Upload
others
View
15
Download
0
Embed Size (px)
Citation preview
James EdwardsRichard Bramante
Al Martin
Nortel Guide to VPN Routing
for Security and VoIP
01_781274 ffirs.qxp 6/21/06 10:06 PM Page iii
File AttachmentC1.jpg
01_781274 ffirs.qxp 6/21/06 10:06 PM Page ii
Nortel Guide to VPN Routing for Security and VoIP
01_781274 ffirs.qxp 6/21/06 10:06 PM Page i
01_781274 ffirs.qxp 6/21/06 10:06 PM Page ii
James EdwardsRichard Bramante
Al Martin
Nortel Guide to VPN Routing
for Security and VoIP
01_781274 ffirs.qxp 6/21/06 10:06 PM Page iii
Nortel Guide to VPN Routing for Security and VoIPPublished byWiley Publishing, Inc.10475 Crosspoint BoulevardIndianapolis, IN 46256www.wiley.com
Copyright © 2006 by Wiley Publishing, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN-13: 978-0-471-78127-1ISBN-10: 0-471-78127-4
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
1MA/SU/QX/QW/IN
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any formor by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except aspermitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the priorwritten permission of the Publisher, or authorization through payment of the appropriate per-copy feeto the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978)646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, WileyPublishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, oronline at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations orwarranties with respect to the accuracy or completeness of the contents of this work and specifically dis-claim all warranties, including without limitation warranties of fitness for a particular purpose. Nowarranty may be created or extended by sales or promotional materials. The advice and strategies con-tained herein may not be suitable for every situation. This work is sold with the understanding that thepublisher is not engaged in rendering legal, accounting, or other professional services. If professionalassistance is required, the services of a competent professional person should be sought. Neither thepublisher nor the author shall be liable for damages arising herefrom. The fact that an organization orWebsite is referred to in this work as a citation and/or a potential source of further information does notmean that the author or the publisher endorses the information the organization or Website may provideor recommendations it may make. Further, readers should be aware that Internet Websites listed in thiswork may have changed or disappeared between when this work was written and when it is read.
For general information on our other products and services or to obtain technical support, please con-tact our Customer Care Department within the U.S. at (800) 762-2974, outside the U.S. at (317) 572-3993or fax (317) 572-4002.
Library of Congress Cataloging-in-Publication DataEdwards, James, 1962-Nortel guide to VPN routing / James Edwards, Richard Bramante, Al Martin.
p. cm.“Wiley Technology Publishing.”Includes index.ISBN-13: 978-0-471-78127-1 (cloth)ISBN-10: 0-471-78127-4 (cloth)1. Routing (Computer network management) 2. Extranets (Computer networks) I. Bramante,
Richard, 1944- II. Martin, Al, 1964- III. Title. TK5105.543.E39 2006004.6’2--dc22
2006011213
Trademarks: Wiley and related trade dress are registered trademarks of Wiley Publishing, Inc., in theUnited States and other countries, and may not be used without written permission. All other trade-marks are the property of their respective owners. Wiley Publishing, Inc., is not associated with anyproduct or vendor mentioned in this book.
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print maynot be available in electronic books.
01_781274 ffirs.qxp 6/21/06 10:06 PM Page iv
www.wiley.com
This book is dedicated to my wife, Denise, and our children: Natasia, Shaun, Nick, Emily, and Samantha.
For the support, pride, admiration, love, laughter, life lessons, and so much more that they give to me each
and every day of my life.
—Jim Edwards
This book is dedicated to my beloved departed wife, Barbara, who showed great courage and perseverance in facing and battling the illnesses that eventually took her from this life.
Her constant encouragement in whatever I wanted to pursue is not forgotten, nor will her memory fade. For without her in my life, I would not have my son, Richard, who is a source of joy and pride.
I thank him and his loving wife, Michelle, for the three beautiful grandchildren they blessed me with, my three amigos,
Vanessa, Ethan, and Olivia.
—Richard Bramante
01_781274 ffirs.qxp 6/21/06 10:06 PM Page v
01_781274 ffirs.qxp 6/21/06 10:06 PM Page vi
James Edwards (Nashua, NH) is a Nortel Networks Certified Support Spe-cialist (NNCSS) in VPN Routers. Working in the Premium Support Group(consisting of Nortel’s largest Enterprise customers), he has extensive experi-ence with many Nortel products, in particular in support for VPN Routers forthe last two years. Jim has previous technical writing experience and is alsoauthor of Nortel Networks: A Beginner’s Guide (McGraw-Hill, 2001).
Richard Bramante (Tewksbury, MA) is a Nortel Networks Certified SupportSpecialist (NNCSS) in VPN Routers. Richard has been in Nortel VPN Routersupport for three years and prior to this, was a technology lead on the InstantInternet (now part of the VPN Router portfolio) for four years. He has previ-ous technical writing experience drafting functional specifications and testingprocedures for various technologies and devices.
About the Authors
vii
01_781274 ffirs.qxp 6/21/06 10:06 PM Page vii
01_781274 ffirs.qxp 6/21/06 10:06 PM Page viii
Executive EditorCarol Long
Development EditorKevin Shafer
Production EditorAngela Smith
Copy EditorNancy Rapoport
Editorial ManagerMary Beth Wakefield
Production ManagerTim Tate
Vice President and Executive Group Publisher
Richard Swadley
Vice President and Executive Publisher
Joseph B. Wikert
Project CoordinatorJennifer Theriot
Graphics and Production Specialists
Jennifer ClickLauren GoddardDenny HagerStephanie D. JumperLynsey OsbornHeather RyanAlicia B. South
Quality Control TechnicianLeeann HarneyJoe Niesen
Proofreading and IndexingTechbooks
Cover ImageKristin Corley
Credits
ix
01_781274 ffirs.qxp 6/21/06 10:06 PM Page ix
01_781274 ffirs.qxp 6/21/06 10:06 PM Page x
Chapter 1 Networking and VPN Basics 1Networking Basics 2
The OSI Reference Model 2The Application Layer (Layer 7) 3The Presentation Layer (Layer 6) 4The Session Layer (Layer 5) 4The Transport Layer (Layer 4) 4The Network Layer (Layer 3) 5The Data Link Layer (Layer 2) 6The Physical Layer (Layer 1) 6
Overview of a Local Area Network 7Overview of a Wide Area Network 8Media Access Control Addressing 8Internet Protocol Addressing 9
IP Address Classes 10Class A Addresses 10Class B Addresses 11Class C Addresses 11Class D Addresses 11
Protocols and Other Standards 12Internet Protocol 12Interior Gateway Protocol 13Exterior Gateway Protocol 14Routing Information Protocol 14Open Shortest Path First 15Virtual Router Redundancy Protocol 16Digital Subscriber Line 16
Contents
xi
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xi
Integrated Services Digital Network 17Lightweight Directory Access Protocol 18Remote Authentication Dial-In User Service 18
Networking Hardware 19Random Access Memory 19Modem 19Channel Service Unit/Data Service Unit 20Computer Workstations 20Servers 20Network Interface Cards 21Switch 21Hub 22Router 22Repeater 22
Remote Access 24Remote Access Services 24Dial Access to a Single Workstation 25Remote Access System 25Terminal Servers 25
Network Security 26The Firewall 26
Proxy Server 27Packet Filtering 27Stateful Packet Inspection 27
Demilitarized Zone 27Hackers 28
VPN Basics 29VPN Overview 29VPN Tunneling Protocols and Standards 30
Secure Sockets Layer 30Public Key Infrastructure 32SecurID 32Internet Protocol Security 33Layer 2 Forwarding 34Point-to-Point Tunneling Protocol 35Layer 2 Tunneling Protocol 36Generic Routing Encapsulation 37
Summary 38
Chapter 2 The Nortel VPN Router 39The Nortel VPN Router Portfolio 40Modules and Interfaces 41
SSL VPN Module 1000 41Hardware Interface Options 42
Peripheral Component Interconnect Expansion Slots 4210/100Base-T Ethernet 421000Base-SX/1000Base-T Ethernet 42
xii Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xii
CSU/DSU 43T1/E1 43ADSL 44Serial Interfaces (V.35, X.21, RS-232) 44V.90 Dial Access Modem 45High Speed Serial Interface 45Encryption Accelerator Modules 45Console Port (DB-9) 45
Nortel VPN Router Solutions 46VPN Router 100 48
Overview 50Technical Specifications 50
VPN Router 200 Series 50VPN Router 221 50VPN Router 251 52VPN Router 600 53
VPN Router 1000 Series 55VPN Router 1010 55VPN Router 1050 57VPN Router 1100 58
VPN Router 1700 Series 59VPN Router 1700 60VPN Router 1740 61VPN Router 1750 62
VPN Router 2700 63Overview 64
VPN Router 5000 66Overview 66
VPN Router Features Comparison 67Deployment Examples 70
Branch Office Tunnel VPN Solution 70Extranet VPN Solution 71Remote Access VPN Solution 72
Summary 74
Chapter 3 The Nortel VPN Router Software Overview 75Nortel VPN Software 76
Accounting Services 76Bandwidth Management Services 76Certifications 77Encryption Services 77IP Routing Services 77Management Services 78Stateful Firewall 78User Authentication 78VPN Tunneling Protocols 79Secure Sockets Layer Services 79WAN Services 79
Contents xiii
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xiii
VPN Router Software Version 6.00 79Memory Requirements 80Optional Software Licenses 80
Advanced Router License Key 80Contivity Stateful Firewall License Key 81Additional VPN Tunnel Support License Key 81Features Introduced in VPN Router Version 6.00 81
Loading, Verifying, and Upgrading the VPN Router Software 82Release Notes 83Loading a New Version of VPN Router Software 83
Removing Unused Versions 102VPN Client Software 106
Installing the VPN Client Software 106Release Notes 107Installing the VPN Client 107
Upgrading the VPN Client Software 113Uninstalling the Existing Version of VPN Client Software 113Installing the Upgrade 115
Starting the VPN Client 122The VPN Client Connection Wizard Process 125
Selecting Username and Password Authentication Type 126Selecting Hardware or Software Token Card
Authentication Type 130Summary 132
Chapter 4 The Nortel VPN Router in the Network 133What Is a Virtual Private Network? 133Tunneling Basics 135
Branch Office Tunnel 136Aggressive Mode Branch Office Tunnel 138User/Client Tunnel 141PC-Based VPN Tunnels 142VPN-Enabled Device Acting in Client Mode 145Small Office or Home Office 148DMZ Creation and Usages 154
The Regional Office 158Nortel 100 VPN Router Added to Existing
Regional Office Network 160Upgrading a Regional Office to VPN Technology 162
The Central Office 164The VPN Router as an Access Point 166Client Access to the Corporate Network 168Client Load Balancing and Failover 171Corporate User Access to the Internet 172
Backup Interface Services 173Interface Group Fails 175Route Unreachable 175
xiv Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xiv
Ping Failure 175Time of Day or Day of the Week 176
Placement in the Network 177Network Administration of VPN Routers 180
Direct Access 181Control Tunnels 181Out-of-Band Management 181Logging 182SNMP 182Other Management Considerations 184
Summary 184
Chapter 5 Management Options and Overview 185Serial Port Management 186Command Line Interface 187
Accessing the CLI Through a Telnet Session 187Accessing the CLI Through the Serial Port 188CLI Command Modes 188
User EXEC Mode 189Privileged EXEC Mode 189Global Configuration Mode 190
CLI Help 191CLI Keystroke Shortcuts 196
Web-Based Management 197System 200Services 200Routing 201QoS 201Profiles 201Servers 202Admin 202Status 203Help 203
VPN Router Administrator 204File Management 205Checking the Current Status of Your VPN Router 206
Logs 206Configuration Log 206Event Log 208Security Log 210System Log 212
VPN Router System Status Tools 214Sessions 214Reports 215System 215Health Check 216Statistics 217Accounting 218
Contents xv
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xv
Other VPN Router Tools 218Trace Route 218Ping 219Address Resolution Protocol 219
VPN Router Administration 221Software Upgrades 221
Lightweight Directory Access Protocol 222Remote Authentication Dial-In User Service 222
Automatic System Backups 223System Recovery 223System Shutdown 224
Bandwidth Management 225Configuring Bandwidth Management 225Summary 227
Chapter 6 Authentication 229Understanding LDAP 230
LDAP Principles 231LDAP Request Flowchart 232Configuring Internal LDAP 232External LDAP 235Enabling LDAP Proxy 237Monitoring LDAP Servers 240
Using Remote Authentication Dial-in User Service 242Enabling RADIUS Authentication 242
RADIUS Server Selection 243RADIUS Authentication Options 245RADIUS Diagnostics 246
RADIUS Proxy 246Enabling RADIUS Accounting 248
Understanding Certificates 250SSL Encryption with LDAP Server 251
LDAP Certificate Installation 251LDAP Special Characters 252
External LDAP Proxy 252Tunnel Certificates 253
Using Public Key Infrastructure 254PKI Setup 254
CA and X.509 Certificates 254Loading Certificates 255Requesting a Server Certificate 255Server Certificates Using CMP 255Trusted CA Certificate Installation 260Trusted CA Certificate Settings 261
Certificate Revocation List Configuration 264CRL Server Configuration 265CRL Distribution Points 267
xvi Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xvi
CRL Retrieval 268Enabling Certificate Use for Tunnels 268Identifying Individual Users with Certificates 269Identifying Branch Offices with Certificates 270IPSec Authentication 271L2TP/IPSec Authentication 273Adding L2TP Access Concentrators 274
Summary 275
Chapter 7 Security 277Stateful Firewall Basics 277
Using Stateful Inspection 278Interfaces 278Filter Rules 279Anti-Spoofing 280Attack Detection 280Access Control Filters 281Network Address Translation 282
Configuring Stateful Firewall 283Configuration Prerequisites 283Stateful Firewall Manager System Requirements 284Enabling Firewall Options 284
Enabling the Stateful Firewall Feature 285Connection Limitation and Logging 286Application-Specific Logging 286Remote Logging of Firewall Events 287Anti-Spoofing Configuration 288Malicious Scan Detection Configuration 289
Firewall Policies 290Firewall Policy Creation and Editing 290
Policy Creation 290Rules 292
Implied Rules 292Static Pre-Implied Rules 293Dynamic Implied Rules 294Override Rules 295Interface Specific Rules 295Default Rules 296
Rule Creation 296Header Row Menu 297Row Menu 297Cell Menus 297Rule Columns 298
Creating a New Policy 305Firewall Configuration Verification 306Sample Security Policy Configuration 306
Contents xvii
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xvii
Firewall Examples 308Residential Example 309Business Example 309
Filters 311Adding / Editing Filters 311Next Hop Traffic Filter 314
NAT 315Types of Address Translation 315
Dynamic Many-to-One NAT 316Dynamic Many-to-Many NAT 317Static One-to-One NAT 318Port Forwarding NAT 319Double NAT 320IPSec Aware NAT 321
NAT Modes 322Full Cone NAT 322Restricted Cone NAT 322Port Restricted Cone NAT 323Symmetric NAT 324
NAT Traversal 325NAT and VoIP 326Address/Port Discovery 327NAT Usage 327
Branch Office Tunnel NAT 328Interface NAT 329Dynamic Routing Protocols 329
Configuring a NAT Policy 330NAT Policy Sets 330Creating Rules 331
NAT ALG for SIP 331Application Level Gateways 331Configuring NAT ALG for SIP 332
Firewall SIP ALG 332Hairpinning 332
Hairpinning with SIP 333Hairpinning with a UNIStim Call Server 333Hairpinning with a STUN Server 333Hairpinning Requirements 334Hairpinning Configuration 334
Time-Outs 334NAT Statistics 334Proxy ARP 335
Summary 335
xviii Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xviii
Chapter 8 Overview of Ethernet LANs and Network Routing 337Ethernet Networking 338
Basic Physical Topology Types 339Bus Topology 339Star Topology 339
Carrier Sense Multiple Access with Collision Detection 340Ethernet Variants 341
Traditional Ethernet 342Fast Ethernet 342Gigabit Ethernet 343
Network Cables 343Coaxial Cable 343
Twisted-Pair 344Fiber-Optic 345
Data Transmission Modes 346Simplex 346Half-Duplex 346Full-Duplex 347
Collision Domains 347Broadcast Domains 348Network Addressing 349
Media Access Control (MAC Addressing) 350Internet Protocol (IP Addressing) 351Address Resolution Protocol 351Reverse Address Resolution Protocol 353
Virtual Local Area Network 353Network Routing 355
Routing Basics 356Routing Tables 358Routing Algorithms 359
Distance-Vector Routing 360Link-State Routing 361
Routing Protocols 362Routing Protocol Types 363Routing Protocol Concepts 363
Routing Information Protocol 364RIP History Overview 366RIP Route Determination 367RIP Updates 368
RIP Request 368RIP Response 368Timelines 369
Open Shortest Path First 370OSPF History 371OSPF Considerations 371
Router Unique Name 372Adjacencies 372OSPF Processes 372
Contents xix
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xix
OSPF Areas 373OSPF Overview 374
Hello Messages 375LSDB 375Shortest Path First 375
Border Gateway Protocol 376BGP History 376BGP Overview 376
BGP Topologies 377Routing Concepts 378Routing Information 379
Path Vector Routing Algorithm 380Virtual Router Redundancy Protocol 381
VRRP Failover 382Summary 382
Chapter 9 Tunneling, VoIP, and Other Features 385Layer 2 Forwarding 386Point-to-Point Tunneling Protocol 390Layer 2 Tunneling Protocol 396IP Security Tunneling Protocol 400Quality of Service 405Voice over IP 410Point-to-Point Protocol over Ethernet 413Client Address Redistribution 416Circuitless IP 418Backup Interface Services 419Summary 421
Chapter 10 The Nortel VPN Client 423Overview of the Nortel VPN Client 424
Operating System Compatibility 424Supported Operating Systems 425
Operating Systems Supported Prior to the Nortel VPN Client Version 4.91 426
Operating Systems Supported in the Nortel VPN Client Version 6.01 426
Optional Licensing Operating Systems Supported 426Installing the Nortel VPN Client 426Using the Nortel VPN Client 433
Status and Monitoring 434VPN Client Main Menu Items 435
The File Menu Option 436The Edit Menu Option 437The Options Menu Option 437The Help Menu Option 439
xx Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xx
Nortel VPN Client Customization 440VPN Custom Client Installation Modes 441VPN Customer Client Group Profiles Overview 442VPN Custom Client Icons and Custom Bitmaps 442
VPN Client Event Logging and Keepalives Overview 442VPN Client Event Log 443VPN Client Keepalive 445
Internet Security Association and Key Management Protocol Keepalive 446
Network Address Translation Traversal Keepalive 446Silent Keepalive 447
IPSec Mobility 447Security Banner 449Split Tunneling 451
Considerations 453Inverse Split Tunneling 454
Support for All Zeros Addressing in Inverse Split Mode 455TunnelGuard 455
TunnelGuard Daemon 455Software Requirement Set Builder 456TunnelGuard Agent 456TunnelGuard Features Overview 457
TunnelGuard Icon Information 457TunnelGuard Installation Considerations 457TunnelGuard Event Logs 457Banner Messages 458
VPN Client Failover 458Summary 461
Chapter 11 VPN Router Administration Lab Exercises 463Installing the VPN Client Software 464
Lab Requirements 464Lab Setup 464Lab Summary 465
Initial Setup of the Nortel VPN Router 465Lab Requirements 465Lab Setup 466Lab Summary 468
Enabling and Using VPN Client Logging 468Lab Requirements 468Lab Setup 468Lab Summary 469
Configuring Groups 469Lab Requirements 469Lab Setup 469Lab Summary 470
Contents xxi
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xxi
Configuring Users 471Lab Requirements 471Lab Setup 471Lab Summary 472
Configuring Client Failover 473Lab Requirements 473Lab Setup 473Lab Summary 475
Configuring IPSec Mobility 475Lab Requirements 475Lab Setup 476Lab Summary 477
Configuring Automatic Backups 477Lab Requirements 477Lab Setup 477Lab Summary 479
Configuring a Peer-to-Peer Branch Office Tunnel 479Lab Requirements 479Lab Setup 480Lab Summary 482
Configuring RIP Routing 482Lab Requirements 482Lab Setup 482Lab Summary 483
Configuring Network Time Protocol 484Lab Requirements 484Lab Setup 484Lab Summary 487
Configuring DHCP Server 488Lab Requirements 488Lab Setup 488
DHCP Relay Lab 489DHCP Server Lab 491
Lab Summary 492Configuring the Nortel 100 VPN Router 492
Lab Requirements 492Lab Setup 493
Basic Configuration Lab 493Tunneling Lab 495
Lab Summary 502Configuring CLIP for Management IP Address 502
Lab Requirements 503Lab Setup 503Lab Summary 505
Configuring Administrator User Tunnels 505Lab Requirements 505Lab Setup 506Lab Summary 511
xxii Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xxii
Configuring Syslog Server 512Lab Requirements 512Lab Setup 513Lab Summary 515
Configuring User IP Address Pools 515Lab Requirements 515Lab Setup 516
Configuring User IP Address Assignment Using DHCP Lab 516Configuring User IP Address Assignment Using
Address Pool Lab 519Lab Summary 521
Client Address Redistribution Configuration 521Lab Requirements 522Lab Setup 522Lab Summary 526
Summary 527
Chapter 12 Troubleshooting Overview 529Overview of Network Troubleshooting 530Logical Steps 530
Make Sure You Understand the Problem 530Diagnosing the Problem 531Testing 531Reaching a Resolution 532
TCP/IP Utilities 533Ping 533Traceroute 536Routing Tables 538Netstat 539IPconfig 541
Other Troubleshooting Tools 541Packet Sniffer 542Cable Testing 543Network Management Station 544
Nortel VPN Router Troubleshooting 545Tools 546
Console Cable 546Crossover Cable 548System Recovery Disk 548Laptop 549FTP Server 551FTP Client 552
VPN Router System Recovery 553System Recovery for Disk-Based Versions 554
System Restore Option 555Reformat Hard Disk Option 557Apply New Version Option 557
Contents xxiii
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xxiii
Perform File Maintenance option 557View Event Log Option 557Restart System 558
System Recovery for Diskless Versions 558System Restore Option 559Reformat Hard Disk Option 559Apply New Version Option 559Perform File Maintenance Option 559View Event Log Option 561
Use of the Nortel VPN Router Reporting Utilities 562Status 563
Sessions 564Reports 566System 566Health Check 568Statistics 569Accounting 571Security Log 572Config Log 574System Log 574Event Log 576
Admin Tools 577Ping 578Trace Route 579ARP 581
Packet Capture 582General Network Proactive Measures 584
Perform Regular Backups 585Research 585Always Have a System Recovery Disk Available 586Dial Access for Support Personnel 587Knowledge Sharing 587Documentation 588Upgrades and Configuration Changes 588
Research 589Pre-Testing 590Action Plan 590
Nortel Support 591Summary 592
Appendix A Abbreviation and Acronym Reference Listing 593
Appendix B Command Line Interpreter Commands 613Access via Console Connection 614Access via Telnet Session 615User EXEC Mode 615
help Command 616File System Commands 616
xxiv Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xxiv
who Command 619terminal Command 619verify Command 619reset Command 620exit Command 620IP Connectivity Commands 620clear Command 621show Commands 622
show version Command 623show flash Command 623show admin Command 625show file Command 625show clock Command 625show ip Command 626show ip route Command 626show ip interface Command 627show ip traffic Command 627show services Command 629show switch-settings Command 630
enable Command 631Privileged EXEC Mode 631
clear Command 632reset Command 633show Command 633
show all Command 635show current-config-file Command 636show dhcp Command 636show health Command 636show interface Command 638show ip Command 639show hosts Command 641show ipsec Command 642show logging Command 643show ntp command 644show router Command 644show snmp Command 645show software Command 645show status Command 646show system Command 647show running Configuration Command 647
boot Command 654capture Command 654create Command 655delete Command 656forced-logoff Command 656kill Command 656mkdir Command 657rmdir Command 657
Contents xxv
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xxv
more Command 657reformat Command 658reload Command 658rename Command 659retrieve Command 659
Global Configuration Mode 660Summary 663
Appendix C Related Request for Comments Reference Guide 665
Appendix D References and Resources 687Nortel Networks Documentation 687RFCs 688Internet Resources 689
Index 691
xxvi Contents
02_781274 ftoc.qxp 6/21/06 10:06 PM Page xxvi
Words cannot describe the mixture of emotions that we have experienced overthe past few months in trying to complete this book. From the uncertainty andthe nervousness we experienced when the concept of the book was first dis-cussed, to the excitement of penning the very last word, it is certain that wehave many memories to forever replay in our minds. The challenges that wereput before all of the individuals who assisted in the development and enrich-ment of this book were many, but everyone pulled together to ensure that thisproject reached completion. For this, we are very thankful.
We would first like to thank Jamie Turbyne. This book was his brainchildand would not have been written had he not had the vision to pursue it. Wewere sad that Jamie was eventually unable to participate in the developmentof the book, but life happens. We will always be grateful to Jamie and his con-tribution to the launch of this book.
We would also like to thank one another for being co-authors. Not only forthe portions of the book that each of us individually wrote, but also for thesupport we gave to one another during the submission process. There is noway that this could have been completed without that teamwork.
We would also like to thank all of the people from Wiley that were involvedwith this book. A special thank you goes to our developmental editor, KevinShafer, and to the acquisitions editor, Carol Long, for all of the time they spenthelping us keep this project rolling.
Finally, a special thank you goes out to our families and close friends forbeing patient and understanding about the amount of time that we had tospend working on this book. All of the help and sacrifices that you all madehelped ensure that we had the time to work on and to complete this book.Without you all, this would have never been possible.
Acknowledgments
xxvii
03_781274 flast.qxp 6/21/06 10:06 PM Page xxvii
03_781274 flast.qxp 6/21/06 10:06 PM Page xxviii