Download Print this page

Alcatel-Lucent OmniAccess 5740 User Manual

Unified services gateway web gui

Hide thumbs Also See for OmniAccess 5740:

Cli configuration manual (1225 pages)

,

Cli command reference manual (1043 pages)

,

User manual (96 pages)

Table Of Contents

page of 360

/ 360
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Quick Links

Download this manual

OmniAccess 5740

Unified Services Gateway

Web GUI Users Guide

1

2

Release 3.0

Notes on numbered items on banner & legal pages

1

26801 West Agoura Road

Calabasas, CA 91301

(818) 880-3500

FAX (818) 880-3505

support@ind.alcatel.com

Beta

US Customer Support - (800) 995-2696

International Customer Support - (818) 878-4507

Internet - service.esd.alcatel-lucent.com

Website: www.alcatel-lucent.com

Part No: 060314-00, Rev A

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the OmniAccess 5740 and is the answer not in the manual?

Questions and answers

Summary of Contents for Alcatel-Lucent OmniAccess 5740

Page 1 Do not import other template elements such as page layout. To return to the draft version, import color def’ns from draft-colors.fm. To switch to the beta version, import color def’ns from beta-colors.fm OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Release 3.0...
Page 2 The following information is for the Users of the OmniAccess 5740 Unified Services Gateway: If it is not installed in accordance with the installation instructions, it may not function exactly to the said specifications.
Page 3: Table Of Contents
Table of Contents Preface......................1 About this Guide........................1 Chapter Description ........................1 Audience ........................... 1 Document Organization ......................2 Document Conventions......................2 Obtaining Documentation......................2 Reference Publications ......................3 Obtaining Technical Assistance ....................3 Documentation Feedback ......................3 2 GUI Layout and Logging on to USGM ............5 USGM Web GUI Tool........................
Page 4 ....................228 Sensors ........................231 Alerts and Reports ....................235 View Rule File ......................237 QoS (Quality of Service) ....................239 Alcatel-Lucent Specific Overview on QoS..............239 QoS Configuration Wizard ..................240 Class Map ........................ 249 Policy Map........................ 254 Interface...
Page 5 Maintenance....................277 Maintenance.......................... 277 Utilities ..........................278 License Management ..................... 286 Upgrade.......................... 294 Software Upgrade ....................295 Flash Upgrade......................308 5 Monitor ......................311 Monitor ..........................311 Interface Statistics ......................312 DHCP Bindings....................... 316 Active Routes ......................... 318 Traffic Statistics ......................320 IP Statistics ......................
Page 6 List of Figures Logon to USGM 7 USGM Home Page 8 USGM - Configure Main Page 14 System Config 15 Edit System Configuration 16 Chassis Config 17 Chassis Config - View 18 Chassis Config - Setting Card Type to T1 or E1 18 Chassis Config - Changing Card Type 19 Interfaces 21 Interfaces - Configuring GigE Interface Details 23...
Page 7 Policy Based Routing - Create New IP Policy - Create New Match-list 99 Policy Based Routing - Attach Interface 102 Routing - VRF 103 Routing - Add New Static Route 104 System Access: SNMP 107 System Access - Syslog 110 System Access - Syslog - Configure Syslog Parameters 112 Management Utilities: File Transfer &...
Page 8 Firewall: Firewall Policy - New Firewall Policy 183 Firewall: Firewall Policy - Add New DOS Attack Rule 184 Firewall: Firewall Policy - Add New Intrusion Rule 185 Firewall: Firewall Policy - Attach Interface 186 VPN IPSec: IPSec Wizard 189 VPN IPSec: IPSec Wizard - Introduction 189 VPN IPSec: IPSec Wizard - Create IPSec Policy with IPSec Profile 190 VPN IPSec: IPSec Wizard - Create IPSec Policy with Crypto-map 191 VPN IPSec: IPSec Wizard - Create IPSec Policy with Crypto-map - Add Peer 192...
Page 9 Quality of Service: Interface Association Generated by the Wizard 247 Quality of Service: Class Map Generated by the Wizard 248 Quality of Service: Class Map 249 Quality of Service: New Class Map 251 Quality of Service: New Class Map Rule 252 Quality of Service: Policy Map 254 Quality of Service: Policy Map - New 256 Quality of Service: Policy Map - New Traffic Class Basic Configuration 258...
Page 10 Monitor: SNMP Statistics 325 Monitor: Firewall Session Statistics 327 Monitor: Firewall and Security - Filters 329 Monitor: Firewall and Security - Filters - Show Policy Statistics 331 Monitor: Firewall and Security - NAT 332 Monitor: Firewall and Security - DOS Attack 334 Firewall and Security - DOS Attack - Show DOS Attack Statistics 335 Monitor: Firewall and Security - DOS Attack - View 335 Monitor: Firewall and Security - DOS Attack - View Statistics 336...
Page 11: Preface
BOUT THIS UIDE This chapter describes how to configure OmniAccess 5740 Unified Services Gateway (OmniAccess 5740 USG) using the Web Graphical User Interface (GUI) tool - Unified Services Gateway Configuration Manager (USGM). The guide contains procedures for configuring interfaces, routing parameters, SNMP, syslog parameters, time range, lists and match lists, traffic classification, filter and firewall, IPSec policy, QoS, and various other features.
Page 12: Document Organization
Note: A note contains helpful suggestions or information that may be easily overlooked. BTAINING OCUMENTATION Alcatel-Lucent provides several ways to obtain technical assistance and other technical resources. Documents can be downloaded from our support site service.esd.alcatel-lucent.com. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide...
Page 13: Reference Publications
We value your comments and suggestions about our documentation. If you have comments about this book, please enter them through the feedback link on the Alcatel-Lucent Website. We will use your feedback in our plans to improve the documentation. Alcatel-Lucent...
Page 14 Left running head: Chapter name (automatic) Preface Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 15: Gui Layout And Logging On To Usgm
USGM W GUI T The USGM Web GUI tool is an easy-to-use interface that helps you configure your OmniAccess 5740 USG without using the Command Line Interface (CLI). You can configure the following features, among others, using this tool: •...
Page 16: Launching The Gui
Chapter name (automatic) GUI Layout and Logging on to USGM AUNCHING THE Follow the procedure given below to access and configure the OmniAccess 5740 USG through GUI. Step 1: Open a Web browser from your PC. Step 2: In the address bar/field, type the IP address of the interface obtained from the DHCP server and press the Enter key.
Page 17: Logon To Usgm
Use the AAA user name and password configured using the CLI to login to USGM. (For more information on configuring AAA user name and password, refer the note below.) Step 2: This will launch the web interface to configure your OmniAccess 5740 USG. Figure 1: Logon to USGM...
Page 18: Usgm Home
The Top Panel also has ‘About USGM and Logout’ menu. About USGM sub menu gives details on USGM tool like the version number, model name, and so on. Logout enables you to log out of USGM. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 19 These logs enable you to take appropriate action for smooth functioning of the system. Click these buttons to view the details of the respective log messages. (See “Logs” section for more information.) Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 20: Description Of Standard Buttons On The Gui
PPLY This button saves all the configured data. ANCEL This button cancels an operation without saving the data entered. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 21: Icons And Labels
Heading1 or Heading1NewPage text (automatic) Launching the GUI CONS AND ABELS The following table lists the icons and labels used in the OmniAccess 5740 USG Web GUI tool. Table 1: Icons, Labels in the OmniAccess 5740 USG Web GUI Tool Icon/Label Description Configure/Edit the selected item.
Page 22: Logout
The system automatically logs you out of the tool if there is no activity for 15 minutes. When you perform any activity after 15 minutes of inactivity, the system prompts you to login again. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 23: Configure
This chapter provides procedure to configure various features like interfaces, routing, traffic classification, filters, IPSec policy, QoS. Pagination: Numeric & continuous Optional footer: Alcatel-Lucent with Manual title (to set, preceding redefine ManualTitle OmniAccess 5740 Unified Services Gateway Web GUI Users Guide section of Beta Beta Beta Beta variable) book...
Page 24: Configure
OmniAccess 5740 USG. Menu Bar Submenu Figure 3: USGM - Configure Main Page By default, System is selected and its details are displayed in the Center Panel. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 25: System
Table 2: System Config Field Description Field Description YSTEM ONFIG System Name Name given to the system. System Contact Contact details. System Location Place where the system is located. Edit Edit system parameters. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 26: Edit System Configuration
Step 2: Enter or edit the system name, system contact, and system location in the respective fields. (System Name is mandatory.) Step 3: Click Apply to save the changes or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 27: Chassis Configuration
This page lists the respective slot numbers and the line cards associated with it that are installed in the system. This also displays the details of the OmniAccess 5740 USG base system that includes the following components: OmniAccess 5740 USG Chassis, Switch Fabric, Services Engine, Fan Tray and Power Tray.
Page 28: Chassis Config - View
T1 or E1: Figure 8: Chassis Config - Setting Card Type to T1 or E1 3. Select the card type and click Apply or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 29: Chassis Config - Changing Card Type
1. Click Configure icon in the Action column against the T1E1 line card. 2. The following message box is displayed: Figure 9: Chassis Config - Changing Card Type 3. Click OK to continue. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 30: Interfaces
Configure Channelized Serial Interface • Configure Serial Interface (V.35/X.21/RS-232) • Configure Logical Interface Add Virtual LAN (VLAN) Add Tunnel Interface iii. Add Loopback Interface Add MLPPP Interface Add MLFR Interface Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 31: Viewing Interfaces
Step 2: Click Interfaces sub-menu. The Interfaces page is displayed with the list of all the interfaces available on your system. The list also displays those interfaces configured using the CLI commands. Figure 10: Interfaces Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 32 Provides option to configure logical interfaces such as Virtual LAN, Tunnel (GRE/IPSec), Loopback, MLFR, and MLPPP interfaces. Interface Details This table displays the details of the selected interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 33: Configure Gigabit Ethernet (Gige) Interface
This displays the Interface Configuration page in the Center Panel. Interface Configuration page contains basic and advanced details and secondary address details table. Figure 11: Interfaces - Configuring GigE Interface Details Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 34 5. Click Apply to add the set values, or click Reset to retain the original values. FE I NCAPSULATION ON NTERFACE Step 1: Click PPPoE Encapsulation to set PPPoE encapsulation on the interface and to configure its parameters. The following page is displayed: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 35: Interfaces - Configuring Pppoe Encapsulation And Ppp Parameters On Gige Interface
If the retry-timer value is set to ‘0’, PPPoE client sends only one PADI/PADR. With default max-retry value, PPPoE client keeps sending PADIs till a PADO is received. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 36 PPPoE session becomes active. Note: - The PPPoE service name configured on OmniAccess 5740 USG should match the service name configured on the server. - If the “service-name” is not configured, then the PPPoE client accepts any service offered by the PPPoE server.
Page 37: Interfaces - Configure Ppp Advanced Options On The Gige Interface
LCP decides that the peer is down. The value “0” implies that the link will not be brought down on the basis of unanswered echo requests. Default echo interval is 5 seconds. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 38 Step 4: After configuring the required parameters, click Apply to save the GigE interface configuration or click Cancel to cancel the operation. Step 5: Click Close to go back to the Interfaces page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 39: Configure T1 Controller
Follow the procedure below to configure the T1 Controller. Step 1: On the Interfaces page, click Configure icon against the T1 Controller that is to be configured. The following page is displayed: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 40: Interfaces - Configuring T1 Controller
Select the Short radio button, and select the length from the Length drop-down list. Short option sets the transmit attenuation for a cable length (line build-out) of 660 feet or shorter for a T1 trunk. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 41 Internal: The controller synchronizes itself to the internal (system) clock. ii. Line: The controller recovers external clock from the line and provides the recovered clock to the internal (system) clock generator. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 42: Interfaces - T1 Controller - Channel Group Configuring
Interfaces page. Note: You can configure encapsulation on a channelized serial interface. See “Configure Channelized Serial Interface” for more details on this. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 43: Configure E1 Controller
Step 1: On the Interfaces page, click Configure icon against the E1 Controller that is to be configured. The following page is displayed: Figure 16: Interfaces - Configuring E1 Controller Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 44: Interfaces - E1 Controller - Channel Group Configuring
Click Configure Channel Group to configure channel group. Channel Group Configuring pop up window is displayed. Figure 17: Interfaces - E1 Controller - Channel Group Configuring Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 45 Interfaces page. Note: You can configure encapsulation on a channelized serial interface. See “Configure Channelized Serial Interface” for more details on this. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 46: Configure Channelized Serial Interface
1. By default HDLC radio button is selected (HDLC is the default encapsulation on the interface), and the following page displays the HDLC parameters: Figure 18: Interfaces - Configure HDLC Encapsulation on a Channelized Serial Interface Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 47 PPP supports protocols like IP, IPX and DECnet through the Network Control Protocols. 1. Set the PPP encapsulation on the interface by selecting PPP radio button under Encapsulation. The following page displays the PPP parameters: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 48: Interfaces - Configure Ppp Encapsulation On A Channelized Serial Interface
IP address. • If Negotiate IP Address with the Peer is selected, a flag is set to accept the IP address given to it by the peer during IPCP. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 49 Server side credentials are mandatory for CHAP/PAP/EAP authentication protocol. 7. Click Advanced Options to initiate LCP negotiation on a PPP encapsulation and configure PPP Timers. The following pop up window is displayed: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 50: Interfaces - Configure Ppp Encapsulation On A Channelized Serial Interface - Advanced Options
Left running head: Chapter name (automatic) Configure Figure 20: Interfaces - Configure PPP Encapsulation on a Channelized Serial Interface - Advanced Options Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 51 Click OK to save LCP and PPP Timers configuration or click Cancel to cancel the operation. 8. After configuring the parameters, click Apply to save the PPP configuration or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 52: Interfaces - Configure Frame Relay Encapsulation On A Channelized Serial Interface
1. Set the Frame Relay encapsulation on the interface by selecting Frame Relay radio button under Encapsulation. The following page displays the Frame Relay parameters: Figure 21: Interfaces - Configure Frame Relay Encapsulation on a Channelized Serial Interface Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 53 DLCI configured). - QoS policy is configured on the FR Interface. It is recommended that the fragment size configured is greater than the priority packet size. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 54: Interfaces - Configure Frame Relay Encapsulation On A Channelized Serial Interface - Add Sub Interface
Click Add Sub Interface to configure a sub interface. Sub Interface Creation window is displayed. Figure 22: Interfaces - Configure Frame Relay Encapsulation on a Channelized Serial Interface - Add Sub Interface Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 55 “Add MLPPP Interface” under Logical Interfaces section. 1. Set the MLPPP encapsulation on the interface by selecting MLPPP radio button under Encapsulation. The following page displays the MLPPP parameters: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 56: Interfaces - Configure Mlppp Encapsulation On A Channelized Serial Interface
Protocol, EAP - Extensible Authentication Protocol). Authentication is not mandatory. Set the authentication protocol for authenticating the peer by selecting the option from PPP Authentication drop down list: Chap/Pap/Eap/None Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 57: Interfaces - Configure Mlppp Encapsulation On A Channelized Serial Interface - Advanced Options
Enter the echo interval in Echo Interval field. This denotes the interval between the LCP echo requests sent. “0” implies that no echo requests are sent. The default value is 10 seconds. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 58 “Add MLFR Interface” under Logical Interfaces section. 1. Set the MLFR encapsulation on the interface by selecting MLFR radio button under Encapsulation. The following page displays the MLFR parameters: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 59: Interfaces - Configure Mlfr Encapsulation On A Channelized Serial Interface
9. After configuring the parameters, click Apply to save the MLFR configuration or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 60: Configure Serial Interface (V.35/X.21/Rs-232)
Step 1: In the Interfaces page, click Configure icon for the Serial interface whose parameters are to be configured. This displays the Configuration Serial page in the Center Panel. Figure 26: Interfaces - Configuring Serial Interface (V.35/X.21/RS-232) Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 61 For more details on encapsulation configuration, refer to “Configure Channelized Serial Interface” section. Step 5: After configuring the parameters, click Apply to save the Serial interface configuration or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 62: Configure Logical Interface
• Trunk - A trunk port sends and receives only tagged packets. It interconnects one OmniAccess 5740 USG (as a switch) to another OmniAccess 5740 USG (as a router). VLAN information is exchanged between them. • Hybrid - Used to connect to both VLAN-aware (tagged) devices as well as VLAN unaware (untagged) devices.
Page 63: Interfaces - Configure Vlan
Select Virtual LAN from the list. Configure VLAN page is displayed as shown below. Figure 27: Interfaces - Configure VLAN Step 2: Enter the VLAN ID in the VLAN ID field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 64: Interfaces - Configure Vlan - Add Port
VLAN is updated and a prompt to configure STP is displayed. Step 8: Click OK to continue STP configuration. STP Config page is displayed with the default values in the respective fields. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 65: Interfaces - Configure Vlan - Stp Config
Click Edit link under Action column against the switch port whose state, priority, and cost parameters are to be configured. • Configure the required value in the respective fields. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 66 Step 12: Click Apply to save the VLAN STP configuration or click Cancel to cancel the operation. Step 13: The VLAN interface thus configured is displayed in the Interfaces page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 67: Interfaces - Edit Vlan Configuration
Click Apply to add the secondary IP address, or click Cancel to cancel adding secondary IP address. • Click Delete icon in the Action column to delete the secondary address. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 68 NTERFACE 1. In the Interfaces page, click Delete icon in the Action column against the VLAN to be deleted. 2. Confirm at the prompt to delete the VLAN. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 69 Provides a means of encapsulating IP and non IP packets inside GRE header and transport the payload over the GRE tunnel. • GRE protocol header size (minimum without any options) is 4 bytes. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 70 Outer IP header’s IP protocol value = 47 Alcatel-Lucent Specific Overview • OmniAccess 5740 USG does not support overlapping of private addresses. • The source IP address must be configured either on a loopback interface or on one of the physical interfaces.
Page 71 Following are the default values for a newly configured crypto map: Default transform set in crypto map: ‘default’ transform set Default PFS group in crypto map: pfs group2. iii. Default lifetime in seconds for a crypto map: 28800 Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 72: Interfaces - Tunnel Configuration
Step 3: Click Apply to configure the tunnel interface or click Cancel to cancel the operation. Step 4: The tunnel interface thus configured is displayed in the Interfaces page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 73: Interfaces - Configure Tunnel Configuration
Basic box. Make the necessary changes if necessary. Tunnel Number is not editable. • VRF Forwarding displays the VRF configured. To remove the VRF, click Remove. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 74 1. In the Interfaces page, click Delete icon in the Action column against the tunnel that is to be deleted. 2. Confirm at the prompt to delete the tunnel. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 75: Interfaces - Loopback Configuration
Step 3: Click Apply to configure the loopback interface or click Cancel to cancel the operation. Step 4: The loopback interface thus added is displayed in the Interfaces page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 76: Interfaces - Configure Loopback Interface
2. VRF Forwarding displays the VRF configured. To remove the VRF, click Remove. 3. Make the changes and click Apply or click Reset to retain the original details. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 77 1. In the Interfaces page, click Delete icon in the Action column against the loopback interface that is to be deleted. 2. Confirm at the prompt to delete the loopback interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 78: Interfaces - Mlppp Bundle Configuration
Each MLPPP interface is identified by a bundle ID. Enter the ID for the interface in the Bundle ID field. This creates a MLPPP bundle interface that is identified by the bundle ID. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 79 Mask fields. This IP address will be advertised during IPCP but not allow its negotiation. Click Remove to delete the IP address and re-enter the new IP address. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 80: Interfaces - Configure Mlppp Interface - Advanced Options
Configure Request packets (Number of LCP or NCP) without receiving a valid Configure Ack/NaK/Reject before assuming that the peer is unable to respond. The default value is 10 seconds. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 81 Step 3: Modify the required parameters. Bundle ID cannot be modified. Step 4: Click Apply to save the configuration or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 82: Interfaces - Mlfr Bundle Configuration
Figure 37: Interfaces - MLFR Bundle Configuration Step 2: Configure the MLFR bundle interface by entering the bundle ID, VRF, description, MTU, IP address and bundle identification (BID) name for the interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 83 Enter the DTE error threshold value in Error Threshold field. The default value is • Enter the DTE monitored event count in the Monitored Event Count field. The default value is 4. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 84 Step 3: Modify the required parameters. Bundle ID cannot be modified. Step 4: Click Apply to save the configuration or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 85: Associate Policy To An Interface
Click Out Direction drop-down list. Filters created in your system are displayed. Select the filter to be attached to the interface in the egress direction from the list. If filters are not configured, see “Creating a Filter” section. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 86: View Interface Details
1. In the Interfaces page, click Interface Name whose configuration details are to be viewed. 2. The interface details for the selected interface are displayed in the Interface Details table. The details displayed vary based on the selected interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 87: Activate The Interface
This will administratively bring down the interface and the status changes to ‘Inactive’. Note: The Shutdown icon is displayed only when the interface is in ‘active’ state. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 88: Dhcp (Dynamic Host Configuration Protocol)
Left running head: Chapter name (automatic) Configure DHCP (D YNAMIC ONFIGURATION ROTOCOL The DHCP page allows you to enable OmniAccess 5740 USG to act as DHCP Server or DHCP Relay. • DHCP Server • DHCP Relay DHCP S ERVER DHCP is a protocol for dynamically assigning IP addresses to devices on a network.
Page 89 Step 2: Click DHCP sub-menu. DHCP page has two tabs: DHCP Server and DHCP Relay. By default, DHCP Server page is displayed in the center panel. Figure 39: DHCP Server Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 90 Step 1: Select Enable Service DHCP check box to enable the DHCP service. Confirm at the prompt to enable the service. Step 2: Uncheck the check box to disable the DHCP service. Confirm at the prompt to disable the service. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 91: Dhcp Server
3. Under the pool type, select Network radio button. By default, Network is selected. This allows you to specify the network to which the pool belongs to. Figure 40: DHCP Server - Add DHCP Pool - Network Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 92: Dhcp Server - Add Dhcp Pool - Network
To remove the IP address from the list, click Remove. 6. After configuring the parameters, click OK to save the network pool or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 93: Dhcp Server - Add Dhcp Pool - Host
4. Enter the host IP address (that exists within a configured network pool) in the IP Address field. 5. Enter the hardware address of the host in the Hardware Address field. 6. Click OK to save or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 94: Dhcp Server - Add Dhcp Pool - Options
DHCP pool in the specified VRF. If the VRF is not specified, the pool is configured for the Default VRF. Figure 43: DHCP Server - Add DHCP Pool - Options Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 95: Dhcp Server - Add Dhcp Pool - Options - Add Option
1. DHCP Server page displays the list of the DHCP pools configured. Select the DHCP pool to be deleted, and click Delete. 2. Confirm at the prompt to delete. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 96: Dhcp Server - Configure Global Options
Figure 45: DHCP Server - Configure Global Options 3. Click Add to add a global option. The following pop up window is displayed. Figure 46: DHCP Server - Configure Global Options - Add Global Option Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 97 2. Make the required changes and click OK to save the changes. Delete DHCP Global Option 1. Similarly, select the global option to be deleted from the list, and click Delete. 2. Confirm at the prompt to delete. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 98: Dhcp Relay
Step 2: Click DHCP sub-menu. DHCP page has two tabs: DHCP Server and DHCP Relay. Click DHCP Relay tab. The following page is displayed in the center panel. Figure 47: DHCP Relay Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 99: Dhcp Relay
Delete Relay DHCP Request to Server 1. Click Delete icon in the Action column to delete the Relay DHCP Server parameters. 2. Confirm at the prompt to delete. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 100 3. Click Apply to save the changes made or Cancel to retain original parameters Detach Rebroadcast DHCP Request to Interface 1. Click Delete icon in the Action column to delete the rebroadcast interfaces. 2. Confirm at the prompt to delete. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 101: Routing
Routing page has three tabs: Routing, Policy Based Routing, and VRF. By default, Static Route Details table is displayed in the center panel. Figure 48: Routing - Static Route Details Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 102 The administrative distance of the routing protocol Protocol Protocol type (Static) Action Provides an option to edit/delete static routes. New Static Routes Add static routes. Refresh Update Static Routing table. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 103: Routing - Add New Static Route
Step 5: Enter the administrative distance of the routing protocol in the Administrative Distance field. By default, this is set to 1. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 104 2. Under Action column, click Delete icon against the static route to be deleted in the Static Route Details page. 3. Confirm at the prompt to delete the static route and its details. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 105: Policy Based Routing (Pbr)
Alcatel-Lucent Specific Overview • OmniAccess 5740 USG supports PBR that allows routing of packets based on policies (match-lists) to a specified egress interface/next hop. • OmniAccess 5740 USG shall support PBR as an infrastructure for other software components to add system PBR rules.
Page 106: Routing - Policy Based Routing
Routing page has three tabs: Routing, Policy Based Routing, and VRF. Click Policy Based Routing tab. The following page is displayed: Figure 50: Routing - Policy Based Routing Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 107 Name of the interface. Specifies the egress path of the packet. Next Hop The egress path of the packet. Action Provides option to edit and/or delete IP policy rule. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 108: Policy Based Routing - Create New Ip Policy
Step 1: Click New Policy in the Policy Based Routing page to create a new IP policy. Step 2: The following page is displayed: Figure 51: Policy Based Routing - Create New IP Policy Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 109: Policy Based Routing - Create New Ip Policy - Create New Match-List
Click New to configure new match-lists or if there are no match-lists configured. The following page is displayed. Figure 52: Policy Based Routing - Create New IP Policy - Create New Match- list Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 110 2. Click New Rule. Page to add new rule is displayed. 3. Configure the required rule elements. 4. Click Apply to save changes or Cancel to retain the original settings. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 111 Step 1: Attach an IP Policy to the interface in the Policy Based Routing table. 1. Select the IP policy to be attached on an interface from the Policy Name list. 2. Click Attach Interface icon. Attach Interface page is displayed: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 112: Policy Based Routing - Attach Interface
IP P ELETING OLICY 1. Click Delete icon in the Action column against the IP Policy to be deleted. 2. Confirm at the prompt to delete the IP Policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 113: Virtual Routing And Forwarding (Vrf)
Step 2: Click Routing sub-menu. Routing page has three tabs: Routing, Policy Based Routing, and VRF. Click VRF tab. The following page is displayed: Figure 54: Routing - VRF Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 114: Routing - Add New Static Route
Step 3: Enter the VRF name and description in the VRF Name and Description fields. Step 4: Click Add to add a new VRF or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 115 1. Under Action column, click Delete icon against the VRF to be deleted in the Virtual Routing and Forwarding page. 2. Confirm at the prompt to delete the VRF and its details. All routing protocol configuration within the VRF is removed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 116: System Access
The agents and managers share a database of information, called the Management Information Base (MIB). This page allows you to configure SNMP parameters. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 117: System Access: Snmp
System Access page has three tabs: SNMP, Syslog, and File Transfer & Access. By default, SNMP tab is active, and its details are displayed in the center panel. Figure 56: System Access: SNMP Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 118 SNMP Version SNMP version configured of the trap host Community String Community string set on the SNMP trap host Action Provides option to edit and/or delete trap host details Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 119 ELETING A 1. Click Delete icon in the Action column against the trap host to be deleted. 2. Confirm at the prompt to delete the SNMP trap host. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 120: Syslog
Step 2: Click System Access sub-menu. System Access page has three tabs: SNMP, Syslog, and File Transfer & Access. Click Syslog tab. The following page is displayed. Figure 57: System Access - Syslog Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 121 Select the check box to either enable/ disable log types. Host Configuration IP Address IP address of the host to which logs should be sent. Port Port number of the host. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 122: System Access - Syslog - Configure Syslog Parameters
Step 2: Set log options in the Log Options table. 1. Click Edit to set the log options. 2. Set the watermark in the Watermark field. 3. Enter the buffered size in the Buffered Size field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 123 3. Click Apply to save changes, or Cancel to retain the original settings. ELETE 1. To delete any host, click Delete icon. 2. Confirm at the prompt to delete the host. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 124: File Transfer And Access
This page displays the protocols supported to access the device and for file transfer. It allows you to enable/disable the access protocols such as HTTP, HTTPS, SSH, Telnet, and SNMP to access the OmniAccess 5740 USG.(SSH/Telnet to access CLI, HTTP/HTTPS for Web based management and SNMP service.) & A...
Page 125: Time Range
Note: If there is no time range configured, “There is no Time Range To Display“ message is displayed in the Time Range table. Figure 60: Time Range Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 126: Configuring Time Range
To configure time range on a one time basis, set the absolute time range. 1. Select the Absolute radio button in the time range configuration page. Absolute time range table is displayed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 127: Time Range
4. Click Apply to configure Absolute Time Range. Note: If the End Date/Time is not specified, the time range is applied continuously from the specified start time. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 128: Time Range: Create New Periodic Time Range
Enter the start and end time in hh:mm:ss format. For Weekly periodicity, also select the day of week from the Day of Week drop down list. 4. Click Apply to configure the Periodic Time Range. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 129 ELETE ANGE 1. Click on the Delete icon in the Action column for the time range to be deleted. 2. Confirm at the prompt to delete time range. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 130: Traffic Classification
Configure are displayed in the left navigation panel. Step 2: Click Traffic Classification sub-menu. Traffic Classification has two tabs: List and Match List. By default, List page is displayed in the center panel. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 131: Traffic Classification: List
Except on the first page, right running head: Heading1 or Heading1NewPage text (automatic) Configure Figure 63: Traffic Classification: List Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 132 Prefix - IP address/prefix length Interface - Interface name List - Other lists configured on the system. Action Provides option to delete the elements. New Element Create new element. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 133: Traffic Classification: Create New List
2. Click Apply to create a new list or Cancel to cancel the operation. The list thus configured is displayed in the List page. And, the List Details table displays the elements configured to the list. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 134: Traffic Classification: List - Create New Element
3. Select the type of element from the drop down list in the Element column and enter its respective details: Host/Prefix/Interface/List. 4. Click Apply to add the element to the list or Cancel to cancel the task. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 135 List Details table. 1. Click Delete icon in the Action column against the element to be deleted. 2. Confirm at the prompt to delete the element from the selected list. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 136: Match List
Traffic Classification has two tabs: List and Match List. Click the MatchList tab. The following page is displayed in the center panel. Figure 66: Traffic Classification - Match List Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 137 Summary of the list rules. Action Provides option to edit and/or delete MatchList rules. New Rule Create new match-list rule Include MatchList Include available match-lists to a match- list. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 138: Traffic Classification: - New Match List - Configure Rule / Include Match List
Select Configure Rule radio button to define the rule for the match-list you are creating, or select the Include Match List radio button to include rules from the match-lists already configured in your system. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 139 • Select the interface from the interfaces list for Interface. • Select the list from the lists configured for List. Step 5: Select rule elements for the protocols. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 140: Traffic Classification: New Match List Rule - Ip / Protocol / Ah / Esp/ Gre/ Ospf/ Igmp
/ AH / ESP / GRE/ OSPF/ IGMP LEMENTS FOR ROTOCOL Figure 68: Traffic Classification: New Match List Rule - IP / Protocol / AH / ESP/ GRE/ OSPF/ IGMP Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 141 (GT), greater than or equal to (GE), less than (LT), less than or equal to (LE), between the range (RANGE), or for the fixed length (FIXED). Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 142: Traffic Classification: New Match List Rule - Tcp
Check the IP-Precedence check box to set IP precedence level in the range between 1 and 7. 4. Add Fragments. Check the Fragment check box to match the IP Fragment bit. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 143 Select as many flags from the Available Flags column and move it to the Selected Flags column and click OK. The selected flag/s is displayed in the Flag field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 144: Traffic Classification: New Match List Rule - Udp
Check the IP-Precedence check box to set IP precedence level in the range between 0 and 7. 4. Add fragments. Check the Fragment check box to match the IP Fragment bit. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 145: Traffic Classification: New Match List Rule - Icmp
Select from the following options: RPC-PORTMAP, SNMP, SNMPTRAP, TFTP, DNS, GT, GE, LT, LE, RANGE, NFS, SIP. ICMP LEMENTS FOR Figure 71: Traffic Classification: New Match List Rule - ICMP Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 146 255). Specify the ICMP subtype. Step 6: Click Apply to create match-list and to return to Match List page, or Cancel to return to the Match List page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 147: Traffic Classification - New Match List Include
Step 4: Click Apply to include the selected match-list to the match-list you are creating and to return to Match Lists page, or Cancel to return to the Match List page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 148: Traffic Classification - Match List - New Rule For The Match-List
3. Define the rule as required. Refer “Configure Rule” section for details on defining a rule. Match-list Name is not editable. 4. Click Apply to save changes, or Cancel to retain the original settings. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 149: Traffic Classification - Match List - Add Match List Include
6. The match-lists that added are displayed in the Included Matchlist table. 7. Click on the respective match-list to view its details like the protocol, source, destination and summary. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 150 3. Confirm at the prompt to delete the rule. Note: You cannot delete a rule under a match-list or delete a match-list if the match-list is attached to an interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 151: Firewall
Transparent Firewall and Firewall Policy. By default Firewall Wizard tab is selected and the Firewall Configuration Wizard page is displayed in the center panel. Figure 75: Firewall: Firewall Wizard Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 152: Firewall: Firewall Wizard - Introduction
Figure 76: Firewall: Firewall Wizard - Introduction Step 2: Click Next. Interface Selection window is displayed. This page allows you to attach a firewall policy to an interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 153: Firewall: Firewall Wizard - Interface Selection
Internet and the internal network. A DMZ typically contains the following: Web Server, Mail Server, Application Gateway, E-Commerce Systems. Example of systems to place on a DMZ include Web servers and FTP servers. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 154: Firewall: Firewall Wizard - Dmz Settings
2. Add the DMZ service/s to be accessed through the internet. Click Add. Add DMZ Services pop up window is displayed: You have to add at least one DMZ service. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 155: Firewall: Firewall Wizard - Dmz Settings - Add Dmz Service
Select the service to be edited, and Edit to edit the service parameters, and click Delete to delete the selected service. Step 4: Click Next to continue. Access Management window is displayed. Access Management allows remote management of the OmniAccess 5740 USG.(SSH/Telnet to access CLI, HTTP/HTTPS for Web based management and SNMP service.)
Page 156: Firewall: Firewall Wizard - Access Management
Configure Figure 80: Firewall: Firewall Wizard - Access Management 1. By default, all the access protocol are enabled. 2. Unselect the check box to disable the access protocol. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 157: Firewall: Firewall Wizard - Summary
The filters, DOS attack, and the firewall policy auto configured by the wizard is displayed in the Filters, DoS Attack and Firewall Policy tabs as shown below. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 158: Firewall: Filters Generated By The Wizard
Left running head: Chapter name (automatic) Configure Figure 82: Firewall: Filters Generated by the Wizard Figure 83: Firewall: DoS Attack Generated by the Wizard Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 159: Firewall: Firewall Policy Generated By The Wizard
Except on the first page, right running head: Heading1 or Heading1NewPage text (automatic) Configure Figure 84: Firewall: Firewall Policy Generated by the Wizard Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 160: Filters
• In contrast to other products, OmniAccess 5740 USG differentiates between the classification and the actions. The classification on OmniAccess 5740 USG is done by the use of match-lists and the actions are done by the use of filters.
Page 161: Firewall - Filters
Except on the first page, right running head: Heading1 or Heading1NewPage text (automatic) Configure Figure 85: Firewall - Filters Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 162 Add a new rule to the filter Interface Bindings Interface List of interfaces to which the filters are applied Direction Filter Direction: Ingress (IN)/Egress (OUT) direction Attach Interface Attach filter to an interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 163: Firewall: Filters - New Filter
Edit Filter Params table. See “Edit Filter Parameters” section to configure time range for the filter. Step 3: Click Apply to add a new filter, or Cancel to cancel adding new filter. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 164: Firewall: Filters - Add Rule To A Filter
6. Check Log check box to enable logging. This logs the first packet of a session. 7. Click Apply to set new action for the filter. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 165: Firewall: Filters - Attach Filter To An Interface
Interfaces already bound to the selected filter are displayed in Interface Bindings table. 2. Click Enable Interface Statistics icon to enable interface statistics. 3. Click the same icon to disable interface statistics for a filter. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 166: Firewall: Filters - Edit Filter Parameters
Rules already configured for the selected filter is displayed in Configured Actions table. 2. Click Delete icon in the Action column against the filter rule to be deleted. 3. Confirm at the prompt to delete action. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 167: Nat
This page allows you to add/or edit the NAT policies. OmniAccess 5740 USG Specific Overview • In OmniAccess 5740 USG, NAT is applied to an interface. • Configuration allows for load-balancing in DNAT if a pool of IP addresses are used.
Page 168: Firewall And Security: Nat
Left running head: Chapter name (automatic) Configure Figure 90: Firewall and Security: NAT Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 169 List of interfaces to which the NAT is applied Direction The direction to which the NAT is applied: In coming (IN) or out going (OUT). Attach Interface Attach NAT to an interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 170: Firewall: Nat - New Source Nat Configuration
Source NAT you just created is displayed. Step 5: Configure the NAT rule for selected rule type. Select the NAT Rule Type: Static Address Translation (1:1), Address & Port Translation or Bypass. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 171: Firewall: Nat - Source Nat Configuration - Nat Rule - Static Address Translation
10, or increments 10 to the last entered value. 2. Select the match-list. Select the match-list from the Match List field in the Match List box. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 172 NAT policy on the interface. 4. Click Apply to configure NAT rule for the newly created SNAT policy or Cancel to return to the NAT Policy page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 173: Firewall: Nat - Source Nat Configuration - Nat Rule - Address & Port Translation
Check the Priority/Rule Number check box to set the priority number for the rule to be applied. Higher the number, higher is the priority. 2. Select match-list. Select the match-list from the Match List field in the Match List box. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 174 If no port range is specified, a default port range of 2048 – 65535 is used. 4. Click Apply to configure NAT rule for the newly created SNAT policy or Cancel to return to the NAT Policy page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 175: Firewall: Nat - Source Nat Configuration - Nat Rule - Bypass
Select the match-list from the Match List field in the Match List box. 3. Click Apply to configure NAT rules for the newly created SNAT policy or Cancel to return to the NAT Policy page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 176: Firewall: Nat - New Destination Nat Configuration
DNAT you just created is displayed. Step 5: Configure NAT rule for selected rule type. Select the NAT Rule Type: Static Address Translation (1:1), Address & Port Translation or Bypass. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 177: Firewall: Nat - Destination Nat Configuration - Nat Rule - Static Address Translation
10, or increments 10 to the last entered value. 2. Select the match-list. Select the match-list from the Match List field in the Match List box. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 178: Firewall: Nat - Destination Nat Configuration - Nat Rule - Address & Port Translation
4. Click Apply to configure NAT rules for the newly created DNAT policy or Cancel to return to the NAT Policy page. Address and Port Translation Figure 97: Firewall: NAT - Destination NAT Configuration - NAT Rule - Address & Port Translation Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 179 The range for the port is 1-65535. This is optional. 4. Click Apply to configure NAT rules for the newly created DNAT policy or Cancel to return to the NAT Policy page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 180: Firewall: Nat - Destination Nat Configuration - Nat Rule - Bypass
Select the match-list from the Match List field in the Match List box. 3. Click Apply to configure NAT rules for the newly created DNAT policy or Cancel to return to the NAT Policy page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 181: Firewall: Nat - Attach Nat To An Interface
Interfaces already bound to the selected NAT are displayed in Interface Bindings table. 2. Click Enable Interface Statistics icon to enable interface statistics. 3. Click the same icon to disable interface statistics for a NAT policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 182 1. Select the NAT policy from the NAT Policy list. 2. Click Delete icon in the Action column against the NAT policy to be deleted. 3. Confirm at the prompt to delete the selected NAT policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 183: Dos Attack
The Firewall has the following tabs: Firewall Wizard, Filters, NAT, DOS Attack, Transparent Firewall and Firewall Policy. Select DOS Attack tab. DOS Attack page is displayed in the center panel. Figure 100: Firewall: DOS Attack Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 184 Follow the procedure below to create DOS Attacks. Step 1: Click New DOS Attack in DOS Attack page to create new DOS Attack. The New Attack page is displayed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 185: Firewall: Dos Attack - New
Except on the first page, right running head: Heading1 or Heading1NewPage text (automatic) Configure Figure 101: Firewall: DOS Attack - New Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 186: Firewall: Dos Attack - View
2. The DOS attacks configured for the DOS attack policy is displayed in a pop up window as shown below: Figure 102: Firewall: DOS Attack - View Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 187 DOS attack from the firewall policy. For more information on attaching an attack to a firewall policy, see “Adding Rule to Firewall Policy” section. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 188: Transparent Firewall
This page allows you to add and/or edit Transparent Firewall (TF) policy. OmniAccess 5740 USG Specific Overview • OmniAccess 5740 USG supports TF between two Ethernet interfaces (Services Engine Gigabit Ethernet). • IP packets on the TF is subjected to L3 filters that can be applied on the ingress / egress path on an interface.
Page 189: Firewall: Transparent Firewall - New
Follow the procedure below to create TF policy. Step 1: Click New in Transparent Forwarding Details page to create new TF policy. Add Transparent Forwarding page is displayed. Figure 104: Firewall: Transparent Firewall - New Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 190 TF P ELETE OLICY 1. Click Delete icon in the Action column against the TF policy to be deleted. 2. Confirm at the prompt to delete TF policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 191: Firewall Policy
The Firewall has the following tabs: Firewall Wizard, Filters, NAT, DOS Attack, Transparent Firewall and Firewall Policy. Select Firewall Policy tab. Firewall Policy page is displayed in the center panel. Figure 105: Firewall: Firewall Policy Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 192 Match-list associated with the firewall policy. Sensor Name The name of the sensor. Threshold/Pkts Threshold for the number of packets/ second. Threshold/Milli Sec Time in millisecond. Mode Detection, Prevention or Prevention- Reset. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 193: Firewall: Firewall Policy - New Firewall Policy
Figure 106: Firewall: Firewall Policy - New Firewall Policy Step 2: Enter the firewall policy name in the Firewall Name field. Step 3: Click Add to new firewall policy or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 194: Firewall: Firewall Policy - Add New Dos Attack Rule
3. Enter rule number, select match-list, DOS attack policy, define action, and select the time range. Time range is not mandatory. 4. Click Apply to add new DOS Attack rule. 5. Add as many rules as required. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 195: Firewall: Firewall Policy - Add New Intrusion Rule
Threshold/Milli Sec, and select mode. Threshold/Packets and Threshold/Milli Sec values are not mandatory. 4. Click Apply to add new intrusion rule. 5. Add as many rules as required. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 196: Firewall: Firewall Policy - Attach Interface
2. Click Edit icon in the Action column for the firewall policy rule to be edited. 3. Enter the new firewall policy rule parameters in the respective columns. 4. Click Apply to save the changes or Cancel to retain original parameters. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 197 Interface Bindings table. 2. Click Detach icon in the Action column to detach firewall policy from the selected interface. 3. Confirm at the prompt to detach the firewall policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 198: Vpn Ipsec
For IPSec Profiles, creates VPN Peers and associates IPSec Profiles to the created Tunnel Interfaces. • IKE settings for configuring PFS, Lifetime, security proposals • VPN (IPSec) settings for configuring PFS, lifetime and transform set Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 199: Vpn Ipsec: Ipsec Wizard
Step 1: Click Launch Wizard in the IPSec Wizard page to create new IPSec Policy. The following page is displayed: Figure 111: VPN IPSec: IPSec Wizard - Introduction Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 200: Vpn Ipsec: Ipsec Wizard - Create Ipsec Policy With Ipsec Profile
Enter the IP address and the subnet mask of the tunnel interface in the IP Address and Subnet Mask fields. • Enter the description for the tunnel in the Description field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 201: Vpn Ipsec: Ipsec Wizard - Create Ipsec Policy With Crypto-Map
1. Select Crypto-map radio button. Crypto-map settings is displayed. Figure 113: VPN IPSec: IPSec Wizard - Create IPSec Policy with Crypto-map 2. Enter the crypto-map name in the Policy Name field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 202: Vpn Ipsec: Ipsec Wizard - Create Ipsec Policy With Crypto-Map - Add Peer
Attach a match-list to a crypto-map under VPN Traffic (Match-list) field. You can either attach an exiting match-list or create a new match-list and attach it to the crypto-map. Click Add. Create New and Attach Existing options are displayed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 203: Vpn Ipsec: Ipsec Wizard - Create Ipsec Policy With Crypto-Map - Create Match-List
IP address for host, and enter the source address with prefix length for prefix. vi. Click OK. The match-list thus created is displayed in the VPN Traffic (Match-list) field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 204: Vpn Ipsec: Ipsec Wizard - Create Ipsec Policy With Crypto-Map - Select Match-List
At this point, a notification message “IPSec does not have license” is displayed if the IPSec license is not installed, but allows you to continue configuration. The IPSec functionality works only when a valid license is installed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 205: Vpn Ipsec: Ipsec Wizard - Ike Settings
Enter the lifetime for the IKE policy in Lifetime (seconds) field. iv. Enter the IPSec SA lifetime in the IPSec SA Lifetime (seconds) and IPSec SA Lifetime (KB) field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 206: Vpn Ipsec: Ipsec Wizard - Ike Settings - Use Existing Ike Policy
(KB) can be modified. Step 4: Click Next. VPN (IPSec) Settings window is displayed. This window allows you to configure VPN (IPSec) Settings like configuring PFS, Lifetime & transform set. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 207: Vpn Ipsec: Ipsec Wizard - Vpn (Ipsec) Settings
4. Configure Transform-set as required. To do the same, unselect the Use Default Transform-set check box. • Here you have two options: Configure a new Transform-set or use an already created Transform-set. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 208: Vpn Ipsec: Ipsec Wizard - Ike Settings - Select Existing Transform-Set
Step 5: Click Next. Summary window is displayed. Based on the IPSec policy type configured (Crypto-map or IPSec Profile using Tunnel interface), the Summary window displays the respective IPSec policy configuration. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 209: Vpn Ipsec: Ipsec Wizard - Summary (Ipsec Profile Policy Type)
Heading1 or Heading1NewPage text (automatic) Configure Figure 121: VPN IPSec: IPSec Wizard - Summary (IPSec Profile Policy Type) Figure 122: VPN IPSec: IPSec Wizard - Summary (Crypto-map Policy Type) Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 210: Vpn Ipsec: Ipsec Wizard - Ipsec Policy/Policies Generated By The Wizard
IPSec policy. Match-list Match-list associated with the IPSec policy. Click on this to view the details of the Match-list configured for the IPSec policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 211: Vpn Ipsec: Ipsec Wizard - Edit Ipsec Policy
2. Edit IPSec Policy page is displayed. This page displays the parameters configured for the selected IPSec policy. Modify the required parameters. Figure 124: VPN IPSec: IPSec Wizard - Edit IPSec Policy Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 212 An IPSec policy assigned to an interface cannot be deleted. To delete an IPSec policy associated with an interface, disassociate the IPSec policy from the interface from the Edit IPSec Policy page and then delete. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 213: Vpn Ipsec: Ipsec Wizard - View Ipsec Policy Details
2. A pop-up window displays the IKE Policy, Peer Host, Match-list, Transform Set, PFS, Lifetime in Seconds and KB details for the selected IPSec policy as shown below: Figure 125: VPN IPSec: IPSec Wizard - View IPSec Policy Details Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 214: Preshared Keys
Table 21: Preshared Keys Field Description Field Description RESHARED Peer Host IP address of the peer Preshared key. Action Provides option to edit or delete a key. Configure new preshared key. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 215: Ipsec Vpn: Assign Preshared Keys
1. Click Delete icon in the Action column against the key you want to delete. 2. Confirm at the prompt to delete the key assigned to a host. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 216: Ike Policy
The VPN IPSec has four tabs: IPSec Wizard, Preshared Keys, IKE Policy, and Transform Set. Select IKE Policy tab. IKE Policy page is displayed in the center panel. Figure 128: VPN IPSec: IKE Policy Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 217: Vpn Ipsec: Dead Peer Detection
Follow the procedure below to configure DPD. Step 1: In the IKE Policy page, click Edit under Dead Peer Detection box to enter the DPD values. Figure 129: VPN IPSec: Dead Peer Detection Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 218: Vpn Ipsec: New Ike Policy
Step 5: Set lifetime for the IKE policy in Lifetime in Seconds field in the range of 540 - 86400 seconds. The default lifetime for IKE is 86400 seconds. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 219 An IKE policy associated with any IPSec policy cannot be deleted. To delete an IKE policy associated with an IPSec policy, either disassociate that IKE policy from the IPSec policy, or delete the IPSec policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 220: Vpn Ipsec: View Ike Policy Details
2. A pop up window displays the Proposal, PFS, Lifetime, IP Security Association details for the selected IKE policy as shown below: Figure 131: VPN IPSec: View IKE Policy Details Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 221: Transform Set
IPSec Policy Reference Lists IPSec policy/policies to which the particular IKE policy is attached. Action Provides option to edit and/or delete a transform set. Create new transform set. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 222: Vpn Ipsec: New Transform Set
The system prompts if more than four encapsulations are selected. Step 4: Click Apply to add new transform set, or Cancel return to transform set page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 223 A transform set associated with any IPSec policy cannot be deleted. To delete a transform set associated with an IPSec policy, either disassociate that transform set from the IPSec policy, or delete the IPSec policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 224: Vrrp
The VRRP Interface Tracking feature extends the capabilities of the VRRP to allow tracking of specific interfaces within the router that can alter the priority of a router. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 225: Viewing Vrrp
(Seconds/Milliseconds) Tracking Interface Interface tracked for the VRRP group Displays if the Track on Interface Mode is enabled or disabled Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 226: Vrrp Group Configuration
VRRP is to be configured. Note that operational state of the interface must be up. Select the interface on which VRRP is to be configured from the list. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 227: Vrrp Group Configuration - Add Secondary Ip Address
To add more IP addresses (Secondary IP address), click Add IP Addresses. Add Secondary IP Address window is displayed. • Click Add. Add IP pop up window is displayed. Figure 136: VRRP Group Configuration - Add Secondary IP Address Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 228 Configure track Interface and set the authentication option for a virtual router. To configure track interface and set authentication option, click Optional Parameters. Add Optional Parameters window is displayed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 229: Vrrp Group Configuration - Add Optional Parameters
Disabling the track on interface mode removes tracking of the interface. iii. Set the authentication sting for the VRRP in the Group Authentication String field. OmniAccess 5740 USG supports null authentication and plain- text authentication. Maximum of 8 characters are allowed in the authentication string.
Page 230: Vrrp Group Configuration - View Master Router Details
1. Click Delete icon in the Action column for the interface whose VRRP Group is to be deleted. 2. Confirm at the prompt to delete the VRRP group. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 231: Intrusion Prevention
An IPS can be network based or host based, passive or reactive, and can rely on either misuse detection or anomaly detection. OmniAccess 5740 USG supports Snort engine for IPS functionality. This page provides the procedure to configure intrusion prevention settings and view intrusion prevention configuration status.
Page 232: Intrusion Prevention: Status
This displays the timestamp of the signature file. Signature Update Report This displays the last time the security appliance on device checked for the signature updates on remote signature server. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 233 This also displays the additions and deletions in the new version against the current version, and the signature update status. Refresh Refresh the Report Status. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 234: Intrusion Prevention: Status - Signature Update
If you have selected Other Server option, enter the URL of the location from where Signature file has to be downloaded in the URL field. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 235: Intrusion Prevention: Status - Ips Rollback
2. Select the desired version of the signature database from the Version drop-down list. 3. Click Rollback to roll back to the previous version of Signature file in the Signature Database in IDS. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 236: Global Settings
Indicates if the rule is used for DETECTION or PREVENTION or PREVENTION-RESET. Status Displays if a specific rule is enabled or disabled. Action Provides an option to edit the IPS rules. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 237: Intrusion Prevention: Global Settings - Configure
IP traffic that is generating an attack. Step 5: Set status to Enable/Disable from the Status drop-down list. Step 6: Click Apply to save changes. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 238: Signature Policies
Step 4: Select the required option by selecting the respective radio button and their values: Class/Category/Priority/SID. Step 5: Click GO. Signature policy details based on the selected option is displayed in the table with option to edit the signature policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 239 Enabled/Disabled Priority Defines the attack signature as Low, Medium, or High. Action Provides option to edit the IPS signature policy. Allows to create new rule for the signature. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 240: Intrusion Prevention: Edit Signature Policy
Based on the selected option, the signature is enabled or disabled. The Sensor Type and the SID cannot be modified. 3. Click Update to save changes or Cancel to retain the original values and to return to Signature Policy page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 241: Sensors
Rate Threshold / Per Milli Seconds Rate threshold in milli seconds. Associated Firewall Policy The firewall policy to which the sensor is attached. Action Provides option to edit/delete the sensor. Add new sensor. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 242: Intrusion Prevention: Sensor - New
This denotes the threshold time in milliseconds inside which if the specified threshold number of packets are received, those packets are treated as attacks. Step 4: Click Apply to add new intrusion sensor. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 243: Intrusion Prevention: Sensor - Associating Sensor To A Firewall Policy
8. Select the mode from the Mode list: Detection/Prevention/Prevention-Reset. 9. Click Apply to associate a Firewall Policy to a Sensor/edit the sensor parameters or Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 244 A Sensor assigned to a Firewall Policy cannot be deleted. To delete a Sensor associated with a Firewall Policy, disassociate the Sensor from the Firewall Policy and then delete. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 245: Alerts And Reports
Figure 149: Intrusion Prevention: Alerts and Reports IDS Alerts and Reports page displays all the alerts and reports based on its severity, date, module, sub module, and the message. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 246 Date the alert message is posted. Module Module for which the alert message is posted. Sub Module Sub-module for which the alert message is posted. Message The alert message. Refresh Refresh the messages. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 247: View Rule File
File Name Name of the rule file to be viewed. View File View the selected rule file. File Contents This box displays the contents of the selected rule file. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 248: Intrusion Prevention: View Rule File - View File
Step 4: Click View File to view the contents of the selected rule file in File Contents box as shown below. Figure 151: Intrusion Prevention: View Rule File - View File Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 249: Qos (Quality Of Service)
QoS processing and egress QoS processing. Ingress QoS processing deal with features that are applicable while the packet gets into the OmniAccess 5740 USG. For e.g., policing is a feature that admits packets into the system only if they arrive at a committed rate.
Page 250: Qos Configuration Wizard
Quality of Service has four tabs: QoS Wizard, Class Map, Policy Map, and Interface Association. By default, QoS Wizard tab is selected and QoS Wizard window is displayed in the center panel. Figure 152: Quality of Service: QoS Wizard Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 251: Quality Of Service: Qos Wizard - Introduction
Auto QoS configuration automatically gets enabled on the interface. These configurations are not editable. 1. In the Policy Configuration window, select Auto QoS Policy radio button. The parameters to configure Auto QoS policy is displayed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 252: Quality Of Service: Qos Wizard - Policy Configuration - Auto Qos Policy
Select Interface to apply QoS policy list. Note: By default, the policy will be attached to the interface in the egress direction. Auto QoS cannot be configured on tunnel interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 253: Quality Of Service: Qos Wizard - Policy Configuration - Customized Qos Policy
The wizard creates a policy with the following traffic classes: Voice Class, Business Critical Class, Network Control Class, Best Effort. This window allows you to configure the bandwidth for these classes. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 254: Quality Of Service: Qos Wizard - Bandwidth Allocation
3. Click Details to view the QoS classes created by the wizard and the details of the bandwidth assigned to the classes. The following pop-up window is displayed: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 255: Quality Of Service: Qos Wizard - Bandwidth Allocation - Details
Voice bandwidth is distributed/assigned for Business Critical, Network Control and Best Effort classes. Step 4: Click Next. Summary window displays the summary of the QoS policy configuration. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 256: Quality Of Service: Qos Wizard - Summary
The policy map, the interface associated with the policy map, and the class maps auto configured by the wizard is displayed in the Policy Map, Interface Association and Class Map tabs as shown below. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 257: Quality Of Service: Policy Map Generated By The Wizard
Heading1 or Heading1NewPage text (automatic) Configure Figure 159: Quality of Service: Policy Map Generated by the Wizard Figure 160: Quality of Service: Interface Association Generated by the Wizard Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 258: Quality Of Service: Class Map Generated By The Wizard
Left running head: Chapter name (automatic) Configure Figure 161: Quality of Service: Class Map Generated by the Wizard Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 259: Class Map
Quality of Service has four tabs: QoS Wizard, Class Map, Policy Map, and Interface Association. Select Class Map tab. Class Map page is displayed in the center panel. Figure 162: Quality of Service: Class Map Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 260 Match list to be associated with the class map. Action Provides option to edit and/or delete class map rules. New Class Map Rule Create new class map rule. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 261: Quality Of Service: New Class Map
Step 4: Set the rule match criteria for the class map from the Rule Match Criteria drop-down list: MATCH ALL/MATCH ANY Step 5: Click Apply to create a new class map or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 262: Quality Of Service: New Class Map Rule
Click OK. The selected match-lists is displayed in the Match List drop-down list. Step 5: Click Apply to add new class map rule or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 263 1. Click Delete icon under the Action column against the class map rule to be deleted. 2. Confirm at the prompt to delete the selected class map rule. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 264: Policy Map
Quality of Service has four tabs: QoS Wizard, Class Map, Policy Map, and Interface Association. Select Policy Map tab, Policy Map page will be displayed in the center panel. Figure 165: Quality of Service: Policy Map Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 265 Click “+” sign under a traffic class to view the child policies added to the policy map. This tree structure also allows you to define hierarchical policies, i.e, add child policies within a policy map. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 266: Quality Of Service: Policy Map - New
Policy Map Traffic Classes table. Step 7: If the Auto QoS template option is selected, the automatically created traffic classes are displayed in the Policy Map Traffic Classes table. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 267 Step 5: Define basic, policing, and congestion avoidance configuration for the Traffic Class. There are three tabs provided: Basic Configuration, Policing Configuration, Congestion Avoidance. Click on the respective tab to display the parameters. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 268: Quality Of Service: Policy Map - New Traffic Class Basic Configuration
Class Priority box. By default, Best Effort radio button is selected. Network-control class will have highest priority among all the traffic classes, Priority class will have the next priority, and Default class has the least priority. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 269 Excess burst cannot be less than committed burst. And, peak rate cannot be less than the committed rate. It is preferable to configure committed burst/excess burst as 250 milliseconds of the specified committed/peak rate. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 270 Enter the queue limit in the Queue Limit field in the Queued Limit box. Default queue limit is 150. 8. Click Apply to create a new Traffic Class with basic configuration or click Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 271: Quality Of Service: Policy Map - New Traffic Class Policing Configuration
1. Click Policing Configuration tab in the New Traffic Class page. Policing Configuration page is displayed: Figure 168: Quality of Service: Policy Map - New Traffic Class Policing Configuration Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 272: Quality Of Service: Policy Map - New Traffic Class Policing Configuration - Committed Rate
Select Committed Rate option in the Police Parameters box. The Committed Rate Parameters fields are displayed as shown below. Figure 169: Quality of Service: Policy Map - New Traffic Class Policing Configuration – Committed Rate Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 273 • Enter the peak-rate in the Peak-Rate field. Select Committed Burst in the Police Parameters box. Committed Burst Parameters are displayed as shown below. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 274: Quality Of Service: Policy Map - New Traffic Class Policing Configuration - Committed Burst
Select the IP Precedence check box and select IP Precedence value from the drop down list. Select Type of Service check box and select the type of service from the drop down list. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 275: Quality Of Service: Policy Map - New Traffic Class Policing Configuration - Excess Burst
Check Excess Burst Parameters check box to set the excess burst values. • Set Excess Burst rate in the Excess Burst field. The default burst rate is 1500 bytes. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 276 But if there is child attached to a class, then RED/WRED cannot be configured on the class. 1. Click Congestion Avoidance tab in the New Traffic Class page. The following page is displayed: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 277: Quality Of Service: Policy Map - New Traffic Class Congestion Avoidance
Max Threshold - Maximum threshold of the queue. Drop Probability - Displays the drop probability. By default, it is 10. Action - Provides an option to edit the Min Threshold, Max Threshold values. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 278 3. Edit the traffic class configuration as desired. Policy Name and Class Name cannot be edited. 4. Click Apply to save changes or Cancel to cancel the operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 279 Policy Map Traffic Classes table. 2. Click Delete icon under the Action column against the traffic class to be deleted. 3. Confirm at the prompt to delete the selected traffic class. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 280: Quality Of Service: Policy Map - Add Service Policy
Step 5: Service Policy list displays the list of policy maps configured in the system. Select the required policy map from the Service Policy list. Step 6: Click Apply. This sets the selected service policy (policy map) as a child policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 281: Quality Of Service: Policy Map - Qos Over Tunnel Interface
Step 2: The New Traffic Class page is displayed in the center panel. Step 3: Select Tunnel radio button. Tunnel Attachment page is displayed. Figure 174: Quality of Service: Policy Map - QoS over Tunnel Interface Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 282 Step 7: This automatically creates a tunnel class in the root (parent) policy. And, the policy applied over the tunnel interface will become the child policy of the root policy. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 283: Interface Association
Direction Ingress or Egress (IN or OUT). Action Provides option to edit/detach the policy map for the interface. Attach Interface Allows to attach selected policy map to an interface. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 284: Quality Of Service: Interface Association - Attach Interface
(Filter/DoS/NAT/IDS) on the interface on which QoS will be applied. Alternatively, you can configure a rule in a match-list to use DSCP bits. For example, ‘udp any any dscp ef’. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 285 1. Click Detach Interface icon in the Action column to detach the policy map from the selected interface. 2. Confirm at the prompt to detach the policy-map from the interface it has been bound. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 286 Left running head: Chapter name (automatic) Configure Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 287: Maintenance
To switch to the beta version, import color def’ns from beta-colors.fm HAPTER AINTENANCE AINTENANCE This chapter describes the procedure to maintain the OmniAccess 5740 USG, configure upgrade software, flash and its components. From the USGM menu bar, click Maintenance. All submenu/links under Maintenance are displayed in the left navigation panel.
Page 288: Utilities
TILITIES The utilities page allows saving the running configuration, rebooting the system, and deleting selected files from the USB. Also, this page provides an option to ping, trace route, and establish telnet connection to the OmniAccess 5740 USG. IEWING TILITIES Follow the procedure below to view the Interface statistics.
Page 289 Sends ICMP echo requests, and checks the connectivity to a specific host Telnet Starts a telnet connection to a remote host Note: This option is available only in Windows Operating System. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 290: Maintenance: Utilities - Save Running Configuration (A)
1. Click Save Config… to save the current running configuration. The following window is displayed: Figure 178: Maintenance: Utilities - Save Running Configuration (a) • Click Save. Once the configuration is saved, the following window is displayed: Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 291: Maintenance: Utilities - Save Running Configuration (B)
Except on the first page, right running head: Heading1 or Heading1NewPage text (automatic) Maintenance Figure 179: Maintenance: Utilities - Save Running Configuration (b) Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 292: Maintenance: Utilities - Device Reboot
Chapter name (automatic) Maintenance EBOOT EVICE You can reboot the OmniAccess 5740 USG. Reboot has the same effect as power cycling the chassis. 1. Click Reboot Device… to reboot the system. The following window is displayed asking you to confirm the reboot.
Page 293: Maintenance: Utilities - Cleanup Usb
3. Click Delete to delete the selected files. 4. Click Clear to clear the file selection and add new files for deletion. 5. Click Cancel to cancel the cleanup operation. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 294: Maintenance: Utilities - Ping
Packets - The number of packets sent. • Bytes - Number of bytes for each packet. • Remarks - Time out for each packet. • Detailed Status - Displays the detailed ping status. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 295: Maintenance: Utilities - Telnet
1. Click Telnet. The following page is displayed: Figure 183: Maintenance: Utilities - Telnet 2. Enter the authenticated user name and the password to get the access to the remote system. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 296: License Management
ICENSE ANAGEMENT Some of the features on the OmniAccess 5740 USG are license enabled. Hence they require a license to function. These licenses regulate the availability of a licensable feature at all times. These licenses are contained in a set of license files that will describe the features authorized to run on the OmniAccess 5740 USG.
Page 297: Maintenance: License Management
Except on the first page, right running head: Heading1 or Heading1NewPage text (automatic) Maintenance Figure 184: Maintenance: License Management Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 298 Step 1: Click Install License in the License Management page. Step 2: Install License window is displayed. The license file can be installed either from the device (USB) or from the remote location. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 299: License Management: Install License From Device
(Note that it may take a few seconds to fetch the files from the storage medium.) Figure 186: License Management: Install License from Device - Browse File Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 300: License Management: Install License From Remote Site (A)
5. Enter the path of the license to be installed from the remote site in License File Path field. 6. Click OK to install the license or click Cancel to quit installing the license at any time. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 301: License Management: Uninstall/Backup License
License File drop-down list. Step 3: Click Backup. License Backup window is displayed. The license backup can be taken either on the device (USB) or at the remote location. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 302: License Management: Backup License On Usb Device
(Note that it may take a few seconds to fetch the files from the storage medium.) 3. The selected file is displayed in the File Name field in the License Backup window. 4. Click Ok to backup the license file. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 303: License Management: Backup License To Remote Site
Step 3: Confirm at the prompt to uninstall the license file or click Cancel to cancel the operation. Once confirmed, this would delete the license file and withdraw the licenses of all the related features. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 304: Upgrade
• Software Upgrade • Flash Upgrade Packages are the vehicles for software delivery on a Alcatel Lucent system. There are three kinds of packages: 1. LoL-<version>.npm This is the collection of files that installs the operating system components. It contains the flash image for SC (Switch Card), Services Engine (SE) and other line cards.
Page 305: Software Upgrade
The Upgrade menu has two tabs: Software Upgrade and Flash Upgrade. Select Software Upgrade tab. Software Upgrade page is displayed in the center panel. This displays the current software configuration. Figure 191: Maintenance: Upgrade - Software Upgrade Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 306 Date the package was built. Size (KB) Size of the package in KB. Action Provides option to set the selected package as the default package or remove the package. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 307: Upgrade: Software Upgrade - Install Package From Device (A)
2. Click Browse… to select the path for the package. (Note that it may take a few seconds to fetch the files from the storage medium.) 3. The following window is displayed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 308: Upgrade: Software Upgrade - Install Package From Device - Browser Page (B)
Figure 193: Upgrade: Software Upgrade - Install Package from Device - Browser page (b) 4. Select the required file and click Open. 5. The selected file is displayed in the Package field in the Package Installation Details page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 309: Upgrade: Software Upgrade - Install Package From Device (D)
There can be two kinds of Package Type: Release and Component Upgrade. • The following page is displayed for Package Type Release. Figure 195: Upgrade: Software Upgrade - Install Package from Device (d) Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 310: Maintenance: Software Upgrade - Install Package From Device Successful (E)
8. The new package is displayed under Default Package table or Other Package table based on the option selected while installing as shown below. Figure 196: Maintenance: Software Upgrade - Install Package from Device Successful (e) Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 311: Upgrade: Software Upgrade - Install Package From Remote Site (A)
Clicking Continue verifies the package and leads to next page based on the Package Type being installed, and also if the verification succeeds. There can be two kinds of Package Type: Release and Component Upgrade. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 312: Upgrade: Software Upgrade - Install Package From Remote Site (B)
7. Click Install. This installs the new package. 8. The new package is displayed under Default Package table or Other Package table based on the option selected while installing. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 313: Upgrade: Software Upgrade - Backup Package On Usb Device
(Note that it may take a few seconds to fetch the files from the storage medium.) 3. The selected file is displayed in the Backup boot path field in the Backup Details page. 4. Click Backup to backup the package. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 314: Upgrade: Software Upgrade - Backup Package At Remote Site
5. Enter the relative path for the package to backup at remote location in the Package Path field. 6. Click Continue to save the default package backup in the destination path. 7. Click Cancel to quit the process. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 315: Upgrade: Software Upgrade - Set As Default
THER ACKAGE AS EFAULT ACKAGE The package that comes with OmniAccess 5740 USG is always set as default package. If you install another package and would like to set that newly installed package as default package, use the following procedure.
Page 316: Upgrade: Software Upgrade - Package Component Details
(in kilobytes), and the total number of components in the package is displayed in the Component Details window. Figure 202: Upgrade: Software Upgrade - Package Component Details Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 317: Upgrade: Software Upgrade - Cleanup Usb
1. To remove a package, click Remove Package icon under the Action column in Other Package table. 2. Confirm at the prompt to remove the package. Note: The default package cannot be removed. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 318: Flash Upgrade
LoL Firmware Version Version of the firmware that resides on boot flash Loader Version Version of the bootloader Flash Upgrade Upgrade flash either from USB or from a remote site Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 319: Upgrade: Flash Upgrade - Flash Upgrade On Usb
3. Select Save Running Configuration check box to save the running configuration to the startup configuration. 4. Click Install to upgrade the flash. 5. System restarts and the new flash image is installed in the system. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 320: Upgrade: Flash Upgrade - Flash Upgrade From A Remote Location
6. Select Save Running Configuration check box to save the running configuration to the startup configuration. 7. Click Install to install the flash image. 8. System restarts and the new flash image is installed in the system. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 321: Monitor
From the USGM menu bar, click Monitor. All submenu/links under Monitor are displayed in the left navigation panel. Pagination: Numeric & continuous Optional footer: Alcatel-Lucent with Manual title (to set, preceding redefine ManualTitle OmniAccess 5740 Unified Services Gateway Web GUI Users Guide section of Beta Beta Beta Beta variable) book...
Page 322: Interface Statistics
Step 3: Click Interface Statistics sub-menu. Interfaces page displays the details of all the interfaces configured on the system in the center panel. Figure 207: Monitor: Interfaces Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 323 Oper Status Indicates if the interface is active or inactive. Action Provides option to view the interface statistics. Refresh Refresh the Interface Statistics page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 324: Monitor: Interfaces Statistics - View Interface Statistics
2. The interface statistics is displayed in a pop up window as shown below: Figure 208: Monitor: Interfaces Statistics - View Interface Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 325 Figure 209: Monitor: Interfaces Statistics - View Interface Statistics 3. The graph shows the real time statistical details -the number of packets sent and received on an interface (Bytes/sec). Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 326: Dhcp Bindings
Monitor are displayed in the left navigation panel. Step 3: Click DHCP Bindings sub-menu. The following page is displayed in the center panel. Figure 210: Monitor: DHCP Bindings Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 327 Specifies the time for which the clients can use the IP address assigned to them. This will be ‘Infinite’ for Manual bindings. Type of Binding Displays the type of DHCP binding: Dynamic/Manual Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 328: Active Routes
Step 5: Select Select VRF radio button. Choose the required VRF from the list. This displays the static routes attached to the VRF selected from the list. Figure 211: Monitor: Active Route Details Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 329 IP address of the interface through which the traffic is routed Administrative Distance The administrative distance of the routing protocol Protocol Static/Connected/Protocol type (RIP, OSPF, etc.) Refresh Update the Active Routes page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 330: Traffic Statistics
Step 5: Select Select VRF radio button. Choose the required VRF from the list. This displays the static routes attached to the VRF selected from the list. Figure 212: Monitor: Traffic Statistics - IP Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 331 Counters supported for outgoing traffic Value The value of each of the counters Fragment Counter Name Counters supported Value The value of each of the counters Refresh Refresh the IP Statistics page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 332: Icmp Statistics
VRF. Step 6: Select Select VRF radio button. Choose the required VRF from the list. This displays the static routes attached to the VRF selected from the list. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 333: Monitor: Traffic Statistics - Icmp Statistics
Except on the first page, right running head: Heading1 or Heading1NewPage text (automatic) Monitor Figure 213: Monitor: Traffic Statistics - ICMP Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 334 Counters supported Value The value of each of the counters Received Counter Name Counters supported Value The value of each of the counters Refresh Refresh the ICMP Statistics page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 335: Snmp Statistics
Monitor are displayed in the left navigation panel. Step 3: Click SNMP Statistics sub-menu. SNMP Statistics page displays the SNMP statistics in the center panel. Figure 214: Monitor: SNMP Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 336 Number of SNMP requests received. Value The value of each of the counters Sent Counter Name Number of SNMP requests sent. Value The value of each of the counters Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 337: Firewall Session Statistics
Step 3: Click Firewall Session Statistics sub-menu. Firewall Session Statistics page displays the Firewall Session summary and the details table in the center panel. Figure 215: Monitor: Firewall Session Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 338 Time elapsed since the last data transfer took place. This helps in deleting a session if it has been idle for too long. Refresh Refresh the Firewall Session Statistics page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 339: Firewall And Security
Filter List drop down list. The filter page displays the parameters, actions and the interface information for the selected filter. Figure 216: Monitor: Firewall and Security - Filters Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 340 The interface to which the filter is applied Direction The direction of the traffic to which the filter is applied: In/Out Action Enable/Disable statistics for a selected interface from the Configuration page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 341: Monitor: Firewall And Security - Filters - Show Policy Statistics
Filter List drop down list. Step 2: Click Show Policy Statistics. Global statistics for the selected Filter policy is displayed. Figure 217: Monitor: Firewall and Security - Filters - Show Policy Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 342: Nat
NAT Policy Name drop down list. The NAT page displays the policy name, type of policy, rules configured and the interface that the policy is applied to for the selected NAT Policy. Figure 218: Monitor: Firewall and Security - NAT Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 343 The interface to which the NAT policy is applied Direction The direction of the traffic to which the policy is applied: In/Out Action Enable/Disable statistics for an interface from the Configuration page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 344: Dos Attack
Firewall Policy Reference The firewall policy to which the DOS Attack is attached. Action Provides option to view the configured threshold for an attack, and the attack counters. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 345: Firewall And Security - Dos Attack - Show Dos Attack Statistics
2. The configured threshold for an attack is displayed in a pop up window as shown below: Figure 221: Monitor: Firewall and Security - DOS Attack - View Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 346: Monitor: Firewall And Security - Dos Attack - View Statistics
3. Click View Statistics icon in the Action column against the attack. The attack counters is displayed in a pop up window as shown below: Figure 222: Monitor: Firewall and Security - DOS Attack - View Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 347: Firewall Policy
Step 5: Click Show Policy Statistics. This displays the firewall policy statistics for the selected firewall policy in a pop up window. Figure 224: Firewall and Security - Firewall Policy - Show Policy Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 348: Firewall And Security - Firewall Policy - Show Policy Statistics
2. This displays the firewall statistics for the rule in a pop up window as shown below: Figure 225: Firewall and Security - Firewall Policy - Show Policy Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 349: Ipsec Vpn Statistics
Policies drop-down list. IPSec VPN Statistics page displays the details of all the IPSec VPNs configured on the system in the center panel. Figure 226: Monitor: IPSec VPN Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 350 Errors Number of packets with errors Time-left The duration left after which the lifetime (lifetime in kilobytes/lifetime in seconds) gets reset. Refresh Refresh the IPSec VPN Statistics page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 351: Ips Statistics
Summary tab is selected and Summary page is displayed in the center panel. The Summary page displays the snort statistics. Click Clear Counter(s) to clear the statistics counters. Figure 227: Monitor: IPS Statistics - Summary Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 352 Packets Detected The number of packets that were identified as an intrusion. Clear Counter(s) Clears the statistics counters. Refresh Refresh the IPS Summary statistics. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 353: Preprocessor
Preprocessor tab. Preprocessor page is displayed in the center panel with the snort preprocessor statistics. Click Clear Counter(s) to clear the statistics counters. Figure 228: Monitor: IPS Statistics - Preprocessor Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 354 Value Displays the number of intrusions detected for each of the corresponding counters Clear Counter(s) Clears the statistics counters Refresh Refresh the IPS Preprocessor statistics page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 355: Rules
Rules tab. Rules page is displayed in the center panel with information about the intrusions that were detected as per the snort rules. Figure 229: Monitor: IPS Statistics - Rules Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 356 Number of intrusions detected as per the particular counter for that rule Action Clears the individual counter Clear Counter(s) Clears the statistics counters Refresh Refresh the IPS Rules statistics page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 357: Qos Statistics
Step 3: Click QoS Statistics sub-menu. QoS Statistics page displays the details of the QoS configured on the system in the center panel. Figure 230: Monitor: QoS Statistics Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 358 Total amount of bytes dequeued by the traffic class Queue Length Number of packets currently in the queue. Clear Ingress Statistics Clears the egress statistics Refresh Refresh the QoS page Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 359: Logs
Step 4: Select the log severity from the Select the Log severity drop-down list. Log messages based on the selected severity and higher (numerically lower) severities is displayed as shown below. Figure 231: Monitor: Logs Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...
Page 360 The sub module for which the log was generated. Message The detailed log message. Delete All Deletes all the logs from the Logs page. Refresh Refreshes the logs in the Logs page. Alcatel-Lucent OmniAccess 5740 Unified Services Gateway Web GUI Users Guide Beta Beta...