Firebrick Fb6000 series User manual

FireBrick FB6202

User Manual

FB6000 Versatile Network Appliance

FireBrick FB6202 User Manual

This User Manual documents Software version V1.19.037

iii

Table of Contents

Preface .................................................................................................................................... x

1. Introduction .......................................................................................................................... 1

1.1. The FB6000 ............................................................................................................... 1

1.1.1. Where do I start? ............................................................................................. 1

1.1.2. What can it do? ............................................................................................... 1

1.1.3. Ethernet port capabilities ................................................................................... 2

1.1.4. Product variants in the FB6000 series .................................................................. 2

1.2. About this Manual ...................................................................................................... 2

1.2.1. Version ........................................................................................................... 2

1.2.2. Intended audience ............................................................................................. 2

1.2.3. Document style ................................................................................................ 3

1.2.4. Document conventions ...................................................................................... 3

1.2.5. Comments and feedback .................................................................................... 3

1.3. Additional Resources ................................................................................................... 4

1.3.1. Technical Support ............................................................................................ 4

1.3.2. IRC Channel ................................................................................................... 4

1.3.3. Application Notes ............................................................................................. 4

1.3.4. White Papers ................................................................................................... 4

1.3.5. Training Courses .............................................................................................. 4

2. Getting Started ...................................................................................................................... 5

2.1. IP addressing ............................................................................................................. 5

2.2. Accessing the web-based user interface ........................................................................... 5

2.2.1. Add a new user ............................................................................................... 6

3. Configuration ....................................................................................................................... 9

3.1. The Object Hierarchy .................................................................................................. 9

3.2. The Object Model ....................................................................................................... 9

3.2.1. Formal definition of the object model ................................................................. 10

3.2.2. Common attributes .......................................................................................... 10

3.3. Configuration Methods ............................................................................................... 10

3.4. Web User Interface Overview ..................................................................................... 10

3.4.1. User Interface layout ....................................................................................... 11

3.4.1.1. Customising the layout .......................................................................... 11

3.4.2. Config pages and the object hierarchy ................................................................ 12

3.4.2.1. Configuration categories ........................................................................ 12

3.4.2.2. Object settings ..................................................................................... 13

3.4.3. Navigating around the User Interface ................................................................. 14

3.4.4. Backing up / restoring the configuration .............................................................. 15

3.5. Configuration using XML ........................................................................................... 15

3.5.1. Introduction to XML ....................................................................................... 15

3.5.2. The root element - <config> ............................................................................. 17

3.5.3. Viewing or editing XML .................................................................................. 17

3.5.4. Example XML configuration ............................................................................ 17

3.6. Downloading/Uploading the configuration ..................................................................... 18

3.6.1. Download ...................................................................................................... 18

3.6.2. Upload .......................................................................................................... 19

4. System Administration ......................................................................................................... 20

4.1. User Management ..................................................................................................... 20

4.1.1. Login level .................................................................................................... 21

4.1.2. Configuration access level ................................................................................ 21

4.1.3. Login idle timeout .......................................................................................... 21

4.1.4. Restricting user logins ..................................................................................... 21

4.1.4.1. Restrict by IP address ........................................................................... 21

4.1.4.2. Restrict by profile ................................................................................ 22

4.2. General System settings ............................................................................................. 22

FireBrick FB6202 User Manual

4.2.1. System name (hostname) .................................................................................. 22

4.2.2. Administrative details ...................................................................................... 22

4.2.3. System-level event logging control .................................................................... 22

4.2.4. Home page web links ...................................................................................... 22

4.3. Software Upgrades .................................................................................................... 23

4.3.1. Software release types ..................................................................................... 23

4.3.1.1. Breakpoint releases ............................................................................... 23

4.3.2. Identifying current software version ................................................................... 24

4.3.3. Internet-based upgrade process .......................................................................... 24

4.3.3.1. Manually initiating upgrades .................................................................. 24

4.3.3.2. Controlling automatic software updates .................................................... 25

4.3.4. Manual upgrade .............................................................................................. 25

4.4. Boot Process ............................................................................................................ 26

4.4.1. LED indications ............................................................................................. 26

4.4.1.1. Power LED status indications ................................................................. 26

4.4.1.2. Port LEDs ........................................................................................... 26

5. Event Logging .................................................................................................................... 27

5.1. Overview ................................................................................................................. 27

5.1.1. Log targets .................................................................................................... 27

5.1.1.1. Logging to Flash memory ...................................................................... 27

5.1.1.2. Logging to the Console ......................................................................... 28

5.2. Enabling logging ....................................................................................................... 28

5.3. Logging to external destinations .................................................................................. 28

5.3.1. Syslog .......................................................................................................... 28

5.3.2. Email ............................................................................................................ 29

5.3.2.1. E-mail process logging .......................................................................... 30

5.4. Factory reset configuration log targets ........................................................................... 30

5.5. Performance ............................................................................................................. 30

5.6. Viewing logs ............................................................................................................ 30

5.6.1. Viewing logs in the User Interface ..................................................................... 30

5.6.2. Viewing logs in the CLI environment ................................................................. 31

5.7. System-event logging ................................................................................................. 31

5.8. Using Profiles ........................................................................................................... 31

6. Interfaces and Subnets .......................................................................................................... 32

6.1. Relationship between Interfaces and Physical Ports ......................................................... 32

6.1.1. Port groups .................................................................................................... 32

6.1.2. Interfaces ...................................................................................................... 32

6.2. Defining port groups .................................................................................................. 33

6.3. Defining an interface ................................................................................................. 34

6.3.1. Defining subnets ............................................................................................. 34

6.3.1.1. Using DHCP to configure a subnet .......................................................... 35

6.3.2. Setting up DHCP server parameters ................................................................... 35

6.3.2.1. Fixed/Static DHCP allocations ................................................................ 36

6.3.2.2. Partial-MAC-address based allocations ..................................................... 36

6.4. Physical port settings ................................................................................................. 36

6.4.1. Disabling auto-negotiation ................................................................................ 37

6.4.2. Setting port speed ........................................................................................... 37

6.4.3. Setting duplex mode ........................................................................................ 37

6.4.4. Defining port LED functions ............................................................................ 37

7. Routing .............................................................................................................................. 39

7.1. Routing logic ........................................................................................................... 39

7.2. Routing targets ......................................................................................................... 40

7.2.1. Subnet routes ................................................................................................. 40

7.2.2. Routing to an IP address (gateway route) ............................................................ 40

7.2.3. Special targets ................................................................................................ 40

7.3. Dynamic route creation / deletion ................................................................................. 41

FireBrick FB6202 User Manual

7.4. Routing tables .......................................................................................................... 41

8. Profiles .............................................................................................................................. 42

8.1. Overview ................................................................................................................. 42

8.2. Creating/editing profiles ............................................................................................. 42

8.2.1. Timing control ............................................................................................... 42

8.2.2. Tests ............................................................................................................ 43

8.2.2.1. General tests ........................................................................................ 43

8.2.2.2. Time/date tests ..................................................................................... 43

8.2.2.3. Ping tests ............................................................................................ 43

8.2.3. Inverting overall test result ............................................................................... 43

8.2.4. Manual override ............................................................................................. 43

9. Traffic Shaping ................................................................................................................... 45

9.1. Graphs and Shapers ................................................................................................... 45

9.1.1. Graphs .......................................................................................................... 45

9.1.2. Shapers ......................................................................................................... 45

10. PPPoE .............................................................................................................................. 47

10.1. Types of DSL line and router in the United Kingdom ..................................................... 47

10.2. Definining PPPoE links ............................................................................................ 48

10.2.1. IPv6 ............................................................................................................ 48

10.2.2. Additional options ......................................................................................... 48

10.2.2.1. MTU and TCP fix .............................................................................. 48

10.2.2.2. Service and ac-name ........................................................................... 49

10.2.2.3. Logging ............................................................................................ 49

10.2.2.4. Speed and graphs ............................................................................... 49

11. Tunnels ............................................................................................................................ 50

11.1. FB105 tunnels ......................................................................................................... 50

11.1.1. Tunnel wrapper packets .................................................................................. 50

11.1.2. Setting up a tunnel ........................................................................................ 50

11.1.3. Viewing tunnel status .................................................................................... 51

11.1.4. Dynamic routes ............................................................................................ 51

11.1.5. Tunnel bonding ............................................................................................ 51

11.1.6. Tunnels and NAT ......................................................................................... 52

11.1.6.1. FB6000 doing NAT ............................................................................ 52

11.1.6.2. Another device doing NAT .................................................................. 52

12. System Services ................................................................................................................. 54

12.1. HTTP Server configuration ....................................................................................... 54

12.1.1. Access control .............................................................................................. 54

12.1.1.1. Trusted addresses ............................................................................... 55

12.2. Telnet Server configuration ....................................................................................... 55

12.2.1. Access control .............................................................................................. 55

12.3. DNS configuration ................................................................................................... 56

12.4. NTP configuration ................................................................................................... 56

12.5. SNMP configuration ................................................................................................ 56

13. Network Diagnostic Tools ................................................................................................... 57

13.1. Access check .......................................................................................................... 57

13.2. Packet Dumping ...................................................................................................... 58

13.2.1. Dump parameters .......................................................................................... 58

13.2.2. Security settings required ................................................................................ 59

13.2.3. IP address matching ...................................................................................... 59

13.2.4. Packet types ................................................................................................. 59

13.2.5. Snaplen specification ..................................................................................... 60

13.2.6. Using the web interface .................................................................................. 60

13.2.7. Using an HTTP client .................................................................................... 60

13.2.7.1. Example using curl and tcpdump ........................................................... 60

14. VRRP .............................................................................................................................. 62

14.1. Virtual Routers ....................................................................................................... 62

FireBrick FB6202 User Manual

14.2. Configuring VRRP .................................................................................................. 62

14.2.1. Advertisement Interval ................................................................................... 63

14.2.2. Priority ........................................................................................................ 63

14.3. Using a virtual router ............................................................................................... 63

14.4. VRRP versions ....................................................................................................... 63

14.4.1. VRRP version 2 ............................................................................................ 63

14.4.2. VRRP version 3 ............................................................................................ 63

14.5. Compatibility .......................................................................................................... 64

15. Command Line Interface ..................................................................................................... 65

I. Command Line Reference ..................................................................................................... 66

check access ................................................................................................................... 67

clear bgp ....................................................................................................................... 68

clear dhcp ...................................................................................................................... 69

clear l2tp all ................................................................................................................... 70

clear l2tp session ............................................................................................................. 71

clear l2tp tunnel .............................................................................................................. 72

clear pppoe .................................................................................................................... 73

delete config ................................................................................................................... 74

delete data ..................................................................................................................... 75

delete image ................................................................................................................... 76

ethernet reset .................................................................................................................. 77

ethernet stall ................................................................................................................... 78

exit ............................................................................................................................... 79

kill command session ....................................................................................................... 80

kill session ..................................................................................................................... 81

login ............................................................................................................................. 82

logout ............................................................................................................................ 83

panic ............................................................................................................................. 84

ping .............................................................................................................................. 85

quit ............................................................................................................................... 86

reboot ............................................................................................................................ 87

set boot block ................................................................................................................. 88

set command screen width ................................................................................................ 89

show arp ........................................................................................................................ 90

show bgp ....................................................................................................................... 91

show bgp nexthop ........................................................................................................... 92

show bgp peer ................................................................................................................ 93

show bgp routes .............................................................................................................. 94

show bgp summary ......................................................................................................... 95

show boot log ................................................................................................................. 96

show command sessions ................................................................................................... 97

show dhcp ..................................................................................................................... 98

show dns ....................................................................................................................... 99

show ethernet counters ................................................................................................... 100

show ethernet status ....................................................................................................... 101

show fb105 ................................................................................................................... 102

show flash contents ........................................................................................................ 103

show flash log .............................................................................................................. 104

show l2tp ..................................................................................................................... 105

show l2tp session .......................................................................................................... 106

show l2tp sessions ......................................................................................................... 107

show l2tp tunnel ............................................................................................................ 108

show l2tp tunnels .......................................................................................................... 109

show log ...................................................................................................................... 110

show memory ............................................................................................................... 111

show pppoe .................................................................................................................. 112

FireBrick FB6202 User Manual

vii

show profiles ................................................................................................................ 113

show radius .................................................................................................................. 114

show route ................................................................................................................... 115

show routes .................................................................................................................. 116

show sessions ............................................................................................................... 117

show status ................................................................................................................... 118

show subnet .................................................................................................................. 119

show subnets ................................................................................................................ 120

show uptime ................................................................................................................. 121

show tasks .................................................................................................................... 122

show vrrp ..................................................................................................................... 123

start command session .................................................................................................... 124

traceroute ..................................................................................................................... 125

troff ............................................................................................................................. 126

tron ............................................................................................................................. 127

uptime ......................................................................................................................... 128

A. Factory Reset Procedure ..................................................................................................... 129

B. CIDR and CIDR Notation ................................................................................................... 131

C. MAC Addresses usage ....................................................................................................... 133

D. VLANs : A primer ............................................................................................................ 135

Index ................................................................................................................................... 136

viii

List of Figures

2.1. Initial web page in factory reset state ..................................................................................... 6

2.2. Initial "Users" page ............................................................................................................. 6

2.3. Setting up a new user .......................................................................................................... 7

2.4. Configuration being stored ................................................................................................... 7

3.1. Main menu ...................................................................................................................... 11

3.2. Icons for layout controls ..................................................................................................... 12

3.3. Icons for configuration categories ........................................................................................ 12

3.4. The "Setup" category ......................................................................................................... 13

3.5. Editing an "Interface" object ............................................................................................... 13

3.6. Show hidden attributes ....................................................................................................... 14

3.7. Attribute definitions ........................................................................................................... 14

3.8. Navigation controls ........................................................................................................... 15

4.1. Setting up a new user ........................................................................................................ 20

4.2. Software upgrade available notification ................................................................................. 24

4.3. Manual Software upload ..................................................................................................... 25

C.1. Product label showing MAC address range .......................................................................... 133

List of Tables

2.1. IP addresses for computer .................................................................................................... 5

2.2. IP addresses to access the FireBrick ....................................................................................... 5

3.1. Special character sequences ................................................................................................ 16

4.1. User login levels ............................................................................................................... 21

4.2. Configuration access levels ................................................................................................. 21

4.3. General administrative details attributes ................................................................................ 22

4.4. Attributes controlling auto-upgrades ..................................................................................... 25

4.5. Power LED status indications .............................................................................................. 26

5.1. Logging attributes ............................................................................................................. 28

5.2. System-Event Logging attributes .......................................................................................... 31

6.1. Physical port usage options ................................................................................................. 32

6.2. Port LED functions ........................................................................................................... 37

6.3. Example modified Port LED functions .................................................................................. 38

7.1. Route targets .................................................................................................................... 40

12.1. List of system services ..................................................................................................... 54

13.1. Packet dump parameters ................................................................................................... 58

13.2. Packet types that can be captured ....................................................................................... 59

18. Information provided by show fb105 command ..................................................................... 102

C.1. DHCP client names used .................................................................................................. 134

Preface

The FB6000 device is the result of several years of intensive effort to create products based on state of the

art processing platforms, featuring an entirely new operating system and IPv6-capable networking software,

written from scratch in-house by the FireBrick team. Custom designed hardware, manufactured in the UK, hosts

the new software, and ensures FireBrick are able to maximise performance from the hardware, and maintain

exceptional levels of quality and reliability.

The result is a product that has the feature set, performance and reliability to handle mission-critical functions,

effortlessly handling huge volumes of traffic, supporting thousands of customer connections.

Chapter 1. Introduction

1.1. The FB6000

1.1.1. Where do I start?

The FB6000 is shipped in a factory reset state. This means it has a default configuration that allows the unit

to be attached directly to a computer, or into an existing network, and is accessible via a web browser on a

known IP address for further configuration.

Besides allowing initial web access to the unit, the factory reset configuration provides a starting point for you

to develop a bespoke configuration that meets your requirements.

A printed copy of the QuickStart Guide is included with your FB6000 and covers the basic set up required to

gain access to the web based user interface. If you have already followed the steps in the QuickStart guide, and

are able to access the FB6000 via a web browser, you can begin to work with the factory reset configuration

by referring to Chapter 3.

Initial set up is also covered in this manual, so if you have not already followed the QuickStart Guide, please

start at Chapter 2.

Tip

The FB6000's configuration can be restored to the state it was in when shipped from the factory. The

procedure requires physical access to the FB6000, and can be applied if you have made configuration

changes that have resulted in loss of access to the web user interface, or any other situation where it

is appropriate to start from scratch - for example, commissioning an existing unit for a different role,

or where you've forgotten an administrative user password. For details on the factory reset procedure

please refer to Appendix A, or consult the QuickStart Guide.

The remainder of this chapter provides an overview of the FB6000's capabilities, and covers your product

support options.

Tip

The latest version of the QuickStart guide for the FB6000 can be obtained from the FireBrick website

at : http://www.firebrick.co.uk/pdfs/quickstart-6000.pdf

1.1.2. What can it do?

The FB6000 series of products is a family of high speed ISP/telcos grade routers and firewalls providing a

range of specific functions.

Key features of the FB6000 family:

• 1U 19" rack mount

• Very low power consumption (typical 20W) - all important with today's power charges in data centres

• Two small fans are the only moving parts for high reliability

• Dual 120/230V AC power feed

• IPv6 built in from the start

• Gigabit performance

Introduction

1.1.3. Ethernet port capabilities

The FB6000 has two Ethernet network ports that operate at 1Gb/s. The ports implement auto-negotiation by

default, but operation can be fine-tuned to suit specific circumstances. The function of these ports is very

flexible, and defined by the device's configuration. The ports implement one or more interfaces.

Multiple interfaces can be implemented on a single physical port via support for IEEE 802.1Q VLANs, ideal

for using the FB6000 with VLAN-capable network switches. In this case, a single physical connection can be

made between a VLAN-capable switch and the FB6000, and with the switch configured appropriately, this

physical connection will carry traffic to/from multiple VLANs, and the FB6000 can do Layer 3 processing

(routing/firewalling etc.) between nodes on two or more VLANs.

1.1.4. Product variants in the FB6000 series

•FB6102 High capacity ping monitoring box

•FB6202 Gigabit L2TP LNS with detailed monitoring of all lines

•FB6302 Gigabit BGP router

•FB6402 Gigabit stateful firewall

•FB6502 Gigabit core VoIP SIP switch for ISTP use

•FB6602 Mobile GTPv1 GGSN/L2TP gateway

1.2. About this Manual

1.2.1. Version

Every major FB6000 software release is accompanied by a release-specific version of this manual. This manual

documents software version V1.19.037 - please refer to Section 4.3 to find out more about software releases,

and to see how to identify which software version your FB6000 is currently running.

If your FB6000 is running a different version of system software, then please consult the version of this manual

that documents that specific version, as there may be significant differences between the software versions.

Also bear in mind that if you are not reading the latest version of the manual (and using the latest software

release), references in this manual to external resources, such as the FireBrick website, may be out of date.

Tip

If this is the correct manual for your current software version, then note that there may be a newer

revision of this manual available, still covering the same software version, but with improvements or

corrections to the documentation. We recommend you always ensure you are using the latest revision

available, to be sure you are using the most accurate and up-to-date information. The revision of this

manual can be identified via the Revision History table - this can be found on the home page of the

documentation (when viewing the web based documentation), or near the front of the PDF version

of the documentation.

You can find the latest revision of a manual for a specific software version on the FB6000 software downloads

website [http://www.firebrick.co.uk/software.php?PRODUCT=6000].

1.2.2. Intended audience

This manual is intended to guide FB6000 owners in configuring their units for their specific applications. We

try to make no significant assumption about the reader's knowledge of FireBrick products, but as might be

expected given the target market for the products, it is assumed the reader has a reasonable working knowledge

Introduction

of common IP and Ethernet networking concepts. So, whether you've used FireBrick products for years, or

have purchased one for the very first time, and whether you're a novice or a network guru, this Manual sets out

to be an easy to read, definitive guide to FireBrick product configuration for all FireBrick customers.

1.2.3. Document style

At FireBrick, we appreciate that different people learn in different ways - some like to dive in, hands-on,

working with examples and tweaking them until they work the way they want, referring to documentation

as required. Other people prefer to build their knowledge up from first principles, and gain a thorough

understandingofwhatthey'reworkingwith.Mostpeoplewesuspectfallsomewherebetweenthesetwolearning

styles.

This Manual aims to be highly usable regardless of your learning style - material is presented in an order that

startswith fundamental concepts, andbuildstomore complex operation ofyourFireBrick.At all stages wehope

to provide a well-written description of how to configure each aspect of the FireBrick, and - where necessary

- provide enough insight into the FireBrick's internal operation that you understand why the configuration

achieves what it does.

1.2.4. Document conventions

Various typefaces and presentation styles are used in this document as follows :-

• Text that would be typed as-is, for example a command, or an XML attribute name is shown in

monospaced_font

• Program (including XML) listings, or fragments of listings are shown thus :-

/* this is an example program listing*/

printf("Hello World!\n");

• Text as it would appear on-screen is shown thus :-

This is an example of some text that would

appear on screen.

Note that for documentation purposes additional

line-breaks may be present that would not be in the on-screen text

• Notes of varying levels of significance are represented thus (colour schemes may differ depending on

signficance) :-

Note

This is an example note.

The significance is identified by the heading text and can be one of : Tip - general hints and tips, for example

to point out a useful feature related to the current discussion ; Note - a specific, but not critical, point relating

to the surrounding text ; Caution - a potentially critical point that you should pay attention to, failure to do

so may result in loss of data, security issues, loss of network connectivity etc.

1.2.5. Comments and feedback

If you'd like to make any comments on this Manual, point out errors, make suggestions for improvement or

provide any other feedback, we would be pleased to hear from you via e-mail at : [email protected].

Introduction

1.3. Additional Resources

1.3.1. Technical Support

Technical support is available, in the first instance, via the reseller from which you purchased your FireBrick.

FireBrick provide extensive training and support to resellers and you will find them experts in Firebrick

products.

However, before contacting them, please ensure you have :-

• upgraded your FB6000 to the latest version of software (see Section 4.3) and

• are using the latest revision of the manual applicable to that software version and

• have attempted to answer your query using the material in this manual

Many FireBrick resellers also offer general IT support, including installation, configuration, maintenance, and

training. You may be able to get your reseller to develop FB6000 configurations for you - although this will

typically be chargeable, you may well find this cost-effective, especially if you are new to FireBrick products.

If you are not satisfied with the support you are getting from your reseller, please contact us [http://

www.firebrick.co.uk/contact.php].

1.3.2. IRC Channel

A public IRC channel is available for FireBrick discussion - the IRC server is irc.z.je, and the channel

is #firebrick.

1.3.3. Application Notes

FireBrick are building a library of Application Note documents that you can refer to - each Application Note

describes how to use and configure a FireBrick in specific scenarios, such as using the device in a multi-tenant

Serviced Office environment, or using the FireBrick to bond multiple WAN connections together.

1.3.4. White Papers

FireBrick White Papers cover topics that deserve specific discussion - they are not related to specific

Applications, rather they aim to educate interested readers regarding networking protocols, common/best

practice, and real-world issues encountered.

1.3.5. Training Courses

FireBrick provide training courses for the FB2x00 series products, and also training course on general IP

networking that are useful if you are new to networking with IP.

To obtain information about upcoming courses, please contact us via e-mail at :

[email protected].

Chapter 2. Getting Started

2.1. IP addressing

Youconfigure your FireBrickusingaweb browser - todothis,you need IPconnectivitybetweenyour computer

and the FireBrick. For a new FB6000 or one that has been factory reset, there are three methods to set this up,

as described below - select the method that you prefer, or that best suits your current network architecture.

•Method 1 - use the FireBrick's DHCP server to configure a computer.

If your computer is already configured (as many are) to get an IP address automatically, you can connect your

computer to port 1 on the FireBrick, and the FireBrick's inbuilt DHCP server should give it an IPv4 address.

•Method 2 - configure a computer with a fixed IP address.

Alternatively, you can connect a computer to port 1 on the FireBrick, and manually configure your computer

to have the fixed IP address(es) shown below :-

Table 2.1. IP addresses for computer

IPv6 IPv4

2001:DB8::2/64 10.0.0.2 ; subnet mask : 255.255.255.0

•Method 3 - use an existing DHCP server to configure the FireBrick.

If your LAN already has a DHCP server, you can connect port 1 of your FireBrick to your LAN, and it will

get an address.

2.2. Accessing the web-based user interface

If you used either Method 1 or Method 2, you should browse to the FireBrick's IP address as listed below:-

Table 2.2. IP addresses to access the FireBrick

IPv6 IPv4

http://[2001:DB8::1] http://10.0.0.1

If you used Method 3, you will need to be able to access a list of allocations made by the DHCP server in

order to identify which IP address has been allocated to the FB6000, and then browse this address from your

computer. If your DHCP server shows the client name that was supplied in the DHCP request, then you will

see FB6000 in the client name field (assuming a factory reset configuration) - if you only have one FB6000 in

factory reset state on your network, then it will be immediately obvious via this client name. Otherwise, you

will need to locate the allocation by cross-referring with the MAC address range used by the FB6000 you are

interested in - if necessary, refer to Appendix C to see how to determine which MAC address you are looking

for in the list of allocations.

Once you are connected to the FB6000, you should see a page with "Configuration needed" prominently

displayed, as shown below :-

Getting Started

Figure 2.1. Initial web page in factory reset state

Click on the "edit the configuration" link (red text), which will take you to the main user interface page for

managing the configuration.

2.2.1. Add a new user

You now need to add a new user with a password in order to gain full access to the FireBrick's user interface.

Click on the "Users" icon, then click on the "Add" link to add a user. The "Users" page is shown below, with

the "Add" link highlighted:-

Figure 2.2. Initial "Users" page

Entera suitable username inthe"Name"box, and enter apassword(passwordsaremandatory), as shownbelow.

Leave all other checkboxes un-ticked, but see the Tip below regarding the timeout setting.

Note

Take care to enter the password carefully, as the FB6000 does not prompt you for confirmation of

the password.

Getting Started

Figure 2.3. Setting up a new user

Tip

You may also want to increase the login-session idle time-out from the default of 5 minutes, especially

if you are unfamiliar with the user-interface. To do that, tick the checkbox next to timeout, and

enter an appropriate value, which should start PT, be followed by a number, and end with units of

either Mfor minutes, or Hfor hours.

Click on the Save button near the top of the screen which will save a new configuration that includes your

new user definition.

You should now see a page showing the progress of storing the new configuration in Flash memory :-

Figure 2.4. Configuration being stored

Getting Started

On this page there is a "Login" link (in red text)- click on this link and then log in using the username and

password you chose.

We recommend you read Chapter 3 to understand the design of the FB6000's user interface, and then start

working with your FB6000's factory reset configuration. Once you are familiar with how the user interface is

structured, you can find more detail on setting up users in Section 4.1.

Chapter 3. Configuration

3.1. The Object Hierarchy

The FB6000 has, at its core, a configuration based on a hierarchy of objects, with each object having one or

more attributes. An object has a type, which determines its role in the operation of the FB6000. The values

of the attributes determine how that object affects operation. Attributes also have a type (or datatype), which

defines the type of data that attribute specifies. This in turn defines what the valid syntax is for a value of that

datatype - for example some are numeric, some are free-form strings, others are strings with a specific format,

such as a dotted-quad IP address. Some examples of attribute values are :-

• IP addresses, and subnet definitions in CIDR format e.g. 192.168.10.0/24

• free-form descriptive text strings, e.g. a name for a firewall rule

• Layer 4 protocol port numbers e.g. TCP ports

• data rates used to control traffic shaping

• enumerated values used to control a feature e.g. defining Ethernet port LED functions

The object hierarchy can be likened to a family-tree, with relationships between objects referred to using terms

such as Parent, Child, Sibling, Ancestor and Descendant. This tree-like structure is used to :-

• group a set of related objects, such as a set of firewall rules - the parent object acts as a container for a group

of (child) objects, and may also contribute to defining the detailed behaviour of the group

• define a context for an object - for example, an object used to define a locally-attached subnet is a child of

an object that defines an interface, and as such defines that the subnet is accessible on that specific interface.

Since multiple interfaces can exist, other interface objects establish different contexts for subnet objects.

Additional inter-object associations are established via attribute values that reference other objects, typically

by name, e.g. a firewall rule can specify one of several destinations for log information to be sent when the

rule is processed.

3.2. The Object Model

The term 'object model' is used here to collectively refer to :-

• the constraints that define a valid object hiearchy - i.e. which object(s) are valid child objects for a given

parent object, how many siblings of the same type can exist etc.

• for each object type, the allowable set of attributes, whether the attributes are mandatory or optional, their

datatypes, and permissible values of those attributes

The bulk of this User Manual therefore serves to document the object model and how it controls operation of

the FB6000.

Tip

This version of the User Manual may not yet be complete in its coverage of the full object model.

Some more obscure attributes may not be covered at all - some of these may be attributes that are

not used under any normal circumstances, and used only under guidance by support personnel. If you

This manual suits for next models

Table of contents

Other FireBrick Network Hardware manuals

FireBrick

FireBrick FB2700 User manual

FireBrick

FireBrick FB2700 User manual

FireBrick

FireBrick FB2900 User manual

Popular Network Hardware manuals by other brands

GE ATS1203 Installation sheet

Ericsson

Ericsson HM4x0 reference guide

2N Telekomunikace

2N Telekomunikace EasyGate IP Brief manual

OV Solutions

OV Solutions EC-PoE-5 user manual

SilverNet

SilverNet MICRO TG60 Quick setup guide

TP-Link

TP-Link VIGI NVR2016H installation guide

Juniper

Juniper SSR1200 quick start guide

SONBEST

SONBEST SM1030B user manual

Epygi

Epygi QX series manual

Accton Technology

Accton Technology CheetahSwitch Workgroup-3024 Quick installation guide

Hanwha Vision

Hanwha Vision LRN-1610S user manual

Lilin

Lilin NVR5832 quick guide

Symcod

Symcod V3+ manual

Vivint

Vivint AirBridge VS-YOFIMN-000 quick reference

Opengear

Opengear OM1200 Series quick start guide

Paradyne

Paradyne FrameSaver NP 64+ user manual

INSIGHT

INSIGHT DLP DIRECTOR 1000 Hardware installation guide

Panasonic

Panasonic WJ-NV200 installation guide

FireBrick FB6000 Series User manual

Popular Network Hardware manuals by other brands