Misc Tab

Java-Based Pipeline Configurator
Misc Tab

Buttons in All Windows

Update: Sends configuration settings to the Pipeline

Save: Saves configuration settings in a file

Settings

General settings

Logout on Device Disconnects: Controls whether the Pipeline automatically logs out when a device disconnects from the its control port or when the Pipeline loses power

General UDP Checksum: Controls whether the Pipeline generates a UDP checksum whenever it sends out a UDP packet

Ethernet Interface: Specifies which of the two Ethernet connectors on the Pipeline you use to connect to the local-area network

Security Log settings

APP Server settings

APP Host Address: Specifies the IP address of the host that runs the APP Server utility

APP Host Port: Specifies the UDP port number monitored by the APP Server utility

DHCP Spoofing settings

Spoof Address: Specifies the IP address that will be assigned to a DHCP client when DHCP spoofing occurs

Subnet Mask: Specifies the subnet containing the IP address that will be assigned to a DHCP client when DHCP spoofing occurs

Renewal Time: Specifies the lease time, in seconds, for the IP address specified by the the Spoof Address setting

System Log settings

Syslog Host Address: Specifies the IP address of the host to which the Pipeline sends system logs

Facility Group: Controls where the host that receives system logs stores them

SNMP settings

Read/Write Community: Specifies a read/write SNMP community name

SNMP Traps settings

Name: Specifies the name of the SNMP manager to which the Pipeline sends traps-PDUs (Protocol Data Units)

Manager Address: Specifies the IP address of the SNMP manager to which the Pipeline sends traps-PDUs (Protocol Data Units)

Community: Specifies an SNMP (Simple Network Management Protocol) community name

Trap Alarm Events: Controls whether the Pipeline traps SNMP Alarm events

Trap Security Events: Controls whether the Pipeline traps SNMP events related to system security

Usage: Click the Help button at any time to get online help for the settings in the current tab.

This opens a World Wide Browser, such as Netscape Navigator or Internet Explorer, and displays information about the settings.

To close the help display, close the browser as you would any other program. For example, in Windows 95, click the X button at the upper right of the window or choose Exit from the File menu.

With some browsers, a new window will open each time you click the Help button. If this happens, simply close each window when you're done with it.

Finding setting descriptions: At the beginning of each help window is a table of contents for the window. To go information about a particular setting, click the hyperlink (the underlined text in most browsers) for that setting in the contents. To return to the contents, use the control in your browser for going back, such as the Back button in Netscape Navigator or Internet Explorer 3.0.

Usage: Click this button to send the settings shown in the Java-Based Pipeline Configurator to the Pipeline.

These new settings replace the previous settings in the Pipeline. You can use this button at any time; you do not have to enter values for all settings before updating the Pipeline.

Usage: Click this to save the settings shown in the Java-Based Pipeline Configurator in a file on your computer.

You then use your operating system's facility for specifying a name and location for the file, such as the Save To dialog box in Windows 95.

You can later open a file in which you've saved settings by clicking the Open a Configuration File button in the first window that appears when you run the Java-Based Pipeline Configurator.

You can use this button at any time; you do not have to enter values for all settings before saving settings.

This setting is intended for use when two or more Ascend units on the same network are configured with redundant profiles and routes. It is not necessary to use this feature if you have a single Pipeline unit.

This feature was developed in response to a problem that occurred when two or more Ascend units on the same network were configured with redundant profiles and routes. If one of the redundant Pipeline units lost its dialout lines temporarily, it continued to receive outbound packets that should have been forwarded to the redundant Pipeline.

Usage: Enter whatever.

• Always

  Causes the Pipeline to always advertise its IP routes. Use this setting unless you have redundant Ascend units or don't use dialout routes.

  Always is the default.

• Only When Trunks Are Up

  Causes the Pipeline to stop advertising ("poison") its IP dialout routes if it temporarily loses the ability to dial out.

Usage: Check the box to enable automatic logout.

By default, automatic logout is disabled.

• ATMP

• SYSLOG

• DNS

• ECHOSERV

• RADIUS

• TACACS

• RIP

• SNTP

• TFTP

Usage:

• Check this box to cause the Pipeline to generate a UDP checksum when transmitting a UDP packet.

  Specify this setting if data integrity is of the highest concern for your environment, and having redundant checks is important; this setting is also appropriate if your UDP-based servers are located on the remote side of a WAN link that is prone to errors.

• Leave this box unchecked if you do not want the Pipeline to generate a UDP checksum when transmitting a UDP packet.

  This is the default. Use the default if you plan to use the data integrity guarantee of the Ethernet or PPP checksum only.

If you connect an Ethernet transceiver to either connector (such as a transceiver that converts Thick Ethernet to Thin Ethernet), choose the connector to which the transceiver is attached.

Usage: Choose one of the following:

• UTP

  Specifies the 10Base-T (unshielded twisted pair) connector

• AUI

  Specifies the Thick Ethernet (10Base-5) connector

Usage: Check the box to enable security card authentication using an APP Server utility.

If the box is not checked, calls are authenticated by the terminal server. This is the default.

• You must set Authentication for outgoing calls (in the Dial Out settings for a connection profile in the Connections tab) to PAP-Token for the Use APP Server setting to have any effect.

• The APP Server utility must be running on a UNIX or Windows workstation on the network to which you're connecting.

Enigma Logic SafeWord AS and Security Dynamics ACE authentication servers are examples of APP servers.

Usage: Enter the IP address of the authentication server.

The address consists of four numbers between 0 and 255, separated by periods.

Dependencies: Keep this additional information in mind:

• This setting applies only to outgoing calls using security card authentication.

• For this setting to have any effect, you must
  • Set Authentication for outgoing calls (in the Dial Out settings for a connection profile in the Connections tab) to PAP-Token

  • Check the Use APP Server checkbox

• The APP Server utility must be running on a UNIX or Windows workstation on the network to which you're connecting.

Usage: Enter the UDP port number monitored by the APP server.

Valid port numbers range from 0 to 65535. The default value is 0, which indicates that no UDP port is being monitored by the APP server.

Dependencies: Keep this additional information in mind:

• This setting applies only to outgoing calls using security card authentication.

• For this setting to have any effect, you must
  • Set Authentication for outgoing calls (in the Dial Out settings for a connection profile in the Connections tab) to PAP-Token

  • Check the Use APP Server checkbox

• The APP Server utility must be running on a UNIX or Windows workstation on the network to which you're connecting.

When DHCP spoofing is enabled, the Pipeline can act as a DHCP server for one IP address. When card-based security is used, the user must interact with the Pipeline to provide the card-based password. This interaction must occur over IP. However, the user doesn't have an IP address yet at the time when the password must be supplied.

To solve this "which came first" problem, the Pipeline supports DHCP spoofing. DHCP spoofing works like this:

• If there is no authenticated dial-up session and the Pipeline receives a DHCP Discover packet, it responds with a DHCP Offer packet containing the configured IP address, netmask, and renewal time. This is quickly verified by an exchange between the client and the Pipeline.

• The renewal time is limited to a few seconds to ensure that the computer gets its real address from the remote DHCP server as soon as possible.

• The APP Server utility runs using only broadcast addresses (see the discussion on the APP Server Utility and DHCP Spoofing in the Pipeline 75 User's Guide), so that the Pipeline does not need a real IP address and the temporary "spoofed" address is not relied upon.

• As soon as an authenticated dial-up link exists, the Pipeline refused to renew the spoofed address, forcing the computer to get its real address from the remote DHCP server.

Dependencies: For DHCP spoofing to work, you must also provide values for the Spoof Address, Subnet Mask, and Renewal Time settings.

The address must be a valid address on the local network.

Usage: Enter the IP address.

The address consists of four numbers between 0 and 255, separated by periods.

Dependencies: For DHCP spoofing to work, you must also provide values for the Enable, Subnet Mask, and Renewal Time settings.

Usage: Enter the number of bits for the subnet mask (a number from 0 to 31). The mask corresponding to this number is shown to the right of the number.

Dependencies: Keep this additional information in mind:

• The value of the Subnet Mask setting must match the Subnet Mask setting expected by the device to which the Pipeline connects.

• If you do not know the right subnet mask to enter, you must obtain it from the network administrator. Do not attempt to configure the subnet mask by guesswork!

This value represents the amount of time the address will be assigned to the requesting client. After the specified number of seconds, the client must attempt to secure the IP address again. If an authenticated dial-up session is active, the Pipeline refuses the request, forcing the client to obtain its real IP address from the DHCP server on the remote network.

Usage: Enter a number between 3 and 65535.

The default is 10.

Dependencies: For DHCP spoofing to work, you must also provide values for the Enable, Spoof Address, and Subnet Mask settings.

CDR is a feature that provides a database of information about each call, including date, time, duration, called number, calling number, call direction, service type, and associated inverse multiplexing session and port. Because the network carrier bills for bandwidth on an as-used basis, and bills each connection in an inverse multiplexed call independently, you can use CDR to understand and manage bandwidth usage and the cost of each inverse multiplexed session.

Usage: Check the box to send warning, notice, and CDR records to the host specified by the Syslog Host Address setting.

Dependencies: For logging to a host to work, you must also provide values for the Syslog Host Address and Facility Group settings.

Usage: Enter the IP address of the host to receive system logs.

An IP address consists of four numbers between 0 and 255, separated by periods.

Dependencies: Keep this additional information in mind:

• The Syslog host must be running UNIX.

• For logging to a host to work, you must also provide values for the Log to Host and Facility Group settings

System logs sent while the value of Facility Group is the same are grouped together in the host's file system. That is, all system logs sent while Facility Group is Local0 are grouped together, all system logs sent while Facility Group is Local1 are grouped together, and so on.

Usage: Choose one of the following:

• Local0

• Local1

• Local2

• Local3

• Local4

• Local5

• Local6

• Local7

  Local0 is the default.

The Pipeline uses this name to authenticate the SNMP management station. If an SNMP manager sends this community name, it can access the Get and Get-Next SNMP agents.

SNMP (Simple Network Management Protocol) provides a way for computers to share networking information. In SNMP, two types of communicating devices exist: agents and managers. An agent provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB).

SNMP security is implemented with the community name sent with each request. Ascend supports two community names: one with read-only access to the MIB (the Read Community setting), and the other with read/write access to the MIB (the Read/Write Community setting).

Usage: Enter the community name.

The name can contain up to 16 letters or numbers.

The default value is public.

The Pipeline uses this name to authenticate the SNMP management station. If an SNMP manager sends this community name, it can access the Get, Get-Next, and Set SNMP agents.

SNMP (Simple Network Management Protocol) provides a way for computers to share networking information. In SNMP, two types of communicating devices exist: agents and managers. An agent provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB).

SNMP security is implemented with the community name sent with each request. Ascend supports two community names: one with read-only access to the MIB (the Read Community setting), and the other with read/write access to the MIB (the Read/Write Community setting).

Usage: Enter the community name.

The name can contain up to 16 letters or numbers.

The default value is write.

Usage: Select a trap from the list and then provide values for the remaining SNMP Trap settings.

SNMP (Simple Network Management Protocol) provides a way for computers to share networking information. In SNMP, two types of communicating devices exist: agents and managers. An agent provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB).

A trap is a mechanism in SNMP for reporting system change in real time. To report system change, the Pipeline sends a traps-PDU across the Ethernet interface to the SNMP manager. A complete list specifying the events that cause the Pipeline to send a traps-PDU appears in the Ascend Enterprise Traps MIB.

Usage: Enter the name of the SNMP manager.

A manager name can contain up to 31 characters.

Example: snmpmgr

SNMP (Simple Network Management Protocol) provides a way for computers to share networking information. In SNMP, two types of communicating devices exist: agents and managers. An agent provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB). A trap is a mechanism in SNMP for reporting system change in real time. To report system change, the Pipeline sends a traps-PDU across the Ethernet interface to the SNMP manager. A complete list specifying the events that cause the Pipeline to send a traps-PDU appears in the Ascend Enterprise Traps MIB.

Usage: Enter the IP address of the SNMP manager.

An IP address consists of four numbers between 0 and 255, separated by periods.

Example: 202.101.99.8

Dependencies: If you do not know the right IP address to enter, you must obtain it from the network administrator. Do not attempt to configure an IP address by guesswork!

The name you specify becomes a password that the Pipeline sends to the SNMP manager when an SNMP trap event occurs. The password authenticates the sender with the IP Address setting.

SNMP provides a way for computers to share networking information. In SNMP, two types of communicating devices exist: agents and managers. An agent (such as the Pipeline) provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB).

A trap is a mechanism in SNMP for reporting system change in real time. To report system change, the Pipeline, sends a traps-PDU across the Ethernet interface to the SNMP manager. A complete list specifying the events that cause the Pipeline to send a traps-PDU appears in the Ascend Enterprise Traps MIB.

Usage: Enter the SNMP community name. The name can be up to 31 characters long and can include any combination of letters or numbers.

Example: ensenada

Dependencies: To turn off SNMP traps, leave this setting blank and set Manager Address to 0.0.0.0.

SNMP (Simple Network Management Protocol) provides a way for computers to share networking information. In SNMP, two types of communicating devices exist: agents and managers. An agent (such as the Pipeline) provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB). A trap is a mechanism in SNMP for reporting system change in real time. To report system change, the Pipeline sends a traps-PDU across the Ethernet interface to the SNMP manager. A complete list specifying the events that cause the Pipeline to send a traps-PDU appears in the Ascend Enterprise Traps MIB. Alarm events are defined in RFC 1215.

When Trap Alarm Events is checked, the Pipeline traps these events:

• coldStart

  This event indicates that the Pipeline started up from a power-off condition.

• warmStart

  This event indicates that the Pipeline started up from a power-on condition, typically by a system reset.

• linkUp

  This event indicates that a WAN link or Ethernet interface has come online.

• linkDown

  This event indicates that a WAN link or Ethernet interface has gone offline.

This is checked by default.

SNMP (Simple Network Management Protocol) provides a way for computers to share networking information. In SNMP, two types of communicating devices exist: agents and managers. An agent (such as the Pipeline) provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB). A trap is a mechanism in SNMP for reporting system change in real time. To report system change, the Pipeline sends a traps-PDU across the Ethernet interface to the SNMP manager. A complete list specifying the events that cause the Pipeline to send a traps-PDU appears in the Ascend Enterprise Traps MIB.

When Trap Security Events is checked, the Pipeline traps these events:

• authenticationFailure

  This event occurs when authentication has failed. See RFC 1215 for a full explanation of this event.

• consoleStateChange

  This event occurs when a VT100 or Telnet port changes its state.

This is unchecked by default.