2. Computers & electronics
  3. Computer cables
  4. Coaxial cables
  5. H3C
  6. SecPath F5000-A5

H3C SecPath F5000-A5 Installation guide

  • Hello! I am an AI chatbot trained to assist you with the H3C SecPath F5000-A5 Installation guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
H3C SecPath F5000-A5 Firewall
Installation Guide
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Document version: 6PW109-20141225
Copyright © 2008-2014, Hangzhou H3C Technologies Co., Ltd. and its licensors
All rights reserved
No part of this manual may be reproduced or transmitted in any form or by any means without prior
written consent of Hangzhou H3C Technologies Co., Ltd.
Trademarks
H3C, , H3CS, H3CIE, H3CNE, Aolynk, , H
3
Care, , IRF, NetPilot, Netflow,
SecEngine, SecPath, SecCenter, SecBlade, Comware, ITCMM and HUASAN are trademarks of
Hangzhou H3C Technologies Co., Ltd.
All other trademarks that may be mentioned in this manual are the property of their respective owners
Notice
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Environmental protection
This product has been designed to comply with the environmental protection requirements. The storage,
use, and disposal of this product must meet the applicable national laws and regulations.
Preface
The H3C SecPath F5000-A5 Firewall Installation Guide includes eight chapters, which describe the
product overview, preparing for installation, installing the firewall, installing FRUs, accessing the firewall
for the first time, replacement procedures, hardware management and maintenance, and
troubleshooting.
This preface includes:
Audience
Conventions
About the H3C SecPath F5000-A5 documentation set
Obtaining documentation
Technical support
Documentation feedback
Audience
This documentation is intended for:
Network planners
Field technical support and servicing engineers
Network administrators working with the H3C SecPath F5000-A5 Firewall
Conventions
This section describes the conventions used in this documentation set.
Command conventions
Convention Descri
p
tion
Boldface Bold text represents commands and keywords that you enter literally as shown.
Italic Italic text represents arguments that you replace with actual values.
[ ] Square brackets enclose syntax choices (keywords or arguments) that are optional.
{ x | y | ... }
Braces enclose a set of required syntax choices separated by vertical bars, from which
you select one.
[ x | y | ... ]
Square brackets enclose a set of optional syntax choices separated by vertical bars, from
which you select one or none.
{ x | y | ... } *
Asterisk marked braces enclose a set of required syntax choices separated by vertical
bars, from which you select at least one.
[ x | y | ... ] *
Asterisk marked square brackets enclose optional syntax choices separated by vertical
bars, from which you select one choice, multiple choices, or none.
Convention Descri
p
tion
&<1-n>
The argument or keyword and argument combination before the ampersand (&) sign can
be entered 1 to n times.
# A line that starts with a pound (#) sign is comments.
GUI conventions
Convention Descri
p
tion
Boldface
Window names, button names, field names, and menu items are in Boldface. For
example, the New User window appears; click OK.
> Multi-level menus are separated by angle brackets. For example, File > Create > Folder.
Symbols
Convention Descri
p
tion
WARNING
An alert that calls attention to important information that if not understood or followed can
result in personal injury.
CAUTION
An alert that calls attention to important information that if not understood or followed can
result in data loss, data corruption, or damage to hardware or software.
IMPORTANT
An alert that calls attention to essential information.
NOTE
An alert that contains additional or supplementary information.
TIP
An alert that provides helpful information.
Network topology icons
Represents a generic network device, such as a router, switch, or firewall.
Represents a routing-capable device, such as a router or Layer 3 switch.
Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports
Layer 2 forwarding and other Layer 2 features.
Represents a security product, such as a firewall, UTM, multiservice security gateway, or
load-balancing device.
Represents a security card, such as a firewall, load-balancing, NetStream, SSL VPN, IPS,
or ACG card.
Port numbering in examples
The port numbers in this document are for illustration only and might be unavailable on your device.
About the H3C SecPath F5000-A5 documentation
set
The H3C SecPath F5000-A5 documentation set includes:
Cate
g
or
y
Documents
Pur
p
oses
Product description and
specifications
Marketing brochures
Describe product specifications and benefits.
Hardware specifications
and installation
Compliance and safety
manual
Provides regulatory information and the safety
instructions that must be followed during installation.
Installation guide
Provides a complete guide to hardware installation
and hardware specifications.
Card manuals Provide the hardware specifications of cards.
Software configuration
Configuration guides
Describe software features and configuration
procedures.
Command references
Provide a quick reference to all available
commands.
Configuration examples
Describe typical network scenarios and provide
configuration examples and instructions.
Operations and
maintenance
Release notes
Provide information about the product release,
including the version history, hardware and software
compatibility matrix, version upgrade information,
technical support information, and software
upgrading.
FAQ
Provides frequently asked questions about the
firewall.
Obtaining documentation
Access the most up-to-date H3C product documentation on the World Wide Web at
http://www.h3c.com
.
Click the links on the top navigation bar to obtain different categories of product documentation:
[Technical Support & Documents > Technical Documents]
—Provides hardware installation, software
upgrading, and software feature configuration and maintenance documentation.
[Products & Solutions]
—Provides information about products and technologies, as well as solutions.
[Technical Support & Documents > Software Download]
—Provides the documentation released with the
software version.
Technical support
servic[email protected]
http://www.h3c.com
Documentation feedback
You can e-mail your comments about product documentation to info@h3c.com.
We appreciate your comments.
i
Contents
Preparing for installation ············································································································································· 1
Safety recommendations ·················································································································································· 1
Safety symbols ·························································································································································· 1
General safety recommendations ··························································································································· 1
Electricity safety ························································································································································ 1
Laser safety ································································································································································ 2
Handling safety ························································································································································ 2
Examining the installation site ········································································································································· 2
Weight support ························································································································································· 2
Temperature and humidity ······································································································································· 3
Cleanness ·································································································································································· 3
Cooling ······································································································································································ 4
ESD prevention ························································································································································· 4
EMI ············································································································································································· 6
Lightning protection ·················································································································································· 6
Rack installation ························································································································································ 6
Power supply ····························································································································································· 7
Installation tools (user-supplied) ······································································································································· 7
Accessories ········································································································································································ 7
Checklist before installation ············································································································································· 8
Installing the firewall ·················································································································································· 10
Confirming installation preparations ···························································································································· 10
Installing the firewall in a 19-inch rack ······················································································································· 11
Installing cage nuts to the rack ···························································································································· 11
Attaching the mounting brackets to the chassis ································································································· 12
Mounting the firewall to the rack ························································································································· 14
Grounding the firewall ·················································································································································· 15
Connecting the grounding cable ························································································································· 16
Installing an MPU ··························································································································································· 17
Installing a CF card ························································································································································ 19
Installing an interface module ······································································································································· 19
Installing a fan tray ························································································································································ 21
Installing a power module ············································································································································· 23
Connecting interface cables ········································································································································· 24
Connecting the management Ethernet port ········································································································ 24
Connecting the HA port ········································································································································ 24
Connecting Ethernet cables ·································································································································· 25
Connecting a power cord ············································································································································· 26
ii
Connecting an AC power cord ··························································································································· 26
Connecting a DC power cord ······························································································································ 27
Verifying the installation ················································································································································ 29
Installing FRUs ···························································································································································· 30
Installing an air filter ······················································································································································ 30
Installing a lightning protector for a network port ······································································································ 31
Connecting the AC power supply to a power strip with lightning protection ························································· 34
Logging in and performing basic configurations ····································································································· 35
Logging in to the CLI through the console port ··········································································································· 35
Connecting the terminal to the firewall ··············································································································· 35
Configuring communication parameters on the terminal ·················································································· 36
Powering on the firewall ······································································································································· 40
Verifying the firewall boot information ··············································································································· 40
Logging in to the CLI by using Telnet ··························································································································· 41
Logging in to the Web interface··································································································································· 42
Logging in to the CLI through the AUX port ················································································································ 42
Performing basic configurations ··································································································································· 43
Performing basic configurations at the CLI ········································································································· 43
Performing basic configurations in the Web interface ······················································································ 44
Replacement procedures ··········································································································································· 51
Precautions ······································································································································································ 51
Installing and removing a filler panel ·························································································································· 51
Removing a filler panel ········································································································································· 52
Installing a filler panel··········································································································································· 53
Replacing an MPU ························································································································································· 54
Replacing an interface module ····································································································································· 56
Replacing a CF card ······················································································································································ 57
Replacing a transceiver module ··································································································································· 58
Replacing a power module ··········································································································································· 59
Replacing a fan tray ······················································································································································ 60
Hardware management and maintenance ·············································································································· 62
Displaying software and hardware version information ··························································································· 62
Displaying running status data ····································································································································· 63
Displaying detailed information about cards ·············································································································· 63
Displaying the electrical label data······························································································································ 64
Displaying CPU usage statistics ···································································································································· 64
Displaying memory usage statistics ······························································································································ 65
Displaying information about the CF card ·················································································································· 65
Displaying the operating states of fans ······················································································································· 66
Displaying power module information ························································································································ 66
Managing interfaces and transceiver modules ··········································································································· 67
Managing combo interfaces ································································································································ 67
iii
Verifying and diagnosing transceiver modules ·································································································· 68
Troubleshooting system exceptions ······························································································································ 68
Configuring the exception handling methods ···································································································· 68
Displaying the exception handling method ········································································································ 69
Rebooting your firewall ················································································································································· 69
Troubleshooting ·························································································································································· 71
MPU failures ··································································································································································· 71
Symptom 1 ····························································································································································· 71
Symptom 2 ····························································································································································· 71
Symptom 3 ····························································································································································· 72
Service module failures ················································································································································· 72
Symptom 1 ····························································································································································· 72
Symptom 2 ····························································································································································· 72
Power supply system failures ········································································································································ 73
Symptom 1 ····························································································································································· 73
Symptom 2 ····························································································································································· 73
Fan failures ····································································································································································· 74
Symptom 1 ····························································································································································· 74
Symptom 2 ····························································································································································· 74
Configuration system failures ········································································································································ 74
No display on the configuration terminal ··········································································································· 75
Garbled characters on the configuration terminal ····························································································· 75
Console port failure ··············································································································································· 75
Password loss ································································································································································· 76
Cooling system failures ·················································································································································· 76
Software upgrade failures ············································································································································· 77
No response from the serial port of the MPU ····································································································· 77
Failure to upgrade through TFTP ·························································································································· 77
Failure to upgrade through FTP ···························································································································· 78
Application file missing errors ······································································································································ 79
Appendix A Chassis views and technical specifications ························································································ 80
Chassis views ································································································································································· 80
Main processing unit ····················································································································································· 81
Interface modules ··························································································································································· 82
NSQ1GT8C40 ······················································································································································ 82
NSQ1XP20 ···························································································································································· 82
NSQ1GT8P40 ······················································································································································· 83
Power modules ······························································································································································· 83
AC power module ················································································································································· 83
DC power module ················································································································································· 84
Fan tray ··········································································································································································· 84
Technical specifications ················································································································································· 85
Dimensions and weight ········································································································································ 85
iv
Power module ························································································································································ 85
Fan tray ·································································································································································· 86
MPU ········································································································································································ 86
Interface modules ·················································································································································· 87
Lightning protector for a network port (optional) ········································································································ 90
Power strip with lightning protection (optional) ·········································································································· 90
Appendix B LEDs ························································································································································ 91
MPU LEDs ········································································································································································ 91
Interface module LEDs ···················································································································································· 93
NSQ1GT8C40 ······················································································································································ 93
NSQ1XP20 ···························································································································································· 93
NSQ1GT8P40 ······················································································································································· 94
Power module LEDs ························································································································································ 95
Fan tray LEDs ·································································································································································· 96
Appendix C Arranging slots and numbering interfaces ·························································································· 97
Arranging slots ······························································································································································· 97
Numbering interfaces ···················································································································································· 97
Examples ········································································································································································· 98
Appendix D Cables ··················································································································································· 99
Ethernet twisted pair cable ············································································································································ 99
Introduction ···························································································································································· 99
Making an Ethernet twisted pair cable ············································································································· 102
Optical fiber ································································································································································· 103
Precautions ··························································································································································· 104
Appendix E Cabling recommendations ················································································································ 105
General cabling requirements ···································································································································· 105
Cable management requirements ······························································································································ 105
Cabling examples ························································································································································ 108
Index ········································································································································································ 110
1
Preparing for installation
Safety recommendations
To avoid possible bodily injury and equipment damage, read all safety recommendations carefully
before installation. Note that the recommendations do not cover every possible hazardous condition.
Safety symbols
When reading this document, note the following symbols:
WARNING means an alert that calls attention to important information that if not understood or
followed can result in personal injury.
CAUTION means an alert that calls attention to important information that if not understood or
followed can result in data loss, data corruption, or damage to hardware or software.
General safety recommendations
Make sure the ground is dry and flat and anti-slip measures are in place.
Keep the chassis and installation tools away from walk areas.
Make sure the installation site is correctly grounded, and lightning protection and ESD-prevention
are provided.
Only trained and qualified personnel are allowed to install or service the firewall.
Keep accessories, installation tools, and documentation safe.
Avoid bodily injury. Do not touch any power plug when it is connected.
Clean up the packaging materials after installation to avoid fire hazard.
Electricity safety
Locate the emergency power-off switch in the room before installation. Shut the power off at once in
case accident occurs.
Make sure the firewall has been correctly grounded.
Do not open and close the chassis cover when the firewall has power.
Use an uninterrupted power supply (UPS).
If there are two power inputs, disconnect the two power inputs to power off the firewall.
2
Do not work alone when the firewall has power.
Laser safety
The firewall is a Class 1 laser product.
W
ARNING!
Do not stare into any fiber port when the firewall has power. The laser li
g
ht emitted from the optical fibe
r
may hurt your eyes.
Use a fiber test equipment, rather than a microscope or magnifier to observe an operating fiber
connector or port when you test link connectivity or system parameters.
Handling safety
CAUTION:
Do not hold the handle of the fan tray, power module, or back cover of the chassis, or the air vents of
chassis. Any attempt to move the firewall with these parts mi
g
ht cause equipment dama
g
e and even bodil
y
injury.
When you move an F5000-A5 firewall, follow these guidelines:
Remove all external cables, including the power cords, before moving the chassis.
Moving the chassis requires at least two persons.
Lift and put down the chassis slowly and never move suddenly.
Hold the handles on the chassis.
If the firewall needs to be moved over a long distance, remove all field-replaceable units (FRUs),
such as interface modules, put them separately in antistatic bags, and install the filler panels
supplied with firewall.
If the firewall needs to be moved over a short distance, make sure all FRUs are securely seated in
slot and the screws are fastened.
Make sure the accessories of the firewall are not lost or damaged during firewall moving.
Examining the installation site
The H3C F5000-A5 firewalls must be used indoors. To ensure normal operation and long service life of
your firewall, the installation site must meet the requirements in this section.
Weight support
Make sure the floor can support the total weight of the rack, chassis, cards, power modules, and all other
components. For more information, see "Appendix A Chassis views and technical specifications"
3
Temperature and humidity
Maintain appropriate temperature and humidity in the equipment room.
Lasting high relative humidity can cause poor insulation, electricity creepage, mechanical property
change of materials, and metal corrosion.
Lasting low relative humidity can cause washer contraction and ESD and bring problems including
loose captive screws and circuit failure.
High temperature can accelerate the aging of insulation materials and significantly lower the
reliability and lifespan of the firewall.
Table 1 Temperature and humidity requirements
Ambient tem
p
erature Ambient relative humidit
Operating
0°C to 45°C (32°F to 113°F)
Nonoperating and storage
–40°C to +7C (–40°F to +158°F)
Operating
10% to 95%, noncondensing
Nonoperating and storage
5% to 95%, noncondensing
Cleanness
Dust buildup on the chassis may result in electrostatic adsorption, which causes poor contact of metal
components and contact points, especially when indoor relative humidity is low. In the worst case,
electrostatic adsorption can cause communication failure.
Table 2 Dust concentration limit in the equipment room
Substance Concentration limit (
p
articles/cu m)
Dust particles
3 x 10
4
(No visible dust on desk in three days)
NOTE:
Dust particle diameter 5 m
The equipment room must also meet strict limits on salts, acids, and sulfides to eliminate corrosion and
premature aging of components, as shown in Table 3.
Table 3 Harmful gas li
mits in an equipment room
Gas Max. (m
g
/m
3
)
SO
2
0.2
H
2
S 0.006
NH
3
0.05
Cl
2
0.01
4
Cooling
The F5000-A5 firewalls adopt left to right airflow for heat dissipation. Plan the installation site for
adequate ventilation.
Leave at least 10 cm (3.94 in) of clearance at the inlet and outlet air vents.
The installation site has a good cooling system.
Figure 1 Airflow through the F5000-A5 chassis
ESD prevention
CAUTION:
Check the resistance of the ESD wrist strap for safety. The resistance readin
g
should be in the ran
g
e of
1 to 10 megohm (Mohm) between human body and the ground.
The F5000-A5 does not provide any ESD wrist strap. Prepare it yourself.
To prevent electrostatic discharge (ESD), follow these guidelines:
Make sure the firewall and rack are correctly grounded.
An anti-static floor is installed and correctly grounded.
Maintain the humidity and temperature at a compliant range in the equipment room. For more
information, see "Temperature and humidity."
Always wear an ESD wrist strap and ESD cloth when touching a circuit board, interface module, or
transceiver module.
5
Place the removed MPU, CF card, or service card on an antistatic workbench, with the face upward,
or put it into an antistatic bag.
Touch only the edges, instead of electronic components when observing or moving a removed MPU,
CF card, or service card.
Make sure the rack is correctly grounded before you wear an ESD wrist strap.
To attach the ESD wrist strap:
1. Wear the wrist strap on your wrist.
2. Lock the wrist strap tight around your wrist to keep good contact with the skin.
3. Insert the ESD plug into the ESD socket in the chassis.
4. Make sure the wrist strap is correctly grounded.
Figure 2 Attaching an ESD wrist strap
(1) ESD wrist strap
(2) Lock
(3) ESD socket (4) ESD
plu
g
6
EMI
The EMI might be coupled from the source to the firewall through the following coupling mechanisms:
Capacitive coupling
Inductive coupling
Radiative coupling
Common impedance coupling
Conductive coupling
To prevent EMI, take the following actions:
Take measures against interference from the power grid.
Do not use the firewall together with the grounding equipment or lightning-prevention equipment of
power equipment, and keep the firewall far away from them.
Keep the firewall far away from high-power radio launchers, radars, and equipment with high
frequency or high current to make sure the EMI levels do not exceed the compliant range.
Use electromagnetic shielding when necessary.
Lightning protection
To protect the firewall from lightning better, do as follows:
Make sure the chassis is correctly grounded.
Make sure the grounding terminal of the AC power receptacle is correctly grounded.
Install a lightning protector at the input end of the power supply to enhance lightning protection
capability.
Install a surge lightning protector at the input end of outdoor signal lines to which interface modules
of the firewall are connected to enhance the lightning protection capability.
Rack installation
Install the chassis in an open rack. To install the chassis in an enclosed cabinet, make sure the
cabinet has good ventilation system.
Install the chassis on a rack that has rack shelves.
The rack is sturdy enough to support the chassis and the accessories.
Reserve at least 0.8 m (2.62 ft) of clearance between the rack and walls or other devices.
The equipment room is at least 3 m (9.84 ft) high.
Rack dimensions are sufficient for the chassis.
7
Power supply
Make sure the power source of the installation site is steady and can satisfy the input requirements of the
power modules and parameters such as rated voltage. For the power module specifications, see "Power
module."
Installation tools (user-supplied)
The tools in the table might be used for installing the firewall.
Flat-blade
screwdriver
Phillips screwdriver Needle-nose pliers Wire-stripping pliers Diagonal pliers
RJ-45 crimping
pliers
Marker Multimeter Network cable tester Hot air blowing gun
Accessories
Console cable (supplied
with firewall)
3 m (9.84 ft) grounding
cable (supplied with
firewall)
AC power cord (supplied
with firewall)
Mounting brackets
(supplied with firewall)
ESD wrist strap (supplied
with firewall)
Cable tie (user-supplied) M6 screw (user-supplied) Cage nuts (user-supplied)
Insulation sheath
(user-supplied)
Ring terminal
(user-supplied)
ESD gloves
(user-supplied)
8
Checklist before installation
Table 4 Checklist before installation
Item Re
q
uirements
Result
Installation site
Weight support
The floor can support the total weight of the rack,
chassis, cards, power modules, and all other
components.
Operating ambient
temperature
0°C to 45°C (32°F to 113°F)
Operating ambient
relative humidity
10% to 95% (noncondensing)
Cleanness
Dust concentration 3 × 10
4
particles/m
3
No dust on desk within three days
Ventilation
There is a minimum clearance of 10 cm (3.94 in)
around the inlet and exhaust vents for heat
dissipation of the firewall chassis.
A ventilation system is available at the installation
site.
ESD prevention
The equipment and floor are well grounded.
The equipment room is dust-proof.
The humidity and temperature are at a compliant
range.
Wear an ESD wrist strap and uniform when
touching a circuit board.
Place the removed MPU, service card, and CF
card on an antistatic workbench, with the face
upward, or put it into an antistatic bag.
Touch only the edges, instead of electronic
components when observing or moving a
removed MPU, CF card, or service card.
EMI prevention
Take effective measures to protect the power
system from the power grid system.
Separate the protection ground of the firewall from
the grounding device or lightning protection
grounding device as far as possible.
Keep the firewall far away from radio stations,
radar and high-frequency devices working in high
current.
Use electromagnetic shielding when necessary.
Lightning
protection
The grounding cable of the chassis is well
grounded.
The grounding terminal of the AC power
receptacle is well grounded.
A lightning protector for a network port is
installed. (Optional)
The AC power supply has been connected to a
power strip with lightning protection. (Optional)
9
Item Re
q
uirements
Result
Electricity safety
Equip an uninterrupted power supply (UPS).
In case of emergency during operation, switch off
the external power switch.
Rack-mounting
requirements
Install the firewall in an open rack if possible. If
you install the firewall in a closed cabinet, make
sure the cabinet is equipped with a good
ventilation system.
The rack is sturdy enough to support the weight of
the firewall and installation accessories.
The size of the rack is appropriate for the firewall.
The front and rear of the rack are at least 0.8 m
(2.62 ft) away from walls or other devices.
Tools
Installation accessories supplied with the firewall
User supplied tools
Reference
Documents shipped with the firewall
Online documents
10
Installing the firewall
IMPORTANT:
Keep the packages of the firewall and the components for future use.
Figure 3 F5000-A5 firewall installation flow
Confirming installation preparations
Before you install the firewall, verify that:
/