Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Manual
UniGuard AES
Rev 303E2
1-1
5.3.6
96 LED................................................................................................................................. 5-2
5.3.7
OH LED............................................................................................................................... 5-2
5.3.8
DTR LED ............................................................................................................................. 5-2
5.3.9
EC LED ............................................................................................................................... 5-2
5.3.10 FX LED................................................................................................................................ 5-2
5.4
DIFFERENCES IN V.90 MODEM LED FUNCTIONS ......................................................................... 5-2
5.4.1
56 LED................................................................................................................................. 5-2
5.4.2
33 LED................................................................................................................................. 5-2
5.4.3
14 LED................................................................................................................................. 5-2
5.5
UNIGUARD CONNECTORS ............................................................................................................ 5-3
5.5.1
Host Port Connector............................................................................................................ 5-3
5.5.2
Link Port Connector ............................................................................................................ 5-3
5.5.3
IP Port (10BASE-T)............................................................................................................. 5-3
5.5.4
TELCO (V34) or Modem (Std) Connectors ......................................................................... 5-3
5.5.5
Cabling ................................................................................................................................ 5-3
5.5.6
Wall Mounted Power Supply ............................................................................................... 5-4
5.5.7
Installation........................................................................................................................... 5-4
6
10
1-3
APPENDIX A
APPENDIX B
V.32 SPECIFICATIONS.............................................................................................D
14
15
16
17
18
APPENDIX G
19
APPENDIX H
20
21
Table of Figures
FIGURE 5-1UNIGUARD, FRONT .................................................................................................................... 5-1
FIGURE 5-2 UNIGUARD V34 REAR
UNIGUARD REAR ........................................................................... 5-3
FIGURE 5-3 CABLING ................................................................................................................................... 5-3
FIGURE 5-4 WALL MOUNTED POWER SUPPLY ............................................................................................. 5-4
1-5
A.4 Warranty
Communication Devices Inc. warranties to the original purchaser that these devices are free from
defects in material or faulty workmanship, in normal use for a period of one (1) year from the date of
purchase.
This warranty is limited to repair or replacement at the option of Communication Devices Inc., of any
defective part or component which within one (1) year of the original purchase is determined by
Communication Devices Inc. to be defective. All warranty repairs will be made at Communication
Devices Inc.'s Main factory in Boonton, NJ 07005..
A.5 Disclaimer
While extreme care has been taken in the preparation of the design, software, firmware, hardware and
documentation, no liability is accepted by Communication Devices Inc. for loss of profits or any other
incidental, special or consequential damage suffered by the purchaser, even if Communication Devices Inc.
has been advised of the possibility of such damages, nor for the claim against the purchaser by any other
party.
The UniGuard V.34 contains a V.34 modem and the UniGuard V.90 contains a V.90 modem. The V.90
modem incorporates both the newer ITU-T V.90 and the older K56flex protocols. Using either of these
protocols, Internet service providers (ISP) can send data down stream to a computer at 56K bps speeds
because the data normally is converted from digital to analog only once before it reaches the modem.
Upstream transmissions and transmissions between client modems are limited to data rates of 33.6K bps, as
are downstream transmissions that are converted more than once on the telephone network.
The front panel LED displaying the speed of the V.90 modem is different than the V.32 modem
Some of the AT commands are different for the V.90.
1-7
General
The UniGuard is a member of the extensive CDI product line of authentication and encryption devices for
dial accessible systems. The UniGuard V.34 and V.90 have been certified by NIST (National Institute of
Standard Technology) for ANSI X9.17, the unit has also been approved for FIPS 140-1. It is designed to
protect a single host system and has a database capacity of 150 users. The UniGuard V34 includes an
internal Multi-Tech modem. Except for the modem functions, all parameters apply to both units.
If you have a UniGuard V34, wherever your communications software or operating system provides for
modem selection, select "MultiModem MT2834ZDX". If this choice is not available, select "Standard
Modem".
If you have a UniGuard V90, wherever your communications software or operating system provides for
modem selection, select "MultiModem MT5634ZBA". If this choice is not available, select "Standard
Modem".
2.1
A special case of the UniGuard (V34 or V90) is a UniGuard Client. This unit can perform most of the
encryption functions of the TDES-Modem. The TDES-Modem cannot be loaded from the DDM software
but the UniGuard Client can.
2.2
The UniGuard Demand Dial Routing is a special case of the UniGuard. It contains different hardware to
enable it to encrypt at higher speeds. The maximum data rate that can be encrypted is 56KBBS.
It can perform all the functions of the UniGuard.
2.3
Encryption
The UniGuard V34 and/or UniGuard V90 is an authenticator as well as an Encryptor and Modem contained
within one enclosure. The system provides Cipher Feedback, DES based encryption between a Remote
Unit. The system also provides for DES Key management in accordance with ANSI X9.17 for which CDI
has been certified by NIST (National Institute of Standard Technology).
Each UniGuard V34 and/or UniGuard V90 unit contains a unique ID and a private key.
2.3.1
Session Keys
Key management is CDIs NIST certified X9.17, where each session is transmitted using a different key.
When the UniGuard V34 and/or UniGuard V90 calls the Host, the called unit sends a tag indicating that the
calling unit has reached an X9.17 Unit. The calling unit then sends its ID. The called unit looks up the ID
of the calling unit in the database and if found, encrypts a new randomly generated key (the session key) in
the key of the caller and sends it to the calling unit. The calling unit decrypts the session key. Both units
will use this new session key for the duration of this transaction. At the end of the transaction (session) this
session key is erased.
This key management takes place transparent to both users.
2.4
Caller authentication access control is a method where only a number of select users can gain access to a
dial up system. Many schemes are available but after careful analysis they break down into three forms:
Challenge/Response with complete session Encryption, Challenge/Response with a Token and
Challenge/Response without a Token. A token is essentially an encryption/decryption key.
2.4.1
Challenge Response with Encryption provides the highest degree of security. Once the user has logged on
with the User ID and Password, the entire session is encrypted. The user must have one of CDIs DES
(Data Encryption Standard) devices installed at the remote PC.
2-1
2.4.2
Challenge/Response with a Token provides the second highest degree of security. It is analogous to using
an ATM card in a bank machine. The Challenge is the request for a PIN number and the response is the
PIN number; the Token is the bank ATM Card. Neither the PIN number nor the Bank ATM Card alone will
allow access to the machine. CDIs Tokens provide a high level of security in that all information passing
to and from the caller and the system during the authentication process is encrypted in a unique key for
each session. The session itself, however, is not encrypted.
2.5
2.5.1
Types of Tokens
RSA SecurID Token
The RSA SecurID Token is a patented Token based on time. The Token contained a time clock together
with an encryption KEY. The KEY is used to encrypts the time, which is displayed in a window on the
token. The caller enters the encrypted displayed information when signing on. The system looks up the
Users Key and compares the encrypted information to the information generated by the system with the
Users Key. If a match is found the User is authenticated.
2.5.2
PC Token
The PC Token is a system developed by CDI that takes a virtual fingerprint of a caller's PC (or Laptop) and
uses this as a Encryption key (token) to encrypt and store the caller's private DES (Data Encryption
Standard) KEY on the PCs hard drive. When the caller dials up the UniGuard, the WinGuard software (a
TSR program running in the background on the user's PC) sends a user ID (usually the user's name) which
the UniGuard uses to locate the caller's private DES Key in its database. A one time session KEY is
encrypted with the caller's private DES Key and sent to the caller's PC. CDIs software takes over and
decrypts the session key and uses it to encrypt the user's password. The encrypted password is sent to the
UniGuard which decrypts the password using the session KEY and if a match is found the caller is
authenticated.
2.5.3
Soft Token
The Soft Token is contained on a 3.5-inch disk. It provides all the functions of the PC Token except that the
disk can be transported and used on any PC. In contrast, the PC Token is unique to a specific computer.
The floppy is copy protected.
2.5.4
Pager Token
The Pager Token application was developed to allow callers to use a device that they already have in their
possession: a pager.
When a Pager User calls, the system looks up the pager phone number associated with the caller's user
ID. A random number is generated, the pager number is dialed and the random number is sent. The caller
receives this random number on the pager, calls back the UniGuard and enters this number when requested
by the system. If the numbers match, the caller is allowed access to the system. The random number is
different for each session.
2.5.5
Challenge/Response without a Token (ID and/or Password alone) is similar to a telephone credit card call.
The Challenge is the request for the card and PIN number and the Response is to enter those numbers.
These can be entered without the caller actually presenting the physical credit card (token) to phone.
Anyone having knowledge of the credit card number and PIN number can place calls.
Other versions of Challenge/Response without Tokens are ID and password with dial back access. A
remote caller's ID and password along with the caller's telephone number is stored in the UniGuards
database. A remote caller places a call and sends an ID and password when prompted. If the ID and
password is valid, the caller is disconnected and the UniGuard initiates a call to the phone number listed in
the database.
This method only insures that the caller has knowledge of the ID and password.
There is no TOKEN in this scheme to positively insure that the remote caller is actually the
authorized remote user and not a Hacker.
Copyright Communication Devices Inc. UniGuard 2-2
2.6
Typical Session
After the UniGuard has been configured with user profiles, a typical session would be as follows:
A. A Caller dials into the UniGuards modem port.
B. The UniGuard sends the (optional) primary message (which can be anything the system supervisor
wants it to be)
Example: Welcome to the Acme Widget Company. This is a closed
and private network. If you do not belong on this network please
disconnect. Attempting to break into this network can get you into
serious trouble.
If you need to talk to a security officer, call 800 555 0000.
2.6.1
2-3
2.6.2
If the caller is not a token user the (optional) secondary message (which is composed by the supervisor)
will be sent to the caller:
Example: We anticipate the computer being down for a disk
maintenance from Friday 11/19 at 16:00 through Saturday 11/20
at 14:00. If you need further assistance call 800 555 0001.
Secure Call through User, the UniGuard will connect the user to the host computer.
B. Secure Call through User with Encryption User, the UniGuard will authenticate in the same manner as a
Call through User. The UniGuard will then encrypt the entire session in conjunction with the user's remote
DES device.
C. A Roving User, the UniGuard will send a request for the number at which the roving user can be
reached. After hanging up, this number will be dialed and will connect this user to the host computer. At
the completion of the session the dialed number will be deleted from memory. If the Roving user enters a
Return for the phone number, the system will use the default number stored in the database.
D. A Call Back user, the system will look up the phone number in memory. This number will then be
dialed and the user will be connected to the host computer.
E. A Pager User, the UniGuard will disconnect and dial the user's pager and insert a random generated
number. When the user calls back, re-enters the ID and enters this number correctly at the prompt,
connection to the host will be established.
All transactions, including the user ID, time, date and action will be placed into the Audit trail.
2.7
If the modem is not busy with a call (Carrier not high), the Host can access a modem and use this modem to
place a call or check its configuration or anything else one can do with a modem.
Access to a modem is accomplished by keying in an AT [CR][LF]. The initial AT will not be visible on
the Host terminal but the OK response from the modem will be.
2.8
AES (Advanced Encryption Standard)
The Advanced Encryption Standard (AES) is an encryption algorithm securing sensitive
but unclassified (SBU) material by U.S. Government agencies and, as a likely
consequence, may eventually become the de facto encryption standard for commercial
transactions in the private sector.
In January of 1997, a process was initiated by the National Institute of Standards and
Technology (NIST), to find a more robust replacement for the Data Encryption Standard
(DES) and to a lesser degree Triple DES. The specification called for a symmetric
algorithm (same key for encryption and decryption) using block encryption of 128 bits in
size, supporting key sizes of 128, 192 and 256 bits. The algorithm was required to be
royalty-free for use worldwide and offer security of a sufficient level to protect data for
the next 20 to 30 years. On October 2, 2000, NIST announced that Rijndael (pronounced
"rain doll" or "Rhine Dahl") had been selected as the proposed standard. On December 6,
2001, the Secretary of Commerce officially approved Federal Information Processing
Standard (FIPS) 197, which specifies that all sensitive, unclassified documents will use
Rijndael as the Advanced Encryption Standard.
2-5
3.1
RSA SecurID provides a variety of Tokens. Displayed above are (1) The PINPAD, (2) The Hardware
Token, (3) The Key Fob and (4) The Palm Computing Platform.
3.2
Login In
The UniGuard, Port Authority or other CDI authentication device, requires entering a valid PASSCODE
before allowing you access to a protected computer. The PASSCODE is made up of two elements that only
you should be able to supply:
Your secret PIN, and the code currently generated and displayed by the SecurID card assigned to you.
3.3
Before any login data can be entered and authenticated, you must be able to communicate with the
UniGuard, Port Authority or other CDI authentication devices. It works with the communications
equipment already installed for your host system. This means you can dial up the host system and connect
to it the way you did before the UniGuard, Port Authority or other CDI authentication device, was installed.
Once you have contacted the UniGuard, Port Authority or other CDI authentication devices, press the
<Return> key (sometimes-labeled Enter or CR) once or twice, until the following appears:
3.3.1
Enter Passcode:
This prompt means the UniGuard, Port Authority or other CDI authentication device, is ready to
communicate.
3.3.2
On some systems users will be assigned PINs generated by the UniGuard, Port Authority or other CDI
authentication device, (which is preferable for security), while other systems let each cardholder make up
his or her own. Ask your security administrator which is the case with your system. In either situation your
status is of a first-time cardholder without a PIN.
If the system lets you only receive a PIN, read the next subsection, Receiving a System-Generated PIN.
If the system has you make up (that is, create) your own PIN, skip over the next subsection to the one
following, called Make Up Your Own PIN.
3-1
3.3.3
1.
2.
At the Enter PASSCODE prompt, type a delimiter like a frontslash (/) or comma (,) followed by
the serial number on the back of your card (the numbers only, not any preceding letter).
Conclude with another delimiter. But dont press <Return>.
(Delimiters are a separator character between two strings of numbers. Other permissible ones are listed
in the upcoming Logging In subsection. Note that the leading delimiter is essential when the system
is set for varying length PINs. In a fixed length PIN system, leading delimiters are optional.)
3. Now type the cardcode currently displaying on the LCD.
Type carefully, and dont enter anything but the cardcode, even though you were asked for a
PASSCODE. This is what you do whenever your card is in new PIN mode, as it is now.
PINPAD cardholders: First clear your cards display by entering any digit and pressing the P on the
lower right. Wait; and then type in the new code that next displays in the LCD.
3.4
Example
If you have a card with s / n 0123456 and the display is currently showing cardcode 956283, you would
type:
3.5
/0123456/956283
As you type, you will not see the data you enter; for security, the characters are displayed as asterisks
(*). If you can delete with Delete or Backspace key.
Press <Return>.
The UniGuard, Port Authority or other CDI authentication device, will display, if your input was valid:
If You Respond in the Affirmative, You Will Have Ten Seconds To Memorize Your New PIN
Are You Ready To Receive Your PIN? (y/n):
If incorrect information gets entered, the system displays
Access Denied
Try again.
If no one else can see your screen, type `y`.
Answer yes only if no one else can see your screen. Otherwise type `n`, to cancel the operation and
leave your card in new PIN mode.
The system will treat the login as if it were unsuccessful and redisplay Enter PASSCODE. Wait until
this terminal is more private or go find one that is.
Once you type, your new PIN will be displayed:
PIN: 3149
It will be onscreen for 10 seconds.
Memorize your new PIN. Dont write it down.
If you memorize your new PIN before the 10 seconds are up, press <Return> to remove it from view.
Copyright Communication Devices Inc. UniGuard 3-2
Once you respond to the new PIN prompt and your PIN is displayed, theres no way in this session to
view it again or to receive another PIN. If you forget the new PIN, you must notify your security
administrator that you need to be put back into PIN mode and repeat this transaction.
After the PIN disappears, youll be prompted to enter a real SecurID PASSCODE (which is your PIN
followed by your cardcode---in this case separated by a delimiter like`/` if the systems PIN length is
set to be variable).
Wait for your cardcode to change. You are now ready to log in with your new PIN.
Turn to the Logging In subsection next that applies to your card type, standard or PINPAD.
Important: Do not reveal your PIN to anyone. Memorize it; dont write it down. Even if the system
generates a PIN for you, only you will know what it is. Nobody, not even the system administrator,
can obtain your PIN except from you.
It is your responsibility to protect its secrecy.
If your SecurID card is ever missing, or if for any reason you feel someone knows your PIN, report
it immediately. The security administrator can disable the card or issue a new PIN immediately, and
can watch for unauthorized attempts at access.
3.5.1
1.
At your terminal keyboard (provided no one else can see your screen), press <Return>.
The system will prompt you to enter a PASSCODE.
2.
AT the Enter PASSCODE prompt, type a delimiter like a frontslash (/) or comma (,)
followed by the serial number on the back of your card (the numbers only, not any preceding
letter). Conclude with another delimiter, but dont press <Return>.
(Delimiters are a separator character between two strings of numbers. Other permissible ones are
listed in the upcoming Logging In subsection. Note that the leading delimiter is essential when
the system is set for varying length PINs, which is the shipment default in this release. In a fixed
length PIN system, leading delimiters are optional.)
3.
Example
If you have a card with s / n 0123456 and the display is currently showing cardcode 956283, you
would type:
Copyright Communication Devices Inc. UniGuard
3-3
/0123456/956283
As you type, you will not see the data you enter; for security, the characters are displayed as asterisks (*). If you can delete with
Delete or Backspace key.
Press <Return>.
If your input was valid, the UniGuard, Port Authority or other CDI authentication device, will
display:
Enter New PIN
If your input was NOT valid, the system displays
Access Denied
Try again.
Assuming no one else can see your screen, type the PIN you would like to have.
What you type will not be displayed.
To confirm the PIN, the UniGuard, Port Authority or other CDI authentication device, will ask
you to re-enter it.
If the two entries match (and the PIN is acceptable to the system), it will acknowledge that the
new PIN transaction has been completed.
There are a few more restrictions on what PIN types are allowed, so if the PIN you made up is not
accepted, you will receive an error message, and must create a different one.
When your PIN is accepted and a new code appears an your SecurID card, you are ready to log in to
the system using a real SecurID PASSCODE (which is your PIN followed by your cardcode-in this
case separated by a delimiter like `/` if the systems PIN length is set to be variable). To find out how,
read the Logging In subsection that applies to your card type, standard or PINPAD.
3.6
3.6.1
1.
At the Enter Passcode prompt, type your PIN. Do not press <Return>.
If your PIN contains letters, they can be entered upper-or lowercase:
`a` is the same as `A`.
2.
3.
Type the code currently displayed in the LCD of your SecurID card.
For example, if your PIN is 20140c and your card is currently displaying 2599343, the procedure
up to this point could go like this:
Enter PASSCODE: 20140c,2599343
[The numbers dont actually appear]
Copyright Communication Devices Inc. UniGuard 3-4
If the PASSCODE contains letters, as with a hexadecimal card, they can be entered in either
upper-or lowercase: `a` is the same as `A`.
4.
3.7
Enter your PIN into the card by pressing the keys along the bottom. Then press the
diamond below the keys.
Make sure the LCD cannot be viewed by anyone else.
The code generated by the card and showing in the LCD is your PASCODE, your PIN hidden
within it.
2.
3.
Type the 6 8 digit serial number on the back of your card, concluding with another
delimiter; still do not press <Return>.
4.
Then type the PASSCODE currently displayed in the LCD of your SecurID card.
As an example with card 1987654: Type your PIN into the PINPAD, press the diamond, and
observe the cardcode to, say 5368127
At your keyboard, at the Enter PASSCODE prompt, type:
/1987654/5368127 [the screen displays only asterisks]
If the PASSCODE contains letters, as with a hexadecimal card, they can be entered in either
upper- or lowercase: `a` is the same as `A`. If you mistype, you can delete with the Delete or
Backspace key.
5.
3-5
Once you enter a valid PASSCODE, a confirming message will appear if no one was set by your
administrator, saying that you can access the system. The host-computer prompt will appear in any
case, indicating a successful login.
You are ready to use the host system just as you usually do. If you enter an invalid data, the
system will display:
Access Denied
Try again. Usually you have three chances, although this is administrator-settable. Use the Delete
or Backspace key as necessary.
For security, once accepted, a SecurID PASSCODE cannot be reused. If you log out and try to log
in again before the cardcode changes, you wont succeed the second time and will have to wait
until it does change.
Note: As you should be clear from the preceding sentences, the next few codes displayed in the
LCD may be valid PASSCODEs. So as soon as youve logged in, clear your card by pressing the
P key. If you didnt and someone else got hold of the card during this time, he or she might be able
to use it to log in and gain access as you.
The Next Code Prompt
Sometimes after youve typed your PASSCODE correctly, the system may still ask you to enter
the next cardcode that comes up:
Please Enter the Next Code Displayed on Your Card.
Next Code:
Standard cardholders
Wait until the cardcode changes, then go ahead and carefully type it in, followed by <Return>. Do
not enter your PIN. Now you should be able to gain access.
PINPAD cardholders
Wait until the time indicator stack counts down and reappears at full height. Then re-key your
PIN into the card, press the diamond (not the P), and type this second PASSCODE, followed by
<Return>. Now you should be able to gain access.
This request is not necessarily due to an error on either your part or the UniGuard, Port Authority
or other CDI authentication device; its a step in the systems evasive action strategies. The
prompt also may appear if your card hasnt been used to log in for a few weekends or more.
3.8
Logoff
To log off from an UniGuard, Port Authority or other CDI authentication devices - protected
system, it is essential to system security that you follow your usual good logoff procedures. The
security exposure that results from a users failure to log off properly is quite serious and renders
the computers system vulnerable to attack. Such a user breach creates a route into the system
security measures.
If you have any uncertainty about what the proper procedure is for a clean session termination and
communications disconnect, see your system administrator.
The report section provides information for the systems manager on the use of the system. The statistics
provided by these reports are useful when attempting to estimate hardware requirements for future similar
systems.
The report section also provides an Audit Trail, Trouble Report and a number of reports pertaining to
various types of Users and their access to the system.
NOTE: Some of the reports and use of Tokens are covered by CDI Patents or Patent Pending.
4.1
Defaults
The system is asynchronous, defaulting to 9600 baud, with 8 data bits, no parity, one stop bit and port
security enabled. The unit is capable of operating at speeds (limited by the modem) up to 33.6K baud. For
non-encrypted use, the host port can be set as high as 57.6K baud. For encrypted use it should not be set
higher than 19.2K baud. Any speed above 19.2K Baud will yield a data rate of about 22K.. Operation,
including key management is totally transparent to the user.
4.1.1
The data structure of the HOST port defaults 9600 baud, 1 Start Bit, 8 Data Bits, no Parity and 1 Stop Bit.
The data structure of the linke port is fixed at those parameters. This is configured through the DDM
Distributed Database software.
4.1.2
Modem
The data structure of the Modem defaults to the same as the HOST Port: 1 Start Bit, 8 Data Bits, no Parity
and 1 Stop Bit. This is configured through the DDM Distributed Database software.
4.2
Getting Started
The UniGuard unit MUST be delivered to the Security Officer. He or she will have the responsibility of
maintaining the database and initially loading the user parameters. This is configured through the DDM
Distributed Database software.
4-1
4-1
Displays
5.1
Displays
The unit contains 4 LEDs located on the Front panel. They are DTR, DCD, BYPASS, and POWER.
5.2
LED Functions
5.2.1
The DTR LED is yellow and is in the ON condition when the device is connected to a host device that has
DTR in the active (ON) state.
5.2.2
5.2.3
Bypass LED
5.2.4
Power LED
The Power LED is green and will be in the ON condition when the wall mounted supply is properly
connected to the unit and the power switch is in the On position.
5.3
The Front Panel also contains 10 smaller LEDs for the Modem Functions. They are Tx, Rx, DCD, 28, 14,
96, OH, DTR, EC and FX.
5.3.1
Tx LED
5-1
5.3.2
Rx LED
5.3.3
DCD LED
The DCD LED is illuminated when the modem detects a valid carrier signal from another modem.
5.3.4
28 LED
The 28 LED is illuminated when the modem is set for 28,800 BPS operation. Unless another baud rate is
selected and stored, the 28 LED lights when the modem is powered. The 28 and 14 LED's both will be
illuminated when the modem operates at 26,400, 24,000, 21,600, 19,200 or 16,800 BPS.
5.3.5
14 LED
The 14 LED is illuminated when the modem is set for 14,400 BPS operation. The 14 and 96 LED's will
both be illuminated when the modem is operating at 12,000 BPS.
5.3.6
96 LED
The 96 LED is illuminated when the modem is set for 9,600 BPS operation. No Speed LED will be
illuminated when the modem operates below 9600 BPS.
5.3.7
OH LED
The OH LED will be illuminated when the modem is off-hook, which occurs when the modem is dialing,
on-line, answering a call or busied out. The LED will flash when the modem pulse dials.
5.3.8
DTR LED
The DTR LED will be illuminated when the UniGuard initializes the internal modem. It is on all the time
in the UniGuard-V34. Actual DTR is indicated by the yellow DTR LED on the UniGuard display.
EC LED
5.3.9
The EC LED will be illuminated when the modem is in the error correction mode. It will flash on and off
when compression is activated.
5.3.10
FX LED
The FX LED will be illuminated when the modem is in the fax mode.
NOTE: When the modem is first powered the speed LEDs flash briefly as the modem performs a self test,
then the LED for the default baud lights.
5.4
The differences in the modem LEDs are all in the numbered LEDs
5.4.1
56 LED
The 56 LED is illuminated when the modem is set for or connects using either K56flex or the V.90 protcol.
The actual connection speed depends on ISP server capabilities and line conditions
5.4.2
33 LED
The 33 LED is illuminated when the modem connects using the V.34 protocol.
5.4.3
14 LED
The 14 LED is illuminated when the modem connects using the V.32bis protocol.
5.5
UniGuard Connectors
The connectors, Host, Link, TELCO and Power are located on the back panel of the unit. (V34)
For standard UniGuard, the ports are Modem, Host, Link and Power. For Units containing an IP interface
the LINK Port is labeled NETWORK and contains the 10BASE-T Interface.
HOST
LINK
Mad e in USA
TELCO
Modem
17.5 VAC CT
Host
Link
17.5 VAC CT
UniGuard Rear
NOTE: There is no currently accepted standard for RJ45 connectors. Therefore, CDI cables and
adapters MUST be used in all interfaces with CDI equipment.
5.5.1
The Host connector is a RJ45 receptacle. This should be connected to the Dial in port of the host device
being protected by authentication. There are different types of connectors and cables depending on the
application.
5.5.2
The Link port connector is also a RJ45 female. This port is used to load set up parameters into the
UniGuardV34 through the DDMs serial port connector. . For Units containing an IP interface the LINK
Port is labeled NETWORK and contains the 10BASE-T Interface.
5.5.3
IP Port (10BASE-T)
. For Units containing an IP interface the LINK Port is labeled NETWORK and contains the 10BASE-T
Interface.
5.5.4
The Telco port connector is an RJ11 receptacle. This should be connected directly to the Phone Company
line with the cable provided. On the standard UniGuard, the Modem port connector is an RJ45 receptacle.
This should be connected to an external modem with the cable and adapters provided.
5.5.5
Cabling
DB9 or DB25 to
RJ45 Ada ptor
RJ45 Receptac le
RJ45 Plugs
RJ45/RJ45 four feet.
To Host/Link Devic e
5-3
2.5.4.1
Host Port and Link Port Cable and adapters
Two (three with STD unit) four foot, 8 pin Silver Satin cables with an RJ45 male plug on each end are
supplied. One is for connection to the Host port of the UniGuard and the Dial in port of the host device
being protected using (usually) the RJ45/DB25M connector. The other is for connection between the link
port of the UniGuard and the RS-232 port of the link terminal (The third with the standard unit is for
connection to the serial port of a modem). Use the included adapters as required by the specific installation.
A standard TELCO cable (V34) containing an RJ11 male plug on one end and an RJ11 male plug on the
other for connection between the Telephone line and the TELCO port of the unit is included.
2.5.4.2
DCE Pinouts
1
Pin
Function
DSR
CTS
GND
RX
TX
DCD
RTS
DTR
RJ45 (Plug)
Cable Head
5.5.6
Wall Mounted
Power Unit
DIN Power
Connector
5.5.7
1.
2.
3.
4.
5.
6.
Installation
Power connection. Connect the MiniDIN connector from the Wall Mounted Power Supply to
the MiniDIN connector on the rear of the UniGuard labeled 17.5VAC CT.
Telephone Line connection. For UniGuardV34 units, connect the RJ11 cable from the
TELCO connector to the Telephone line.
Modem connection. For UniGuard units (without self-contained modems) connect the RJ45
cable connector to the port on the rear of the UniGuard labeled Modem and the other end to the
data port of the modem.
Host Port connection. Connect the RJ45 cable with appropriate adapter from the Host port on
the rear of the UniGuard to the proper port on the Host.
Link Port. The Link port is used to Link other UniGuards.
I/P Port. . For Units containing an IP interface the LINK Port is labeled NETWORK and contains
the 10BASE-T Interface.
The UniGuard Rack Adaptor Kit will provide a method of mounting up to four (4) UniGuards (any type of
UniGuard) in a standard 19-inch Rack cabinet. The Kit consists of an 18.95 inch wide by 1.72 inches in
height panel together with two mounting plates. The plates are used as spacers to allow the assembly to
align up with other equipment in the rack.
18.95 in..
1.72in.
6.1
To mount any version of UniGuard, the front panel and bezel must be removed. This will result in the
internal RAM information being erased.
6.2
3.
4.
5.
6-1
UniGuards can be configured using the DDM Distributed Database Manager software supplied by CDI.
The configuration also includes the loading of encryption Keys.
A special case of the UniGuard (V34 or V90) is a UniGuard Client performs the same full encryption as the
CDI TDES Modem. Any UniGuard V.34 or V.90 can be configured as a UniGuard Client from the DDM
software.
The DDM software can also set up and extract the various reports.
7-1
UniGuard Parameters
8.1
Loading Parameters
The loading of parameters will be made from the DDM Distributed Database software as a dial up
connection or serial port connection.
8.2
User Functions
The User Functions will be made from the DDM Distributed Database software as a dial up connection or
serial port connection.
8.2.1
Add Users
8.2.2
User ID
The User ID. This can be up to 10 characters in length and is usually a name by which the user wishes to be
identified.
8.3
Type of User
The type of user is entered. Options are Call Back, Roving, Secure Call Through, Secure Call Through
w/Encryption, Pager, Token, Calculator, RSA SecurID.
8.3.1
A Call Back User will be prompted to enter the ID and password. If valid, the UniGuard will hang up and
dial the fixed call back number connecting the user to the system. The call back number for a user can
contain up to 30 digits. This is the number that will be called once a user has been authenticated.
8.3.2
Roving User
A Roving User is treated the same as a Call Back user with the exception that the call back number is a
variable that the user is prompted to enter. The user will be prompted to enter the ID, password and the
number (up to 30 digits) for UniGuard to call back. (This number will be deleted at the completion of the
call). Once the ID and password have been authenticated, the UniGuard will hang up and dial the entered
phone number.
A default phone number should be entered during setup that the roving user can select by entering a [CR]
when prompted for the location number. If the user presses [CR] the call is treated exactly the same as with
a Call Back User.
8.3.3
A Secure Call Through User will be prompted to enter the ID and password and the UniGuard will
acknowledge the caller as a Secure Call Through User and allow direct access to the system.
8.3.4
This type of user will call using a CDI DES-Modem or DES-Guard Encryptor and/or a UniGuard V34 or
V90. Configured as a UniGuard Client via. the DDM software. (These are CDI remote encryption devices:
With one of these devices installed, the entire transaction between the remote and host systems can be
encrypted).
The following two-stage process takes place between a remote CDI Encryptor and the central site
UniGuard device.
8-1
The caller will enter the User ID in the same manner as a Secure Call through User. If the user ID is in
the UniGuard database, the remainder of the session including the Password will be encrypted.
The user's DES (Data Encryption Standard) unit contains a unique 6 digit Unit ID plus a 16 HEX
Character X9.17 Private KEY* (also referred to as a Seed Key). When the User ID has been processed,
The UniGuard will send a CSM (cryptographic service message) tag to the remote (callers) encryption
device requesting its 6-digit unit ID.
The remote encryption unit replies by sending its 6 digit ID to the UniGuard.
The UniGuard looks up the caller's ID in its database and generates a random session KEY. It then
encrypts this key using the remote callers private (x9.17) KEY and sends this session KEY to the
caller.
The remote caller's unit decrypts the session KEY and the two units will use this KEY for encrypting
this session.
UniGuard will then request the User Password. If the Password is valid the session can proceed.
At the end of the transaction the session KEY will be deleted.
All transmission with the exception of the caller's 6 digit ID is encrypted.
NOTE: If the private key and/or 6 digit unit ID is not the same as defined in UniGuards database, the call
will be dropped.
*If Triple-DES is enabled the Private Key will consist of three 16 digit HEX character keys.
8.3.5
Pager User
A Pager User will be prompted to enter the ID. The UniGuard will drop the call and generate an 8 digit
random number. The UniGuard will then call the user's pager number and send the random number to the
Pager Company, which will then display the number on the user's pager. Upon receipt of this number, the
user will re-dial the UniGuard and re-enter the ID when prompted. UniGuard will then prompt to enter
number on pager. If the numbers match, access will be provided to the host computer.
When a Pager user is added, the Pager Number can be up to 30 digits (9,1800,5555555,,,,,)
Each comma (,) will insert a 2 second pause to allow the paging system's voice response to send the "Please
enter your phone number at the tone" prompt. Paging systems vary in the amount of delays required. It is
suggested a string of 5 commas be placed at the end of the pager number. Add or subtract commas as
required to customize the call for the pager system being accessed.
8.3.6
Token User
The remote PC of a Token User will have WinGuard (a TSR program that runs in the background)
software installed. A PIN number will be requested by the Token when WinGuard is started to be sure
that the user and not someone else is using the PC to access UniGuards host.
Once the correct PIN is entered, all authentication transactions between the UniGuard and the Token
equipped remote take place encrypted, behind the scenes and invisible to the user. The token key is entered
into UniGuard using the same format as the X917 private key for an Encrypted user. A one time session
KEY is encrypted with the remote caller's private DES Token Key and sent to the remote PC. CDIs
software takes over and decrypts the session key and uses it to encrypt the user password. The encrypted
password is sent to the UniGuard which decrypts the password using the session KEY and if a match is
found the caller is authenticated.
It should be noted that once issued, the private DES Token Key and PIN number cannot be changed by the
user. If a change is desired, a new Token will have to be issued.
8.3.7
A Calculator Token User is a variation of the Token User. The system allows for two types of Calculator
Tokens: A DPI Calculator or a Cryptocard Calculator Token. These tokens differ only in their internal
encryption algorithms; they are operated in the same manner.
The remote user has a calculator type device that contains DES encryption. When the user attempts to log
on, the UniGuard generates a random 8-digit challenge number and sends it to the remote user. Just as with
Copyright Communication Devices Inc. UniGuard 8-2
the software Token, the user must enter the correct PIN number to access the Calculator Token. The 8digit challenge is then keyed into the calculator token, encrypted and displayed. The displayed result, the
Response, is keyed into the PC and sent back to the UniGuard. If the response is correct the user is
authenticated and connected to the host.
In adding a Calculator Token user to the UniGuard database, the only unique information required is the
user's ID and Token Key.
8.3.8
The RSA SecurID Token is a patented Token based on time. The Token contained a time clock together
with an encryption KEY. The KEY is used to encrypts the time, which is displayed in a window on the
token. The caller enters the encrypted displayed information when signing on. The system looks up the
Users Key and compares the encrypted information to the information generated by the system with the
Users Key. If a match is found the User is authenticated
8-3
The Network Administrator can enter two (2) messages that will be sent to a caller when the request for ID
and password are presented. These messages are defined as Primary and Secondary. The purpose of these
messages is to allow the network manager to disseminate information to callers: to warn potential intruders,
inform authorized users of possible link down time or any other pertinent messages.
9.1
Primary Message
The Primary message is optional and is sent to an incoming caller when the modem connects. The user ID
request follows this message. A delay before sending this message can be set using the System Options
menu.
There is no message in the system until installed by the administrator.
9.1.1
The Secondary message (also optional) will be sent after the user has entered a proper user ID. The
Password request follows this message.
There is no default message in the system. Secondary messages can be up to 1000 characters in length;
backspaces may be used for editing
9.2
The Host Connect Message is optional and can be 32 characters in length. It will be transmitted to the Host
terminal when a connection is made. This message will insure that the "CONNECT" message normally
coming from the modem is not garbled. It is intended for host systems that require this or any other
message upon connection.
By default there is no message installed.
9-1
10
System Options
The System Options allow for various settings of the system parameters
User ID only
User ID and Password
Selecting option (0) will only prompt callers for their ID. Option (1) will prompt for the user ID and
original programmed password, without asking for a change.
10-1
10.9
Enabling this option will increase security by requiring three 16-digit hexadecimal Private Keys (if Triple
DES/AES is enabled in the remote Encryptor) instead of just one. Once enabled, the system will prompt
for the 3 keys any time a user is added. The default is enabled.
IP Authentication
(Provide In-band Strong User Authentication for remote console management.)
Copyright Communication Devices Inc. UniGuard10-2
IP Dial-out
(Ability to access the modem via In-band for dial-up access.)
Router
Console
Link
Auxiliary
Host
UniGuard
10.15 IP Filter
Exclude
(Exclude a range of IP Addresses from accessing the device.)
Include
(Include a range of IP Addresses to access the device.)
10-3
Health Status *
Radius-RSA ACE Server support
Remote Ping
* Note: For Health Status service to work, the UniGuard firmware needs to be 8.16 or above.
The following services supported in IP boards containing Rev 3.04 and above
Break Sequence
DNS/NET BIOS Support
In-band User Authentication
Radius
Remote Telnet
Point to Point (PPP)
Syslog
NET BIOS
11-1
11.1.9 Syslog
Syslog Messages can be sent to the Syslog Server and/or the DDM and will report back real time Logs for
all activities on a device.
12
Reports
There is a variety of Reports available. They can be accessed from the DDM Distributed Database
software.
12-1
13
Maintenance
13-1
Appendix Summary
The Appendixes apply to the Multi-Tech modem enclosed within the UniGuard V34.
NOTE: Wherever your communications software or operating system provides for modem selection,
select "MultiModem MT2834ZDX". If this choice is not available, select "Standard Modem".
Appendix A, AT COMMANDS BY FUNCTION
Appendix A is a set of the AT Commands listed by Function.
Appendix B, MODEM SPECIFICATIONS
Appendix B contains the Specifications for the Multi-Tech Modem contained within the equipment.
Appendix C, MODEM DEFAULTS
Appendix C contains the default settings of the modem.
Appendix D, S-REGISTER DEFAULTS
Appendix D contains the default settings for the S-Register.
Appendix E, AT COMMAND SUMMARY
Appendix E contains a complete description of the AT Commands.
Appendix F, S-REGISTER SUMMARY
Appendix F contains the S register Summary.
Appendix G, RESULT CODE SUMMARY
Appendix G contains the Result Code Summary (Terse and Verbose)
Appendix H, MULTI-TECH SYSTEM ESCAPE METHODS
Appendix H contains the method use by Multi-Tech for Escape Commands.
Appendix I, FCC, DOC and BABT INFORMATION
Appendix I pertains to FCC, DOC and BABT regulations.
The suggested AT Command string for the MultiTech modem is:
AT&C1&D2&E14#L1X4&W<CR>
Appendix A
TOPIC COMMAND
Dialing
D
Action
$D
A:
H
DESCRIPTION
Dial
DTR dialing
Continuous redial
On-hook/off-hook
Dial
Modifiers
W
R
,
:
;
!
@
$
Pulse dial
T
Tone dial
Wait for new dial tone
Reverse originate/answer mode
Dialing pause
Continuous redial
Return to command mode after dialing
Flash on-hook
Quiet answer
Call card tone detect
Phone Number
Memory
D...N
N
N...N
L
Configuration
& Default
Storage
&W
Store configuration
&F
Load default config.
Modem reset
Modem
Response
Commands
V
X
&A
M
#T
#F
Y
&G
&P
B
#A
RS-232c
Interface
Controls
&C
&D
&R
&S
&RF
&SF
Error
Correction
&E0
Phone Line
Conditioning
&E2
disabled
#L
$A
$F
$R
&E14
Data compression
enable/disable
Speed
Conversion
$E
$BA
$SB
Immediate
Action
Commands
Flow Control
L6
L8
A/
$H
Help screens
Inquire product code
L5
List current operating parameters
List S-Register values
List on-line diagnostics
Repeat last command
&BS
$EB
&E3
&E4
&E5
&E6
&E7
&E8
&E9
&E10
&E11
&E12
&E13
#X
off
on
Escape
+++AT<CR>
Default in-band escape code
Sequences
<BREAK>AT<CR> Alternate out-of-band escape code
%E
Escape sequence options
A
Force answer mode
O
Go back on-line
Diagnostics
&T
U
Appendix B
V.32 Specifications
Model Number:
Data Rates (Modem):
MT2834ZDX
0-300, 1200, 2400, 4800, 9600, 12,000, 14,400bps, 16,800 19,200 BPS, 21,600,
24,000, 26,400, 28,800 and 33,600
Data Rates (Fax):
4800, 9600, 14,400 BPS
Data Format (Modem): Serial, binary, asynchronous
Compatibility (Modem): Bell 212A and 103/113, ITU V.22; V.22bis, V.29, V.32, V.32bis, V.42, .42bis,
AT&T V.32 terbo, and V.34
Compatibility (Fax):
ITU Group 3, T.4, T.30, V.21, V.27ter, V.29, V.17, and EIA TR 29.2
Error Correction:
ITU V.42 (LAP-M or MNP 2- 4)
Data Compression:
ITU V.42 (4:1 throughput) or MNP 5 (2:1 throughput)
Speed Conversion:
Serial port data rates adjustable to 300, 1200, 2400, 4800, 9600, 12,000, 19,200,
38,400, 57,600, and 115,200 BPS
Mode of Operation:
Half or full duplex over dial-up lines; automatic or manual dialing and answer
Flow Control:
Xon/Xoff, hardware (RTS/CTS), (HP)ENQ/ACK
Intelligent Features:
Fully AT command compatible, autodial, redial, repeat dial, pulse or tone dial,
dial pauses, call status display, autoparity and data rate selections, keyboardcontrolled modem options, on-screen displays for modem option parameters and
command lines, help menus
Command Buffer:
60 characters
Modulation (Modem):
FSK at 300 BPS, PSK at 1200 BPS, QAM at 2400,4800, and 9600 BPS (nontrellis),QAM with trellis-coded modulation (TCM at 9600, 12,000, 14,400,
16,800, 19,200, 21,600, 24,000, 26,400, 28,800, 31,200 and 33,600 BPS
Fax Modulations:
V.21 CH2 FSK at 300 BPS
V.27ter DPSK at 2400 and 4800 BPS
V.29 QAM at 7200 and 9600 BPS
V.17 TCM at 7200, 9600, 12,000, and 14,400 BPS
Carrier Frequencies,
28.8K/16.8K BPS: 1700/1800 Hz V.34
Carrier Frequencies
19.2K/16.8K/14.4K/ 12K/9.6K/4.8K BPS: 1800 Hz V.32/V.32bis/V.32 terbo
Carrier Frequencies,
2400 & 1200 BPS (V.22bis/V.22 or Bell 212A Standard):
Transmit originate:
1200 Hz
Transmit answer:
2400 Hz
Receive originate:
2400 Hz
Receive answer:
1200 Hz
Carrier Frequencies,
300 BPS (Bell Standard): 1270 Hz mark, 1070 Hz space for transmit originate
2225 Hz mark, 2025 Hz space for receive originate
2225 Hz mark, 2025 Hz space for transmit answer
1270 Hz mark, 1070 Hz space for receive answer
Fax Carrier Frequencies: V.21 Ch2 (Half Duplex) 1650 Hz mark, 1850 Hz space for transmit originate
1650 Hz mark, 1850 Hz space for transmit answer
V.27ter 1800 Hz originate/answer
V.29 QAM 1700 Hz originate/answer
V.17 TCM 1800 Hz originate/answer
Transmit Level:
-13 dBm
Frequency Stability:
0.01%
Receiver Sensitivity:
-43 dBm under worst case conditions
AGC Dynamic Range:
43 dB
Interface:
EIA RS-232C/ITU V.24/V.28
Diagnostics:
Power-on self test, local analog loop, local
digital loop, remote digital
loop.
Indicators:
LEDs for Transmit Data, Receive Data, Carrier Detect, 28,800,Off-Hook,
Terminal Ready, Error Correction, and Fax.
Speaker:
Command-controlled speaker for call progress monitoring.
Environmental:
Temperature range 0 to 50 C (32 to 120 F); humidity range 20-90% (noncondensing)Power Requirements: 100-130VAC, 50/60 Hz, 0.1A/5W
14
Appendix C
$A0
#A0
15
S0 = 1
S1 = 0
S2 = 43
S3 = 13
S4 = 10
S5 = 8
S6 = 2 or 4
S7 = 45 or 55
S8 = 2 or 4
S9 = 6
S10 = 7
S11 = 70
S13 = 37
S17 = 25
S24 = 20
S26 = 0
S30 = 0
S32 = 20
S34 = 10
S36 = 0
S37 = 5
Appendix D
16
Appendix E
Command Values
AT
Default Description
Attention Code The attention code precedes all command lines except A/, A:
and escape codes.
RETURN
RETURN Key Press the RETURN (ENTER) key to execute most commands.
A
Force Answer Mode Answer call immediately without waiting for ring.
A/
Repeat Last Command. Do not precede this command with AT. Do not hit
RETURN to execute.
A:
Continuous Redial (10 redials in DOC modems) of last number until
answered.
&An n = 0 or 1
Answerback Caller ID
***
&A0 Answerback off.
&A1 Answerback on.
$An n = 0 or 1
Auto-Reliable Buffering
***
$A0 Discard data received during establishment of Reliable connection
$A1 Buffer data received during establishment of Reliable connection
#An
n = 0-3
Auto Speed Detection in Answer Mode
***
#A0 Start at maximum speed and fall back to 14400 to 12000 to 9600 to 4800
to 2400 to 1200 to 300 BPS.
#A1 Maximum speed only.
#A2 Start at maximum speed and fall back incrementally to 4800 BPS only.
#A3 Start at 2400 BPS and fall back to 1200 to 300 BPS only.
Bn
n = 0 or 1
Answer Tone (ZDXI modems only)
***
B0 Select ITU V.21 answer tone.
B1 Select Bell 103 answer tone.
&Bsn n = 0 or 1
Maximum Reliable Block Size
&BS0 Maximum transmit block size of 64 characters.
***
&BS1 Maximum transmit block size of 256 characters.
$Ban n = 0 or 1
Baud Adjust
***
$BA0 Set baud adjust off, speed conversion on. (Serial port speed is
independent of modem data rate.)
$BA1 Set baud adjust on, speed conversion off. (Serial port speed is same as
modem data rate.)
&Cn n = 0, 1, 2,
Carrier Detect Control
or 4
&C0 Force Carrier Detect on.
***
&C1 Let Carrier Detect follow carrier signal.
&C2 Let Carrier Detect drop (time set by S24) on disconnect, then go high
gain.
&C4 Reset modem when Carrier Detect drops.
Ds s = phone #
Dial telephone number s, where s may include up to 60 digits or T, P, R,
comma, colon, and semicolon characters.
DsNd s = phone #
Store Phone Number
d = 0 or 1
To store, enter D followed by telephone number s, then N followed by directory
number d.
&Dn n = 0, 1, 2,
Data Terminal Ready Control
or 3
&D0 Modem ignores DTR signal.
&D1 Modem hangs up when DTR drops, disables auto-answer, and returns to
command mode when DTR goes high again.
***
&D2 Modem hangs up when DTR drops and returns to command mode when
DTR goes high again.
&D3 Modem hangs up and resets to default parameters when DTR drops.
$Dn
n = 0 or 1
DTR Dialing
***
$D0 Disable DTR dialing.
$D1 Enable DTR dialing.
En
n = 0 or 1
Echo Command Mode Characters
E0 Do not echo command mode characters.
***
E1 Do echo command mode characters.
G
Copyright Communication Devices Inc. UniGuard
&En
n = 0 thru
15
***
n = 0, 1,
or 2
***
$Rn
n = 0 or 1
***
&Rfn
n = 0 or 1
***
Sr=n r = 0-11, 13,
24, 25, 30,
32, 34, 36,
37 or 48; format.
n varies
Sr? r = 0-11, 13,
24, 25, 30,
32, 34, 36,
37 or 48;
n varies
&Sn
n = 0, 1,
or 2
***
$Sbn
n = speed
Baud Adjust
***
&Sfn
n = 0 or 1
***
T
&Tn
n = 4 or 5
#Tn
***
n = 0 or 1
Un
***
n = 0, 1, 2,
or 3
Vn
n = 0 or 1
***
&Wn
n = 0 or 1
***
Xn
n = 0 thru
***
17
Appendix F
Register
S0
S1
S2
S3
S4
S5
S6
S7
Unit
1 ring
1 ring
decimal
decimal
decimal
decimal
1 sec.
1 sec.
S8
1 sec.
S9
S10
100 ms
100 ms
S11
1 ms
S13
S17
S24
decimal
10 ms
50 ms
S25
S30
S32
100 ms
1 min.
100 ms
S34
No. of
S36
S37
S48
1 sec.
1 sec.
decimal
Range
0-255
0-255
0-127
0-127
0-127
0-127
2-255
1-255
1-45*
1-55**
0-255
Description
Sets number of rings until modem answers.
Counts rings that have occurred.
Sets escape code character.
Sets character recognized as carriage return.
Sets character recognized as line feed.
Sets character recognized as backspace.
Determines wait-time for dial tone.
Determines how long modem will wait for carrier before
aborting call.
18
Appendix G
Terse Verbose
0
OK
1 CONNECT
2 RING
3 NO CARRIER
4 ERROR
5 CONNECT 1200
6 NO DIAL TONE
7 BUSY
8 NO ANSWER
9 CONNECT 2400
10 (Not used)
11 CONNECT 4800
12 CONNECT 9600
13 CONNECT 14400
19 CONNECT 19200
21 CONNECT 21600
24 CONNECT 24000
26 CONNECT 26400
28 CONNECT 28800
Meaning
Command was executed without error, ready for next command.
Modem has detected carrier and gone on-line.
Modem has detected ring caused by incoming call.
No carrier signal has been detected within allowed time.
Error in command line (too many, or invalid characters).
Modem has detected carrier at 1200 BPS and gone on-line.
No dial tone has been detected.
A busy signal has been detected.
Remote system did not answer
Modem has detected carrier at 2400 BPS and gone online.
Modem detected carrier at 4800 BPS and on-line.
Modem detected carrier at 9600 BPS and on- line
Modem detected carrier at 14400 BPS and on-line
Modem detected carrier at 19200bps and on-line
Modem detected carrier at 21600bps and on-line
Modem detected carrier at 24000bps and on-line
Modem detected carrier at 26400bps and on-line
Modem detected carrier at 28800bps and on-line
Reliable Mode: If the ZDX is used in Reliable mode, the following responses change:
1R
CONNECT
(As above, except Reliable.)
RELIABLE
5R
CONNECT 1200
(As above, except Reliable.)
RELIABLE
9R
CONNECT 2400
(As above, except Reliable.)
RELIABLE
11R
CONNECT 4800
(As above, except Reliable.)
RELIABLE
12R
CONNECT 9600
(As above, except Reliable.)
RELIABLE
13R
CONNECT 14400
(As above, except Reliable.)
RELIABLE
19R
CONNECT 19200
(As above, except Reliable.)
RELIABLE
21R
CONNECT 19200
(As above, except Reliable.)
RELIABLE
24R
CONNECT 24000
(As above, except Reliable.)
RELIABLE
26R
CONNECT 26400
(As above, except Reliable.)
RELIABLE
28R
CONNECT 28800
(As above, except Reliable.)
RELIABLE
LAP-M Reliable mode: If the ZDX is used in LAP-M Reliable mode, the following responses change:
1L
CONNECT LAPM
(As above, except Reliable.)
5L
CONNECT 1200 LAPM
(As above, except Reliable.)
9L
CONNECT 2400 LAPM
(As above, except Reliable.)
11L
CONNECT 4800 LAPM
(As above, except Reliable.)
12L
CONNECT 9600 LAPM
(As above, except Reliable.)
13L
CONNECT 14400 LAPM
(As above, except Reliable.)
19L
CONNECT 19200 LAPM
(As above, except Reliable.)
21L
CONNECT 21600 LAPM
(As above, except Reliable.)
24L
CONNECT 24000 LAPM
(As above, except Reliable.)
Copyright Communication Devices Inc. UniGuard
26L
28L
Data Compression: If the ZDX is used with data compression, the word COMPRESSED or letter C will be
added to result codes 1, 5, 9, 11, 12, 13, 19, 21, 24, 26, and 28.
Standard AT Responses: If standard AT command set 2400 responses are selected with the &Q1 command,
the following responses change:
9
10
(Not used)
CONNECT 2400
19
Appendix H
V.32 MULTI-TECH SYSTEMS' ESCAPE
METHODS INTRODUCTION
You may sometimes find it necessary to issue AT commands to your modem, while you are on-line with a
remote modem, without disconnecting the call. If so, you will want to take advantage of escape methods
that allow you to change the modem's mode of operation from on-line mode to command mode. After you
issue your AT commands, you may return to on-line mode, but typically most users escape so that they
may hang up a modem upon completion of a call.
The modems offer two escape methods: in-band and out-ofband. Both incorporate Time Independent
Escape Sequence (TIES) methodology. An escape sequence is a pattern or sequence that the modem
recognizes as its signal to shift from on-line mode to command mode. "Time independent" means that the
modem recognizes the escape sequence without a prefixed and/or suffixed delay.
In an in-band escape, the modem recognizes the escape sequence as a pattern sent to it as part of the data
stream or band (hence its name). In an out-of-band escape, the escape sequence is a pattern that cannot and
does not occur in the data stream.
The in-band escape method is +++AT<CR>
The out-of-band escape method is <BREAK>AT<CR>
A break signal cannot be sent as part of a data file; instead it is sent by a direct program command to the
UART used by the computer.
The break signal is defined as either the transmission of binary 0 for a minimum of 10 bits; or as a
minimum interval of 135 milliseconds as established in the ITU X.28 standard. There are routines in high
level languages and keys on most computers that have been established to send BREAK for fixed intervals,
but you may control the break's duration by referring to your UART's specifications.
HOW TO SELECT AN ESCAPE METHOD
If you want your modem to escape and then wait for you to issue a command before it will return to on-line
mode, then use +++AT<CR>. You might use this method if you find you need to review a help screen in
the middle of a
communications session. If you wish to combine the escape with a command (or commands) and with an
immediate return to on-line mode, then use the <BREAK>AT<CR> method. You may also use this method
to have the modem wait before it will return on-line.
The following AT commands are used to select the modem's escape method: %E0 = Escape disabled
%E1 = +++AT method (default)
%E2 = BREAK AT method
%E3 = Both methods enabled
%E4 = Disable "OK" to +++ escape
%E5 = Enable "OK" to +++ escape
METHOD 1: +++AT<CR>
In the following example, a user who is in on-line mode decides to set S0 to 1 to configure the modem to
answer on the first ring.
1. The user enters the sequence +++AT<CR>. The sequence is sent to the modem
2. The modem transmits the +++.
3. The modem buffers AT and starts the Wait for <CR> Timer.
4. Upon receiving the <CR> the modem escapes to command mode.
5. The modem responds OK.
6. The user enters the command ATS0=1<CR>. This sequence is sent to the modem.
7. The modem buffers ATS0=1<CR> and identifies it as a valid command.
8. The modem executes the command, setting S0=1.
9. The user sends ATO<CR> to the modem.
10. The modem returns to on-line mode.
ESCAPE METHOD 2: <BREAK>AT<CR>
In the following example, a user who is in on-line mode decides to set S0 to 1, to configure the modem to
answer on the first ring.
1. The BREAK signal is sent to the modem.
2. The modem buffers BREAK .
3. The modem starts the S32 Wait for <CR> Timer.
4. ATS0=1<CR> is sent to the modem.
Copyright Communication Devices Inc. UniGuard
20
Appendix I
FCC, DOC, and BABT Information
FCC REGULATIONS FOR TELEPHONE LINE INTERCONNECTION
This equipment complies with Part 68 of the Federal Communications Commission (FCC) rules. On the
outside surface of this equipment is a label that contains, among other information, the FCC registration
number and ringer equivalence number (REN). If requested, this information must be provided to the
telephone company.
The suitable USOC jack (Universal Service Order Code connecting arrangement) for this equipment is
shown below.
The ringer equivalence number (REN) is used to determine the quantity of devices that may be connected
to the telephone line. Excessive RENs on the telephone line may result in the devices not ringing in
response to an incoming call. In most, but not all areas, the sum of the RENs should not exceed five (5.0).
To learn the number of devices that may be connected to the line, contact the telephone company to
determine the maximum REN for the calling area.
If this equipment causes harm to the telephone network, the telephone company will notify you in advance.
But if advance notice isn't practical, the telephone company will notify you as soon as possible. Also, you
will be advised of your right to file a complaint with the FCC if you believe it is necessary.
The telephone company may make changes in its facilities, equipment, operations, or procedures that could
affect the operation of the equipment. If this happens, the telephone company will provide advance notice
in order for you to make necessary modifications in order to maintain uninterrupted service.
If trouble is experienced with this equipment please contact Multi-Tech Systems, Inc. at the address shown
for details of how to have repairs made. If the trouble is causing harm to the telephone network, the
telephone company may request you remove the equipment until the problem is resolved. No repairs are to
be made by you. Repairs are to be made only by Multi-Tech Systems or its licensees. Unauthorized repairs
void registration and warranty.
This equipment cannot be used on the public coin service provided by the telephone company. Connection
to Party Line Service is subject to state tariffs. (Contact the state public utility commission, public service
commission or corporation commission for information.)
Manufacturer:
Multi-Tech Systems, Inc.
Model Number:
MT1432ZDX, MT1932ZDX, or MT2834ZDX
FCC Registration No:
U7USA-75711-MM-E (MT1432ZDX and MT1932ZDX)
AU7USA-20673-MM-E (MT2834ZDX)
Ringer Equivalence:
0.5B
Modular Jack (USOC): RJ11C or RJ11W (single line)
Service Center in USA: Multi-Tech Systems Inc.
2205 Woodale Drive
Mounds View, MN 55112
(800) 328-9717 (612) 785-3500
DOC TERMINAL EQUIPMENT WARNINGS
NOTICE: The Canadian Department of Communications label identifies certificated equipment. This
certification means that the equipment meets certain telecommunications network protective, operational
and safety requirements. The Department does not guarantee the equipment will operate to the user
satisfaction.
Before installing this equipment insure that it is permissible to be connected to the facilities of the local
telecommunications company. The equipment must also be installed using an acceptable method of
connection. In some cases, the company's inside wiring associated with a single line individual service may
be extended by means of a certified connector assembly. The customer should be aware that compliance
with the above conditions may not prevent degradation of service in some situations.
Repairs to certified equipment should be made by an authorized Canadian link facility designated by the
supplier. Any repairs or alterations made by the user to this equipment; or equipment malfunctions, may
give the telecommunications company cause to request the user to disconnect the equipment.
Users should insure for their own protection that the electrical ground connections of the power utility,
telephone lines and internal metallic water pipe system, if present, are connected together. This precaution
may be particularly important in rural areas.
The Load Number (LN) assigned to each terminal device denotes the percentage of the total load to be
connected to a telephone loop which is used by the device, to prevent overloading. The termination on a
loop may consist of any combination of devices subject only to the requirement that the total of
Copyright Communication Devices Inc. UniGuard
the Load Numbers of all the devices does not exceed 100. The Load Number for this product is 4.
CAUTION: Users should not attempt to make such connections themselves, but should contact the
appropriate electric inspection authority, or electrician, as appropriate.
This digital apparatus does not exceed the Class B limits for radio noise for digital apparatus set out by the
Department of Communications.
COMPLIANCE WITH BABT REQUIREMENTS
Approved for connection to telecommunications system specified in the instructions for use subject to the
conditions set out in them.
EUROPEAN LOW VOLTAGE DIRECTIVE
When correctly installed and maintained, the modem will present no hazard to the user. When correctly
installed, the modem will be connected to the PSTN and to a Data Terminal Equipment (DTE), whose
modem connections comply with ITU recommendations V.28. The DTE connections are therefore taken to
be safe voltages (less than (30 volts).
COMPLIANCE WITH BS6305 CLAUSE 6.2, BS6320 CLAUSE 7.2, AND BABT/SITS/82/005S/D
a. The modem is suitable for connection to the Public Switched Telephone Network (PSTN) provided by
British Telecommunications plc or Kingston Communications (Hull) plc. Circuit supply by British
Communications, Mercury Communication, or Hull City Council. Only direct exchange lines may be used,
not shared service.
b. The modem is suitable for household, office, and similar general indoor use. It is not suitable for use as
an extension to a pay phone.
c. BT lines supplied must support either loop disconnect or multifrequency tone signaling.
d. REN (Ringer Equivalence Number). The REN value of a unit is calculated from 3/n where n is the total
number of units which can be connected in parallel which will still cause the standard bell (as defined in
BS6305 ) to ring.
REN values of less than 0.3 cannot be assigned.
For apparatus which is not capable of forming part of multiple installation, a REN value of 3 is assigned.
REN = 1
If a telephone or other device is connected in parallel with the modem, the combined REN must not exceed
4. A BT supplied telephone may be assumed
to have REN of 1.0 unless otherwise noted.
The approval of this modem for connection to the British Telecom public switched telephone network is
INVALIDATED if the apparatus is subject to any modification in any material way not authorized by
BABT or if it is used with or connected to:
i. internal software that has not been formally accepted by BABT.
ii. external control software or external control apparatus which cause the operation of the modem
associated call set-up equipment to contravene the requirements of the standard set out in
BABT/SITS/82/005S/D.
indirectly to the British Telecom public switched telephone network must be approved apparatus as defined
in Section 22 of the British Telecommunications Act 1984. All apparatus connected to this modem and
thereby connected directly or
COMPLIANCE WITH BS6789: SECTION 3.1 AND PART 2
a. The modem is not capable of allowing Auto Call using '999' or other PABX emergency numbers.
b. Modes other than modes 1, 2, or 3 should not be used on the BT PSTN. This modem is a mode 1 device.
c. Users are advised to check the numbers entered during the Auto Call set up phase prior to dialing.
d. The user should not issue any sequence of commands to the modem which would cause the modem to
exceed the maximum allowable pause of 8 seconds from the time the modem goes off-hook until dialing
begins.
COMPLIANCE WITH DTI 83/009
a. The apparatus is only approved for compatible PBXs. Consult the supplier for an up-to-date list of
compatible PBXs.
b. There is no guarantee of correct working in all circumstances. Any difficulties should be referred to
Multi-Tech Systems.
c. If sockets are required for connexion to the PBX, use the BT post card only if BT owns the wiring to the
PBX.
This apparatus has been approved for the use of the following facilities:
* Auto-calling
* Loop disconnect and MF dialing
* Phone number storage and retrieval by a predetermined code
* Operation in the absence of proceed indication
Copyright Communication Devices Inc. UniGuard
21
Understanding AT Commands
AT commands are used to control the operation of your modem. They are so called
because each command must be preceded by the characters AT to get the ATtention
of the modem.
AT commands can be issued only when the modem is in command mode or online
command mode. The modem is in command mode whenever it is not connected to
another modem. The modem is in data mode whenever it is connected to another
modem and ready to exchange data. Online command mode is a temporary state in
which you can issue commands to the modem while connected to another modem.
To put the modem into online command mode from data mode, you must issue an
escape sequence (+++) followed immediately by the AT characters and the command,
e.g., +++ATH to hang up the modem. To return to data mode from online command
mode, you must issue the command ATO.
To send AT commands to the modem you must use a communication program, such
as the HyperTerminal applet in Windows 95, 98, and NT 4.0, or the communication
program included with your modem. You can issue commands to the modem either
directly, by typing them in the terminal window of the communication program, or
indirectly, by configuring the operating system or communication program to send
the commands automatically. Fortunately, communication programs make daily
operation of modems effortless by hiding the commands from the user. Most users,
therefore, need to use AT commands only when reconfiguring the modem, e.g., to
turn autoanswer on or off.
The format for entering an AT command is ATXn, where X is the command and n is
the value for the command, sometimes called the command parameter. The value is
always a number. If the value is zero, you can omit it from the command; thus,
AT&W is equivalent to AT&W0. Most commands have a default value, which is the
value that is set at the factory. The default values are shown in the AT Commands
section, which begins on the next page.
You must press ENTER to send the command to the modem. Any time the modem
receives a command, it sends a response known as a result code. The most common
result codes are OK, ERROR, and the CONNECT messages that the modem sends
the computer when it is connecting to another modem. For a table of valid result
codes, see Result Codes at the end of this chapter.
You can issue several commands in one line, in what is called a command string. The
command string begins with AT and ends when you press ENTER. Spaces to separate
the commands are optional; they are ignored by the command interpreter. The most
familiar command string is the initialization string, which is used to configure the
modem when it is turned on or reset, or when your communication software calls
another modem.
AT Commands
Command:
Values:
Description:
AT
Command:
Values:
Description:
Enter Key
n/a
Press the ENTER or RETURN key to execute most commands.
Command:
Values:
Description:
Answer
n/a
Answer an incoming call before the final ring.
Command:
Values:
Description:
A/
Command:
Values:
Bn
Description:
B0
B1
B2
B3
B15
B16
Command:
Values:
Default:
Description:
Cn
Command:
Values:
Default:
Description:
C0
C1
Ds
Attention Code
n/a
The attention code precedes all command lines except A/, A:,
and the escape sequence.
Carrier Control
n=1
1
Transmit carrier always off. (Not supported.)
Normal transmit carrier switching (included for backward
compatibility with some software).
Dial
s = dial string (phone number and dial modifiers)
none
Dial telephone number s, where s may up to 40 characters long
and include the 09, *, #, A, B, C, and D characters, and the L,
P, T, V, W, S, comma (,), semicolon (;), !, @, ^ and $ dial string modifiers.
Dial string modifiers:
L
Redial last number. (Must be placed immediately after ATD.)
P
Pulse-dial following numbers in command.
T
Tone-dial following numbers in command (default).
V
Switch to speakerphone mode and dial the following number.
Use ATH command to hang up.
W
Wait for a new dial tone before continuing to dial. (X2, X4,X5, X6, or
X7 must be selected.)
,
Pause during dialing for time set in register S8.
;
Return to command mode after dialing. (Place at end of dial string.)
!
Hook flash. Causes the modem to go on-hook for one-half second, then
off-hook again.
@
Wait for quiet answer. Causes modem to wait for a ring back, then 5
^
$
Command:
Values:
Default:
Description:
DS= y
Command:
Values:
Default:
Description:
En
E0
E1
Command:
Values:
Default:
Description:
Fn
Command:
Values:
Default:
Description:
Hn
Hook Control
n = 0 or 1
0
H0 Goes on-hook (hangs up).
H1 Goes off-hook (makes the phone line busy).
Command:
Values:
Default:
Description:
In
Information Request
n = 05, 9, 11
None
I0 Displays default speed and controller firmware version.
I1 Calculates and displays ROM checksum (e.g., 12AB).
I2 Checks ROM and verifies the checksum, displaying OK or ERROR.
I3 Displays default speed and controller firmware version.
I4 Displays firmware version for data pump (e.g., 94).
I5 Displays the board ID: software version, hardware version, and
country ID.
I9 Displays the country code (e.g., NA Ver. 1).
I11 Displays diagnostic information for the last modem connection,
such as DSP and firmware version, link type, line speed, serial speed,
type of error correction/data compression, number of past retrains, etc.
Command:
Values:
Default:
Description:
Mn
Command:
Nn
Modulation Handshake
Values:
Default:
Description:
n = 0 or 1
1
N0 Modem performs handshake only at communication standard
specified by S37 and the B command.
N1 Modem begins handshake at communication standard specified
by S37 and the B command. During handshake, fallback to a lower
speed can occur.
Command:
Values:
Default:
Description:
On
Command:
Values:
Default:
Description:
Pulse Dialing
P, T
T
Configures the modem for pulse (non-touch-tone) dialing.
Dialed digits are pulsed until a T command or dial modifier is received.
Command:
Values:
Default:
Description:
Qn
Command:
Values:
Default:
Description:
Sr= n
Command:
Values:
Default:
Description:
Sr?
Command:
Values:
Default:
Description:
Tone Dialing
P, T
T
Configures the modem for DTMF (touch-tone) dialing. Dialed
digits are tone dialed until a P command or dial modifier is received.
Command:
Values:
Default:
Description:
Vn
Command:
Values:
Default:
Wn
Description:
Command:
Values:
Default:
Description:
Xn
Command:
Values:
Default:
Description:
Yn
Command:
Values:
Default:
Description:
Zn
Modem Reset
n = 0 or 1
None
Z0 Resets modem to profile saved by the last _W command.
Z1 Same as Z0.
Command:
Values:
Default:
Description:
&Bn
Command:
Values:
Default:
Description:
&Cn
Command:
Values:
Default:
Description:
&Dn
&D1 If DTR drops while in online data mode, the modem enters
command mode, issues an OK, and remains connected.
&D2 If DTR drops while in online data mode, the modem hangs up.
If the signal is not present, the modem will not answer or dial.
&D3 If DTR drops, the modem hangs up and resets as if an ATZ
command were issued.
Command:
Values:
Default:
Description:
&En
Command:
Values:
Default:
Description:
&Fn
Command:
Values:
Default:
Description:
&Gn
Command:
Values:
Defaults:
Description:
&Kn
Command:
Values:
Default:
Description:
&Qn
Command:
Values:
Default:
Description:
&Sn
Command:
Values:
Default:
Description:
&Tn
&V
Command:
Values:
Default:
Description:
&Wn
Command:
Values:
&Z y=x
Command:
Values:
Description:
&&S
Command:
Values:
Default:
Description:
\An
Command:
Values:
Default:
Description:
\Bn
Transmit Break
n = 09 in 100 ms units
3
In non-error-correction mode only, sends a break signal of the specified
length to a remote modem. Works in conjunction with the \K command.
Command:
Values:
Default:
Description:
\Jn
Default:
Description:
Command:
Values:
Default:
Description:
\Kn
Break Control
n = 05
5
Controls the response of the modem to a break received from
the computer, the remote modem, or the \B commnd. The response
is different for each of three different states.
Data mode. The modem receives the break from the computer:
\K0 Enters online command mode, no break sent to the remote modem.
\K1 Clears data buffers and send break to the remote modem.
\K2 Same as \K0.
\K3 Sends break immediately to the remote modem .
\K4 Same as \K0.
\K5 Sends break to the remote modem in sequence with the transmitted
data.
Data mode. The modem receives the break from the remote modem:
\K0 Clears data buffers and sends break to the computer.
\K1 Same as \K0.
\K2 Sends break immediately to the computer.
\K3 Same as \K2.
\K4 Sends break to the computer in sequence with the received data.
\K5 Same as \K4.
Online command mode. The modem receives a \Bn command
from the computer:
\K0 Clears data buffers and sends break to the remote modem.
\K1 Same as \K0.
\K2 Sends break immediately to the remote modem.
\K3 Same as \K2.
\K4 Sends break to the remote modem in sequence with the transmitted
data.
\K5 Same as \K4.
Command:
Values:
Default:
Description:
\Nn
Command:
Values:
Default:
Description:
\Qn
Command:
\T n Inactivity Timer
AA
Values:
Default:
Description:
n = 0, 1255
0
\Tn Sets the time (in minutes) that the modem waits after the last
character is sent or received before it disconnects. A value of
zero disables the timer. Applies only in buffer mode.
Note: You can also set the inactivity timer by changing the value of
S30.
Command:
Values:
Default:
Description:
\Vn
Command:
Values:
Defaults:
Description:
\Xn
XON/XOFF Pass-Through
n = 0 or 1
0
\X0 Modem responds to and discards XON/XOFF characters.
\X1 Modem responds to and passes XON/XOFF characters.
Command:
Values:
Defaults:
Description:
-Cn
Command:
Values:
Default:
Description:
%A
Command:
Values:
Description:
%B
Command:
Values:
%Cn
Default:
Description:
1
%C0 Disable sV.42bis/MNP 5 data compression.
%C1 Enables V.42bis/MNP 5 data compression.
Command:
Values:
Default:
Description:
%DCn
AT Command Control
n = 0 or 1
0
%DC0 The modem responds to AT commands.
%DC1 The modem ignores AT commands.
Note: The modem will respond to AT%DC for 10 seconds after it is
turned on.
Command:
Values:
Default:
Description:
%En
Command:
Values:
Default:
Description:
$Dn
DTR Dialing
n = 0 or 1
0
$D0 Disables DTR dialing.
$D1 Dials the number in memory location 0 when DTR goes high.
Command:
Values:
Default:
Description:
$EBn
Command:
Values:
Default:
Description:
$SBn
Command:
Values:
Default:
Description:
+ES=n
CC
Command:
Values:
Default:
Description:
+VCID=n
Caller ID Selection
n = 0, 1, or 2
0
Enables Caller ID detection and configures the reporting and
presentation of the Caller ID data that is detected after the first
ring. The reported data includes the date and time of the call,
the caller's name and number, and a message.
+VCID=0 Disables Caller ID
+VCID=1 Enables Caller ID with formatted data
+VCID=2 Enables Caller ID with unformatted data
Command:
Values:
Default:
Description:
#CBAn
Callback Attempts
n = 1255
4
Sets the number of callback attempts that are allowed after
passwords have been exchanged between modems.
Command:
Values:
Default:
Description:
#CBDn
Callback Delay
n = 0255
15
Sets the length of time (in seconds) that the modem waits before
calling back the remote modem.
Command:
Values:
Default:
Description:
#CBF?
Command:
Values:
Default:
Description:
#CBFR
Command:
Values:
Default:
Description:
#CBIn
Command:
Values:
#CBN y= x
#CBPn
Callback Parity
n = 0, 1, or 2
0
Sets parity for the callback security messages.
#CBP0 No parity.
#CBP1 Odd parity.
Defaults:
Description:
Command:
Values:
Default:
Description:
#CBRy
Command:
Values:
Default:
Description:
#CBS n
Callback Enable/Disable
n = 0, 1, 2, or 3
0
#CBS0 Disables callback security.
#CBS1 Enables local and remote callback security.
#CBS2 Enables remote callback security only.
#CBS3 Disables callback security until local hangup or reset.
Command:
Values:
Default:
Description:
#P n
Command:
Values:
Default:
Description:
#S x
Command:
Values:
Default:
Description:
#S= x
Command:
Values:
Description:
+++AT<CR>
Escape Sequence
n/a
Puts the modem in command mode (and optionally issues a
command) while remaining online. Type +++AT and up to ten
command characters, then press ENTER. Used mostly to issue
the hang-up command: +++ATH<CR>.
Command:
Values:
Description:
EE
S-Registers
Certain modem values, or parameters, are stored in memory locations called S-registers.
Use the S command to read or to alter the contents of S-registers (see previous section).
Register Unit Range Default Description
S0 1 ring 0, 1255 1 Sets the number of rings until the modem
answers. ATS0=0 disables autoanswer
completely.
S1 1 ring 0255 0 Counts the rings that have occurred.
S2 decimal 0127 43 (+) Sets ASCII code for the escape sequence char128255 acter. Values greater than 127 disable escape.
S3 decimal 0127 13 (^M) Sets the ASCII code for the carriage return
character.
S4 decimal 0127 10 (^J) Sets the ASCII code for the line feed character.
S5 decimal 032 8 (^H) Sets the ASCII code for the backspace char33127 acter. Values over 32 disable backspace.
S6 seconds 265* 2* Sets the time the modem waits after it goes
off-hook before it begins to dial the telephone
number.
S7 seconds 1255* 50* Sets the time the modem waits for a carrier
signal before aborting a call. Also sets the
wait-for-silence time for the @ dial modifier.
S8 seconds 265 2 Sets the length of a pause caused by a
comma character in a dialing command.
S9 decimal 0, 1127 37 (%) Sets ASCII code for remote configuration
escape character. S9=0 disables remote
configuration.
S10 100 ms 1254 20 Sets how long a carrier signal must be lost
before the modem disconnects.
S11 1 ms 50150* 95* Sets spacing and duration of dialing tones.
S18 50 ms 0255 20 Sets the time the CD signal drops before
going high again. Used for some PBX and
CBX phone systems. See _C2 command.
S28 decimal 0, 1255 1 0 disables, 1255 enables V.34 modulation.
S30 1 minute 0, 1255 0 Sets the time the modem waits before it
disconnects when no data is sent or received.
A value of zero disables the timer. See also
the \T command
S35 decimal 01 0 0 disables, 1 enables the V.25 data calling
tone, which allows remote data/fax/voice
discrimination.
These values may be different outside North America.
S36 decimal 07 7 Specifies the action to take in the event of a
negotiation failure when error control is
selected. (See S48.)
S37 decimal 019 0 Sets the maximum V.34 upstream speed at
which the modem attempts to connect.
Value Speed
0 maximum modem speed
1 reserved
2 1200/75 bps
3 300 bps
4 reserved
5 1200 bps
6 2400 bps
7 4800 bps
8 7200 bps
9 9600 bps
10 12000 bps
11 14400 bps
12 16800 bps
13 19200 bps
14 21600 bps
15 24000 bps
16 26400 bps
17 28800 bps
18 31200 bps
19 33600 bps
S38 decimal 023 1 Sets the maximum 56K downstream speed
at which the modem attempts to connect.
The default maximum speed is 56K bps.
Value V.90 mode K56flex mode
0 56K disabled 56K disabled
1 56K autorate 56K autorate
2 28000 bps 32000 bps
3 29333 bps 34000 bps
4 30666 bps 36000 bps
5 32000 bps 38000 bps
6 33333 bps 40000 bps
7 34666 bps 42000 bps
8 36000 bps 44000 bps
9 37333 bps 46000 bps
10 38666 bps 48000 bps
11 40000 bps 50000 bps
12 41333 bps 52000 bps
13 42666 bps 54000 bps
14 44000 bps 56000 bps
15 45333 bps
16 46666 bps
17 48000 bps
18 49333 bps
Register Unit Range Default Description
19 50666 bps
20 52000 bps
21 53333 bps
22 54666 bps
23 56000 bps
S42 decimal 01 1 Enables/disables the 56K auto rate. When
56K auto is disabled, fallback to V.34 is also
disabled. 0 = disable; 1 = enable.
S48 decimal 7 or 128 7 Enables (7) or disables (128) LAPM negotiation.
The following table lists the S36 and
S48 configuration settings for certain types
of connections.
S48=7 S48=128
LAPM or async Async
LAPM or hangup Do not use
LAPM, MNP, or aysnc
LAPM, MNP, or hangup MNP or hangup
MNP or async
S36=0, 2
S36=1, 3
S36=4, 6
S36=5, 7
GG
S89 seconds 0, 5255 10 Sets the length of time in the off-line command
mode before the modem goes into standby
mode. A value of zero prevents standby
mode; a value of 14 sets the value to 5.
S108 decimal 03, 6, 7 6 Selects the 56K digital loss if using the modem
thru a PBX line. The default value is -6
dB loss, the value used when calling from a
typical POTS line long distance.
Value Digital loss
0 -0 dB digital loss, no robbed-bit
signaling
1 -3 dB PBX digital loss
2 -2 dB digital loss
3 -3 dB digital loss
6 -6 dB digital loss
7 -0 dB digital loss with robbed-bit
signaling
S109 decimal 02 1 Selects the 56K operating mode.
Value 56K mode
0 K56flex mode (V.90 disabled)
1 Dual mode (K56flex or V.90)
2 V.90 mode (K56flex disabled)
Register Unit Range Default Description
Result Codes
In command mode your modem can send responses called result codes to your computer.
Result codes are used by communications programs and can also appear on
your monitor.
Terse Verbose Description
0 OK Command executed
1 CONNECT Modem connected to line
2 RING Ring signal detected
3 NO CARRIER Carrier signal lost or not detected
4 ERROR Invalid command
5 * CONNECT 1200 Connected at 1200 bps
6 NO DIALTONE No dial tone detected
7 BUSY Busy signal detected
8 NO ANSWER No answer at remote end
10 * CONNECT 2400 Connected at 2400 bps
11 * CONNECT 4800 Connected at 4800 bps
12 * CONNECT 9600 Connected at 9600 bps
13 * CONNECT 14400 Connected at 14400 bps
14 * CONNECT 19200 Connected at 19200 bps
24 * CONNECT 7200 Connected at 7200 bps
25 * CONNECT 12000 Connected at 12000 bps
26 * CONNECT 16800 Connected at 16800 bps
40 * CONNECT 300 Connected at 300 bps
55 * CONNECT 21600 Connected at 21600 bps
56 * CONNECT 24000 Connected at 24000 bps
57 * CONNECT 26400 Connected at 26400 bps
58 * CONNECT 28800 Connected at 28800 bps
59 * CONNECT 31200 Connected at 31200 bps
60 * CONNECT 33600 Connected at 33600 bps
70 * CONNECT 32000 Connected at 32000 bps, 56K rate
71 * CONNECT 34000 Connected at 34000 bps, 56K rate
72 * CONNECT 36000 Connected at 36000 bps, 56K rate
II
INDEX
Add Users, 24
Audit trail, 10
Audit Trail, 17, 29, 30
Authenticate, 18
authentication, 7, 8, 9, 20, 25, 28
baud rate, 19
Boxes, 29
Bypass, 18, 20
Calculator Token, 25, 26
Call Back user, 10, 24
Call Back User, 24
Connectors, 20
Cryptocard Calculator, 25
DCD, 18, 19
default Key, 29
Default Password, 20
Defaults, 17
Define Message Functions, 27
DES, 5, 7, 8, 9, 10, 24, 25
Displays, 18
DPI Calculator, 25
DTR, 18, 19
Encryption, 7, 8, 9, 10, 24, 25
First User Message Delay, 28
Host Accessing a Modem, 10
Host Connect Message, 27
Host Dial Out, 29
Host Port, 20, 21
Host to Modem Access, 28
Inactivity Time, 28
LED, 18
Maintenance Port, 17, 20, 21
modem, 32, 35, 36, 37, 38, 40, 41, 42, 43, 46, 47, 49
Modem Functions, 18
Modify Report Settings, 30
Pager User, 8, 10, 25
Password, 7, 8, 9, 18, 20, 27, 28
PC Token, 8, 9
Power, 18, 20, 22
power supply, 22
primary message, 9
Primary message, 27
private key, 25, 29
Reports, 17, 30
RJ45, 21
Roving User, 10, 24
Secondary message, 27
Secure Call Through, 24
Secure Call through User, 10, 25
Secure Call Through User w/Encryption, 24
security level, 28
Soft Token, 9
switches, 19
System Key, 29
System Options, 27, 28
System Password, 28
terminal, 10, 21, 27, 30
time and date, 28
Token, 7, 8, 9, 10, 24, 25, 26
Token User, 25
Type of User, 24
User Functions, 24
User ID, 24
user profiles, 9
WinGuard, 8, 9, 25
X9.17, 25, 29
JJ