Related Manuals for ELTEX ESR-30
Summarization of Contents
1 Introduction
1.1 Abstract
Provides an overview of large-scale communication network development projects and the role of ESR series service routers in them.
1.2 Target Audience
Identifies the intended users of the manual as technical personnel performing installation, configuration, and maintenance.
1.3 Symbols
Explains the meaning of various designations used in the command line and descriptions for clarity.
1.4 Notes and warnings
Details the usage of notes, warnings, and information icons for device operation and setup.
2 Product description
2.1 Purpose
Describes ESR series service routers as high-performance multi-purpose network routers for corporate environment protection.
2.2 Functions
Lists and describes the various functions supported by the ESR series routers, including interface and MAC table operations.
2.3 Main specifications
Details the key technical specifications of various ESR router models, including interfaces and hardware capabilities.
2.4 Design
Describes the physical design of the ESR routers, including front, rear, and side panels, connectors, LEDs, and controls.
2.4 Design
2.4.1 ESR-3200 design
Details the front and rear panel layout, connectors, LEDs, and controls for the ESR-3200 model.
2.4.2 ESR-3100 design
Describes the front, rear, and side panels, connectors, LEDs, and controls for the ESR-3100 model.
2.4.3 ESR-1700 design
Details the front, rear, and side panels, connectors, LEDs, and controls for the ESR-1700 model.
2.4.4 ESR-1511, ESR-1510 design
Describes the front panel layout, connectors, LEDs, and controls for ESR-1511 and ESR-1510 models.
2.4.5 ESR-1200, ESR-1000 design
Details the front and rear panel layouts, connectors, LEDs, and controls for ESR-1200 and ESR-1000 models.
2.4.6 ESR-200, ESR-100 design
Describes the front and rear panel layouts, connectors, LEDs, and controls for ESR-200 and ESR-100 models.
2.4.7 ESR-21 design
Details the front and rear panel layouts, connectors, LEDs, and controls for the ESR-21 model.
2.4.8 ESR-30, ESR-20 design
Describes the front and rear panel layouts, connectors, LEDs, and controls for ESR-30 and ESR-20 models.
2.4.9 ESR-15 design
Details the front panel layout, connectors, LEDs, and controls for the ESR-15 model.
2.4.10 ESR-14VF, ESR-12VF design
Describes the front and rear panel layouts, connectors, LEDs, and controls for ESR-14VF and ESR-12VF models.
2.4.11 ESR-12V design
Details the front and rear panel layouts, connectors, LEDs, and controls for the ESR-12V model.
2.4.12 ESR-10 design
Describes the rear panel layout, connectors, LEDs, and controls for the ESR-10 model.
2.4.13 Light Indication
Explains the meaning of various LEDs and light indicators on the ESR routers for different statuses.
4 Management interfaces
4.1 Command line interface (CLI)
Explains how to use the Command Line Interface (CLI) for device management, monitoring, and configuration.
4.2 Types and naming procedure of router interfaces
Details the various types of network interfaces and their naming conventions for unique identification.
4.3 Types and naming procedure of router tunnels
Describes the types of network tunnels and their naming procedures for functional identification.
5 Initial router configuration
5.1 ESR router factory configuration
Describes the essential basic settings pre-installed in the factory configuration for immediate router use.
5.2 Router connection and configuration
Provides instructions on connecting ESR routers and performing basic configuration steps for network connectivity.
6 Firmware update
6.1 Updating firmware via system resources
Details the procedure for updating firmware for the device running the operating system using servers like TFTP, FTP, SCP.
6.2 Updating firmware via bootloader
Explains how to update router firmware via the bootloader, including steps for specifying TFTP server and firmware file.
6.3 Secondary bootloader update (U-Boot)
Describes the process of updating the secondary bootloader (U-Boot) for the router.
7 Safe configuration recommendations
7.1 General recommendations
Provides general recommendations for safe operation, such as disabling unused interfaces and setting system clocks.
7.2 Event logging system configuration
Guides on configuring event logging, including message storage, size limitation, and transfer to an external server.
7.3 Password usage policy configuration
Details the configuration of password policies, including default password reset, lifetime, and complexity requirements.
7.4 AAA policy configuration
Explains the configuration algorithms for AAA policy, covering authentication methods and user privilege levels.
7.5 Remote management configuration
Provides recommendations for secure remote management, including disabling Telnet and using crypto-resistant algorithms.
7.6 Configuration of protection against network attacks mechanisms
Details the configuration of network attack protection mechanisms like IP spoofing, TCP flag checking, and logging.
8 Interface management
8.1 VLAN Configuration
Explains VLAN configuration, including creating VLANs, setting operation modes, and managing tagged/untagged frames.
8.2 LLDP configuration
Details the Link Layer Discovery Protocol (LLDP) configuration for network equipment notification and parameter transmission.
8.3 LLDP MED configuration
Describes LLDP MED configuration for transmitting network policies like VLAN ID, DSCP, and priority.
8.4 Sub-interface termination configuration
Explains how to terminate Ethernet frames of a VLAN on a physical interface by creating sub-interfaces.
8.5 Q-in-Q termination configuration
Details Q-in-Q configuration for extending VLAN quantity using double tags in Ethernet frames.
8.6 USB modems configuration
Describes the configuration of USB modems for organizing additional link channels for router operation.
8.7 STP/RSTP configuration
Explains Spanning Tree Protocol and Rapid STP configuration to prevent network loops and establish redundant links.
8.8 PPP through E1 configuration
Details the configuration of PPP connections through the E1 stream for direct communication between network nodes.
8.9 MLPPP Configuration
Describes Multilink PPP (MLPPP) configuration for aggregating multiple physical channels into a single logical link.
8.10 Bridge configuration
Explains bridge configuration for connecting Ethernet segments on the data-link level without higher-level protocols.
8.11 Dual-Homing configuration
Describes Dual-Homing technology for creating secure connections to prevent failures of key network resources.
8.12 Mirroring configuration (SPAN/RSPAN)
Details traffic mirroring configuration, allowing redirection of traffic from one port to another or to a remote device.
8.13 LACP configuration
Explains Link Aggregation Control Protocol (LACP) for combining multiple physical links into a single logical link.
8.14 AUX configuration
Describes AUX configuration for specifying parameters to interact with external devices connected via serial interfaces.
9 Tunneling management
9.1 GRE tunnel configuration
Explains GRE tunnel configuration, a protocol for encapsulating OSI model network layer packets into IP packets.
9.2 DMVPN configuration
Describes DMVPN technology for creating virtual private networks with dynamic tunnel creation between hosts.
9.3 L2TPv3 tunnel configuration
Details L2TPv3 tunnel configuration, a protocol used for tunneling Layer 2 OSI model packets between two IP nodes.
9.4 IPsec VPN configuration
Explains IPsec configuration for enabling security features like identity validation, integrity check, and encryption.
9.5 LT tunnels configuration
Describes LT tunnel configuration for transmitting routing information and traffic between different VRFs.
10 QoS management
10.1 Basic QoS
Explains basic QoS configuration on ESR routers, focusing on classification and relabeling on the input interface.
10.2 Advanced QoS
Details advanced QoS configuration, allowing traffic classification on both incoming and outgoing interfaces.
11 Routing management
11.1 Routing information advertising policy
Describes policies for advertising routing information via RIP, OSPF, IS-IS, iBPG, and eBPG protocols.
11.2 Static routes configuration
Explains how to add static routes to the router configuration for defining explicit routes without dynamic routing protocols.
11.3 RIP configuration
Details RIP configuration, a distance-vector dynamic routing protocol using hop count as a metric.
11.4 OSFP configuration
Explains OSPF configuration, a dynamic routing protocol based on link-state technology.
11.5 BGP configuration
Details BGP configuration, a protocol designed for exchanging subnet reachability information among autonomous systems.
11.6 BFD configuration
Explains Bidirectional Forwarding Detection (BFD) protocol configuration for reducing problem detection time.
11.7 PBR routing policy configuration
Describes Route-map configuration for IP routes filtering and modification, used for BGP and other routing protocols.
11.8 VRF configuration
Explains VRF configuration for isolating routing information belonging to different classes or specific clients.
11.9 MultiWAN configuration
Details MultiWAN configuration for establishing fail-safe connections with redundant links and balancing traffic.
11.10 IS-IS configuration
Explains IS-IS configuration, an ISO standardized dynamic routing protocol based on link-state.
12 MPLS technology management
12.1 LDP configuration
Details LDP configuration, a tag distribution protocol used for finding neighbors and exchanging hello messages.
12.2 Configuring session parameters in LDP
Explains how to configure session parameters like Hello holdtime, Hello interval, and Keepalive holdtime in LDP.
12.3 Configuring session parameters in targeted-LDP
Describes configuring session parameters for targeted-LDP, allowing flexible settings for Hello and Keepalive.
12.4 LDP tag filtering configuration
Explains LDP tag filtering configuration for allocating MPLS tags only to certain FECs.
12.5 L2VPN Martini mode configuration
Details L2VPN Martini mode configuration, enabling Ethernet frames transmission through MPLS using LDP.
12.6 L2VPN Kompella mode configuration
Explains L2VPN Kompella mode configuration, where LDP operates with transport labels and pseudowire construction is entrusted to BGP.
12.7 L3VPN configuration
Guides on configuring L3VPN for combining distributed client IP networks and ensuring traffic transfer within a single VRF.
12.8 MPLS traffic balancing
Describes MPLS traffic balancing, a feature of the router for distributing load across different CPUs.
12.9 Operation with the bridge domain within MPLS
Explains how to organize L2VPN service by configuring a bridge domain and linking necessary elements.
12.10 Assignment of MTU when operating with MPLS
Details the importance of correctly configuring the MTU parameter on interfaces for MPLS traffic forwarding.
12.11 Inter-AS Option A
Provides configuration examples for Inter-AS Option A L3VPN and L2VPN services, focusing on VRF and tagging.
12.12 Inter-AS Option B
Details Inter-AS Option B configuration, which does not require VRF between ASBRs and assigns MPLS labels.
12.13 MPLS over GRE
Provides an example of configuring VPN services built through a GRE tunnel.
13 Security management
13.1 AAA configuration
Explains AAA configuration for access provisioning and control, including Authentication, Authorization, and Accounting.
13.2 Command privilege configuration
Describes command privilege configuration for assigning baseline user privilege levels to command sets.
13.3 Logging and network attacks protection configuration
Guides on configuring logging and protection mechanisms against network attacks like land, SYN flood, and ICMP flood.
13.4 Firewall configuration
Details Firewall configuration, a tool for controlling and filtering network packets based on defined rules.
13.5 Access list (ACL) configuration
Explains Access Control List (ACL) configuration, which contains rules defining traffic transmission through an interface.
13.6 IPS/IDS configuration
Describes IPS/IDS configuration, a system for detecting intrusions and security breaches, including rule autoupdate.
13.7 Eltex Distribution Manager interaction configuration
Explains the interaction configuration with Eltex Distribution Manager for managing licenses and allocating them to ESR devices.
13.8 Content filtering service configuration
Details content filtering service configuration to restrict access to HTTP sites based on their categories.
13.9 Antispam service configuration
Guides on configuring Antispam service to detect and filter unwanted e-mail messages.
14 Redundancy management
14.1 VRRP configuration
Explains VRRP configuration for increased availability of routers acting as a default gateway.
14.2 Tracking configuration
Describes the tracking mechanism for activating entities based on VRRP/SLA state.
14.3 Firewall/NAT failover configuration
Details firewall and NAT failover configuration for reserving firewall sessions.
14.4 DHCP failover configuration
Explains DHCP failover configuration for reserving a database of IP addresses issued by the DHCP server.
15 Remote access configuration
15.1 Configuring server for remote access to corporate network via PPTP protocol
Guides on configuring PPTP server for establishing secure connections for remote users to a corporate network.
15.2 Configuring server for remote access to corporate network via L2TP protocol
Details L2TP server configuration for supporting virtual private networks and remote access to a corporate network.
15.3 Configuring server for remote access to corporate network via OpenVPN protocol
Explains OpenVPN server configuration for enabling secure remote access and VPN connections.
15.4 Configuring remote access client via PPPoE
Guides on configuring PPPoE client for establishing tunneling protocols and PPP connection software capabilities.
15.5 Configuring remote access client via PPTP
Details PPTP client configuration for establishing secure tunnels for remote users.
15.6 Configuring remote access client via L2TP
Explains L2TP client configuration for establishing virtual private networks and remote access.
16 Service management
16.1 DHCP server configuration
Guides on configuring DHCP server for managing LAN device network settings and assigning IP addresses.
16.2 Destination NAT configuration
Explains Destination NAT (DNAT) function for translating destination IP addresses for packets transferred through the network gateway.
16.3 Source NAT configuration
Details Source NAT (SNAT) function for substituting source addresses for packets transferred through the network gateway.
16.4 Static NAT configuration
Explains Static NAT configuration for setting a unique match between two addresses for translation.
16.5 HTTP/HTTPS traffic proxying
Guides on configuring HTTP/HTTPS traffic proxying for URL filtering and managing traffic flow.
16.6 NTP configuration
Details NTP configuration for synchronizing the internal clock of equipment using IP networks.
17 Monitoring
17.1 Netflow configuration
Explains Netflow configuration, a protocol for traffic accounting and analysis, transmitting traffic information to a collector.
17.2 sFlow configuration
Describes sFlow configuration, a standard for traffic accounting and analysis in computer and wireless networks.
17.3 SNMP configuration
Details SNMP configuration for device management in IP networks using TCP/UDP architecture.
17.4 Zabbix-agent/proxy configuration
Guides on configuring Zabbix agent/proxy for monitoring devices and executing remote commands.
17.5 Syslog configuration
Explains Syslog configuration for sending and registering system messages about events.
17.6 Integrity check
Describes integrity check for verifying the integrity of stored executable files.
17.7 Router configuration file archiving
Details router configuration file archiving options for local and remote backup.
18 BRAS (Broadband Remote Access Server) management
18.1 Configuration algorithm
Provides the configuration algorithm for BRAS management, including adding RADIUS and DAS servers.
18.2 Example of configuration with SoftWLC
Gives an example of BRAS configuration with SoftWLC for providing Internet access to authorized users.
18.3 Example of configuration without SoftWLC
Provides an example of BRAS configuration without SoftWLC support.
19 VoIP management
19.1 SIP profile configuration algorithm
Details the SIP profile configuration algorithm, including proxy server, registration server, and domain settings.
19.2 FXS/FXO ports configuration algorithm
Explains the configuration algorithm for FXS/FXO ports, including subscriber assignment and SIP profiles.
19.3 Dial plan configuration algorithm
Guides on configuring dial plans using regular expressions for routing calls to local numbers or SIP proxy.
19.4 PBX server configuration algorithm
Details the PBX server configuration algorithm, including ruleset and profile creation.
19.5 Registration trunk creation algorithm
Explains the algorithm for creating registration trunks for PBX server configuration.
19.6 VoIP configuration example
Provides an example of VoIP configuration for connecting analogue telephones to an IP network.
19.7 Dial plan configuration example
Shows an example of dial plan configuration for routing local calls and calls via SIP proxy.
19.8 FXO port configuration
Details FXO port configuration for making calls to PSTN subscribers.
19.9 Example of VoIP configuration for FXS ports registration on external SIP server
Provides an example of VoIP configuration for FXS ports registration on an external SIP server.
19.10 Example of VoIP configuration on internal PBX server
Details an example of VoIP configuration for internal PBX server, including subscriber and call transfer settings.
Need help?
Do you have a question about the ESR-30 and is the answer not in the manual?
Questions and answers