8/13/2019 ROX-User-Guide-RX1000[1].pdf

1/340

RuggedRouter RX1000/RX1100 User Guide

RuggedCom Inc.

300 Applewood Crescent,Concord, OntarioCanada L4K 5C7

Tel: +1 905 856 5288Fax: +1 905 856 1995Toll Free: 1 888 264 0006

support@ruggedcom.com

8/13/2019 ROX-User-Guide-RX1000[1].pdf

2/340

RuggedRouter

RuggedRouter User Guide

for use with RX1000/RX1100 Products

ROX 1.14.3 release date: July 6, 2010User guide: December 22, 2010

RuggedCom Inc.

300 Applewood Crescent,Concord, OntarioCanada L4K 5C7

Tel: +1 905 856 5288Fax: +1 905 856 1995Toll Free: 1 888 264 0006

support@ruggedcom.com

Disclaimer

RuggedCom Inc. makes no warranty of any kind with regard to this material.

RuggedCom shall not be liable for errors contained herein or for consequential damages inconnection with the furnishing, performance, or use of this material.

Warranty

Five (5) years from date of purchase, return to factory. For warranty details, visitwww.ruggedcom.com or contact your customer service representative.

ALL RIGHTS RESERVED

This document contains proprietary information, which is protected by copyright. All rightsare reserved.

The RuggedRouter includes components licensed under the GPL and BSD style licenses.The full licences of such are included in an associated document.

No part of this document may be photocopied, reproduced or translated to another language

without the prior written consent of RuggedCom Inc.

Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.

The registered trademark Linux is used pursuant to a sublicense from LMI, the exclusivelicensee of Linus Torvalds, owner of the mark on a world-wide basis.

Industrial Defender is the registered trademark of Industrial Defender Corporation.

8/13/2019 ROX-User-Guide-RX1000[1].pdf

3/340

RuggedRouter

Revision 1.14.3 3 RX1000/RX1100

Table of ContentsAbout this User Guide ................................................................................................................... 19

Applicable Firmware Revision ................................................................................................ 19Who Should Use This User Guide ........................................................................................ 19

How To Use This User Guide ............................................................................................... 19Document Conventions ................................ .......................................................................... 19Quick Start Recommendations ....................... ....................................................................... 20

1. Setting Up A nd Administering The Router ................................................................................ 231.1. Introdu ction ............................... ..................................................................................... 23

1.1.1. Access Methods ................................................... ................................................ 231.1.2. Accounts And Password Management ......... ....................................................... 231.1.3. Default Configur ation ............................................................................................ 23

1.2. A ccessing The RuggedRouter Command Prompt .......................................................... 241.2.1. From the Console Port ........... ............................................................................ 241.2.2. From SSH ...................... ...................................................................................... 24

1.3. The Rugge dRouter Setup Shell ...................................................................................... 241.3.1. Conf iguring Passwords ............. ........................................................................... 251.3.2. Conf iguring IP Address Infor mation ..................................................................... 251.3.3. Setting The Hostname and Dom ain .................................................................... 261.3.4. Configuring RAD IUS Authentication ..................................................................... 261.3.5. Enabling And Disabl ing The SSH and Web Server ............................................. 261.3.6. Enabling And Disabling The Gaunt let Security Appliance .................................... 271.3.7. Configuring The Date, Time And T imezone ........................................................ 271.3.8. Disp laying Hardware Information .................... ..................................................... 271.3.9. Rest oring A Configuration ................ .................................................................... 28

1.4. The Rugge dRouter Web Interface ...................................................... ............................ 291.4.1. Using a Web Browser to Access the W eb Interface ............................................ 291.4.2. SSL Certificate Warnings .................. ................................................................... 301.4.3. The Structure of the Web Interface ............. ......................................................... 30

1.5. Using The LED Status Panel ................................................. ....................................... 321.6. Obtaining C hassis Information ..................................................................... ................... 33

2. Webmin Configur ation ................................................................................... ............................ 342.1. Introduction .................................................................. .................................................... 342.2. Webmin Co nfiguration Menu ....................................... ................................................... 34

2.2.1. IP A ccess Control ............................................ .................................................... 342.2.2. Cha nge Help Server ..................... ....................................................................... 362.2.3. Logging ........................................... ...................................................................... 362.2.4. Auth entication ........... ............................................................................................ 372.2.5. Web min Events Log ...................... ....................................................................... 38

3. Configure W ebmin Users ................................................................. ......................................... 393.1. Introduction .......................................... ............................................................................ 393.2. Webmin Us er and Group Fundamentals ........................ ................................................ 393.3. RADIUS U ser Access Control Fun damentals ................................................................. 393.4. Webm in Users Menu ... ................................................................................................... 403.5. E dit Webmin User menu ................................. ................................................................ 413.6. Curren t Login Sessions Menu ........... ............................................................................. 423.7. Passw ord Restrictions Menu . ......................................................................................... 42

8/13/2019 ROX-User-Guide-RX1000[1].pdf

4/340

RuggedRouter

Revision 1.14.3 4 RX1000/RX1100

4. Configuring The System ............................................................................................................ 444.1. Introduction ...................................................................................................................... 444.2. Bootup And Shutdown ................................................................................................... 454.3. Change Password Command ........................................................................................ 464.4. Scheduled Commands .................................................................................................... 474.5. Scheduled Cron Jobs ........................ ............................................................................ 474.6. System Ho stname ............................ ............................................................................. 494.7. System Tim e .......................................................... ........................................................ 49

5. Configuring Netwo rking ........................... ................................................................................... 505.1. Introduction .................................. .................................................................................... 505.2. IPv6 Funda mentals ................................................... ...................................................... 505.3. Network Co nfiguration ........................................................... .......................................... 50

5.3.1. Core Settings ................................... .................................................................... 515.3.2. Dum my Interface .............................. .................................................................... 525.3.3. Static Routes ............... ....................................................................................... 525.3.4. Stati c Multicast Routing ............ ............................................................................ 555.3.5. DNS Client ...... ..................................................................................................... 55

5.3.6. Host Addresses .................................... ................................................................ 565.3.7. End To End Backup ..................................... ........................................................ 565.3.8. Curr ent Routing & Int erface Table ....................................................................... 58

6. Configuring Ether net Interfaces ...................... ........................................................................... 596.1. Introduction ...................................................................... ................................................ 59

6.1.1. Ethe rnet Interface Fundamental s ......................................................................... 596.1.2. VLA N Interface Fundamentals ......... .................................................................... 596.1.3. PPP oE On Native Ethernet Interfaces Fundam entals .......................................... 606.1.4. IPv6 on Ethernet Fundamenta ls ........................................................................... 606.1.5. Bridge Fundamentals ....... .................................................................................... 60

6.2. Ethernet C onfiguration .......................... .......................................................................... 616.2.1. Ethe rnet Interfaces ..................................... .......................................................... 626.2.2. Editi ng Currently Active Interfaces ............................................. ......................... 626.2.3. Edit Boot Time Interfaces ........................ ............................................................ 636.2.4. Brid ge Configuration .................................... ......................................................... 646.2.5. PPPoE On Nati ve Ethernet Interfaces ................................................................ 646.2.6. Edit PPPoE Interface ........... ................................................................................ 656.2.7. PPP Logs ....................................................... ...................................................... 666.2.8. Curr ent Routes & Interface Tab le ........................................................................ 66

7. Configuring Frame Relay/PPP And T1/E 1 ................................................................................ 677.1. Introduction ........................... ........................................................................................... 67

7.1.1. T1/E 1 Fundamentals ..................... ....................................................................... 677.2. T1/E1 Conf iguration .................. ...................................................................................... 68

7.2.1. T1/E 1 Network Interfaces ... .................................................................................. 697.2.2. Editi ng A T1/E1 Interface ..................................................................................... 717.2.3. Editing A Logical Interface (Frame Relay) .......................................................... 727.2.4. Editing A Logical Interfa ce (PPP) ....................................................................... 737.2.5. T1/E1 Statistics .................................................................................................... 747.2.6. T1/E1 Loopback ...... ............................................................................................. 767.2.7. Current Routes & Interface Table ........................................................................ 787.2.8. Upgrading Software ..... ......................................................................................... 787.2.9. Upgrading Firmware ......... .................................................................................... 78

8/13/2019 ROX-User-Guide-RX1000[1].pdf

5/340

RuggedRouter

Revision 1.14.3 5 RX1000/RX1100

8. Configuring Frame Relay/PPP And T3/E3 ................................................................................ 798.1. Introduction ...................................................................................................................... 79

8.1.1. T3/E3 Fundamentals ............................................................................................ 798.1.2. Location Of Interfaces And Labeling .................................................................... 798.1.3. LED Designations ................................................................................................. 79

8.2. T3/E3 Conf iguration ......................... .............................................................................. 808.2.1. T3/E 3 Trunk Interfaces .......................... ............................................................... 808.2.2. Editi ng Logical Interfaces ........... .......................................................................... 828.2.3. T3/E 3 Statistics ......................... ........................................................................... 838.2.4. Curr ent Routes & Interface Table ................. ....................................................... 848.2.5. Upgr ading Software .................... ........................................................................ 84

9. Configuring F rame Relay/PPP And DDS ....... ........................................................................... 859.1. Introduction .............................................................. ........................................................ 85

9.1.1. DDS Fundament als .............................................................................................. 859.2. D DS Configuration .................................................. ........................................................ 85

9.2.1. DDS Network Interfaces ........... ............................................................................ 869.2.2. Editi ng A Logical Interface (Frame Relay) ...... ..................................................... 87

9.2.3. Editi ng A Logical Interface ( PPP) ......................................................................... 889.2.4. DDS Statistics ...................................................... ................................................ 889.2.5. DDS Loopback ................................................... .................................................. 899.2.6. Curr ent Routes & Interface Table ...... .................................................................. 899.2.7. Upgrading Software ........ ...................................................................................... 90

10. Multilink PPP ov er T1/E1 ....................................................... ................................................ 9110.1. Introductio n .......................................... .......................................................................... 91

10.1.1 . Multilink PPP Fu ndamentals .............................................................................. 9110.1.2. Notes on T1/E1 Channelization ................ ......................................................... 91

10.2. Confi guring PPP Multilink over T1 /E1 ......................................................................... 9110.3. Multil ink PPP Statistics ........................................ ......................................................... 92

11. Configuring PPP oE/Bridged Mode On ADSL ................. ......................................................... 9411.1. Introductio n ...................................................... .............................................................. 94

11.1.1 . ADSL Fundame ntals .......................................................................................... 9411.1.2. PPPoE/Bridged Mode F undamentals ................................................................. 94

11.2. ADSL Co nfiguration ......................... ............................................................................. 9611.2.1. AD SL Network Interfaces ........................... ........................................................ 9611.2.2. Edi ting A Logical Interfac e (PPPoE) .................................................................. 9711.2.3. Edi ting A Logical Interfa ce (Bridged) ................................................................. 9811.2.4. AD SL Statistics ........................................... ....................................................... 9911.2.5. Cur rent Routes & Interface Table ............................ .......................................... 9911.2.6. Up grading Software ...................... ...................................................................... 99

12. Configuring PPP And the Embedde d Modem ....................................................................... 100

12.1. Introductio n ...................................... ............................................................................ 10012.1.1 . PPP and Mode m Fundamentals ...................................................................... 10012.2. PPP Modem Configuration .......................... ............................................................... 101

12.2.1. Mo dem Configuration ............. .......................................................................... 10212.2.2. Mo dem PPP Client Connections ................ ...................................................... 10412.2.3. Mo dem PPP Client ........ ................................................................................. 10512.2.4. Mo dem PPP Server ...................... .................................................................. 10612.2.5. Mo dem Incoming Call Logs ....... ...................................................................... 10812.2.6 . Modem PPP Logs ........ .................................................................................... 108

8/13/2019 ROX-User-Guide-RX1000[1].pdf

6/340

RuggedRouter

Revision 1.14.3 6 RX1000/RX1100

12.2.7. Modem PPP Connection Logs ......................................................................... 10912.2.8. Current Routes & Interface Table .................................................................... 109

13. Configuring PPP And The Cellular Modem ........................................................................... 11013.1. Introduction ................................................................................................................ 110

13.1.1. PPP and Cellular Modem Fundamentals ......................................................... 11013.2. PPP Cellular Modem C onfiguration ............................................................................ 111

13.2.1. Cellular Modem Acco unt Activation ................................................................ 11213.2.2. Cel lular Modem Con figuration .......................................................................... 11313.2.3. Mo dem PPP Client Co nnections ...................................................................... 11613.2.4. Mo dem PPP Client .......................... ................................................................. 11713.2.5 . PPP Logs, PPP Connection Log s .................................................................... 11713.2.6. Cur rent Route and Interfaces Tabl e ................................................................. 117

14. Configuring The Firewall ............................................ ............................................................ 11814.1. Introduction ........... ....................................................................................................... 11814.2. Firewall F undamentals ............................ .................................................................... 118

14.2.1. Sta teless vs Stateful Firewalls ................................................. ........................ 11814.2.2. Lin ux netfilter, iptabl es And The Shoreline Firewall ....................................... 118

14.2.3. Net work Address Transla tion ........................................................................... 11914.2.4. Por t Forwarding ............. ................................................................................... 11914.3. Shorewall Quick Setup ............... ................................................................................. 12014.4. ShoreWall Terminology And Concepts ....................................................................... 121

14.4.1. Zon es ..................................... ........................................................................... 12114.4.2. Inte rfaces ......................... ................................................................................. 12114.4.3 . Hosts ............................... ................................................................................. 12214.4.4. Pol icy ................................................................... ............................................. 12214.4.5. Ma squerading And SNAT ....................................... ......................................... 12314.4.6 . Rules .................................................... ............................................................ 124

14.5. Configurin g The Firewa ll And VPN ............................................................................. 12514.5.1. Pol icy Based Virtual Private Network ing .......................................................... 12514.5.2. Virt ual Private Ne tworking To A DMZ .............................................................. 126

14.6. Firewall C onfiguration .. ............................................................................................... 12614.6.1. Net work Zones ........ ......................................................................................... 12814.6.2. Net work Interface s ........................................................................................... 12914.6.3 . Network Zone Hosts .................................. ....................................................... 13114.6.4 . Default Policies ................. ................................................................................ 13114.6.5. Ma squerading .................... ............................................................................... 13214.6.6. Fire wall Rules ........................................ ........................................................... 13314.6.7. Sta tic NAT .................................................................................. ...................... 13414.6.8. TC (Traffic Control) Interfaces, Classes, a nd Rules ......................................... 13514.6.9 . Actions When Stopped ..... ................................................................................ 135

15. Traffic Cont rol ...................... ................................................................................................. 13715.1. Traffic Control (TC) Fundam entals ............................................................................ 13715.1.1. Tra ffic Control Example .................................... ................................................ 137

15.2. Traffic Co ntrol Configuration .................................... ................................................... 13815.2.1. TC Interfaces (tcdevices) ....... .......................................................................... 13815.2.2. TC Classes ................................................. ...................................................... 13915.2.3. TC Rules ................................................. ......................................................... 141

16. Configuring IPse c VPN ......................................................... ................................................ 14416.1. Introd uction ...................................................... ............................................................ 144

8/13/2019 ROX-User-Guide-RX1000[1].pdf

7/340

RuggedRouter

Revision 1.14.3 7 RX1000/RX1100

16.1.1. VPN Fundamentals .......................................................................................... 14416.2. IPsec VPN Configuration ............................................................................................ 147

16.2.1. VPN Main Menu Before Key Generation ......................................................... 14716.2.2. VPN Main Menu ............................................................................................... 14816.2.3. Server Configuration ........................................................................................ 14916.2.4. L2T PD Configuration ....................................... ................................................. 15016.2.5 . Public Key ....... ................................................................................................. 15116.2.6. Pre-shared Keys ............................................................................................... 15116.2.7. List Certificates ........................................... ...................................................... 15116.2.8. VP N Connections ......................... .................................................................... 15216.2.9. Sh owing IPsec Status ...................... ................................................................ 15516.2.10. IP Sec X.509 Roaming Client Examp le ........................................................... 156

17. Configuring Dyn amic Routing .................... ............................................................................ 16017.1. Introd uction .............................. .................................................................................... 160

17.1.1. Qu agga, RIP, OSPF, and BGP ....................................................................... 16017.1.2 . BGP Fundamen tals .......................................................................................... 16017.1.3. RIP Fundament als .......................................................................................... 160

17.1.4. OS PF Fundamentals ............................ ........................................................... 16117.1.5. Key OSPF And RIP Parameters ........................ .............................................. 16217.1.6. OS PF And VRRP Example Ne twork ................................................................ 164

17.2. Dynamic Routing Configuration ...... ............................................................................ 16517.2.1. En able Protocols ....................................... ....................................................... 16617.2.2. Cor e ..................................................... ............................................................. 16617.2.3. BG P configuration .......................... .................................................................. 16717.2.4 . OSPF ...................................... .......................................................................... 17317.2.5. RIP ...................................................... ............................................................. 177

18. Link Backup .......................... ................................................................................................. 18218.1. Introduction ....... ........................................................................................................... 182

18.1.1. Lin k Backup F undamentals .............................................................................. 18218.2. Link Back up Configurati on .......................................................................................... 183

18.2.1. Lin k Backup Main Menu ....... ............................................................................ 18318.2.2. Lin k Backup Co nfigurations .............................................................................. 18418.2.3. Edi t Link Backup Configurat ion ........................................................................ 18418.2.4 . Link Backup Logs ........................... .................................................................. 18518.2.5. Lin k Backup Status ........................................... ............................................... 18618.2.6. Tes ting A Link Backup Configuration .......... ..................................................... 18618.2.7. Sch eduled Link Backup Test ..... ...................................................................... 186

19. Configuring VRR P ........................................ .......................................................................... 18919.1. Introductio n ........................................ .......................................................................... 189

19.1.1. VR RP Fundamentals .................................. ...................................................... 189

19.2. VRR P Configuration ... ................................................................................................. 19219.2.1. VRRP Main Menu ............. ............................................................................... 19219.2.2. VR RP Configuration Menu ..................................... .......................................... 19219.2.3. Edi ting A VRRP Instance ........... ...................................................................... 19319.2.4. Edi ting A VRRP Group ........ ............................................................................ 19419.2.5. Vie wing VRRP Instances Status ...................................................................... 194

20. Traffic Prioritizati on ................................. .............................................................................. 19620.1. Introductio n .......................... ........................................................................................ 196

20.1.1. Tra ffic Prioritization Fundamenta ls .................................................................. 196

8/13/2019 ROX-User-Guide-RX1000[1].pdf

8/340

RuggedRouter

Revision 1.14.3 8 RX1000/RX1100

20.1.2. Prioritization Example ....................................................................................... 19820.2. Configuring Traffic Prioritization .................................................................................. 199

20.2.1. Traffic Prioritization Main Menu ........................................................................ 19920.2.2. Interface Prioritization Menu ............................................................................. 20020.2.3. Prioritization Statistics ...................................................................................... 202

21. Link Layer Discovery Protocol (LLDP) ........................... ...................................................... 20321.1. LLDP Sta tus ............................................................................... ............................... 203

22. Configuring Gen eric Routing Encapsulation ...................... ................................................... 20422.1. Introd uction ................. ................................................................................................. 204

22.1.1. GRE Fundamentals ..... ..................................................................................... 20422.2. GRE Con figuration ............................................... ....................................................... 205

22.2.1. GR E Main Menu ................................... ........................................................... 20522.2.2. GR E Configuration Menu ........................... ...................................................... 205

23. Network Utilities .............................. ....................................................................................... 20723.1. Introductio n ...................................... ............................................................................ 20723.2. Network U tilities Main Menu .......... ............................................................................. 20723.3. Ping Men u ........................................ ......................................................................... 208

23.4. Ping Chec k Menu .................................. .................................................................... 20823.5. Tracerout e Menu ............................................ ............................................................. 20923.6. Host Menu ............................................... .................................................................... 21023.7. Trace Me nu ................................................................. ................................................ 210

23.7.1. Tcp dump A Network Interface ...................... .................................................. 21123.7.2. Fra me Relay Link Layer Trace A WAN Int erface ............................................. 21223.7.3. Ser ial Trace A Serial Server Port ........................ ............................................. 212

23.8. Interface Statistics Menu ................................. ............................................................ 21323.8.1. Cur rent Routing & Interface Table ................................................................... 213

24. Configuring Serial Protocols ................................................................................................. 21524.1. Introduction ................................. ................................................................................. 215

24.1.1. Ser ial IP Port Features .................................. .................................................. 21524.1.2 . Serial Protocols Applications ............................................................................ 21624.1.3. Ser ial Protocols Concepts And Issues ......... .................................................... 21724.1.4. Tcp ModBus Server Application ............................................ ............................ 21824.1.5. Tcp Modbus Concepts And Issues ............ ....................................................... 21924.1.6 . DNP (Distributed Network Protocol) ................................................................. 221

24.2. Seria l Protocols Confi guration ..................................................................................... 22224.2.1 . Serial Protocols Main Menu ............................................................................. 22224.2.2 . Assign Protocols Menu .................................................................................... 22324.2.3 . Port Settings M enu .......................................................................................... 22324.2.4 . RawSocket Menu ....................... ...................................................................... 22424.2.5 . TcpModBus Me nu ............................................................................................ 224

24.2.6. DNP Menu ... ..................................................................................................... 22524.2.7. Ser ial Protocols Statistics Menu ...... ................................................................. 22724.2.8. Ser ial Protocols Trace Menu ............................................................................ 22824.2.9 . Serial Protocols Sertrac e Utility ........................................................................ 228

25. Synchronous Se rial Ports ............................ ......................................................................... 23025.1. Introd uction ................. ................................................................................................. 230

25.1.1. Synchronous Serial Port Features ........... ........................................................ 23025.1.2 . Raw Socket Oper ation On Synchronous Ports ................................................ 230

25.2. Synchronous Serial Port Configuration ...... ................................................................. 230

8/13/2019 ROX-User-Guide-RX1000[1].pdf

9/340

RuggedRouter

Revision 1.14.3 9 RX1000/RX1100

25.2.1. Synchronous Port Settings Menu ..................................................................... 23125.2.2. Configuring Raw Socket On Synchronous Serial Ports .................................... 232

25.3. Synchronous Serial Diagnostics ................................................................................. 23326. Configuring Layer 2 Tunnels ................................................................................................. 234

26.1. Introduction .................................................................................................................. 23426.1.1. IEC 61850 GOOSE Fu ndamentals .................................................................... 23426.1.2. Ge neric Layer 2 Tunnel F undamentals ............................................................ 235

26.2. Layer 2 T unnel Configuration ....... .............................................................................. 23626.2.1 . Layer 2 Tunnels Main Menu ............................................................................ 23626.2.2. Ge neral Configuration Menu .... ........................................................................ 23726.2.3 . GOOSE Tunnel s Menu .................................................................................... 23726.2.4. Generic L2 Tun nels Menu ................................................................................ 23826.2.5. GO OSE Statistics Menu .............. ..................................................................... 24026.2.6. Ge neric L2 Tunnel Statistics M enu .................................................................. 24126.2.7. Act ivity Trace Menu .................... ...................................................................... 242

27. Configuring The DHCP server ...................... ......................................................................... 24327.1. Introductio n ........................................ .......................................................................... 243

27.1.1. DH CP Fundamentals ................ ...................................................................... 24327.1.2. Exa mple DHCP Scenarios And Configurations ................................................ 24527.2. DHCP Co nfiguration ................................. ................................................................... 249

27.2.1 . DHCP Server Main Me nu ................................................................................ 24927.2.2. DH CP Shared Network Configu ration .............................................................. 24927.2.3 . DHCP Subnet C onfiguration ............................................................................ 25027.2.4. DHCP Group Configuration .............................................................................. 25127.2.5 . DHCP Host Configuration ...... .......................................................................... 25227.2.6. DH CP Pool Configuration ..................... ........................................................... 253

28. DHCP Rela y ........................ ................................................................................................. 25428.1. Introduction ......... ......................................................................................................... 254

28.1.1. DH CP Relay Fundamentals ............ ................................................................ 25428.2. Configurin g DHCP Relay ........................... ................................................................ 254

29. Configuring NTP ....................................................... ............................................................. 25629.1. Introductio n ...................................................... ............................................................ 256

29.1.1. NT P Fundamentals ............................................ ............................................. 25629.2. NTP Conf iguration ....................................... ................................................................ 257

29.2.1 . NTP Server Main Menu ................................................................................... 25729.2.2. Ge neric Options ................................................................ ............................... 25829.2.3. Ser vers Configuration ................. ...................................................................... 25829.2.4 . Peers Configura tion .......................................................................................... 25929.2.5. Viewing NTP Status ........... .............................................................................. 25929.2.6. Vie wing The NTP Log ............. ......................................................................... 260

29.2.7. Vie wing GPS Status ....................................... .................................................. 26129.2.8. Vie wing The GPS Log ................... .................................................................. 26130. Configuring SSH .................................................... ............................................................... 262

30.1. Introductio n .............................................. .................................................................... 26230.1.1. SS H Fundamentals ............................. ............................................................ 262

30.2. SSH Conf iguration ........................................... ........................................................... 26330.2.1 . SSH Main Menu .......................... ..................................................................... 26330.2.2. Aut hentication ........................................................ ........................................... 26330.2.3. Net working ..................................................... ................................................... 264

8/13/2019 ROX-User-Guide-RX1000[1].pdf

10/340

RuggedRouter

Revision 1.14.3 10 RX1000/RX1100

30.2.4. Access Control ................................................................................................ 26431. Configuring The Telnet Server ............................................................................................. 266

31.1. Introduction .................................................................................................................. 26631.2. Telnet Fundamentals ................................................................................................. 26631.3. Telnet Server Configuration ....................................................................................... 266

32. Configuring IRIG B And IEEE1588 ..................................... .................................................... 26832.1. Introd uction ................................ .................................................................................. 268

32.1.1. IEE E1588 Fundamentals .............. .................................................................... 26832.1.2. IRI GB Fundamentals ......... ............................................................................... 26932.1.3. GP S Cable compensation ............................................................................... 270

32.2. IRIGB/IEE E1588 Configuration .. ................................................................................. 27132.2.1. IRI GB/IEEE1588 Main Menu ....... ..................................................................... 27132.2.2. Ge neral Configuration ................. ..................................................................... 27132.2.3 . IRIGB Configuration ....... .................................................................................. 27132.2.4. IEE E1588 Configuration .................................................................. ................. 27232.2.5. IRI GB Status ................................................................................. ................... 27332.2.6. IEE E1588 Status ............................................ .................................................. 273

32.2.7. IRI GB Log ....................................................................................................... . 27433. Configuring the Intrusion Detection System .......................................................................... 27533.1. Introductio n .............................................................. .................................................... 275

33.1.1. Sn ort Fundamentals ................................................ ......................................... 27533.2. IDS Configuration .................. ...................................................................................... 276

33.2.1. Sn ort IDS Main Menu ........... ........................................................................... 27633.2.2. Net work Settings ................ .............................................................................. 27833.2.3 . PreProcessors ... ............................................................................................... 27933.2.4 . Alerts & Loggin g ............................................................................................... 27933.2.5. Edit Config File ........ ......................................................................................... 279

34. Maintaining The Router ......................... ................................................................................ 28034.1. Introductio n .................................... .............................................................................. 28034.2. Alert Syst em .............................. .................................................................................. 280

34.2.1. Ale rt Main Menu ................. .............................................................................. 28134.2.2. Ale rt Configuration ...................... ...................................................................... 282

34.3. Indus trial Defender .............. ........................................................................................ 28534.3.1. Wh at information is sent to an SEM unit ......................................................... 28534.3.2 . Industrial Defen der Configuration ..................................................................... 286

34.4. Access Manager Security ................................. .......................................................... 28834.4.1. Wh at Access Manage r's Secure Access Portal Protects And How .................. 28834.4.2. Acc ess Manager And The F irewall .................................................................. 28834.4.3. Acc ess Manager's Secur e Access Portal Status Menu .................................... 29134.4.4. Up grading the Access Manager's S ecure Access Portal ................................. 291

34.5. Backup A nd Restore .......................... ......................................................................... 29134.5.1. Ge neral Configuration ................. ..................................................................... 29234.5.2. Co nfiguration Rollback .......................... ........................................................... 29334.5.3 . Archive History ............................... .................................................................. 29534.5.4. Arc hive Backup .................................. .............................................................. 29634.5.5. Arc hive Restore ........................ ........................................................................ 29634.5.6. Arc hive Difference Tool ................... ................................................................. 298

34.6. SNM P Configuration . ................................................................................................. 29934.6.1. SNMP Main Configuration Men u .................................................................... 300

8/13/2019 ROX-User-Guide-RX1000[1].pdf

11/340

RuggedRouter

Revision 1.14.3 11 RX1000/RX1100

34.6.2. System Configuration ....................................................................................... 30034.6.3. Network Addressing Configuration .................................................................. 30134.6.4. Access Control ................................................................................................. 30134.6.5. Trap Configuration ............................................................................................ 30334.6.6. MIB Support ..................................................................................................... 304

34.7. RADIUS Authentication .............................................................................................. 30534.7.1. Introduction ....................................................................................................... 30534.7.2. RADIUS Authentication Configuration .............................................................. 30734.7.3. Edit RADIUS Server Parameters ..................................................................... 307

34.8. Outg oing Mail ........................................... ................................................................... 30834.9. Chas sis Parameters .................................................... ................................................ 30934.10. Pow er over Ethernet ................................................ ................................................. 309

34.10.1. Power over Ethernet Men u ............................................................................ 31034.11. Banner Configuration .............................. .................................................................. 31134.12. System Logs ................................................... .......................................................... 313

34.12. 1. Syslog Factory Defaults ........................... ...................................................... 31434.12. 2. Remote Logg ing ............................................................................................. 314

34.13. Upg rade System ..... .................................................................................................. 31634.13.1. RuggedRouter Software Fundamentals ......................................................... 31634.13.2. U pgrade to RX1100 ...................... ................................................................. 31734.13.3. C hange Repository Server ....... ...................................................................... 31734.13. 4. Upgrading All Packages .. ............................................................................... 31834.13. 5. Installing A New Package ... ........................................................................... 31934.13. 6. Pre-upgrade/Post-upgrad e scripts .................................................................. 319

34.14. Uplo ading And Downloading Files ........... ................................................................. 32035. Securit y Considerations ................ ......................................................................................... 322

35.1. Introductio n ................................... ............................................................................... 32235.1.1 . Security Actions ................................................................................................ 322

A. Setting Up A Repository ................. ......................................................................................... 323A.1. Repos itory Server Requirements ...................... ............................................................ 323A.2. Initial Repo sitory Setup ............................................... .................................................. 323A.3. Upgrading The Repository .............................. .............................................................. 324A.4. Setting Up The Routers ............................... ................................................................. 324

A.4.1. An A lternate Approach .......................... ............................................................. 324A.4.2. Upg rading Considerations ........... ....................................................................... 325

B. Re-Flashing Rout er Software ........................................................ ......................................... 326B.1. Introd uction ............................ ....................................................................................... 326B.2. Use Cases ........................................ ............................................................................ 326B.3. Re-flashing The ROX System Software ...... ................................................................. 326

C. Installing Ap ache Web Server On Windows ........................................................................... 328

D. Installing IIS Web Server On Windows ... ................................................................................ 329E. RADIUS Server C onfiguration ..................................... ............................................................ 331E.1. Webm in Privilege Levels and Free RADIUS ................................................................. 332E.2. Webm in Privilege Levels and Wi ndows IAS ................................................................. 332E.3. PPP / CHAP and Window s IAS .................................................................................... 335

F. VPN/L2TP Config uration in Windows ................................. ..................................................... 337Index ....................... ......................................................................... ............................................. 338

8/13/2019 ROX-User-Guide-RX1000[1].pdf

12/340

RuggedRouter

Revision 1.14.3 12 RX1000/RX1100

List of Figures1.1. RuggedRouter Setup Main Menu ........................................................................................... 241.2. RuggedRouter Setup Password Change Menu ...................................................................... 251.3. RuggedRouter Interfaces Setup Menu ................................................................................... 25

1.4. RuggedRouter DNS Client Menu ........................................................................................... 251.5. Hostna me and Domain Configuration Menu ..................... ...................................................... 261.6. RADIU S Server Configura tion menu ...................................................................................... 261.7. Gauntl et Setup Menu ............... ............................................................................................... 271.8. Rugge dRouter Date/Time/Timezone Men u ............................................................................ 271.9. Rugge dRouter Hardware In formation Menu ........................................................................... 281.10. Selec ting a configura tion to reload ....................................................................................... 291.11. Selec ting a previously made confi guration ........................................................................... 291.12. Signi ng On To The Rou ter With A Web Browser ................................................................. 301.13. Rugg edRouter Web Interfa ce Main Menu Window .............................................................. 311.14. LED Status Panel ........................... ...................................................................................... 332.1. Webm in Configuration Menu ................ .................................................................................. 342.2. Webm in Configuration Me nu, IP Access Control .................................................................... 342.3. Webm in Configuration Menu, Ports and Addresses ............................................................... 352.4. Webm in Configuration Menu, Change Help Server .............. .................................................. 362.5. Webm in Configuration Menu, L ogging ................................................................................... 362.6. Webm in Configuration Menu, Authenticati on .......................................................................... 372.7. Webm in Events Log ........................................................... .................................................... 383.1. Webm in users menu ................... ............................................................................................ 403.2. Edit W ebmin User Menu ............................................... ......................................................... 413.3. Curren t login sessions menu .................. ................................................................................ 423.4. Passw ord Restrictions Menu .................. ................................................................................ 424.1. Bootu p and Shutdown, Part 1 .............. .................................................................................. 454.2. Bootu p and Shutdown, Part 2 ............... ................................................................................. 464.3. Syste m Menu Change Password C ommand .......................................................................... 464.4. Sched uled Commands ............. ............................................................................................... 474.5. Sched uled Commands Displayi ng a Command ..................................................................... 474.6. Webm in Scheduled Cron Jobs ...................................... ......................................................... 474.7. Creati ng a Cron Job ............................................ ................................................................... 484.8. Sched uled Cron Jobs menu displaying cron jobs .................... ............................................... 484.9. Syste m Hostname .................................................................... ............................................... 494.10. Syste m Time ...................................................................... ................................................... 495.1. Netwo rk Configuration Menu ................ .................................................................................. 505.2. Core Networking Settings ...... ................................................................................................. 515.3. Dumm y Interface ....................................................................... .............................................. 52

5.4. Static Routes .......................................................................... ................................................ 535.5. Static Multicast Routing ................................................ .......................................................... 555.6. DNS Client ....................................................... ....................................................................... 555.7. Host A ddresses ............................................................ .......................................................... 565.8. End T o End Backup Example .................................... ............................................................ 575.9. End T o End Backup .................. ............................................................................................. 586.1. Ethern et Menu ................................................... ..................................................................... 616.2. Curren t and Boot Time Ethernet Configuration ............ .......................................................... 62

8/13/2019 ROX-User-Guide-RX1000[1].pdf

13/340

RuggedRouter

Revision 1.14.3 13 RX1000/RX1100

6.3. Editing a Network Interface .................................................................................................... 626.4. Creating a Virtual Lan Interface .............................................................................................. 636.5. Editing a Boot Time Interface ................................................................................................. 636.6. Creating an Ethernet Bridge ................................................................................................... 646.7. List PPPoE Interfaces ............................................................................................................. 656.8. Editing a PPPoE Interface .................. .................................................................................... 656.9. Displa y PPP Logs ...................................... ............................................................................. 667.1. T1/E1 Trunks And Interfaces .................... .............................................................................. 687.2. T1/E1 Network Interfaces Initial Configuratio n ....................................................................... 697.3. T1/E1 Network Interfaces After Channel Creatio n .................................................................. 697.4. T1/E1 Network Interfaces After Interface Creat ion ................................................................. 707.5. Edit T 1 Interface ............................................. ........................................................................ 717.6. Editing A Logical Interface (Fram e Relay) .............................................................................. 727.7. Edit L ogical Interface (PPP) ........................ ........................................................................... 737.8. T1/E1 Link Statistics ................................... ............................................................................ 747.9. Frame Relay Statistics .................. .......................................................................................... 757.10. PPP Link Statistics ............ ................................................................................................... 76

7.11. T1/E 1 Loopback Menu ................ .......................................................................................... 777.12. T1/E 1 Loopback ................................................ .................................................................... 778.1. T3/E3 Trunks And Interfaces ........ .......................................................................................... 808.2. T3/E3 Network Interface Initial Configuration ......................................................................... 808.3. T3/E3 Network Interface With Logical I nterfaces .................................................................... 818.4. Edit T 3 Interface ......................................................................... ............................................ 818.5. Edit E 3 Interface .................................................................... ................................................. 828.6. Creati ng a Frame Relay Logical Interface ...................................... ........................................ 828.7. Edit L ogical Interface (Frame Re lay) ...................................................................................... 838.8. Edit L ogical Interface (PPP) ................ ................................................................................... 839.1. DDS T runks And Interfaces ................. ................................................................................... 859.2. DDS WAN Interfaces ......................................... ..................................................................... 869.3. DDS W AN Interfaces after logical interface assignme nt ........................................................ 869.4. Edit Lo gical Interface (Fram e Relay), single DLCI ................................................................. 879.5. Edit Lo gical Interface (Fram e Relay), multiple DLCIs ............................................................. 879.6. Edit L ogical Interface (PPP) ................................................. .................................................. 889.7. DDS L ink Statistics ........................................................ ......................................................... 8910.1. T1/E 1 WAN Interfaces ......................... ................................................................................. 9210.2. Edit MLPPP Logical Interfa ce Menu ..................................................................................... 9210.3. MLP PP Link Statistics .................. ........................................................................................ 9311.1. ADS L Interfaces ..................... ............................................................................................... 9611.2. ADS L WAN Interfaces ............... ........................................................................................... 9611.3. Edit Logical Interface (PPPoE) ............................................................................................. 97

11.4. Edit Logical Interface (Bridged) ......... ................................................................................... 9811.5. ADS L Link Statistics ................................................ ............................................................. 9912.1. Mode m Configuration Main Menu ....................................................................................... 10112.2. Edit I nternal Modem Configuration ....................................... .............................................. 10212.3. Edit External Modem Configuration ..................................... ............................................... 10212.4. Mode m PPP Client Connections ................................... ..................................................... 10412.5. Confi gure Modem PPP Client ............. ................................................................................ 10512.6. Confi gure Modem PPP Serv er ........................................................................................... 10612.7. Add Routes for PPP User ............... ................................................................................... 107

8/13/2019 ROX-User-Guide-RX1000[1].pdf

14/340

RuggedRouter

Revision 1.14.3 14 RX1000/RX1100

12.8. Incoming Call Logs ............................................................................................................. 10812.9. PPP Logs ............................................................................................................................ 10812.10. PPP Connection Logs ....................................................................................................... 10913.1. Cellular Modem Interface .................................................................................................... 11113.2. Cellular Modem Interface (CDMA modem not yet activated) .............................................. 11113.3. Over The Air Account Activation .... .................................................................................... 11213.4. Manu al Account Activ ation ................................................................................................. 11313.5. Cellu lar Modem Configuration (with an Edg e/GPRS modem) ............................................ 11413.6. Cellu lar Modem Status (HSPA/GPRS) .. ............................................................................. 11513.7. Cellu lar Modem Status (CDMA) ......... ................................................................................ 11613.8. Mode m PPP Client Connections ............................ ............................................................ 11613.9. Confi gure Modem PPP Client .......................... ................................................................... 11714.1. Starti ng Shorewall Firewall Menu .................. ..................................................................... 12614.2. Shor ewall Firewall Menu .. ................................................................................................... 12714.3. Firew all Network Zones ..... ................................................................................................. 12814.4. Firew all Network Interfaces ................................................................................................ 12914.5. Editin g Network Interface's Firewall Se ttings ...................................................................... 129

14.6. Firew all Zone Hosts ................. ........................................................................................... 13114.7. Firew all Default Policies ................................................................................ ...................... 13114.8. Editin g A Firewall Default Policy ...................................................... ................................... 13214.9. Firew all Masquerading And SNAT .................................................. .................................... 13214.10. Edit ing A Masqueradin g Rule ........................................................................................... 13214.11. Fire wall Rules ....... ............................................................................................................ 13314.12. Edit ing A Firewall Rule .... ................................................................................................. 13314.13. Stat ic NAT ................ ......................................................................................................... 13414.14. Cre ating a Static NAT Entr y ............................................................................................. 13514.15. Acti ons When Stopped ..................................................................................................... 13515.1. TC In terfaces .................................. .................................................................................... 13815.2. Edit TC Interface .................................... ............................................................................. 13915.3. TC C lasses ................. ........................................................................................................ 13915.4. Edit TC Classes ............................. ..................................................................................... 14015.5. TC R ules .......................... ................................................................................................... 14115.6. Edit TC Rule ............................................. .......................................................................... 14216.1. IPsec VPN Configuration Menu Before Key G eneration ..................................................... 14716.2. IPsec VPN Configuration Menu Before Afte r Generation ................................................... 14816.3. IPsec VPN Configuration After Con nections Have Been Created ...................................... 14916.4. Serv er Configuration ............... ............................................................................................ 14916.5. L2TP D Configuration Menu ........................................... ..................................................... 15016.6. Show Public Key ................................. ................................................................................ 15116.7. Pre-s hared Keys ............................ ..................................................................................... 151

16.8. List C ertificates ............................... .................................................................................... 15116.9. Editin g A VPN Connection, Part 1 ............... ....................................................................... 15216.10. Edit ing A VPN Connection, Part 2 ....... ............................................................................. 15416.11. IPS ec X.509 Roaming Client Example ..... ........................................................................ 15617.1. OSP F and VRRP Example ........................ ......................................................................... 16417.2. Dyna mic Routing Main Menu ............................... .............................................................. 16517.3. Dyna mic Protocol Enable Menu .............................................................. ........................... 16617.4. Core Menu ......................................... ................................................................................. 16617.5. Core Global Parameters ............................. ........................................................................ 166

8/13/2019 ROX-User-Guide-RX1000[1].pdf

15/340

RuggedRouter

Revision 1.14.3 15 RX1000/RX1100

17.6. Core Interface Parameters ................................................................................................. 16717.7. BGP Main Configuration Menu ........................................................................................... 16717.8. BGP Global Parameter Menu ............................................................................................. 16817.9. BGP Networks Menu .......................................................................................................... 17017.10. BGP Network Neighbor Configuration Menu .................................................................... 17117.11. BG P Status Display ....................................... ................................................................... 17217.12. Vie w BGP Configuration Menu ....... .................................................................................. 17317.13. OS PF Menu ............................................ .......................................................................... 17317.14. OS PF Global Parameters ............... .................................................................................. 17417.15. OS PF Interfaces ............. .................................................................................................. 17617.16. Net work Areas ........ .......................................................................................................... 17717.17. RIP Menu .......................... ................................................................................................ 17717.18. RIP Global Parameters ............. ........................................................................................ 17817.19. RIP Interfaces .................... ............................................................................................... 18017.20. RIP Networks .......... .......................................................................................................... 18118.1. Link Backup Example ........................... .............................................................................. 18318.2. Link Backup Main Menu .............................. ....................................................................... 183

18.3. Link Backup Configurations ................................................................................................ 18418.4. Edit Link Backup Configu ration .......................................................................................... 18418.5. Link Backup Log ............................ ..................................................................................... 18518.6. Link Backup Status ..................... ........................................................................................ 18618.7. Test Link Backup ........................................ ........................................................................ 18619.1. VRR P Example .............................................. ..................................................................... 19019.2. VRR P Group Example ......................... ............................................................................... 19119.3. VRR P Main Menu ..................................... .......................................................................... 19219.4. VRR P Configuration Menu ............ ..................................................................................... 19219.5. VRR P Instance ............. ...................................................................................................... 19319.6. VRR P Group .................... ................................................................................................... 19419.7. VRR P Instances Status ..................... ................................................................................. 19420.1. Traffi c Prioritization Main Me nu .......................................................................................... 19920.2. Interf ace Prioritization Menu ........ ....................................................................................... 20020.3. Priori tization Queue Config uration ...................................................................................... 20020.4. Priori tization Filter Configura tion ......................................................................................... 20120.5. Priori tization Statistics ............ ............................................................................................. 20221.1. LLDP Summary Display ..... ................................................................................................. 20322.1. GRE Example ........................................... .......................................................................... 20422.2. GRE Main Menu .................................. ............................................................................... 20522.3. GRE Tunnel Configuration Menu ... ..................................................................................... 20523.1. Netw ork Utilities Main Menu ...... ......................................................................................... 20723.2. Ping Menu ....................... .................................................................................................... 208

23.3. Ping Check Menu ............ ................................................................................................... 20823.4. Ping Check Edit Menu ................... ..................................................................................... 20923.5. Trace route Menu ....... .......................................................................................................... 20923.6. Host Menu ......................... ................................................................................................. 21023.7. Tcpd ump Menu .................... ............................................................................................... 21123.8. Fram e Relay Trace Menu .................. ................................................................................. 21223.9. Seria l Server Port Trace Menu ........................................................................................... 21223.10. Inte rface Statistics Menu .......................... ........................................................................ 21323.11. Cur rent Routing & Interface Ta ble .................................................................................... 213

8/13/2019 ROX-User-Guide-RX1000[1].pdf

16/340

RuggedRouter

Revision 1.14.3 16 RX1000/RX1100

24.1. Sources of Delay and Error in an End to End Exchange ................................................... 22024.2. Serial Protocols Server Main Menu .................................................................................... 22224.3. Assign Protocols Menu ....................................................................................................... 22324.4. Port Settings Menu ............................................................................................................. 22324.5. Raw Socket Menu .............................................................................................................. 22424.6. TcpM odbus Menu ............... ................................................................................................ 22424.7. DNP Settings ......................... ............................................................................................. 22524.8. DNP Device Table Settings ..................... ........................................................................... 22624.9. Seria l Protocols Statistics Menu ........ ................................................................................. 22724.10. Seri al Protocols Trace Menu .......................................... .................................................. 22825.1. Sync hronous Serial Main Menu .... ...................................................................................... 23125.2. Sync hronous Port Settings Menu ........................... ............................................................ 23125.3. Edit Synchronous Serial Port Paramete rs .......................................................................... 23225.4. Edit Synchronous Serial Raw Sock et Parameters .............................................................. 23226.1. Laye r 2 Tunnels Main Menu ........................ ....................................................................... 23626.2. Gene ral Configuration Menu ............................................................................................... 23726.3. GOO SE Menu ........ ............................................................................................................. 237

26.4. GOO SE Menu ............ ......................................................................................................... 23826.5. Gene ric L2 Tunnels Menu .................................................................................................. 23826.6. Creat e an L2 Tunnel .. ......................................................................................................... 23826.7. Edit Generic L2 Tunnel ..... .................................................................................................. 23926.8. GOO SE Statistics Menu ............ ......................................................................................... 24026.9. Gene ric L2 Statistics M enu ................................................................................................. 24126.10. Acti vity Trace Menu .......................... ................................................................................ 24227.1. DHC P Server Menu .......................... .................................................................................. 24927.2. DHC P Shared Network Configuration ................................................................................ 25027.3. DHC P Subnet Configuration ............... ................................................................................ 25127.4. DHC P Group Configuration .................. .............................................................................. 25227.5. DHC P Host Configuration ................................... ................................................................ 25227.6. DHC P Pool Configuration ....... ............................................................................................ 25328.1. DHC P Relay Configuration ....... .......................................................................................... 25429.1. NTP Server ......................................... ................................................................................ 25729.2. NTP Generic Options ..................... ..................................................................................... 25829.3. NTP Server List ............................ ...................................................................................... 25829.4. NTP Status ............................... .......................................................................................... 25929.5. NTP Log ............................................ .................................................................................. 26029.6. GPS Status ..................... .................................................................................................... 26129.7. GPS Log ......................... .................................................................................................... 26130.1. SSH Server ........................................... .............................................................................. 26330.2. SSH