Allied Telesis AR410 User Manual
  1. Manuals
  2. Brands
  3. Allied Telesis Manuals
  4. Network Router
  5. AR410
  6. User manual

Allied Telesis AR410 User Manual

Ar400 series software release 2.7.1
Hide thumbs Also See for AR410:
Table of Contents

Advertisement

Quick Links

AR400 SERIES
User Guide
Software Release 2.7.1
AR410
AR440S
AR441S
AR450S

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the AR410 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Allied Telesis AR410

Summary of Contents for Allied Telesis AR410

  • Page 1 AR400 SERIES User Guide Software Release 2.7.1 AR410 AR440S AR441S AR450S...
  • Page 2 All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn. Allied Telesyn International Corp. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice.

  • Page 3: Table Of Contents

    Contents Introduction CHAPTER 1 Why Read this User Guide? ................7 Where To Find More Information ..............8 The Documentation Set ................8 Technical support ....................9 Features of the Router ..................9 Management Features ................10 Layer 3 and Other Features ............... 10 Special Feature Licences ................
  • Page 4 Synchronous Ports (models with PIC bay) ............77 Switch Ports ....................77 Port Speed and Duplex Mode ..............77 Limiting Switch Traffic (AR410 and AR410S only) ........78 Packet Storm Protection (AR440S, AR441S, AR450S only) ......79 Virtual LANs ....................80 Point to Point Protocol (PPP) ................
  • Page 5 Frame Relay (models with PIC bay) ..............82 Integrated Services Digital Network (ISDN) (models with PIC bay) ....85 BRI Versus PRI ................... 85 Configuring the Basic Rate Interface ............85 Configuring the Primary Rate Interface ............. 85 Default Setup ................... 86 Testing the BRI or PRI PIC ................

  • Page 7: Chapter 1 Introduction

    Chapter 1 Introduction Welcome to the AR400 Series router — the optimal solution for your small or medium sized business. This guide introduces your new router and will guide you through the most common uses and applications. Getting started will not take long—many applications are set up in just a few minutes.

  • Page 8: Where To Find More Information

    AR400 Series Router User Guide ■ Chapter 3, Getting Started with the Graphical User Interface (GUI) describes how to access and use the graphical user interface. ■ Chapter 4, Operating the router introduces general operation, management and support features, including loading and installing support files and new releases.

  • Page 9: Technical Support

    Features of the Router The AR400 Series router supports a wide range of network interfaces which allows you to choose the network service that is right for you. The AR410 base unit supports: ■ four 10/100 Mbps full duplex switched Ethernet LAN ports.

  • Page 10: Management Features

    AR400 Series Router User Guide You can add additional interfaces to these routers by installing a Port Interface Card (PIC) in the PIC bay. The AR450S base unit supports: ■ five 10/100 Mbps full duplex switched Ethernet LAN ports. ■ two 10/100 Mbps full duplex Ethernet WAN port ■...
  • Page 11 Tunnelling of synchronous (HDLC) data through TCP/IP (models with a PIC bay). ■ Terminal serving using Telnet, with local host nicknames. ■ Access to network printers via LPD or TCP streams (AR410 only). ■ Resource Reservation Protocol (RSVP) for delivering quality of service to application data streams. ■...

  • Page 12: Special Feature Licences

    Special Feature Licences You need a special feature licence and password to activate some special features over and above the standard software release. Typically, these special features are covered by government security regulations. Special feature licences and passwords are quite separate and distinct from the standard software release licences and passwords.

  • Page 13: Chapter 2 Getting Started With The Command Line Interface (Cli)

    Chapter 2 Getting Started with the Command Line Interface (CLI) This Chapter This chapter describes how to access the router’s CLI, and provides basic information about configuring the router, including how to: ■ Physically connect a terminal or PC to the router (see “Connecting a Terminal or PC”...

  • Page 14: Connecting A Terminal Or Pc

    AR400 Series Router User Guide Connecting a Terminal or PC The first thing to do after physically installing the router is to start a terminal or terminal emulation session to access the router. Then you can use the command line interface (CLI) to configure the router. If you wish to configure the router using the Graphical User Interface, you must first access the CLI and assign an IP address to at least one interface.

  • Page 15: Logging In

    IP traffic. Depending on the router model, these may include: ■ the default VLAN (vlan1) ■ the DMZ (vlan2, which contains port 3, on the AR410 and AR410S; eth1 on the AR450S) ■ the WAN Ethernet port (eth0). For the default VLAN, use the command: ADD IP INTERFACE=vlan1 IPADDRESS=ipadd MASK=mask Software Release 2.7.1...
  • Page 16 ADD IP INTERFACE=eth1 IPADDRESS=ipadd MASK=mask where ipadd is an unused private or public IP address. The default DMZ interface on the AR410 or AR410S is vlan2, which contains port 3. Therefore connect your DMZ server/s to the router’s switch (network)

  • Page 17: Setting Routes

    Getting Started with the Command Line Interface (CLI) AR410 and Switching on the AR440S, AR441S and AR450S in the Software Reference. For more information about IP addressing and routing, see Chapter 6, Routing in this document, and the Internet Protocol (IP) chapter in the Software Reference.

  • Page 18: Choosing A Password

    AR400 Series Router User Guide Choosing a Password All users, including managers, should take care in selecting passwords. Tools exist that enable hackers to guess or test many combinations of login names and passwords easily. The User Authentication Facility (UAF) provides some protection against such attacks by allowing the manager to set the number of consecutive login failures allowed and a lockout period when the limit is exceeded.

  • Page 19: Aliases

    Getting Started with the Command Line Interface (CLI) Table 2: Command line editing functions and keystrokes (Continued) Function VT100 Terminal Dumb terminal ↑ or [Ctrl/B] Recall previous command [Ctrl/B] ↓ or [Ctrl/F] Recall next command [Ctrl/F] Display command history [Ctrl/C] or [Ctrl/C] SHOW PORT HISTORY or SHOW PORT HISTORY...

  • Page 20: Enabling Special Feature Licences

    Also, typing a question mark “?” at the end of a partially completed command displays a list of the parameters that may follow the current command line, with the minimum abbreviations in uppercase letters. The current command line is then re-displayed, ready for further input. Enabling Special Feature Licences You must enable the special feature licence you have purchased before you can use the licenced features.
  • Page 21 Getting Started with the Command Line Interface (CLI) System name, location and contact parameters can help a remote network administrator identify the router. By convention the system name is the full domain name. Set the name of the router, for example: SET SYSTEM NAME=nd1.co.nz the location of the router, for example: SET SYSTEM LOCATION=”Head Office, 3rd floor east”...
  • Page 22 AR400 Series Router User Guide Software Release 2.7.1 C613-02021-00 REV F...

  • Page 23: Chapter 3 Getting Started With The Graphical User Interface (Gui)

    Chapter 3 Getting Started with the Graphical User Interface (GUI) This Chapter This chapter describes how to access the router’s HTTP-based Graphical User Interface (GUI), and provides basic information about using the GUI, including: ■ What is the GUI? • an introduction to the Graphical User Interface ■...

  • Page 24: What Is The Gui

    What is the GUI? The GUI (Graphical User Interface) is a web-based device management tool, designed to make it easier to configure and monitor the router. The GUI provides an alternative to the CLI (Command Line Interface). Its purpose is to make complicated tasks simpler and regularly performed tasks quicker.
  • Page 25 Getting Started with the Graphical User Interface (GUI) To enable JavaScript in Netscape 6.2.x: From the Edit menu, select Preference Select the Advanced menu option. Ensure that the “Enable JavaScript for Navigator” checkbox is checked. The minimum screen resolution on the PC is 800x600. Pop-up Windows Pop-up windows must be allowed.

  • Page 26: Establishing A Connection To The Router

    AR400 Series Router User Guide Establishing a Connection to the Router Before you start, consider how the router fits into your network. If you are installing a new router, consider whether you want to configure it before deploying it into the LAN, or want to configure it in situ. If you want to access a router that has already been configured, consider the relative positions of the PC and the router.
  • Page 27 Getting Started with the Graphical User Interface (GUI) Option 1: Configuring the Router before Installation Use this procedure if: ■ You want to configure the router before installing it in your LAN. ■ You will be installing the router at a remote office or a customer site and want to configure it first.
  • Page 28 Use an Ethernet cable to connect one of the switch ports to a device on the LAN segment, for example, a hub, router or switch (see Figure 3). Connect AR410 and AR410S routers through port 4 and ensure that the PC/hub switch is pressed in.
  • Page 29 Getting Started with the Graphical User Interface (GUI) Figure 4: Configuring the router from a PC in another subnet. gateway subnet subnet AR400 Series router You can browse to the router through any VLAN or ETH port, as long as you give that interface an IP address (see below).
  • Page 30 AR400 Series Router User Guide If you want to be able to browse to the GUI securely, configure SSL (Secure Sockets Layer) See “Secure Access” on page 31 for more information. Save the configuration and set the router to use it on bootup CREATE CONFIG=filename.cfg SET CONFIG=filename.cfg On the PC, bypass the HTTP proxy server, if necessary...

  • Page 31: Secure Access

    Getting Started with the Graphical User Interface (GUI) See “Browser and PC Setup” on page 24 for more information. If necessary, bypass the HTTP proxy server See “HTTP Proxy Servers” on page 25 for more information. Browse to the router For normal access, point your web browser to http://ip-address where ip-address is the interface’s IP address.
  • Page 32 AR400 Series Router User Guide RESTART ROUTER Login as a Security Officer To login as the user with Security Officer privilege called “CIPHER”, use the command: LOGIN CIPHER And then enter the password for “CIPHER”, “sbr4y3”. Enable system security To enable system security, use the command: ENABLE SYSTEM SECURITY Create an RSA key pair for this router.

  • Page 33: System Status And System Hardware Details

    System Status and System Hardware Details The GUI opens to display the system status (system hardware details for AR410 Series routers). Figure 5 shows the system status page for an AR450S router, and points out key information contained on the page.

  • Page 34: Using The Gui: Navigation And Features

    • the DHCP server, to dynamically assign IP addresses to hosts in your • IPX (on AR410 Series routers) • the firewall on AR450S routers, to protect your LAN and public servers AR450S Router from attack. Firewall configuration includes options for logging and alerts Software Release 2.7.1...

  • Page 35: Using Configuration Pages

    “modify” page, which lets you expand or change the configuration (for example, change the Hello interval for a PIM interface; see AR410 Router Figure 8 on page 37). To delete or destroy an item, select it by clicking on the option button at the beginning of its entry in the selection table.
  • Page 36 AR400 Series Router User Guide Figure 6: An example of a configuration page with a selection table Tabs Heading row Radio button Add, Modify and Remove buttons Figure 7: An example of a popup “add” page Text field Select list Checkbox Apply and Cancel buttons...
  • Page 37 Getting Started with the Graphical User Interface (GUI) Figure 8: An example of a popup “modify” page Non-editable field Editable Fields GUI pages allow you to enter values or select options through a range of field types. These include: • text fields, to enter character strings or numbers, especially for fields where there are few limits on the entries (such as names).

  • Page 38: The Management Menu

    Layer 2 Forwarding Database, which shows the MAC addresses that the switch ports have learned, and out which port the router will switch traffic to each MAC address (not on AR410 or AR410S routers) • information about Address Resolution Protocol (ARP) entries •...

  • Page 39: The Diagnostics Menu

    • an interface to the router’s command line interface, allowing you to enter CLI commands. AR410 Router Changing the Password As a security precaution, change the password as soon as possible. To change the password of the default Manager account, select Management >...

  • Page 40: Saving Configuration Entered With The Gui

    AR400 Series Router User Guide To freeze the banner’s display so that the help does not change when you move the mouse, press the [Ctrl] key. To unfreeze, press [Ctrl] again. Note that element information is not available for most entries in tables. To see descriptions of the columns of tables, click Complete Help Page.

  • Page 41: Upgrading The Gui

    Getting Started with the Graphical User Interface (GUI) Upgrading the GUI You can download the latest GUI resource file from the support site at http://www.alliedtelesyn.co.nz/support/ar400. Before you start, ensure that the router is running the most recent release and patch files. The GUI is not part of the firmware release file, but the most recent resource file will generally only be compatible with the most recent software release.

  • Page 42: Troubleshooting

    AR400 Series Router User Guide • server is the IP address of the TFTP server the file is loaded from. When the router has loaded the file into its RAM, it displays the message “File transfer successfully completed”. It then writes the file to FLASH memory, which takes approximately 30 seconds after the message.

  • Page 43: Deleting Temporary Files

    Getting Started with the Graphical User Interface (GUI) Deleting Temporary Files Browsers store local copies of web pages as temporary files. If you upgrade to a new GUI resource file, or if you encounter problems in browsing to the GUI, you may need to delete these files (clear the cache).

  • Page 44: Traffic Flow And Network Address Translation (Nat)

    Problem The GUI is behaving inconsistently, or you cannot access some pages. ■ Solution Delete your browser’s temporary files (see “Deleting Temporary Files” on page 43) and try again. ■ Check that JavaScript is enabled. ■ If you are using a toolbar or plug-in on your browser to block pop-ups, disable it while using the GUI.

  • Page 45: Firewall

    Getting Started with the Graphical User Interface (GUI) • Any password and authentication settings must be configured on the neighbour as well as on this router. ■ Check that the router is passing the correct DNS information to hosts on the LAN, if the router is a DHCP server.
  • Page 46 AR400 Series Router User Guide ■ Check the NAT configuration. See “Traffic Flow and Network Address Translation (NAT)” on page 44. Problem Illegitimate traffic is reaching your LAN or DMZ. ■ Solutions The most likely cause of this problem is an incorrect rule. Check that: •...

  • Page 47: Ip Addresses And Dhcp

    Getting Started with the Graphical User Interface (GUI) Problem A device on your LAN or DMZ can access a service on the Internet even though it should be blocked. ■ Solutions The most likely cause of this problem is an incorrect outgoing rule. Check that: •...

  • Page 48: Traffic Logging And Firewall Alert Messages

    AR400 Series Router User Guide Traffic Logging and Firewall Alert Messages Problem Firewall Alert messages are not being emailed. ■ Solution Check that Enable Email Firewall Alerts is checked (Configuration > Firewall > Events > Alarms tab) and that the email address is correct. ■...

  • Page 49: Loading Software

    Getting Started with the Graphical User Interface (GUI) Problem The router’s clock does not synchronise with the NTP peer. ■ Solution The router’s clock can only synchronise with the NTP peer if its initial time is similar to the NTP peer’s time (after setting the UTC offset). Manually set the router’s time so that it is approximately correct, and enable NTP again.
  • Page 50 AR400 Series Router User Guide Software Release 2.7.1 C613-02021-00 REV F...

  • Page 51: This Chapter

    Chapter 4 Operating the router This Chapter This chapter introduces basic operations on the router, including: ■ “User Accounts and Privileges” on page 51 ■ “Normal Mode and Security Mode” on page 53 ■ “Remote Management” on page 56 ■ “Storing Files in FLASH Memory”...
  • Page 52 AR400 Series Router User Guide In normal mode, a user with manager privilege can create and delete accounts for users with any of these privilege levels. Users and passwords are managed by the User Authentication Facility. Users and passwords are authenticated using an internal database called the User Authentication Database, or by interrogation of external RADIUS (Remote Authentication Dial In User Service) or TACACS (Terminal Access Controller Access System) servers.

  • Page 53: Normal Mode And Security Mode

    Operating the router See the Operations chapter in the Software Reference for: ■ More information about managing and using accounts with user, manager and security officer privileges ■ A full list of commands that require security officer privilege when the router is in secure mode ■...
  • Page 54 AR400 Series Router User Guide router is in security mode. A complete list of commands limited by security mode are listed in the Operation chapter in the Software Reference. Table 5: Commands requiring SECURITY OFFICER privilege when the router is operating in security mode .
  • Page 55 Operating the router Table 5: Commands requiring SECURITY OFFICER privilege when the router is operating in security mode (Continued). Command Specific Parameters DISABLE ISAKMP DISABLE PKI DEBUG DISABLE SA DISABLE SSH DISABLE USER DUMP EDIT ENABLE FEATURE ENABLE IPSEC ENABLE ISAKMP ENABLE PKI DEBUG ENABLE PPP DEBUG ENABLE PPP TEMPLATE DEBUG...

  • Page 56: Remote Management

    AR400 Series Router User Guide Table 5: Commands requiring SECURITY OFFICER privilege when the router is operating in security mode (Continued). Command Specific Parameters SET SSH SET STAR SET USER SHOW CONFIG SHOW ENCO KEY SHOW FEATURE SHOW FILE SHOW PPP CONFIG SHOW STAR [=id], MKTTRANSFER, NETKEY...

  • Page 57: Using Scripts

    Operating the router FLASH memory is like a flat file system, with no subdirectories. File names of up to 16 characters long, with extensions of 3 characters (DOS 16.3 format), are supported on the router. However, files on the router are stored in FLASH using the DOS 8.3 format of 8 characters long, with extensions of 3 characters.

  • Page 58: Saving The Router's Configuration

    AR400 Series Router User Guide The commands you enter into the router from the command line affect only the dynamic configuration in RAM, which is not retained over a power cycle. The router does not automatically store these changes in FLASH memory. When the router is restarted, it loads the configuration defined by the boot script, or if the router was restarted using the RESTART command, any script file specified in the RESTART command.

  • Page 59: Storing Multiple Scripts

    Operating the router Storing Multiple Scripts You can store multiple configuration scripts on the router. This allows you to test new configuration scripts once, before setting them as the default configuration. For example, to test the new configuration script test.cfg enter the command: RESTART SWITCH CONFIG=test.cfg Storing multiple scripts also allows you to keep a backup router with...

  • Page 60: Loading Files

    AR400 Series Router User Guide Table 6: File extensions and file types (Continued). Extension File type/function Stores install information created by using the SET INSTALL command. (Joint Photographic Experts Group) graphic image file. Public portion of an RSA key. Licence information. Log file.

  • Page 61: Setting Loader Defaults

    Operating the router To load a file onto the router using the HTTP protocol, enter the command: LOAD [METHOD={HTTP|WEB|WWW}] [DELAY=delay] [DESTFILE=destfilename] [DESTINATION=BOOTBLOCK|FLASH}] [HTTPPROXY={hostname|ipadd} [PASSWORD=password] [PROXYPORT=1..65535]] [SERVER={hostname|ipadd}] [SERVPORT={1..65535|DEFAULT}] [SRCFILE|FILE=filename] [USERNAME=username] The router can only load one file at a time. Wait for the current transfer to complete before initiating another transfer.

  • Page 62: Uploading Files From The Router

    AR400 Series Router User Guide o load a patch file Configure the LOADER. Set the LOADER module with defaults to make the process of downloading files in future simpler. SET LOADER METHOD=HTTP SERVER=192.168.1.1 DESTINATION=FLASH Download the patch file. Download the patch file onto the router, using the defaults set above. LOAD FILE=52261-01.paz When the download has completed, check that the file is in FLASH.

  • Page 63: More Information

    Operating the router Upload the configuration file. Upload the configuration file from the router into the TFTP directory of the TFTP server on the network, using the defaults set above. UPLOAD FILE=filename.cfg Monitor the load progress. SHOW LOAD When the upload is complete, check that the file is in the TFTP directory on the network host.

  • Page 64: Example: Upgrade To A New Software Release Using Tftp

    AR400 Series Router User Guide • Secondly, if no temporary install is defined, or the install information is invalid, the router checks the preferred install. If present, this install is loaded. The router never deletes the preferred install information. • Thirdly, if neither a temporary install nor a preferred install is specified, the router loads the default install.
  • Page 65 Operating the router Load the new release file onto the router. Make sure there is space in FLASH for the new release file. Load the new file onto your router. Make sure the release file matches your router model (see “Upgrading Router Software” on page 63). Load any patch files required, and the help file for the release (see “Loading and Uploading Files”...

  • Page 66: Example: Upgrade To A New Patch File

    Use this procedure to upgrade the software release currently running on the router with a new patch. This example assumes that the Software Release 2.6.1 is set as the preferred release, on an AR410 router. The patch name is this example is 52261-01.paz...

  • Page 67: Using The Built-In Editor

    Operating the router Using the Built-in Editor The router has a built-in full-screen text editor for editing script files stored on the router file subsystem. Using the text editor you can run script files manually, or set script files to run automatically at router restart, or on trigger events.

  • Page 68: Snmp And Mibs

    SNMP and MIBs You can remotely monitor some features of the router using Simple Network Management Protocol (SNMP). For information about the MIBs supported by the router, see Appendix C: SNMP MIBs in the Software Reference. The SNMP agent is disabled by default. To enable SNMP, enter the command: ENABLE SNMP SNMP communities are the main configuration item in the router’s SNMP agent, and are defined in terms of a list of IP addresses which define the SNMP...
  • Page 69 Operating the router ■ How to use Router Startup Operations ■ How to use FLASH compaction to regain storage space on the router. Read “Warning about FLASH memory” on page 12 before you attempt to do this. ■ How to set aliases to represent common command strings. ■...
  • Page 70 AR400 Series Router User Guide Software Release 2.7.1 C613-02021-00 REV F...

  • Page 71: This Chapter

    Chapter 5 Physical and Layer 2 Interfaces This Chapter This chapter introduces the physical and logical interfaces available on the base unit router and the optional interfaces available as expansion options for the PIC bay. Topics covered are: ■ “Interfaces” on page 73 ■...
  • Page 72 AR400 Series Router User Guide Figure 11: Network overview. Physical interfaces Data link protocols Network routing protocols X.25T MIOX AppleTalk X.25 LAPB X.25C DECnet ISDN CALL Q.931 PPP (ACC/L2TP) over BRI channel ISDN CALL Q.931 PPP (ACC/L2TP) over PRI channel ASYN PPPoE PORT...

  • Page 73: Interfaces

    Autonegotiation allows switch ports to adjust their speed and duplex mode to accommodate the devices connected to them (see “Switch Ports” on page 77 and Switching on the AR410 and Switching on the AR440S, AR441S and AR450S in the Software Reference).

  • Page 74: Ethernet Ports

    AR400 Series Router User Guide Table 7: Interface type names. Type Description Basic Rate ISDN interface Ethernet interface (excluding switch ports) Primary Rate ISDN interface Synchronous interface Logical interfaces VLAN Virtual LAN interface over switch ports, numbered from 1 Frame Relay interface LAPB X.25 LAPB interface Point-to-Point Protocol interface...

  • Page 75: Asynchronous Port

    Physical and Layer 2 Interfaces Asynchronous Port Asynchronous ports are normally used to connect a terminal to the router for configuration purposes. The default values for configurable parameters are modified by entering the command: SET ASYN=port-number option The factory default settings for asynchronous ports are shown in Table 8 on page 75.

  • Page 76: Asynchronous Call Control (Acc)

    AR400 Series Router User Guide Asynchronous Call Control (ACC) You can configure the ACC module to answer calls made to a modem connected to an asynchronous port, to validate the user making the call and to configure the port to the mode appropriate for the desired service. Also, you can configure ACC to originate calls by controlling a modem attached to an asynchronous port and to switch the port to the appropriate mode once a connection to the remote device is established.

  • Page 77: Synchronous Ports (Models With Pic Bay)

    Physical and Layer 2 Interfaces Synchronous Ports (models with PIC bay) You can use the asynchronous console port on the base unit to configure the router. Additional asynchronous ports can also connect terminals, printers and terminal ports on host computers. Your router supports synchronous interfaces with speeds of up to 2.048 Mbps, also known as E1.

  • Page 78: Limiting Switch Traffic (Ar410 And Ar410S Only)

    Except on AR410 and AR410S models, Auto MDI/MDI-X is disabled when a switch port is set to a specific speed and duplex mode. On routers other than the AR410 or AR410S, it is also possible to require a switch port to operate at a single speed without disabling autonegotiation by allowing the port to autonegotiate, but constrain the speed/duplex options to the desired combination.

  • Page 79: Packet Storm Protection (Ar440S, Ar441S, Ar450S Only)

    25% the line rate: SET SWITCH BROADCASTLIMIT=ON For more information about limiting switch traffic, see the Switching on the AR410 chapter in the Software Reference. Packet Storm Protection (AR440S, AR441S, AR450S only) Using the packet storm protection feature, you can set limits on the reception rate of broadcast, multicast and destination lookup failure packets.

  • Page 80: Virtual Lans

    IP or another Layer 3 protocol over the VLAN interfaces. For more information about VLANs, see “Virtual Local Area Networks (VLANs)” in the Switching on the AR410 chapter or Switching on the AR440S, AR441S and AR450S chapter in the Software Reference.

  • Page 81: Point To Point Protocol (Ppp)

    Physical and Layer 2 Interfaces Point to Point Protocol (PPP) The Point-to-Point Protocol (PPP) establishes a connection between the router and a service provider, on demand. PPP provides mechanisms for transmitting data over synchronous connections, ISDN, ACC and L2TP calls, groups of TDM slots, and Ethernet.

  • Page 82: Pppoe

    AR400 Series Router User Guide PPPoE PPP over Ethernet (PPPoE) is defined in RFC 2516 “A Method of Transmitting PPP Over Ethernet”. PPPoE is used to run PPP over the Ethernet. The same authentication, billing and transfer systems as for PPP are then available in Ethernet networks.
  • Page 83 Physical and Layer 2 Interfaces Parameters for setting the interface defaults for encryption and compression are also set with the CREATE command. These values are used by all DLCs on the interface unless specifically overridden for a particular DLC. After the Frame Relay interface is created, to change the LMI parameters, enter the command: SET FRAMERELAY You may modify any or all of the parameters on a single command line.
  • Page 84 AR400 Series Router User Guide Add logical interfaces if required Frame Relay logical interfaces (FRLI) provide a mechanism for organising DLCs into groups. Each FRLI, or group of DLCs, are assigned its own IP address to split the Frame Relay network into subnets. A default FRLI 0 is always created when a Frame Relay interface is created.

  • Page 85: Integrated Services Digital Network (Isdn) (Models With Pic Bay)

    Physical and Layer 2 Interfaces Integrated Services Digital Network (ISDN) (models with PIC bay) To use ISDN connections you need to install the appropriate Port Interface Card (PIC) in the router’s PIC bay. Either install an ISDN Basic Rate ISDN (BRI) or Primary Rate ISDN (PRI) PIC.

  • Page 86: Default Setup

    AR400 Series Router User Guide Default Setup The standard LAPD configurations are shown in Table 9 on page 86 (Basic Rate Interfaces) and Table 10 on page 86 (Primary Rate Interfaces). These settings suit many situations. However, you can modify these settings as required to suit other network situations (see the Integrated Services Digital Network (ISDN) chapter in the Software Reference).

  • Page 87: Configuring Isdn (Models With Pic Bay)

    Check BRI hardware configuration Check that the AT-AR021(U) PIC has the correct termination for the local conditions. The AR410 router can only operate in TE mode and is shipped with the standard 100W termination jumpers removed. This is appropriate for most situations, where the building wiring provides the ISDN termination.
  • Page 88 AR400 Series Router User Guide Select country or territory. To select the country in which the router is operated, enter the command: SET SYSTEM TERRITORY={AUSTRALIA|CHINA|EUROPE|JAPAN|KOREA| NEWZEALAND|USA} The territory determines which Q.931 profile is used on the ISDN interface. For example, to select the Q.931 profile for the United States, enter the command: SET SYSTEM TERRITORY=USA If you are not sure which territory to use, contact your authorised distributor...
  • Page 89 Physical and Layer 2 Interfaces Enter directory numbers and subaddresses with the command: SET Q931=0 NUM1=number NUM2=number SUB1=subaddress SUB2=subaddress The ISDN service provider must supply the directory numbers and subaddresses. If the directory number is a full 10 digit number (3 digit area code plus 7 digit number), the router will append the digits “0101”...

  • Page 90: Configuring Primary Rate Isdn

    Check BRI hardware configuration Check that the AT-AR021(U) PIC has the correct termination for the local conditions. The AR410 router can only operate in TE mode and is shipped with the standard 100W termination jumpers removed. This is appropriate for most situations, where the building wiring provides the ISDN termination.
  • Page 91 Physical and Layer 2 Interfaces Select the territory. To select the country or region in which the router is operated, enter the command: SET SYSTEM TERRITORY={AUSTRALIA|CHINA| EUROPE|JAPAN|KOREA|NEWZEALAND|USA} The territory determines which Q.931 profile is used on the ISDN interface. For example, to select the Q.931 profile for New Zealand, enter the command: SET SYSTEM TERRITORY=NEWZEALAND If you are not sure which territory to use, contact your authorised distributor...

  • Page 92: Configuring Isdn Dial On Demand

    AR400 Series Router User Guide set precedence to IN at one end of the call and OUT at the other end of the call. The ISDN number is the exact sequence required to reach the remote router from the local router, including STD access codes and area codes. The number may contain only decimal digits.

  • Page 93: Configuring Isdn Bandwidth On Demand

    Physical and Layer 2 Interfaces Create PPP interfaces. Create PPP interfaces to use the ISDN calls and enable the IDLE timer. Using the example in step 6 of “Configuring Basic Rate ISDN” on page 87, on the Head Office router create PPP interface 0 to use the ISDN call ROHO, enter the command: CREATE PPP=0 OVER=ISDN-ROHO IDLE=ON On the Remote Office router, to create PPP interface 0 to use the ISDN call...

  • Page 94: Installing Port Interface Cards (Pics) (Models With Pic Bay)

    AR400 Series Router User Guide PPP interface 0 is now configured for bandwidth on demand operation and any routing protocols such as IP and IPX that are configured to use PPP interface 0 will automatically inherit the bandwidth on demand functionality.
  • Page 95 Physical and Layer 2 Interfaces Configure a data link layer module, such as PPP (Point-to-Point Protocol), Frame Relay or X.25 LAPB, to use the synchronous interface. To create a PPP interface 0 to use synchronous port 0, enter the command: CREATE PPP=0 OVER=SYN0 To check the configuration, enter the commands: SHOW SYN=0...

  • Page 96: Using Trace Route For Ip Traffic

    AR400 Series Router User Guide Figure 13: Example output from the SHOW IPX SERVICES command for a basic Novell IPX network IPX services Name Address Server type Circuit Hops Defined -------------------------------------------------------------------------------- ACCOUNTS 00007500:000000000001:0451 0004:Fileserver 1 (eth0) ACCOUNTS 00007500:000000000001:8104 0107:RCconsole 1 (eth1) TYPISTS 00000012:0080488018d8:0451 0004:FileServer...
  • Page 97 Physical and Layer 2 Interfaces To halt a trace route that is in progress, enter the command: STOP TRACE For more information about trace route, see the Internet Protocol (IP) chapter in the Software Reference. Software Release 2.7.1 C613-02021-00 REV F...
  • Page 98 AR400 Series Router User Guide Software Release 2.7.1 C613-02021-00 REV F...

  • Page 99: Chapter 6 Routing

    Chapter 6 Routing This Chapter This chapter introduces some routing protocols supported by the router, including: ■ Internet Protocol (IP) (see “Configuring an IP Network” on page 99). ■ IP Multicasting (see “Configuring IP Multicasting” on page 103). ■ Configuring Dynamic Host Configuration Protocol (see “Configuring Dynamic Host Configuration Protocol (DHCP)”...

  • Page 100: Before You Start

    AR400 Series Router User Guide Before You Start Ensure that the routers you want to configure are connected as described in the Quick Install Guide. Connect a terminal to the console port (port 0) on each router as described in the Quick Install Guide. Alternatively, you can connect a PC to the console port and use a terminal emulation program like Windows™...
  • Page 101 To add untagged ports to vlan3, enter the command: ADD VLAN=vlan3 PORT=1-3 See the Switching on the AR410 or Switching on the AR440S, AR441S and AR450S chapter in the Software Reference for more detailed information about creating VLANs and VLAN ports.
  • Page 102 AR400 Series Router User Guide Configure IP Routing To clear any pre-existing IP configuration and turn on the IP routing software on each router, enter the commands: PURGE IP ENABLE IP On the Head Office router define two IP interfaces, one for the VLAN and one for the wide area link: ADD IP INT=VLAN2 IP=172.16.8.33 MASK=255.255.255.0 ADD IP INT=PPP0 IP=172.16.254.1 MASK=255.255.255.0...

  • Page 103: Configuring Ip Multicasting

    Routing You will see the login screen for the Remote Office router. To connect from the Remote Office router to the Head Office router, on the Remote Office router, enter the command: TELNET 172.16.8.33 Save the configuration To save the new dynamic configuration as a script, enter the command: CREATE CONFIG=IPCONF.SCP Configuring IP Multicasting IP multicasting is used to transmit packets to a group of hosts simultaneously...

  • Page 104: Configuring Igmp

    AR400 Series Router User Guide Configuring IGMP By default, IGMP is disabled on the router and on all interfaces. To enable IGMP on the router, enter the command: ENABLE IP IGMP You must enable IGMP on an interface before the interface can send or receive IGMP messages.
  • Page 105 Routing Figure 15: Multicast configuration example using IGMP and DVMRP. Router C Router A 203.45.90.2 203.45.90.3 ppp1 ppp0 eth0 ISDN 172.73.1.2 172.73.1.1 202.96.152.12 ppp0 189.124.7.9 Frame Relay IP host A 189.124.7.8 ppp0 202.96.152.4 172.70.1.2 172.74.1.2 eth0 eth0 172.70.1.1 172.74.1.1 Router B Router D Router B UGIPMU1_R...
  • Page 106 AR400 Series Router User Guide Configure IP. To enable the IP module, and assign IP addresses to the interfaces, enter the commands: ENABLE IP ADD IP INTERFACE=PPP0 IPADDRESS=189.124.7.9 MASK=255.255.0.0 ADD IP INTERFACE=PPP1 IPADDRESS=203.45.90.2 MASK=255.255.255.0 ADD IP INTERFACE=ETH0 IPADDRESS=172.73.1.2 MASK=255.255.255.0 Configure IGMP. To enable IGMP on the router for multicast group management, enter the command: ENABLE IP IGMP...
  • Page 107 Routing Configure IP. To enable IP on the router, and assign IP addresses to the interfaces used by DVMRP for multicast routing, enter the commands: ENABLE IP ADD IP INTERFACE=PPP0 IPADDRESS=189.124.7.8 MASK=255.255.0.0 ADD IP INTERFACE=ETH0 IPADDRESS=172.74.1.2 MASK=255.255.255.0 ADD IP INTERFACE=ETH1 IPADDRESS=172.74.2.2 MASK=255.255.255.0 Configure IGMP.
  • Page 108 AR400 Series Router User Guide Configure PPP. To configure a PPP interface over the ISDN interface, enter the command: CREATE PPP=0 OVER=ISDN-DVMRP IDLE=ON Configure IP. To enable the IP module, and assign IP addresses to the interfaces, enter the commands: ENABLE IP ADD IP INTERFACE=FR0 IPADDRESS=202.96.152.12 MASK=255.255.255.0...

  • Page 109: Configuring Dynamic Host Configuration Protocol (Dhcp)

    Routing Configure IGMP. To enable IGMP on the router, and on the interfaces over which group membership will be managed, enter the commands: ENABLE IP IGMP ENABLE IP IGMP INTERFACE=ETH0 ENABLE IP IGMP INTERFACE=FR0 Configure DVMRP. To enable DVMRP on the router, and on the interfaces over which DVMRP will perform multicast routing, enter the commands: ENABLE DVMRP ADD DVMRP INTERFACE=ETH0 METRIC=1...
  • Page 110 AR400 Series Router User Guide On the router, DHCP is based on DHCP policies. Policies are predefined sets of configuration information items. Each policy defines IP configuration information for the clients that are attached to a single IP interface. Each policy has at least one IP address range attached to it.

  • Page 111: Configuring A Novell Ipx Network

    Routing Configuring a Novell IPX Network The router’s implementation of the Novell IPX protocol uses the term circuit to refer to a logical connection over an interface, similar to an X.25 permanent virtual circuit (PVC) or a Frame Relay Data Link Connection (DLC). The term interface refers to the underlying physical interface, such as VLAN, Ethernet, Point-to-Point (PPP) and Frame Relay.

  • Page 112: Configuring Ipx

    Configuring IPX This example (Figure 16 on page 112) illustrates the steps required to configure a pair of AR410 routers to create a Novell® IPX internetwork, using the router’s command line interface. In this scenario, PCs at a remote office need access to a Novell file server at the Head Office site.
  • Page 113 Routing To configure IPX follow these steps The following steps are required: Configure the PPP link. Configure the routers for IPX. Test the configuration. Save the configuration. Configure the PPP Link Refer to other sections of this guide on how to configure PPP interface 0 on each router to use the wide area link.
  • Page 114 AR400 Series Router User Guide local (i.e. via eth0) on one router, should also be visible on the other router, via the PPP link. Test that a workstation on the Remote Office LAN can login to the file server on the Head Office LAN. Save the Configuration Save the new dynamic configuration as a script, by entering the command: CREATE CONFIG=IPXCONF.SCP...

  • Page 115: Configuring Ipx Dial-On-Demand

    Routing Figure 17: Example output from the SHOW IPX CIRCUIT command. IPX CIRCUIT information Name ......Circuit 1 Status ....... enabled Interface ....vlan11 (802.3) Network number ....c0e7230f Station number ....0000cd000d26 Link state ....up Cost in Novell ticks ..1 Type20 packets allowed ..
  • Page 116 AR400 Series Router User Guide Figure 18: Example configuration for an IPX dial-on-demand network. Head Office Router Remote Office Router Network = 129 PPP Data Link Network = 401 Network = 12 Netware Remote PC File Server UGIPX2_R Table 14: Example configuration parameters for IPX dial-on-demand. Parameter Head Office Router Remote Office Router...
  • Page 117 Routing Define IPX circuits On the Head Office router define two IPX circuits, one for the Ethernet interface and one for the wide area link. To configure the wide area link as a demand link and enable RIP and SAP change broadcasts, enter the commands: ADD IPX CIRC=1 INT=ETH0 NETW=401 ENCAP=802.3 ADD IPX CIRC=2 INT=PPP0 NETW=129 DEMAND=ON...

  • Page 118: Appletalk

    AR400 Series Router User Guide Save configuration To save the new dynamic configuration as a script, enter the command: CREATE CONFIG=IPXFILT.SCP AppleTalk The AppleTalk network architecture provides internetworking of Macintosh computers and other peripheral devices using LocalTalk media. AppleTalk allows seamless access to network services such as file servers and printers from the Macintosh desktop environment.

  • Page 119: Routing Information Protocol (Rip)

    Routing Routing Information Protocol (RIP) The Routing Information Protocol (RIP) is a distance vector protocol that is part of the TCP/IP protocol suite used to exchange routing information between routers. RIP determines a route based on the smallest hop count between source and destination.

  • Page 120: Ospf

    AR400 Series Router User Guide Figure 21: Example output from the SHOW RSVP INTERFACE command. RSVP Interfaces Maximum Reserved No. Of Interface Enabled Bandwidth(%) Bandwidth(%) Reservations Debug Encap ------------------------------------------------------------------------------ Dynamic None vlan11 None ppp0 None ------------------------------------------------------------------------------ To interpret output from the SHOW RSVP INTERFACE command see the Resource Reservation Protocol (RSVP) chapter in the Software Reference.

  • Page 121: Configuring A Basic Ospf Network

    Routing Configuring a Basic OSPF Network This example (Figure 22 on page 121) is a simple network of two routers connected together, each with its own local area network. The routers all belong to a single class B network 172.31.0.0, which has further been subnetted using the subnet mask 255.255.255.0.
  • Page 122 AR400 Series Router User Guide ADD IP INTERFACE=ETH0 IP=172.31.108.10 MASK=255.255.255.0 OSPFMETRIC=1 Configure router 2 as an OSPF router. To create an OSPF area, assign the IP interfaces to the area, and configure OSPF routing parameters, enter the command: ENABLE OSPF ADD OSPF AREA=0.0.0.1 AUTHENTICATION=PASSWORD ADD OSPF RANGE=172.31.0.0 AREA=0.0.0.1 MASK=255.255.0.0 ADD OSPF INTERFACE=ETH0 AREA=0.0.0.1 PASSWORD=csecret...

  • Page 123: Chapter 7 Maintenance And Troubleshooting

    Chapter 7 Maintenance and Troubleshooting This Chapter If you are familiar with networking and router operations, you may be able to diagnose and solve some problems yourself. This chapter gives tips on how to: ■ start your router (see “How the Router Starts Up” on page 124). ■...

  • Page 124: How The Router Starts Up

    AR400 Series Router User Guide How the Router Starts Up The sequence of operations that the router performs when it boots are: When the router boots, the following sequence of operations is performed: Perform startup self tests. Perform the install override option. Load the FLASH boot release as the INSTALL boot.

  • Page 125: How To Avoid Problems

    Maintenance and Troubleshooting When you start the router the FLASH boot release is always loaded first. The FLASH boot release contains all the code required to obtain and check the INSTALL information. This first boot is known as the INSTALL boot. The INSTALL information is inspected and the router is setup to perform another load.
  • Page 126 AR400 Series Router User Guide Configure logging The logging facility stores log messages for events with a specified severity in a log file. You can change the size of the log file, and the kind of messages recorded. You can configure the router to output log messages in several ways, including to a remote router with a specified IP address, or as an email to a particular email address.

  • Page 127: What To Do If You Clear Flash Memory Completely

    Maintenance and Troubleshooting What to Do if You Clear FLASH Memory Completely DO NOT clear the FLASH memory completely. The software release files are stored in FLASH, and clearing it would leave no software to run the router. If you accidentally do this, you will need to: Boot with default configuration.

  • Page 128: What To Do If The Ppp Link Disconnects Regularly

    AR400 Series Router User Guide What to Do if the PPP Link Disconnects Regularly If the device at the other end of the PPP link is not an ATR router or switch but is supplied by another vendor turn LQR (Link Quality Reporting) off on PPP links (LQR=OFF) and instead use LCP Echo Request and Echo Reply messages to determine link quality (ECHO=ON).

  • Page 129: Resetting Router Defaults

    Maintenance and Troubleshooting ■ To get debugging output, enter the command: SHOW DEBUG ■ Depending on the problem, the support personnel may also ask you for the output from the following commands (see the Monitoring and Fault Diagnosis section in the Operations chapter of the Software Reference): SHOW EXCEPTION SHOW STARTUP SHOW LOG...

  • Page 130: Troubleshooting Ip Configurations

    AR400 Series Router User Guide To set PING defaults, enter the command: SET PING [{[IPADDRESS=]ipadd|[IPXADDRESS=]network:station| [APPLEADDRESS=]network.node}] [LENGTH=number] [NUMBER={number|CONTINUOUS}] [PATTERN=hexnum] [{SIPADDRESS=ipadd|SIPXADDRESS=network:station|SAPPLEADDR ESS=network.node}] [SCREENOUTPUT={YES|NO}] [TIMEOUT=number] [TOS=number] To display the default PING settings and summary information, enter the command: SHOW PING The stop a PING that is in progress, enter the command: STOP PING If you can PING the end destination, then the physical and layer 2 links are functioning, and any difficulties are in the network or higher layers.
  • Page 131 Maintenance and Troubleshooting Figure 24: Example output from the SHOW PPP command for a basic TCP/IP network. Name Enabled ifIndex Over State ---------------------------------------------------------------------------- ppp0 IPCP OPENED isdn-roho OPENED ------------------------------------------------------------------------------ To interpret output from the SHOW PPP command see the Point-to Point (PPP) chapter in the Software Reference.

  • Page 132: Troubleshooting Dhcp Ip Addresses

    AR400 Series Router User Guide Troubleshooting DHCP IP Addresses Your router is acting as a DHCP client If your router is acting as a DHCP client the router should receive its IP address dynamically. If your router is not receiving an IP address, check that the domain name and host name are correct.
  • Page 133 Maintenance and Troubleshooting Check IPX circuit configuration To check that the IPX circuits are correctly configured on each router repeat steps 1 through 3 above, or enter the command: SHOW IPX CIRCUIT Check that there are two circuits, and for each circuit check that the circuit is enabled, uses the correct interface and encapsulation (for Ethernet interfaces), the network number is correct and “On demand”...

  • Page 134: Using Trace Route For Ip Traffic

    AR400 Series Router User Guide Check route tables To check the route tables on both routers, enter the command: SHOW IPX ROUTE Check for the presence of networks on the remote side of the wide area network. If the remote network is missing from the route table on either router, enter the command: RESET IPX which resets the IPX routing software and forces the routers to broadcast...

This manual is also suitable for:

Ar441sAr450sAr440s

Table of Contents