Page 1: Adsl Router
® http://www.3com.com/ Part Number 10043337 AA OfficeConnect ADSL Router CLI User’s Guide Release 2.0 Remote 812 ®...
Page 2 95052-8145 3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty of any kind, either implied or expressed, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose.
Page 3: Table Of Contents
CCESSING THE ONFIGURATION Establishing Communications with the OfficeConnect Remote 812 Local Connection 1 -1 IBM-PC Compatible Computers Macintosh Computers 1 -1 UNIX-Based Computers 1 -2 Remote Connection 1 -2 CLI C OMMAND ONVENTIONS AND TERMINOLOGY Command Structure 2 -1 Format 2 -1 Parameters 2 -1...
Page 4 Quick Setup Script Instructions Quick Setup Script 4 -2 Do you want to continue Quick Setup? Password Protection 4 -2 Which portions of the network do you want to configure? Quick Setup Identification Information Quick Setup Management Information TELNET information 4 -4 Quick Setup IP Information Quick Setup IPX Information...
Page 5 Setting Up a Virtual Private Network (VPN) Tunnel Tunnel Encryption 6 -5 VPN Tunneling Overview 6 -6 Before You Begin 6 -6 Initiating a VPN Tunnel 6 -6 Enabling and Disabling a VPN Tunnel Displaying VPN Tunnel Information Creating a VPN Tunnel Using 812 Default Values Tunnel Commands 6 -8 Creating a VPN Tunnel Using Non-Default Values...
Page 6 Configuring the DHCP Relay Monitoring the DHCP Relay 6 -29 6 -29 Configuring DNS 6 -30 DNS Host Entries 6 -30 Managing the DNS Proxy 6 -30 Access Lists 6 -31 IPX Routing 6 -31 Enabling IPX Routing 6 -32 Configuring IPX for the LAN Configuring IPX for Remote Site Connections Configuring IPX Static and Framed Routes...
Page 7 IP RIP Packet Filtering Using CLI IPX Source and Destination Network Filtering Using CLI IPX Source and Destination Host Filtering Using CLI IPX Source and Destination Socket Number Filtering Using CLI IPX RIP Packet Filtering Using CLI IPX SAP Packet Filtering Using CLI Bridge / Generic Filtering Using CLI Step by Step Guide to Creating Filter Files Using CLI Assigning Filters...
Page 8 CLI C OMMAND ESCRIPTION CLI Commands B -1 B -1 add access <ip subnet address> add auto_filter eth_blk_dst B -1 add auto_filter vc_blk_netbios add bridge network <network_name> add dns host <host_name> address <ip_address> add dns server <domain_name> add filter <filter_name> B -2 add framed_route vc <name>...
Page 9 delete ipx service <service_name> delete pat tcp vc <vc_name> B -11 delete pat udp vc <vc_name> B -11 delete nat [dynamic | static ] vc <vc name> public_pool_start <address> delete network service <service_name> delete snmp community <name> delete snmp trap_community <name> delete syslog <ip_name_or_address>...
Page 10 enable ip rip B -15 enable ip routing B -15 enable ipx network <network_name> enable lan access B -15 enable link_traps interface <interface_name> enable network service <service _name> enable security_option remote_user administration enable security_option snmp user_access enable snmp authentication traps enable tunnel <tunnel_name>...
Page 11 list services B -21 list snmp communities or list snmp trap_communities list syslog B -21 list tcp connections B -22 list tftp clients B -22 list udp listeners B -22 list tunnel B -22 list users B -22 list vc B -22 login_required B -22...
Page 12 set system B -34 set syslog <ip_address> loglevel [level] set time <time> B -34 set tunnel <tunnel_name> B -34 set user <user_name> B -35 set vc <vc_name> B -36 set vc <vc_name> atm B -38 SHOW B -39 show access B -39 show atm status B -39...
Page 13 show memory B -50 show network <name> settings show network <name> counters show ppp on vc <vc_name> counters show ppp on vc <vc_name> settings show ppp on interface <name> counters COUNTERS for PPP BUNDLE 1 COUNTERS for PPP LINK 1 - 5 show ppp on interface <name>...
Page 14 POSITIONAL HELP B -57 Command Completion B -57 Output Pause B -58 Command Kill B -58 Comments B -58 ORPORATION IMITED FCC C LASS ERIFICATION FCC C LASS TATEMENT FCC D ECLARATION OF ONFORMITY ARRANTY TATEMENT...
Page 15: Ccessing The
This chapter explains how to attach to the configuration interface locally via the console port or remotely via a Telnet session. This chapter also introduces you to the capabilities and conventions associated with management of your OfficeConnect Establishing Communications with the OfficeConnect Remote 812 Local Connection...
Page 16: Unix-Based Computers
1: A HAPTER CCESSING THE ONFIGURATION NTERFACE UNIX-Based Computers Kermit, minicom and tip are typical terminal emulation programs for UNIX-based computers. Depending on the platform you’re using, you may need to modify a configuration file for vt100 settings. Remote Connection If you want to attach to the OCR 812 via the LAN or WAN interface of the unit, you will need to establish a Telnet connection to the unit.
Page 17: Cli Command Conventions And Terminology
CLI C TERMINOLOGY This chapter describes the command syntax, conventions and terminology used within the Command Line Interface. Reviewing and understanding this chapter is essential for you to understand subsequent chapters. Command Structure Format Commands can be followed by values and/or parameters and values. For example: a dd ip network <network_name>...
Page 18: Names Or Strings
2: CLI C HAPTER OMMAND ONVENTIONS AND TERMINOLOGY The type of value you enter must match the type requested. Numbers are either decimal or hexadecimal. Text can be either a string that you create, or it may be a list of options you must choose from. When choosing an option, type the text of the option exactly.
Page 19: Conventions
Help is most useful during configuration: query the list of possible parameters by typing ? and, when you find the value you need, type it without losing your place in the argument. Just be sure to leave a space between the keyword and the question mark.
Page 21: Configuration Methods
The OCR 812 CLI offers three setup choices, all of which are described in this section: the automated, Quick Setup method, the QuickVC Setup method, and the manual method. Review the capabilities of each below and decide which configuration method best suits your needs, then proceed to the appropriate chapter for detailed configuration guidelines for each method.
Page 22: Manual Setup Instructions
3: C HAPTER ONFIGURATION ETHODS Manual Setup Once you become familiar with the CLI interface, you might find it more efficient Instructions to manage the OCR 812 manually. Manual configuration is most versatile in that you only enter commands that need to effectively change from the current configuration.
Page 23: Quick Setup
This chapter will describe in detail the operations of the Quick Setup program. It will identify the required information, steps involved, and sample output scripts from the execution of this program. CLI Quick Setup Script Introduction The CLI Quick Setup program allows you to quickly configure LAN-side, global and management settings for your OCR 812.
Page 24: Downgrading The Remote 812 Software To A Previous Version
4: Q HAPTER UICK ETUP Downgrading the Remote 812 Software to a Previous Version Downgrading the 812 software to an older version is not recommended (we suggest you upgrade to obtain the latest and most reliable software available). If you do choose to downgrade, we suggest you delete your existing configuration before or after you install the downgrade (in any case, you must delete the existing configuration).
Page 25: Quick Setup Identification Information
IPX ? Bridging ? Quick Setup Identification Information Question Enter the name of your system: Who is the system contact person? Where is this system located? Quick Setup Management Information Question Do you want to be able to manage the system via SNMP? An SNMP community names a group of systems that can manage your system via SNMP.
Page 26: Telnet Information
4: Q HAPTER UICK ETUP TELNET information Question Do you want to allow command line management via TELNET? For TELNET management of the system, you need to create a user name and password to control access. Question What user name will be allowed to manage this system? What password will be used for this user ? Quick Setup IP Information The OCR 812 uses a network name to identify the network for future...
Page 27: Quick Setup Ipx Information
The OCR 812 can act as a DHCP server, providing IP addresses to other stations on the local LAN. Question Do you want the OfficeConnect Remote 812 to act as a DHCP server? Enter the start address for the DHCP IP address pool: Enter the end address for the DHCP IP address pool:...
Page 28: Quick Setup Bridge Information
4: Q HAPTER UICK ETUP Quick Setup Bridge Information The network name is used by the OCR 812 to identify your bridging setup. Question Enter the network name: The spanning tree algorithm is used to eliminate loops in a network that is linked together with bridges.
Page 29: Sample Output Display As Quick Setup Executes
OCR-DSL>set dhcp mode server OCR-DSL>set dhcp server start 192.168.200.1 end 192.168.200.40 router 192.168.200.254 dnsl 192.168.200.254 dns2 0.0.0.0 wins1 0.0.0. wins2 0.0.0.0 mask 255.255.255.0 OCR-DSL>add dns host ocrdsl-3com.com addr 192.168.200.254 OCR-DSL>enable dns OCR-DSL>add tftp client 0.0.0.0 OCR-DSL>set ip network “test” routing ripv2 OCR-DSL>enable ip network “test”...
Page 31: Quick Vc Setup
This chapter will describe in detail the operations of the OCR 812 QuickVC Setup Wizard program. It will identify the required information, steps involved, and sample output scripts from the execution of this program. CLI QuickVC Setup Script Introduction The CLI QuickVC Setup program allows you to quickly configure remote site profiles (virtual channel connections) for your OCR 812.
Page 32: Network Service
5: Q VC S HAPTER UICK ETUP The Category of Service and cell rate parameters only affect data transmitted from the OCR 812 to the remote site (upstream direction). The default value of UBR with a Peak Cell Rate of 0 will attempt to use all available upstream bandwidth when transmitting to the remote site.
Page 33: Ip Configuration (Network Service Rfc 1483)
Enter the local ip address for the WAN connection: (specified only) Do you want to use “name”’s remote router as the default gateway ? Do you want to run RIP ? Enter the version of RIP to run: (if applicable) The IP configuration for VC “name”...
Page 34: Ipx Routing (Network Service Ppp)
5: Q VC S HAPTER UICK ETUP IPX Routing (Network Service PPP) Question Is IPX traffic going to be routed over VC “name”? Is the IPX WAN interface (S)pecified or (L)earned? Is the IPX WAN interface (U)nnumbered or (N)umbered? Enter the IPX network number for the WAN? Do you want IPX routing (RIP) to run over the WAN? The IPX configuration for VC “name”...
Page 35: Sample Identification Information
Sample Identification This section contains a sample of possible settings. Information Encapsulation type: ATM information: VPI/VCI: Category of Service: Peak Cell Rate: Local WAN IP Address: Remote WAN IP Address: WAN Interface Type: Address Translation (PAT): RIP: Remote is Default Gateway: IPX: IPX WAN Network Number: IPX WAN RIP:...
Page 37: Manual Setup
This chapter describes how to manually set up the OCR 812 for routing or bridging. Configuration The following steps provide an outline to follow when configuring the OCR 812 to Overview route or bridge to remote networks. 1 Determine how the OCR 812 will be used (as an IP, IPX Router and/or Bridge) and gather information about your remote site connection using the Configuration Planning Forms provided with the unit.
Page 38: Remote Site Management
6: M HAPTER ANUAL ETUP Remote Site Each remote site that you want to connect to is accessed through a single ATM Management Virtual Channel connection. To set up connections over the WAN, a VC (remote site) profile must be created and edited. With this profile, you specify ATM Virtual Channel information, protocols, and addresses that determine the method of connection and communication to that remote site.
Page 39: Configuring Network Service Information
For example, if you want to change the PPP authentication password to testpassword for a profile called Internet you would do the following: disable vc Internet set vc Internet send_password testpassword enable vc Internet Configuring Network A Network Service defines the data encapsulation and protocol characteristics for Service Information the connection between the OCR 812 and the remote site.
Page 40: Enabling A Point-To-Point Protocol
6: M HAPTER ANUAL ETUP When the Network Service is set to RFC 1483, the profile’s IP WAN addresses can be dynamically learned with the DHCP protocol. To enable DHCP on a Remote Site profile: 1 Set the network service to RFC 1483: set vc <vc name>...
Page 41: Setting Up A Virtual Private Network (Vpn) Tunnel
You should have been provided with Category Of Service parameters. If no traffic shaping parameters have been provided you should choose UBR with a PCR value of 0. The OCR 812 will attempt to use all of the upstream bandwidth when transmitting data to the remote site.
Page 42: Vpn Tunneling Overview
Examples of a PPTP tunnel server are a Windows NT server (Windows 2000, version 4.0 or later, with Service Pack 3 or greater and RAS installed) or 3Com’s Total Control Hub. Install any networking protocols required for the private network on the PPTP tunnel server (such as IP, IPX, and NetBeui).
Page 43: Enabling And Disabling A Vpn Tunnel
Enabling and Disabling a To enable a VPN, enter the enable tunnel command. To disable a VPN, enter the VPN Tunnel disable tunnel command. Before you attempt to set or change any parameter for a VC, you must first disable the VC using the DISABLE VC <vc_name>...
Page 44: Tunnel Commands
6: M HAPTER ANUAL ETUP be blank (assigned with the value “”). You can change the PASSWORD and SEND_PASSWORD using the SET TUNNEL [PASSWORD | SEND_PASSWORD] command. You must change the SEND_PASSWORD (to the appropriate authentication password value expected by the VPN Server) using the SET TUNNEL <...
Page 45: Creating A Vpn Tunnel Using Non-Default Values
Table 6-2 812 Set Tunnel Parameters and Supported Values For example, to change the SEND_PASSWORD settings of a tunnel named ZOOM to VPN, enter the following command: SET TUNNEL ZOOM SEND_PASSWORD VPN You must disable the tunnel using the disable tunnel <tunnel_name> command before you can change any parameters.
Page 46: Configuring Authentication And Encryption
6-10 6: M HAPTER ANUAL ETUP Configuring To learn how to use CLI commands to configure authentication and encryption for Authentication and the OCR 812, please refer to the following: Encryption Configuring Windows 2000 Server to Support CHAP Authentication Microsoft supports CHAP authentication for both PPTP and L2TP tunnels. However, to configure CHAP authentication for a Windows 2000 Server, you must ensure that store pw using reversible encryption for all users in domain is set to enabled before adding users.
Page 47: Configuring Windows 2000 Server To Support Encryption For L2Tp Tunnels
An administrator may also set up a Windows 2000 Server as a router with a private IP subnet set to 98.76.54.0/C. To add DHCP Services on the Windows 2000 Server, an administrator can use any IP addresses from 98.76.54.1 to 98.76.54.253 inclusive.
Page 48 6-12 6: M HAPTER ANUAL ETUP vpdn-group 1 accept-dialin protocol l2tp virtual-template 25 terminate-from hostname OfficeConnect local name c7200 no l2tp tunnel authentication source-ip 192.180.3.2 3 In Cisco router configuration mode, enter the following commands to configure the private network (LAN) interface: interface Ethernet1/2 ip address 192.168.200.1 255.255.255.0 no ip mroute-cache...
Page 49: Debugging An L2Tp Tunnel On A Cisco Router
ppp authentication pap 6 Ensure RIP and IP Pool configuration parameters are set to the following values: RIP Configuration IP Pool for L2TP Tunnel At this point, your L2TP tunnel should be fully operational and ready for use. Debugging an L2TP If your L2TP tunnel has not been successfully established, or if it is not operating as Tunnel on a Cisco Router expected, use the following debug commands to identify and correct the...
Page 50: Adding A Framed Route For A Vpn Tunnel
6-14 6: M HAPTER ANUAL ETUP Adding a Framed Route If you wish to set up a route to a network on the private (LAN) side of a remote for a VPN Tunnel site, use a framed route. To add a framed route for a VPN tunnel, enter the add framed_route vc command or the add framed_route tunnel command at the CLI prompt.
Page 51: Enabling Ip Routing
Enabling IP Routing When the OCR 812 is to be used for IP Routing, IP forwarding must be enabled. This is a global setting for the entire router. To enable IP routing, use the command: enable ip forwarding To disable IP routing, use the command: disable ip forwarding IP Forwarding refers to the routing of IP packets from one interface to another.
Page 52: Configuring Ip Rip On The Lan
6-16 6: M HAPTER ANUAL ETUP You can obtain a list of all configured networks using the command list networks. To only list IP networks, use list ip networks. The reconfigure ip network command can be used to modify an existing IP network’s address or frame type.
Page 53: Configuring Ip Rip For A Remote Site
The IP address associated with the local side of the WAN connection can be specified by you, learned from the remote site (if you are using PPP as the Network Service for the connection), or the interface can be Unnumbered. To specify the local IP address use the command: set vc <vc name>...
Page 54: Configuring Static And Framed Ip Routes
6-18 6: M HAPTER ANUAL ETUP If you are using address translation for a remote site connection (NAT) you must set ip_routing to LISTEN or NONE. This is because you have set up a private LAN network and therefore do not want to be broadcasting information to other routers.
Page 55: Ip Tools
IP Tools The OCR 812 CLI provides a standard set of IP utility programs including Ping, TELNET and RLOGIN. Address Public IP addresses are registered and can be used within a public network (e.g., Translation the Internet). Due to the limitation of IP version 4 address space and the growth of the Internet, public addresses are becoming more scarce.
Page 56: Port Address Translation (Pat)
6-20 6: M HAPTER ANUAL ETUP set vc <vc name> Use the set vc <vc name> nat_option command to set the NAT operating mode nat_option for a vc profile. Options available for the set vc <vc name> nat_option command are as follows: For a vc added using QuickVC, NAT is enabled by default.
Page 57: Configuring Pat
there is no existing dynamic or static port mapping, the packet will be translated using the PAT default address. Configuring PAT Typically, PAT only needs to be enabled or disabled for a remote site connection. Use the following command to configure PAT in a vc profile: set vc <vc name>...
Page 58: Intelligent Pat
6-22 6: M HAPTER ANUAL ETUP memory. If you do not enter the save all command before a reboot, unsaved changes made since the last save will be lost. Intelligent PAT Enabled by default, Intelligent PAT provides a “best guess” as to where an incoming packet should be delivered when: Intelligent PAT bases this “best guess”...
Page 59: Monitoring Pat
Please also note the following: The “best guess” LAN workstation will continue to receive all non-addressed packets sent by this remote workstation until and unless a new (different) communication pattern is detected by Intelligent PAT. When a new communication pattern is detected, Intelligent PAT makes a new “best guess”, with the following results: Intelligent PAT begins to forward all non-addressed packets sent by the remote workstation to the newly chosen “best guess”...
Page 60: Configuring Nat Static And Dynamic Mappings
When Network Address Translation (NAT, RFC 1631) is enabled, Static Addresses and/or Dynamic pool addresses must be configured. Do not use the public WAN port IP address of the OfficeConnect 812 as one of the NAT static or dynamic public IP addresses.
Page 61: Monitoring Super Nat
If you choose (optionally) to add static or dynamic mappings for Super NAT, do not use the public WAN port IP address of the OfficeConnect 812 as one of the Super NAT static or dynamic public IP addresses. To configure OCR812 to use Super NAT, perform the following steps: 1 Configure all NAT and PAT parameters.
Page 62: Configuring The 812 For Sip Phone Support
(connected to the LAN port) and all “outside” devices accessible via the Internet by means of the 812 WAN port connector. The WAN port of the OfficeConnect 812 is a public IP address representing all of the private IP addresses on the LAN side of a SIP phone connection.
Page 63: Dhcp
For more information about 3Com SIP phone products, please see our web site at http://www.3com.com/products/sip DHCP Dynamic Host Configuration Protocol (DHCP) is designed to provide a centralized approach for configuration of IP addresses and parameters. When a workstation is configured for automatic assignment of IP addresses, it broadcasts a request out on the LAN.
Page 64: Configuring The Dhcp Server
6-28 6: M HAPTER ANUAL ETUP Configuring the DHCP The OCR 812’s DHCP Server has the following fields that will need to be Server configured: The Hostname is the base name assigned to the workstation. A numeric suffix is appended to the base name and incremented after each assignment. For example, if the Hostname unit is configured, the first workstation will be assigned the Hostname unit01, the second workstation will be assigned unit02 and so forth.
Page 65: Configuring The Dhcp Relay
Domains. For instance, assume you have two remote sites configured, one to the Internet and the other to a corporate site which has a domain name of 3com.com. Two DNS remote servers can be configured, one which uses the corporate site for 3com.com and the other to use the Internet as the default.
Page 66: Configuring Dns
6-30 6: M HAPTER ANUAL ETUP Configuring DNS You can configure three global DNS parameters that control the operation of the DNS proxy. show dns settings DNS Host Entries Managing the DNS When resolving a DNS name, the OCR 812 first searches for a match in the Static Proxy Host table.
Page 67: Access Lists
Access Lists Access lists enable you to restrict which Remote Subnets are allowed to access the Management services of the OCR812. In addition to adding subnets to the list, you can enable access to all hosts on the local LAN. IPX Routing The OCR 812 can be configured as an IPX router to forward IPX packets between the local LAN interface and one or more remote sites.
Page 68: Enabling Ipx Routing
6-32 6: M HAPTER ANUAL ETUP Remember to save your configuration using the save all command before rebooting your OCR 812 so that your changes will be written to permanent FLASH memory. Enabling IPX Routing Unlike IP, there is no setting on the OCR 812 that enables or disables IPX routing functionality on a global basis.
Page 69: Configuring Ipx Static And Framed Routes
To specify that the interface is Unnumbered you must enter 00000000 for the <ipx network address> parameter. set vc <vc name> ipx_address 00000000 Configuring IPX Static A static route is a configured route that will remain in the routing table until and Framed Routes deleted.
Page 70: Configuring Ipx Static And Framed Services
6-34 6: M HAPTER ANUAL ETUP Configuring IPX Static The Service table contains IPX server names, the services they provide, their and Framed Services network addresses and node addresses, and their relative distances. Examples of services include file servers and printers. Note the following: Use static and framed services for servers not learned using SAP.
Page 71: Configuring Ipx Rip And Sap
Remember to disable and then re-enable the VC profile for the change to take effect. Configuring IPX RIP and IPX RIP is used to exchange IPX routing information with other IPX routers. SAP is a protocol used by IPX servers and routers to exchange information about the location of servers.
Page 72: Configuring Bridging For The Lan
6-36 6: M HAPTER ANUAL ETUP The OCR 812 bridge supports the Spanning Tree Protocol (STP). This feature is used when two networks are joined by two bridges forming a looped network. STP prevents the data packets from circling the two networks. The OCR 812 provides a Bridge Firewall function which allows flexible configuration of simultaneous bridging and routing.
Page 73: Advanced Bridging Options
IP Forwarding refers to the routing of IP packets from one interface to another. It does not affect communicating to the OCR 812 itself. Even when IP Forwarding is disabled, you can perform non-routing functions such as use a Web browser to manage the unit and use PING.
Page 74: Mac-Encapsulated Routing
6-38 6: M HAPTER ANUAL ETUP MAC-Encapsulated Because routers base their forwarding decision on network-level addresses, Routing packets that are routed over a WAN are transmitted without MAC-layer addresses. Additionally, address resolution procedures that can be used to determine the destination MAC address for a packet are not required.
Page 75: System Administration
2 Forward Unicast Packets Only: If a protocol is configured for routing, and a packet for that protocol type is received from the LAN that is not addressed to the MAC address of the OCR 812, it is bridged. Additionally, ARP broadcasts for IP addresses other than that of the OCR 812 are also bridged.
Page 76: Setting Date And Time Using Network Time Protocol (Ntp)
6-40 6: M HAPTER ANUAL ETUP To manually set the time, use the command set time (which sets the system time, and leaves the date unchanged). Date and Time values are for the current session only. Setting Date and Time The OCR 812 supports use of the Network Time Protocol (NTP) to automatically Using Network Time set system date and system time to the values provided by NTP servers installed on...
Page 77 If more than one OCR 812 is installed in your network, each OCR 812 is assigned a different primary NTP server (the assignment of a primary NTP server to a given OCR 812 is based on the unique MAC address of that OCR 812 unit).
Page 78 6-42 6: M HAPTER ANUAL ETUP NTP Servers List The following is a partial list of available NTP servers that can be found at the www.ntp.org web site. For an up-to-date, comprehensive list of all available NTP servers, please visit www.ntp.org. NTP Servers "clock.psu.edu"...
Page 79: Displaying Date, Time, And System Uptime
Displaying Date, Time, To display current date, current time, and system uptime (time elapsed since and System Uptime power-on), use the command show date. Date and time information displays in the following format: Setting System The system name, location and contact information is useful when monitoring the Identification OCR 812 remotely.
Page 80: Providing Tftp Access
6-44 6: M HAPTER ANUAL ETUP Providing TFTP Access Trivial File Transfer Protocol (TFTP) provides a simple way to transfer files from one machine to another. The OCR 812 has a TFTP server that allows you to copy files to or from the unit.
Page 81 System Administration 6-45 After logging in to the CLI, you can exit the CLI with the command: exit cli...
Page 82: Officeconnect Remote 812 Filtering Capabilities
ANUAL ETUP Care should be taken to remember the configured password. If the password is forgotten, the unit must be sent back to 3Com support to have the feature disabled. OfficeConnect Remote The OCR 812 provides an extensive set of data and call filtering capabilities. The...
Page 83: Filter Classes
Packet filters control inter-network data transmission by accepting or rejecting the passage of specific packets through network interfaces based on packet header information. When data packets are received by a network interface such as an Ethernet LAN or WAN port, a packet filter analyzes packet header information against a set of rules you define.
Page 84: Generic Filters
6-48 6: M HAPTER ANUAL ETUP IPX-SAP IPX-RIP Generic Filters Generic filters are protocol-independent and are specified by byte and offset values in a packet. Packets are filtered by comparing each packet’s offset value and byte information with the values that you define in the filter. The router will accept or reject the packet based on the result.
Page 85: Filter File Components In Cli
Filter File Components in You define the filtering rules used by the router within filter files. Filter files are text files that are stored in the unit’s FLASH memory. You can create and modify filter files using an off-line text editor, then TFTPing the finished file on to the unit. To be valid, a filter file must always have the following file descriptor on the first line: #filter Be sure that no blank space precedes the descriptor, or an error will occur.
Page 86 6-50 6: M HAPTER ANUAL ETUP the first match that occurs. If there is no match, by default the packet is accepted. For this reason, you should order your protocol rules so that the rules you expect to be most frequently matched are in the beginning of the section. This reduces the amount of parsing time that occurs during filtering.
Page 87: Generic Filter Rule
Table 6-6 Protocol Keywords Protocol Section IP-RIP IPX-RIP IPX-SAP BR-ETH Generic Filter Rule The syntax for generic filters is slightly different than that for other filters: <line #> <verb> GENERIC => ORIGIN = <FRAME > DATA>/OFFSET = <# of bytes>/ LENGTH = <# of bytes>/MASK = <...
Page 88: Ip Source And Destination Network Filtering Using Cli
6-52 6: M HAPTER ANUAL ETUP IP Source and Destination Network Filtering Using CLI Source and destination address filtering is generally used to limit permitted access to trusted hosts and networks only, to explicitly deny access to hosts and networks that are not trusted, or to limit external access to a given host (for example, a web server or a firewall).
Page 89: Ipx Source And Destination Network Filtering Using Cli
If the router is listening for, or broadcasting RIP messages, you should allow them to pass in the appropriate direction(s). You define IP RIP filtering rules in the IP-RIP protocol section of the filter file. For example, if you want to filter all routes except the one specified by the IP network address 195.12.254.45, you would create this rule: IP-RIP: 1 ACCEPT network = 195.12.254.45;...
Page 90: Ipx Rip Packet Filtering Using Cli
6-54 6: M HAPTER ANUAL ETUP IPX RIP Packet Filtering Using CLI Routing Information Protocol (RIP) packets are used to identify all attached networks as well as the number of router hops required to reach them. The responses are used to update a router's routing table. You define IPX RIP packet filtering rules in the IPX-RIP protocol section of the filter file.
Page 91: Step By Step Guide To Creating Filter Files Using Cli
3 ACCEPT generic=>origin=FRAME/offset=12/length=2/mask=0xFFFF/value=0x8136; 4 ACCEPT generic=>origin=FRAME/offset=12/length=2/mask=0xFFFF/value=0x8137; 999 DENY; Step by Step Guide to You can create filter files using any text editor. Once the file is created, use the Creating Filter Files Trivial File Transfer Protocol (TFTP) to place the filter file in the router FLASH Using CLI memory.
Page 92: Assigning Filters
For example, from the workstation command line enter: 12 The router does not recognize a filter file stored in its FLASH memory until you add it to the managed filter table. To notify the unit about the filter file for the first time, you must issue the CLI command add filter <name>...
Page 93: Vc/Remote Site Filters
VC/Remote Site Filters You can configure filters for a specific VC / remote site profile that controls access to the network for that location. This filter is only applied for the duration of the remote network connection. As with interface filters, a remote site filter can be configured to apply to input or output data traffic.
Page 94: Configuring Filters For A Vpn Tunnel
Configuring Filters for a To configure filters for a VPN tunnel, use the following commands: VPN Tunnel For more information about configuring a VPN Tunnel (including information about configuring filters), see Creating a VPN Tunnel Using 812 Default Setting Filter Access When filters are assigned to both the WAN interface and a VC/remote site profile, Using CLI you need to tell the router which one to use using the filter access parameter.
Page 95: Removing A Filter From An Interface Using Cli
It may be helpful to use the list files command to see files successfully stored in the FLASH memory. Removing a Filter from To remove a filter that is assigned to an interface, use the following command: an Interface Using CLI The "...
Page 96 6-60 6: M HAPTER ANUAL ETUP...
Page 97: Officeconnect Remote 812 Sample Configuration
OFFICECONNECT REMOTE 812 SAMPLE CONFIGURATION Sample Configuration This section describes a sample configuration that illustrates the following Overview OCR 812 features: Our sample SOHO network, shown below, has the OCR 812 connected to a LAN that is using private IP addresses. The OCR 812 is configured as the DHCP Server, dynamically assigning IP addresses and configuration information to each locally connected workstation.
Page 98: Configuring The Sample Network
A: OFFICECONNECT REMOTE 812 SAMPLE CONFIGURATION PPENDIX Configuring the The following sections discuss the six steps required to configure our sample Sample Network network. Global Configuration Global configuration includes some optional “system” commands to identify the OCR 812’s name, location, and support contact. Next the Remote access security option is enabled to allow remote CLI access using TELNET.
Page 99: Lan Ipx Network Configuration
DNS Server at 192.168.1.253. If a request was for www.3com.com, a match would not be found in the Remote server table and therefore the request would be forwarded to the default Remote DNS Server.
Page 100: Remote Site: Corporate Access
A: OFFICECONNECT REMOTE 812 SAMPLE CONFIGURATION PPENDIX dynamically learn the addresses for two remote DNS Servers. The login name for this account is “internet-user” and the password is “1a2b3c”. Port Address Translation will be enabled, allowing all the workstations on our local LAN to share one public IP address.
Page 101 Configuring the Sample Network set vc corp-net ip_routing both set vc corp-net ipx_address 0 ipx_routing all enable vc corp-net...
Page 103: Cli Command Description
CLI Command Description CLI Commands Use the ADD command to define: Note that some parameters have default values. add access The access list defines which Remote IP Subnets are allowed access to the <ip subnet address> Management services of the OCR812. Use this command to add an entry to the list.
Page 104: Add Dns Host Address
B: CLI C PPENDIX OMMAND ESCRIPTION You must use add user to create a network type user for this command, and set user to specify the protocol and other parameters related to bridging. Parameter <network_name> enabled add dns host Adds the named host to the Local Host Table. When the system needs to resolve <host_name>...

Page 105: Add Framed_Route Vc
You must correct the filter file in a text editor, use TFTP to export the updated file to the system’s FLASH file system, and use the verify filter command to check the filter’s syntax. Parameter <filter_name> add framed_route vc ip_route [ip_address] <name>...

Page 106: Add Ip Network
B: CLI C PPENDIX OMMAND ESCRIPTION add ip network address [ip_net_address] <network_name> frame [ETHERNET_II | SNAP | LOOPBACK] { interface [eth:1] } { enabled [yes] } Adds an IP network to the list of IP networks available over the specified interface. Parameter <network_name>...

Page 107: Add Ipx Route
address interface enabled frame add ipx route gateway [ipx_host_address] <ipx_net_address> metric [metric_number] ticks [tick_number] Adds an IPX static route (for the LAN) to the system’s IPX Route table, which defines static routes to remote IPX networks. The command list ipx routes displays currently defined static routes. Parameter <ipx_net_address>...

Page 108: Add Ipx_Route Vc
B: CLI C PPENDIX OMMAND ESCRIPTION Below is a partial list of the IPX services available: add ipx_route vc ipx_net [ipx_address] <name> metric [hop_count] ticks [tick_number] Adds an IPX route for the a user over the WAN. Parameter <name> Ipx_net Metric ticks add ipx_service vc...
Page 109: Add Network Service Status
You must supply the name, internal ipx network number, node number, socket, and type of service for this service. The user must also supply gateway information to indicate the next router hop. Parameter <name> Petitioned Hops name node socket type Below is a partial list of the IPX services available: add network service <service_name>...
Page 110: Add Network Service Example
B: CLI C PPENDIX OMMAND ESCRIPTION close_active_connections [TRUE | FALSE] This configures a network listener process that provides a certain type of service. To see the available server types, use list services. Parameter <service_name> server_type socket enabled data close_active_ connections The table below shows configurable parameters for TELNET services, which are specified with the data parameter.
Page 111: Add Snmp Trap_Community
Adds to the list of SNMP authorized users. The community name and IP address of SNMP requests from managers on the network must match the list, which you can see using list snmp communities. Parameter <community_name> address access add snmp address [ip_address] trap_community Adds to the list of community name/IP address pairs that are allowed to receive...

Page 112: Add User [Name] Password [Password
B-10 B: CLI C PPENDIX OMMAND ESCRIPTION add user [name] password [password] Adds a Telnet user to the local user table. The list users command displays these parameters for all users. Parameter Name Password Enabled add vc [name] Creates a virtual channel (VC) profile. Each profile represents a connection to a remote site.
Page 113: Delete Dns Host
delete dns host Deletes the specified host from the DNS Local Host Table. Use list DNS hosts to <host_name> view the DNS Local Host table. After deletion, requests for that host will be processed through a DNS server, instead of locally. Use list DNS servers to see which servers are defined.

Page 114: Delete Nat [Dynamic | Static Vc Public_Pool_Start
B-12 B: CLI C PPENDIX OMMAND ESCRIPTION delete nat [dynamic | static ] Deletes the static NAT mapping to this public IP address for the associated VC. vc <vc name> public_pool_start Parameter <address> <vc_name> public_address The public IP address of the static NAT mapping you wish to delete. Deletes the dynamic NAT mapping to this pool of public IP address for the associated VC.
Page 115: Dial
DIAL dial <vc_name> Generates an outgoing connection to the location specified by the vc name. You can use list vcs to list the defined vc profiles, and their current status. DISABLE disable access Disables the Access List feature. When disabled, all hosts are permitted to access the Router’s management services.
Page 116: Disable Lan Access
B-14 B: CLI C PPENDIX OMMAND ESCRIPTION disable lan access When the access list is enabled, this command disables access to Hosts on the local LAN interface. When disabled, all frames received on the LAN interface are subject to the access list check. If the corresponding LAN subnet is not in the access list, the frame is silently discarded.
Page 117: Enable Access
ENABLE enable access Enables the Access List feature. When enables, only Remote Hosts in the access list are permitted access to the Router’s management services. enable bridge network Enables bridging over the specified network. You must have previously run <network_name> add bridge network to add bridging over this network.
Page 118: Enable Link_Traps Interface
B-16 B: CLI C PPENDIX OMMAND ESCRIPTION enable link_traps This command tells SNMP to send linkup and linkdown traps for the specified interface interface. You can see if the interface is currently enabled for traps using the show <interface_name> interface settings command. enable network service Enables the network service that you previously defined with the add network <service _name>...
Page 119: Hangup Vc
hangup vc <vc_name> Causes the connection for the specified VC to drop. You can see which VCs have active connections using list vcs. Also see disable vc, which causes a VC’s session to drop, and prevents new sessions which use that VC from being established. HELP help <command>...

Page 120: List Call Events
B-18 B: CLI C PPENDIX OMMAND ESCRIPTION list call events Displays the last twenty call events. This is useful when trying to determine why a call over the WAN is not being established. The table displays the system, the up time, and the event.
Page 121: List Interfaces
list interfaces Displays the installed interfaces, along with their operational status, administration status, and interface index. If an interface is down, you can use enable interface to try to bring it up. The command lists: list ip addresses Displays the IP address for each interface. It lists: list ip arp Displays the contents of the ARP cache.
Page 122: List Ipx Networks
B-20 B: CLI C PPENDIX OMMAND ESCRIPTION list ipx networks Displays the IPX networks that you previously defined using the add ipx network command. It lists: list ipx routes Displays the IPX routes that you previously defined using the add ipx route command, plus the defined IPX nodes.
Page 123: List Processes
list processes Displays all processes running on the system. list ppp Displays PPP bundles and links. When multiple physical links are combined to run multilink PPP (RFC1717), the group of physical links is called a bundle. With the OCR 812, only a single link is supported. This command displays: list services Displays all network services you defined using the add network service command:...
Page 124: List Tcp Connections
B-22 B: CLI C PPENDIX OMMAND ESCRIPTION list tcp connections Displays information about all TCP connections. Connection status is defined in RFC-793. list tftp clients Displays IP addresses of all users who allowed to use the Trivial File Transfer Protocol (TFTP) to connect to the system. You must have used add network service to add TFTP support to the system and used add tftp client to authorize users to connect.
Page 125: Ping
PING More (or CR) ping output [output_filename] <ip_name_or_addr> count [count] interval [interval] timeout [timeout_value] Sends an ICMP echo request to a remote IP host. A reply from the pinged address indicates success. Parameter <ip_name_or_address> output count interval timeout QUICKVC Runs the QuickVC Setup program to easily configure a virtual channel connection (remote site profile).

Page 126: Save All
B-24 B: CLI C PPENDIX OMMAND ESCRIPTION SAVE save all Saves all changes you have made during your session with the CLI. It is a good idea to save your changes frequently, just as you should with any type of editor. set adsl reset Resets the ADSL interface.
Page 127: Set Date
prompt <string> local_prompt <string> set date <date> Sets the system date, and leaves the time unchanged. Use show date to see what the current settings are. The format is: dd-mmm-yyyy. The month should be the first three characters of the month name. The year can be either 2 or 4 digits (97 or 1997).

Page 128: Set Dhcp Server
B-26 B: CLI C PPENDIX OMMAND ESCRIPTION set dhcp server Defines the characteristics of the DHCP Server and defines the pool of addresses that this facility should administer. Parameter DNS1 DNS2 domain end_address hostname lease mask router start_address WINS1 WINS2 set dns Sets the global parameters for DNS;...
Page 129: Set Facility Loglevel [Level]
timeout set facility Sets the severity reporting level for a facility. The hosts that will receive the error <facility_name> log entries are defined using add syslog loglevel. Use list facilities to see what the loglevel [level] current loglevel is for each facility. The levels: set ilmi vpi <number>...
Page 130 B-28 B: CLI C PPENDIX OMMAND ESCRIPTION Sets the broadcast algorithm, the maximum size used for reassembling fragmenting packets, the RIP authentication string, RIP policies, and the routing protocol for the specified interface. The only required parameter for this command is <name>.
Page 131: Set Ip Routing
Parameter <network_name> broadcast_algorithm reassembly_ maximum_size rip_authentication rip_policies_update routing_protocol set ip routing autonomous_system_number [number] table_maximum_size [number] metric_maximum_entries [number] rip_flags [METRICS, SEND_REQUEST] router_id [router_id] Sets parameters for IP routing to the specified IP router address, which is the gateway to an Autonomous System. Parameter autonomous_system_number Autonomous system number.
Page 132: Set Ipx Network
B-30 B: CLI C PPENDIX OMMAND ESCRIPTION rip_flags Router_id set ipx network <network_name> Sets parameters for the specified IPX network. Parameter <network_name> delay_ticks diagnostics maximum_learning_ retries netbios netbios_name_cache netbios_cache_timer netbios_max_hops Flags indicate at which level a RIP instance is disabled or configured.
Page 133: Set Ipx System
packet_maximum_size rip_age_multiplier rip_packet_size rip_update_interval sap_age_multiplier sap_packet_size sap_nearest_replies sap_update_interval set ipx system priority [priority level] default_gateway [ipx_host_add] initial_pool_address [ipx_addr] pool_members [number] Sets parameters for dynamic IPX networks. Parameter priority default_gateway initial_pool_address Initial IPX address used to dynamically assign IPX network. pool_members set network service server_type [server_type] <admin_name>...
Page 134: Set Ppp Receive_Authentication
B-32 B: CLI C PPENDIX OMMAND ESCRIPTION server_type socket data close_active_connections set ppp Sets the type of inbound authentication to be used when establishing PPP receive_authentication connections for PPTP and L2TP tunnels. [ANY | For in-depth information about CHAP and PAP, see RFC 1334. ANY_EXCEPT_MSCHAP | CHAP | MSCHAPV1 | MSCHAPV2 | NONE | PAP]...
Page 135: Set Tunnel Encryption_Algorithm
set tunnel <tunnel_ Sets encryption for a PPTP or L2TP tunnel. name>encryption_algori Encryption can be set to any of the parameters shown in the Table below. thm [AUTO | However, a tunnel can only be configured for Microsoft 40-bit, 56-bit, and MICROSOFT_128BIT | 128-bit encryption (MPPE) if the MSCHAPv1 authentication protocol is set to MICROSOFT_40BIT |...
Page 136: Set System
B-34 B: CLI C PPENDIX OMMAND ESCRIPTION set system Specifies system contact information, which is displayed using show system. The user name is the remote account name. Location, name and contact names are limited to 64 characters. Parameter name location contact transmit_ authentication_name...
Page 137: Set User
Table 6-7 812 Set Tunnel Parameters and Supported Values set user <user_name> message [“message”] password [password] session_timeout [seconds] tcp_port [tcp_port] terminal_type Modifies user parameters. Parameter <user_name> message password Parameter Supported Value SEND_PASSWORD <password> ENCRYPTION_ALGORITHM NONE AUTO MICROSOFT_128BIT MICROSOFT_40BIT MICROSOFT_56BIT REQUIRED 1400 SEND_NAME <name>...

Page 138: Set Vc
B-36 B: CLI C PPENDIX OMMAND ESCRIPTION session_timeout tcp_port Terminal_type set vc <vc_name> Specifies parameters for VCs. Interval before timing out a session. TCP Port number for the Telnet session. The type of terminal. This is an alphanumeric string, of up to 64 characters. address_selection [negotiate | assign | specified] bridging [enable | disable] default_route_option [enable | disable]...

Page 139 Parameter Description <vc_name> VC profile name. address_ Determines how the IP address will be assigned for remote IP network selection connections. NEGOTIATE - learn the remote IP address. SPECIFIED - uses IP address set in remote_IP_address value bridging Enables/disables bridging across this link. default_route_ When enabled, a default route is automatically created (by negotiation) option...
Page 140: Set Vc Atm
B-38 B: CLI C PPENDIX OMMAND ESCRIPTION management_ip_ address NAT_option PAT_default_ address Network_service output_filter Password remote_IP_address For a client IP connection, address assigned to the client. rip_authentication Text string used for RIPv2 authentication. rip_policies _update send_name send_password Type set vc <vc_name> atm Secondary IP address on the VC for Management purposes only.
Page 141: Show Access
Sets ATM parameters for VCs. Parameter <vc_name> Category_of_service Type SHOW Show commands display details about system entities. show access Displays the current status of the access list feature. Administration Status - Indicates status of the access list feature. Options are Enabled or Disabled. LAN Access - Indicates whether all frames received on the LAN interface are subject to access list checking.
Page 142: Show Adsl Statistics
B-40 B: CLI C PPENDIX OMMAND ESCRIPTION show adsl statistics Statistics for both near end and far end ADSL/ATM link. Counters include corrected frames, CRC errors, and HEC errors for the Fast and Interleaved path. show adsl performance Fields: show adsl Displays the current status of the ADSL/ATM link.
Page 143: Show Bridge Settings
settings show bridge settings Displays the settings for all bridge networks. Use set bridge to modify these values. show call_log Displays the current call status of a specified VC. Fields: Call State: current call state of the call (i.e. Disconnected, Connecting, Connected).
Page 144: Show Configuration
B-42 B: CLI C PPENDIX OMMAND ESCRIPTION History Depth: Current Prompt: OCR-DSL> Local Prompt: show configuration Displays a variety of system information including: System Identification, Authentication Remote, Remote Accounting, Interfaces, IP forwarding, IPX Default Gateway, Bridge Spanning Tree, and DNS Domain. show critical_event Displays where the log files for critical event messages are stored in the FLASH file settings...
Page 145: Show Dhcp Relay
show dhcp relay Displays the current configuration and counters for both the primary and secondary DHCP relay server. IP Address - IP address of the DHCP Server. Max Hops - maximum hops to get to this server. Status - enabled or disabled. Request Sent to Server - number of requests sent to server.
Page 146: Show Dns Counters
B-44 B: CLI C PPENDIX OMMAND ESCRIPTION show dns counters Displays various counters for DNS. SPECIFIC ERROR COUNTERS show dns settings Displays settings for all DNS servers. You can modify using set DNS. show filter <filter_name> Displays the filter rules, based on the protocol options specified. The filter name MUST be a filter file, as listed using list filters.
Page 147: Show Icmp Counters
BR-ETH - CALL - Ethernet bridge call filter rules IP - IP data filter rules IP-CALL - IP call filter rules IP-RIP - IP RIP advertisement filter rules show icmp counters Shows the Input and Output Counters for ICMP. Two types of ICMP messages - error and query messages - are sent to syslog hosts.
Page 148: Show Interface Counters
B-46 B: CLI C PPENDIX OMMAND ESCRIPTION show interface Displays counters for the specified interface. <interface_name> INPUT COUNTERS counters OUTPUT COUNTERS show interface Displays settings for the specified interface. The settings displayed depend on the <interface_name> interface you specify, and so will not be shown here. settings Echos - sum of ICMP Echo (request) messages sent Echo Replies - sum of these messages sent...
Page 149: Show Ip Counters
show ip counters Displays system wide IP network statistics. INPUT COUNTERS Total Input Datagrams - sum of IP datagrams received Bad Headers - number of datagrams with bad headers Bad Addresses - number of datagrams with bad addresses Forwarded Packets - number of packets forwarded Bad Protocol - number of packets received with bad protocol Discarded - number of packets discarded Successfully Delivered - number of packets successfully received...
Page 150: Show Ipx Counters
B-48 B: CLI C PPENDIX OMMAND ESCRIPTION show ipx counters Displays counters for all IPX network activity. INPUT COUNTERS OUTPUT COUNTERS show ipx network Displays statistics for the specified IPX network. <network_name> counters Broadcast Algorithm - broadcast algorithm used for this network Max Reassembly Size - maximum packet size allowed to be reassembled from fragments IP Routing Protocol - routing protocol used...
Page 151: Show Ipx Network Settings
RIP In Packets - sum of RIP packets received SAP Out Packets - sum of SAP packets transmitted SAP In Packets - sum of SAP packets received show ipx network Displays parameter settings for the specified IPX network. You can modify most of <network_name>...
Page 152: Show Ipx Sap
B-50 B: CLI C PPENDIX OMMAND ESCRIPTION Parameter settings counters show ipx sap Displays information about SAP for IPX. Parameter settings counters show ipx settings Displays settings for dynamic IPX networks. You can modify these values using the set ipx system command. show memory Displays System DRAM Memory usage.
Page 153: Show Ppp On Vc Counters
show ppp on vc This shows counters for the Point-to-Point Protocol on the Virtual Circuit. <vc_name> counters show ppp on vc This shows the settings for the Point-to-Point Protocol on the Virtual Circuit. <vc_name> settings show ppp on interface Displays statistics for PPP running on the specified interface. <name>...
Page 154: Settings For Ppp Bundle 1
B-52 B: CLI C PPENDIX OMMAND ESCRIPTION SETTINGS for PPP BUNDLE 1 SETTINGS for PPP BUNDLE 1 COMPRESSION Operational Status - Opened or Not Opened SETTINGS for PPP LINK 1 - 5 Operational Status - opened or not opened Number Active Links - number of links active on this PPP bundle User Profile - user whose parameters were used in creating links Local MMRU - MRU the remote entity uses when sending packets to local PPP entity.
Page 155: Settings For Ppp Link 1 - 5 Authenticationb -53
SETTINGS for PPP LINK 1 - 5 AUTHENTICATION show ppp settings Displays global settings for PPP. You can modify inbound authentication using the set ppp receive_authentication command. show security_option Displays status for SNMP User Access and Administration by Remote Users. You settings can modify the SNMP User Access using the enable or disable security_option snmp commands.
Page 156: Show Snmp Settings
Trap PDUs - sum of SNMP Trap PDUs sent from SNMP Authentication Traps - ENABLED (default) or DISABLED System Descriptor - for example: 3Com OfficeConnect™ Remote 812 V1.0.0, Built on Oct 31 1998 at 11:33:05. Object ID - identifies this system to SNMP managers...
Page 157: Show Telnet
show telnet Displays the status of the TELNET escape feature (ENABLED or DISABLED). It is set using the disable and enable TELNET escape commands. show tcp counters Displays system-wide TCP statistics. TCP COUNTERS Active Opens - number of times TCP connections have made a direct transition to the SYN-SENT state from the CLOSED state Passive Opens - number of times TCP connections have made a direct transition to the SYN-RCVD state from the LISTEN state...
Page 158: Show User Settings
show user <name> Displays the parameters defined for the specified TELNET user. You can use list settings users to see which users are defined. show vc <vc_name> Displays the parameters defined for the specified VC. You can use list vc to see settings which virtual channels are defined.
Page 159: Set_Escape
SYNC set_escape <string> Allows changing the TELNET escape character from ^] to something else. Control characters are specified using the carat character followed by another character. For example, to set the TELNET escape character to control - X, type set_escape status Displays the IP address of the remote host and the value of the TELNET escape character.

Page 160 B-58 B: CLI C PPENDIX OMMAND ESCRIPTION Output Pause The output will pause when there is more than 24 lines of output. Type ‘more’ (or press CR) to continue, or ‘quit’ to stop. Command Kill To discontinue the current command action, and flush any commands which have been typed ahead, use ^C (control-C).
Page 161 Add command 2 -2 Address filtering, source and destination 6 -44 Address Translation Configuring NAT 6 -23 Configuring PAT 6 -21 Configuring Super NAT 6 -24 Monitoring NAT 6 -24 Monitoring PAT 6 -23 Monitoring Super NAT 6 -25 Network Address Translation (NAT) 6 -23 Overview 6 -19 ADSL reset B -24...
Page 162 data filtering, Input and output 6 -44 Data Filters 6 -45 Defaults 4 -2, 4 -7 DHCP Configuration set DHCP mode B -25 set DHCP relay server1 B -25 set DHCP relay server2 B -25 set DHCP server B -26 Overview 6 -27 Relay 6 -29 Server 6 -28...
Page 163 Input and Output filters contrasted 6 -54 Input data filters 6 -45 Input Filters 6 -54 Interface 1 -1, 2 -3 Interface Filters 6 -54 Interfaces disable interface B -13 disable link_traps interface B -14 enable interface B -15 list active interfaces B -17 list interfaces B -19 list lan interfaces B -20 Internet, viewing Web resources 1 -1...
Page 164 IP Routing Framed Routes 6 -18 Static Routes 6 -18 IP Source and Destination Network Filtering Using CLI 6 -50 IP Source and Destination Port Filtering Using CLI 6 -50 Configuration add ipx network B -4 delete ipx network B -11 disable ipx network B -13 enable ipx network B -15 set ipx network B -30...
Page 165 Network Address Translation (NAT) 6 -23 Network Service, configuring 6 -3 Network user 2 -2, 2 -3, 4 -4, 4 -5, 4 -6 Output data filters 6 -45 Output Filters 6 -54 Package, what’s included 1 -1 Packet filters 6 -44 Password 2 -2, 2 -3 password B -22 Password Protection 6 -43...
Page 166 Sample Configuration A -1 Scripts do (run CLI script) B -14 Security CLI Access disable security_option remote_user administration B -14 enable security_option remote_user administration B -16 Dial-in disable user B -14 enable user B -16 TELNET disable telnet escape B -14 enable telnet escape B -16 Virtual Channel disable VC B -14...
Page 167 TELNET access 6 -42 TFTP access 6 -42 Unconfigured state (booting 812 in) 4 -1 Unconfigured state (restoring 812 to) 4 -1 Users delete user B -12 show user settings B -56 show vc settings B -56 delete vc B -12 set vc B -36 VC/Remote Site Filters 6 -55 Virtual Channel (VC) 2 -3, 5 -1...
Page 169 The repaired or replaced item will be shipped to Customer, at the expense of 3Com, not later than thirty (30) days after receipt of the defective product by 3Com.
Page 170 This booklet is available from the U.S. Government Printing Office, Washington, D.C. 20402. Stock No. 004-000-00345-4. NOTE: In order to maintain compliance with the limits of a Class B digital device, 3Com requires that you use quality interface cables when connecting to this device. Changes or modifications not expressly approved by 3Com could void the user’s authority to operate this equipment.

3Com OfficeConnect Remote 812 Cli User's Manual

Ccessing the

Cli Command Conventions and Terminology

Configuration Methods

Quick Setup

Quick VC Setup

Manual Setup

Officeconnect Remote 812 Sample Configuration

Cli Command Description

Quick Links

ADSL Router

Related Manuals for 3Com OfficeConnect Remote 812

Summary of Contents for 3Com OfficeConnect Remote 812

Table of Contents