- DL manuals
- 3Com
- Switch
- 3CR13501-73
- Hardware And Software Manual
3Com 3CR13501-73 Hardware And Software Manual
Summary of 3CR13501-73
Page 1
January 2004 security switch 6200 hardware and software users guides fiber 10/100/1000 10/100 console (max) 9800,8,n,1 packet link 1 3 5 7 2 4 6 8 9 11 13 15 10 12 14 16 fiber packet link 17 18 pwr mgmt1 mgmt2 sys hdd.
Page 2
Copyright © 2003, 3com corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3com corporation. 3com corporation reserves th...
Page 3
3com security switch 6200 hardware and software users guide contents about this guide intended audience ........................................................................................ V conventions.................................................................................................
Page 4
3com security switch 6200 hardware and software users guide 4 configuring the security switch 6200 system configuring system parameters............................................................... 4-2 configuring user authentication and access control............................. 4-5 configuring u...
Page 5
3com security switch 6200 hardware and software users guide 9 technical support online technical services ......................................................................... 9-1 world wide web site ............................................................................ 9-1 3com knowledgeb...
Page 6
3com security switch 6200 hardware and software users guide.
Page 7: About This Guide
3com security switch 6200 hardware and software users guide v about this guide this guide describes how to install and configure the 3com security switch 6200 hardware and system software. The security switch 6200 is based on the 3com system software and may be referred to as the system. Intended au...
Page 8
Vi 3com security switch 6200 hardware and software users guide about this guide related documentation the following guides provide additional installation and configuration information for the system. Security switch 6200 product release notes install server installation and configuration guide secu...
Page 9: Introduction
3com security switch 6200 hardware and software users guide 1-1 introduction 1 the security switch 6200 is a high performance, turnkey security services switch that integrates best-in-class firewall, virtual private networks, intrusion detection, and content security engines. The system offers high ...
Page 10
1-2 3com security switch 6200 hardware and software users guide introduction • one serial console port. • two redundant, hot-swappable power supplies. • five expansion slots for optional vpn or other security acceleration cards. Chassis the chassis is front rack mountable, in a standard 19 inch rack...
Page 11
3com security switch 6200 hardware and software users guide 1-3 introduction management options the system provides two system management options: • first time startup interview • configuration tool first time startup interview the security switch 6200 system uses a built in, easy to configure, inte...
Page 12
1-4 3com security switch 6200 hardware and software users guide introduction.
Page 13: Installation
3com security switch 6200 hardware and software users guide 2-1 installation 2 this chapter describes the security switch 6200 system installation, covering the following topics: • pre-installation considerations • chassis installation • interface connections before you start ! Warning: to ensure po...
Page 14
2-2 3com security switch 6200 hardware and software users guide installation site requirements the system installation site should meet the following requirements: shipment check using the packing slip as a reference, inspect package contents for missing or damaged items. If parts are missing or dam...
Page 15
3com security switch 6200 hardware and software users guide 2-3 installation figure 2-1 3com security switch 6200 shipping contents note: 3com recommends that you save the shipping containers in the event you need to send back one or more components. Fiber 10/100/1000 10/100 console (max) 9800,8,n,1...
Page 16
2-4 3com security switch 6200 hardware and software users guide installation additional equipment • pc running redhat linux 6.2 or greater software. This software is used to support the security switch 6200 graphical user interface (gui) and for hosting the check point™ firewall-1 ® management serve...
Page 17
3com security switch 6200 hardware and software users guide 2-5 installation terminal or pc a vt-100 terminal or a personal computer (pc) is required during installation. The terminal or pc is connected to the chassis’s craft port, allowing you to monitor start-up diagnostics and to configure the un...
Page 18
2-6 3com security switch 6200 hardware and software users guide installation tabletop mounting the security switch 6200 system can be mounted on any desk or table top. To do this you first need to attach the four rubber feet, supplied with the system, to the bottom of the box. To do this, complete t...
Page 19: Interface Connections And
3com security switch 6200 hardware and software users guide 3-1 interface connections and first time start-up 3 this chapter describes the procedure for powering up the security switch 6200 system for the first time. Specifically covered are the following: • connecting to the management console • po...
Page 20
3-2 3com security switch 6200 hardware and software users guide interface connections and first time start-up connecting a terminal or pc to the system front serial craft port to connect a terminal or pc to the system front serial craft port: 1. Connect one end of a db9-to-db9 cable into the termina...
Page 21
3com security switch 6200 hardware and software users guide 3-3 interface connections and first time start-up connecting remotely to access the system remotely: 1. Connect one end of an rj45-to-rj45 cable into a remote access device. 2. Connect the other end into the management port. Figure 3-2 show...
Page 22
3-4 3com security switch 6200 hardware and software users guide interface connections and first time start-up 2. Attach the male end of the power cable into an ac power source. The system is powered up when power is applied to the power supplies. Note: if the system is powered up with one power supp...
Page 23
3com security switch 6200 hardware and software users guide 3-5 interface connections and first time start-up post error beep codes the following tables list post error beep codes. Before system video initialization, the bios and bmc use these beep codes to inform users on error conditions. Bmc gene...
Page 24
3-6 3com security switch 6200 hardware and software users guide interface connections and first time start-up post memory error 3-beep codes beep code debug port 80h error codes daignostic led decoder meanings g=green, r=red, a=amber hi low 3 00h off off off off no memory was found in the system 3 0...
Page 25
3com security switch 6200 hardware and software users guide 3-7 interface connections and first time start-up first time startup the security switch 6200 system uses a built in, easy to configure, interview script that allows you to quickly configure your system for basic operations. Once you have c...
Page 26
3-8 3com security switch 6200 hardware and software users guide interface connections and first time start-up 6. Enter the system time. System time =========== the current date and time on this system is mon mar 10 13:04:23 est 2003 would you like to modify system time [n]: y please provide the date...
Page 27
3com security switch 6200 hardware and software users guide 3-9 interface connections and first time start-up select a country. Enter choice : 1)antigua & barbuda 18)ecuador 35)panama 2)anguilla 19)grenada 36)peru 3)netherlands antilles 20)french guiana 37)st pierre & miquelon 4)argentina 21)greenla...
Page 28
3-10 3com security switch 6200 hardware and software users guide interface connections and first time start-up 8. Select a region. 1) eastern time 2) eastern time - michigan - most locations 3) eastern time - kentucky - louisville area 4) eastern time - kentucky - wayne county 5) eastern standard ti...
Page 29
3com security switch 6200 hardware and software users guide 3-11 interface connections and first time start-up 10. Configure the snmp parameters. Configure snmp network management [n]: snmp configuration ================== enabling snmp ... Snmp server =========== enabled disabled contact root locat...
Page 30
3-12 3com security switch 6200 hardware and software users guide interface connections and first time start-up 12. Configure the host interfaces. Host interfaces =============== this section will help you configure interfaces on the host. The system has two management ports, two gigabit ethernet por...
Page 31
3com security switch 6200 hardware and software users guide 3-13 interface connections and first time start-up continue configuring interfaces [n]: continue this step until all interfaces are configured. 14. Configure your default gateway. Default gateway ================ this section allows you to ...
Page 32
3-14 3com security switch 6200 hardware and software users guide interface connections and first time start-up.
Page 33: Configuring The
3com security switch 6200 hardware and software users guide 4-1 configuring the security switch 6200 system 4 the system uses a menu driven configuration interface (cos_config) for configuration purposes. This tool supports adding, modifying, or deleting any of the system configuration parameters. T...
Page 34
4-2 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system configuration menu ================== 1) system parameters 2) user authentication and access control 3) network time protocol (ntp) 4) domain name service (dns) 5) simple network management pr...
Page 35
3com security switch 6200 hardware and software users guide 4-3 configuring the security switch 6200 system 2. To change any of the system parameters enter y, or press the enter key to leave system parameters unchanged. Enter the system host name [hostname]: enter the system domain name []: time zon...
Page 36
4-4 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system 1) eastern time 2) eastern time - michigan - most locations 3) eastern time - kentucky - louisville area 4) eastern time - kentucky - wayne county 5) eastern standard time - indiana - most loc...
Page 37
3com security switch 6200 hardware and software users guide 4-5 configuring the security switch 6200 system configuring user authentication and access control each system user is defined by the user’s name, password, and access level. Collectively, these properties define each user’s profile. Login ...
Page 38
4-6 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system enter access level operator, administrator>[guest]: administrator user accounts ============= 3. Enter the desired option and make more changes or enter x to return to the main menu. Modify th...
Page 39
3com security switch 6200 hardware and software users guide 4-7 configuring the security switch 6200 system defining access groups to provide a flexible method of configuring role based access control your system supports 16 access groups, each corresponding to a functional role within the customers...
Page 40
4-8 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system defining access permissions for every management object (configuration and statistics) either read-only or read-write privileges can be granted for each of the 14 user defined groups. The perm...
Page 41
3com security switch 6200 hardware and software users guide 4-9 configuring the security switch 6200 system defining authentication protocols in addition to the local authentication of user accounts it is possible to verify user credentials with either a radius server, or a windows active directory ...
Page 42
4-10 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system the following is an example adding radius and smb. Modify the authentication methods exit>[exit]: a enter authentication method [radius]: enter authentication control sufficient, optional>[su...
Page 43
3com security switch 6200 hardware and software users guide 4-11 configuring the security switch 6200 system 6. To define the radius parameters, enter a or enter x to return to the main menu. Enter server address [0.0.0.0]: enter server port [1812]: enter secret []: enter the desired information. Th...
Page 44
4-12 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system where: workgroup - the workgroup system should use for authentication. Primary server - the dns name of the primary active directory server. Secondary server - the dns name of a backup active...
Page 45
3com security switch 6200 hardware and software users guide 4-13 configuring the security switch 6200 system configuring domain name resolution domain name resolution allows you translate and search domain names. The domain name system (dns) is a global network of servers that translate host names l...
Page 46
4-14 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system domain name resolution configuration ==================================== 1) dns servers 2) dns search domains x) exit enter choice [x]: 3. Enter the desired option or enter x to return to th...
Page 47
3com security switch 6200 hardware and software users guide 4-15 configuring the security switch 6200 system snmp server =========== enabled enabled contact lab@crossbeamsys.Com location the lab would you like to modify the snmp configuration n>[n]: 3. Enter y to modify the snmp configuration or n t...
Page 48
4-16 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system snmp communities ================ change the snmp communities exit>[exit]: 5. Enter the desired option or enter x to return to snmp configuration menu. Snmp configuration ================== 1...
Page 49
3com security switch 6200 hardware and software users guide 4-17 configuring the security switch 6200 system access - specifies the access privilege a user has. Valid values include: read-only - user has only read access to the mib; read-write - user has both read and write access to the mib. Oid - ...
Page 50
4-18 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system configuring alarm monitors alarm monitors can be created to send snmp traps if the value of a mib variable crosses a specified threshold. When the alarm condition occurs the value of the moni...
Page 51
3com security switch 6200 hardware and software users guide 4-19 configuring the security switch 6200 system configuring physical interfaces there are three types of physical interfaces on the system: management, gigabitethernet, and fastethernet. The management interfaces allow you to manage the co...
Page 52
4-20 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system physical interfaces =================== modify physical interface parameters [n]: 3. Enter y to modify additional physical interfaces or n to return to the main menu. Interface mac address (c...
Page 53
3com security switch 6200 hardware and software users guide 4-21 configuring the security switch 6200 system configuring tap interfaces tap interfaces are used to copy the input and output packets from a physical interface prior to the processing by the secure xl accelerator. These taps can be used ...
Page 54
4-22 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system configuring network interfaces a network interface associates an ip address with a physical connection and optionally a vlan id. To configure network interfaces: 1. Select option 9 from the m...
Page 55
3com security switch 6200 hardware and software users guide 4-23 configuring the security switch 6200 system ip interfaces ============= modify the ip interfaces exit>[exit]: 4. Enter the desired option to add, delete, or modify additional network interfaces or enter x to return to the main menu. Co...
Page 56
4-24 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system ip aliases ========== modify the ip aliases exit>[exit]: a enter interface [fastethernet 1]: vlan interface [n]: y enter vlan id : 100 enter ip address [0.0.0.0]: 128.205.2.24 enter network m...
Page 57
3com security switch 6200 hardware and software users guide 4-25 configuring the security switch 6200 system configuring static routes static ip routes are user-defined routes that cause packets moving between a source and a destination to take a specific path. To configure static routes: 1. Select ...
Page 58
4-26 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system configuring static arp entries you define static address resolution protocol (arp) entries by relating an ip address to a mac address. To configure static arp entries: 1. Select option 12 fro...
Page 59
3com security switch 6200 hardware and software users guide 4-27 configuring the security switch 6200 system configuring the virtual router redundancy protocol (vrrp) the virtual router redundancy protocol (vrrp) dynamically assigns responsibility for one or more virtual routers to the vrrp routers ...
Page 60
4-28 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system 2. Enter the desired option to add, delete, or modify a vrrp entry or enter x to return to the main menu. For example: modify the vrrp configuration exit>[exit]: m enter vrrp id [0]: 1 enable...
Page 61
3com security switch 6200 hardware and software users guide 4-29 configuring the security switch 6200 system vrrp configurations =================== configuring icmp rate limiting the icmp rate limiting feature allows you to control the amount of icmp traffic that goes through your system. This feat...
Page 62
4-30 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system 3. Enter the desired icmp rate limiting value and press enter. For example: set icmp rate limiting (kb/sec) [0]: 2000 nim configuration ================== max icmp rate (kb/sec) 2000 you are ...
Page 63
3com security switch 6200 hardware and software users guide 4-31 configuring the security switch 6200 system address="127.127.1.0" > address="127.127.1.0" > address="10.1.1.50" > address="10.1.1.50" > domainname="3com.Com" > domainname="3com.Com" > enable="enabled" contact="lab@3com.Com" location="t...
Page 64
4-32 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system duplex="full" speed="10" > ifname="fastethernet 15" autoneg="off" duplex="half" speed="100" > ifname="fastethernet 15" autoneg="off" duplex="half" speed="100" > ifname="management 1" address=...
Page 65
3com security switch 6200 hardware and software users guide 4-33 configuring the security switch 6200 system gateway="192.168.10.1" metric="2" > ip_addr="128.205.1.30" mac_addr="00:00:a2:00:00:02" > ip_addr="128.205.1.30" mac_addr="00:00:a2:00:00:02" > ip_addr="128.205.1.31" mac_addr="00:00:a2:00:00...
Page 66
4-34 3com security switch 6200 hardware and software users guide configuring the security switch 6200 system ip_addr="30.0.0.10" > name="fastethernet 1" vlan="100" id="2" use_vmac="enabled" priority="100" group_id="1" ip_addr="30.0.0.10" > name="fastethernet 1" vlan="100" id="2" use_vmac="enabled" p...
Page 67: Upgrading The System
3com security switch 6200 hardware and software users guide 5-1 upgrading the system software 5 this chapter describes how to update your 3com security switch 6200 system software. Upgrading the system software if you are upgrading your system from a previously configured release, you do not need to...
Page 68
5-2 3com security switch 6200 hardware and software users guide upgrading the system software 6. Enter the following command at the root prompt: gzip –d upgradepack-ocode-azzz-y.Y.Y-y-x.X.X-x.Shar.Gz 7. Once the above command completes, enter the following command at the root prompt: chmod 700 upgra...
Page 69: Upgrading The System
3com security switch 6200 hardware and software users guide 6-1 upgrading the system software using the safe upgrade and rollback features 6 your system ships with two disk partitions, one partition is used for the current runtime (rp) version of software and the other partition is for the upgraded ...
Page 70
6-2 3com security switch 6200 hardware and software users guide upgrading the system software using the safe upgrade and rollback features /dev/ataraid/d0p2 14 79 530145 82 linux swap /dev/ataraid/d0p5 80 882 6450097 83 linux # / /dev/ataraid/d0p6 883 2070 9542609+ 83 linux # /opt /dev/ataraid/d0p7 ...
Page 71
3com security switch 6200 hardware and software users guide 6-3 upgrading the system software using the safe upgrade and rollback features upgrading from version 2.1 and greater newer versions of version 2.1 and greater allow you to do a full copy of the running partition (rp) to an upgrade partitio...
Page 72
6-4 3com security switch 6200 hardware and software users guide upgrading the system software using the safe upgrade and rollback features upgrading from software to a up while an rp is operational (rollback) newer versions than 2.1 and greater allow you to install the system software to a up while ...
Page 73: Using The Security Switch
3com security switch 6200 hardware and software users guide 7-1 using the security switch 6200 system’s configuration backup tool 7 this chapter describes how to use the security switch 6200 systems configuration backup tool. This tool allows you to backup everything under the specified directory tr...
Page 74
7-2 3com security switch 6200 hardware and software users guide using the security switch 6200 system’s configuration backup tool.
Page 75: Configuring Rip and Ospf
3com security switch 6200 hardware and software users guide 8-1 configuring rip and ospf on your security switch 6200 system 8 the ipinfusion's zebos server routing suites version 1.5 tar file has been expanded in the directory /crossbeam/apps/zebos/zebos-1-5. To install the ipinfusion's zebos serve...
Page 76
8-2 3com security switch 6200 hardware and software users guide configuring rip and ospf on your security switch 6200 system.
Page 77: Technical Support
3com security switch 6200 hardware and software users guide 9-1 technical support 9 3com provides easy access to technical support information through a variety of services. This chapter describes these services. Information contained in this chapter is correct at time of publication. For the most r...
Page 78
9-2 3com security switch 6200 hardware and software users guide technical support 3com knowledgebase web services the 3com knowledgebase is a database of technical information to help you install, upgrade, configure, or support 3com products. The knowledgebase is updated daily with technical informa...
Page 79
3com security switch 6200 hardware and software users guide 9-3 technical support support from 3com if you are unable to obtain assistance from the 3com online technical resources or from your network supplier, 3com offers email and telephone technical support services. To find out more about your s...
Page 80
9-4 3com security switch 6200 hardware and software users guide technical support telephone support numbers country telephone number country telephone number asia, pacific rim australia india indonesia malaysia new zealand pakistan philippines singapore s. Korea taiwan thailand 1 800 678 515 +61 2 9...
Page 81
3com security switch 6200 hardware and software users guide 9-5 technical support latin america from the caribbean, central and south america, call: antigua argentina aruba bahamas barbados belize bermuda bonaire brazil cayman chile colombia costa rica curacao ecuador dominican republic guatemala ha...
Page 82
9-6 3com security switch 6200 hardware and software users guide technical support returning products for repair before you send a product directly to 3com for repair, you must first obtain an authorization number. Products sent to 3com without authorization numbers will be returned to the sender uno...
Page 83
3com security switch 6200 hardware and software users guide 9-7 technical support latin america antigua argentina aruba bahamas barbados belize bermuda bonaire brazil cayman chile colombia costa rica curacao ecuador dominican republic guatemala haiti honduras jamiaca martinique mexico nicaragua pana...
Page 84
9-8 3com security switch 6200 hardware and software users guide technical support.
Page 85: Technical Specifications
3com security switch 6200 hardware and software users guide a-1 a technical specifications this appendix lists the physical, environmental, and power characteristics of the 3com security switch 6200. Physical characteristics size (inches): 3.5 h x 17.5 w x 25.5 d weight: approximately 32 lbs environ...
Page 86
A-2 3com security switch 6200 hardware and software users guide technical specifications.
Page 87: Connector Pin Assignments
3com security switch 6200 hardware and software users guide b-1 b connector pin assignments this appendix describes the craft port pin assignments: the craft port, located on the front of the system, uses a db- 9 connector with the following pin identifications and associated signals. Db-9 connector...
Page 88
B-2 3com security switch 6200 hardware and software users guide connector pin assignments.
Page 89: Regulatory Information
3com security switch 6200 hardware and software users guide c-1 c regulatory information this appendix provides the following compliance statements: • regulatory standards compliance • radio frequency interference • vcci statement regulatory standards compliance the following regulatory agencies hav...
Page 90
C-2 3com security switch 6200 hardware and software users guide regulatory information emi compliance radio frequency interference note in accordance with fcc part 15 subpart b requirements, changes or modifications made to this equipment not expressly approved by 3com corporation could void the use...