Home
OfficeServ 7200 Data Server User Manual
Contents
1. SAMSUNG Telecommunications America L P 59 RSTP Configuration RSTP gt Configuration Protocol Status Parameter Argument OOOO RSTP status Bridge Parameter a O O argument O Bridge Priority Hello Time Max Age Time Forward Time Port Parameter Port 1 Port 2 Port 3 Port 4 Port 5 Port 6 Port 7 Port 8 Port 9 Port 10 Port 11 Port 12 Port 13 Port 14 ar 4 dui a oO 4 oO a co oO 4 4 4 4 co 4 Protocol Status Bridge Parameter SAMSUNG Telecommunications America L P fe path Cost Port Fast _ Link Type 200000 200000 200000 200000 2o0000 200000 2000001 zo0000 zooo 200000 200000 200000 200000 200000 1 RSTP Current Enable Default 8 0 15 2 1 10 20 6 40 15 4 30 Default Default Default Enable E Enable E Enable E Enable E Enable E Enable E Enable E Enable E Enable E Enable E Enable E Enable E Disable Shared E Shared E Shared E Shared E Shared E Shared E Shared E Shared E Shared E Shared E Home Page Table of Content Displays the current status of the RSTP protocol Configures the Bridge parameter of the switch that RSTP operates Bridge Priority Decides the priority of Bridges Hello Time Sets the transmission cycle of BPDU Max Age Time Sets the Message Age time Forward Time
2. Manage domain policy for this computer s domain Manage domain policy for another domain f Another computer Erowse 4 Back Cancel 4 Move to the lt Console gt window Then IP Security Policies on Local Machine of the Console Root is created Select the item and right click the Create IP Security Policy menu i Console Console Root IP Security Policies on Local Machine i i Console Window Help 1 D w amp E E x Action View Favorites 1 ee fe H 2 an Tree Favorites Name Description Policy Assigned E client Respond Only Communicate normally uns No IP Security Policies on Local Machina R Secure Server Reauir For all IP traffic always req No Create IP Security Policy IP traffic always req No Manage IP filter lists and filter actions Ls All Tasks View New Window From Here New Taskpad View Refresh Export List Help SAMSUNG Telecommunications America L P 167 5 Click Next on the lt IP Security Policy Wizard gt window to display the window below Enter the Name and Description and click Next IP Security Policy Wizard IP Security Policy Name Name this security policy and optionally give it a bref description Mame IFSec Description IPSec lt Back Cancel 6 If Activate the default response rule R is checked release the check and clic
3. Any All packets Network Network range ge The ge parameter specifies the prefix length The prefix list will be applied if the prefix length is greater than or equal to the ge prefix length le The le parameter specifies the prefix length The prefix list will be applied if the prefix length is less than or equal to the le prefix length If the entered command is successfully executed the execution results are directly applied to lt Current Status gt of Router gt List gt Prefix List For example when a prefix is entered the lt Current Status gt window is displayed as follows Current Status seq 5 permit 100 0 0 0 24 Delete Al SAMSUNG Telecommunications America L P 79 Table of Contents The prefix list information being set in the Data Server can be displayed Click the Delete button to delete the entry of the selected prefix list Click the Delete All button to delete all entries of the prefix list ID Prefix list name information Entry Prefix list information Route Map Select List gt Route Map to set the route map of OfficeServ 7200 Data Server Set the following item and then click the OK button Route Map option O O O Parameter OOOO Name test Action Permit C Deny Sequence A Name Route map name Action Sets whether to apply set operation Sequence Sets the sequence No to additionally add a route map If the entered command is successfully executed the comman
4. IP Alias SSS SSS as E eee When the Data button is clicked the Network menu is automatically selected and the submenus of the Network Menu appear on the left section of the window Descriptions on each submenu is provided in Chapter 3 Using the OfficeServ 7200 Data Server SAMSUNG Telecommunications America L P 20 CHAPTER 3 Using the OfficeServ 7200 Data Server This chapter describes how to use the menus of the OfficeServ 7200 Data Server The menus of the OfficeServ 7200 Data Server are as follows Network AT Port RSTP 3 General General t Ethernet Honagement hiCenfiguration Configuration Routes t Pirates eel Har F atest Tait Sar aberrant ki I a Port Trunking Confiquration Conhiguration 3 GVRP Firewall J GHP Snooping Statue Authentication Letility Sir J Status Laroup DConmnection PGec IDS Cantig DSMI Configuration Port Group l Sessions Configuration Aang erent SM Interface Shalstice i Ewteral Server DE Config Pig nag T pr Pohcy Monitoring ee oa Admin Config Han gprmeni rran a aa els 7 Loe BHC Server J lagre as me t j Serii Time Conliguraliti GHC Belay Agent Lipgrade Appl Server riii HIF ALG SAMSUNG Telecommunications America L P 21 Network Menu When the Network menu of the OfficeServ 7200 Data Server is selected the submenu of the Network menu is dis
5. Current This menu is used to display the Data Server network statistics in real time and the data is updated every 5 seconds Rate Bytes Sec Devices Received Transmitted Trens reev Ethernet 0 2 Sila a513 2249 Ethernet 1 D E Ethernet 2 Sel Serial O 0 0 0 0 0 Serial 1 D SAMSUNG Telecommunications America L P 109 History This menu is used to display CPU use available memory capacity and network statistics of the Data Server as the accumulation value on an hourly weekly monthly and yearly Accumulated Monitoring Graph CPU Utilization O Free Memory Ethernet Interface Selection Check Ethernet 0 Ethernet 1 Ethernet 2 Service This menu is used to display the status of the Security Router and Management services provided by the Data Server a table format If Auto Start is set to On the services are provided automatically while the system reboots If Activity is set to Running the service is being performed If Activity is set to Stopped the service stops Security This menu is used to display the current status of the Security service provided by the Data Server Security MAT Network Address Translation Running Filter Running PPTP Point to Point Tunneling Protocol Stopped IDS Intrusion Detection System Stopped L 2TP Layer 2 Transfer Protocol Stopped IPSEC IF Security Stopped SAMSUNG Telecommunications Ame
6. Insert To select the location to insert the entered rule Advanced Mode The administrator can select and set up ports or protocols that are not included in the basic configuration additionally Config Mode Basic Mode Advanced Mode Private Network Port Forward Inside IP Port mn ff i Outside O E E E WAN IP E E M ft mt Define fai C user C Range Po C multi J A A Port Protocol Insert SAMSUNG Telecommunications America L P 41 lt is available to set up as only some specific ports are allowed to transfer to the outside Protocol Select a TCP and UDP protocol For All both TCP and UDP should be set up Port Configuration List displays the current setup status Configuration List No Entry Static NAT This window allows the administrator to connect a PC which has a private IP on the internal system to the outside The administrator can designate the port range and the port is mapped by 1 1 Static NAT Category Configuration Inside IP Port WAN IP Port Protocol Insert Configuration List No Entry Inside IP Port To set an IP connected to the outside and a port WAN IP Port To set a port to be connected to the configured WAN IP Protocol To select a protocol Insert To select a location to insert the entered rule SAMSUNG Telecommunications America L P 42 Table of Contents Firewall The administrator can set up the filteri
7. Used for entering the range of IPs Enter 0 0 0 0 0 to set all ports SAMSUNG Telecommunications America L P 97 Filter Group Select Filter Group to retrieve set edit or delete a filter group Filter Group List ca If dev_voip is registered as the filter group as shown above the filtering rule is as follows e Source and Destination items are the information set in the Port Group and IP Group menus e All TCP packet traffics of which the internal IP is Develop_Team 192 168 0 0 24 and the connection port is VoIP 10000 20000 are filtered with a priority of 1 e The filter is then associated with the class group set at the QoS gt Group gt Class Group menu Click the Add button in the above window to display a window from which a filter group can be set Set the items and select the target IP and port from the list and click the Save button Filter Group a OO O ve O O O ID Metwork Protocol Priority Transport Protocol 2 TOS DEC HEX ox Source IP Port any T any Destination IP Port any Save Cancel Filter means a configuration filtering for the values in the packet header Values set in QoS gt Group gt Port Group and IP Group are used Protocols and TOS fields can also be filtered In addition priority can be set for each filter and apply the filtering rule according to the priority SAMSUNG Telecommunications Am
8. AH Authentication Header ARP Address Resolution Protocol AS Autonomous System BPDU Bridge Protocol Data Unit BSR Bootstrap Router CHAP Challenge Handshake Authentication Protocol CTI Computer Telephony Integration DHCP Dynamic Host Configuration Protocol DNS Domain Name Server DRR Deficit Round Robin DSMI Data Server Module Interface DVMRP Distance Vector Multicast Routing Protocol ESP Encapsulating Security Payload GVRP GARP VLAN Registration Protocol SAMSUNG Telecommunications America L P 180 HDLC High level Data Link Control HTTP Hypertext Transfer Protocol HTB Hierarchical Token Bucket IDS Intrusion Detection System IGMP Internet Group Management Protocol IKE Internet Key Exchange IPMC IP Multicast IPSec IP Security Protocol ISAKMP Internet Security Association Key Management Protocol LAN Local Area Network L2TP Layer 2 Tunneling Protocol NAT Network Address Translation NTP Network Time Protocol MAC Media Access Control RP Rendezvous Pointv RSTP Rapid Spanning Tree Protocol PAP Password Authentication Protocol PIM SM Protocol Independent Multicast Sparse Mode PD Power Device PoE Power Of Etnernet PPTP Point to Point Tunneling Protocol PT Protocol Translation PVC Permanent Virtual Circuit PVID Port VLAN Identification SAMSUNG Telecommunications America L P 181 STP Spanning Tree Protocol SMTP Simple Mail Transfer Protocol SNAT Source Network Address Translation SNMP Simple Networ
9. Index No To select the location to insert the entered rule Advanced Mode This table allows the administrator to select and set up a port or protocol that is not included to the basic configuration additionally BS T asinn T Ras tots GS thomas tote Private Network Configuration WAN IP u Not Used z o Intf Port I Dynamicip PPPoE Etherneto E Inside C A A M i Outside L A hf A i my S amp Define fai Cuser Crane Cmi C E Lf Protocol Index No Port For only some specific ports It is allowed to set up for the outside Protocol Select TCP and UDP protocols Both TCP and UDP are set up for All The administrator can view the current status of the configuration on Configuration List Configuration List No Entry SAMSUNG Telecommunications America L P 40 Table of Contents Port Forward This table allows for the connecting to a PC with a private IP inside the system from the outside environment Basic Mode The basic mode is set up by using the minimum value of the options for port forwarding Config Mode Basic Mode C Advanced Mode Private Network Port Forward Inside IP MO M M Outside CCC L EI WAN IP Insert Inside IP To set the IP to be connected from the outside Outside To enter the network address connected to WAN or select the range of netmask netmask range all WAN IP To set an authenticated IP netmask range all
10. Router OSPF Ho Entry OSPF Interface Configuration gt OSPF Interface Select the target interface and enter the protocol configuration command directly If the entered command is successfully executed the execution result is directly applied to lt Current Status gt of Router gt Configuration gt OSPF Interface OSPF Interface etho SAMSUNG Telecommunications America L P 76 Help Select the argument corresponding to the OSPF interface Clicking the Argument item displays all arguments corresponding to the command AS T AGEt lt RMR Mais STi eRe Ai aim Wena oe Sage Rea OSPF Interface Basic After selecting each item click the OK button The applied value is displayed in the lt Current Status gt window OSPF Interface Basic cost lt 1 65535 gt Lost dead interyal lt 1 65535 gt Seconds hello ntery al lt 1 65535 gt Seconds transmit delay lt 1 65535 gt Seconds retransmit 1 65535 gt Seconds interwal Display the command configuration currently entered Current Status Router OSPF Interface etho Ho Entry SAMSUNG Telecommunications America L P 11 List Access List Select List gt Access List to set access list Enter all data and then click the OK button Access List ID Word v tet Action Permit C Deny C any Network fioo fo fo o pfa Exact match M Exact match Source Match ID Sets the access list na
11. Whether to include activated routing table Network The Network Netmask information of the route Entry Description of the route RIP Select Configuration gt RIP to set RIP Enter the RIP command If the entered command is successfully executed the execution result is directly applied to lt Current Status gt of Router gt Configuration gt RIP RIP Help Select the Argument corresponding to the RIP command Clicking the Argument item displays all arguments corresponding to the command command Argument O O default information originate M SAMSUNG Telecommunications America L P 73 RIP Basic After entering the data of each item click the OK button Then the applied value is displayed in the lt Current Status gt window RIP Basic commana JOO araumen OO Version i 2 default redistribute M connected static C ospf l bap network E W E W Displays the command configuration currently entered Current Status Router RIP router rip network 192 165 0 0 24 redistribute static RIP Interface Select Configuration gt RIP Interface to set RIP Select the target interface and enter the protocol configuration command directly RIP Interface fetho If the entered command is successfully executed the execution result is directly applied to lt Current Status gt of Router gt Configuration gt RIP Interface SAMSUNG Telecommunications Am
12. all check boxes are initialized System Infomation Location Seoul Korea Contact supporti Mame O5 400 55IM Engine ID GSIM Community Name Community Net private local Read Write public anynet Read Only Select User Name Access root Fead Write F MEA ERUMEE lz SNMP Config Information The administrator can retrieve the SNMP configuration System Information Displays the information set up at System Options Select Selects information to delete Community Name Displays the community name Community Net Displays the configured name of the Community Network Community Access Displays the access authority of the configured community User Name Displays the configured administrator s name Access Displays the access authority of the configured administrator Trap IP Displays the configured Trap IP Trap Port Displays the configured Trap Port SAMSUNG Telecommunications America L P 155 Table of Contents Management The administrator can start stop the SNMP service on the SNMP gt Management menu By clicking the Run button the SNMP service starts If clicking the Stop button the SNMP service stops SNMP Management SNMP Management allows the administrator to start stop the SNMP service Activity Displays the operational condition of the current service Action Selects whether to start stop DB Config Manage the Data Server database using the System gt DB Conf
13. m sts IEIEIECIEIEIEICICIEN Delete All Filter Address Use Mac filtering to block unwanted traffics Enter the target MAC address in the Filter Address menu to block the target packet in the switch Note that MAC is the destination address of the packet sent to the switch port Enter the target MAC address and port No and click the Add button After selecting a specific MAC address click the Delete button Filter Destination MAC Address ada ae ate SAMSUNG Telecommunications America L P 58 Layer2 Menu Select the Layer2 menu The submenus will be displayed in the upper left side of the window as follows RAINN a Sista SST RY SAR g ANERER Sc nE S AANS FERAE ERN Menu Description RSTP Configuration Sets bridge and port environment used in RSTP Status Retrieves the RSTP operation status of the switch Port Trunking Sets Port Trunking related value in menu GVRP Configuration Sets GVRP and Dynamic VLAN Creation services Status Retrieves the status of each port where GVRP is set IGMP Time Interval Sets the time related with IGMP Snooping Snooping Function Sets the function related with IGMP Snooping Forwarding Retrieves the information of the members registered in IGMP Group Table Management Sets whether to operate IGMP Snooping Authentication Configuration Sets the Authentication service Management Retrieves the setting information of Authentication
14. range all Destination IP To set the destination IP netmask range all Port To set the port Protocol To set the protocol Time Set To set the time to apply the filtering rule Target To set the permission of target Insert To select a location to insert the entered rule This table displays the current setup status Configuration List No Entry SAMSUNG Telecommunications America L P 44 HomePage Table ofContents Remote Access The Remote Access menu is used to allow or deny access to the Data Server from inside or outside the LAN Remote Access Default Policy Allow Deny Administration IP Default Policy e Allow The basic policy is set to Allow and the administrator can set up the policy by using Target information e Deny Blocks all accesses from the inside and outside except the PC that is set up as the manager IP e Administration IP Enter the manager IP Pay attention on entering this IP because all access for other IP Addresses will be denied Remote Access Default Policy Allow Remote IP Configuration Source IP OO ee ee ee O Bere Define fai Cusef C Range E E Multi i o i O Protocol all x Days M Everyday Time Set Z sun M Mon M Tue 4 Wed E Thu Meri Sat Time O 24 Hours Cfo aj o aj fo aj o Target allow Insert Source IP To set the origination IP netmask ra
15. 2005 9 27 18 00 2005 9 27 17 50 40 2005 9 27 17 50 40 2005 9 27 accepted smux peer oid SNMPy2 SMI enterprises 3317 1 2 2 11 24 30 descr zebos 7 2 1 2eb05 7 2 1 rcel customer 2005 9 27 11 24 30 2SO05 9 27 accepted smux peer oid SNMPv2 SMI eanterprises 3317 1 2 5 11 24 30 descr zebos 7 2 1 2eb05 7 2 1 re1 customer 2005 9 27 1i 24 30 2005 9 27 accepted smus peer oid SNMPv2 SMI enterprises 3317 1 2 5 11 24 30 descr zebos 7 2 1 2eb05 7 2 1 re1 customer 2005 9 27 Li 24 30 ROOT LOGIN on console login session opened for user toor by fuid 0 login snmpd smux accept accepted fd 12 from 1l27 0 0 1 32775 snmpd snmpd smux accept accepted fd 11 from 127 0 0 1 32774 snimed snmpd smux accept accepted fd 10 from 127 0 0 1 32773 snmpd accepted smux peer oid SNMPy2 SMI enterprises 3317 1 2 10 descr zebos 7 2 1 e6b05 2 1 snmpd rel customer 2005 9 27 lii2425 2005 9 27 smuss accept accepted fd 9 from 127 0 0 1 32772 snmpd 11 24 28 Gist Geto Serv etd Geto Gat SAMSUNG Telecommunications America L P 159 Download This page allows downloading the system log that is currently saved Press the Download button to download the system log in the form of a compressed file Log File Management Download log file To download log files Click the Download button Time Configuration Synchronize the date and time of the system on the Time Configuration menu of
16. 6 15 81 4 med ICMP Echo Reply 12 69 3 med WEB MISC SSLY 3 invalid Client _ Hello attempt Rate Monitors logs detected by IDS according to type and displays logs as a percentage Num Number of logs detected by IDS according to type Priority Risk level depending on the rules level of IDS high Rule level is one day the highest risk level med Rule level is 2 or 3 days mid level low Rule level is 4 days low level Description Type of logs detected by IDS If clicking the unique ID of an alert Sid displays the information on the alert SAMSUNG Telecommunications America L P 129 Sid 384 Summary This event is generated when an generic ICMP echo request is made Source IP The administrator can summarize alerts by the Source IP Select this category then the following window appears Summary by source IP Mon Sep 26 04 16 59 2005 Mon Sep 26 21 17 42 2005 192 168 0 210 med ICMP PING 192 168 0 210 med ICMP PING NIX 192 168 0 210 med ICMP PING BSDtype 192 168 0 1 med ICMP Echo Reply 192 168 0 117 WEB MISC SSLY3 invalid Client _Hello attempt 192 168 0 119 WEB MISC SSLy 3 invalid Cllent_Hello attempt Num Number of logs detected by IDS according to the host source IP that attacks the logs Remote host Host IP that attacks logs detected at IDS Priority Risk level depending on the rules level of IDS high Rule level is one day the highest risk level med Rule level is 2 or 3 days m
17. Baleli e E E E EPE E E EE A AE N A EE A A T E E A 162 Appl Server a sosteecines arene dene cere E gestae oE AEREE aA EE Aa suse E E EEEE EEEa 163 RE E OO E A E E T A E E AT E A E A E E A E E E T 163 My INEO MENU isiro iea EEEE E E aE EEEO 164 ANNEX A VPN Setting for Windows XP 2000 165 IPSec Setting ernen A EEEE a E a EE AREE EE A TEE 165 Aie E E A EA E E E O A A A E 178 ABBREVIATION 180 I EEE ASEA E S OE S SEES E ETEN NT ce serene 180 E PO EN EA E cee E ET E E E E smc N E AE E PEN E A E AN E I T E E E T E E 180 Feiss pee ee E E E AEE E E E E E TE N AEE E TE E E 180 De A E T E E E sacaeae 180 EENT EEEE E EEE A E ES ie ete see AT EEI AEN nce DEE A A ET EET 180 E E E E E EAE AE A EEA E E A E A EE E E E E A E E E eee 180 a DANAE E EE E E E E E E E E 181 a E A E E sce scssece seecseececeee 181 SAMSUNG Telecommunications America L P 11 E OAOE OE E NEE O EE E E E E N E A O EE P E 181 D E E 181 EE E E E E E E T O E E E S E dieed seulcosuseeneoneetbenecnes 181 FE E E E A E A E A E E E sta cats os E A A E E E A A A E T E 181 E E E E A E EEE A E E E E E E EA E E T A 181 A E E boom E A E A E E E E AA 182 ees leit tes se E N E E O S E A A E A aceon etewnnneecieeuien 182 A EE A E SE A AE E A A A E AE E A A EE ETE E A EE A E E EETA 182 SAMSUNG Telecommunications America L P 12 CHAPTER 1 Overview of OfficeServ 7200 Data Server This chapter introduces the OfficeServ 7200 system and OfficeServ 7200 Data Server Introduction
18. Config Set Detection Level amp Type O iion OO medum toe C Block C Block C Block Mail Mail Mail SAMSUNG Telecommunications America L P 134 IDS Rule Configuration This page is used to set up the rule file for the IDS application IDS Rule Configuration local rules exploit rules finger rules telnet rules rservices rules ddos rules ttp rules web caldfusion rules web frontpage rules web client rules sql rules icmp rules misc rules oracle rules snmp rules imap rules pops rules other ids rules backdoor rules policy rules Info rules virus rules multimedia rules experimental rules JK A A A A A A a A A A A A A A A e a a a a A bad traffic rules scan rules Tio rules roc rules dos rules dns rules web cgirules wWeb is rules web misc rules Wweb php rules ii rules nethios rules attack responses rules mysghrules smtp rules pop rules nntp rules web attacks rules shellcode rules porn rules Icmp into rules chat rules p2p rules Pressing the OK button after selecting the desired rule activates all of the selected rule sets When an administrator checks the check box on the top of each column all rules in the relevant column will be selected Click the Default button to select the default rules SAMSUNG Telecommunications America L P 135 Rule Config The administrator can update the rule set file used in the IDS application to the latest ver
19. Confirm Password Each item of the CA Certificate is defined as follows Country name Country name Two characters ex kr cn State name State name Locality name Local name Organization name Company name Organization unit name Organization division name Common name Name Email address Email Password Certificate password Confirm Password Confirming the password of certificate Verify the certificate password when deleting CA Certificate SAMSUNG Telecommunications America L P 119 External Certificate External CA Certificate Upload CA Certificate E The uploaded items of an external certificate are defined as follows CA Certificate External certificate upload Host Certificate Host Certificate Distinguish Name Common Email Password Confirm Password The uploaded items of the external certificate are defined as follows Common name Name Email address Email address Password Certificate password Confirm Password Confirming certificate password SAMSUNG Telecommunications America L P 120 HomePage _ _ Tableof Contents L2TP The administrator can set up the security tunnel between a local subnet and remote host by using the Layer2 Tunneling Protocol L2TP Since it is simpler to set up than IPSec and software is provided from the Windows operating system the administrator can apply the VPN function easily Configuration In the L2
20. Displays the time that the state of each port is changed by level Discarding Learning Forwarding 60 Port Parameter Status Priority Standard to select the port to be blocked when the switch loop is established Force Version Communication is progressed via the switch connected to the corresponding port and the BPDU that a user specifies For 0 STP BPDU is transmitted For 1 RSTP BPDU is transmitted Path Cost Displays the path cost according to the bandwidth when the connection with the opponent is established portfast If this value is activated the corresponding port becomes Edge port and quickly converted into forwarding state by considering the port is connected to a terminal device not a switch device In addition if this function is activated the MAC address learned in the corresponding port is not canceled even when all topologies of Bridges are changed To connect the port to the STP device the portfast function should be canceled linktype Displays the type of the link connected to the opponent The link is connected as point to point in RSTP RSTP gt Status to display the status of switch RSTP operation Bridge Information T parameter O O aoumen O Protocol Status Designated Bridge Identifier Root Bridge Identifier Root Path Cost Last Topology changed Port Information Port ID Path Cost Port Role Port State Designated Root Port1 Port2 Ports Port4 Port
21. E 71 Conu raO seee E A E A 72 De SU E ESE E A EE EEE NS A EE N A E EENS EA E T A E 78 G eee se se hn eo a a oe ssp gee ene R 82 IPMC Men sos hess cece cece esos aiaia aiaa sebebsseseteteceeacaasscoceeacuseabecensee sedate qcaeebechexebenssecerese 84 EE ie PAE S eave nis AS ES A N EE E S A ET A E E 85 COOU O o S E coeae deuae anon ceineec neues eoeeete 86 SUS S sean doabeaieten dean padunsacsateeuaseamioateqieten ddan pasunsacssieeua seamen ceaiaten E A 93 GS AU acces ccc seca eeeccecececene ge oieeeccacenascecccecuscecaveesessceedsccccvassunscecessecocesseasacedssuecececcssecuvessesseecdsccceeasseasceseeseeas 95 RI ee ac Seer pete ee Sess wee ecg ce ete teed oemazenascis a tpaeneaaedemedoee seep aeecinsesoosngetecseneceponceaaesoaueeeaeoasess 96 PO espace epee E cine awn ode E E E E S seneoene 104 NOVA CI STS PM oe tac nicotene ea ce tesa eet vececose3eeneeentseckiecosna tea tele tiga pads tee eticcosearee oats nsaSsane bee aseetvectecseestee 105 SAWS MOM oes cece aes ecco E reset ae oe etec se ate ce ew re edie ee se sede aec ee sbee teed wseeneuewesuetesiva soee 106 OAS CUO n Ora 106 NS esas eee eters ae ess esses ee baa sees pee Sena ysecuniocacee en atusaatoueeaceatvseasieckboaeauteeeasersevicaenesziece 108 MORONI mee eee neers nce nenneen ne er enn eer Ta Ro oon eee a ee nee eee eee ee 109 ETET E A EAE se eee eas gs Siesta setae sede AA E AAAA EO os cious E E E ease EO EEA A NAA O EEA E 110 VPN SW pao he irc ois cates sires i Se ne se iia ie ca
22. Enter the information on the Radius authentication server Up to 5 lists can be entered Radius E Radius Server IP Radius Server Tf SAMSUNG Telecommunications America L P 157 Taccas Enter the information on the Taccas authentication Up to 5 lists can be entered or deleted When deleting the list of all server IPs the corresponding secret key values are also deleted Taccas Server Taccas Secret Key Log This page allows setting up the system log and retrieving the log information Configuration This page allows setting up the log to determine whether to add a log to the system Log Policy Advanced Service System METY ORE FIRE ALL PPTP IFsec Lee Select added logs from the logs for system log network firewall VPN and click the OK button to add logs to the system log Click the Reset button to return to the previous status before applying the configuration SAMSUNG Telecommunications America L P 158 Report The administrator can retrieve the logs stored in the system according to an item and time Report Policy Advanced Service ALL SYSTEM NETWORK FIREWALL Log Type PPTP LoTP IPSEC Ips Detail Search YEAR MONTH DAY HOUR MINUTE From gt ud Set up the desired log type and time and click the OK button to verify the log Click the Reset button to return to the previous status Log Report 2005 9 27 11 00
23. In blocking learning discarding states data communication is not performed The data communication is performed only in forwarding state In addition the blocking state represents the state that blocks the data communication by force by detecting a loop via RSTP e Designated Root If a switch connected to the corresponding port is more close to the root switch the Designated Root shows the Bridge identifier of the connected switch Otherwise Designated Root shows its own Bridge identifier SAMSUNG Telecommunications America L P 62 HomePage Table ofContents Port Trunking Select Port Trunking gt Configuration to set the port trunking Click the OK button to apply the setup to the system Click the Refresh button to display the updated status Trunking Configuration E Load Balance System Priority System ID 00 00 f0 10 00 05 Member Configuration S Static L LACP D 5i kz m 1 4 WV 4 t 4 WV 4 num u u m MMIC uum m a I Hh i Active 22768 i X 22768 22768 Wy 4 HAA AATA ANAT A Pras rahe re A Baal baad cat a mmm y L e AO Oo Oooo ooo ol mm m m o a m m mmm momom om Lan a m m u u m m m m m a a ja a ja WIC a A Trunking Configuration Load Balance When transferring a packet to the opposite party through a trunk port the packet is transferred to a port among
24. MGI IP Phone SIP Phone and general data terminal are set here as well Management Start or stop the DHCP Server and configure the system so that the DHCP Server runs automatically when the Data Server reboots VoIP Status Displays the IP terminal information of the OfficeServ 7200 system receives from Call Server or Feature Server when the program for the communication with Call Server or Feature Server is executed Leases Status Displays the DHCP lease status DHCP Configuration Set the Interface and DHCP Server to be relayed Relay Agent Management Start or stop the DHCP Relay Agent VoIP NAPT Status Displays the information on the Static NAPT for the OfficeServ 7200 VoIP service This information is automatically set when the program for the communication with Call Server and Feature Server is executed The information is displayed when the setup is completed SIP ALG Configuration Set up the SIP environment Management Start or stop the execution of the SIP ALG Configure the Data Server so that the execution of this service is made when rebooting the system Configuration Set the environment of the Data Server Module Interface DSMI using the VoIP Service Configuration Menu SM Interface SM Interface The System Manager Interface is a network management tool that is not available at this time In a future release of the OS 7200 Data Server the The NMS caution Network Management System will become availabl
25. O aion OOOO Running Create the new RSA key Download the current RSA key i etho Click the OK button on the Create the new RSA key item to add a new RSA public key password method key Use this menu to add a new RSA key if the host authentication method of RSA key used Click the OK button after selecting a device in the External Device items to apply the IPsec connection to the device SAMSUNG Telecommunications America L P 117 Certificate The administrator can verify Issue delete download of CA Certificate and Host certificate addition delete of an external certificate and the current certificate list CA Certificate List Subject Cert file Country ko State 1 Locality 1 Organiation 1 Organiztion unit 1 Llommon name 1 Email 1 date Sep 22 12 49 10 2005 GMT Sep 21 12 49 10 2009 GMT External CA Certificate List category ID Host Certificate List Subject Cert file The menu buttons are defined as shown below CA Download CA Certificate download CA Delete CA Certificate delete Ex upload External CA Certificate upload Ex Delete External CA Certificate delete Host Add Host Certificate add Host Delete Host Certificate delete SAMSUNG Telecommunications America L P 118 Tabie of Content CA Certificate CA Certificate Distinguish Name Country 2 letter ka jp 3 State Locality Organization Organization Unit common Email Password
26. P 67 Management Select IGMP Snooping gt Management to specify the operation of IGMP Snooping IGMP Snooping Management Global Enable Default Enable According to VLANs the IGMP Snooping can be operated respectively If however Global is set to Disable all VLANs become in Disable mode IGMP Snooping Management KN In Global Disable mode other pages except the Management page are not be NOTE displayed SAMSUNG Telecommunications America L P 68 Authentication This menu is used to retrieve the setting information or set the authentication Configuration When selecting Authentication gt Configuration if the activity status of Authentication gt Management is Stop the following window appears Authentication Configuration 802 1X Port Based Authentication Disabled If the activity status of Authentication gt Management is Running the following window will appear Authentication Configuration a ee ee period Time out Time out Porti None E Port2 None H Port3 None H Port4 None X Port5 Aen Port6 None H Portz None H Ports None H Porto None H Port10 None Port11 None Port12 None Port13 None Porti4 None TATA TATE TAT TAT Control Indicates the authentication mode of each port of user authentication 802 1x None Authentication is not performed for the port Force authorized Admits the port forcibly Force
27. Port VID VLAN ID for an untagged packet When an untagged packet is sent to the corresponding port the packet is switched to the VLAN corresponding to the Port VID Forward Only this VLAN If the received tagged packet tag is different from Port VID when this item is marked discard the packet When this item is not marked the packet is re sent according to the received tag information Drop Untagged Frame If this item is marked discard the untagged frame If not the untagged frame re sends the packet to the VLAN corresponding to the setting Port VID Port VID Input Value K Below 255 can be entered for Port VID NOTE SAMSUNG Telecommunications America L P 55 Classification In the Classification menu set the values to decide VLAN ID If the VLAN mode is 802 1Q in VLAN gt Configuration VLAN ID is decided depending on the protocol of the packet received Select the member protocol from Classification Rule and click the OK button VLAN Classification Configuration a O araumen O Classification Mode proto Classification Rule appletalk Group ID 1 256 VLAN ID F select crowio vo O classifier Classification Mode Selected automatically according to the VLAN mode In case of 802 1Q VLAN proto is selected In case of MAC Based VLAN MAC is selected Classification Rule Based on Appletalk arp decnet ip ipx sna and x25 VLAN is set Group ID Group
28. The following figure shows that the activity is in the stop status and the SIP ALG stops in the present On the contrary when the Activity running and the SIP ALG is under execution the stop that stops the SIP ALG is activated Although the system is rebooted the setup returns into the last set status SIP ALG Management The Management is classified into the Activity displaying the current status information and the Action displaying the execution commands Activity The current SIP ALG status Action The commands that can be executed in the present status SIP ALG SIP aware ALG gt CN If the firewall based on NAT like the Data Server board of OfficeServ 720 protects the NOTE internal network the system is safe against the external attack but is limited in the service For settling this trouble SIP aware ALG SIP ALG enables the SIP devices inside the firewall to communicate with the external equipments SAMSUNG Telecommunications America L P 151 System Menu Select the System menu of the OfficeServ 7200 Data Server The submenu is displayed on the left top of the screen as follows SASS T aR AR RR ALAA T REFREN ARNE A SERRE SEARS Te T AAAA ERAN EST Tlonker Ieee SLR SERS LR RA A SNMP Configuration Displays the configuration items of SNMP Status Displays the SNMP configuration currently configured Management Starts or Stops the SNMP service DB Config Manage
29. This menu is used to display the neighbor list of PIM SM protocol PIM SM Neighbors e Neighbor Neighbor IP address e Intf IP address of VIF connected with neighbor e Uptime Time passed after being connected with neighbor e Expires Left time until the Neighbor connection information is expired e Ver Version of the PIM SM protocol used for the connection e DR Priority Designate Router DR priority of neighbor e DR Displays whether the neighbor is Designate Router DR SAMSUNG Telecommunications America L P 94 QoS Menu Select the QoS menu The submenus will be displayed in the upper left side of the window as follows Group l Port Group IP Group Filter Group Class Group Policy Management Ingress Configuration Management Group Port Group Retrieves sets edits or deletes a port group Retrieves sets edits or deletes an IP group Retrieves sets edits or deletes a filter group Class Group Retrieves sets edits or deletes a class group Policy Set up the class for a port Management Starts or stops the execution of a QoS and sets to execute when the system reboots Ingress Configuration Retrieves sets edits or deletes values of a Ingress Management Starts or stops the Ingress QoS ye SAMSUNG Telecommunications America L P 95 Table of Contents Group The Group menu is used to retrieve set edit or delete a port group an IP group a filter group or a cl
30. a general caution Restriction Indication for prohibiting an action for a product Instruction Indication for commanding a specifically required action SAMSUNG Telecommunications America L P 6 A caution Note that all external administrators are allowed to access the firewall when the Remote IP is set to 0 0 0 0 and Port is set to 0 For Security When Setting IP Range The number of IPs for the Local IP range and that for the Remote IP range should be identical when setting PPTP VPN For example if the number of IPs for Local IP range is 10 and that for Remote IP range is 20 only 10 calls will be set When Setting PPTP in Windows XP 2000 In Windows XP 2000 the administrator can use DHCP client If VPN PPTP client is connected while the DHCP client is operating errors will be found To prevent this problem close the DHCP client operation on the Start gt Program gt Administrative Tools gt Services menu of the Windows PPTP client installed When Changing Network Interface Note that all IP sessions in working are disconnected for a while if network interface i e IP Gateway and Subnet Mask is changed and finally applied while operating a router DB Change When the DB is changed in the OfficeServ 7200 GPLIM the system will restart SAMSUNG Telecommunications America L P 7 Wh
31. can access to the system SAMSUNG Telecommunications America L P 138 VoIP Service Menu Select the VoIP Services Menu The submenus for VoIP Services will be displayed on the left top as follows MATER SRA aia EN S_ea SA es thea SUR EATERS PRE STE SEE TEE TERRES ERE Sa ERRAN AR MAESAR SERS Se ER Teo AREA ER EAE MARRRSMIERSS DSMI SM Interface Enable or disable items related to the Message Data Configuration future release transmission for the communication with the system manager SM Module Select the WAN VolP interface and set the environment for the Interface communication with Call Server and Feature Server Management Start or stop the programs for the communication with the SM Interface Call Server and Feature Server Set the Data Server so that the execution of these programs is automatic on reboot External External FS Sets or deletes the IP Address of the Feature Server existing on Server future release the external network A public network when the NAT is used DIST Config Transmits the message received via the externally designated future release port into the terminal designated at the internal network SAMSUNG Telecommunications America L P 139 Menu Description DHCP Server Configuration Set the internal network that operates the DHCP Server In addition set the IP addresses for the DHCP scope The IP pool for Call Server Feature Server
32. class type is leaf the window is displayed as follows Set each item and click the OK button HTB Class Group category Yalu ID Class Type root 2 general oe lear Parent ID none Priority Rate Ceil Burst CBurst none Leaf Odise Attach on Leaf class Filter Apply Filter List Apply Filter 400 ALL gt REMOVE lt lt 2 PRPEMOVE ALL Time Setting Scheduling Parameter O C sun C mon DO Tue C wen D Thu l Fri O Sat Start Time oo Hour End Time Rate Eps Ceil Burst Byte Churst r Class Type Configuration window depends on the type of the class to be set root Sets the root class general Sets the class that connects the root with the leaf classes non leaf Sets the default class Leaf Sets the leaf class Parent ID If the target class is a child class of another class set the parent class in the Parent ID item Do not set the Parent ID if the target class is the root class highest level class physically connected to the device or if the default class class including the bandwidth for traffics that do not belong to a filter SAMSUNG Telecommunications America L P 102 Item Description Priority If several classes compete to occupy leftover bandwidths or if all classes attempt to occupy excess bandwidth set the priority so that the class with the highest priority occupies the bandwidth first MTU The Maximum Transmit Unit MTU represents the maximum amount o
33. deletes a certificate L2TP Configuration Sets up L2TP Management Allows Inhibits execution of L2TP Sets whether to execute L2TP when the system reboots PPTP Configuration Sets up PPTP Management Allows Inhibits execution of PPTP Sets whether to execute PPTP when the system reboots STATUS Checks if IPSec tunnel is properly connected L2TP PPTP Checks if L2TP PPTP is properly connected Setting up VPN Client in Windows XP 2000 Setting up VPN client in MS Windows is required when IPSec and PPTP are set in the VPN menu in the OfficeServ 7200 Data Server For detailed information on setting method refer to Appendix A SAMSUNG Telecommunications America L P 112 IPSec IP Security Protocol PSec provides security services in the IP layer through implementing Internet Key Exchange IKE The security service is categorized into two services depending on remote equipment the services providing security tunnels between local subnet and remote subnet and between local subnet and remote host Even if IPSec can be set up to provide a security tunnel between local host and remote host the Data Server board is used for a gateway not a host Thus this service is not used Since IPSec setting requires two gateways for a security tunnel local configuration and remote configuration have the same items IPSec Tunnel Mode OfficeServ 7200 Data Server only supports the IPSec Tunnel mode NOTE The transport mode is no
34. display the window below In the console window select the File gt Add Remove Snap in yu Console1 Console Root ey Console Window Help el M Ctrl h Open Chrl 0 Save CErl 5 Save 45 Add Remove Snap in Ctrl M Options 1 DAWINNT systems services mse 2 DAWINNT systems compmgmt msc 3 DAWINNT systems deyvmgmet msc Exit 2 In the lt Add Remove Snap in gt click Add to display the following window Select IP security policy management in the Add Remove Snap in menu and click Add Add Standalone Snap in Available Standalone Snap ins PSnapin Cd endo O Fas Service Management Microsoft Corporation Folder FrontPage Server Extensions Ci Group Policy Microsoft Corporation Indexing Service Microsoft Corporation LE Internet Information Services Microsoft Corporation IP Security Policy Management Link to Web Address fj Local Users and Groups Microsoft Corporation EA Performance Loge and Alerts Microsoft Corporation Description Internet Protocol Security IPSec Administration Manage IPSec policies for secure communication with other computers SAMSUNG Telecommunications America L P 166 3 Select Local computer T in the window below and click Finish Select Computer Select which computer this Snap in will manage When this console is saved the location will alzo be saved f Local computer The computer this console is running on
35. ee Keep Alive Interval m 1 100 Default 10 Keep Alive Timeout 25 1 100 Default 25 IP Address 192 free 00 fe i 24 Gateway 192 free 00 ft Default Gateway M The Gateway is a Default Gateway e Keep Alive Interval Keep Alive inspection time interval e Keep Alive Timeout Time to decide the failure of Keep Alive e IP Address IP address of the serial port e Gateway IP Address Peer Address of the serial port e Default Gateway Mark the check box to set this gateway as the default gateway This item is displayed if WAN is set SAMSUNG Telecommunications America L P 28 PPP Configuration Set the Encapsulation type as PPP Protocol in the Encapsulation field to display the PPP Configuration table Specify the value for each field and click the OK button to store the configuration PPP Configuration a J OOOO OOOO aromen OOOO Keep Alive Interval m 1 100 Default 10 Max Keep Alive Count le 1 100 Default 6 pap CHAP None Authentication Name Password IPCP Dynamic IP enable IP Address negotiation at IPCP layer IP Address 192 free _froo fe i 24 Gateway 192 168 100 ft Default Gateway M The Gateway is a Default Gateway e Keep Alive Interval Time interval to check Keep Alive e Max Keep Alive Count Count of Keep Alives to estimate as the disconnection e Authentication Information for PPP authentication PAP CHAP and None Authentication method Name and Pass
36. in the SNMP v1 2c New Community name Community Network E E Access Read Only O Read Write SAMSUNG Telecommunications America L P 153 New Community Name Fill in new community name to add Community Network Set up new community network to add Access Set up the access authority SNMPv3 Administrator Add SNMPv3 Administrator Add allows adding a administrator to be used at SNMP v3 SNMPv3 User Add User Name UserPassword O O OOOO O Authentication Encryption None w Access Read Only O Read Write User Name Fill in new administrator s name to add User Password Fill in new administrator s password 8 alphanumeric characters Authentication Set up authentication method Encryption Set up ciphering method Access Set up access authority Trap Manager Sets the IP address that is to transmit the trap Up to five ones can be designated IP Address F O f O l Community Name IP Address Set up new Trap IP Address to add Community Set up a community to be used for transmitting to the Trap IP Address added Name SAMSUNG Telecommunications America L P 154 HomePage _ _ Tableof Contents Status The function is used for retrieving the SNMP configuration in the SNMP gt Status menu If clicking the Delete button the item that the administrator has selected by marking on the check box is deleted If clicking the Reset button
37. input field of PIM SM and click the OK button _ Eh a Help Command sparse mode bsr rp set SAMSUNG Telecommunications America L P 89 PIM SM Basic This menu is used to set BSR and RP of PIM SM protocol Mark the check box on the right and enter the configuration values Click the OK button to apply the values Mark the check box of the target item and click the Delete button PIM SM Basic ITE Ta RP Address i92 es l fiz 3 oa Ta RP Candidate etho aj z2 PriorityiO 255 Wo BSF Candidate etha aj z0 MaskLen O0 32 1o00 Priority 0 255 e RP Address When setting static RP enter the IP address of RP e RP Candidate When setting RP Candidate select VIF and enter the target priority Low value has high priority e BSR Candidate When setting BSR Candidate select VIF and enter the target Mask Length and Priority High value has high priority BootStrap Information This menu is used to display the information on BootStrap router BootStrap Information BootStrap Information PI yv2 Bootstrap information This system is the Bootstrap Router BSR BSR address 192 168 0 99 Wptime 00 00 04 BSR Priority 100 Hash mask length 30 Expires 00 02 06 Role Candidate BSR State Pending BSR Candidate RP 192 168 0 99fetho 4dvertisement interval 60 seconds Next Cand _RP_advertisement in 00 00 58 SAMSUNG Telecommunications America L P 90 RP Information This menu is used to
38. is configured for each MAC address VLAN is configured without information on port and the number of a VLAN member may change Up to 256 MAC members can be saved either in a single VLAN or in multiple VLANs Since a MAC Based VLAN does not basically contain port information the port serves as a VLAN member by receiving packets Thus the ARP packet must be transmitted to the switch to enable members of a VLAN to exchange packets Select MAC from VLAN Operation Mode of the lt VLAN Configuration gt screen Select the corresponding VLAN and enter VLAN Name and VLAN ID and click the Add button to display the following screen Enter the MAC address into Classification menu VLAN Configuration LAN Operation Mode Mode MAC v sd sd VLAN VLAN LAN Members Select ID Name Untagged Tagged P1 p2 P3 P4 P5 P6 P7 1 default ps pg Pio V p11 V p12 V P13 Y P14 Pi p2 P3 P4 p5 P6 P7 pg pg Pio pi1 LC p12 CJ pis C p14 2 V2 Port Based VLAN This option is used to configure the VLAN on a port basis A single port can be assigned to multiple VLANs In such cases broadcast packets transmitted by the port is transmitted to all VLANs containing the port Ports not assigned to any VLANS serve as a single VLAN Select Port from VLAN Operation Mode of the lt VLAN Configuration gt screen Select the corresponding VLAN and enter VLAN Name and VLAN ID and click the Add button to display the following scree
39. is used to enter the destination address of a remote host to check if communication is being established Enter the target information into the Destination IP item and click the Run button Then a ping test is executed Only one destination IP can be tested of each time and the radio button of the IP to be tested is checked The radil button of the destination IP on the top is default PING 192 168 0 1 192 168 0 1 from 192 168 18 100 56 84 bytes of data 64 bytes from 192 168 0 1 icmp_seq 1 ttl 64 time 0 279 ms 64 bytes from 192 168 0 1 icmp_seq 2 ttl 64 time 0 129 ms 64 bytes from 192 168 0 1 icmp_seqg 3 ttl 64 time 0 129 ms 192 168 0 1 ping statistics 3 packets transmitted 3 received 0 loss time 1998ms rtt minfayg max mdev 0 129 0 179 0 279 0 070 ms SAMSUNG Telecommunications America L P 37 Firewall Menu Select the Firewall menu The submenus will be displayed in the upper left side of the window as follows ERMA SE a RR ESE SER AER SSPE nr SERRA W Si ESE iiien en Description NAT Management To select the use of NAT function Configuration To set the private IP sharing function Port Forward To set the port forwarding function Static NAT To set the static forwarding function Firewall Management To select the Firewall Filter function Configuration To set the Firewall Filtering policy Remote Access To permit or block the remote access to the system IP Filtering To
40. members included to the trunk group Select an algorithm to select a port for transfer at this time The default is Direct MAP based DMAC amp SMAC amp SPORT ID CRC based DMAC amp SMAC Direct MAP based DMAC amp SMAC CRC based DMAC amp SMAC amp SPORT ID Direct MAP based DMAC amp SMAC amp SPORT ID System Priority A protocol setup value used in a LACP The default is 32768 System ID An identification value used in LACP This value is the same as the value of the MAC address in the system Member Configuration Group S means a static trunk and L means a LACP It is used for setting up the trunk type of the group Up to eight groups can be generated as shown on the screen and up to four ports can be included to a group as members In addition a member included to a group cannot be included anther group simultaneously SAMSUNG Telecommunications America L P 63 Mode Displayed when selecting the trunk configuration as LACP It is available to select one of Active Passive For the Active a LACP packet is transferred to the opposite party first based on the system For the Passive it is responded only when receiving a packet from the opposite system If the user system and opposite system are all set up as Active a system that has higher priority is used as a reference Priority Sets up the port priority The default is 32768 Sync Indicates information connected to the opposit
41. port The following figure is an example that uses Cisco HDLC protocol and specifies the IP address as 172 16 0 2 16 Serialo Interface Summary Serial Interface Summary Interface Serial Scope bath Mode type is EXTERNAL Protocol type is Cisco HDOLe Transparent is Proxyarp is popoe mtu is 1492 pppoe Username is Pseudo name is PPPOE client is disabled Hardware is Unknown index 5 metric 1 mtu 1500 lt UP POINTOPOINT RUNNING WOARP DHCP client is disabled VRE Binding Mot bound Inet 1 2 16 0 2 16 pointopoint 1 2 16 0 1 physical line type is W 35 encapsulation protocol is Cisco HOLE keepalive interval 10 timeout 25 line protocol is up input packets 8 bytes 706 dropped O multicast packets O input errors O length O owerrun O CEC O frame O fifo O missed O output packets bytes 154 dropped O output errors O aborted O carrier O fifo O heartbeat O window O collisions O DNS Click this menu to display the following configuration window Enter the domain name and the IP address of the DNS server to the Domain name field and the DNS server field Then click the OK button to store the domain name and the IP address Static DNS Name Server List a 168 126 63 1 O 168 126 63 2 SAMSUNG Telecommunications America L P 31 Network Link The Network Link menu is used for the setup of connections transmission speeds and transmission modes by network interfaces Note Ethernet 3 can onl
42. set to 10 100 Mbps Ports 13 14 are 1000 Mbps only Duplex Dpx Select Set Full two way service or Half one way service Ports 13 14 are Full Duplex Only Flow Ctl Sets whether to use the function for flow control The flow control is processed according to the value set at Rate In Out Entry rate Exit rate Rate Controls the flow by setting the entry rate and exit rate by ports The unit is the Rate In Out of the port speed If the function of flow control is not used The item of Flow Ctl is not checked the value is set as 0 SAMSUNG Telecommunications America L P 49 Security Sets whether to allow updating the MAC address table The source MAC address is not updated at the switch port where the Security item is not checked Therefore no terminal connects to the port If entering the Static MAC address of a specific value to the switch port where Security is checked normal service is provided to the terminal having the entered MAC address Therefore the security service is provided by the method that a terminal which is not allowed a terminal having a MAC address not entered to the Static MAC address is not used Priority If set as Low or High the priority is set as Low or High regardless of the configuration value of QoS bit for the packet entered to the relevant port It is available to set Priority when the QoS mode is not First Come First Service FCFS in the
43. the rules level of IDS High Rule level is one day the highest risk level Med Rule level is 2 or 3 days mid level Low Rule level is 4 days low level Description Type of logs detected by IDS Port Scan The administrator can summarize alerts for Port Scan Select this category and the following window appears Port scan summary Thu Jan 1 00 00 00 1970 Tue Feb 7 10 59 50 2006 There is no alert Ports Number of TCP and UDP ports that are scanned in logs detected by IDS Hosts Number of host that a port scanned in logs detected by IDS Remote host IP that attempts port scan Search The administrator can search by condition Search Log Priority Source IP Destination IP Destination Port SAMSUNG Telecommunications America L P 132 Select the category including the desired condition and the selected box will be activated Then the administrator can select the desired condition Set up the condition and click the OK button to display the desired information on the window as follows Result of Search Lwin rent tect i Mur Description gt Destination IP Port 192 168 0 210 NO aad ieee gt 1927 168 17 100 192 168 0 210 gt 192 168 17 100 192 168 0 210 gt 192 168 1 100 192 168 17 100 gt 192 168 0 121 192 168 0 1 gt 192 168 17 100 192 168 17 100 gt 192 168 0 121 oe doo lal gt 192 168 17 100 192 168 0 119 gt 192 168 17 100 ICMP PING NO med i174 ICMP PING N
44. the selected protocol Up to 1 256 can be registered VLAN ID Decides which VLAN ID is proper for the current group Select the group ID from Select and click the Delete button to delete the group ID In the Configuration menu if the VLAN mode is set to MAC VLAN ID is decided according to the received packet MAC address Enter the member MAC address into Classification Rule and click the OK button VLAN Classification Configuration Classification Mode mac Classification Rule Hi i Group ID ss 1 256 VLAN ID Ba seee eroun vo O cassier SAMSUNG Telecommunications America L P 56 Item Description Classification Mode Selected automatically according to the VLAN mode In case of 802 1Q VLAN proto is selected In case of MAC Based VLAN MAC is selected Classification Rule According to the received packet MAC address VLAN can be set Group ID Group the selected MAC address Group ID can be registered ranging from 1 to 256 VLAN ID Decides which VLAN ID is proper for the current group Select a Group ID from Select and click the Delete button to delete the group ID MAC This menu is used to retrieve the address table of the switch and set filtering MAC Static Address Select MAC gt Static Address and save a specific MAC address in the address table of the switch regardless of the connection between the device and switch physically That is without
45. unauthorized Block the port forcibly Auto Allows the port through authentication from the Radius server and blocks the port Reauth Used for re authentication Reauth Period Indicates re authentication cycle when Reauth is set 1 4294967295sec default 3600 sec Tx Period Indicates the cycle that sends Request regularly to supplicant 1 65535sec default 30 sec SAMSUNG Telecommunications America L P 69 Supp Timeout Indicates the time before re sending to the user when EAP is requested 1 65535sec default 30 sec Sever Timeout Indicates the time before re sending to the device when server authentication of a server is requested 1 65535sec default 30 sec Re authentication setting and the cycle setting are applied only when setting is changed because there is default value Management Select Authentication gt Management to activate deactivate the authentication of system When executing Run of Action if Activity is set to Stop items of Authentication gt Configuration can be set When executing Stop of Action if Activity is set to Running user authentication is deactivated Setting 802 1x user authentication indicates that there is the Radius server that has the user information The host IP address host and key should be registered of the Radius server to be used The default of the Radius Host Port is 1812 port Click the OK button after the setting Then the setting is applied Authentica
46. used as a variable for calculating the amount of Deficit Round Robin DRR Bps r2q Root Class Class connected to the port Select the class group from the class group list Default Class This class defines the bandwidth for incoming traffics that are not applicable to all filtering rules Select the class group from the class group list SAMSUNG Telecommunications America L P 104 Management This menu is used to execute stop and re execute QoS In addition this menu is used to execute or stop the execution of the Scheduling Parameter set in QoS gt Group gt Class Group QoS Management SAMSUNG Telecommunications America L P 105 Status Menu Select the Status menu The submenus will be displayed in the upper left side of the window as follows Status El Connection t Sessions El Statistics Devices Protocols El Monitoring Current History Process Service Menu Submenu Description Connection Sessions Displays the information on the IP and port connected to the Data Server Statistics Devices Displays the Data Server network statistics by classifying Tx and Rx of each device Displays Data Server network statistics of each protocol Monitoring Current Provides the Data Server network statistics in the table format in real time History Displays the Data Server network statistics on an hourly weekly monthly yearly basis Displays the information on processes being operate
47. using learning MAC address table renewal a specific MAC address can be saved in the address table Even if the device is not connected with the switch and MAX Aging Time interval of MAC address table renewal is passed the corresponding MAC address is left in the address table of the switch Static MAC Address Enter the target MAC address and port No and click the Add button to add the MAC address Select a specific MAC address and click the Delete button to delete the MAC address Select Port gt Config and set the security of the port Then Learning of the source MAC address to the port is not established In this case a user can access the port only through the static MAC address set in the port Thus by using this access condition security function can be configured Number of Static MAC Addresses Entered Up to 50 static MAC addresses can be entered without a port SAMSUNG Telecommunications America L P 57 HomePage rieo Contents VID Setting SS In the mode where 802 1Q VLAN is set if a setting value is entered in the Static NOTE Address and Filter Address menus enter VLAN ID If not 0 is entered Dynamic Address Select MAC gt Dynamic Address to retrieve the dynamic address table Dynamic MAC Address aaah 2 3403737 lial mu 5 al lalla alulelulslelall APES FIFIEIEIEIEIEIFIEIE FICIEIEIENEIEVEIEIELEIEIEIEIEIEIE Janana m m
48. 0 0 14 00 00 0F 02 03 04 Connected 10 0 0 15 00 00 0F 02 03 04 oon DU amp WN e IP Phone TEL NUM MAC Address Index 1 Connected 10 0 0 17 3201 00 00 0F 01 02 03 Connected 10 0 0 18 3202 00 00 0F 01 02 04 Connected 10 0 0 19 3203 00 00 0F 01 02 05 Connected 10 0 0 20 00 00 0F 01 02 06 Disconnected 10 0 0 20 00 00 0F 01 02 06 SAMSUNG Telecommunications America L P 147 Leases Status DHCP Lease Status On the DHCP Server gt Leases Status Menu the IP address lease information can be accessed Select the desired Interface then click the Next button to see the lease information DHCP Active Lease Status DHCP Relay Agent This function is needed when one DHCP server is used on several subnets This function enables the DHCP Client to receive the IP allocation when the DHCP Server and the DHCP Client are in mutually different networks Configuration The DHCP Relay is configured by designating the interface to perform the relay and registering from the DHCP Server Designate the Interface where the relay is performed among the activated interface list by using the Add button For the designated interface its list is made the set interface can be deleted in the list by using the Delete button In the DHCP Server list enter the IP Address of the DHCP and click the Add button To delete a DHCP Server check the box to the left of the IP Address and then press the Delete button Interface List Co
49. 20 20 Gateway The gateway information entered at the CALL Server Item Netmask The netmask information entered at the CALL Server Item MAC Host ID The client authentication type NONE Executes the DHCP IP request without the authentication MAC Click the List Button to enter the MAC address for the authentication HOST Uses the HOST ID internally specialized Authenticates the ITP 5000 series phones SAMSUNG Telecommunications America L P 145 SIP Phone This defines the IP range of the standard SIP phones that are to use the DHCP scope of the Data Server POOL 192 168 0 40 50 192 168 0 1 255 255 255 0 NONE List E o ltem IP Range The IP range of the SIP phone Maximum range 120 pieces When entering one IP enter 192 168 0 40 40 Gateway The gateway information entered at the CALL Server Item Netmask The subnet mask information entered at the CALL Server Item MAC Host ID The client authentication type NONE Executes the DHCP IP request without the authentication MAC Click the List Button and enter the MAC address of the SIOP phone for the authentication HOST Click the List button and enter the HOST ID because the _ internally specialized HOST ID is not used Terminal This defines the IP range of the standard data terminals PCs printers etc that are to use the DHCP scope of the Data Server O isetss0 60 a5 IP Range The IP range of the Data t
50. 200 Data Server Software Installation OfficeServ 7200 Data Server software is pre installed The software package is composed of the following items described below Bootrom Data Server bootldr img vx xx Boot ROM program Package Data Server bootldr img vx xx sum Main Package Data Server pkg vx xx tar gz Upgrade package for HTTP Data Server os img vx xx Upgrade package of OS partition for TFTP Data Server firmware img vx xx Upgrade package of firmware partition for TFTP Data Server configdb img vx xx Upgrade package of configdb partition for TFTP Data Server logdb img vx xx Upgrade package of longdb partition for TFTP Data Server flash1 img vx xx File to copy to the first flash Data Server flash1 img vx xx sum memory fusing Data Server flash2 img vx xx File to copy to the second flash Data Server flash2 img vx xx sum memory fusing Software Package Configuration Each package has a separate file for checking the checksum and x xx represents the version SAMSUNG Telecommunications America L P 17 Data Server Installation Setup the environment as follows to access the Data Server 1 Insert the Data Server board into slot 1 and the LIM board on slot 2 of the OS 7200 cabinet e When installing the Data Server board set the connections of shunt pin 1 2 3 and 4 to the direction of the back panel to connect the Data Server board and the LIM board via the back panel In this case th
51. Bridge Identifier displays the same information as the Designed Bridge Identifier e Root Path Cost When the root bridge is decided it displays the calculated cost for the path to the root switch e Root Port If the current equipment is not the root switch it indicates the ID of the port corresponding to the root port The figure above indicates Ox8003 of port2 A switch can have only root port e Last Topology Changed It indicates the recent time that the RSTP network is reconfigured by the change of the network configuration between switches Port Information e Port ID The value is combined with the value of the port priority and the ID value of the port specified in the system The highest two digits represents the value of the port priority and the lowest two digits consist of port index e Path Cost The value indicates the path cost of the corresponding path e Port Role The value indicates the role of the port that selected via the BDPU exchange between switches The RSTP Port Role is divided into Disable Alternate Backup Designated Root roles e Port State The Port State shows the status of the corresponding port If a loop is detected via the BDPU communication the Port State looks for the port to be blocked in accordance with Port ID and Path Cost and blocks data communication to prevent the loop from being constructed in the whole switch The port state is divided into Discarding Learning Forwarding and Blocking states
52. E E A esate euden E E eee 3 Document Content and OrganiZation ccccccccssssseecceeeeeeeeeeeeeeeeeeeeeueeeeeeeesaeeeeceeeeessaeaeeeeeeeesseeaaneeeeeeeeseaas 3 B01 GAY 21 91 Le fener ee E nna Re RO RE Ge Oe Oe a ee E 4 OS Ol Creen AUDU oeiee diene coumoesdeca a R A 4 eiciiol c 40s inet er r a eee eee eee eee ne EE 5 ROVIO AIG ROM y siss e E E a E E E E 5 SAFETY CONCERNS 6 1 1111 9 6 cee ee ene ne ee eae eer en eee ee en eee ee eee ee ee ee ee 6 UMN ON ee es EEEE N A EEEE E E AE EE E EE PA EEE E AEE EE E 7 CHAPTER 1 Overview of OfficeServ 7200 Data Server 13 Introduction to the OfficeServ 7200 cccccecceeceeceeceecceeceeceeceeceeceeceeseeceaseuseuseseeeseeseuseuseuseeeueseusecaeeuseeseneeneees 13 Introduction to the OfficeServ 7200 Data Servef ccecceeceeceeceeccecceeceececeeceuseueeeseaseusceseuseeeseeseuseusenseeneeneees 14 CHAPTER 2 Installing the OfficeServ 7200 Data Server 17 Sonware nstallati M sea E E EAEE EERE 17 GERMO Ro Led gle ae teenies eee eee a ieee ene ne eee ee cee rete nner eer ne ee ee eee teen ere rr reer 19 CHAPTER 3 Using the OfficeServ 7200 Data Server 21 NetWork Morti eE Ea ESS 22 NON OE e ea a E ie tease E E 23 NU o ipscuntocndrs anced ncuetnevccsdemdmaneiodaineuem pas ecmdncssienacamaudcmawenetneuearewaucwbncustoeaesiesudtsevduanatae sie merhaantnsemtnccewducamtecietienaidmsaenuiecieaeceite 34 TUM a a ceceSectesescenee fete E E eRe ose eoeed A E scesees ver tartessceasane 37 Firewall M
53. Hash Algorithm 3DES MD5 3DES SHA1 AES128 MD5 AES128 SHA1 AES192 MD5 AES192 SHA1 AES256 MD5 AES256 SHA1 Key life time The cycle of newly added key used for packet encryption by the repeated phase two IKE negotiation Advance PFS Selects whether to use a session key transfer security Re Key Sets whether to add a new key whether to add a new key and negotiate again in the phase 1 2 IKE Negotiation Reattempt count of key exchange when key exchange is failed on the count phase 1 IKE Connection IPSec Connection Attempt initiator Attempting a connection response Attempt to receive a connection IPSec I2tp Sets when IPSec over I2tpis is used Supports Window XP SP 2 DPD Time out Effective time when the counterparty receives a DPD packet and receive packet Delay Alive check time of the counter party Action Action after Dead Peer Detect hold Waiting for connection clear No more connection SAMSUNG Telecommunications America L P 116 The aggressive mode only supports the authentication methods of Pre shared key and Encryption Algorithm 3DES The items use defaults and it is available to modify the value of PFS or Key lifetime for the interaction with other equipments Management The administrator allows inhibits executing IPSec services on the IPSec gt Management menu When the system is rebooted in the execution of IPSec the IPSec service is automatically performed IPSec Management O aai O
54. IX MHO 174 ICMP PING BSDtype INFO TELNET access ICMP Echo Reply INFO TELNET access WEB MISC SSL 3 invalid WEB MISC SSL 3 invalid Selecting Search Condition Since the conditions are not displayed dependently the administrator cannot obtain a CHECK result that satisfies all conditions Configuration This page allows the configuration required for the IDS module The administrator can set up the network monitored by IDS detection level rule file to be used at the IDS module etc Select Device Metherneto E Ethernet1 ethernet2 Z Ethernet3 _ Select Device The administrator can set up a the network which needs to be monitored The interface needs to be set as WAN and must be a static network SAMSUNG Telecommunications America L P 133 Set Detection Level amp Type The Data Server intrusion type is classified as High Medium or Low according to the risk level The administrator can set up an intrusion alert when an intrusion exceeding the level occurs In addition the administrator can set up the associated operations for each level When setting up a block the block is associated with the block module If an intrusion corresponding to the relevant level is detected the relevant IP Address is blocked and prevents access to the system for a configured time Refer to Block Config When setting up Mail the IDS mail is transmitted when the alert occurs Refer to Mail
55. Information This menu is used to display the IGMP interfaces IGMP Interface Information 3 uer Max Res Address I Querier Address Huny i Interval Time 125 10 ntf 100 1 2 10 24 rd2 100 1 2 10 24 100 1 3 10 24 rd 100 1 35 10 24 125 10 e Address IGMP group address e Intf IGMP interface name e Querier Address IP address of IGMP interface that sends membership query IP address of Designate Router DR e Query Interval Cycle of sending Membership Query e Max Resp Time Maximum time of waiting a response to Membership Query Configuration DVMRP This menu is used to set DVMRP DVMRP amp Help Enter a command into DVMRP field and click the OK button to execute the command DVMRP Help T commana O OOO arome OOOO clear ip dymrp vw route 4 B 0 0 M vv SAMSUNG Telecommunications America L P 87 DVMRP Routes This menu is used to display DVMRP Route items in use DYVMRP Routes Directl 100 1 2 0 24 ay rd2 Y 1 00 05 10 0 00 00 Connected Direct 100 1 3 0 24 D rd3 00 05 05 00 00 00 Connected e Source Network VIF network address to which multicast packets flow e Flags DVMRP route feature flag N New D Direct Connected H Hold down e Intf VIF name to which multicast packets flow e Neighbor DVMRP neighbor IP address that provides information on DVMRP route e Metric DVMRP route Metric distance value e Uptime Time passed after using the DVMRP route item e Expires Left time until t
56. ON insasccteciacccvaddeatedacdancqncctadeareetaadocssuaddengedeedanednusencesidedwans vedas seetuedwawneedsacaeteacancsdsesstavecauduasestesdecasnecdands 38 SAMSUNG Telecommunications America L P 9 NAT ect nssten tetas oonascesondinse vette neiinccnthdendunen she tel oanasdedondiase tutte setae ttmibcend une vedaovatentbetnremandconsianesiatrlate anda ARNEE EEAO EAEAN AANE swateaidneuaioonineaulonienesant 39 VOY SN EEE eres apts eee eset cone heres act sae ese sree AE EAE ANSE EAA AE AAN EEEN AE ANEETA 43 Port MGM scisecccscsecicesescaiecscsisnctouiiavscncsaresenesseuecnananuscnsbsausenesarweenencaneensannwennubsaneenebarweenesenaeceebesanwsenatenueesessenecnauanec 48 PIU sss extn ste oe ce ee sects tn sm ec wes mre te nce E E EE coos sete E EA 49 EN asec esaeeg ences sepetene E am scceauedaeavacstneraseiesavae A 53 PG gcc cepa acces etree cpr cnet ico coe ASE AAA EE E AEA carnctn cave oem E EA P E S 57 EGY CPZ MCI saccccenesccsiaceneceuemcdenmuccendesuaxedocaatedausiweusumeaseensemnneuswucunsuecunseeusncaueaussvdaesuenetucewneadedasemsadiuesuaneneucuscumeccuats 59 PO EP a E E T A 60 PORET I e E E E E E E E E eed eececeeesaecsee 63 N E e E T gueceeeeseit owen see aaececnete 64 IGMP SNOOP N esa anaa E EEEE E E EREE E EE E E ER E EEE RA 66 PEME eaer ha dre suacetie tus tarete bd dra tiateenizatenivele hd dre pase tiedenaetedaneaeveate beam neteteaedaneteect 69 Laver MENU siars NEE TOS E E SEERE Ea Eaa ETN Ea 71 E erei P A EEE A E E E A E E EE EA E E
57. OfficeServ 7200 Data Server User Guide Every effort has been made to eliminate errors and ambiguities in the information contained in this booklet Any questions concerning information presented here should be directed to SAMSUNG TELECOMMUNICATIONS AMERICA SAMSUNG TELECOMMUNICATIONS AMERICA disclaims all liabilities for damages arising from erroneous interpretation or use of information presented in this manual PUBLICATION INFORMATION SAMSUNG TELECOMMUNICATIONS AMERICA reserves the right without prior notice to revise information in this publication for any reason SAMSUNG TELECOMMUNICATIONS AMERICA also reserves the right without prior notice to make changes in design or components of equipment as engineering and manufacturing may warrant COPYRIGHT 2006 Samsung Telecommunications America All rights reserved No part of this manual may be reproduced in any form or by any means graphic electronic or mechanical including recording taping photocopying or information retrieval systems without express written permission of the publisher of this material TRADEMARKS Entorprise IP Solutions OfficeServ is the registered trademark of SAMSUNG Electronics Co Ltd Product names mentioned in this document may be trademarks and or registered trademarks of their respective companies SAMSUNG Telecommunications America L P 2 INTRODUCTION Purpose This document introduces the OfficeServ 7200 Data Server an app
58. P is configured GVRP Machine Applicant State Registrar State YO MT YO MT GVRP statistics RX 0 0 0 Porti TX 0 0 0 RX 0 0 0 TX 0 0 0 GVRP Machine Port Port Number Applicant Current Status of Applicant State Machine State Register State Current Status of Register State Machine GVRP Statistics Port Port Number Join Empty Number of Join Empty packets SAMSUNG Telecommunications America L P 65 HomePage Tableof Contents _ Join In Number of Join In packets Leave Empty Number of Leave Empty packets Leave In Number of Leave In packets Empty Number of Empty packets i IGMP Snooping The IGMP Snooping menu is used for the configuration of IGMP Snooping functions and the query of the configured information Time Interval Select IGMP Snooping gt Time Interval to configure the time related to IGMP Snooping Time Interval VLAN Default vw Group Membership na 120000 ms Grou Last Member Max Response VLAN p p Other Query ms Membership ms Query ms ms Default 120000 1000 10000 120000 VLAN Selects the VLAN to be configured Group Membership Configures the time to exit from the multicast forwarding database list when new report does not exist Last Member Query Indicates the time to wait a response report after sending a query to check if the host is the last host when multicast router receives a leave message from a host If the report is n
59. Port gt QoS menu Statistics The user can retrieve the link status and statistics for each port on the switch in the Port gt Statistics menu Clicking the Reset button will reset all statistics to 0 Statistics Link Input Input Output Output Packets Dropped Packets Dropped off 0 0 0 0 Porti Port2 Port3 Port4 Port5 Ports oO O O ococeocdgoo o8 8 oC G amp G o o 0 0 o 0 o o 0 0 0 o 0 o o 0 Oo GGG 8 CG 8G 8 CG OG 8 8 G amp G amp Jee Jove Je pal ei fe Jihad Jet RE Sg E Jatt E VaR E lal S o oc oO O O GO Go GC 8 8 6G GCG 2 ee Cc Ss Ooo 8 GG OO 8 Ge 8aeeeosteese amp 8 OO Oo O ooeseseocgosgesdbvwedsbsdss amp OG S O e e Input Packets Number of packets received e Input Dropped Number of packets that are received but dropped without successfully being switched e Input Errors Number of error packets received e Output Packets Number of packets are transmitted e Output Dropped Number of packets that are transmitted but dropped e Output Errors Number of packets that are transmitted to the port that encountered errors e Collisions Number of times that a collision occurs between a packet received to the port and a packet transmitted with being switched SAMSUNG Telecommunications America L P 50 MISC Select Port gt MISC to set the mirroring function and other switch functions Mirroring Configurat
60. Publishing Service Provides F Started Automatic LocalSystem 4 gateman Started Automatic LocalSystem By 115 Admin Service Allows adm Started Automatic LocalSystem Sy Indexing Service Indexes co Manual LocalSystem Sy Internet Connectio Provides n Manual LocalSystem Manages I Started Automatic Sa Logical Disk Manager Logical Disk Started Automatic LocalSystem Sy Logical Disk Manage Administrat Manual LocalSystem Sends and Started Automatic LocalSystem Supports p Manual LocalSystem Sa NetMeeting Remote Allows aut Manual LocalSystem Sa Network Connections Manages o Started Manual LocalSystem Ry Network DDE Provides n Manual LocalSystem Sa Network DDE DSDM Manages s Manual LocalSystem SAMSUNG Telecommunications America L P 176 28 Click Stop and click Start to restart the service in the window below IPSEC Policy Agent Properties Local Computer General Log On Recovery Dependencies Service name PolicwAgent Display name Descriptions Manages IP security policy and starts the ISAKMP ak Path to executable DAWINNTAS ystemse aes ee Startup type Automatic X Service status Started Start Stop Pause Rezume You can specify the start parameters that apply when vou start the service from here Shark parameters coed e 29 Verify the connection status of the firewall internal IP address through the ping command at a command prompt I
61. TP gt Configuration menu the administrator can create modify delete retrieve the VPN tunnel data User List The menu buttons are defined as follows Add Create a PPTP administrator Delete Delete a PPTP administrator Edit Modify a PPTP administrator information Add If clicking the Add button on the lt L2TP administrator list gt window the following window appears Enter each item and click the OK button to create a L2TP administrator User Add ID Password Confirm Password Auto IP Allocation Static IP Allocation SAMSUNG Telecommunications America L P 121 Table of Contents Administrator ID composed of certain letters ID Password Shared password Dynamic IP Enter dynamic IP to remote client Static IP Enter static IP to remote client Enter IP address Edit Click the Edit button from the lt Administrator List gt window Then the window below appears Enter each item value and click the OK button to edit VPN tunnel data User Mod ID Password Confirm Password Auto IP Allocation Static IP Allocation SAMSUNG Telecommunications America L P 122 Management In the L2TP gt Management menu the administrator can allow inhibit executing PPTP services When the system is rebooted in the execution of L2TP the L2TP service is automatically performed L2TP Management Stop Run Local IP 192 fies esa fas Remote IP hsz fies 25a for os M
62. TTEI EARS TA SCR Sa ea Ra tae bos anes eee pa sea hg e E EA ae Sicha Dagestan RR Ti Tepa ewe a a E iiag SA oA JNA OS SAMSUNG Telecommunications America L P 174 21 Select Local Area Network LAN on the lt Network type gt window and click Next Select Use this string to protect the key exchange preshared key and enter the password registered with the firewall Click Next Refer to step 9 22 Select the inbound item in the step 16 window and click Next Follow the step 17 and 18 23 Check Edit Properties and click Finish to display the window below Select the General tab and click Advanced IPSec Properties x Fules General aa IP security policy general properties Mame IPSec Description IPSec Check for policy changes every f 80 minubels Key Exchange using these settings Advanced a 24 Check Master key Perfect Forward Secrecy PFS and click Methods in the window below Key Exchange Settings E IM Master key Perfect Forward Secrecy Authenticate and generate a new key after every 450 minutes Authenticate and generate a new key after every f session s Protect identities vath these security methods Methods Internet Kep Exchange KE for Windows 2000 Jointly developed by Microsoft and Cisco Systems Inc cancel SAMSUNG Telecommunications America L P 175 25 Select Encrypti
63. Upgrade Method Upgrade Method Upgrade Server IP TFTP Cee i M g Local Browse When upgrading the Data Server package the version number should be entered into the the Package Version field i e v1 24 For the TFTP and HTTP methods enter the address of the TFTP HTTP server and then click the OK button For the Local method the upgrade package file should exist on the administrator s PC Click the OK button after selecting the file In the TFTP HTTP method the files of the upgrade version are searched automatically and downloaded but for the Local method the entered version name and file name to upload should be identical If the upgrade Package Version is v124 the file name is gData Server pkg v1 24 tgz SAMSUNG Telecommunications America L P 162 Deleting Temporary Internet Files Be sure to delete temporary Internet files after upgrading the DATA SERVER package Select the Internet Explorer gt Tools gt Internet Options menu and click the Deleting Cookies and Deleting Files buttons on the Temporary Internet Files If these files are not deleted the web screen may not be properly displayed CAUTION Appl Server The Appl Server menu manages the services of SSH FTP and Telnet and it is available to connect to the GDATA SERVER board by using these service Application Server O ono OOOO SSH FTF Telnet Reboot The administrator can reboot the
64. Wizard gt window to display the window below Select My IP address in the Source address field and click Add IP Traffic Source Specify the source address of the IF traffic Source address lt Back Cancel 12 Select Specific IP Subnet in the target address and enter the internal network address 192 168 0 0 and subnet mask 255 255 255 0 Click Next Filter Wizard IP Traffic Destination Specify the destination address of the IF traffic Destination address la specific F Subnet IF Address 192 160 O Subnet mask 255 255 255 lt Back Hegt gt Cancel SAMSUNG Telecommunications America L P 171 13 Select All from the protocol type selection and click Add Check Edit Properties P on the lt IP Filter Wizard gt window and click Finish Re Sve Saar SCRE Ge OSE Soe ate oe uid SR is eee Ee Tad SES RR ROS ac N Lee N En K ERTER Nee 1 4 Click OK Then the outbound item is created Click Add to create the inbound item Security Rule Wizard B x IP Filter List if Select the IF filter list for the type of IF traffic to which this security rule applies a a IF no IF filter in the following list matches your needs click Add to create a new one IF filter lists Add Al ICMP Traffic Matches all ICMP packets bet AIF Traffic Matches all IP packets from t Edit W amp F outbound Remov
65. anagement System will become available SAMSUNG Telecommunications America L P 142 External Server This feature will become available in a future release of the OS 7200 Data Server External FS Not available until future release Feature Server in the internal network CN The Feature Server feature will become available in a future release of the OS 7200 NOTE Data Server DIST Config Not available until future release i DHCP Server This Menu is used to start or stop the DHCP Server Configuration Select the Internal Network that is to receive DHCP addresses from the Data Server using the Configuration Menu DHCP Server Interface Selection eth Die eth INT_PRI eth INT_PRIW To begin the DHCP Server configuration select the radio button of the Internal network and then click the Next button The lt DHCP Server Configuration gt screen displays the basic information on the device selected on the lt DHCP Server Interface Selection gt screen In addition the administrator can program the IP Addresses of the OfficeServ 7200 Call Server IP phones SIP phones and data terminals These devices must be on the same subnet which is defined in the DHCP scope SAMSUNG Telecommunications America L P 143 HomePage _ _ _ Tableof Contents DHCP Server Configuration This displays the general information for allocating DHCP to clients Sub Network Subnetw
66. ass group Port Group Select Port Group to retrieve set edit or delete a port group Port Group List 10000 20000 Click the Add button in the above window to display a window from which a port group can be set Port Group Category Configuration VoIP O f1oo00 ma 2000 Enter the target ID and port No and click the Save button Click the Add button to add a port and click the Delete button after marking the checkbox to delete the target port ID Name of the port group Should include both letters and numbers Group ID shall start only with letters not numbers No blanks should be left in between characters Port Port range Enter 0 to set all ports SAMSUNG Telecommunications America L P 96 Table of Contents IP Group Select IP Group to retrieve set edit or delete an IP group IP Group List O development_team 192 168 0 0 24 Click the Add button in the above window to display a window from which an IP group can be set IP Group IE Develope_Team IF E i92 ies fo fo 24l Enter the target ID and port No and click the Save button Click the Add button to add an IP and click the Delete button to delete the target IP ID Name of the IP group Should include both letters and numbers Group ID shall start only with letters not numbers No blanks should be left in between characters IP IP address Used for entering subnet
67. bling applications such as e mail Web browsing file sharing and printing To continue click Next Cancel 2 Select Connect to the network at my workplace and click Next button to select Virtual Private Connection Click Next to display the window below Enter the Host name or IP address and click Next Enter the firewall external IP address and click Finish button Network Connection Wizard Destination Address What is the name or address of the destination Type the host name or IP address of the computer or network to which you are connecting Host name or IP address such as microsoft com or 123 45 6 78 211 217 127 772 lt Back Cancel SAMSUNG Telecommunications America L P 178 3 Select Start gt Set gt Network Connections in the Windows task bar and select the host name entered in the window above to display the login window below Enter the User name and Password to check if the VPN in a client is properly connected Or use the ping command like the step 29 of IPSec Setting to check the connection status Connect irtual Private Connection User name Administrator Password E Save Password Cancel Properties Help After checking the VPN connection status check if the shared directory of the internal computer connected to VPN can be accessed SAMSUNG Telecommunications America L P 179 ABBREVIATION ALG Application Level Gateway
68. block a specific IP access URL Filtering To block the web access to the specified site ICMP Redirect To block ICMP Replay of the system SAMSUNG Telecommunications America L P 38 Table of Contents NAT The Network Address Translation NAT menu is used for the assignment of a network using private IPs Management The use of NAT is set to Enable by default NAT Enable Disable Setting O O Enable Disable Enable Activates the NAT function Disable Inactivates the NAT function Configuration The administrator can set up a network configured with private IPs A private IP can then be transferred to the Internet through an authenticated IP Basic Mode This table configures a network by using the minimum value of the options required for the configuration of a private network A T Sotssts T Rats Bohs T thease take Private Network Configuration Category Configuration WAN IP Intf I Dynamicip PPPoE gy Etherneto Inside J A Outside f 7 z Bez Index No fa SAMSUNG Telecommunications America L P 39 WAN IP To set a general IP Set up the connected port after selecting a dynamic IP for ADSL or Cable modem Inside To enter a network address to configure a private network or select the range of netmask netmask range all Outside To enter the network address connected to WAN or select the range of netmask netmask range all
69. button after selecting the desired date and time in the table of Date Time Configuration the date and time of the system is changed to the selected date and time Check the check box and click the OK button to synchronize the date and time of the system with Call Server Manual Configuration 2005 Sep 26 Mon 21 36 43 Date Time Configuration 2005 A sen A es m 2x wh 36 Timezone The administrator can change Time Zone by selecting the timezone corresponding to the administrator from the Time Configuration gt Timezone menu Select the desired area city or GMT in the areas separated by GMT and click the OK button to modify the timezone information of the system Time Configuration SAMSUNG Telecommunications America L P 161 Information on the System Time The Data Server system has no internal Real Time Clock RTC Therefore the time NOTE information is not saved after the system restarts but is internally saved by one hour unit Therefore when restarting the system the time information previously set can be changed In case of the normal restarts the setup is made on the basis of the time before the termination Upgrade Upgrade the Kernel and Ramdisk using the PC Upgrade menu The types of upgrade methods are TFTP Method File Transmission Method through HTTP and Local Method that uploads the upgrade from the administrator s PC Select Package Upgraded Select
70. d execution is immediately applied to the lt Current Status gt from Router gt List gt Route Map Enter the target route map as shown in the figure above Then the lt Current Status gt is displayed as follows Route Map Setting O test permit 10 The information of the route map set in OfficeServ 7200 Data Server can be checked Click the Delete button to delete the target route map Click the Edit button to display the following window Through the window the Set Match operation of the corresponding route map can be set SAMSUNG Telecommunications America L P 80 Name Route map name Entry Route map information So Address I Use prefix list i Ip C Next hop l Use prefix list M Metric option O OOOO Parameter OOOO IP next hop D EOE Metric Weight Community Metric Type Local Preference Items related with Match operation are described as follows IP Address Sets access list or prefix list for an IP to be matched Next hop Sets the Next hop IP to be matched Metric Sets the metric value to be matched Items related with Set operation are described as follows IP Sets the next hop of the BGP table Metric Sets the metric of the BGP table Weight Sets the weight of the BGP table Community Sets the community of the BGP table Metric Type Sets the metric type of the BGP table Type 1 External Type 1 Type 2 External Type 2 Local Preference Sets the loca
71. d in Data Server Services Displays service status in a table format by classifying various functions provided by Data Server into Security Router and Management Connection The Connection menu is used to display the Data Server session connection status Sessions This menu is used to display the information connected to Data Server SAMSUNG Telecommunications America L P 106 Session list Table of Contents UDF LIDP UDF UDP TCP TCF TEF TCF 165 213 110 41 LEF Dala LaS pe WE ET Th Wet cal ge WSN A os Tl 165 213 857 161 127 0 0 1 L oaia L aa Mea W e Sa ye lahs heaz 1503 1106 1503 1503 3424 1040 1 4i 104z 3104 UNREPLIED ASSURED UN REPLIED ASSURED UN REPLIED ASSURED ASSURED ASSURED ASSURED 165 213 57 65 Ler 6 ll ISIE Metea PM EE eae dl Nahe ayer Taa daea cee oe 127 0 0 1 LE da d da A WAS pe Weslo WIE Sell 2025 snmp 2025 domain snmp smuU SmuU SMmUx http TCP 165 213 79 232 3105 TCF WG a2 ho Pel ea 3106 TCF LaS Eh Shaa 3107 ASSURED ASSURED ASSURED 165 213 110 41 http IAS 2 iLa ad LSL http LAS dka adh LER http Protocol Type of the protocol connected with session UDP TCP Src IP Source IP Src Port Source port Status UNREPLIED Packets that are expected to be answered are received but there is no response packet ASSURED There is no response packet UNREPLIED is changed to ASSURED Dst IP Destination IP Dst Port De
72. display the information on RP router Click the Delete button to delete all RP configurations RP Information RP Information PIM Group to RP Mappings Grouptsh 224 0 0 0 4 RP 192 166 0 99 Info source 192 168 0 99 via bootstrap priority 22 Uptime 00 00 02 expires 00 02 28 Groups 224 0 0 0 4 Static RP 192 166 17 100 Uptime 00 00 38 PIM SM Intf This menu is used to set PIM SM VIF RD Interface This menu is used to add PIM SM VIF Select the target L3 interface from the Interface item enter the target values and click the Add button to add PIM SM VIF RD Interface command Regument OOOO Interface etho 192 169 17 100 16 Mode Sparse DR Priority p O 42 04067294 Hello Interval 30 1 65535 e Interface Select the target L3 interface to be added to PIM SM VIF e Mode Select the target PIM SM protocol mode Sparse Passive e DR Priority Enter the priority value used when selecting Designate Router DR High value has high priority e Hello Interval Cycle of exchanging hello packets with connected PIM SM neighbors SAMSUNG Telecommunications America L P 91 PIM SM Interfaces This menu is used to display the VIFs added to PIM SM To delete a VIF click the check box on the left and click the Delete button PIM SM Interfaces Address mean DR Prio as Inty fHold 100 1 2 10 24 Sparse Gee eee 30 105 a rda 100 1 3 10 24 Sparse 100 1 3 10 30 105 IGMP Groups This menu
73. e SAMSUNG Telecommunications America L P 140 Module Interface Set the VoIP WAN Interface using the Module Interface Menu Other environmental settings used for communication between the Data Server and the Call and Feature Servers are set here as well DataServer Module Interface Configuration Call Feature Module Configuration Data send to UDF port number Retry timeout Max retry timeout count Hello Interval initial Hello Interval online Select VoIP WAN Interface Data send to UDP port number Retry timeout Sec Max retry timeout count Hello Interval initial Hello Interval online Select VoIP WAN Interface This view only field shows the information on the UDP port used for the communication with Call Server and Feature Server The Call Server Feature Server and the Data Server communicate using the UDP protocol If the Data Server does not receive the requested UDP data it requests a retransmission If this field is set to 3 when a packet is lost and another is not received after its retransmission is requested the retransmission is requested three seconds afterward When that requested packet is not received for three seconds a time out occurs This parameter sets the number of the retransmission requests when the packets continue to be lost while sending and receiving the information to and from the Call Server and Feature Server For example the Retry timeout item is s
74. e lt Back Cancel 15 Enter the inbound in the Name field and click Add like step 10 The above steps 11 through 13 also apply to this procedure SAMSUNG Telecommunications America L P 172 16 Click Add to display the window below Then select the outbound item and click Next Security Rule Wizard f 21x IP Filter List Select the IP filter list for the type of IFP traffic to which this security rule applies a ee If no IP filter in the following list matches your needs click Add to create a new one IP filter lists Name Deseiplon O _ J AllICMP Traffic Matches all ICMP packets bet AIIP Traffic Matches all IP packets from t Edit O inbound Remove outbound Coes 1 7 Select the Request Security Optional item and click Edit 21 xi Filter Action y Select the filter action for this security rule a ee If no filter actions in the following list matches your needs click Add to create a new one Select Use Add Wizard to create a filter action Filter Actions IV Use Add Wizard fOFRequest Security Optional Accepts unsecured communi Require Security Accepts unsecured communi Rance lt Back Cancel 18 Select Negotiate security and select AH Integrity None ESP Confidential 3DES ESP Integrity MD5 in the Security Method preference order Click Move up to move to the first row of the corresponding ite
75. e Data Server board e Application Level Gateway ALG Supports ALG for VoIP signaling and media traffic allowing flawless VoIP packets to be transferred while the security function is active e DHCP Server Automatically sets network environment for IP equipment on other functional blocks of the OfficeServ 7200 system e DHCP Relay Function Enables to connect to external DHCP server for automatic network environment setup of IP units in the other function block of the OfficeServ 7200 system QoS Function e Performs the treatment of the priority for the second layer frame under 802 1p standards Switch function e Treats the priority queue for the third layer packet and performs the priority queue for a specified IP e Treats the priority queue for the fourth layer packet and performs the priority queue for RTP packet UDP TCP Port Management Function e Supports a specialist level debugging function through Telnet connection e Supports configuring and verifying the functional block operations of the data server through a browser e Exchanges IDS data and alarm data with the system manager e Execute program upgrade through local administrator PC e Program upgrade Upgrades program through TFTP Upgrades program through HTTP SAMSUNG Telecommunications America L P 16 CHAPTER 2 Installing the OfficeServ 7200 Data Server This chapter describes the installation and login procedures for the OfficeServ 7
76. e LAN port is de activated if the UTP cable is connected to the port e If the shunt pins of JP1 2 3 and 4 are towards the front direction of the Data Server board connect the LAN port of the Data Server board and a certain port of the LIM board to the LAN cable 2 With a Cross Over cable connect a PC to port 1 2 or 4 of the Data Server module or with a straight cable connect a PC to a port of the LIM board Tied to Port 3 The programmer will need to configure the TCP IP settings to match the corresponding default IP address of the Data Server shown in step 3 3 Using Internet Explorer navigate to one of the folling IP addresses to access the management interface of the Data Server The IP initial value of the Data Server board is set as follows e PI Ethernet 0 10 0 0 1 24 https 10 0 0 1 e P2 Ethernet 1 10 0 1 1 24 https 10 0 1 1 e P3 LIM Ethernet 2 10 0 2 1 24 https 10 0 2 1 e P4 Ethernet 3 10 0 3 1 24 https 10 0 3 1 SAMSUNG Telecommunications America L P 18 Home Page Table of Contents Caution for the Use of a Web Browser The version of the Internet Explorer should be 6 0 or higher for the maintenance of the CAUTION Data Server Other web browsers are not supported Getting Starting Start Internet Explorer and enter the IP address of the Data Server into the address bar The login window shown below will appear OfficeServ 7200 is enterprise IP
77. e system in ports that are configured with LACP ports If configured as a_LACP member but the LACP connection is abnormal for the opposite system it is displayed as X O means that a port is properly operated as a LACP port GVRP The GVRP menu is used to start or stop the GVRP service or to modify the GVRP service for each port Configuration Select GVRP gt Configuration to start stop the GVRP and the Dynamic VLAN Creation Services GVRP Basic On the lt GVRP Basic gt window specify the GVRP configuration as Enable and click the Save button to display the following window and modify the GVRP configuration for each port GVRP Configuration Registration Applicant a Timers millisecond Join eave Leaveall Dau Enal porti port2 port3 port4 ports porte port ports portg portio portil porti2 porti3 porti4 SAMSUNG Telecommunications America L P 64 Click the OK button to save the information of each port and click the Refresh button Then the latest information of the port is displayed Port Port Number Status GVRP configuration Information Registration Registration mode with Normal Forbidden and Fixed conditions Applicant Applicant mode with Normal and Active conditions Join Interval for Join Transfer Time Leave Value of Leave Delay Time LeaveAll Value of LeaveAll Transfer Time Status Select GVRP gt Status to display the information of the port that GVR
78. en Using Dynamic IPs of DHCP PPPoE and VDSL When a dynamic IP is used the public information of Port Forward and Static NAPT is not automatically changed Therefore Fixed IPs should be used for the VoIP related services that the setups of Port Forward and Static NAPT menus are required In addition the Fixed IP are used for the VPN services that the setups of WAN IP addresses are needed Cautions before operating the IDS Module The alert of the IDS Module is remained in the system log Therefore the IDS Item should be set to On in the System gt Log gt Configuration If not so the alert is not remained and whether the intrusion that is detected cannot be confirmed When Deleting Internet Temporary Files If the Data server package is upgraded Internet temporary files should be deleted Select Internet Explorer gt Tools gt Internet Options menu and click the Delete Cookies and the Delete Files buttons in Internet Temporary Files area If these files are not deleted the webscreen of Data Server may not be displayed correctly When Using a Web Browser Use Microsoft Internet Explorer version 6 0 or higher as the web browser for the maintenance of the Data Server Other web browsers are not supported SAMSUNG Telecommunications America L P 8 TABLE OF CONTENTS INTRODUCTION 3 PUDO Saree tects canes eset sine ee ye ease E
79. erica L P 74 Help Select an argument corresponding to the RIP interface command Select the Argument item to display all arguments corresponding to the command Select one from all arguments command Argun O O ip rip authentication key chain LINE RIP Interface Basic After selecting each item click the OK button Then the applied value is displayed in the lt Current Status gt window RIP Interface Basic receive version Eji ES send version Ej L_ES Displays the command configuration currently entered Current Status Router RIP Interface ethO No Entry OSPF Select Configuration gt OSPF to set OSPF protocol Enter the protocol configuration command directly OSPF E If the entered command is successfully executed the execution result is directly applied to lt Current Status gt of Router gt Configuration gt OSPF SAMSUNG Telecommunications America L P 75 Help Select the argument corresponding to the OSPF command Clicking the Argument item displays all arguments corresponding to the command 4 6 0 0 lt 0 4294967295 gt authentication OSPF Basic After entering all data click the OK button Then the applied value is displayed in the lt Current Status gt window OSPF Basic redistribute connected 1 static Ci rip l bgp network o i O Hz iz OO area ID Displays the command configuration currently entered Current Status
80. erica L P 98 Class Group Select Class Group to retrieve set edit or delete SPQ class group and HTB class group A class includes information on the defined filtering rule and the bandwidth that should be assigned to the filtered traffic SPQ Class Group SPQ Class Group List Name Tye High Priority Middle Priority Low Priority i spg_leaf leaf Filter dey voip spg_root spg_leaf Click the Add button of the SPQ Class Group list in the lt Class Group gt window Then the window that can set SPQ class group appears If Class Type is set to leaf the window displayed is as follows Set the ID and filter of leaf class and click the OK button SPQ Class Group ID lear Class Type root f leaf Filter Apply Prien aon p eter 400 dey_voip 400 ALL REMOVE REMOWE ALL When the Class type is set to root the window is as follows Set the root class ID and child class and click the OK button SPQ Class Group let t i i sSS Class Type root leaf High none Middle Low SAMSUNG Telecommunications America L P 99 Class Type Configuration window depends on the type of the class to be set root Sets the root class Leaf Sets the leaf class High Sets the leaf class whose priority will be set to high Middle Sets the leaf class whose priority will be set to middle low Sets the leaf class whose priority will be set to low Filter List Sets
81. erminal Maximum range 120 pieces When entering a IP enter 192 168 0 60 60 Gateway The gateway information entered at the CALL Server Item Netmask The subnet mask information entered at the CALL Server tem MAC Host ID_ The client authentication type NONE Executes the DHCP IP request without the authentication HOST Click the List Button and enter the HOST ID MAC Click the List Button and enter the MAC address SAMSUNG Telecommunications America L P 146 Management The DHCP Server can be started or stopped by selecting the DHCP Server gt Management Menu Check the Auto Start Item to automatically start DHCP when the system is rebooted DHCP Server Management Internal Network Current States Running Stopped eth2 Running DHCP server auto start when system boot OK _ VoIP Status The DHCP Server gt VoIP Status Menu displays active information on the OfficeServ 7200 system When the Call Server receives the IP allocations the information is notified via the Module interface demon of the Data Server and this information can be confirmed on the screen below SME System Information DHCP Server Current States STOPPED CALL FEATURE Connected 10 0 0 7 00 00 0F 02 03 04 Connected 10 0 0 8 00 00 0F 02 03 04 Connected 10 0 0 9 00 00 0F 02 03 04 Connected 10 0 0 10 00 00 0F 02 03 04 Connected 10 0 0 12 00 00 0F 02 03 04 Connected 10 0 0 13 00 00 0F 02 03 04 Connected 10
82. et as 3 and this item is set as 5 the retransmission is requested five times for three seconds If the requested packet is not received the request of the retransmission stops This parameter sets the cycle of sending the Hello message The Hello is a message that is sent and received periodically in order to recognize the status of the Call Server and Feature Server This parameter sets the cycle of sending the Hello message After the initial Hello message The value of this item should be set larger than that of the Hello Interval initial item In order for VoIP Services to work this parameter must be selected and saved SAMSUNG Telecommunications America L P 141 Select VoIP WAN Interface Although it appears as if this parameter is already set it still must be selected and saved CAUTION in order for VoIP services to run properly Management The Call and Feature Servers can be started or stopped by selecting the Management menu If an automatic restart of the Call Feature Module service is needed upon a reboot of the OS 7200 Data Server then the Auto Start box must be checked DataServer Module Interface Management Module Name Activity Running Stopped SM Module Stopped Call Feature Module Stopped SM Module The System Manager Module is a network management tool that is not available at this time In a future release of the OS 7200 Data Server the The NMS caution Network M
83. ethod pap a The administrator can set up the IP range of the remote client that uses dynamic IP in the Local IP range item and set up the IP range of PPP demon responsible for remote client in the Remote IP range item The encryption method supports pap and chap Setting up IP Range The number of IPs for the Local IP range and that for the Remote IP range should be CAUTION identical For example if the number of IPs for Local IP range is 10 and that for Remote IP range is 20 only 10 calls will be set SAMSUNG Telecommunications America L P 123 PPTP The administrator can set up the security tunnel between a local subnet and remote host simply by using Point to Point Tunneling Protocol PPTP Since it is simpler to set up than IPSec and software is provided from the Windows operating system the administrator can apply the VPN function easily Configuration On the PPTP gt Configuration menu the administrator can create modify delete and retrieve VPN tunnel data The menu buttons are defined as follows User List Add Create a PPTP administrator Delete Delete a PPTP administrator Edit Modify PPTP administrator information Add Add gt lt PPTP administrator list gt User Add ID Passward Confirm Password Auto IP Allocation Static IP Allocation SAMSUNG Telecommunications America L P 124 Administrator ID composed o
84. f certain letters ID Password Shared password Dynamic IP Enter dynamic IP to remote client Static IP Enter static IP to remote client Enter IP address Edit Edit gt lt Administrator List gt User Mod ID Password Confirm Password f Auto IP Allocation Static IP Allocation Management In the PPTP gt Management menu the administrator can allow inhibit executing PPTP services When the system is rebooted in the execution of PPTP the PPTP service is automatically performed PPTP Management Activity Stop Local IP Remote IP SAMSUNG Telecommunications America L P 125 The administrator can set up the IP range of the remote client that uses dynamic IP in the Local IP range item and set up the IP range of PPP demon responsible for remote client in the Remote IP range item The encryption method supports pap and chap Setting up IP Range The number of IPs for the Local IP range and that for the Remote IP range should be CAUTION identical For example if the number of IPs for Local IP range is 10 and that for Remote IP range is 20 only 10 calls will be set i Status Status Local Remote ISAKMP IPSEC Local IP Remote IP fAuth Protocol Subnet Subn BRA Ea Le fe Poo oe Lene Ge OO 2t0 e BL S esp Log contents OOOO Check the IPSec tunnel set up in STATUS gt IPsec to insure it is properly connected Check t
85. f packets that can be transmitted at a time It is recommended that this configuration does not exceed the maximum packet size 1504 Byte of Ethernet If this item is not entered the default value 1500 Byte will be applied Rate This is the basic bandwidth needed for setting class for an assigned bandwidth Ceil Maximum value of assigned bandwidth Burst Size of data that can be sent by the class Cburst Maximum data size that can be sent at a time Filter List Sets filtering rules for the class Leaf Qdisc Seta desired Qdisc for the Leaf Qdisc parameter when setting the lowest level class Parameter Scheduling Changes the bandwidth of the class based on day and hour Parameter Click the Add ort Delete button to add or delete Because of the attribute of QoS layer the class to be set may be the highest class Root Class or the lowest class Leaf Class In addition the class to be set is classified into Parent class and Child class SAMSUNG Telecommunications America L P 103 Table of Contents Policy The Policy menu is used for setting a class for a port Enter the following items and click the Save button to select a class for a port Device wana E QDISC Type C SPQ HTB R2O Root Class Default Class QDISC Type Root Class Default Class WAR 1 LAN WANS SERIAL Device Selects a port ethO eth1 eth2 V 35 or HSSI QDISC Type Selects QDISC to be applied to the port R2Q R2Q is
86. f responses like the window below are displayed the IP address is properly connected C gt eRe Zeno creo Pinging 192 168 0 1 with 32 bytes of data Negotiating IP Security Reply from 192 168 0 1 bytes 32 time 5 ms TTL 255 Reply from 192 168 0 1 bytes 32 time 6 ms TTL 255 Reply from 192 168 0 1 bytes 32 time 4 ms TTL 255 Ping statistics for 192 168 0212 Packets Sent 4 Received 3 Lost 1 lt 25 Approximate round trip times in milli seconds Minimum 4 ms Maximum 6 ms Average 5 ms SAMSUNG Telecommunications America L P 177 PPTP Setting Users are allowed to configure VPN with PPTP by using the installation CD and through Windows update in Windows XP 2000 PPTP Setting in Windows XP 2000 In Windows XP 2000 This item enables to use DHCP client If VPN PPTP client is CAUTION Connected while the DHCP client is operating errors will be found To prevent this problem close the DHCP client operation on the Start gt Program gt Administrative Tools gt Services menu of the Windows PPTP client installed 1 o Double click the My Network Environment icon and select the Property item from the Windows desktop Double click Create New Connection on the upper right corner of the screen to display the window below Click Next Network Connection Wizard Welcome to the Network Connection Wizard Using this wizard you can create a connection to other computers and networks ena
87. having higher value has the priority against a level of a lower value The GPLIM processes priority by separating the two Queues High and Low SAMSUNG Telecommunications America L P 52 VLAN This menu is used to configure the Virtual Local Area Networking VLAN Configuration Select VLAN gt Configuration to display the VLAN configuration window VLAN Configuration LAN Operation Mode 802 10 IVL Ss Ss LAN LAN LAN Members 2 a Epi EPR Wp3 Epp MPS Erp KW PF PM PS 1 default MW p9 M pio M pii WM P12 M p13 WM pi4 M pi5 M P16 V uplink The VLAN mode is classified using four VLAN configuration methods depending on the selected mode e 802 1 QUVL Tag Based VLAN e MAC Based VLAN e Port Based VLAN e 802 1 Q SVL Tag Based VLAN Enter the VLAN name and ID then click the Add button Check the target VLAN and click the Delete button to delete the VLAN e VLAN Untagged Members Select the port that will send Ethernet frame that deletes TCI information if one of 1 to 17 ports is set to be sent by being switched Tagged VLAN configuration is available by connecting a terminal that IEEE 802 1Q is not supported to the selected port e VLAN Tagged Members Select the port that will keep and send TCI information if one of 1 to 17 ports is set to be sent by being switched Connect a terminal that IEEE 802 1Q is Supported SAMSUNG Telecommunications America L P 53 MAC Based VLAN VLAN
88. he selection of fields different sub setup window is displayed on the lower section of the window The details by fields are as follows e WAN The following protocol types can be selected in WAN Static IP Select Static IP if your Internet service account uses Fixed IP Static IP assignment PPPoE Select PPPoE if your Internet service account uses PPP over Ethernet login protocol such as in ADSL account DHCP Select DHCP if your Internet service account uses Dynamic IP assignment such as a Cable Modem account e LAN The following protocol types can be selected in LAN Private Select to assign the internal network numbers based on private IP address Public Select to assign the internal network numbers based on public IP address e NONE Select when the corresponding interface is not used SAMSUNG Telecommunications America L P 23 The detailed setup in accordance with the selection of each field is as follows WAN gt Static IP Select the WAN Static IP category to display the following configuration window The details by fields are as follows WAN Static IP Ethernet Interface IP 192 168 18 100 Netmask 255 255 0 0 MTU 1500 Byte Gateway 192 l AE Default Gateway vV Transparent Proxy e WAN Static IP IP Enter the public IP address assigned to the current network interface Netmask Enter the netmask address of the current network i
89. he DVMRP route item is expired DVMRP Intf This menu is used to add or set DVMRP VIF RD Interface This menu is used to add L3 interface where an IP address is set to DVMRP VIF Select the target interface to be added to VIF from the Interface item enter the target value and click the Add button RD Interface a OO O arume OO Interface etho aj 192 168 17 100 16 Reject Non pruners D ido not allow old version OVMRP neighbors Metric p 1 31 e Interface Select the target L3 interface e Reject Non pruners Non pruners indicate the neighbors that only support DVMRP with the previous version Mark if this is not communicated with the DVMRP with the previous version e Metric Metric distance value to be used for multicasting routing by VIF SAMSUNG Telecommunications America L P 88 DVMRP Interfaces This menu is used to display the configuration DVMRP VIF To delete a specific VIF check the check box on the left and click the Delete button DVMRP Interfaces E il rd2 100 1 2 10 24 BCAST N A a rds 100 1 3 10 24 BCAST O N A e Intf DVMRP VIF name e Address IP address of DVMRP VIF e Type DVMRP VIF type Tunnel Point to Point Broadcast e Neighbor Count Number of neighbors connected to DVMRP VIF e Remote Address Address of the other party in case of Tunnel or Point to Point type Peer Address PIM SM This menu is used to set PIM SM PIM SM amp Help Enter the target command into the
90. he L2TP PPTP tunnel set up in STATUS gt L2TP PPTP to insure it is properly connected PPTP L2TP Status Local IP Remote IP PPPO 192 168 0 234 192 169 1 234 SAMSUNG Telecommunications America L P 126 IDS Menu If selecting the IDS menu The submenus will be displayed in the upper left side of the window as follows oo NERS KU TERA E TENN NER Ap E ERASE Tin BI ETARE IDS Config Start or stop the IDS application Log Analysis Classifies the IDS logs that are currently stored in the WIM Data Server Configuration Sets up the rules and detection levels for the IDS application Rule Config Updates the IDS rule files Mail Config Registers the mail server and email address of the IDS manager Block Config Registers the trusted IP Address IP Addresses that are not set to be blocked SAMSUNG Telecommunications America L P 127 HomePage _ _ Tableof Contents IDS Config Management With this page the administrator can set up the operation of the IDS module and block module IDS Management Block Management 110800 Status Running Status that the module is in operation Stopped Status that the module is not in operation Action Click the Run button to begin the IDS application Click the Stop button to stop the IDS application Block time When the Data Server detects an intrusion from an IP Address then that IP Address is blocked until this ti
91. hentication Method e MTU Input of the maximum transmission frame size default 1492 e DNS Auto Automatically receives DNS information from ISP manual Does not receive DNS information SAMSUNG Telecommunications America L P 25 WAN gt DHCP Since the WAN gt DHCP item is automatically set without any additional configuration steps just click the OK button to complete the setup Input the Vendor ID if it is required For the auto assignment of DNS information just check the Auto radio button If DNS information must be entered manually check the Manual radio button Interface Type WAN LAN Protocol Type C Static IP PPPoE DHCP Click OF button to start Vendor ID DNS Auto C Manual LAN gt Private IP Enter the IP address and the netmask value to be assigned to the network interface connected to the internal network in the IP field and the netmask field of the LAN Private IP table below The IP Alias field is the same as the corresponding input field displayed when selecting WAN gt Static IP After the completion of the setup click the OK button LAN Private IP IP so fo fo ifs Netmask 255 255 255 o MTU 1500 Byte IP Alias SAMSUNG Telecommunications America L P 26 LAN gt Public IP Enter the IP address and the netmask provided by the ISP The IP Alias field is the same as the corresponding input field displayed when select
92. ia RIP O Path information received from another router via OSPF protocol gt Whether to have activated routing table Network Network Netmask information of route Entry Route Information Management Select General gt Management to start stop the RIP or OSPF services Management Action RIP Stop off z OSPF Stop Off x Configuration This menu is used to set static routes RIP and OSPF protocols Static Route Select Configuration gt Static and set a static route After setting the target item click the Save button Enter the Static Route command Static fip route 100 0 0 0 24 192 168 0 1 When the entered command is successfully executed the configuration is directly applied to lt Current Status gt of Router gt Configuration gt Static Help Select the argument corresponding to the ip route or no ip route command Click Argument to display all arguments corresponding to the command command OOO aet O O lip route 4 8 C D A B C D A B C D INTERFACE SAMSUNG Telecommunications America L P 72 Table of Contents Current Status Displays the current static table from the Data Server Displayed information is identical to Router gt General gt Routes Current Status asta 0 0 0 0 0 170 via 192 168 0 1 ethoO o gt 200 0 1 0 24 1 0 via 192 168 18 200 etho Type S Network statically set by an administrator gt
93. ication method entering password Certificate its own certificate and the CA certificate that authenticates the previous certificate are used for the authentication For Local settings select a certificate from the certificate list If selecting a certificate the Local ID of Advanced is entered automatically For Remote settings enter Remote ID It is available to check the integrity of the host certificate registered to Local If the value of the Router item is not entered the IP address item of the Local settings and Remote settings will be used as the Router item If the Subnet IP item value and the Subnetmask item value are not entered in the Remote settings the security tunnel between local subnet and remote host will be added Then remote IPSec client can operate as a part of local subnet SAMSUNG Telecommunications America L P 114 Router Value Configuration If IP Address of Local settings and the network address of IP Address of Remote settings the result of Netmask for IP Address are identical enter the value of IP Address of Remote settings as the value for the Router of Local settings and enter the value of IP Address of Local settings as the value for IP Address of Remote settings Connection ID Value Configuration The value of Connection ID should be configured of alohanumerical characters and the f
94. id level low Rule level is 4 days low level Description Type of logs detected at IDS Destination IP The administrator can summarize alerts by the destination IP Select this category and the following window appears SAMSUNG Telecommunications America L P 130 Summary by destination IP Mon Sep 26 04 16 59 2005 Mon Sep 26 21 21 08 2005 6 6 6 4 4 Num Local host Priority Description Wel LEE Ie ALI IB Res amet ie o LE LAS LE dk LN 192 165 17 100 LAE dte ka o LO med med med med med ICMP PING ICMP PING NIX ICMP PING BSOtype ICMP Echo Reply WEB MISC SSL 3 Invalid Cllant_Hello attempt Number of logs detected by IDS according to attacked Destination IP Attacked host IP of logs detected by IDS Risk level depending on the rules level of IDS High Rule level is one day the highest risk level Med Rule level is 2 or 3 days mid level Low Rule level is 4 days low level Destination Port The administrator can summarize alerts by destination port Select this category and then the following category appears Type of logs detected by IDS Summary by destination port Mon Sep 26 04 16 59 2005 Mon Sep 26 21 27 06 2005 Num Port SAMSUNG Telecommunications America L P Numbers of detected by IDS according to port when attacked Destination IP is a network e g LAN Attacked host IP of logs detected by IDS 131 Priority Risk level depending on
95. ig menu From this menu the DB can be Imported Exported or Defaulted Configuration System DB Import Browse Export Export the current system db Default Change the current system db to default system db Import Uploads a saved DB into the Data Server from a user s PC Export Saves the current Data Server DB onto a user s PC Default Changes the Data Server DB to factory defaults In order to change the DB by using the DB Import function the DB backup file should be saved on a PC The DB Default function changes the Data Server DB to factory defaults In order to access the web manager after a default use 10 0 0 1 via the LAN port of the internal network after restarting the system SAMSUNG Telecommunications America L P 156 DB Change When the DB is changed in the OfficeServ 7200 Data Server the system restarts CAUTION Admin Contig This function sets up the authentication server of the system login It sets up the Local Radius and Taccas authentication server Select the target authentication method and click the OK button Then the setting is applied and the setting page for the selected authentication method is displayed Login Policy Set Policy Local C Radius LC Taccas Local Change the Local Password Enter new password and click the OK button to change the Local Password of the system Category Configuration Hew Password Confirm Mew Password Radius
96. ing WAN gt Static IP After the completion of the setup click the OK button Interface Type Protocol Type Private LAN Public IP Ethernet Interface IF Netmask MTJ ef nemes OOOO NONE Disable network interface NONE NONE is selected when any interface is not selected SAMSUNG Telecommunications America L P 21 Serial V 35 Setup This is a submenu to specify V 35 Serial port Interface Type The Interface Type table is configured in the same way as that of Ethernet tables in the previous sections Refer to the Interface Type setup of the Ethernet setup Interface Type WAN C LAN NONE Serial Basic The Serial Basic table sets the basic information of the Serial Interface Select one of the Serial Protocols in the Encapsulation field of this table to display the configuration window SORA TRARRE WEE AU SSNS NE ERRA NO SSSA VA AGEs N NS NESS NAGE AE DOA Baska ESS TSS hs TG Soess SSS TOSS GS Sex e Serial Interface Name Name of the current serial port e Physical Line Type Physical line type of the current serial port e MTU Maximum packet size to be transferred at once e Encapsulation Selection of the serial protocol to be used Cisco HDLC Configuration Set the Encapsulation type as Cisco HDLC to display the Cisco HDLC Configuration window Specify the value for each field and click the OK button to store the configuration Cisco HDLC Configuration r
97. ion Port Mirroring Configuration Mode Off v Monitoring Port Monitored Port 12 uplink Miscellaneous Configuration MAC Age out Time 300 765 Broadcast Storm Filter Mode Auto MDI MDIX Mode Sets the use of the mirroring function Off Mirroring function not used Receive Mirroring for incoming packets Transmit Mirroring for outgoing packets Both Mirroring for incoming outgoing packets Monitoring Port Assigns a port for monitoring Generally this means a connection to a PC for monitoring Monitored Port Assigns a port where the monitoring wil be performed The monitoring port and the monitored port cannot be the same port MAC Age Out Delay Sets the duration that a MAC address remains in the address table The Bound default is 300 seconds If the LAN Port connection is released the MAC address is deleted immediately Broadcast Storm Filter The switch buffer can be set to 5 10 15 20 and 25 load If this value Mode is exceeded the broadcast packet will be discarded SAMSUNG Telecommunications America L P 51 QoS Configuration Select Port gt QoS Configuration to give set priorities according to the packets sent to the switch or process QoS by giving priority compulsorily to a specific port QoS Configuration QoS Mode feighted Round Robin Weight High Low 2 i ft Delay Bound Max Delay Time 1 255 r ff 255 l LevelO F Levelt D Level2 VF Level3 High Priority Levels M Le
98. irst character should be an alphabet The value cannot be composed of only numbers Advance Click the Advanced button from the lt IPsec Add gt or lt IPsec Mod gt window to display the following window and it is available to set up detailed items of IPSec Phase 1 Made Encrytion Hash Algorithm 3des shal Key Lite Time 3600 sec Phase 2 Protocol esp Encrytion Hash Algorithm 3des sha1 Key Life Time zeo00 Sec Dead Peer Detect Time Out 120 __ see Delay 30 sec Action hold x Advance Negotiation Count o Perfect Forward Secrecy DH Group5 gt Rekey yes 7 Connection Initiator Insec Letp C SAMSUNG Telecommunications America L P 115 Item Description Phase mode Ike mode main Configures a secure channel to perform the ISAKMP exchange of phase one aggressive Different type of phase one which is more simple and faster than the main mode Encryption Supporting Algorithm Hash Algorithm 3DES MD5 3DES SHA1 AES128 MD5 AES128 SHA1 AES192 MD5 AES192 SHA1 AES256 MD5 AES256 SHA1 Key life time IKE Duration If Key life time is passed the host authentication the phase one IKE is performed again Phase2 Protocol Selects a packet authentication protocol Authentication Header AH Allows the authentication of data transmitter Encapsulating Security Payload ESP Allows the authentication and data encryption Encryption Supporting Algorithm
99. is sent e Outgoing List of VIF where multicast is sent Management This menu is used to run or stop dvmrpd and pimd IPMC protocol demons lt Current Status gt of Management shows the current status of each demon To change the demon status select another status from Action and click the OK button Management DRF Stop On z PIM Stop Ort e Protocol IPMC protocol e Current Status Current IPMC protocol demon status e Action New status of IPMC protocol demon status SAMSUNG Telecommunications America L P 85 Configuration IGMP This menu is used to display and change IGMP configuration IGMP amp Help IGMP commands can be entered and executed Enter the target command into the input field and click the OK button Then the command is executed IGMP Command Help clear ip igmp ka IGMP Basic Enter new information and click the OK button to change the default configuration of IGMP IGMP Basic comman O O arome Interface i All etha F 192 168 17 100 16 IGMP Query Interval 125 1 65535 Default 125 Max Response Time fio 1 25 Default 10 e Interface Select the target IGMP interface and select All Then all interface configuration values are applied e IGMP Query Interval Cycle of sending IGMP Membership Query e Max Response Time Maximum time of waiting a response after sending Membership Query SAMSUNG Telecommunications America L P 86 IGMP Interface
100. is used to display the information on registered IGMP group IGMP Group Information e Group Address IGMP group address e Intf IGMP interface name e Uptime Time passed after IGMP group is created e Expires Left time until the IGMP Group information is expired e Last Reporter Client IP address that sends the last membership report SAMSUNG Telecommunications America L P 92 Status DVMRP This menu is used to display the DVMRP protocol status DVMRP Neighbors This menu is used to display the information on the DVMRP neighbor whose information is exchanged DYMRP Neighbors e Neighbor Address IP address of DVMRP Neighbor e Interface VMRP VIF name e Uptime Time passed after being connected e Expires Left time until the Neighbor connection information is expired DVMRP Prune Information This menu is used to display DVMRP Prune items DYMRP Prune Information LOD LILE ee Bese dLa I UOC 0 01 58 06 Off P Pruned H Host D Holddown N NeghFC I Init e Source Address Host Ip address that sends multicast packets e MaskLen Mask length of DVMRP Prune e Group Address Multicast group address e State Flags that display the DVMRP Prune status Refer to the description on the lower side e FCR Cnt DVMRP Forwarding Cache count e Expires Time passed after the DVMRP Prune information is created e ReXmit Left time until retransmission SAMSUNG Telecommunications America L P 93 PIM SM
101. k Add to display the window below Check Edit Properties P and click Finish IP Security Policy Wizard Completing the IP Secunty Policy Wizard You have successfully completed specifying the properties for your new P security policy To edit your IP security policy now select the Edit properties check bos and then click Finish M Edit properties To close this wizard click Finish Back Cancel SAMSUNG Telecommunications America L P 168 7 When the lt XP_OPSec Registration Information gt window is displayed the created items are displayed If the corresponding item is checked release the check and click Add IPSec Properties Es Rulez General as Security rules for communicating with other computers IF Security Rules IP Filter List Tu oO lt Dunamic gt Default Response Kerberos 4 2 Add Edit Remove I Use Add Wizard coca amp Click Add on the lt Security Rule Wizard gt window to display the window below Select The funnel endpoint is specified by this IP address and enter the fire wall external IP address 211 217 127 40 Click Next Security Rule Wizard Tunnel Endpoint The tunnel endpoint is the tunneling computer closest to the IP traffic destination as specified by the security rule s IP filter list AnlPSec tunnel allows packets to traverse a public or private internetwork with the security level of a direct private connection bet
102. k Management Protocol SPQ Strict Priority Queuing TFTP Trivial File Transfer Protocol VLAN Virtual Local Area Network VolP Voice Over IP VPN Virtual Private Network SAMSUNG Telecommunications America L P 182
103. k interface that the corresponding traffic session passes throughaf the default gateway is selected the load balancing by Network Load Balance Configuration is applied Backup Backup interface to perform the failover function when any failure occurs in the external network interface line selected in the Gateway field For the application of load balancing select default gateway The input of 0 0 0 0 in the IP address and netmask input field represents that any IP addresses are allowed as the source and the destination IP addresses In addition all Os of the source port number means that any port number is allowed as the source port number Network LoadBalance Management This item enable to execute close the NLB function If you select this item the following window is displayed The details for each item are as follows Network LoadBalance Management EE Faction O O Stop e Activity Current activity e Action Click the Run button to start the NLB service e If the OfficeServ 7200 system is restarted the NLB service will automatically return to its last state SAMSUNG Telecommunications America L P 36 Utility Select the Network menu The submenus will be displayed in the upper left side of the window as follows SRE AE MEER n tats a RS ee Sco ae a io A TSE Sagan RAE EE SRAM Ping The Ping menu is used to initiate a ping test The Destination IP item
104. ked IP List Manage Trusted IP List Fy Trusted IP List NWetmask EEE ass less 255 JL Manage Blocked IP List If an intrusion is detected when the IDS module and block module are all in operation the IP of the block that is set up at Configuration Menu according to the intrusion risk is blocked to access to the system for an amount of time Manage Blocked IP List shows the list of IP that the access is blocked SAMSUNG Telecommunications America L P 137 HomePage Table ofContents Manage Trusted IP List The administrator can register a trusted IP Enter the IP and netmask and click the OK button to register Check the IP list that is already registered and click the Delete button to delete the list The IP registered in this page is not blocked even in the abnormal status defined at IDS Management In this page the administrator can set up the operation of the IDS module and block module IDS Management Stop Run Block Management an Status Running Status that the module is in operation Stopped Status that the module is not in operation Action If clicking the Run button the module operates If clicking the Stop button the module stops operating Block time When detecting an intrusion in the block module the relevant IP is listed on the block list and the system access is blocked for a configured time After the configured time the IP is reLeased from the block list and
105. l preference among BGP attributes When the match condition is met and Action is set to Permit the job corresponding to Set operation is performed If the command is successfully executed the execution result is directly applied to lt Current Status gt SAMSUNG Telecommunications America L P 81 Current Status a ee e match ip address test set ip next hop 1 1 1 1 Sequence Match Set operation Sequence No of route map Entry Match Set operation information of route map Click the Prev button to move to the route map window mentioned above Click the Delete button to delete the target Match Set operation Status RIP This menu is used to display the RIP connection status and information RIP Information Se ae ae R 20 0 1 0 24 ajon abot 0 1 0 aba rd2 02 47 R 30 0 1 0 24 1 rd2 R 192 168 0 0 16 ema eakal 2 qual rd2 02 47 Network Displays network information Next hop Next hop address of the RIP route that sends neighbor Metric Metric information From Displays the connected address If Displays the interface information Time Update time SAMSUNG Telecommunications America L P 82 Table of Contents OSPF This menu is used to check the OSPF connection status and information with the other party s router OSPF Information Neighbor ID Neighbor ID of the router of the counterpart Pri Priority Status Connection progress status Dead Time End time Address Address of the coun
106. lication module of OfficeServ 7200 and describes procedures on installing and using the software Document Content and Organization This document contains three chapters one annex and an abbreviation as follows CHAPTER 1 OfficeServ 7200 Data Server Overview This chapter briefly introduces the OfficeServ 7200 Data Server Data Server CHAPTER 2 OfficeServ 7200 Data Server Installation This chapter describes the installation procedure and login procedure CHAPTER 3 Using the OfficeServ 7200 Data Server This chapter describes how to use the menus of the OfficeServ 7200 Data Server Data Server ANNEX A VPN Setting in Windows XP 2000 This chapter describes how to set up a VPN on Windows XP 2000 ABBREVIATION Abbreviations frequently used in this document are described SAMSUNG Telecommunications America L P 3 Conventions The following types of paragraphs contain special information that must be carefully read and thoroughly understood Such information may or may not be enclosed in a rectangular box separating it from the main text but is always preceded by an icon and or a bold title WARNING Provides information or instructions that the reader should follow in order to avoid WARNING personal injury or fatality CAUTION Provides information or instructions that the reader should follow in order to avoid a CAUTION _ service failure or damage to the system CHECKPOINT Provide
107. lue of each field and press the Add button to create new PVC PVC Interface DLCI fie 16 1007 of z IP Address figz free k00 iz i 24 Gateway i92 free _froo A Default Gateway M The Gateway is a Default Gateway MTU fisoo 128 1500 Default 1500 e DLCI Number of DLCI a type of network address e IP Address IP Address to be used by PVC e Gateway Gateway IP Address Peer Address of PVC e Default Gateway Mark the check box to set this gateway to default gateway This item is displayed if WAN is set e MTU Maximum size of the packet to transfer at once To edit the setting of a specific PVC select the target PVC from the list and enter the target information into each item Click the Edit button P C Interface OLCI fis f16 1007 f Jovyco 16 IP 4ddress sz ies zoo a i z4 Gateway isz fies Ecc a7 Default Gateway IM The Gateway is a Default Gateway MIT II isoo 128 1500 Default 1500 To delete a specific PVC mark the check box of the corresponding PVC and click the Delete button PVC Interfaces interface address Gateway et cw active mru E pycO 16 192 168 100 2 24 192 168 100 1 yes no 1500 E pycO 17 192 168 101 2 24 192 168 101 1 no no 1500 O PREN 192 168 102 2 24 192 168 102 1 no no 1500 SAMSUNG Telecommunications America L P 30 Serial Interface Summary The Serial Interface Summary table briefly displays the current information of the serial
108. m Check Session key Perfect Forward Secrecy PFS and click OK Request Security Optional Properties Security Methods General Permit Block Negotiate security Security Method preference order 4H Integrity ESP Confidential Add lt None gt 3DES lt None gt DES Edit SHA1 lt None gt MD5 lt None gt Remove Move up gt Move down I Accept unsecured communication but always respond using IPSec Allow unsecured communication with non IPSec aware computer IV Session key Perfect Forward Secrecy Cancel Apply SAMSUNG Telecommunications America L P 173 19 Check Edit Properties and click Finish to display the window creating the outbound item Click Add to create the inbound item Rules General ma Security rules for communicating with other computers IF Security Rules Authentication outbound Request Security 0 Preshared Rey O Al ICMP Traffic Request Security 0 Preshared Rey oO lt Dynamic Default Response Kerberos Edt Remove F Use Add Wizard 20 Click Next on the lt Security Rule Wizard gt window to display the window below Check The tunnel endpoint is specified by this IP address and enter the IP address of a client PC Click Next A Saath hoa EES T RAN OS MRNAS Sa sip Se a a mE CA ae Site ie WA ea ae TR Rea oe oe ae ei e E p lt p nin at HR a SEA Re AB Te Re T E
109. me Action Allows or prohibits the packet that matches the condition Source Match Sets the match conditions Any All packets Host A host Network Network range Exact match Available when ID is set to word and when match condition is set to Network Sets only the packets matched correctly with the prefix Destination If theAccess List ID ranges from 100 to 199 or from 2000 to 2699 Destination Match Match can be set as well as the Source Match condition Any All packets Host A host Network Network range If the entered command is successfully executed the execution results are directly applied to lt Current Status gt of Router gt List gt Access List For example when Access list is entered the lt Current Status gt window is displayed as follows Current Status a O O test permit 100 0 0 0 24 exact match Click the Delete button to delete the corresponding access list SAMSUNG Telecommunications America L P 78 Table of Contents ID Access list name information Entry Access list description Prefix List Select List gt Prefix List and set Prefix list After setting the target item click the OK button Prefix List Si SS ID 7 Seq ea Action Permit C Deny Any OT OC N Vf Wf Vel Mef Prefix Match ID Sets the prefix list name Seq Sets the sequence No of the prefix list Action Allows or rejects the packets matched Prefix Match Sets the match condition
110. mer is reached Log Analysis The administrator can view IDS alerts detected by the IDS application by category Select the desired category and click the OK button Then the following page appears Intrusion Type The administrator can summarize alerts by type If selecting the category of Intrusion Type the following window appears Summary by intrusion type Mon Sep 276 04 16 59 2005 Mon Sep 26 20 00 37 2005 ateo 6 carm med ICMP PING zem med ICMP PING NIX zem med ICMP PING BSDtype 15 81 med ICMP Echo Reply 12 69 med WEB MISC SSLY 3 Invalid Client Hello attempt SAMSUNG Telecommunications America L P 128 Category Intrusion type Analyzes logs detected by IDS rule Source IP Analyzes logs by Source IP detected at IDS Destination IP Analyzes logs of the OfficeServ 7200 external IP ethO eth1 eth2 detected at IDS Destination Port Analyzes logs when the destination IP of a log detected at IDS is the port of an external IP ethO eth1 eth2 Port Scan Analyzes the logs when the logs detected at IDS have port scan type Date Time that log is recorded Search Log Analyzes and retrieves logs Intrusion Type The administrator can summarize alerts by type Select the category of Intrusion Type then following window appears Summary by intrusion type Mon Sep 276 04 16 59 2005 Mon Sep 26 20 00 37 2005 eat 2an 6 64 med ICMP PING 2S of S56 med ICMP PING NIX cen 355 med ICMF PING ESDtYpe 6
111. n Select the corresponding port from VLAN Members and click the OK button VLAN Configuration LAN Operation Mode Mode PORT vi vaname wa a Pd LAN VLAN VLAN Members ID Name Untagged Tagged au Pi p2 P3 P4 PS P6 P7 PS P9 Pio v pii v p12 v p13 vl p14 Clei Fies Ces Fipa Fles Fipe Oe Fipe FIPS FIERO FIBIT pi2 O pis PT4 2 V2 SAMSUNG Telecommunications America L P 54 802 1Q SVL e 802 1Q SVL can be set and operate with the same method as 802 1Q IVL e IVL Independent VLAN Each VLAN operates while maintaining each MAC address table Because the security is enhanced data cannot be exchanged directly among VLANs e SVL Shared VLAN All VLANs operates while maintaining a MAC address table Because the security is not tightened and the MAC address table exists for all ports data can be exchanged among VLANs Port VID If the VLAN mode is set for Tag based VLAN then the Port VID is set at the VLAN gt Port VID menu to determine the processing system for untagged packets Port VID Configuration Port Portvip Forward Only this vD Drop Untagged Frame porti fi E E port2 port3 port4 ports porte port ports port portio portil porti2 portis porti4 portis porti6 ililultd dill eie i ae ees ee ed ed ed ed raa os ed es es es aa i 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 m mmm momom o a mmm m m o a H 4 uplink
112. nfiguration Server List O o SAMSUNG Telecommunications America L P 148 Management In this Menu the DHCP Relay is started and stopped Click on the Run button to start the DHCP Relay and click on the Stop button to stop the DHCP Relay DHCP Relay Agent Management VoIP NAPT On the VoIP NAPT Menu the NAPT item for the VoIP communication is displayed Status 32 units of the internal and external ports per MGI card are connected by one to one mapping Whenever the item of the DHCP Server is newly set the program for connecting the Call Server and Feature Server sends receives the new information to from the Call Server On this occasion the NAPT item is automatically configured at the Data Server for the VoIP commuication of the H 323 phone On the Status menu the related information is displayed VoIP For NAPT Status Ca a eS O memon fis reo foo i92 168 0 11g The MGI card set in the DHCP Server gt Configuration menu and the VoIP NAPT for the Call Server and Feature Server are made The screen above displays this information on the VoIP NAPT table SAMSUNG Telecommunications America L P 149 SIP ALG Config On the Config menu the SIP environment can be set Set the following item and click the Save button SIP Configuration The information on the firewall setup is displayed SIP IP Configuration External IP 192 168 17 100 Internal IP The Ex
113. ng for the traffic forwarding through the system using this menu Management The Management submenu activates inactivates the Firewall filter function Firewall Enable Disable Enable Disable Enable To enable the Firewall Filter function Disable To disable the Firewall Filter function Configuration The administrator can set up the firewall filtering policy for the packets passing through the system Config Mode Basic Mode O Advanced Mode Firewall Configuration Category Configuration Source IP OCOC LE OFAC Destination IF si i si ly El Target Allow E Basic Mode Enter the minimum options required for packet filtering Source IP To set the origination IP netmask range all Destination IP To set the destination IP netmask range all Target To select Allow or Deny SAMSUNG Telecommunications America L P 43 Table of Contents Advanced Mode This window allows the administrator to assign additional options for packet filtering Config Mode Basic Mode Advanced Mode Firewall Configuration Source IP JE JE OIC TAL Destination IP si Hi V El San Define ai E Cuse Range Multi i Protocol all bi Days M Everyday Time Set E Sun E mon E Tue E wed E Thu Beri sat Time 24 Hours o Al fc al co Al co Target Allow Index Na E zj Source IP To set the origination IP netmask
114. nge all Port To set the port Protocol To set the protocol Time Set To set the time to apply the remote access rule Target To set the permission of target Insert To select a location to insert the entered rule SAMSUNG Telecommunications America L P 45 IP Filtering The Administrator can perform IP Filtering via this menu IP Filtering Source IP mn M M hm Destination IP HE O O Zz p Define fai l Cuser CRangel Cmi f f Lf Protocol all a Port Days M Everyday Time Set F sun M Mon Tue M Wed M Thu Meri M Sat Time 24 Hours fo aj o aj 0 aj fo z Insert E z Configuration List No Entry Source IP To set the origination IP netmask range all Destination IP To set the Destination IP netmask range all Port To set the port Protocol To set the protocol Time Set To set the time to apply the remote access rule Insert To select a location to insert the entered rule SAMSUNG Telecommunications America L P 46 URL Filtering The Administrator can deny web access to PCs connected to the system URL Filtering Source IP C MO M M W pe Key Word Days M Everyday Time Set M sun M Mon M Tue M Wed M Thu W fri M Sat Time 24 Hours fo aj o aj fo A fo Configuration List No Entry Source IP To set the origination IP Keyword To enter the keyword of the site to deny Time Set To set the time to apply the fil
115. nterface MTU Enter the maximum transmission frame size Gateway Enter the public IP address received from Internet Service Provider or the IP address of a router Default Gateway Mark the check box in the Default Gateway field to select the default gateway interface when two interfaces are used for the external network e Transparent Proxy Proxy ARP is used when hosts or networks are added in the Transparent Proxy field Up to 128 Proxy ARPs can be set in the OfficeServ 7200 system without the change of the existing network To add entries click the Add button and enter the following IP address and netmask To delete entries select the entry to be deleted and click the Delete button e IP Alias Is used to add up to 32 IP addresses To add entries click the Add button and enter the following IP address and netmask To delete entries select the entry to be deleted and click the Delete button SAMSUNG Telecommunications America L P 24 WAN gt PPPoE Select the WAN PPPoE field to display the following setup window Enter the ID and Password of the ADSL account that is assigned from the ISP providing ADSL service based on dynamic IP WAN PPPoE Authenation ID linnopia Password eveece Check the Option check box in the lower section to display Method MTU and DNS setup window Method any MTL 1492 byte DNS f Auto C Manual The details by fields are as follows e Method Aut
116. on a distribution list of work stations 1s formed that determines which end stations will receive packets with a specific multicast address e 802 3x Layer 2 Flow Control Flow control is performed according to the value set for incoming rate and or outgoing rate Limiting the rate at which a port can receive or send traffic is used to ease congestion on bottlenecks in the network and provide simple prioritization when the network is busy SAMSUNG Telecommunications America L P 14 Router Functions e Manages paths and performs queuing for data packets on both external WAN and internal LAN e Performs static or dynamic routing e Supports RIPv1 Routing Information Protocol versionl RIPv2 and OSPFv2 Open Shortest Path First version2 e Functions as a client such as Dynamic Host Configuration Protocol DHCP Point to Point Protocol PPP and Point to Point Protocol over Ethernet PPPoE over the Ethernet WAN interface e Performs High level Data Link Control HDLC PPP or frame relay encapsulation over the Serial WAN interface e Supports IP multi casting Supports IGMPvi Internet Group Management Protocol versionl GMPv2 protocol Supports DVMRP Distance Vector Multicast Routing Protocol PIM SM Protocol Independent Multicast Sparse Mode multicast routing protocol e Performs functions by using an access interface for WAN 3 10 100 Ethernet Ports Used for WAN or LAN interfaces 10 Base T Ethernet Port U
117. on 3DES Integrity MD5 Diffie Hellman Med in the window below and click Move up to move the first row of the corresponding item Click OK Key Exchange Security Methods as Protect identities during authentication with these security methods Security Method preference order Encryption Integrity Add Edt Remove Move up gt Move down OK Cancel 26 Select IP Security Policies on Local Machine on the lt Console gt window Select the item newly created on the right corner of the window and right click the Assign menu Then policy assignment is changed into Yes lee lems Bead P berip Paice an Laial adr W p mie jp ban y foi Dga KPa P we aD tres iie Tee ieee Peg Pa dF oir basa g Iess fega na Pe F i eee g Map tapok GE Ts Rake Tea 27 Select Start gt Program gt Administrative Tools gt Services in the Window task bar and double click the IPSec Services item ah Services action view e Sm eR R gt m n w Services Local Sa Computer Browser Maintains a Started Automatic LocalSystem SRA DHCP Client Manages n Started Automatic LocalSystem Sy Distributed Link Tra Sends notif Started Automatic LocalSystem Sy Distributed Transac Coordinate Manual LocalSystem Resolves a Started Automatic LocalSystem Logs event Started Automatic LocalSystem Helps you Manual LocalSystem Ry FTP
118. ork information This value is set in the Network Menu It selects the Sub Network based on the IP Address of the Ethernet Interface Broadcast Broadcast address Address This value is set in the Network Menu It selects the Broadcast Address based on the IP Address of the Ethernet Interface Router Address Router address This value is set in the Network Menu It selects the Router Address based on the IP Address of the Ethernet Interface Default Lease Basic release allocation time of the IP address Time The IP Address release time for the overall IPs that are to be provided via DHCP Server can be set in increments of seconds CALL Server This field sets the Call Server s IP This is the IP Address of the MCP of the OS 7200 system When authenticated as host the Host ID is designated as SME_MCP as its default value CALL 192 168 0 2 192 168 0 1 255 255 255 0 SME_MCP IP Call Server s IP address Gateway Gateway Information Netmask Sub Netmask information MAC Host ID Types of the client authentication NONE Execute the DHCP IP request without the authentication MAC Authenticates with MAC HOST Authenticates with HOST ID Default value SME_MCP SAMSUNG Telecommunications America L P 144 Feature Server This feature will be supported in a future release of the OS 7200 Data Server MGI Cards This window sets the IP Addresses of the MGI card s mounted in the system Fir
119. ot replied until the time is elapsed the host is deleted from the group Max Response Configures the maximum time until its resoonse when IGMP Snooping query is received Other Query Configures the time until the operation as a querier starts when a query from the multicast router doest not exist Select the VLAN and the Category to configure enter the time and click the OK button to store the configuration SAMSUNG Telecommunications America L P 66 Function Select IGMP Snooping gt Function to specify the functions related to IGMP Snooping Function VLAN Disable Cross YLAR Flood DPM Default Disable Disable VLAN Selects the VLAN to be configured Querier Specifies the operation as IGMP querier when the multicast router does not exist Immediate Leave Deletes a host from the group immediately when receiving the Leave Message Cross VLAN Forwards multicast packets to all ports regardless of VLAN Flood DPM If no member exists in the IGMP group sets whether to forward multicast packets Querier and Immediate Leave can be set of each VLAN but Cross VLAN and Flood DPM can be set on a bridge basis Forwarding Table Select IGMP Snooping gt Forwarding Table to display the information on the members registered in IGMP Group Forwarding Table Click the Refresh button to update the information displayed on the web screen into the latest information SAMSUNG Telecommunications America L
120. played on the left top of the screen Network E Network b Ethernet Etherneti Ethernet Ethernet3 Serial v 35 DAS Network Link ARP Network Status E NLE Configuration Management El utility Ping Menu Submenu Description Network User configuration for Ethernet port P1 User configuration for Ethernet port P2 User configuration for Ethernet port P3 User configuration for Ethernet port P4 Configuration of V 35 Serial port DNS Configuration of a Domain name server Configuration of Ethernet port speed and transfer method ARP Management of additional ARP deletion Brief description of all port configuration information NLB User configuration for NLB function organization Operation of NLB function Utility Connection test of the communication with another system via Ping SAMSUNG Telecommunications America L P 22 Network The Network menu displays the five network interfaces built in to the Data Server This menu sets IP information transfer speed and transfer mode of each interface In addition this menu sets DNS ARP Network Load Balancing and has a ping utility Note It is recommended that your network interfaces be programmed before any other options in the Data Server Ethernet Setup Network gt Ethernet Select one of four Ethernet categories to display the setup window below The selection fields are displayed depending on the method used for the corresponding interface According to t
121. rd Confirm Confirms the password to be changed SAMSUNG Telecommunications America L P 164 ANNEX A VPN Setting for Windows XP 2000 If IPSec and PPTP should be set on the VPN menu of the OfficeServ 7200 Data Server VPN client should be also set on the MS Windows This section describes how to set VPN on the Windows XP The Windows 2000 case is similar with the Windows XP case Under the following network environment the setting procedures of IPSec and PPTP are as follows e External IP address of the OfficeServ 211 217 127 40 e Internal IP address of the OfficeServ 192 168 0 1 e Internal network IP address 192 168 0 0 e Internal network Netmask 255 255 255 0 e IP address of a Windows XP 2000 installed client PC 211 217 127 73 IPSec Setting IPSec and various encryption authentication algorithm can be used through the installation CD and Windows update in Windows XP 2000 Additionally LAN to VPN client can be configured through the IPSec IPSec Setting in Windows XP 2000 A Windows XP Executes IPSeccmd exe in the Support Tools setup folder of the NOTE Windows XP installation CD Windows 2000 Download and install Windows 2000 Service pack 2 in the Windows update site Or execute IPSecpol exe in the Support Tools setup in the Windows 2000 installation CD SAMSUNG Telecommunications America L P 165 1 Select the Start gt Run in the task bar and execute mmc to
122. ress and set to filter the frame data that has the same MAC address information with the entered value in the switch SAMSUNG Telecommunications America L P 48 Port The administrator can set the functions for the ports and retrieve information on the ports in the Port menu Configuration This table allows the administrator to set the configuration of the switch ports in the Port gt Configuration menu Port Configuration Pare Rate See EE ES ben Tepes eas All mn i o v __ Auto Auto olfollollfo folfolfolfo Oo On OUAU N W ollollollollollolfolf oO oO SN eS VS i 1 TT Sy VS I Se YT IS TS ST 1 IS ILS oO HHH HHH ec Ye P Ye A MP Yi TTT o o uplink Port There are16 switch ports All ports can be processed at once through the All item Active Sets whether to use a port or not Negotiation Auto Adjusts the speed through a negotiation with the counterpart Force Sets the speed without a negotiation with the counterpart Set the negotiation item as Force If setting the Duplex item as Full Nway Force Sets the Flow Control after negotiation Speed Dpx Speed Ports 1 12 can be
123. rica L P 110 Router This menu is used to display the current status of the Router service provided by the Data Server Router RIP Routing Information Protocol Running OSPF Open Shortest Path First Running BGP Bolder Gateway Protocol Running DYMRP Distancd Vector Multicast Routing Protocol Stopped PIM SM Stopped Application This menu is used to display the current status of the Application service provided by the Data Server Application MoS Quality of Service Stop SIP ALG Session Initiation Protocol Stop WTP Network Time Protocol Stop DHCP Dynamic Host Configuration Protocol Stop SSH Secure Shelli Running Telnet Running FTP File Transfer Protocol Stop Management This menu is used to display the current status of the Management service provided by the Data Server Management Network LoadBalance Stopped Accumulated Network System Monitoring Running SNMP Simple Network Management Protocol Stopped SAMSUNG Telecommunications America L P 111 VPN Menu Select the VPN menu The submenus will be displayed in the upper left side of the window as follows rr SERPS ANIR TI ERER AR TIS AREER ROSA a BERETS EEEN a T T m n PARRA SERA SI a TIRE ERE Menu Submenu Description IPSec Configuration Sets up IPSec Management Allows Inhibits execution of IPSec Sets whether to execute IPSec when the system reboots Certificate Generates or
124. s Port6 Port Ports Ports Port10 Port11 Port12 Port13 Port14 Root Port 0x8002 0x8003 0x8004 0x8005 0x8006 0x8007 0x8008 0x8009 0x800a 0x800b 0x800c 0x800d 0x800e Ox800f 200000 200000 200000 200000 200000 2000000 200000 200000 200000 200000 200000 200000 20000 20000 Enabled s0000000f0es20f9 so000000f0885544 400000 ial Thu Jan 1 09 00 00 1970 Designated Designated Designated Disabled Disabled Disabled Disabled Disabled Disabled Rootport Disabled Disabled Disabled Disabled SAMSUNG Telecommunications America L P Forwarding Forwarding Forwarding Discarding Discarding Discarding Discarding Discarding Discarding Forwarding Discarding Discarding Discarding Discarding so0000000f088s5544 s0000000f0885544 so0000000f0885544 s0000000f0885544 oooo000000000000 s0000000f0885544 oooo000000000000 ooo0000000000000 oooo000000000000 80000000f0885544 oooo000000000000 oooo0o00000000000 oooo000000000000 oooo000000000000 61 Bridge Information e Designated Bridge Identifier Its own bridge information is displayed in hexadecimal numbers The upper four digits represent the bridge priority and the remaining lower digits are expressed as the system MAC address e Root Bridge Identifier Among the connected switches it indicates the identifier of the switch equipment selected as the root bridge Therefore if there is no connection between switches the Root
125. s the operator with checkpoints for stable system operation NOTE Indicates additional information as a reference i Console Screen Output e The lined box with Courier New font is used to distinguish between the main content and console output screen text e Bold Courier New font will indicate the value entered by the operator on the console screen SAMSUNG Telecommunications America L P 4 Reference OfficeServ 7200 General Description The OfficeServ 7200 General Description Guide introduces OfficeServ 7200 and describes the system information necessary for the understanding of this system such as hardware configuration specification and function OfficeServ 7200 Installation Manual The OfficeServ 7200 Installation Manual describes the condition necessary for the installation of the system and how to inspect and operate the system OfficeServ 7200 Call Server Programming Manual The OfficeServ 7200 Call Server Programming Manual describes the method of using the Man Machine Communication MMC program that changes system settings by using phones Revision History 01 10 2006 First Version EDITION DATE OF ISSUE REMARKS SAMSUNG Telecommunications America L P 5 SAFETY CONCERNS For product safety and correct operation the following information must be given to the operator Administrator and shall be read before the installation and operation Caution Indication of
126. sed for WAN or LAN Interface Serial WAN Port Used for a private data line by connecting a data circuit unit such as DSU and CSU supports V 35 e Network Load Balance NLB Function Enables to distribute the load equally by specifying multiple Gigabit Ethernet lines or Serial interfaces as WAN and raise the availability by automatically sharing the load to the other lines when a line does not work Data Network Security e Outbound and Inbound NAT Network Address Translation PT Protocol Translation Controls an access to internal resources through conversion between the Global IP and Private IP e Firewall Controls an access from outside by the extended access list Intrusion Detection System IDS Detects and notifies an access to unauthorized areas by the access list Recognizes and notifies unauthorized packets by applying the basic intrusion rule for packets Detects and blocks DoS attacks such as SYN flood e Virtual Private Network VPN Function as a VPN gateway based on PPTP Point to Point Tunneling Protocol L2TP Layer 2 Tunneling Protocol IPSec Internet Protocol Security protocol Performs privacy and integrity through VPN tunneling and data encryption SAMSUNG Telecommunications America L P 15 Data Network Application e Functions as data network applications such as NAT PT Firewall VPN DHCP and Application Level Gateway ALG e Executed as application software that operates in th
127. sion The following window shows the version of the current rule set file and the released date Current Rules Information Rules Information Current version w 1 151 Release Date 2005 03 02 15 45 04 Th administrator can manulally update the rule set by clicking the Browse button and KN selecting a new Rule Set to upload NOTE Mail Config Set SMTP Server IP The administrator can enter an E Mail address to receive the SMTP Server IP and alert record Up to 10 E Mail addresses can be entered Set SMTP Server IP Server s IP SAMSUNG Telecommunications America L P 136 Set Time for Sending Mail The administrator can set up the time to send an email Set Time for Sending Mail Category Configuration Mow Send Mail Mow One Time a E Hour If clicking the button in the Now category an email is sent to the e mail address stored above the recorded alert Select One Time to send a mail at the relevant time The other items are used to check if there is an alert and send to Mail at the configured time daily weekly or monthly SMTP Server IP Configuration If you are not receiving an email verify the SMTP Server IP or retrieve the IDS log in CAUTION System gt Log If there is no recorded alert an email was not sent Block Config In this page the administrator can view the block list applied to the block module or enter a trusted IP Manage Blocked IP List Bloc
128. solutions mate by samsung Electronics It provides integrated solutions for you gt Forget Your ID amp Password Copyright 2003 Samsung Electronics Co Ltd Z Login using the administrator ID and password The following window will appear The default administrator name is admin and the default password is admin OfficeServ 7200 is enterprise IP solutions made by samsung Electronics It provides integrated solutions for you Login ID admin Password gt Save Your ID M gt Forget Your ID amp Password Copyright 2003 Samsung Electronics Co Ltd Click the Logout button on the upper right section of the window to close the connection to the Data Server SAMSUNG Telecommunications America L P 19 3 Click on the Data button to use the menus for the Data Server shown in the following window Uarra P sosom OfficeServ 7200 Home My Info Logout General Voice Mail E Mail 28 Administrator Network Firewall Port Layer2 Layer3 IPMC QoS Status YPN IDS YoIP_Service System Network E Network Interface Type WAN gt Etherneto Protocol Type Static IP Etherneti Ethernet2 Ethernet3 WAN Static IP Serial V 35 Network Link IP EEE ARP Network Status E NLB Netmask MTU Configuration Management E utility Gateway Jus2 ies fo 5 fa Default Gateway E Ping Transparent Proxy
129. st check at the Slot Select check box Second check at the checkbox on the left side of each item Last enter the IP Address External IP Port Gateway and Sub Netmask of the MGI card s Pip startPort Gateway Netmask M Slots Select i1f fioo07 fioo00 fto o 0 1 255 255 255 0 1 2 M fiooo8 fisooo 10 0 01 255 255 255 0 1 3 fioo09 20000 10 0 01 255 255 255 0 1 4 M 10 0 0 130 25000 10 0 01 255 255 255 0 Sa rc kel O 21M 10 0 0 113 35000 fio o 0 1 255 255 255 0 2 2 M fio 0 012 40000 10 0 01 255 255 255 0 2 3 fio0013 s5000 10 0 01 255 255 255 0 2 4 fioo014 50000 10 0 01 255 255 255 0 i O lt Lo kl lh Up to ten MGI cards can be entered into this table The figures on the left side indicate the locations of the cabinet slots The Start Port means the number of the first port among the 32 external ports where the services are to be provided in the MGI card If there is no entered number the setup is autumatically made as the values increasing by 5000 from no 1000 as the orders of the cabinets or slots IP Phone This defines the IP range of the IP phones that are to use the DHCP scope of the Data Server The DHCP IP pool allocated in this menu sets the authentication of the TP 5000 series IP phone and the allocation of the IP IP Range The IP range of the IP phone the maximum range 120 pieces When entering an IP enter 192 168 0
130. stination port SAMSUNG Telecommunications America L P 107 Statistics This menu is used to display Data Server network statistics of each device and protocol Devices Select Statistics gt Devices and display the Data Server network statistics by classifying received part and transmitted part of each device Received Ethernet 0 18314987 162219 Ethernet 1 8351384 6 601 Serial D o Oo j Ethernet 2 536234 Perd j j 0 Seriali T o Transmitted Ethernet 0 21932538 20795 Ethernet 1 774129 41635 0 oO Ethernet 2 T T oO Serial 0 0 0 0 Seriali T T Devices Port type Bytes Total number of bytes received or transmitted Packets Total number of packets received or transmitted Errs Number of packets where an error occurs Drop Number of packets lost Fifo FIFO queue is full FIFO Overrun Frame Ethernet header is not met the format Frame Alignment Error Compressed Number of compressed packets Multicast Number of multicast packets SAMSUNG Telecommunications America L P 108 Protocols Select Statistics gt Protocols and display the Data Server network statistics of each protocol Unit Byte NASIR SIRENS SN QAR Wena oo exsieaedt OA EERE eae Sb aies SS EAE a ee aL WET Rey eee op SEE ego ELEES iss SSL SEES Monitoring This menu is used to display the Data Server network statistics in real time or display as accumulation value of a certain period
131. system in the Reboot menu System Reboot Network will be disconnected If clicking the OK button all services are terminated and the system is rebooted The webscreen returns to the initial login window and the webscreen does not operate until the network and service are all executed after rebooting SAMSUNG Telecommunications America L P 163 My Info Menu If you click the My Info On the right upper side of the Web you can check your information can be confirmed If you enter the information into the Telephone number E mail address and Description entry window clicking the Save button the information is saved Only one piece of information can be saved If you enter on the password entry window the password that is to be changed clicking the Save button the login password is changed Although the system is rebooted the setup status 1s recovered into the last setup one Ra My Infomation ee Description Administrator Node ID Use Port 5000 Login ID admin Login IP 192 168 0 115 TEL No E Mail ID SIP URL Status Password Password Confirm Save Cancel Item Description Description Login user authority Node ID Information on the node logged in Use Port Port information Login ID Login user ID TEL No TEL No of the login user E Mail ID E Mail ID of the login user SIP URL Displays the connection URL information of the SIP Server Status Password Enters the password to be changed Passwo
132. t supported In addition if the WAN interface is used for SERIAL IPSec is not supported Since a SERIAL line is used for a dedicated line IPSec is not required for the security Config On the IPSec gt Configuration menu the administrator can add delete and search an IPSec tunnel IPSec Connection The menu buttons are defined as shown below Add Creates IPSec tunnel Delete Deletes IPSec tunnel Edit Modifies IPSec tunnel data SAMSUNG Telecommunications America L P 113 Add Click the Add button from the lt IPSec Connection gt window to display the window below Enter the value of each item and click the Add button to add an PSec tunnel Category Local Settings Remote Settings Connection ID KXXX IP i92 168 18 100 H 211 feiz 22 Router IF jicz faces fa le Subnet IP EC Subnet Mask 255 255 255 fo Authentication Method Connection ID ID composed of certain letters Required IP Address External IP address Required Router Router IP address Subnet IP Internal IP address Subnet Mask Internal subnet mask RSA Key Selects host authentication method Preshared Key RSA Key Public key is RSA key of Local settings Click the Download button Certificate to store RSA key to your PC and send it to other PC through a path After RSA key of Remote settings receives file in the target PC through a path click the Upload button to enter a key value Preshared Key Authent
133. tering rule ICMP Filtering The Administrator can deny the INTERNET CONTROL MESSAGE PROTOCOL ICMP Reply packet Select the target interface and enable the interface to apply to this table ICMP Filtering a O senin OOOO O O Ethernet C Enable Disable Etherneti C Enable Disable Ethernet2 Enable Disable Ethernet3 Enable Disable SAMSUNG Telecommunications America L P 47 Port Menu The Port Menu is used for the management of the Switch Ports when LIM card is installed in slot 2 Select the Port menu The submenus will be displayed in the upper left side of the window as follows T ARAB AR a OR DANES a 1 EES SEP WARS GARE AEE SEES a a eE N Menu Submenu Description Port Configuration To set the switch port environment Statistics To display the information and statistics on the transmission method link status and speed MISC To set the mirroring function and other switching functions QoS To set layer 2 QoS by giving priority compulsorily to specific ports VLAN Configuration To configures Virtual LAN VLAN Port VID To set the Port VID the process method for untagged packets when the VLAN mode is Tag based VLAN Classification To set VLAN based on protocol or MAC MAC Static To set MAC address to a static address table of the switch Address Dynamic To retrieve the dynamic address table or delete a MAC address Address Filter Address To enter a MAC add
134. ternal IP item and the Internal IP item are displayed on the list box so that the web manager can combine the usable information to select it If there are two external or internal networks or more the network that is to be used in the list box can be selected SIP IP Configuration External IP 192 168 17 100 Internal IP Map LIST Enter the information on the SIP devices located inside the firewall Map List Number ID IP E default 10 0 0 10 When there is no information on the IP or the phone on the SIP message entered outside the firewall the SIP message is converged to be sent into the IP terminal set in the default item Therefore this item should be surely entered The setup can be coventiently made when all traffic are considered as the calls of the digital phone by the Call Server Therefore on the default item in general enter the IP of the Call Server ID default aa Coa SAMSUNG Telecommunications America L P 150 When adding the Map information press the Add btton to add the entry window and insert the information When deleting the Map information check the checkbox of the deleted information and press the Delete button All setups can be reflected on the system when the OK button on the lower side of the setup SIP configuration is pressed Management The SIP ALG can be executed or its execution can stop by selecting the Management menu
135. ternal network interface line automatically backs up when any failure occurs in some of multiple external interfaces The details by fields are as follows e NLB Weight Relatively higher load is distributed in the line of the external interface side that higher numerical value is assigned The weighted value for each external interface should be the greatest common divisor minimum irreducible unit SAMSUNG Telecommunications America L P 35 Static Configuration Along with the Network Load Balance Configuration the Static Configuration window is used to pass a specific external network interface line by separately specifying the traffic session to satisfy a specific condition In this window entries can be added or deleted by clicking the Add or the Delete button in the bottom of the window 0 0 0 0 of the IP address field and all Os of the port field indicates all IP addresses all port numbers respectively Static Configuration ee Destination Traffic Distribution m fo ifo Ifo ifo b Wo Ifo Ifo Protocol tcp H maskfo b fo fo b fo fp p Gateway eth0 192 16F port fo fo fo fo Backup default gate e Source Source IP address netmask and port number of transfer session e Destination Destination IP address netmask and port number of transfer session e Traffic distribution Interface and protocol that transfer session passes through Protocol Protocol to be applied Gateway External networ
136. terpart Interface Connected interface SAMSUNG Telecommunications America L P 83 IPMC Menu Select the IPMC menu The submenus will be displayed in the upper left side of the window as follows El General t Mroutes Management El Configuration IGMP DAMIR DVMRP Intt PIM SM PIM SM Intt E Status IoMP Groups DY MRP PIM SM General Mroutes Displays Multicast Routing Entry Management Starts Stops IPMC protocol demons Configuration IGMP Displays or changes IGMP configuration DVMRP Displays or changes DVMRP default configuration DVMRP Intf Displays or changes VIF of DVMRP PIM SM Displays or changes PIM SM default configuration PIM SM Intf Displays or changes VIF PIM SM Status IGMP Groups Displays IGMP Group information DVMRP Displays DVMRP neighbor and Prune information PIM SM Displays PIM SM Neighbor information SAMSUNG Telecommunications America L P 84 General Mroutes This menu is used to display multicast routing entries being shown in this window Mroutes 100 1 1 11 224 1 1 100 00 00 08 OO Osi22 ie rd hele I Immediate Stat T Timed Stat F Forwarder installed e Mroute Multicast Routing identifier e Uptime Time passed after starting the operation of multicast routing entry e Expires Rest time until multicast routing entry is expired e Flags Multicast routing feature flag Refer to the description on the lower side e Incoming Name of VIF to which multicast
137. tes eres Sh nie Sk hin a Se cate win Se Sires eS ne Sc hd eri Sa cee eefo nda cutis ewes eae 112 DO P SE PEE E ASE EEA E ASE A E E SEEE E E SE E 113 EEA EER E EN E A A A E E AA E AA AAAA E ENAT E E E AE AA E A 121 BPW ie PE E E E E E E A EAE A E E 124 SAMSUNG Telecommunications America L P 10 E L e PPE E rind cece ance eereae sae E E eeu E andes E E 126 PDS MGI A E E E E A E E E E E 127 B SEE aS PTE E A EE TO EE titer S EE E E E E EE E E E E or ee eee er 128 VOIR SEVICE ME RU aE A NSA 139 26 411010 21 6 ee en EE E EEE E E E E E EE EN E E EENES 140 Exea ENO en A sewidadaceennesceactaeL seedcndegeua ene 143 DHCP SEVE vechec setsennnncedcncecniwenadiennscaedionssishainantinnsnduedeneatnindennntepiiecsuienssiieeniendsaswinenticeneecinberauleendeecsaedsneennetenbecsilensesdens 143 DROP CIA AJE er A E E R E E E E E E E 148 VOIPRNAPT o e E E E en nee a eee ee ee eee 149 APAL saa osce sete erases serge eps E eves stig S demeseeeceee ges oeeuareie che assoc besos cescueacat 150 System Menti aaa cate nets sacs aie ve vas ctse ese ties nigra ea Vee consis gn ee a de ies nego rs aa aaie ave seus aai 152 SNMP e hatch ee a ste ee re cele ee eet A acta seedless sete meee de use ene oceeicee sconce 153 PE CONO eeeeerten tenet ete eet ren ee ee A E ee ee ne ee ene eee a ee ee eee 156 PUN COTE coasts Sect ene ceeeayee eee E E E E E 157 LOG OO 158 Time OMEN AON cesses ssa osetneie etre ne in aea E EEEREN EEA ORe aa E TOEN Ea EENE aE A Eia 160
138. the System through a network or manual configuration NTP Config Select Time Configuration gt NTP Config and set up Time Server to synchronize the information on the time server date and time Current Time indicates the current time of the system NTP Server Status indicates the execution status of NTP Demon The Time Server is registered in the Time Server table For the registration method both IP and Domain Name methods are available But DNS Server should be set up to use Domain Name and a network should be connected to synchronize with Time Server by configuring such NTP Click the OK button to start or restart NTP demon to register Time Server NTP Configuration Current Time 2005 Sep 26 Mon 19 13 57 MTP Server Status Status Time Server Server 1 Server 2 SAMSUNG Telecommunications America L P 160 e Current Time indicates the current time of the system e NTP Server Status indicates the execution status of NTP Demon e Time Server is registered in the Time Server table For the registration method both IP and Domain Name methods are available But DNS Server should be set up to use Domain Name and a network should be connected to synchronize with Time Server by configuring such NTP Manual Config The administrator can set and modify the date and time of the system to the time that the administrator wants in the menu of Time Configuration gt Manual Config If clicking the OK
139. the DB currently set in the Data Server Admin Config Sets up the authentication of the manager Log Configuration Sets up whether to generate a log for each item Report Searches the system logs stored currently Download Downloads the system logs Time NTP Config Registers a Time Server where the information on the date and Configuration the time is taken and synchronizes the time with the time Server by using the NTP SAMSUNG Telecommunications America L P 152 Table of Contents Continued Time Manual Config These settings set the date and the time of the system or Configuration synchronizes the time with the Call Server Selects the areas categorized by GMT and sets the local time Upgrade Upgrades the Data Server with newest package version ApplServer These settings control telnet ftp and ssh access to the Data Server Reboot Reboots the system SNMP Configuration Set up the SNMP using the SNMP Configuration menu Click the Save button to apply the configuration to the system Click the Reset button to reset the configuration currently set up by the administrator System Option Sets the SNMP System Option SAA Dion SSAA TERS OEE SSR DS Location Sets up the information on System Location Access Sets up the information on System Contact Name Sets up the information on System Name Engine ID Sets up the information on System Engine ID Community Adds the new community used
140. the filtering rule for the target traffic in the target class SPQ CN SPQ queue is the simplest queuing method The priority of the leaf class can be set to NOTE high middle or low From the highest priority service is provided HTB Class Group HTB Class Group List P neme type parentpriel mru rate cet Burst f churst_ ie root root 10 Mbps C leaf leaf root 5 5 Mbps dev_yoip Sun Mon Tue OSH 12H 6 Mbps Click the Add button of HTB Class Group List in the lt HTB Class Group gt window to display the window where HTB class group can be set If the class type is root the window is displayed as follows Set each item and click the OK button HTB Class Group ID root Class Type root general C nondeaf leaf Rate fio mbps Burst Eyte SAMSUNG Telecommunications America L P 100 If the class type is general the window is displayed as follows Set each item and click the OK button HTB Class Group ID general Class Type root general nondeaf leaf Parent ID root aj Friority Rate Cell Burst CBurst Cancel If the class type is non leaf the window is displayed as follows Set each item and click the OK button HTB Class Group category O OO O vae OO ID a Class Type C root general non deaf leaf Parent IQ root Priqrity Rate Cell Burst Burst Cancel SAMSUNG Telecommunications America L P 101 If the
141. thernet to add a static MAC Address e IP IP address to be added e Mac MAC Address to be added ARP Age Time The ARP Age Time window is used for the setup of the cycle at Leaset 600 sec unit sec to delete the unused ARP in the ARP table ARP Age Time 600 sec ARP Refresh The ARP Refresh window is used for the modification of the changed ARP information in the ARP table of a route or a host when the network is changed In the host or the route with the destination IP the Mac with the current source IP is updated into the Ethernet Mac of the OfficeServ 7200 system ARP Refresh Destnation IP e Ethernet Ethernet to be changed e Source IP IP to be changed e Destination IP host or Mac to be changed SAMSUNG Telecommunications America L P 33 Network Status Select the Network Status submenu to display the Network Status window The window displays the access network of each Ethernet interface and its information Network Status Ethernet 0 EXTERNAL STATIC 192 168 20 200 255 255 0 0 192 168 0 1 Ethernet 1 Ethernet 2 INT_PRIV STATIC 20 0 0 1 2559 2991 2990 Ethernet 3 INT_PRIY STATIC alaja feal als pase ysis ll Serial Server 1 168 126 63 1 Server 2 168 126 63 2 NLB Select the Network menu The submenus will be displayed in the upper left side of the window as follows Network EO Network l Ethernet Etherneti Ethernetz Ethernet3 Serial W354 DAS Network Link ARP Network Stat
142. tion Management Stop Host IP Secret Key Host Port SAMSUNG Telecommunications America L P 70 Layer3 Menu Select the Router menu The submenus will be displayed in the upper left side of the window as follows General Routes Displays the routing table of the Data Server Management Starts or Stops RIP and OSPF Configuration Static Sets a static route Sets RIP RIP Interface Sets RIP Interface OSPF Sets OSPF protocol OSPF Sets OSPF interface Interface List Access List Sets access list Prefix List Sets prefix list Route Map Sets route map Key Chain Sets the key used for the authentication of RIP v2 Status Displays the RIP network information OSPF Displays the OSPF neighbor information General This menu is used to start stop RIP and OSPF services or to retrieve the routing table of the Data Server Routes Select General gt Routes to retrieve the routing table of the OfficeServ 7200 Data Server Routes Type Network pete S gt 0 0 0 0 0 1 0 via 192 168 0 1 etho CaS 10 10 0 0 16 is directly connected eth2 eae 127 0 0 0 8 is directly connected lo S 192 168 0 0 16 1 0 via 192 168 0 1 ethoO EA 192 168 0 0 16 is directly connected eth0 C Network directly connected to the Data Server network interface S Static network set by a administrator SAMSUNG Telecommunications America L P 71 R Path information received from another router v
143. to the OfficeServ 7200 The OfficeServ 7200 is a single platform that delivers the convergence of voice data wired and wireless communications for small offices This office in a box solution offers TDM voice processing voice over IP integration wireless communications voice mail computer telephony integration data router and switching functions all in one powerful platform The OfficeServ 7200 Data Server provides the network functions of a switch router and network security This document describes the data and routing capabilities of OfficeServ 7200 Data Server OfficeServ 7200 Configuration A For information on the configuration features or specifications of the OfficeServ 7200 NOTE refer to the OfficeServ 7200 General Description SAMSUNG Telecommunications America L P 13 Introduction to the OfficeServ 7200 Data Server The OfficeServ 7200 Data Server provides the following functions Unmanaged Switch e The switch performs the function of a layer 2 Internet switch as well as the Learning Bridge function based on the MAC address filtering and forwarding algorithm e The LIM module provides 16 LAN ports per module Each port is 10 100 Base T auto sending full duplex OS 7200 can support up to 8 unmanaged LIM Managed Switch When the LIM is installed in slot 2 with a Data Server in slot 1 it can function as a managed switch by using an access interface LAN on the Data Server OfficeSer
144. us E NLE Configuration Management El utility Ping The Data Server can support up to 5 external WAN interfaces The system can distribute the Internet access traffic to each external interfaces by using the NLB function For effective access traffic balancing the system uses the Weighted Round Robin method The NLB menu is used for the setup of the Network Load Balancing function SAMSUNG Telecommunications America L P 34 Configuration Network gt NLB gt Configuration This menu sets the network load balancing function If you select this menu the following configuration window is displayed The details for each item is as follows Network Load Balance Configuration NLB Weight etho ft NAT Status Enable Static Configuration Source Destination Traffic Distribution Network Load Balance Configuration The Network Load Balance Configuration is valid when at Leaset two network interfaces are specified as the external network interface For example if T1 private line and ADSL line are selectively connected to Ethernet 0 Interface eth 0 and Ethernet 1 Interface eth 1 the higher weighted value is given to the eth 1 connected with ADSL line that its bandwidth is relatively bigger and the lower weighted value is given to the eth O In this way the load balancing according to the performance of the external network line is performed The system has the Failover function that a different in
145. v 7200 supports 1 managed LIM As a managed switch the following features are support e 802 1D Spanning Tree The switch configures and processes the forwarding tree based on the spanning tree algorithm to prevent a packet forwarding loop in the switch e Layer 2 802 1p Packet Priority QoS The switch extracts the priority field from the Ethernet frame configured according to the 802 lp specification standard and discriminatively processes the frame according to the priority of the specified operation The switch then maps packets to a designated queue Up to 2 output queues Low and High are supported per egress port with queuing type of Weighted Round Robin or All High before Low For devices that do not support 802 1lp OS 7200 LIM can be configured to create an enforceable priority e Supports Virtual LAN VLAN The Virtual Local Area Network VLAN groups the related equipment by the work group according to the LAN operational policy regardless of the location of the user equipment VLAN removes the effects of unnecessary broadcasting packets and configures a stable switching subnet only for the corresponding group by separating and processing the group in the virtual LAN The VLAN can be configured based on the switch port MAC address and 802 1Q tag e IGMP Snooping IGMP Snooping provides a method for intelligent forwarding of multicast packets within a layer 2 broadcast domains By snooping IGMP registration informati
146. vel4 M LevelS M Level M Level Item Description QoS Mode Select the QoS mode First Come First Service Packets are transmitted according to there incoming order QoS function not used All High before Low Method that a packet that has higher priority is transmitted prior to a packet that has lower priority than that packet A packet is not transferred until the packets that are higher priorities than the packet are all transmitted Weighted Round Robin Method to transmit packets in the rate that high priority packets and low priority packets are configured at an established rate Weight For example if setting High Weight to 5 and Low Weight to 2 the five high priority packets are transmitted before the two priority packets are transmitted Weight Sets the rate of High weight and Low weight when the method of Weighted Round Robin is used Delay Bound Sets the time limit to prevent the low priority packets from being delayed too much Max Delay when the QoS mode is selected as All High before Low or Weighted Round Time Robin The unit of Max Delay Time is ms 1 1000 second and the default is 255 ms If a low priority packet is not switched even though the established time is exceeded the packet will be processed preferentially High Priority There are 8 tags to indicate priority Level O Level 7 does not indicate the actual Levels value of the priority and it is set as a level
147. ween two computers Specify the tunnel endpoint for the IP security rule This rule does not specify a tunnel f The tunnel endpoint is specified by this IP address 211 217 127 A SAMSUNG Telecommunications America L P 169 9 Select the Local Area Network LAN on the lt Network Type gt window and click Add to display the window below Select Use this string to protect the key exchange preshared kKey and enter the password registered with the firewall Click Next IP Security Policy Wizard Authentication Method To add multiple authentication methods edit the security rule after completing the IP security rule wizard Set the initial authentication method for this security rule Windows 2000 default Kerberos 5 protocol Use a certificate from this Certificate Authority CA Browse Use this string to protect the key exchange preshared key 10 Click Add on the lt Security Rule Wizard gt window to display the window below Enter outbound in the Name field and click Add IF Filter List An IF filter list is composed of multiple filters In this way multiple subnets IF addresses and protocols can be combined into one IP filter Mame outbound Description Add Edit Remove Filters M Use Add Wizard Description Protocal Source Port Destination SAMSUNG Telecommunications America L P 170 17 Click Add on the lt IP Filer
148. word Administrator ID and Password e IPCP Dynamic IP Use of Dynamic IP function to support IPCP e IP Address IP address of the serial port e Gateway Gateway IP Address Peer Address of the serial port e Default Gateway Mark the check box to set this gateway as the default gateway This item is displayed if WAN is set Frame Relay Configuration Set the Encapsulation type as Frame Relay protocol to display the Frame Relay Configuration table Specify the value of each field and click the OK button to store the configuration Frame Relay Configuration commana O O aroument O LMI Type ANSI ee C None Keep Alive Interval fio 5 30 seconds Default 10 N391 le 1 255 full status polling counter Default 6 N392 3 1 10 LMI error threshold Default 3 N393 4 1 10 LMI monitored event count Default 4 e LMI Type LMI type of Frame Relay e Keep Alive Interval Time interval to check Keep Alive e N391 Cycle to request all status information The information on all status is requested at every cycle specified in the N391 field As usual only Keep Alive is exchanged SAMSUNG Telecommunications America L P 29 e N392 Count of Keep Alives to estimate as the disconnection e N393 Buffer size to record success failure of Keep Alive The value of N393 should be bigger than that of N392 PVC Interface Select the Frame Relay protocol and then click the OK button to display the PVC Interface table Enter the va
149. y change Duplex type Network Link Configuration command argument OOOO O Ethernet Ethernet 0 Negotiation auto X Speed Duplex Network Link Status Ethernet Type tink JNeootiation speed Duplex mae Ethernet 0 10 1007 up auto 100 full 00 00 f0 00 00 01 Ethernet 1 10 1007 down auto 100 full 00 00 f0 00 00 02 Ethernet 2 10 1007 down auto 100 full 00 00 f0 00 00 03 Ethernet 3 10TX up 10 half 00 00 f0 00 00 04 e Ethernet Logical name of each Ethernet port e Type Type of Ethernet Cables SFP GBIC Adapters e Link Ethernet connection status e Negotiation Setup of auto and force modes e Speed Mbps Transmission bandwidth of the corresponding Ethernet interface e Duplex Transfer mode of the corresponding Ethernet interface e MAC MAC addresses by Ethernet interfaces ARP ARP list The ARP menu is used for the addition deletion management of the ARP information in each Ethernet interface ARP List Ethernet EthernetO Etherneti Ethernet2 Ethernet3 re O O o oe O O O cc O D stale 192 168 0 132 00 0f fe 19 3f 3b delay 192 168 18 222 00 a0 b0 0c e8 3a r stale 192 168 0 226 00 07 e9 71 55 94 E stale 192 168 0 227 00 0f fe 17 fa 1a SAMSUNG Telecommunications America L P 32 e Type ARP status e IP IP address sent ARP e Mac Mac address sent ARP Static ARP add The Static ARP add window is used to add Static ARP to the ARP table Static ARP Add e Ethernet E
Download Pdf Manuals
Related Search
Related Contents
Princess 575578 Instructions - Horizon Hobby Capitolato speciale d`appalto - Comune di San Benedetto del Tronto Warning: This appliance must be earthed Betriebsanleitung Bratmodul 70 l (2MB, PDF) Philips SJM3123 For iPod Car Charger HP M276nw Quick Reference Guide Copyright © All rights reserved.
Failed to retrieve file