Fido FireBrick FB2700 User manual
FireBrick FB2700
User Manual
FB2700 Versatile Network Appliance
FireBrick FB2700 User Manual
This User Manual documents Software version V1.41.000
Copyright © 2012-2015 FireBrick Ltd.
iv
Table of Contents
Preface .................................................................................................................................. xxi
1. Introduction .......................................................................................................................... 1
1.1. The FB2700 ............................................................................................................... 1
1.1.1. Where do I start? .............................................................................................. 1
1.1.2. What can it do? ................................................................................................ 1
1.1.3. Ethernet port capabilities .................................................................................... 2
1.1.4. Differences between the devices in the FB2x00 series .............................................. 2
1.1.5. Software features .............................................................................................. 2
1.1.6. Migration from previous FireBrick models ............................................................ 2
1.2. About this Manual ....................................................................................................... 3
1.2.1. Version ........................................................................................................... 3
1.2.2. Intended audience ............................................................................................. 3
1.2.3. Technical details ............................................................................................... 3
1.2.4. Document style ................................................................................................. 3
1.2.5. Document conventions ....................................................................................... 4
1.2.6. Comments and feedback .................................................................................... 4
1.3. Additional Resources ................................................................................................... 4
1.3.1. Technical Support ............................................................................................. 4
1.3.2. IRC Channel .................................................................................................... 5
1.3.3. Application Notes ............................................................................................. 5
1.3.4. White Papers .................................................................................................... 5
1.3.5. Training Courses ............................................................................................... 5
2. Getting Started ...................................................................................................................... 6
2.1. IP addressing .............................................................................................................. 6
2.2. Accessing the web-based user interface ........................................................................... 6
2.2.1. Add a new user ................................................................................................ 7
3. Configuration ........................................................................................................................ 9
3.1. The Object Hierarchy ................................................................................................... 9
3.2. The Object Model ....................................................................................................... 9
3.2.1. Formal definition of the object model ................................................................. 10
3.2.2. Common attributes .......................................................................................... 10
3.3. Configuration Methods ............................................................................................... 10
3.4. Web User Interface Overview ...................................................................................... 10
3.4.1. User Interface layout ........................................................................................ 11
3.4.1.1. Customising the layout .......................................................................... 11
3.4.2. Config pages and the object hierarchy ................................................................. 12
3.4.2.1. Configuration categories ......................................................................... 12
3.4.2.2. Object settings ...................................................................................... 13
3.4.3. Navigating around the User Interface .................................................................. 15
3.4.4. Backing up / restoring the configuration .............................................................. 16
3.5. Configuration using XML ........................................................................................... 16
3.5.1. Introduction to XML ........................................................................................ 16
3.5.2. The root element - <config> ............................................................................. 17
3.5.3. Viewing or editing XML .................................................................................. 17
3.5.4. Example XML configuration ............................................................................. 17
3.6. Downloading/Uploading the configuration ...................................................................... 19
3.6.1. Download ...................................................................................................... 19
3.6.2. Upload .......................................................................................................... 20
4. System Administration .......................................................................................................... 21
4.1. User Management ...................................................................................................... 21
4.1.1. Login level ..................................................................................................... 21
4.1.2. Configuration access level ................................................................................ 22
4.1.3. Login idle timeout ........................................................................................... 22
4.1.4. Restricting user logins ...................................................................................... 22
FireBrick FB2700 User Manual
v
4.1.4.1. Restrict by IP address ............................................................................ 22
4.1.4.2. Logged in IP address ............................................................................. 23
4.1.4.3. Restrict by profile ................................................................................. 23
4.1.5. One Time Password ......................................................................................... 23
4.2. General System settings .............................................................................................. 24
4.2.1. System name (hostname) .................................................................................. 24
4.2.2. Administrative details ...................................................................................... 24
4.2.3. System-level event logging control ..................................................................... 24
4.2.4. Home page web links ...................................................................................... 24
4.2.5. Password hashing ............................................................................................ 25
4.3. Software Upgrades ..................................................................................................... 25
4.3.1. Software release types ...................................................................................... 26
4.3.1.1. Breakpoint releases ............................................................................... 26
4.3.2. Identifying current software version .................................................................... 26
4.3.3. Internet-based upgrade process .......................................................................... 27
4.3.3.1. Manually initiating upgrades ................................................................... 27
4.3.3.2. Controlling automatic software updates ..................................................... 27
4.3.4. Manual upgrade .............................................................................................. 28
4.4. Boot Process ............................................................................................................. 28
4.4.1. LED indications .............................................................................................. 28
4.4.1.1. Power LED status indications ................................................................. 28
4.4.1.2. Port LEDs ........................................................................................... 29
5. Event Logging ..................................................................................................................... 30
5.1. Overview .................................................................................................................. 30
5.1.1. Log targets ..................................................................................................... 30
5.1.1.1. Logging to Flash memory ...................................................................... 30
5.1.1.2. Logging to the Console .......................................................................... 31
5.2. Enabling logging ....................................................................................................... 31
5.3. Logging to external destinations ................................................................................... 31
5.3.1. Syslog ........................................................................................................... 31
5.3.2. Email ............................................................................................................ 32
5.3.2.1. E-mail process logging .......................................................................... 33
5.4. Factory reset configuration log targets ........................................................................... 33
5.5. Performance .............................................................................................................. 33
5.6. Viewing logs ............................................................................................................. 33
5.6.1. Viewing logs in the User Interface ..................................................................... 33
5.6.2. Viewing logs in the CLI environment ................................................................. 34
5.7. System-event logging ................................................................................................. 34
5.8. Using Profiles ........................................................................................................... 34
6. Interfaces and Subnets .......................................................................................................... 35
6.1. Relationship between Interfaces and Physical Ports .......................................................... 35
6.1.1. Port groups .................................................................................................... 35
6.1.2. Interfaces ....................................................................................................... 35
6.2. Defining port groups .................................................................................................. 36
6.3. Defining an interface .................................................................................................. 36
6.3.1. Defining subnets ............................................................................................. 37
6.3.1.1. Source filtering ..................................................................................... 38
6.3.1.2. Using DHCP to configure a subnet .......................................................... 38
6.3.2. Setting up DHCP server parameters .................................................................... 38
6.3.2.1. Fixed/Static DHCP allocations ................................................................ 39
6.3.2.2. Restricted allocations ............................................................................. 40
6.3.2.3. Special DHCP options ........................................................................... 41
6.3.3. DHCP Relay Agent ......................................................................................... 41
6.4. Physical port settings .................................................................................................. 41
6.4.1. Disabling auto-negotiation ................................................................................ 42
6.4.2. Setting port speed ............................................................................................ 42
FireBrick FB2700 User Manual
vi
6.4.3. Setting duplex mode ........................................................................................ 42
6.4.4. Defining port LED functions ............................................................................. 42
7. Session Handling ................................................................................................................. 44
7.1. Routing vs. Firewalling ............................................................................................... 44
7.2. Session Tracking ....................................................................................................... 44
7.2.1. Session termination .......................................................................................... 45
7.3. Session Rules ............................................................................................................ 45
7.3.1. Overview ....................................................................................................... 45
7.3.2. Processing flow ............................................................................................... 46
7.3.3. Defining Rule-Sets and Rules ............................................................................ 49
7.3.3.1. Recommended method of implementing firewalling .................................... 50
7.3.3.2. Changes to session traffic ....................................................................... 51
7.3.3.3. Graphing and traffic shaping ................................................................... 52
7.3.3.4. Configuring session time-outs ................................................................. 52
7.3.3.5. Load balancing ..................................................................................... 52
7.4. Network Address Translation ....................................................................................... 53
7.4.1. When to use NAT ........................................................................................... 53
7.4.2. NAT ALGs .................................................................................................... 53
7.4.3. Setting NAT in rules ........................................................................................ 54
7.4.4. What NAT does .............................................................................................. 54
7.4.5. NAT with PPPoE ............................................................................................ 54
7.4.6. NAT with Dongles .......................................................................................... 55
7.4.7. NAT with other types of external routing ............................................................ 55
7.4.8. Mixing NAT and non NAT ............................................................................... 55
7.4.9. Carrier grade NAT .......................................................................................... 55
7.4.10. Using NAT setting on subnets ......................................................................... 56
8. Routing .............................................................................................................................. 57
8.1. Routing logic ............................................................................................................ 57
8.2. Routing targets .......................................................................................................... 58
8.2.1. Subnet routes .................................................................................................. 58
8.2.2. Routing to an IP address (gateway route) ............................................................. 58
8.2.3. Special targets ................................................................................................ 59
8.3. Dynamic route creation / deletion ................................................................................. 59
8.4. Routing tables ........................................................................................................... 59
8.5. Bonding ................................................................................................................... 60
8.6. Route overrides ......................................................................................................... 60
9. Profiles ............................................................................................................................... 62
9.1. Overview .................................................................................................................. 62
9.2. Creating/editing profiles .............................................................................................. 62
9.2.1. Timing control ................................................................................................ 62
9.2.2. Tests ............................................................................................................. 63
9.2.2.1. General tests ........................................................................................ 63
9.2.2.2. Time/date tests ..................................................................................... 63
9.2.2.3. Ping tests ............................................................................................. 63
9.2.3. Inverting overall test result ................................................................................ 64
9.2.4. Manual override .............................................................................................. 64
10. Traffic Shaping .................................................................................................................. 65
10.1. Graphs and Shapers .................................................................................................. 65
10.1.1. Graphs ......................................................................................................... 65
10.1.2. Shapers ........................................................................................................ 66
10.1.3. Ad hoc shapers ............................................................................................. 66
10.1.4. Long term shapers ......................................................................................... 66
10.2. Multiple shapers ...................................................................................................... 67
10.3. Basic principles ....................................................................................................... 67
11. PPPoE .............................................................................................................................. 68
11.1. Types of DSL line and router in the United Kingdom ..................................................... 68
FireBrick FB2700 User Manual
vii
11.2. Definining PPPoE links ............................................................................................. 69
11.2.1. IPv6 ............................................................................................................ 69
11.2.2. Additional options ......................................................................................... 69
11.2.2.1. MTU and TCP fix ............................................................................... 69
11.2.2.2. Service and ac-name ............................................................................ 70
11.2.2.3. Logging ............................................................................................. 70
11.2.2.4. Speed and graphs ................................................................................ 70
12. Tunnels ............................................................................................................................. 71
12.1. IPsec (IP Security) ................................................................................................... 71
12.1.1. Introduction .................................................................................................. 71
12.1.1.1. Integrity checking ................................................................................ 71
12.1.1.2. Encryption ......................................................................................... 71
12.1.1.3. Authentication .................................................................................... 72
12.1.1.4. IKE ................................................................................................... 72
12.1.1.5. Manual Keying ................................................................................... 72
12.1.1.6. Identities and the Authentication Mechanism ............................................ 73
12.1.2. Setting up IPsec connections ........................................................................... 73
12.1.2.1. Global IPsec parameters ....................................................................... 73
12.1.2.2. IKE proposals ..................................................................................... 74
12.1.2.3. IKE roaming IP pools .......................................................................... 74
12.1.2.4. IKE connections .................................................................................. 74
12.1.2.4.1. IKE connection mode and type ................................................... 74
12.1.2.4.2. IKE and IPsec proposal lists ....................................................... 74
12.1.2.4.3. Authentication and IKE identities ................................................ 75
12.1.2.4.4. IP addresses ............................................................................. 75
12.1.2.4.5. Road Warrior connections .......................................................... 76
12.1.2.4.6. Routing ................................................................................... 76
12.1.2.4.7. Other parameters ...................................................................... 76
12.1.2.5. Setting up Manual Keying .................................................................... 76
12.1.2.5.1. IP endpoints ............................................................................. 77
12.1.2.5.2. Algorithms and keys ................................................................. 77
12.1.2.5.3. Routing ................................................................................... 77
12.1.2.5.4. Mode ...................................................................................... 77
12.1.2.5.5. Other parameters ...................................................................... 78
12.1.3. Using EAP with IPsec/IKE ............................................................................. 78
12.1.4. Using certificates with IPsec/IKE ..................................................................... 78
12.1.4.1. Creating certificates ............................................................................. 80
12.1.5. Choice of algorithms ...................................................................................... 80
12.1.6. NAT Traversal .............................................................................................. 81
12.1.7. Configuring a Road Warrior server ................................................................... 82
12.1.8. Connecting to non-FireBrick devices ................................................................. 83
12.1.8.1. Using StrongSwan on Linux ................................................................. 83
12.1.8.2. Setting up a Road Warrior VPN on an Android client ................................ 84
12.1.8.3. Setting up a Road Warrior VPN on an iOS (iPhone/iPad) client .................... 85
12.1.8.4. Manual keying using Linux ipsec-tools ................................................... 85
12.2. FB105 tunnels ......................................................................................................... 86
12.2.1. Tunnel wrapper packets .................................................................................. 87
12.2.2. Setting up a tunnel ......................................................................................... 87
12.2.3. Viewing tunnel status ..................................................................................... 88
12.2.4. Dynamic routes ............................................................................................. 88
12.2.5. Tunnel bonding ............................................................................................. 88
12.2.6. Tunnels and NAT .......................................................................................... 88
12.2.6.1. FB2700 doing NAT ............................................................................. 89
12.2.6.2. Another device doing NAT ................................................................... 89
12.3. Ether tunnelling ....................................................................................................... 89
13. USB Port .......................................................................................................................... 91
FireBrick FB2700 User Manual
viii
13.1. USB configuration .................................................................................................... 91
13.1.1. 3G dongle configuration ................................................................................. 91
14. System Services ................................................................................................................. 92
14.1. Protecting the FB2700 .............................................................................................. 92
14.2. Common settings ..................................................................................................... 92
14.3. HTTP Server configuration ........................................................................................ 93
14.3.1. Access control ............................................................................................... 93
14.3.1.1. Trusted addresses ................................................................................ 93
14.4. Telnet Server configuration ........................................................................................ 94
14.4.1. Access control ............................................................................................... 94
14.5. DNS configuration ................................................................................................... 94
14.5.1. Blocking DNS names ..................................................................................... 94
14.5.2. Local DNS responses ..................................................................................... 94
14.5.3. Auto DHCP DNS .......................................................................................... 95
14.6. NTP configuration .................................................................................................... 95
14.7. SNMP configuration ................................................................................................. 95
14.8. RADIUS configuration .............................................................................................. 95
14.8.1. RADIUS server (platform RADIUS) ................................................................. 95
14.8.2. RADIUS client .............................................................................................. 95
14.8.2.1. RADIUS client settings ........................................................................ 96
14.8.2.2. Server blacklisting ............................................................................... 96
15. Network Diagnostic Tools .................................................................................................... 97
15.1. Firewalling check ..................................................................................................... 97
15.2. Access check ........................................................................................................... 98
15.3. Packet Dumping ...................................................................................................... 98
15.3.1. Dump parameters ........................................................................................... 99
15.3.2. Security settings required ................................................................................ 99
15.3.3. IP address matching ..................................................................................... 100
15.3.4. Packet types ................................................................................................ 100
15.3.5. Snaplen specification .................................................................................... 100
15.3.6. Using the web interface ................................................................................ 100
15.3.7. Using an HTTP client ................................................................................... 101
15.3.7.1. Example using curl and tcpdump .......................................................... 101
16. VRRP ............................................................................................................................. 102
16.1. Virtual Routers ...................................................................................................... 102
16.2. Configuring VRRP ................................................................................................. 103
16.2.1. Advertisement Interval .................................................................................. 103
16.2.2. Priority ....................................................................................................... 103
16.3. Using a virtual router .............................................................................................. 103
16.4. VRRP versions ...................................................................................................... 103
16.4.1. VRRP version 2 .......................................................................................... 103
16.4.2. VRRP version 3 .......................................................................................... 104
16.5. Compatibility ......................................................................................................... 104
17. VoIP ............................................................................................................................... 105
17.1. What is VoIP? ....................................................................................................... 105
17.2. Registration and Proxies .......................................................................................... 105
17.2.1. Registrar ..................................................................................................... 105
17.2.2. Proxy ......................................................................................................... 105
17.3. Home/office phone system ....................................................................................... 106
17.4. Network Address Translation .................................................................................... 106
17.5. Number plan .......................................................................................................... 107
17.6. Telephone handsets ................................................................................................. 107
17.7. VoIP call carriers ................................................................................................... 108
17.8. Hunt groups ........................................................................................................... 109
17.8.1. Ring Type .................................................................................................. 109
17.8.2. Ring order .................................................................................................. 110
FireBrick FB2700 User Manual
ix
17.8.3. Overflow .................................................................................................... 110
17.8.4. Out of hours ............................................................................................... 110
17.9. Call pickup/steal ..................................................................................................... 110
17.10. Busy lamp field .................................................................................................... 111
17.11. Using RADIUS .................................................................................................... 111
17.11.1. RADIUS accounting ................................................................................... 111
17.11.2. RADIUS authentication ............................................................................... 111
17.11.2.1. Call routing by RADIUS ................................................................... 112
17.12. Call recording ...................................................................................................... 113
17.13. Voicemail and IVR services ................................................................................... 114
17.14. Call Data Records ................................................................................................. 114
17.15. Technical details ................................................................................................... 115
17.16. Custom tones ....................................................................................................... 115
18. BGP ............................................................................................................................... 117
18.1. What is BGP? ........................................................................................................ 117
18.2. BGP Setup ............................................................................................................ 117
18.2.1. Overview .................................................................................................... 117
18.2.2. Standards .................................................................................................... 117
18.2.3. Simple example setup ................................................................................... 118
18.2.4. Peer type .................................................................................................... 118
18.2.5. Route filtering ............................................................................................. 119
18.2.5.1. Matching attributes ............................................................................ 119
18.2.5.2. Action attributes ................................................................................ 119
18.2.6. Well known community tags .......................................................................... 120
18.2.7. Announcing black hole routes ........................................................................ 120
18.2.8. Announcing dead end routes .......................................................................... 121
18.2.9. Bad optional path attributes ........................................................................... 121
18.2.10. <network> element ..................................................................................... 121
18.2.11. <route>, <subnet> and other elements ............................................................ 121
18.2.12. Route feasibility testing ............................................................................... 121
18.2.13. Diagnostics ................................................................................................ 122
18.2.14. Router shutdown ........................................................................................ 122
18.2.15. TTL security ............................................................................................. 122
19. OSPF .............................................................................................................................. 123
19.1. What is OSPF? ...................................................................................................... 123
19.2. OSPF Setup ........................................................................................................... 123
19.2.1. Overview .................................................................................................... 123
19.2.2. Standards .................................................................................................... 123
19.2.3. Simple example setup ................................................................................... 124
19.2.4. <ospf> configelement ................................................................................... 124
20. Internet Service Providers ................................................................................................... 125
20.1. Background ........................................................................................................... 125
20.1.1. How it all began .......................................................................................... 125
20.1.2. Point to Point Protocol .................................................................................. 125
20.1.3. L2TP ......................................................................................................... 125
20.1.4. Broadband .................................................................................................. 126
20.1.5. RADIUS ..................................................................................................... 126
20.1.6. BGP .......................................................................................................... 126
20.2. Incoming L2TP connections ..................................................................................... 126
20.3. The importance of CQM graphs ................................................................................ 127
20.4. Authentication ........................................................................................................ 127
20.5. Accounting ............................................................................................................ 128
20.6. RADIUS Control messages ...................................................................................... 128
20.7. PPPoE .................................................................................................................. 128
20.8. Typical configuration .............................................................................................. 128
20.8.1. Interlink subnet ............................................................................................ 128
FireBrick FB2700 User Manual
x
20.8.2. BGP with carrier .......................................................................................... 129
20.8.3. RADIUS session steering .............................................................................. 129
20.8.4. L2TP endpoints ........................................................................................... 130
20.8.5. ISP RADIUS ............................................................................................... 130
21. Command Line Interface .................................................................................................... 131
A. Factory Reset Procedure ...................................................................................................... 132
B. CIDR and CIDR Notation ................................................................................................... 134
C. MAC Addresses usage ........................................................................................................ 136
C.1. Multiple MAC addresses? ......................................................................................... 136
C.2. How the FireBrick allocates MAC addresses ................................................................ 137
C.2.1. Interface ...................................................................................................... 137
C.2.2. Subnet ......................................................................................................... 137
C.2.3. PPPoE ......................................................................................................... 137
C.2.4. Base MAC ................................................................................................... 137
C.2.5. Running out of MACs ................................................................................... 138
C.3. MAC address on label .............................................................................................. 138
C.4. Using with a DHCP server ........................................................................................ 139
D. VLANs : A primer ............................................................................................................. 140
E. Supported L2TP Attribute/Value Pairs ................................................................................... 141
E.1. Start-Control-Connection-Request ............................................................................... 141
E.2. Start-Control-Connection-Reply .................................................................................. 141
E.3. Start-Control-Connection-Connected ........................................................................... 142
E.4. Stop-Control-Connection-Notification .......................................................................... 142
E.5. Hello ..................................................................................................................... 142
E.6. Incoming-Call-Request ............................................................................................. 142
E.7. Incoming-Call-Reply ................................................................................................ 143
E.8. Incoming-Call-Connected .......................................................................................... 143
E.9. Outgoing-Call-Request .............................................................................................. 143
E.10. Outgoing-Call-Reply ............................................................................................... 144
E.11. Outgoing-Call-Connected ........................................................................................ 144
E.12. Call-Disconnect-Notify ............................................................................................ 144
E.13. WAN-Error-Notify ................................................................................................. 144
E.14. Set-Link-Info ......................................................................................................... 144
E.15. Notes ................................................................................................................... 145
E.15.1. BT specific notes ......................................................................................... 145
E.15.2. IP over LCP ............................................................................................... 145
F. Supported RADIUS Attribute/Value Pairs for L2TP operation .................................................... 146
F.1. Authentication request .............................................................................................. 146
F.2. Authentication response ............................................................................................ 147
F.2.1. Accepted authentication .................................................................................. 147
F.2.1.1. Prefix Delegation ................................................................................ 148
F.2.2. Rejected authentication ................................................................................... 149
F.3. Accounting Start ...................................................................................................... 149
F.4. Accounting Interim .................................................................................................. 150
F.5. Accounting Stop ...................................................................................................... 151
F.6. Disconnect .............................................................................................................. 151
F.7. Change of Authorisation ........................................................................................... 151
F.8. Filter ID ................................................................................................................. 152
F.9. Notes ..................................................................................................................... 153
F.9.1. L2TP relay ................................................................................................... 153
F.9.2. LCP echo and CQM graphs ............................................................................ 154
F.9.3. IP over LCP ................................................................................................. 154
F.9.4. Closed User Group ........................................................................................ 154
F.9.5. Routing table ................................................................................................ 154
G. Supported RADIUS Attribute/Value Pairs for VoIP operation .................................................... 155
G.1. Authentication request .............................................................................................. 155
FireBrick FB2700 User Manual
xi
G.2. Authentication response ............................................................................................ 156
G.2.1. Challenge authentication ................................................................................ 156
G.2.2. Accepted authentication (registration) ............................................................... 156
G.2.3. Accepted authentication (invite) ....................................................................... 156
G.2.4. Rejected authentication .................................................................................. 157
G.3. Accounting Start ..................................................................................................... 157
G.4. Accounting Interim .................................................................................................. 157
G.5. Accounting Stop ...................................................................................................... 158
G.6. Disconnect ............................................................................................................. 158
G.7. Change of Authorisation ........................................................................................... 159
H. FireBrick specific SNMP objects .......................................................................................... 160
H.1. BGP information ..................................................................................................... 160
H.2. L2TP information .................................................................................................... 160
H.3. Monitoring information ............................................................................................ 161
I. Command line reference ....................................................................................................... 162
I.1. General commands .................................................................................................... 162
I.1.1. Trace off ...................................................................................................... 162
I.1.2. Trace on ....................................................................................................... 162
I.1.3. Uptime ......................................................................................................... 162
I.1.4. General status ................................................................................................ 162
I.1.5. Memory usage ............................................................................................... 162
I.1.6. Process/task usage .......................................................................................... 162
I.1.7. Login ........................................................................................................... 162
I.1.8. Logout ......................................................................................................... 163
I.1.9. See XML configuration ................................................................................... 163
I.1.10. Load XML configuration ............................................................................... 163
I.1.11. Show profile status ....................................................................................... 163
I.1.12. Enable profile control switch .......................................................................... 163
I.1.13. Disable profile control switch ......................................................................... 163
I.1.14. Show RADIUS servers .................................................................................. 163
I.1.15. Show DNS resolvers ..................................................................................... 163
I.2. Networking commands .............................................................................................. 164
I.2.1. Subnets ......................................................................................................... 164
I.2.2. Ping and trace ............................................................................................... 164
I.2.3. Show a route from the routing table .................................................................. 164
I.2.4. List routes ..................................................................................................... 164
I.2.5. List routing next hops ..................................................................................... 164
I.2.6. See DHCP allocations ..................................................................................... 165
I.2.7. Clear DHCP allocations .................................................................................. 165
I.2.8. Lock DHCP allocations ................................................................................... 165
I.2.9. Unlock DHCP allocations ................................................................................ 165
I.2.10. Name DHCP allocations ................................................................................ 165
I.2.11. Show ARP/ND status .................................................................................... 165
I.2.12. Show VRRP status ....................................................................................... 165
I.2.13. Send Wake-on-LAN packet ............................................................................ 165
I.3. Firewalling commands ............................................................................................... 166
I.3.1. Check access to services .................................................................................. 166
I.3.2. Check firewall logic ....................................................................................... 166
I.4. USB/dongle commands .............................................................................................. 166
I.4.1. Show dongle connectoons ................................................................................ 166
I.4.2. Reset USB interface and all attached devices ...................................................... 166
I.4.3. Reset PPP/Dongle data connection .................................................................... 166
I.5. L2TP commands ...................................................................................................... 166
I.6. BGP commands ........................................................................................................ 166
I.7. OSPF commands ...................................................................................................... 167
I.8. PPPoE commands ..................................................................................................... 167
FireBrick FB2700 User Manual
xii
I.9. VoIP commands ....................................................................................................... 167
I.10. Dongle/USB commands ........................................................................................... 167
I.11. Advanced commands ............................................................................................... 167
I.11.1. Panic .......................................................................................................... 167
I.11.2. Reboot ........................................................................................................ 167
I.11.3. Screen width ................................................................................................ 167
I.11.4. Make outbound command session ................................................................... 168
I.11.5. Show command sessions ................................................................................ 168
I.11.6. Kill command session ................................................................................... 168
I.11.7. Flash memory list ......................................................................................... 168
I.11.8. Delete block from flash ................................................................................. 168
I.11.9. Boot log ...................................................................................................... 168
I.11.10. Flash log ................................................................................................... 168
J. Constant Quality Monitoring - technical details ........................................................................ 169
J.1. Broadband back-haul providers ................................................................................... 169
J.2. Access to graphs and csvs .......................................................................................... 169
J.2.1. Trusted access ............................................................................................... 169
J.2.2. Dated information .......................................................................................... 170
J.2.3. Authenticated access ....................................................................................... 170
J.3. Graph display options ............................................................................................... 170
J.3.1. Data points ................................................................................................... 170
J.3.2. Additional text ............................................................................................... 171
J.3.3. Other colours and spacing ............................................................................... 171
J.4. Overnight archiving .................................................................................................. 171
J.4.1. Full URL format ............................................................................................ 172
J.4.2. load handling ................................................................................................ 172
J.5. Graph scores ............................................................................................................ 172
J.6. Creating graphs, and graph names ............................................................................... 173
K. Configuration Objects ......................................................................................................... 174
K.1. Top level ............................................................................................................... 174
K.1.1. config: Top level config ................................................................................. 174
K.2. Objects .................................................................................................................. 175
K.2.1. system: System settings .................................................................................. 175
K.2.2. link: Web links ............................................................................................. 176
K.2.3. user: Admin users ......................................................................................... 176
K.2.4. eap: User access controlled by EAP ................................................................. 177
K.2.5. log: Log target controls .................................................................................. 177
K.2.6. log-syslog: Syslog logger settings .................................................................... 178
K.2.7. log-email: Email logger settings ...................................................................... 178
K.2.8. services: System services ............................................................................... 179
K.2.9. snmp-service: SNMP service settings ............................................................... 179
K.2.10. ntp-service: NTP service settings ................................................................... 179
K.2.11. telnet-service: Telnet service settings .............................................................. 180
K.2.12. http-service: HTTP service settings ................................................................. 181
K.2.13. dns-service: DNS service settings ................................................................... 181
K.2.14. dns-host: Fixed local DNS host settings .......................................................... 182
K.2.15. dns-block: Fixed local DNS blocks ................................................................. 182
K.2.16. radius-service: RADIUS service definition ....................................................... 183
K.2.17. radius-service-match: Matching rules for RADIUS service .................................. 184
K.2.18. radius-server: RADIUS server settings ............................................................ 185
K.2.19. ethernet: Physical port controls ...................................................................... 186
K.2.20. portdef: Port grouping and naming ................................................................. 186
K.2.21. interface: Port-group/VLAN interface settings .................................................. 187
K.2.22. subnet: Subnet settings ................................................................................. 188
K.2.23. vrrp: VRRP settings ..................................................................................... 189
K.2.24. dhcps: DHCP server settings ......................................................................... 189
FireBrick FB2700 User Manual
xiii
K.2.25. dhcp-attr-hex: DHCP server attributes (hex) ..................................................... 190
K.2.26. dhcp-attr-string: DHCP server attributes (string) ............................................... 190
K.2.27. dhcp-attr-number: DHCP server attributes (numeric) .......................................... 191
K.2.28. dhcp-attr-ip: DHCP server attributes (IP) ......................................................... 191
K.2.29. pppoe: PPPoE settings .................................................................................. 191
K.2.30. ppp-route: PPP routes .................................................................................. 193
K.2.31. usb: USB 3G/dongle settings ......................................................................... 193
K.2.32. dongle: 3G/dongle settings ............................................................................ 193
K.2.33. route: Static routes ...................................................................................... 195
K.2.34. network: Locally originated networks ............................................................. 195
K.2.35. blackhole: Dead end networks ....................................................................... 196
K.2.36. loopback: Locally originated networks ............................................................ 196
K.2.37. ospf: Overall OSPF settings .......................................................................... 197
K.2.38. namedbgpmap: Mapping and filtering rules of BGP prefixes ............................... 198
K.2.39. bgprule: Individual mapping/filtering rule ........................................................ 198
K.2.40. bgp: Overall BGP settings ............................................................................ 198
K.2.41. bgppeer: BGP peer definitions ....................................................................... 199
K.2.42. bgpmap: Mapping and filtering rules of BGP prefixes ........................................ 201
K.2.43. cqm: Constant Quality Monitoring settings ...................................................... 201
K.2.44. l2tp: L2TP settings ...................................................................................... 203
K.2.45. l2tp-outgoing: L2TP settings for outgoing L2TP connections ............................... 203
K.2.46. l2tp-incoming: L2TP settings for incoming L2TP connections ............................. 205
K.2.47. l2tp-relay: Relay and local authentication rules for L2TP .................................... 206
K.2.48. fb105: FB105 tunnel definition ...................................................................... 207
K.2.49. fb105-route: FB105 routes ............................................................................ 208
K.2.50. ipsec-ike: IPsec configuration (IKEv2) ............................................................ 209
K.2.51. ike-connection: connection configuration ......................................................... 209
K.2.52. ipsec-route: IPsec tunnel routes ...................................................................... 211
K.2.53. ike-roaming: IKE roaming IP pools ................................................................ 211
K.2.54. ike-proposal: IKE security proposal ................................................................ 212
K.2.55. ipsec-proposal: IPsec AH/ESP proposal ........................................................... 212
K.2.56. ipsec-manual: peer configuration .................................................................... 212
K.2.57. ping: Ping/graph definition ............................................................................ 214
K.2.58. profile: Control profile ................................................................................. 214
K.2.59. profile-date: Test passes if within any of the time ranges specified ........................ 215
K.2.60. profile-time: Test passes if within any of the date/time ranges specified ................. 215
K.2.61. profile-ping: Test passes if any addresses are pingable ....................................... 216
K.2.62. shaper: Traffic shaper .................................................................................. 216
K.2.63. shaper-override: Traffic shaper override based on profile .................................... 217
K.2.64. ip-group: IP Group ...................................................................................... 217
K.2.65. route-override: Routing override rules ............................................................. 217
K.2.66. session-route-rule: Routing override rule ......................................................... 218
K.2.67. session-route-share: Route override load sharing ............................................... 219
K.2.68. rule-set: Firewall/mapping rule set .................................................................. 219
K.2.69. session-rule: Firewall rules ............................................................................ 220
K.2.70. session-share: Firewall load sharing ................................................................ 221
K.2.71. voip: Voice over IP config ............................................................................ 221
K.2.72. carrier: VoIP carrier details ........................................................................... 223
K.2.73. telephone: VoIP telephone authentication user details ......................................... 224
K.2.74. tone: Tone definitions .................................................................................. 225
K.2.75. ringgroup: Ring groups ................................................................................ 225
K.2.76. etun: Ether tunnel ........................................................................................ 226
K.2.77. dhcp-relay: DHCP server settings for remote / relayed requests ............................ 227
K.3. Data types .............................................................................................................. 227
K.3.1. autoloadtype: Type of s/w auto load ................................................................. 227
K.3.2. config-access: Type of access user has to config ................................................. 228
FireBrick FB2700 User Manual
xiv
K.3.3. user-level: User login level ............................................................................. 228
K.3.4. eap-subsystem: Subsystem with EAP access control ............................................ 228
K.3.5. eap-method: EAP access method ..................................................................... 228
K.3.6. syslog-severity: Syslog severity ....................................................................... 228
K.3.7. syslog-facility: Syslog facility ......................................................................... 229
K.3.8. month: Month name (3 letter) ......................................................................... 229
K.3.9. day: Day name (3 letter) ................................................................................ 230
K.3.10. radiuspriority: Options for controlling platform RADIUS response priority
tagging ................................................................................................................. 230
K.3.11. radiustype: Type of RADIUS server ............................................................... 231
K.3.12. port: Physical port ....................................................................................... 231
K.3.13. Crossover: Crossover configuration ................................................................ 231
K.3.14. LinkSpeed: Physical port speed ..................................................................... 231
K.3.15. LinkDuplex: Physical port duplex setting ......................................................... 231
K.3.16. LinkFlow: Physical port flow control setting .................................................... 232
K.3.17. LinkClock: Physical port Gigabit clock master/slave setting ................................ 232
K.3.18. LinkLED: LED settings ................................................................................ 232
K.3.19. LinkPower: PHY power saving options ........................................................... 233
K.3.20. LinkFault: Link fault type to send .................................................................. 233
K.3.21. trunk-mode: Trunk port more ........................................................................ 233
K.3.22. ramode: IPv6 route announce level ................................................................. 233
K.3.23. dhcpv6control: Control for RA and DHCPv6 bits .............................................. 234
K.3.24. bgpmode: BGP announcement mode ............................................................... 234
K.3.25. sfoption: Source filter option ......................................................................... 234
K.3.26. pppoe-mode: Type of PPPoE connection ......................................................... 234
K.3.27. pdp-context-type: Type of IP connection ......................................................... 235
K.3.28. ipsec-type: IPsec encapsulation type ............................................................... 235
K.3.29. ipsec-auth-algorithm: IPsec authentication algorithm .......................................... 235
K.3.30. ipsec-crypt-algorithm: IPsec encryption algorithm ............................................. 235
K.3.31. peertype: BGP peer type ............................................................................... 236
K.3.32. ike-authmethod: authentication method ............................................................ 236
K.3.33. ike-mode: connection setup mode ................................................................... 236
K.3.34. ike-PRF: IKE Pseudo-Random Function .......................................................... 236
K.3.35. ike-DH: IKE Diffie-Hellman group ................................................................ 237
K.3.36. ike-ESN: IKE Sequence Number support ......................................................... 237
K.3.37. ipsec-encapsulation: Manually keyed IPsec encapsulation mode ........................... 237
K.3.38. switch: Profile manual setting ........................................................................ 237
K.3.39. dynamic-graph: Type of dynamic graph .......................................................... 237
K.3.40. firewall-action: Firewall action ...................................................................... 238
K.3.41. voip-format: Number presentation format ........................................................ 238
K.3.42. uknumberformat: Number formatting option .................................................... 238
K.3.43. recordoption: Recording option ...................................................................... 238
K.3.44. ring-group-order: Order of ring ...................................................................... 238
K.3.45. ring-group-type: Type of ring when one call in queue ........................................ 239
K.3.46. record-beep-option: Record beep option .......................................................... 239
K.4. Basic types ............................................................................................................. 239
Index .................................................................................................................................... 242
xv
List of Figures
2.1. Initial web page in factory reset state ...................................................................................... 7
2.2. Initial "Users" page .............................................................................................................. 7
2.3. Setting up a new user .......................................................................................................... 8
2.4. Configuration being stored .................................................................................................... 8
3.1. Main menu ....................................................................................................................... 11
3.2. Icons for layout controls ..................................................................................................... 12
3.3. Icons for configuration categories ......................................................................................... 12
3.4. The "Setup" category .......................................................................................................... 13
3.5. Editing an "Interface" object ................................................................................................ 14
3.6. Show hidden attributes ....................................................................................................... 14
3.7. Attribute definitions ........................................................................................................... 14
3.8. Navigation controls ............................................................................................................ 15
4.1. Setting up a new user ......................................................................................................... 21
4.2. Software upgrade available notification ................................................................................. 27
4.3. Manual Software upload ..................................................................................................... 28
7.1. Example sessions created by drop and reject actions ................................................................ 46
7.2. Processing flow chart for rule-sets and session-rules ................................................................ 48
C.1. Product label showing MAC address range .......................................................................... 138
xvi
List of Tables
2.1. IP addresses for computer ..................................................................................................... 6
2.2. IP addresses to access the FireBrick ....................................................................................... 6
2.3. IP addresses to access the FireBrick ....................................................................................... 6
3.1. Special character sequences ................................................................................................. 17
4.1. User login levels ............................................................................................................... 22
4.2. Configuration access levels .................................................................................................. 22
4.3. General administrative details attributes ................................................................................. 24
4.4. Attributes controlling auto-upgrades ...................................................................................... 27
4.5. Power LED status indications .............................................................................................. 28
5.1. Logging attributes .............................................................................................................. 31
5.2. System-Event Logging attributes .......................................................................................... 34
6.1. Port LED functions ............................................................................................................ 42
6.2. Example modified Port LED functions .................................................................................. 43
7.1. Action attribute values ........................................................................................................ 46
8.1. Example route targets ......................................................................................................... 58
12.1. IPsec algorithm key lengths ............................................................................................... 77
12.2. IKE / IPsec algorithm proposals .......................................................................................... 81
14.1. List of system services ...................................................................................................... 92
14.2. List of system services ...................................................................................................... 93
15.1. Packet dump parameters .................................................................................................... 99
15.2. Packet types that can be captured ...................................................................................... 100
17.1. Ring Type ..................................................................................................................... 109
17.2. Ring Order .................................................................................................................... 110
17.3. Access-Accept ............................................................................................................... 113
17.4. Default tones ................................................................................................................. 115
18.1. Peer types ..................................................................................................................... 118
18.2. Communities ................................................................................................................. 120
18.3. Network attributes .......................................................................................................... 121
19.1. OSPF config attributes .................................................................................................... 124
C.1. DHCP client names used .................................................................................................. 139
E.1. SCCRQ .......................................................................................................................... 141
E.2. SCCRP .......................................................................................................................... 141
E.3. SCCCN .......................................................................................................................... 142
E.4. StopCCN ........................................................................................................................ 142
E.5. HELLO .......................................................................................................................... 142
E.6. ICRQ ............................................................................................................................. 142
E.7. ICRP ............................................................................................................................. 143
E.8. ICCN ............................................................................................................................. 143
E.9. OCRQ ........................................................................................................................... 143
E.10. OCRP .......................................................................................................................... 144
E.11. OCCN .......................................................................................................................... 144
E.12. CDN ............................................................................................................................ 144
E.13. WEN ........................................................................................................................... 144
E.14. SLI .............................................................................................................................. 144
F.1. Access-request ................................................................................................................. 146
F.2. Access-Accept ................................................................................................................. 147
F.3. Access-Reject .................................................................................................................. 149
F.4. Accounting-Start .............................................................................................................. 149
F.5. Accounting-Interim .......................................................................................................... 150
F.6. Accounting-Stop .............................................................................................................. 151
F.7. Disconnect ...................................................................................................................... 151
F.8. Change-of-Authorisation ................................................................................................... 151
F.9. Filter-ID ......................................................................................................................... 152
G.1. Access-request ................................................................................................................ 155
FireBrick FB2700 User Manual
xvii
G.2. Access-Challenge ............................................................................................................ 156
G.3. Access-Accept ................................................................................................................ 156
G.4. Access-Accept ................................................................................................................ 156
G.5. Access-Reject ................................................................................................................. 157
G.6. Accounting-Start ............................................................................................................. 157
G.7. Accounting-Interim .......................................................................................................... 157
G.8. Accounting-Stop .............................................................................................................. 158
G.9. Disconnect ..................................................................................................................... 158
G.10. Change-of-Authorisation ................................................................................................. 159
H.1. iso.3.6.1.4.1.24693.179 ..................................................................................................... 160
H.2. iso.3.6.1.4.1.24693.1701 ................................................................................................... 160
H.3. iso.3.6.1.4.1.24693.5060 ................................................................................................... 161
J.1. File types ........................................................................................................................ 169
J.2. Colours ........................................................................................................................... 170
J.3. Text ............................................................................................................................... 171
J.4. Text ............................................................................................................................... 171
J.5. URL formats ................................................................................................................... 172
K.1. config: Attributes ............................................................................................................ 174
K.2. config: Elements ............................................................................................................. 174
K.3. system: Attributes ............................................................................................................ 175
K.4. system: Elements ............................................................................................................. 176
K.5. link: Attributes ................................................................................................................ 176
K.6. user: Attributes ............................................................................................................... 176
K.7. eap: Attributes ................................................................................................................ 177
K.8. log: Attributes ................................................................................................................. 177
K.9. log: Elements .................................................................................................................. 177
K.10. log-syslog: Attributes ..................................................................................................... 178
K.11. log-email: Attributes ....................................................................................................... 178
K.12. services: Elements ......................................................................................................... 179
K.13. snmp-service: Attributes .................................................................................................. 179
K.14. ntp-service: Attributes ..................................................................................................... 179
K.15. telnet-service: Attributes ................................................................................................. 180
K.16. http-service: Attributes .................................................................................................... 181
K.17. dns-service: Attributes .................................................................................................... 181
K.18. dns-service: Elements ..................................................................................................... 182
K.19. dns-host: Attributes ........................................................................................................ 182
K.20. dns-block: Attributes ...................................................................................................... 182
K.21. radius-service: Attributes ................................................................................................. 183
K.22. radius-service: Elements .................................................................................................. 184
K.23. radius-service-match: Attributes ....................................................................................... 184
K.24. radius-server: Attributes .................................................................................................. 185
K.25. ethernet: Attributes ......................................................................................................... 186
K.26. portdef: Attributes .......................................................................................................... 186
K.27. interface: Attributes ........................................................................................................ 187
K.28. interface: Elements ......................................................................................................... 188
K.29. subnet: Attributes ........................................................................................................... 188
K.30. vrrp: Attributes .............................................................................................................. 189
K.31. dhcps: Attributes ............................................................................................................ 189
K.32. dhcps: Elements ............................................................................................................ 190
K.33. dhcp-attr-hex: Attributes ................................................................................................. 190
K.34. dhcp-attr-string: Attributes ............................................................................................... 191
K.35. dhcp-attr-number: Attributes ............................................................................................ 191
K.36. dhcp-attr-ip: Attributes .................................................................................................... 191
K.37. pppoe: Attributes ........................................................................................................... 191
K.38. pppoe: Elements ............................................................................................................ 193
K.39. ppp-route: Attributes ...................................................................................................... 193
FireBrick FB2700 User Manual
xviii
K.40. usb: Attributes ............................................................................................................... 193
K.41. usb: Elements ................................................................................................................ 193
K.42. dongle: Attributes .......................................................................................................... 193
K.43. dongle: Elements ........................................................................................................... 195
K.44. route: Attributes ............................................................................................................ 195
K.45. network: Attributes ........................................................................................................ 195
K.46. blackhole: Attributes ...................................................................................................... 196
K.47. loopback: Attributes ....................................................................................................... 196
K.48. ospf: Attributes .............................................................................................................. 197
K.49. namedbgpmap: Attributes ................................................................................................ 198
K.50. namedbgpmap: Elements ................................................................................................. 198
K.51. bgprule: Attributes ......................................................................................................... 198
K.52. bgp: Attributes .............................................................................................................. 198
K.53. bgp: Elements ............................................................................................................... 199
K.54. bgppeer: Attributes ......................................................................................................... 199
K.55. bgppeer: Elements ......................................................................................................... 201
K.56. bgpmap: Attributes ......................................................................................................... 201
K.57. bgpmap: Elements ......................................................................................................... 201
K.58. cqm: Attributes .............................................................................................................. 201
K.59. l2tp: Attributes .............................................................................................................. 203
K.60. l2tp: Elements ............................................................................................................... 203
K.61. l2tp-outgoing: Attributes ................................................................................................. 203
K.62. l2tp-outgoing: Elements .................................................................................................. 205
K.63. l2tp-incoming: Attributes ................................................................................................ 205
K.64. l2tp-incoming: Elements ................................................................................................. 206
K.65. l2tp-relay: Attributes ...................................................................................................... 206
K.66. fb105: Attributes ............................................................................................................ 207
K.67. fb105: Elements ............................................................................................................ 208
K.68. fb105-route: Attributes .................................................................................................... 208
K.69. ipsec-ike: Attributes ....................................................................................................... 209
K.70. ipsec-ike: Elements ........................................................................................................ 209
K.71. ike-connection: Attributes ................................................................................................ 209
K.72. ike-connection: Elements ................................................................................................ 211
K.73. ipsec-route: Attributes ..................................................................................................... 211
K.74. ike-roaming: Attributes ................................................................................................... 211
K.75. ike-proposal: Attributes ................................................................................................... 212
K.76. ipsec-proposal: Attributes ................................................................................................ 212
K.77. ipsec-manual: Attributes .................................................................................................. 212
K.78. ipsec-manual: Elements .................................................................................................. 213
K.79. ping: Attributes ............................................................................................................. 214
K.80. profile: Attributes .......................................................................................................... 214
K.81. profile: Elements ........................................................................................................... 215
K.82. profile-date: Attributes .................................................................................................... 215
K.83. profile-time: Attributes ................................................................................................... 215
K.84. profile-ping: Attributes ................................................................................................... 216
K.85. shaper: Attributes ........................................................................................................... 216
K.86. shaper: Elements ............................................................................................................ 216
K.87. shaper-override: Attributes .............................................................................................. 217
K.88. ip-group: Attributes ........................................................................................................ 217
K.89. route-override: Attributes ................................................................................................ 217
K.90. route-override: Elements ................................................................................................. 218
K.91. session-route-rule: Attributes ........................................................................................... 218
K.92. session-route-rule: Elements ............................................................................................ 218
K.93. session-route-share: Attributes .......................................................................................... 219
K.94. rule-set: Attributes ......................................................................................................... 219
K.95. rule-set: Elements .......................................................................................................... 220
FireBrick FB2700 User Manual
xix
K.96. session-rule: Attributes ................................................................................................... 220
K.97. session-rule: Elements .................................................................................................... 221
K.98. session-share: Attributes .................................................................................................. 221
K.99. voip: Attributes ............................................................................................................. 222
K.100. voip: Elements ............................................................................................................. 223
K.101. carrier: Attributes ......................................................................................................... 223
K.102. telephone: Attributes ..................................................................................................... 224
K.103. tone: Attributes ............................................................................................................ 225
K.104. ringgroup: Attributes ..................................................................................................... 226
K.105. etun: Attributes ............................................................................................................ 226
K.106. dhcp-relay: Attributes ................................................................................................... 227
K.107. dhcp-relay: Elements .................................................................................................... 227
K.108. autoloadtype: Type of s/w auto load ................................................................................ 227
K.109. config-access: Type of access user has to config ................................................................ 228
K.110. user-level: User login level ............................................................................................ 228
K.111. eap-subsystem: Subsystem with EAP access control ........................................................... 228
K.112. eap-method: EAP access method .................................................................................... 228
K.113. syslog-severity: Syslog severity ...................................................................................... 228
K.114. syslog-facility: Syslog facility ........................................................................................ 229
K.115. month: Month name (3 letter) ........................................................................................ 229
K.116. day: Day name (3 letter) ............................................................................................... 230
K.117. radiuspriority: Options for controlling platform RADIUS response priority tagging ................... 230
K.118. radiustype: Type of RADIUS server ................................................................................ 231
K.119. port: Physical port ........................................................................................................ 231
K.120. Crossover: Crossover configuration ................................................................................. 231
K.121. LinkSpeed: Physical port speed ...................................................................................... 231
K.122. LinkDuplex: Physical port duplex setting ......................................................................... 231
K.123. LinkFlow: Physical port flow control setting ..................................................................... 232
K.124. LinkClock: Physical port Gigabit clock master/slave setting ................................................. 232
K.125. LinkLED: LED settings ................................................................................................ 232
K.126. LinkPower: PHY power saving options ............................................................................ 233
K.127. LinkFault: Link fault type to send ................................................................................... 233
K.128. trunk-mode: Trunk port more ......................................................................................... 233
K.129. ramode: IPv6 route announce level ................................................................................. 234
K.130. dhcpv6control: Control for RA and DHCPv6 bits .............................................................. 234
K.131. bgpmode: BGP announcement mode ............................................................................... 234
K.132. sfoption: Source filter option .......................................................................................... 234
K.133. pppoe-mode: Type of PPPoE connection .......................................................................... 234
K.134. pdp-context-type: Type of IP connection .......................................................................... 235
K.135. ipsec-type: IPsec encapsulation type ................................................................................ 235
K.136. ipsec-auth-algorithm: IPsec authentication algorithm .......................................................... 235
K.137. ipsec-crypt-algorithm: IPsec encryption algorithm .............................................................. 235
K.138. peertype: BGP peer type ............................................................................................... 236
K.139. ike-authmethod: authentication method ............................................................................ 236
K.140. ike-mode: connection setup mode ................................................................................... 236
K.141. ike-PRF: IKE Pseudo-Random Function .......................................................................... 236
K.142. ike-DH: IKE Diffie-Hellman group ................................................................................. 237
K.143. ike-ESN: IKE Sequence Number support ......................................................................... 237
K.144. ipsec-encapsulation: Manually keyed IPsec encapsulation mode ............................................ 237
K.145. switch: Profile manual setting ........................................................................................ 237
K.146. dynamic-graph: Type of dynamic graph ........................................................................... 237
K.147. firewall-action: Firewall action ....................................................................................... 238
K.148. voip-format: Number presentation format ......................................................................... 238
K.149. uknumberformat: Number formatting option ..................................................................... 238
K.150. recordoption: Recording option ....................................................................................... 238
K.151. ring-group-order: Order of ring ....................................................................................... 238
FireBrick FB2700 User Manual
xx
K.152. ring-group-type: Type of ring when one call in queue ......................................................... 239
K.153. record-beep-option: Record beep option ........................................................................... 239
K.154. Basic data types ........................................................................................................... 239
Table of contents
