SupportResource CenterH3C XE 200 2000 IP PBXConfiguration
Chapters Download(705 KB)
Chapter 1 System Management Overview
Chapter 2 Terminal Service and User Interface Configuration
2.1 Introduction to Terminal Service and User Interface
2.1.1 Relationships Between Terminal Service and User Interface
2.1.2 User Interfaces Numbering
2.2 Console and AUX Terminal Service Configuration
2.2.1 Entering User Interface View
2.2.2 Configuring Interface Attributes
2.2.3 Configuring Terminal Attributes
2.2.4 Configuring Modem Attributes
2.2.5 Setting User Authentication and Levels
2.3 Telnet Terminal Service Configuration
2.3.3 Displaying and Debugging Telnet
2.4 Displaying and Debugging User Interface
2.4.2 Displaying Information About User Interface
2.4.3 Displaying Physical Attributes and Configurations of User Interface
Chapter 3 GUI Server Configuration and Management
3.2 GUI Server Configuration and Management
3.2.2 Displaying the User Information List
3.2.3 Clearing the User Information List
3.2.4 Enabling/Disabling Web Service
3.2.5 Configuring Operation Rights of Normal Administrators
Chapter 4 System Maintenance and Management
4.1 System Maintenance and Debugging
4.1.1 Network Diagnostic Tools
4.2.1 Introduction to Information Center
4.2.2 Configuring Information Center
4.2.3 Configuring Terminal Display
4.2.5 Displaying and Debugging Information Center
4.2.6 Information Center Configuration Example
Chapter 5 File System Management
5.1.4 Storage Device Operation
5.1.6 Example of Using the File System
5.2 Configuration File Management
5.2.1 Introduction to File Management
5.2.2 Naming and Selection Order of the Configuration File
5.2.3 Backing Up the Configuration File
5.3.3 Configuring Authentication and Authorization
5.3.4 Configuring Operating Parameters
5.3.5 Displaying and Debugging FTP Server
5.3.6 Introduction to FTP Client
5.3.7 Configuration Example of Upgrading the Comware Application Program (1)
5.3.8 Configuration Example of Upgrading the Comware Application Program (2)
5.4.2 TFTP Protocol Configuration
5.4.3 Configuration Example of Upgrading the Comware Main Software Using TFTP
6.1 Introduction to User Management
6.2.1 Configuring User Authentication Method
6.2.2 Configuring Password Authentication
6.2.3 Configuring Local-Authenticated Users
6.3.3 Displaying and Debugging AAA
6.4 Displaying User Information
6.5.1 Authenticating Users with Password
6.5.2 Authenticating Users with the Local Database
7.1.2 SNMP Versions and MIBs Supported
7.2.1 Enabling/Disabling the SNMP Agent Service
7.2.2 Enabling/Disabling the Corresponding Version of SNMP
7.2.4 Setting/Deleting an SNMP Group
7.2.7 Enable/Disable Trap Packets
7.2.8 Setting the Engine ID of a Local Device
7.2.9 Setting the Address of the Trap Target Host
7.2.10 Setting the Location of XE IP PBX
7.2.11 Specifying the Source Address of Trap Packets
7.2.13 Setting the Maximum Size of SNMP Packets
7.2.14 Setting the Queue Length of Trap Packets
7.2.15 Setting the Aging Time of Trap Packets
7.3 Displaying and Debugging SNMP
Chapter 8 Modem Management Configuration
8.1 Introduction to Modem Management
8.1.1 Modem Management on the XE IP PBX
8.2 Modem Management Configuration
8.2.1 Configuring the Incoming and Outgoing Calls of the Modem
8.2.2 Configuring a Modem Script
8.2.3 Executing a Modem Script Manually
8.2.4 Specifying a Modem Script Triggered by an Event
8.2.5 Configuring the Answer Mode for the Modem
8.2.6 Configuring Modem Callback
8.3 Displaying and Debugging the Modem
8.4.1 Using Modem Script to Manage the Modem
8.4.2 Using Modem Script to Make Power-on Initialization of the Modem
8.4.3 Using Modem Script to Dial up Directly
This chapter tells you how to manage and maintain your H3C XE 200/2000 IP PBX (hereinafter referred to as the XE IP PBX).
l Terminal service and user interface configuration
By reading this part, you can learn the terminal services that the XE IP PBX provides, such as console, AUX and telnet. These services allow you to manage the devices locally or remotely.
The XE IP PBX provides user interface view where you can manage terminal interfaces and thus control user access to the XE IP PBX.
l System maintenance and management
This part helps you get familiar with the system debugging and maintenance tools and the info-center function available with the XE IP PBX. They are important in monitoring and troubleshooting your network.
l GUI server configuration management
This part helps users manage the XE IP PBX via the graphical user interface (GUI) with ease.
l File management
This part tells you how to use the file system supported by Comware to manage the files in the hard disk and Flash memory of the device, such as host software, configuration files and log files.
This part also covers the protocols of FTP, TFTP and Xmodem which are used for file transfer between the XE IP PBX and other devices.
l User management
This part describes the user management policies that Comware offers to facilitate user and service management and thus enhance network security.
l SNMP configuration
This part describes SNMP and how to configure it to effectively manage the operating devices on a network along with the network management system.
l Modem management configuration
This part introduces the function and configuration of modem, with which you can flexibly manage and control the XE IP PBX.
Terminal services allow you (especially if you are an administrator or an operator) to access the XE IP PBX from terminals to configure, manage, browse, and debug the device.
The XE IP PBX offers multiple terminal services for you to access the CLI to perform:
l Local configuration through the console port
l Remote configuration through the AUX port
l Remote configuration through Telnet
The XE IP PBX manages terminal services through user interface, in the view of which you can configure the physical and logical interface attributes of terminal service system.
The system provides the following types of user interface for terminal services:
l Console user interface. It manages the interface attributes of the console terminal.
l AUX user interface. It manages the interface attributes of the AUX terminal.
l Virtual terminal line (VTY) user interface. It manages the interface attributes of the Telnet terminal.
User interfaces are numbered in two ways: absolute numbering and relative numbering.
Three types of user interfaces are available with the XE IP PBX: console, AUX, and VTY. Their numbers are order dependent.
There are only one console user interface and one AUX user interface, but there can be multiple VTY user interfaces. With the absolute numbering approach, user interfaces are numbered starting at 0 in an ascending order. An absolute number can uniquely identify a user interface or a group of user interfaces.
The following are the absolute numbers for the user interfaces available with the XE 200 IP PBX and the XE 2000 IP PBX:
l ui 0 for the console.
l ui 1 for the AUX.
l ui 2 to ui 6 for the VTY.
Relative numbers take the form of user interface type + number. They are used by the user interfaces of the same type to identify each other. When multiple user interface types are involved, however, relative numbers cannot be used.
The following are the relative numbers for the user interfaces:
l con 0 for the console.
l aux 0 for the AUX.
l VTY 0 for the first VTY, VTY 1 for the second VTY, and so on.
The console port is the primary configuration interface, through which you can enter the configuration interface for initial configuration of the XE IP PBX.
The AUX port functions as the backup and remote services of the console port to provide almost the same terminal services as the console port.
Their user interface configurations include:
l Configuring attributes of the asynchronous interface
l Configuring attributes of the terminal
l Configuring user authentication
In system view, enter the view of a user interface by using its name and relative number or by its absolute number only. The absolute numbers of the console and AUX ports are ui 0 and ui 1 respectively.
Perform the following configuration in system view.
Table 2-1 Enter user interface view
|
Operation |
Command |
|
Enter the view of the console user interface with its name and relative number |
user-interface console 0 |
|
Enter the view of the console user interface with its absolute number |
user-interface ui 0 |
|
Enter the view of the AUX user interface with its name and relative number |
user-interface aux 0 |
|
Enter the view of the AUX user interface with its absolute number on the XE 200 |
user-interface ui 1 |
In user interface view, you can configure and manage interface attributes, including:
l Asynchronous attributes: speed, flow control, parity, stop bits and data bits.
l Terminal attributes: enabling terminal service (shell), setting idle timer with the command idle-timeout, setting the screen length with the command screen-length for terminals, configuring authentication, and setting the size of the history command buffer.
You can also set the authentication mode and user privilege level at login.
& Note:
The default communication parameters for the console port are 9600 bps, 8 data bits, 1 stop bit, no parity and no flow control.
You are recommended not to change the defaults.
Perform the following configuration in user interface view.
Table 2-2 Configure transmission speed
|
Operation |
Command |
|
Configure transmission speed |
speed speed-value |
|
Restore the default speed |
undo speed |
The following are the speeds available with the console and AUX ports:
l 300 bps
l 600 bps
l 1200 bps
l 2400 bps
l 4800 bps
l 9600 bps
l 19200 bps
l 38400 bps
l 57600 bps
l 115200 bps
& Note:
The speeds of 300 bps and 600 bps are supported only on XE 200 IP PBXs.
Table 2-3 Configure flow control mode
|
Operation |
Command |
|
Configure flow control mode |
flow-control { none | software | hardware } |
|
Restore the default flow control mode |
undo flow-control |
The available flow control modes include:
none: No flow control.
software: Software flow control.
hardware: Hardware flow control, which is only applicable to the AUX port.
By default, the flow control mode of the terminal line is none, that is, no flow control.
|
Operation |
Command |
|
Set the parity bit |
parity { none | even | odd | mark | space } |
|
Restore the default parity setting |
undo parity |
The available parity options include: none, even, odd, mark, and space.
The parity defaults to none, that is, no parity check.
|
Operation |
Command |
|
Set stop bits |
stopbits { 1.5 | 1 | 2 } |
|
Restore the default setting |
undo stopbits |
The stop bits setting defaults to 1. XE 2000 IP PBXs only support the setting of stop bits to 1 or 2.
|
Operation |
Command |
|
Set data bits |
databits { 5 | 6 | 7 | 8 } |
|
Restore the default setting |
undo databits |
The data bits available with an asynchronous interface are 5, 6, 7, and 8.
The data bits setting defaults to 8.
Perform the following configuration in user interface view.
Table 2-7 Enable/disable terminal service
|
Operation |
Command |
|
Enable terminal service |
shell |
|
Disable terminal service |
undo shell |
& Note:
l By default, terminal service is enabled on all user interfaces.
l Console user interface does not support the undo shell command.
The connection to the user terminal is disconnected if it is idle for a period set by the idle-timeout timer.
Table 2-8 Set the idle-timeout timer
|
Operation |
Command |
|
Set the idle-timeout timer |
idle-timeout minutes [ seconds ] |
|
Restore the default setting |
undo idle-timeout |
By default, the idle-timeout timer is set to 10 minutes. When it expires, the terminal connection is disconnected. Setting the timeout to 0 disables the timer and the connection is maintained regardless of whether it is idle.
Table 2-9 Set the terminal screen length
|
Operation |
Command |
|
Set the terminal screen length |
screen-length screen-length |
|
Restore the default terminal screen length |
undo screen-length |
By default, 24 lines are displayed on the terminal screen.
The command screen-length 0 disables multiple-screen output.
The undo screen-length command restores the default setting.
You may use the hot key <Ctrl+P> or <Ctrl+N> to execute the commands that you have entered on the terminal. These commands are stored in the history command buffer and you can set the number of stored commands using the history-command max-size command.
Table 2-10 Set the size of the history command buffer
|
Operation |
Command |
|
Set the size of the history command buffer |
history-command max-size size-value |
|
Restore the default size of the history command buffer |
undo history-command max-size |
The size-value argument specifies the size of the history command buffer. It defaults to 10, meaning up to 10 commands can be stored.
& Note:
Modem attributes configuration is applicable to the AUX port only.
Besides logging onto the device directly, you can choose to dial into the device with a modem from the AUX port. You may manage and configure the parameters related to the modem in user interface view. The relevant commands are applicable to AUX port only.
Table 2-11 Configure modem parameters
|
Operation |
Command |
|
Set the call switch that controls call-in and call-out |
modem [ call-in | both ] |
|
Disable call-in and/or call-out |
undo modem [ call-in | both ] |
|
Set the interval that the system waits for the CD_UP signal after receiving the RING signal |
modem timer answer seconds |
|
Restore the default interval that the system waits for the CD_UP signal after receiving the RING signal |
undo modem timer answer |
|
Set the answer mode to auto-answer |
modem auto-answer |
|
Set the answer mode to manual answer |
undo modem auto-answer |
|
Enable asynchronous interface redirection function (valid only for AUX user interface) |
redirect |
|
Disable asynchronous interface redirection function (valid only for AUX user interface) |
undo redirect |
The user authentication and level configuration tasks are described in the following sections:
l Setting an authentication mode. Three types of authentication modes are available: AAA, local authentication, and password, also you can set the mode to none. By default, the console and AUX user interface users do not need authentication.
l Setting the password for password authentication. If you choose a password authentication mode, you need to set the password.
l Setting user level. The commands that you can access are decided by the level of the user interface where you log in or by the user level. If you are not assigned a user level or you are to be authenticated by password, then the user interface level applies. If you have a user level and are to be authenticated through AAA or local authentication, then the assigned user level applies.
Perform the following configuration in user interface view.
Table 2-12 Configure the authentication mode
|
Operation |
Command |
|
Set the authentication mode applied when logging into a user interface |
authentication-mode { local | none | password | scheme { list | default } } |
|
Set the password for password authentication |
set authentication password { simple | cipher } password |
1) Setting the level of a user interface
Perform the following configuration in user interface view.
Table 2-13 Set the level of the user interface
|
Operation |
Command |
|
Set the level of the user interface |
user privilege level level |
|
Restore the default level |
undo user privilege level |
The privilege level of the console user interface defaults to 3; and the privilege level of other user interfaces defaults to 0.
2) Assigning a level to a user
When the level of a user conflicts with the level of the user interface where the user logs in, the former overrides the latter.
Perform the following configuration in system view.
Table 2-14 Assign a level to a user
|
Operation |
Command |
|
Assign a level to a user |
local-user username level level |
|
Restore the default user level |
undo local-user local-user level |
The level argument is in the range 0 to 3, where 3 represents the highest level. By default, no level is assigned to users.
& Note:
If the authentication mode is set to none or password, the command level that a user can access is determined by the level of the user interface where the user logs in. If the authentication is set to local (username and password are required), the command level that the user can access is determined by the level of the user.
Telnet is an application layer protocol in the TCP/IP protocol suite. It provides remote logon and virtual terminal services. Both Telnet server and client services are available with the XE IP PBX.
As shown in the following figure, you can run a Telnet client on a PC to telnet to the XE IP PBX for configuration and management.
Figure 2-1 Telnet server service
When working as a Telnet server, the XE IP PBX needs to authenticate the Telnet client. The authentication configuration must be done in the VTY user interface.
1) Enter VTY user interface view
In system view, you can enter the view of a user interface by using its name and relative number or its absolute number. The absolute numbers for VTYs are 2 to 6 for both the XE 200 IP PBX and XE 2000 IP PBX.
Table 2-15 Enter VTY user interface view
|
Operation |
Command |
|
Enter the view of a VTY user interface with its name and relative number |
user-interface vty 0 [ 4 ] |
|
Enter the view of a VTY user interface with its absolute number on the XE 200 IP PBX or the XE 2000 IP PBX |
user-interface ui 2 [ 6 ] |
2) Basic configurations of the VTY user interface
The basic configurations of the VTY user interface include:
l Setting the authentication mode. Three types of authentication modes are available: AAA, local authentication, and password. You may set it to none. By default, password authentication applies.
l Setting the password for password authentication. If you choose a password authentication mode, you need to set the password.
l Setting user level. The commands that you can access are decided by the level of the user interface where you log in or by the user level. If you are not assigned a user level or you are to be authenticated by password, then the user interface level applies. If you have a user level and is to be authenticated through AAA or local authentication, then the assigned user level applies.
Perform the following configuration in VTY user interface view.
Table 2-16 Basic configurations of the VTY user interface
|
Operation |
Command |
|
Set the authentication mode applied when receiving a Telnet connection |
authentication-mode { local | none | password | scheme { list | default } } |
|
Set the password for password authentication |
set authentication password { simple | cipher } password |
|
Set a user level |
user privilege level level |
3) Advanced configurations of the VTY user interface
You may perform the following tasks as needed:
l Enabling/disabling the terminal service. By default, the XE IP PBX has enabled all the terminal services, but you can disable them as needed.
l Configuring the auto-execute command command. It makes the XE IP PBX automatically execute some commands when you telnet to it, for example, telneting to another service server.
l Setting the idle-timeout timer. This command has two purposes: one is to prevent others from operating on the terminal when the terminal is unattended for a long time, and the other is to release VTY resources when the terminal is idle for a long time.
l Specifying the protocols supported by the current user interface. By default, the XE IP PBX supports Telnet. You may disable some protocols as needed.
l Setting the size of the history command buffer. By default, each Telnet terminal can store up to 10 history commands. You may change it as needed.
Perform the following configuration in VTY user interface view.
Table 2-17 Advanced configuration of the VTY user interface
|
Operation |
Command |
|
Enable/disable the terminal service |
[ undo ] shell |
|
Set the command to be automatically executed |
auto-execute command command |
|
Set the idle-timeout timer |
idle-timeout minutes [ seconds ] |
|
Set the size of the history command buffer |
history-command max-size size-value |
The XE IP PBX supports the Telnet client service. As shown in the following figure, you can log onto the XE IP PBX by Telnet or by other means, and then telnet from the XE IP PBX to other devices to perform configuration and management.
Figure 2-2 Telnet client service
Normally, you can use the Telnet client service without doing any configuration.
Execute the telnet command in user view to establish a Telnet connection.
Table 2-18 Create a Telnet connection
|
Operation |
Command |
|
Telnet to another XE IP PBX |
telnet host-ip-address [ service-port ] |
Suppose you have logged onto the XE IP PBX named XE. You can use the following command to log onto H3C (the router with an IP address of 129.102.0.1) via the XE IP PBX to perform management.
<XE> telnet 129.102.0.1
Trying 129.102.0.1 ...
Connected to 129.102.0.1 ...
<H3C>
As you can see, <XE> is changed to <H3C>.
When the network connection is normal, you can press <Ctrl+]> at the Telnet client to ask the Telnet server to terminate the Telnet login, just as using the quit command. If the network is down for some reasons, the command of the hot key does not work.
In case the client cannot tell whether the server fails and receives no reply to any command, you can enter the hot key <Ctrl+K> to abort and exit the Telnet connection.
After completing the above configurations, you can execute the display command in any view to view the Telnet operating state and verify the configuration.
Execute the debugging command in user view to debug Telnet.
Execute the idle-timeout command in user interface view.
Table 2-19 Display and debug Telnet
|
Operation |
Command |
|
Display the connection state of the current user interface |
display users |
|
Display the connection state of all the user interfaces |
display users all |
|
Display state of all the established TCP connections |
display tcp status |
The display users command displays only the interfaces through which the Telnet clients connect to the XE IP PBX.
To know the IP addresses of the Telnet servers, you can execute the display tcp status command. Among all the displayed TCP connections, the connections to port number 23 are Telnet connections, including connections to the client and the server.
The lock command locks the current terminal line and prompts the user to enter a password. This makes it impossible for others to operate in the interface after the user leaves.
Perform the following configuration in user view.
Table 2-20 Lock the user interface
|
Operation |
Command |
|
Lock the user interface |
lock |
Perform the following configuration in any view.
Table 2-21 Display the information about all user interfaces
|
Operation |
Command |
|
Display the information about all user interfaces |
display users [ all ] |
Perform the following configuration in any view.
Table 2-22 Display the physical attributes and configurations of user interfaces
|
Operation |
Command |
|
Display the physical attributes and configurations of user interfaces |
display user-interface [ type number ] [ number ] |
XE IP PBX provides graphics user interfaces (GUIs) to enable easy configurations. GUI consists of GUI server and GUI client. The GUI server runs inside the XE IP PBX, and the GUI client runs on the PC with Microsoft Windows series operating systems.
Configure to enable the GUI server as follows:
Table 3-1 GUI server configuration
|
Command |
Remarks |
|
|
Enter system view |
system-view |
— |
|
Enter GUI server configuration view |
gui |
— |
|
Configure the interface and port number for the GUI server |
gui-config interface interface-type slot-number [ port port ] |
Required The port number is optional. The GUI client communicates with the GUI server through the port specified here. The port number ranges from 1 to 65535 and defaults to 10,999. |
|
Enable the GUI Server |
start |
Required |
Use the stop command to disable the GUI server.
Run the display gui-user command in any view to display the user information list.
Table 3-2 Display the user information list configuration
|
Item |
Command |
Remarks |
|
Display the user information list |
display gui-user { all | online } |
Required Argument all is to display information of all users and online is to display information of current login users. |
Clear the user information list configuration as follows:
Table 3-3 Clear the user information list configuration
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter GUI server configuration view |
gui |
— |
|
Clear the user information list |
reset-ual |
Required |
Caution:
l This command restores the user information list to the initial state, that is, only the default account is contained.
l If the GUI server has been started, you need to shut it down first.
l Use this command carefully to avoid loss of important information.
The XE IP PBX provides Web service, facilitating you to access the XE IP PBX through the Web browser and download files with the GUI client.
After you start the Web service, you can visit http://xxx.xxx.xxx.xxx/filename to view the corresponding file under the directory flash:/web on the XE IP PBX. By default, the index.html file in this directory is obtained if you do not type in the file name. That is, visiting http://xxx.xxx.xxx.xxx is the same with visiting http://xxx.xxx.xxx.xxx/index.html.
By default, there are three files in the flash:/web directory on the XE IP PBX: g-remote_ch.exe, index.html and banner.jpg.
& Note:
l The above mentioned xxx.xxx.xxx.xxx represents the IP address of the XE IP PBX, and filename refers to the name of the file saved under the directory flash:/web on the XE IP PBX.
l After you modify or delete a file under the flash:/web directory, restart the Web server so that your change takes effect. However, adding a file does not need the restart-up.
l Be careful to rename or delete files under the flash:/web directory. Improper operations may cause failure of downloading GUI client software.
l Click [XE G-Remote English Version] on the [XE G-Remote Download] Web page to download the GUI client software.
Enable/disable Web service as follows:
Table 3-4 Enable/disable Web service configuration
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter GUI server configuration view |
gui |
— |
|
Enable/disable Web service |
web { start | stop } |
Required |
For operation rights of normal administrators, refer to H3C XE 200/2000 IP PBX G-Remote User Manual.
This configuration takes effect after a normal administrator logs in through GUI client, thus the normal administrator can perform permitted operations.
Table 3-5 Permit/prohibit normal administrators’ operations on a specific gateway device
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter LS view |
location-server |
— |
|
Enter LS-GW view |
gateway gateway-id |
— |
|
Permit/prohibit normal administrators’ operations on a specific gateway device |
access { permit | prohibit } |
Required |
Table 3-6 Permit/prohibit normal administrators’ operations on a specific office device
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter LS view |
location-server |
— |
|
Enter LS-OFFICE view |
office office-id |
— |
|
Permit/prohibit normal administrators’ operations on a specific office device |
access { permit | prohibit } |
Required |
Table 3-7 Permit/prohibit normal administrators’ right to add/delete a gateway device
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter LS view |
location-server |
— |
|
Permit/prohibit normal administrators’ right to add/delete an office device |
access list gateway { permit | prohibit } |
Required |
Table 3-8 Permit/prohibit normal administrators’ right to add/delete an office device
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter LS view |
location-server |
— |
|
Permit/prohibit normal administrators’ right to add/delete an office device |
access list office { permit | prohibit } |
Required |
Table 3-9 Permit/prohibit normal administrators’ right to run commands in gateway view
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter LS view |
location-server |
— |
|
Permit/prohibit normal administrators’ right to run commands in gateway view |
access command gateway { permit | prohibit } |
Required |
Table 3-10 Permit/prohibit normal administrators’ right to run commands in office device view
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter LS view |
location-server |
— |
|
Permit/prohibit normal administrators’ right to run commands in office device view |
access command office { permit | prohibit } |
Required |
Table 3-11 Permit/prohibit normal administrators’ right to configure IP addresses for gateway devices
|
Item |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter LS view |
location-server |
— |
|
Permit/prohibit normal administrators’ right to configure IP addresses for gateway devices |
access command gw:ip-address { permit | prohibit } |
Required |
l System maintenance and debugging tools
l Maintenance and management of system information center
Use the ping command to test network connectivity and reachability of a host.
Perform the following command in any view.
|
Operation |
Command |
|
Support IP ping |
ping [ -a X.X.X.X ] [ -c count ] [ -d ] [ -h ttl_value ] [ -i {interface-type interface-number | interface-name } ][ ip ] [ -n ] [ -p pattern ] [ -q ] [ -r ][ -s packetsize ] [ -t timeout ] [ -v ] [ -tos value ] host |
For description on the options and arguments, refer to H3C XE 200/2000 IP PBX Command Manual.
The output of the ping command includes:
l Information on the response packet to each ping message: data bytes, packet sequence number, TTL, and the roundtrip time. If no response is received upon timeout, “Request time out” is displayed.
l The statistics, including number of the transmitted packets, number of received packets, packet loss ratio, and minimum, average and maximum roundtrip times.
For example:
<XE> ping 202.38.160.244
ping 202.38.160.244 : 56 data bytes, press CTRL_C to break
Reply from 202.38.160.244 : bytes=56 sequence=1 ttl=255 time = 1ms
Reply from 202.38.160.244 : bytes=56 sequence=2 ttl=255 time = 2ms
Reply from 202.38.160.244 : bytes=56 sequence=3 ttl=255 time = 1ms
Reply from 202.38.160.244 : bytes=56 sequence=4 ttl=255 time = 3ms
Reply from 202.38.160.244 : bytes=56 sequence=5 ttl=255 time = 2ms
--202.38.160.244 ping statistics--
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/2/3 ms
Use the tracert command to trace the gateways through which a packet passes from source to destination for network connectivity test and fault location.
The following is how a tracert command operates:
1) Tracert sends a packet with TTL value of 1.
2) The fist hop sends back an ICMP TTL Expired message.
3) Tracert resends the packet with TTL value of 2.
4) The second hop sends back an ICMP TTL Expired message when the packet arrives.
This process continues till the packet reaches its destination. The route is determined by examining the ICMP Time Exceeded messages sent back by intermediate routers.
Perform the following configuration in any view.
|
Operation |
Command |
|
Trace a route |
tracert [-a X.X.X.X ] [ -f first_TTL ] [ -m max_TTL ] [ -p port ] [ -q nqueries ] [ -w timeout ] host |
For description on the options and arguments, refer to H3C XE 200/2000 IP PBX Command Manual.
The following are two examples that show you how to use the tracert command to analyze the network.
Example 1:
<XE> tracert 35.1.1.48
traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 56 byte packet
1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms
2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
3 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms
4 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms
5 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms
6 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms
7 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms
8 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms
9 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms
10 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms
The information shows through which gateways the packet passes from source to destination. This is very important to network analysis.
Example 2:
<XE> tracert 18.26.0.115
traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max
1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms
3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms
4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms
5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms
6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms
7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms
8 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms
9 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms
10 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms
11 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms
12 * * *
13 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms
14 * * *
15 * * *
16 * * *
17 * * *
18 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms
The information shows through which gateways the packet passes from source to destination as well as which gateway fails.
The command line interface (CLI) of the system allows you to debug all the protocols and functions that the XE IP PBX supports for fault diagnosis and location.
Debugging information output is controlled by two switches:
l Protocol debugging switch, controlling whether to send the debugging information of some protocol.
l Screen output switch, controlling whether to send debugging information on a user screen.
The following figure illustrates how they work.
Figure 4-1 Send debugging information
Use the debugging command to enable/disable protocol debugging.
Perform the following configuration in user view.
Table 4-3 Enable/disable/display debugging
|
Operation |
Command |
|
Enable protocol debugging |
debugging { all | module-name [ debug-option1 ] [ debug-option2 ] …} |
|
Disable protocol debugging |
undo debugging { all | module-name [ debug-option1 ] [ debug-option2 ] … } |
|
Display the enabled debugging |
display debugging [ interface { interface-type interface-number| interface-name } ] [ module-name ] |
Refer to related sections for usage and debugging information formats of the above debugging commands.
The information center controls the screen output debugging. See the section 4.2 “Information Center“ for more information.
You need to reboot your XE IP PBX when the system file is updated. You can power off the XE IP PBX and reboot it or use the reboot command.
Perform the following configuration in user view.
|
Operation |
Command |
|
Reboot the XE IP PBX without powering it off |
Caution:
Use this command with cautions, for it will cause transient network unavailability.
Save the configuration file before rebooting the XE IP PBX, otherwise the configurations you just made cannot survive a reboot.
Information center is important to the XE IP PBX. It manages most of the information output and screens information efficiently. Working with the debug program, it helps monitor network operation and diagnose faults.
The information center has the following features:
l Managing three types of information: log, trap, and debug.
l Sorting information into eight levels by severity for filtering.
l Supporting ten channels, of which channels 0 through 5 have default channel names and are associated with six output directions. You can change the channel names and the associations using commands.
l Sending information to the console, Telnet terminal and dumb terminal (monitor), log buffer, log host, trap buffer and SNMP.
l Sorting and filtering information by protocol module, board driver, and configuration module.
l Information header with fixed fields such as Timestamp, source module, severity level, source module slot, and digest.
The primary job of the information center is to send the three types of information from modules to the ten channels by severity level and then direct the channels to six directions.
Perform the following configuration in system view.
Table 4-5 Enable/disable the information center
|
Operation |
Command |
|
Enable the information center |
info-center enable |
|
Disable the information center |
undo info-center enable |
& Note:
By default, the information center is enabled.
The system performance may be affected somewhat when the information center is sorting and producing information, especially when information is enormous.
Perform the following configuration in system view.
|
Operation |
Command |
|
Name a channel |
info-center channel channel-number name channel-name |
The channel-number argument ranges from 0 to 9. The channel-name argument comprises up to 30 characters except for the characters of “-”, “/”, and “\”.
The system specifies the default names for channels 0 through 5 as shown in the following table:
Table 4-7 Default names for channels 0 through 5
|
Channel-number |
Channel-name |
|
0 |
console |
|
1 |
monitor |
|
2 |
loghost |
|
3 |
trapbuffer |
|
4 |
logbuffer |
|
5 |
snmpagent |
The information center classifies information into eight levels by severity or emergency. If filtered by severity, the information at a severity level greater than the defined threshold is not permitted to be sent. A packet with a lower severity level is more urgent. Severity level 1 means emergency and level 8 means debugging. When the threshold is set to debugging, all information will be sent.
Table 4-8 Severity levels defined in syslog
|
Severity |
Meaning |
|
emergencies |
The extremely emergent errors |
|
alerts |
The errors that need to be corrected immediately |
|
critical |
Critical errors |
|
errors |
The errors that need to be concerned but not critical |
|
warnings |
Warning, there might exist some kinds of errors |
|
notifications |
The information should be concerned |
|
informational |
Common prompt |
|
debugging |
Debugging information |
For example, to send IP module log information at warning and lower levels through the SNMP channel, use the following command:
[XE] info-center source ip channel snmpagent log level warnings
Perform the following configuration in system view.
Table 4-9 Define contents of a channel
|
Operation |
Command |
|
Add records to a channel |
info-center source { module-name | default } { channel { channel-number | channel-name} } [ log { state { on | off } | level severity }* | trap { state { on | off } | level severity } * | debug { state { on | off } | level severity }* ]* |
|
Remove records from a channel |
undo info-center source { module-name | default } { channel { channel-number | channel-name } |
The arguments are described as follows:
module-name: Module name.
default: Default records in channels.
level: Information severity level. The information at a level greater than severity is prohibited to be sent.
channel-number: Specifies a channel by its number.
channel-name: Specifies a channel by its name.
Each channel has a default record with a module name of default. For different channels, the record may have different default settings for log, trap, and debugging information. If a module has no explicit configuration record in the channel, the default configuration record is used.
If there are multiple Telnet or dumb terminal users logging onto the system at the same time, they share some configuration parameters, including filtering by module, language selection, and severity threshold. The changes that one user made on these parameters are also shown on other user terminals.
At present, the information center of the XE IP PBX can send information in six directions:
l To a local console through the console port.
l To a remote Telnet terminal or a dumb terminal. This helps remote maintenance.
l To a log buffer. You can configure a log buffer with appropriate size on the XE IP PBX.
l To the log host. Information is saved there in files for query.
l To a trap buffer. You may allocate a trap buffer with appropriate size on the XE IP PBX.
l To an SNMP agent.
The information center sorts, filters, and then sends information into different channels. By associating a channel with an output direction and setting filtering conditions, you can perform information filtering and redirection.
Perform the following configuration in system view.
|
Operation |
Command |
|
Configure to send information to the console |
info-center console channel { channel-number | channel-name } |
|
Configure to send information to the Telnet terminal or dumb terminal |
info-center monitor channel { channel-number | channel-name } |
|
Configure to send information to the SNMP agent |
info-center snmp channel { channel-number | channel-name } |
|
Configure the size of the log buffer and to send information to the log buffer |
info-center logbuffer [ channel { channel-number | channel-name } | size buffersize ] * |
|
Disable the log buffer or restore the default value |
undo info-center logbuffer [ channel | size ] |
|
Configure to send information to the log host and set related parameters |
info-center loghost X.X.X.X [ channel { channel-number | channel-name } | facility local-number | language { chinese | english } ] * |
|
Disable sending information to the log host |
undo info-center loghost X.X.X.X |
|
Configure the size of the trap buffer and to send information to the trap buffer |
info-center trapbuffer [ channel { channel-number | channel-name } | size buffersize ] * |
|
Disable the trap buffer or restore the default value |
undo info-center trapbuffer [ channel | size ] |
The system allocates a default channel to every output direction as shown in the Table 4-11:
Table 4-11 Default information output channels allocated to each direction
|
Output direction |
Information channel No. |
Default channel name |
|
Console |
0 |
console |
|
Monitor terminal |
1 |
monitor |
|
Log host |
2 |
loghost |
|
Trap buffer |
3 |
trapbuffer |
|
Log buffer |
4 |
logbuffer |
|
SNMP |
5 |
snmpagent |
& Note:
Settings of the six output directions are independent and you need to enable the information center to validate them.
Perform the following configuration in system view.
Table 4-12 Configure the source address in log information
|
Operation |
Command |
|
Set the source address in log information |
info-center loghost source { interface-type interface-number | interface-name } [ subinterface-type ] |
|
Cancel the current configuration |
undo info-center loghost source |
Configuring terminal display is to control on user screens whether to display the debug/log/trap information from the information center.
Perform the following configuration in user view.
Table 4-13 Configure terminal display
|
Operation |
Command |
|
Enable the terminal to display information |
terminal monitor |
|
Enable the terminal to display log information |
terminal logging |
|
Enable the terminal to display trap information |
terminal trapping |
|
Enable the terminal to display the debugging |
terminal debugging |
|
Disable the terminal from displaying information |
undo terminal monitor |
|
Disable the terminal from displaying log information |
undo terminal logging |
|
Disable the terminal from displaying trap information |
undo terminal trapping |
|
Disable the terminal from displaying debugging information |
undo terminal debugging |
These commands only affect the display on the current terminal where the commands are executed.
The undo terminal monitor command has the same function as the combination of undo terminal debugging, undo terminal logging, and undo terminal trapping commands. When the undo terminal monitor command is enabled, debugging/log/trap information will not be sent to the current terminal.
When the terminal monitor command is used, you can use the terminal debugging/undo terminal debugging, terminal logging/undo terminal logging, and terminal trapping/undo terminal trapping commands to enable/disable debugging/log/trap information output.
The syslog function is a sub-function provided by the information center. This section describes the format of the log sent to log hosts. Port 514 is used for the output to log hosts.
The format of log information is specified in the BSD syslog protocol (RFC 3164) with extension to the header, shown as follows:
<priority> timestamp sysname module/level/digest:content
Where, “< >”, space, “/” and “:” are valid and mandatory.
For example:
<189> Jun 7 05:22:03 2003 XE IFNET/6/UPDOWN:Line protocol on interface Ethernet0/0, changed state to UP
The following is the description on fields in the log information.
The severity level is computed using this formula: facility x 8 + severity - 1. For Comware, facility defaults to 23, severity defaults to a value in the range 1 to 8, as shown in Table 4-8.
No characters are allowed between severity and timestamp.
The time field of the log information sent to a log host is expressed in date notation.
The timestamp is in the format of Mmm dd hh:mm:ss yyyy.
Mmm is the abbreviated form of the month: Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, or Dec.
dd is the abbreviated form of the day. If it is less than 10, one space must be inserted before the number, for example, “ 7”.
“hh:mm:ss is the time of day, where hh is an hour value in 24-hour notation (00 to 23), and mm and ss are minute and second values from 00 to 59.
“yyyy” is the year.
The timestamp and host names are separated by a space.
The host is named using its host name, which is XE by default.
You can use the sysname command to modify it.
The host name and the module name are separated by a space.
The module name field indicates which module sends the log information. You can view the module list by executing the info-center source ? command in system view.
The module name and the severity level are separated by a slash (/).
Log information is sorted into eight levels identified with 0 through 7. See Table 4-8.
The severity level and the digest are separated by a slash (/).
Digest is a phase that abstracts the information.
The digest and the content are separated by a colon (:).
You can set log hosts, up to four, for the system using the info-center loghost command. By default, logs are sent to the log hosts through channel 2, that is, the loghost channel.
You can set the source IP address in the log to the address of a fixed interface. This allows log hosts to classify and manage log information by source address. For example, you can use the info-center loghost source loopback0 command to set the source address of the log information sent by the system to the address of the loopback0 interface.
After completing the above configurations, you can perform the display command in any view to verify the configuration, or execute the debugging command in user view to debug the information center.
Table 4-14 Display and debug information about the information center
|
Operation |
Command |
|
Display information about the information center |
display info-center |
|
Display information about the log buffer |
display logbuffer [ size sizeval ] |
|
Display information about the trap buffer |
1) Enable the information center.
[XE] info-center enable
2) Configure to send log information of AAA module to the console; set the severity level to be in the range from emergencies to debugging.
[XE] info-center console channel console
[XE] info-center source aaa channel console log level debugging
3) Enable AAA debugging.
<XE> debugging aaa event
Step 1: Configure the XE IP PBX.
1) Enable the information center.
[XE] info-center enable
2) Use the UNIX workstation at 202.38.1.10 as the log host; set severity threshold to informational and output language to English; allow PPP and IP modules to send information using the UNIX facility Local4.
[XE] info-center loghost 202.38.1.10 language english
[XE] info-center loghost 202.38.1.10 facility local4
[XE] info-center source ppp channel loghost log level informational
[XE] info-center source ip channel loghost log level informational
Step 2: Configure the log host.
Take the configuration on SunOS 4.0 for example. You may configure the UNIX OSs of other vendors in the same way.
3) Execute the following commands with a user identification of root.
#mkdir /var/log/XE
#touch /var/log/XE/information
4) Edit the file etc/syslog.conf and add the selector/action pairs with a user identification of root.
# XE configuration messages
local4.info /var/log/XE/information
& Note:
When editing the file /etc/syslog.conf, note that:
l Remarks must be in separate lines and begin with the character #.
l Use tabs rather than spaces to separate selector/action pairs.
l Do not leave unwanted space behind a file name.
l To ensure correct output of log information to the log host, the device name and the allowed log information level specified in /etc/syslog.conf must be the same as those configured by the info-center loghost and info-center loghost a.b.c.d facility commands on the XE IP PBX.
After the log file config is created and the /etc/syslog.conf file is updated, execute the following command to send a HUP signal to have the system daemon syslog reread its configuration file /etc/syslog.conf.
#ps -ae | grep syslogd
147
#kill -HUP 147
Upon completion of the operation, information about the XE IP PBX is sent to the corresponding log file.
At this point, the system can send information at informational or higher severity levels (identified with 0 to 6) to the host.
If the log level is debugging (the lowest level) all log information is sent to the log host. This may affect system performance, so it is recommended not to set log level to debugging.
& Note:
You can sort information by combinations of facility name, severity threshold, module name, and the syslog.conf file for filtering purpose.
Digital label information, also known as permanent configuration data or archived information, is written into the storage area of a device by using test commands during manufacturing process. It is used to record the information of a device such as device name, OEM serial number, MAC address, manufacturing date, and vendor name.
You can view the digital label information by using the display device manuinfo command in any view.
Table 4-15 Description on the digital label information
|
Field |
Description |
Maximum length (in bytes) |
|
DEVICE_NAME |
Device name |
30 |
|
DEVICE_SERIAL_NUMBER |
OEM serial number |
40 |
|
MAC_ADDRESS |
Starting MAC address |
30 |
|
MANUFACTURING_DATE |
Manufacturing date |
20 |
|
VENDOR_NAME |
Vendor name |
25 |
The main function of the file management is to manage the storage device where files are saved. The storage device supported by the XE IP PBX is Flash.
The file system is used to manage files and directories in the storage device, such as to create the file system, to create, delete, modify, rename a file and a directory, and to display the contents of a file. All these operations are performed in user view. Note that a full file name can be up to 64 characters long and the ultra-long file name will affect file operations.
With the file system, you can create and delete a directory, display the current directory, and display the file or directory information of a specified directory.
Perform the following configuration in user view.
Table 5-1 Directory operations
|
Operation |
Command |
|
Create a directory |
mkdir directory |
|
Remove a directory |
rmdir directory |
|
Display the current directory |
pwd |
|
Display the information of a file or directory |
dir [ /all | /h ] [ file-url ] |
|
Change the current directory |
cd directory |
With the file system, you can also delete a file, restore a deleted file, delete a file in the recycle bin permanently, display the contents of a file, rename, copy and move a file, execute batch file, display the information of a specified file and a private file, as displayed in Table 5-2.
Perform the following operations in user view, except for the execute command which is performed in system view.
|
Operation |
Command |
|
Delete a file |
delete [ /unreserved ] file-url |
|
Restore a deleted file |
undelete file-url |
|
Delete the files in the recycle bin permanently |
reset recycle-bin [ file-url ] |
|
Display the contents of a file |
more file-url |
|
Rename a file |
rename fileurl_source fileurl_dest |
|
Copy a file |
copy fileurl_source fileurl_dest |
|
Move a file |
move fileurl_source fileurl_dest |
|
Display the information of a directory or file |
dir [ / all | flash: /h ] [| file-url ] |
|
Execute a batch file |
execute filename |
The XE 200 IP PBX provides dual image function and has defined three boot files in the system by default: main boot file, backup boot file, and secure boot file. If they are loaded into the Flash, the system uses them in order to boot the IP PBX as follows:
l Main boot file, with the default name being main.bin and file type being M, is the default file for system boot;
l Backup boot file, with the default name being backup.bin and file type being B, is the boot file used in case of the boot failure using the main boot file;
l Secure boot file, with the default name being secure.bin and file type being S, is the boot file used in case of the boot failure using the backup boot file. If the boot attempts using all these files fail, the system prompts the boot failure.
You can use the following commands to view files in the Flash and specify the main and backup boot files.
Perform the following configuration in system view.
Table 5-3 Configure dual image
|
Operation |
Command |
|
Display all the boot files in the Flash. |
bootfile dir |
|
Specify the main boot file used when booting the XE IP PBX. |
bootfile main { main-bootfile-name } |
|
Specify the backup boot file used when booting the XE IP PBX. |
bootfile backup { backup-bootfile-name } |
& Note:
Secure boot file is the last system boot resort. You can download it in the Boot ROM menu and must name it secure.bin. However, you cannot modify this file or change the type of another file to S. If you change the name of the secure boot file with the rename command after the system boots, no secure boot file exists in Flash memory. To use the secure boot file after that, you need to download it again.
You can also perform these operations in the Boot ROM menu, with reference to the H3C XE 200/2000 IP PBX Installation Manual.
Operations on the storage device mainly involves formatting.
Perform the following configuration in user view.
Table 5-4 Storage device operation
|
Operation |
Command |
|
Format a storage device |
format device-name |
You can use the file prompt command to modify the prompt mode of the current file system.
Perform the following configuration in system view.
Table 5-5 Set the prompt mode of the file system
|
Operation |
Command |
|
Set the prompt mode of the file system |
file prompt { alert | quiet } |
# Copy the file from flash:/sample.txt to flash:/backup/sample.txt.
Copy flash:/sample.txt to flash:/backup/sample.txt ? [Y/N]:y
100% complete
% Copyed file flash:/sample.txt flash:/backup/sample.txt ...Done..
# Display the file information under the current directory, where the file has been copied to.
<XE> dir flash:/backup/
Directory of flash:/backup/
0 -rw- 957 Mar 17 2005 15:24:55 sample.txt
7542784 KB total (2797568 KB free)
The configuration file is saved in a text file, and has the following characteristics:
l Saved as command format.
l Only non-default parameters are saved to save space (For the default values of the configuration parameters, refer to following chapters).
l Command view is the basic framework of the commands organization; the commands belonging to the same command view are grouped into a section which are divided by one or multiple blank lines or comment lines beginning with “#”.
l In general, these sections are arranged in the sequence of system configuration, physical interface configuration and logical interface configuration.
l Ended with the word “return”.
The XE IP PBX configuration saved with save command is stored as file format in the Flash. When the XE IP PBX boots, the initialization is made based on the configuration file read from the Flash. So the configuration in the file is called initial configuration. During the operation, the configuration used by the XE IP PBX is called current configuration which is stored in the memory of the XE IP PBX and will be lost when the XE IP PBX reboots.
Perform the following configuration in any view.
Table 5-6 Display configurations of the XE IP PBX
|
Operation |
Command |
|
Display the initial configuration of the XE IP PBX |
display saved-configuration |
|
Display the configuration of the current view |
display this |
|
Display the current configuration of the XE IP PBX |
display current-configuration |
& Note:
The displayed format and saved format of the configuration file are the same.
Via the command lines interface, you can modify the current configuration of the XE IP PBX. In order to make the current configuration as the initial configuration at next power-on of the XE IP PBX, you need to save the current configuration to the Flash with the save or save-now command to form a configuration file.
Perform the following configuration in user view.
Table 5-7 Save the current configuration
|
Operation |
Command |
|
Save the current configuration (confirmation is required) |
save |
|
Save the current configuration without confirmation |
save-now |
& Note:
You are recommended to save the configuration using the save or save-now command before reboot, so that the XE IP PBX can keep exactly the same configuration after reboot.
You can use the reset saved-configuration command to erase the configuration file in the Flash of the XE IP PBX. After the configuration file is erased, default configuration parameters will be used for the initialization at the next power-on. The configuration file in the storage device can be erased in the following cases:
l XE IP PBX software update may cause the mismatch between the software and the configuration file.
l Configuration file is corrupt, for example, due to load of a wrong configuration file.
After erasing the configuration files, use the save command to save the current configuration file as a new one.
Perform the following configuration in user view.
Table 5-8 Erase the configuration files in the storage device
|
Operation |
Command |
|
Erase the configuration file in the storage device |
reset saved-configuration |
The configuration file is named as follows:
config.cfg: Default filename of the configuration file. The name is specified by the manufacturer, but the contents of this file can be changed by the user.
There are three cases in which the system selects the configuration file after startup.
1) If you have set to start with skipping the configuration file, the system starts with null configuration.
2) If you have specified the start configuration file, the system:
l Selects the specified file as the start configuration file if the file exists.
l Starts with null configuration if the specified file does not exist.
3) If you have not specified the start configuration file, the system searches for the config.cfg file and:
l Selects the config.cfg file as the start configuration file if it exists.
l Starts with null configuration if the config.cfg file does not exist.
You can back up the configuration by backing up the information displayed using the display current-configuration command or by using FTP.
You can execute the display current-configuration command to display all the configuration information in the XE IP PBX except for the defaults. In the HyperTerminal, you can copy all the displayed configuration information into a text file to back up the configuration file.
The way of loading the configuration file using FTP is the same with that of loading host program using FTP, except for the file to be loaded. For details, refer to Configuration Example of Upgrading the Comware Application Program (1), where, the fifth configuration step is different: Under the “[ftp]” prompt, use the get RemoteFile [LocalFile] command to upload the specified file to the XE IP PBX. The file name must be the same with the configuration file name of the XE IP PBX (config.cfg).
<ftp> get config.cfg config.bak
200 Port command okay.
150 Server okay , now transmit file.
226 file transmit success.
ftp: 735 bytes received in 0.06Seconds 12.25Kbytes/sec.
By making the XE IP PBX as FTP client, you can transfer the configuration file in the XE IP PBX to the server.
FTP is an application layer protocol in the TCP/IP protocol suite and provides file transfer service between a local host and a remote host. The implementation of FTP relies on the corresponding file system.
FTP services provided by system include:
l FTP Server service. You can run the FTP client program to log into the XE IP PBX to access the files in the XE IP PBX.
l FTP Client service. You can establish a connection with XE IP PBX using terminal emulation program or Telnet program, then input the FTP commands to establish a connection with a remote FTP Server to access the files in the remote host.
The configuration of the FTP server includes:
l Enabling FTP server.
l Configuring the authentication and authorization of FTP server.
l Configuring the operation parameters of FTP server.
l Displaying and debugging the FTP server.
Only when the FTP server function is enabled, can the FTP client log into the server and access the files in the remote host.
Perform the following configuration in system view.
Table 5-9 Enable/disable FTP server
|
Operation |
Command |
|
Enable FTP server |
ftp server enable |
|
Disable FTP server |
undo ftp server |
Multiple users can access the FTP server simultaneously. When a remote FTP user client sends a request to the FTP server, the server will execute corresponding commands and return the results of the execution to the user.
The authorization information of the FTP server includes the configuration of the operating directory provided for the FTP user. Only those who have passed the authentication and have been authorized successfully can enjoy the FTP services. Before using the FTP services, you can configure the user type and FTP operating directory on the XE IP PBX.
Perform the following configuration in system view.
Table 5-10 Configure the authentication and authorization of the FTP server
|
Operation |
Command |
|
Configure local username and authentication password |
local-user local-user password { simple | cipher } password |
|
Authorize to use FTP |
local-user local-user service-type ftp |
|
Set the initial directory |
local-user local-user ftp-directory directory |
|
Remove the FTP user |
undo local-user username |
The following is an example of configuring the authentication and authorization of the FTP server.
Example: Set the FTP user name as XE and the password as XE (simple text), the authorized operating directory is flash:/ftp/XE ( which is supported by the XE IP PBX file system)
# Configure the authentication information of the FTP users in system view.
[XE] local-user XE
[XE] local-user XE service-type ftp
[XE] local-user XE password simple XE
# Configure the authorization information of the FTP users in system view.
[XE] local-user XE ftp-directory flash:/ftp/XE
When users log into FTP Server and upload files with the put command, there are two modes to upgrade the FTP Server: fast update mode and normal update mode.
l In fast update mode, the FTP Server starts to write a user’s uploaded file into the Flash after the file has been uploaded and received by the server. The existing files in the XE IP PBX will not be damaged although the abnormal case (such as power off) happens during the transmission.
l In normal update mode, the FTP Server receives the user files and writes them in the Flash at the same time. The current XE IP PBX files might be damaged due to exceptions such as power off. Compared with fast update mode, the normal update mode needs less memory in the XE IP PBX.
Perform the following configuration in system view.
Table 5-11 Set the FTP update mode
|
Operation |
Command |
|
Set the FTP update mode |
ftp update { fast | normal } |
|
Restore the default FTP update mode |
undo ftp update |
By default, FTP server uses fast update mode.
In order to prevent the access of unauthorized user, the FTP server disconnects connection with the FTP client if there is no service request from FTP user in a period of time.
Perform the following configuration in system view.
Table 5-12 Configure the timeout time of FTP server
|
Operation |
Command |
|
Configure the timeout time of FTP server |
ftp timeout minutes |
|
Restore the default timeout time of FTP server |
undo ftp timeout |
The default timeout time is 30 minutes.
After completing the above configurations, execute the display command in any view to display the operation of the configured FTP, so as to verify the configuration.
Table 5-13 Display and debug FTP server
|
Operation |
Command |
|
Display the FTP server |
display ftp-server |
|
Display logged FTP users |
display ftp-user |
You can use the display ftp-server command to display the configuration of current FTP server, which includes the maximum number of users supported by the FTP server and the timeout time. Use the display ftp-user command to display the details of the logged FTP users.
FTP Client is an additional function of the XE IP PBX system. It provides no configuration function and is an application module only. You can connect to a remote server as an FTP client and enter FTP client commands to perform corresponding operations, for example, to create or delete a directory. At present, only one FTP client is supported. For the use of specific commands, refer to the H3C XE 200/2000 IP PBX Command Manual.
Use FTP to upgrade the Comware main software and take the XE IP PBX as the client. The IP address of the FTP server is 172.16.104.110; the FTP username is xe and the password is h3c.
Figure 5-1 Upgrade using FTP client
Perform the following operations:
# Remove unused files in the XE IP PBX file system to keep sufficient space available for new system files.
<XE> dir
Directory of flash:/
0 -rw- 932 Apr 21 2009 17:04:55 config.cfg
1 -rw- 8375145 Oct 10 2002 10:10:10 system
2 -rw- 5918042 Apr 21 2009 17:09:57 vgd011.bin
<XE> delete /unreserved vgd011.bin
The contents cannot be restored!!! Delete flash:/vgd011.bin?[Y/N]:y
Deleting a file permanently will take a long time. Please wait...done.
%Delete file flash:/vgd011.bin...Done.
# Log into the server in FTP mode to retrieve the system files, and to save them to the root directory in the storage device of XE IP PBX.
Caution:
You must save the system files to the root directory (flash:) with the name "system".
<XE> ftp 192.168.80.100
Trying 192.168.80.100 ...
Connected to 192.168.80.100.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(192.168.80.100:(none)):xe
331 Give me your password, please
Password:xxxxxxx
230 Logged in successfully
[ftp] binary
[ftp] get xe200.bin system
200 PORT command okay
150 "D:\xe\system\xe200.bin" file ready to send (58051
00 bytes) in IMAGE / Binary mode
226 Transfer finished successfully.
FTP: 5805100 byte(s) received in 19.898 second(s) 291.74Kbyte(s)/sec.
[ftp] bye
After upgrading successfully, restart the XE IP PBX to run the new version.
Use the XE IP PBX as a server to upgrade the Comware main software on the XE IP PBX using FTP. The IP address of the Ethernet interface of the XE IP PBX is 192.168.80.50/24; the FTP username is xe and the password is h3c.
Figure 5-2 Upgrade using FTP server
1) Configure the XE IP PBX.
# Add an FTP authorized user with the following name and password.
[XE] local-user xe password simple h3c
[XE] local-user xe service-type ftp
[XE] local-user xe ftp-directory
# Enable the FTP service.
[XE] ftp server enable
# Remove unused files in the XE IP PBX file system to keep sufficient space available for new system files.
<XE> dir
Directory of flash:/
0 -rw- 932 Apr 21 2009 17:04:55 config.cfg
1 -rw- 8375145 Oct 10 2002 10:10:10 system
2 -rw- 5918042 Apr 21 2009 17:09:57 vgd011.bin
<XE> delete /unreserved vgd011.bin
The contents cannot be restored!!! Delete flash:/vgd011.bin?[Y/N]:y
Deleting a file permanently will take a long time. Please wait...done.
%Delete file flash:/vgd011.bin...Done.
2) Perform the following operation on the PC.
# Log into the XE IP PBX in FTP mode to upload and save the Comware software to the root directory in the storage device of XE IP PBX.
ftp> binary
ftp> put xe200.bin system
After upgrading successfully, restart the XE IP PBX to run the new version.
& Note:
The operation procedure for upgrading configuration file using FTP is identical to the above procedure. Note that you must save the new config.cfg configuration file to the root directory (flash:) in the XE IP PBX.
When upgrading the Boot ROM program using FTP, you must name the file as bootromfull (for firm file) or bootrom (for upgrading file) before executing the upgrade command.
Compared with FTP, TFTP (Trivial File Transfer Protocol) has no complex interactive access interface and authentication control, so it is applicable in the environment in which no complex interaction is needed between the client and the server. For example, the TFTP protocol is used to obtain the memory mirror of the system when the system is started. In general, TFTP protocol is UDP dependent.
The transfer of the TFTP is originated by the client end. When the client downloads files, it sends a reading request packet to the TFTP server, receives the data packet from the server, and then sends acknowledgement to the server. When the client uploads files, it sends writing request packet and data packets to the TFTP server, and receives acknowledgement from the server. The XE IP PBX provides the function of TFTP client.
Perform the following configuration in user view.
Table 5-14 Download files using TFTP
|
Operation |
Command |
|
Download files using TFTP |
tftp X.X.X.X get source-filename [ destination-filename ] |
|
Download files by security mode |
tftp X.X.X.X sget source-filename [ destination-filename ] |
Caution:
If you choose the security mode, the current system must have adequate memory to save the files to be downloaded.
Perform the following configuration in user view.
Table 5-15 Upload files using TFTP
|
Operation |
Command |
|
Upload files using TFTP |
tftp X.X.X.X put source-filename [ destination-filename ] |
Use TFTP to upgrade the Comware main software. IP address of TFTP server is 10.110.10.10.
1) Starting up TFTP server program
Step 1: Start up the TFTP server program. Choose a PC with Ethernet card and Windows operation system. Start up the TFTP server program on the PC (XE IP PBX has no TFTP server program). Now take TFTPD32 under Windows 98 as example to explain the operation details. The following figure shows TFTPD32 interface.
Figure 5-4 TFTPD32 interface
Step 2: Set TFTP server file directory. After starting up the TFTP server, reset the TFTP server file directory, and copy the Comware main program file to be loaded to the directory. Or set the directory of the Comware main program file to TFTP server. Click <Settings> button, and the TFTPD32 settings interface appears as follows:
Figure 5-5 TFTPD32 settings interface
Input the file directory in the “Base Directory” and click <OK>.
& Note:
The setting interface varies with the TFTP server program software.
2) Execute the TFTP operation in the configuration interface of the XE IP PBX.
<XE> tftp 10.110.10.10 get xe.bin system
From the perspective of the terminal services for the users, the XE IP PBX users can be classified as follows:
l Terminal users: Users logging into an XE IP PBX via the Console or AUX port;
l Telnet users: Users logging into an XE IP PBX via a Telnet connection;
l FTP users: Users establishing FTP connection with an XE IP PBX to transfer files.
A user can use multiple services at the same time.
The system authenticates the terminal users logging in with two methods: non-authentication and local authentication. The non-authentication means the user can log in once connected to the XE IP PBX. This method is not recommended for the sake of security. The local authentication requires both user name and password, which must be consistent with those configured on the XE IP PBX.
The local authentication is commonly used for Telnet users and Terminal users.
The system can manage users of HyperTerminal and Telnet by their levels. The user levels are classified as Visit, Monitor, System, and Manage with level identifier ranging from 0 to 3, which is the same as that of the command level. The commands a user can access depend on the user’s level. The commands which a login user can access are determined by the level of the user interface through which the user logs in if non-authentication or password authentication is specified. .
A login user can use the commands at the current and all the lower levels.. For example, if the user level is 2, the users can access commands of level 0, 1, and 2. Users of level 3 can access all commands. Table 6-1 lists the commands that users of different levels can access.
|
Level identifier |
Level |
Commands |
|
0 |
Visit |
ping, tracert, telnet |
|
1 |
Monitor |
ping, tracert, telnet, display, debugging |
|
2 |
System |
All configuration commands (except those of Manage level) and commands of level 0 and 1 |
|
3 |
Manage |
All commands |
& Note:
Commands of Manage level include commands of file system, FTP, TFTP, and XModem.
In case of non-authentication for user interface, the level of the commands a login user can access is determined by the level of the user interface. If the user name and the password are required for the user interface authentication (local authentication), the level of the commands a login user can access is determined by the level of the user.
An XE IP PBX must have at least one HyperTerminal user – Terminal user. If you want to remotely log into an XE IP PBX using Telnet, you need to configure a Telnet user. To enable a remote user to upload or download files from an XE IP PBX, you must configure an FTP user.
This chapter describes how to configure a Telnet user and a terminal user. Refer to FTP Configuration for information on how to configure a FTP user.
The following sections describe user configuration tasks:
l Configure methods of user authentication
l Configure a local user
The purpose of user authentication is to enable valid users to log in, operate, and manage the XE IP PBX, and to disable invalid users.
Configuring the method of the user authentication is to set the authentication method to be used when a terminal (Console, Aux, and VTY) user logs into an XE IP PBX.
Perform the following configuration in user interface view.
Table 6-2 Configure the method of user authentication
|
Operation |
Command |
|
Set to perform user authentication |
authentication-mode { password | local | scheme } |
|
Set not to perform user authentication |
authentication-mode none |
The keyword none specifies no authentication. The keyword password specifies to perform the password authentication without the user name. You can set the password by the set authentication password command. The keyword local specifies to perform local authentication, requiring both the user name and the password.
User interface of VTY type (Telnet) defaults to adopt password authentication. User interface of Console and AUX do not perform terminal authentication by default.
The keyword local is commonly used to perform local authentication when configuring the authentication method for Telnet and terminal users.
If you choose to perform the password authentication, you must set the password.
Perform the following configuration in user interface view.
Table 6-3 Set the password for password authentication
|
Operation |
Command |
|
Set the password for password authentication |
set authentication password { cipher | simple } password |
|
Delete the password for password authentication |
undo set authentication password |
Cipher: Means to configure an encrypted text password.
Simple: Means to configure a plain text password.
In case of password authentication, the user level is determined by the privilege level of the user interface.
Perform the following configuration in user interface view.
Table 6-4 Set the privilege level of user interface
|
Operation |
Command |
|
Set the privilege level of user interface |
user privilege level level |
|
Restore the default privilege level of user interface |
undo user privilege level |
By default, the privilege level of user interface for CON port is 3, and the privilege level of other user interfaces is 0.
Use the local-user command to configure a local user for local authentication. You must configure a user name first, then the user type and the privilege level. When configuring a user, a password is not mandatory, in which case you can log in by simply pressing <Enter>.
Perform the following configuration in system view.
Table 6-5 Set the user name and the password for local authentication
|
Operation |
Command |
|
Set a user name and a password |
local-user local-user [ password { cipher | simple } password ] |
|
Delete a user |
undo local-user local-user |
simple: Represents a plain text password, that is, the password is displayed in plain text when using the display command to view the information about the user.
cipher: Represents an encrypted text password, that is, the password is displayed in encrypted text when using the display command to view the information about the user.
& Note:
When you press <Enter> immediately after typing the local-user local-user command, if there is no such existing user, the system will create a new user, otherwise, it will not create a new user, nor makes changes to the original one with the same name.
Use the local-user command to authorize the local user to use a type of service.
Perform the following configuration in system view.
Table 6-6 Authorize the user to use a type of service
|
Operation |
Command |
|
Authorize the user to use a type of service |
local-user local-user service-type { ftp | terminal | telnet }* |
|
Restore the default service type of the user |
undo local-user local-user service-type |
By default, the user is authorized to use all types of services.
The user level is prior to the privilege level of user interface. This means that when both levels are set, and the user logs in via the user interface terminal, the level is determined by the user level.
Perform the following configuration in system view.
Table 6-7 Set the user level
|
Operation |
Command |
|
Set the user level |
local-user username level level |
|
Restore the default user level |
undo local-user local-user level |
The user level is determined by the parameter level, which ranging from 0 to 3. Level 0 is the lowest level and level 3 is the highest. The user level is not set by default.
Authentication, Authorization, and Accounting (AAA) provides users with security functions of AAA described as follows:
l Authentication: To authenticate users to access the network.
l Authorization: To authorize a user to use specific services.
l Accounting: To record the utility of the network resources.
AAA generally adopts the client/server architecture. The client runs on the managed resource side, and the user information is centralized on the server. This kind of structure is easy to extend, and the user information is easy to manage centrally.
& Note:
An XE IP PBX usually authenticates users using the authentication function of AAA.
AAA configuration is mainly applied in authentication scheme, namely, the authentication method is configured in GUI view. For detailed information refer to Configuring User Authentication.
After the above configuration, you can execute the display command in any view to view the operation of the AAA and verify the configuration.
Use the debugging command to enable debugging for AAA.
Table 6-8 Display and debug AAA
|
Operation |
Command |
|
Display local user database |
display local-user |
|
Enable debugging for AAA events |
debugging aaa event |
|
Disable debugging for AAA events |
undo debugging aaa event |
|
Enable debugging for AAA primitive |
debugging aaa primitive |
|
Disable debugging for AAA primitive |
undo debugging aaa primitive |
After configuring the user account, you can use the following commands to display information about the user interfaces, local users, and login users.
Perform the following configuration in any view.
Table 6-9 Display user information
|
Operation |
Command |
|
Display the information of user interfaces |
display users [ all ] |
|
Display local users |
display local-user |
Perform password authentication to users that log in via VTY 0. The users must enter h3c as the password for a successful login. The configuration procedure is as follows:
<XE> system-view
[XE] user-interface vty 0
[XE-ui-vty0] authentication-mode password
[XE-ui-vty0] set authentication password simple h3c
Configure three users locally: admin, operator, and guest, whose level is 3, 2, and 0 respectively. The admin enjoys all the terminal services while the operator and guest have access to Telnet terminal service.
Figure 6-1 Distribution of user terminals
# Configure local users and their terminal service type.
[XE] local-user admin password cipher pass1
[XE] local-user admin service-type terminal telnet ftp
[XE] local-user admin level 3
[XE] local-user opera password simple pass2
[XE] local-user opera service-type telnet
[XE] local-user opera level 2
[XE] local-user guest password simple pass2
[XE] local-user guest service-type telnet
[XE] local-user guest level 0
# Configure the default scheme for login users.
[XE] aaa authentication-scheme login default local
# Configure the authentication scheme of Console user interface.
[XE] user-interface console 0
[XE-ui-console0] authentication-mode scheme default
# Configure the authentication scheme of AUX user interface.
[XE] user-interface aux 0
[XE-ui-aux0] authentication-mode scheme default
# Configure the authentication scheme of VTY 0 to 4 user interfaces.
[XE] user-interface vty 0 4
[XE-ui-vty0-4] authentication-mode scheme default
Simple network management protocol (SNMP) is a widely used industry standard. Its purpose is to ensure the transmission of management information between any two points so that the network administrator can retrieve the information at any point on the network and perform appropriate modification, troubleshooting, fault diagnosis, and capacity planning and reporting. It adopts polling mechanism and offers the most essential functionality set, so it is appropriate for networks of high speed and low cost. The only requirement of unacknowledged transport layer protocol UDP makes it widely supported.
Structurally, SNMP is divided into two parts: NMS (network management station) and Agent. The NMS is a workstation running the client programs. The commonly used network management platforms are Sun NetManager and IBM NetView. The Agent is server-side software running on network devices. The information exchange between NMS and Agent is performed by the following way: The NMS sends packets of GetRequest, GetNextRequest, GetBulkRequest, and SetRequest to the Agent. Once the Agent receives request packets from the NMS, it performs Read or Write operation on management variables according to the type of the packets and generate Response packets and return it to the NMS. On the other hand, if any exception happens to the device, like a warm/cold restart, the Agent also sends a trap packet to the NMS on its own initiative for an event report.
The managed objects in the device are described with management variables in SNMP packets. In order to identify a managed object uniquely in the device, SNMP uses a hierarchical naming convention to distinguish different managed objects. The hierarchical structure is like a tree with its nodes representing managed objects. Each node is identified uniquely by the path from the root. See Figure 7-1.
In Figure 7-1, the managed object B is uniquely determined by a string of digits {1.2.1.1}, which is the object identifier of the managed object. The MIB (management information base) is used to describe the hierarchical structure of the tree and is a collection of the definitions of standard variables on monitored network devices.
The SNMP Agent in XE IP PBX system supports SNMP v3 and is compatible with SNMP v1 and SNMP v2c. The MIB supported is displayed in the table below.
Table 7-1 Types of the MIB supported
|
MIB property |
Contents of MIB |
Standard or specification |
|
Public MIB |
MIB II based on TCP/IP network devices |
RFC1213 |
|
Ethernet MIB |
RFC 2665, RFC2668 |
|
|
IF MIB |
RFC1573 |
|
|
SNMPV2 MIB |
RFC1907 |
|
|
Framework MIB |
RFC2571 |
|
|
Usm MIB |
RFC2573 |
|
|
Mpd MIB |
RFC2572 |
|
|
Vacm MIB |
RFC2275 |
|
|
Target MIB |
RFC2273 |
|
|
Notification MIB |
RFC2273 |
|
|
Private MIB |
HUAWEI-3COM-OID-MIB |
Definition of private MIB root node |
|
H3C-CONFIG-MAN-MIB |
Configuration management |
|
|
H3C-FLASH-MAN-MIB |
Flash management |
|
|
H3C-SYS-MAN-MIB |
System management |
|
|
H3C-ENTITY-VENDORTYPE-OID-MIB |
Definition of entity device vendor nodes |
|
|
H3C-ENTITY-EXT-MIB |
Entity management extension |
|
|
H3C-IPPBX-MIB |
XE IP PBX information query |
The following sections describe SNMP configuration tasks:
l Enabling/Disabling the SNMP Agent Service
l Enabling/Disabling the Corresponding Version of SNMP
l Setting/Deleting an SNMP Group
l Setting the Engine ID of a Local Device
l Setting the Address of the Trap Target Host
l Setting the Location of XE IP PBX
l Specifying the Source Address of Trap Packets
l Setting the Maximum Size of SNMP Packets
l Setting the Queue Length of Trap Packets
l Setting the Aging Time of Trap Packets
Use the configuration to enable the SNMP Agent service, which is disabled by default.
Perform the following configuration in system view.
Table 7-2 Enable/disable the SNMP Agent service
|
Operation |
Command |
|
Enable the SNMP Agent service |
snmp-agent |
|
Disable the SNMP Agent service |
undo snmp-agent |
Use the configuration to enable the corresponding version of SNMP and the SNMP v3 is enabled by default. Use the snmp-agent sys-info version command to enable SNMP v1 and SNMP v2c when necessary.
Perform the following configuration in system view.
Table 7-3 Enable/disable the corresponding version of SNMP
|
Operation |
Command |
|
Enable the corresponding version of SNMP |
snmp-agent sys-info version { { v1 | v2c | v3 } * | all } |
|
Disable the corresponding version of SNMP |
undo snmp-agent sys-info version { { v1 | v2c | v3 } * | all } |
"*" indicates to select several versions from v1, v2c and v3, with one at least and all the three at most.
# Enable the versions of SNMP v2c and SNMP v3.
[XE] snmp-agent sys-info version v3 v2c
# Disable the versions of SNMP v2c and SNMP v1.
[XE] undo snmp-agent sys-info version v1 v2c
SNMPv1 and SNMPv2c use community names for authentication and SNMP packets that do not match the authenticated community name of the device are dropped. An SNMP community is named with a character string called Community Name. Different communities can have the read-only or read/write access mode. A community with read-only privilege can only perform queries on device information and a community with the read/write privilege can configure the devices additionally.
Perform the following configuration in system view.
Table 7-4 Set/delete a community name.
|
Operation |
Command |
|
Set a community name and its access privilege |
snmp-agent community { read | write } community-name [ mib-view view-name ] |
|
Delete a community name previously set |
undo snmp-agent community community-name |
If you perform configuration on a community repeatedly, the last configured attribute takes effect.
# Set the public community to read-only privilege.
[XE] snmp-agent community read public
# Set the private community to read/write privilege.
[XE] snmp-agent community write private
Use the configuration to set or delete an SNMP group.
Perform the following configuration in system view.
Table 7-5 Set/delete an SNMP group.
|
Operation |
Command |
|
Set an SNMP group. |
snmp-agent group { v1 | v2c } group-name [ read read-view ] [ write write-view ] [ notify-view notify-view ] snmp-agent group v3 group-name [ authentication | privacy ] [ read read-view ] [ write write-view ] [ notify-view notify-view ] |
|
Delete an SNMP group. |
undo snmp-agent group { v1 | v2c } group-name undo snmp-agent group v3 group-name [ authentication | privacy ] |
Use the configuration to add or delete a user for an SNMP group.
Perform the following configuration in system view.
Table 7-6 Add/delete a user for an SNMP group.
|
Operation |
Command |
|
Add a new user to an SNMP group. |
snmp-agent usm-user { v1 | v2c } user-name group-name [ [ authentication-mode { md5 | sha } auth-password ] [ privacy-mode des56 priv-password ] ] |
|
Delete a user from an SNMP group. |
undo snmp-agent user { v1 | v2c } user-name group-name undo snmp-agent user v3 user-name group-name [ engineid engine-id | local ] |
# Add the user “John” to the SNMP group “Johngroup”, with security level as authentication required, the specified authentication protocol as “HMAC-MD5-96”, and the authentication password as “hello”.
[XE] snmp-agent usm-user v3 John Johngroup authentication-mode md5 hello
System contact of the administrator is a management variable of the system group in MIB II and it contains the ID and contact of relevant administrator of the managed devices (XE IP PBX). Store the important information in the XE IP PBX through configuring this parameter and you can query when emergency occurs.
Perform the following configuration in system view.
Table 7-7 Set/restore system contact
|
Operation |
Command |
|
Set the ID and contact of the administrator |
snmp-agent sys-info contact sysContact |
|
Restore the default ID and contact of the administrator |
undo snmp-agent sys-info contact |
Example:
[XE] snmp-agent sys-info contact Mr.zhang 13800138002
Traps packets are messages sent to the NMS without solicitation by the managed device on its own initiatives, reporting some emergent and significant events.
Perform the following configuration in system view.
Table 7-8 Allow/forbid Trap packets
|
Operation |
Command |
|
Enable the trap packets |
snmp-agent trap enable [ trap-type [ trap-list ] ] |
|
Disable the trap packets |
undo snmp-agent trap enable [ trap-type [ trap-list ] ] |
By default, trap packets are disabled.
The command snmp-agent trap enable without any parameter indicates to enable all types of trap packets in all modules.
Use the configuration to set the engine ID of a local device. The engine ID is a hexadecimal string consisting of 10 to 64 characters and is the number of the characters must be an even number. By default, the engine ID of the device is "enterprise number + device information" of the company. It can be either the IP address, MAC address or the user-defined hexadecimal digit string.
Perform the following configuration in system view.
Table 7-9 Set the engine ID of a local device
|
Operation |
Command |
|
Set the engine ID of a device |
snmp-agent local-engineid engineid |
|
Restore the engine ID of a device . |
undo snmp-agent local-engineid |
Perform the following configuration in system view.
Table 7-10 Set/delete the address of the destination host for Trap packets
|
Operation |
Command |
|
Set the address of the trap target host |
snmp-agent target-host trap address udp-domain X.X.X.X [ udp-port port-number ] params securityname security-string [ v1 | v2c | v3 { authentication | privacy } ] |
|
Delete the address of the trap target host |
undo snmp-agent target-host X.X.X.X securityname security-string |
# Enable the trap packet destined for the address 202.38.160.6, using the community name public.
[XE] snmp-agent target-host trap address udp-domain 202.38.160.6 udp-port 5000 params securityname public
The location of XE IP PBX is a management variable of the system group in MIB and represents the location of a managed device.
Perform the following configuration in system view.
Table 7-11 Set the location information of XE IP PBX
|
Operation |
Command |
|
Set the location of XE IP PBX |
snmp-agent sys-info location sysLocation |
|
Restore the location of XE IP PBX to default value |
undo snmp-agent sys-info location |
# Set the location of the XE IP PBX to h3c.
[XE] snmp-agent sys-info location h3c
Use the configuration to set or delete the source address of the trap packets.
Perform the following configuration in system view.
Table 7-12 Specify/delete the source address of the trap packets
|
Operation |
Command |
|
Specify the source address of trap packets |
snmp-agent trap source { interface-type interface-number | interface-name } [ subinterface-type ] |
|
Delete the source address of trap packets |
undo snmp-agent trap source |
# Take the IP address of the Ethernet interface 1/0 as the source address of the trap packets.
[XE] snmp-agent trap source ethernet 1/0
Use the configuration to establish, update or delete the view.
Perform the following configuration in system view.
Table 7-13 Establish/update/delete a view
|
Operation |
Command |
|
Establish or update a view |
snmp-agent mib-view { included | excluded } view-name oid-tree |
|
Delete a view |
undo snmp-agent mib-view view-name |
# Create a view including all the objects of internet (1.3.6.1).
[XE] snmp-agent mib-view included myview 1.3.6.1
Use the configuration to set the maximum size of SNMP packets to and from Agent.
Perform the following configuration in system view.
Table 7-14 Set the maximum size of SNMP packets
|
Operation |
Command |
|
Set the maximum size of SNMP packets to and from Agent |
snmp-agent packet max-size byte-count |
|
Restore the default maximum size of SNMP packets |
undo snmp-agent packet max-size |
The maximum size of SNMP packets to and from an Agent ranges from 484 to 17940 in bytes and the default size is 2000 bytes.
# Set the maximum size of SNMP packets to and from an Agent to 1042 bytes.
[XE] snmp-agent packet max-size 1042
Use the configuration to set the queue length of the trap packets sent to the destination host.
Perform the following configuration in system view.
Table 7-15 Set the queue length of trap packets
|
Operation |
Command |
|
Set the queue length of the trap packets sent to the destination host |
snmp-agent trap queue-size size |
|
Restore the default queue length of the trap packets |
undo snmp-agent trap queue-size |
The queue length of trap packets ranges from 1 to 1000 with the default value as 100.
# Set the queue length of trap packets to 200.
[XE] snmp-agent trap queue-size 200
Use the configuration to set the aging time of trap packets. The trap packets exceeding this time are dropped.
Perform the following configuration in system view.
Table 7-16 Set the aging time of trap packets
|
Operation |
Command |
|
Set the aging time of trap packets |
snmp-agent trap life seconds |
|
Restore the default trap packets aging time |
undo snmp-agent trap life |
The range of seconds is from 1 to 2592000, with the default value as 120 seconds.
# Set the aging time of trap packets to 60 seconds.
[XE] snmp-agent trap life 60
Execute the display commands in any view to display the running information of the SNMP configured and verify the configuration.
Use the debugging command to enable debugging for SNMP in user view.
Table 7-17 Display and debug SNMP
|
Operation |
Command |
|
Display the version enabled by SNMP |
display snmp-agent sys-info version |
|
Display the statistics of SNMP packets |
display snmp-agent statistics |
|
Display the engine ID of the current device |
display snmp-agent { local-engineid } |
|
Display the group name, security mode, status of views, and storage modes of groups |
display snmp-agent group [ group-name ] |
|
Display all the SNMP user names in a group user name list |
display snmp-agent usm-user [ engineid engineid | username user-name | group group-name ] * |
|
Display the community name of the current configuration |
display snmp-agent community [ read | write ]* |
|
Display the MIB view of the current configuration |
display snmp-agent mib-view [ exclude | include | viewname view-name ] |
|
Display the character string of system maintenance contact |
display snmp-agent sys-info contact |
|
Display the character string of system location |
display snmp-agent sys-info location |
|
Enable debugging for SNMP |
debugging snmp-agent { header | packets | trap | process } |
Take the diagram below for example. A network management station (NMS) with the IP address of 192.168.80.100/24 is connected to an XE IP PBX with the IP address of 192.168.80.50/24 via the Ethernet port.
Figure 7-2 Network diagram for SNMP configuration
# Enter system view.
<XE> system-view
System View: return to User View with Ctrl+Z.
Press <Enter> to enter system view.
# Configure community name and access privilege level.
[XE] snmp-agent community read public
[XE] snmp-agent community write private
# Set the ID and contact of the administrator, and the physical location of XE IP PBX.
[XE] snmp-agent sys-info contact Mr.Wang-Tel:3306
[XE] snmp-agent sys-info location telephone-closet,3rd-floor
# Enable the trap packets destined for NMS 129.102.149.23, with the community name public.
[XE] snmp-agent trap enable
[XE] snmp-agent target-host trap address udp-domain 192.168.80.100 udp-port 5000 params securityname public
Take IBM xnmbrowser for example. Set the Name of IP Address to 192.168.80.50 and the Community Name to private. Then use the NMS client program to perform queries and configuration on the XE IP PBX.
In MIB Object ID, input the instance "iso.org.dod.internet.mgnt.mib-2.system", click <Start Query> and you can get the following results:
SysDescr.0 : STRING: HUA WEI CORP. SNMP agent for XE
SysUpTime.0 : (105300) 00:17:33:00
SysContact.0 : Mr.Wang-Tel:3306
SysName.0 : sysadm
SysLocation.0 : telephone-closet,3rd-floor
SysServices.0 : 79
If you cannot understand the meanings of these management variables in the MIB, click <Describe> to get the related description.
Modem is a widely used network device nowadays. It is vital for the XE IP PBX to properly manage and control its Modem.
Now, numerous Modem manufacturers produce various models of Modem. Though all of them support the industry-standard AT command set, they somewhat differ in actual implementations and command details.
To properly and flexibly manage the Modem connected to the XE IP PBX, the XE IP PBX provides the following Modem management functionality:
1) The script language for Modem management for a good control of the Modem connecting to the XE IP PBX. A Modem script written with this language can be:
l Executed directly through the script-string command to initialize or configure the Modem.
l Triggered by particular events, such as XE IP PBX startup, Modem connection establishment, the start-script command, and so on.
3) Through the Modem management, the XE IP PBX can intercommunicate with a device of other vendor when both AUX ports of the two parties are in flow mode.
4) In addition, the Modem management on the XE IP PBX provides rich debugging information for you to easily monitor and maintain the Modem.
Using the Modem scripts written with the script language provided by the XE IP PBX, you can make the system:
l Flexibly control different models of Modem. Through executing different initialization AT command strings, the XE IP PBX can well cooperate with a variety of Modems by different manufacturers with different models.
l Log into a remote system in interactive mode. Interactive negotiation of script can turn the system into different connection states. For example, after the AUX port on the XE IP PBX set up a connection with the remote device through the Modem, it negotiates the protocol to be encapsulated on the physical link and the operating parameters of the protocol with the remote device.
The general format of Modem script is as follow:
send-string1 receive-string1 send-string2 receive-string2 ......
Among which:
l send-string represents the character string to be sent.
l receive-string represents the character string to be received.
l send-string and receive-string appear in pairs and a script must begin with a send-string, such as “send-string1 receive-string1 ......”. This represents the execution flow: First, the system sends the string send-string1 to the Modem and expects to receive the string receive-string1. If it receives a string matching receive-string1 before timeout, it executes the following script, otherwise, it terminates the execution of this script.
l If the last string is a send-string, it indicates that, once this string is sent, the execution of the script is terminated without waiting for any other receive-string.
l If it is unnecessary to send a string at the beginning of a script execution, and the system directly waits for a receive-string, you can set the first send-string to "". The following section will cover the details on the quotation mark.
l Except for the send-string ended with “\c”, the send-string will be automatically appended with a carriage return when it is sent.
l The received content does not need to exactly match the receive-string. That is, the match is considered successful as long as the received content contains the expected string.
l One receive-string can includes many character strings separated by "-". The match is considered successful as long as the received content contains one of these character strings.
l By default, the timeout time of waiting for a receive-string is five seconds. You can insert the TIMEOUT seconds anywhere in a script to adjust the timeout time, which is valid till a new TIMEOUT is set in the same script.
l All the strings and keywords in a script are case sensitive.
l Use spaces to separate strings or keywords. So a space contained in a string must be enclosed in double quotation marks (" "). A pair of empty quotation marks (that is, "") has two meanings: Being a leading "" in a script, it means that no string needs to be sent and the system directly waits for a receive-string. If "" is in any other location in the script, it is regarded as the content of a string.
l You can insert ABORT receive-string anywhere in a script to change the execution flow of this script. Its presence in the script indicates that the script execution will be terminated if a received string exactly matches the receive-string set by ABORT receive-string. You can set more than one ABORT receive-string in a script, all of they will take effect; that is, once a received string matches any one of them, the script execution is terminated. Wherever an ABORT receive-string is placed, it takes effect in the whole script execution flow.
l You can insert escape characters in a script to further control the script and increase its flexibility. In addition, all the escape characters play the role of delimiters in string as well.
|
Keyword |
Description |
|
ABORT receive-string |
The string following ABORT will be compared with the strings sent from the Modem or remote DTE device in exact matching mode. One script can includes multiple ABORT settings, and all of them take effect in the whole script execution process. |
|
TIMEOUT seconds |
The digit following TIMEOUT is used to set the timeout time that allows the system to wait for a receive-string. If no expected string is received within this time, the execution of the script fails. Once set, the settings will be valid till a new TIMEOUT is configured. |
Here seconds is in the range of 0 second to 180 seconds and defaults to 180.
Table 8-2 Escape characters used in script
|
Escape character |
Description |
|
\c |
Represents that the system does not automatically append a carriage return to the string; it sends only the specified characters in the string. The "\c" character is valid only when it is located at the end of the send-string. |
|
\d |
Represents a two-second pause. |
|
\n |
Represents the new line character. |
|
\r |
Represents the carriage return character. |
|
\s |
Represents the space character. |
|
\t |
Represents the Tab character. |
|
\\ |
Represents the backslash ("\") character. |
|
\T |
Represents telephone number. |
The following sections describe the Modem management configuration tasks:
l Configuring the Incoming and Outgoing Calls of the Modem
l Executing a Modem Script Manually
l Specifying a Modem Script Triggered by an Event
l Configuring the Answer Mode for the Modem
Perform the following configuration in user-interface view.
Table 8-3 Configure the incoming and outgoing access of the Modem
|
Operation |
Command |
|
Allow only incoming calls of the Modem |
modem call-in |
|
Allow both incoming and outgoing calls of the Modem |
modem both |
|
Inhibit both incoming and outgoing calls of the Modem |
undo modem both |
|
Inhibit incoming calls of the Modem |
undo modem call-in |
By default, the Modem is inhibited from both incoming and outgoing calls.
Perform the following configuration in system view.
Table 8-4 Configure a Modem script
|
Operation |
Command |
|
Define a Modem script |
script-string script-name script-content |
|
Delete a Modem script |
undo script-string script-name |
For the format of script, refer to Syntax of Modem script.
When necessary, you can use the start-script command to execute a specific Modem script to manage the Modem connected to the port.
Perform the following configuration in user view.
Table 8-5 Execute a Modem script manually
|
Operation |
Command |
|
Execute a Modem script manually |
start-script script-name number |
You can associate an event with a Modem script so that occurrence of this event can trigger the automatic execution of the script. The XE 200/2000 supports the following events to trigger a script:
l Successful establishment of an outgoing connection: The system executes the specified script when an outgoing connection of the Modem is set up.
l Successful establishment of an incoming connection: The system executes the specified script when an incoming connection of the Modem is set up.
l DCC dialup: The system executes the specified script when a DCC dialup is made.
l Line reset: The system executes the specified script when a line is disconnected.
l System power-on or reboot: The system executes the specified script on the AUX port when the system is powered on or initialized.
For any event above, you can use the script command to specify a Modem script triggered by the event.
Perform the following configuration in user-interface view.
Table 8-6 Specify a Modem script triggered by an event
|
Operation |
Command |
|
Specify the automatically executed Modem script when an outgoing connection is set up successfully. |
script trigger login script-name |
|
Specify the automatically executed Modem script when an incoming connection is set up successfully. |
script trigger connect script-name |
|
Specify the automatically executed Modem script when a DCC dialup is made. |
script trigger dial script-name |
|
Specify the automatically executed Modem script when a line is reset. |
script trigger logout script-name |
|
Specify the automatically executed Modem script when the system is powered on or rebooted. |
script trigger init script-name |
You should perform this configuration based on the state (answer mode) of the connected Modem. If the Modem is in auto-answer mode (AA LED of the Modem illuminates), you should execute the modem auto-answer command before dialing up. If the Modem is in non-auto answer mode, you should execute the undo modem auto-answer command. If this configuration is not consistent with the state of the Modem, the system may loss some of the incoming calls from the Modem.
Perform the following configuration in user-interface view.
Table 8-7 Configure the answer mode for the Modem
|
Operation |
Command |
|
Set the auto-answer mode for the Modem |
modem auto-answer |
|
Set the non-auto answer mode for the Modem |
undo modem auto-answer |
By default, the answer mode for the Modem is non-auto.
Perform the following configuration in system view.
Table 8-8 Configure Modem callback
|
Operation |
Command |
|
Configure the Modem callback |
service modem-callback |
|
Disable the Modem callback |
undo service modem-callback |
By default, the Modem callback is disabled.
To monitor and maintain the Modem, you can use the debugging command in user view to enable debugging for Modem or display the state parameters.
Table 8-9 Display and debug Modem
|
Operation |
Command |
|
Enable debugging for Modem |
debugging modem |
1) Network requirements
The AUX port of the XE IP PBX is connected to a Modem. The system uses standard AT commands to negotiate a baudrate with the Modem. It sends the "AT" command through the port to the Modem. If an “OK” is received from the Modem, the system considers that the Modem can automatically adapt to the corresponding baudrate. Then, the system writes and saves the rate configuration to the Modem with the AT command “AT&W”.
2) Network diagram
Figure 8-1 Network Diagram for the Modem management of the XE IP PBX
# Define a Modem script.
[XE] script-string baud "" AT OK AT&W OK
# Execute the script on the AUX port connecting the Modem in user view.
To restore the factory-default settings of Modem, use the “AT&F” command.
# Define a Modem script.
[XE] script-string factory "" AT OK AT&F OK
# Execute the script on the AUX port connecting the Modem in user view.
<XE> start-script factory 1
Make appropriate configuration to allow the XE IP PBX to initialize the Modem connected to the AUX port when the XE IP PBX is powered on or rebooted.
[XE] script-string init "" AT OK AT&B1&C1&D2&S0=1 OK AT&W OK
[XE] user-interface aux 0
[XE-ui-aux0] modem
[XE-ui-aux0] script trigger init init
Define a Modem script to dial up directly.
# Define a Modem script
[XE] script-string dial "" AT OK ATDT8810058 CONNECT
# Execute the script on the AUX port connecting the Modem in user view
<XE> start-script dial 1
Symptom: The Modem is in abnormal state (for example, the busy tone keeps being played or the dial tone keeps whistling for a long time).
Solution:
l Execute the shutdown and undo shutdown commands on the physical interface connected to the Modem, and then check whether the Modem restore the normal state.
l If the Modem is still in abnormal state, re-power the Modem.
