Enterasys X-Pedition XSR-1805 Getting Started Manual
  1. Manuals
  2. Brands
  3. Enterasys Manuals
  4. Network Router
  5. X-Pedition XSR-1805
  6. Getting started manual

Enterasys X-Pedition XSR-1805 Getting Started Manual

X-pedition security router
Hide thumbs Also See for X-Pedition XSR-1805:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Owner's Manual, Configuration Manual
X-Pedition™ Security Router
XSR-1805
Getting Started Guide
Version 7.5
9033724-09

Advertisement

Table of Contents
loading

Related Manuals for Enterasys X-Pedition XSR-1805

Summary of Contents for Enterasys X-Pedition XSR-1805

  • Page 1 X-Pedition™ Security Router XSR-1805 Getting Started Guide Version 7.5 9033724-09...

  • Page 2: Regulatory Compliance Information

    Elektrischer Gefahrenhinweis: Installationen sollten nur durch ausgebildetes und qualifiziertes Personal vorgenommen werden. Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and  its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such  changes have been made. The hardware, firmware, or software described in this document is subject to change without notice. IN NO EVENT SHALL ENTERASYS NETWORKS BE LIABLE FOR ANY INCIDENTAL, INDIRECT, SPECIAL, OR  CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF  OR RELATED TO THIS DOCUMENT, WEB SITE, OR THE INFORMATION CONTAINED IN THEM, EVEN IF  ENTERASYS NETWORKS HAS BEEN ADVISED OF, KNEW OF, OR SHOULD HAVE KNOWN OF, THE POSSIBILITY OF  SUCH DAMAGES. Enterasys Networks, Inc. 50 Minuteman Road Andover, MA 01810 © 2005 Enterasys Networks, Inc. All rights reserved. Part Number: 9033724‐09 July 2005 ENTERASYS, ENTERASYS NETWORKS, ENTERASYS XSR, and any logos associated therewith, are trademarks or registered  trademarks of Enterasys Networks, Inc. in the United States and other countries. All other product names mentioned in this  manual may be trademarks or registered trademarks of their respective owners. Documentation URL: http://www.enterasys.com/support/manuals Documentacion URL: http://www.enterasys.com/support/manuals Dokumentation http://www.enterasys.com/support/manuals Regulatory Compliance Information Federal Communications Commission (FCC) Notice The XSR complies with Title 47, Part 15, Class A of FCC rules. Operation is subject to the following two conditions:...
  • Page 3 04DU9.BN, 04DU9.DN, 6.0N NIM-DIRELAY-xx, NIM-TE1-xx, 04DU9.1KN, 04DU9.1SN NIM-CTE1-PRI-xx NIM-BRI-U-xx 02IS5 6.0N NIM-ADSL-AC-xx 02LS2 7.0Y If the XSR harms the telephone network, the telephone company will notify you in advance that it may need to temporarily  discontinue service. But if advance notice is not practical, the telephone company will notify you as soon as possible. Also, you  will be advised of your right to file a complaint with the FCC if you believe it is necessary. The telephone company may make changes in its facilities, equipment, operations, or procedures that could affect the operation  of the XSR. If this happens, the telephone company will provide advance notice for you to make necessary modifications and  maintain uninterrupted service. If you experience trouble with the XSR, for repair or warranty information, please contact Enterasys Networks, Inc., at 978‐684‐ 1000. If the XSR is causing harm to the telephone network, the telephone company may request that you disconnect the  equipment until the problem is solved. The XSR is not intended to be repaired by the customer. Industry Canada Notices This digital apparatus does not exceed the class A limits for radio noise emissions from digital apparatus set out in the Radio  Interference Regulations of the Canadian Department of Communications. Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables aux appareils  numériques de la class A prescrites dans le Règlement sur le brouillage radioélectrique édicté par le ministère des  Communications du Canada. Equipment Attachments Limitations “NOTICE: The Industry Canada label identifies certified equipment. This certification means that the equipment meets  telecommunications network protective, operational and safety requirements as prescribed in the appropriate Terminal  Equipment Technical Requirements document(s). The department does not guarantee the equipment will operate to the userʹs  satisfaction. Before installing this equipment, users should ensure that it is permissible to be connected to the facilities of the local  telecommunications company. The equipment must also be installed using an acceptable method of connection. The customer  should be aware that compliance with the above conditions may not prevent degradation of service in some situations.

  • Page 4: Product Safety

    Seguridad del Producto El producto de Enterasys cumple con lo siguiente: UL 60950, CSA C22.2 No. 60950, 73/23/EEC, EN 60950, EN 60825, IEC 60950. Produktsicherheit Dieses Produkt entspricht den folgenden Richtlinien: UL 60950, CSA C22.2 No. 60950, 73/23/EEC, EN 60950, EN 60825,  IEC 60950.  Electromagnetic Compatibility (EMC) This product complies with the following: 47 CFR Parts 2 and 15, CSA C108.8, 89/336/EEC, EN 55022, EN 55024, EN 61000‐3‐2,  EN 61000‐3‐3, AS/NZS CISPR 22, and VCCI V‐3. Compatibilidad Electromágnetica (EMC) Este producto de Enterasys cumple con lo siguiente: 47 CFR Partes 2 y 15, CSA C108.8, 89/336/EEC, EN 55022, EN 55024,  EN 61000‐3‐2, EN 61000‐3‐3, AS/NZS CISPR 22, VCCI V‐3. Elektro- magnetische Kompatibilität ( EMC ) Dieses Produkt entspricht den folgenden Richtlinien: 47 CFR Parts 2 and 15, CSA C108.8, 89/336/EEC, EN 55022, EN 55024,  EN 61000‐3‐2, EN 61000‐3‐3, AS/NZS CISPR 22, VCCI V‐3. ...
  • Page 5 European Waste Electrical and Electronic Equipment (WEEE) Notice In accordance with Directive 2002/96/EC of the European Parliament on waste electrical and electronic equipment (WEEE): The symbol above indicates that separate collection of electrical and electronic equipment is required and that this product  was placed on the European market after August 13, 2005, the date of enforcement for Directive 2002/96/EC. When this product has reached the end of its serviceable life, it cannot be disposed of as unsorted municipal waste.  It must  be collected and treated separately. It has been determined by the European Parliament that there are potential negative effects on the environment and human  health as a result of the presence of hazardous substances in electrical and electronic equipment. It is the users’ responsibility to utilize the available collection system to ensure WEEE is properly treated. For information about the available collection system, please go to http://www.enterasys.com/support/ or contact Enterasys  Customer Support at 353 61 705586 (Ireland). VCCI Notice This is a class A product based on the standard of the Voluntary Control Council for Interference by Information Technology  Equipment (VCCI) V‐3. If this equipment is used in a domestic environment, radio disturbance may arise. When such trouble  occurs, the user may be required to take corrective actions. BSMI EMC Statement — Taiwan This is a class A product. In a domestic environment this product may cause radio interference in which case the user may be  required to take adequate measures.

  • Page 6: Declaration Of Conformity

    Declaration of Conformity Application of Council Directive(s): 89/336/EEC 73/23/EEC Manufacturer’s Name: Enterasys Networks, Inc. Manufacturer’s Address: 50 Minuteman Road Andover, MA 01810 European Representative Address: Enterasys Networks, Ltd. Nexus House, Newbury Business Park London Road, Newbury Berkshire RG14 2PZ, England Conformance to Directive(s)/Product Standards: EC Directive 89/336/EEC EN 55022 EN 55024 EC Directive 73/23/EEC EN 60950 EN 60825 Equipment Type/Environment: Networking Equipment, for use in a Commercial  or Light Industrial Environment. Enterasys Networks, Inc. declares that the equipment packaged with this notice conforms to the above directives. Australian Telecom N826 WARNING: Do not install phone line connections during an electrical storm. WARNING: Do not connect phone line until the interface has been configured through local management. The service  provider may shut off service if an un‐configured interface is connected to the phone lines. WARNING: The NIM‐BRI‐ST cannot be connected directly to outside lines. An approved channel service unit (CSU) must be  used for connection to the ISDN network. In some areas this CSU is supplied by the network provider and in others it must be ...
  • Page 7 Independent Communications Authority of South Africa This product complies with the terms of the provisions of section 54(1) of the Telecommunications Act (Act 103 of 1996) and the  Telecommunications Regulation prescribed under the Post Office Act (Act 44 of 1958). TE-2002/195 TE-2002/190 APPROVED APPROVED TE-2003/112 TE-2003/113 APPROVED APPROVED SS/366.01 APPROVED VPN Consortium Interoperability The VPN Consortium’s (VPNC) testing program is an important source for certification of conformance to IPSec standards.  With rigorous interoperability testing, the VPNC logo program provides IPSec users even more assurance that the XSR will  interoperate in typical business environments. VPNC is the only major IPSec testing organization that shows both proof of  interoperability as well as the steps taken so that you can reproduce the tests.
  • Page 8 Enterasys Networks, Inc. Firmware License Agreement BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“Agreement”) between the end user (“You”) and Enterasys Networks, Inc. on behalf of itself  and its Affiliates (as hereinafter defined) (“Enterasys”) that sets forth Your rights and obligations with respect to the Enterasys  software program/firmware installed on the Enterasys product (including any accompanying documentation, hardware or  media) (“Program”) in the package and prevails over any additional, conflicting or inconsistent terms and conditions  appearing on any purchase order or other document submitted by You. “Affiliate” means any person, partnership, corporation,  limited liability company, or other form of enterprise that directly or indirectly through one or more intermediaries, controls, or  is controlled by, or is under common control with the party specified. This Agreement constitutes the entire understanding  between the parties, and supersedes all prior discussions, representations, understandings or agreements, whether oral or in  writing, between the parties with respect to the subject matter of this Agreement. The Program may be contained in firmware,  chips or other media. BY INSTALLING OR OTHERWISE USING THE PROGRAM, YOU REPRESENT THAT YOU ARE AUTHORIZED TO  ACCEPT THESE TERMS ON BEHALF OF THE END USER (IF THE END USER IS AN ENTITY ON WHOSE BEHALF YOU  ARE AUTHORIZED TO ACT, “YOU” AND “YOUR” SHALL BE DEEMED TO REFER TO SUCH ENTITY) AND THAT YOU  AGREE THAT YOU ARE BOUND BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES, AMONG OTHER  PROVISIONS, THE LICENSE, THE DISCLAIMER OF WARRANTY AND THE LIMITATION OF LIABILITY. IF YOU DO NOT  AGREE TO THE TERMS OF THIS AGREEMENT OR ARE NOT AUTHORIZED TO ENTER INTO THIS AGREEMENT,  ENTERASYS IS UNWILLING TO LICENSE THE PROGRAM TO YOU AND YOU AGREE TO RETURN THE UNOPENED  PRODUCT TO ENTERASYS OR YOUR DEALER, IF ANY, WITHIN TEN (10) DAYS FOLLOWING THE DATE OF RECEIPT  FOR A FULL REFUND. IF YOU HAVE ANY QUESTIONS ABOUT THIS AGREEMENT, CONTACT ENTERASYS NETWORKS, LEGAL  DEPARTMENT AT (978) 684‐1000.  You and Enterasys agree as follows: LICENSE. You have the non‐exclusive and non‐transferable right to use only the one (1) copy of the Program provided in  this package subject to the terms and conditions of this Agreement. RESTRICTIONS. Except as otherwise authorized in writing by Enterasys, You may not, nor may You permit any third  party to: (i) Reverse engineer, decompile, disassemble or modify the Program, in whole or in part, including for reasons of error ...
  • Page 9 UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The enclosed Program (i) was developed solely at private  expense; (ii) contains “restricted computer software” submitted with restricted rights in accordance with section 52.227‐19  (a) through (d) of the Commercial Computer Software‐Restricted Rights Clause and its successors, and (iii) in all respects is  proprietary data belonging to Enterasys and/or its suppliers. For Department of Defense units, the Program is considered  commercial computer software in accordance with DFARS section 227.7202‐3 and its successors, and use, duplication, or  disclosure by the Government is subject to restrictions set forth herein.  DISCLAIMER OF WARRANTY. EXCEPT FOR THOSE WARRANTIES EXPRESSLY PROVIDED TO YOU IN WRITING  BY Enterasys, Enterasys DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT  LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A  PARTICULAR PURPOSE, TITLE AND NON‐ INFRINGEMENT WITH RESPECT TO THE PROGRAM. IF IMPLIED  WARRANTIES MAY NOT BE DISCLAIMED BY APPLICABLE LAW, THEN ANY IMPLIED WARRANTIES ARE  LIMITED IN DURATION TO THIRTY (30) DAYS AFTER DELIVERY OF THE PROGRAM TO YOU.  LIMITATION OF LIABILITY. IN NO EVENT SHALL ENTERASYS OR ITS SUPPLIERS BE LIABLE FOR ANY  DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS,  BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR  RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM, EVEN  IF ENTERASYS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS FOREGOING LIMITATION  SHALL APPLY REGARDLESS OF THE CAUSE OF ACTION UNDER WHICH DAMAGES ARE SOUGHT. THE CUMULATIVE LIABILITY OF ENTERASYS TO YOU FOR ALL CLAIMS RELATING TO THE PROGRAM, IN  CONTRACT, TORT OR OTHERWISE, SHALL NOT EXCEED THE TOTAL AMOUNT OF FEES PAID TO ENTERASYS BY  YOU FOR THE RIGHTS GRANTED HEREIN.  AUDIT RIGHTS. You hereby acknowledge that the intellectual property rights associated with the Program are of critical  value to Enterasys and, accordingly, You hereby agree to maintain complete books, records and accounts showing (i) license  fees due and paid, and (ii) the use, copying and deployment of the Program. You also grant to Enterasys and its authorized  representatives, upon reasonable notice, the right to audit and examine during Your normal business hours, Your books,  records, accounts and hardware devices upon which the Program may be deployed to verify compliance with this  Agreement, including the verification of the license fees due and paid Enterasys and the use, copying and deployment of  the Program. Enterasys’ right of examination shall be exercised reasonably, in good faith and in a manner calculated to not  unreasonably interfere with Your business. In the event such audit discovers non‐compliance with this Agreement, ...
  • Page 10 11. ASSIGNMENT. You may not assign, transfer or sublicense this Agreement or any of Your rights or obligations under this  Agreement, except that You may assign this Agreement to any person or entity which acquires substantially all of Your  stock or assets. Enterasys may assign this Agreement in its sole discretion. This Agreement shall be binding upon and inure  to the benefit of the parties, their legal representatives, permitted transferees, successors and assigns as permitted by this  Agreement. Any attempted assignment, transfer or sublicense in violation of the terms of this Agreement shall be void and  a breach of this Agreement. 12. WAIVER. A waiver by Enterasys of a breach of any of the terms and conditions of this Agreement must be in writing and  will not be construed as a waiver of any subsequent breach of such term or condition. Enterasys’ failure to enforce a term  upon Your breach of such term shall not be construed as a waiver of Your breach or prevent enforcement on any other  occasion. 13. SEVERABILITY. In the event any provision of this Agreement is found to be invalid, illegal or unenforceable, the validity,  legality and enforceability of any of the remaining provisions shall not in any way be affected or impaired thereby, and that  provision shall be reformed, construed and enforced to the maximum extent permissible. Any such invalidity, illegality or  unenforceability in any jurisdiction shall not invalidate or render illegal or unenforceable such provision in any other  jurisdiction. 14. TERMINATION. Enterasys may terminate this Agreement immediately upon Your breach of any of the terms and  conditions of this Agreement. Upon any such termination, You shall immediately cease all use of the Program and shall  return to Enterasys the Program and all copies of the Program.

  • Page 11: Table Of Contents

    Contents Preface Contents of the Guide ............................xv Conventions Used in This Guide ........................xv Getting Help ..............................xvii Chapter 1: Overview System Description ............................1-1 Hardware Features ..........................1-2 Software Features ............................ 1-3 Industry-common CLI ......................... 1-3 IP Protocol ............................1-3 IP Routing............................
  • Page 12 BRI Configuration ............................. 3-9 BRI Leased Line ..........................3-9 BRI Leased Frame Relay ......................... 3-10 BRI Switched Line ..........................3-10 ADSL Configuration ..........................3-11 PPPoE .............................. 3-11 PPPoA .............................. 3-11 IPoA..............................3-12 Firewall Sample Configuration ........................3-12 Configure RIP Routing ..........................3-14 Configure OSPF Routing ..........................
  • Page 13 bU ................................3-38 cd ................................3-38 copy ................................ 3-38 da ................................3-38 df ................................3-38 del ................................3-38 dir ................................3-38 ds ................................3-39 dt ................................3-39 ff ................................3-39 ffc ................................3-39 ng ................................3-39 np ................................3-40 ns ................................3-40 remove ..............................

  • Page 15: Contents Of The Guide

    This guide provides a general overview of the XSR-1805 hardware and software features and describes how to quickly install and configure the XSR. Refer to the XSR-1805 CLI Reference Guide and XSR-1805 User’s Guide for information not contained in this document.
  • Page 16 Electrical Hazard: Warns against an action that could result in personal injury or death due to an electrical hazard. Riesgo Electrico: Advierte contra una acción que pudiera resultar en lesión corporal o la muerte debido a un riesgo eléctrico. Elektrischer Gefahrenhinweis: Installationen sollten nur durch ausgebildetes und qualifiziertes. Personal vorgenommen werden.

  • Page 17: Getting Help

    Getting Help For additional support related to the XSR, contact Enterasys Networks by one of these methods: World Wide Web http://www.enterasys.com Phone (978) 684-1000 1-800-872-8440 (toll-free in U.S. and Canada) For the Enterasys Networks Support toll-free number in your country: http://www.enterasys.com/support/gtac-all.html...
  • Page 18 xviii...

  • Page 19: Chapter 1: Overview

    Overview This chapter introduces key features of the XSR-1805 and briefly describes hardware installation. System Description The XSR is a networking device designed for enterprise branch offices that provides IP routing over FastEthernet LAN and T1/E1, Serial (RS232, X.21, V.35, RS422/530, RS449), Dial Services via POTS, ISDN (BRI, PRI), or Frame Relay WAN connections.

  • Page 20: Hardware Features

    • Compact chassis (2.5” high by 14“wide by 10.625“deep with feet attached) that you can stack five high and optionally mount in a standard 19” rack or custom Enterasys rack-mount kit • 90 - 265 VAC external power supply with country-specific line cords •...

  • Page 21: Software Features

    System Description • Console interface including modem control signals for remote debugging, out-of-band configuration or dial backup. • 32 MBytes of SDRAM/DIMM memory upgradable to 64 MBytes, 8 MBytes of Onboard Flash, and 8, 16, 32, or 64 Mbyte optional, plug-in CompactFlash card. •...

  • Page 22: Ip Routing

    System Description • Internet Group Management Protocol (IGMP) • Remote Auto Install over Ethernet • Simple Network Time Protocol (SNTP) server • OS fallback IP Routing • Static and multiple routes to the same destination • Redistribution of routes from RIP, OSPF, BGP, connected, or static into RIP, OSPF, and BGP •...

  • Page 23: Security

    System Description Security • Stateful inspection firewall engine • FTP, H.323, and RPC (SUN and Microsoft) ALG support • Application commands for FTP, SMTP, & HTTP • Firewall logging and authentication • Firewall interaction with NAT & VPN • Standard and Extended Access Control Lists •...

  • Page 24: Dynamic Host Configuration Protocol (Dhcp)

    System Description • Periodic Keep-Alive messages to learn of connection problems • Multi-protocol interconnect over Frame Relay - RFC-2427 • RFC-2390 Frame Relay Inverse ARP to discover IP address of remote peer when used in multi- point mode and responds to incoming Inverse ARP requests independent of P2P or MP2P •...

  • Page 25: Quality Of Service (Qos)

    System Description • Bandwidth optimization (BoD) & Dial on Demand (DoD) • Bandwidth Allocation Protocol (BAP) • Security: PAP/CHAP • Call monitoring • Multilink PPP (MLPPP) • Per call activation for NTT switches • Frame Relay over ISDN Quality of Service (QoS) •...

  • Page 26: Gre Over Ipsec

    System Description • Encryption • Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES), Data Encryption Standard (DES) • 3DES/DES acceleration • Data Integrity • MD5 & SHA-1 algorithms • Internet Protocol Security (IPsec) • Encapsulating Security Payload (ESP), Authentication Header (AH) & IPComp •...

  • Page 27: Asynchronous Digital Subscriber Line (Adsl)

    System Description Asynchronous Digital Subscriber Line (ADSL) • POTS and ISDN circuit support • ATM Frame UNI (FUNI) data framing format • OAM cells: AIS, RDI, CC, Loopback over F4 and F5 flows • Up to 30 ATM Permanent Virtual Circuits (PVCs) •...

  • Page 28: Installation Overview

    Enterasys Networks sales representative. Install any optional memory component. Install NIM cards. Optional. Mount the XSR in a rack or the custom Enterasys rack-mount kit (refer to the XSR- 1805 Rack-Mount Kit Manual for details). Connect Ethernet cable(s) to the FastEthernet LAN port(s).

  • Page 29: Chapter 2: Hardware Installation

    Hardware Installation Introduction This chapter provides a checklist to verify your shipment and describes how to install the following XSR hardware: • NIM cards • Optional - CompactFlash card • Optional - DIMM upgrade • Optional - Rack-mounted XSR • Connecting cables Note: For instructions on installing a balun and grounding shunt/terminal strip on E1 NIM cards only, refer to Appendix A: Specifications on...

  • Page 30: Installing The Nim Cards

    Installing the NIM Cards • Each XSR AC power supply requires a three-pronged power receptacle capable of delivering the current and voltage specified in Appendix A. An AC outlet on a separately fused circuit is required for each XSR to provide power redundancy, and must be located within 182 centimeters (6 feet) from the site.
  • Page 31 Installing the NIM Cards Unfasten the four screws holding the rear access cover to the chassis and remove it as shown Figure 2-2. Figure 2-2 Removing Rear Access Cover Unfasten the two screws securing the NIM brace/grounding plates and remove them as shown in Figure 2-3.
  • Page 32 Installing the NIM Cards Reorient the NIM brace and fasten it to the NIM as shown in Figure 2-4. Figure 2-4 Installing NIM Brace Press the NIM gently into the pin holding assembly in the open card slot (NIM 2) and fasten to the chassis with the screws provided as shown in Figure 2-5.

  • Page 33: Installing The Compactflash Memory Card

    Installing the CompactFlash Memory Card Installing the CompactFlash Memory Card The CompactFlash (CF) memory card provides additional non-volatile storage capabilities in various increments. The CF’s controller interfaces with a host system allowing data to be written to and read from the CF’s flash memory module. Refer to Figure 2-6.

  • Page 34: Dimm Upgrade For Adsl Operation

    DIMM Upgrade for ADSL Operation DIMM Upgrade for ADSL Operation If you install the ADSL NIM, we recommend that you upgrade the Dual In-line Memory Module (DIMM) card in the XSR to 64 MBytes. The standard DIMM of 32 MBytes can easily be upgraded simply by disassembling the chassis, removing the existing DIMM, and installing a new DIMM.
  • Page 35 DIMM Upgrade for ADSL Operation Detach the chassis cover from the chassis base by unfastening the four screws attaching the parts, as shown in Figure 2-8. Figure 2-8 Removing the Chassis Cover DIMM card On the motherboard, gently pull the two beige handle clasps down, as shown Figure 2-9, to release the 32 MByte DIMM card from its connector and remove.

  • Page 36: Rack Mounting The Xsr

    Rack Mounting the XSR Insert the 64 MByte DIMM card in the 100-pin female DIMM connector, making sure that its notched lip lines up correctly with the connector. As you gently press the DIMM down into the connector, as shown in Figure 2-10, the handle clasps will partially close.

  • Page 37: Connecting Cables

    2-12. Figure 2-12 Cabling Console Port Connect the NIM port(s) to your High Speed Serial WAN connectors with cabling provided separately by Enterasys or a third-party source, as shown in Figure 2-13. Figure 2-13 Cabling WAN Connections (High Speed Serial NIM Shown...
  • Page 38 Connecting Cables Optionally, you can connect WAN cables to a T3/E3 NIM, as shown in Figure 2-14, or an ADSL NIM, as shown in Figure 2-15, or a T1 Drop & Insert NIM, as shown in Figure 2-16. Figure 2-14 Attaching T3/E3 BNC Connectors Figure 2-15 Connecting ADSL RJ-11 Connector...
  • Page 39 Connecting Cables Figure 2-16 Connecting T1 Drop & Insert Connector Cable the FastEthernet port(s) to your LAN drop or a Hub, as shown in Figure 2-17. Figure 2-17 Cabling FastEthernet (LAN) Connection Attach the power supply cord to the power connector at the rear of the XSR, as shown in Figure 2-18, and plug in the country-appropriate power cord to a wall socket.
  • Page 40 Connecting Cables 2-12 Hardware Installation...

  • Page 41: Chapter 3: Software Configuration

    Software Configuration This chapter describes how to initialize, quickly set up and verify your configuration for the XSR. Refer to the XSR CLI Reference Guide for a more thorough explanation of commands and parameter options. The chapter also includes sample configuration scripts, detailed XSR rebooting characteristics and Bootrom Monitor mode instructions.
  • Page 42 Powering On and Initializing XSR Software • ETH 10/100 LEDs turn ON and OFF a few times during initialization as the XSR proceeds from bootrom to power up diagnostics to software image, then they remain ON or OFF depending on the LAN type. •...

  • Page 43: Opening A Console Session

    Opening a Console Session first error will be reported, along with a count of the sum of errors incurred. In the case of a single error, only the error line will be reported. Error messages will be logged as well. Because the result of continuing to process a flawed startup-config is not predictable, the nature and position of the syntax error may cause the erroneous configuration of the XSR.
  • Page 44 Optional: Configuring Remote Auto Install to IP addresses 133.133.1.2 and 133.133.1.3. If the DLCI will connect to a remote XSR running RAI, then add the bootp parameter after the static IP address. This configuration supports two remote XSRs connected on DLCIs 16 and 18. Make sure with your Frame Relay provider that these DLCIs terminate at the location of the remote XSRs.

  • Page 45: Configuring Rai For Dhcp Over Lan

    Optional: Configuring Remote Auto Install Phase 6 - getting hostname xsrnode-confg from tftp server into flash: startup- config rDNS has responded with the hostname which will be used in the TFTP transfer. RAI will try several file names xsrnode if this file is not available from the server. Phase 7 - preparing node to execute startup-config TFTP transfer succeeded in copying the hostname file to the file.
  • Page 46 Optional: Configuring Remote Auto Install The following is a CISCO configuration at the central site: vpdn enable Enables a virtual private dial-up network configuration on the router. vpdn-group 1 Creates a VPDN session group and links it to a virtual template. accept-dialin protocol pppoe virtual-template 1...

  • Page 47: Configuring The Xsr Name And User Information

    Configuring the XSR Name and User Information Phase 2 - ADSL - searching for pvc's...vpi/vci (0/0) The XSR looks for PVC 0/0 and higher. Phase 2 - ADSL - searching for pvc's...vpi/vci (0/38) The XSR looks for PVC 0/38 and higher. Phase 3 - ADSL - trying to connect on 0/35 with snap PPPoE PVC 0/35 is found, SNAP PPPoE encapsulation is applied and authentication tried if required.

  • Page 48: Setting The Clock

    Setting the Clock Setting the Clock XSR 1800 and 3000 Series routers have an on-board Real Time Clock (RTC) chip with which to keep accurate time across the network. As an alternative to accessing a public time server, you can utilize the RTC as a time reference and propagate it by configuring XSRs as Simple Network Time Protocol (SNTP) servers or clients.

  • Page 49: Bri Configuration

    Configuring the WAN Ports Enter channel-group <number> timeslot <number> <speed> <number> to create a channel group. This command allows multiple logical WAN interfaces to be created on a single channelized T1/E1/ISDN-PRI port, ranging from 0 - 23 for T1 lines, and 0 - 31 for E1 lines. Also, from 1 - 24 T1 and 1 - 31 E1 timeslots can be set.

  • Page 50: Bri Leased Frame Relay

    Configuring the WAN Ports Enter to set an IP address for the BRI interface. ip address <xxx.xxx.xxx.xxx>/24 Enter to select PPP encoding. encapsulation ppp Enter to keep the BRI interface enabled. no shutdown BRI Leased Frame Relay Enter to acquire BRI Interface mode and select the BRI interface bri 0:<1 | 2>.<1-30>...

  • Page 51: Adsl Configuration

    Configuring the WAN Ports Remember to save your configuration after all edits. ADSL Configuration ADSL can be configured using three different types of encapsulation: PPPoA, PPPoE, and IPoA. Continue configuration with the ADSL type of your choice. PPPoE The following commands configure a sample PPPoE topology. The first set configures the LAN interface with directed broadcasts prohibited.

  • Page 52: Ipoa

    Firewall Sample Configuration XSR(config-if<F1>)#no ip directed-broadcast XSR(config-if<F1>)#no shutdown The commands below configure the ATM interface and sub-interface with a negotiated IP address, CHAP username and password, and bans keepalives. XSR(config)#interface ATM 0 XSR(config-if<ATM0/0>)#no shutdown XSR(config-if<ATM0/0.1>)#interface ATM 0.1 XSR(config-if<ATM0/0.1>)#no shutdown XSR(config-if<ATM0/0.1>)#encapsulation snap pppoa XSR(config-if<ATM0/0.1>)#ip address negotiated XSR(config-if<ATM0/0.1>)#ip mtu 1492 XSR(config-if<ATM0/0.1>)#ip tcp adjust-mss 1400...
  • Page 53 Firewall Sample Configuration Figure 3-1 XSR with Firewall Topology 220.150.2.32/28 XSR-1805 Frame Relay 220.150.2.35 206.12.44.16/28 220.150.2.37 Internet 220.150.2.17 Internal 220.150.2.36 220.150.2.16/28 Web server Mail server (HTTP) (SMTP) 220.150.2.19 220.150.2.18 In this configuration, the firewall provides protected access from the private to dmz networks. That is, access is restricted to Web and mail traffic only.

  • Page 54: Configure Rip Routing

    Configure RIP Routing Trial load the completed configuration into the firewall engine, and if successful, load the configuration: XSR(config)#ip firewall load trial XSR(config)#ip firewall load Complete LAN and WAN interface configuration: XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip address 220.150.2.35 255.255.255.0 XSR(config-if<F1>)#no shutdown XSR(config)#interface fastethernet 2 XSR(config-if<F2>)#ip address 220.150.2.17 255.255.255.0 XSR(config-if<F2>)#no shutdown...

  • Page 55: Configure Ospf Routing

    Configure OSPF Routing 12. Enter network <xxx.xxx.xxx.xxx> (IP address) of the network to be advertised. Repeat the command to configure additional networks. 13. Enter passive-interface type num if you want to prevent RIP transmissions on the interface. 14. Enter no receive-interface if you want to disable reception of RIP updates on the interface. Remember to save your configuration after all edits.

  • Page 56: Setting Up The Backup Line

    Setting Up the Backup Line Enter map-class frame-relay <name> to designate this map-class and acquire Map-Class mode. Enter frame-relay cir out <bits> to set the outgoing CIR (the default is 56000 bps). Refer to the XSR User’s Guide for more details. Enter frame-relay bc out <bits>...

  • Page 57: Setting Up Snmp Community Strings, Traps And V3 Values

    Setting Up SNMP Community Strings, Traps and V3 Values 10. To set up the Console port as a serial port, perform the following: • Enter interface serial 0 to decouple the port from the CLI and acquire Interface mode. • Enter no shutdown to keep the interface enabled. •...

  • Page 58: Configuring Message Logging And Severity Level

    Configuring Message Logging and Severity Level Remember to save your configuration after all edits. Refer to the XSR User’s Guide for information about other SNMP commands. Note: To restart the XSR using NetSight or SNMP management programs, you must enter the snmp-server system-shutdown command.

  • Page 59: Connecting Via The Web

    Point your terminal’s Web browser at the XSR’s IP address. Enter http://<XSR IP address>. The initial Web access window appears as shown in Figure 3-2. Figure 3-2 Initial Web Access Window STATUS Product Version X-Pedition Products X-Pedition Security Router XSR © 2004 Enterasys Networks. All rights XSR Getting Started Guide 3-19...
  • Page 60 Figure 3-3. Figure 3-3 Web Product Version Window Product Version Copyright 2004 by Enterasys Networks, Inc. Hardware: Processor board ID: 9002854-02 REV0A Serial Number: (not displayed) Processor: IBM PowerPC 405GP Rev. D at 200MHz RAM installed: 64MB...

  • Page 61: Lan-Ppp Services Sample Configuration

    Sample LAN-PPP Services Configuration Hostname: branch1 Hostname: mainsite Username: mainsite Username: branch1 Password: Toronto Password: Toronto 192.168.1.100/24 Central Site XSR-1805 154.168.1.47/24 PSTN Leased line Leased line or E1/T1 fractional E1/T1 XSR-1805 serial V.35/X.21 Server SSR-8600 Backup via serial (RS-232 dial) 1-800-555-1111 Backup Site...

  • Page 62: Frame Relay Wan Link With Ppp Backup Sample Configuration

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR(config-controller<T1-1/0>)#no shutdown Enables T1 controller XSR(config)#interface serial 1/0:0 Configures Serial interface 1, port 1 using channel group 0 and acquires Interface mode XSR(config-if<S1/0:0>)#encapsulation ppp Enables PPP encapsulation XSR(config-if<S1/0:0>)#ppp authentication chap Configures CHAP authentication on the interface XSR(config-if<S1/0:0>)#ip address 154.68.1.47 255.255.255.0 Enables IP address for serial interface 1/0 XSR(config-if<S1/0:0>)#backup interface dialer 5...

  • Page 63: Configure Users And Passwords

    Frame Relay WAN Link with PPP Backup Sample Configuration Configure Users and Passwords XSR>enable Acquires Privileged EXEC mode XSR#configure Acquires Global configuration mode XSR(config)#username bob password cleartext bobspassword Adds a user and unencrypted password Configure LAN Interface XSR(config)#interface fastethernet 1 Configures the local LAN port and acquires Interface mode XSR(config-if<F1>)#ip address 192.168.1.100 255.255.255.0 Enables the IP address for the FastEthernet port...

  • Page 64: Configure Wan/Frame Relay Port

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR(config-pmap-c<priority-policy>)#set ip dscp ef Configures IP precedence to match packets with Expedited Forwarding XSR(config-pmap<priority-policy>)#class priority-server Adds another queue for this policy map and enters Class sub-mode XSR(config-pmap-c<priority-server>)#priority medium 20 6400 Gives medium priority queue a peak 20% of bandwidth, burst size of 6400 bits per second XSR(config)#policy-map data_policy Adds a policy map and acquires Policy Map mode XSR(config-pmap<data_policy>)#class data_class...

  • Page 65: Apply Qos

    Frame Relay WAN Link with PPP Backup Sample Configuration XSR(config-if<S1/0.2-16>)#ip address 154.68.2.1 255.255.255.0 Configures the IP address of DLCI 16 XSR(config-if<S1/0.2-16>)#no shutdown Enables DLCI 16 interface Apply QoS XSR(config)#map-class frame-relay CLASS-FRP Adds an FR map class and acquires FR Map Class mode XSR(config-map-class<CLASS-FRP>)#frame-relay cir out 48000 Sets this map class’...

  • Page 66: Configure More Access Lists

    Frame Relay WAN Link with PPP Backup Sample Configuration Configure More Access Lists The following ACLs deny any packets to or from network 192.168.1.15 as they enter or leave FastEthernet 1 interface, and permit traffic to or from subnet 192.168.2.xx while denying any other traffic.

  • Page 67: Configure Snmp

    Adds another SNMP community with read-write privileges attached to ACL 26 XSR(config)#snmp-server enable traps Enables traps to be transmitted XSR(config)#snmp-server contact support@enterasys.com Specifies contact information for the management server XSR(config)#snmp-server location “HQ 2nd floor” Specifies the location of the management server XSR(config)#snmp-server host 192.168.2.101 traps trapCommunity...

  • Page 68: Generate Master Encryption Key

    VPN Site-to-Site Sample Configuration Generate Master Encryption Key If you have not already generated a master encryption key, you must do so now to configure the VPN. A master key need only be generated once. Caution: The master encryption key is stored in hardware, not Flash, and you cannot read the key - only overwrite the old key by writing a new one.

  • Page 69: Create A Transform Set

    VPN Site-to-Site Sample Configuration Create a Transform Set The following transform-set specifies the specified encryption/data integrity choices, 768-bit Diffie-Hellman, and an SA lifetime expressed in kilobytes. The SA seconds lifetime value is disabled. Some commands are abbreviated. XSR(config)#crypto ipsec transform-set esp-3des-sha esp-3des esp-sha-hmac XSR(cfg-crypto-tran)#set pfs group1 XSR(cfg-crypto-tran)#set security-association lifetime lifetime kilobytes 100000 XSR(cfg-crypto-tran)#no set security-association lifetime lifetime seconds...

  • Page 70: Configuring Authentication (Aaa)

    VPN Sample Configuration with NEM, EZ-IPSec & Internet Access XSR(config)#interface vpn 57 multi-point XSR(config-int-vpn)#ip address 192.168.2.1 255.255.255.0 XSR(config)#router rip XSR(config-router)#network 112.16.10.0 XSR(config-router)#passive-interface fastethernet 2 XSR(config-router)#no receive-interface fastethernet 2 XSR(config-router)#distribute-list 1 out vpn 1 XSR(config)#ip route 0.0.0.0 0.0.0.0 112.16.244.9 XSR(config)#ip route 112.16.72.0 255.255.255.0 112.16.244.9 XSR(config)#ip route 112.16.76.0 255.255.255.0 112.16.244.7 XSR(config)#ip route 112.16.80.0 255.255.255.0 112.16.244.5 Configuring Authentication (AAA)
  • Page 71 VPN Sample Configuration with NEM, EZ-IPSec & Internet Access Figure 3-6 VPN Topology with NEM, EZ-IPSec and Internet Access eth0: 10.11.11.1/24 FastEthernet 1: 172.16.10/24 eth1: 26.26.26.11/24 FastEthernet 2: 26.26.26.10/24 Virtual IP Pool: 172.16.10.0/24 26.26.26.0/24 eth0: 10.12.12.1/24 eth1: 26.26.26.12/24 172.16.10.0 If you have not already generated a master encryption key, you must do so now to configure the VPN.
  • Page 72 VPN Sample Configuration with NEM, EZ-IPSec & Internet Access XSR(config)#ip local pool virtual_subnet 10.10.10.0 255.255.255.248 Configure AAA authentication by assigning a virtual subnet to the DEFAULT AAA group, associate it with DNS and WINs servers, and add two AAA users with passwords. When a remote XSR tunnels into the local XSR, it will be assigned these DNS, WINS and PPTP values and be assigned dynamically to the IP pool virtual_subnet.

  • Page 73: Xsr Rebooting Characteristics

    CLI describes router initialization. Initialization Output The XSR displays the following output when it initializes (cold reboot): X-Pedition Security Router Bootrom Copyright 2004 Enterasys Networks Inc. HW Version: 9002854-02 REV0A Serial Number: 0001F4000102 CPU: IBM PowerPC 405GP Rev. D VxWorks version: 5.4 Bootrom version: 1.20...
  • Page 74 Testing ISDN PMC in Slot [2] .......<Not Installed> Testing ISDN PMC in Slot [3] .......<Not Installed> Exiting Diagnostics..X-Pedition Security Router Bootrom Copyright 2001 Enterasys Networks Inc. HW Version: 9002854-02 REV0A Serial Number: 0001F4000102 CPU: IBM PowerPC 405GP Rev. D VxWorks version: 5.4 Bootrom version: 1.20...

  • Page 75: Reboot Triggers

    XSR Rebooting Characteristics Verifying uncompressed chksum ... Starting at 0x10000... Attached TCP/IP interface to Eth unit 1 Attaching interface lo0...done cflash:/ - Volume is OK Restoring startup configuration files, please wait Startup configuration files have been restored. login: Reboot Triggers Although there are two types of reboots of the XSR - warm or cold - reboots can be triggered in up to eight different ways.

  • Page 76: Watchdog Timer Expiration

    Bootrom Monitor Mode Commands Watchdog Timer Expiration When the internal watchdog timer expires, causing the XSR to fail, fault information is captured in a report and a warm boot is initiated. But if more than three warm boots are detected within one minute, a cold boot will be initiated.
  • Page 77 Bootrom Monitor Mode Commands • Display or change date and time on real-time clock • Commands for development use only This command initiates a cold reboot. This command initiates a warm reboot. This command changes the Bootrom password. The default password is blank. You are prompted to enter a password by the following script: XSR-1800:bp Enter current password:...

  • Page 78: Copy

    Bootrom Monitor Mode Commands Locking 8 Bootrom flash sectors ***** Bootrom update completed. ***** Using default Bootrom password. The system is not secure!!! Use “bp” to change password XSR-1800: This command updates the bootrom file through a network transfer to a local file. Be sure to enter in uppercase.

  • Page 79: Ffc

    Bootrom Monitor Mode Commands 817496 SEP-17-2002 15:21:32 bootrom1_18.fls 3220453 SEP-17-2002 15:24:08 xsr1800.fls SEP-17-2002 15:25:00 startup-config SEP-17-2002 15:26:14 user.dat SEP-17-2002 15:27:46 cert.dat SEP-17-2002 15:26:54 leases.cfg SEP-17-2002 15:27:46 dhcpd.cfg 2328576(0x238800) bytes free on flash: This command sets the system date with the syntax .

  • Page 80: Remove

    Bootrom Monitor Mode Commands This command modifies network parameters. You are prompted to enter data by the following script. While most of the options are self-explanatory, three require further description. • When set to no, the Autoboot option places the prompt in Bootrom mode when you boot or power up the XSR.
  • Page 81 Bootrom Monitor Mode Commands This command shows a fault report. Sample output is shown as follows: XSR-1800: sf No fault report at 0x1feef00 This command displays system inventory. Sample output is shown as follows: XSR-1800: si IBM PowerPC 405GP Rev. D Processor speed = 200 MHz PLB speed...
  • Page 82 Bootrom Monitor Mode Commands This command shows the bootrom version with sample output below: XSR-1800: sv X-Pedition Security Router Bootrom Copyright 2002 Enterasys Networks Inc. HW Version: 9002854-02 REV0A Serial Number: 0001F4000102 CPU: IBM PowerPC 405GP Rev. D VxWorks version: 5.4 Bootrom version: 1.20...

  • Page 83: Appendix A: Specifications

    Specifications System Specifications This appendix details XSR data about hardware functionality including: • Processor, system memory, chassis, power supply, interfaces • Required cabling, CompactFlash and other accessories • Pinout assignments for WAN and LAN interfaces • LED behavior Refer to tables throughout this appendix for specific information. Table A-1 XSR Hardware Specifications Category Parameters Processor Type IBM PowerPC©...

  • Page 84: Cable, Compactflash And Accessory Specifications

    Display port and system status, warn of Flash upgrade. Cable, CompactFlash and Accessory Specifications Refer to the following table for specifications of cables, CompactFlash and accessories for the XSR.  This equipment can all be obtained separately from Enterasys Networks or through any computer  supply retailer.  Table A-2 XSR Cabling/Accessory Guide Part Description Connector Part # Function 6’ DB-9 null modem cable DB-9, male N/A from Enterasys Console link to serial line...
  • Page 85 Table A-2 XSR Cabling/Accessory Guide (continued) Part Description Connector Part # Function .58 - 10 meter 10/100BaseT straight-through or RJ-45 N/A from Enterasys Ethernet link to hub/switch or cross-over cables PC/uplink port 100 or 120-ohm, straight-through, twisted-pair T1/E1 Port N/A from Enterasys...

  • Page 86: Console Port

    Cable, CompactFlash and Accessory Specifications Console Port The XSR comes equipped with a serial port useful for initial configuration. Using a serial (null modem) cable, you can attach the router’s DB‐9 Console port to a data terminal  port and directly configure the XSR over the asynchronous connection.Then, open a  communications or Telnet session to communicate with the router. If you use a communications  program, set the connection properties as follows: • Connect using: Direct to COMx (where x is an unused COM port) • Bits per second: 9600 • Data bits: 8 • Parity: None • Stop bits: 1 •...

  • Page 87: Ethernet Ports

    Cable, CompactFlash and Accessory Specifications Ethernet Ports The XSR comes equipped with two Ethernet (LAN) ports that support full‐duplex 10 or 100 Mbps  transmission. Both ports conform to IEEE 802.3 standards with 8‐pin modular RJ‐45 connectors. A  cross‐over cable is used to connect the XSR directly to a PC or uplink port while a straight‐through  cable is used to attach the router to a hub or switch. Refer to Figure A‐2 for pinout assignments. Figure A-2 Ethernet Port Pinouts Pin Signal Transmit + Ethernet 1 & 2 Transmit - Pin 8 Pin 1 Receive + Not used Not used Receive - Not used Not used Copper/Fiber-optic Ethernet NIMs The single‐port Copper or Fiber‐optic Ethernet NIMs, shown in Figure A‐3 and Figure...

  • Page 88: 2/4-Port Serial Nim Card Port

    Cable, CompactFlash and Accessory Specifications Regulatory/Safety Compliance The Copper and Fiber‐optic Ethernet NIMs comply with these regulatory and safety  requirements: IEE 802.3, UL 1950, CSA No. 950, EN 60950, and IEC 950 (CB Scheme Report). 2/4-Port Serial NIM Card Port The High Speed Serial NIM card, as shown in Figure A‐6, provides a WAN connection to four  different types of DTEs: DB‐15, 25, 37, and V.35. This interface can support dual and quad traffic  up to 8 Mbps. Figure A-6 High Speed Serial NIM Port 68-pin Serial Pin 1 Pin 68 Refer to Figure A‐7 through Figure A‐11 for all Serial NIM pinout assignments. Figure A-7 X.21 DTE Pin Assignments X.21 DTE Receive2+ Receive0+...
  • Page 89 Cable, CompactFlash and Accessory Specifications Figure A-8 EIA-232/530 DTE Pin Assignments DSR2+ DSR0+ - 68-pin male SCSI III type con ne cto DSR2- DSR0- J2...J5 - DB-25 type male connector RxD2+ RxD0+ RxD2- RxD0- TxD2 + TxD0+ TxD2- TxD0- RTS2+ RTS0+ Port 1 RTS0-...
  • Page 90 Cable, CompactFlash and Accessory Specifications Figure A-9 EIA-449 DTE Pin Assignments ON2+ ON0+ - 68-pin male SCSI III type con ne ctor ON2- ON0- J2...J5 - DB-37 type ma le con nector RD2+ RD0+ RD2- RD0- SD2+ SD0+ SD2- SD0- RS2+ RS0+ RS2-...
  • Page 91 Cable, CompactFlash and Accessory Specifications Figure A-10 Combined V.35/EIA-232/530 DTE Pin Assignments PORT 1 PORT 3 (EIA-232/530) (EIA-232/530) DSR1+ DSR3+ DSR1- DSR3- RxD1+ RxD3+ RxD1- RxD3- TxD1+ TxD3+ TxD1- TxD3- RTS1+ RTS3+ RTS1- RTS3- DTR1+ DTR3+ DTR1- DTR3- CTS1+ CTS3+ CTS1- CTS3- TxC1+...
  • Page 92 Cable, CompactFlash and Accessory Specifications Figure A-11 V.35 DTE Pin Assignments V.35 D TE DSR2 DSR0 - 68 -p in male SCSI III type conne cto RD2+ RD0+ J2...J5 - V.35 type ma le conne ctor RD2 - RD0 - SD2+ SD0+ SD2-...

  • Page 93: T1/E1/Isdn Pri Nim Card Ports

    Cable, CompactFlash and Accessory Specifications T1/E1/ISDN PRI NIM Card Ports The T1/E1/ISDN PRI NIM, as shown in Figure A‐12, comes equipped with either 1, 2 or 4 Ethernet  (WAN) ports that support fractional T1/E1 transmission in full‐channel, fractional or  unchannelized format with 8‐pin modular RJ‐48C connectors and include a built‐in DSU/CS. Cables required for these ports must be 100‐ohm, straight‐through, twisted‐pair for T1 lines and a  120‐ohm version for E1 lines. Refer to Figure A‐13 for pinout assignments.  Note: If you are using the TI/EI/ISDN PRI NIM in Singapore or Australia, the cables required for these ports must not employ individual shields for each pair. Figure A-12 .4-Port T1/E1/ISDN PRI NIM Card (RJ-48C ports shown) Figure A-13...

  • Page 94: Balun For E1 Or Pri Nim Cards

    Cable, CompactFlash and Accessory Specifications Balun for E1 or PRI NIM Cards Some overseas electrical systems require that you use a balun and grounding shunt when utilizing  an E1 or PRI NIM card on the XSR. A balun is an adapter employed to connect a 75‐ohm coaxial  cable pair (2 BNC connectors) to a 120‐ohm twisted pair cable (RJ‐48C connector). The balun and its connectors are illustrated in Figure A-15. The grounding shunt is also required  to ground unused pins of the RJ‐48C connector. To install the balun, attach the 75‐ohm coaxial cables to the BNC connectors and a 120‐ohm E1/PRI  cable to the RJ‐48C port (see below for details). Figure A-14 Balun for E1 ISDN PRI Connection J12 Transmit BNC male connector 75-ohm connection to your network J2 Receive BNC male connector 75-ohm connection to your network...

  • Page 95: Installing Shunt/Terminal Strip

    Cable, CompactFlash and Accessory Specifications Installing Shunt/Terminal Strip To install the shunt or terminal strip, attach two dual‐pin units vertically to each four‐pin jumper  (P2, P3, P4, or P5) corresponding to the RJ‐48C port using a balun, as shown in Figure A‐16. Any  other RJ‐48C5 ports on the NIM card connected to 120‐ohm lines do not require shunts. Figure A-16 Installing a Grounding Shunt on the E1 NIM Card XSR Getting Started Guide A-13...

  • Page 96: T3/E3 Nim Card

    Cable, CompactFlash and Accessory Specifications T3/E3 NIM Card The T3/E3 full and sub‐rate NIM, as shown in Figure A‐17, is equipped with 1 Ethernet (WAN)  port that supports fractional T3/E3 transmission in un‐channelized or clear channel mode with  BNC connectors. User data are encapsulated in HDLC packets before being sent to the line. Figure A-17 1-Port T3/E3 NIM Card ALARM LOS ENABLE LOF Cables required for this NIM must be 75‐ohm, DS3 Type 734 or 735 coaxial. DS3 cables support a  length up to 450 in length. E3 cabling supports a cable length up to 900 feet. Un‐channelized mode consists of the entire T3/E3 payload in one data path, but with T3/E3 framing  bits still in place. Only one HDLC channel is used. Throughput of the un‐channelized link can be  limited by using only a portion of the entire payload. Various sub‐rates are available to provide  compatibility with major DSU equipment suppliers. Scrambling may also be enabled as required  for DSU compatibility. Larscom zero suppression is supported. Clear channel mode presents the board merely as the line driver for a link carrying HDLC packets  where even framing bits are used for data transfer. The T3/E3 framer operates in bypass mode and  renders the NIM a line driver. Both sides of the link must have the same setting to operate  correctly in this mode. For more details on software configuration, refer to the XSR User’s Guide. Regulatory/Safety Compliance The T3/E3 NIM complies with the following regulatory requirements. E3: FCC Class B, ITU‐T G.703, G.704, G823 and TBR24 for world wide approval, National  Standards testing as required, and BABT Compliance United Kingdom directive 607114. T3: FCC Class B, GR‐499‐CORE is the Bellcore test procedure that can be used for design  validation, JATE Green Book for Japan.

  • Page 97: 1/2-Port Isdn Bri-S/T Nim Card Ports

    Cable, CompactFlash and Accessory Specifications 1/2-Port ISDN BRI-S/T NIM Card Ports The XSR offers a serial NIM card for 1 or 2 WAN interfaces over an ISDN BRI‐ S/T line, as shown  in Figure A‐18. The Port 0 and 1 LEDs shine when the lines are active and ready to receive traffic.  See Figure A‐19 for pinout assignments. Figure A-18 ISDN BRI-S/T NIM Card (RJ-45 ports shown) Port 0 Activation LED Port 1 Activation LED Figure A-19 ISDN BRI-S/T NIM Pinouts Pin Signal BRI-S/T Unused Pin 1...

  • Page 98: Termination Shunt For The Isdn Bri-S/T Nim Card

    Cable, CompactFlash and Accessory Specifications Termination Shunt for the ISDN BRI-S/T NIM Card ISDN BRI‐S/T terminal equipment devices may be connected at random points of the cable in  point‐to‐point or point‐to‐multipoint configurations. Line termination resistors must be provided  at both ends of the transmit/receive lines only. The XSR’s BRI NIM card provides an option to terminate receive as well as transmit lines using  100 Ohm resistors. Shunts are required to shorten the appropriate contacts of the terminal headers  (P1, P2). Refer to “Installing Shunt/Terminal Strip” on page ‐16 for directions. Figure A‐20 shows per port respective termination header locations and the orientation of the  receive and transmit pairs. Caution: The cable connecting the BRI NIM to the balun requires two additional wires to extend the chassis ground to the balun. Cables of this type are often provided by your supplier who can customize them for your needs.

  • Page 99: 1/2-Port Isdn Bri-U Nim Card Ports

    Cable, CompactFlash and Accessory Specifications 1/2-Port ISDN BRI-U NIM Card Ports The XSR offers a serial NIM card for 1 or 2 WAN interfaces over an ISDN Basic Rate Interface  (BRI)‐U line, as shown in Figure A‐21. Port 0 and 1 LEDs shine when the lines are active and ready  to receive traffic. Figure A-21 ISDN BRI-U NIM Card (RJ-49C ports shown) Port 0 Activation LED Port 1 Activation LED Refer to Figure A‐22 for pinout assignments. Figure A-22 ISDN BRI-U NIM Pinouts. Pin Signal BRI-U Unused...

  • Page 100: 1-Port Adsl Nim Card Port

    Cable, CompactFlash and Accessory Specifications 1-Port ADSL NIM Card Port The XSR’s Asymmetric Digital Subscriber Line (ADSL) NIM card, as shown in Figure A‐23,  provides 1 WAN port on an ADSL over POTS (Annex A/C) or ISDN (Annex B) line with a 6‐pin  RJ‐11 connector. The ADSL NIM supports both G.dmt and G.lite standards. ADSL NIMs are  shipped with a CompactFlash card containing DSP firmware. This driver software copies the  Flash file into host memory where it provides on‐demand use by the DSP. Figure A-23 ADSL NIM Card LED 2 LED 1 Note: The XSR supports only one ADSL card type at a time, so multiply-installed card types must be similar.

  • Page 101: T1/E1 Drop & Insert (D&I) Nim

    Cable, CompactFlash and Accessory Specifications T1/E1 Drop & Insert (D&I) NIM The XSR’s 2‐port T1/E1 D&I NIM card, as shown in Figure A‐25, is designed as an intermediary  between the Central Office T1/E1 line and a PBX. It de‐couples Channel Associated Signaling  (CAS) and Voice DS0 timeslots and redirects them to a PBX, and conversely, reintegrates Voice  DS0 timeslots from the PBX with the T1/E1 data stream. The ports are functionally equivalent. Figure A-25 T1/E1 D&I NIM Card The T1/E1 D&I NIM provides long‐ and short‐haul capabilities and Drop and Insert functionality  via a fully configurable Time Division Multiplexed (TDM) switch. It can be configured for data  only, or voice/data applications. In Data‐Only mode, both ports pass data, whereas in Voice/Data  mode, one port passes a voice/data stream, while the other passes only voice. The T1/E1 D&I NIM maintains high reliability of voice traffic by using a bypass relay to ensure  continued service even if a power failure occurs or the NIM enters an abnormal state. In such an  event, the two ports are connected, bypassing the NIM, thus allowing uninterrupted bidirectional  voice transmission. To ensure service, remember to configure voice timeslots on both sides of the  connection in the same manner. That is, if timeslots 3‐5 are configured for voice on the NIM, the  same DS0s should be configured for voice at the Central Office. Refer to the XSR User’s Guide for  instructions. Refer to Figure A‐26 for pinout assignments. Figure A-26 T1/E1 D&I NIM Pinouts Pin Signal Unused T1/E1 D&I...

  • Page 102: Compactflash Memory Card

    Cable, CompactFlash and Accessory Specifications CompactFlash Memory Card The optional plug‐in CompactFlash (CF) memory card, shown in Figure A‐27, comprises a single  chip controller and flash memory modules in a matchbook‐sized package with a 50‐pin, PCMCIA  connector consisting of two rows of 25 female contacts each. The PCMCIA male interface supports both Type I and Type II CF cards. Note that the CF release  mechanism pops out when you install the card. For installation instructions, refer to the Hardware  Installation chapter. Figure A-27 CompactFlash Memory Card Pin 1 Pin 50 LED Behavior The ten LEDs located on the XSR front panel display system and port status as described in the  Table A‐3 and illustrated in Figure A‐28. Figure A-28 XSR LEDs 10/100BT 10/100BT ACT POWER ETHERNET ETHERNET CONSOLE NIM1 NIM2 PORT 1...
  • Page 103 Cable, CompactFlash and Accessory Specifications Table A-3 LED Description (continued) State Function BRI NIM Port 0,1 Switch ISDN BRI-S/T link is activated and ready for traffic. This LED is connected located on the NIM card. ADSL NIM 1 Blinking Line is in training mode (syncing with DSLAM) ADSL NIM 1 ON/OFF Training mode complete, line is operational/down...
  • Page 104 Cable, CompactFlash and Accessory Specifications A-22...

  • Page 105: Index

    Ethernet (WAN) A-14 environmental specifications port Pinouts Ethernet how to configure the XSR-1805 449 pinouts cabling name and user data BRI-U assignments A-17, A-19 port description how to enable Web access 3-19...
  • Page 106 software configuration overview software features system memory verifying your shipment X.21 pinouts how to set WAN ports Index-2...

Table of Contents