RuggedCom RuggedRouter RX1100, RuggedRouter RX1000 User manual

  • Hello! I am an AI chatbot trained to assist you with the RuggedCom RuggedRouter RX1100 User manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Rugge d R o u ter
RX1000/RX1100 User Guide
RuggedCom Inc.
30 Whitmore Road,
Woodbridge, Ontario, Canada
L4L 7Z4
Web: www.ruggedcom.com
Tel: (905) 856-5288
Fax: (905) 856-1995
Toll Free: (888) 264-0006
RUGGEDROUTER USER GUIDE
FOR USE WITH RX1000/RX1100 PRODUCTS
Version 1.12.6 May 14
th
, 2008
RuggedCom
30 Whitmore Road
Woodbridge, Ontario
Canada L4L7Z4
Tel: (905) 856-5288
Fax: (905) 856-1995
Toll Free: (888) 264-0006
support@ruggedcom.com
http://www.ruggedcom.com
Disclaimer
RuggedCom Inc. makes no warranty of any kind with regard to this
material.
RuggedCom shall not be liable for errors contained herein or for
consequential damages in connection with the furnishing,
performance, or use of this material.
Warranty
Five (5) years from date of purchase, return to factory. For warranty
details, visit www.ruggedcom.com or contact your customer service
representative.
COPYRIGHT © Apr 2008 RuggedCom Inc.
ALL RIGHTS RESERVED
This document contains proprietary information, which is protected by
copyright. All rights are reserved.
The RuggedRouter includes components licensed under the GPL and
BSD style licenses. The full licences of such are included in an
associated document.
No part of this document may be photocopied, reproduced or
translated to another language without the prior written consent of
RuggedCom Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and
other countries.
Gauntlet® is the registered trademark of Teltone Corporation.
About this User Guide
About this User Guide
This guide is concerned with aiding the user in the configuration and operation of the
RuggedRouter using the RuggedCom command line, setup menu and web
management interfaces. Specifically, this guide details aspects of:
Accessing the User Interfaces
Security
Configuring the router
Status determination
Performance measurement
Uploading and downloading files
Dealing with alarms
This guide also details operation of the RX1100 Gauntlet security appliance.
This guide is intended solely for the purpose of familiarizing the reader with the ways
that the RuggedRouter can be used to support Routing over Ethernet, T1/E1, T3
ADSL, DDS and Frame Relay as well as act as a Serial server and time
synchronization device.
Applicable Firmware Revision
This guide is applicable to RuggedRouter ROX 1.12.6 software revision.
Who Should Use This User Guide
This guide is to be used by network technical support personnel who are familiar with
the operation of networks. Others who might find the book useful are network and
system planners, system programmers and line technicians.
How To Use This User Guide
Each chapter has been prepared with a feature description, an application section and
a description of the default mode of operation. It is recommended that you use this
guide along with the following applicable documents.
RuggedRouter Installation Guide
Rugged MediaConverter Installation Guide
RuggedCom Fiber Guide
Gauntlet Command and Control Center (CCC) User Manual,
Gauntlet Virtual Polling Controller (VPC) User Manual
Gauntlet System Installation Manual
Gauntlet System Best Practices
RuggedCom 1
RuggedRouter User Guide
Document Conventions
This publication uses the following conventions:
Note: Means reader take note. Notes contain helpful suggestions or references to materials
not contained in this guide.
Helpful Hint
This type of note often indicates useful shortcuts or methods employed by other RuggedCom
customers.
Quick Start Recommendations
The following description is included to aid those users experienced with
communications equipment that may wish to attempt to configure the router without
fully reading the guide.
1. Locate/mount the chassis in its final resting place and apply power.
2. The router can be configured through its web management interface, or for
advanced users, through ssh. The default Ethernet addresses for ports one through
four are 192.168.1.1 through 192.168.4.1. Two shell accounts, rrsetup and root,
are provided. Both accounts have a default password of “admin”. The web
management interface uses the root account password. The rrsetup account
provides a shell that configures such items as passwords, addresses, date/time
and services offered by the router. The root account provides a full shell.
3. Attach a PC running terminal emulation software to the RS232 port and apply
power to the chassis (default baud rate, data bits, parity - “38400 8 n 1”, no
hardware/software flow control). Set the terminal type to VT100. Press ENTER
to obtain a login prompt.
Initial Configuration Before Attaching To The Network
4. Login as the rrsetup user with password “admin”.
5. Change the root and rrsetup passwords from the shell. Record the
passwords in a secure manner. If Radius authentication will be employed,
configure at least one authentication server address.
6. Configure the router’s hostname, IP address, subnet mask, and gateway addresses
for the built-in Ethernet ports.
7. For an RX1100 router, the Gauntlet Security application may be configured with
the passphrase allocated to the network the network address of the Command and
Control Center (CCC). Note that you must also configure and activate the
firewall before using the Gauntlet.
8. Ensure that the date, time and timezone fields are correctly set.
9. If Web or SSH services will not be used, these can be disabled from the setup
shell.
2 RuggedCom
About this User Guide
10. All further configuration is accomplished through the web management interface.
Attach the configuring host to one of the Ethernet ports configured above. Point
your web browser at the address for that port, use https and specify a port number
of 10000, e.g. https://192.168.1.1:10000 (or otherwise if configured in step 4).
Login with the root user and password (configured above). If radius
authentication is configured and a server is available, you may also login via a
radius user.
Basic Web Based Configuration
11. Change the router password from the System menu, Change Password sub-
menu.
12. If you are using the web management interface you may wish to restrict the
allowed users to a specific subnet. This can be done in the Webmin menu,
Webmin Configuration, IP Access Control sub-menu.
13. If you are planning to SSH in to the router you may wish to restrict the allowed
users to a specific subnet. This can be done in the Servers menu, SSH Server,
Networking sub-menu.
14. The router's local hostname may configured in the System Menu, System
Hostname sub-menu.
15. The router may be configured to log to a remote server by the Maintenance
menu, System Logs sub-menu. See the chapter “Maintaining The Router” for
more details.
16. The router's DNS settings may configured in the DNS Clients sub-menu. You
may also specify the IP addresses of frequently used hosts. See the chapter
“Configuring Networking” for more details.
Physical Interface Related
17. Ethernet port parameters may be changed in the Networking menu, Ethernet
sub-menu. The Ethernet Interfaces sub-menu will configure the IP address,
subnet mask, gateway address, proxy arping and media type of each interface. See
the chapter “Configuring Ethernet Interfaces” for more details.
18. If your router is equipped with T1/E1 WAN interfaces, the Networking menu,
T1/E1 sub-menu will allow you to configure them with Frame Relay or PPP
connections. See the chapter “Configuring Frame Relay/PPP And T1/E1” for
more details.
19. If your router is equipped with T3 WAN interfaces, the Networking menu, T3
sub-menu will allow you to configure them with Frame Relay or PPP
connections. See the chapter “Configuring Frame Relay/PPP And T3” for more
details.
20. If your router is equipped with DDS interfaces, the Networking menu, DDS sub-
menu will allow you to configure them with Frame Relay or PPP connections.
See the chapter “Configuring Frame Relay/PPP And DDS” for more details.
21. If your router is equipped with ADSL interfaces, the Networking menu, ADSL
sub-menu will allow you to configure them. See the chapter “Configuring PPPoE
On ADSL” for more details. If you wish to use PPPOE with an external ADSL
modem, the Networking menu, Ethernet sub-menu will configure it.
RuggedCom 3
RuggedRouter User Guide
22. If your router is equipped with an embedded modem, the Networking menu,
Modem sub-menu will allow you to configure it with PPP or incoming console
connections. See the chapter “Configuring PPP And Modem” for more details.
23. If your router is equipped with Serial Interfaces, the Servers menu, Serial
Protocols sub-menu will allow you to configure them with an operating protocol.
See the chapter “Configuring Serial Protocols” for more details.
24. If your router is equipped with a Precision Time Protocol Card, the Servers
menu, IRIGB sub-menu will allow you to enable and configure its output ports.
See the chapter “Configuring IRIGB” for more details.
Additional Configuration
25. You may wish to configure a backup interface to use in the event of a failure of
your default gateway interface. This can be done in the Networking menu,
Network Configuration, End To End Backup sub-menu.
26. If you are planning to connect your router to the Internet, configure the firewall
and then activate it. This can be done in the Networking menu, Shorewall
Firewall sub-menu.
27. The router provides a default event logging configuration. You can modify this
configuration through the Maintenance menu, System Logs sub-menu. Remote
logging can be activated here.
28. The routers SSH and Web Management interfaces are enabled by default. The
routers DHCP server, IPsec VPN server, NTP server, OSPF/RIP protocol, VRRP
protocol and firewall are disabled by default. To changes these services visit the
System menu, Bootup and Shutdown sub-menu.
29. You can install static IP and Multicast routings for Ethernet and WAN interfaces
via the Networking menu, Network Configuration, Routing and Default
Route and Static Multicast Routing sub-menus.
30. You can configure the NTP server through the Servers menu, NTP Server sub-
menu. See the chapter “Configuring NTP” for more details.
31. You can configure SSH through the Servers menu, SSH Server sub-menu. SSH
can be set-up to issue a login banner from this menu. See the chapter
“Configuring SSH” for more details.
32. Traffic prioritization can be configured on the network interfaces through the
Networking menu, Traffic Prioritization sub-menu.. See the chapter “Traffic
Prioritization” for more details.
33. SNMP is disabled by default. You can configure SNMP by following the
instructions in the Appendix on SNMP. You may allow read and write access, set
community names, enable traps and program the router to issue traps with a
specific client address.
34. If your router is an RX1100 you may configure and activate the Snort Intrusion
Detection system and the Gauntlet Security Appliance. If you decide to forward
daily email summaries you must configure a mail forwarder in the Maintenance
menu Miscellaneous sub-menu Outgoing Mail sub-menu.
4 RuggedCom
About this User Guide
35. When your routers configuration is stable, it is recommended that the
configuration should be uploaded from the router and stored as a backup. The
Maintenance menu Backup And Restore sub-menu will be useful.
36. Should you need to transfer files to or from the router, the Maintenance menu
Upload/Download Files sub-menu will be useful.
37. Further concerns such as ensuring robustness, measuring and optimizing
performance are dealt with by reading the guide fully.
RuggedCom 5
RuggedRouter User Guide
Table Of Contents
About this User Guide...........................................................................................................................1
Applicable Firmware Revision..........................................................................................................1
Who Should Use This User Guide.....................................................................................................1
How To Use This User Guide............................................................................................................1
Document Conventions......................................................................................................................2
Quick Start Recommendations..........................................................................................................2
Table Of Contents..................................................................................................................................6
Table Of Figures..................................................................................................................................18
Chapter 1 – Setting Up And Administering The Router......................................................................28
Introduction ...............................................................................................................................28
Access Methods.......................................................................................................................28
Accounts And Password Management....................................................................................28
Default Configuration..............................................................................................................28
Accessing The RuggedRouter Command Prompt........................................................................29
From the Console Port ...............................................................................................................29
From SSH ....................................................................................................................................29
The RuggedRouter Setup Shell........................................................................................................29
Configuring Passwords................................................................................................................30
Configuring IP Address Information ..........................................................................................30
Setting The Hostname .................................................................................................................31
Configuring Radius Authentication.............................................................................................31
Enabling And Disabling The SSH and Web Server ....................................................................31
Enabling And Disabling The Gauntlet Security Appliance.........................................................32
Configuring The Date, Time And Timezone .........................................................................32
Displaying Hardware Information...............................................................................................33
Restoring A Configuration ..........................................................................................................34
The RuggedRouter Web Interface................................................................................................35
Using a Web Browser to Access the Web Interface....................................................................35
SSL Certificate Warnings ...........................................................................................................35
The Structure of the Web Interface..............................................................................................35
Using The LED Status Panel ........................................................................................................37
Obtaining Chassis Information .......................................................................................................38
Chapter 2 – Webmin Configuration.....................................................................................................39
Introduction......................................................................................................................................39
Webmin Configuration Menu .........................................................................................................39
IP Access Control ........................................................................................................................39
Ports And Addresses ...................................................................................................................40
Change Help Server.....................................................................................................................41
Logging .......................................................................................................................................41
Authentication .............................................................................................................................42
Webmin Events Log ...................................................................................................................43
Chapter 3 – Configuring The System..................................................................................................45
Introduction......................................................................................................................................45
6 RuggedCom
Table Of Contents
Bootup And Shutdown ....................................................................................................................45
Change Password Command ........................................................................................................46
Scheduled Commands .....................................................................................................................46
Scheduled Cron Jobs .......................................................................................................................48
System Hostname............................................................................................................................49
System Time ..................................................................................................................................49
Chapter 4 – Configuring Networking..................................................................................................51
Introduction......................................................................................................................................51
Network Configuration....................................................................................................................51
Core Settings................................................................................................................................52
Dummy Interface.........................................................................................................................52
Routing And Gateways................................................................................................................53
Default Route Table.................................................................................................................53
Configured Static Routes.........................................................................................................53
Manually Entered Static Routes .............................................................................................54
Static Multicast Routing..............................................................................................................55
DNS Client...................................................................................................................................56
Host Addresses.............................................................................................................................56
End To End Backup.....................................................................................................................56
Configuring End To End Backup.............................................................................................58
Current Routing & Interface Table .............................................................................................58
Chapter 5 – Configuring Ethernet Interfaces.......................................................................................59
Introduction......................................................................................................................................59
Ethernet Interface Fundamentals.................................................................................................59
LED Designations ...................................................................................................................59
VLAN Interface Fundamentals....................................................................................................59
VLAN Tag...............................................................................................................................59
RuggedRouter Functions Supporting VLANs.........................................................................60
PPPoE On Native Ethernet Interfaces Fundamentals .................................................................60
Ethernet............................................................................................................................................61
Ethernet Interfaces.......................................................................................................................61
Editing Currently Active Interfaces ............................................................................................62
Virtual Interfaces ....................................................................................................................63
Virtual Lan Interfaces..............................................................................................................63
Edit Boot Time Interfaces ...........................................................................................................63
PPPoE On Native Ethernet Interfaces.........................................................................................64
Edit PPPoE Interface....................................................................................................................65
PPP Logs......................................................................................................................................66
Current Routes & Interface Table................................................................................................66
Chapter 6 – Configuring Frame Relay/PPP And T1/E1......................................................................67
Introduction......................................................................................................................................67
T1/E1 Fundamentals....................................................................................................................67
Frame Relay.............................................................................................................................67
Location Of Interfaces And Labeling......................................................................................68
LED Designations ...................................................................................................................68
Included With T1E1.................................................................................................................68
T1/E1 ...............................................................................................................................................68
T1/E1 Network Interfaces............................................................................................................69
RuggedCom 7
RuggedRouter User Guide
Strategy For Creating Interfaces..............................................................................................69
Naming Of Logical Interfaces..................................................................................................70
Editing A T1/E1 Interface ...........................................................................................................71
T1 Settings ..............................................................................................................................71
E1 Settings ..............................................................................................................................71
Editing A Logical Interface (Frame Relay) ................................................................................72
Frame Relay Link Parameters.................................................................................................72
Frame Relay DLCIs.................................................................................................................73
Editing A Logical Interface (PPP) ..............................................................................................73
T1/E1 Statistics............................................................................................................................74
Link Statistics...........................................................................................................................74
Frame Relay Interface Statistics..............................................................................................75
PPP Interface Statistics............................................................................................................76
T1/E1 Loopback...........................................................................................................................77
Current Routes & Interface Table................................................................................................78
Upgrading Software ....................................................................................................................78
Upgrading Firmware ...................................................................................................................78
Chapter 7 – Configuring Frame Relay/PPP And T3............................................................................79
Introduction......................................................................................................................................79
T3 Fundamentals..........................................................................................................................79
Location Of Interfaces And Labeling......................................................................................79
LED Designations ...................................................................................................................79
T3 Configuration..............................................................................................................................80
T3 Network Interfaces.................................................................................................................80
Naming Of Logical Interfaces..................................................................................................80
Editing A T3 Interface ................................................................................................................81
Editing A Logical Interface (Frame Relay).................................................................................81
Editing A Logical Interface (PPP) ..............................................................................................82
T3 Statistics..................................................................................................................................82
Current Routes & Interface Table................................................................................................82
Upgrading Software ....................................................................................................................83
Chapter 8 – Configuring Frame Relay/PPP And DDS........................................................................85
Introduction......................................................................................................................................85
DDS Fundamentals......................................................................................................................85
Location Of Interfaces And Labeling......................................................................................85
LED Designations ...................................................................................................................85
DDS Configuration .........................................................................................................................86
DDS Network Interfaces..............................................................................................................86
Naming Of Logical Interfaces..................................................................................................87
Editing A Logical Interface (Frame Relay) ................................................................................87
Editing A Logical Interface (PPP) ..............................................................................................88
DDS Statistics..............................................................................................................................88
Link Statistics...........................................................................................................................88
Frame Relay And PPP Interface Statistics...............................................................................89
DDS Loopback.............................................................................................................................89
Current Routes & Interface Table................................................................................................89
Upgrading Software ....................................................................................................................89
Chapter 9 – Configuring PPPoE/Bridged Mode On ADSL.................................................................91
8 RuggedCom
Table Of Contents
Introduction......................................................................................................................................91
ADSL Fundamentals....................................................................................................................91
PPPoE/Bridged Mode Fundamentals...........................................................................................91
Authentication, Addresses and DNS Servers .........................................................................92
PPPoE MTU Issues ...............................................................................................................92
Bridged Mode...........................................................................................................................92
Location Of Interfaces And Labeling......................................................................................92
LED Designations ...................................................................................................................92
ADSL Configuration .......................................................................................................................93
ADSL Network Interfaces...........................................................................................................93
Editing A Logical Interface (PPPoE) ..........................................................................................94
Editing A Logical Interface (Bridged) ........................................................................................95
ADSL Statistics............................................................................................................................96
Current Routes & Interface Table................................................................................................96
Upgrading Software ....................................................................................................................96
Chapter 10 – Configuring PPP and Modem........................................................................................97
Introduction......................................................................................................................................97
Modem Fundamentals..................................................................................................................97
PPP Mode Fundamentals.............................................................................................................97
Authentication, Addresses and DNS Servers .........................................................................97
When the Modem Connects.....................................................................................................97
LED Designations....................................................................................................................97
Modem Main Menu ........................................................................................................................98
Modem Configuration .................................................................................................................98
Modem PPP Client Connections...............................................................................................100
Modem PPP Client ....................................................................................................................100
Modem PPP Server....................................................................................................................101
Modem Incoming Call Logs .....................................................................................................102
Modem PPP Logs .....................................................................................................................102
Modem PPP Connection Logs ..................................................................................................103
Current Routes & Interface Table..............................................................................................103
Chapter 11 – Configuring The Firewall.............................................................................................105
Introduction....................................................................................................................................105
Firewall Fundamentals ..............................................................................................................105
Stateless vs Stateful Firewalls...............................................................................................105
Linux® netfilter, iptables And The Shoreline Firewall ........................................................105
Network Address Translation................................................................................................106
Port Forwarding.....................................................................................................................107
Shorewall Quick Setup..............................................................................................................107
ShoreWall Terminology And Concepts.....................................................................................108
Zones......................................................................................................................................108
Interfaces................................................................................................................................108
Hosts.......................................................................................................................................109
Policy.....................................................................................................................................109
Masquerading And SNAT......................................................................................................110
Rules......................................................................................................................................111
Configuring The Firewall And VPN..........................................................................................113
Route Based Virtual Private Networking..............................................................................113
Policy Based Virtual Private Networking..............................................................................113
RuggedCom 9
RuggedRouter User Guide
Virtual Private Networking To A DMZ.................................................................................114
Firewall Main Menu......................................................................................................................114
Network Zones...........................................................................................................................116
Network Interfaces.....................................................................................................................117
Network Zone Hosts..................................................................................................................119
Default Policies..........................................................................................................................119
Masquerading.............................................................................................................................120
Firewall Rules............................................................................................................................121
Static NAT.................................................................................................................................122
Actions When Stopped..............................................................................................................123
Chapter 12 – Configuring An IPsec VPN .........................................................................................125
Introduction....................................................................................................................................125
VPN Fundamentals ...................................................................................................................125
IPsec Modes...........................................................................................................................125
Policy Vs Route Based VPNs................................................................................................126
Supported Encryption Protocols ...........................................................................................126
Public Key And Pre-shared Keys..........................................................................................127
X509 Certificates...................................................................................................................127
NAT Traversal.......................................................................................................................127
Other Configuration Supporting IPSec..................................................................................128
The Openswan Configuration Process...................................................................................128
IPsec and Router Interfaces....................................................................................................128
VPN Main Menu Before Key Generation.....................................................................................128
VPN Main Menu ..........................................................................................................................129
Server Configuration .................................................................................................................130
Public Key .................................................................................................................................131
Preshared Keys ..........................................................................................................................131
List Certificates..........................................................................................................................132
VPN Connections ......................................................................................................................132
IPsec VPN Connection Details..............................................................................................132
Left/Right System's Settings..................................................................................................134
Export Configuration.............................................................................................................134
Showing IPsec Status ................................................................................................................135
IPSec X.509 Roaming Client Example......................................................................................136
Select A Certificate Authority...............................................................................................136
Generate X.509 Certificates .................................................................................................137
VPN Networking Parameters.................................................................................................137
Client Configuration..............................................................................................................137
Router IPSec Configuration...................................................................................................137
Firewall IPSec Configuration................................................................................................138
Ethernet Port Configuration...................................................................................................139
Chapter 13 – Configuring Dynamic Routing ....................................................................................141
Introduction....................................................................................................................................141
Quagga, RIP and OSPF..............................................................................................................141
RIP Fundamentals......................................................................................................................141
OSPF Fundamentals..................................................................................................................142
Link State Advertisements.....................................................................................................142
Key OSPF And RIP Parameters................................................................................................143
Network Areas.......................................................................................................................143
10 RuggedCom
Table Of Contents
Router-ID...............................................................................................................................143
Hello Interval and Dead Interval............................................................................................143
Active/Passive Interface Default...........................................................................................143
Redistributing Routes.............................................................................................................144
Link Detect.............................................................................................................................144
Configuring OSPF Link Costs...............................................................................................144
OSPF Authentication.............................................................................................................144
RIP Authentication.................................................................................................................144
OSPF And Antispoofing........................................................................................................145
Administrative Distances.......................................................................................................145
OSPF And VRRP Example Network........................................................................................146
Area And Subnets..................................................................................................................146
VRRP Operation....................................................................................................................146
Dynamic Routing...........................................................................................................................147
Enable Protocols........................................................................................................................148
Core................................................................................................................................................148
Core Global Parameters.............................................................................................................148
Core Interface Parameters..........................................................................................................149
View Core Configuration...........................................................................................................149
OSPF..............................................................................................................................................150
OSPF Global Parameters...........................................................................................................150
OSPF Interfaces.........................................................................................................................152
OSPF Network Areas.................................................................................................................153
OSPF Status...............................................................................................................................153
View OSPF Configuration.........................................................................................................153
RIP.................................................................................................................................................154
RIP Global Parameters...............................................................................................................154
RIP Key Chains......................................................................................................................155
RIP Interfaces.............................................................................................................................156
RIP Networks.............................................................................................................................157
RIP Status...................................................................................................................................157
View RIP Configuration............................................................................................................157
Chapter 14 – Configuring Link Backup............................................................................................159
Introduction....................................................................................................................................159
Link Backup Fundamentals.......................................................................................................159
Path Failure Discovery...........................................................................................................159
Use Of Routing Protocols And The Default Route...............................................................160
Link Backup Main Menu...............................................................................................................160
Link Backup Configuration.......................................................................................................160
Edit Link Backup Configuration................................................................................................161
Link Backup Logs......................................................................................................................162
Link Backup Status....................................................................................................................162
Test Link Backup.......................................................................................................................162
Chapter 15 – Configuring VRRP.......................................................................................................165
Introduction....................................................................................................................................165
VRRP Fundamentals .................................................................................................................165
The Problem With Static Routing..........................................................................................165
The VRRP Solution...............................................................................................................165
VRRP Terminology...............................................................................................................166
RuggedCom 11
RuggedRouter User Guide
VRRP Main Menu.........................................................................................................................168
VRRP Configuration..................................................................................................................168
Editing A VRRP Instance..........................................................................................................169
Viewing VRRP Instances Status ...............................................................................................170
Chapter 16 – Configuring Traffic Prioritization ...............................................................................171
Introduction....................................................................................................................................171
Traffic Prioritization Fundamentals ..........................................................................................171
Priority Queues......................................................................................................................171
Filters.....................................................................................................................................171
TOS Prioritization..................................................................................................................172
Included With Traffic Prioritization .....................................................................................172
Prioritization Example...............................................................................................................173
Traffic Prioritization Main Menu...................................................................................................174
Interface Prioritization Menu.....................................................................................................174
Prioritization Queues.............................................................................................................175
Prioritization Filters...............................................................................................................175
Prioritization Transmit Queue Length...................................................................................176
Prioritization Statistics...............................................................................................................176
Chapter 17 – Configuring Generic Routing Encapsulation ..............................................................177
Introduction....................................................................................................................................177
GRE Fundamentals ...................................................................................................................177
GRE Main Menu............................................................................................................................178
GRE Configuration Menu..........................................................................................................178
Chapter 18 – Network Utilities .........................................................................................................181
Introduction....................................................................................................................................181
Network Utilities Main Menu........................................................................................................181
Ping Menu......................................................................................................................................182
Traceroute Menu............................................................................................................................182
Host Menu......................................................................................................................................183
Trace Menu....................................................................................................................................183
Tcpdump A Network Interface..............................................................................................183
Frame Relay Link Layer Trace A WAN Interface................................................................184
Serial Trace A Serial Server Port...........................................................................................185
Interface Statistics Menu................................................................................................................185
Current Routing & Interface Table ...............................................................................................186
Interface Status.......................................................................................................................187
Chapter 19 – Configuring Serial Protocols .......................................................................................189
Introduction....................................................................................................................................189
Serial IP Port Features...................................................................................................................189
LED Designations .................................................................................................................189
Serial Protocols Applications.........................................................................................................190
Character Encapsulation........................................................................................................190
RTU Polling...........................................................................................................................190
Broadcast RTU Polling..........................................................................................................190
Serial Protocols Concepts And Issues............................................................................................191
Host And Remote Roles.........................................................................................................191
Use Of Port Redirectors.........................................................................................................191
12 RuggedCom
Table Of Contents
Message Packetization...........................................................................................................191
Use of Turnaround Delays.....................................................................................................192
Serial Protocols Main Menu..........................................................................................................192
Assign Protocols Menu..............................................................................................................193
Port Settings Menu.....................................................................................................................193
RawSocket Menu.......................................................................................................................194
Serial Protocols Statistics Menu................................................................................................195
Protocol Specific Packet Error Statistics...............................................................................195
Serial Protocols Trace Menu......................................................................................................196
Serial Protocols Sertrace Utility.................................................................................................197
Chapter 20 – Configuring GOOSE Tunnels......................................................................................199
Introduction....................................................................................................................................199
IEC61850 GOOSE Fundamentals.............................................................................................199
Layer 2 Tunnel Daemon Details............................................................................................199
Layer 2 Tunnels Main Menu.........................................................................................................200
General Configuration Menu.....................................................................................................201
GOOSE Tunnels Menu..............................................................................................................201
GOOSE Statistics Menu............................................................................................................202
Activity Trace Menu..................................................................................................................203
Chapter 21 - Configuring The DHCP server.....................................................................................205
Introduction....................................................................................................................................205
DHCP Fundamentals.................................................................................................................205
DHCP Network Organizations..............................................................................................205
DHCP Client Options............................................................................................................205
Option 82 Support with Disable NAK ..................................................................................207
Example DHCP Scenarios And Configurations........................................................................208
Single Network With Dynamic IP Assignment.....................................................................208
Single Network With Static IP Assignment...........................................................................208
Single Network With Option82 Clients On One Switch.......................................................208
Multiple Subnets On Separate VLANs Using Option82 On One Switch.............................209
DHCP Server Main Menu..............................................................................................................212
DHCP Shared Network Configuration......................................................................................213
DHCP Subnet Configuration.....................................................................................................214
DHCP Group Configuration......................................................................................................215
DHCP Host Configuration.........................................................................................................215
DHCP Pool Configuration.........................................................................................................216
Chapter 22 – Configuring NTP .........................................................................................................217
Introduction....................................................................................................................................217
NTP Fundamentals ....................................................................................................................217
The NTP Sanity Limit ...........................................................................................................218
NTP And The Precision Time Protocol Card........................................................................218
Included With NTP ...............................................................................................................218
NTP Server Main Menu.................................................................................................................219
Generic Options.........................................................................................................................219
Servers Configuration................................................................................................................220
Peers Configuration...................................................................................................................220
Viewing The NTP Status...........................................................................................................221
Viewing The NTP Log ..............................................................................................................221
RuggedCom 13
RuggedRouter User Guide
Viewing The GPS Status...........................................................................................................222
Viewing The GPS Log ..............................................................................................................222
Chapter 23 – Configuring SSH .........................................................................................................223
Introduction....................................................................................................................................223
SSH Fundamentals ....................................................................................................................223
Included With SSH................................................................................................................223
SSH Main Menu............................................................................................................................224
Authentication ...........................................................................................................................224
Networking ................................................................................................................................225
Access Control .......................................................................................................................225
Chapter 24 – Configuring IRIGB And IEEE1588.............................................................................227
Introduction....................................................................................................................................227
IEEE1588 Fundamentals...........................................................................................................227
PTP Network Roles................................................................................................................227
PTP Master Election..............................................................................................................227
Synchronizing NTP from IEEE1588.....................................................................................228
IRIGB Fundamentals.................................................................................................................228
IRIGB Output Formats..........................................................................................................228
Reference Clocks...................................................................................................................229
How The Router Selects A Reference Clock.........................................................................229
GPS Cable compensation...........................................................................................................229
IRIGB/IEEE1588 Main Menu.......................................................................................................230
General Configuration ..............................................................................................................230
IRIGB Configuration ................................................................................................................231
IEEE1588 Configuration...........................................................................................................231
IRIGB Status..............................................................................................................................232
IEEE1588 Status........................................................................................................................232
IRIGB Log.................................................................................................................................233
Chapter 25 – Configuring The Snort IDS..........................................................................................235
Introduction....................................................................................................................................235
Snort Fundamentals...................................................................................................................235
Which Interfaces To Monitor.................................................................................................235
Snort Rules.............................................................................................................................235
Alerting Methods...................................................................................................................236
Performance And Resources..................................................................................................236
Snort IDS Main Menu....................................................................................................................236
Global Configuration.................................................................................................................236
Interfaces................................................................................................................................236
Rulesets..................................................................................................................................237
Rule Lookup by SID ............................................................................................................238
Network Settings .......................................................................................................................238
PreProcessors.............................................................................................................................238
Alerts & Logging.......................................................................................................................239
Edit Config File..........................................................................................................................239
Chapter 26 – Maintaining The Router...............................................................................................240
Introduction....................................................................................................................................240
Alert System...................................................................................................................................240
14 RuggedCom
Table Of Contents
Alert Menu.................................................................................................................................240
Alert Configuration....................................................................................................................241
Alert Filter Configuration .........................................................................................................242
Alert Definition Configuration..................................................................................................242
Change Alert Definition.........................................................................................................243
Gauntlet Security...........................................................................................................................245
What And How Gauntlet Protects..........................................................................................245
Gauntlet And The Firewall....................................................................................................245
Gauntlet Status Menu.................................................................................................................246
Upgrading Gauntlet................................................................................................................246
Backup And Restore .....................................................................................................................247
General Configuration...............................................................................................................248
Archive History..........................................................................................................................249
Archive Backup.........................................................................................................................249
Archive Restore.........................................................................................................................250
Archive Difference Tool............................................................................................................251
SNMP Configuration.....................................................................................................................252
SNMP Configuration Main Menu.............................................................................................253
System Configuration................................................................................................................253
Network Addressing Configuration...........................................................................................253
Access Control...........................................................................................................................254
Trap Configuration.....................................................................................................................256
MIB Support..............................................................................................................................257
Radius Authentication....................................................................................................................258
Radius Authentication Configuration........................................................................................259
Edit Radius Server Parameters..................................................................................................259
Outgoing Mail............................................................................................................................260
Chassis Parameters........................................................................................................................261
System Logs...................................................................................................................................262
Syslog Factory Defaults.............................................................................................................262
Remote Logging.........................................................................................................................263
Upgrade System.............................................................................................................................265
RuggedRouter Software Fundamentals.....................................................................................265
When A Software Upgrade Requires A Reboot........................................................................266
Automatic Upgrade....................................................................................................................266
Upgrade to RX1100...................................................................................................................267
Change Repository Server.........................................................................................................267
Automatic Upgrading.................................................................................................................268
Upgrading All Packages.............................................................................................................268
Installing A New Package..........................................................................................................269
Pre-upgrade/Post-upgrade scripts..............................................................................................269
Uploading And Downloading Files...............................................................................................271
Chapter 27 – Security Considerations...............................................................................................272
Introduction....................................................................................................................................272
Security Actions ............................................................................................................................272
Appendix A – Setting Up A Repository ...........................................................................................274
Repository Server Requirements .................................................................................................274
Initial Repository Setup.................................................................................................................274
Upgrading The Repository.............................................................................................................275
RuggedCom 15
RuggedRouter User Guide
Setting Up The Routers..................................................................................................................275
An Alternate Approach..............................................................................................................275
Upgrading Considerations .........................................................................................................276
Appendix B – Downgrading Router Software ..................................................................................277
Appendix C – Installing Apache Web Server On Windows..............................................................278
Appendix D – Installing IIS Web Server On Windows.....................................................................280
Appendix E – Radius Server Configuration......................................................................................281
FreeRadius.............................................................................................................................281
Windows Internet Authentication Service.............................................................................281
Index...................................................................................................................................................285
16 RuggedCom
Table Of Figures
Table Of Figures
Figure 1: RuggedRouter Setup Main Menu.........................................................................................29
Figure 2: RuggedRouter Setup Password Change Menu....................................................................30
Figure 3: RuggedRouter Interfaces Setup Menu.................................................................................30
Figure 4: RuggedRouter DNS Client Menu.........................................................................................30
Figure 5: Radius Server Configuration menu......................................................................................31
Figure 6: Gauntlet Setup Menu............................................................................................................32
Figure 7: RuggedRouter Date/Time/Timezone Menu.........................................................................32
Figure 8: RuggedRouter Hardware Information Menu.......................................................................33
Figure 9: Selecting a configuration to reload.......................................................................................34
Figure 10: Selecting a previously made configuration........................................................................34
Figure 11: Signing On To The Router With A Web Browser.............................................................35
Figure 12: RuggedRouter Web Interface Main Menu Window..........................................................36
Figure 13: LED Status Panel...............................................................................................................37
Figure 14: Meaning of LEDs...............................................................................................................38
Figure 15: Webmin Configuration Menu............................................................................................39
Figure 16: Webmin Configuration Menu, IP Access Control.............................................................39
Figure 17: Webmin Configuration Menu, Ports and Addresses..........................................................40
Figure 18: Webmin Configuration Menu, Change Help Server..........................................................41
Figure 19: Webmin Configuration Menu, Logging.............................................................................41
Figure 20: Webmin Configuration Menu, Authentication..................................................................42
Figure 21: Webmin Events Log...........................................................................................................43
Figure 22: Bootup and Shutdown, Part 1.............................................................................................45
Figure 23: Bootup and Shutdown, Part 2.............................................................................................46
Figure 24: System Menu Change Password Command......................................................................46
Figure 25: Scheduled Commands........................................................................................................46
RuggedCom 17
RuggedRouter User Guide
Figure 26: Scheduled Commands Displaying a Command.................................................................47
Figure 27: Webmin Scheduled Cron Jobs............................................................................................48
Figure 28: Creating a Cron Job............................................................................................................48
Figure 29: Scheduled Cron Jobs menu displaying cron jobs...............................................................49
Figure 30: System Hostname...............................................................................................................49
Figure 31: System Time.......................................................................................................................49
Figure 32: Network Configuration Menu............................................................................................51
Figure 33: Core Networking Settings..................................................................................................52
Figure 34: Dummy Interface................................................................................................................52
Figure 35: Routing And Gateways......................................................................................................53
Figure 36: Static Multicast Routing.....................................................................................................55
Figure 37: DNS Client.........................................................................................................................56
Figure 38: Host Addresses...................................................................................................................56
Figure 39: End To End Backup Example............................................................................................57
Figure 40: End To End Backup...........................................................................................................58
Figure 41: Ethernet Menu....................................................................................................................61
Figure 42: Current and Boot Time Ethernet Configuration.................................................................61
Figure 43: Editing a Network Interface...............................................................................................62
Figure 44: Creating an Virtual Interface..............................................................................................63
Figure 45: Creating an Virtual Lan Interface.......................................................................................63
Figure 46: Editing a Boot Time Interface............................................................................................63
Figure 47: List PPPoE Interfaces.........................................................................................................64
Figure 48: Editing a PPPoE Interface..................................................................................................65
Figure 49: Display PPP Logs...............................................................................................................66
Figure 50: T1/E1 Trunks And Interfaces.............................................................................................68
Figure 51: T1/E1 Network Interfaces Initial Configuration................................................................69
Figure 52: T1/E1 Network Interfaces After Channel Creation............................................................69
18 RuggedCom
/