H3C SecPath F1800-A Operation Manual
Link layer protocol
Hide thumbs
Also See for SecPath F1800-A:
- Operation manual (626 pages) ,
- Installation manual (13 pages)
Table of Contents
Advertisement
Quick Links
Operation Manual - Link Layer Protocol
H3C SecPath F1800-A Firewall
Chapter 1 VLAN Configuration .................................................................................................... 4-1
1.1 Introduction to VLAN.......................................................................................................... 4-1
1.1.1 The Potential Problems In LAN Interconnecting ..................................................... 4-1
1.1.2 Why Using VLAN..................................................................................................... 4-2
1.1.3 VLAN Aggregation .................................................................................................. 4-3
1.2 Configuring VLAN .............................................................................................................. 4-4
1.2.1 Creating an Ethernet Sub-interface ........................................................................ 4-5
1.2.2 Creating a VLAN and Entering VLAN View ............................................................ 4-5
1.2.3 Entering VLAN Interface View When a VLAN Is Created ....................................... 4-5
1.2.4 Adding a Port........................................................................................................... 4-5
1.2.5 Configuring a Trunk Port ......................................................................................... 4-6
1.2.6 Setting Sub-interface Encapsulation Type and Related VLAN ID .......................... 4-6
1.3 Displaying and Debugging VLAN ...................................................................................... 4-6
1.4 Typical Example for Configuring VLAN ............................................................................. 4-7
Chapter 2 PPP Configuration ..................................................................................................... 4-10
2.1 PPP Overview.................................................................................................................. 4-10
2.2 Configuring PPP .............................................................................................................. 4-12
2.2.1 Configuring Link Layer Protocol for Interface Encapsulation as PPP................... 4-12
2.2.2 Setting Polling Interval .......................................................................................... 4-12
2.2.3 Setting PPP Authentication Mode User Name and User Password ..................... 4-13
2.2.4 Configuring PPP Authentication Mode of AAA ..................................................... 4-15
2.2.5 Setting PPP Negotiation Parameters .................................................................... 4-15
2.2.6 Configuring PPP Compression ............................................................................. 4-16
2.2.7 Configuring PPP Link Quality Monitoring.............................................................. 4-16
2.2.8 Configuring Callback ............................................................................................. 4-17
2.2.9 Configuring the Dialing String Needed for Firewall Callback ................................ 4-17
2.2.10 Configuring DNS Address Negotiation................................................................ 4-18
2.2.11 Configuring VJ TCP Header Compression ......................................................... 4-18
2.3 Displaying and Debugging PPP....................................................................................... 4-19
2.4 Typical Example for Configuring PPP.............................................................................. 4-19
2.4.1 PAP Authentication Example ................................................................................ 4-19
2.4.2 CHAP Authentication Example ............................................................................. 4-20
2.5 Troubleshooting PPP....................................................................................................... 4-20
Chapter 3 PPPoE Configuration ................................................................................................ 4-22
3.1 PPPoE Overview ............................................................................................................. 4-22
3.1.1 Introduction to the PPPoE Protocol ...................................................................... 4-22
3.1.2 Introduction to PPPoE Application ........................................................................ 4-22
Table of Contents
i
Table of Contents
Advertisement
Table of Contents
Related Manuals for H3C SecPath F1800-A
Summary of Contents for H3C SecPath F1800-A
-
Page 1: Table Of Contents
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Table of Contents Table of Contents Chapter 1 VLAN Configuration ....................4-1 1.1 Introduction to VLAN......................4-1 1.1.1 The Potential Problems In LAN Interconnecting ............. 4-1 1.1.2 Why Using VLAN..................... 4-2 1.1.3 VLAN Aggregation .................... - Page 2 Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Table of Contents 3.2 PPPoE Server Configuration ................... 4-23 3.2.1 Enabling or Disabling PPPoE................4-23 3.2.2 Setting PPPoE Parameters................... 4-24 3.3 Configuring PPPoE Client....................4-24 3.3.1 Configuring a Dialer Interface ................4-24 3.3.2 Configuring a PPPoE Session ................
-
Page 3: Chapter 1 Vlan Configuration
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 1 VLAN Configuration Chapter 1 VLAN Configuration 1.1 Introduction to VLAN 1.1.1 The Potential Problems In LAN Interconnecting The Ethernet is a kind of data network communication technology, which is based on the shared communication medium of Carrier Sense Multiple Access with Collision Detection (CSMA/CD). -
Page 4: Why Using Vlan
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 1 VLAN Configuration 1.1.2 Why Using VLAN The LAN interconnection by means of switches cannot restrict the broadcast. The technology of Virtual Local Area Network (VLAN) comes into being to solve the problem. -
Page 5: Vlan Aggregation
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 1 VLAN Configuration VLANs cannot directly communicate with one another, that is, the users in one VLAN cannot directly access those in other VLANs. They need help of such layer 3 devices as routers and Layer 3 switches to fulfill the access. -
Page 6: Configuring Vlan
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 1 VLAN Configuration VLANs can share a same network segment. Thus, users can share the same IP address of the gateway. VLAN aggregation is realized by performing Address Resolution Protocol (ARP) Proxy over IP addresses of various VLANs. -
Page 7: Creating An Ethernet Sub-Interface
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 1 VLAN Configuration 1.2.1 Creating an Ethernet Sub-interface Do as follows in system view. Table 1-1 Creating an Ethernet sub-interface Action Command interface ethernet Create an Ethernet sub-interface. gigabitethernet interface-number.subnumber... -
Page 8: Configuring A Trunk Port
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 1 VLAN Configuration Do as follows in Ethernet interface view or GE interface view. Table 1-5 Adding or deleting the current port Action Command Add the current port to a VLAN. -
Page 9: Typical Example For Configuring Vlan
Thus, the workstations A, B, C and D connected to these Switches belong to VLAN 10 or VLAN 20. It is required: The addresses of the SecPath F1800-A sub-interfaces Ethernet 3/0/0.1, Ethernet 3/0/0.2, Ethernet 4/0/0.1, and Ethernet 4/0/0.2 are 1.0.0.1, 2.0.0.1, 3.0.0.1, and 4.0.0.1 respectively. - Page 10 1.1.1.1/8 2.2.2.2/8 Figure 1-2 VLAN networking diagram of L3 switching mode III. Configuration Procedure The SecPath F1800-A is configured as follows: # Create an Ethernet sub-interface Ethernet 3/0/0.1 and enter its view. <SecPath> system-view [SecPath] interface ethernet 3/0/0.1 # Assign the IP address to Ethernet 3/0/0.1.
- Page 11 Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 1 VLAN Configuration # Set the encapsulation type of Ethernet 3/0/0.2 and the related VLAN ID. [SecPath-Ethernet3/0/0.2] vlan-type dot1q 20 # Create an Ethernet sub-interface Ethernet 4/0/0.1 and enter its view.
-
Page 12: Chapter 2 Ppp Configuration
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration Chapter 2 PPP Configuration 2.1 PPP Overview I. PPP The Point-to-Point Protocol (PPP) is one of link layer protocols that bearing network layer packets over the point-to-point link. - Page 13 Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration The requester will look for the user password based on the authenticator’s hostname in the received packet and its own user list. If it finds the user in the user list with the same name as the authenticator’s hostname, the requester...
-
Page 14: Configuring Ppp
Configuring PPP compression algorithm Configuring PPP link quality monitoring Configuring callback Configuring dialing string needed for the SecPath F1800-A callback Configuring DNS server address negotiation Configuring VJ TCP header compression 2.2.1 Configuring Link Layer Protocol for Interface Encapsulation as PPP Do as follows in interface view. -
Page 15: Setting Ppp Authentication Mode User Name And User Password
AAA view. I. Configuring the Local SecPath F1800-A to Authenticate the Peer in CHAP and PAP Modes Table 2-3 Configuring the local SecPath F1800-A to authenticate the peer in CHAP and PAP modes Action... - Page 16 Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration III. Configuring the Peer to Authenticate the Local Device in CHAP Mode Table 2-5 Configuring the peer to authenticate the local device in CHAP mode Action...
-
Page 17: Configuring Ppp Authentication Mode Of Aaa
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration 2.2.4 Configuring PPP Authentication Mode of AAA After PPP authentication, whether the PPP user passes the authentication will be finally decided by AAA. AAA can authenticate the PPP user:... -
Page 18: Configuring Ppp Compression
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration Table 2-9 Setting the interval of PPP negotiation timeout Action Command Set the interval of negotiation timeout. ppp timer negotiate seconds Restore the default interval of negotiation undo ppp timer negotiate timeout. -
Page 19: Configuring Callback
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration Table 2-11 Configuring PPP link quality monitoring Action Command Enable PPP link quality monitoring. close-percentage [ resume-percentage ] Disable PPP link quality monitoring. undo ppp lqc... -
Page 20: Configuring Dns Address Negotiation
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration Table 2-13 Configuring the dialing string needed for firewall callback Action Command Configure the dialing string needed for firewall ppp callback ntstring dial-string callback. undo callback ntstring Cancel the callback dialing string. -
Page 21: Displaying And Debugging Ppp
2.4.1 PAP Authentication Example I. Networking Requirement As shown in Figure 2-2, the SecPath F1800-A and the router are interconnected through the Serial 3/0/0, and the SecPath F1800-A is required to authenticate the router in PAP mode. II. Networking Diagram Serial3/0/0 Serial3/0/0... -
Page 22: Chap Authentication Example
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration 2.4.2 CHAP Authentication Example I. Networking Requirement Figure 2-3, the SecPath F1800-A is required to authenticate the router in CHAP mode. II. Networking Diagram Serial3/0/0 Serial3/0/0 SecPath... - Page 23 Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 2 PPP Configuration Serial3/1/0 current state : DOWN Link layer protocol current state : DOWN The interface is activated, but link negotiation is not successful. Serial3/1/0 current state: UP Link layer protocol current state : DOWN The link negotiation, that is, the LCP negotiation on this interface succeeds.
-
Page 24: Chapter 3 Pppoe Configuration
PPPoE client dialing software in order to access the Internet through ADSL. H3C series routers serve as PPPoE client (namely the PPPoE client dialing) while the SecPath F1800-A supplies PPPoE server, by which the user can access the Internet without installing client dialing software on his PC. Moreover, all PCs on the same LAN can share the same ADSL account. -
Page 25: Pppoe Server Configuration
Figure 3-1, PCs in the Ethernet are connected with the router. PPPoE client runs on the router, while PPPoE server runs on the SecPath F1800-A. On-line data reach the router before being encapsulated through PPPoE. The ADSL modem that is attached to the router reaches ADSL access server and finally access the Internet. -
Page 26: Setting Pppoe Parameters
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 3 PPPoE Configuration Table 3-1 Enabling or disabling PPPoE Action Command Enable PPPoE on the Ethernet pppoe-server bind virtual-template number interface. Disable PPPoE on the Ethernet undo pppoe-server bind interface. -
Page 27: Configuring A Pppoe Session
Delete a PPPoE session. number The SecPath F1800-A firewall support two kinds of PPPoE connection mode: always-on mode and packet triggering mode. Always-on mode When the physical line is Up, the router will quickly initiate PPPoE call to create a PPPoE session. -
Page 28: Displaying And Debugging Pppoe
Operation Manual - Link Layer Protocol H3C SecPath F1800-A Firewall Chapter 3 PPPoE Configuration Packet triggering mode When the physical line is Up, the router will not initiate PPPoE call to create a PPPoE session until data is to be transmitted. If the idle time of a PPPoE link exceeds the user-defined value, the firewall will automatically terminate the PPPoE session. -
Page 29: Typical Examples For Configuring Pppoe
] 3.5 Typical Examples for Configuring PPPoE I. Configuration Requirements The hosts access the Internet through the SecPath F1800-A by making use of PPPoE. II. Networking Diagram The SecPath F1800-A is connected to the Ethernet through Ethernet 1/0/0 and the Internet through Ethernet 3/0/0. - Page 30 PPPoE to access the Internet through the SecPath F1800-A. After the above parameters are set, such parameters as AAA or RADIUS can still be set on the SecPath F1800-A. Thus, the SecPath F1800-A can achieve charging. For configuration procedures in detail, refer to the part "06-Security Defence...
Need help?
Do you have a question about the SecPath F1800-A and is the answer not in the manual?
Questions and answers