Page 1 Part No. 10042302 Rev AA OfficeConnect CLI User’s Guide Release 1.0 Gateway ®...
Page 2 95052-8145 3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty of any kind, either implied or expressed, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose.
Page 3: Table Of Contents
BOUT UIDE Who Should Use This Guide? ............. . i Conventions .
Page 4 CLEAR Commands ..............2-2 COPY Command.
Page 5 System Information Commands ............3-4 Set Command .
Page 6 Organization of this Chapter ............6-1 Bridging Commands .
Page 7 Chapter 10 ATM C OMMANDS Overview ................10-1 Add Command .
Page 8 Chapter 14 ICMP C OMMANDS Overview ................14-1 Enable Commands .
Page 9 Chapter 17 PPP C OMMANDS Overview ................17-1 Add Command.
Page 10 Chapter 20 ETWORK ERVICES OMMANDS Overview ................20-1 Add Command.
Page 11 Show Command..............23-1 Chapter 24 TCP C OMMANDS...
Page 12 Filter File Components ..............27-2 Creating Filter Files .
Page 13 List Commands..............29-3 Show Commands .
Page 15: About This Guide
This guide describes how to use the Command Line Interface (CLI) of the OfficeConnect access, configure and modify system settings and parameters of the OfficeConnect Gateway from the command line prompt using a Console Telnet session. From the CLI prompt, the Service Provider can configure the OfficeConnect Gateway, modify its factory default settings, and run custom configuration scripts.
Page 16 BOUT UIDE Convention Screen displays This typeface represents information as it appears on the screen. Parameter/value The words “parameter’ or ‘value” mean that you must evaluate the Commands The words “ENTER” and “type” Words in italics Table 2 Text Conventions Description syntax provided and then supply the appropriate values for the placeholders that appear in angle brackets.
Page 17: Related Documentation
Related The OfficeConnect Gateway documentation set includes the following Documentation documents. They are available at the following 3Com web site: http://www.3Com.com/ocg/docs OfficeConnect Gateway User’s Guide Describes how to use the OfficeConnect Gateway, the functional operation of the OfficeConnect Gateway, and how to administer and manage the unit from your web browser.
Page 18 BOUT UIDE...
Page 19: Using The Command Line Interface (Cli)
Overview This chapter describes how to access the Command Line Interface (CLI) of the OfficeConnect Gateway and explains basic concepts including the syntax and structure of the command language. The chapter is organized into the following sections: Accessing the To use the CLI to configure and/or manage the OfficeConnect Gateway, you need OfficeConnect to establish a Console Telnet connection with the unit via the LAN or WAN Gateway CLI...
Page 20: Using Your Web Browser
1: U HAPTER SING THE OMMAND Using Your To establish a Console Telnet session with the OfficeConnect Gateway from your Web Browser web browser, perform the following steps: 1 From your web browser, access the OfficeConnect Gateway page (Default IP address: 192.168.1.1).
Page 21: Exiting A Cli Session
After you have completed the login process, you will see the OCG-Adsl >> enter CLI commands. Exiting a CLI Session To exit a CLI Console session, use one of following commands: Exit Leave Quit Logout These commands leave the CLI, but keep the connection open. These commands bye, exit, leave, quit return you to the Telnet commands.
Page 22: Top Level Cli Commands
1: U HAPTER SING THE OMMAND Top level CLI The following list identifies the top level CLI commands. To use these commands, Commands type the appropriate command at the CLI command prompt ( The function of many of these top level commands is self-explanatory from their name.
Page 23: History Commands
History Commands The history command displays previously entered CLI commands. Recall commands from the history cache by using Ctrl p to recall commands up the list, and Ctrl n to recall commands working down the list. The default depth is 10 commands. The range is 1-500. You can modify history history depth using the set history <1-500>...
Page 24: Page Break Commands
1: U HAPTER SING THE OMMAND Page Break Commands The Terminal Settings Page Break commands lets an Administrative user to enable or disable page breaks for commands which display text that would overflow the boundaries of the display screen. The Terminal Settings Page Break commands can be applied globally or locally. enable command Allows an administrative user to globally (for all OfficeConnect Gateway sessions) enable page breaks for commands which display text - list, show, etc.
Page 25: Show Command
Parameters local_prompt local_ terminal_ settings_rows login_required Sets whether a Telnet user is required to log in. This value can be changed prompt Show Command The show command settings command displays the settings for CLI commands. show command settings It lists the following information: Use the set command to modify these settings.
Page 26: Command Language Structure
1: U HAPTER SING THE OMMAND Command Language The CLI command language creates, manages, displays, and removes system Structure entities that describe system and network connections and processes. Configured entities are stored in tables such as the IP Routing Table. Some common entities are: Table entries are created with an ADD command, and removed with a DELETE command.
Page 27: Command Retrieval
(Ctrl c) (Ctrl e) (Ctrl d) or (Ctrl k) Command Retrieval Command retrieval lists the history of commands previously entered. You can display the current command history using the history command. You can change the number of commands kept in the command history buffer using the set command history command.
Page 28 1-10 1: U HAPTER SING THE OMMAND The login user name and password for the OfficeConnect Gateway is case sensitive. Many commands are position-independent, multi-tiered, and have keywords Multi-tiered commands let you type the base command (e.g.: set interface) and implement associated parameters (filter_access, input_filter, etc.).
Page 29 Command Line Interface Conventions 1-11 <yes | no> A series of commas between a set of choices indicates multiple options, e.g.: [vpi/vci, dlci...
Page 30 1-12 1: U (CLI) HAPTER SING THE OMMAND NTERFACE...
Page 31: Ist Of
CLI C Overview This chapter identifies and lists the top-level OfficeConnect Gateway CLI commands. These commands are described in the following chapters of this document. Top level CLI The following list identifies the top level CLI commands To use these commands, Commands type the appropriate command at the CLI command prompt ( ADD Commands...
Page 32: Clear Commands
2: L HAPTER IST OF FFICE ONNECT CLEAR Commands Use the CLEAR command to clear the values/settings of the following parameters: ARP_CACHE COPY Command Use the COPY command to copy a file. DELETE Commands Use the DELETE commands to delete the values associated with the following parameters: DISABLE Commands Use the DISABLE command to disable the following parameters:...
Page 33: Exit Command
EXIT Command Use the EXIT command to quit the Console Telnet CLI session. HELP Command Use the HELP command to obtain information about CLI commands and their formats. HIDE Command Use the HIDE command to stop the echoing of events being directed to the SYSLOG from being displayed on your Telnet session.
Page 34: Logout Command
2: L HAPTER IST OF FFICE ONNECT LOGOUT Command Use the LOGOUT command to quit and logout of the Console Telnet CLI session. PING Command Use the PING command to send an ICMP echo request to a remote IP host A reply from the pinged address indicates success.
Page 35: Show Commands
RESET_ACTION SYS_LOG FORMAT TELNET_LISTEN_P TIMEZONE VODSL SHOW Commands Use the SHOW commands to view detailed table entry information. The SHOW command displays information about a single line i a table or a set of scalars (non-table items). The SHOW ALL commands display all parameters for all entries in tables associated with particular commands.
Page 36: Verify Command
2: L CLI C HAPTER IST OF FFICE ONNECT ATEWAY OMMANDS VERIFY Command Use the Verify filter command to check the filter file syntax.
Page 37: Administrative Cli Commands
Overview This chapter identifies and describes the administrative-related CLI commands of the OfficeConnect Gateway. These commands are identified in the following list: Date and Time The OfficeConnect Gateway uses the Network Time Protocol (NTP) to accurately establish date and time for the unit. You can use the show time command to confirm that date and time have been established.
Page 38: Set Commands
3: A CLI C HAPTER DMINISTRATIVE Set Commands set date <date> The set date <date> command sets the date without changing the time. The format is dd-mmm-[yy]yy. The month should be the first three characters of the month name. The year can be expressed in either 2 or 4 digits - 01 or 2001. set date <date>...
Page 39: Enable Command
The following table identifies the NTP CLI commands. Command Type Enable Disable Show Enable Command The enable ntp command enables the Network Time Protocol (NTP), which enable ntp references a clock located on the Internet, allowing the OfficeConnect Gateway to synchronize its clock setting with a server of your choice.
Page 40: Show Command
3: A CLI C HAPTER DMINISTRATIVE Parameters timeout Show Command show ntp The show ntp command displays the Simple Network Time Protocol settings. For example: show ntp settings Primary Server is Secondary Server is: Status Polling Interval (Seconds) Max Retransmissions Retransmission Timeout: Also see the set ntp command.
Page 41: Show Commands
Product Code: Card Type: LAN Port MAC: Expansion Port Number: 3Com Serial Number: Flash Size: SDRAM Size: show configuration, The show configuration command displays a variety of system information including system, network, protocol, interface, forwarding, routing, DNS, host and datalink parameters.
Page 42: Show System
System Services: System Transmit Authentication Name: System Version: OMMANDS ETHERNET_II eth:1 LOOPBACK loopback Opened 154.222.145.234 157.123.122.177 157.123.122.158 157.123.122.149 3Com Corporation OCG Built on Mar 5 2000 at 19:24:. 166.165.166.14 127.0.0.1/A 1.3.6.1.4.1.429.2.19 0d 00:56:00 Ray-Man OCGMAN Steve's Lab Internet EndToEnd Applications V5.0.7...
Page 43 The show memory command displays the OfficeConnect Gateway’s SRAM (Static show memory Random Access Memory) usage. The show memory utilization command displays system DRAM memory usage show memory utilization resources as well as periodic memory usage checks. It displays the following information: Total System Memory Resources - total amount of usable memory for router applications...
Page 44: Script Commands
3: A CLI C HAPTER DMINISTRATIVE Script Commands Use the do <command_inputfile> output <outputfile> command to run a script file stored in FLASH memory. The script file contains a series of CLI commands. do <command_inputfile> The script file contains a series of CLI commands. The output parameter is optional.
Page 45: Copy Commands
Edit is especially convenient when creating small or editing large filter files. An alternative method uses TFTP but this method is more suited to creating large filter files. Copy Commands copy file <input_file> The copy file command Copies a file within the FLASH file system. This is a flat file system.
Page 46: Rename Command
3-10 3: A CLI C HAPTER DMINISTRATIVE Atmarp.cfg CLI.cfg old-log-file.local user_settings.cfg Total Sectors Allocated sectors Deleted Sectors Free Sectors MinimumFree Sectors 7168 1649 128 5391 1075 Rename Command rename file <input_file> The rename file command copies files within the FLASH file system. The FLASH file system is a flat file system (no subdirectories).
Page 47: Uploading Configuration Files (Bulk File) Commands
Uploading Bulk files are created for uploading configuration files to the OfficeConnect Configuration Files Gateway. (Bulk File) Commands The following table identifies the Bulk File commands. save configuration Saves individual configuration files (.CFG) to a bulk configuration file for uploading to the OfficeConnect Gateway.
Page 48: Reset Command
3-12 3: A CLI C HAPTER DMINISTRATIVE Reset Show Reset Command reset Use the reset command to restore the following OfficeConnect Gateway settings to their factory default configuration values. The following table describes these settings. Parameters configuration DHCP_client_network DHCP_server_settings DHCP_proxy_counters pppoe counters Also see the set bulk_file <file_name>...
Page 49: Show Command
Reboot Command 3-13 Show Command show reset_action The show reset_action command displays the reset action. The reset action setting should be default_configuration. Reboot Command The reboot command reboots the system. If you have made any configuration changes, be sure to use the save all command before rebooting. reboot Also see the delete configuration command.
Page 50 3-14 3: A CLI C HAPTER DMINISTRATIVE OMMANDS...
Page 51: Configuring And Managing Users
Overview This chapter identifies and describes the CLI commands you can use to configure and manage the authorized users of the OfficeConnect Gateway. You can configure all remote networking parameters associated with the profile of the user who is accessing the OfficeConnect Gateway. A user profile specifies the user’s protocol, address parameters, and other unique settings.
Page 52: Delete Commands
4: C HAPTER ONFIGURING AND The add user <name> command parameters are described in the following table. Parameters [name] enabled login_service password type Assigns a user to a previously configured address pool. The command has the add address_pool user following parameter: <user_name>...
Page 53: Disconnect Command
also causes all active sessions established using that particular user to terminate, and does not allow any new sessions to occur using that user name. Disabling a user is useful when prohibiting a user’s access temporarily. Use the list users and show user commands to view edits. Disconnect Command The disconnect user <name>...
Page 54: List Command
4: C HAPTER ONFIGURING AND telnet_options type Specifies a framed (static) network to the user profile for dialup connections. You set framed_route user can configure the following parameters for this command: <name> Specifies a framed (static) network to the user profile for dialup connections. Parameters <user name>...
Page 55: Show Commands
Show Commands This section describes the show user and show The show user <name> command displays the parameters defined for the show user <name> specified user. The type of information displayed depends on the type of user you specify. You can issue the list users command to see which users are defined, and what type(s) user each is.
Page 56 4: C HAPTER ONFIGURING AND ANAGING Tap Output: Tap Facility: Tap Loglevel: Tap Address: Chat Script Name: PARAMETERS FOR LOGIN USERS: Login Service: TCP Port: Terminal: Login Host Name: Login Host: Host Type: PARAMETERS FOR NETWORK USERS: Network Service Header Compression: Bridging: MTU: IP Usage:...
Page 57 Encryption Algorithm: Primary DNS Server: Secondary DNS Server: Periodic CHAP Timeout: Source Ip Address Filter: Show Commands NONE (D) 0.0.0.0 0.0.0.0 0 (D) DISABLED (D)
Page 58 4: C HAPTER ONFIGURING AND ANAGING SERS...
Page 59: Telnet Commands
Overview This chapter identifies and describes the Telnet commands accessible from the OfficeConnect Gateway CLI. These commands are available to users who remotely log in to the OfficeConnect Gateway to establish a Console Telnet session. The following table identifies the Telnet commands: To access these Telnet commands, Users must have valid Telnet login accounts.
Page 60: Command Descriptions
5: T HAPTER ELNET OMMANDS Command This section describes the log in-related Telnet commands. Descriptions Establishes a Telnet client session with the specified IP host name or address. In telnet <IP_name or order for the system to resolve the host name, you must either add the host name address>...
Page 61 Displays a list of Telnet clients you configured using the add telnet client list telnet clients command. When access is globally enabled with the enable telnet client_access command, Telnet clients on the list can access the OfficeConnect Gateway. By specifying a netmask, you can add network and subnetwork addresses. If no netmask is specified, the host netmask value is assumed.
Page 62 5: T HAPTER ELNET OMMANDS The disable telnet command lets you disable the following Telnet parameters: disable telnet These parameters are described in the following table. Parameter client_access disconnect_message escape terminal_download_ mode trying_message Also see the enable telnet and show time commands. show telnet Displays the status of the Telnet escape and trying message features.
Page 63: Bridging Commands
Overview This chapter identifies and describes the Bridging commands accessible from the OfficeConnect Gateway CLI. A bridge connects two or more physical networks together to function as one large network. The OfficeConnect Gateway can be configured to be a learning bridge. A learning bridge does more than just link networks;...
Page 64: Bridging Commands
6: B HAPTER RIDGING OMMANDS Bridging Commands The following table identifies the Bridging commands accessible from the OfficeConnect Gateway CLI: Remember to save your configuration using the save all command before rebooting your OfficeConnect Gateway so that your changes will be written to permanent FLASH memory.
Page 65: Bridging Ip Traffic
By default, the network is enabled when it is created. Use the disable bridge disable bridge network network <network name> command to disable the bridge network. <network name> Use the delete bridge network <network name> command to delete a disabled delete bridge network network.
Page 66: Spanning Tree
6: B HAPTER RIDGING OMMANDS The Forward Delay is the time (in seconds) to wait while learning forwarding set bridge forward_delay information before starting to bridge packets. The range is between four and 30 <seconds> seconds. Use the set bridge forward_delay <seconds> command to change the Forwarding Delay.
Page 67: Simultaneous Bridging And Routing
Simultaneous Bridging You can configure the OfficeConnect Gateway for simultaneous bridging and and Routing routing. IP routing is configured if IP forwarding is enabled (see Enabling IP Routing). Bridging is enabled by adding a bridge network over the Ethernet and WAN interfaces (see Configure Bridging for the LAN and WAN).
Page 68 6: B HAPTER RIDGING OMMANDS and on the state of the MAC-Encapsulated Routing parameter in the remote site profile. In general, a packet received in a routed encapsulation (such as IPCP or Routed RFC 1483) is delivered to the router. A packet received in a bridged encapsulation is passed on to the bridge.
Page 69 Simultaneous Bridging and Routing settings Displays information about the specified bridge network. You use the add bridge network command to define bridge networks. — Interface the interface this bridge is using — Network Address index number for this bridge network —...
Page 70 6: B HAPTER RIDGING OMMANDS...
Page 71: Voice And V Odsl Commands
Overview If your OfficeConnect Gateway is equipped to handle data and voice, you can use it to receive both voice traffic and data traffic over your DSL line. This chapter identifies the Voice and Voice over DSL (VoDSL) commands that can be accessed from the CLI of the OfficeConnect Gateway.
Page 72 7: V DSL C HAPTER OICE AND show voice interface Use this command to display current voice interface configuration settings for the specified interface. The following information is displayed: <name> Interface Name: State: Tx-Gain: Rx-Gain: Ring Frequency: Ring Cadence: Echo Canceller: Companding Type: Rx Packet Count: Tx Packet Count:...
Page 73: Voice Over Dsl (Vodsl)
Interface Name: Interface Name: State: Tx-Gain: Rx-Gain: Ring Frequency: Ring Cadence: Echo Canceller: Companding Type: Rx Packet Count: Tx Packet Count: Use this command to list the display the current status of all voice interfaces. The list voice interfaces following information is displayed: Interface Name: Port:1 Port: 2...
Page 74 7: V DSL C HAPTER OICE AND Parameters interface companding_type codec_type set vodsl interface Use this command to set the VoDSL PVC for an interface: <name> pvc <vpi number / vci number> | < dlci number> The following is an example of this command where the Interface Name is fred and the VPI/VCI is 12/13: set vodsl interface fred pvc 12/13 set vodsl...
Page 75: Interface
Overview This chapter describes the Interface commands accessible from the CLI of the OfficeConnect Gateway. The following tables identifies the Interface commands described in this chapter: For information on the Voice and VoDSL related Interface commands, see Chapter 7, VoDSL and Voice Commands. CLI Commands Disable Command Disables any specified interface.
Page 76: List Commands
8: I HAPTER NTERFACE OMMANDS List Commands list interfaces Displays the installed interfaces, along with their operational status and administration status. If an interface is down under Admin Status, you can use enable interface to try to bring it up. This command also identifies the Frame Relay logical name - a representation of the Frame Relay PVC instance - in order to add an IP network on top of the PVC.
Page 77: Set Command
Filter Access - This switch allows user filters to override the specified interface filter. If set to OFF (default), user filters do not override the interface filters. If set to ON, user filters override the interface filter. Last Change - Last configuration change made to the interface, measured in system time.
Page 78 8: I HAPTER NTERFACE OMMANDS...
Page 79: Arp Commands
ARP C Overview This section describes the ARP (Address Resolution Protocol) commands accessible from the CLI. ARP is an internet protocol used to map an IP address to a MAC address. The following table identifies the ARP commands described in this chapter: Arp Command Learns the IP address, and, if on a locally connected network, the Media Access arp <ip_host_name_or_...
Page 80: Add Command
9: ARP C HAPTER OMMANDS Add Command Adds static ARP entries and associates them with an interface. The values add ip arp address <ip_address> and <mac_addr> are required. If interface is not specified, the entry <ip_addr> is applied to all interfaces. access_mac_address <mac_addr>...
Page 81: List Command
List Command Displays the contents of the ARP cache. It lists the following information: list ip arp IP address 134.134.155.156 134.134.155.254 134.122.135.119 134.122.145.143 IP address - network address for this entry Phys address - MAC address the IP address maps to Type - Ethernet interface type: Dynamic IfName - LAN interface name: eth:1 or eth:2 Phys address...
Page 82 9: ARP C HAPTER OMMANDS...
Page 83: Atm Commands
ATM C Overview This section describes the ATM (Asynchronous Transfer Mode) commands accessible from the CLI. ATM is a high-speed, connection-oriented switching technology that can transmit voice, video, and data traffic simultaneously through fixed-length packets, known as cells. The following table identifies the ATM commands described in this chapter: Add Command Creates a Permanent Virtual Circuit (PVC) for RFC-1483 compliant networks.
Page 84: Delete Command
10-2 10: ATM C HAPTER OMMANDS Delete Command Removes a PVC created with the add atmaal5 pvc <name> command. delete atmaal5 pvc <name> Disable Command Disables a PVC you created with the add atmaal5 pvc <name> command. disable atmaal5 pvc <name>...
Page 85: Dhcp Commands
DHCP C Overview Dynamic Host Configuration Protocol (DHCP) is designed to provide a centralized approach for configuration of IP addresses and parameters. When a workstation is configured for automatic assignment of IP addresses, it broadcasts a request out on the LAN. The DHCP Server responds with an IP address for the workstation, the domain name and the IP addresses of the default router, two Domain Name Servers (DNS) and two WINS Servers.
Page 86: Command Description
OfficeConnect Gateway can either assign an IP address from the pool, or relay the BOOTP request to the LAN based DHCP Server DHCP Client over WAN - OfficeConnect Gateway sends BOOTP request to upstream Router for IP address at WAN interface 151.104.120.56/C 151.104.120.57 151.104.116.81 151.104.116.82 ne.3com.com 151.104.120.22 151.104.120.30 Winston OCG_Config...
Page 87 DHCPRELEASE Transmitted: DHCPINFORM Transmitted: show DHCP_client Use this command to show the DHCP Client settings for the specified network. network <net_name> Example: OCG-Adsl>> show dhcp_client network alaska settings DHCP CLIENT NETWORK alaska SETTINGS Status: Use this command to show the DHCP Client settings for all networks. show all DHCP_client networks Example:...
Page 88 11-4 11: DHCP C HAPTER OMMANDS...
Page 89: Ip Routing
IP R Overview This chapter describes the IP related commands accessible from the CLI of the OfficeConnect Gateway. To configure IP over the LAN, you need to assign an IP network to the LAN port, or PVC interface, with the add ip network <network_name> command. Each network has a network name.
Page 90 12-2 12: IP R HAPTER OUTING OMMANDS Enable Disable List enable ip enable ip address_pool_filtering enable ip address_pool_round_robin enable ip forwarding enable ip multicast_heartbeat enable ip network <network_name> enable ip rip enable ip source_address_filter enable ip static_remote_routes disable ip (?) disable ip address_pool_filtering disable ip address_pool_round_robin disable ip forwarding...
Page 91: Add Commands
Add Commands add ip defaultroute Allows a default route to be configured. The command adds a default route with a gateway on the IP network configured on the OfficeConnect Gateway LAN gateway <IP_address or interface (eth:1), or on a PVC interface. This allows a default route to be name>...
Page 92 12-4 12: IP R HAPTER OUTING OMMANDS interface exists, that gateway will be installed as the primary gateway. If the disconnected interface is reconnected, the associated gateway will be re-installed. Parameters <IP_address> metric add ip network Adds an IP network to the list of IP networks available over the specified interface. This command has the following parameters <network_name>...
Page 93 Parameters wan_type enabled add ip route <host_name Adds an IP static route entry to the IP Routing Table. IP packets destined for networks that match this network will be routed to this address. The command or IP_network_address> list ip routes displays all currently defined routes including the static route you create with this command but only if you have specified a gateway.
Page 94 12-6 12: IP R HAPTER OUTING OMMANDS Parameters <user name> gateway ip_route metric Assigns a specified number of contiguous IP addresses for allocation by the add ip pool <pool_name> OfficeConnect Gateway. When dial-in network users are dynamically assigned IP addresses, those IP addresses are allocated from a pool which has the advantage of bundling several IP addresses into one to limit RIP advertisements.
Page 95: Delete Commands
Parameters initial_pool_address/su bnet_mask max_unused_addrs route size state add ip source route The OfficeConnect Gateway supports routing based on source addresses of IP datagrams. When source based addressing is enabled, the IP packets coming in on <ip_name_or_net_addr> a static interface are looked up in the routing table based on the source address gateway instead of the destination address and routed accordingly.
Page 96: Enable Commands
12-8 12: IP R HAPTER OUTING OMMANDS This command takes effect only after all addresses have been released from the pool. Also, when a IP pool is deleted, be sure to also delete the pool from any associated user’s profile. delete ip route Deletes the specified static/learned IP address or all learned routes (including RIPv1/RIPv2 routes) from the IP Routing Table.
Page 97: Disable Commands
enable ip Permits packet filtering on all IP address pools. Use the show ip command to view the current setting address_pool_filtering enable ip Turns on round robin allocation of IP addresses from IP address pools configured with the add ip pool command. Use the show ip settings command to view the address_pool_round_robi current setting.
Page 98 12-10 C 12: IP R HAPTER OUTING OMMANDS Parameter directed_bcast_forwarding respond_to_directed_bcast send_host_unreach_for_pool Disables packet filtering on all IP address pools (drops packets for IP addresses disable ip within IP pools not in use). address_pool_filtering disable ip Turns off round robin allocation of IP addresses from IP address pools configured with the add ip pool command.
Page 99: List Commands
list ip addresses Displays the IP address for each active IP network. It lists the following information: address - IP address of the interface Bcast Algo - Algorithm used to determine which address to broadcast representing the entire network. Choices are: 1 - the IETF standard: nnn.nnn.nnn.255 (default) 0 - the BSD standard: nnn.nnn.nnn.000 Reassembly Max Size - maximum allowable size of packet that can be...
Page 100 12-12 C 12: IP R HAPTER OUTING OMMANDS Name atm1483 ipnet internal IP-loopback Displays the IP pools you configured with the add ip pool command. It lists the list ip pools following information: Name ippool ippool 2 list ip routes Displays all the statically defined IP routes that you previously defined using the add ip route command, as well as any routes learned via RIP and system-defined routes (loopback).
Page 101 Destination - IP address that the route resolves to Prot - LOCAL, RIP or NetMgr (routes you added) NextHop - address of the gateway used to reach this route Metric - number of router hops away this route is from the system Interface - interface that the route uses.
Page 102 12-14 C 12: IP R HAPTER OUTING OMMANDS Bundle Index Link Index Oper Displays the network services that are running, such ad Telnet, TFTP, etc. list networks list policy List the IPSec policies currently loaded into the system cache. Displays the system facilities (processes) currently running, plus the default log list facilities level.
Page 103 RoboExec Sbus SNMP TFTP Process Telnet Traceroute Displays all processes running on the system. It lists the following information: list processes Index - a reference number in the Process Table Name - designation of the process (e.g.: Domain Name System) Type - SYSTEM, APPLICATION, FORWARDER or DRIVER Status - ACTIVE, PENDING or INACTIVE See example below.
Page 104 12-16 C 12: IP R HAPTER OUTING OMMANDS PROCESSES Index 1a2001 1b2001 1c2001 1d2001 1e2001 1f2001 202001 21200 22200 232001 242001 262001 272001 282001 292001 2c2001 312001 322001 342001 35200a Displays the following Routing Table information: list rtab preferred ROUTING TABLE PREFERRED ROUTES Destination 0.0.0.0/0 151.117.120.74...
Page 105: Set Commands
151.117.110.4/H 151.117.110.24 151.117.110.23/H Set Commands Specifies the source IP address (where packets exit) of an OfficeConnect Gateway set ip which has more than one Ethernet interface for IP routing or multi-home logical application_source_addre networks configured on the Ethernet and which needs to communicate that ss [syslog | igmp | ping | source address to an associated SYSLOG server.
Page 106 12-18 C 12: IP R HAPTER OUTING OMMANDS Configures the type of broadcast algorithm, the maximum size for reassembling set ip network <name> fragmenting packets, the RIP password, RIP export metric, RIP policies, the routing metric and the routing protocol for the specified interface. The only required parameter for this command is <name>.
Page 107 routing_metric Sets routing metric (number of hops between the OfficeConnect Gateway and its destination) for use on IP network. Metric is set when the routing_protocol is configured as ripv1 or ripv2. When routing_protocol is changed to none, the metric is changed back to the default value of 1.
Page 108 12-20 C 12: IP R HAPTER OUTING OMMANDS set ip pool <pool_name> Modifies IP pool parameters set using the add ip pool command. This command has the following parameters: Parameters <pool name> initial_pool_address/s ubnet_mask max_unused_addrs route size state Modifies the IP route created using the add ip route command. This command set ip route <IP_hostname has the following parameters: or network address>...
Page 109 Parameters <IP hostname or IP network address> gateway metric Sets global parameters for IP routing on the specified IP router address which set ip routing serves as the gateway to an autonomous system. This command has the following parameters: autonomous_system_number <number> metric_maximum_entries <number>...
Page 110: Show Command
12-22 C 12: IP R HAPTER OUTING OMMANDS This command enables or disables source based routing on the specified interface. set ip source_based_routing Parameter <interface_name> enabled interface_name [no | yes] enabled Change parameters in the routing table for the specified IP source route. This set ip source route command has the following parameters: <ip_name_or_net_addr>...
Page 111 Total Input Datagrams - sum of IP datagrams received Bad Headers - number of datagrams with bad headers Bad addresses - number of datagrams with bad addresses Forwarded Packets - number of packets forwarded Bad Protocol - number of packets received with bad protocol Discarded - number of packets discarded Successfully Delivered - number of packets successfully received Output Counters...
Page 112 12-24 C 12: IP R HAPTER OUTING OMMANDS IP SETTINGS Gateway’s Eth:1 port or the username associated with the remotely attached host. The default is None IP Multicast Heartbeat Status - Indicates whether multicast heartbeat is Enabled or disabled. The default is disabled IP Multicast Heartbeat Interface - The interface on which multicast traffic for the specified group is monitored: eth:1 or slot:x/port:y.
Page 113 IP System Host address: IP Forwarding: IP Address Pool Filtering: IP Address Pool Round Robin: Source IP Address Filter IP Multicast Proxy Interface: IP Multicast Heartbeat Status: IP Multicast Heartbeat Interface: IP Multicast Heartbeat Group: IP Multicast Heartbeat Time: IP Multicast Heartbeat Window: IP Multicast Heartbeat Threshold: IP Source Address for RADIUS IP source address for SYSLOG:...
Page 114 12-26 C 12: IP R HAPTER OUTING OMMANDS show ip routing show ip routing settings Displays parameter settings for the specified IP network. Statistics are gathered from parameters configured with set ip routing. Status - Enabled, ACTIVE, INACTIVE, Disabled Reconfigure Needed - FALSE or TRUE. When displaying the value TRUE, this setting notifies the administrator that the network should be reinitialized in order for a newly configured parameter to take effect.
Page 115 Displays the source IP address (where packets exit) of an OfficeConnect Gateway show ip which has more than one Ethernet interface for IP routing or multi-homed logical source_based_routing networks configured on the Ethernet. <interface_name> Displays information for all active interfaces. For example: show all active interfaces INTERFACE wan:2 SETTINGS Description:...
Page 116 12-28 C 12: IP R HAPTER OUTING OMMANDS Flag as Idle Pattern: show all connections Displays all current connections. show all filters Displays all filters currently being used. Displays details for all interfaces. show all interfaces INTERFACE eth:1 SETTINGS Description: Type: Speed: High Speed:...
Page 117 IP RIP Authentication Key: Displays details for all configured LAN interfaces. show all lan interfaces INTERFACE eth:1 SETTINGS Description: Type: Speed: High Speed: Administrative Status: Operational Status: Link Up/Down Traps: Promiscuous Mode: Connector Present: Filter Access: Last Change: Policy Access: Policy File: Input Filter: Output Filter:...
Page 118: Show Configuration, Show Configuration Settings
12-30 C 12: IP R HAPTER OUTING OMMANDS Displays information for all sessions. For example: show all sessions INFORMATION FOR SESSION Service Type: Service Type: Speed of Connection: NAS IP Address: Login Service: Login Port: Active Session ID: show all users Displays various parameters for different types of users such as login, network, tunnel, and network PPP users.
Page 119 CONFIGURATION SETTINGS Primary Server: 166.165.166.139 Remote Accounting: ENABLED Primary Server: 166.165.166.139 Interfaces: eth: slot:3/port:1 slot:3/port:1 internal loopback IP Forwarding: ENABLED ipnet IP-loopback Networks: PPP Receive Authentication: ANY Datalinks: Opened DNS Domain: hiyall-usr.com camus scylla charybdis show Configures the total number of users that can be created locally on the OfficeConnect Gateway.
Page 120 12-32 C 12: IP R HAPTER OUTING OMMANDS show memory utilization Displays system DRAM memory usage resources as well as periodic memory usage checks. It lists the following information: Initialized Data Size, Uninitialized Data Size, Stack Size - static data areas SYSTEM MEMORY RESOURCE Total System Memory Resources: Free Memory:...
Page 121: Show Packet_Logging
Displays the configured settings for the specified network. For an example, see the show network <name>, output from the show ip network command. show network settings show packet_logging Displays settings for packet size and logging. For example: show packet_logging settings PACKET LOGGING SETTING Logging Packet Type: Logging Packet Size:...
Page 122: Reconfigure Commands
System Transmit Authentication Name - system-wide keyword for PPP on the WAN, modified using set system command System Version - loaded release version of the system software SYSTEM DESCRIPTION System Descriptor: 3Com Corporation OCG Built on Mar Object System UpTime: System Contact: System Name...
Page 123 Reconfigure Commands 12-35 internal address). Network and interface names are limited to 64 ASCII characters. See add ip network <network_name> for more information.
Page 124 12-36 C 12: IP R HAPTER OUTING OMMANDS...
Page 125: Dns Commands
Internet and the other to a corporate site which has a domain name of 3com.com. Two DNS remote servers can be configured, one which uses the corporate site for 3com.com and the other to use the Internet as the default.
Page 126: Add Commands
13-2 13: DNS C HAPTER OMMANDS Add Commands This section describes the following DNS Add commands: Adds the named host to the Local Host Table. When the system needs to resolve add dns host <host_name an address for an IP host name, the Local Host Table is checked first, before a and domain_name>...
Page 127: Delete Commands
Delete Commands This section describes the following DNS Delete commands: Removes an entry from the DNS Cache Table. The range is 0 - 65535 delete dns cache <number> delete dns host Deletes the specified host from the DNS Local Host Table. Use the list DNS hosts command to view the DNS Local Host Table.
Page 128: Host Command
This command requires either a DNS local host (add DNS host) or a DNS server entry (add DNS server) to resolve the name. Network Name: host.3com.com List Commands This section describes the following DNS List commands: list dns cache Displays entries in the DNS Cache table.
Page 129 DNS CACHE TABLE Displays the DNS local host and its IP address, which you configured using add list dns hosts dns host command. For example: DNS LOCAL HOSTS Name scylla charybdis Displays entries in the DNS Negative Cache table. It lists the following information: list dns ncache Number - Row number in DNS Negative Cache Table.
Page 130: Set Commands
13-6 13: DNS C HAPTER OMMANDS Set Commands This section describes the following DNS Set commands: Sets the global parameters for DNS; both local DNS hosts (list dns hosts) and set dns remote DNS servers (list dns servers), and DNS caching and negative caching parameters, in support of DNS host rotation for load balancing.
Page 131: Show Commands
This command redefines the name of a DNS server, which was defined using the set dns server preference add dns server command. Use the list dns servers command to see the <number> name currently defined DNS servers. <server_name and domain_name> address Parameters <IP_address>...
Page 132 13-8 13: DNS C HAPTER OMMANDS Displays an entry in the DNS Cache Table. It lists the following information: show dns cache <1-65535> DNS CACHE ENTR Pretty Name: canary.mass-usr.co Class: Type: TTL: Elapsed TTL DNS Server Data: Status: Displays an entry (row) in the DNS Negative Cache Table. It lists the following show dns ncache information: <1-65535>...
Page 133 (Error) Status - Status column for the resolver negative response cache table. Since only the agent (DNS resolver) creates rows in this table. Types include: Active and Destroy. DNS NEGATIVE CACHE ENTR Pretty Name foo.mass-usr.com Class: Type: TTL: 43200 Elapsed TTL: 207 DNS Server: 153.234.24.145 Error Code:...
Page 134 13-10 C 13: DNS C HAPTER OMMANDS...
Page 135: Icmp Commands
ICMP C Overview This section describes the ICMP (Internet Control Message Protocol) commands accessible from the CLI. In TCP/IP, ICMP the collection of messages exchanged by IP modules in both hosts and gateways to report errors, problems and operating information. The protocol is used to report problems with delivery of IP datagrams within an IP network.
Page 136: Show Command
14-2 14: ICMP C HAPTER OMMANDS Show Command show icmp, These commands display incoming login-access information including whether ICMP logged and ICMP Router Advertise are enabled. You can turn multicasting of show icmp settings ICMP router advertisements on or off with the enable or disable icmp_router_advertise commands.
Page 137: Multicasting And Igmp Commands
Overview This section describes the Multicasting and related IGMP (Internet Group Management Protocol) commands accessible from the CLI. Multicast is a communication pattern in which a host sends packets to a group of destination hosts that have expressed interest in being members of certain groups. The major advantage of Multicast is that it is an efficient method for moving messages, and can decrease the network load.
Page 138: Igmp Commands
15-2 15: M HAPTER ULTICASTING AND These parameters are described in the following table. Parameters <interface_name> group time threshold window Multicast addresses that are joined or learned on the specified interface are joined set ip multicast proxy on the proxy interface that is configured with this command. The value for interface <interface_name>...
Page 139: Join Command
Parameters query_interval Parameters robustness routing version Join Command join ip igmp Adds a member to this multicast address group. Entries are added to the IGMP Cache Table. Use the list interfaces command to view assigned interface names. <IP_multicast_address> Leave Command leave ip igmp <IP multicast Removes a member from this multicast address group configured with the join ip igmp <IP_multicast_address>...
Page 140: Show Command
15-4 15: M HAPTER ULTICASTING AND eth:1 slot:3/por Show Command Displays IP multicast settings for the specified interface.The following information show ip igmp [eth:1 | is displayed: slot:x/port:y] IGMP C OMMANDS 224.0.0.2 LEARNED/PROXY 224.0.0.4 LEARNED/SELF/PROXY IGMP Interface - Network interface of the OfficeConnect Gateway. Eth:1 or slot:x/port:y Query Interval - Period, in seconds, IGMP Host-Query messages are sent on this interface.
Page 141 Reports Sent - Sum of IGMP reports sent on the specified interface. IGMP Interface Query Interval Max Response Version Querier Joins Groups Robustness Routing Multicast Forwarding Multicast Proxy: IGMP Short Packets IGMP Bad Checksum Queries Received Reports Received Reports For Known Groups Received Wrong Version Reports Received 0 Reports Sent...
Page 142 15-6 15: M IGMP C HAPTER ULTICASTING AND OMMANDS...
Page 143: Configuring Your Wan Protocol Settings
Overview This chapter describes how to use the CLI to configure the following WAN protocols using the CLI: PPP Configurations The CLI commands for configuring PPPoE and PPPoA are provided in the following procedures. Configuring PPPoE To configure PPPoE from the CLI, perform the following steps: 1 To configure PPPoE you must enter a series of CLI commands.
Page 144: Configuring Pppoa
16-2 16: C HAPTER ONFIGURING OCG-Adsl>>set profile <pppoe> protocol ip default_route_option enable routing both routing_protocols ripv2 OCG-Adsl>>add atmaal5 pvc <pvc34> vpi <0> vci <34> OCG-Adsl>>add datalink ppp interface <atmaal:1/pvc34> profile <pppoe> 3 Configure your NAT/PAT policies. OCG-Adsl>>set nat interface <interface name> option <NAT> OCG-Adsl>>set nat interface <interface name>...
Page 145: Rfc 1483
If you know the specific local and remote IP addresses, enter the following CLI command where address. OCG-Adsl>>set profile <pppoa> protocol ip default_route_option enable routing both routing_protocols ripv2 OCG-Adsl>>add atmaal5 pvc <pvc35> vpi <0> vci <35> OCG-Adsl>>add datalink ppp interface <atmaal:1/pvc35> profile <pppoa>...
Page 146: Rfc 1483 - Mer
16-4 16: C HAPTER ONFIGURING 3 Enter the following command if you know the Local and Public Wan IP Address, and are not using DHCP: OCG-Adsl>> add ip network <1483> interface <atmaal:1/atmpvc> frame <atm1483> address <1.1.1.1/c> remote_address <1.1.1.3/c> wan_type <nptp> routing_protocols <ripv2> enabled yes (Note: - the address ranges of both Public and Private IP address should be in the same subnet.) 4 Use the NAT/PAT configuration described in the next section, Address Translation,...
Page 147 There are two types of PAT policies: Dynamic PAT: Dynamically maps many private addresses to one public address. Static PAT: Statically maps a specific type of server to a specific station behind the OfficeConnect Gateway. The following examples show the CLI commands used to create Dynamic PAT and Static PAT policies.
Page 148: Deleting A Pat Policy
16-6 16: C HAPTER ONFIGURING Dynamic PAT To configure Dynamic PAT from the CLI for a PPPoE User, perform the following steps: 1 Enter the following CLI commands: OCG-Adsl>> add pat <tcp or udp> interface <interface name> private_address <ip address range> public_address <ip address> public_port <port range>...
Page 149 Private addresses refer to addresses on the LAN Public addresses refer to addresses on the WAN <interface name> refers to the WAN interface (Example: atmaal:1/PVC-67-0-35) Static NAT To configure Static NAT from the CLI for a PPPoE User, perform the following steps: 1 Enter the following CLI commands.
Page 150: Deleting A Nat Policy
16-8 16: C HAPTER ONFIGURING Deleting a NAT Policy To delete a NAT policy, perform the following step from the CLI: OCG-Adsl>>delete nat policy <policy name> interface <interface name> The private range may be larger than the public range of IP Addresses. Modifying the Interface Option To modify the interface option, perform the following step from the CLI: OCG-Adsl>>set nat interface <interface name>...
Page 151: Configuring An L2Tp Tunnel
Configuring VPNs 16-9 OCG-Adsl>>set tunnel <OCG> protocol ip remote_ip_address <177.16.1.105> OCG-Adsl>>add framed_route tunnel <OCG> gateway <177.16.1.105> ip_route <177.16.1.0/b> metric 1 OCG-Adsl>>set tunnel <OCG> protocol ppp compression_a none OCG-Adsl>>set tunnel <OCG> send_password <OCG> OCG-Adsl>>enable tunnel <OCG> PPTP Termination To terminate a PPTP tunnel, you must add a tunnel user. The following example shows the CLI commands that are used to perform PPTP Termination.
Page 152: Related Wan Protocol Information
16-10 C 16: C HAPTER ONFIGURING Related WAN Protocol Refer to the following chapters in this CLI User’s Guide for additional information Information related to the WAN protocol settings. WAN P ROTOCOL ETTINGS Chapter 17, PPP Commands Chapter 18, PPPoE Commands Chapter 19, Tunneling Commands Chapter 21, Address Translation Commands Chapter 22, IPSec Commands...
Page 153: Ppp Commands
PPP C Overview This section describes the PPP (Point-to-Point Protocol) commands accessible from the CLI. The Point-to-Point Protocol (PPP) is a communications protocol used to send data across serial communication links. The PPP protocol is actually composed of several underlying protocols. PPP provides router-to-router and host-to-network connections over both synchronous and asynchronous circuits.
Page 154: Add Command
17-2 17: PPP C HAPTER OMMANDS Add Command add datalink ppp Use this command to add a user to the PPP data link layer. This command has the following parameters: Parameters enabled interface <interface_name> profile Delete Commands delete datalink ppp Removes the PPP data link layer defined on top of the physical WAN interface.
Page 155: Disable Commands
Disable Commands disable ppp Disables the sending of an Accounting Stop record when a call is abnormally disconnected before a Start Record is sent. acct_for_abnormal_disc disable ppp Disables PPP address field compression. The default is enabled. address_field_ compression Disables PPP protocol field compression. The default is enabled. disable ppp protocol_field_ compression...
Page 156 17-4 17: PPP C HAPTER OMMANDS Parameters authentication _preference bap_hunt_group_phone _number ccp_modemtype_accept T dns_usage nbns_primary nbns_secondary pppdns_primary pppdns_secondary Description If the receive authentication value is set to ANY, this value will set the authentication type for the first attempt. If the Default setting is selected, authentication types will be negotiated in this order of preference: CHAP, EAP, MS_chap and PAP.
Page 157 Parameters Description receive_authentication The authentication protocol OfficeConnect Gateway uses to authenticate its PPP peer (the peer can employ a protocol of its choice). This value works in conjunction with authentication_preference. If the Any or Encrypted_any value is selected, the authentication protocol tried first from the group can be selected by specifying the authentication_preference parameter.
Page 158: Show Commands
17-6 17: PPP C HAPTER OMMANDS Parameters session_start_message system_mtu Show Commands These commands display global settings for PPP. Use the set system command to show ppp, modify the system transmit authentication name. The following information is show ppp settings displayed: Description A message string to display at a client’s terminal when a connection is established and PPP is begun in OfficeConnect Gateway.
Page 159 Secondary NBMS Server address - IP address for the secondary NetBIOS Name Server (NBNS) server. In the absence of a user-specific NBNS address, this will be sent in IPCP negotiation. DNS Configuration Usage - Indicates, when enabled, that PPP will take DNS addresses from OfficeConnect Gateway’s DNS table in the absence of user-configured DNS addresses.
Page 160 17-8 17: PPP C HAPTER OMMANDS...
Page 161: Pppe Commands
Overview This section describes the PPPoE (Point-to-Point Protocol over Ethernet) commands accessible from the CLI. The Point to Point Protocol over Ethernet (PPPoE) standard helps access providers manage their broadband service delivery, and it can also improve the ease of use for DSL customers. Creating a PPPoE To use PPPoE you must create a PPPoE Client session by performing the following Client Session...
Page 162: Pppoe Commands
18-2 18: PPP HAPTER OMMANDS PPPoE Commands The following table identifies the PPPoE commands that can be used after a PPPoE session has been created. Add Command During the discover stage of the PPPoE protocol, the PPPoE client may request a add pppoe service_name connection with the OfficeConnect Gateway indicating the service name that it <name>...
Page 163: Set Command
This command disables the specified interface from sending or receiving frames disable pppoe on carrying the new ether-type defined by the PPPoE protocol. interface <interface_name> Set Command The set pppoe command sets the following parameters for PPPoE sessions set pppoe Parameter max_sessions max_sessions_per_host The maximum number of PPPoE connections that may be initiated...
Page 164: Show Command
18-4 18: PPP HAPTER OMMANDS Show Command show pppoe [counters | Counters displays PPPoE counters which are maintained for all control packets. Settings displays the PPPoE configuration settings set by the set pppoe settings] command. PPPoE Counters: PPPoE Settings: PPPoE COUNTERS Counter Reset Time: Number of Active Sessions: Number of Initiates Received:...
Page 165: Tunneling Commands
Overview This chapter describes the VPN (virtual private network) tunnelling and Point-to-Point Tunneling Protocol (PPTP) commands accessible from the CLI of the OfficeConnect Gateway. VPNs allow remote workers and mobile users to communicate securely and transparently with a corporate (private) network. With VPN enabled, secure Internet tunnels are established between the remote PCs or workstations and the private network.
Page 166: Cli Commands
19-2 19: T HAPTER UNNELING OMMANDS The tunnel commands do not apply to IPSec tunnel configurations. The information displayed for IPSec using the Show tunnel <tunnelname>, List tunnels and List tunnel connections commands is incorrect. CLI Commands Add Command Adds a local PPTP network server (PNS) to the client (PAC) side of the PPTP tunnel. add pptp pns <1-9>...
Page 167: Disconnect Commands
Disconnect Commands disconnect pptp tunnel Disconnects the specified PPTP tunnel, bringing down all sessions running in the tunnel. <number> disconnect pptp Brings down the specified call running in the PPTP tunnel. When the last session is brought down, the tunnel comes down with it. See the list pptp tunnels <number>...
Page 168: Show Commands
19-4 19: T HAPTER UNNELING OMMANDS PPTP LOCAL PNS LIST Index list pptp tunnel <number> Displays information on all current PPTP tunnel sessions. sessions PPTP SESSIONS TunID Displays settings for all current PPTP tunnels. list pptp tunnels PPTP TUNNELS TunID Status Show Commands show pptp, Displays settings for configured PPTP tunnels.
Page 169 Data Channel Delayed Acknowledgement Timeout - Interval in milliseconds PPTP will wait to send acknowledge its peer when there are no data or control packets to piggyback the acknowledge to. The default is 500 Data Channel Reassembly Timout - Interval in milliseconds PPTP uses to determine the window to use before reassembling out-of-order packets.
Page 170 19-6 19: T HAPTER UNNELING OMMANDS Displays statistics for a specified PPTP tunnel session. show pptp tunnel <number> session <number> Control tunnel receive packets with data - sum of control packets received with data Control tunnel receive packets without data - sum of zero length packets received Processed control tunnel receive packets - sum of receive packets that were processed...
Page 171 Call serial number - serial number applied to the session. Connect BPS - baud rate at which this session was established. Call bearer type - bearer type for this session: Analog or Digital Session frame type - framing type for this session: Asynchronous or Synchronous Local receive packet window - local send window size for this session.
Page 172 19-8 19: T HAPTER UNNELING OMMANDS Set Command set pptp <number> The set pptp <number> command configures flow characteristics for a PPTP tunnel on the OfficeConnect Gateway. PPTP tunnels can also be enabled locally using the set tunnel user <user_name> command. The pptp <number> command has the following parameters: Parameters <number>...
Page 173: Network Services Commands
Overview You can configure the following network services for the OfficeConnect Gateway from the CLI: This chapter identifies and describes the Network Services commands accessible from the OfficeConnect Gateway CLI. These commands are listed in the following table: Add Command The add network service command configures a network listener process that provides certain services, including TFTP file access, and SNMP and TELNET support.
Page 174 20-2 20: N HAPTER ETWORK ERVICES The parameters of the add network service command are described in the following table:. Parameters <service_name> close_active_ connections data enabled server_type socket The following table shows the configurable values for network service, which are specified with the data parameter.
Page 175: Delete Command
To configure a TELNET service to offer CLI access on port 6666, doing authentication upon connect (default) and dropping the connection on hangup, type the following: add network service CLI_access server_type telnetd socket 6666 data drop_on_hangup=on Delete Command The delete network service command deletes the specified network service from the list of available services.
Page 176: Set Command
20-4 20: N HAPTER ETWORK ERVICES Name tftpd telnetd Displays the available network servers and supported network services. The list available servers choices are SNMP service, TELNET service, or TFTP service. The services listed by this command are used in the server_type field of the add network service command.
Page 177 Overview This section describes the Address Translation related commands accessible from the CLI. Public IP addresses are registered and can be used within a public network (such as the Internet). Due to the limitation of IP version 4 address space and the growth of the Internet, public addresses are becoming more scarce.
Page 178: Address Translation Commands
21-2 21: A HAPTER DDRESS RANSLATION PAT CLI Commands Use the following commands to define static ports for TCP and UDP ports: add pat tcp <name> The add pat tcp <name> command has the following parameters: add pat udp <name> The add pat tcp <name>...
Page 179: Configuring Network Address Translation (Nat)
If there is no static NAT policy and a default workstation is set, then unknown incoming traffic will go to the default workstation. If the incoming NetMeeting call is not intended for the default workstation, then it will not work. The following example describes a scenario on how to set up an incoming NetMeeting call correctly: 1) If the user kept the default NAT settings (the default is SuperNat) and if the local...
Page 180: Nat Cli Commands
21-4 21: A HAPTER DDRESS RANSLATION NAT CLI Commands add nat static <name> Use this command to configure static NAT assignments: interface <name> add nat static <name> interface <name> public_address <ip_address_range> public_address <ip_ private_address <ip_address_range> address_range> private_address <ip_ address_range> add nat dynamic <name> Use this command to configure a NAT public pool: interface <name>...
Page 181: Super Nat
Intelligent NAT directs the frame to the local client which currently has other existing connection(s) with the remote host. If more than one local client has existing connections, then the client who initiated the most recent session is chosen. Super NAT Your OfficeConnect Gateway supports Super NAT.
Page 182 21-6 21: A HAPTER DDRESS RANSLATION OMMANDS...
Page 183: Ips Ec Commands
Overview This chapter describes the IPSec (IP Security) commands accessible from the CLI. IPSec is the IETF security protocol for virtual private networks. It provides cryptographic security services supporting a combination of authentication, integrity, access control, and confidentiality. These services are in the network layer of the protocol stack.
Page 184: (Sa) Commands
22-2 22: IPS HAPTER OMMANDS CLI Commands Enable Command enable ip security_option The enable ip_security option command has the following parameters. This security feature also syslogs the event when the packet is dropped. See the show packet_logging settings command for accounting data. Disallow and drop commands work in conjunction with each other.
Page 185 source route options Also see show ip security settings. Disable Command The disable ip_security option command has the following parameters. disable ip security_option Each of these parameters disables the global filtering of all IP packets containing the specified datagram fields. This security feature also syslogs the event when the particular packet is dropped.
Page 186 22-4 22: IPS HAPTER OMMANDS...
Page 187: Overview
Overview This section describes the Security Association commands accessible from the CLI. An SA is an instantiation of a security relationship between communicating peers. Both IP security protocol (IPSec) and internet key exchange module (IKE) require and use SAs to identify the parameters of their connections. The following table identifies the SA commands described in this chapter.
Page 188 23-2 23: S (SA) C HAPTER ECURITY SSOCIATION OMMANDS...
Page 189: Tcp Commands
TCP C Overview TCP (Transmission Control Protocol) is a connection-oriented protocol that provides a reliable byte stream over IP. A reliable connection means that each end of the session is guaranteed to receive all of the data transmitted by the other end of the connection, in the same order that it was originally transmitted, without receiving duplicates.
Page 190 24-2 24: TCP C HAPTER OMMANDS Sets the total number of TCP connections the OfficeConnect Gateway can set tcp support. TCP services include Telnet. The range is 0-4096. maximum_connections <number> Displays information about all TCP (TELNET, RLOGIN, etc.) connections, including list tcp connections those set by the user.
Page 191 Command Descriptions 24-3 conjunction with the enable tcp keepalives command. See the enable and disable tcp keepalives and show tcp settings commands for more information. The range is 1-2147483 seconds. The enable/disable configuration is disabled by default.
Page 192 24-4 24: TCP C HAPTER OMMANDS...
Page 193 SNMP C Overview SNMP (Simple Network Management Protocol) is a standardized method of managing and monitoring network devices on TCP/IP-based internets. This chapter identifies and describes the SNMP commands accessible from the OfficeConnect Gateway CLI. The following table identifies the SNMP CLI commands: OMMANDS Command...
Page 194: Snmp Commands
25-2 25: SNMP C HAPTER OMMANDS Add Commands This section describes the following Add-related SNMP commands: The add snmp community <community_name> command adds to a table of add snmp community SNMP-authorized users. <community_name> The following parameters can be configured for the add snmp community command.
Page 195 Parameter <pool_name> IP_name or address The add snmp trap_community <name> command adds to the list of add snmp community name/IP address pairs that are allowed to receive SNMP traps. This trap_community <name> command also allows multiple management stations to use the same SNMP trap community name.
Page 196: Delete Commands
25-4 25: SNMP C HAPTER OMMANDS The following table describes the parameters associated with this command. Parameter <name> addresses See delete snmp community_pool <pool_name> address <IP_address or name> and add snmp trap_community_pool <name> addresses <ip address list> commands for more information. Delete Commands This section describes the following Delete-related SNMP commands: delete snmp community...
Page 197: Enable Commands
The parameters associated with this command are described in the following table. Parameter <name> IP address list See add snmp trap_community_pool and list snmp trap_community_pools commands for more information. Enable Commands This section describes the following Enable-related SNMP commands: The enable link_traps interface command informs SNMP to send linkup and enable link_traps linkdown traps for the specified interface.
Page 198: Disable Commands
25-6 25: SNMP C HAPTER OMMANDS Disable Commands This section describes the following Disable-related SNMP commands: disable link_traps The disable link_traps interface command prevents SNMP from sending linkup and linkdown traps for the specified interface. interface The following parameter is associated with this command: It is recommended that you disable this feature on all modem interfaces to eliminate messages forwarded from the NMC.
Page 199: List Commands
Read/Only - read-only access to user-level objects allowed Read/Write - read and write access to user-level objects and write access to writable user-level objects allowed. Administrator - read access to all objects and write access to all writable objects allowed Community Pool - Name for a pool of IP addresses comprising this SNMP community Validate address - Method selected to determine access to this community.
Page 200: Set Commands
25-8 25: SNMP C HAPTER OMMANDS The information displayed by this command is shown in the following example. SNMP TRAP COMMUNITIES Community Name IP Address Kensington Kerby Kenwood 1.1.1.3 The list snmp trap_community_pools command displays all SNMP trap list snmp community pools in the SNMP Trap Community Address Pool defined using the trap_community_pools add snmp trap_community_pool command.
Page 201 These parameters are described in the following table. Parameters <community_name> access address community_pool validate_address The set snmp trap_community <community_name> command modifies set snmp trap_community parameters for an SNMP trap community (authorized user or host to which trap <community_name> notifications are sent). The community name and IP address of SNMP requests from managers on the network must match the list, which you can view using the list snmp trap_communities The following parameters are associated with the set snmp trap_community...
Page 202: Show Commands
25-10 C 25: SNMP C HAPTER OMMANDS Show Commands This section describes the following Set-related SNMP commands: The show snmp command displays whether the SNMP Authentication Traps show snmp setting is enabled (or disabled) to indicate authentication-failures. The default is enabled.
Page 203 No Such Name Errors - SNMP PDUs where error-status field is `noSuchName' Bad Value Errors - SNMP PDUs where error-status field is `badValue' Read Only Errors - SNMP PDUs where the error-status field is `readOnly' General Errors - SNMP PDUs where the error-status field is `genErr' Total Request MIB Objects - sum of MIB objects retrieved successfully as the result of receiving valid SNMP Get-Request and Get-Next PDUs Total Set MIB Objects - sum of MIB objects altered successfully as the result of...
Page 204 25-12 C 25: SNMP C HAPTER OMMANDS...
Page 205: Ip Filters Commands
IP F Overview This section describes the IP Filters commands accessible from the CLI. IP filters are used in IP networks that cross organizational or corporate boundaries. They control inter-network data transmission by accepting or rejecting passage of specific packets through network interfaces based on information in the packet header.
Page 206: Add Commands
26-2 26: IP F HAPTER ILTERS OMMANDS Command Type Show Add Commands add ip filter Adds an IP filter to the IP Filter Table. <ip_filter_name> default_action Parameters [accept | reject] ip_filter_name default_action add ip rule <number> Adds a packet-matching rule to an IP filter. This command has the following parameters: Parameters number...
Page 207: Delete Commands
Delete Commands delete ip filter Deletes an IP filter from the IP Filter Table. <ip_filter_name> Parameters ip_filter_name delete ip rule <number> Deletes a packet-matching rule from an IP filter. filter <ip_filter_name> Parameters number ip_filter_name List Command Use this command to display a list of all IP filters. list ip filters The resulting screen display may look like the following: Filter Name...
Page 208: Show Command
26-4 26: IP F HAPTER ILTERS OMMANDS Sets parameters to generate SYSLOG messages for filtered packets. Facility can be set packet_logging configured globally, or not at all. Use the show packet_logging settings command to view settings. This command has the following parameters: Parameters logging packet_size...
Page 209 This command has been modified to display the name of the IP filter specified by show interface set interface command. <interface_name> The resulting screen display might look like the following: INTERFACE sdsl:1/PVC-6-16 SETTINGS Description: Type: Speed: High Speed: Administrative Status: Operational Status: Link Up/Down Traps: Promiscuous Mode:...
Page 210 26-6 26: IP F HAPTER ILTERS OMMANDS...
Page 211: Packet Filters
Introduction This chapter describes procedures for setting up packet filters for the OfficeConnect Gateway. The following topics are described: Filtering Overview Packet Filters are primarily used in networks that cross organizational or corporate boundaries. They control inter-network data transmission by accepting or rejecting passage of specific packets through network interfaces based on packet header information.
Page 212: Data Filters
27-2 27: P HAPTER ACKET ILTERS Data Filters Data filters control network access based on the protocol, source / destination address and port designation (for example, TCP and UDP port designations) of the packet. The OfficeConnect Gateway supports IP-related filters only. This filter controls network access based on the protocol and source / destination address.
Page 213 The remainder of the file is partitioned into protocol sections. Each protocol section has a descriptive header and contains the filter rules for that protocol. Protocol Sections A single filter file can contain all valid protocol sections in any order, but the sections cannot be repeated.
Page 214 27-4 27: P HAPTER ACKET ILTERS Table 27-2 Field line # verb keyword operator value The OR operation can be implemented by successive ACCEPT rules. For example, to accept a packet if the source address is xxx, or the destination address is yyy, use the following rules: Generic Filter Rules Generic filter rules are similar in format to protocol filter rules.
Page 215: Creating Filter Files
Table 27-3 Field line # verb keyword operator origin offset length mask value For example, a generic filter rule might look like this: 010 ACCEPT generic => origin = data/offset = 22/length = 6/ mask = 0xFFFFFFFFFFFFF/value = 0x0800096f39c8; Specifying the Filtering Action You can specify the filtering action for each protocol section that determines whether a packet is accepted or rejected, if no match occurs with any of the rules defined in the section.
Page 216 27-6 27: P HAPTER ACKET ILTERS To create a filter file on your PC: 1 Open a new text file. Enter a file descriptor on the first line: #filter Be sure not to leave any blank space before the file descriptor. If you do, you’ll cause an error to occur.
Page 217: Configuring Filters
7 Return to your PC. From a machine that has access to the same network as the OfficeConnect Gateway, use the following TFTP commands to transfer the filter file to FLASH memory on the OfficeConnect Gateway: tftp <OCG_IP_address> put <filter_filename> 8 Return to the CLI on the OfficeConnect Gateway.
Page 218: User Filters
27-8 27: P HAPTER ACKET ILTERS or rejects the packet. Interface filters can be applied dynamically without having to disable and re-enable each network on that interface. Input Filter If an input filter is configured on an interface, all received packets are checked against the filtering rules before being forwarded to another interface.
Page 219: Managing Filters
Configuring a Filter for a User Use this command string to configure an input or output filter for a specific user. set user <user_name> input_filter<filter_name> For example: output_filter <filter_name> set user nancy input_filter filter.flt Filters take effect for a user the next time that user makes a connection. Also, you must set filter access on to filter for a user.
Page 220: Adding Filters To The Managed List
27-10 C 27: P HAPTER ACKET ILTERS Adding Filters to the The add filter command verifies filter syntax prior to adding the filter to the Managed List managed list. If the syntax is valid, no message is generated and the command prompt returns.
Page 221: Showing Filter File Contents
Showing Filter File Contents Use this command to view the contents of a filter file that has been added to the show filter <filter_name> managed list of filters For example, to view the contents of the filter file no_spam.flt, you would enter the following: show filter no_spam.flt You can also display the contents of a filter file by protocol.
Page 222: Masks
27-12 C 27: P HAPTER ACKET ILTERS The following filter file example would prevent forwarding of IP packets with destination addresses that match the first 24 bits of the given IP address (that is, addresses beginning with 188.039.150): #filter 010 REJECT dst-addr = 188.039.150.000/24; The following filter file rule example would allow forwarding of IP packets with source address 192.077.100.032 and destination address 201.128.011.034: #filter...
Page 223: Standard Port Numbers
The following filter file rule example would accept only UDP packets that have a destination port number that is in the range of 24-39: #filter 010 AND udp-dst-port>23; 020 ACCEPT udp-dst-port<40; 030 DENY; The following filter file rule example would reject TCP and UDP packets: #filter 010 REJECT protocol = tcp;...
Page 224: Ip Rip Packet Filtering
27-14 C 27: P HAPTER ACKET ILTERS Table 27-4 IP RIP Packet Filtering RIP packets are used to identify all attached networks as well as the number of router hops required to reach them. These responses are used to update a router’s table.
Page 225 Table 27-5 If you are concerned about security, filter out incoming type 5 messages. Sending ICMP redirects is an easy way for a vandal to change your routing tables. Although ping is useful for troubleshooting, it allows a potential intruder to obtain a map of your network by systematically pinging every possible address.
Page 226: Keywords
27-16 C 27: P HAPTER ACKET ILTERS Use this command to allow packets with IP source route options. This is the disable ip security_option default condition. disallow_source_route_op tions Keywords This section describes valid keywords you can use for each protocol section of your filter file.
Page 227: Tftp Commands
TFTP C Overview TFTP (Trivial File Transfer Protocol) is a simplified version of the TCP/IP File Transfer Protocol that allows the transfer of files from one computer to another over a network. TFTP does not include password protection or user-directory capability. This chapter identifies and describes the TFTP commands accessible from the OfficeConnect Gateway CLI.
Page 228: List Commands
28-2 28: TFTP C HAPTER OMMANDS Value get [remotefile] [localfile] help mode [ascii | binary] put [localfile] [remotefile] quit rexmt status timeout trace verbose For example, at the OCG-Adsl>> prompt, type: tftp status The command lists: Connected to status. Mode: netascii Verbose: off Tracing: off Rexmt-interval: 5 seconds, Max-timeout: 25 seconds List Commands...
Page 229: Add Commands
Add Commands This section describes the following Add-related TFTP commands: add tftp client The add tftp client command adds the tftp client to the Authorization Table for TFTP access.The parameters for this command are described in the following table. <IP_name_or_address> Parameters <ip_ name_or_address>...
Page 230: Delete Commands
28-4 28: TFTP C HAPTER OMMANDS Parameters max_timeout Also see the disable tftp request <input_file_name>, enable tftp request <input_file_name>, and list traceroute commands. Delete Commands This section describes the following Delete-related TFTP commands: The delete tftp client command removes the specified IP host name or IP address delete tftp client from the list of addresses authorized to use TFTP.
Page 231: Show Command
These parameters are described in the following table. Parameters <input_file_name> Designation of file to be requested from or sent to the TFTP server. action max_timeout mode rexmt_timeout server Show Command The show tftp request <input_file_name> command displays statistics of the specified request for TFTP service.
Page 232 28-6 28: TFTP C HAPTER OMMANDS The following example shows the information displayed in response to the show tftp request command screen. SHOW TFTP REQUEST FOR FILE filter.in Server: Action: Mode: Retransmit Timeout: 5 Maximum Timeout: Status Error String: scylla ASCII NORMAL...
Page 233: Traceroute Commands
Overview This chapter describes the Traceroute commands accessible from the CLI of the OfficeConnect Gateway. Traceroute is a program that traces the path a packet takes to a destination. It is primarily used to debug routing problems between hosts. The following tables identifies the Traceroute commands described in this chapter: CLI Commands Traceroute Command Displays the route (each hop) that a data packet takes from its source to a...
Page 234 29-2 29: T HAPTER RACEROUTE OMMANDS Parameters <IP name or address> maxhops port retries size timeout A row will timeout after 30 minutes and automatically be deleted. Also, a row can be deleted at any time, regardless of its state of status. Be aware that traceroute-generated packets received by the OfficeConnect Gateway will not increment ICMP error counters (Time Exceeded and Destination Unreachable).
Page 235: Delete Command
Delete Command delete traceroute row Removes a specified row from the main traceroute table when entered from an SNMP station or via a command file. The CLI deletes the row immediately upon <number> completion of the traceroute. The range is 1-65535. See traceroute, list traceroute, set traceroute maximum_rows and show traceroute commands for more information.
Page 236: Show Commands
29-4 29: T HAPTER RACEROUTE OMMANDS Displays counters for specified traceroutes. It lists the following information: list traceroute row <number> hops Show Commands These commands display the maximum number of traceroutes configurable using show traceroute, the set traceroute maximum_rows command. See traceroute, list traceroute, show traceroute delete traceroute, and set traceroute maximum_rows commands for more settings...
Page 237: Set Command
Hop Count - number of hops the OfficeConnect Gateway takes to reach the destination. TRACEROUTE SETTINGS for ROW: 1 DESTINATION: 10.0.0.2 State: Hop Timeout: Hop Probes: Max Hops: UDP Port: Data Size: Hop Count: Set Command Sets a ceiling of traceroute entries in the Traceroute Table. Setting this value to a set traceroute number smaller than the current number of rows will NOT cause any row deletions maximum_rows...
Page 238 29-6 29: T HAPTER RACEROUTE OMMANDS...
Page 239: Ping Commands
Overview Ping (Packet Internet Gopher) is a program used to test reachability of destinations by sending them an ICMP echo request and waiting for a reply. Ping Command The ping command sends a ping (ICMP echo request) to a remote IP host. This ping <destination IP_name tool to test connectivity can also be initiated from an SNMP station.
Page 240 30-2 30: P HAPTER OMMANDS self_destroy_ delay size timeout verbose The ping command can be paused during its execution by using the following keys: s or ENTER Ctrl c A ping with the verbose parameter selected displays the following: PING Request: 1 Time (ms): 10 PING Request: 2 Time (ms): 0 PING Request: 3 Time (ms): 0 PING Request: 4 Time (ms): 0...
Page 241 Add Commands add ip filter default_action ............. . . 26-2 Accessing the OfficeConnect Gateway CLI Add Commands add address_pool user...
Page 242 Basic CLI Commands ..............1-4 Bridge Networks show bridge network_name .
Page 243 text ................ii Copy Commands copy file .
Page 244 disable DHCP_client network ............. 11-3 disable dns host_rotation .
Page 245 edit command ................3-8 Edit Commands edit .
Page 246 configuring filters ..............27-7 configuring for a user .
Page 247 Configuration add ip network ..............12-4 add ip pool .
Page 248 list DHCP_client networks ............. . . 11-3 list dns cache .
Page 249 Network user ................1-10 .
Page 250 Remote Login Commands rlogin ................5-2 rlogin TCP_port .
Page 251 set interface input_filter““ output_filter”” set interface input_ filter output_filter Filter_access on set ip application_source_address ............12-17 set ip defaultroute gateway et ip defaultroute metric set ip multicast heartbeat .
Page 252 show DHCP_client network counters show DHCP_client network options show dns ................13-7 show dns cache .
Page 253 add snmp trap_community ............. . . 25-3 delete snmp community .
Page 254 tftp ................3-6, 12-34 TFTP Commands .
Page 255 RFC 1483 ................16-3 RFC 1483 - MER .
Page 257: Com Corporation Limited Warranty
3Com warrants that the software programs licensed from it will perform in substantial conformance to the program specifications therefor for a period of ninety (90) days from the date of purchase from 3Com or its authorized reseller. 3Com warrants the media containing software against failure during the warranty period.
Page 258 IMITATION OF IABILITY TO THE FULL EXTENT ALLOWED BY LAW, 3COM ALSO EXCLUDES FOR ITSELF AND ITS SUPPLIERS ANY LIABILITY, WHETHER BASED IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), FOR INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES OF ANY KIND, OR FOR LOSS OF REVENUE OR...
Page 259 EUROPE This is a Class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measurers. 3Com Corporation, 5400 Bayfront Plaza, Santa Clara, CA 95052-8145 (408) 764-5000...

3Com OfficeConnect 3C100XF Cli User's Manual

About this Guide

Chapter 1 USING the COMMAND LINE INTERFACE (CLI)

Chapter 2 IST of

Ffice Connect

Chapter 3 ADMINISTRATIVE CLI COMMANDS

Chapter 4 CONFIGURING and MANAGING USERS

Chapter 5 TELNET COMMANDS

Chapter 6 BRIDGING COMMANDS

Chapter 7 VOICE and V ODSL COMMANDS

Chapter 8 INTERFACE

Nterface Commands

Chapter 9 ARP COMMANDS

Chapter 10 ATM COMMANDS

Chapter 11 DHCP COMMANDS

Chapter 12 IP ROUTING

Chapter 13 DNS COMMANDS

Chapter 14 ICMP COMMANDS

Chapter 15 MULTICASTING and IGMP COMMANDS

Chapter 16 CONFIGURING YOUR WAN PROTOCOL SETTINGS

Chapter 17 PPP COMMANDS

Chapter 18 PPPE COMMANDS

Chapter 19 TUNNELING COMMANDS

Chapter 20 NETWORK SERVICES COMMANDS

Chapter 21 ADDRESS TRANSLATION COMMANDS

Chapter 22 IPS EC COMMANDS

(Sa) Commands

Chapter 23 SECURITYASSOCIATION (SA) COMMANDS

Chapter 24 TCP COMMANDS

Chapter 25 SNMP COMMANDS

Chapter 26 IP FILTERS COMMANDS

Chapter 27 PACKET FILTERS

Quick Links

Related Manuals for 3Com OfficeConnect 3C100XF

Summary of Contents for 3Com OfficeConnect 3C100XF