

    Fan tray CAUTION: To avoid device failure caused by insufficient cooling, do not leave the device operating without a fan tray for more than 2 minutes. The RT-FANF fan tray is available for the device. Table 18 RT-FANF fan tray specifications Item Specification Automatic fan speed adjustment...

  • Page 54: Appendix C Ports

    Appendix C Ports Table 19 lists the fixed ports and slots on the device. Table 19 Ports and slots Item Description Console port 1, 9600 bps (default) to 115200 bps USB port 1 (Host mode, Type A) • Twelve GE copper Ethernet ports •...

  • Page 55: Ge Fiber Ethernet Port

    Item Specification 10 Mbps, half/full-duplex Interface speed and duplex mode 100 Mbps, half/full-duplex 1000 Mbps, full-duplex NOTE: The Ethernet ports on network adapters are typically media dependent interface (MDI) ports. The ports on hubs or LAN switches are typically MDIX ports. GE fiber Ethernet port The device provides twelve 1000BASE-X fiber Ethernet ports.
  • Page 56 Item Specification Standard compliance 10GBASE-R Interface speed LAN PHY: 10.3125 Gbps Table 25 SFP+ transceiver modules available for the 10GBASE-R SFP+ fiber Ethernet ports Central Transceiver module Connector Fiber transmission wavelength distance 50/125 µm, MMF 300 m (984.3 ft) SFP-XG-SX-MM850-A 850 nm 82 m (269.03 ft) 62.5/125 µm, MMF...

  • Page 57: Appendix D Leds

    Appendix D LEDs Device LEDs Table 26 Device LED description Mark Status Description The device is not powered up or is faulty. System status Slow flashing green The device is operating correctly. Fast flashing green The device is loading software. No power input or the fan tray is not present.
  • Page 58 Mark Status Description No link is present. Steady green A 1000 Mbps link is present. 1000BASE-X The port is receiving and Flashing green sending data at 1000 Mbps. Fiber Ethernet port LED No link is present. Steady green A 10 Gbps link is present. 10GBASE-R The port is receiving and Flashing green...

  • Page 59: Appendix E Cables

    Appendix E Cables Console cable A console cable is an 8-core shielded cable, with a crimped RJ-45 connector at one end for connecting to the console port of the switch, and a DB-9 female connector at the other end for connecting to the serial port on the console terminal.
  • Page 60 Table 29 Description for commonly used Ethernet twisted pair cables Type Description Category 5 Suitable for data transmission at a maximum speed of 100 Mbps Category 5e Suitable for data transmission at a maximum speed of 1000 Mbps Category 6 Suitable for data transmission at a speed higher than 1 Gbps Based on whether a metal shielding is used, Ethernet twisted pair cables can be classified into shielded twisted pair (STP) and unshielded twisted pair (UTP).
  • Page 61 Figure 33 Straight-through cable Figure 34 Crossover cable Select an Ethernet twisted pair cable according to the RJ-45 Ethernet port type on your device. An RJ-45 Ethernet port can be MDI (for routers and PCs) or MDIX (for switches). Table 30 Table 31 show their pinouts.

  • Page 62: Making An Ethernet Twisted Pair Cable

    10BASE-T/100BASE-TX 1000BASE-T Signal Function Signal Function Sends data BIDA- Bi-directional data cable A- Receives data BIDB+ Bi-directional data cable B+ Reserved BIDC+ Bi-directional data cable C+ Reserved BIDC- Bi-directional data cable C- Receives data BIDB- Bi-directional data cable B- Reserved BIDD+ Bi-directional data cable D+ Reserved...

  • Page 63: Optical Fiber

    Cut the top of the wires even with one another. Insert the wires into the RJ-45 end and make sure the wires extend to the front of the RJ-45 end and make good contact with the metal contacts in the RJ-45 end and in the correct order. Crimp the RJ-45 connector with the crimping pliers until you hear a click.
  • Page 64 • Never bend or curve a fiber when connecting it. • If the fiber has to pass through a metallic board hole, when passing through a metallic board hole or bending along the acute side of mechanical parts, the fiber must wear jackets or cushions.

This manual is also suitable for:

Secpath f5040

Table of Contents