Enterasys X-Pedition XSR-3150 Getting Started Manual
  1. Manuals
  2. Brands
  3. Enterasys Manuals
  4. Network Router
  5. X-Pedition XSR-3150
  6. Getting started manual
Enterasys X-Pedition XSR-3150 Getting Started Manual

Enterasys X-Pedition XSR-3150 Getting Started Manual

X-pedition security router
Hide thumbs Also See for X-Pedition XSR-3150:
Table of Contents

Advertisement

Quick Links

Download this manual
X-Pedition™ Security Router
XSR-3150
Getting Started Guide
Version 3.0
9033865-04

Advertisement

Table of Contents
loading

Related Manuals for Enterasys X-Pedition XSR-3150

Summary of Contents for Enterasys X-Pedition XSR-3150

  • Page 1 X-Pedition™ Security Router XSR-3150 Getting Started Guide Version 3.0 9033865-04...

  • Page 2: Regulatory Compliance Information

    Elektrischer Gefahrenhinweis: Installationen sollten nur durch ausgebildetes und qualifiziertes Personal vorgenommen werden. Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and  its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such  changes have been made. The hardware, firmware, or software described in this document is subject to change without notice. IN NO EVENT SHALL ENTERASYS NETWORKS BE LIABLE FOR ANY INCIDENTAL, INDIRECT, SPECIAL, OR  CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF  OR RELATED TO THIS DOCUMENT, WEB SITE, OR THE INFORMATION CONTAINED IN THEM, EVEN IF  ENTERASYS NETWORKS HAS BEEN ADVISED OF, KNEW OF, OR SHOULD HAVE KNOWN OF, THE POSSIBILITY OF  SUCH DAMAGES. Enterasys Networks, Inc. 50 Minuteman Road Andover, MA 01810 © 2005 Enterasys Networks, Inc. All rights reserved. Part Number: 9033865‐04 July 2005 ENTERASYS, ENTERASYS NETWORKS, ENTERASYS XSR, and any logos associated therewith, are trademarks or registered  trademarks of Enterasys Networks, Inc. in the United States and other countries. All other product names mentioned in this  manual may be trademarks or registered trademarks of their respective owners. Documentation URL: http://www.enterasys.com/support/manuals Documentacion URL: http://www.enterasys.com/support/manuals Dokumentation http://www.enterasys.com/support/manuals Regulatory Compliance Information Federal Communications Commission (FCC) Notice The XSR complies with Title 47, Part 15, Class A of FCC rules. Operation is subject to the following two conditions:...
  • Page 3 04DU9.BN, 04DU9.DN, 6.0N NIM-DIRELAY-xx, NIM-TE1-xx, 04DU9.1KN, 04DU9.1SN NIM-CTE1-PRI-xx NIM-BRI-U-xx 02IS5 6.0N NIM-ADSL-AC-xx 02LS2 7.0Y If the XSR harms the telephone network, the telephone company will notify you in advance that it may need to temporarily  discontinue service. But if advance notice is not practical, the telephone company will notify you as soon as possible. Also, you  will be advised of your right to file a complaint with the FCC if you believe it is necessary. The telephone company may make changes in its facilities, equipment, operations, or procedures that could affect the operation  of the XSR. If this happens, the telephone company will provide advance notice for you to make necessary modifications and  maintain uninterrupted service. If you experience trouble with the XSR, for repair or warranty information, please contact Enterasys Networks, Inc., at 978‐684‐ 1000. If the XSR is causing harm to the telephone network, the telephone company may request that you disconnect the  equipment until the problem is solved. The XSR is not intended to be repaired by the customer. Industry Canada Notices This digital apparatus does not exceed the class A limits for radio noise emissions from digital apparatus set out in the Radio  Interference Regulations of the Canadian Department of Communications. Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables aux appareils  numériques de la class A prescrites dans le Règlement sur le brouillage radioélectrique édicté par le ministère des  Communications du Canada. Equipment Attachments Limitations “NOTICE: The Industry Canada label identifies certified equipment. This certification means that the equipment meets  telecommunications network protective, operational and safety requirements as prescribed in the appropriate Terminal  Equipment Technical Requirements document(s). The department does not guarantee the equipment will operate to the userʹs  satisfaction. Before installing this equipment, users should ensure that it is permissible to be connected to the facilities of the local  telecommunications company. The equipment must also be installed using an acceptable method of connection. The customer  should be aware that compliance with the above conditions may not prevent degradation of service in some situations.

  • Page 4: Product Safety

    Seguridad del Producto El producto de Enterasys cumple con lo siguiente: UL 60950, CSA C22.2 No. 60950, 73/23/EEC, EN 60950, EN 60825, IEC 60950. Produktsicherheit Dieses Produkt entspricht den folgenden Richtlinien: UL 60950, CSA C22.2 No. 60950, 73/23/EEC, EN 60950, EN 60825,  IEC 60950.  Electromagnetic Compatibility (EMC) This product complies with the following: 47 CFR Parts 2 and 15, CSA C108.8, 89/336/EEC, EN 55022, EN 55024, EN 61000‐3‐2,  EN 61000‐3‐3, AS/NZS CISPR 22, and VCCI V‐3. Compatibilidad Electromágnetica (EMC) Este producto de Enterasys cumple con lo siguiente: 47 CFR Partes 2 y 15, CSA C108.8, 89/336/EEC, EN 55022, EN 55024,  EN 61000‐3‐2, EN 61000‐3‐3, AS/NZS CISPR 22, VCCI V‐3. Elektro- magnetische Kompatibilität ( EMC ) Dieses Produkt entspricht den folgenden Richtlinien: 47 CFR Parts 2 and 15, CSA C108.8, 89/336/EEC, EN 55022, EN 55024,  EN 61000‐3‐2, EN 61000‐3‐3, AS/NZS CISPR 22, VCCI V‐3. ...
  • Page 5 European Waste Electrical and Electronic Equipment (WEEE) Notice In accordance with Directive 2002/96/EC of the European Parliament on waste electrical and electronic equipment (WEEE): The symbol above indicates that separate collection of electrical and electronic equipment is required and that this product  was placed on the European market after August 13, 2005, the date of enforcement for Directive 2002/96/EC. When this product has reached the end of its serviceable life, it cannot be disposed of as unsorted municipal waste.  It must  be collected and treated separately. It has been determined by the European Parliament that there are potential negative effects on the environment and human  health as a result of the presence of hazardous substances in electrical and electronic equipment. It is the users’ responsibility to utilize the available collection system to ensure WEEE is properly treated. For information about the available collection system, please go to http://www.enterasys.com/support/ or contact Enterasys  Customer Support at 353 61 705586 (Ireland). VCCI Notice This is a class A product based on the standard of the Voluntary Control Council for Interference by Information Technology  Equipment (VCCI) V‐3. If this equipment is used in a domestic environment, radio disturbance may arise. When such trouble  occurs, the user may be required to take corrective actions. BSMI EMC Statement — Taiwan This is a class A product. In a domestic environment this product may cause radio interference in which case the user may be  required to take adequate measures.

  • Page 6: Declaration Of Conformity

    Declaration of Conformity Application of Council Directive(s): 89/336/EEC 73/23/EEC Manufacturer’s Name: Enterasys Networks, Inc. Manufacturer’s Address: 50 Minuteman Road Andover, MA 01810 European Representative Address: Enterasys Networks, Ltd. Nexus House, Newbury Business Park London Road, Newbury Berkshire RG14 2PZ, England Conformance to Directive(s)/Product Standards: EC Directive 89/336/EEC EN 55022 EN 55024 EC Directive 73/23/EEC EN 60950 EN 60825 Equipment Type/Environment: Networking Equipment, for use in a Commercial  or Light Industrial Environment. Enterasys Networks, Inc. declares that the equipment packaged with this notice conforms to the above directives. Australian Telecom N826 WARNING: Do not install phone line connections during an electrical storm. WARNING: Do not connect phone line until the interface has been configured through local management. The service  provider may shut off service if an un‐configured interface is connected to the phone lines. WARNING: The NIM‐BRI‐ST cannot be connected directly to outside lines. An approved channel service unit (CSU) must be  used for connection to the ISDN network. In some areas this CSU is supplied by the network provider and in others it must be ...
  • Page 7 Federal Information Processing Standard (FIPS) Certification The XSR has been submitted to the National Institute of Standards and Technology (NIST) for FIPS 140‐2 certification and is  now officially listed on the NIST pre‐validation list. For more information about the FIPS validation program, go to http:// csrc.nist.gov/cryptval/preval.htm. For the FIPS 140‐1 and 140‐2 Pre‐Validation List, click on the [PDF] link at the top of the page. Independent Communications Authority of South Africa This product complies with the terms of the provisions of section 54(1) of the Telecommunications Act (Act 103 of 1996) and the  Telecommunications Regulation prescribed under the Post Office Act (Act 44 of 1958). TE-2002/195 TE-2002/190 APPROVED APPROVED TE-2003/112 TE-2003/113 APPROVED APPROVED SS/366.01 APPROVED VPN Consortium Interoperability The VPN Consortium’s (VPNC) testing program is an important source for certification of conformance to IPSec standards.  With rigorous interoperability testing, the VPNC logo program provides IPSec users even more assurance that the XSR will  interoperate in typical business environments. VPNC is the only major IPSec testing organization that shows both proof of  interoperability as well as the steps taken so that you can reproduce the tests.
  • Page 8 Enterasys Networks, Inc. Firmware License Agreement BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“Agreement”) between the end user (“You”) and Enterasys Networks, Inc. on behalf of itself  and its Affiliates (as hereinafter defined) (“Enterasys”) that sets forth Your rights and obligations with respect to the Enterasys  software program/firmware installed on the Enterasys product (including any accompanying documentation, hardware or  media) (“Program”) in the package and prevails over any additional, conflicting or inconsistent terms and conditions  appearing on any purchase order or other document submitted by You. “Affiliate” means any person, partnership, corporation,  limited liability company, or other form of enterprise that directly or indirectly through one or more intermediaries, controls, or  is controlled by, or is under common control with the party specified. This Agreement constitutes the entire understanding  between the parties, and supersedes all prior discussions, representations, understandings or agreements, whether oral or in  writing, between the parties with respect to the subject matter of this Agreement. The Program may be contained in firmware,  chips or other media. BY INSTALLING OR OTHERWISE USING THE PROGRAM, YOU REPRESENT THAT YOU ARE AUTHORIZED TO  ACCEPT THESE TERMS ON BEHALF OF THE END USER (IF THE END USER IS AN ENTITY ON WHOSE BEHALF YOU  ARE AUTHORIZED TO ACT, “YOU” AND “YOUR” SHALL BE DEEMED TO REFER TO SUCH ENTITY) AND THAT YOU  AGREE THAT YOU ARE BOUND BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES, AMONG OTHER  PROVISIONS, THE LICENSE, THE DISCLAIMER OF WARRANTY AND THE LIMITATION OF LIABILITY. IF YOU DO NOT  AGREE TO THE TERMS OF THIS AGREEMENT OR ARE NOT AUTHORIZED TO ENTER INTO THIS AGREEMENT,  ENTERASYS IS UNWILLING TO LICENSE THE PROGRAM TO YOU AND YOU AGREE TO RETURN THE UNOPENED  PRODUCT TO ENTERASYS OR YOUR DEALER, IF ANY, WITHIN TEN (10) DAYS FOLLOWING THE DATE OF RECEIPT  FOR A FULL REFUND. IF YOU HAVE ANY QUESTIONS ABOUT THIS AGREEMENT, CONTACT ENTERASYS NETWORKS, LEGAL  DEPARTMENT AT (978) 684‐1000.  You and Enterasys agree as follows: LICENSE. You have the non‐exclusive and non‐transferable right to use only the one (1) copy of the Program provided in  this package subject to the terms and conditions of this Agreement. RESTRICTIONS. Except as otherwise authorized in writing by Enterasys, You may not, nor may You permit any third  party to: (i) Reverse engineer, decompile, disassemble or modify the Program, in whole or in part, including for reasons of error ...
  • Page 9 EXPORT RESTRICTIONS. You understand that Enterasys and its Affiliates are subject to regulation by agencies of the  U.S. Government, including the U.S. Department of Commerce, which prohibit export or diversion of certain technical  products to certain countries, unless a license to export the Program is obtained from the U.S. Government or an exception  from obtaining such license may be relied upon by the exporting party. If the Program is exported from the United States pursuant to the License Exception CIV under the U.S. Export  Administration Regulations, You agree that You are a civil end user of the Program and agree that You will use the Program  for civil end uses only and not for military purposes.  If the Program is exported from the United States pursuant to the License Exception TSR under the U.S. Export  Administration Regulations, in addition to the restriction on transfer set forth in Sections 1 or 2 of this Agreement, You agree  not to (i) reexport or release the Program, the source code for the Program or technology to a national of a country in  Country Groups D:1 or E:2 (Albania, Armenia, Azerbaijan, Belarus, Bulgaria, Cambodia, Cuba, Estonia, Georgia, Iraq,  Kazakhstan, Kyrgyzstan, Laos, Latvia, Libya, Lithuania, Moldova, North Korea, the People’s Republic of China, Romania,  Russia, Rwanda, Tajikistan, Turkmenistan, Ukraine, Uzbekistan, Vietnam, or such other countries as may be designated by  the United States Government), (ii) export to Country Groups D:1 or E:2 (as defined herein) the direct product of the  Program or the technology, if such foreign produced direct product is subject to national security controls as identified on  the U.S. Commerce Control List, or (iii) if the direct product of the technology is a complete plant or any major component  of a plant, export to Country Groups D:1 or E:2 the direct product of the plant or a major component thereof, if such foreign  produced direct product is subject to national security controls as identified on the U.S. Commerce Control List or is subject  to State Department controls under the U.S. Munitions List. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The enclosed Program (i) was developed solely at private  expense; (ii) contains “restricted computer software” submitted with restricted rights in accordance with section 52.227‐19  (a) through (d) of the Commercial Computer Software‐Restricted Rights Clause and its successors, and (iii) in all respects is  proprietary data belonging to Enterasys and/or its suppliers. For Department of Defense units, the Program is considered  commercial computer software in accordance with DFARS section 227.7202‐3 and its successors, and use, duplication, or  disclosure by the Government is subject to restrictions set forth herein.  DISCLAIMER OF WARRANTY. EXCEPT FOR THOSE WARRANTIES EXPRESSLY PROVIDED TO YOU IN WRITING  BY Enterasys, Enterasys DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT  LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A  PARTICULAR PURPOSE, TITLE AND NON‐ INFRINGEMENT WITH RESPECT TO THE PROGRAM. IF IMPLIED  WARRANTIES MAY NOT BE DISCLAIMED BY APPLICABLE LAW, THEN ANY IMPLIED WARRANTIES ARE  LIMITED IN DURATION TO THIRTY (30) DAYS AFTER DELIVERY OF THE PROGRAM TO YOU.  LIMITATION OF LIABILITY. IN NO EVENT SHALL ENTERASYS OR ITS SUPPLIERS BE LIABLE FOR ANY  DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS,  BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR  RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM, EVEN  IF ENTERASYS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS FOREGOING LIMITATION ...
  • Page 10 10. ENFORCEMENT. You acknowledge and agree that any breach of Sections 2, 4, or 9 of this Agreement by You may cause  Enterasys irreparable damage for which recovery of money damages would be inadequate, and that Enterasys may be  entitled to seek timely injunctive relief to protect Enterasys’ rights under this Agreement in addition to any and all remedies  available at law.  11. ASSIGNMENT. You may not assign, transfer or sublicense this Agreement or any of Your rights or obligations under this  Agreement, except that You may assign this Agreement to any person or entity which acquires substantially all of Your  stock or assets. Enterasys may assign this Agreement in its sole discretion. This Agreement shall be binding upon and inure  to the benefit of the parties, their legal representatives, permitted transferees, successors and assigns as permitted by this  Agreement. Any attempted assignment, transfer or sublicense in violation of the terms of this Agreement shall be void and  a breach of this Agreement. 12. WAIVER. A waiver by Enterasys of a breach of any of the terms and conditions of this Agreement must be in writing and  will not be construed as a waiver of any subsequent breach of such term or condition. Enterasys’ failure to enforce a term  upon Your breach of such term shall not be construed as a waiver of Your breach or prevent enforcement on any other  occasion. 13. SEVERABILITY. In the event any provision of this Agreement is found to be invalid, illegal or unenforceable, the validity,  legality and enforceability of any of the remaining provisions shall not in any way be affected or impaired thereby, and that  provision shall be reformed, construed and enforced to the maximum extent permissible. Any such invalidity, illegality or  unenforceability in any jurisdiction shall not invalidate or render illegal or unenforceable such provision in any other  jurisdiction. 14. TERMINATION. Enterasys may terminate this Agreement immediately upon Your breach of any of the terms and  conditions of this Agreement. Upon any such termination, You shall immediately cease all use of the Program and shall  return to Enterasys the Program and all copies of the Program.

  • Page 11: Table Of Contents

    Contents Preface Contents of the Guide ............................xv Conventions Used in This Guide ........................xv Getting Help ..............................xvii Chapter 1: Overview System Description ............................1-1 Hardware Features ..........................1-2 Software Features ............................ 1-4 Operating System ..........................1-4 Industry-common CLI ......................... 1-4 IP Protocol ............................
  • Page 12 Setting the Clock ............................3-8 Configuring the LAN Ports ..........................3-8 Configuring the WAN Ports ..........................3-8 PRI Configuration ............................. 3-8 BRI Configuration ............................. 3-9 BRI Leased Line ..........................3-9 BRI Leased Frame Relay ......................... 3-10 BRI Switched Line ..........................3-10 ADSL Configuration ..........................
  • Page 13 Bootrom Monitor Mode Commands ......................3-36 bc ................................3-37 bw ................................3-37 bp ................................3-37 bu ................................3-37 bU ................................3-38 cd ................................3-38 da ................................3-38 df ................................3-38 del ................................3-38 dir ................................3-38 ds ................................3-39 dt ................................3-39 ff ................................

  • Page 15: Contents Of The Guide

    Preface This guide provides a general overview of the XSR‐3150 hardware and software features and  describes how to quickly install and configure the XSR. Refer to the XSR CLI Reference Guide and  XSR User’s Guide for information not contained in this document. This guide is written for administrators who want to configure the X‐Pedition Security Router or  experienced users who are knowledgeable of basic networking principles. This chapter details the following: • Contents of the Guide • Conventions Used in This Guide • Getting Help Contents of the Guide Information in this guide is arranged as follows: • Chapter 1, Overview, introduces key features of the XSR and briefly describes hardware  installation. • Chapter 2, Hardware Installation, provides a checklist to verify your shipment and describes  how to install XSR hardware including NIM and optional CompactFlash cards, and rack‐ mounting brackets. • Chapter 3, Software Configuration, describes how to initiate and quickly configure the XSR. It  also details how to add an interface and subnet mask; set passwords, SNMP, DNS and  SYSLOG server values; configure the firewall feature set, upgrade system image and Boot  PROM software; consult system statistics, and save configuration changes. • Appendix A, Specifications, outlines hardware specifications including information about: the  processor, interfaces, system memory, chassis, power supply, interfaces, required cabling and  other accessories, pinout assignments for WAN and LAN interfaces, and LED behavior. Conventions Used in This Guide The following conventions are used in this guide: Note: Calls the reader’s attention to any item of information that may be of special importance.
  • Page 16 Electrical Hazard: Warns against an action that could result in personal injury or death due to an electrical hazard. Riesgo Electrico: Advierte contra una acción que pudiera resultar en lesión corporal o la muerte debido a un riesgo eléctrico. Elektrischer Gefahrenhinweis: Installationen sollten nur durch ausgebildetes und qualifiziertes. Personal vorgenommen werden.

  • Page 17: Getting Help

    World Wide Web http://www.enterasys.com/ Phone (603) 332-9400 1-800-872-8440 (toll-free in U.S. and Canada) For the Enterasys Networks Support toll-free number in your country: http://www.enterasys.com/support/gtac-all.html Internet mail support@enterasys.com To expedite your message, please type [xsr] in the subject line. ftp://ftp.enterasys.com...
  • Page 18 xviii...

  • Page 19: Chapter 1: Overview

    Overview This chapter introduces the key features of the XSR-3150 and briefly describes hardware installation. System Description The XSR is a networking device designed for enterprise regional offices that provides IP routing over GigabitEthernet LAN and T1/E1, Serial (RS232, X.21, V.35, RS422/530, RS449), Dial Services via POTS, ISDN (BRI/PRI) or Frame Relay WAN connections.

  • Page 20: Hardware Features

    System Description Figure 1-1 Typical XSR-3150 Topology XSR-3150 Hardware Features The semi-modular XSR, shown in Figure 1-2, comes equipped with the following features: Standard 1U chassis (1 11/16” high by 17“ wide by 21“ deep) mountable in a standard 19”...
  • Page 21 System Description Figure 1-2 XSR-3150 Two Network Interface Module (NIM) card slots for these NIMs: – 1, 2, or 4 full, fractional and channelized T1/E1 WAN NIM with integral CSU/DSU or Primary Rate Interface (PRI) ports (RJ-48C). – 1-port T3/E3 channelized/unchannelized WAN NIM with BNC ports. This NIM is also available with up to 16 T1/E1 tributaries and system synchronizaton of two MIMs.

  • Page 22: Software Features

    System Description 14 diagnostic LEDs to display port and system status as well as indicate a Flash upgrade in progress. Five system fans with failure detection capability and three in-board fans dedicated to power supply cooling. Software Features The XSR provides the following software features: Operating System Multi-threaded OS to fully utilize the XSR’s dual processors Industry-common CLI...

  • Page 23: Ip Routing

    System Description • Simple Network Time Protocol (SNTP) server • OS fallback IP Routing • Static and multiple routes to the same destination • Redistribution of routes from RIP, OSPF, BGP, connected, or static into RIP, OSPF, and BGP • RIP-1 &...

  • Page 24: Security

    System Description Security • Stateful inspection firewall engine • FTP, H.323, and RPC (SUN and Microsoft) ALG support • Application commands for FTP, SMTP, & HTTP • Firewall logging and authentication • Firewall interaction with NAT & VPN • Standard and Extended Access Control Lists •...

  • Page 25: Dynamic Host Configuration Protocol (Dhcp)

    System Description • Periodic Keep-Alive messages to learn of connection problems • Multi-protocol interconnect over Frame Relay - RFC-2427 • RFC-2390 Frame Relay Inverse ARP to discover IP address of remote peer when used in multi- point mode and responds to incoming Inverse ARP requests independent of P2P or MP2P •...

  • Page 26: Quality Of Service (Qos)

    System Description • Bandwidth optimization (BoD) & Dial on Demand (DoD) • Bandwidth Allocation Protocol (BAP) • Security: PAP/CHAP • Call monitoring • Multilink PPP (MLPPP) • Per call activation for NTT switches • Frame Relay over ISDN Quality of Service (QoS) •...

  • Page 27: Gre Over Ipsec

    System Description Certificates (embedded/smart cards) – Microsoft only • Encryption • Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES), Data Encryption Standard (DES) • 3DES/DES acceleration • Data Integrity • MD5 & SHA-1 algorithms • Internet Protocol Security (IPsec) •...

  • Page 28: Asynchronous Digital Subscriber Line (Adsl)

    System Description Asynchronous Digital Subscriber Line (ADSL) • POTS and ISDN circuit support • ATM Frame UNI (FUNI) data framing format • OAM cells: AIS, RDI, CC, Loopback over F4 and F5 flows • Up to 30 ATM Permanent Virtual Circuits (PVCs) •...

  • Page 29: Installation Overview

    Items included in the shipping box are shown in Chapter 2 of this manual. If you are missing any of these items, contact your authorized Enterasys Networks reseller or Enterasys Networks Customer Support as described in the XSR Quick Start Guide.
  • Page 30 Installation Overview 1-12 Overview...

  • Page 31: Chapter 2: Hardware Installation

    Hardware Installation Introduction This chapter provides a checklist to verify your shipment, suggestions for the installation site, and describes how to install the following XSR hardware: • NIM cards • Optional - CompactFlash card • Connecting cables Note: For instructions on installing a balun and grounding shunt/terminal strip on E1 NIM cards only, refer to Appendix A: Specifications on page A-1.

  • Page 32: Installing Nim Cards And Rack Mounting

    Remove the XSR cover from the chassis, as shown in Figure 2-1, by first removing screws from the side and top. Figure 2-1 Removing XSR Cover SECURITY ROUTERS NIM1 NIM2 XSR-3150 10/100/1000 10/100/1000 NIM 1 NIM 2 1000 Link GBIC ETH3...
  • Page 33 Carefully attach the NIM card(s) to the connector on the motherboard and secure with four screws, as shown in Figure 2-3. Figure 2-3 Attaching NIM card to Motherboard SECURITY ROUTERS XSR-3150 NIM1 NIM2 10/100/1000 10/100/1000 NIM 1 NIM 2 1000...
  • Page 34 Installing NIM Cards and Rack Mounting Attach the rack brackets to the chassis with the screws supplied, as shown in Figure 2-4. Figure 2-4 Fastening Rack Brackets Mount the bracketed XSR to your rack, as shown in Figure 2-5. Figure 2-5 Attaching XSR to Rack 2-4 Hardware Installation...

  • Page 35: Installing A Compactflash Memory Card

    Installing a CompactFlash Memory Card Installing a CompactFlash Memory Card An optional CompactFlash (CF) memory card provides additional non-volatile storage capabilities in 8, 16, 32, or 64 Mbyte increments. The CF’s controller interfaces with a host system allowing data to be written to and read from the CF’s flash memory module. The XSR supports Type I and II CompactFlash card types.

  • Page 36: Compactflash Card For The Adsl Nim

    Installing a CompactFlash Memory Card Gently insert the CF into the slot, taking care that the CF’s wider grooved edge fits into the wider track of the PCMCIA interface. If the card does not seat easily but stops halfway into the slot, do not force it in - the card was inserted incorrectly.

  • Page 37: Connecting Cables

    Connecting Cables Connecting Cables Perform any of the following steps to connect your cabling to optional WAN or LAN NIMs, GigabitEthernet ports, and power supplies: Connect the serial COM cable provided in the packing box to your PC connector, as shown in Figure 2-9.
  • Page 38 Connecting Cables Figure 2-11 Connecting High Speed Serial Connector Figure 2-12 Attaching T3/E3 BNC Connectors 2-8 Hardware Installation...
  • Page 39 Connecting Cables Figure 2-13 Connecting ADSL Connector A CompactFlash card is provided with the XSR ADSL NIM. It is loaded with the Digital Signal Processing (DSP) firmware ( ) required to communicate with your DSLAM. When adsl.fls inserted into the Compact Flash slot - upon first configuring an ATM interface - the XSR’s ADSL driver will copy into host memory where it will remain available for use on demand.
  • Page 40 Connecting Cables Connect the Ethernet port(s) to your LAN connectors with a cable, as shown in Figure 2-15. Figure 2-15 Attaching GigabitEthernet Connector Insert the Mini-GBIC module in the GBIC slot then connect the optical cable, as shown in Figure 2-16.
  • Page 41 Connecting Cables Attach either the Ethernet or Fiber Ethernet LAN NIM, as shown in Figure 2-17 Figure 2-18, respectively. Figure 2-17 Attaching Ethernet LAN NIM Connector Figure 2-18 Attaching Ethernet Fiber LAN NIM Connector XSR Getting Started Guide 2-11...
  • Page 42 Connecting Cables Attach the dual power supply cords to the connectors at the rear of the XSR, as shown in Figure 2-19, and plug in the country-specific power cords to a wall socket. The XSR will power Figure 2-19 Connecting Dual Internal Power Supply Cords You are now ready to configure the software and initialize the XSR.

  • Page 43: Chapter 3: Software Configuration

    Software Configuration This chapter describes how to initialize, quickly set up and verify your configuration for the XSR. Refer to the XSR CLI Reference Guide for a more thorough explanation of commands and parameter options. The chapter also includes sample configuration scripts, detailed XSR rebooting characteristics and Bootrom Monitor mode instructions.
  • Page 44 Initializing XSR Software • ETH 10/100/1000 LEDs turn ON and OFF a few times during initialization as the XSR proceeds from bootrom to power up diagnostics to software image, then they remain ON or OFF depending on the LAN type. •...

  • Page 45: Opening A Com (Console) Session

    Opening a COM (Console) Session only the first error will be reported, along with a count of the sum of errors incurred. In the case of a single error, only the error line will be reported. Error messages will be logged as well.
  • Page 46 Optional: Configuring Remote Auto Install to IP addresses 133.133.1.2 and 133.133.1.3. If the DLCI will onnect to a remote XSR running RAI, then add the bootp parameter after the static IP address. This configuration supports two remote XSRs connected on DLCIs 16 and 18. Make sure with your Frame Relay provider that these DLCIs terminate at the location of the remote XSRs.

  • Page 47: Configuring Rai For Dhcp Over Lan

    Optional: Configuring Remote Auto Install Phase 6 - getting hostname xsrnode-confg from tftp server into flash: startup- config rDNS has responded with the hostname which will be used in the TFTP transfer. RAI will try several file names xsrnode if this file is not available from the server. Phase 7 - preparing node to execute startup-config TFTP transfer succeeded in copying the hostname file to the file.
  • Page 48 Optional: Configuring Remote Auto Install address. A DNS server is not required with this method because RAI over ADSL uses the serial number of the XSR for the name. startup-config The following is a CISCO configuration at the the central site: vpdn enable Enables a virtual private dial-up network configuration on the router.

  • Page 49: Configuring The Xsr Name And User Information

    Configuring the XSR Name and User Information Phase 2 - ADSL - searching for pvc's ... Training is successful, discovery of VPI/VPCs begins. Phase 2 - ADSL - searching for pvc's ...vpi/vci (0/0) The XSR looks for PVC 0/0 and higher. Phase 2 - ADSL - searching for pvc's ...vpi/vci (0/38) The XSR looks for PVC 0/38 and higher.

  • Page 50: Setting The Clock

    Setting the Clock Setting the Clock XSR 1800 and 3000 Series routers have an on-board Real Time Clock (RTC) chip with which to keep accurate time across the network. As an alternative to accessing a public time server, you can utilize the RTC as a time reference and propagate it by configuring XSRs as Simple Network Time Protocol (SNTP) servers or clients.

  • Page 51: Bri Configuration

    Configuring the WAN Ports Enter channel-group <number> timeslot <number> <speed> <number> to create a channel group. This command allows multiple logical WAN interfaces to be created on a single channelized T1/E1/ISDN-PRI port, ranging from 0 - 23 for T1 lines, and 0 - 31 for E1 lines. Also, from 1 - 24 T1 and 1 - 31 E1 timeslots can be set.

  • Page 52: Bri Leased Frame Relay

    Configuring the WAN Ports Enter to set an IP address for the BRI interface. ip address <xxx.xxx.xxx.xxx>/24 Enter to select PPP encoding. encapsulation ppp Enter to keep the BRI interface enabled. no shutdown BRI Leased Frame Relay Enter to acquire BRI Interface mode and select the BRI interface bri 0:<1 | 2>.<1-30>...

  • Page 53: Adsl Configuration

    Configuring the WAN Ports Remember to save your configuration after all edits. ADSL Configuration ADSL can be configured using three different types of encapsulation: PPPoA, PPPoE, and IPoA. Continue configuration with the ADSL type of your choice. PPPoE The following commands configure a sample PPPoE topology. The first set configures the LAN interface with directed broadcasts prohibited.

  • Page 54: Ipoa

    Firewall Sample Configuration XSR(config-if<F1>)#no ip directed-broadcast XSR(config-if<F1>)#no shutdown The commands below configure the ATM interface and sub-interface with a negotiated IP address, CHAP username and password, and bans keepalives. XSR(config)#interface ATM 0 XSR(config-if<ATM0/0>)#no shutdown XSR(config-if<ATM0/0.1>)#interface ATM 0.1 XSR(config-if<ATM0/0.1>)#no shutdown XSR(config-if<ATM0/0.1>)#encapsulation snap pppoa XSR(config-if<ATM0/0.1>)#ip address negotiated XSR(config-if<ATM0/0.1>)#ip mtu 1492 XSR(config-if<ATM0/0.1>)#ip tcp adjust-mss 1400...
  • Page 55 Firewall Sample Configuration Figure 3-1 XSR with Firewall Topology 220.150.2.32/28 Frame Relay 220.150.2.35 206.12.44.16/28 Y RO Internet 220.150.2.37 220.150.2.17 Internal 220.150.2.36 220.150.2.16/28 Mail server Web server (SMTP) (HTTP) 220.150.2.19 220.150.2.18 In this configuration, the firewall provides protected access from the private to dmz networks. That is, access is restricted to Web and mail traffic only.

  • Page 56: Setting Up Rip Routing

    Setting Up RIP Routing XSR(config)#ip firewall filter allowICMP private dmz protocol-id 1 XSR(config)#ip firewall filter allowICMP private ANY_EXTERNAL protocol-id 1 XSR(config)#ip firewall filter allowICMP ANY_EXTERNAL dmz protocol-id 1 Trial load the completed configuration into the firewall engine, and if successful, load the configuration: XSR(config)#ip firewall load trial XSR(config)#ip firewall load...

  • Page 57: Configure Ospf Routing

    Configure OSPF Routing 10. Enter ip rip receive version <1 | 2> to allow a RIP version of updated transmissions. Accept both RIP V1 and V2 is the default value. 11. Enter router rip to acquire Router configuration mode and enable RIP routing. 12.

  • Page 58: Setting Up The Backup Line

    Setting Up the Backup Line Enter media-type V35 to match the correct cabling interface. The default media type for Frame Relay is RS-232. Enter frame-relay traffic-shaping to enable congestion control. Enter map-class frame-relay <name> to designate this map-class and acquire Map-Class mode.

  • Page 59: Setting Up An Snmp Community String, Traps And V3 Values

    Setting Up an SNMP Community String, Traps and V3 Values Optionally, you can set up the COM port as a WAN interface for dial backup purposes (refer to the Caution below) Caution: Be aware that when you enable the COM port, you can no longer directly connect to the XSR because it is in data communication mode.

  • Page 60: Configuring Message Logging And Severity Level

    Configuring Message Logging and Severity Level Views offer users selective access to the family tree or Object IDs. Optional. For SNMPv3, enter <username> <group name> snmp-server user [encrypted][auth {md5 | sha} [priv des56 priv-password]]} to add a user. auth-password Users can have different levels of encryption and passwords. Remember to save your configuration after all edits.

  • Page 61: Connecting Remotely Via The Web

    Point your terminal’s Web browser at the XSR’s IP address. Enter http://<XSR IP address>. The initial Web access window appears as shown in Figure 3-2. Figure 3-2 Initial Web Access Window STATUS Product Version X-Pedition Products X-Pedition Security Router XSR © 2004 Enterasys Networks. All rights XSR Getting Started Guide 3-19...
  • Page 62 Figure 3-3. Figure 3-3 Web Product Version Window Product Version Copyright 2004 by Enterasys Networks, Inc. Hardware: Processor board ID: 9002854-02 REV0A Serial Number: (not displayed) Processor: IBM PowerPC 405GP Rev. D at 250MHz RAM installed: 64MB...

  • Page 63: Lan-Ppp Services Sample Configuration

    Hostname: branch1 Hostname: mainsite Username: mainsite Username: branch1 Password: Toronto Password: Toronto 192.168.1.100/24 154.168.1.47/24 Central Site XSR-3150 PSTN Leased line Leased line XSR-3150 or E1/T1 fractional E1/T1 serial V.35/X.21 SSR-8600 Server Backup via serial (RS-232 dial) 1-800-555-1111 Username: branch2 Backup Site PSTN 154.168.1.1/24...

  • Page 64: Frame Relay Wan Link With Ppp Backup Sample Configuration

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR(config-controller<T1-1/0>)#no shutdown Enables T1 controller XSR(config)#interface serial 1/0:0 Configures Serial interface 1, port 1 using channel group 0 and acquires Interface mode XSR(config-if<S1/0:0>)#encapsulation ppp Enables PPP encapsulation XSR(config-if<S1/0:0>)#ppp authentication chap Configures CHAP authentication on the interface XSR(config-if<S1/0:0>)#ip address 154.68.1.47 255.255.255.0 Enables IP address for serial interface 1/0 XSR(config-if<S1/0:0>)#backup interface dialer 5...

  • Page 65: Configure Users And Passwords

    Frame Relay WAN Link with PPP Backup Sample Configuration Configure Users and Passwords XSR>enable Acquires Privileged EXEC mode XSR#configure Acquires Global configuration mode XSR(config)#username bob password cleartext bobspassword Adds a user and unencrypted password Configure LAN Interface XSR(config)#interface gigabitethernet 1 Configures the local LAN port and acquires Interface mode XSR(config-if<G1>)#ip address 192.168.1.100 255.255.255.0 Enables the IP address for the GigabitEthernet port...

  • Page 66: Configure Wan/Frame Relay Port

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR(config-pmap-c<priority-policy>)#set ip dscp ef Configures IP precedence to match packets with Expedited Forwarding XSR(config-pmap<priority-policy>)#class priority-server Adds another queue for this policy map and enters Class sub-mode XSR(config-pmap-c<priority-server>)#priority medium 20 6400 Gives medium priority queue peak 20% of bandwidth and burst size of 6400 bits per second XSR(config)#policy-map data_policy Adds a policy map and acquires Policy Map mode XSR(config-pmap<data_policy>)#class data_class...

  • Page 67: Apply Qos

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR(config-if<S1/0.2-16>)#ip address 154.68.2.1 255.255.255.0 Configures the IP address of DLCI 16 XSR(config-if<S1/0.2-16>)#no shutdown Enables DLCI 16 interface Apply QoS XSR(config)#map-class frame-relay CLASS-FRP Adds a FR map class and acquires FR Map Class mode XSR(config-map-class<CLASS-FRP>)#frame-relay cir out 48000 Sets this map class’...

  • Page 68: Configure More Access Lists

    Frame Relay WAN Link with PPP Backup Sample Configuration Configure More Access Lists The following ACLs deny any packets to or from network 192.168.1.15 as they enter or leave FastEthernet 1 interface, and permit traffic to or from subnet 192.168.2.xx while denying any other traffic.

  • Page 69: Configure Snmp

    XSR(config)#snmp-server community toConfigure1 rw 26 Adds another SNMP community with read-write privileges attached to ACL 26 XSR(config)#snmp-server enable traps Enables traps to be transmitted XSR(config)#snmp-server contact support@enterasys.com Specifies contact information for the management server XSR(config)#snmp location “HQ 2nd floor” Specifies the server locationr XSR(config)#snmp-server host 192.168.2.101 traps trapCommunity...

  • Page 70: Generate Master Encryption Key

    VPN Site-to-Site Sample Configuration Generate Master Encryption Key If you have not already generated a master encryption key, you must do so now to configure th6e VPN. A master key need only be generated once. Caution: The master encryption key is stored in hardware, not Flash, and you cannot read the key - only overwrite the old key by writing a new one.

  • Page 71: Create A Transform Set

    VPN Site-to-Site Sample Configuration Create a Transform Set The following transform-set specifies the specified encryption/data integrity choices, 768-bit Diffie-Hellman, and an SA lifetime expressed in kilobytes. The SA seconds lifetime value is disabled. Some commands are abbreviated. XSR(config)#crypto ipsec tra esp-3des-sha esp-3des esp-sha-hmac XSR(cfg-crypto-tran)#set pfs group1 XSR(cfg-crypto-tran)#set sec lifetime kilobytes 100000 XSR(cfg-crypto-tran)#no set sec lifetime seconds...

  • Page 72: Configuring Authentication (Aaa)

    VPN Sample Configuration with Network Extension Mode XSR(config)#interface vpn 57 multi-point XSR(config-int-vpn)#ip address 192.168.2.1 255.255.255.0 XSR(config)#router rip XSR(config-router)#network 112.16.10.0 XSR(config-router)#passive-interface gigabitethernet 2 XSR(config-router)#no receive-interface gigabitethernet 2 XSR(config-router)#distribute-list 1 out vpn 1 XSR(config)#ip route 0.0.0.0 0.0.0.0 112.16.244.9 XSR(config)#ip route 112.16.72.0/24 112.16.244.9 XSR(config)#ip route 112.16.76.0/24 112.16.244.7 XSR(config)#ip route 112.16.80.0/24 112.16.244.5 Configuring Authentication (AAA)
  • Page 73 VPN Sample Configuration with Network Extension Mode Figure 3-6 VPN Topology with NEM, EZ-IPSec and Internet Access eth0: 10.11.11.1/24 GigabitEthernet 1: 172.16.10/24 eth1: 26.26.26.11/24 GigabitEthernet 2: 26.26.26.10/24 Virtual IP Pool: 172.16.10.0/24 URIT Y ROU TERS 10/10 10/10 ETHE ETHE SOLE Y RO 26.26.26.0/24 eth0: 10.12.12.1/24...
  • Page 74 VPN Sample Configuration with Network Extension Mode Create the VPN virtual subnet: XSR(config)#ip local pool virtual_subnet 10.10.10.0 255.255.255.248 Configure AAA authentication by assigning a virtual subnet to the DEFAULT AAA group, associate it with DNS and WINs servers, and add two AAA users with passwords. When a remote XSR tunnels into the local XSR, it will be assigned these DNS, WINS and PPTP values and be assigned dynamically to the IP pool virtual_subnet.

  • Page 75: Xsr Rebooting Characteristics

    XSR Rebooting Characteristics Create the ACL for trusted subnet of the XSR and virtual subnet of XSR: XSR(config)#access-list 101 permit ip any 10.11.11.0 0.0.0.255 XSR(config)#access-list 102 permit ip any 10.12.12.0 0.0.0.255 XSR(config)#access-list 103 permit ip any 10.10.10.0 0.0.0.255 Create crypto map statements for each ACL entry with the more protective tunnel mode set by default.
  • Page 76 XSR Rebooting Characteristics Copyright 2003 Enterasys Networks Inc. HW Version: 9002914-04 REV0A Serial Number: 2914024201123206 CPU: Broadcom BCM1250 Rev 2 VxWorks version: VxWorks5.4.2 Bootrom version: 1.5 Creation date: Aug 26 2003, 13:23:16 Warm Start : from cli Testing Bootrom Integrity << PASSED >>...

  • Page 77: Reboot Triggers

    XSR Rebooting Characteristics Reboot Triggers Although there are two types of reboots of the XSR - warm or cold - reboots can be triggered in up to eight different ways. Refer to the table below. Table 1 Reboot Triggers Cause Boot Type Power-up Cold...

  • Page 78: Restart With Default Configuration Interrupt

    Bootrom Monitor Mode Commands Restart with Default Configuration Interrupt When you press the Default button on the back panel, the XSR restarts using factory default parameters, ignoring the file. startup-config Power-up Error Conditions After power-up, the XSR comes up automatically if: The minimum hardware is functional: Processor, RAM and FLASH memory, and other components.
  • Page 79 . Be sure not to interrupt the process or power down the XSR or it may be affected adversely. After you have updated this file, you can delete it from Flash to conserve space for other files. XSR-3150: bu btXSR3000_1_2.fls Verifying btXSR3000_1_2.fls file ... bootFirst size=28992 sum=0xc2e5 compressed_size=28992 entry=0x80020000 bootrom size=842656 sum=0xfa65 compressed_size=347728 entry=0x81e00000 Proceed with erasing current Bootrom in flash and replace with btXSR3000_1_2.fls?

  • Page 80: Del

    This command removes a file from memory. flash: cflash: This command lists the contents of the current directory in long format. The command displays the following sample output: XSR-3150: dir Listing Directory flash:: -rwxrwxrwx 4678118 May 5 23:06 xsr3000.fls -rwxrwxrwx...

  • Page 81: Ffc

    XSR-3020: ds 2003 6 1 3 This command sets the system time using the syntax . E.g.: hh mm ss XSR-3150: ds 11 59 59 This command formats the Flash file system. We recommend that you first save any .dat, , and your...

  • Page 82: Remove

    CLI command, this name will be used as the CLI hostname prompt and SNMP hostname in MIB-II. XSR-3150: np Enter ‘.’ = clear a field; ‘-’ = go to previous field; ^C = quit Local IP address (192.168.1.1) Gateway IP address () Remote Host IP address (192.168.1.10) :...
  • Page 83 This command displays XSR 3000 Series inventory with this sample output: XSR-3150: si Hardware: Motherboard Information: XSR-3150 ID: 9002914-04 REV0A CPLD Rev 3 Serial Number: 2914024201123206 Processor: Broadcom BCM1250 Rev 2 at 600MHz PowerSupply1, PowerSupply2 Fans 1 2 3 4 5 7 8 10...
  • Page 84 Current GigabitEthernet 1 MAC address is: 00:01:f4:2b:3e:1d This command shows the bootrom version with sample output below: XSR-3150: sv X-Pedition Security Router Bootrom Copyright 2003 Enterasys Networks Inc. HW Version: 9002914-04 REV0A Serial Number: 3646031700233215 CPU: Broadcom BCM1250 Rev 2 VxWorks version: VxWorks5.4.2...

  • Page 85: Appendix A: Specifications

    Specifications System Specifications This appendix details XSR data about hardware functionality including: • Processor, system memory, chassis, power supply, interfaces • Required cabling, CompactFlash and other accessories • Pinout assignments for WAN and LAN interfaces • LED behavior Refer to tables throughout this appendix for specific information. Table A-1 XSR Hardware Specifications Category...
  • Page 86 System Specifications Table A-1 XSR Hardware Specifications (continued) Category Parameters Power Typical values: Motherboard: 75 watts (maximum) Consumption Serial NIM card: 4 watts T1/E1/ISDN-PRI NIM card: 3 watts ISDN BRI-S/T NIM card: 1 watt Internal Power Type Dual universal (110/220 VAC) load-sharing, redundant units Supplies (2) Input AC Voltage 100 - 240 VAC (50-60 Hz)

  • Page 87: Cable, Compactflash And Accessory Specifications

    Cable, CompactFlash and Accessory Specifications Refer to the following table for specifications of cables, CompactFlash and accessories for the XSR. This equipment can all be obtained separately from Enterasys Networks or through any computer supply retailer. Table A-2 XSR Cabling/Accessory Guide...
  • Page 88 Cable, CompactFlash and Accessory Specifications Table A-2 XSR Cabling/Accessory Guide (continued) Part Description Connector Part # Function XSR-31/3250 VPN firmware XSR-3XXX-VPN VPN code XSR-31/3250 Firewall firmware XSR-3XXX-FW Firewall code...

  • Page 89: Com (Console) Port

    Cable, CompactFlash and Accessory Specifications COM (Console) Port The XSR comes equipped with a COM serial port useful for initial configuration and management. Using a serial (null modem) cable, you can attach the router’s DB-9 COM port to a data terminal port and directly configure the XSR over the asynchronous connection.

  • Page 90: Gigabitethernet Ports

    Cable, CompactFlash and Accessory Specifications GigabitEthernet Ports The XSR comes equipped with three GigabitEthernet (LAN) ports that support full-duplex 10, 100, or 1000 Mbps transmission. The ports conform to IEEE 802.3 standards with 8-pin modular RJ-45 connectors. Because these ports have internal MDI crossover capabilities which allow them to detect which mode (DTE or DCE) the link partner is operating at, you can use any cable to attach the XSR with a PC or uplink port as long as a fully populated cable (all four pairs) is connected to take advantage of full gigabit bandwidth.

  • Page 91: Copper/Fiber-Optic Ethernet Nims

    Cable, CompactFlash and Accessory Specifications Copper/Fiber-optic Ethernet NIMs The single-port Copper or Fiber-optic Ethernet NIMs, shown in Figure A-3 Figure A-4, provide interfaces for half and full-duplex 10/100Base-T or fiber-optic 100Base-F transmission over LAN or WAN networks, respectively. The Copper Ethernet NIM incorporates a standard 8- pin modular RJ-45 connector and the Fiber-optic Ethernet NIM has an MT-RJ multi-mode interface.

  • Page 92: 2/4-Port Serial Nim Card Port

    Cable, CompactFlash and Accessory Specifications 2/4-Port Serial NIM Card Port The High Speed Serial NIM card, as shown in Figure A-6, provides a WAN interface supporting a serial link to four different types of DTEs: DB-15, 25, 37, and V.35. This interface supports dual and quad traffic up to 8 Mbps.
  • Page 93 Cable, CompactFlash and Accessory Specifications Figure A-8 EIA-232/530 DTE Pin Assignments DSR2+ DSR0+ - 68-pin male SCSI III type con ne cto DSR2- DSR0- J2...J5 - DB-25 type male connector RxD2+ RxD0+ RxD2- RxD0- TxD2 + TxD0+ TxD2- TxD0- RTS2+ RTS0+ Port 1 RTS0-...
  • Page 94 Cable, CompactFlash and Accessory Specifications Figure A-9 EIA-449 DTE Pin Assignments ON2+ ON0+ - 68-pin male SCSI III type con ne ctor ON2- ON0- J2...J5 - DB-37 type ma le con nector RD2+ RD0+ RD2- RD0- SD2+ SD0+ SD2- SD0- RS2+ RS0+ RS2-...
  • Page 95 Cable, CompactFlash and Accessory Specifications Figure A-10 Combined V.35/EIA-232/530 DTE Pin Assignments PORT 1 PORT 3 (EIA-232/530) (EIA-232/530) DSR1+ DSR3+ DSR1- DSR3- RxD1+ RxD3+ RxD1- RxD3- TxD1+ TxD3+ TxD1- TxD3- RTS1+ RTS3+ RTS1- RTS3- DTR1+ DTR3+ DTR1- DTR3- CTS1+ CTS3+ CTS1- CTS3- TxC1+...
  • Page 96 Cable, CompactFlash and Accessory Specifications Figure A-11 V.35 DTE Pin Assignments DSR2 DSR0 - 68 -p in male SCSI III type conne cto RD2+ RD0+ J2...J5 - V.35 type ma le conne ctor RD2 - RD0 - SD2+ SD0+ SD2- SD0 - RTS2 RTS0...

  • Page 97: T1/E1/Isdn Pri Nim Card Ports

    Cable, CompactFlash and Accessory Specifications T1/E1/ISDN PRI NIM Card Ports The T1/E1/ISDN PRI NIM, as shown in Figure A-12, comes equipped with either 1, 2 or 4 Ethernet (WAN) ports that support fractional T1/E1 transmission in full-channel, fractional or unchannelized format with 8-pin modular RJ-48C connectors and include a built-in DSU/CSU. Cables required for these ports must be 100-ohm, straight-through, twisted-pair for T1 lines and a 120-ohm version for E1 lines.

  • Page 98: Balun For E1 Or Pri Nim Cards

    Cable, CompactFlash and Accessory Specifications Balun for E1 or PRI NIM Cards Some overseas electrical systems require that you use a balun and grounding shunt when utilizing an E1 or PRI NIM card on the XSR. A balun is an adapter employed to connect a 75-ohm coaxial cable pair (2 BNC connectors) to a 120-ohm twisted pair cable (RJ-48C connector).

  • Page 99: Grounding Shunt For E1 Nim Cards

    Cable, CompactFlash and Accessory Specifications Grounding Shunt for E1 NIM Cards If you connect a balun to a 75-ohm line, you will also need to attach a grounding shunt (or terminal strip) to any NIM pins whose RJ-48C connectors utilize the balun. The XSR requires that you use a shunt (shown in Figure A-15), or terminal strip to ground pins 3 and 6 of the RJ-48C...

  • Page 100: T3/E3 Nim Card

    Cable, CompactFlash and Accessory Specifications T3/E3 NIM Card The T3/E3 full and sub-rate NIM, as shown in Figure A-17, is equipped with 1 Ethernet (WAN) port that supports fractional T3/E3 transmission in un-channelized or clear channel mode with BNC connectors. User data are encapsulated in HDLC packets before being sent to the line. Figure A-17 1-Port T3/E3 NIM Card ALARM LOS...

  • Page 101: 1/2-Port Bri-S/T Isdb Nim Card Ports

    Cable, CompactFlash and Accessory Specifications 1/2-Port BRI-S/T ISDB NIM Card Ports The XSR provides a serial NIM card for 1 or 2 WAN interfaces over an ISDN-S/T BRI line, as shown in Figure A-18. The Port 0 and 1 LEDs shine when the lines are active and ready to receive traffic.

  • Page 102: Installing Shunt/Terminal Strip

    Cable, CompactFlash and Accessory Specifications Installing Shunt/Terminal Strip To install the shunt or terminal strip, attach two dual-pin units vertically to P1 and P2 four-pin jumpers corresponding to the RJ-45 port using a balun, as shown in Figure A-20. Any other RJ-45 ports on the NIM card connected to 120-ohm lines do not require shunts.

  • Page 103: 1/2-Port Bri-U Nim Card Ports

    Cable, CompactFlash and Accessory Specifications 1/2-Port BRI-U NIM Card Ports The XSR provides a serial NIM card for 1 or 2 WAN interfaces over an ISDN BRI-U line, as shown Figure A-21. Port 0 and 1 LEDs shine when the lines are active and ready to receive traffic. Figure A-21 ISDN BRI-U NIM Card (RJ-49C ports shown) Port 0 Activation LED...

  • Page 104: 1-Port Adsl Nim Card Port

    Cable, CompactFlash and Accessory Specifications 1-Port ADSL NIM Card Port The XSR’s Asymmetric Digital Subscriber Line (ADSL) NIM card, as shown in Figure A-23, provides 1 WAN port on an ADSL over POTS (Annex A/C) or ISDN (Annex B) line with a 6-pin RJ-11 connector.

  • Page 105: T1/E1 Drop & Insert (D&I) Nim

    Cable, CompactFlash and Accessory Specifications T1/E1 Drop & Insert (D&I) NIM The XSR’s 2-port T1/E1 D&I NIM card, as shown in Figure A-25, is designed as an intermediary between the Central Office T1/E1 line and a PBX. It de-couples Channel Associated Signaling (CAS) and Voice DS0 timeslots and redirects them to a PBX, and conversely, reintegrates Voice DS0 timeslots from the PBX with the T1/E1 data stream.

  • Page 106: Compactflash Memory Card

    Cable, CompactFlash and Accessory Specifications CompactFlash Memory Card The optional plug-in CompactFlash (CF) memory card, shown in Figure A-27, comprises a single chip controller and flash memory modules in a matchbook-sized package with a 50-pin, PCMCIA connector consisting of two rows of 25 female contacts each. The PCMCIA male interface supports both Type I and Type II CF cards.
  • Page 107 Cable, CompactFlash and Accessory Specifications Table A-3 LED Description (continued) State Function VPN tunnel is up No VPN tunnel connected COM(munication) Blinking Port is transmitting or receiving data Port is idle Ethernet Port 1, 2, 3 Amber only ON 10Base-T link is auto-detected Green only ON 100Base-T link is auto-detected Both ON...
  • Page 108 Cable, CompactFlash and Accessory Specifications A-24...

  • Page 109: Index

    FastEthernet connectors BRI S/T A-17 Balun adapter Frame Relay configuration 3-15 BRI-U A-19 BRI S/T card COM serial port part numbers Enterasys Web site ii-xvii Ethernet (WAN) A-13, A-16 BRI S/Tpin assignments A-17 login ii-xvii GigabitEthernet BRI U card password...
  • Page 110 Web access 3-19 X-Pedition Security Router how to configure the XSR-1805 name and user data 232/530 pinouts 449 pinouts A-10 COM port pinouts CompactFlash size features GigabitEthernet port pinouts hardware features hardware specifications how to attach the Ethernet serial cable 2-10 how to attach the internal power supply cord...

Table of Contents