1. Manuals
  2. Brands
  3. Bay Networks Manuals
  4. Software
  5. Baystream 7
  6. Configuration and troubleshooting manual

Bay Networks Baystream 7 Configuration And Troubleshooting Manual

Bay dial vpn services
Hide thumbs Also See for Baystream 7:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Installation Manual
Configuring and
Troubleshooting
Bay Dial VPN Services
(DVS)
Remote Annex Software Version 14.1
BayStream Multiservice Software Version 7.2
BayStream Site Manager Software Version 7.2
February 1998

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Baystream 7 and is the answer not in the manual?

Questions and answers

Related Manuals for Bay Networks Baystream 7

Summary of Contents for Bay Networks Baystream 7

  • Page 1 Configuring and Troubleshooting Bay Dial VPN Services (DVS) Remote Annex Software Version 14.1 BayStream Multiservice Software Version 7.2 BayStream Site Manager Software Version 7.2 February 1998...
  • Page 2 The information in this document is proprietary to Bay Networks, Inc. The software described in this document is furnished under a license agreement and may only be used in accordance with the terms of that license. A summary of the Software License is included in this document.
  • Page 3 Software is first shipped to Licensee. If any item of Software fails to so function during its warranty period, as the sole remedy Bay Networks will at its discretion provide a suitable fix, patch, or workaround for the problem that may be included in a future Software release.
  • Page 4 7. Term and termination. This license is effective until terminated; however, all of the restrictions with respect to Bay Networks’ copyright in the Software and user manuals will cease being effective at the date of expiration of the Bay Networks copyright; those restrictions relating to use and disclosure of Bay Networks’ confidential information shall continue in effect.

  • Page 5: Table Of Contents

    Implementing Dial VPN at Your Site ...2-2 How Tunnel Management Works ...2-5 Tunnel Management in an erpcd-based Network ...2-5 Tunnel Management in a RADIUS-only Network ...2-6 How the TMS Database Works ...2-6 Dynamically Allocating IP Addresses ...2-7 115623B Rev. 00 BayStream Multiservice Software Version 7.2 Contents...
  • Page 6 Dial VPN Network Hardware Requirements ...3-1 Where to Find Hardware Installation Information ...3-2 Additional Configuration Considerations ...3-3 Configuring the IP Interface ...3-3 Configuring the Dial VPN Network Software ...3-4 Configuring Local Authentication Using the ACP ...3-5 Chapter 4 Configuring the Remote Annex Installing and Configuring the Annex Software ...4-2...
  • Page 7 Configuring an Adjacent Host Between the CPE and the Gateway ...9-6 Configuring a Static Route Between the CPE and the Gateway ...9-6 Configuring the CPE Frame Relay Circuit with Site Manager ...9-7 Installing and Configuring BSAC on the Home Network ...9-8 115623B Rev. 00 BayStream Multiservice Software Version 7.2...
  • Page 8 Using Quick2Config and Annex Manager Configuring Using Quick2Config Annex and Annex Manager ... C-1 Installing and Configuring the Remote Annex Software ... C-1 Loading Software and Booting the Remote Annex ... C-6 Configuring the Annex to Accept RIP 1 and/or RIP 2 Packets ... C-6 Authenticating Incoming RIP 2 Updates and Requests ...
  • Page 9 Configuring Active RIP ... C-9 Defining Routes ... C-9 Configuring the Annex to Advertise RIP Updates ... C-9 Glossary Index 115623B Rev. 00 BayStream Multiservice Software Version 7.2...
  • Page 10 BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 11 Figure 9-1. Static Route Between the CPE Router and the Gateway ...9-2 Figure 10-1. Dial VPN Dynamic IP Address Management Sequence ...10-5 Figure 11-1. Network Topology for 115623B Rev. 00 BayStream Multiservice Software Version 7.2 ping -t Examples ...11-23 Figures...

  • Page 13: Remote Annex Syslog Messages

    Configuring the Annex to Accept RIP packets ... C-7 Table C-6. Remote Annex RIP Version 2 Authentication ... C-8 Table C-7. Configuring the Annex to Advertise RIP Packets ... C-10 115623B Rev. 00 BayStream Multiservice Software Version 7.2 Tables xiii...

  • Page 15: About This Guide

    Learn how to use Quick2Config and Annex Manager to configure the Remote Annex or Remote Annex Concentrator for Bay Dial VPN Look up the meaning of a Bay Dial VPN term Test Part Number About This Guide BNX Software Version <x.x> Go to Chapter 1 Chapter 2 Chapter 3...

  • Page 16: Before You Begin

    Before You Begin Make sure that you are running the latest version of Bay Networks Site Manager, Remote Annex, and router software. For instructions, refer to Upgrading Routers from Version 7–11.xx to Version 12.00. Conventions angle brackets (< >) bold text...
  • Page 17 Internet Packet Exchange protocol Internet Packet Exchange Control Protocol Integrated Services Digital Network International Organization for Standardization Internet service provider local area network media access control network access server Open Systems Interconnection Point-to-Point Protocol BNX Software Version <x.x> , but not both. xvii...

  • Page 18: Bay Networks Technical Publications

    Internet. Go to support.baynetworks.com/library/tpubs. Find the Bay Networks products for which you need documentation. Then locate the specific category and model or version for your hardware or software product. Using Adobe Acrobat Reader, you can open the manuals and release notes, search for the sections you need, and print them on most standard printers.

  • Page 19: How To Get Help

    800-2LANWAN; then enter Express Routing Code (ERC) 290, when prompted, to purchase or renew a service contract 978-916-8880 (direct) 33-4-92-96-69-66 61-2-9927-8888 561-988-7661 800-2LANWAN 800-2LANWAN 33-4-92-96-69-68 61-2-9927-8800 81-3-5402-0180 BNX Software Version <x.x> Fax number 978-916-3514 33-4-92-96-69-96 61-2-9927-8899 561-988-7550 Fax number 978-916-3514 408-495-1188 33-4-92-96-69-98 61-2-9927-8811 81-3-5402-0173...

  • Page 20: Bay Networks Educational Services

    For more information about training programs, call one of the following numbers: Region United States and Canada Europe, Middle East, and Africa Asia/Pacific Tokyo and Japan Telephone number 800-2LANWAN; then enter Express Routing Code (ERC) 282 when prompted 978-916-3460 (direct) 33-4-92-96-15-83 61-2-9927-8822 81-3-5402-7041 BNX Software Version <x.x> Test Part Number...

  • Page 21: Planning For Dial Vpn

    IP routed backbone. The gateway, in turn, maps a route from the tunnel endpoint to a frame relay permanent virtual circuit (PVC) on the user’s home network. 115623B Rev. 00 ® Dial Virtual Private Network Services (Dial VPN) provides BayStream Multiservice Software Version 7.2 Chapter 1 Planning for Dial VPN...

  • Page 22: How A Dial Vpn Network Functions

    Dial-In User Service (RADIUS), in addition to IP routing, frame relay, and Point-to-Point Protocol (PPP). Dial VPN runs on a variety of Bay Networks hardware platforms. Platforms running BayStream software such as the Access Stack Node (ASN™), the Backbone Node family of high performance switch/routers (BLN ®...
  • Page 23 (CPE) router to provide a path for packets to return to the remote node. 115623B Rev. 00 Tunnel domain data TMS /erpcd Network server access server (NAS Gateway Tunnel BayStream Multiservice Software Version 7.2 Third-party internet service Internet provider network User data Frame Relay PVCs Third-party RADIUS...

  • Page 24: Dial Vpn Basic Configuration Components

    Remote/Dial-In Node(s) Remote nodes can be laptop PCs (portable hosts) or dial-up routers, using PPP for dial-up connections. The portable host must have PPP client software and a TCP/IP or IPX protocol stack loaded. Dial VPN supports either dial-up IP or IPX over PPP for dial-in PC clients, and IP over PPP for dial-in routers connected to LANs.

  • Page 25: Gateway

    Gateway The gateway can be an ASN, BLN, BLN-2, BCN, or System 5000 MSX equipped with a 5380 module running BayStream software. The gateway connects the Dial VPN service provider’s network and the CPE router on the remote user’s home network. The gateway performs conventional IP routing functions configured on interfaces connected to the IP network, through...

  • Page 26: Tunnel Management Server

    Management System) that controls the IP tunnel establishment attempt from the NAS. TMS runs on the same UNIX host as the Access Control Protocol (ACP) software. The NAS and the TMS communicate using the Bay Networks proprietary Expedited Remote Procedure Call Daemon (erpcd or Secure erpcd).

  • Page 27: Radius Authentication Server

    BayStream platform to the IP network. Many steps in the installation script suggest default values. Accept the default values unless you have a reason to change them. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 28: At The Dial Vpn Service Provider's Site

    At the Dial VPN Service Provider’s Site Record the equipment you have at your own site. When you have configured the software, you can add the software information. • What device are you using as the dial-in server (NAS)? (Check all that apply.)

  • Page 29: For Each Destination Site

    For the frame relay router (CPE) with which the gateway connects: -- What is its IP address?__________________________________________ -- What is its subnet mask? ________________________________________ -- What is its DLCI? ___________________________________________ 115623B Rev. 00 ___ Only RIP 2 BayStream Multiservice Software Version 7.2 ___ Both RIP 1 and RIP 2...

  • Page 30: For Each Remote Node

    For Each Remote Node Record this information for each remote user authorized to dial in to the Dial VPN network. • User ID: ____________________________________________________ • For which domain(s) is this user authenticated? ______________________________________________________________ __________________________________________________________ 1-10 BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 31: Additional Planning Information

    flow through the network, go to For information about configuring Dial VPN, go to 115623B Rev. 00 contains an expanded network planning worksheet that you can use Chapter BayStream Multiservice Software Version 7.2 Chapter 3 1-11...

  • Page 33: Dial Vpn Network Concepts

    flow through the tunnel. Each tunnel supports one user. The tunnel exists as long as its user remains connected. 115623B Rev. 00 Dial VPN Network Concepts BayStream Multiservice Software Version 7.2 Chapter 2...

  • Page 34: Implementing Dial Vpn At Your Site

    For detailed information on each of these steps, refer to Chapters 4 through 7. Figure 2-2 shows a simplified Dial VPN network. BAYDVS service provider network Gateway Tunnel Data Tunnel management server BayStream Multiservice Software Version 7.2 connection Customer "Home" network DVS0001A 115623B Rev. 00...
  • Page 35 Install the Tunnel Management System, Annex, and (for the erpcd-based solution) Access Control Protocol software on the UNIX host that serves as the load host for the Remote Annex or Remote Access Concentrator (as described in the Remote Annex or Remote Access Concentrator documentation).
  • Page 36 Load the operating software onto the Remote Annex or Remote Access Concentrator from the UNIX load host. Boot the Remote Annex or Remote Access Concentrator. For detailed descriptions of the boot procedures, refer to the Remote Annex and Remote Access Concentrator documentation.

  • Page 37: How Tunnel Management Works

    For an erpcd-based network, the Tunnel Management System (TMS) runs on the same host as the Annex (erpcd) and Access Control Protocol (ACP) software. TMS verifies that the user at the remote node is a Dial VPN user. If the domain portion of the username exists in the TMS database, ACP increases the number of current users by one and sends a Grant message to the Remote Annex.

  • Page 38: Tunnel Management In A Radius-Only Network

    If so, TMS sends a Grant message to indicate that the user is a Dial VPN user. The Grant message contains the tunnel addressing information. BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 39: Dynamically Allocating Ip Addresses

    Interoperation with standard DHCP servers • Use of both primary and secondary DHCP servers • DHCP leases with as many servers as there are tunnels • Both Dial VPN (tunneled) and non-tunneled users 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 40: How Dhcp Works

    (ACK) if the request is successful. The gateway then sends the MIP DAA response back to the NAS, and the rest of the negotiation proceeds as usual. Figure 2-3 shows the entire process. BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 41 Figure 2-3. DHCP Operational Timeline 115623B Rev. 00 Gateway Auth Req Auth Resp w/info MIP DAA request MIP DAA response Open Communication BayStream Multiservice Software Version 7.2 RADIUS Accounting DHCP Server Server Server Acct Start Acct Response DHCP discover/ request...

  • Page 42: Using Radius For Dynamic Ip Address Allocation

    GRE-encapsulated packets. The process involves the following steps. A user at a remote node dials the phone number of a Dial VPN service provider. The user also enters user information, as required by the connection process. 2-10 BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 43 If the request is not a tunnel candidate, the NAS uses local (instead of remote) authentication. The NAS receives the remote node’s address, the source of which depends on the type of authentication and the type of IP address allocation. 115623B Rev. 00 BayStream Multiservice Software Version 7.2 2-11...
  • Page 44 When authentication and address allocation are complete, the NAS starts sending packets from the remote node to the gateway via the newly created tunnel. 2-12 BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 45: A Day In The Life Of A Packet

    As the packet moves from the remote node to the home network, different pieces of the Dial VPN network must encapsulate (add) and decapsulate (strip off) the protocol-specific envelope around the data packet. 115623B Rev. 00 Figure 2-4 shows the process. BayStream Multiservice Software Version 7.2 2-13...
  • Page 46 Tunnel ID Data Type Gateway Frame Relay packet Address Control Information Data Opening Closing Flag Flag CPE Router Data packet moves onto home network DVS0003A Figure 2-4. Packet Encapsulation and Decapsulation Process 2-14 BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 47: How A Packet Moves Through A Dial Vpn Network

    GRE packet. Note: The checksum, control, tunnel flag, and version fields should be set to zero. The gateway decapsulates the GRE packet information and puts the data into a frame relay packet. 115623B Rev. 00 BayStream Multiservice Software Version 7.2 2-15...

  • Page 48: How A Packet Returns To The Remote Node

    Figure 2-5 shows a simplified view of how a data packet moves from the home network to a user at a remote node through an erpcd-based network. 2-16 BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 49 The gateway decapsulates the Frame Relay information and then encapsulates the data with GRE information. The gateway sends the GRE packet to the care of address. BayStream Multiservice Software Version 7.2 Frame Relay connection Customer "Home"...

  • Page 50: When Does Dial Vpn Tear Down The Tunnel

    When a new logging connection opens, TMS decrements the 2-18 BayDVS service provider's network Gateway Tunnel RADIUS client Static route BayStream Multiservice Software Version 7.2 1.1.1.2 Adjacent host/ 3.1.1.0 next hop Home/ corporate LAN DLCI = 101 1.1.1.1 Frame Relay Static route 2.2.21...
  • Page 51 file or add a NAS to the TMS database, TMS generates a syslog message and the user cannot make a connection to the NAS. 115623B Rev. 00 BayStream Multiservice Software Version 7.2 2-19...

  • Page 53: Setting Up A Dial Vpn Network

    Plan the network. • Install and connect the hardware. • Install and configure the software. • Verify that the elements outside the Dial VPN network, specifically the remote RADIUS server, the CPE, and the remote dial-in nodes, are properly configured.

  • Page 54: Where To Find Hardware Installation Information

    Troubleshooting other BayStream problems Troubleshooting and Testing Installing the Remote Annex or Remote Access Concentrator and adding or replacing hardware Overview of Remote Annex or Remote Access Concentrator software and startup options Starting a Remote Annex or Remote Access Concentrator Configuring a Remote Annex or Remote...

  • Page 55: Additional Configuration Considerations

    Refer to the installation instructions in the hardware installation guide for the specific Remote Annex or Remote Access Concentrator being installed. Additional Configuration Considerations You must also load the boot image software and configure the: • Modem ports •...

  • Page 56: Configuring The Dial Vpn Network Software

    Interface describes the Quick-Start procedure in detail. Configuring the Dial VPN Network Software You install the software and configure each of the Dial VPN software components separately: • Install and configure the software on the Remote Annex or Remote Access Concentrator.

  • Page 57: Configuring Local Authentication Using The Acp

    The first 8 hexadecimal digits represent the IPX network address; the last 12 hexadecimal digits represent the IPX node address. 115623B Rev. 00 utility. The acp_password file uses the same format as the 128.128.129.181<---- IP Address 013ABC0:~<---- IP Network Address BayStream Multiservice Software Version 7.2 <path> /acp_passwd...
  • Page 58 For a complete description of ACP security, refer to the following documentation: • Remote Annex Administrator’s Guide for UNIX • Remote Annex 6300 Supplement to the Remote Annex Administrator’s Guide for UNIX. • Managing Remote Access Concentrators Using Command Line Interfaces. BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 59: Configuring The Remote Annex

    PC in terminal emulation mode or an ASCII terminal to the console port of the device. 115623B Rev. 00 Configuring the Remote Annex Where to Find Configuration Information BayStream Multiservice Software Version 7.2 Chapter 4 Table 4-1. Refer to this document Appendix C, “Using Quick2Config and...

  • Page 60: Installing And Configuring The Annex Software

    Remote Access Concentrator) gets its operational code by downloading it over the network from (among other sources) a UNIX host that runs Annex file server software. The Annex boots each time it is powered up and whenever it receives a image by setting the preferred load host.
  • Page 61 PPP access and use of ACP . For information on BSAC security, refer to the auth_server . For Remote Annex models 6100/5391and 6300/5393, and for admin BayStream Multiservice Software Version 7.2 command along with the set port parameter ppp_sec_protocol...
  • Page 62 # This could be chap, pap, or pap-chap. prompt: admin BayStream Multiservice Software Version 7.2 command on the modem -l 115623B Rev. 00...
  • Page 63 # number. If all data calls will be V.120, for example, and never sync PPP, # such a distinction is unnecessary. 115623B Rev. 00 and answer reset port BayStream Multiservice Software Version 7.2 to the question on whether command. stats -o...
  • Page 64 Command Line Interfaces for information on these functions. Refer to your UNIX system documentation for how to perform these tasks for applications running under UNIX. The erpcd utility uses the auth facility. BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 65: Loading Software And Booting The Annex

    Remote Annex (which already has an image loaded into it). Refer to the readme file in the setup subdirectory of the Annex Host Tools install directory for a complete description of how to install Annex software. In this example, the IP address of the preferred load host is 132.245.44.80. Bold text signifies your entries:...

  • Page 66: Configuring Active Rip

    The gateway is configured to handle the same type of RIP updates. parameter specifies the name of the image file that contains the command. The Annex automatically adds this gateway to its routing rip_sub_advertise , (the default) BayStream Multiservice Software Version 7.2 parameter load_dump_gateway parameter on the Remote 115623B Rev. 00...

  • Page 67: Configuring The Annex To Advertise Rip 1 And/Or Rip 2 Updates

    115623B Rev. 00 is set to compatibility, which is the default. It also assumes the parameter to 1, as shown in the following example: for the boot command. BayStream Multiservice Software Version 7.2 mode to set the admin...

  • Page 69: Configuring Tms For An Erpcd -Based Network

    Which servers authenticate dial-in users • Where the other endpoint of the tunnel is (given that the NAS is the first endpoint) 115623B Rev. 00 RADIUS.” In both of these methods, the TMS BayStream Multiservice Software Version 7.2 Chapter 5 Chapter 6,...

  • Page 70: Managing Tms Using The Tms Default Database

    <domain> <dnis> te=<ip addr of the gateway>\ maxu=<maximum count of users> [hwtype=fr\ [hwaddr=<hardware link address from home agent to CPE>\ hwalen=<len of hardware link address>]]\ value is 256, and the BayStream Multiservice Software Version 7.2 takey takey value is a 128-bit 115623B Rev. 00...
  • Page 71 (tunnel endpoint) parameter required in the current version has taken over its function. Table 5-1 lists the tunnel management ( tms_dbm ) commands, and Table 5-2 lists the options/ranges for each of the TMS command elements. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 72: Using Tunnel Management Commands

    Changes the database key associated with an existing entry, and retains all of the parameter values for the entry. Returns an error if no matching entry exists. BayStream Multiservice Software Version 7.2 , followed by a blank tms_dbm constitute the actual tunnel 115623B Rev.

  • Page 73: Command Arguments

    Displays the specified database information; returns an error if no matching entry exists. return an error if the entry is not found. help Table 5-2 describes each of the arguments. Any argument command. help BayStream Multiservice Software Version 7.2 (continued) Table 5-2, the command show...

  • Page 74: Table 5-2. Tms_Dbm Command Arguments

    IP address of the frame relay port on the gateway in which the home agent (ha) resides. The address 0.0.0.0 is not valid. BayStream Multiservice Software Version 7.2 Used with These Commands Required for all but help, for which it is optional.
  • Page 75 1 byte. If hwaddr is 400, hwalen is 2 bytes. Unless the actual hwaddr length requires it, you should accept the default length, 1 byte. BayStream Multiservice Software Version 7.2 Used with These Commands Required for add and modify. Not used for other commands.
  • Page 76 Specifies the IP address of the primary dynamic address assignment server. This is usually the address of the RADIUS server on the corporate (destination) network. BayStream Multiservice Software Version 7.2 Used with These Commands Required for add and modify. Not used for other commands.
  • Page 77 Specify DHCP to enable dynamic allocation or none to disable it. If you specify this protocol, you must also specify a primary server. BayStream Multiservice Software Version 7.2 Used with These Commands Optional for add and modify. Not used for other commands.
  • Page 78 LAC and the LNS. It can be up to 16 characters long. Setting the password to ““ (null) disables password protection. BayStream Multiservice Software Version 7.2 Used with These Commands spi is optional for add and modify. Not used for other commands.

  • Page 79: Alternatives To The Default Database

    An error is returned if the entry is not found, but it is not an error to clear an already cleared entry. BayStream Multiservice Software Version 7.2 Used with These Commands show requires exactly one of these arguments, along with domain and dnis.

  • Page 80: Tms System Log (Syslog) Messages

    file, syslog. These messages are interspersed with other syslog messages in chronological order of occurrence. TMS on an erpcd-based network uses the auth facility. For the complete list of syslog messages, refer to Appendix B, “Syslog 5-12 Messages.” BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 81: Configuring Tms Using Local Radius

    BSAC RADIUS server on the home network. The home network retains the authentication information, providing an extra measure of security Figure 6-1 shows an example of such a network. 115623B Rev. 00 Chapter BayStream Multiservice Software Version 7.2 Chapter 6...
  • Page 82 RADIUS attributes it receives in the access acceptance message. Service provider network Gateway Tunnel RADIUS Client Tunnel management server /Service provider RADIUS server BayStream Multiservice Software Version 7.2 Frame Relay connection Customer "Home" network User router data Customer RADIUS server DVS0011A 115623B Rev.

  • Page 83: Tunnel Negotiation Message Sequence

    Access-Reject message to the NAS. Note: The user session’s authorization information flows from the remote customer RADIUS return message. The local tunnel client does not have the validated user identification until after the tunnel is formed. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...
  • Page 84 MIP auth resp w/info MIP registration req MIP registration resp Acct-req (start) Acct-resp Open Communication MIP terminate msg MIP terminate response Acct-req (stop) Acct-resp BayStream Multiservice Software Version 7.2 Customer RADIUS Customer Server System Access req Auth resp w/info Acct-req (start) Acct-resp...

  • Page 85: Handling Access Messages

    The user session’s authorization information flows from the customer RADIUS server return message. The local tunnel client does not have the validated user indentification until after the tunnel is formed. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 86: Service Provider Accounting Messages

    A unique identifier generated on each end of the session to identify this particular user tunnel session. Typically, this is a numeric string encoding a tunnel identifier and/or sequence number. BayStream Multiservice Software Version 7.2 (continued) 115623B Rev. 00...

  • Page 87: Gateway Accounting Messages

    Typically, this is a numeric string encoding a tunnel identifier and/or sequence number. Connect time, bytes, messages in, messages out Table 6-2 summarizes the messages that the gateway sends to the BayStream Multiservice Software Version 7.2 (continued)

  • Page 88: Radius Attributes That Support Tunneling

    A unique identifier generated on each end of the session to identify this particular user tunnel session. Typically, this is a numeric string encoding a tunnel identifier and/or sequence number. Table 6-3 summarizes the general tunneling attributes. BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 89: Managing The Tms Default Database

    A unique identifier generated on each end of the session to identify this particular user tunnel session. Typically, this is a numeric string encoding a tunnel identifier and/or sequence number. Connect time, bytes, messages in, messages out. Chapter 5, “Configuring TMS for an erpcd-based BayStream Multiservice Software Version 7.2...

  • Page 90: Tms Parameters For Erpcd -Based And Radius-Only Tunnels

    146.146.146.2 pacct, sacct 146.146.146.2 addrp dhcp BayStream Multiservice Software Version 7.2 Notes ID should be unique to the tunnel definition. BSAC properly recognizes the hard- ware address in various hex lengths or in decimal. For multiple servers, use the format IPaddr1, IPaddr2.

  • Page 91: Tms System Log (Syslog) Messages

    <no TMS equivalent> <no TMS equivalent> <no TMS equivalent> Appendix B, “Syslog BayStream Multiservice Software Version 7.2 Notes -- For multiple servers, use the format IPaddr1, IPaddr2 -- If Annex-User-Server-Location is local, Annex-Addr-Resolution-Servers should be locally available (same network as the BSAC server).

  • Page 93: Configuring The Gateway

    At a UNIX workstation or an IBM-compatible PC serving as a management console you can use Site Manager to create a local or dynamic configuration file to configure the software for the gateway. Note: You can dynamically configure the gateway, then save the configuration file, or you can alter or create a configuration file and boot the gateway from it.
  • Page 94 SPI/key combination set in the TMS. The keys on both the gateway and the TMS specify the most-significant bit (that is, bit 127) first. Accept the default Authentication Type, MD5, and click on Done. BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 95 Specify the Primary Secret parameter. The gateway and the RADIUS server must each be configured with the same secret. Accept the default values for all the other parameters on this window, then click on Done. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...
  • Page 96 Note: There can be only one RADIUS proxy client per slot, and the slot must contain synchronous ports configured as frame relay. Only one home agent can be configured per frame relay interface. BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 97: Configuring Ipx As The Routing Protocol

    • An ASN router on the remote user’s home (CPE) network. • A PC running LINUX and the BaySecure Access Control (BSAC) software on the home network. This serves as the RADIUS server. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...
  • Page 98 1. Adjacent host=10.200.0.2 DLCI=100 2. Static Routes destination address 192.168.1.1 next hop 10.200.0.2 mask 255.255.255.0 CPE Router BayStream Multiservice Software Version 7.2 Site Manager PC Bench 7 10.250.20.2 LINTBALL/Radius Server Bench 7 TCP/IP address 10.250.20.3 Framed IPX Network= 00.171.205.239 Radius Secret: veggies Mr.

  • Page 99: Setting Up Dial Vpn To Use Ipx

    On the Configuration tab, click Dial-up Adapter in the window that displays the network components that are installed. Click the Properties button. This displays the Dial-Up Adapter Properties window. 115623B Rev. 00 Figure 8-1, but you can readily adapt the procedures for your BayStream Multiservice Software Version 7.2...

  • Page 100: Configuring The Network Access Server For Ipx

    NAS as an endpoint node on an IPX network. The dial-in user can also simultaneously run TCP/IP over the same dial-up connection. Network access support of IPX is a software-keyed feature that can be added to a basic unit or that is included with the Enterprise Feature Set. The first step in configuring the NAS is to ensure that the IPX option key is turned on.

  • Page 101: Configuring Ipx On The Cpe Router With Site Manager

    To enable IPX, you must enter this software option key, then reboot the NAS to activate the newly entered key. Software option keys cannot be activated with the command. reset The annex show port ppp one screen. Make sure that the The following example shows the output of this command, with the parameter value highlighted.
  • Page 102 Ethernet interface for this circuit, so Novell Encapsulation Terminology Ethernet_II Ethernet_802.2 Ethernet_802.3 Ethernet_SNAP Token Ring Token Ring_SNAP FDDI_802.2 FDDI_SNAP Frame_Relay_SNAP BayStream Multiservice Software Version 7.2 Figure 8-1. Bay Networks Encapsulation Terminology Ethernet LSAP Novell SNAP LSAP SNAP LSAP...

  • Page 103: Configuring The Cpe Router Frame Relay Connection With Ipx

    Enter your Novell Configured Network Number in hexadecimal format, then make sure that the Configured Encapsulation parameter is correctly set for that interface and click OK. This completes the CPE router Ethernet and Serial interface configuration for IPX. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 104: Configuring Standards-Based Ipx (Ipxcp)

    Windows 95 accessory Calculator in scientific mode to do the hexadecimal-to-dotted-decimal conversion. The edited file with the IPX Network entry (shown in bold) added looks like the following example: radish Password=”turnip“ User-Service-Type=Framed-User, Framed-Protocol=PPP, Framed-Address=10.251.0.1, Framed-Netmask=255.255.255.0 Framed-IPX-Network=00.171.205.239, Framed MTU=1500 BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 105 Note: To determine the value for the ipx_frame_type at the Novell server, you can examine the AUTOEXEC.NCF file or issue the Novell console command . The Novell command lets you set all of the options. PROTOCOL loadinstall 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 107: Requirements Outside The Dial Vpn Network

    BaySecure Access Control (BSAC) is the remote RADIUS server software that supports Dial VPN. The RADIUS server and the RADIUS client on the gateway must share the same primary secret.

  • Page 108: Configuring A Static Route And An Adjacent Host

    Static Route Between the CPE Router and the Gateway BayDVS service provider's network Gateway Tunnel RADIUS client 10.3.0.1 Static route BayStream Multiservice Software Version 7.2 1.1.1.2 3.2.1.0 Adjacent host/ Home/ next hop corporate LAN DLCI = 101 1.1.1.1 Frame Relay...

  • Page 109: Configuring A Bay Networks Cpe Router Using Site Manager

    file name as “config”. With dynamic mode, the Site Manager workstation polls the router for its correct hardware configuration information, instead of building the physical layout manually, as in local mode. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 110: Configuring The Adjacent Host And Static Routes

    The second static route entry goes back to the Dial VPN gateway, so that the RADIUS server on the CPE network can forward the authentication requests back to the RADIUS client on the gateway. BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 111 CPE platform for a full description of the configuration parameters and their values. 115623B Rev. 00 Network Mask 255.255.255.0 Network Mask 255.255.255.0 BayStream Multiservice Software Version 7.2 Next Hop MAC Address (Adjacent Host) (DLCI) 1.1.1.2 DLCI...

  • Page 112: Configuring An Adjacent Host Between The Cpe And The Gateway

    Dial VPN gateway. The default is 1. • Specify the IP address (in dotted decimal notation) of the next-hop router (the adjacent host) in the packet’s path between the CPE router and the Dial VPN gateway (required). BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 113: Configuring The Cpe Frame Relay Circuit With Site Manager

    RADIUS client on the gateway and one to the remote node’s “supernet” that services all the remote nodes in the same user community. In addition, for Bay Networks routers, you must configure an adjacent host as the next hop for the return messages. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 114: Installing And Configuring Bsac On The Home Network

    NAS. If a specific make/model is not listed, use Standard Radius From the Users dialog box, identify each of the users or groups of users that are permitted to dial in to the NAS, and set up their attributes. BayStream Multiservice Software Version 7.2 radius 115623B Rev. 00...

  • Page 115: Managing A Dial Vpn Network

    Managing a Dial VPN network consists mainly in managing its elements, in particular the BayStream platform and its software, the Remote Annex and its software, and the TMS. This chapter summarizes the most general management procedures. For details on specific procedures for Dial VPN components, refer to: •...

  • Page 116: Enabling And Activating Dial Vpn

    RADIUS server also assigns an IP address for the user. 7. The RADIUS client sends a Mobile IP authentication reply to the NAS. Assuming that this is a legitimate tunnel user, the authentication process continues. Otherwise, the connection terminates. 10-2 BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 117: How Dynamic Ip Addressing Works

    RADIUS server receives the request and returns a response to the client that it has successfully received the request. The RADIUS accounting server can also act as a client to other kinds of accounting servers. 115623B Rev. 00 BayStream Multiservice Software Version 7.2 10-3...
  • Page 118 Session-ID. Figure 10-1 shows the sequence of events in dynamic IP address management. 10-4 BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 119 The client sends that information to the RADIUS 115623B Rev. 00 Gateway Auth Req Auth Resp w/info MIP DAA request DHCP discover/ request DHCP response/ack MIP DAA response Open Communiction BayStream Multiservice Software Version 7.2 RADIUS Accounting DHCP Server Server Server Acct Start Acct Stop Addr Rel...

  • Page 120: Upgrading And Changing Your Dial Vpn Network

    Chapters 5 and 6. Removing Dial VPN from Your Network Dial VPN is an integral part of both the Remote Annex software and the BayStream software, so you actually have Dial VPN installed on your system as long as you have both of these software entities installed.

  • Page 121: Troubleshooting

    BaySecure Access Control Administration Guide for your particular operating system • The documentation associated with the router software you are using What’s in This Chapter This chapter summarizes troubleshooting information from a variety of sources. For detailed information, refer to the previously noted documentation, in particular, the BayStream manual, Troubleshooting and Testing.

  • Page 122: Preventing Problems

    Minimize disruption when installing new software. When installing or upgrading software or using a new feature for the first time, test it at a time or on a node that minimizes disruption to the network. After verifying the change, make the change and verify it on one node at a time in the network.
  • Page 123 Call the Bay Networks Technical Solutions Center if a Technician Interface If you reboot after a must reinsert new programmable, read-only memory (PROM) chips on the board and rewrite the PROM software to them before the BayStream platform can recover. 115623B Rev. 00 prom command fails.

  • Page 124: Preparing To Troubleshoot

    This section poses the initial questions you should answer to narrow the cause of a problem. Your answers may lead you to such topics as the operation of the BayStream platform, the BayStream software, the Remote Annex platform, the physical layer, the data link layer, or the network layer. Subsequent sections provide instructions on how to further isolate and solve problems.
  • Page 125 • A software anomaly Check the Release Notes and Known Anomalies for the software you are using for possible solutions to your problem. 115623B Rev. 00 BayStream Multiservice Software Version 7.2...
  • Page 126 Troubleshooting and Testing . Refer to the chapter on troubleshooting a data link connection in the BayStream guide Troubleshooting and Testing for detailed diagnostic procedures and responses. BayStream Multiservice Software Version 7.2 Table 11-1 lists (continued) 115623B Rev. 00...
  • Page 127 BayStream guide Troubleshooting and Testing . Try to determine which device is the origin of the problem. BayStream Multiservice Software Version 7.2 (continued) module is working, and if not, what is the current state and why it is that way.

  • Page 128: Using The System Logs (Syslogs) To Diagnose Problems

    Events Manager tool’s option File > Get Current File. You can also use the Technician Interface or Events Manager to filter the display of events messages; for example, by the severity of the event messages, the software entity reporting them, and the number of the slot from which the entity reported them.

  • Page 129: Getting A Snapshot Of The Current Status

    The BayStream processor maintains its own log file in local memory for each slot. Software entities (such as IP) log messages when various events occur. You can display the messages from all slots as a single file, with events sorted by date in descending order (most recent events first).
  • Page 130 You can access the statistical values in the MIB by using the following options in the Tools menu of the Statistics Manager window: 11-10 command and the message “object does not exist” appears, BayStream Multiservice Software Version 7.2 save log <filename> command. The 115623B Rev. 00...
  • Page 131 ) - The connection protocol. Proto State ) - The state of the tunnel. Possible values are home address ha address BayStream Multiservice Software Version 7.2 command. netstat -T to review the netstat -T ) - The protocol-specific address ) - The IP address of the home agent that...
  • Page 132 Remote netstat -s netstat command is available from the Site Manager Administration menu. ping command, the BayStream software, not the Site BayStream Multiservice Software Version 7.2 ) - The address of the wan address command and the resulting display :...
  • Page 133 Use the Statistics Manager Screen Manager tool to add the routing tables in the Default Screen List window to the Current Screen List window. 115623B Rev. 00 command yields the response “Target does not respond,” the command. ping BayStream Multiservice Software Version 7.2 11-13...
  • Page 134 A map of your network configuration is another useful resource to have available for troubleshooting. Include information about the hardware, the software, and the cables you are using. When troubleshooting a problem, compare the next hop on the network map to that of the forwarding table associated with the problem protocol.

  • Page 135: Troubleshooting Specific Protocols

    No response from the target device • UNIX workstation generating core dumps • Inability to find a file, a UDP port number for SNMP, or a valid working directory or path 115623B Rev. 00 BayStream Multiservice Software Version 7.2 11-15...

  • Page 136: Troubleshooting Remote Annex Problems

    Many problems that occur after an Annex is running are due to improper configuration of the Annex or a host. If you appear to have a problem with Remote Annex software, refer to the Remote Annex Administrator’s Guide for UNIX, the Remote Annex 6300 supplement to the Remote Annex Administrator’s Guide for UNIX, or Managing Remote Access...

  • Page 137: Table 11-2. Remote Annex Troubleshooting Chart

    BayStream Multiservice Software Version 7.2 Action If any of these situations occurs, do the following: • Make sure that the Annex port parameters are set correctly. •...
  • Page 138 Some RWHO daemons, however, do forward RWHO packets. 11-18 is set to BayStream Multiservice Software Version 7.2 (continued) Action If you expect to see a host in the hosts display, and it does not appear, wait several minutes and then reissue the...
  • Page 139 115623B Rev. 00 rlogin telnet command display. This problem is rlogin telnet command is BayStream Multiservice Software Version 7.2 (continued) Action Update the /etc/ttys file to contain the proper number of pseudo-terminals as indicated by the actual device entries in /dev .
  • Page 140 ? Issue the CLI stats –o command to verify that active RIP is enabled. correctly? running? BayStream Multiservice Software Version 7.2 (continued) Action Use the following CLI commands to obtain information about IP routing on your network. • To display the contents of the Annex routing table, use netstat –r...
  • Page 141 (the default)? If not, are the correct network destination addresses being included or excluded via rip_accept BayStream Multiservice Software Version 7.2 (continued) Action Verify the configured IP subnet addresses and subnet masks for the Annex and the SLIP and PPP ports.

  • Page 142: Tracing A Packet's Path At The Remote Annex

    RIP running on your network? ping -t (traceroute) superuser command at the Remote Annex BayStream Multiservice Software Version 7.2 (continued) Action Verify the configured Annex broadcast address. Verify the configured IP subnet addresses and subnet masks for the Annex and the SLIP and PPP ports.
  • Page 143 field. shows a sample network topology used in the examples that follow. 135.254.99.2 Router 1 132.254.99.3 Network Topology for ping -t Examples BayStream Multiservice Software Version 7.2 displays a zero in this field. ping –t 135.254.3.3.3 135.254.3.3.4 Router 2 destination ping –t...

  • Page 144: Troubleshooting Tunnel Problems

    Dial VPN logs the message to the syslog. Appendix B lists the syslog messages. 11-24 Figure 11-1, the command destination and back: Hops Speed (b/s) MTU 19200 10000000 19200 10000000 Hops Speed (b/s) MTU 19200 BayStream Multiservice Software Version 7.2 1024 1500 1024 1500 1024 115623B Rev. 00...
  • Page 145 It is therefore vulnerable to corruption if it is shared across TMS servers. To troubleshoot TMS database errors, refer to Chapter 5, which contains a complete list of the commands, arguments, and meanings. tms_dbm 115623B Rev. 00 BayStream Multiservice Software Version 7.2 11-25...

  • Page 147: Additional Planning Information

    Number of the connector (port) providing the initial IP network interface. Example: 1. XCVR1 Circuit Information Enter the number of the circuit name. Example: 1. E21 115623B Rev. 00 Additional Planning Information BayStream Multiservice Software Version 7.2 Appendix A (Table A-1) that Your Information (continued)

  • Page 148: Table A-1. Network Information Worksheet

    Should RIP listen to the default route to the network or subnet where Site Manager is located? Example: Yes OSPF Configuration Information OSPF Router IP Address. Example: 192.32.156.7 OSPF Area Address. Example: 0.0.0.0 Enable Simple Password Authentication? Example: No (continued) BayStream Multiservice Software Version 7.2 Your Information (continued) 115623B Rev. 00...
  • Page 149 Destination network mask. Example: 255.255.255.0 Next-hop address that is in the same subnet as the initial IP interface. Example: 192.32.4.99 Miscellaneous Information Set SNMP Community Management? Example: No 115623B Rev. 00 (continued) BayStream Multiservice Software Version 7.2 Your Information (continued)
  • Page 150 Example: 2 Enable TELNET? Example: No Site Manager Workstation Information IP address of the workstation on which the Site Manager software will be installed. This information is requested when the installation is tested at the end of the procedure. Example: 192.32.10.12...
  • Page 151 Remote peer PAP password. Example: RPWD Enable PAP Fallback? Example: Yes Enable Link Quality Reporting (LQR) protocol? Example: Yes Enable use of remote peer’s LQR timer? Example: Yes 115623B Rev. 00 (continued) BayStream Multiservice Software Version 7.2 Your Information (continued)
  • Page 152 (To enable SMDS on a synchronous connector on this initial IP interface) Enable SMDS on the interface? Example: Yes Individual address. Example: C1617555433FFFF Group address. Example: E16175556667FFFF ARP address. Example: E16175550000FFF (continued) BayStream Multiservice Software Version 7.2 Your Information 115623B Rev. 00...

  • Page 153: Appendix B Syslog Messages

    >:DVS:user authentication succeeded ppp:< port# >:DVS:tunnel registered with < gateway_addr > 115623B Rev. 00 Table B-1. BayStream Multiservice Software Version 7.2 Appendix B Syslog Messages Meaning The user has been identified as a tunnel user, and authentication is being requested.

  • Page 154: Table B-1. Remote Annex Syslog Messages Relevant To Dial Vpn

    < gateway_addr >: < reason > ppp:< port# >:ipcp:configuration error; IPCP disabled ppp:< port# >:ipcp:configuration error; IPXCP disabled ppp:< port# >:DVS:configuration error; IPCP & IPXCP disabled BayStream Multiservice Software Version 7.2 (continued) Meaning The <reason> values for error syslog messages have the following meanings: •...

  • Page 155: Tms Syslog Messages

    PPP, Dial VPN authenticates the user and creates the Dial VPN tunnels. Because this activity takes place during authentication, Dial VPN reports any user authentication or tunnel creation errors as a password or username error. 115623B Rev. 00 BayStream Multiservice Software Version 7.2 (continued) Meaning An error occurred during the tunnel registration.

  • Page 156: Table B-2. Tms Syslog Messages

    < domain/DNIS > Alert tms: could not read database Alert tms: TMS database not found BayStream Multiservice Software Version 7.2 Meaning The request message from the indicated NAS could not be parsed. This probably indicates incompatible NAS and erpcd versions.
  • Page 157 Information tms: decrementing user counts for RAS < NAS_IP_address > 115623B Rev. 00 (continued) BayStream Multiservice Software Version 7.2 Meaning This is a serious problem indicating that the database file containing the list of NASs (RASs) and user counts for one of the domain/DNIS pairs is missing.
  • Page 158 Alert tms: could not update database Notice tms: lock was broken for < domain/DNIS > (continued) BayStream Multiservice Software Version 7.2 Meaning This message indicates a correction, not a problem. A user who was tunneled to the indicated domain/DNIS pair...
  • Page 159 >:ipcp:configuration error; IPXCP disabled ppp:< port# >:DVS:configuration error; IPCP & IPXCP disabled 115623B Rev. 00 (continued) BayStream Multiservice Software Version 7.2 Meaning The < reason > values for error syslog messages have the following meanings: • The target IP address is incorrect, or the target host is down.
  • Page 160 < Annex_IP_Addr >:< id >:< port# >:< date >: < time >:DVS:tunnel:acct:< pkts_in >:< pkts_out >: < bytes_in >:< bytes_out >:< username > (continued) BayStream Multiservice Software Version 7.2 Meaning An error occurred during the tunnel registration. An error occurred during the tunnel renewal phase.
  • Page 161 Syslog Messages 115623B Rev. 00 BayStream Multiservice Software Version 7.2...

  • Page 162: Using Quick2Config And Annex Manager

    If you use UNIX, refer to the Annex Manager User’s Guide for details about managing a Remote Annex. Installing and Configuring the Remote Annex Software This section is an overview of the installation and configuration process, highlighting areas of particular concern.
  • Page 163 Remote Annex. Boot the Annex software (standard installation). Dial VPN uses the standard default installation parameter settings. Refer to the hardware installation guide for your Remote Annex device for information on powerup and boot procedures.

  • Page 164: Table C-1. Configuring Dial-In Ports/Quick2Config Annex

    Incoming Ports with Modems Incoming Ports without Modems Set PPP Security Protocol. Set the modem type. Set the direction and mode. BayStream Multiservice Software Version 7.2 (continued) Value/Result Select the appropriate modem type from the list. This automatically sets the flow control and control lines.
  • Page 165 Setting Remote Annex Options Actions 1. On the Software Options Annex tab, enter the option key in the Option Key field. 2. Click on Apply to accept this setting. 1. On the General Setup (continued) window, enter the option key in the Option Key field.

  • Page 166: Table C-4. Enabling System Logging

    3. Click on More to display the General Setup (continued) window. 4. Enter the IP address of the host to maintain the system log. 5. Click on Apply to accept these changes. BayStream Multiservice Software Version 7.2 115623B Rev. 00...

  • Page 167: Loading Software And Booting The Remote Annex

    Loading Software and Booting the Remote Annex The Annex gets its operational code by downloading it over the network from (among other sources) a UNIX host that runs Annex file server software. The Annex boots each time it is powered up and whenever it receives a command.

  • Page 168: Authenticating Incoming Rip 2 Updates And Requests

    2. Select Option 2 3. Click on Apply to accept this setting. parameter to a password containing 1 to 16 characters. Annex,” describes in detail and gives examples of how BayStream Multiservice Software Version 7.2 Table C-5. Accept RIP Version menu.
  • Page 169 Authentication Annex accepts the message if the passwords match; otherwise, the Annex discards the message. Annex discards the message. BayStream Multiservice Software Version 7.2 parameter set to the default both provides only rip_auth parameter. rip_auth Table C-6 shows the conditions...

  • Page 170: Configuring The Annex To Advertise Rip Updates

    RIP 1 and RIP 2 updates. rip_sub_advertise parameter is set to compatibility, which is the default. It also BayStream Multiservice Software Version 7.2 parameter on the Remote 115623B Rev. 00...

  • Page 171: Table C-7. Configuring The Annex To Advertise Rip Packets

    3. Click on Apply to accept this setting. 1. Display the IP Setup window. 2. Select Option 1 (broadcast address) from the Send RIP Version menu. 3. Click on Apply to accept this setting. BayStream Multiservice Software Version 7.2 Table C-7. C-10...

  • Page 172: Baystream Multiservice Software Version

    Configuring and Troubleshooting Bay Dial VPN Services C-11 BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 173 Access Control Bay Networks software utility that provides a wide range of security features Protocol (ACP) to Annex, Remote Annex, and Remote Access Concentrator users, including password authentication, dialback, in accord with user profiles, and access to third party authentication systems, such as Kerberos.
  • Page 174 The network access server uses this information to contact the RADIUS server on the home network. Glossary-2 those of another, for instance, between an IP network and a frame relay network. information and routing tables, now known as a router. network BayStream Multiservice Software Version 7.2 115623B Rev. 00...
  • Page 175 Internet Protocol (IP) Part of the TCP/IP suite of protocols defined in RFC 791. Describes the software responsible for routing packets and addressing devices. The standard is used for sending the basic unit of data, an IP datagram, through an internetwork.
  • Page 176 RADIUS server on the home/corporate network. The client is responsible for passing user information to the designated RADIUS server. Network Control Protocol. Software that manages the traffic between workstations and the host. In a LAN, it resides in the server, and manages requests from the workstation.
  • Page 177 A corporation that uses a transmission facility, telecommunications equipment, and network operation software to provide a telecommunications network as a commercial service. Corporations subscribe to this type of service to enable their mobile professionals and remote branch office employees to have access to the corporate or “home”...
  • Page 178 (PoP). With virtual private networks, a long-distance service provider, such as a telephone company, uses its own network resources and software to establish, operate, and maintain the entire “virtual” private network on behalf of the organization.
  • Page 179 5-2 local, 3-5 RADIUS, 1-7 authentication type, 7-2 authentication_protocol, TMS parameter, 5-9 115623B Rev. 00 BayStream Multiservice Software Version 7.2 authp, TMS parameter, 5-9 Backbone Node switch/routers, 1-2 backup copies, 11-3 Bay Networks Technical Solutions Center, 11-3, 11-9...
  • Page 180 TMS, 2-6, 5-1 troubleshooting errors, 11-25 decapsulation packet, 1-1 process, 2-14 default service record, 9-7 delete tms_dbm command, 5-4 Index-2 BayStream Multiservice Software Version 7.2 destination site, 3-3 diagnostic steps, 11-9 diags command, 11-9 Dial VPN configuration, 1-4 configuring for IPX, 8-3...
  • Page 181 Generic Routing Encapsulation ha, TMS parameter, 5-6 ha_addr, TMS parameter, 5-6 hangup command, 11-17 hardware installation, 3-2 115623B Rev. 00 BayStream Multiservice Software Version 7.2 hardware requirements, 3-1 help tms_dbm command, 5-4 home agent, 7-2 home network, 1-1, 5-1 host,...
  • Page 182 5-4 NAS, 1-5 NAS, network access server, 1-1 netstat - s command, 11-12 netstat -T command, 11-11 Index-4 BayStream Multiservice Software Version 7.2 NetWare network, 8-1 NetWare server, 9-8 network changing, 10-6 configuration map, 11-14 how it...
  • Page 183 RADIUS, 2-11 PSTN, 1-5 public-switched telephone network (PSTN), 1-5 PVC, 1-3, 9-7 Quick Get statistics tool, 11-11 115623B Rev. 00 BayStream Multiservice Software Version 7.2 Quick-Start installation script procedure, 3-3 RADIUS, 1-2 authentication client, 1-5, 1-7, 9-1 client on gateway, 7-3...
  • Page 184 5-9 secret, primary, 9-1 security access rights for dial-in, 3-3 Index-6 BayStream Multiservice Software Version 7.2 ACP, 4-2, C-2 security parameter index security_protocol_index, TMS server ACP, 1-6, 3-1 NetWare or Windows RADIUS, 1-5, 1-7, 7-3, 9-1 TMS, 5-1...
  • Page 185 2-6 troubleshooting, 11-25 TMS syslog messages, B-4 tms_dbm command arguments, 5-6 tms_dbm commands, 5-4 115623B Rev. 00 BayStream Multiservice Software Version 7.2 tool, configuration, 11-2 traceroute facility (RFC 1493), 11-22 traffic asynchronous and synchronous, 1-5 congestion, 11-5 troubleshooting, 11-1...
  • Page 186 VT100 terminal emulation, 3-3 WAN, 3-1, 7-1 WAN worksheet information, A-4 command, 11-8 Windows NT-based server, 9-8 worksheet network planning, 1-7 troubleshooting, 11-4 wrong host address appears in host table 11-18 Index-8 BayStream Multiservice Software Version 7.2 message, 115623B Rev. 00...

This manual is also suitable for:

Remote annexBaydvsBay dial vpn

Table of Contents