ELTEX ESR-15V User Manual

Provides a brief overview of the ESR series service routers and the manual's scope.

Identifies the intended audience as technical personnel familiar with TCP/IP and Ethernet concepts.

Explains the designation and meaning of symbols used in the manual.

Details important notes, tips, recommendations, and warnings for device operation and setup.

Describes the ESR series service routers as high-performance multipurpose network routers.

Details the various functions of the device, including interface, MAC table, OSI layer functions, and tunneling.

Lists the key technical specifications of the ESR routers, including interfaces and performance metrics.

Describes the physical design of the device, including front, rear, and side panels, connectors, and controls.

Lists the standard items included in the delivery package for various ESR models.

Provides instructions for installing support brackets for rack mounting.

Details the procedure for installing the device into a standard rack.

Explains how to install power modules in specific ESR router models.

Guides on how to safely connect the device to the power supply, including earthing requirements.

Provides instructions for installing and removing SFP transceivers.

Describes the CLI as the primary interface for device management, authorization, and command categories.

Explains the naming system for various network interfaces, including physical, sub-interfaces, and channel aggregation groups.

Details the naming conventions for different types of network tunnels used for VPN and traffic tunneling.

Explains the essential basic settings installed by factory configuration, including security zones and default access.

Covers basic router configuration steps like assigning IP addresses, creating security zones, and configuring services.

Provides a procedure for updating the firmware using TFTP, FTP, or SCP servers.

Explains how to update router firmware using the bootloader, involving TFTP server configuration.

Details the process for updating the secondary bootloader (U-Boot) using a new file saved to flash.

Offers general advice for safe operation, such as disabling unused interfaces and setting system clocks.

Describes algorithms for event logging, including message storage and transmission to external servers.

Covers configuration algorithms for password policies, including lifetime, length, and character type requirements.

Details algorithms for AAA policy, including RADIUS, TACACS, LDAP authentication, and logging.

Recommends disabling Telnet, using crypto-resistant algorithms, and allowing access only from specific IP addresses.

Covers configuration algorithms for protecting against network attacks like IP spoofing and SYN flood.

Explains VLAN configuration, including creating VLANs, setting operation modes, and managing tagged/untagged frames.

Details Link Layer Discovery Protocol (LLDP) configuration for network equipment notification and parameter transmission.

Describes LLDP MED configuration for transmitting network policies like VLAN ID, DSCP, and priority.

Explains how to terminate Ethernet frames of a VLAN on a specific physical interface by creating a sub-interface.

Covers Q-in-Q technology for extending VLAN quantity by using two 802.1q tags (Inner and Outer).

Explains how to configure USB modems for organizing additional link channels for router operation.

Details Spanning Tree Protocol (STP) and Rapid STP (RSTP) configuration to prevent network loops.

Explains PPP connection establishment through E1 stream using TOPGATE-WAN-E1 media converter.

Describes Multilink PPP (MLPPP) for traffic transition via multiple physical channels, enabling bandwidth enhancement and load balancing.

Explains bridge configuration for connecting Ethernet segments on data-link level without higher-level protocols.

Covers Dual-Homing technology for creating secure connections based on redundant links to prevent failures.

Details traffic mirroring features for redirecting traffic from a specific port to another port or a remote device.

Explains LACP for link aggregation, allowing multiple physical links to be combined into a single logical link.

Describes AUX configuration for specifying parameters to interact with external devices connected via serial interfaces.

Explains GRE tunneling protocol for encapsulating OSI model network layer packets into IP packets.

Details DMVPN technology for creating virtual private networks with dynamic tunnels between hosts.

Describes L2TPv3 protocol for tunneling 2nd level OSI model packets between two IP nodes.

Explains IPsec protocols for enabling security features for data transferred via IP protocol.

Covers LT tunnels for transmission of routing information and traffic between different VRFs.

Explains basic QoS on ESR routers, focusing on classification and relabeling on the input.

Details advanced QoS mode allowing traffic classification on both incoming and outgoing interfaces.

Describes routing information advertising policies for RIP, OSPF, IS-IS, iBPG, and eBPG protocols.

Explains how to add static routes by using commands in global configuration mode.

Details RIP configuration, including precedence, routing table capacity, and prefix lists.

Explains OSPF configuration, including precedence, routing tables capacity, and neighbor state information.

Covers BGP configuration, including precedence, routing table capacity, and neighbor state information.

Explains Bidirectional Forwarding Detection (BFD) protocol operation and configuration.

Describes route-map configuration for filtering and modifying routing information exchanged with neighbors.

Explains VRF technology for isolating routing information belonging to different classes.

Details MultiWAN technology for establishing fail-safe connections with redundant links and traffic balancing.

Describes IS-IS protocol configuration, a link-state routing protocol based on Dijkstra Algorithm.

Explains LDP configuration, a tag distribution protocol for finding neighbors and establishing sessions.

Details configuration of Hello holdtime, Hello interval, and Keepalive holdtime parameters for LDP sessions.

Explains configuration of session parameters specifically for targeted-LDP.

Covers LDP tag filtering configuration for allocating MPLS tags to specific FECs.

Describes L2VPN Martini mode configuration, where operation is done by LDP and pseudowire construction is entrusted to BGP.

Explains L2VPN Kompella mode configuration, where LDP operates with transport labels and pseudowire construction is entrusted to BGP.

Covers L3VPN service for combining distributed client IP networks and ensuring traffic transfer within a single VRF.

Details MPLS traffic balancing using the load balancer daemon (lbd).

Explains how to organize L2VPN service by configuring a bridge domain and creating necessary AC and PW elements.

Emphasizes the importance of correctly configuring the MTU parameter on interfaces for MPLS traffic transmission.

Provides configuration examples for L3VPN and L2VPN services based on Inter-AS Option A.

Explains Inter-AS Option B configuration, which involves MPLS label assignment without VRF.

Provides an example of configuring VPN services built through a GRE tunnel.

Covers AAA configuration for access provisioning and control, including authentication, authorization, and accounting.

Explains how to assign user privilege levels to command sets for controlling access to device functions.

Details configuration of logging and protection mechanisms against network attacks like land, SYN flood, and ICMP flood.

Describes firewall configuration as a tool for controlling and filtering network packets based on defined rules.

Explains Access Control Lists (ACLs) for defining rules that control traffic transmission through interfaces.

Covers IPS/IDS configuration for detecting intrusions, security breaches, and automatically protecting against them.

Details the interaction configuration with EDM Server for distributing licensed content.

Explains content filtering service for restricting access to HTTP sites based on their content categories.

Covers Antispam service configuration for detecting and filtering unwanted email messages.

Explains VRRP configuration for increased router availability and acting as a default gateway.

Describes the tracking mechanism that activates entities based on VRRP/SLA state.

Details firewall failover configuration for reserving firewall sessions.

Explains DHCP failover configuration to reserve a database of IP addresses issued by the DHCP server.

Guides on configuring a PPTP server for secure remote access to a corporate network.

Details configuring an L2TP server for secure remote access to a corporate network.

Explains OpenVPN server configuration for secure remote access and various tasks related to data transmission security.

Covers PPPoE client configuration for establishing virtual connections using PPP over Ethernet.

Provides instructions for configuring a PPTP client for remote access.

Details L2TP client configuration for establishing virtual private networks.

Explains how to configure LAN device network settings using the integrated DHCP server.

Details Destination NAT (DNAT) function for translating destination IP addresses for packets.

Covers Source NAT (SNAT) function for substituting source addresses for packets transferred through the network gateway.

Explains static NAT for unique address matching and translation of addresses.

Details HTTP/HTTPS traffic proxying for URL filtering and content access control.

Explains NTP configuration for synchronizing internal clock using IP networks and UDP protocol.

Describes Netflow protocol for traffic accounting and analysis, transmitting traffic information to a collector.

Details sFlow configuration, a standard for traffic accounting and analysis in computer and network devices.

Explains SNMP configuration for device management in IP networks featuring TCP/UDP architecture.

Covers Zabbix-agent/proxy configuration for monitoring devices and executing remote commands.

Details Syslog configuration for sending and registering system messages about events.

Explains how to check the integrity of stored executable files.

Describes the option of local and/or remote configuration file copying by timer or upon configuration change.

Provides the configuration algorithm for BRAS management, including RADIUS and DAS server setup.

Gives an example of BRAS configuration with SoftWLC for providing Internet access to authorized users.

Provides an example of BRAS configuration without SoftWLC support.

Details SIP profile configuration for connecting analogue telephones and fax modems to IP networks.

Explains FXS/FXO ports configuration for connecting telephones and fax modems.

Covers dial plan configuration for managing call routing to local numbers and through SIP proxy.

Details PBX server configuration, including creating routing plans and SIP profiles.

Explains the algorithm for creating registration trunks for PBX server.

Provides an example of VoIP configuration for FXS ports registration on an external SIP server.

Illustrates dial plan configuration with regular expressions for call routing.

Details FXO port configuration for making calls to PSTN subscribers.

Provides an example of VoIP configuration for FXS ports registration on an external SIP server.

Details VoIP configuration for internal PBX server, including registration and call transfer.

Addresses issues with receiving routes in VRF via BGP or OSPF, despite successful adjacency establishment.

Provides solutions for SSH/Telnet sessions closing, often related to keepalive packet configuration.

Addresses issues with LACP not launching on specific XG ports for certain ESR models.

Explains the procedure to completely clear ESR configuration and reset it to factory default settings.

Provides contact information for the Eltex Ltd. Service Center for technical assistance.

Encourages visiting the Eltex website for technical documentation, software, knowledge base, and technical forum consultation.