manualshive.com logo in svg

Nortel BSG12aw 1.0, Configuration Manual

The Nortel BSG12aw 1.0 Configuration Manual is a comprehensive guide, providing step-by-step instructions to set up and optimize your device. This user-friendly manual is available for free download at 88.208.23.73:8080, ensuring convenient access to the detailed information you need to make the most of your Nortel BSG12aw 1.0.

Share
Download
background image

VPN configuration

69

Configuration Guide

Enabling VPN (branch office)

Complete this procedure to enable VPN.

Procedure steps

Step

Action

1

From the BSG navigation pane, select 

Configuration, VPN, VPN Settings, 

VPN Policy 

tab. 

The VPN Policy pane appears.

2

From

 

the

 VPN Status 

list

select Enabled.

3

Click 

Apply

.

End

Authentication

Select the preferred authentication method.

Select None to indicates no authentication method is required.

Select HMAC-MAC5, the message authentication code is calculated using 
the MD5 cryptographic hash function. This cryptographic hash function 
has some additional security properties with a 128-bit hash value, which is 
commonly used to check the integrity of files. 

Select HMAC-SHA1, the message authentication code is calculated using 
the SHA1 algorithm. This cryptographic hash function computes a 
condensed digital representation to a high degree of probability.

IPSec Mode

Select the IPSec mode.

Select Tunnel, IPSec encrypts the IP header and the Payload.

Select Transport, IPSec encrypts only the Payload.

Preferred Forward Secrecy

Select the Preferred Forward Secrecy (PFS). Select one of the following 

options:

Select None – IKE does not use any PFS.

PFS Group 1 – IKE uses a 768-bit Diffie-Hellman Prime modules 
group for performing the new Diffie-Hellman exchange.

PFS Group 2 – IKE uses a 1024-bit Diffie-Hellman Prime modules 
group for performing the new Diffie-Hellman exchange.

PFS Group 5 – IKE uses a 1536-bit Diffie-Hellman Prime modules 
group for performing the new Diffie-Hellman exchange.

Life Time

Select the lifetime unit. It can be seconds, minutes, or hours.

The default value is seconds.

Life Time Value

Type the lifetime value.

The default value is 800 seconds.

Anti Replay

Displays the anti replay status. 

Options:

ENABLE - activates the anti-replay functionality of the security 
protocol.

DISABLE - deactivates the anti-replay functionality of the security 
protocol.

The default value is ENABLE.

Variable

Value

Summary of Contents for BSG12aw 1.0

Page 1: ...BSG8ew and BSG12ew aw tw 1 0 Business Services Gateway Document Status Standard Document Number NN47928 500 Document Version 02 02 Date October 2008 Configuration Guide ...

Page 2: ...resented without express or implied warranty Users must take full responsibility for their applications of any products specified in this document The information in this document is proprietary to Nortel Networks Trademarks Nortel the Nortel logo and the Globemark are trademarks of Nortel Networks Microsoft MS MS DOS Windows and Windows NT are trademarks of Microsoft Corporation All other tradema...

Page 3: ...ervice 12 Virtual private network 12 Session initiation protocol 12 Port management 12 Introduction 13 WAN configuration 15 WAN configuration navigation 15 Ethernet 15 Ethernet WAN configuration 15 Prerequisites for WAN configuration 15 Ethernet WAN configuration procedures 15 PPPoE WAN configuration 19 Prerequisites for WAN configuration 19 PPPoE WAN configuration procedures 19 DSL 23 Prerequisit...

Page 4: ...dvanced configuration 83 WAN advanced configuration navigation 83 Ethernet 83 Ethernet WAN configuration parameters 83 PPPoE WAN configuration parameters 84 Rate limit configuration parameters Ethernet 84 Renewing or releasing the WAN lease 85 DSL 87 DSL Basic Configuration 87 PPP Configuration 88 Rate limit configuration parameters DSL 89 T1 E1 89 T1 E1 Configuration 90 Alarms Status 92 T1 E1 Cha...

Page 5: ...l group configuration parameters 114 VLAN port protocol configuration parameters 115 VLAN database display parameters 116 VLAN STP configuration 117 STP basic settings configuration parameters 117 MSTP configuration 118 Prerequisites to MSTP configuration 118 MSTP configuration navigation 118 MSTP basic settings configuration parameters 118 CIST configuration parameters 119 MSTP VLAN mapping confi...

Page 6: ...nfiguration parameters 140 RRD OSPF settings configuration parameters 141 VRRP configuration 142 VRRP configuration navigation 142 VRRP basic settings configuration parameters 142 VRRP settings configuration parameters 142 DHCP advanced configuration 145 DHCP server configuration 146 DHCP server configuration navigation 146 DHCP basic settings configuration parameters 146 DHCP global options confi...

Page 7: ...hared secret configuration parameters 168 Users configuration 171 Users configuration navigation 171 User database configuration parameters 171 IP address pool configuration parameters 172 VPN client termination configuration parameters 172 175 SIP advanced configuration 177 SIP server management configuration parameters 178 SIP system configuration 179 SIP system configuration navigation 179 Cent...

Page 8: ...on navigation 191 Global information configuration parameters 191 Codec information configuration parameters 192 FXS information configuration parameters 193 FXO information configuration parameters 195 Rebooting VoIP 195 NAT ALG display parameters 196 Port management advanced configuration 197 Ethernet ports configuration 197 Ethernet ports configuration navigation 197 Basic port settings configu...

Page 9: ...on of new software and documentation for Nortel equipment open and manage technical support cases Getting Help over the phone from a Nortel Solutions Center If you don t find the information you require on the Nortel Technical Support Web site and have a Nortel support contract you can also get help over the phone from a Nortel Solutions Center In North America call 1 800 4NORTEL 1 800 466 7835 Ou...

Page 10: ...47928 500 Getting Help through a Nortel distributor or reseller If you purchased a service contract for your Nortel product from a distributor or authorized reseller contact the technical support staff for that distributor or reseller ...

Page 11: ...e Protocol STP For more information see VLAN configuration page 37 and VLAN advanced configuration page 111 Wireless network Wireless network WLAN configuration includes configuring the access point radio MAC filtering security and wireless multi media For more information see Wireless network configuration page 43 and LAN advanced configuration page 97 IP routing IP routing configuration includes...

Page 12: ...iguration includes configuring VPN IP security IPsec traffic selector table IPsec Security Authentication SA table and Internet Key Exchange IKE pre shared secret For more information see VPN configuration page 55 and VPN advanced configuration page 165 Session initiation protocol Session Initiation Protocol SIP configuration includes configuring the SIP server SIP system SIP protocol routing rule...

Page 13: ... VPN configuration page 55 QoS configuration page 71 Advanced configuration page 81 WAN advanced configuration page 83 LAN advanced configuration page 97 VLAN advanced configuration page 111 IP routing advanced configuration page 127 DHCP advanced configuration page 145 Multicast advanced configuration page 153 QoS advanced configuration page 159 VPN advanced configuration page 165 SIP advanced co...

Page 14: ...14 Introduction NN47928 500 NN47928 500 ...

Page 15: ...rnet The following sections describe WAN Ethernet configuration Ethernet WAN configuration on page 15 PPPoE WAN configuration on page 19 Ethernet WAN configuration This section describes Ethernet WAN configuration Ethernet appears under WAN configuration if you are connected to a BSG8ew or BSG12ew Prerequisites for WAN configuration You must have SYSTEM READ WRITE permission Ethernet WAN configura...

Page 16: ...address assignment Procedure steps Step Action 1 From the BSG navigation pane select Configuration WAN Ethernet The WAN Configuration pane appears 2 From the Interface list select the required interface 3 From the Encapsulation Mode list select Ethernet 4 From the MAC Cloning list select Enable 5 In the MAC Address field type the MAC Address 6 For IP Address Assignment select Dynamic 7 Click Apply...

Page 17: ...dress field type the Gateway IP Address 7 In the Primary DNS field type the Primary Domain Name System DNS IP address 8 In the Secondary DNS field type the Secondary DNS IP address 9 Click Apply End Variable Value Interface Select an Interface to be configured Encapsulation Mode Set the encapsulation mode to Ethernet The WAN interface operates as a normal Ethernet interface MAC Cloning Select the ...

Page 18: ...ation WAN Rate Limit The Rate Limit Configuration pane appears 2 From the Rate Limit Status list select Enabled 3 In the Uplink Rate Limit field type the uplink rate limit provided by your ISP 4 Click Apply End Variable Value Interface Select an Interface to be configured Encapsulation Mode Set the encapsulation mode to Ethernet The WAN interface operates as a normal Ethernet interface WAN IP Addr...

Page 19: ...tes for WAN configuration You must have SYSTEM READ WRITE permission PPPoE WAN configuration procedures The following task flow shows the sequence of procedures to perform to configure the PPPoE WAN Variable Value Rate Limit Status Select the rate limit status Enabled enables uplink rate limiting feature Disabled disables uplink rate limiting feature The default value is Disabled Uplink Rate Limit...

Page 20: ... Configuration WAN Ethernet The WAN Configuration pane appears 2 From the Interface list select the required interface 3 From the Encapsulation Mode list select PPPoE 4 In the ISP Name field type the Internet Service Provider name 5 In the User Name field type the PPPoE user name supplied by your ISP 6 In the Password field type the PPPoE password supplied by your ISP 7 In the Host Name field type...

Page 21: ... Rate Limit Status list select Enabled 3 In the Uplink Rate Limit field type the uplink rate limit provided by your ISP 4 Click Apply End Variable definitions The following table describes the variables and values to configure the uplink rate limit Variable Value Interface Select an Interface to be configured Encapsulation Mode Set the encapsulation mode PPPoE The WAN interface operates as a Point...

Page 22: ...22 WAN configuration NN47928 500 NN47928 500 ...

Page 23: ...SL modem statistics Prerequisites for DSL configuration You must have access read write permission to configure DSL DSL configuration procedures The following task flow shows the sequence of procedures to perform to configure DSL Figure 3 DSL configuration procedures Configuring DSL Complete this procedure to configure DSL Procedure steps Step Action 1 From the BSG navigation pane select Configura...

Page 24: ...he BSG navigation pane select Configuration WAN Rate Limit The Rate Limit Configuration pane appears 2 From the Rate Limit Status list select Enabled 3 In the Uplink Rate Limit field type the uplink rate limit provided by your ISP 4 Click Apply Variable Value VPI VCI The Virtual Path Identifier Virtual Channel Identifier VPI VCI used by the DSL modem to make a connection The range is 0 to 255 The ...

Page 25: ... the uplink rate limit Variable Value Rate Limit Status Select the rate limit status Enabled enables uplink rate limiting feature Disabled disables uplink rate limiting feature The default value is Disabled Uplink Rate Limit Specifies the maximum uplink rate limit over the WAN interface in bps The range is 100 000 to 100 000 000 bps ...

Page 26: ...lity T1 transmits DS 1 formatted data at 1 544 MB s and E1 transmits E1 formatted data at 2 048 MB s through the telephone e switching network Prerequisites for T1 E1 configuration You must have access read write permission to configure T1 E1 T1 E1 configuration procedures The following task flow shows the sequence of procedures to perform to configure T1 E1 ...

Page 27: ...ration procedures Configuring the T1 interface If your BSG is located in North America configure the T1 interface This procedure guides you through setting up one T1 interface Procedure steps Step Action 1 From the BSG navigation pane select Configuration WAN T1 E1 ...

Page 28: ...ld be provided by your service provider 5 From the LineBuildOut list select 0 7 5 15 or 22 5 You can configure LineBuildOut if Line Mode is CSU You should contact your service provider for proper settings for the type of framing line coding line mode line build out line length clock source 6 From the Line Length list select the line length You can configure line length when Line Mode is DSU This s...

Page 29: ...ts of data Unframed the non signaling or unframed framing format is a simplified version of the T1 super frame The default value is ESF Line Mode The Line Mode Options Channel Service Unit CSU select if cable length is equal to or more than 655 feet Data Service Unit DSU select if cable length is less than 655 feet The default value is CSU LineBuildOut The level of attentuation in decibels require...

Page 30: ...uration pane appears 6 Select interface 1 7 From the Framing list select E1 or E1CRC The framing you set here must agree with the framing used by the peer 8 From the Line Mode list select CSU or DSU Line Length The Line Length value Line Length refers to the length of the cable in feet that connects the devices on each end of a T1 line Options 0 133 134 266 267 399 400 533 534 655 The default valu...

Page 31: ...ur service provider 11 Click Apply End Variable definitions This table describes the variables used to configure the T1 E1 interface Variable Value Interface The T1 E1 controller Interface Type The interface type for the given interface Options T1 E1 The default value is T1 If you change the interface type you must reboot the system before configuring the remaining parameters Framing The Framing T...

Page 32: ...annel number or the range of channel numbers This channel numbers are provided by your service provider 4 Click Add End Line Length The Line Length value Line Length refers to the length of the cable in feet that connects the devices on each end of an E1 line Options 0 133 134 266 267 399 400 533 534 655 The default value is 0 133 You can configure the line length only when the Line Mode is DSU Tr...

Page 33: ...ation is required 5 In the User Name field type the user name If you selected Client type the BSG user name If you selected Server type the peer user name 6 In the Password field type the password If you selected Client type the BSG password If you selected Server type the peer password 7 From the Link Type list select Public 8 Click Apply Variable Value Channel Group This identifies an instance o...

Page 34: ...ntication is required Options Server authenticates the peer at the time of negotiation Client authenticated by the peer router at the time of negotiation User Name The User Name required for the Server or Client that requires authentication This field is available only if authentication is required Password The password for the specified user This field is available only if authentication is requi...

Page 35: ...ss Assignment is Manual 7 In the Primary DNS field type the primary DNS server IP address Set this field if IP Address Assignment is Manual 8 In the Secondary DNS field type the secondary DNS server IP address Set this field if IP Address Assignment is Manual Field Name Description PPP Interface Read only field Specifies the name of the PPP interface and the serial interface over which it is layer...

Page 36: ...k interface for which the IP address is configured IP Address Assignment The IP address assignment mode Options Dynamic obtains the IP address dynamically from the peer Manual configuration is not required Manual configure the IP address manually Manually configure the IP Address Subnet Mask and Peer IP Address fields IP Address The IP address of the PPP Multilink interface if IP Address Assignmen...

Page 37: ...N1 is the default VLAN The BSG provides VLAN1 as a fully functioning VLAN using all eight ports Prerequisites to VLAN configuration You must have SYSTEM READ WRITE L2 READ WRITE and L3 READ WRITE permission to access the information on the VLAN configuration panels VLAN configuration procedures The following task flow shows the sequence of procedures to perform to configure a VLAN ...

Page 38: ...e 38 Configuring the virtual interface page 39 Configuring DHCP pool settings page 40 Creating a new VLAN Complete this procedure to create a new VLAN Procedure steps Step Action 1 From the BSG navigation pane select Configuration VLAN Setup Static VLAN tab The Static VLAN Configuration pane appears 2 In the VLAN ID field type the VLAN ID ...

Page 39: ...e to configure the virtual interface You must configure a virtual interface if hosts on the new VLAN need to communicate with other hosts on other VLANs or on the WAN Procedure steps Step Action 1 From the BSG navigation pane select Configuration LAN Virtual Interfaces The IP Address Configuration pane appears Variable Value VLAN ID Type a unique VLAN ID that you want to configure as a static VLAN...

Page 40: ...the DHCP Pool Id field type the pool ID 3 In the DHCP Pool Name field type the name of the pool 4 In the Subnet Pool field type the subnet pool IP address Use the same value you entered for Subnet Mask when you configured the virtual interface 5 In the Network Mask field type the network mask IP address Variable Value VLAN ID Type the VLAN identifier IP Address Assignment Select the IP address ass...

Page 41: ...he Value field type the default router for the client subnet 16 Click Add 17 From the Option list select Domain Name Server IP Format 18 In the Value field type the domain name server used for IP address resolution 19 Click Add End Variable definitions The following table describes the variables and values to configure DHCP settings Variable Value DHCP Pool Id Type the pool ID for the DHCP pool DH...

Page 42: ...ime server option is 4 and its length is 4 octets The length must always be a multiple of 4 Name server IP format a list of name servers available to the client The code for this option is 4 The length must always be a multiple of 4 Domain Name Server IP format the Domain Name Server IP address is configured and is sent as an option in DHCP offers Domain Name String this domain name is used by the...

Page 43: ...wireless network You must configure the radio port as a member port of the VLAN used for the wireless network Wireless network configuration procedures The following task flow shows the sequence of procedures to perform to configure a wireless network Figure 6 Wireless network configuration procedures Configuring a wireless network Complete this procedure to configure a wireless network Procedure ...

Page 44: ...pre shared key value This field is available only if Authentication Type is set to WPA PSK WPA2 PSK or WPA WPA2 PSK Mixed 7 From the Cipher Suite list select the cipher used for data encryption This field is available only if Authentication Type is set to WPA WPA2 WPA WPA2 Mixed WPA PSK WPA2 PSK or WPA WPA2 PSK Mixed 8 In the PMK SA Lifetime field type the maximum lifetime of a PMK in the PMK cach...

Page 45: ...ation RSNA pre authentication on this entity Stations authenticate to different APs if present but associate to a single AP Select Disabled to disable the RSNA pre authentication Stations authenticate to a single AP This field is available only if Authentication Type is set to WPA WPA2 or WPA WPA2 Mixed Pre Shared Key Type Specifies the preshared key type either Hex or ASCII If you select Hex you ...

Page 46: ...d range is 1 to 4294967295 The default value is 43200 Access Point The Access Point represents the status of radio in the BSG Select Enabled to activate the radio Select Disabled to deactivate the radio You must select a country code before you enable the access point Country Code Select the required country code A country code is required to set up the proper regulatory restrictions for channel a...

Page 47: ...bled See Central SIP server configuration parameters page 179 SIP configuration procedures The following task flow shows the sequence of procedures to perform to configure SIP Note You should configure the emergency number for example 911 before you use the SIP server This ensures that an emergency call originating on your system reaches its destination if the SIP server becomes unavailable To con...

Page 48: ...s SIP configuration navigation Configuring SIP system settings page 48 Configuring CAC page 50 Configuring FXS FXO global information page 50 Variable definitions page 51 Configuring FXO page 52 Configuring SIP system settings Complete this procedure to configure SIP system settings ...

Page 49: ...ystem settings Variable Value Managed Domain Name Type the domain name of the SIP server You can also type the IP address of the SIP server in this field The default name is mydomain com Central SIP Server Address Type the IP address of the central SIP server This field is mandatory Transport Select the required transport protocol for SIP Select one of the following options User Datagram Protocol ...

Page 50: ... Complete this procedure to configure FXS FXO global information Note If the maximum number of simultaneous SIP calls across the WAN is reached the next SIP call attempt fails and the caller hears fast busy tone Variable Value Select Select a row WAN Link Select the required WAN link Maximum Calls Allowed The maximum simultaneous calls allowed on each WAN link The range is 1 to 50 for BSG8ew The r...

Page 51: ...avigation pane select Configuration SIP FXO FXS FXS tab The Foreign Exchange Subscriber FXS Configuration pane appears 2 From the FXS Channel list select Line 1 3 Select the Channel Enable check box to enable the channel 4 In the Channel Number field type the channel number 5 In the Password field type the password to access the FXS channel 6 Click Apply 7 From the FXS Channel list select Line 2 8...

Page 52: ...he maximum number of rings within which the FXO must get the answer from the remote number 8 In the Emergency Number field type the emergency number 9 In the On Hook Detection Time field type the on hook detection time 10 Click Apply Variable Value FXS Channel Select the required FXS channel Select one of the following options Line1 Line2 Channel Enable Select this check box to enable the administ...

Page 53: ...ord Type the password to access the FXO Channel Forward Number Type the forward number This number is used when an incoming call on the FXO channel requires forwarding Emergency Number Type the emergency number of the contact Ring Count Type the ring count This is the maximum number of rings within which FXO must get an answer from the remote number The minimum value is 1 and maximum value is 6 Th...

Page 54: ...54 SIP configuration NN47928 500 NN47928 500 ...

Page 55: ...t have VPN READ WRITE permission VPN configuration navigation Client tunnel configuration procedures page 55 Branch office tunnel configuration procedures page 64 Client tunnel configuration procedures The following task flow shows the sequence of procedures to perform to configure a client tunnel Note If you are connecting two BSG units at either end of the VPN tunnel ensure that the IP addresses...

Page 56: ...tion navigation Configuring remote identity client page 56 Configuring users page 57 Configuring the address pool page 58 Configuring client termination page 59 Enabling VPN client page 63 Configuring remote identity client Complete the following procedure to configure the remote identity Procedure steps Step Action ...

Page 57: ...ote user Procedure steps Step Action 1 From the BSG navigation pane select Configuration VPN Users The Database for VPN Remote Users pane appears 2 In the User Name field type the user name 3 In the Password field type the password 4 Click Apply End Variable Value Remote Identity Type The user identity type that uniquely identifies the peer Select one of the following IPV4 specifies the IP address...

Page 58: ... IP address for the address pool 4 In the End IP Address field enter the ending IP address for the address pool 5 Click Apply End Variable definitions The following table describes the variables and values for configuring the VPN address pool Variable Value User Name Type the user name The range is 1 to 31 characters Password Type the password for the user The range is 1 to 31 characters Note The ...

Page 59: ... 12 From the Peer Identity Type list select IPV4 FQDN EMAIL or KEYID for the peer identity type 13 From the Peer Identity Value field select the peer identity value The list contains the Remote Identity values entered on the VPN Global Settings screen 14 From the Local Identity Type list select IPV4 FQDN EMAIL or KEYID for the local identity type 15 In the Local Identity Value field enter the loca...

Page 60: ...apply the policy Policy Status Select the status of the IPsec policy Select INACTIVE to disable the policy on the specified interface Select ACTIVE to enable the policy on the specified interface The default is INACTIVE Policy Type Select the policy type Select one of the following IKE XAUTH IKE Pre Shared IKE Phase 1 Proposal table IPSec Encryption Select the IPSec Encryption Select one of the fo...

Page 61: ... modules group for performing the new Diffie Hellman exchange Select Group 2 for a compromise between network speed and network security Life Time Select the life time unit Select one of seconds minutes or hours Life Time Value Type the life time value The range is 5 minutes to 8 hours Peer Identity Type Value Select the identity type to access the remote network Select one of the following IPV4 I...

Page 62: ...ed block size of 128 bits and a key size of 128 192 or 256 bits Due to the fixed block size of 128 bits AES operates on a 4x4 array of bytes Select DES if you require network speed Select AES256 if you require strong network security Authentication Select the preferred authentication method Select one of the following None indicates that no authentication method is required HMAC MAC5 the message a...

Page 63: ...appears 2 From the VPN Status list select Enabled 3 Click Apply End Variable definitions The following table describes the variables and values for viewing the existing VPN policies Life Time Select the life time unit Select one of seconds minutes or hours Life Time Value Type the life time value The range is 5 minutes to 8 hours Variable Value VPN Status Select the VPN status VPN status can be En...

Page 64: ...e identity branch office page 64 Configuring IKE page 65 Enabling VPN branch office page 69 Configuring remote identity branch office Complete the following procedure to configure the remote identity Procedure steps Step Action 1 From the BSG navigation pane select Configuration VPN VPN Settings The VPN Global Settings pane appears 2 From the Remote Identity Type list select IPV4 FQDN EMAIL or KEY...

Page 65: ...e policy name 4 From the Interface Name list select Fa0 9 5 From the Policy Status list select ACTIVE 6 In the IPSec Gateway IP Address field enter the IP address if you configured the Remote Identity as IPV4 This is the same IP address you entered in Remote Identity Value on the VPN Global Settings screen Variable Value Remote Identity Type The user identity type that uniquely identifies the peer...

Page 66: ...peer identity type 19 From the Peer Identity Value list select the peer identity value The list contains the Remote Identity values entered on the VPN Global Settings screen 20 From the Local Identity Type list select IPV4 for the local identity type 21 In the Local Identity Value field enter the local identity value 22 In the IPSec Phase 2 Proposal box from the Protocol list select ESP or AH 23 F...

Page 67: ... Encryption Select the IPSec Encryption Select one of the following options Data Encryption Standard DES is a standard for encrypting data that uses a 64 bit key to encrypt data but only 56 bits are usable This standard is considered inadequate for data protection as this standard do not match the speed of computer Triple Data Encryption Standard 3DES processes each block of data using a different...

Page 68: ...the Remote Identity values entered on VPN Global Settings Local Identity Type Value Select the identity type to access the local network Select one of the following IPV4 IP address FQDN Fully Qualified Domain Name EMAIL email address of the user KEYID uniquely identifies the peer Type the associated value IP Sec Phase 2 Proposal table Protocol Select the authentication protocol Select ESP IPSec en...

Page 69: ...h degree of probability IPSec Mode Select the IPSec mode Select Tunnel IPSec encrypts the IP header and the Payload Select Transport IPSec encrypts only the Payload Preferred Forward Secrecy Select the Preferred Forward Secrecy PFS Select one of the following options Select None IKE does not use any PFS PFS Group 1 IKE uses a 768 bit Diffie Hellman Prime modules group for performing the new Diffie...

Page 70: ...NN47928 500 NN47928 500 Variable definitions The following table describes the variables and values for viewing the existing VPN policies Variable Value VPN Status Select the VPN status VPN status can be Enabled or Disabled ...

Page 71: ...vel of performance Prerequisites for QoS configuration You must have SYSTEM READ WRITE permission to configure QoS QoS Status must be enabled it is enabled by default You must know the uplink rate limit This is provided by your ISP The total bandwidth you assign to all flows must be less than or equal to the uplink rate You must calculate how much bandwidth to give to the various flows for example...

Page 72: ...gation Configuring the uplink rate limit page 72 Configuring a policy map page 73 Configuring a class map page 74 Configuring QoS marking page 75 Configuring port based QoS page 76 Configuring queue settings page 77 Configuring the uplink rate limit Complete this procedure to configure the uplink rate limit ...

Page 73: ...tted Information Rate CIR and their associated burst sizes CBS and PBS TRTCM marks the packet red if it exceeds PIR yellow if it exceeds CIR and green if it does not exceed CIR Procedure steps Step Action 1 From the BSG navigation pane select Configuration QoS Policy Map tab The QOS Policymap Settings pane appears 2 In the Police ID field type the police ID 3 In the PIR bytes per second field type...

Page 74: ...rom the Policy Map ID list select a policy map ID 4 In the Source IP Address field type the IP address 5 In the Source Subnet Mask field type the subnet mask IP address 6 In the Destination IP Address field type the destination IP address 7 In the Destination Subnet Mask field type the destination subnet mask IP address 8 From the Protocol list select Any TCP or UDP 9 In the Source Port field type...

Page 75: ... Policy Map identifier The value ranges from 1 to 2147483647 Source IP Address Type the source IP address that uniquely defines a packet flow Source Subnet Mask Type the subnet mask for the source IP address Destination IP Address Type the destination IP address that uniquely defines a packet flow Destination Subnet Mask Type the destination subnet mask address for the destination IP address Proto...

Page 76: ...t priority settings This mapping can be done only from LAN ports The WAN port has a default 802 1p priority to queue mapping that you cannot change The default mapping for the WAN port is queue number 7 802 1p priority Procedure steps Step Action 1 From the BSG navigation pane select Configuration QoS Port based QOS tab The Traffic Class Mapping pane appears 2 In the Select field select a port to ...

Page 77: ... name Priority0 Select the Traffic Class value for priority 0 The values ranges from 0 to7 Priority1 Select the Traffic Class value for priority 1 The values ranges from 0 to7 Priority2 Select the Traffic Class value for priority 2 The values ranges from 0 to7 Priority3 Select the Traffic Class value for priority 3 The values ranges from 0 to7 Priority4 Select the Traffic Class value for priority ...

Page 78: ... the queue weight 9 Click Apply End Variable definitions The following table describes the variables and values for configuring QoS queue settings Variable Value Port No The port number for which the queue settings apply Select Select the queue you want to configure Queue Displays the queue number Green Threshold Min Type the minimum Green Threshold value Green packets start to drop at the configu...

Page 79: ...not be changed queue 1 0 cannot be changed queue 2 0 cannot be changed queue 3 512 cannot be set to 0 queue 4 256 cannot be set to 0 queue 5 128 cannot be set to 0 queue 6 64 cannot be set to 0 queue 7 32 cannot be set to 0 Queueing Strategy Displays the queueing strategy Queues 0 to 2 are strict priority Queues 3 to 7 are weighted round robin Variable Value ...

Page 80: ...80 QoS configuration NN47928 500 NN47928 500 ...

Page 81: ...ation WAN advanced configuration page 83 LAN advanced configuration page 97 VLAN advanced configuration page 111 IP routing advanced configuration page 127 DHCP advanced configuration page 145 Multicast advanced configuration page 153 QoS advanced configuration page 159 VPN advanced configuration page 165 SIP advanced configuration page 177 Port management advanced configuration page 197 ...

Page 82: ...82 Advanced configuration NN47928 500 NN47928 500 ...

Page 83: ...g sections provide information for configuring the Ethernet WAN Ethernet page 83 PPPoE WAN configuration parameters page 84 Rate limit configuration parameters Ethernet page 84 Renewing or releasing the WAN lease page 85 Ethernet WAN configuration parameters The following table describes the parameters for Ethernet WAN configuration located at Configuration WAN Ethernet Variable definitions The fo...

Page 84: ...le MAC cloning only if the Encapsulation Mode is Ethernet The default value is Disabled MAC Address Type the MAC address if the MAC cloning is enabled IP Address Assignment Select the IP Address Assignment status Select Manual or Dynamic for Ethernet interface WAN IP Address Type the WAN IP address if the IP Address Assignment is manual Subnet Mask Type the subnet mask if the IP Address Assignment...

Page 85: ...select the WAN configuration that you want to modify 3 Select the Renew option button if you want to renew the lease term OR Select the Release option button if you want to release the lease 4 Click Apply End Variable definitions The following table describes the variables and values for renewing and releasing the lease Variable Value Rate Limit Status Select the rate limit status Enabled enables ...

Page 86: ...the specified interface This option is enabled only when Dynamic option is selected in the IP Address Assignment field Release Click this option button to release the DHCP lease on the specified interface This option is enabled only when Dynamic option is selected in the IP Address Assignment field Variable Value ...

Page 87: ... can configure DSL parameters To access this page select Configuration WAN DSL Basic Configuration page Variable definitions This table describes the variables that appear on the DSL Basic Configuration page Variable Value DSL Name The DSL Name Options DSL 1 The default value is DSL 1 DSL Connection Type The DSL connection type Options Auto indicates Auto Connection Mode T1413 indicates T1413 conn...

Page 88: ...ntly uses the remaining bandwidth which dynamically changes in time because of VBR service Typical applications are computer communications such as file transfers and e mail UBR service provides no feedback mechanism If the network is congested UBR cells can be lost The default value is UBR Encapsulation The encapsulation type Options ATM Adaptation Layer 5 Sub Network Access Protocol AAL5 SNAP mu...

Page 89: ...igure T1 E1 T1 E1 navigation T1 E1 Configuration page 90 Variable Value PPP Interface The PPP interface for which you need to configure the IP address User Name The username for the specified PPP interface used for authentication Password The password for the specified PPP interface used for authentication WAN IP Address Displays the IP address of the WAN PPP interface Subnet Mask Displays the sub...

Page 90: ...Variable definitions This table describes the variables that appear on the T1 E1 Configuration page Note If you change the interface type you must reboot the system for the change to take effect After you reboot the remaining variables are reset to default values If you want to change the remaining variables change them after you reboot Note If you change the controller from T1 to E1 or vice versa...

Page 91: ...n B8ZS replaces any sequence of eight consecutive zeros with 000VB0VB Alternative Mark Inversion AMI encodes a signal by inverting one of the two consecutive high polarity data bits High Density Bipolar With 3 Zero Substitution HDB3 replaces any sequence of four consecutive zeros with 000V or B00v For T1 the default value is B8ZS For E1 the default value is HDB3 Line Mode The Line Mode Options Cha...

Page 92: ...n feet that connects the devices on each end of a T1 line Options 0 133 134 266 267 399 400 533 534 655 The default value is 0 133 You can configure the line length only when the Line Mode is DSU Transmit ClockSource The clock source Options LocalTiming A local clock source is used or an external clock is attached to the box containing the interface LoopTiming Recovered received clock is used to t...

Page 93: ... Variable definition This table describes the variables that appear on the PPP Configuration page Variable Value Interface The T1 E1 interface on which you create the channel group Options t1e1 1 t1e1 2 Channel Group Index The Channel Group Index The range is 1to 64 Time Slot The time slots The range is 1to 24 for T1 and 2 to 32 for E1 Variable Value Serial Interface The serial Interface on which ...

Page 94: ...ly if authentication is required Password The password for the specified user This field is available only if authentication is required Keep Alive The Keep Alive Time Out value in seconds If no Echo response packet is received within the time out value the connection is lost The default value is 10 Link Type The PPP link type Options Public adds the default route for the PPP interface Private no ...

Page 95: ...ddress if IP Address Assignment is Manual Secondary DNS Server The Secondary DNS server IP address if IP Address Assignment is Manual Peer DNS The Peer DNS IP address if IP Address Assignment is Manual Variable Value Authentication Required The Authentication Required setting for the multilink interface Options Yes authentication is required Enables the Server Client User Name and Password fields ...

Page 96: ...nk Type The multilink type Options Public adds the default route for the multilink interface Private no default route is added for the multilink interface The default value is Private MTU The Maximum Transmission Unit The default value is 1500 Variable Value ...

Page 97: ...rerequisites for virtual interface configuration You must have L3 READ WRITE permission to access virtual interface configuration Virtual interface configuration navigation Virtual interface configuration parameters page 97 Renewing or releasing the LAN lease page 98 Virtual interface configuration parameters The following section describes the parameters for configuration of the virtual interface...

Page 98: ... to modify 3 Select the Renew option button to renew the lease OR Select the Release option button to release the lease 4 Click Apply End Variable Value VLAN ID Type the VLAN identifier IP Address Assignment Select the IP address assignment mode Select Manual to manually assign the IP address Select Dynamic for the System to assign the IP address for the specified VLAN from Dynamic Host Configurat...

Page 99: ...the lease Variable Value Select Select the IP address to modify Renew Enable Renew if you want to renew the DHCP lease for this interface Renew is available only if IP Address Assignment is set to Dynamic Release Enable Release if you want to release the DHCP lease for this interface Release is available only if IP Address Assignment is set to Dynamic ...

Page 100: ...rnet LAN configuration Variable definitions The following table describes the variables and values for configuring the basic LAN settings Variable Description LAN IP Address Mode Select the IP address mode Select Manual to assign the IP address and subnet mask address manually Select Dynamic to allow the system to assign the IP address IP Address Type the IP address if the IP address assignment is...

Page 101: ...ITE permission to access this information Wireless LAN configuration navigation WLAN settings configuration parameters page 102 SSID configuration parameters page 102 WLAN radio configuration parameters page 103 MAC filtering configuration parameters page 104 WLAN security configuration parameters page 105 WEP configuration parameters page 106 Wireless multimedia configuration parameters page 107 ...

Page 102: ... to activate the radio Select Disabled to deactivate the radio You must select a country code before you enable the access point Country Code Select the required country code A country code is required to set up the proper regulatory restrictions for channel availability and transmission power You must disable the radio Access Point before you set the country code Radio Mode Select the required ra...

Page 103: ...the Turbo Mode status Turbo Mode is used to perform a speed boost to the wireless network Select Dynamic to allow the BSG to detect whether clients are capable of Turbo Mode If a client is not capable of turbo mode the client returns to normal mode Select Static only when you know that all wireless devices in the network are capable of Turbo Mode Select Disabled if there are no wireless clients to...

Page 104: ...ection by transmitting both a RTS and CTS frame to all stations The default value is CTS only Preamble Specifies the preamble length Some clients do not support a short preamble They cannot be reached if the preamble is set to Short Select Short boosts the performance of the BSG wireless but potential for missed clients Select Short Long all clients are accessible The default value is Short Long D...

Page 105: ...n Select WPA PSK WPA2 PSK or WPA WPA2 PSK Mixed if authentication uses a preshared key The default value is Open Pre Authentication Specifies the preauthentication status Select Enable to enable the Robust Security Networks Association RSNA preauthentication on this entity Stations authenticate to different APs if present but associate to a single AP Select Disable to disable the RSNA preauthentic...

Page 106: ...or data encryption It consists of an organizationally unique identifier OUI the first 3 octets and a cipher suite identifier the last octet Select one of the following options AES CCMP TKIP WEP AES CCMP TKIP AES CCMP WEP TKIP WEP AES CCMP TKIP WEP This field is used in conjunction with the Authentication Type If you select WPA for Authentication Type the BSG supports TKIP If you select WPA2 the BS...

Page 107: ...r data encryption Options 1 2 3 4 If you want to assign the selected key index as the default value you must select the Set this as default WEP key Set this as default WEP Key If you select this box you can configure the selected key index as the default value The default for the first configured WEP is checked The default for subsequent configured WEPs is unchecked Key Type The required WEP key t...

Page 108: ...g Contention Width Minimum The minimum contention width of the AP in the radio The range is 1 to 15 The default values for AC0 through AC3 are 4 4 3 and 2 Log Contention Width Maximum The maximum contention width of the AP in the radio The range is 1 to 15 The default values for AC0 through AC3 are 10 10 4 and 3 AIFSN The arbitrary inter frame sequence AIFS The range is 1 to 15 The default values ...

Page 109: ...s for AC0 through AC3 are 3 7 1 and 1 TXOP Limit The transmission opportunity of the AP in the radio The range is 0 to 65535 The default values for AC0 through AC3 are 0 0 94 and 47 Admission Control The status of admission of WMM parameters Options Enabled Disabled The default value for AC0 through AC3 is Disabled Variable Value ...

Page 110: ...110 LAN advanced configuration NN47928 500 NN47928 500 ...

Page 111: ...gs configuration navigation VLAN basic settings configuration parameters page 111 VLAN port settings configuration parameters page 112 Static VLAN configuration parameters page 113 Dynamic VLAN configuration parameters page 114 VLAN protocol group configuration parameters page 114 VLAN port protocol configuration parameters page 115 VLAN database display parameters page 116 VLAN basic settings con...

Page 112: ...mic Multicast learning status If the status is disabled then the GMRP is disabled for the current port The default value is Enable Protocol Based VLAN Specifies the protocol based learning status The default value is Enable Variable Value Port Displays the port ID for which you want to configure the VLAN port settings Port Name Type the name of the port Port and Protocol Based VLAN Specifies the p...

Page 113: ... packets Select Disable the packets are handled normally The default value is Disable BDTU tunneling status cannot be set if 802 1x tunnel status is disabled Ingress Filtering Specifies the Ingress Filtering status Select Enable the device discards incoming frames for VLANs where this port is not a member Select Disable the device accepts all incoming frames The default value is Disable Port Mode ...

Page 114: ...iable Value Select Select a row Port Displays the port number Port Name Displays the port name Dynamic VLAN Learning Set the Dynamic VLAN Learning to Enable or Disable If Enable GVRP is enabled on the current port if the global GVRP status is enabled for the device If Disable GVRP is disabled on the current port even if the global GVRP is enabled Any GVRP packet received is discarded and no GVRP r...

Page 115: ... to the encapsulation format Select the frame type for the protocol group Select one of the following options Ethernet RFC 1042 SNAP 802 1H SNAP Other LLV Other The default value is Ethernet Protocol Value Specifies the protocol value Select one of the following options ARP IP RARP IPX NOVELL NETBIOS APPLETALK OTHER The default value is ARP If you select OTHER enter the protocol value Group Identi...

Page 116: ...quests The following section describes the display parameters for the current VLAN database located at Configuration VLAN setup VLAN Database tab Variable definitions The following table describes the values and variable displayed on the VLAN database panel Variable Value VLAN ID Displays the VLAN ID Member Ports Displays the member ports list Untagged Ports Displays the untagged ports list Status...

Page 117: ...nfiguration parameters The following section describes the configuration parameters for the STP basic settings located at Configuration Spanning Tree Basic Settings tab Variable definitions The following table describes the variables and values for configuring the STP basic settings Variable Value Enable RSTP Select this option button to enable RSTP Enable MSTP Select this option button to enable ...

Page 118: ... the parameters for configuration of MSTP basic settings located at Configuration Spanning Tree MSTP Basic Settings tab Variable definitions The following table describes the variables and values for configuring the MSTP basic settings Variable Value MSTP Status Displays the MSTP status The status displayed is based on the MSTP setting Enable or Disable selected in STP Basic Settings Compatibility...

Page 119: ...ximum Age Seconds Type the time period for which the information received in the RSTP Bridge Protocol Data Unit BPDU is valid The value ranges from 6 to 40 seconds The default value is 20 seconds Forward Delay Seconds Type the time period within which the port changes its spanning tree state when moving toward the forwarding state The value ranges from 4 to 30 seconds The default value is 15 secon...

Page 120: ... operational status of the edge port admin status The value of this field depends on the Edge Port Admin Status If the Edge Port Admin Status is Enabled then this field is automatically set to True This value takes effect only when you shut down and restart the port If the Edge Port Admin Status is Disabled then this field is automatically set to False This value takes effect only when you shut do...

Page 121: ...Instance ID The Common Instance Spanning Tree CIST is generated by default and has instance ID number 0 The allowable values range from 1 to 16 Add VLAN Select the VLAN to map to the MSTP instance Delete VLAN Select the VLAN to unmap from the MSTP instance Variable Value Select Select a row Port Displays the port number Port Name Displays the port name MSTP Instance ID Displays the instance ID of ...

Page 122: ...number Port Name Displays the port name Designated Root Displays the unique Bridge Identifier of the Bridge recorded as the Root for the segment to which the port is attached Designated Bridge Displays the Bridge Identifier which this port considers to be the Designated Bridge for this port segment Designated Port Displays the Port Identifier on the Designated Bridge for this port segment Designat...

Page 123: ...on Select RSTP for the port to transmit only RSTP BPDUs Select STP Compatible for the port to transmit RSTP BPDUs or Topology Change Notification BPDUs Config TCN BPDUs The default value is RSTP Bridge Priority Type the bridge priority value used to select the root bridge Transmit Hold Count Type the maximum number of packets that can be sent in an given interval to avoid flooding The value ranges...

Page 124: ...s and values for configuring the RSTP port settings Attention Attention To set the Maximum Age and Forward Delay Parameters satisfy the following relation 2 Forward Delay 1 0 Max Age To set the Hello Time and Maximum Age parameters satisfy the following relation Max Age 2 Hello Time 1 0 Variable Value Maximum Age secs Type the time period for which the information received in RSTP BPDU is valid Th...

Page 125: ...tatus of the edge port The default value is Disabled Edge Port Oper Status Specifies the operational status of the edge port admin status The value of this field depends on the Edge Port Admin Status If the Edge Port Admin Status is Enabled then this field is automatically set to True This value takes effect only when you shut down and restart the port If the Edge Port Admin Status is Disabled the...

Page 126: ...r of the bridge which this port considers to be the designated bridge for this port segment Designated Port Displays the port identifier of the port on the designated bridge for this port segment Type Displays the operational point to point status of the LAN segment attached to this port This value indicates whether a port is considered to have a point to point connection or shared media Role Disp...

Page 127: ...Redundancy Protocol VRRP for the Business Service Gateway BSG Prerequisites to IP routing advanced configuration You must have L3 READ WRITE permission to access IP routing configuration IP routing advance configuration navigation Static ARP configuration parameters page 128 Static routes configuration parameters page 129 RIP configuration page 130 OSPF configuration page 134 RRD configuration pag...

Page 128: ... located at Configuration IP Routing Static ARP Variable definitions The following table describes the variables and values for configuring Static ARP Variable Value IP Address Type the IP address of the host whose MAC address is statically configured in the ARP cache MAC Address Type the MAC address of the host Interface Select the interface on which to configure Static ARP ...

Page 129: ...tic routes Variable Value Destination Network Type the network address of the route Subnet Mask Type the subnet mask for the Destination Network address Gateway Type the Next Hop gateway to reach the IP address Interface Select the outgoing interface The value ranges from 1 to 4094 Distance Metric Type the metric value of the destination The value ranges from 0 to 255 Routing Protocol Displays the...

Page 130: ...iable Value Space Periodic Updates Specifies the Space Periodic Update status Select Enabled to split and send the generated update packets The default value is Disabled Security Level Specifies the security level of the RIP Select Minimum to accept RIP 1 packets even when authentication is in use Select Maximum to ignore RIP 1 packets even when authentication is in use The default value is Maximu...

Page 131: ...eters for configuring RIP on an interface located at Configuration IP Routing RIP Interfaces tab Variable definitions The following table describes the variables and values for modifying a RIP interface Retry Count Type the retry count value to update request and update response packet The value ranges between 10 and 40 The default value is 36 Default Metric Type the default metric value to set th...

Page 132: ...everse Send Version The version of RIP packets sent by the router Select one of the following options Do not send indicates that no packets are sent RIP Version 1 indicates the data packets are sent using a RIP update that is complaint with RFC 1058 RIP1 Compatible indicates the RIP 2 updates are broadcast using an RFC 1058 route subsumption rules RIP Version 2 indicates the RIP2 packets are multi...

Page 133: ...s Type the IP address of the neighbor router to which the unicast update is sent Variable Value Select Select the RIP interface you want to configure IP Address Displays the IP address of the RIP interface Authentication Type The authentication type Select one of the following options No Authentication disables authentication Simple Password simple password based authentication MD5 message digest ...

Page 134: ...figuration parameters page 137 OSPF route information display parameters page 138 OSPF link state database display parameters page 139 OSPF basic settings configuration parameters The following section describes the parameters for configuration of OSPF basic settings located at Configuration IP Routing OSPF Basic Settings tab Variable definitions The following table describes the variables and val...

Page 135: ...le Autonomous Systems AS for the same destination To minimize the chance of routing loops all OSPF routers in an OSPF routing domain must have RFC compatibility set identically Select Yes to use the preference rules specified by RFC1583 Select No to use the preference rules specified in RFC2178 The default value is Yes External Link State Database Limit Type the maximum number of non default AS ex...

Page 136: ...LSA can be flooded through the normal area Stub Configures the area type as Stub External LSAs cannot be flooded into a stub area a default route is used to reach the external routes NSSA Configures the area type as Not So Stubby Area NSSA Only a limited number of Type 5 external LSAs are translated into Type 7 LSAs and flooded into the NSSA The default value is Normal Send Summary Routers Specifi...

Page 137: ...cation Type is MD5 type the secret key used to create the message digest appended to the OSPF packet Authentication Key If Authentication Type is set to Simple Password type the authentication key The Authentication Key does not appear in the UI after you configure a OSPF area configuration Hello Interval Type the Hello Interval The range is 1to 65535 The default value is 10 seconds Retransmit Int...

Page 138: ...ptions None indicates authentication is not required Simple Password indicates a simple password is required for authentication MD5 indicates message digest 5 based authentication The default value is None MD5 Key ID Type the secret key used to create the message digest appended to the OSPF packet if the authentication type is MD5 Authentication Key Type the key required for authentication if auth...

Page 139: ...er Type 2 Cost Displays the type 2 cost of the OSPF router Interface Displays the interface ID of the OSPF interface Variable Value Area ID Displays the Area ID associated with the OSPF address range Type Displays the area type Link ID Displays the Link Identifier The value is in the form of an IP address ADV Router Displays all of the router Link State Advertisements LSAs If IP address is not inc...

Page 140: ...e following section describes the parameters for configuration of the RRD RIP settings located at Configuration IP Routing RRD RIP tab Variable definitions The following table describes the variables and values for configuring RRD RIP settings Variable Value RRD Status Select the RRD status as Enabled or Disabled Select Enabled to enable route redistribution Select Disabled to disable route redist...

Page 141: ...OSPF routes are populated in the RIP routing database BGP routes BGP routes are populated in the RIP routing database Route Tag Type Specifies whether the route tag is manually entered or automatically generated Select Manual the Route Tag must be entered manually Select Automatic the Route Tag is generated automatically and the Route Tag field is disabled Route Tag Type the route tag if the Route...

Page 142: ... configuration parameters The following section describes the parameters for configuration of the VRRP settings located at Configuration IP Routing VRRP VRRP Settings tab Variable definitions The following table describes the variables and values for configuring VRRP settings Variable Value VRRP Status Specifies the VRRP status Select Enabled to enable VRRP in the router and restart VRRP on all th...

Page 143: ...efault value is 100 Authentication Type Select the Authentication type used for VRRP protocol exchanges between virtual routers If you select No Authentication the VRRP Protocol exchange values are not authenticated If you select Simple Text Password the VRRP Protocol exchanges are authenticated by a clear text password The default value is No Authentication Authentication Key Type the authenticat...

Page 144: ...144 IP routing advanced configuration NN47928 500 NN47928 500 ...

Page 145: ...ation Protocol DHCP server and the relay settings for Business Service Gateway BSG Prerequisites for DHCP advanced configuration You must have SYSTEM READ WRITE permission to access DHCP configuration DHCP advanced configuration navigation DHCP server configuration page 146 DHCP relay settings configuration parameters page 151 ...

Page 146: ...and values for configuring DHCP basic settings Variable Value DHCP Server Select the DHCP server status Select Enabled to enable the DHCP server and process DHCP client requests Select Disabled to disable the DHCP server and stop processing client requests The default value is Enabled Blocked IP Address Re use Timer seconds Type the reuse timeout value used by the DHCP server This timer value repr...

Page 147: ...Router IP format a list of IP addresses for routers on the client subnet The code for the default router option is 3 and its length is 4 octets The length must always be a multiple of 4 Timer servers IP format a list of time servers RFC 868 available to the client The code for the time server option is 4 and its length is 4 octets The length must always be a multiple of 4 Name server IP format a l...

Page 148: ...he maximum lease time associated with the server pool Status Displays the status of the pool setting entry Status is Up or Down This field is displayed after you add a pool setting entry Variable Value Pool Name Select the pool name Option The DHCP option Select one of the following options Netmask IP Format the client subnet mask RFC 950 The code for the subnet mask is 1 and its length is 4 octet...

Page 149: ... one of the following options Netmask IP Format the client subnet mask RFC 950 The code for the subnet mask is 1 and its length is 4 octets Default Router IP format a list of IP addresses for routers on the client subnet The code for the default router option is 3 and its length is 4 octets The length must always be a multiple of 4 Timer servers IP format a list of time servers RFC 868 available t...

Page 150: ...st Pool Name Select the pool name Host IP Type the IP address of the host Identifier Type the IP address of the identifier The identifier is a string of maximum length 63 Variable Value Device Name Type the DHCP device name The maximum string length is 63 characters The space character cannot appear in the device name Device Status Specifies the device status The device status restricts DHCP servi...

Page 151: ...ate the relay agent The default value is Disabled IP DHCP Relay Information Option Select the IP DHCP Relay Information Option status This option controls the processing related to Relaying Agent information Select Enabled to start processing the relay agent information options The processing includes inserting the options before relaying a packet from a client to a server and examining or strippi...

Page 152: ...152 DHCP advanced configuration NN47928 500 NN47928 500 ...

Page 153: ...efinitions The following table describes the variables and values for configuring dynamic multicast Variable Value Select Select the port you want to configure Port Type the port on which GMRP and the Restricted Group Registration are configured Port Name Type the port name Dynamic Multicast Status Select the GMRP port status At the system level Dynamic Multicast and IGMP Snooping are mutually exc...

Page 154: ...GMP leave is received from a host the BSG removes the host s port from the table entry Prerequisites to IGMP snooping advanced configuration You must disable Dynamic Multicast Learning before you can enable IGMP Snooping see VLAN basic settings configuration parameters page 111 IGMP snooping configuration navigation IGMP snooping basic settings configuration parameters page 154 IGMP snooping timer...

Page 155: ...IP Based if the hardware supports programming of S G and G entries Select MAC Based if the hardware supports only MAC based multicast tables This configuration takes effect when you reboot the system The default value is IP Based Report Forwarding Select whether the reports are forwarded on all the ports or only on the router ports Select All Ports to forward reports on all the ports Select Router...

Page 156: ...port The timer runs for the configured time for each port on which a report is received This timer restarts whenever a report message is received from a host on the specific port If the timer expires the learnt port entry is purged from the multicast group The value ranges from 130 to 1225 The default value is 260 seconds Report Forward Interval secs Type the time interval within which the next re...

Page 157: ... one of the following options Version1 Version2 Version3 The default value is Version3 Fast Leave Select the fast leave status of IGMP If you select Disabled the switch checks if any interested receivers are in the group by sending a group specific query before removing the port from the forwarding table If you select Enabled the switch does not send a group specific query It immediately removes t...

Page 158: ...t Forwarding Table and IP Based Multicast Forwarding Table screens Variable Value VLAN ID Displays the VLAN ID Port List Displays the ports on which routers are connected for the VLAN ID Variable Value MAC Based Multicast Forwarding VLAN ID Displays the VLAN ID pertaining to the MAC based multicast forwarding entry Group MAC Address Displays the configured Group MAC Multicast address Port List Dis...

Page 159: ...s page 161 QoS queue settings configuration parameters page 162 QoS basic settings configuration parameters The following section describes the parameters for configuration of the QoS basic settings located at Configuration QoS Basic Settings tab Variable definitions The following table describes the variable and value for configuring QoS basic settings Policy map settings configuration parameters...

Page 160: ...mber if it exceeds CIR It is marked green if it does not exceed CIR The marking is based on Committed Information Rate CIR and two associated burst sizes Committed Burst Size CBS and Peak Burst Size PBS A packet is marked green if it does not exceed CBS and amber if it exceeds CBS but not PBS Otherwise it is marked red PIR bytes per second Type the PIR key value in bytes per second The default val...

Page 161: ...of the following options Any both TCP or UDP packets are classified using the class map TCP only TCP packets are classified using the class map UDP only UDP packets are classified using the class map Source Port Type the source port The value ranges from 1 to 65535 Destination Port Type the destination port The value ranges from 1 to 65535 Incoming DSCP Type the incoming Differentiated Services Co...

Page 162: ...e following table describes the variables and values for configuring QoS queue settings Variable Value Select Select the port you want to configure Port Displays the port number Port Name Displays the port name Priority0 Select the Traffic Class value for priority 0 The value ranges from 0 to 7 Priority1 Select the Traffic Class value for priority 1 The value ranges from 0 to 7 Priority2 Select th...

Page 163: ...nfigured minimum depth The default value is 50 Amber Threshold Max Type the maximum Amber Threshold value All amber packets are dropped at the configured maximum depth The default value is 64 Scheduler Weight Type the queue weight The range for queues 3 to 7 is 1 to 65535 The default weights are queue 0 0 cannot be changed queue 1 0 cannot be changed queue 2 0 cannot be changed queue 3 512 cannot ...

Page 164: ...164 QoS advanced configuration NN47928 500 NN47928 500 ...

Page 165: ...on navigation VPN settings configuration page 165 Users configuration page 171 VPN settings configuration This section provides configuration of the branch office tunnel VPN settings configuration navigation VPN global settings configuration parameters page 165 VPN policy configuration parameters page 166 VPN IPsec configuration parameters page 166 IKE pre shared secret configuration parameters pa...

Page 166: ... Remote Identity Type The user identity type that uniquely identifies the peer Select one of the following IPV4 specifies the IP address FQDN specifies the fully qualified domain name an unambiguous domain name that denotes the position of the node in the DNS tree hierarchy EMAIL specifies the email of the peer KEYID specifies the string that uniquely identifies the peer Remote Identity Value Type...

Page 167: ...the outbound traffic Protocol Select the required traffic protocol for the source and destination address Select one of the following options Any TCP UDP ICMPv4 AH ESP When you select a protocol and apply the IPSec policy the policy is applied on the selected protocol packets only For example if you select ICMPv4 when you ping from one host to another only ICMP packets are authenticated IPSec SA t...

Page 168: ...e to the fixed block size of 128 bits AES operates on a 4x4 array of bytes Encryption Keys 1 2 and 3 The encryption key settings depend on the selected IPSec Encryption DES specify a key for Encryption Key 1 only length 16 3DES specify encryption keys 1 2 and 3 AES 128 specify a key for Encryption Key 1 only length 32 AES 192 specify a key for Encryption Key 1 only length 48 AES 256 specify a key ...

Page 169: ...a standard for encrypting data that uses a 64 bit key to encrypt data but only 56 bits are usable This standard is considered inadequate for data protection as this standard do not match the speed of computer Triple Data Encryption Standard 3DES processes each block of data using a different key each time resulting in a significantly more secure message Advanced Encryption Standard AES128 AES192 A...

Page 170: ... The list contains the Remote Identity values added on VPN Global Settings Local Identity Type Value Select the identity type to access the local network Select one of the following IPV4 IP address FQDN Fully Qualified Domain Name EMAIL email address of the user KEYID uniquely identifies the peer Type the associated value IP Sec Phase 2 Proposal table Protocol Select the authentication protocol Se...

Page 171: ...orithm This cryptographic hash function computes a condensed digital representation to a high degree of probability IPSec Mode Select the IPSec mode Select Tunnel IPSec encrypts the IP header and the Payload Select Transport IPSec encrypts only the Payload Preferred Forward Secrecy Select the Preferred Forward Secrecy PFS Select one of the following options Select None IKE does not use any PFS PFS...

Page 172: ...s for the configuration of client termination located at Configuration VPN Users Client Termination tab Variable definitions The following table describes the variables and values for configuring client termination Variable Value User Name Type the user name The range is 1 to 31 characters Password Type the password for the user The range is 1 to 31 characters Variable Value Pool Name Type the nam...

Page 173: ...etwork speed Select 3 DES if you require network security IPSec Authentication Select the preferred authentication method Select one of the following options HMAC MAC5 the message authentication code is calculated using the MD5 cryptographic hash function This cryptographic hash function has some additional security properties with a 128 bit hash value which is commonly used to check the integrity...

Page 174: ...raffic Selector table Local Address Type the Source IP address of the outbound traffic Local Address Mask Type the Network mask of the outbound traffic Remote Address Type the Destination IP address of the outbound traffic Remote Address Mask Type the Destination mask of the outbound traffic Protocol Select the traffic protocol for the source or destination address Select one of the following opti...

Page 175: ...ethod is required HMAC MAC5 the message authentication code is calculated using the MD5 cryptographic hash function This cryptographic hash function has some additional security properties with a 128 bit hash value which is commonly used to check the integrity of files HMAC SHA1 the message authentication code is calculated using the SHA1 algorithm This cryptographic hash function computes a conde...

Page 176: ...176 VPN advanced configuration NN47928 500 NN47928 500 ...

Page 177: ...onfigure SIP You must ensure that the WAN interface can ping the SIP server You must ensure that Network Address Translation NAT and firewall are enabled in the WAN interface You must have VOICE READ WRITE permission to access SIP configuration SIP advanced configuration navigation SIP server management configuration parameters page 178 SIP system configuration page 179 SIP protocol configuration ...

Page 178: ...splays the status of the SIP server The default value is Enabled Operating Mode Displays the current operating mode of the SIP Server One of the following values is displayed Normal Any type of SIP call is possible BackupWanUp The WAN link is up but SSE server is not reachable by WAN BackupWanDown The WAN link is down SIP calls can be made only inside the LAN The mode changes dynamically based on ...

Page 179: ...configuring the central SIP server Variable Value Managed Domain Name Type the domain name of the SIP server You can also type the IP address of the SIP server in this field The default name is mydomain com Central SIP Server Address Type the IP address of the central SIP server This field is mandatory Transport Select the required transport protocol for SIP Select one of the following options Use...

Page 180: ...e ranges from 1 to 10 The default value is 2 Central SIP Server via Address es Displays the central SIP server via address or addresses You can enter aliases for the Central SIP Server address Separate each address with a comma Note If the maximum number of simultaneous SIP calls across the WAN is reached the next SIP call attempt fails and the caller hears fast busy tone Variable Value Select Sel...

Page 181: ...ddress Directory Path Type the directory path Variable Value Dump SIP Messages Specifies whether SIP messages are traced Select Enable to enable traces for all calls Select Disable to disable traces for all calls The default value is Disable Detailed Traces Specifies that the traces are logged in detail Select one of the following options All all components are traced None no components are traced...

Page 182: ...variables and values for configuring header settings Transport settings configuration parameters The following section describes the parameters for the configuration of transport settings located at Configuration SIP SIP Protocol Transport tab Variable definitions The following table describes the variables and values for configuring transport settings Variable Value Organization Header Type the n...

Page 183: ...65535 TLS Select this check box to configure TLS TLS Port Type the port number used for TLS The value ranges from 1 to 65535 Variable Value Minimum Registration Period Type the minimum registration period for the SIP server The value ranges from 1 to 3600 The default value is 30 seconds Maximum Registration Period Type the maximum registration period for the SIP server for any phone when the BSG i...

Page 184: ... in the Subscriber database The default value is Enable Remove Dynamic Subscriber On De registration Select the Dynamic subscriber De Registration status Select one of the following Enable When the SIP call is complete the subscriber is automatically removed from both the Registration and Subscriber database Disable When the SIP call is complete the subscriber information must be explicitly delete...

Page 185: ...e default value is 90 ms Maximum Type the maximum session timer value in milliseconds The value ranges from 90 to 4294967295 The default value is 3600 ms Protocol Timers Timer T1 Type the timer T1 value in milliseconds This is used for local retransmission The value ranges from 1 to 2147483647 The default value is 500 ms Timer T2 Type the timer T2 value in milliseconds This is used for local retra...

Page 186: ...Timer I Type the timer I value in milliseconds The value ranges from 1 to 2147483647 The default value is 5000 for UDP Timer J Type the timer J value in milliseconds The value ranges from 1 to 2147483647 The default value is 32000 for UDP Timer K Type the timer K value in milliseconds The value ranges from 1 to 2147483647 The default value is 5000 for UDP Variable Value ...

Page 187: ...d at Configuration SIP Routing Rules View Rules tab The View Rules panel also shows the list of routing rules created using the Add Rule panel Variable definitions The following table describes the variable and value displayed in the Routing Rules dialog box Adding rules configuration parameters The following section describes the parameters for the configuration of a routing rule located at Confi...

Page 188: ...ith the start and end numbers given in the range Otherwise must be specified as the condition in the last rule Value for Condition Type the value for the specified condition This option is disabled for some conditions Specify Number Transformation Select this check box to enable number transformations Type Specifies the number transformations applicable to the condition Select one of the following...

Page 189: ...s Select this option button to enable and use the Custom Dial Plan Scripts If you select this check box Use Web UI Dial Plan Configuration is disabled New Dial Plan Name Type the new dial plan name if you enabled Use Custom Dial Plan Scripts NTML File Path Type the National Traffic Management Log NTML file path if you enabled Use custom Dial Plan Scripts Dial Plan Mode Select the dialplan mode if ...

Page 190: ...e of the subscriber The maximum number of characters is 32 Alias Type the alias name of the subscriber The maximum number of characters is 100 You can configure the alias only when Allow Dynamic Subscriber Addition is enabled You can set Allow Dynamic Subscriber Addition in Registrar Configuration under SIP Protocol In backup mode SIP alias works for static subscribers only Display Name Type the d...

Page 191: ...O FXS Global tab Variable definitions The following table describes the variables and values for global configuration of codec FXO and FXS Variable Value VoIP Status Displays the VoIP current status Displays Running if VoIP is running Displays Not Available if VOIP is not running VoIP Firmware version Displays the version of the VoIP firmware Country Code The country code The default value is Cana...

Page 192: ...ce Mail configuration Mail box Enable Select this check box to enable voice mail in VoIP The default value is unchecked Server IP Type the IP address of the mail server You can configure this field only when Mail box Enable is selected Server Port Type the mail server port The value ranges from 1024 to 65535 The default value is 5060 You can configure this field only when Mail box Enable is select...

Page 193: ...in increments of 30 Possible values are 30 60 90 120 For all other codecs the range is 10 to 100 in increments of 10 Possible values are 10 20 30 90 100 The default frame size value for G 723 is 30 For all other codecs the default value is 20 Silence Compression Status Select this check box to enable silence compression for the corresponding codec entry When enabled no unnecessary noise consumes t...

Page 194: ...smitted over IP The default value is Disabled Mail Password Type the mailbox password of the FXS channel This password is used when the Voice Mail Configuration is enabled see Global information configuration parameters page 191 Call Forwarding Forward Number Type the number to which the call is forwarded Ring type Select the ring type for the FXS channel Select one of the following options 0 1 2 ...

Page 195: ...if the SIP server becomes unavailable Variable Value FXO Channel Select the required FXO channel Channel Enable Select this check box to enable the administrative status of the FXO channel The channel is available for use only when it is enabled Channel Number Type the FXO channel number This is the FXO number which identifies the FXO line for an incoming call Password Type the password for access...

Page 196: ...vate UDP via port for SIP application Private SIP Via TLS Port Displays the private secured transport via port for SIP application Private SIP Record Route Displays the private record route IP for further SIP requests Private SIPS Record Route Displays the private secured SIP record route IP for further SIPS requests Timer for Cleaning NAT Binding Displays the NAT binding cleaning time in minutes ...

Page 197: ...The following section describes the parameters for the configuration of basic port settings located at Configuration Port Management Ethernet Basic Settings tab Variable definitions The following table describes the variables and values for configuring Ethernet basic port settings Variable Value Select Select the Ethernet port you want to configure Port Displays the Ethernet port number Port Statu...

Page 198: ...The MTU must be increased if you want bigger packets without fragmentation Enabling Jumbo Frame Support increases the MTU of the port Select Enabled to enable Jumbo Frame Support Select Disabled to disable Jumbo Frame Support The default value is Disabled Variable Value Select Select the Ethernet port you want to configure Port Displays the Ethernet port number Port Name Displays the Ethernet port...

Page 199: ...10Mb s 100 Mbps port speed is 100Mb s 1Gbps port speed is 1Gb s Flow Control Select the flow control status Select one of the following options Disabled flow control is turned off Transmit flow control is sent to a remote device Receive flow control is received from a remote device Both flow control is sent and received from a remote device Variable Value ...

Page 200: ...200 Port management advanced configuration NN47928 500 NN47928 500 ...

Reviews:

No comments

Related manuals for BSG12aw 1.0

Kuhnt AS55 Series Service Manual preview
AS55 Series
Brand: Kuhnt Pages: 173
Esse-ti GSM400 User Manual preview
GSM400
Brand: Esse-ti Pages: 56
3onedata GW1102-2DRS-485-TB-P Quick Installation Manual preview
GW1102-2DRS-485-TB-P
Brand: 3onedata Pages: 3
Advantech EDG-4508+ User Manual preview
EDG-4508+
Brand: Advantech Pages: 82
QUPIT 159-01 Installation Manual preview
159-01
Brand: QUPIT Pages: 16
Eurotech ReliaGATE 10-10-00 User Manual preview
ReliaGATE 10-10-00
Brand: Eurotech Pages: 30
AES Corporation 7177 Quick Start Manual preview
7177
Brand: AES Corporation Pages: 2
Tekkeon myTalker ET7000 Specification Sheet preview
myTalker ET7000
Brand: Tekkeon Pages: 2
Tema Telecomunicazioni DIAL-112 Technical Installation Manual preview
DIAL-112
Brand: Tema Telecomunicazioni Pages: 35
Fluke COMARK 3927739 Service Manual preview
COMARK 3927739
Brand: Fluke Pages: 65
D.I.P. CDN366 User Manual preview
CDN366
Brand: D.I.P. Pages: 93
Daikin MCS341-DS1-111 Installer'S Reference Manual preview
MCS341-DS1-111
Brand: Daikin Pages: 44
ZyXEL Communications P-2302R-P1 Series User Manual preview
P-2302R-P1 Series
Brand: ZyXEL Communications Pages: 294
iSysmart SGZ211 User Manual preview
SGZ211
Brand: iSysmart Pages: 11
AirLive IGR-2500 User Manual preview
IGR-2500
Brand: AirLive Pages: 81
AirLive IGR-1500 Quick Start Manual preview
IGR-1500
Brand: AirLive Pages: 82
IEI Technology DRPC-230-ULT5 Series User Manual preview
DRPC-230-ULT5 Series
Brand: IEI Technology Pages: 117
AWS Storage Gateway User Manual preview
Storage Gateway
Brand: AWS Pages: 438

Brands by name

Popular brands

Load more brands