3Com Version 4.3 manual

3Com® T elecomm uting Module User Manual V er sion 4.3[...]

3Com® T elecomm uting Module User Manual: V ersion 4.3 Part Number BET A Published December 2005 3Com Corporation, 350 Campus Drive, Marlbor ough MA 01752-3064 Copyright © 2005, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in an y form or by any means or used to make any deri vati ve work (such as transla[...]

T ab le of Contents Part I. Intr oduction to 3Com VCX IP T elecommuting Module ............................................................................. i 1. Introduction to 3Com VCX IP T elecommuting Module ................................................................................. 1 2. Installing 3Com VCX IP T elecommuting Module ......[...]

P ar t I. Introduction to 3Com VCX IP T elecomm uting Module[...]

Chapter 1. Intr oduction to 3Com VCX IP T elecommuting Module Some of the functions of 3Com VCX IP T elecommuting Module are: • SIP proxy: Forwarding of SIP requests. • Protection against such attacks as address spoofing. • Logging/alarm locally on the T elecommuting Module, via email and/or via syslog. • Managing sev eral logical/directly[...]

Chapter 1. Intr oduction to 3Com VCX IP T elecommuting Module Fig 1. T elecommuting Module in DMZ configuration. DMZ/LAN Configuration Using this configuration, the T elecommuting Module is located on the DMZ of your firew all, and connected to it with one of the interfaces. The other interface is connected to your internal netw ork. The T elec[...]

Chapter 1. Intr oduction to 3Com VCX IP T elecommuting Module • Select an IP address for the T elecommuting Module on your network. • The network interfaces are mark ed with 1 and 2. These numbers correspond to the physical interfaces eth0 and eth1 respectiv ely , the latter which should be use in the installation program. • Plug in the power[...]

Chapter 1. Intr oduction to 3Com VCX IP T elecommuting Module When the T elecommuting Module is configured, the firew all connected to it must also be reconfigured (for the DMZ and DMZ/LAN T elecommuting Module T ypes). • Allow UDP and TCP traf fic in the port interv al used for media streams by the T elecommuting Module, and port 5060. This [...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module Installation There are three ways to install an 3Com VCX IP T elecommuting Module: using a serial cable, using a diskette or perform a magic ping. Installation with a serial cable or a diskette requires being at the same place as the T elecommuting Module, but will giv e more options for the s[...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module • Ping this IP address to giv e the T elecommuting Module its new IP address. Y ou should recei ve a ping reply if the address distribution w as successful. • Configure the rest through a web bro wser . Installation with a serial cable These steps are performed when installing with a seri[...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module Then enter a password for the T elecommuting Module. This is the password you use in your web browser to access and change the T elecommuting Module’ s configuration. Finally , you can reset all other configuration if you want to. Follo wing is a sample run of the installation program. 3Co[...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module T elecommuting Module). The network mask determines the number of computers that can act as configuration computers. Network number [0.0.0.0]: 10.47.2.0 Netmask/bits [255.255.255.0]: 255.255.255.0 If the network or partial network is not directly connected to the T elecommuting Module, you mu[...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module Y ou ha ve now entered the follo wing configuration Network configuration inside: Physical de vice name: eth0 IP address: 192.168.150.2 Netmask: 255.255.255.0 Deactiv ate other interfaces: no Computer allowed to configure from: IP address: 192.168.128.3 Password: ee yore The rest of the con[...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module Follo wing is a sample run of the installation program on the diskette. Basic unit installation program version 4.3 Press return to keep the default v alue Network configuration inside: Physical de vice name[eth0]: IP address [0.0.0.0]: 10.47.2.242 Netmask/bits [255.255.255.0]: 255.255.0.0 De[...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module Static routing: The network allo wed to configure from is not on a network local to this unit. Y ou must configure a static route to it. Gi ve the IP address of the router on the network this unit is on. The IP address of the router [0.0.0.0]: 10.47.3.1 Network address [10.47.0.0]: 10.10.0.0[...]

Chapter 2. Installing 3Com VCX IP T elecommuting Module Remember to loc k up the T elecommuting Module The T elecommuting Module is a computer with special software, and must be protected from unauthorized physical access just as other computers performing critical tasks. A locked up T elecommuting Module protects against: • connecting to the con[...]

Chapter 3. Configuring 3Com VCX IP T elecommuting Module Y ou connect to your 3Com VCX IP T elecommuting Module by entering its name or IP address in the Location box of your web browser . Logging on Before you can configure the T elecommuting Module, you must enter your administrator username and password or RADIUS username and password. The adm[...]

Chapter 3. Configuring 3Com VCX IP T elecommuting Module Note: Y ou will not be logged out automatically just by directing your web bro wser to a different web address. Y ou should log out using the button to mak e the browser forget your username and passw ord. Na vigation There is a menu for quick navig ation to all configuration pages. On top [...]

Chapter 3. Configuring 3Com VCX IP T elecommuting Module Basic Configuration Under Basic Configuration , select T elecommuting Module T ype and the name of the T elecommuting Module. Y ou also enter IP addresses for gate way and DNS server . Here you also configure if the T elecommuting Module should interact with a RADIUS or an SNMP server . A[...]

Chapter 3. Configuring 3Com VCX IP T elecommuting Module logging wanted under Logging . This is also where the logs of traf fic through the T elecommuting Module are viewed. When the configuration is complete, apply it. Go to Sa ve/Load Configuration under Administration . Select Apply configuration . Now the ne w configuration is tested. Sav[...]

Chapter 3. Configuring 3Com VCX IP T elecommuting Module Y ou can sa ve the preliminary configuration to a file on your work station (the computer that is running your web browser). Select Sa ve to local file on the Sa ve/Load Configuration page. A sav ed configuration can be loaded to the preliminary configuration. Use Browse to search your[...]

Chapter 3. Configuring 3Com VCX IP T elecommuting Module T elecomm uting Module IP address IP addresses are written as four groups of numbers with dots between them. The numbers must be between 0 and 255 (inclusiv e); for example, 192.168.129.17. Mask/Bits The binary system uses the numbers 0 and 1 to represent numbers. A binary digit is called a [...]

Chapter 3. Configuring 3Com VCX IP T elecommuting Module See appendix C, Lists of Reserved Ports, ICMP T ypes and Codes, and Internet Protocols, for more information on netmasks. Name queries in 3Com VCX IP T elecomm uting Module A T elecommuting Module should be as independent of other computers as possible. At the same time, the person who chang[...]

P ar t II. How T o In the How T o part, you find step-by-step descriptions for many common configurations for the T elecommuting Module. Y ou also find references to rele vant chapters in Part III, Description of 3Com VCX IP T elecommuting Module settings.[...]

Chapter 4. Ho w T o Configure SIP 3Com VCX IP T elecommuting Module provides a lot of SIP possibilities. In this chapter , the most common SIP setups are setup with step-by-step instructions for the configuration. DMZ T elecomm uting Module , SIP server on the outside The simplest SIP scenario is when the SIP server is managed by someone else, an[...]

Chapter 4. How T o Configur e SIP Surr oundings T o make the T elecommuting Module aware of the network structure, the networks defined abo ve should be listed on the Surroundings page. One effect of this is that tra ffic between two users on dif ferent networks, or between one of the listed networks and a network not listed here, is N A T :ed. [...]

Chapter 4. How T o Configur e SIP Routing On the Routing page, you can enter the SIP server managing your SIP domain. Enter the name or IP address of the SIP server under Outbound pr oxy . If you enter the server name here, all SIP traf fic from the inside will be directed to this server , regardless of where it is bound to. Basic Configuration [...]

Chapter 4. How T o Configur e SIP Here are the settings needed for this. It is assumed that the T elecommuting Module already has a network configuration. Only the additional SIP settings are listed. Netw orks and Computers The T elecommuting Module must know the netw ork structure to be able to function properly . On the Networks and Computers p[...]

Chapter 4. How T o Configur e SIP Basic Go to the Basic page under SIP Services and turn the SIP module on. Here you also select log classes for SIP e vent logging. Routing If the SIP server is located on a N A T ed network, all SIP traf fic from the outside will be directed to the T elecommuting Module, which must know where to forw ard it. One [...]

Chapter 4. How T o Configur e SIP If the SIP server is an LCS (Li ve Communications Server) or some other serv er that does not accept more than one V ia header in SIP packets, you must enter the SIP server IP address in the Remov e VIA headers table. This will make the T elecommuting Module strip SIP packets of extra V ia headers when it sends th[...]

Chapter 4. How T o Configur e SIP Here are the settings needed for this. It is assumed that the T elecommuting Module already has a network configuration. Only the additional SIP settings are listed. Basic Go to the Basic page under SIP Services and turn the SIP module on. Here you also select log classes for SIP e vent logging. Inter operability[...]

Chapter 4. How T o Configur e SIP Basic Configuration If no other SIP routing information is entered, the T elecommuting Module must be able to look up SIP domains in DNS. DNS servers are entered on the Basic Configuration page under Basic Configuration . Save/Load Configuration Finally , go to the Save/Load Configuration page under Administr[...]

Chapter 4. How T o Configur e SIP Here are the settings needed for this. It is assumed that the T elecommuting Module already has a network configuration. Only the additional SIP settings are listed. Basic Go to the Basic page under SIP Services and turn the SIP module on. Here you also select log classes for SIP e vent logging. Routing If the SI[...]

Chapter 4. How T o Configur e SIP make the T elecommuting Module strip SIP packets of extra V ia headers when it sends those packets to the server , and add the V ia headers when the response packets are receiv ed. Basic Configuration If no other SIP routing information is entered, the T elecommuting Module must be able to look up SIP domains in [...]

Chapter 4. How T o Configur e SIP Here are the settings needed for this. It is assumed that the T elecommuting Module already has a network configuration. Only the additional SIP settings are listed. Basic Go to the Basic page under SIP Services and turn the SIP module on. Here you also select log classes for SIP e vent logging. Inter operability[...]

Chapter 4. How T o Configur e SIP Basic Configuration If no other SIP routing information is entered, the T elecommuting Module must be able to look up SIP domains in DNS. DNS servers are entered on the Basic Configuration page under Basic Configuration . Save/Load Configuration Finally , go to the Save/Load Configuration page under Administr[...]

Chapter 4. How T o Configur e SIP Routing If the SIP server is located on a N A T ed network, all SIP traf fic from the outside will be directed to the T elecommuting Module, which must know where to forw ard it. One way to do this is to enter the SIP domain in the DNS Override F or SIP Requests table on the Routing page, to link the SIP server I[...]

Chapter 4. How T o Configur e SIP Basic Configuration If no other SIP routing information is entered, the T elecommuting Module must be able to look up SIP domains in DNS. DNS servers are entered on the Basic Configuration page under Basic Configuration . Save/Load Configuration Finally , go to the Save/Load Configuration page under Administr[...]

P ar t III. Description of 3Com VCX IP T elecomm uting Module Settings This part contains complete descriptions of settings in 3Com VCX IP T elecommuting Module. The descriptions are grouped in the same way as the y are in the user interfaces.[...]

Chapter 5. The Serial Console Some settings are av ailable without having to log on the web interf ace, but instead connecting to the T elecommuting Module console via the serial cable. Here, the settings av ailable from the console are listed. The serial console is a text user interf ace which requires a terminal software on your workstation, such[...]

Chapter 5. The Serial Console 3. Become a failo ver team member Make this T elecommuting Module member of a failover team. 4. Leave failo ver team and become standalone Make this T elecommuting Module leave its failo ver team. 5. Wipe email logs Remov e all log messages queued to be sent by e-mail. 6. Set passw or d Set a new passw ord for the admi[...]

Chapter 5. The Serial Console Deactivate other interfaces If the T elecommuting Module has been used one or more interfaces are acti ve. Select here if all interfaces b ut the one selected abov e should be deactiv ated. Y ou can activ ate them again via the web GUI. Configuration computers Enter here the computers from which it is allo wed to con?[...]

Chapter 5. The Serial Console Static routing: The network allo wed to configure from is not on a network local to this unit. Y ou must configure a static route to it. Gi ve the IP address of the router on the network this unit is on. The IP address of the router [0.0.0.0]: 10.47.3.1 Network address [10.47.0.0]: 10.10.0.0 Netmask [255.255.255.0]: [...]

Chapter 5. The Serial Console Load preliminary configuration The configuration file selected here will be uploaded as a preliminary configuration. The permanent configuration will not be affected. T o load the configuration, select this alternative and then start the transfer in your terminal program. Load both configurations and apply The c[...]

Chapter 5. The Serial Console yes will make the T elecommuting Module reboot, remove all current configuration and apply the ne w settings. It will then wait for configuration from the other team member . no will make the T elecommuting Module start over again asking for ne w settings, starting with the dedicated interface. abort will abort the f[...]

Chapter 6. Basic Configuration Under Basic Configuration , you configure: • T elecommuting Module T ype • The name of the T elecommuting Module • The computers and networks from which the T elecommuting Module can be administered • Policies for ping packets and unwanted pack ets • Default domain • Default gate ways and DNS servers ?[...]

Chapter 6. Basic Configuration P olicy For Ping T o the T elecommuting Module Here, you specify how the T elecommuting Module should reply to ping packets to its IP addresses. Y ou can choose between Never r eply to ping , Only reply to ping fr om the same interface and Reply to ping to all IP addresses . Only reply to ping fr om the same interfac[...]

Chapter 6. Basic Configuration IP address Shows the IP address of the DNS name or IP address you entered in the previous field. DNS Servers Here, you configure DNS servers for the T elecommuting Module. The servers are used in the order they appear in this table, which means that the T elecommuting Module uses the top server to resolve DNS recor[...]

Chapter 6. Basic Configuration For each network interf ace, you also specify whether or not the T elecommuting Module can be configured via this network interface. Y ou also select what kind of authentication will be performed for the users trying to access the web interface. T o further increase security , the T elecommuting Module can only be c[...]

Chapter 6. Basic Configuration Configuration via HTTP Select which IP address and port the T elecommuting Module administrator should direct her web browser to when HTTP is used for T elecommuting Module configuration. Y ou can select from the T elecommuting Module IP addresses configured on the Interface pages under Network . Y ou can use dif [...]

Chapter 6. Basic Configuration Range The Range shows all IP addresses from w hich the T elecommuting Module can be configured. The range is calculated from the configuration under DNS name or network addr ess and Netmask/Bits . Check that the correct information was entered in the DNS name or network addr ess and Netmask/Bits fields. Log Class [...]

Chapter 6. Basic Configuration RADIUS server Enter the DNS name or IP address for the RADIUS serv er used for authentication. In IP address , the IP address of the serv er is shown. It is updated whene ver Look up all IP addresses again is pressed, or the DNS name or IP address field is changed. P or t The official port for RADIUS is UDP port 18[...]

Chapter 6. Basic Configuration NAS-Identifier Y ou can enter a special identifier into this field. All characters except space are allo wed according to the T elecommuting Module, but your RADIUS serv er may have some restrictions on the identifier . Contact IP Address Select the IP address from which the T elecommuting Module should make conn[...]

Chapter 6. Basic Configuration Cancel Rev erts all of the above fields to their pre vious configuration. Look up all IP addresses a gain Looks up the IP addresses for all DNS names on this page in the DNS servers you entered on the Basic Configuration page. Configuration of a RADIUS server In this section it is assumed that you kno w how to co[...]

Chapter 6. Basic Configuration Contact person Enter the name of the contact person for this 3Com VCX IP T elecommuting Module. This information is sent with the parameter list as reply to an SNMP request from the server . Node location Enter the location of the T elecommuting Module. This information is sent with the parameter list as reply to an [...]

Chapter 6. Basic Configuration Create Enter the number of new ro ws you want to add to the table, and then click on Cr eate . SNMP v3 In SNMP version 3, the authentication is managed through the serv er sending a username and an (in most cases) encrypted password to the T elecommuting Module, which verifies the validity of them. Here, you select [...]

Chapter 6. Basic Configuration T rap sending Select if trap sending (at boot and failed SNMP authentication) should be On or Off . T rap receiver Enter the IP address, or a name in the DNS, of the server to which the T elecommuting Module should send traps. If you enter a DNS name instead of an IP address, you must enter the IP address of a DNS se[...]

Chapter 6. Basic Configuration Look up all IP addresses a gain Looks up the IP addresses for all DNS names on this page in the DNS servers you entered on the Basic Configuration page. Cer tificates Here, you create X.509 certificates for the T elecommuting Module, to be used for authentication in various applications, like when configuration o[...]

Chapter 6. Basic Configuration Expire in The expiration time defines ho w many days the certificate will last. Default time is 365 days, one year . Common Name Here, you enter the host name or IP address of the T elecommuting Module. Email address Enter the email address of the T elecommuting Module administrator . Country code Here, you enter t[...]

Chapter 6. Basic Configuration Organization The name of the organization/compan y owning the T elecommuting Module. Organizational Unit The department using the T elecommuting Module. Serial number If you generate more than one certificate with the same information, and you want to gi ve them separate names and treat them as different cert ifica[...]

Chapter 6. Basic Configuration Information Information about this certificate, such as the signing CA and expiration date. Delete Row If you select this box, the row is deleted when you click on Add new rows or Sa ve . Create Enter the number of new ro ws you want to add to the table, and then click on Cr eate . Save Sav es all Certificates con?[...]

Chapter 6. Basic Configuration On your firew all, you need to open the SIP port (normally UDP port 5060) and a range of UDP ports for R TP traffic between the T elecommuting Module and the Internet. The other interface is connected to your internal network. The T elecommuting Module can handle sev eral networks on the internal interface e ven if[...]

Chapter 6. Basic Configuration Change T elecommuting Module T ype to Select a new T elecommuting Module T ype here. Change type Press the Change type button to set the ne w T elecommuting Module T ype. This setting, like others, must be applied on the Sa ve/Load Configuration page before it affects the T elecommuting Module functionality . 59[...]

Chapter 7. Netw ork Configuration Under Network , you configure: • Network groups which are used for the T elecommuting Module configuration • The T elecommuting Module’ s IP addresses on all network interfaces • Routings for the networks so that computers behind routers can be contacted • VLAN settings • The T elecommuting Module ne[...]

Chapter 7. Network Configuration Subgr oup An already defined group can be used as a subgroup to ne w groups. Select the old group here and leave the fields for DNS name empty . Select ’-’ as Interface/VLAN . If you don’t want to use a subgroup, select ’-’ here. Lower Limit DNS Name Or IP Address Enter the DNS name or IP address of the[...]

Chapter 7. Network Configuration Save Sav es the Networks and Computers configuration to the preliminary configuration. Cancel Clears and resets all fields in ne w rows and reset changes in old ro ws. Interface (Netw ork Interface 1 and 2) There is a menu selection for each network interface (Netw ork Interface 1 and 2) on the T elecommuting Mo[...]

Chapter 7. Network Configuration Name A name for this IP address. Y ou can use this name when configuring the administration IP address. This name is only used internally in the T elecommuting Module. DNS name or IP address The name/IP address of the T elecommuting Module on this network interface on this directly connected netw ork. IP address S[...]

Chapter 7. Network Configuration Name Enter the name of your alias. This name is only used internally in the T elecommuting Module. DNS name or IP address Enter the IP address of this alias, or a name in the DNS. If you enter a DNS name instead of an IP address, you must enter the IP address of a DNS server on the Basic Configuration page. IP add[...]

Chapter 7. Network Configuration Routed network Enter the DNS name or IP address of the routed network under DNS name or network addr ess . The IP address of the routed network is sho wn under Network address . In the Netmask field, enter the netmask of the network. Router The name or IP address of the router that will be used for routing to the [...]

Chapter 7. Network Configuration Name The name of this VLAN. The name is only used in the T elecommuting Module web interface to help you keep track of the different VLANs. Interface Select an interface for this VLAN. VLAN id Enter a VLAN id. A VLAN id is just a number . All packets for this VLAN is then marked with this number , enabling all netw[...]

Chapter 7. Network Configuration Ph ysical device This tells the physical de vice name of the network interface. The physical interface eth0 corresponds to Netw ork Interface 1, and eth1 corresponds to Network Interf ace 2. T ype Here the speed options for the interface are sho wn. MA C address The MA C address of the interface. Active Shows if th[...]

Chapter 7. Network Configuration Netw ork Select a network. The alternati ves are the networks you defined on the Networks and Computers page. Delete Row If you select this box, the row is deleted when you click on Add new rows or Sa ve . Create Enter the number of new ro ws you want to add to the table, and then click on Cr eate . Save Sav es al[...]

Chapter 8. SIP Services SIP (Session Initiation Protocol) is a protocol for creating and terminating v arious media stream sessions over an IP network. It is for example use d for Internet telephone calls and distribution of video streams. SIP takes care of the initiation, modification and termination of a session with one or more participants. Th[...]

Chapter 8. SIP Services SIP Servers T o Monitor Y our T elecommuting Module can be made to monitor SIP servers, to check that the y are alive. The information is used by the T elecommuting Module when SIP signaling should be passed on to the server in question. This is useful when a domain resolves to se veral indi vidual hosts; the T elecommuting [...]

Chapter 8. SIP Services Log class f or SIP signaling For each SIP packet, the T elecommuting Module generates a message, containing the sender and receiv er of the packet and what type of packet it is. Select a log class for these log messages. Log class f or SIP packets The T elecommuting Module logs all SIP packets (one SIP packet is man y lines)[...]

Chapter 8. SIP Services Select whether the T elecommuting Module should accept Refer-T o headers without angle brackets, but containing question marks. The recommended setting is Only allow Refer -T o ? with angle brackets . Remo ve VIA headers Some SIP servers won’ t accept requests with more than one V ia header . T o be able to communicate via[...]

Chapter 8. SIP Services Delete Row If you select this box, the row is deleted when you click on Add new rows , Sa ve , or Look up all IP addresses again . Create Enter the number of new ro ws you want to add to the table, and then click on Cr eate . Preserve username When registering a SIP client on one side of the T elecommuting Module to a SIP se[...]

Chapter 8. SIP Services Here, you select if SIP URL encryption should be used or not. Expires header Some SIP clients don’t understand the e xpires: parameter in the Contact header . T o set the expiration time for those clients, you can make the T elecommuting Module add to REGISTER request replies an Expires header with the expires v alue in it[...]

Chapter 8. SIP Services The Record-Route header makes all subsequent SIP signaling for this session to be routed via the T elecommuting Module ev en if it is not the shortest route. Here, you select to add Record-Route headers for outbound requests or not. For ce Record-Route For All Requests Here, you select if the T elecommuting Module should add[...]

Chapter 8. SIP Services Accept TCP Marked As TLS When a TLS accelerator is used, SIP packets can be sent to the T elecommuting Module via TCP , but the packet content will look as if TLS was used. Select if TCP packets with TLS content should be accepted. The recommended setting is not to accept them. Allow Lar ge UDP Pac kets Sometimes, the SIP si[...]

Chapter 8. SIP Services Note: If more than one Messenger client performs file transfer through the T elecommuting Module at the same time, they could end up sending to each other’ s peers instead of their own. An attack er could possibly use this to intercept transfered files; don’t use this mechanism to transfer sensisti ve data. Here, you s[...]

Chapter 8. SIP Services Timeout for registrations Enter the timeout (in seconds) before a registration becomes obsolete. When the timeout is reached, the re gistrar discards the registration. Allowed n umber of users Enter the maximum number of users allo wed to register in the SIP registrar . Leav e the field empty to allow as man y registrations[...]

Chapter 8. SIP Services Allowed n umber of concurrent sessions Enter the number of concurrent SIP sessions which the T elecommuting Module should handle. Leav e the field empty to allow as man y sessions as there are SIP traversal licenses on the T elecommuting Module (number displayed inside parantheses). Y ou can purchase additional SIP tra vers[...]

Chapter 8. SIP Services Example: If the Base retransmission timeout is 0.5 seconds and the Maximum number of r etransmissions is 6, the INVITE requests will be sent with interv als of 0.5 s, 1 s, 2 s, 4 s, 8 s, and 16 s. Maximum n umber of retransmissions for non-INVITE requests When the T elecommuting Module sends out a request which is not an INV[...]

Chapter 8. SIP Services Select two IP addresses out of the ones assigned to the T elecommuting Module under Directly Connected Networks and Alias on the interface pages. Note: for the STUN server to w ork properly , you need to select IP addresses which the clients can reach. In normal circumstances, this means that only public IP addresses can be [...]

Chapter 9. SIP T raffic SIP (Session Initiation Protocol) is a protocol for creating and terminating v arious media stream sessions over an IP network. It is for example use d for Internet telephone calls and distribution of video streams. SIP takes care of the initiation, modification and termination of a session with one or more participants. T[...]

Chapter 9. SIP T raffic Method Enter the name of the SIP method. This should be the name used in RFC 3261. T raffic to Here, you select the direction of the traf fic. Local domains means that traffic to Local SIP Domains of this T elecommuting Module is affected by this ro w . Other domains means that traffic to all domains which are not Local[...]

Chapter 9. SIP T raffic Domain or IP address Enter the domain name or IP address of the external SIP proxy . P or t Enter the port number of the external SIP proxy . If no port number is entered, the T elecommuting Module will make a DNS query for an SR V record. If a port number is entered, it will query for an A record. Delete Row If you select [...]

Chapter 9. SIP T raffic Domain Enter the domain name of the SIP domain. Relay to Enter the IP address for the SIP registrar handling the domain. Y ou can also enter a DNS name for the SIP registrar , if it has a DNS-resolvable ho st name, even if the SIP domain is not possible to look up in DNS. Under Port , enter the port on which the SIP re gist[...]

Chapter 9. SIP T raffic Session Status Y ou can monitor the current SIP acti vity . The tables are updated when you select the page or reload it. Registered Users Here the currently registered users are listed. User The SIP address of the registered user . The address looks like name@domain , where name is a user name or a telephone number , and d[...]

Chapter 10. Administration Under Administration, you • apply your configuration • define administrator users and change their passwords • sav e the preliminary configuration to file • load a sav ed configuration • view the configuration • reboot your 3Com VCX IP T elecommuting Module • restart the SIP module on your 3Com VCX IP [...]

Chapter 10. Administration Sav e configuration saves your preliminary configuration to the permanent configuration and puts it into use. Continue testing shows a ne w page with only the other two b uttons. Revert cancels this test of the pr eliminary configuration without saving. If you do not press any b utton within the time limit, the T elec[...]

Chapter 10. Administration Abort All Edits Abort all edits copies the permanent configuration to the preliminary configuration. All changes made in the preliminary configuration are deleted. Reload Factory Configuration The factory configuration is the standard configuration that is deli vered with a T elecommuting Module. Click on this butto[...]

Chapter 10. Administration P assw ord For the ’admin’ Account The admin user is predefined. That user can make changes, load configurations, apply configurations and log on the T elecommuting Module via the serial cable. Y ou can’t remo ve this user or change its privile ges, only change its password. Old passw ord Enter the old password f[...]

Chapter 10. Administration Account T ype Select what privile ges this user should hav e. Full Access means that the user can make an y changes to the configuration. This is the same privileges as t he admin user has in the web GUI, but only the admin user can log on via the serial cable. Backup/Restore Config means that the user can do wnload the[...]

Chapter 10. Administration Log out If your user has full access to the web interface, you can log out other users. Ho wev er, if you do not change their password (or change the Account type to Of f), they can just log on again. Upgrade Read these instructions carefully before upgrading. Y ou find version upgrades for 3Com VCX IP T elecommuting Mod[...]

Chapter 10. Administration Step 4 When you hav e pressed T ry the upgrade and the T elecommuting Module has rebooted, you will see two buttons on top of ev ery web page: Accept upgrade and Abort upgrade . Now , you can choose to make the upgrade permanent or to rev ert to the old version. Y ou can check the configuration, but no changes can be don[...]

Chapter 10. Administration Edit Column Select if all, some or none of the T elecommuting Module tables should hav e an Edit column. If you select that some tables hav e an Edit column, you also enter the size required to add the Edit column. Alwa ys have an Edit column Regardless of the table size, all tables will ha ve an Edit column. Sometimes ha[...]

Chapter 10. Administration The Time zone field sho ws the current time zone setting. Change time zone by selecting one in the left-hand box and press the Change time zone button. Change Date and Time Manually Here you change the T elecommuting Module clock manually . When you change time here, there will be a time gap in the log files (if you cha[...]

Chapter 10. Administration Synchr oniz e time with NTP Here, select if NTP synchronizing should be enabled or not. Enter servers to sync with in the table belo w . DNS name or IP address The name/IP address of the NTP server to which the T elecommuting Module should connect. IP address Shows the IP address of the DNS name or IP address you entered [...]

Chapter 10. Administration Reboot Y our 3Com VCX IP T elecommuting Module When this button is pressed, the T elecommuting Module will immediately reboot. All activ e sessions, including SIP sessions, will be torn down at the reboot. Restar t the SIP Module When this button is pressed, the SIP module of the T elecommuting Module will restart and all[...]

Chapter 11. Logging 3Com VCX IP T elecommuting Module can log different types of traf fic, attempts to connect and other ev ents. Y ou can select to hav e the logs stored on the T elecommuting Module’ s local hard drive, in w hich case they can be queried. When the T elecommuting Module’ s hard driv e gets full, it removes the oldest data to m[...]

Chapter 11. Logging you can select allowed, un-N A T :ed packets only . IP Address Selection Y ou can limit the selection by specifying certain IP addresses. In these fields, enter a single IP address (e. g., 10.3.27.3), a range of IP addresses (e. g., 10.3.27.1-10.3.28.254), an IP address followed by a netm ask (e. g.,10.3.27.0/24), a combination[...]

Chapter 11. Logging A to B Packets from A to B match es. B to A Packets from B to A match es. Between A&B Packets from A to B, or from B to A, matches. not this combination Packets that do not match th e given combination of A and B are sho wn in the log. If you, for example, want to sea rch for all packets to a web server , but not packets on [...]

Chapter 11. Logging Time Limits Y ou can limit the selection by a time interv al. The date is written as a year with two or four digits, month (01-12) and day (01-31). The optional punctuation between year , month and day must be dash (-). T ime is written as two digits for the hour , two digits for the minute and possibly two digits for the second[...]

Chapter 11. Logging The rows sho w the date and time, type of protocol, from interface, computer and port, to interface, computer and port, ICMP type for ICMP traf fic, flags, whether the packet was accepted, rejected or discarded, and the reason for this. For TCP traf fic, and for UDP traffic which is session managed, only the connection pack [...]

Chapter 11. Logging Once ev ery minute the load on all interfaces is scanned and sav ed to a local file. Every file contains 240 samples and a file generation consists of 42 files. The first generation of files contains samples for the last week (approximately). Every ne w file generation is created by merging two consecuti ve samples, enabl[...]

Chapter 11. Logging interface will generate one graph per interface. Y ou can also select to view only VPN traf fic. Direction Select one or more of Sent , Received and Sent+Recei ved . Each selection generates a separate graph in the diagram. V alue Select maximum, av erage or minimum value of each sample period. If vie wing load for time periods[...]

Chapter 11. Logging Resour ce Monitoring Y our T elecommuting Module can send SNMP traps when usage passes certain le vels. Set the lev els on this page. The trap receiv ers are configured on the SNMP page. For each usage, there is an Alarm by and a Resume by le vel. When the usage hits the Alarm by le vel, the T elecommuting Module sends a trap a[...]

Chapter 11. Logging The T elecommuting Module also produces log messages for SIP-related and VPN-related ev ents as well as administrator ev ents (when the administrator logs on or when a setting is changed). Here, you configure what will happen to these log messages. Inbound traffic Log class f or non-SIP packets Here, you select a log class for[...]

Chapter 11. Logging W arnings Log class f or hard ware error s Some T elecommuting Modules hav e hardware monitoring, and will generate log messages when the hardware fails in some way . Here, you select a log class for these messages. Log class f or email error s If the T elecommuting Module is unable to send email messages, for example, if the ma[...]

Chapter 11. Logging Log class f or IPsec key negotiation Here, you set the log class for ne w negotiations of IPsec connections keys. Log class f or IKE and NA T -T packets Here, you set the log class for the packets used for IKE ke y negotiations and for N A T -T packets. As they both use the same port on the T elecommuting Module, it will log bot[...]

Chapter 11. Logging Log class f or SIP packets The T elecommuting Module logs all SIP packets (one SIP packet is man y lines). Select a log class for the SIP packets. Log class f or SIP debug messa g es The T elecommuting Module logs a lot of status messages, for example the SIP initiation phase of a reboot. Select a log class for these messages. O[...]

Chapter 11. Logging Name Here, you giv e the log class a Name . Log locally? Select to sav e log messages to a local file on the T elecommuting Module. Locally saved logs can be searched on the Display Log page. Y es will cause the log messages using this log class to be sa ved to file. No will cause the log messages not to be sav ed on the T ele[...]

Chapter 11. Logging SMTP Server Here, you set an SMTP server for the log messages that the T elecommuting Module generates. This server will send the email messages to the email addresses set on the Log Classes page. If the connection between the T elecommuting Module and the SMTP server isn’ t working, an error message will be shown on this page[...]

Chapter 12. F ailo ver The 3Com VCX IP T elecommuting Module failov er function makes it possible to hav e a hot standby unit which always has the current configuration and which automatically tak es over when the acti ve unit goes do wn. The two units become a failover team . This function requires that one interface on the T elecommuting Module [...]

Chapter 12. F ailover • Go to the F ailover Settings page and select the interface which should be directly connected to the other T elecommuting Module as Dedicated interface to use . Check the Dedicated network to see that it doesn’t clash with any of your internal netw orks. • Press the Create new team b utton to create a new failo ver tea[...]

Chapter 12. F ailover DNS name or network ad dress In the DNS name or network addr ess field, enter the DNS name or IP address of the dedicated network. Network ad dress Shows the IP address of the DNS name or network address you entered in the pre vious field. Netmask/bits Netmask/bits is the netmask that will be used to specify the size of the [...]

Chapter 12. F ailover Look up all IP addresses a gain Looks up the IP addresses for all DNS names on this page in the DNS servers you entered on the Basic Configuration page. Reference Hosts The standby unit in the failov er pair can become activ e if a network interface on the acti ve unit is faulty , as opposed to the case when the entire unit i[...]

Chapter 12. F ailover F ailover Status Here are the settings used by the T elecommuting Module for failov er communication. T ype A T elecommuting Module can be Standalone or a T eam member . Dedicated interface If the T elecommuting Module is a member of a failov er team, the interface used for failov er communication is shown here. Dedicated netw[...]

Chapter 12. F ailover 2. Change type of the Active T elecommuting Module on the Failov er Settings page by pressing the Deactivate failover b utton. If you want to replace a unit in the failo ver team, you must first split the team and then make a ne w one. 117[...]

Chapter 13. T ools Under T ools , you find handy tools to troubleshoot the T elecommuting Module setup. P acket Capture 3Com VCX IP T elecommuting Module has a built-in packet capturer which can produce pcap trace files. This sniffer will capture all IP p ackets according to your selections, ev en those you can’t see in the log (like R TP packe[...]

Chapter 13. T ools Pr otocol/P or t Selection Y ou can limit the selection by specifying certain protocols. All IP protocols No restriction regarding protocols. TCP/UDP When selecting TCP or UDP , you can choose all packets or pack ets to certain ports only . In these fields, you can enter a single port number (32), a range of port numbers (1-1023[...]

Chapter 13. T ools only those matching certain criteria. In the type and code fields, you can enter a single number (e. g., 5), a range of numbers (e. g., 5-10), a list of numbers and ranges, separated by commas (e. g., 5, 10-20) or nothing at all. If the field is empty , any type or code will match. See appendix G, Lists of ports, ICMP and proto[...]

Chapter 14. Fire wall and Client Configuration Additional configuration for the fire wall and the SIP clients is required to make the T elecommuting Module work properly . The amount and nature of the configuration depends on which T elecommuting Module T ype was selected. The DMZ type Using the DMZ type, the network configuration should look [...]

Chapter 14. F ir ewall and Client Configuration • N A T between the T elecommuting Module and the Internet must not be used. • N A T between the T elecommuting Module and the internal networks must not be used. The SIP c lients SIP clients will use the T elecommuting Module as their outgoing SIP proxy and as their registrar (if the y can’t b[...]

Chapter 14. F ir ewall and Client Configuration SIP c lients The SIP clients on the internal network should ha ve the T elecommuting Module’ s IP address on that network as their outgoing SIP proxy and registrar . Other The DNS server used must ha ve a record for the SIP domain, which states that the T elecommuting Module handles the domain, or [...]

P ar t IV . Appendices In the appendices, you find more thorough information about Internet and computer security , such as descriptions of Internet services and lists of Internet protocols.[...]

Appendix A. More About SIP The SIP pr otocol SIP (Session Initiation Protocol), defined in RFC 3261 (with v arious extensions), handles creation, modification and termination of various medi a stream sessions over an IP network. It is for e xample used for Internet telephone calls and distribution of video streams. SIP also supports user mobility[...]

Appendix A. Mor e About SIP often opens up certain protocols and ports in adv ance, but now you don’ t know which ports to open. T o handle SIP through a firew all which doesn’t understand the SIP concept, all ports must be open all the time, which would mak e the firew all somewhat unnecessary . A firew all that understands SIP can open up [...]

Appendix B. T r oubleshooting T roubleshooting the T elecommuting Module largely consists of checking the hardware (the T elecommuting Module, the network connectors, ...) and checking the T elecommuting Module log. The log is usually an excellent tool in finding out why the T elecommuting Module does not do what you wanted it to do. Below is some[...]

Appendix B. T roubleshooting • Check that the (on the Logging Configuration page). A call is established, b ut there is no v oice • If you use a DMZ T elecommuting Module T ype, check on the Surroundings page that you ha ve separated the clients into correct networks. Clients that can reach each other without using the T elecommuting Module sh[...]

Appendix B. T roubleshooting The T elecommuting Module is unaccessib le for some time when trying to apply a configuration There is something in the new configuration that does not allow you to access the web configuration interface. • Check the log to see if your access attempts reached the T elecommuting Module. • Check that the configura[...]

Appendix C. Lists of Reserved P or ts, ICMP T ypes and Codes, and Internet Protocols The following lists discuss the most important ports and the server services that belong to them, and the different types of ICMP messages. Client programs usually use ports between 1024 and 65535. There are also lists ov er Internet protocols, reserved IP addresse[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols Name P or t/protocol Description www-http 80/udp WWW kerberos 88/tcp K erberos kerberos 88/udp K erberos pop2 109/tcp PostOffice V .2 pop3 110/tcp PostOffice V .3 sunrpc 111/tcp RPC 4.0 portmapper sunrpc 111/udp RPC 4.0 portmapper auth/ident 113/tcp Authenticatio[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols Name P or t/protocol Description at-echo 204/udp AppleT alk Echo at-5 205/tcp AppleT alk at-5 205/udp AppleT alk at-zis 206/tcp AppleT alk Zone Information at-zis 206/udp AppleT alk Zone Information at-7 207/tcp AppleT alk at-7 207/udp AppleT alk at-8 208/tcp Apple[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols Name P or t/protocol Description mount 635/udp NFS Mount Service pcnfs 640/udp PC-NFS DOS Authentication bwnfs 650/udp BW -NFS DOS Authentication flexlm 744/tcp Flexible License Manager flexlm 744/udp Flexible License Manager kerberos-adm 749/tcp K erberos Admini[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols T ype Name Reference 3 Destination Unreachable [RFC792] 4 Source Quench [RFC792] 5 Redirect [RFC792] 6 Alternate Host Address [JBP] 7 Unassigned [JBP] 8 Echo [RFC792] 9 Router Advertisement [RFC1256] 10 Router Solicitation [RFC1256] 11 T ime Exceeded [RFC792] 12 Pa[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols ICMP type Name Code Description 5 Source Route Failed 6 Destination Network Unkno wn 7 Destination Host Unknown 8 Source Host Isolated 9 Communication with Destination Network is Administrati vely Prohibited 10 Communication with Destination Host is Administrativ e[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols ICMP type Name Code Description 35 Mobile Registration Request 36 Mobile Registration Reply Internet pr otocols and their number s The following table lists co mmon Internet protocols and their protocol numbers. All these protocols run on IP . The list is extracted[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols Protocol n umber Keyw ord Protocol 64 SA T -EXP AK SA TNET and Backroom EXP AK 65 KR YPTOLAN Kryptolan 66 R VD MIT Remote V irtual Disk Protocol 68 any distrib uted file system 69 SA T -MON SA TNET Monitoring 70 VISA VISA Protocol 75 PVP P acket V ideo Protocol 80[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols 1-set bits Mask IP address class 13 255.248.0.0 5 14 255.252.0.0 6 15 255.254.0.0 7 16 255.255.0.0 0 17 255.255.128.0 1 18 255.255.192.0 2 19 255.255.224.0 3 20 255.255.240.0 4 21 255.255.248.0 5 22 255.255.252.0 6 23 255.255.254.0 7 24 255.255.255.0 0 25 255.255.2[...]

Appendix C. Lists of Reserved P orts, ICMP T ypes and Codes, and Internet Pr otocols Class IP intervals 7 0-1 2-3 4-5 6-7 8-9 10-11 ... 254-255 8 0 1 2 3 4 5 ... 255 Y ou could ha ve a large network, for e xample 130.234.128.0/18, which is interpreted from the tables as all IP addresses from 130.234.128.0 to 130.234.191.255, inclusi ve (18 is in cl[...]

Appendix D . Definitions of terms AFS, Andrew File System AFS is a more secure way of distrib uting file systems over a network. If files are mounted o ver the Internet, AFS is fairly secure. Normally , AFS uses Kerberos for security management. ARP ARP , Address Resolution Protocol, is a protocol for mapping an IP address to a physical machine [...]

Appendix D. Definitions of terms request a domain called, for instance, service. Belo w , we hav e ‘Company Inc., ’ which consists of three departments: A sales department, a service department, and a computer department. The computer department is divided into an IBM section and a Unisys section. Contact your internet service provider to re g[...]

Appendix D. Definitions of terms 192.165.122.42. Sev eral IP addresses are required to connect sev eral computers in a network; one for each computer . IP addresses were previously d ivided into A networks, B networks and C netw orks, but that terminology is now considered obsolete. An A n etwork was one where the first group of numbers is predet[...]

Appendix D. Definitions of terms N A T N A T (Network Address T ranslation), also known as masquerading, is a way to hide a netw ork from outside computers. Used with firew alls to hide the computers on the internal network from the rest of the world. Netmask See network mask. Network mask A network mask tells what computers can be accessed local[...]

Appendix D. Definitions of terms T wo NTP servers communicating with each other use port 123 and the UDP protocol. Open W indows Open W indows is a windo w system that is used by sev eral work stations. A similar window system is the X W indow System, which Open W indows is based on. The X W indow System and Open W indows use ports 6000 and upward[...]

Appendix D. Definitions of terms Relay When the local network is connected to the Internet through a fire wall, all types of services are usually blocked. It is as if the network is not connected to the Internet. Relays can then be set up to allo w certain services, such as the WWW , to pass through under controlled circumstances. Think of it as [...]

Appendix D. Definitions of terms Static Routing A fixed path for the contact between computers. W ith a static routing, traffic cannot be redirected to another path if the connection is broken. This would require dynamic routing, for e xample, with RIP . Syslog Syslog is a service for logging data. In UNIX, regular programs do not log an y infor[...]

Appendix E. License Conditions 3Com VCX IP T elecommuting Module contains third party software that is subject to the follo wing license agreements. T o fulfill the license conditions, we must either attach the source code with the software, or send a written offer , valid at least three years, to give a cop y of the source code to anyone who want[...]

Appendix E. License Conditions 1. This License applies to any program or other w ork which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", belo w , refers to any such program or work, and a "work based on the Program" means either the Pr[...]

Appendix E. License Conditions b) Accompany it with a written of fer , valid for at least three years, to gi ve any third party , for a charge no more than your cost of physically performing source distrib ution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 abo ve on a medi[...]

Appendix E. License Conditions 9. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an e xplicit geographical distribution limitation e xcluding those countries, so that distribution is permi[...]

Appendix E. License Conditions Preamble The licenses for most software are designed to take a way your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public Lic[...]

Appendix E. License Conditions The precise terms and conditions for copying, distrib ution and modification follow . Pay close attention to the difference between a "w ork based on the library" and a "work that uses the library". The former contains code deriv ed from the library , whereas the latter must be combined with the l[...]

Appendix E. License Conditions License, and its terms, do not apply to those sections when you distribute them as separate w orks. But when you distribute the same sections as part of a whole which is a w ork based on the Library , the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to th[...]

Appendix E. License Conditions Y ou must gi ve prominent notice with each copy of the work that the Library is used in it and that the Library and its use are cov ered by this License. Y ou must supply a copy of this License. If the work during ex ecution displays copyright notices, you must include the copyright notice for the Library among them, [...]

Appendix E. License Conditions 11. Each time you redistribute the Library (or an y work based on the Library), the recipient automatically receiv es a license from the original licensor to copy , distribute, link with or modify the Library subject to these terms and conditions. Y ou may not impose any further restrictions on the recipients’ e xer[...]

Appendix E. License Conditions 17. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LA W OR A GREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY O THER P AR TY WHO MA Y MODIFY AND/OR REDISTRIBUTE THE LIBRAR Y AS PERMITTED ABO VE, BE LIABLE TO Y OU FOR D AMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENT AL OR CONSEQUENTIAL D AMA GES ARISING OUT OF THE US[...]

Appendix E. License Conditions USE, D A T A OR PR OFITS, WHETHER IN AN ACTION OF CONTRA CT , NEGLIGENCE OR OTHER TOR TIOUS A CTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTW ARE. Python Imaging Library T erms The Python Imaging Library is Copyright (c) 1997-2001 by Secret Labs AB Copyright (c) 1995-2001 by Fredrik Lu[...]

Appendix E. License Conditions The MIT license T erms Copyright (c) 1998 Free Software F oundation, Inc. Permission is hereby granted, free of charge, to an y person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights t[...]

Appendix E. License Conditions 4. The names "OpenSSL T oolkit" and "OpenSSL Project" must not be used to endorse or promote products deriv ed from this software without prior written permission. For written permission, please contact openssl-core@openssl.org (mailto:openssl-core@openssl.or g). 5. Products deriv ed from this soft[...]

Appendix E. License Conditions jsew ard@acm.org (mailto:jse ward@acm.org) The lilo license T erms LILO program code, documentation and auxiliary programs are Copyright 1992-1998 W erner Almesberger . All rights reserved. Redistribution and use in source and binary forms of parts of or the whole original or deri ved work are permitted provided that [...]

Appendix E. License Conditions 3. Cavium Netw orks’ name may not be used to endorse or promote products derived from this softw are without specific prior written permission. This Software,including technical data,may be subject to U.S. e xport control laws, including the U.S. Export Administration Act and its associated regulations, and may be [...]

Appendix F . Obtaining Suppor t for Y our 3Com Pr oducts 3Com offers product re gistration, case management, and repair services through eSupport.3com.com. Y ou must hav e a user name and password to access these services, which are described in this appendix. Register Y our Pr oduct to Gain Ser vice Benefits T o take advantage of warranty and oth[...]

Appendix F . Obtaining Support for Y our 3Com Products T elephone T echnical Support and Repair T o obtain telephone support as part of your warranty and other service benefits, you must first register your product at: http://eSupport.3com.com/ When you contact 3Com for assistance, please hav e the following information ready: • Product model n[...]

Appendix F . Obtaining Support for Y our 3Com Products Country T elephone Number Country T elephone Number Italy 199 161346 U.K. 0870 909 3266 Y ou can also obtain support in this region using this URL: http://emea.3com.com/support/email.html Latin America - T elephone T echnical Support and Repair Country T elephone Number Country T elephone Numbe[...]

Inde x accounts for administration, 90 administration, 90 AFS, 140 alarm, 98 e-mail errors, 107 hardware errors, 107 RADIUS errors, 107 SNMP errors, 107 Andrew File System, 140 apply configuration, 16, 87 ARP , 140 authentication of administrator , 45 via RADIUS, 47 backup, 17, 88 Basic configuration SIP , 69 via serial console, 37 cache, 144 cap[...]

interoperability SIP , 71 IP , 142 IP address, 18, 141 log selection, 99 reserved, 139 via serial console, 37 IP intervals, 137 IP policy , 42 Kerberos, 140 LGPL, 150 license conditions, 147 limited test mode, 87 load diagram, 103 scanning, 102 load configuration via serial console, 39 load display , 102 log clear , 98 log classes, 109 log display[...]

dynamic, 141 of SIP traffic, 83 static, 146 sav e configuration, 17, 88 via serial console, 39 secret RADIUS, 47 Secure Shell, 145 serial console, 36 basic configuration, 37 main menu, 36 serial number , 15, 89 server , 145 Service-T ype, 50 shared secret RADIUS, 47 show configuration, 89 signed certificates, 55 SIP , 69, 82, 125, 145 media st[...]