H3C SECPATH F1000-S,SECPATH F1000-S HOST Installation Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Firewall
  5. H3C SECPATH F1000-S
  6. Installation manual

H3C SECPATH F1000-S,SECPATH F1000-S HOST Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
H3C SecPath F1000-S Firewall
Installation Manual
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Manual Version: T2-08044J-20070622-C-1.03

Advertisement

Table of Contents
loading

Related Manuals for H3C H3C SECPATH F1000-S,SECPATH F1000-S HOST

Summary of Contents for H3C H3C SECPATH F1000-S,SECPATH F1000-S HOST

  • Page 1 H3C SecPath F1000-S Firewall Installation Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-08044J-20070622-C-1.03...
  • Page 2 Copyright © 2006-2007, Hangzhou H3C Technologies Co., Ltd. and its licensors All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd. Trademarks H3C, , Aolynk,...

  • Page 3: About This Manual

    About This Manual Related Documentation In addition to this manual, each H3C SecPath Series Security Products documentation set includes the following: Manual Description It introduces the functional features, H3C SecPath Series Security Products principles and guide to configuration and Operation Manual operation for H3C SecPath Series Security Gateways/Firewalls.
  • Page 4 Chapter Contents Discusses system software 5 Software Maintenance maintenance, including software upgrade and configuration file loading. Introduces system hardware 6 Hardware Maintenance maintenance, including replacing DDR SDRAM. Lists common system failures and 7 Troubleshooting specific locating methods. Details appearance, panel and LEDs of the functional modules available on the 8.Multifunctional.Interface Modules SecPath F1000-S, as well as module...
  • Page 5 II. GUI conventions Convention Description Button names are inside angle brackets. For example, click < > <OK>. Window names, menu items, data table and field names are inside square brackets. For example, pop up the [New User] window. Multi-level menus are separated by forward slashes. For example, [File/Create/Folder].

  • Page 6: Table Of Contents

    Installation Manual H3C SecPath F1000-S Firewall Table of Contents Table of Contents Chapter 1 Product Overview ......................1-1 1.1 Brief Introduction........................ 1-1 1.2 Hardware Features ......................1-2 1.2.1 Appearance ......................1-2 1.2.2 System Description ....................1-2 1.2.3 LEDs........................1-3 1.2.4 Attributes of the Fixed Interfaces ................1-4 1.2.5 MIMs........................
  • Page 7 Installation Manual H3C SecPath F1000-S Firewall Table of Contents 4.2.2 Command Line Interface..................4-7 Chapter 5 Software Maintenance....................5-1 5.1 Introduction ........................5-1 5.1.1 Boot Menu ....................... 5-1 5.1.2 Upgrading the Application and Boot ROM Programs Using XModem....5-2 5.1.3 Backing up and Restoring the Extended Segment of the Boot ROM program..5-5 5.1.4 Upgrading an Application Program Using TFTP.............
  • Page 8 Installation Manual H3C SecPath F1000-S Firewall Table of Contents 8.6 1GEF/2GEF Module ......................8-12 8.6.1 Introduction......................8-12 8.6.2 Appearance ......................8-12 8.6.3 Interface Attributes ....................8-13 8.6.4 Panel and Interface LEDs ..................8-13 8.6.5 Interface Fiber Cable..................... 8-14 8.6.6 Connecting the Interface Fiber Cable ..............8-15 8.7 SSL Module ........................
  • Page 9 Installation Manual H3C SecPath F1000-S Firewall List of Figures List of Figures Figure 1-1 Front panel of the H3C SecPath F1000-S firewall ..........1-2 Figure 1-2 Rear panel of the H3C SecPath F1000-S firewall ..........1-2 Figure 3-1 Installation procedure ................... 3-1 Figure 3-2 Install the firewall in a rack ...................
  • Page 10 Installation Manual H3C SecPath F1000-S Firewall List of Figures Figure 8-9 Ethernet cable ...................... 8-6 Figure 8-10 Category-5 twisted-pair cable................8-7 Figure 8-11 1GBE module ..................... 8-9 Figure 8-12 2GBE module ..................... 8-9 Figure 8-13 1GBE module panel ..................8-10 Figure 8-14 2GBE module panel ..................
  • Page 11 Installation Manual H3C SecPath F1000-S Firewall List of Tables List of Tables Table 1-1 Technical specifications of the H3C SecPath F1000-S firewall......1-2 Table 1-2 LEDs on the front panel of the H3C SecPath F1000-S firewall ......1-3 Table 1-3 Attributes of the console port.................. 1-4 Table 1-4 Attributes of the AUX port ..................

  • Page 12: Chapter 1 Product Overview

    Installation Manual H3C SecPath F1000-S Firewall Chapter 1 Product Overview Chapter 1 Product Overview 1.1 Brief Introduction H3C SecPath F1000-S Firewall is a new-generation firewall intended for enterprise users. It can act as the egress firewall for small and medium businesses and internal firewall for large and medium enterprises.

  • Page 13: Hardware Features

    Installation Manual H3C SecPath F1000-S Firewall Chapter 1 Product Overview It supports active/standby switchover to protect current services against interruption, eliminating the defects of traditional networking solution, for example, VRRP networking solution. You can upgrade the application and Boot ROM programs on line to add features and extend functions.

  • Page 14: Leds

    Installation Manual H3C SecPath F1000-S Firewall Chapter 1 Product Overview Item Description Default: 512 MB DDR SDRAM Max: 1 GB Default: 16 MB Flash memory Max: 32 MB 44 × 436 × 430 mm (1.7 × 17.2 × 16.9 in.), excluding the Physical dimensions (H ×...

  • Page 15: Attributes Of The Fixed Interfaces

    Installation Manual H3C SecPath F1000-S Firewall Chapter 1 Product Overview Description System operating state LED: ON means the system is operating normally; OFF means the system is operating abnormally. Software running LED: Blinking means the software is operating normally; OFF means the software is faulty.

  • Page 16: Table 1-5 Attributes Of The Ge Electrical Interfaces

    Installation Manual H3C SecPath F1000-S Firewall Chapter 1 Product Overview III. Gigabit Ethernet (GE) Interface The H3C SecPath F1000-S firewall provides four fixed 10/100/1000 Mbps auto-sensing interfaces (with two electrical interfaces and two applicable to both optical and electrical modes). The electrical interface uses the RJ-45 connector and the optical interface uses the small form-factor pluggable (SFP) connector.

  • Page 17: Mims

    Installation Manual H3C SecPath F1000-S Firewall Chapter 1 Product Overview Description Multimo Single mode Ultra-long Attribute Long-haul Long-haul short-ha medium-ha haul (1550 (1310 nm) (1550 nm) ul (850 ul (1310 0.55 km 10 km (6.21 40 km 40 km 70 km transmission (0.34 mi) (24.86 mi)
  • Page 18 Installation Manual H3C SecPath F1000-S Firewall Chapter 1 Product Overview Security socket layer encryption module (SSL) For more information on the MIMs, see Chapter 8 “Multifunctional Interface Modules”.

  • Page 19: Chapter 2 Preparation For Installation

    Installation Manual H3C SecPath F1000-S Firewall Chapter 2 Preparation for Installation Chapter 2 Preparation for Installation 2.1 Site Requirements The H3C SecPath Series Firewalls must be used indoors. To guarantee the normal operation and long service life of your firewall, install it in an environment that can meet the requirements in the following sections.

  • Page 20: Esd Prevention

    Installation Manual H3C SecPath F1000-S Firewall Chapter 2 Preparation for Installation Table 2-2 Dust limit in the equipment room Substance Unit Content ≤ 3 X 10 Dust Particles/m³ (No visible dust on the table top for three days) Note: Diameter of a dust particle ≥ 5μm Besides the dust, there are rigorous limits on the harmful gases that can accelerate the erosion and aging of metals, such as salts, acids, and sulfides, as shown in Table 2-3.

  • Page 21: Lightning Protection

    Installation Manual H3C SecPath F1000-S Firewall Chapter 2 Preparation for Installation electromagnetic wave radiation, and common impedance (including the grounding system) coupling. To resist the interference, make sure to Take effective measures against the interference caused by the power supply grid. Use a grounding system or lightning protection grounding different from that for the power supply equipment and keep them as far as possible.

  • Page 22: Unpacking And Inspection

    Installation Manual H3C SecPath F1000-S Firewall Chapter 2 Preparation for Installation Always wear an ESD-preventive wrist strap when installing and maintaining the firewall, making sure the strap has good skin-contact. Do not hot-swap the console cable and auxiliary cable. Do not look directly into the fiber Tx port or the optical connector connected to it. You are recommended to use Uninterrupted Power Supply (UPS) for the firewall.

  • Page 23: Chapter 3 Hardware Installation

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation Chapter 3 Hardware Installation 3.1 Installation Procedure Start Install the cabinet (optional) Install the device at the specified place Connect the grounding wires Connect the power cord Connect the console terminal to device Verify the installation Power up the device...

  • Page 24: Mounting The Device

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation Caution: Before you install your device, make sure that: You have read Chapter 2 “Preparation for Installation” carefully. The requirements in Chapter 2 are satisfied. 3.2 Mounting the Device You can install your device on a workbench/tabletop or in a rack. 3.2.1 Freestanding the Device If a standard 19-inch rack is unavailable, you can place the firewall on a clean workbench/tabletop.

  • Page 25: Installing An Mim

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation (1) Pan-head screws (four) (2) Mounting ear (3) Guide rail Figure 3-2 Install the firewall in a rac 3.3 Installing an MIM For details about installing MIMs, see Chapter 8 “Multifunctional Interface Modules”. 3.4 Connecting the Grounding Wires Caution: When installing or using your firewall, properly connect the grounding wire for lightning...

  • Page 26: Connecting To The Console Terminal

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation (1) Grounding screw Figure 3-3 Grounding screw on the firewall Connect this screw to the earth ground using a grounding wire. The grounding resistance must be smaller than 5 ohm. If the device is mounted in a standard 19-inch rack, the rack must be grounded.

  • Page 27: Connecting The Ethernet Interface

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation Figure 3-4 Console cable assembly III. Connecting the console cable When configuring the firewall through a console terminal, follow these steps to connect the console cable: Step 1: Select a console terminal. The console terminal can be either a standard ASCII terminal with an RS-232 serial interface, or more commonly, a PC.

  • Page 28: Figure 3-5 Ethernet Cable Assembly

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation Figure 3-5 Ethernet cable assembly Note: In making network cables, shielded cables are preferred for the sake of electromagnetic compatibility. Cables for optical Ethernet interfaces For an optical Ethernet interface, you can choose the appropriate fiber cable, single mode or multimode, depending on the 1000Base-FX SFP optical transceiver you are using (see Table 1-6 for fiber options).
  • Page 29 Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation III. Connecting an Ethernet cable Take the fixed 10/100/1000 Mbps Ethernet 0/1 port on the front panel of the H3C SecPath F1000-S firewall for example. Follow these steps to connect its Ethernet cable: Caution: For each fixed Ethernet interface (for example, 10/100/1000 Mbps Ethernet 0/1 on the...

  • Page 30: Connecting A Psu

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation Caution: Laser danger: never look into the optical ports that are connected to the laser. It can harm your eyes. Step 1: Correctly connect one end of a fiber-optic cable to the Rx port of the 10/100/1000 Mbps interface on the firewall and the other end to the Tx port on the peer device.

  • Page 31: Verifying Installation

    Installation Manual H3C SecPath F1000-S Firewall Chapter 3 Hardware Installation II. Recommended power socket You are recommended to use a single-phase three-terminal socket with a ground contact, which must be properly grounded. The building ground system is often buried during the wiring engineering. Make sure that the building ground system is normal before connecting the AC power cord.

  • Page 32: Chapter 4 Booting And Configuration

    Installation Manual H3C SecPath F1000-S Firewall Chapter 4 Booting and Configuration Chapter 4 Booting and Configuration 4.1 Booting You can configure the H3C SecPath Series Firewall only through the console port when you use it for the first time. 4.1.1 Setting up a Configuration Environment I.

  • Page 33: Figure 4-2 Create A New Connection

    Installation Manual H3C SecPath F1000-S Firewall Chapter 4 Booting and Configuration Figure 4-2 Create a new connection Step 2: Set the terminal parameters. Set the HyperTerminal parameters of Windows98 as follows: Select serial interface Select the serial interface to be used from the Connect Using drop-down list as shown in Figure 4-3.

  • Page 34: Figure 4-4 Set Port Parameters

    Installation Manual H3C SecPath F1000-S Firewall Chapter 4 Booting and Configuration Set the serial interface The [Port Settings] tab appears as shown in Figure 4-4, and set the serial interface parameters as follows: Bits per second = 9600 Data bits = 8 Parity = None Stop bits = 1 Flow control = None...

  • Page 35: Powering Up The Firewall

    Installation Manual H3C SecPath F1000-S Firewall Chapter 4 Booting and Configuration Figure 4-5 Select emulation type 4.1.2 Powering up the Firewall I. Checking before power-up Before powering up the firewall, check that Both the power cord and the grounding wire are correctly connected. Proper power supply is used.

  • Page 36: Booting Process

    Installation Manual H3C SecPath F1000-S Firewall Chapter 4 Booting and Configuration II. Powering up the firewall Turn on the switch of the site power. Place the power switch(es) on the device into the ON position. III. Checking/operating after power-up After powering up the firewall, check that The ventilation system is operating well.

  • Page 37: Configuration Fundamentals

    Installation Manual H3C SecPath F1000-S Firewall Chapter 4 Booting and Configuration Press Ctrl-B to enter Boot Menu Press <Ctrl+B> to enter the Boot menu. Otherwise, the system starts decompressing the program. Note: To enter the Boot menu, you must press <Ctrl+B> within three seconds after the prompt “Press Ctrl-B to Enter Boot Menu…”...

  • Page 38: Command Line Interface

    Installation Manual H3C SecPath F1000-S Firewall Chapter 4 Booting and Configuration 4.2.2 Command Line Interface I. Features of the CLI The CLI of the firewall offers lots of configuration commands for you to configure and manage the firewall. The CLI allows you to Configure the device through the console port at the local.

  • Page 39: Chapter 5 Software Maintenance

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Chapter 5 Software Maintenance 5.1 Introduction The firewall maintains three types of files: Boot ROM program files Application program files Configuration files software maintenance mainly involves upgrading/downloading Boot ROM/application program files and uploading/downloading configuration files. 5.1.1 Boot Menu This section introduces the Boot menu that you use in maintaining the software of the firewall.

  • Page 40: Upgrading The Application And Boot Rom Programs Using Xmodem

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Start up and ignore configuration Enter debugging environment Boot Rom Operation Menu Do not check the version of the software Exit and reboot Enter your choice(1-9): If option 8 is selected, the system ignores the software versions of the Boot ROM program, its extended segment, and application program for backward compatibility.

  • Page 41: Figure 5-1 Send File Dialog Box

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance I. Upgrading the application program Step 1: Enter the Boot menu and enter 1 to download an application program using XModem. The firewall supports the following download speeds: Downloading application program from serial ... Please choose your download speed: 1: 9600 bps 2: 19200 bps...

  • Page 42: Figure 5-2 Sending File Interface

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Step 5: Click <Browse>. Select the application file to be downloaded and set protocol to XModem. Click <Send>. The following dialog box pops up: Figure 5-2 Sending File interface Step 6: After completing the downloading, the system begins writing data to the Flash, and then displays the following message in the terminal window, indicating the completion of the downloading: XModem download completed, Packet length 8790321 bytes.

  • Page 43: Backing Up And Restoring The Extended Segment Of The Boot Rom Program

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Step 2: Enter 1 in the Boot ROM operation menu to download the Boot ROM program using XModem. Several speed options are available for you. The subsequent steps are the same as those described in section 5.1.2 I. “Upgrading the application program”. Caution: You cannot restore the Boot ROM program on site if you fail to upgrade the entire Boot ROM program.

  • Page 44: Upgrading An Application Program Using Tftp

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Backuping Boot ROM program to FLASH successed! Step 3: When the Boot ROM operation menu appears again, select 5 to exit and reboot the firewall. II. Restoring the extended segment from the Flash If faults occur to the extended segment of the Boot ROM or you upgrade it wrongly, you can restore the extended segment of the Boot ROM from the Flash to the Boot ROM by completing these steps:...
  • Page 45 Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Net Port Download Menu: Change Net Parameter Download From Net Exit to Main Menu Enter your choice(1-3): 1 Step 2: Select 1 to configure the network interface parameters (including the interface in use and the IP address and subnet mask of the interface) and the TFTP server parameters (including the IP address of the Ethernet interface on the PC and the file name of the application program).

  • Page 46: Uploading/Downloading A Program/File Using Ftp

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance System file length 7868992 bytes, http.zip file length 921329 bytes. Writing file flash:/system to FLASH... Please wait, it may take a long time #################################################################### Writing into Flash Succeeds. Writing file flash:/http.zip to FLASH... Please wait, it may take a long time ########################################################################## ######...

  • Page 47: Figure 5-4 Set Up An Environment For Remote Uploading/Downloading

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Step 1: Connect the PC to an Ethernet interface on the firewall. Step 2: Assign an IP address, 10.110.10.10 for example, to the Ethernet interface on the firewall. Step 3: Assign an IP address, 10.110.10.13 for example, to the Ethernet interface on the PC.
  • Page 48 Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Note: You can configure AAA authentication as needed. For more information, see the “AAA and RADIUS Configurations” part in H3C SecPath Series Security Products Operation Manual. Step 2: Add the username and password. [VPNGateway] local-user VPNGateway VPNGateway is the username.
  • Page 49 Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance The prompt “ftp>” indicates that you can begin uploading/downloading the desired file. Step 3: Upload/download the application program/configuration file/Boot ROM. Note: On the firewall, the default name of the application program is "system”, the configuration file “config.cfg”, the extended segment of the Boot ROM “bootrom”, and the entire Boot ROM “bootromfull”.

  • Page 50: Modifying Boot Rom Password

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Step 4: Upon the completion of the uploading/downloading, quit the FTP client program. ftp>quit IV. Detaching the Web file When the downloading using FTP is completed, the Web file is included in the application program.

  • Page 51: Resetting A Lost Password

    Installation Manual H3C SecPath F1000-S Firewall Chapter 5 Software Maintenance Download Extended Segment of Boot ROM with XModem Modify Boot ROM password System booting from Flash Do not check the version of Extended Segment of Boot ROM Exit and reboot Enter your choice(1-6): Following is the description on the options of Boot menu: 1: Download Boot ROM with XModem...

  • Page 52: Chapter 6 Hardware Maintenance

    Installation Manual H3C SecPath F1000-S Firewall Chapter 6 Hardware Maintenance Chapter 6 Hardware Maintenance 6.1 Preparing Tools Phillips screwdriver Flat-blade screwdriver ESD-preventive wrist strap Static shielding bag Note: These tools are not shipped with the firewall, so you need to prepare them yourself. 6.2 Opening the Chassis Cover Step 1: Power down the firewall and remove the power cords.

  • Page 53: Replacing A Ddr Sdram

    Installation Manual H3C SecPath F1000-S Firewall Chapter 6 Hardware Maintenance (1) Remove the six screws (2) Pull it out towards this direction Figure 6-1 Open the chassi Caution: Do not replace the hardware unless urgently necessary and do it under the guidance of technical support personnel.

  • Page 54: Figure 6-2 Ddr Sdram Maintenance Flow

    Installation Manual H3C SecPath F1000-S Firewall Chapter 6 Hardware Maintenance Hardware maintenance mainly involves DDR SDRAM replacement. Follow this maintenance flow to replace a DDR SDRAM: Start Prepa re tools Open the chassis Locate th e DDR SDRAM Remove the ol d DDR SDRAM Install a new DDR SDRAM...

  • Page 55: Locating The Ddr Sdrams On The Mainboard

    Installation Manual H3C SecPath F1000-S Firewall Chapter 6 Hardware Maintenance Press Ctrl-B to enter Boot Menu “512M bytes DDR SDRAM” means that a DDR SDRAM of 512M bytes is installed on the firewall. Note: Note that there is a limit on the times that you can install a DDR SDRAM in a memory bank.

  • Page 56: Removing A Ddr Sdram

    Installation Manual H3C SecPath F1000-S Firewall Chapter 6 Hardware Maintenance Figure 6-3 Position of the DDR SDRAMs, Flash, and Boot ROM on the mainboard Each DDR SDRAM has one positioning recess at its bottom for correct orientation. When installing a DDR SDRAM into a memory bank, press the positioning recess into the pin in the bank.

  • Page 57: Installing A Ddr Sdram

    Installation Manual H3C SecPath F1000-S Firewall Chapter 6 Hardware Maintenance Caution: Hold the DDR SDRAM only by its non-conductive edge, because it is prone to ESD and could be damaged by incorrect operations. You need to exercise some strength to pull the DDR SDRAM out of its bank, but do not overdo it.

  • Page 58: Replacing An Mim

    Installation Manual H3C SecPath F1000-S Firewall Chapter 6 Hardware Maintenance (1) Insert the cover in this direction (2) Install the six screws at these places Figure 6-5 Close the chassis cove Step 5: Tighten the six captive screws that are removed in steps 3 and 4 described in section 6.2 “Opening the Chassis Cover”...

  • Page 59: Chapter 7 Troubleshooting

    Installation Manual H3C SecPath F1000-S Firewall Chapter 7 Troubleshooting Chapter 7 Troubleshooting 7.1 Troubleshooting the Power System Symptom: The PWR0/PWR1 LED is OFF. Solution: Check that The power switch of the PSU is turned on. The power switch of the site power is turned on. The power cord is connected correctly.

  • Page 60: Troubleshooting The Software Upgrade

    Installation Manual H3C SecPath F1000-S Firewall Chapter 7 Troubleshooting Bits per second = 9600 Data bits = 8 Parity = None Stop bits = 1 Flow control = None Emulation = VT100 Reconfigure the parameters if their values are different. 7.3 Troubleshooting the Software Upgrade I.
  • Page 61 Installation Manual H3C SecPath F1000-S Firewall Chapter 7 Troubleshooting Solution: Check that the file to be downloaded exists and you have correctly specified the directory in the TFTP server. III. Fault 3 Symptom: When you start the firewall and upgrade the Comware using TFTP, the system displays this message: Net Port Download Menu: Change Net Parameter...

  • Page 62: Chapter 8 Multifunctional Interface Modules

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Chapter 8 Multifunctional Interface Modules 8.1 MIM Options Following are the MIMs available for the H3C SecPath F1000-S firewall: 1-port 10Base-T/100Base-TX Fast Ethernet interface module (1FE) 2-port 10Base-T/100Base-TX Fast Ethernet interface module (2FE) 4-port 10Base-T/100Base-TX Fast Ethernet interface module (4FE) 1-port 10Base-T/100Base-TX/1000Base-T Ethernet interface module (1GBE) 2-port 10Base-T/100Base-TX/1000Base-T Ethernet interface module (2GBE)

  • Page 63: Figure 8-1 Install The Mim I

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Step 2: Turn off the site power and remove the power cord. Step 3: Select a slot and push the MIM into the chassis until it is fully seated in the slot and its front panel is flush with the front of the chassis.

  • Page 64: Troubleshooting An Mim

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Caution: If you remove an MIM and do not install a new one right away, you must replace the blanking filler panel to prevent dust from entering the firewall and to provide adequate ventilation.

  • Page 65: Figure 8-3 1Fe Module

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Figure 8-3 1FE module II. Appearance of the 2FE module Figure 8-4 shows the 2FE module. Figure 8-4 2FE module III. Appearance of the 4FE module Figure 8-5 shows the 4FE module. Figure 8-5 4FE module...

  • Page 66: Interface Attributes

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules 8.4.3 Interface Attributes Table 8-1 shows the interface attributes of the 1FE, 2FE and 4FE modules. Table 8-1 Interface attributes of the 1FE, 2FE and 4FE modules Attributes 1FE module 2FE module 4FE module Connector...

  • Page 67: Interface Cable

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Table 8-2 describes the LEDs on the 1FE/2FE/4FE module panel and how to read their state. Table 8-2 LEDs on the 1FE/2FE module Description LINK OFF means no link is present; ON means a link is present. OFF means no packets are being transmitted/received on the ACTIVE interface;...

  • Page 68: Table 8-3 Straight-Through Cable Pinout

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Blue Pair 1 White/blue Orange Pair 1 White/orange Green Pair 1 White/green Brown Pair 1 White/brown Figure 8-10 Category-5 twisted-pair cabl Table 8-3 Straight-through cable pinout Category-5 Direction of RJ-45 Signal twisted-pair...

  • Page 69: Connecting The Interface Cable

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Category-5 Direction of Direction of twisted-pair RJ-45 RJ-45 signal signal cable –– White (brown) –– –– Brown –– Ethernet cables are divided into two categories: straight-through and crossover. Straight-through cable: The sequences of the twisted pairs crimped in the RJ-45 connectors at both ends are the same.

  • Page 70: 1Gbe/2Gbe Module

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules 8.5 1GBE/2GBE Module 8.5.1 Introduction 1-/2-port 10Base-T/100Base-TX/1000Base-TX Ethernet interface module (1GBE/2GBE) can provide the communications between the firewall and a LAN. The 1GBE/2GBE module supports The transmission distance of 100 meters (328 ft) over category-5 twisted-pair cable Three operating rates: 1000 Mbps, 100 Mbps, and 10 Mbps, with auto-sensing Full duplex mode...

  • Page 71: Panel And Interface Leds

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Attribute 1GBE 2GBE 10/100/1000 Mbps, auto-sensing Operating mode Full/half duplex auto-negotiation 8.5.4 Panel and Interface LEDs Figure 8-13 and Figure 8-14 show respectively the panel of the 1GBE and 2GBE modules.

  • Page 72: Connecting The Interface Cable

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Figure 8-15 Ethernet cable II. Making an Ethernet cable To make an Ethernet cable with RJ-45 connectors using a category-5 twisted-pair cable, refer to Figure 8-16. A category-5 twisted-pair cable is composed of eight wires that are identified and grouped by colors of the outer insulator.

  • Page 73: 1Gef/2Gef Module

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Step 2: Power up the firewall and check the state of the LED for the module on the front panel of the firewall. ON means the module has passed the POST and can operate normally;...

  • Page 74: Interface Attributes

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules 8.6.3 Interface Attributes Table 8-7 shows the interface attributes of the 1GEF and 2GEF modules. Table 8-7 Interface attributes of the 1GEF/2GEF module Attribute 1GEF 2GEF Connector SFP/LC Number of connectors Interface IEEE 802.3, 802.3u and 802.3ab...

  • Page 75: Interface Fiber Cable

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Figure 8-19 1GEF module panel Figure 8-20 2GEF module panel Table 8-8 LEDs on the 1GEF/2GEF module Description LINK OFF means no Rx link is present; ON means an Rx link is present. OFF means no packets are being transmitted/received on the interface;...

  • Page 76: Connecting The Interface Fiber Cable

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules 8.6.6 Connecting the Interface Fiber Cable Caution: When connecting the fiber cable, observe the following: Do not over-bend the fiber cable. Its curvature radius must be equal to or greater than 10 cm (3.9 in.).

  • Page 77: Module Attributes

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules Figure 8-21 SSL module 8.7.3 Module Attributes Table 8-9 shows the attributes of the SSL module. Table 8-9 SSL module attributes Attribute Description Supported protocol Key algorithm (DES, 3DES, AES and RC4) Hardware algorithm Authentication algorithm (HMAC-MD 5and HMAC-SHA-1) 8.7.4 Panel and Module LEDs...

  • Page 78: Troubleshooting Ssl Module

    Installation Manual H3C SecPath F1000-S Firewall Chapter 8 Multifunctional Interface Modules 8.7.5 Troubleshooting SSL Module Symptom 1: The STATUS LED is OFF when the firewall starts. Solution: The STATUS LED should be ON when the firewall starts. OFF means that the module or some components on the module are not powered on normally.

Table of Contents