- DL manuals
- 3Com
- Other
- SECPATH U200-CS
- Installation Manual
3Com SECPATH U200-CS Installation Manual
Summary of SECPATH U200-CS
Page 1
H3c secpath u200 series unified threat management products installation manual hangzhou h3c technologies co., ltd. Http://www.H3c.Com manual version: 5pw101-20090520
Page 2
Copyright © 2009, hangzhou h3c technologies co., ltd. And its licensors all rights reserved no part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of hangzhou h3c technologies co., ltd. Trademarks h3c, , aolynk, , h 3 care, , top g, , irf, n...
Page 3
About this manual organization h3c secpath u200 series unified threat management products installation manual is organized as follows: chapter contents 1 product overview briefly introduces the product specifications, as well as the features and applications of the h3c secpath u200 series utm device...
Page 5
Documentation feedback you can e-mail your comments about product documentation to info@h3c.Com. We appreciate your comments. Environmental protection this product has been designed to comply with the requirements on environmental protection. For the proper storage, use and disposal of this product,...
Page 6: Table of Contents
I table of contents 1 product overview ······································································································································1-1 introduction ··············································································································...
Page 7: Product Overview
1-1 1 product overview introduction the h3c secpath u200 series unified threat management products are new-generation utm devices designed for enterprise users. The u200 series comprises three models: z u200-a: designed for large- and medium-sized enterprise users z u200-m: designed for medium-sized...
Page 8
1-2 policy control. With security zones, security administrators can classify interfaces with different security requirements into different zones. This simplifies policy maintenance and separates network services and security services. Z packet filtering: applies standard or extended acl rules betw...
Page 9
1-3 rear view figure 1-2 u200-a rear view (1) (2) (3) (4) (5) (6) (1) grounding screw and symbol (2) open book symbol (3) ac power switch (on/off) (4) ac power socket (5) slot 1 (with an nsq1gt2ua0 module installed) (6) slot 2 (with an nsq1gt2ua0 module installed) the open book symbol is used to rem...
Page 10
1-4 rear view figure 1-4 u200-m rear view (1) grounding screw and symbol (2) open book symbol (3) ac power switch (on/off) (4) ac power socket (5) slot 1 (with an nsq1gt2ua0 module installed) for detailed description of the open book symbol, refer to the note under figure 1-2. U200-s front view figu...
Page 11
1-5 rear view figure 1-6 u200-s rear view (1) ac power socket (2) slot (with 2ge) (3) open book symbol (4) grounding screw and sign for detailed description of the open book symbol, refer to the note under figure 1-2. Technical specifications processor and storages table 1-1 processor and storages o...
Page 12
1-6 fixed interfaces and slots table 1-3 interface (fixed) and slot specifications description item u200-a u200-m u200-s console port 1 (9600 bps to 115200 bps, 9600 bps by default) usb interface 1 (host mode, reserved without software support) 6 (ge0 to ge5) 5 (ge0 to ge4) ge interfaces 10/100/1000...
Page 13
1-7 components processor and storages processor a u200 series device uses a multi-core microprocessor as its data forwarding and service processing engine. Flash a u200 series device uses a 32 mb flash for storing bootware and app. Memory the memory temporarily stores data for the running system and...
Page 14
1-8 led status description off the system is powered off or faulty. Slow blinking (at 1 hz) the interface module is operating normally as configured. Sys (green) fast blinking (at 8 hz) software is being loaded or the system is not working. Off the power module is not working or faulty. Pwr (green) ...
Page 15
1-9 attribute description services connection to an ascii terminal connection to the serial interface of a local pc to run the terminal emulation program command line interface 3) console cable the console cable is an 8-core shielded cable. The rj-45 connector at one end of the cable is for the cons...
Page 16
1-10 leds in the upper corners to indicate its status. Table 1-10 description of ethernet interface leds status description off no link is present. Link on a link is present. Off no data is being received or transmitted. Act blinking data is being received or transmitted. 2) specifications table 1-1...
Page 17
1-11 when working in the forced mode, ethernet does not support mdi/mdix autosensing. 4) cable connecting electrical ethernet interfaces ethernet electrical interfaces usually use category-5 twisted pair cables. Ethernet cables fall into two categories: z standard cables: also known as straight-thro...
Page 18
1-12 rj-45 signal direction category-5 twisted pair signal direction rj45 4 — blue — 4 5 — white (blue) — 5 6 rx- green Å 2 7 — white (brown) — 7 8 — brown — 8 z you can refer to the tables above when trying to identify or preparing the two types of ethernet cables. Z when preparing ethernet cables,...
Page 19
1-13 z at present, the usb interface provided on a u200 series device is a reserved module without software support. Z use the usb flash drives provided by h3c only, because the u200 series may be incompatible with other usb flash drives. Z avoid removing the usb flash drive when its led is flashing...
Page 20
1-14 the cf card is hot-swappable. When the device is reading from or writing to the cf card or performing any other file system related operation, the cf card led blinks. Do not unplug the cf card in this state because doing so can corrupt the file system in it. Ac power input table 1-14 lists the ...
Page 21
1-15 z for single-port use, maximum discharge current (8/20μs waveform): 5 ka, output voltage (10/700μs waveform): core-core for the installation of the port lightning arrester, refer to the “installing a port lightning arrester” section in chapter 4 “installing the u200 series device.” power lightn...
Page 22
1-16 system software the u200 series operate on the h3c comware v5 or i-ware software platform, integrating a rich set of security features including virtual firewall, attack prevention, load balancing, and p2p traffic management. Combining network and security technologies perfectly, the series can...
Page 23: Table of Contents
I table of contents 2 interface cards and interface modules ···································································································2-1 2ge module ······························································································································...
Page 24
2-1 2 interface cards and interface modules z currently, the u200 series do not support hot-swapping of interface modules. Z with the hot swapping feature, you can remove an interface module after stopping it with the remove slot number command and then replacing the interface module or plugging in ...
Page 25
2-2 leds table 2-1 description of the leds on the front panel of the 2ge module led status description off no link is present. Link on a link is present. Off no data is being transmitted or received. Act blinking data is being transmitted or received. Interface specifications table 2-2 interface spe...
Page 26
2-3 for how to connect the ethernet cable, refer to the “connecting an ethernet cable for the 2ge module” section in chapter 4 “installing the u200 series device.” nsq1gt2ua0 module introduction the nsq1gt2ua0 module is a mim high-speed layer 3 gigabit ethernet interface module. The module provides ...
Page 27
2-4 nsq1gp4u0 module introduction the nsq1gp4u0 module is a high-speed layer 3 gigabit ethernet interface module. The module provides four sfp optical interfaces that support the layer-3 routing function. Each interface on the nsq1gp4u0 module is available with an led indicating its status. The nsq1...
Page 28
2-5 item specification type multi-mode short haul single-mode medium haul long haul (1310 nm) long haul (1550 nm) single-mode ultra-long haul min. –9.5 dbm –9 dbm –2 dbm –4 dbm –4 dbm optical transmit power max. 0 dbm –3 dbm 5 dbm 1 dbm 2 dbm receiving sensitivity –17 dbm –20 dbm –23 dbm –21 dbm –22...
Page 29
2-6 for how to connect the interface cable for the nsq1gp4u0 module, refer to “connecting an optical fiber or ethernet cable to the nsq1gp4u0 module" in chapter 4 “installing the u200 series device.” nsq1wlan0 module introduction the nsq1wlan0 module is an 802.11a/b/g mini wlan interface module that...
Page 30
2-7 figure 2-8 omni antenna for the nsq1wlan0 module for how to connect the antenna for the nsq1wlan0 module, refer to “connecting an antenna for the nsq1wlan0 module” in chapter 4 “installing the u200 series device.” arranging slots and naming interfaces slot arrangement the u200 series support int...
Page 31
2-8 3) if an nsq1wlan0 module is installed on the u200-s, the wlan interface on the module is named as follows: z wlan radio 1/0
Page 32: Table of Contents
I table of contents 3 preparing for installation ··························································································································3-1 environment requirements ····································································································...
Page 33: Preparing For Installation
3-1 3 preparing for installation environment requirements the u200 series are designed for indoor use. To ensure normal operation and prolong service life of the u200 series devices, the installation site must meet the requirements described in this chapter. Ventilation requirements the fans of a u2...
Page 34
3-2 cleanness requirements dust concentration limits dust is hazardous to the operating safety of devices. Dust buildup on chassis may result in static absorption, causing poor contact of metal components or points. When indoor humidity is extremely low, this is more likely to happen, shortening the...
Page 35
3-3 hold a card, module, or circuit board by its edges when observing or moving it, avoiding direct contact with the components on it. Use of an esd-preventive wrist strap follow these steps to wear an esd-preventive wrist strap: step1 put the esd-preventive wrist strap around your wrist. Step2 tigh...
Page 36
3-4 keep the device far away from radio stations, radar, and high-frequency devices working at high current. Use electromagnetic shielding when necessary. Lightning protection by design, a u200 series device is lightning protective, but excessive lightning may still damage the device. To protect the...
Page 37
3-5 means the reader be extremely careful. Improper operation may cause device damage or bodily injury. Means the reader be careful. Improper operation may cause device malfunction. General safety recommendations keep the device and installation tools away from walk area. Keep the device far away fr...
Page 38
3-6 checklist before installation before you proceed to install your device, check that all requirements listed in table 3-4 are met and you are aware of all listed operation requirements. Table 3-4 checklist before installation item requirements ventilation at least 10 cm (3.94 in.) of clearance is...
Page 39
3-7 item requirements rack-mounting requirements install the device in an open rack if possible. If you install the device in a closed cabinet, make sure that the cabinet has a good ventilation system. The rack is sturdy enough to support the weight of the device and installation accessories. The si...
Page 40: Table of Contents
I table of contents 4 installing the utm device ·························································································································4-1 preparations···················································································································...
Page 41: Installing The Utm Device
4-1 4 installing the utm device preparations before installing the device, make sure that: z you have read through chapter 3 “preparing for installation.” z all the requirements mentioned in chapter 3 “preparing for installation” are satisfied. Installation flowchart figure 4-1 installation flowchar...
Page 42
4-2 z length and width of the workbench are larger than the distance between the feet of the device. See table 4-1 for the dimensions of the u200 series devices. Table 4-1 dimensions of the u200 series devices description item u200-a u200-m u200-s dimensions without feet or rack-mounting brackets (h...
Page 43
4-3 figure 4-3 rack-mounting brackets for the u200-a/u200-m (1) left front rack-mounting bracket (2) right front rack-mounting bracket before mounting the device in a rack, attach the rack-mounting brackets securely to the left and right front sides of the device, the u200-s for example, as shown in...
Page 44
4-4 figure 4-5 mount the device in the rack installing generic modules generic modules include cf card, mini interface cards and mim modules. For their installation procedures, see chapter 7 “maintaining hardware.” pgnd cable connection importance of pgnd cable connection correct connection of the p...
Page 45
4-5 figure 4-6 connect the pgnd cable (1) grounding screw hole (2) ot terminal (3) grounding screw (4) pgnd cable (5) grounding symbol follow these steps to connect the pgnd cable, taking the u200-s for example: step1 remove the grounding screw from the device chassis. Step2 put the supplied ot term...
Page 46
4-6 installing a port lightning arrester (optional) z you need to install lightning arresters only for 10/100 mbps rj-45 ethernet ports. Z the u200 series devices are not shipped with lightning arresters for ports in case of standard configuration. You can purchase one if needed. Before connecting a...
Page 47
4-7 figure 4-8 install a port lightning arrester indoor ethernet cables outdoor ethernet cable port lightning arrester (stuck on the chassis) grounding cable of the lightning arrester rack conversion cable utm device power input grounding screw of the device precautions to ensure the performance of ...
Page 48
4-8 figure 4-9 install a power lightning arrester when connecting a power lightning arrester, follow these guidelines: 1) make sure that the protection wire (pe) terminal of the power lightning arrester is well grounded before using it. 2) after the ac power cord of the device is plugged into the mu...
Page 49
4-9 serially connected to a signal cable, a signal lightning arrester must satisfy the requirements of network performance indexes such as data transmission bandwidth, as well as the lightning protection performance requirement. Therefore, before installing a signal lightning arrester, you need to c...
Page 50
4-10 table 4-2 technical specifications of the ac power socket specification item u200-a u200-m u200-s rated voltage range 100 vac to 240 vac, 50 hz or 60 hz maximum input current 2 a 1.5 a maximum power 100 w 54 w connecting the ac power cord ac power supply rated voltage range: 100 vac to 240 vac,...
Page 51
4-11 figure 4-12 connect the ac power cord (1) ac power socket (100 vac to 240 vac, 50/60 hz, 1.5 a) (2) ac power connector (3) ac power cord connecting interface cables connecting the console cable follow these steps to connect the console cable: step1 select a configuration terminal. The configura...
Page 52
4-12 when connecting a pc to the device with the console cable, first connect the db-9 connector to the serial port on the pc, and then the rj-45 connector to the console port on the device. Connecting ethernet cables connecting an electrical ethernet port step1 connect one end of an ethernet cable ...
Page 53
4-13 z check that the status of the leds for the connected port is correct. For description of the leds on the 2ge module, see table 2-1 in chapter 2 “interface modules.” currently, the u200-s supports only the 2ge interface module. Connecting an ethernet cable to the nsq1gt2ua0 module see the “conn...
Page 54
4-14 z check the status of the link/act led on the module panel. If the led is on, an optical link is present; if the led is off, no optical link is present. In the latter case, the rx and tx ports may be connected incorrectly, and you can try to change the positions of the lc connectors of the two ...
Page 55: Table of Contents
I table of contents 5 starting and configuring the utm device ······························································································5-1 setting up a configuration environment·································································································5-1 c...
Page 56
5-1 5 starting and configuring the utm device you can use only the console port to make initial configuration of a u200 series device. Setting up a configuration environment connecting a u200 series device to a configuration terminal for how to connect a u200 series device to the configuration termi...
Page 57
5-2 figure 5-2 select a port for local configuration connection step3 set serial port parameters. Set the properties of the serial port in the com1 properties dialog box, as shown in figure 5-3. Table 5-1 set serial port parameters item value bits per second 9600 bps (default) data bits 8 parity non...
Page 58
5-3 figure 5-3 set serial port parameters step4 click ok after setting the serial port parameters to enter the hyperterminal window, as shown below. Figure 5-4 hyperterminal window step5 set hyperterminal properties. In the hyperterminal window, select file > properties from the menu, and select the...
Page 59
5-4 figure 5-5 set the terminal type power-on of the device checklist before device power-on before powering on the device, check that: z the power cord and ground cable are correctly connected. Z the voltage of the power source conforms to voltage requirement of the device. Z the console cable is c...
Page 60
5-5 table 5-2 normal led states upon device power-on led state meaning pwr (green) on the power module is supplying power normally. Slot1/slot2/slot (green) on a module is installed in the slot and operating normally. Sys (green) slow blinking (1 hz) the mainboard is operating normally as configured...
Page 61
5-6 bootware size : 1536kb flash size : 32mb cpld version : 1.0 pcb version : ver.A bootware validating... Press ctrl+b to enter extended boot menu... Press ctrl+b at this prompt to enter the extended bootware menu, or let the system start to decompress the application program. Z to enter the extend...
Page 62
5-7 this prompt indicates that the utm device has entered user view and is ready to configure. Configuration fundamentals the section covers the generic procedures that you need to follow to configure a u200 series device. Step1 before configuring the device, you should summarize the networking requ...
Page 63
5-8 particular view. However, some commonly used commands, such as ping and display current-configuration, can be executed in any view. Logging in to a u200 series device through a web browser a u200 series device supports web-based network management, which allows you to manage and maintain the dev...
Page 64
5-9 figure 5-7 web interface for the u200-m.
Page 65: Table of Contents
I table of contents 6 maintaining software·································································································································6-1 overview ····················································································································...
Page 66: Maintaining Software
6-1 6 maintaining software overview files managed by a u200 series device three types of files need to be managed on a u200 series device. They are: z bootware program file z application file z configuration file bootware program file the bootware program file is used for booting applications upon d...
Page 67
6-2 z the application files for system boot can be type m, b and s, but not type n/a (that is, types other than m, b, and s). Z you can modify the name of an application file using commands after the application boots. You can modify the type of application files of type m, b and n except for type s...
Page 68
6-3 z the configuration file name cannot be longer than 64 characters (including drive identifier and a string terminator). If the drive identifier is “cf:/”, the file name can be at most [ 64 – 1 – 4 ] = 59 characters in length; or, errors will occur in file operation. Typically, the file name is r...
Page 69
6-4 figure 6-1 bootware and comware programs upgrade flow upgrade end xmodem tftp ftp start n y choose the right comware application file through ethernet interface choose an upgrade method comware application upgrade comware ? Bootware menu bootware main menu when the device is powered on, the syst...
Page 70
6-5 copyright (c) 2004-2008 hangzhou h3c technologies co., ltd. Compiled date : may 7 2008 cpu type : xls208 cpu l1 cache : 32kb cpu clock speed : 750mhz memory type : ddr2 sdram memory size : 1024mb memory speed : 533mhz bootware size : 1536kb flash size : 32mb cpld version : 1.0 pcb version : ver....
Page 73
6-8 menu item description modify ethernet parameter modify ethernet interface parameters. Exit to main menu return to the bootware main menu. File control submenu select 4 on the bootware main menu to enter the file control submenu, where you can view the application files, modify file names, and de...
Page 74
6-9 table 6-5 bootware operation submenu menu item description backup full bootware backup the full bootware. Restore full bootware restore the full bootware. Update bootware by serial upgrade bootware through a serial interface update bootware by ethernet upgrade bootware through ethernet exit to m...
Page 75
6-10 z if the check succeeds, the receiving program sends an acknowledgement character and the sending program proceeds to send another packet. Z if the check fails, the receiving program sends a negative acknowledgement character and the sending program retransmits the packet. Modifying serial inte...
Page 76
6-11 figure 6-3 modify the baud rate on the terminal select call > call to establish a new connection. Figure 6-4 re-establish a call connection then, press the enter key, and the system will prompt the current baud rate and return to the previous menu. The system displays: the current baudrate is 1...
Page 77
6-12 upgrading the application the application upgrade through a serial interface is implemented on the serial submenu. Select 2 on the bootware main menu to enter the serial submenu. For detailed description on this submenu, refer to the “serial submenu” section on page 6-6. The following example s...
Page 78
6-13 then the system prompts you for the file name: input the file name: 1) if the input file name, main.Bin for example, is unique in the storage device, it is adopted and the system displays: updating file flash:/main.Bin.......................................................... .....................
Page 79
6-14 after modifying the baud rate of the serial interface and the terminal, return to the bootware operation submenu and select 1, the system displays the following: please start to transfer file, press to exit. Waiting ...Ccccccccccccccccccccccccc... Select transfer > send file… in the terminal wi...
Page 80
6-15 updating basic bootware...............Done! Updating extend bootware? [y/n]y the system succeeds in upgrading the basic segment and asks whether to upgrade the extended segment: z if you select n, the system completes the upgrade without upgrading the extended segment. Z if you select y, the sy...
Page 81
6-16 figure 6-9 set up a tftp upgrade environment z the u200-s serves as the tftp client, and pc serves as the tftp server. Z connect ethernet interface gigabitethernet 0/0 on the u200-s to the pc using a crossover ethernet cable. Ensure the connectivity between the u200-s and the pc. In this exampl...
Page 82
6-17 gateway ip address : ftp user name : ftp user password : table 6-7 description on the display information of setting ethernet interface parameters display information description '.' = clear field shortcut key . Is used to clear the current input. '-' = go to previous field shortcut key - is us...
Page 83
6-18 step4 after the upgrade is finished, select 0 to return to the bootware main menu, where you can select 1 to reboot the system from flash memory. Z if the input application file name is the same with the name of a file on flash memory, the system prompts “the file exists, will you recover it? [...
Page 84
6-19 62472 kb total (41855.5 kb free) table 6-8 description on the display information of the dir command display information description '.' directory of flash:/ name of the current directory. 62472 kb total (41855.5 kb free) used space of flash memory (available space) step3 upgrade the applicatio...
Page 85
6-20 file uploaded successfully. Z when you backup an application file, if a file having the same name with the file to be backed up exists on the server, the system overwrites the file on the server directly. Z you can backup a configuration file using the same method as backing up an application f...
Page 86
6-21 z connect gigabitethernet 0/0 on the device to the pc using a crossover ethernet cable. Ensure the connectivity between the device and the pc. In this example, the ip address of gigabitethernet 0/0 is 192.168.80.10 and that of the pc is 192.168.80.200. Z enable ftp server on pc and set the path...
Page 87
6-22 step5 upgrade an application file. Using ftp, you can download an application file from the server to the device, and overwrite the original main application file to upgrade the application. The upgraded application file takes effect when the device reboots. # download file main.Bin from the ft...
Page 88
6-23 table 6-10 description on display information for update and backup of an application file on the device display information description [ftp]get main.Bin main.Bin download the file used for upgrade flash:/main.Bin has been existing. Overwrite it? [y/n]:y the system prompts whether to overwrite...
Page 89
6-24 you can upgrade the application of the u200 series devices through gigabitethernet 0/0 only. Step2 enable the ftp service. # enable ftp server. [h3c] ftp server enable # add ftp username and password. [h3c] local-user guest [h3c-luser- guest] service-type ftp [h3c-luser- guest] password simple ...
Page 90
6-25 user (192.168.80.10:(none)): guest 331 password required for guest password: 230 user logged in. Table 6-12 description on the display information of enabling ftp server display information description c:\documents and settings\administrator>ftp enable the ftp client program on the pc. Ftp> ope...
Page 91
6-26 150 opening binary mode data connection for main.Bin. 226 transfer complete. Z when you download an application file, if a file having the same name with the downloaded file exists on the pc, the system prompts whether to overwrite the file on the pc. You need to choose y or n for confirmation....
Page 95
6-30 use the display startup command to verify the configuration. Display startup current startup saved-configuration file: flash:/startup.Cfg next startup saved-configuration file: flash:/testcfg.Cfg for details about the save and startup saved-configuration cfgfile commands, refer to the accompany...
Page 96
6-31 step1 enter the bootware main menu, and select 6 to boot the system by ignoring the system configuration. The system prompts: flag set successfully. The system prompts that the setting succeeds. Step2 when the bootware main menu appears again, select 0 to reboot the system. System is rebooting ...
Page 98
6-33 done! At this moment, backup for the extended segment is finished. Both the basic and extended bootware are backed up to flash memory. Backing up the full bootware using the cli bootrom backup now backuping bootrom, please wait... Backup bootrom! Please wait... Read normal basic bootrom complet...
Page 99
6-34 now restoring bootrom, please wait... Restore bootrom! Please wait... Read backup basic bootrom completed! Restore basic bootrom completed! Read backup extend bootrom completed! Restore extend bootrom completed! Restore bootrom completed! Upgrading/managing configuration through the web interfa...
Page 100
6-35 about signature database upgrade the signature database records the traffic patterns of known attacks exploiting various protocols. To keep the effectiveness of your u200 series device as a security device, you must upgrade the signature database timely to include latest updates. You can manual...
Page 101
6-36 upgrading software through the web interface you can download a software upgrade file from a tftp server to a u200 series device through the web interface. For how to log in to a u200 series device through the web interface, refer to chapter 5 “starting and configuring the u200 series device.” ...
Page 102
6-37 make settings on the web interface to upgrade the application of the utm device by downloading an upgrade file from the tftp server. Figure 6-14 network diagram for software upgrade 2) configuration prerequisites z tftp service is available on the device working as the tftp server. Z the file t...
Page 103
6-38 figure 6-15 enter the application security policy configuration page obtaining version information select system management > device management > signature upgrade from the navigation tree to enter the page displaying the current and the last version information of signature databases. Figure 6...
Page 104
6-39 configure automatic upgrade settings as shown in table 6-17. Table 6-17 automatic upgrade settings item description enable enable the automatic upgrade function by selecting the enable option. You can proceed with other configuration items only when this option is selected. Start from interval ...
Page 105
6-40 figure 6-19 page for maintaining device configuration files on the page, you can perform the tasks described in table 6-19. Table 6-19 maintain configuration files tab task configuration file information z view information about configuration files. Z click the icon for a configuration file to ...
Page 106
6-41 table 6-20 description of the backup configuration file list item description configuration id id of the compressed configuration file. Date date when the compressed configuration file was created. Software version software version of the device at the time when the compressed configuration fil...
Page 107: Table of Contents
I table of contents 7 maintaining hardware ·······························································································································7-1 preparing tools···············································································································...
Page 108: Maintaining Hardware
7-1 7 maintaining hardware preparing tools z phillips screwdrivers: p1-100mm, p2-150mm, p3-250mm z flat-blade screwdriver: p4-75mm z esd-preventive wrist strap, esd-preventive gloves z antistatic bags, antistatic pads the u200 series devices are not shipped with any of the above-mentioned tools. Pre...
Page 109
7-2 step2 unplug all interface cables from the rear panel while keeping the ground cable connected, and remove the fastening screws at both sides of the device. Figure 7-1 remove the screws at both sides of the device step3 insert a flat-blade screwdriver into the long narrow unlock slot at the bott...
Page 110
7-3 figure 7-4 remove the chassis cover internal structures of the u200 series devices figure 7-5 shows the internal structure of the u200-a, with the chassis cover removed. Figure 7-5 internal structure of the u200-a (1) connector for mim in slot 1 (2) mim slot 1 (3) connector for mim in slot 2 (4)...
Page 111
7-4 figure 7-7 internal structure of the u200-s (1) mini card connector (2) mini card slot (3) fan tray (4) power supply removing and installing blank panels black panels are used to cover empty interface card/module slots to prevent dust from entering chassis. Removing a blank panel you need to rem...
Page 112
7-5 figure 7-9 install a blank panel installing and removing a mini card installing a mini card follow these steps to install a mini card, taking the 2ge card for example: step1 power off the device. Step2 remove the blank panel from the interface card slot at the rear of the device. For how to remo...
Page 113
7-6 step5 power on the device, and look at the status led of the slot on the front panel. If the led stays on after the card completes initialization, the card is operating normally; if the led goes off, the card fails the self-test. Removing the mini card follow these steps to remove the mini card,...
Page 114
7-7 installing and removing a mim module installing a mim module follow these steps to install a mim, taking the nsq1gt2ua0 module for example: step1 power off the utm device. Step2 remove the blank panel from the intended interface module slot at the rear of the device. For how to remove a blank pa...
Page 115
7-8 figure 7-16 loose the captive screws step3 pull the mim module out along the guide rails. Figure 7-17 uninstall a mim module z put away the removed mim in an antistatic bag. Z if you are not installing a new mim in the empty interface module slot, install a blank panel to prevent dust from enter...
Page 116
7-9 figure 7-18 insert a cf card into the cf card slot if the application program for booting the utm device is stored in an external cf card, make sure that the right cf card has been correctly installed in the slot; otherwise the device will fail to boot up. Removing the cf card follow these steps...
Page 117
7-10 z do not remove the cf card when the utm device is booting or the led is flashing to avoid hardware damage. Z to protect the cf card, put it away in an antistatic bag..
Page 118: Table of Contents
I table of contents 8 troubleshooting ········································································································································8-1 troubleshooting the power system ·························································································...
Page 119: Troubleshooting
8-1 8 troubleshooting the barcode stuck on the u200 series device chassis contains information about production and servicing. Before you return a u200 series device for serving, please provide its barcode information to your sales agent. Troubleshooting the power system symptom the device cannot be...
Page 120
8-2 troubleshooting the configuration system if the system runs normally at power-on, the boot information is displayed on the configuration terminal. If the configuration system is faulty, the terminal screen may display nothing or garbled characters. No display on the terminal screen symptom the c...
Page 121
8-3 dealing with password loss if you have lost the bootware password, user password, or super password, refer to “dealing with password loss” in chapter 6 “maintaining software.” troubleshooting the cooling system symptom the temperature inside the device exceeds 45°c (113°f). Solution follow these...
Page 122: Table of Contents
I table of contents appendix a regulatory compliance information ···················································································· a-1 regulatory compliance standards·········································································································· a-1 euro...
Page 123
A-1 appendix a regulatory compliance information regulatory compliance standards table a-1 regulatory compliance standards discipline standards emc fcc part 15 (cfr 47) class a ices-003 class a vcci-3 class a vcci-4 class a cispr 22 class a en 55022 class a as/nzs cispr22 class a cispr 24 en 55024 e...
Page 124
A-2 weee directive–2002/96/ec the products this manual refers to are covered by the waste electrical & electronic equipment (weee) directive and must be disposed of in a responsible manner. Usa regulatory compliance fcc part 15 these products comply with part 15 of the fcc rules. Operation is subjec...
Page 125
A-3 japan regulatory compliance vcci these products comply with the requirements of vcci class a information technology equipment (ite). Warning: if this equipment is used in a domestic environment, radio disturbance may arise. When such trouble occurs, the user may be required to take corrective ac...
Page 126: Informationen 安全信息
B-1 appendix b safety information sicherheits informationen 安全信息 overview Überblick 概述 this section introduces part of the safety precautions that should be followed during the installation and maintenance of the equipment. And for the safety statements and warnings, there followed the translations ...
Page 127
B-2 说明: 为了避免可能发生的事故,请在进行任何操作前,仔细阅读设备操作手册和本章节的安全规范。手册中 出 现的说明、注意、警告、危险,不能涵盖所有的安全预防,仅仅是在整个操作过程中的安全提示和补充。 因此,负责安装和日常维护本设备的人员必须具备安全操作基本技能。 操作人员要按照当地的安全规范进行操作。出现在产品手册中的安全预防措施仅仅是当地安全规范的补 充。 在操作本设备时,请认真执行产品手册规定的安全规范。 conventions used symbole erläuterung 应用惯例 the symbols in this manual are shown in the foll...
Page 128
B-3 为了避免对人和设备造成伤害,请认真执行下列要求: z read all the instructions before operation. Z lesen sie alle anweisungen sorgfältig durch, bevor sie mit dem arbeiten beginnen. Z 在进行操作前仔细阅读手册内容。 z when installing the unit, always make the ground connection first and disconnect it last. Z beachten sie, dass bei der in...
Page 129
B-4 z können durch eine dc rps energiequelle angetrieben werden, aber die dc rps energiequelle muß von h3c geliefert werden. Z 设备可以使用 dc rps 电源供电,如果用户希望使用 dc rps 电源为设备供电,那么必须向杭州华 三通信技术有限公司购买指定型号的 dc rps 电源。 power cable zuleitung 电缆 note: installation and removal of live power cable is prohibited str...
Page 130
B-5 anmerkung: für mit gleichstrom betriebene ausrüstung benutzen sie bitte eine 1.0 mm 2 oder 16 awg zuleitung. Für mit wechselstrom betriebene ausrüstung benutzen sie bitte eine 1.0 mm 2 oder 16 awg zuleitung. 说明: dc 电源设备,请使用 1.0mm 2 或 16awg 电缆; ac 电源设备,请使用 1.0mm 2 或 16awg 电缆。 laser laser 激光辐射 the...