Debugging a Virtual Access Service Managed Gateway
|
|
- Cameron Kennedy
- 5 years ago
- Views:
Transcription
1 Debugging a Virtual Access Service Managed Gateway Issue: 1.0 Date: 09 July 2013
2 Table of Contents 1 About this document Scope WAN connectivity ADSL Active data connections ADSL bandwidth DSL spectrum analyzer Line history PPP LCP Authentication IPCP MLPPP G modem Signal strength G status GSM status PSTN modem IPSec Phase I PFS Phase II Port forwarding Port forwarding using CLI Port forwarding using the web interface... 29
3 1: About this document 1 About this document 1.1 Scope This guide explains the various tools on a Service Managed Gateway (SMG) that will enable you to debug issues within the following features: WAN connectivity IPSec Port forwarding This document is for engineers who have previous experience configuring and managing SMG routers.
4 2 WAN connectivity Virtual Access routers enable WAN connections and other types of networks, so that users and devices in one location can communicate with users and devices in other locations. 2.1 ADSL Active data connections The Active Data Connections page shows the type of connection, IP address, ADSL rates and data uptime duration. The Duration field is a useful support tool as it shows how long the data connection has been up. From the Start page, click Status. In the Status menu, click Active Data Connections. The Active Data Connections page appears. Figure 1: The active data connections table ADSL bandwidth The ADSL bandwidth graph displays transmitted and received ADSL bandwidth in real time. This is useful for monitoring real-time usage of the WAN link. Note: you can only view ADSL bandwidth information if your router has an ADSL interface. In the Status menu, click ADSL Bandwidth. The ADSL Bandwidth page appears.
5 Figure 2: The ADSL bandwidth page Command line: sh stats adslbw Figure 3: Output for the command line sh stats adslbw DSL spectrum analyzer The DSL Line Spectrum is part of the ADSL service management support, which allows you to easily establish the source of a fault. The DSL Spectrum Analyzer provides a graphical real-time display of the line spectrum. This enables you to check for a good ADSL connection at the expected upload and download trained rates. It is also possible to upload the spectrum data so that a record of the line quality can be stored at installation. Then if there are problems the recorded spectrum can be compared to the current data. In the Status menu, select ADSL Line Spectrum. The ADSL Line Spectrum page appears.
6 Figure 4: The DSL spectrum analyzer page
7 Command line: show stats adsl adsl-0 Figure 5: Output of the command line show stats adsl Use the command show stats adsl-1 to view line 2 statistics. The ADSL Tx and Rx counters measure the number of transmitted and received packets on the ADSL interface. This view also contains FEC, HEC, CRC and BER error counters as well as detailed ADSL information. This information is critical in determining the quality of an ADSL circuit for VoIP. To view the ADSL Tx and Rx statistics, from the Start page, click Advanced-> Expert View. In the top menu, click Operations. In the Operations menu, click performance-> interface stats > adsl stats > statistics.
8 Figure 6: Output of view stats adsl Important elements to check are outlined below. ADSL mode: interleaved or fast as outlined above. Note that ADSL2+ circuits will always display fast. To determine if interleaved is on, check if FEC errors are incrementing Noise margin: the higher this value the better. This value is determined by the DSLAM SNR rate. The router will train the ADSL line according to this value. The lower the SNR, the higher the training rate but this may introduce excessive line errors which can be checked below. Attenuation: the lower this value the better. This value is an indication of the quality of a line. The further you are away from the exchange, the higher this
9 value will be and the possibly more loss experienced. Attenuation figures above 60dB will cause poor voice quality Error detection and correction: the number of CRC errors will indicate an error detection which required retransmission. The number of FECs will indicate the number of times the decoder detected an error and corrected it. HEC shows the number of error corrections in an ATM cell header. BER shows a ratio of error bits to transmitted bits Line history The Line History view gives a history of ADSL connectivity over a number of days. The applet displays in horizontal blocks of 24 for each hour of the day. You can use the zoom facility to view detailed information for any hour during that period. This tool is useful as the first stop in support. Support teams can view how long the ADSL has been active and how long it has been down, or both. You can also download this line history information in text format. In the Status menu, click Line History. The Line History page appears. Figure 7: The line history page To zoom in on any particular hour of any of the days displayed, either click the box and then click Zoom In, or double-click the box.
10 Downloaded line history appears in the following format. Interface Connection time adsl-0 08:34:13 adsl-0 08:34:25 adsl-0 22:34:55 adsl-0 22:35:08 adsl-0 08:09:01 Connection date Disconnection time Disconnection date Duration time Tx Speed Rx Speed Description Dec 25, :34:25 Dec 25, :00: Connection Lost Dec 25, :34:55 Dec 28, :00: Connection opened, G.DMT, Fast Dec 28, :35:08 Dec 28, :00: Connection Lost Dec 28, :09:01 Jan 01, :33: Connection opened, G.DMT, Fast Jan 01, :09:13 Jan 01, :00: Connection Lost Command line: show line history Figure 8: Output of the command line show line history PPP Point to point protocol consists of three layers: LCP Authentication IPCP LCP Link Control protocol or LCP is the first layer between the CPE and the core network. A number of configurable parameters are set at LCP layer. The CPE will send out a configure request and the core network will acknowledge or nak it To debug LCP, type in the following command lines. Command line: ++all 6 Command line: ++PPPLCP Command line: ++LCP The following sample shows the output of the above debug command line.
11 12:23:10 LCP Tx ppp-1: configure request id=[185] 12:23:10 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx ppp-1: configure request id=[1] 12:23:10 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :23:10 LCP Rx Opt = Magic Number, Len = 6, Value = b6 25 f :23:10 LCP Tx ppp-1: configure reject id=[1] 12:23:10 LCP Tx Opt = Magic Number, Len = 6, Value = b6 25 f :23:10 LCP Rx ppp-1: configure ack id=[185] 12:23:10 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx ppp-1: configure request id=[2] 12:23:10 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :23:10 LCP Tx ppp-1: configure ack id=[2] 12:23:10 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Tx Opt = Authentication Protocol, Len = 5, Value = c :23:10 lcp up ppp-1 12:23:10 PPP Debug LCP Layer Up Authentication During PPP negotiation PAP or CHAP authentication is used. PAP or password authentication is rarely used in the Virtual Access CPE configuration deployment. CHAP or Challenge Handshake Authentication Protocol is widely used in the VA CPE configuration deployment Once the Lick has established at LCP then the core network will either challenge the CPE or the CPE authenticates itself by sending the username and password To debug authentication, type in the following command lines. Command line: ++all 6 Command line: ++auth The following sample shows the output of the above debug command line. 12:23:10 CHAP rx i/f ppp-1: [Challenge] 12:23:10 PPP Debug Authenticate Request 12:23:10 CHAP tx i/f ppp-1: [Response] 12:23:11 LCP Tx ppp-1: echo request id=[187] 12:23:12 CHAP rx i/f ppp-1: [Success] 12:23:12 PPP Debug Authenticate ACK Received IPCP Internet protocol control protocol is the final layer of PPP.
12 To debug IPCP, type the following command lines. Command line: ++all 6 Command line: ++IPCP The following sample shows the output of the above debug command line. 12:23:12 IPCP tx ppp-1: configure request id=[188] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP tx Opt = Secondary DNS Address, Len = 6, Value = :23:12 IPCP rx ppp-1: configure request id=[1] 12:23:12 IPCP rx Opt = Address, Len = 6, Value = :23:12 PPP Debug NCP IP Routing Reject 12:23:12 IPCP tx ppp-1: configure reject id=[1] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 LCP Tx ppp-1: echo request id=[189] 12:23:12 IPCP rx ppp-1: configure reject id=[188] 12:23:12 IPCP rx Opt = Secondary DNS Address, Len = 6, Value = :23:12 IPCP tx ppp-1: configure request id=[190] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP rx ppp-1: configure request id=[2] 12:23:12 PPP Debug NCP Configuration ACK 12:23:12 IPCP tx ppp-1: configure ack id=[2] 12:23:12 LCP Rx ppp-1: echo reply id=[189] 12:23:12 IPCP rx ppp-1: configure nak id=[190] 12:23:12 IPCP rx Opt = Address, Len = 6, Value = :23:12 IPCP rx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP tx ppp-1: configure request id=[191] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP rx ppp-1: configure ack id=[191] 12:23:12 IPCP rx Opt = Address, Len = 6, Value = :23:12 IPCP rx Opt = Primary DNS Address, Len = 6, Value = :23:12 ncp up ppp-1 12:23:12 PPP Debug NCP Layer Up The following command lines show a sample debug of PPP. Command line: ++all 6 Command line: ++PPP Command line: ++PPPlcp Command line: ++auth Command line: ++IPCP The following sample shows the output of the above debug command line.
13 12:23:10 LCP Tx ppp-1: configure request id=[185] 12:23:10 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx ppp-1: configure request id=[1] 12:23:10 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :23:10 LCP Rx Opt = Magic Number, Len = 6, Value = b6 25 f :23:10 LCP Tx ppp-1: configure reject id=[1] 12:23:10 LCP Tx Opt = Magic Number, Len = 6, Value = b6 25 f :23:10 LCP Rx ppp-1: configure ack id=[185] 12:23:10 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx ppp-1: configure request id=[2] 12:23:10 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :23:10 LCP Tx ppp-1: configure ack id=[2] 12:23:10 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :23:10 LCP Tx Opt = Authentication Protocol, Len = 5, Value = c :23:10 lcp up ppp-1 12:23:10 PPP Debug LCP Layer Up 12:23:10 CHAP rx i/f ppp-1: [Challenge] 12:23:10 PPP Debug Authenticate Request 12:23:10 CHAP tx i/f ppp-1: [Response] 12:23:11 LCP Tx ppp-1: echo request id=[187] 12:23:12 CHAP rx i/f ppp-1: [Success] 12:23:12 PPP Debug Authenticate ACK Received 12:23:12 IPCP tx ppp-1: configure request id=[188] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP tx Opt = Secondary DNS Address, Len = 6, Value = :23:12 IPCP rx ppp-1: configure request id=[1] 12:23:12 IPCP rx Opt = Address, Len = 6, Value = :23:12 PPP Debug NCP IP Routing Reject 12:23:12 IPCP tx ppp-1: configure reject id=[1] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 LCP Tx ppp-1: echo request id=[189] 12:23:12 IPCP rx ppp-1: configure reject id=[188] 12:23:12 IPCP rx Opt = Secondary DNS Address, Len = 6, Value = :23:12 IPCP tx ppp-1: configure request id=[190] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP rx ppp-1: configure request id=[2] 12:23:12 PPP Debug NCP Configuration ACK 12:23:12 IPCP tx ppp-1: configure ack id=[2] 12:23:12 LCP Rx ppp-1: echo reply id=[189] 12:23:12 IPCP rx ppp-1: configure nak id=[190] 12:23:12 IPCP rx Opt = Address, Len = 6, Value =
14 12:23:12 IPCP rx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP tx ppp-1: configure request id=[191] 12:23:12 IPCP tx Opt = Address, Len = 6, Value = :23:12 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :23:12 IPCP rx ppp-1: configure ack id=[191] 12:23:12 IPCP rx Opt = Address, Len = 6, Value = :23:12 IPCP rx Opt = Primary DNS Address, Len = 6, Value = :23:12 ncp up ppp-1 12:23:12 PPP Debug NCP Layer Up 12:23:13 LCP Tx ppp-1: echo request id=[192] 12:23:13 LCP Rx ppp-1: echo reply id=[192] 12:23:14 LCP Tx ppp-1: echo request id=[193] 12:23:14 LCP Rx ppp-1: echo reply id=[193] 12:23:15 LCP Tx ppp-1: echo request id=[194] 12:23:15 LCP Rx ppp-1: echo reply id=[194] 12:23:16 LCP Tx ppp-1: echo request id=[195] 12:23:16 LCP Rx ppp-1: echo reply id=[195] To check the status of PPP, type the following command. Command line: show ppp options ppp-1 The following command line shows a sample of the output of PPP status. LCP Configured MRU 1482 LCP Configured MRRU 1486 LCP Tx Accepted MRU 1500 LCP Tx Accepted MRRU 1486 LCP Rx Accepted MRU 1486 LCP Rx Accepted Authentication Protocol c22305 LCP Rx Accepted MRRU 1524 LCP Rx Accepted Endpoint Discriminator 01 6c 6e IPCP Configured Address IPCP Configured Primary DNS Address IPCP Configured Secondary DNS Address IPCP Tx Accepted Address IPCP Tx Accepted Primary DNS Address IPCP Tx Accepted Secondary DNS Address CCP Configured Stacker LZS Compression MLPPP Multilink PPP is the bonding of two or more ADSL lines. The most common issue is MRRU values that have not been configured correctly or the LNS not set up correctly, both of which are out of the scope of this document. To check the status of MLPPP, type the following command.
15 Command line: show stats mlppp all The following command line shows a sample of the output of MLPPP status.
16 Bundle Uptime: 001:19:20:40 (DDD:HH:MM:SS) Active links: 2 (2) Username: Endpoint Discriminator: 01 6c 6e Local MRRU: 1486 Remote MRRU: 1524 Transmitted Packets: Received Packets: Received Fragmented Packets: 0 Bundle Id: 1 Member Links: 2 Last Processed Seq: MRRU: 1524 MP header format: Long Total Pkts Tx / Rx: / Total Bytes Tx / Rx: / Total Frags Tx / Rx: / Single Frags Tx / Rx: / NULL Frags Tx / Rx: 0 / 0 Dropped Pkts Tx / Rx: 0 / 0 Non-MP Pkts Tx / Rx: / RX out of sequence frags: RX pkts discarded (frag loss): 0 RX frags discarded (frag loss): 0 RX pkts expired: RX pkts arrived too late: 3196 Maximum too late arrival(ms): 262 Sequence queue bypassed: Sequence queue overflow: 36 Link ppp-1 ppp-2 Bundle ID 1 1 Uptime (DDD:HH:MM:SS) 001:19:20:40 000:02:06:28 Last Received Seq Load Balance Bytes Tx Bytes Tx Bytes Rx Frags Tx Frags Rx Single Frags Tx Single Frags Rx NULL Frags Tx 0 0 NULL Frags Rx 0 0 Dropped Pkts Tx 0 0 Dropped Pkts Rx 0 0 Non-MP Pkts Tx
17 Non-MP Pkts Rx The following command lines show a sample debug of MLPPP. Command line: ++all 6 Command line: ++PPP Command line: ++PPPLCP Command line: ++auth Command line: ++IPCP Command line: ++MLPPP The following command line shows a sample of the output of MLPPP.
18 13:03:27 LCP Tx ppp-2: configure request id=[122] 13:03:27 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :03:27 POE link up ppp-2 13:03:28 LCP Rx ppp-2: configure request id=[6] 13:03:28 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :03:28 LCP Rx Opt = Magic Number, Len = 6, Value = 5e f4 ef 4a 13:03:28 LCP Tx ppp-2: configure reject id=[6] 13:03:28 LCP Tx Opt = Magic Number, Len = 6, Value = 5e f4 ef 4a 13:03:28 LCP Rx ppp-2: configure ack id=[122] 13:03:28 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Rx ppp-2: configure request id=[7] 13:03:28 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :03:28 LCP Tx ppp-2: configure ack id=[7] 13:03:28 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Tx Opt = Authentication Protocol, Len = 5, Value = c :03:28 lcp up ppp-2 13:03:28 PPP Debug LCP Layer Up 13:03:28 PPP Debug Authenticate Request 13:03:28 LCP Tx ppp-1: echo request id=[140] 13:03:28 LCP Tx ppp-2: echo request id=[123] 13:03:28 LCP Rx ppp-1: echo reply id=[140] 13:03:28 LCP Rx ppp-2: echo reply id=[123] 13:03:28 LCP Rx ppp-2: configure request id=[1] 13:03:28 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :03:28 LCP Rx Opt = Magic Number, Len = 6, Value = bd 73 3a f2 13:03:28 LCP Rx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Rx Opt = MLPPP EPDM, Len = 7, Value = 01 6c 6e :03:28 PPP Debug EPDM accepted 13:03:28 lcp down ppp-2 13:03:28 PPP Debug LCP Layer Down 13:03:28 LCP Tx ppp-2: configure request id=[124] 13:03:28 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Tx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Tx Opt = MLPPP EPDM, Len = 15, Value = :03:28 LCP Tx ppp-2: configure reject id=[1] 13:03:28 LCP Rx ppp-2: configure nak id=[124] 13:03:28 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 PPP Debug LCP NAK 13:03:28 LCP Tx ppp-2: configure request id=[125] 13:03:28 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Tx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Tx Opt = MLPPP EPDM, Len = 15, Value = :03:28 LCP Rx ppp-2: configure request id=[2]
19 13:03:28 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :03:28 LCP Rx Opt = Magic Number, Len = 6, Value = bd 73 3a f2 13:03:28 LCP Rx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Rx Opt = MLPPP EPDM, Len = 7, Value = 01 6c 6e :03:28 PPP Debug EPDM accepted 13:03:28 LCP Tx ppp-2: configure reject id=[2] 13:03:28 LCP Tx Opt = Magic Number, Len = 6, Value = bd 73 3a f2 13:03:28 LCP Rx ppp-2: configure ack id=[125] 13:03:28 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Rx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Rx Opt = MLPPP EPDM, Len = 15, Value = :03:28 LCP Rx ppp-2: configure request id=[3] 13:03:28 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :03:28 LCP Rx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Rx Opt = MLPPP EPDM, Len = 7, Value = 01 6c 6e :03:28 PPP Debug EPDM accepted 13:03:28 LCP Tx ppp-2: configure nak id=[3] 13:03:28 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Rx ppp-2: configure request id=[4] 13:03:28 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :03:28 LCP Rx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Rx Opt = MLPPP EPDM, Len = 7, Value = 01 6c 6e :03:28 PPP Debug EPDM accepted 13:03:28 LCP Tx ppp-2: configure ack id=[4] 13:03:28 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :03:28 LCP Tx Opt = Authentication Protocol, Len = 5, Value = c :03:28 LCP Tx Opt = MLPPP MRRU, Len = 4, Value = :03:28 LCP Tx Opt = MLPPP EPDM, Len = 7, Value = 01 6c 6e :03:28 lcp up ppp-2 13:03:28 PPP Debug LCP Layer Up 13:03:28 PPP Debug Authenticate Request 13:03:28 PPP Debug Authenticate ACK Received 13:03:28 MP (Link added): port 1 to bundle (id=1) 13:03:28 ncp up ppp-2 13:03:28 PPP Debug NCP Layer Up 13:03:29 LCP Tx ppp-1: echo request id=[141] 13:03:29 LCP Tx ppp-2: echo request id=[126] 13:03:29 LCP Rx ppp-1: echo reply id=[141] 13:03:29 LCP Rx ppp-2: echo reply id=[126] 2.2 3G modem Depending on the hardware model some Virtual Access routers have optional 3G modems. The most common issues are signal strength and SIM registration.
20 Depending on the provider, the SIM will be allocated a public or Private IP address which may or may not be reachable from the internet Signal strength Signal Strength Description > -113dBm, < -89 dbm Low signal strength - connection not reliable >= -89 dbm, < -69 dbm Medium signal strength - Good connection >= -69 dbm High signal strength - Excellent connection Table 1: Samples of signal strength and their values G status Depending on the hardware model, the modem interface will be assigned to either modem-0 or modem-1
21 Command line: show modem interface status modem-0 Modem state: Activated Connected: Yes Call state: Connected GSM status SIM status: Ready Signal quality: -63 dbm Network registration: Registered - home network GPRS network registration: Registered - home network Operator: vodafone IE Operator selection: Automatic Radio access technology: UMTS: HSDPA IMEI: Mobile country code: 272 Mobile network code: 01 Location area code: 0BCC Cell identifier: 000AA787 Active SIM: SIM1 IMSI: ICCID: Scrambling Code: Not known or not detectable RSCP: Not known or not detectable Ec/Io: Not known or not detectable SIM switch enabled: No Automatic reset enabled: No Number of resets: 0 Number of remote disconnects: 0 The following command lines show a sample debug of 3G. Command line: ++all 6 Command line: ++modem Command line: ++PPP Command line: ++PPPLCP Command line: ++Auth Command line: ++IPCP The following command line shows a sample of the output of GM status.
22 04:16:23 Modem Tx: AT+CGREG?;+CREG?;+CSQ;+COPS=3,0;+COPS?;+COPS=3,2;+COPS? 04:16:23 Modem Rx: AT+CGREG?;+CREG?;+CSQ;+COPS=3,0;+COPS?;+COPS=3,2;+COPS? 04:16:23 Modem Rx: +CGREG: 2,1,"0BCC","000AA787",4 04:16:23 Modem Rx: +CREG: 0,1 04:16:23 Modem Rx: +CSQ: 25,99 04:16:23 Modem Rx: +COPS: 0,0,"vodafone IE",2 04:16:23 Modem Rx: +COPS: 0,2,"27201",2 04:16:23 Modem Rx: OK 04:16:26 modem-0: Connecting GPRS/UMTS () 04:16:26 Modem Tx: AT+CPIN? 04:16:26 Modem Rx: AT+CPIN? 04:16:26 Modem Rx: +CPIN: READY 04:16:26 Modem Rx: OK 04:16:26 modem-0: SIM ready 04:16:26 Modem Tx: AT+CGDCONT=1,"IP","" 04:16:26 Modem Rx: AT+CGDCONT=1,"IP","" 04:16:26 Modem Rx: OK 04:16:26 Modem Tx: ATD*99# 04:16:26 Modem Rx: ATD*99# 04:16:27 Modem Rx: CONNECT 04:16:27 LCP Tx ppp-1: configure request id=[17] 04:16:27 LCP Tx Opt = Async Control Character Map, Len = 6, Value = :16:27 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :16:27 LCP Tx Opt = Protocol Field Compression, Len = 2, Value = none 04:16:27 modem-0: Outgoing call connected 04:16:27 LCP Rx ppp-1: configure request id=[1] 04:16:27 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :16:27 LCP Rx Opt = Address and Control Field Compression, Len = 2, Value = 04:16:27 LCP Rx Opt = Protocol Field Compression, Len = 2, Value = none 04:16:27 LCP Rx Opt = Async Control Character Map, Len = 6, Value = :16:27 LCP Rx Opt = Magic Number, Len = 6, Value = f :16:27 LCP Tx ppp-1: configure reject id=[1] 04:16:27 LCP Tx Opt = Address and Control Field Compression, Len = 2, Value = 04:16:27 LCP Tx Opt = Protocol Field Compression, Len = 2, Value = none 04:16:27 LCP Tx Opt = Async Control Character Map, Len = 6, Value = :16:27 LCP Tx Opt = Magic Number, Len = 6, Value = f :16:27 LCP Rx ppp-1: configure request id=[2] 04:16:27 LCP Rx Opt = Authentication Protocol, Len = 5, Value = c :16:27 LCP Tx ppp-1: configure ack id=[2] 04:16:27 LCP Tx Opt = Authentication Protocol, Len = 5, Value = c :16:30 LCP Tx ppp-1: configure request id=[18] 04:16:30 LCP Tx Opt = Async Control Character Map, Len = 6, Value = :16:30 LCP Tx Opt = Maximum Receive Unit, Len = 4, Value = :16:30 LCP Tx Opt = Protocol Field Compression, Len = 2, Value = none 04:16:30 LCP Rx ppp-1: configure ack id=[18]
23 04:16:30 LCP Rx Opt = Async Control Character Map, Len = 6, Value = :16:30 LCP Rx Opt = Maximum Receive Unit, Len = 4, Value = :16:30 LCP Rx Opt = Protocol Field Compression, Len = 2, Value = none 04:16:30 lcp up ppp-1 04:16:30 PPP Debug LCP Layer Up 04:16:30 CHAP rx i/f ppp-1: [Challenge] 04:16:30 PPP Debug Authenticate Request 04:16:30 CHAP tx i/f ppp-1: [Response] 04:16:30 CHAP rx i/f ppp-1: [Success] 04:16:30 PPP Debug Authenticate ACK Received 04:16:30 IPCP tx ppp-1: configure request id=[19] 04:16:30 IPCP tx Opt = Address, Len = 6, Value = :16:30 IPCP tx Opt = Compression Protocol, Len = 6, Value = 00 2d 0f 01 04:16:30 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :16:30 IPCP tx Opt = Secondary DNS Address, Len = 6, Value = :16:30 Modem Rx: *EPSB: 3 04:16:32 Modem Rx: *EPSB: 5 04:16:32 Modem Rx: *EPSB: 6 04:16:33 IPCP tx ppp-1: configure request id=[20] 04:16:33 IPCP tx Opt = Address, Len = 6, Value = :16:33 IPCP tx Opt = Compression Protocol, Len = 6, Value = 00 2d 0f 01 04:16:33 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :16:33 IPCP tx Opt = Secondary DNS Address, Len = 6, Value = :16:33 IPCP rx ppp-1: configure request id=[1] 04:16:33 PPP Debug NCP Configuration ACK 04:16:33 IPCP tx ppp-1: configure ack id=[1] 04:16:33 IPCP rx ppp-1: configure nak id=[20] 04:16:33 IPCP rx Opt = Address, Len = 6, Value = :16:33 IPCP rx Opt = Primary DNS Address, Len = 6, Value = :16:33 IPCP rx Opt = Secondary DNS Address, Len = 6, Value = :16:33 IPCP tx ppp-1: configure request id=[21] 04:16:33 IPCP tx Opt = Address, Len = 6, Value = :16:33 IPCP tx Opt = Compression Protocol, Len = 6, Value = 00 2d 0f 01 04:16:33 IPCP tx Opt = Primary DNS Address, Len = 6, Value = :16:33 IPCP tx Opt = Secondary DNS Address, Len = 6, Value = :16:33 IPCP rx ppp-1: configure ack id=[21] 04:16:33 IPCP rx Opt = Address, Len = 6, Value = :16:33 IPCP rx Opt = Compression Protocol, Len = 6, Value = 00 2d 0f 01 04:16:33 IPCP rx Opt = Primary DNS Address, Len = 6, Value = :16:33 IPCP rx Opt = Secondary DNS Address, Len = 6, Value = :16:33 ncp up ppp-1 04:16:33 PPP Debug NCP Layer Up
24 2.3 PSTN modem Some Virtual Access routers have a PSTN modem, which by default is configured to allow dial in access or out of band management. The modem interface is assigned to a configured PPP interface and the same PPP debugging will apply. Some common faults are incorrect cabling or disconnected cables, PSTN fault and micro filter faults. These can lead to a slow speed connection in which the router will not be contactable due to the poor quality of the line. The following command lines show a sample debug of PSTN modem. Command line: ++all 6 Command line: ++modem Command line: ++PPP Command line: ++PPPLCP Command line: ++Auth Command line: ++IPCP super> connect p1 The following shows a sample of the output of PSTN modem.
25 13:18:48 Modem: Dial ( ) 13:18:48 Modem Tx: atv0w2e0 Connect initiated successfully 13:18:48 Modem Rx: 0 13:18:48 Modem Tx: ats7=30dt :19:19 Modem Rx: 84 13:19:19 LCP Tx ppp-1: configure request id=[189] 13:19:19 Modem: Outgoing Call Connected bps 13:19:21 LCP Tx ppp-1: configure request id=[190] 13:19:21 LCP Rx ppp-1: configure request id=[8] 13:19:21 LCP Tx ppp-1: configure ack id=[8] 13:19:21 LCP Rx ppp-1: configure ack id=[190] 13:19:21 lcp up ppp-1 13:19:21 PPP Debug LCP Layer Up 13:19:21 IPCP tx ppp-1: configure request id=[191] 13:19:21 IPCP rx ppp-1: configure request id=[9] 13:19:21 IPCP rx Opt = Address, Len = 6, Value = :19:21 PPP Debug NCP NAK 13:19:21 IPCP tx ppp-1: configure nak id=[9] 13:19:21 IPCP tx Opt = Address, Len = 6, Value = :19:21 IPCP rx ppp-1: configure ack id=[191] 13:19:22 IPCP rx ppp-1: configure request id=[10] 13:19:22 IPCP rx Opt = Address, Len = 6, Value = :19:22 PPP Debug NCP Configuration ACK 13:19:22 IPCP tx ppp-1: configure ack id=[10] 13:19:22 IPCP tx Opt = Address, Len = 6, Value = :19:22 ncp up ppp-1 13:19:22 PPP Debug NCP Layer Up
26 3: IPSec 3 IPSec 3.1 Phase I A hybrid protocol called Internet Key exchange (IKE) establishes and maintains unidirectional communication in an IPSec environment. Phase I establishes IKE. There are two ways of implementing Phase I: Main mode Aggressive mode Main mode Most common use of main mode is when both ends of the tunnel are using fixed IP addresses. In main mode, a secure channel is established by sending three packets of data from the initiator and three from the responder. The most common failures for main mode messages between 1 and 4 are: Remote peer not configured to accept VPN negotiations Differing exchange types DH group mismatch Encryption Algorithms are wrong The most common failure for main mode messages 5 and 6 are Pre-shared keys not matching The following command lines show a sample debug of Phase I. Command line: ++all 6 Command line: ++ike The following shows a sample of the output of Phase I debug.
27 3: IPSec 17:32:45 IKE: MM Msg1 sent for policy 1 17:32:45 IKE: MM Msg2 received for policy 1 17:32:45 IKE: Vendor VA1 17:32:45 IKE: Vendor DPD 17:32:45 IKE: MM Msg3 sent for policy 1 17:32:45 IKE: MM msg4 received for policy 1 17:32:45 IKE: Vendor VA1 17:32:45 IKE: Vendor DPD 17:32:45 IKE: ID: IPv4 address, :32:45 IKE: Diffie-Hellman negotiated, MM Msg 5 sent for policy 1 17:32:46 IKE: MM Msg6 received for policy 1 17:32:46 IKE: ID: IPv4 address, :32:46 IKE: Main Mode completed for policy 1 Aggressive mode Most common use of main mode is when one end of the tunnel is using fixed IP addresses and the other is dynamic In aggressive mode, a secure channel is established by sending two packets of data from the initiator and three from the responder. This is faster than main mode, but also less secure The most common failures for aggressive mode messages between 1 and 4 are: Remote peer not configured to accept VPN negotiations Differing exchange types DH group mismatch Encryption algorithms are wrong The most common failure for aggressive mode messages 5 and 6 are pre-shared keys not matching PFS Perfect Forward Secrecy (PFS) is a means of generating new keys that are unrelated to previously used keys. This means that if an unauthorized party cracks one key, they have no basis for cracking the next one used. To increase security, Virtual Access routers support PFS and automatically changes keys regularly. 3.2 Phase II Phase II establishes the encryption domains and is configured using SPD policies. When Phase I is completed, the IPSec connection automatically moves on to Phase II. If any further failures occur the issue lies with Phase II settings.
28 3: IPSec In Phase II, when quick mode message 1 is received by the responder it will always state the subnet which is set in the packet it receives. This is useful as it will mean that the verification of SPD Subnet Addresses is easy. The most common failures for SPD within Phase II are: Security protocol does not match ESP authentication set to no on one side of the tunnel Difference in Encryption Algorithms setting Difference in Addresses in SPD apply polices The following command lines show a sample debug of Phase II Command line: ++all 6 Command line: ++SPD The following command line shows a sample of the output of phase II debug. 17:32:46 IKE: Sending initial contact 17:32:46 IKE: ID: IPv4 address, :32:46 IKE: ID: IPv4 address, :32:46 IKE: QM Msg1 sent for policy 1 17:32:46 IKE: QM Msg 2 received for policy 1 17:32:46 IKE: ID: IPv4 address, :32:46 IKE: ID: IPv4 address, :32:46 IKE: QM Msg3 sent for policy 1 17:32:46 SPD: Phase 2 tunnel up for spd policy 1 17:32:46 IKE: Quick Mode completed for policy 1 17:32:46 Link up 01-VPN-IKE1 Src= Dest=
29 4: Port forwarding 4 Port forwarding 4.1 Port forwarding using CLI Port forwarding can be configured under the incoming address translation table. To check to see if port forwarding is enabled, type the following command line and check the output is the same as the sample below. Command line: show IPAT incoming all The following shows a sample of the output of port forwarding enabled. Entry Interface Prot Local host Port Gateway address Port ppp-1 UDP ppp-1 UDP ppp-1 TCP ppp-1 TCP ppp-1 TCP ppp-1 TCP Port forwarding using the web interface To enable port forwarding using the webs interface, from the Start page, click Advanced>expert view>system>ip>address translation>table. Configure the target WAN interface, port number and LAN interface and port number.
Service Managed GatewayTM. Configuring MLPPP using Expert View
Service Managed GatewayTM Issue 1.1 Date 19 July 2010 Table of contents 1 Introduction... 3 1.1 Scope... 3 1.2 Readership... 3 1.3 Prerequisites... 3 1.4 Navigating to expert view... 3 2 Configuring MLPPP...
More informationService Managed Gateway TM. Configuring Dual ADSL PPP with Worker Standby or Load Share Mode
Service Managed Gateway TM Configuring Dual ADSL PPP with Worker Standby or Load Share Mode Issue 1.3 Date 15 November 2011 Table of contents 1 Introduction... 3 1.1 Scope... 3 1.2 Readership... 3 1.3
More informationConfiguring a GSM (3G) modem on a GW2040 Series Router
Configuring a GSM (3G) modem on a GW2040 Series Router Issue 1.5 Date 10 May 2012 Table of contents 1 About this document... 3 1.1 Scope... 3 1.2 Readership... 3 1.3 More information... 3 1.3.1 Assigned
More informationService Managed Gateway TM. Configuring a V90 Modem on an SMG
Service Managed Gateway TM Configuring a V90 Modem on an SMG Issue 2.1 Date 18 August 2010 Table of contents 1 About this document... 3 1.1 Scope... 3 1.2 Readership... 3 1.3 More information... 3 1.3.1
More informationVirtual Tunnel Interface
This chapter describes how to configure a VTI tunnel. About s, on page 1 Guidelines for s, on page 1 Create a VTI Tunnel, on page 2 About s The ASA supports a logical interface called (VTI). As an alternative
More informationIncreasing Bandwidth. Contents
2 Increasing Bandwidth Contents Overview...................................................... 2-2 Configuring MLPPP............................................. 2-4 PPP.......................................................
More informationHP MSR Router Series. Layer 2 - WAN Access Configuration Guide(V7)
HP MSR Router Series Layer 2 - WAN Access Configuration Guide(V7) Part number: 5998-6465 Software version: CMW710-R0106 Document version: 6PW101-20140807 Legal and notice information Copyright 2014 Hewlett-Packard
More informationService Managed Gateway TM. Configuring IPSec VPN
Service Managed Gateway TM Configuring IPSec VPN Issue 1.2 Date 12 November 2010 1: Introduction 1 Introduction... 3 1.1 What is a VPN?... 3 1.2 The benefits of an Internet-based VPN... 3 1.3 Tunnelling
More informationChapter 6 Virtual Private Networking
Chapter 6 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the ADSL2+ Modem Wireless Router. VPN communications paths are called tunnels. VPN
More informationQuick Note 65. Configure an IPSec VPN tunnel between a TransPort WR router and an Accelerated SR router. Digi Technical Support 7 June 2018
Quick Note 65 Configure an IPSec VPN tunnel between a TransPort WR router and an Accelerated SR router. Digi Technical Support 7 June 2018 Contents 1 Introduction... 3 1.1 Outline... 3 1.2 Assumptions...
More informationTeldat Router. PPP Interface
Teldat Router PPP Interface Doc. DM710-I Rev. 10.11 December, 2003 INDEX Chapter 1 PPP Interface...1 1. Description...2 2. PPP Frame structure...3 2.1. Asynchronous PPP adaptation...3 3. Link Control Protocol...5
More informationService Managed Gateway TM. How to Configure and Debug Generic Routing Encapsulation (GRE)
Service Managed Gateway TM How to Configure and Debug Generic Routing Encapsulation (GRE) Issue 1.1 Date 14 August 2007 Table of Contents 1 About this document...3 1.1 Scope...3 1.2 Readership...3 2 Introduction...4
More informationHPE FlexNetwork MSR Router Series
HPE FlexNetwork MSR Router Series Comware 7 Layer 2 - WAN Access Configuration Guides Part number: 5998-8783 Software version: CMW710-E0407 Document version: 6W100-20160526 Copyright 2016 Hewlett Packard
More informationVirtual Private Networks (VPNs)
CHAPTER 19 Virtual Private Networks (VPNs) Virtual private network is defined as customer connectivity deployed on a shared infrastructure with the same policies as a private network. The shared infrastructure
More informationBCRAN. Section 9. Cable and DSL Technologies
BCRAN Section 9 Cable and DSL Technologies Cable and DSL technologies have changed the remote access world dramatically. Without them, remote and Internet access would be limited to the 56 kbps typical
More informationthus, the newly created attribute is accepted if the user accepts attribute 26.
Remote Authentication Dial-In User Service (RADIUS) attributes are used to define specific authentication, authorization, and accounting (AAA) elements in a user profile, which is stored on the RADIUS
More informationUser Guide IP Connect CSD
The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Wireless Maingate AB shall have no liability for any error or damages
More informationVPN Ports and LAN-to-LAN Tunnels
CHAPTER 6 A VPN port is a virtual port which handles tunneled traffic. Tunnels are virtual point-to-point connections through a public network such as the Internet. All packets sent through a VPN tunnel
More informationHP MSR Router Series. Layer 2 - WAN Access Configuration Guide(V7)
HP MSR Router Series Layer 2 - WAN Access Configuration Guide(V7) Part number: 5998-7721b Software version: CMW710-R0304 Document version: 6PW104-20150914 Legal and notice information Copyright 2015 Hewlett-Packard
More informationConfiguration of an IPSec VPN Server on RV130 and RV130W
Configuration of an IPSec VPN Server on RV130 and RV130W Objective IPSec VPN (Virtual Private Network) enables you to securely obtain remote access to corporate resources by establishing an encrypted tunnel
More informationTable of Contents 1 IKE 1-1
Table of Contents 1 IKE 1-1 IKE Overview 1-1 Security Mechanism of IKE 1-1 Operation of IKE 1-1 Functions of IKE in IPsec 1-2 Relationship Between IKE and IPsec 1-3 Protocols 1-3 Configuring IKE 1-3 Configuration
More informationMRD-310 MRD G Cellular Modem / Router Web configuration reference guide. Web configuration reference guide
Web configuration reference guide 6623-3201 MRD-310 MRD-330 Westermo Teleindustri AB 2008 3G Cellular Modem / Router Web configuration reference guide www.westermo.com Table of Contents 1 Basic Configuration...
More informationPPP Configuration Options
PPP Configuration Options 1 PPP Configuration Options PPP can be configured to support various functions including: Authentication using either PAP or CHAP Compression using either Stacker or Predictor
More informationPoint-to-Point Protocol (PPP)
Point-to-Point Protocol (PPP) www.ine.com PPP» Point-to-Point Protocol» Open standard» Operates in the LLC sub-layer of data link layer in OSI» Originally designed for dial-up connections (modems, ISDN,
More informationRADIUS Vendor-Proprietary Attributes
RADIUS Vendor-Proprietary Attributes Last Updated: January 17, 2012 The IETF draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server
More informationVendor-Proprietary Attribute
RADIUS s The IETF draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server. However, some vendors have extended
More informationthus, the newly created attribute is accepted if the user accepts attribute 26.
Remote Authentication Dial-In User Service (RADIUS) attributes are used to define specific authentication, authorization, and accounting (AAA) elements in a user profile, which is stored on the RADIUS
More informationLecture 1.1: Point to Point Protocol (PPP) An introduction
Lecture 1.1: Point to Point Protocol (PPP) An introduction "the watchword for a point-to-point protocol should be simplicity" (RFC 1547, PPP requirements). disattended by 50+ RFCs Recommended reading:
More informationSet Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers
Set Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers Objective A Virtual Private Network (VPN) is a private network that is used to virtually
More informationRADIUS Attributes. RADIUS IETF Attributes
Remote Authentication Dial-In User Service (RADIUS) attributes are used to define specific authentication, authorization, and accounting (AAA) elements in a user profile, which is stored on the RADIUS
More informationL2TP Configuration. L2TP Overview. Introduction. Typical L2TP Networking Application
Table of Contents L2TP Configuration 1 L2TP Overview 1 Introduction 1 Typical L2TP Networking Application 1 Basic Concepts of L2TP 2 L2TP Tunneling Modes and Tunnel Establishment Process 4 L2TP Features
More informationVPNC Scenario for IPsec Interoperability
EN-4000 Reference Manual Document D VPNC Scenario for IPsec Interoperability EN-4000 Router T his document presents a configuration profile for IPsec interoperability. The configuration profile conforms
More informationApplication Note 11. Main mode IPSec between a Windows 2000 / XP (responder) and a Digi Transport Router (initiator)
Application Note 11 Main mode IPSec between a Windows 2000 / XP (responder) and a Digi Transport Router (initiator) November 2015 Contents 1 Introduction... 5 1.1 Outline... 5 2 Assumptions... 6 2.1 Corrections...
More informationQuick Note. Configure an IPSec VPN tunnel between a Digi TransPort LR router and a Digi Connect gateway. Digi Technical Support 20 September 2016
Quick Note Configure an IPSec VPN between a Digi TransPort LR router and a Digi Connect gateway. Digi Technical Support 20 September 2016 Contents 1 Introduction... 3 1.1 Outline... 3 1.2 Assumptions...
More informationQuick Note. Configure an IPSec VPN tunnel in Aggressive mode between a TransPort LR router and a Cisco router. Digi Technical Support 7 October 2016
Quick Note Configure an IPSec VPN tunnel in Aggressive mode between a TransPort LR router and a Cisco router. Digi Technical Support 7 October 2016 Contents 1 Introduction... 3 1.1 Outline... 3 1.2 Assumptions...
More informationNetwork Working Group
Network Working Group Request for Comments: 2637 Category: Informational K. Hamzeh Ascend Communications G. Pall Microsoft Corporation W. Verthein 3Com J. Taarud Copper Mountain Networks W. Little ECI
More informationHOW TO CONFIGURE AN IPSEC VPN
HOW TO CONFIGURE AN IPSEC VPN LAN to LAN connectivity over a VPN between a MRD-455 4G router and a central ADSL-350 broadband router with fixed IP address Introduction What is an IPSec VPN? IPSec VPN s
More informationConfiguring VPNs in the EN-1000
EN-1000 Reference Manual Document 5 Configuring VPNs in the EN-1000 O ne of the principal features of routers is their support of virtual private networks (VPNs). This document discusses configuration
More informationApplication Notes for the ADTRAN NetVanta 3205 Access Router and Avaya IP Office Using PPP - Issue 1.0
Avaya Solution & Interoperability Test Lab Application Notes for the ADTRAN NetVanta 3205 Access Router and Avaya IP Office Using PPP - Issue 1.0 Abstract These Application Notes describe a sample configuration
More informationCase 1: VPN direction from Vigor2130 to Vigor2820
LAN to LAN IPSec VPN between Vigor2130 and Vigor2820 using Aggressive mode In this document we will introduce how to create a LAN to LAN IPSec VPN between Vigor2130 and a Vigor2820 using Aggressive mode.
More informationPoint-to-Point Protocol (PPP) Accessing the WAN Chapter 2
Point-to-Point Protocol (PPP) Accessing the WAN Chapter 2 ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Describe the fundamental concepts of point-to-point serial
More informationData Sheet. NCP Secure Enterprise Linux Client. Next Generation Network Access Technology
Versatile central manageable VPN Client Suite for Linux Central Management and Network Access Control Compatible with VPN gateways (IPsec Standard) Integrated, dynamic personal firewall FIPS Inside Fallback
More informationPoint-to-Point Protocol (PPP)
Point-to-Point Protocol (PPP) Accessing the WAN Chapter 2 Version 4.0 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Describe the fundamental concepts of point-to-point serial
More informationEthereal Exercise 2 (Part A): Link Control Protocol
Course: Semester: ELE437 Ethereal Exercise 2 (Part A): Link Control Protocol Introduction In this exercise some details at the data link layer will be examined. In particular, the Link Control Protocol
More informationshow crypto group summary, page 1 show crypto ikev2-ikesa security-associations summary spi, page 2
This chapter includes the command output tables. group summary, page 1 ikev2-ikesa security-associations summary, page 2 ikev2-ikesa security-associations summary spi, page 2 ipsec security-associations,
More informationIPSec VPN Setup with IKE Preshared Key and Manual Key on WRVS4400N Router
IPSec VPN Setup with IKE Preshared Key and Manual Key on WRVS4400N Router Objective Internet Protocol Security (IPSec) is used to protect communications through the encryption of IP packets during a communication
More informationData Sheet NCP Exclusive Remote Access Client Windows
Centrally Administrable VPN Client Suite for Windows For Juniper SRX Series Central Management Microsoft Windows 10, 8.x, 7 and Vista Dynamic Personal Firewall VPN Bypass VPN Path Finder Technology (Fallback
More informationThis version of the des Secure Enterprise MAC Client can be used on Mac OS X 10.7 Lion platform.
NCP Secure Enterprise MAC Client Service Release 2.02 Build 11 Date: August 2011 1. New Feature Compatibility to Mac OS X 10.7 Lion This version of the des Secure Enterprise MAC Client can be used on Mac
More informationUsing the Command Line Interface
CHAPTER 2 Using the Command Line Interface 2.1 Commonly Used Commands This section documents the Cisco Broadband Operating System (CBOS) commands and command arguments that manage the Cisco 67x. CBOS runs
More informationRelease Notes. NCP Secure Enterprise Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3.
NCP Secure Enterprise Mac Client Service Release 2.05 Build 14711 Date: December 2013 Prerequisites Apple OS X Operating System: The following Apple OS X operating system versions are supported with this
More informationCertified User Management Engineer (MTCUME) Training outline
Certified User Management Engineer (MTCUME) Training outline Duration: Outcomes: Target Audience: Course prerequisites: 2 days By the end of this training session, the student will be able to securely
More informationUser module. Guest Configuration APPLICATION NOTE
User module Guest Configuration APPLICATION NOTE USED SYMBOLS Used symbols Danger important notice, which may have an influence on the user s safety or the function of the device. Attention notice on possible
More informationSeries 1000 / G Cellular Modem / Router. Firmware Release Notes
Series 1000 / 2000 3G Cellular Modem / Router Firmware Release Notes Document Number: 0013-001-000138 () Firmware Version: v1.40 Dcoumentation Control Generation Date: April 28, 2010 Cybertec Pty Limited
More informationEthereal Exercise 2 (Part B): Link Control Protocol
Course: Semester: ELE437 Introduction Ethereal Exercise 2 (Part B): Link Control Protocol In this half of Exercise 2, you will look through a more complete capture of a dial-up connection being established.
More informationManual. bintec elmeg. bintec 4Ge-LE. Monitoring. Copyright bintec-dm-592-i Version /2015 bintec elmeg
Manual Monitoring Copyright bintec-dm-592-i Version 6. /25 Manual Legal Notice Warranty This publication is subject to change. offers no warranty whatsoever for information contained in this manual. is
More informationHP VSR1000 Virtual Services Router
HP VSR1000 Virtual Services Router Layer 2 - WAN Access Configuration Guide Part number: 5998-6023 Software version: VSR1000_HP-CMW710-R0202-X64 Document version: 6W100-20140418 Legal and notice information
More informationWireless LAN Device Series CPE2615. User Manual. v
Wireless LAN Device Series CPE2615 User Manual v20080312 Preface To use this guide, you should have experience working with the TCP/IP configuration and be familiar with the concepts and terminology of
More informationWireless LAN Device Series CPE2615. User Manual. v
Wireless LAN Device Series CPE2615 User Manual v20081230 Preface To use this guide, you should have experience working with the TCP/IP configuration and be familiar with the concepts and terminology of
More informationSeries 1000 / G Cellular Modem / Router. Firmware Release Notes
Series 1000 / 2000 3G Cellular Modem / Router Firmware Release Notes Document Number: 0013-001-000138 () Firmware Version: v1.42 Dcoumentation Control Generation Date: October 29, 2010 Cybertec Pty Limited
More informationExample: Configuring a Hub-and-Spoke VPN between 3 SRXs using J-Web
Example: Configuring a Hub-and-Spoke VPN between 3 SRXs using J-Web Last updated: 7/2013 This configuration example shows how to configure a route-based multi-point VPN, with a next-hop tunnel binding,
More informationYAMAHA RTX??????? L2TPv3???? VPN???? (IPv4, IPv6??)
YAMAHA RTX??????? L2TPv3???? VPN???? (IPv4, IPv6??) SoftEther VPN Server? Build 9582??????????YAMAHA????? (RTX????)????? L2TPv3 over IPsec VPN????? (?????? 2??????)?????????????????????????????????????
More informationAdvanced Computer Networks. Rab Nawaz Jadoon DCS. Assistant Professor COMSATS University, Lahore Pakistan. Department of Computer Science
Advanced Computer Networks Rab Nawaz Jadoon Department of Computer Science DCS COMSATS Institute of Information Technology Assistant Professor COMSATS University, Lahore Pakistan Advanced Computer Networks
More informationTime Division Multiplexing (TDM) Demarcation Point Serial and parallel ports HDLC Encapsulation PPP
CCNA4 Chapter 2 * Time Division Multiplexing (TDM) TDM divides the bandwidth of a single link into separate channels or time slots. The multiplexer (MUX) accepts input from attached devices in a round-robin
More informationNCP Secure Client Juniper Edition Release Notes
Service Release: 10.11 r32792 Date: November 2016 Prerequisites Operating System Support The following Microsoft Operating Systems are supported with this release: Windows 10 32/64 bit Windows 8.x 32/64
More informationData Sheet. NCP Exclusive Entry Client. Next Generation Network Access Technology
VPN Client Suite for Windows For Juniper SRX Series Microsoft Windows 10, 8.x, 7 Dynamic Personal Firewall Import of third party configuration files VPN Bypass VPN Path Finder Technology (Fallback IPsec/HTTPS)
More informationConfiguration Guide. How to connect to an IPSec VPN using an iphone in ios. Overview
Configuration Guide How to connect to an IPSec VPN using an iphone in ios Overview Currently, users can conveniently use the built-in IPSec client on an iphone to connect to a VPN server. IPSec VPN can
More informationData Sheet. NCP Secure Entry Client Windows. Next Generation Network Access Technology. Universal VPN Client Suite for Windows 32/64 bit
Universal VPN Client Suite for Windows 32/64 bit Compatible with VPN gateways (IPsec standard) Import of third party configuration files Integrated, dynamic personal firewall with IPv6 support Fallback
More informationConfiguring Client-Initiated Dial-In VPDN Tunneling
Configuring Client-Initiated Dial-In VPDN Tunneling Client-initiated dial-in virtual private dialup networking (VPDN) tunneling deployments allow remote users to access a private network over a shared
More informationNCP Secure Client Juniper Edition (Win32/64) Release Notes
Service Release: 10.10 r31802 Date: September 2016 Prerequisites Operating System Support The following Microsoft Operating Systems are supported with this release: Windows 10 32/64 bit Windows 8.x 32/64
More informationZyWALL 70. Internet Security Appliance. Quick Start Guide Version 3.62 December 2003
ZyWALL 70 Internet Security Appliance Quick Start Guide Version 3.62 December 2003 Introducing the ZyWALL The ZyWALL 70 is the ideal secure gateway for all data passing between the Internet and the LAN.
More informationData Sheet. NCP Secure Enterprise Client Windows. Next Generation Network Access Technology
Universal, Centrally Administrable VPN Client Suite for Windows Central Management (SEM) Network Access Control (Endpoint Policy) Compatible with all Major VPN Gateways (IPsec Standard) Microsoft Windows
More informationRADIUS Vendor-Specific Attributes and RADIUS Disconnect-Cause Attribute Values
RADIUS s and RADIUS Disconnect-Cause Values The Internet Engineering Task Force (IETF) draft standard specifies a method for communicating vendor-specific information between the network access server
More informationOperation Manual User Access. Table of Contents
Table of Contents Table of Contents Chapter 1 PPP Configuration... 1-1 1.1 Introduction to PPP... 1-1 1.1.1 Introduction to PPP... 1-1 1.2 Configuring PPP... 1-2 1.2.1 Configuring PPP Encapsulation on
More informationUsing the Cable Monitor Tool
APPENDIX B This appendix describes the Cisco ubr905 and Cisco ubr925 cable access routers Cable Monitor tool. The Cable Monitor is part of the router s onboard software that provides a web-based diagnostic
More informationConfiguring PPP over ATM with NAT
This chapter provides an overview of Point-to-Point Protocol over Asynchronous Transfer Mode (PPPoA) clients and network address translation (NAT) that can be configured on the Cisco 860 and Cisco 880
More informationConfiguring MLPPP. Finding Feature Information
The Multilink Point-to-Point (MLPPP) feature provides load balancing functionality over multiple WAN links, while providing multivendor interoperability, packet fragmentation and proper sequencing, and
More informationDefining IPsec Networks and Customers
CHAPTER 4 Defining the IPsec Network Elements In this product, a VPN network is a unique group of targets; a target can be a member of only one network. Thus, a VPN network allows a provider to partition
More informationVirtual Private Networks
EN-2000 Reference Manual Document 8 Virtual Private Networks O ne of the principal features of routers is their support of virtual private networks (VPNs). This document discusses transmission security,
More informationKX GPRS M2M I-NET. User s Guide. Version: 1.0. Date: March 17, KORTEX PSI 3 Bd Albert Camus Tel:
KX GPRS M2M I-NET User s Guide Version: 1.0 Date: March 17, 2011 KORTEX PSI 3 Bd Albert Camus Tel: +33-1-34043760 e-mail: contact@kortex-psi.fr Revision History Version Date Changes 1.0 March 17, 2011
More informationVirtual Private Cloud. User Guide. Issue 03 Date
Issue 03 Date 2016-10-19 Change History Change History Release Date What's New 2016-10-19 This issue is the third official release. Modified the following content: Help Center URL 2016-07-15 This issue
More informationConfiguring Security on the GGSN
CHAPTER 12 This chapter describes how to configure security features on the gateway GPRS support node (GGSN), including Authentication, Authorization, and Accounting (AAA), and RADIUS. IPSec on the Cisco
More informationHow to Configure IPSec Tunneling in Windows 2000
Home Self Support Assisted Support Custom Support Worldwide Support How to Configure IPSec Tunneling in Windows 2000 The information in this article applies to: Article ID: Q252735 Last Reviewed: February
More informationRelease Notes. NCP Android Secure Managed Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3.
NCP Android Secure Managed Client can be commissioned for use in one of two environments: NCP Secure Enterprise Management, or NCP Volume License Server. Release: 2.32 build 067 Date: May 2013 1. New Features
More informationTroubleshooting VoIP in Converged Networks
Troubleshooting VoIP in Converged Networks Terry Slattery Principal Consultant CCIE #1026 1 Objective Provide examples of common problems Troubleshooting tips What to monitor Remediation Tips you can use
More informationThe EN-4000 in Virtual Private Networks
EN-4000 Reference Manual Document 8 The EN-4000 in Virtual Private Networks O ne of the principal features of routers is their support of virtual private networks (VPNs). This document discusses transmission
More informationSPECTRE Router CONFIGURATION MANUAL
SPECTRE Router CONFIGURATION MANUAL International Headquarters B&B Electronics Mfg. Co. Inc. 707 Dayton Road Ottawa, IL 61350 USA Phone (815) 433-5100 -- General Fax (815) 433-5105 Website: European Headquarters
More informationExample: Configuring a Policy-Based Site-to-Site VPN using J-Web
Example: Configuring a Policy-Based Site-to-Site VPN using J-Web Last updated: 7/2013 This configuration example shows how to configure a policy-based IPsec VPN to allow data to be securely transferred
More informationHow to Configure an IPsec VPN to an AWS VPN Gateway with BGP
How to Configure an IPsec VPN to an AWS VPN Gateway with BGP If you are using the Amazon Virtual Private Cloud, you can transparently extend your local network to the cloud by connecting both networks
More informationmanagement server password through sessions throttle
management server password through sessions throttle management server password, page 4 management server url, page 5 max bandwidth, page 6 max vc, page 7 multihop-hostname, page 8 nas-port-id format c,
More informationRelease Notes. NCP Secure Enterprise Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3.
NCP Secure Enterprise Mac Client Service Release 2.05 Rev. 32317 Date: January 2017 Prerequisites Apple OS X Operating System: The following Apple OS X operating system versions are supported with this
More informationConfiguring Resource Pool Management
Configuring Resource Pool Management This chapter describes the Cisco Resource Pool Management (RPM) feature. It includes the following main sections: RPM Overview How to Configure RPM Verifying RPM Components
More informationCCNA 4 - Final Exam (A)
CCNA 4 - Final Exam (A) 1. A network administrator is asked to design a system to allow simultaneous access to the Internet for 250 users. The ISP for this network can only supply five public IPs. What
More informationHow to Configure an IKEv1 IPsec VPN to an AWS VPN Gateway with BGP
How to Configure an IKEv1 IPsec VPN to an AWS VPN Gateway with BGP If you are using the Amazon Virtual Private Cloud, you can transparently extend your local network to the cloud by connecting both networks
More informationSite-to-Site VPN with SonicWall Firewalls 6300-CX
Site-to-Site VPN with SonicWall Firewalls 6300-CX Skill level: Expert (requires knowledge of IPSec tunnel setup) Goal To build an IPSec tunnel through the 63xx router's WAN internet connection, and use
More informationConfiguring a Hub & Spoke VPN in AOS
June 2008 Quick Configuration Guide Configuring a Hub & Spoke VPN in AOS Configuring a Hub & Spoke VPN in AOS Introduction The traditional VPN connection is used to connect two private subnets using a
More informationHow to Configure a Site-to-Site IPsec IKEv1 VPN Tunnel
How to Configure a Site-to-Site IPsec IKEv1 VPN Tunnel The Barracuda CloudGen Firewall can establish IPsec VPN tunnels to any standard-compliant, third-party IKEv1 IPsec VPN gateway. The Site-to-Site IPsec
More informationData-link. Examples of protocols. Generating polynomials. Example. Error detection in TCP/IP. Multiple Access Links and Protocols
Computer Networking Data-link layer Prof. Andrzej Duda duda@imag.fr http://duda.imag.fr Data Link Layer Our goals: Understand principles behind link layer services: sharing a broadcast channel: multiple
More informationH3C MSR Series Routers
H3C MSR Series Routers Layer 2 - WAN Command Reference(V7) Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: MSR-CMW710-R0007 Document version: 6W100-20140320 Copyright 2014, Hangzhou
More informationDigi Application Guide Configure VPN Tunnel with Certificates on Digi Connect WAN 3G
1. Configure Digi Connect WAN 3G VPN Tunnel with Certificates. Objective: Configure a Digi Connect WAN 3G to build a VPN tunnel using custom certificates. 1.1 Software Requirements - Digi Device Discovery
More informationImplementing Enterprise WAN Links
Implementing Enterprise WAN Links Introducing Routing and Switching in the Enterprise Chapter 7 Version 4.0 1 Objectives Describe the features and benefits of common WAN connectivity options. Compare and
More information