AGA 12.3

UniGuard AES

Manual

UniGuard AES

Rev 303E2

Communication Devices Inc. 85 Fulton Street Boonton, NJ 07005 USA Phone: +1 973 334-1980 Fax: +1 973 334-0545 Internet:[email protected]

Copyright © Communication Devices Inc. UniGuard

1-1

mailto:[email protected]

UNIGUARD/UNIGUARD V34, TABLE OF CONTENTS

1 DIFFERENCES BETWEEN UNIGUARD V.34 AND UNIGUARD V.90 ................................... 1-7

2 GENERAL ......................................................................................................................................... 2-1 2.1 UNIGUARD CLIENT (ENCRYPTION)............................................................................................... 2-1 2.2 UNIGUARD DEMAND DIAL ROUTING DDR.................................................................................. 2-1 2.3 ENCRYPTION ................................................................................................................................ 2-1

2.3.1 Session Keys ........................................................................................................................ 2-1 2.4 CALLER AUTHENTICATION ACCESS CONTROL ............................................................................. 2-1

2.4.1 Challenge/Response with Encryption .................................................................................. 2-1 2.4.2 Challenge/Response with a ‘‘Token’’.................................................................................. 2-2

2.5 TYPES OF TOKENS ........................................................................................................................ 2-2 2.5.1 RSA SecurID Token ............................................................................................................. 2-2 2.5.2 PC Token ............................................................................................................................. 2-2 2.5.3 Soft Token ............................................................................................................................ 2-2 2.5.4 Pager Token......................................................................................................................... 2-2 2.5.5 Challenge/Response without a ‘‘Token’’............................................................................. 2-2

2.6 TYPICAL SESSION......................................................................................................................... 2-3 2.6.1 PC Token or Soft Token Caller with Password ................................................................... 2-3 2.6.2 Non Token Callers ............................................................................................................... 2-4

2.7 HOST ACCESSING A MODEM ........................................................................................................ 2-4 3 USING THE RSA SECURID TOKEN............................................................................................ 3-1

3.1 RSA SECURID TOKEN TYPES....................................................................................................... 3-1 3.2 LOGIN IN ...................................................................................................................................... 3-1 3.3 CONNECTING TO THE ACCESS CONTROL MODULE ....................................................................... 3-1

3.3.1 Enter Passcode:................................................................................................................... 3-1 3.3.2 Getting Your PIN................................................................................................................. 3-1 3.3.3 Receiving a System-Generated PIN..................................................................................... 3-2

3.4............................................................................................................................................................ 3-2 3.5............................................................................................................................................................ 3-2

3.5.1 Making Up Your Own PIN .................................................................................................. 3-3 3.6 LOGGING IN WITH A STANDARD (NON PIN PAD) CARD.............................................................. 3-4

3.6.1 Logging in with a Standard Card ........................................................................................ 3-4 3.7 LOGGING IN WITH A PINPAD CARD ............................................................................................ 3-5 3.8 LOGOFF ........................................................................................................................................ 3-6

4 SYSTEM REPORTS AND DEFAULTS ......................................................................................... 4-1 4.1 DEFAULTS .................................................................................................................................... 4-1

4.1.1 HOST/Link Port Defaults .................................................................................................... 4-1 4.1.2 Modem ................................................................................................................................. 4-1

4.2 GETTING STARTED ....................................................................................................................... 4-1 5 DISPLAYS ......................................................................................................................................... 5-1

5.1 DISPLAYS ..................................................................................................................................... 5-1 5.2 LED FUNCTIONS .......................................................................................................................... 5-1

5.2.1 DTR LED (Data Terminal Ready) ....................................................................................... 5-1 5.2.2 DCD LED (Data Carrier Detect) ........................................................................................ 5-1 5.2.3 Bypass LED ......................................................................................................................... 5-1 5.2.4 Power LED .......................................................................................................................... 5-1

5.3 MODEM LED FUNCTIONS (V34 ONLY)...................................................................................... 5-1 5.3.1 Tx LED................................................................................................................................. 5-1 5.3.2 Rx LED ................................................................................................................................ 5-2 5.3.3 DCD LED ............................................................................................................................ 5-2 5.3.4 28 LED................................................................................................................................. 5-2 5.3.5 14 LED................................................................................................................................. 5-2

Copyright © Communication Devices Inc. UniGuard 1-2


1-3

5.3.6 96 LED................................................................................................................................. 5-2 5.3.7 OH LED............................................................................................................................... 5-2 5.3.8 DTR LED............................................................................................................................. 5-2 5.3.9 EC LED ............................................................................................................................... 5-2 5.3.10 FX LED................................................................................................................................ 5-2

5.4 DIFFERENCES IN V.90 MODEM LED FUNCTIONS ......................................................................... 5-2 5.4.1 56 LED................................................................................................................................. 5-2 5.4.2 33 LED................................................................................................................................. 5-2 5.4.3 14 LED................................................................................................................................. 5-2

5.5 UNIGUARD CONNECTORS ............................................................................................................ 5-3 5.5.1 Host Port Connector............................................................................................................ 5-3 5.5.2 Link Port Connector ............................................................................................................ 5-3 5.5.3 IP Port (10BASE-T)............................................................................................................. 5-3 5.5.4 TELCO (V34) or Modem (Std) Connectors ......................................................................... 5-3 5.5.5 Cabling ................................................................................................................................ 5-3 5.5.6 Wall Mounted Power Supply ............................................................................................... 5-4 5.5.7 Installation........................................................................................................................... 5-4

6 UNIGUARD RACK ADAPTOR KIT.............................................................................................. 6-1 6.1 PREPARING THE UNIGUARD ......................................................................................................... 6-1 6.2 MOUNTING A UNIGUARD IN THE EXPANSION PANEL, ................................................................... 6-1

7 CONFIGURING THE UNIGUARD................................................................................................ 7-1

8 UNIGUARD PARAMETERS .......................................................................................................... 8-1 8.1 LOADING PARAMETERS................................................................................................................ 8-1 8.2 USER FUNCTIONS ......................................................................................................................... 8-1

8.2.1 Add Users ............................................................................................................................ 8-1 8.2.2 User ID ................................................................................................................................ 8-1

8.3 TYPE OF USER .............................................................................................................................. 8-1 8.3.1 Call Back User..................................................................................................................... 8-1 8.3.2 Roving User ......................................................................................................................... 8-1 8.3.3 Secure Call Through User ................................................................................................... 8-1 8.3.4 Secure Call Through User w/Encryption............................................................................. 8-1 8.3.5 Pager User........................................................................................................................... 8-2 8.3.6 Token User........................................................................................................................... 8-2 8.3.7 Calculator Token User ........................................................................................................ 8-2 8.3.8 RSA SecurID Token ............................................................................................................. 8-3

9 DEFINE MESSAGE FUNCTIONS ................................................................................................. 9-1 9.1 PRIMARY MESSAGE...................................................................................................................... 9-1

9.1.1 Primary messages can be up to 1000 characters in length; backspaces may be used for editing Secondary Message ................................................................................................................. 9-1

9.2 HOST CONNECT MESSAGE ........................................................................................................... 9-1 10 SYSTEM OPTIONS.................................................................................................................... 10-1

10.1 SET SECURITY LEVEL................................................................................................................. 10-1 10.2 FIRST USER MESSAGE DELAY.................................................................................................... 10-1 10.3 SET INACTIVITY TIME ................................................................................................................ 10-1 10.4 SET TIME AND DATE .................................................................................................................. 10-1 10.5 MODIFY SYSTEM PASSWORD ..................................................................................................... 10-1 10.6 HOST PORT, DTR OPTIONS ........................................................................................................ 10-1

10.6.1 Host Port DTR, Monitor .................................................................................................... 10-1 10.6.2 Host Port DTR, Ignore ...................................................................................................... 10-1

10.7 HOST DIAL-OUT OPTIONS .......................................................................................................... 10-1 10.7.1 Host Dial-out, Disabled..................................................................................................... 10-1 10.7.2 Host Dial-out, Enabled...................................................................................................... 10-2 10.7.3 Host Dial-out, Auto Authentication ................................................................................... 10-2

10.8 HOST “AT” COMMAND ACCESS................................................................................................. 10-2 10.8.1 Host “AT” Command Access, Disable .............................................................................. 10-2 10.8.2 Host “AT” Command Access, Enabled with CDI Reset .................................................... 10-2 10.8.3 Host “AT” Command Access, Enabled Transparent......................................................... 10-2

10.9 ENABLE/DISABLE TRIPLE DES/AES ......................................................................................... 10-2 10.10 SYSTEM KEY .......................................................................................................................... 10-2 10.11 ASSIGN X917 ID'S: USER/BOX ............................................................................................... 10-2 10.12 POWER/IP OPTION.................................................................................................................. 10-2 10.13 IP DIALOUT 10(BASE-T INTERFACE) .................................................................................... 10-3 10.14 IP (BASE-T INTERFACE) CONNECTION.................................................................................. 10-3

10.14.1 Break Sequence Enable ................................................................................................. 10-3 10.15 IP FILTER ............................................................................................................................... 10-3

10.15.1 Radius Services.............................................................................................................. 10-3 11 NETWORK SERVICES AVAILABLE .................................................................................... 11-1

11.1 DESCRIPTION OF THE NETWORK SERVICE................................................................................... 11-1 11.1.1 Health Status ..................................................................................................................... 11-1 11.1.2 Radius\RSA ACE Support .................................................................................................. 11-1 11.1.3 Remote Ping....................................................................................................................... 11-1 11.1.4 Break Sequence.................................................................................................................. 11-1 11.1.5 DNS Support ...................................................................................................................... 11-1 11.1.6 In-band User Authentication ............................................................................................. 11-1 11.1.7 Remote Telnet .................................................................................................................... 11-2 11.1.8 Point to Point (PPP).......................................................................................................... 11-2 11.1.9 Syslog Messages ................................................................................................................ 11-2

12 REPORTS .................................................................................................................................... 12-1 12.1 AUDIT TRAIL.............................................................................................................................. 12-1 12.2 STATUS REPORT ......................................................................................................................... 12-1 12.3 MODIFY REPORT SETTINGS ........................................................................................................ 12-1 12.4 RESET AUDIT TRAIL................................................................................................................... 12-1

13 MAINTENANCE ........................................................................................................................ 13-1 13.1 BATTERY REPLACEMENT............................................................................................................ 13-1

APPENDIX A V.32 AT COMMANDS BY FUNCTION...................................................................B

APPENDIX B V.32 SPECIFICATIONS.............................................................................................D

14 APPENDIX C V.32 MODEM DEFAULTS.................................................................................E

15 APPENDIX D V.32 S-REGISTER DEFAULTS............................................................................ F

16 APPENDIX E V.32 AT COMMAND SUMMARY ...................................................................... G

17 APPENDIX F V.32 S-REGISTER SUMMARY............................................................................L

18 APPENDIX G V.32 RESULT CODE SUMMARY .................................................................M

19 APPENDIX H V.32 MULTI-TECH SYSTEMS' ESCAPE METHODS INTRODUCTION O

20 APPENDIX I FCC, DOC, AND BABT INFORMATION......................................................... Q

21 APPENDIX J V.90 MODEM AT COMMANDS, S-REGISTERS & RESULT CODES ..........T



1-5

Table of Figures FIGURE 5-1UNIGUARD, FRONT .................................................................................................................... 5-1 FIGURE 5-2 UNIGUARD V34 REAR UNIGUARD REAR ........................................................................... 5-3 FIGURE 5-3 CABLING ................................................................................................................................... 5-3 FIGURE 5-4 WALL MOUNTED POWER SUPPLY ............................................................................................. 5-4

Regulation Compliance, Export Restrictions, Copyright Notice, Warranty and Disclaimers A.1 Regulation Compliance This equipment complies with part 15 of the FCC rules and does not exceed the class B limits for radio noise emissions from digital apparatus as set out in the Department of Communications standards, ICES-003. On the outside surface of this equipment is a label that contains, among other information, the FCC registration number and ringer number (REN). If requested, this information must be provided to the Telephone Company. The ringer equivalence number (REN) is used to determine the quantity of devices that may be connected to the telephone line. Excessive REN’s on the line may result in the devices not ringing in response to an incoming call. In most areas the sum of the REN’s should not exceed five (5). NOTE: Regulations and Compliance for the Modem contained in this product will be found in appendix H WARNING: Changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment. A.2 Export Restrictions This device contains cryptographic DES integrated circuits. Devices containing these circuits are subject to US Federal Government controls and are covered under Title 22, Code of Federal Regulations, part 121 through 128. These devices may not be exported from the Continental United States without proper export license. A.3 Copyright© Notice This equipment and all software and firmware are the copyright property of Communication Devices Inc., Boonton, NJ 07005 USA, 1996 with all rights reserved. The information contained in this manual is considered proprietary to Communication Devices Inc. And is intended for the exclusive use of the original purchaser of the equipment. A.4 Warranty Communication Devices Inc. warranties to the original purchaser that these devices are free from defects in material or faulty workmanship, in normal use for a period of one (1) year from the date of purchase. This warranty is limited to repair or replacement at the option of Communication Devices Inc., of any defective part or component which within one (1) year of the original purchase is determined by Communication Devices Inc. to be defective. All warranty repairs will be made at Communication Devices Inc.'s Main factory in Boonton, NJ 07005.. A.5 Disclaimer While extreme care has been taken in the preparation of the design, software, firmware, hardware and documentation, no liability is accepted by Communication Devices Inc. for loss of profits or any other incidental, special or consequential damage suffered by the purchaser, even if Communication Devices Inc. has been advised of the possibility of such damages, nor for the claim against the purchaser by any other party.



1-7

1 Differences between UniGuard V.34 and UniGuard V.90 The UniGuard V.34 contains a V.34 modem and the UniGuard V.90 contains a V.90 modem. The V.90 modem incorporates both the newer ITU-T V.90 and the older K56flex protocols. Using either of these protocols, Internet service providers (ISP) can send data down stream to a computer at 56K bps speeds because the data normally is converted from digital to analog only once before it reaches the modem. Upstream transmissions and transmissions between client modems are limited to data rates of 33.6K bps, as are downstream transmissions that are converted more than once on the telephone network. The front panel LED displaying the speed of the V.90 modem is different than the V.32 modem Some of the AT commands are different for the V.90.


2-1

2 General The UniGuard is a member of the extensive CDI product line of authentication and encryption devices for dial accessible systems. The UniGuard V.34 and V.90 have been certified by NIST (National Institute of Standard Technology) for ANSI X9.17, the unit has also been approved for FIPS 140-1. It is designed to protect a single host system and has a database capacity of 150 users. The UniGuard V34 includes an internal Multi-Tech modem. Except for the modem functions, all parameters apply to both units. If you have a UniGuard V34, wherever your communications software or operating system provides for modem selection, select "MultiModem MT2834ZDX". If this choice is not available, select "Standard Modem". If you have a UniGuard V90, wherever your communications software or operating system provides for modem selection, select "MultiModem MT5634ZBA". If this choice is not available, select "Standard Modem".

2.1 UniGuard Client (encryption) A special case of the UniGuard (V34 or V90) is a UniGuard Client. This unit can perform most of the encryption functions of the TDES-Modem. The TDES-Modem cannot be loaded from the DDM software but the UniGuard Client can.

2.2 UniGuard Demand Dial Routing DDR The UniGuard Demand Dial Routing is a special case of the UniGuard. It contains different hardware to enable it to encrypt at higher speeds. The maximum data rate that can be encrypted is 56KBBS. It can perform all the functions of the UniGuard.

2.3 Encryption The UniGuard V34 and/or UniGuard V90 is an authenticator as well as an Encryptor and Modem contained within one enclosure. The system provides Cipher Feedback, DES based encryption between a Remote Unit. The system also provides for DES Key management in accordance with ANSI X9.17 for which CDI has been certified by NIST (National Institute of Standard Technology). Each UniGuard V34 and/or UniGuard V90 unit contains a unique ID and a private key.

2.3.1 Session Keys Key management is CDI’s NIST certified X9.17, where each session is transmitted using a different key. When the UniGuard V34 and/or UniGuard V90 calls the Host, the called unit sends a tag indicating that the calling unit has reached an X9.17 Unit. The calling unit then sends it’s ID. The called unit looks up the ID of the calling unit in the database and if found, encrypts a new randomly generated key (the session key) in the key of the caller and sends it to the calling unit. The calling unit decrypts the session key. Both units will use this new session key for the duration of this transaction. At the end of the transaction (session) this session key is erased. This key management takes place transparent to both users.

2.4 Caller Authentication Access Control Caller authentication access control is a method where only a number of select users can gain access to a dial up system. Many schemes are available but after careful analysis they break down into three forms: Challenge/Response with complete session Encryption, Challenge/Response with a ‘‘Token’’ and Challenge/Response without a ‘‘Token’’. A token is essentially an encryption/decryption key.

2.4.1 Challenge/Response with Encryption Challenge Response with Encryption provides the highest degree of security. Once the user has logged on with the User ID and Password, the entire session is encrypted. The user must have one of CDI’s DES (Data Encryption Standard) devices installed at the remote PC.

2.4.2 Challenge/Response with a ‘‘Token’’ Challenge/Response with a Token provides the second highest degree of security. It is analogous to using an ATM card in a bank machine. The Challenge is the request for a PIN number and the response is the PIN number; the Token is the bank ATM Card. Neither the PIN number nor the Bank ATM Card alone will allow access to the machine. CDI’s Tokens provide a high level of security in that all information passing to and from the caller and the system during the authentication process is encrypted in a unique key for each session. The session itself, however, is not encrypted.

2.5 Types of Tokens

2.5.1 RSA SecurID Token The RSA SecurID Token is a patented Token based on time. The Token contained a time clock together with an encryption KEY. The KEY is used to encrypts the time, which is displayed in a window on the token. The caller enters the encrypted displayed information when signing on. The system looks up the Users Key and compares the encrypted information to the information generated by the system with the Users Key. If a match is found the User is authenticated.

2.5.2 PC Token The PC Token is a system developed by CDI that takes a virtual fingerprint of a caller's PC (or Laptop) and uses this as a Encryption key (token) to encrypt and store the caller's private DES (Data Encryption Standard) KEY on the PC’s hard drive. When the caller dials up the UniGuard, the WinGuard software (a TSR program running in the background on the user's PC) sends a user ID (usually the user's name) which the UniGuard uses to locate the caller's private DES Key in its database. A one time “session” KEY is encrypted with the caller's private DES Key and sent to the caller's PC. CDI’s software takes over and decrypts the session key and uses it to encrypt the user's password. The encrypted password is sent to the UniGuard which decrypts the password using the session KEY and if a match is found the caller is authenticated.

2.5.3 Soft Token The Soft Token is contained on a 3.5-inch disk. It provides all the functions of the PC Token except that the disk can be transported and used on any PC. In contrast, the PC Token is unique to a specific computer. The floppy is copy protected.

2.5.4 Pager Token The Pager Token application was developed to allow callers to use a device that they already have in their possession: a pager. When a ‘‘Pager User’’ calls, the system looks up the pager phone number associated with the caller's user ID. A random number is generated, the pager number is dialed and the random number is sent. The caller receives this random number on the pager, calls back the UniGuard and enters this number when requested by the system. If the numbers match, the caller is allowed access to the system. The random number is different for each session.

2.5.5 Challenge/Response without a ‘‘Token’’ Challenge/Response without a Token (ID and/or Password alone) is similar to a telephone credit card call. The Challenge is the request for the card and PIN number and the Response is to enter those numbers. These can be entered without the caller actually presenting the physical credit card (token) to phone. Anyone having knowledge of the credit card number and PIN number can place calls. Other versions of Challenge/Response without ‘‘Tokens’’ are ID and password with dial back access. A remote caller's ID and password along with the caller's telephone number is stored in the UniGuards database. A remote caller places a call and sends an ID and password when prompted. If the ID and password is valid, the caller is disconnected and the UniGuard initiates a call to the phone number listed in the database. This method only insures that the caller has knowledge of the ID and password. There is no TOKEN in this scheme to positively insure that the remote caller is actually the authorized remote user and not a Hacker.


2.6 Typical Session After the UniGuard has been configured with user profiles, a typical session would be as follows: A. A Caller dials into the UniGuards modem port. B. The UniGuard sends the (optional) primary message (which can be anything the system supervisor wants it to be)

Example: Welcome to the Acme Widget Company. This is a closed and private network. If you do not belong on this network please disconnect. Attempting to break into this network can get you into serious trouble. If you need to talk to a security officer, call 800 555 0000.

The system then prompts: Enter User ID> Upon receipt of the caller's ID, the System determines the type of user and proceeds as follows:

2.6.1 PC Token or Soft Token Caller with Password The caller is identified as a Token user by the ID. The same password entered into the UniGuards database will have been entered into the CDI WinGuard© software package located in the caller's PC. Using a random key generator, UniGuard issues a ‘‘session key’’ and encrypts it with the private DES (Data Encryption Standard) key located in the caller's PC Token and sends it to the caller's PC. The WinGuard© software passes the encrypted session key to the PC Token where it is decrypted and used to encrypt the caller's password. The PC Token passes the user's password that has been encrypted in the current Session Key back to WinGuard© which sends it to the UniGuard system. UniGuard receives this and decrypts the password. If a match is found, the caller will be authenticated. All data that pertains to authentication has been transmitted in encrypted form using a unique session key. At no time is the PC Token Key or the Session key visible or stored in the PC or WinGuard© software. Each time a PC Token user accesses the system the data is encrypted in a new, unique session key. This takes place behind the scenes without the caller's intervention (key strokes).


2-3

2.6.2 Non Token Callers If the caller is not a token user the (optional) secondary message (which is composed by the supervisor) will be sent to the caller:

Example: We anticipate the computer being down for a disk maintenance from Friday 11/19 at 16:00 through Saturday 11/20 at 14:00. If you need further assistance call 800 555 0001.

The system then prompts: Enter password> NOTE: If the password is incorrect, the user will again be prompted for his user ID. After 3 incorrect attempts the UniGuard will terminate the call. During the logon process the UniGuard will determine what type of user is calling. If the password is correct and the user is: A. Secure Call through User, the UniGuard will connect the user to the host computer. B. Secure Call through User with Encryption User, the UniGuard will authenticate in the same manner as a Call through User. The UniGuard will then encrypt the entire session in conjunction with the user's remote DES device. C. A Roving User, the UniGuard will send a request for the number at which the roving user can be reached. After hanging up, this number will be dialed and will connect this user to the host computer. At the completion of the session the dialed number will be deleted from memory. If the Roving user enters a Return for the phone number, the system will use the default number stored in the database. D. A Call Back user, the system will look up the phone number in memory. This number will then be dialed and the user will be connected to the host computer. E. A Pager User, the UniGuard will disconnect and dial the user's pager and insert a random generated number. When the user calls back, re-enters the ID and enters this number correctly at the prompt, connection to the host will be established. All transactions, including the user ID, time, date and action will be placed into the Audit trail.

2.7 Host Accessing a Modem If the modem is not busy with a call (Carrier not high), the Host can access a modem and use this modem to place a call or check its configuration or anything else one can do with a modem. Access to a modem is accomplished by keying in an ‘‘AT [CR][LF]”. The initial AT will not be visible on the Host terminal but the ‘‘OK’’ response from the modem will be.



2-5

2.8 AES (Advanced Encryption Standard) The Advanced Encryption Standard (AES) is an encryption algorithm securing sensitive but unclassified (SBU) material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector. In January of 1997, a process was initiated by the National Institute of Standards and Technology (NIST), to find a more robust replacement for the Data Encryption Standard (DES) and to a lesser degree Triple DES. The specification called for a symmetric algorithm (same key for encryption and decryption) using block encryption of 128 bits in size, supporting key sizes of 128, 192 and 256 bits. The algorithm was required to be royalty-free for use worldwide and offer security of a sufficient level to protect data for the next 20 to 30 years. On October 2, 2000, NIST announced that Rijndael (pronounced "rain doll" or "Rhine Dahl") had been selected as the proposed standard. On December 6, 2001, the Secretary of Commerce officially approved Federal Information Processing Standard (FIPS) 197, which specifies that all sensitive, unclassified documents will use Rijndael as the Advanced Encryption Standard.

3 Using the RSA SecurID Token

3.1 RSA SecurID Token Types RSA SecurID provides a variety of Tokens. Displayed above are (1) The PINPAD, (2) The Hardware Token, (3) The Key Fob and (4) The Palm Computing Platform.

3.2 Login In The UniGuard, Port Authority or other CDI authentication device, requires entering a valid PASSCODE before allowing you access to a protected computer. The PASSCODE is made up of two elements that only you should be able to supply: Your secret PIN, and the code currently generated and displayed by the SecurID card assigned to you.

3.3 Connecting to the Access Control Module Before any login data can be entered and authenticated, you must be able to communicate with the UniGuard, Port Authority or other CDI authentication devices. It works with the communications equipment already installed for your host system. This means you can dial up the host system and connect to it the way you did before the UniGuard, Port Authority or other CDI authentication device, was installed. Once you have contacted the UniGuard, Port Authority or other CDI authentication devices, press the <Return> key (sometimes-labeled “Enter” or “CR”) once or twice, until the following appears:

3.3.1 Enter Passcode: This prompt means the UniGuard, Port Authority or other CDI authentication device, is ready to communicate.

3.3.2 Getting Your PIN On some systems users will be assigned PINs generated by the UniGuard, Port Authority or other CDI authentication device, (which is preferable for security), while other systems let each cardholder make up his or her own. Ask your security administrator which is the case with your system. In either situation your status is of a first-time cardholder without a PIN. If the system lets you only receive a PIN, read the next subsection, “Receiving a System-Generated PIN.” If the system has you make up (that is, create) your own PIN, skip over the next subsection to the one following, called “Make Up Your Own PIN.”


3-1

3.3.3 Receiving a System-Generated PIN

1. At your terminal keyboard (provided no one else can see your screen), press <Return>. The system will prompt you to enter a PASSCODE.

2. At the Enter PASSCODE prompt, type a delimiter like a frontslash (/) or comma (,) followed by

the serial number on the back of your card (the numbers only, not any preceding letter). Conclude with another delimiter. But don’t press <Return>.

(Delimiters are a separator character between two strings of numbers. Other permissible ones are listed in the upcoming “Logging In” subsection. Note that the leading delimiter is essential when the system is set for varying – length PINs. In a fixed – length – PIN system, leading delimiters are optional.)

3. Now type the cardcode currently displaying on the LCD. Type carefully, and don’t enter anything but the cardcode, even though you were asked for a PASSCODE. This is what you do whenever your card is in new – PIN mode, as it is now.

PINPAD cardholders: First clear your card’s display by entering any digit and pressing the P on the lower right. Wait; and then type in the new code that next displays in the LCD.

3.4 Example If you have a card with s / n 0123456 and the display is currently showing cardcode 956283, you would type:

3.5 /0123456/956283

As you type, you will not see the data you enter; for security, the characters are displayed as asterisks

(*). If you can delete with Delete or Backspace key.

Press <Return>.

The UniGuard, Port Authority or other CDI authentication device, will display, if your input was valid: If You Respond in the Affirmative, You Will Have Ten Seconds To Memorize Your New PIN Are You Ready To Receive Your PIN? (y/n): If incorrect information gets entered, the system displays

Access Denied Try again.

If no one else can see your screen, type `y`. Answer yes only if no one else can see your screen. Otherwise type `n`, to cancel the operation and leave your card in new – PIN mode. The system will treat the login as if it were unsuccessful and redisplay Enter PASSCODE. Wait until this terminal is more private or go find one that is. Once you type, your new PIN will be displayed:

PIN: 3149 It will be onscreen for 10 seconds. Memorize your new PIN. Don’t write it down.

If you memorize your new PIN before the 10 seconds are up, press <Return> to remove it from view.



3-3

Once you respond to the new – PIN prompt and your PIN is displayed, there’s no way in this session to view it again or to receive another PIN. If you forget the new PIN, you must notify your security administrator that you need to be put back into – PIN mode and repeat this transaction. After the PIN disappears, you’ll be prompted to enter a real SecurID PASSCODE (which is your PIN followed by your cardcode---in this case separated by a delimiter like`/` if the system’s PIN length is set to be variable).

Wait for your cardcode to change. You are now ready to log in with your new PIN. Turn to the “Logging In” subsection next that applies to your card type, standard or PINPAD. Important: Do not reveal your PIN to anyone. Memorize it; don’t write it down. Even if the system generates a PIN for you, only you will know what it is. Nobody, not even the system administrator, can obtain your PIN except from you. It is your responsibility to protect its secrecy. If your SecurID card is ever missing, or if for any reason you feel someone knows your PIN, report it immediately. The security administrator can disable the card or issue a new PIN immediately, and can watch for unauthorized attempts at access.

3.5.1 Making Up Your Own PIN

If your administrator tells you that you can create your own PIN, instead of the system generating one for you, follow the steps in this subsection. Before proceeding, make sure your administrator has told you also how long your PIN can be and whether it can include letters or must be all digits.

Give some thought beforehand to what your PIN will be:

Don’t make up an obvious one like your address, birthday, or phone or office number. Such a PIN has potential to compromise system security. Don’t start with zero, either. (A zero may be used anywhere else.) If the system allows alphanumeric PINs, you may include A-Z/a-z. Such PINs are not case –sensitive: À` is the same as à`. Symbols (+, #, *, etc.) are not valid. Unless the system is set for all PINs to be the same length, you may make up one from 4 through 8 characters.

1. At your terminal keyboard (provided no one else can see your screen), press <Return>.

The system will prompt you to enter a PASSCODE.

2. AT the Enter PASSCODE prompt, type a delimiter like a frontslash (/) or comma (,) followed by the serial number on the back of your card (the numbers only, not any preceding letter). Conclude with another delimiter, but don’t press <Return>. (Delimiters are a separator character between two strings of numbers. Other permissible ones are listed in the upcoming “Logging In” subsection. Note that the leading delimiter is essential when the system is set for varying –length PINs, which is the shipment default in this release. In a fixed –length –PIN system, leading delimiters are optional.)

3. Now type the cardcode currently displaying on the LCD.

Type carefully, and don’t enter anything but the cardcode, even though you were asked for a PASSCODE. This is what you do whenever your card is in new –PIN mode, as it is now. PINPAD cardholders: First clear your card’s display by entering any digit and pressing the P on the lower right. Wait; and then type in the new code that next displays in the LCD. (There is more on PINPAD cards in later sections.)

Example If you have a card with s / n 0123456 and the display is currently showing cardcode 956283, you would type:

/0123456/956283

As you type, you will not see the data you enter; for security, the characters are displayed as asterisks (*). If you can delete with Delete or Backspace key.

Press <Return>.

If your input was valid, the UniGuard, Port Authority or other CDI authentication device, will display:

Enter New PIN

If your input was NOT valid, the system displays

Access Denied

Try again.

Assuming no one else can see your screen, type the PIN you would like to have. What you type will not be displayed. To confirm the PIN, the UniGuard, Port Authority or other CDI authentication device, will ask you to re-enter it. If the two entries match (and the PIN is acceptable to the system), it will acknowledge that the new –PIN transaction has been completed. There are a few more restrictions on what PIN types are allowed, so if the PIN you made up is not accepted, you will receive an error message, and must create a different one.

When your PIN is accepted and a new code appears an your SecurID card, you are ready to log in to the system using a real SecurID PASSCODE (which is your PIN followed by your cardcode-in this case separated by a delimiter like `/` if the system’s PIN length is set to be variable). To find out how, read the Logging In subsection that applies to your card type, standard or PINPAD.

3.6 Logging In with a Standard (Non PIN PAD) Card

3.6.1 Logging in with a Standard Card If you have a standard (non-PINPAD) card, follow these steps.

1. At the Enter Passcode prompt, type your PIN. Do not press <Return>. If your PIN contains letters, they can be entered upper-or lowercase: à` is the same as À`.

2. Type in a delimiter; still do not press <Return>. As mentioned, delimiters really are required only with varying –length –PIN systems (the default); they’re optional in systems with fixed – length PINs. Your administrator will tell you what the situation is.

3. Type the code currently displayed in the LCD of your SecurID card. For example, if your PIN is 20140c and your card is currently displaying 2599343, the procedure up to this point could go like this: Enter PASSCODE: 20140c,2599343

[The numbers don’t actually appear]



3-5

If the PASSCODE contains letters, as with a hexadecimal card, they can be entered in either upper-or lowercase: à` is the same as À`.

4. Now press <Return>. Once you enter a valid PASSCODE, a confirming message will appear if no one was set by your administrator, saying that you can access the system. The host-computer prompt will appear in any case, indicating a successful login. You are ready to use the host system just as you usually do. If you enter an invalid data, the system will display:

Access Denied Try again. Usually you have three chances, although this is administrator-settable. Use the Delete or Backspace key as necessary. For security, once accepted, a SecurID PASSCODE cannot be reused. If you log out and try to log in again before the cardcode changes, you won’t succeed the second time and will have to wait until it does change.

3.7 Logging in with a PINPAD Card If you have a PINPAD card, follow these steps:

1. Enter your PIN into the card by pressing the keys along the bottom. Then press the diamond below the keys. Make sure the LCD cannot be viewed by anyone else. The code generated by the card and showing in the LCD is your PASCODE, your PIN hidden within it.

2. At the terminal keyboard, type a delimiter. Do not press <Return>. As mentioned, delimiters really are required only with varying –length –PIN systems (the default); they’re optional in systems with fixed – length PINs. Your administrator will tell you what the situation is. Permitted delimiters include: Comma [,], frontslash [/], backslash [\], space, tab [TAB], colon [:], semicolon [;], plus sign [+], minus sign/hyphen [-], pound/ space sign [#], asterisk [*], vertical bar [ | ].

3. Type the 6 – 8 digit serial number on the back of your card, concluding with another delimiter; still do not press <Return>.

4. Then type the PASSCODE currently displayed in the LCD of your SecurID card. As an example with card 1987654: Type your PIN into the PINPAD, press the diamond, and observe the cardcode to, say 5368127 At your keyboard, at the Enter PASSCODE prompt, type: /1987654/5368127 [the screen displays only asterisks] If the PASSCODE contains letters, as with a hexadecimal card, they can be entered in either upper- or lowercase: à` is the same as À`. If you mistype, you can delete with the Delete or Backspace key.

5. Now press <Return>.


Once you enter a valid PASSCODE, a confirming message will appear if no one was set by your administrator, saying that you can access the system. The host-computer prompt will appear in any case, indicating a successful login. You are ready to use the host system just as you usually do. If you enter an invalid data, the system will display:

Access Denied Try again. Usually you have three chances, although this is administrator-settable. Use the Delete or Backspace key as necessary. For security, once accepted, a SecurID PASSCODE cannot be reused. If you log out and try to log in again before the cardcode changes, you won’t succeed the second time and will have to wait until it does change.

Note: As you should be clear from the preceding sentences, the next few codes displayed in the LCD may be valid PASSCODEs. So as soon as you’ve logged in, clear your card by pressing the P key. If you didn’t and someone else got hold of the card during this time, he or she might be able to use it to log in and gain access as you. The ‘Next Code’ Prompt Sometimes after you’ve typed your PASSCODE correctly, the system may still ask you to enter the next cardcode that comes up:

Please Enter the Next Code Displayed on Your Card. Next Code:

Standard cardholders

Wait until the cardcode changes, then go ahead and carefully type it in, followed by <Return>. Do not enter your PIN. Now you should be able to gain access.

PINPAD cardholders Wait until the time – indicator stack counts down and reappears at full height. Then re-key your PIN into the card, press the diamond (not the P), and type this second PASSCODE, followed by <Return>. Now you should be able to gain access. This request is not necessarily due to an error on either your part or the UniGuard, Port Authority or other CDI authentication device; it’s a step in the system’s evasive – action strategies. The prompt also may appear if your card hasn’t been used to log in for a few weekends or more.

3.8 Logoff To log off from an UniGuard, Port Authority or other CDI authentication devices - protected system, it is essential to system security that you follow your usual good logoff procedures. The security exposure that results from a user’s failure to log off properly is quite serious and renders the computers system vulnerable to attack. Such a user breach creates a route into the system security measures. If you have any uncertainty about what the proper procedure is for a clean session termination and communications disconnect, see your system administrator.


4-1

4 System Reports and Defaults The report section provides information for the systems manager on the use of the system. The statistics provided by these reports are useful when attempting to estimate hardware requirements for future similar systems. The report section also provides an Audit Trail, Trouble Report and a number of reports pertaining to various types of Users and their access to the system. NOTE: Some of the reports and use of Tokens are covered by CDI Patents or Patent Pending.

4.1 Defaults The system is asynchronous, defaulting to 9600 baud, with 8 data bits, no parity, one stop bit and port security enabled. The unit is capable of operating at speeds (limited by the modem) up to 33.6K baud. For non-encrypted use, the host port can be set as high as 57.6K baud. For encrypted use it should not be set higher than 19.2K baud. Any speed above 19.2K Baud will yield a data rate of about 22K.. Operation, including key management is totally transparent to the user.

4.1.1 HOST/Link Port Defaults The data structure of the HOST port defaults 9600 baud, 1 Start Bit, 8 Data Bits, no Parity and 1 Stop Bit. The data structure of the linke port is fixed at those parameters. This is configured through the DDM Distributed Database software.

4.1.2 Modem The data structure of the Modem defaults to the same as the HOST Port: 1 Start Bit, 8 Data Bits, no Parity and 1 Stop Bit. This is configured through the DDM Distributed Database software.

4.2 Getting Started The UniGuard unit MUST be delivered to the Security Officer. He or she will have the responsibility of maintaining the database and initially loading the user parameters. This is configured through the DDM Distributed Database software.


4-1

5 Displays

Figure 5-1UniGuard, Front

5.1 Displays The unit contains 4 LED’s located on the Front panel. They are DTR, DCD, BYPASS, and POWER.

5.2 LED Functions

5.2.1 DTR LED (Data Terminal Ready) The DTR LED is yellow and is in the ON condition when the device is connected to a host device that has DTR in the active (ON) state.

5.2.2 DCD LED (Data Carrier Detect) The DCD LED is yellow providing dual functions; When DCD (Carrier) from the modem is in the ON condition the LED will blink (during logon). When the caller is authenticated the LED will be ON (steady).

5.2.3 Bypass LED The Bypass LED is red and provides a dual function. NOTE: This LED will only function if the Authentication switch is enabled in the System Options setup. This is configured through the DDM Distributed Database software. When the Authenticate Enable/Disable switch is placed in the Disable (down) position the Bypass LED will blink for approximately three (3) seconds. During this time if the Enable/Disable switch is placed back into the Enable (up) position the Default Link Password (which is “password”) and the default Seed Key will be installed. If the Enable/Disable switch is left in the disable position the Bypass LED will be in the ON position (not blinking) after the three (3) second period (if switch is Enabled). NOTE: When the Authentication Enable/Disable is in the Disable position (down), the UniGuard provides NO PROTECTION. Callers will have direct access to the host through the modem.

5.2.4 Power LED The Power LED is green and will be in the ON condition when the wall mounted supply is properly connected to the unit and the power switch is in the “On” position.

5.3 Modem LED Functions (V34 ONLY) The Front Panel also contains 10 smaller LED’s for the Modem Functions. They are Tx, Rx, DCD, 28, 14, 96, OH, DTR, EC and FX.

5.3.1 Tx LED The Tx LED is illuminated when the modem is transmitting.


5-1

5.3.2 Rx LED The Rx LED is illuminated when the modem is receiving data.

5.3.3 DCD LED The DCD LED is illuminated when the modem detects a valid carrier signal from another modem.

5.3.4 28 LED The 28 LED is illuminated when the modem is set for 28,800 BPS operation. Unless another baud rate is selected and stored, the 28 LED lights when the modem is powered. The 28 and 14 LED's both will be illuminated when the modem operates at 26,400, 24,000, 21,600, 19,200 or 16,800 BPS.

5.3.5 14 LED The 14 LED is illuminated when the modem is set for 14,400 BPS operation. The 14 and 96 LED's will both be illuminated when the modem is operating at 12,000 BPS.

5.3.6 96 LED The 96 LED is illuminated when the modem is set for 9,600 BPS operation. No Speed LED will be illuminated when the modem operates below 9600 BPS.

5.3.7 OH LED The OH LED will be illuminated when the modem is off-hook, which occurs when the modem is dialing, on-line, answering a call or busied out. The LED will flash when the modem pulse dials.

5.3.8 DTR LED The DTR LED will be illuminated when the UniGuard initializes the internal modem. It is on all the time in the UniGuard-V34. Actual DTR is indicated by the yellow DTR LED on the UniGuard display.

5.3.9 EC LED The EC LED will be illuminated when the modem is in the error correction mode. It will flash on and off when compression is activated.

5.3.10 FX LED The FX LED will be illuminated when the modem is in the fax mode. NOTE: When the modem is first powered the speed LED’s flash briefly as the modem performs a self test, then the LED for the default baud lights.

5.4 Differences in V.90 Modem LED Functions The differences in the modem LED’s are all in the numbered LED’s

5.4.1 56 LED The 56 LED is illuminated when the modem is set for or connects using either K56flex or the V.90 protcol. The actual connection speed depends on ISP server capabilities and line conditions

5.4.2 33 LED The 33 LED is illuminated when the modem connects using the V.34 protocol.

5.4.3 14 LED The 14 LED is illuminated when the modem connects using the V.32bis protocol.


5.5 UniGuard Connectors The connectors, Host, Link, TELCO and Power are located on the back panel of the unit. (V34) For standard UniGuard, the ports are Modem, Host, Link and Power. For Units containing an IP interface the LINK Port is labeled NETWORK and contains the 10BASE-T Interface.

17.5 VAC CTHOST LINK TELCO

Communication Devices Inc. Clifton, NJ 07011 Made in USA

17.5 VAC CT Modem Host Link

Communication Devices Inc. Clifton, NJ 07011 Made in USA

Figure 5-2 UniGuard V34 Rear UniGuard Rear

NOTE: There is no currently accepted standard for RJ45 connectors. Therefore, CDI cables and adapters MUST be used in all interfaces with CDI equipment.

5.5.1 Host Port Connector The Host connector is a RJ45 receptacle. This should be connected to the Dial in port of the host device being protected by authentication. There are different types of connectors and cables depending on the application.

5.5.2 Link Port Connector The Link port connector is also a RJ45 female. This port is used to load set up parameters into the UniGuardV34 through the DDM’s serial port connector. . For Units containing an IP interface the LINK Port is labeled NETWORK and contains the 10BASE-T Interface.

5.5.3 IP Port (10BASE-T) . For Units containing an IP interface the LINK Port is labeled NETWORK and contains the 10BASE-T Interface.

5.5.4 TELCO (V34) or Modem (Std) Connectors The Telco port connector is an RJ11 receptacle. This should be connected directly to the Phone Company line with the cable provided. On the standard UniGuard, the Modem port connector is an RJ45 receptacle. This should be connected to an external modem with the cable and adapters provided.

5.5.5 Cabling

DB9 or DB25 toRJ45 Adaptor

RJ45/RJ45 four feet.

To Host/Link Device

RJ45 Receptac le

To UniGuard Host Port RJ45 Receptacle

RJ45 Plugs

Figure 5-3 Cabling


5-3

2.5.4.1 Host Port and Link Port Cable and adapters Two (three with STD unit) four foot, 8 pin Silver Satin cables with an RJ45 male plug on each end are supplied. One is for connection to the Host port of the UniGuard and the Dial in port of the host device being protected using (usually) the RJ45/DB25M connector. The other is for connection between the link port of the UniGuard and the RS-232 port of the link terminal (The third with the standard unit is for connection to the serial port of a modem). Use the included adapters as required by the specific installation. A standard TELCO cable (V34) containing an RJ11 male plug on one end and an RJ11 male plug on the other for connection between the Telephone line and the TELCO port of the unit is included.

2.5.4.2 Host and Link Port Interface

81 Pin Function1 DSR2 CTS3 GND4 RX5 TX6 DCD7 RTS8 DTR

DCE Pinouts

RJ45 (8 pin modular) socket connector

RJ45 (Plug)Cable Head

5.5.6 Wall Mounted Power Supply The UniGuard is delivered with a wall mounted power supply containing a MiniDIN 3 pin male plug for insertion in the MiniDIN 3 pin female connector on the unit. The unit will be supplied with the proper wall plug and voltage for the country in which the unit will operate. The output of the supply is 17.5Vac CT @ 500 ma.

DIN PowerConnector

Wall Mounted Power Unit

Figure 5-4 Wall Mounted Power Supply

5.5.7 Installation

1. Power connection. Connect the MiniDIN connector from the Wall Mounted Power Supply to the MiniDIN connector on the rear of the UniGuard labeled 17.5VAC CT.

2. Telephone Line connection. For UniGuardV34 units, connect the RJ11 cable from the TELCO connector to the Telephone line.

3. Modem connection. For UniGuard units (without self-contained modems) connect the RJ45 cable connector to the port on the rear of the UniGuard labeled Modem and the other end to the data port of the modem.

4. Host Port connection. Connect the RJ45 cable with appropriate adapter from the Host port on the rear of the UniGuard to the proper port on the Host.

5. Link Port. The Link port is used to Link other UniGuards. 6. I/P Port. . For Units containing an IP interface the LINK Port is labeled NETWORK and contains

the 10BASE-T Interface.


6 UniGuard Rack Adaptor Kit The UniGuard Rack Adaptor Kit will provide a method of mounting up to four (4) UniGuards (any type of UniGuard) in a standard 19-inch Rack cabinet. The Kit consists of an 18.95 inch wide by 1.72 inches in height panel together with two mounting plates. The plates are used as spacers to allow the assembly to align up with other equipment in the rack.

Figure 6-2 UniGuard with front panel and Bezel removed

Rack Panel Part # 01=02-0790 Material: 18996 AL EXTRUSION

18.95 in..

1.72in.

Plate (2) to accommodate mounting screws

Figure 6-1 UniGuard Expansion kit drawing

6.1 Preparing the UniGuard To mount any version of UniGuard, the front panel and bezel must be removed. This will result in the internal RAM information being erased.

6.2 Mounting a UniGuard in the expansion panel, 1. Remove the front panel and bezel by

removing the front two (2) screws.

Figure 6-3 One UniGuard mounted in the panel plus a 2nd UniGuard ready to be mounted

2. Place the UniGuard, less the front panel and bezel behind the Kit panel with the screw holes aligned with the holes in the UniGuard.

3. Place the UniGuard front panel on the expansion panel aligning it with the UniGuard and the mounting holes and screws the UniGuard front panel on the assembly.

4. The Bezel is not required but should be stored for use later if the unit is removed from the expansion panel.

5. The UniGuard RAM must be reloaded.


6-1


7-1

7 Configuring the UniGuard UniGuards can be configured using the DDM Distributed Database Manager software supplied by CDI. The configuration also includes the loading of encryption Keys. A special case of the UniGuard (V34 or V90) is a UniGuard Client performs the same full encryption as the CDI TDES Modem. Any UniGuard V.34 or V.90 can be configured as a UniGuard Client from the DDM software. The DDM software can also set up and extract the various reports.


8-1

8 UniGuard Parameters

8.1 Loading Parameters The loading of parameters will be made from the DDM Distributed Database software as a dial up connection or serial port connection.

8.2 User Functions The User Functions will be made from the DDM Distributed Database software as a dial up connection or serial port connection.

8.2.1 Add Users Users (up to 150), including all their parameters, can be added.

8.2.2 User ID

The User ID. This can be up to 10 characters in length and is usually a name by which the user wishes to be identified.

8.3 Type of User

The type of user is entered. Options are Call Back, Roving, Secure Call Through, Secure Call Through w/Encryption, Pager, Token, Calculator, RSA SecurID.

8.3.1 Call Back User

A Call Back User will be prompted to enter the ID and password. If valid, the UniGuard will hang up and dial the fixed call back number connecting the user to the system. The call back number for a user can contain up to 30 digits. This is the number that will be called once a user has been authenticated.

8.3.2 Roving User A Roving User is treated the same as a Call Back user with the exception that the call back number is a variable that the user is prompted to enter. The user will be prompted to enter the ID, password and the number (up to 30 digits) for UniGuard to call back. (This number will be deleted at the completion of the call). Once the ID and password have been authenticated, the UniGuard will hang up and dial the entered phone number. A default phone number should be entered during setup that the roving user can select by entering a [CR] when prompted for the location number. If the user presses [CR] the call is treated exactly the same as with a Call Back User.

8.3.3 Secure Call Through User A Secure Call Through User will be prompted to enter the ID and password and the UniGuard will acknowledge the caller as a Secure Call Through User and allow direct access to the system.

8.3.4 Secure Call Through User w/Encryption This type of user will call using a CDI DES-Modem or DES-Guard Encryptor and/or a UniGuard V34 or V90. Configured as a UniGuard Client via. the DDM software. (These are CDI remote encryption devices: With one of these devices installed, the entire transaction between the remote and host systems can be encrypted). The following two-stage process takes place between a remote CDI Encryptor and the central site UniGuard device.

• The caller will enter the User ID in the same manner as a Secure Call through User. If the user ID is in the UniGuard database, the remainder of the session including the Password will be encrypted.

• The user's DES (Data Encryption Standard) unit contains a unique 6 digit Unit ID plus a 16 HEX Character X9.17 Private KEY* (also referred to as a Seed Key). When the User ID has been processed,

• The UniGuard will send a CSM (cryptographic service message) tag to the remote (callers) encryption device requesting its 6-digit unit ID.

• The remote encryption unit replies by sending its 6 digit ID to the UniGuard. • The UniGuard looks up the caller's ID in its database and generates a random session KEY. It then

encrypts this key using the remote caller’s private (x9.17) KEY and sends this session KEY to the caller.

• The remote caller's unit decrypts the session KEY and the two units will use this KEY for encrypting this session.

• UniGuard will then request the User Password. If the Password is valid the session can proceed. • At the end of the transaction the session KEY will be deleted. • All transmission with the exception of the caller's 6 digit ID is encrypted. NOTE: If the private key and/or 6 digit unit ID is not the same as defined in UniGuards database, the call

will be dropped. *If Triple-DES is enabled the Private Key will consist of three 16 digit HEX character keys.

8.3.5 Pager User A Pager User will be prompted to enter the ID. The UniGuard will drop the call and generate an 8 digit random number. The UniGuard will then call the user's pager number and send the random number to the Pager Company, which will then display the number on the user's pager. Upon receipt of this number, the user will re-dial the UniGuard and re-enter the ID when prompted. UniGuard will then prompt to “enter number on pager”. If the numbers match, access will be provided to the host computer. When a Pager user is added, the Pager Number can be up to 30 digits (9,1800,5555555,,,,,) Each comma (,) will insert a 2 second pause to allow the paging system's voice response to send the "Please enter your phone number at the tone" prompt. Paging systems vary in the amount of delays required. It is suggested a string of 5 commas be placed at the end of the pager number. Add or subtract commas as required to customize the call for the pager system being accessed.

8.3.6 Token User The remote PC of a Token User will have WinGuard© (a TSR program that runs in the background) software installed. A PIN number will be requested by the Token when WinGuard© is started to be sure that the user and not someone else is using the PC to access UniGuards host. Once the correct PIN is entered, all authentication transactions between the UniGuard and the Token equipped remote take place encrypted, behind the scenes and invisible to the user. The token key is entered into UniGuard using the same format as the X917 private key for an Encrypted user. A one time “session” KEY is encrypted with the remote caller's private DES Token Key and sent to the remote PC. CDI’s software takes over and decrypts the session key and uses it to encrypt the user password. The encrypted password is sent to the UniGuard which decrypts the password using the session KEY and if a match is found the caller is authenticated. It should be noted that once issued, the private DES Token Key and PIN number cannot be changed by the user. If a change is desired, a new Token will have to be issued.

8.3.7 Calculator Token User A Calculator Token User is a variation of the Token User. The system allows for two types of Calculator Tokens: A DPI Calculator or a Cryptocard Calculator Token. These tokens differ only in their internal encryption algorithms; they are operated in the same manner. The remote user has a calculator type device that contains DES encryption. When the user attempts to log on, the UniGuard generates a random 8-digit challenge number and sends it to the remote user. Just as with



8-3

the software Token, the user must enter the correct PIN number to access the Calculator Token. The 8-digit challenge is then keyed into the calculator token, encrypted and displayed. The displayed result, the Response, is keyed into the PC and sent back to the UniGuard. If the response is correct the user is authenticated and connected to the host. In adding a Calculator Token user to the UniGuard database, the only unique information required is the user's ID and Token Key.

8.3.8 RSA SecurID Token The RSA SecurID Token is a patented Token based on time. The Token contained a time clock together with an encryption KEY. The KEY is used to encrypts the time, which is displayed in a window on the token. The caller enters the encrypted displayed information when signing on. The system looks up the Users Key and compares the encrypted information to the information generated by the system with the Users Key. If a match is found the User is authenticated


9-1

9 Define Message Functions The Network Administrator can enter two (2) messages that will be sent to a caller when the request for ID and password are presented. These messages are defined as Primary and Secondary. The purpose of these messages is to allow the network manager to disseminate information to callers: to warn potential intruders, inform authorized users of possible link down time or any other pertinent messages.

9.1 Primary Message The Primary message is optional and is sent to an incoming caller when the modem connects. The user ID request follows this message. A delay before sending this message can be set using the System Options menu. There is no message in the system until installed by the administrator.

9.1.1 Primary messages can be up to 1000 characters in length; backspaces may be used for editing Secondary Message

The Secondary message (also optional) will be sent after the user has entered a proper user ID. The Password request follows this message. There is no default message in the system. Secondary messages can be up to 1000 characters in length; backspaces may be used for editing

9.2 Host Connect Message The Host Connect Message is optional and can be 32 characters in length. It will be transmitted to the Host terminal when a connection is made. This message will insure that the "CONNECT" message normally coming from the modem is not garbled. It is intended for host systems that require this or any other message upon connection. By default there is no message installed.


10-1

10 System Options The System Options allow for various settings of the system parameters

10.1 Set Security Level The security level can be set for:

(0) User ID only (1) User ID and Password

Selecting option (0) will only prompt callers for their ID. Option (1) will prompt for the user ID and original programmed password, without asking for a change.

10.2 First User Message Delay The First User Message Delay is the delay time in seconds after the call is connected (Carrier high on the modem port) until the “Enter User ID>” prompt is sent. The default is 5 seconds. This option is normally left at the default. Some modems continue to handshake even after carrier is high. This is often the case with modems using MMP. Prior to sending information to the incoming caller, a delay is usually required after the call has been established and carrier raised. This will allow the system to accept a complete message without the first few characters being garbled. The maximum delay time is 50 seconds.

10.3 Set Inactivity Time Is a period of time during which, if there is no data flow between the user and host, the call will be terminated. This inactivity only relates to the Log on process; once the caller is authenticated and connected to the Host there is no time out function.

10.4 Set Time and Date The time and datecan be entered into the system from the DDM Distributed Database software.

10.5 Modify System Password The system password (the password that the system administrator uses to program the UniGuard through the dial up port) is entered into the system from the DDM Distributed Database software. NOTE: If the password is forgotten, the default password can be re-installed with the Authenticate Enable/Disable switch.

10.6 Host Port, DTR Options

10.6.1 Host Port DTR, Monitor Device monitors all signals from the Host Application.

10.6.2 Host Port DTR, Ignore Device ignores DTR signal from the Host Application.

10.7 Host Dial-out Options

10.7.1 Host Dial-out, Disabled Excluded from dialing out from the modem.

10.7.2 Host Dial-out, Enabled Ability to dial-out from the modem.

10.7.3 Host Dial-out, Auto Authentication “Provide two methods of use.” a) Dial-in user will request to authenticate for remote console management. b) Ability to dial-out to a Client device for Auto Authentication “Encryption.”

10.8 Host “AT” Command Access

10.8.1 Host “AT” Command Access, Disable This option gives the device full control of the modem for management purposes.

10.8.2 Host “AT” Command Access, Enabled with CDI Reset This option gives the Host application access of the modem but when call is dropped UniGuard will re-synch the modem with an AT Command.

10.8.3 Host “AT” Command Access, Enabled Transparent This option gives the Host Application full access of the modem.

10.9 Enable/Disable Triple DES/AES Enabling this option will increase security by requiring three 16-digit hexadecimal Private Keys (if Triple DES/AES is enabled in the remote Encryptor) instead of just one. Once enabled, the system will prompt for the 3 keys any time a user is added. The default is enabled.

10.10 System Key The System Key is used in the encrypted communication between the UniGuard Manager and a remote UniGuard Box. This Key MUST be the same in both the Units. This encryption occurs when the Manager is sending new parameters and/or extracting the Audit Trail from remote units. This is essentially the same format and principle as the X9.17. The default Key is 0123456789ABCDEF.

10.11 Assign X917 ID's: User/Box This option will determine whether each encrypted User is assigned a specific remote DES encryption device (default) or if one or more DES Boxes are entered into UniGuards database, through any of which multiple encrypted users can access UniGuards host. The database has a capacity of 25 DES boxes. The Box scenario would be desired if there is a remote location with a multiple encryption users accessing the UniGuard through any one of a group of encryption devices. A user could call in through whichever Encryptor is available. This can be entered into the system from the DDM Distributed Database software.

10.12 Power/IP Option

• Power Port Connection (Link Port becomes a Power Port for remote power reset to a Host Application.)

• IP Authentication (Provide In-band Strong User Authentication for remote console management.)


• IP Dial-out

(Ability to access the modem via In-band for dial-up access.)

10.13 IP Dialout 10(BASE-T Interface) The IP Dialout can be used when the unit has been ordered with the IP Option. This option will allow the device to use the LAN for programming purposes and other communications. The IP Dialout can be configured as disabled, Enabled with out encryption or enabled with encryption.

10.14 IP (BASE-T Interface) Connection UniGuard now allows for an IP (BASE-T)Interface, which will allow connection from the Auxiliary Port of the Router to the Link Port of the UniGuard, internally authenticate through the Host port of the UniGuard into the Console Port of the Router. This is accomplished with a TELENET Session.

Router

Console Auxiliary

Link Host

UniGuard

10.14.1 Break Sequence Enable If the Break sequence command via Dialup and Inband through all Host Ports for remote Application is required, make sure to set the Port number on the IP properties to 23. This is the only port that supports the Break Sequence command.

10.15 IP Filter • Exclude

(Exclude a range of IP Addresses from accessing the device.)

• Include (Include a range of IP Addresses to access the device.)

10.15.1 Radius Services If the unit has an IP Interface installed The unit supports Radius Authentication onto a Radius Server.


10-3

11 Network Services available The UniGuard provides the following Network Services when the IP Option board has been delivered with the unit. The following services supported in IP boards containing Rev 4.03 and above

• Health Status * • Radius-RSA ACE Server support • Remote Ping

* Note: For Health Status service to work, the UniGuard firmware needs to be 8.16 or above.

The following services supported in IP boards containing Rev 3.04 and above • Break Sequence • DNS/NET BIOS Support • In-band User Authentication • Radius • Remote Telnet • Point to Point (PPP) • Syslog • NET BIOS

NOTE: IP Boards support SNMP Simple Network Management Protocol Traps

11.1 Description of the Network service

11.1.1 Health Status The Health Status will enable the Unit to report back real time Alert messages to the Distributed Database Manager and Syslog Server for system activities and unexpected behaviors. For Health Status service to work, the UniGuard firmware needs to be 8.16 or above.

11.1.2 Radius\RSA ACE Support IP Interface supports all types of Radius Servers including RSA ACE Server.

11.1.3 Remote Ping Once authenticated into a CDI unit the IP Interface allows the ability to remotely ping an application.

11.1.4 Break Sequence The Break Sequence allows the Ability to send a break sequence via the LAN. Only Port 23 on the IP allows this function.

11.1.5 DNS/NET BIOS Support DNS Support allows the ability to provide a Domain Name system (DNS) IP Address for translation use between Domain Names and IP Addresses.

11.1.6 In-band User Authentication In-band User Authentication provides the ability to authenticate via the LAN into a CDI unit for Console Management.


11-1


11.1.7 Remote Telnet Remote Telnet provides for Strong User Authentication security via a telnet session for InBand host access.

11.1.8 Point to Point (PPP) Point to Point (PPP) provides the ability to establish a Point to Point (PPP) for remote network access.

11.1.9 Syslog Syslog Messages can be sent to the Syslog Server and/or the DDM and will report back real time Logs for all activities on a device.

12 Reports There is a variety of Reports available. They can be accessed from the DDM Distributed Database software.

12.1 Audit Trail The Audit Trail report lists the entire activity report since the last time the log was cleared. The log in time, log off time, user ID and the results (action) of each access is listed.

12.2 Status Report The Status Report displays the current port status of the host and modem.

12.3 Modify Report Settings Modify Report Settings allows the enabling or disabling of real time audit displays as well as setting the time interval in seconds for the update of the real time display. If enabled, a new report will be generated every 0 to 60 seconds (as selected) which can be monitored by a terminal connected to the link port.

12.4 Reset Audit Trail This can be entered into the system from the DDM Distributed Database software.


12-1


13-1

13 Maintenance

13.1 Battery replacement Located on the internal circuit board is a coin type battery 3.0 Volts D.C. When replacing the battery it MUST be replaced with a similar battery (model BR2330 or equivalent).

NOTE: REPLACEING THE BATTERY WITH AN INCORRECT TYPE MAY RESULT IN AN EXPLOSION.


A

Appendix Summary The Appendixes apply to the Multi-Tech modem enclosed within the UniGuard V34. NOTE: Wherever your communications software or operating system provides for modem selection,

select "MultiModem MT2834ZDX". If this choice is not available, select "Standard Modem". Appendix A, AT COMMANDS BY FUNCTION Appendix A is a set of the AT Commands listed by Function. Appendix B, MODEM SPECIFICATIONS Appendix B contains the Specifications for the Multi-Tech Modem contained within the equipment. Appendix C, MODEM DEFAULTS Appendix C contains the default settings of the modem. Appendix D, S-REGISTER DEFAULTS Appendix D contains the default settings for the S-Register. Appendix E, AT COMMAND SUMMARY Appendix E contains a complete description of the AT Commands. Appendix F, S-REGISTER SUMMARY Appendix F contains the “S” register Summary. Appendix G, RESULT CODE SUMMARY Appendix G contains the Result Code Summary (Terse and Verbose) Appendix H, MULTI-TECH SYSTEM ESCAPE METHODS Appendix H contains the method use by Multi-Tech for Escape Commands. Appendix I, FCC, DOC and BABT INFORMATION Appendix I pertains to FCC, DOC and BABT regulations. The suggested AT Command string for the MultiTech modem is:

AT&C1&D2&E14#L1X4&W<CR>

Appendix A V.32 AT COMMANDS BY FUNCTION TOPIC COMMAND DESCRIPTION Dialing D Dial Action $D DTR dialing A: Continuous redial H On-hook/off-hook Dial P Pulse dial Modifiers T Tone dial W Wait for new dial tone R Reverse originate/answer mode , Dialing pause : Continuous redial ; Return to command mode after dialing ! Flash on-hook @ Quiet answer $ Call card tone detect Phone Number D...N Store phone number Memory N Dial a stored number N...N Number linking L List stored telephone numbers Configuration &W Store configuration & Default &F Load default config. Storage Z Modem reset Modem E Echo command mode characters Response Q Result codes enable/disable Commands &Q Result codes (Multi- Tech or standard) V Result codes (verbose/terse) X Result codes and call progress &A Answerback caller ID Phone Line M Modem speaker control Conditioning #T Trellis coded modulation #F Fallback modes when on- line Y Long space disconnect

&G Guard tones &P Set pulse dial ratios B Answer tone #A Auto speed detection RS-232c &C Carrier Detect control Interface &D Data Terminal Ready control Controls &R Clear to Send control &S Data Set Ready control &RF CTS/RTS interaction control &SF DSR/CD interaction control Error &E0 Non-Error Correction mode Correction &E1 Auto-Reliable mode and Data &E2 Reliable mode Compression &E14 Data compression disabled &E15 Data compression enabled #L V.42 error correction modes $A Auto-Reliable buffering $F Auto-Reliable fallback character enable/disable $R Retransmit count

Copyright © Communication Devices Inc. UniGuard B


C

$E V.42 error correction at 300 bps Speed $BA Baud adjust on/off Conversion $MB Modem baud rate $SB Serial port baud rate Immediate $H Help screens Action I Inquire product code Commands L5 List current operating parameters L6 List S-Register values L8 List on-line diagnostics A/ Repeat last command Flow Control &BS Maximum Reliable block size $EB Asynchronous word length (10/11-bit) &E3 Flow control disabled &E4 Hardware flow control &E5 Xon/Xoff flow control &E6 Xon/Xoff no pass-thru &E7 Xon/Xoff pass-through &E8 Hewlett Packard ENQ/ACK pacing off &E9 Hewlett Packard ENQ/ACK pacing on &E10 Non-Error Correction mode flow control off &E11 Non-Error Correction mode flow control on &E12 Pacing off &E13 Pacing on #X Number of Xoff characters sent Escape +++AT<CR> Default in-band escape code Sequences <BREAK>AT<CR> Alternate out-of-band escape code %E Escape sequence options A Force answer mode O Go back on-line Diagnostics &T Respond to remote digital loopback signal

U Loopback test modes

Appendix B V.32 Specifications Model Number: MT2834ZDX Data Rates (Modem): 0-300, 1200, 2400, 4800, 9600, 12,000, 14,400bps, 16,800 19,200 BPS, 21,600, 24,000, 26,400, 28,800 and 33,600 Data Rates (Fax): 4800, 9600, 14,400 BPS Data Format (Modem): Serial, binary, asynchronous Compatibility (Modem): Bell 212A and 103/113, ITU V.22; V.22bis, V.29, V.32, V.32bis, V.42, .42bis, AT&T V.32 terbo, and V.34 Compatibility (Fax): ITU Group 3, T.4, T.30, V.21, V.27ter, V.29, V.17, and EIA TR 29.2 Error Correction: ITU V.42 (LAP-M or MNP 2- 4) Data Compression: ITU V.42 (4:1 throughput) or MNP 5 (2:1 throughput) Speed Conversion: Serial port data rates adjustable to 300, 1200, 2400, 4800, 9600, 12,000, 19,200, 38,400, 57,600, and 115,200 BPS Mode of Operation: Half or full duplex over dial-up lines; automatic or manual dialing and answer Flow Control: Xon/Xoff, hardware (RTS/CTS), (HP)ENQ/ACK Intelligent Features: Fully AT command compatible, autodial, redial, repeat dial, pulse or tone dial,

dial pauses, call status display, autoparity and data rate selections, keyboard-controlled modem options, on-screen displays for modem option parameters and command lines, help menus

Command Buffer: 60 characters Modulation (Modem): FSK at 300 BPS, PSK at 1200 BPS, QAM at 2400,4800, and 9600 BPS (non-

trellis),QAM with trellis-coded modulation (TCM at 9600, 12,000, 14,400, 16,800, 19,200, 21,600, 24,000, 26,400, 28,800, 31,200 and 33,600 BPS

Fax Modulations: V.21 CH2 FSK at 300 BPS V.27ter DPSK at 2400 and 4800 BPS V.29 QAM at 7200 and 9600 BPS V.17 TCM at 7200, 9600, 12,000, and 14,400 BPS Carrier Frequencies, 28.8K/16.8K BPS: 1700/1800 Hz V.34 Carrier Frequencies 19.2K/16.8K/14.4K/ 12K/9.6K/4.8K BPS: 1800 Hz V.32/V.32bis/V.32 terbo Carrier Frequencies, 2400 & 1200 BPS (V.22bis/V.22 or Bell 212A Standard): Transmit originate: 1200 Hz Transmit answer: 2400 Hz Receive originate: 2400 Hz Receive answer: 1200 Hz Carrier Frequencies, 300 BPS (Bell Standard): 1270 Hz mark, 1070 Hz space for transmit originate 2225 Hz mark, 2025 Hz space for receive originate 2225 Hz mark, 2025 Hz space for transmit answer 1270 Hz mark, 1070 Hz space for receive answer Fax Carrier Frequencies: V.21 Ch2 (Half Duplex) 1650 Hz mark, 1850 Hz space for transmit originate 1650 Hz mark, 1850 Hz space for transmit answer V.27ter 1800 Hz originate/answer V.29 QAM 1700 Hz originate/answer V.17 TCM 1800 Hz originate/answer Transmit Level: -13 dBm Frequency Stability: ±0.01% Receiver Sensitivity: -43 dBm under worst case conditions AGC Dynamic Range: 43 dB Interface: EIA RS-232C/ITU V.24/V.28 Diagnostics: Power-on self test, local analog loop, local digital loop, remote digital

loop. Indicators: LEDs for Transmit Data, Receive Data, Carrier Detect, 28,800,Off-Hook,

Terminal Ready, Error Correction, and Fax. Speaker: Command-controlled speaker for call progress monitoring. Environmental: Temperature range 0 to 50 C (32 to 120 F); humidity range 20-90% (non-

condensing)Power Requirements: 100-130VAC, 50/60 Hz, 0.1A/5W

Copyright © Communication Devices Inc. UniGuard D


E

14 Appendix C V.32 MODEM DEFAULTS $A0 Auto-Reliable Buffering: Discard data received during establishment of Reliable connection. #A0 Auto Speed Detection in Answer Mode: Start at maximum speed and fall back incrementally to

14400 to 12000 to 9600 to 4800 to 2400 to 1200 to 300 BPS. B0 Answer Tone: ITU answer tone. &BS1 Maximum Reliable Block Size: 256 characters. $BA0 Baud Adjust: Baud adjust off, serial conversion on &C1 Carrier Detect Control: CD goes high

when carrier is detected, low when carrier islost. &D2 Data Terminal Ready Control: Modem hangs up when DTR drops and returns to command mode

when DTR goes high again. $D0 DTR Dialing: Disabled. E1 Echo Command Mode Characters: Off. &E1 V.42 Error Correction: Auto-Reliable mode. &E4 Modem-Initiated Flow Control: Hardware flow control &E6 Xon/Xoff Pass-Through: Off. &E8 Hewlett-Packard ENQ/ACK Pacing: Off. &E10 Non-Error Correction Mode Flow Control: Off. &E12 Pacing (Computer-Initiated Flow Control): Off. &E15 Data Compression: On. $EB0 Asynchronous Word Length: 10-bit mode. $E0 V.42 Error Correction at 300 BPS: Off. %E1 Escape Sequence Options: +++ method. &F8 Load Default Configurations: Read factory defaults in ROM. $F1 Auto-Reliable Fallback: Fall back to Non-Error Correction mode connect if <CR> received. #F2 Fallback Modes When On-Line: Fall back incremen tally to 4800 BPS; fall forward when line

improves. #L0 V.42 Error Correction Mode: Modems negotiate V.42 mode. M1 Modem Speaker Control: Speaker on until carrier signal detected. $MB 28800 Modem Baud Rate: 28,800 BPS (MT2834ZDX). P Pulse Dial. &P0 or Set Pulse &P1 &P1 (67-33 ratio) only. Q0 Result Codes Enable/Disable: Result codes sent. &Q0 Result Codes (Multi-Tech or Standard AT): MultiTech responses with modifiers. R0 Reverse Originate/Answer Modes: Off. &R1 Clear to Send Control: Force CTS high (on). $R0 Retransmit Count: Disconnect after 12 retransmits. &RF1 CTS/RTS Interaction Control: CTS acts independently. &S1 Data Set Ready Control: DSR follows CD. $SB57600 Serial Port Baud Rate: 57,600 BPS. &SF0 DSR/CD Interaction Control: DSR follow CD. &T5 Respond to Remote Digital Loopback Signal: Off. #T1 Trellis Coded Modulation: On. V1 Result Codes (Verbose/Terse): Verbose response. &W1 Store Configuration: Off. X0 Result Codes and Call Progress Selection: Basic result codes (CONNECT only); modem does

not look for dial or busy tones. #X0 Number of Xoff Characters Sent After Buffer Is Full: One. Y0 Long Space Disconnect: Disable sending or responding to long space break signal on disconnect

15 Appendix D V.32 S-REGISTER DEFAULTS S0 = 1 Number of rings until modem answers. S1 = 0 Ring count. S2 = 43 Escape code character (+). S3 = 13 Return character (^M). S4 = 10 Line feed character (^J). S5 = 8 Backspace character (^H). S6 = 2 or 4 Dial tone wait: 2 seconds ZDX, 4 seconds ZDXK and ZDXI models. S7 = 45 or 55 Wait for carrier: 45 seconds ZDX and ZDXI, 55 seconds ZDXK models. S8 = 2 or 4 Comma pause time: 2 seconds ZDX, 4 seconds ZDXK and ZDXI models. S9 = 6 Carrier detect response time: 600 ms. S10 = 7 Disconnect delay time: 700 ms. S11 = 70 Tone duration and spacing: 70 ms ZDX, 80 ms all or 80 other models, including ZDX

DOC. S13 = 37 Remote configuration escape character (%). S17 = 25 Length of break time to PC: 250 ms. S24 = 20 DSR/CTS/CD dropout time: 1 second. S26 = 0 Number of failed attempts allowed. S30 = 0 Inactivity timer: disabled. S32 = 20 Time modem will wait for <CR> during escape sequence execution: 2 seconds. S34 = 10 Buffer length of command mode after on-line escape sequence: 10 characters. S36 = 0 Time between DTR inactive and modem off-hook. S37 = 5 Time between DTR active and modem on-hook. S48 = 0 V.34 maximum connect speed.

Copyright © Communication Devices Inc. UniGuard F


G

16 Appendix E V.32 AT COMMAND SUMMARY Command Values Default Description AT Attention Code The attention code precedes all command lines except A/, A:

and escape codes. RETURN RETURN Key Press the RETURN (ENTER) key to execute most commands. A Force Answer Mode Answer call immediately without waiting for ring. A/ Repeat Last Command. Do not precede this command with AT. Do not hit

RETURN to execute. A: Continuous Redial (10 redials in DOC modems) of last number until

answered. &An n = 0 or 1 Answerback Caller ID *** &A0 Answerback off. &A1 Answerback on. $An n = 0 or 1 Auto-Reliable Buffering *** $A0 Discard data received during establishment of Reliable connection $A1 Buffer data received during establishment of Reliable connection #An n = 0-3 Auto Speed Detection in Answer Mode

*** #A0 Start at maximum speed and fall back to 14400 to 12000 to 9600 to 4800 to 2400 to 1200 to 300 BPS.

#A1 Maximum speed only. #A2 Start at maximum speed and fall back incrementally to 4800 BPS only. #A3 Start at 2400 BPS and fall back to 1200 to 300 BPS only. Bn n = 0 or 1 Answer Tone (ZDXI modems only) *** B0 Select ITU V.21 answer tone. B1 Select Bell 103 answer tone. &Bsn n = 0 or 1 Maximum Reliable Block Size &BS0 Maximum transmit block size of 64 characters. *** &BS1 Maximum transmit block size of 256 characters. $Ban n = 0 or 1 Baud Adjust

*** $BA0 Set baud adjust off, speed conversion on. (Serial port speed is independent of modem data rate.)

$BA1 Set baud adjust on, speed conversion off. (Serial port speed is same as modem data rate.)

&Cn n = 0, 1, 2, Carrier Detect Control or 4 &C0 Force Carrier Detect on. *** &C1 Let Carrier Detect follow carrier signal.

&C2 Let Carrier Detect drop (time set by S24) on disconnect, then go high gain.

&C4 Reset modem when Carrier Detect drops. Ds s = phone # Dial telephone number s, where s may include up to 60 digits or T, P, R,

comma, colon, and semicolon characters. DsNd s = phone # Store Phone Number

d = 0 or 1 To store, enter D followed by telephone number s, then N followed by directory number d.

&Dn n = 0, 1, 2, Data Terminal Ready Control or 3 &D0 Modem ignores DTR signal.

&D1 Modem hangs up when DTR drops, disables auto-answer, and returns to command mode when DTR goes high again.

*** &D2 Modem hangs up when DTR drops and returns to command mode when DTR goes high again.

&D3 Modem hangs up and resets to default parameters when DTR drops. $Dn n = 0 or 1 DTR Dialing *** $D0 Disable DTR dialing. $D1 Enable DTR dialing. En n = 0 or 1 Echo Command Mode Characters E0 Do not echo command mode characters. *** E1 Do echo command mode characters.

&En n = 0 thru V.42 Error Correction Modes 15 &E0 Non-Error Correction mode (V.42 disabled). *** &E1 Auto-Reliable mode. &E2 Reliable mode (V.42 enabled). Modem-Initiated Flow Control &E3 Flow control disabled. *** &E4 Hardware flow control. &E5 Xon/Xoff flow control. Xon/Xoff Pass-Through (&E5 selected) *** &E6 Xon/Xoff not passed through. &E7 Xon/Xoff passed through. Hewlett-Packard ENQ/ACK Pacing *** &E8 ENQ/ACK pacing off. &E9 ENQ/ACK pacing on. Non-Error Correction Mode Flow Control *** &E10 Non-Error Correction mode flow control off. &E11 Non-Error Correction mode flow control on. Pacing (Computer-Initiated Flow Control) *** &E12 Pacing off. &E13 Pacing on. Data Compression &E14 Data compression disabled. *** &E15 Data compression enabled. $En n = 0 or 1 V.42 Error Correction at 300 BPS *** $E0 V.42 error correction at 300 BPS disabled. $E1 V.42 error correction at 300 BPS enabled. $Ebn n = 0 or 1 Asynchronous Word Length *** $EB0 10-bit mode enabled. $EB1 11-bit mode enabled. %En n = 0 thru Escape Sequence Options 5 %E0 Modem won't escape. *** %E1 +++ method. %E2 Break method. %E3 Either +++ or Break methods. %E4 No "OK" response to +++. %E5 "OK" response to +++. &Fn n = 0, 8, Load Default Configuration or 9 &F0 Load factory default values from ROM. *** &F8 Read factory default values and DIP switch settings when &F is issued. &F9 Read parameters stored in nonvolatile memory when &F is issued. $Fn n = 0 or 1 Auto-Reliable Fallback Character nable/Disable $F0 Do not fall back to Non-Error Correction mode connect if CR received. *** $F1 Fall back to Non-Error Correction mode connect if CR received. Fn n = 0, 1, Fallback Modes When On-Line or 2 #F0 No fallback when on-line. #F1 Fall back incrementally from maximum speed to 4800 BPS. *** #F2 Fall back incrementally to 4800 BPS, fall forward when line improves. &Gn n = 0, 1, Guard Tones (International only) or 2 *** &G0 Turn off ITU guard tones. &G1 Turn on ITU 550 Hz guard tone. &G2 Turn on ITU 1800 Hz guard tone NOTE: The ZDXK is locked to &G2, which turns on the ITU 1800 Hz guard tone. Hn n = 0 or 1 On-Hook/Off-Hook H0 Go on-hook (hang up). H1 Go off-hook. $Hn n = 1, 2, Help Screens or 3 $H1 Bring up Help Screen #1. $H2 Bring up Help Screen #2.

Copyright © Communication Devices Inc. UniGuard H


I

$H3 Bring up Help Screen #3. In n = 0, 1, Inquire Product Code or 2 I0 Request modem ID #. I1 Request firmware revision #. I2 Request modem description. Ln n = 0, 5, 6, List Commands 7, or 8L List stored telephone numbers. L5 List current operating parameters. L6 List current S-Register values L7 List additional parameters L8 List on-line diagnostic parameters #Ln n = 0, 1, 2, V.42 Error Correction Modes 3, or 8 *** #L0 Modems negotiate V.42 mode. #L1 MNP on and LAP-M off (originate mode only). #L2 LAP-M on and MNP off (originate mode only). #L3 Disable detection phase and go directly to LAP-M. Mn n = 0, 1, 2, Modem Speaker Control or 3 M0 Modem speaker always off. *** M1 Modem speaker on until carrier signal detected. M2 Modem speaker always on. M3 Monitor speaker on during dialing, off during handshaking. $Mbn n = speed Modem Baud Rate $MB75 Select CCITT V.23 mode. $MB300 Select 300 BPS on-line. $MB1200 Select 1200 BPS on-line. $MB2400 Select 2400 BPS on-line. $MB4800 Select 4800 BPS on-line.

$MB7200 Select 7200 BPS on-line. $MB9600 Select 9600 BPS on-line. $MB12000 Select 12,000 BPS on-line.

*** $MB14400 Select 14,400 BPS on-line. $MB16800 Select 16,800 BPS on-line. *** $MB19200 Select 19,200 BPS on-line. *** $MB28800 Select 28,800 BPS on-line. Nd d = 0 or 1 Dial a Stored telephone number d. NdNe... d = 0 or 1 Number Linking

e = 1 or 0 If first number dialed is busy, other stored numbers may be automatically dialed..

O Go Back On-Line Exit command mode and go into on line mode after using the escape code to do the reverse.

P In dialing *** Pulse-Dial command Modem will pulse-dial numbers that follow the P. &Pn n = 0 or 1 Set Pulse Dial Ratios *** &P0 60-40 pulse ratio. &P1 67-33 pulse ratio. NOTE: The ZDXK is locked to &P1, a 67-33 pulse ratio. Qn n = 0, 1, Result Codes Enable/Disable or 2 *** Q0 Result codes sent. Q1 Result codes suppressed (quiet). Q2 No Response answer mode. &Qn n = 0 or 1 Result Codes (Multi-Tech or Standard AT) *** &Q0 Multi-Tech responses with modifiers. &Q1 AT responses with no modifiers Rn n = 0 or 1 Reverse Originate/Answer Mode *** R0 Modem will not reverse modes. R1 Modem will reverse modes. &Rn n = 0, 1, Clear to Send Control or 2 &R0 Let CTS state follow RTS state when on-line.

*** &R1 Force CTS high (on). &R2 Let CTS drop on disconnect for time set by S24, then go high again. $Rn n = 0 or 1 Retransmit Count *** $R0 Disconnect after 12 retransmits. $R1 Do not disconnect after 12 retransmits. &Rfn n = 0 or 1 CTS/RTS Interaction Control &RF0 Let CTS follow RTS. *** &RF1 Let CTS act independently. Sr=n r = 0-11, 13, Set Register Value 24, 25, 30, Set value of S-Register r to value 32, 34, 36, of n, where n is entered in decimal 37 or 48; format. n varies Sr? r = 0-11, 13, Read Register Value 24, 25, 30, Read value of S-Register r and 32, 34, 36, display value in 3-digit decimal 37 or 48; format. n varies &Sn n = 0, 1, Data Set Ready Control or 2 &S0 Force DSR high (on). *** &S1 Let DSR follow CD. &S2 DSR drops on disconnect for time set by S24, then goes high again. $Sbn n = speed Serial Port Baud Rate Baud Adjust $SB300 Select 300 BPS at serial ($BA) must port be off. $SB1200 Select 1200 BPS at serial port. $SB2400 Select 2400 BPS at serial port. $SB4800 Select 4800 BPS at serial port. $SB9600 Select 9600 BPS at serial port. $SB12000 Select 12,000 BPS at serial port. $SB19200 Select 19,200 BPS at serial port. $SB38400 Select 38,400 BPS at serial port. *** $SB57600 Select 57,600 BPS at serial port. $SB115200 Select 115,200 BPS at serial port. &Sfn n = 0 or 1 DSR/CD Interaction Control *** &SF0 Select DSR to follow CD. &SF1 Select DSR to be independent. T Tone-Dial, Modem tone-dials numbers following the T. &Tn n = 4 or 5 Respond to Remote Digital Loopback Signal &T4 Enable response to remote digital loopback signal. *** &T5 Disable response to remote digital loopback signal. #Tn n = 0 or 1 Trellis Coded Modulation #T0 Disable Trellis Coded Modulation. *** #T1 Enable Trellis Coded Modulation. Un n = 0, 1, 2, Loopback Test Modes or 3 U0 Enable analog loop originate mode. U1 Enable analog loop answer mode U2 Enable remote digital loopback mode. U3 Enable local digital loopback mode. Vn n = 0 or 1 Result Codes (Verbose/Terse) V0 Result codes sent as digits (terse response). *** V1 Result codes sent as words (verbose response). W Wait for New Dial Tone Inserted in dialing command, causes modem to wait for

new dial tone. (X2 or X4 must be selected.) &Wn n = 0 or 1 Store Configuration

&W0 Store current settings in NVRAM; modem will load these at power-on or with the ATZ command instead of reading factory ROM defaults.

*** &W1 Do not store settings.

Copyright © Communication Devices Inc. UniGuard J


K

Xn n = 0 thru Result Codes and Call Progress 4 Selection *** X0 Basic result codes (CONNECT only); does not look for dial tone or busy.

X1 Extended result codes (w/CONNECT 1200, CONNECT 2400, etc.); does not look for dial tone or busy signal

X2 Extended result codes with NO DIAL TONE; does not look for busy signal X3 Extended result codes with BUSY; does not look for dial tone. X4 Extended result codes with NO DIAL TONE and BUSY. #Xn n = 0 or 1 Number of Xoff Characters Sent *** #X0 Single Xoff character sent after buffer is full.

#X1 Multiple Xoff characters sent (one for every character received after buffer is full)

Yn n = 0 or 1 Long Space Disconnect *** Y0 Disable sending or responding to long space break signal on disconnect.

Y1 Enable sending or responding to long space break signal on disconnect. (Both modems must have Y1 set.)

Z Modem Reset to default values. Defaults come from NVRAM if &W0 is set, from factory ROM if &W1 is set.

, In Dial Dialing Pause command Comma; causes dialing pause for time set by S8. : At end of Continuous Redial Dial command. Colon; causes continuous redial (10 in

DOC modems) of number until answered. ; At end of Return to Command Mode After Dial command. Dialing Semi-colon;

causes immediate return to command mode after dialing. ! In Dial Flash On-Hook command Exclamation point; causes modem to flash on-hook. @ In Dial Quiet Answer command Causes modem to wait for a ring back, then 5 seconds

of silence before processing next part of command. +++AT<CR> Escape Code, Puts modem in command mode while still remaining on-line.

Enter +++ followed by the letters A and T, up to ten command characters (or as defined by S34), and a RETURN.

<BREAK>AT<CR> Break Escape Code, Alternate escape method. Puts modem in command mode while still remaining on-line. Enter BREAK followed by the letters A and T, up to sixty command characters, and RETURN.

17 Appendix F V.32 S-Register Summary Register Unit Range Default Description S0 1 ring 0-255 1 Sets number of rings until modem answers. S1 1 ring 0-255 0 Counts rings that have occurred. S2 decimal 0-127 43 (+) Sets escape code character. S3 decimal 0-127 13 (^M) Sets character recognized as carriage return. S4 decimal 0-127 10 (^J) Sets character recognized as line feed. S5 decimal 0-127 8 (^H) Sets character recognized as backspace. S6 1 sec. 2-255 2 Determines wait-time for dial tone. S7 1 sec. 1-255 45 Determines how long modem will wait for carrier before 1-45* 45* aborting call. 1-55** 55** S8 1 sec. 0-255 2 Sets pause time caused by a comma character in a dial command. S9 100 ms 1-255 6 Sets carrier detect response time. S10 100 ms 0-255 7 Sets delay time between when carrier is lost and when modem disconnects. S11 1 ms 1-255 70 Sets time duration of and spacing between tones in tone- dialing. S13 decimal 0-127 37 (%) Determines remote configuration escape character. S17 10 ms 1-255 25 Determines length of break time (space) sent to local PC. S24 50 ms 0-255 20 Sets DSR/CTS/CD dropout time. 20 default equals one second. S25 100 ms 0, 1-255 0 Sets DTR dropout time. 0 default equals 50 ms. S30 1 min. 0-255 0 Inactivity timer used to disconnect modem. S32 100 ms 0-255 20 Sets duration in which modem will wait for a RETURN to be entered during escape sequence execution. S34 No. of 0-60 10 Buffer length of command characters after on-line escape sequence. S36 1 sec. 0-255 0 Time between DTR inactive and modem off-hook. S37 1 sec. 0-255 5 Time between DTR active and modem on-hook. S48 decimal 28, 26, 0 Maximum V.34 connect speed. 21, 19, 16, 14, 12, 96, or 48 * Values for ZDXI modems and ZDX-DOC modems only. ** Values for ZDXI modems only. *** Values for ZDXK modems only

Copyright © Communication Devices Inc. UniGuard L


M

18 Appendix G V.32 RESULT CODE SUMMARY Terse Verbose Meaning 0 OK Command was executed without error, ready for next command. 1 CONNECT Modem has detected carrier and gone on-line. 2 RING Modem has detected ring caused by incoming call. 3 NO CARRIER No carrier signal has been detected within allowed time. 4 ERROR Error in command line (too many, or invalid characters). 5 CONNECT 1200 Modem has detected carrier at 1200 BPS and gone on-line. 6 NO DIAL TONE No dial tone has been detected. 7 BUSY A busy signal has been detected. 8 NO ANSWER Remote system did not answer 9 CONNECT 2400 Modem has detected carrier at 2400 BPS and gone on- line. 10 (Not used) 11 CONNECT 4800 Modem detected carrier at 4800 BPS and on-line. 12 CONNECT 9600 Modem detected carrier at 9600 BPS and on- line 13 CONNECT 14400 Modem detected carrier at 14400 BPS and on-line 19 CONNECT 19200 Modem detected carrier at 19200bps and on-line 21 CONNECT 21600 Modem detected carrier at 21600bps and on-line 24 CONNECT 24000 Modem detected carrier at 24000bps and on-line 26 CONNECT 26400 Modem detected carrier at 26400bps and on-line 28 CONNECT 28800 Modem detected carrier at 28800bps and on-line Reliable Mode: If the ZDX is used in Reliable mode, the following responses change: 1R CONNECT (As above, except Reliable.) RELIABLE 5R CONNECT 1200 (As above, except Reliable.) RELIABLE 9R CONNECT 2400 (As above, except Reliable.) RELIABLE 11R CONNECT 4800 (As above, except Reliable.) RELIABLE 12R CONNECT 9600 (As above, except Reliable.) RELIABLE 13R CONNECT 14400 (As above, except Reliable.) RELIABLE 19R CONNECT 19200 (As above, except Reliable.) RELIABLE 21R CONNECT 19200 (As above, except Reliable.) RELIABLE 24R CONNECT 24000 (As above, except Reliable.) RELIABLE 26R CONNECT 26400 (As above, except Reliable.) RELIABLE 28R CONNECT 28800 (As above, except Reliable.) RELIABLE LAP-M Reliable mode: If the ZDX is used in LAP-M Reliable mode, the following responses change: 1L CONNECT LAPM (As above, except Reliable.) 5L CONNECT 1200 LAPM (As above, except Reliable.) 9L CONNECT 2400 LAPM (As above, except Reliable.) 11L CONNECT 4800 LAPM (As above, except Reliable.) 12L CONNECT 9600 LAPM (As above, except Reliable.) 13L CONNECT 14400 LAPM (As above, except Reliable.) 19L CONNECT 19200 LAPM (As above, except Reliable.) 21L CONNECT 21600 LAPM (As above, except Reliable.) 24L CONNECT 24000 LAPM (As above, except Reliable.)

26L CONNECT 26400 LAPM (As above, except Reliable.) 28L CONNECT 28800 LAPM (As above, except Reliable.) Data Compression: If the ZDX is used with data compression, the word COMPRESSED or letter C will be added to result codes 1, 5, 9, 11, 12, 13, 19, 21, 24, 26, and 28. Standard AT Responses: If standard AT command set 2400 responses are selected with the &Q1 command, the following responses change: 9 (Not used) 10 CONNECT 2400 Modem has detected carrier at 2400 BPS and gone on-line

Copyright © Communication Devices Inc. UniGuard N


O

19 Appendix H V.32 MULTI-TECH SYSTEMS' ESCAPE METHODS INTRODUCTION

You may sometimes find it necessary to issue AT commands to your modem, while you are on-line with a remote modem, without disconnecting the call. If so, you will want to take advantage of escape methods that allow you to change the modem's mode of operation from on-line mode to command mode. After you issue your AT commands, you may return to on-line mode, but typically most users escape so that they may hang up a modem upon completion of a call. The modems offer two escape methods: in-band and out-ofband. Both incorporate Time Independent Escape Sequence (TIES) methodology. An escape sequence is a pattern or sequence that the modem recognizes as its signal to shift from on-line mode to command mode. "Time independent" means that the modem recognizes the escape sequence without a prefixed and/or suffixed delay. In an in-band escape, the modem recognizes the escape sequence as a pattern sent to it as part of the data stream or band (hence its name). In an out-of-band escape, the escape sequence is a pattern that cannot and does not occur in the data stream. The in-band escape method is +++AT<CR> The out-of-band escape method is <BREAK>AT<CR> A break signal cannot be sent as part of a data file; instead it is sent by a direct program command to the UART used by the computer. The break signal is defined as either the transmission of binary 0 for a minimum of 10 bits; or as a minimum interval of 135 milliseconds as established in the ITU X.28 standard. There are routines in high level languages and keys on most computers that have been established to send BREAK for fixed intervals, but you may control the break's duration by referring to your UART's specifications. HOW TO SELECT AN ESCAPE METHOD If you want your modem to escape and then wait for you to issue a command before it will return to on-line mode, then use +++AT<CR>. You might use this method if you find you need to review a help screen in the middle of a communications session. If you wish to combine the escape with a command (or commands) and with an immediate return to on-line mode, then use the <BREAK>AT<CR> method. You may also use this method to have the modem wait before it will return on-line. The following AT commands are used to select the modem's escape method: %E0 = Escape disabled %E1 = +++AT method (default) %E2 = BREAK AT method %E3 = Both methods enabled %E4 = Disable "OK" to +++ escape %E5 = Enable "OK" to +++ escape METHOD 1: +++AT<CR> In the following example, a user who is in on-line mode decides to set S0 to 1 to configure the modem to answer on the first ring. 1. The user enters the sequence +++AT<CR>. The sequence is sent to the modem 2. The modem transmits the +++. 3. The modem buffers AT and starts the Wait for <CR> Timer. 4. Upon receiving the <CR> the modem escapes to command mode. 5. The modem responds OK. 6. The user enters the command ATS0=1<CR>. This sequence is sent to the modem. 7. The modem buffers ATS0=1<CR> and identifies it as a valid command. 8. The modem executes the command, setting S0=1. 9. The user sends ATO<CR> to the modem. 10. The modem returns to on-line mode. ESCAPE METHOD 2: <BREAK>AT<CR> In the following example, a user who is in on-line mode decides to set S0 to 1, to configure the modem to answer on the first ring. 1. The BREAK signal is sent to the modem. 2. The modem buffers BREAK . 3. The modem starts the S32 Wait for <CR> Timer. 4. ATS0=1<CR> is sent to the modem.

5. The modem buffers ATS0=1<CR> and identifies it as a valid command. 6. The modem escapes to command mode. 7. The modem executes the command, setting S0=1. 8. The modem returns to on-line mode. S-REGISTERS AND ESCAPE SEQUENCE There are two S-Registers that you may set to modify the functioning of your escape sequences. The first is SRegister S32, which establishes a value for how much time may elapse between the receipt of the beginning of the escape sequence, whether BREAK AT or +++AT, and the receipt of a <CR>. This interval is known as wait-for-<CR>-time, or BREAK passthrough. You may assign a value to S32 in increments of 100 milliseconds. The default value is 20, or 2 seconds. In the +++AT<CR> method, the wait-for-<CR>-time interval begins once the A in +++AT is received. In the BREAK AT method, the wait-for-<CR>-time interval begins once the modem has received the break signal. The S-Register S34 may be used in conjunction with our in-band escape sequence, +++AT<CR>, to establish the maximum number of characters that your modem can buffer following an AT, before a <CR> must be received. The default value is 10 characters. Do not confuse this buffer size with our regular command mode buffer length of 60 characters. S-Register S34 does not affect our out-of-band escape sequence's buffer length, which is fixed at 60 characters. ABORTING AN ESCAPE SEQUENCE The +++AT<CR> escape will abort if you do not issue a <CR> before the wait-for-<CR>-time interval expires. The <BREAK>AT<CR> method will also abort if you do not issue a <CR> before the wait-for-<CR>-time interval expires, and also if any of the following occurs: 1. An illegal sequence is detected, including: a) A character other than A follows the BREAK ; b) A character other than T follows BREAK A; c) Two BREAK s are received in succession; 2. The command buffer overflows before a <CR> occurs

Copyright © Communication Devices Inc. UniGuard P


Q

20 Appendix I FCC, DOC, and BABT Information FCC REGULATIONS FOR TELEPHONE LINE INTERCONNECTION This equipment complies with Part 68 of the Federal Communications Commission (FCC) rules. On the outside surface of this equipment is a label that contains, among other information, the FCC registration number and ringer equivalence number (REN). If requested, this information must be provided to the telephone company. The suitable USOC jack (Universal Service Order Code connecting arrangement) for this equipment is shown below. The ringer equivalence number (REN) is used to determine the quantity of devices that may be connected to the telephone line. Excessive RENs on the telephone line may result in the devices not ringing in response to an incoming call. In most, but not all areas, the sum of the RENs should not exceed five (5.0). To learn the number of devices that may be connected to the line, contact the telephone company to determine the maximum REN for the calling area. If this equipment causes harm to the telephone network, the telephone company will notify you in advance. But if advance notice isn't practical, the telephone company will notify you as soon as possible. Also, you will be advised of your right to file a complaint with the FCC if you believe it is necessary. The telephone company may make changes in its facilities, equipment, operations, or procedures that could affect the operation of the equipment. If this happens, the telephone company will provide advance notice in order for you to make necessary modifications in order to maintain uninterrupted service. If trouble is experienced with this equipment please contact Multi-Tech Systems, Inc. at the address shown for details of how to have repairs made. If the trouble is causing harm to the telephone network, the telephone company may request you remove the equipment until the problem is resolved. No repairs are to be made by you. Repairs are to be made only by Multi-Tech Systems or its licensees. Unauthorized repairs void registration and warranty. This equipment cannot be used on the public coin service provided by the telephone company. Connection to Party Line Service is subject to state tariffs. (Contact the state public utility commission, public service commission or corporation commission for information.) Manufacturer: Multi-Tech Systems, Inc. Model Number: MT1432ZDX, MT1932ZDX, or MT2834ZDX FCC Registration No: U7USA-75711-MM-E (MT1432ZDX and MT1932ZDX)

AU7USA-20673-MM-E (MT2834ZDX) Ringer Equivalence: 0.5B Modular Jack (USOC): RJ11C or RJ11W (single line) Service Center in USA: Multi-Tech Systems Inc. 2205 Woodale Drive Mounds View, MN 55112 (800) 328-9717 (612) 785-3500 DOC TERMINAL EQUIPMENT WARNINGS NOTICE: The Canadian Department of Communications label identifies certificated equipment. This certification means that the equipment meets certain telecommunications network protective, operational and safety requirements. The Department does not guarantee the equipment will operate to the user satisfaction. Before installing this equipment insure that it is permissible to be connected to the facilities of the local telecommunications company. The equipment must also be installed using an acceptable method of connection. In some cases, the company's inside wiring associated with a single line individual service may be extended by means of a certified connector assembly. The customer should be aware that compliance with the above conditions may not prevent degradation of service in some situations. Repairs to certified equipment should be made by an authorized Canadian link facility designated by the supplier. Any repairs or alterations made by the user to this equipment; or equipment malfunctions, may give the telecommunications company cause to request the user to disconnect the equipment. Users should insure for their own protection that the electrical ground connections of the power utility, telephone lines and internal metallic water pipe system, if present, are connected together. This precaution may be particularly important in rural areas. The Load Number (LN) assigned to each terminal device denotes the percentage of the total load to be connected to a telephone loop which is used by the device, to prevent overloading. The termination on a loop may consist of any combination of devices subject only to the requirement that the total of

the Load Numbers of all the devices does not exceed 100. The Load Number for this product is 4. CAUTION: Users should not attempt to make such connections themselves, but should contact the appropriate electric inspection authority, or electrician, as appropriate. This digital apparatus does not exceed the Class B limits for radio noise for digital apparatus set out by the Department of Communications. COMPLIANCE WITH BABT REQUIREMENTS Approved for connection to telecommunications system specified in the instructions for use subject to the conditions set out in them. EUROPEAN LOW VOLTAGE DIRECTIVE When correctly installed and maintained, the modem will present no hazard to the user. When correctly installed, the modem will be connected to the PSTN and to a Data Terminal Equipment (DTE), whose modem connections comply with ITU recommendations V.28. The DTE connections are therefore taken to be safe voltages (less than (30 volts). COMPLIANCE WITH BS6305 CLAUSE 6.2, BS6320 CLAUSE 7.2, AND BABT/SITS/82/005S/D a. The modem is suitable for connection to the Public Switched Telephone Network (PSTN) provided by British Telecommunications plc or Kingston Communications (Hull) plc. Circuit supply by British Communications, Mercury Communication, or Hull City Council. Only direct exchange lines may be used, not shared service. b. The modem is suitable for household, office, and similar general indoor use. It is not suitable for use as an extension to a pay phone. c. BT lines supplied must support either loop disconnect or multifrequency tone signaling. d. REN (Ringer Equivalence Number). The REN value of a unit is calculated from 3/n where n is the total number of units which can be connected in parallel which will still cause the standard bell (as defined in BS6305 ) to ring. REN values of less than 0.3 cannot be assigned. For apparatus which is not capable of forming part of multiple installation, a REN value of 3 is assigned. REN = 1 If a telephone or other device is connected in parallel with the modem, the combined REN must not exceed 4. A BT supplied telephone may be assumed to have REN of 1.0 unless otherwise noted. The approval of this modem for connection to the British Telecom public switched telephone network is INVALIDATED if the apparatus is subject to any modification in any material way not authorized by BABT or if it is used with or connected to: i. internal software that has not been formally accepted by BABT. ii. external control software or external control apparatus which cause the operation of the modem associated call set-up equipment to contravene the requirements of the standard set out in BABT/SITS/82/005S/D. indirectly to the British Telecom public switched telephone network must be approved apparatus as defined in Section 22 of the British Telecommunications Act 1984. All apparatus connected to this modem and thereby connected directly or COMPLIANCE WITH BS6789: SECTION 3.1 AND PART 2 a. The modem is not capable of allowing Auto Call using '999' or other PABX emergency numbers. b. Modes other than modes 1, 2, or 3 should not be used on the BT PSTN. This modem is a mode 1 device. c. Users are advised to check the numbers entered during the Auto Call set up phase prior to dialing. d. The user should not issue any sequence of commands to the modem which would cause the modem to exceed the maximum allowable pause of 8 seconds from the time the modem goes off-hook until dialing begins. COMPLIANCE WITH DTI 83/009 a. The apparatus is only approved for compatible PBXs. Consult the supplier for an up-to-date list of compatible PBXs. b. There is no guarantee of correct working in all circumstances. Any difficulties should be referred to Multi-Tech Systems. c. If sockets are required for connexion to the PBX, use the BT post card only if BT owns the wiring to the PBX. This apparatus has been approved for the use of the following facilities: * Auto-calling * Loop disconnect and MF dialing * Phone number storage and retrieval by a predetermined code * Operation in the absence of proceed indication

Copyright © Communication Devices Inc. UniGuard R


S

* Automatic storage of last number dialed * Tone detection-busy * Auto clear from the originating end * DTR dialing * Modem * PBX timed break register recall Any other usage will invalidate the approval of the apparatus if, as a result, it then ceases to comply with the standards against which approval was granted.

21 Appendix J V.90 Modem AT Commands, S-Registers & Result Codes

AT Commands, S-Registers, and Result Codes Multi-Tech Systems, Inc. MT5634ZBA/ZBAV User Guide PN S0000170 Rev. A

Understanding AT Commands AT commands are used to control the operation of your modem. They are so called because each command must be preceded by the characters AT to get the ATtention of the modem. AT commands can be issued only when the modem is in command mode or online command mode. The modem is in command mode whenever it is not connected to another modem. The modem is in data mode whenever it is connected to another modem and ready to exchange data. Online command mode is a temporary state in which you can issue commands to the modem while connected to another modem. To put the modem into online command mode from data mode, you must issue an escape sequence (+++) followed immediately by the AT characters and the command, e.g., +++ATH to hang up the modem. To return to data mode from online command mode, you must issue the command ATO. To send AT commands to the modem you must use a communication program, such as the HyperTerminal applet in Windows 95, 98, and NT 4.0, or the communication program included with your modem. You can issue commands to the modem either directly, by typing them in the terminal window of the communication program, or indirectly, by configuring the operating system or communication program to send the commands automatically. Fortunately, communication programs make daily operation of modems effortless by hiding the commands from the user. Most users, therefore, need to use AT commands only when reconfiguring the modem, e.g., to turn autoanswer on or off. The format for entering an AT command is ATXn, where X is the command and n is the value for the command, sometimes called the command parameter. The value is always a number. If the value is zero, you can omit it from the command; thus, AT&W is equivalent to AT&W0. Most commands have a default value, which is the value that is set at the factory. The default values are shown in the “AT Commands” section, which begins on the next page. You must press ENTER to send the command to the modem. Any time the modem receives a command, it sends a response known as a result code. The most common result codes are OK, ERROR, and the CONNECT messages that the modem sends the computer when it is connecting to another modem. For a table of valid result codes, see “Result Codes” at the end of this chapter. You can issue several commands in one line, in what is called a command string. The command string begins with AT and ends when you press ENTER. Spaces to separate the commands are optional; they are ignored by the command interpreter. The most familiar command string is the initialization string, which is used to configure the modem when it is turned on or reset, or when your communication software calls another modem.

Copyright © Communication Devices Inc. UniGuard T

AT Commands Command: AT Attention Code Values: n/a Description: The attention code precedes all command lines except A/, A:,

and the escape sequence. Command: Enter Key Values: n/a Description: Press the ENTER or RETURN key to execute most commands. Command: A Answer Values: n/a Description: Answer an incoming call before the final ring. Command: A/ Repeat Last Command Values: n/a Description: Repeat the last command string. Do not precede this command

with AT. Do not press ENTER to execute.

Command: Bn Communication Standard Setting Values: n = 0–3, 15, 16

Default: 1 and 16 Description: B0 Select ITU-T V.22 mode when modem is at 1200 bps.

B1 Select Bell 212A when modem is at 1200 bps. B2 Deselect V.23 reverse channel (same as B3). B3 Deselect V.23 reverse channel (same as B2). B15 Select V.21 when the modem is at 300 bps. B16 Select Bell 103J when the modem is at 300 bps.

Command: Cn Carrier Control Values: n = 1 Default: 1 Description: C0 Transmit carrier always off. (Not supported.)

C1 Normal transmit carrier switching (included for backward compatibility with some software).

Command: Ds Dial Values: s = dial string (phone number and dial modifiers) Default: none Description: Dial telephone number s, where s may up to 40 characters long

and include the 0–9, *, #, A, B, C, and D characters, and the L, P, T, V, W, S, comma (,), semicolon (;), !, @, ^ and $ dial string modifiers. Dial string modifiers: L Redial last number. (Must be placed immediately after ATD.) P Pulse-dial following numbers in command. T Tone-dial following numbers in command (default). V Switch to speakerphone mode and dial the following number.

Use ATH command to hang up. W Wait for a new dial tone before continuing to dial. (X2, X4,X5, X6, or

X7 must be selected.) , Pause during dialing for time set in register S8. ; Return to command mode after dialing. (Place at end of dial string.) ! Hook flash. Causes the modem to go on-hook for one-half second, then

off-hook again. @ Wait for quiet answer. Causes modem to wait for a ring back, then 5


U

seconds of silence, before processing next part of command. If silence is not detected, the modem returns a NO ANSWER code.

^ Disable data calling tone transmission. $ Detect AT&T call card “bong” tone. The character should follow the

phone number and precede the user’s call card number: ATDT1028806127853500$123456789

Command: DS= y Dial Stored Telephone Number Values: y = 0–3 Default: none Description: Dials a number previously stored in directory number y by the &Zy=x

command. Example: ATDS=3. Command: E n Echo Command Mode Characters Values: n = 0 or 1 Default: 1 Description: E0 Do not echo keyboard input to the terminal.

E1 Do echo keyboard input to the terminal.

Command: Fn Echo Online Data Characters Values: n = 1 Default: 1 Description: F0 Enables online data character echo. (Not supported.)

F1 Disables online data character echo (included for backward compatibility with some software).

Command: Hn Hook Control Values: n = 0 or 1 Default: 0 Description: H0 Goes on-hook (hangs up).

H1 Goes off-hook (makes the phone line busy).

Command: In Information Request Values: n = 0–5, 9, 11 Default: None Description: I0 Displays default speed and controller firmware version.

I1 Calculates and displays ROM checksum (e.g., 12AB). I2 Checks ROM and verifies the checksum, displaying OK or ERROR. I3 Displays default speed and controller firmware version. I4 Displays firmware version for data pump (e.g., 94). I5 Displays the board ID: software version, hardware version, and country ID. I9 Displays the country code (e.g., NA Ver. 1). I11 Displays diagnostic information for the last modem connection, such as DSP and firmware version, link type, line speed, serial speed, type of error correction/data compression, number of past retrains, etc.

Command: Mn Monitor Speaker Mode Values: n = 0, 1, 2, or 3 Default: 1 Description: M0 Speaker always off.

M1 Speaker on until carrier signal detected. M2 Speaker always on when modem is off-hook. M3 Speaker on until carrier is detected, except while dialing.

Command: Nn Modulation Handshake

Copyright © Communication Devices Inc. UniGuard V

Values: n = 0 or 1 Default: 1 Description: N0 Modem performs handshake only at communication standard

specified by S37 and the B command. N1 Modem begins handshake at communication standard specified by S37 and the B command. During handshake, fallback to a lower speed can occur.

Command: On Return Online to Data Mode Values: 0, 1, 3 Default: None Description: O0 Exits online command mode and returns to data mode (see

+++AT<CR> escape sequence ). O1 Issues a retrain and returns to online data mode. O3 Issues a rate renegotiation and returns to data mode.

Command: P Pulse Dialing Values: P, T Default: T Description: Configures the modem for pulse (non-touch-tone) dialing.

Dialed digits are pulsed until a T command or dial modifier is received.

Command: Qn Result Codes Enable/Disable Values: n = 0 or 1 Default: 0 Description: Q0 Enables result codes.

Q1 Disables result codes. Q2 Returns an OK for backward compatibility with some software.

Command: Sr= n Set Register Value Values: r = S-register number; n varies Default: None Description: Sets the value of register Sr to the value of n, where n is entered

in decimal format. E.g., S0=1. Command: Sr? Read Register Value Values: r = S-register number Default: None Description: Reads the value of register Sr and displays it in 3-digit decimal form.

E.g., S2? gives the response 043. Command: T Tone Dialing Values: P, T Default: T Description: Configures the modem for DTMF (touch-tone) dialing. Dialed

digits are tone dialed until a P command or dial modifier is received. Command: Vn Result Code Format Values: n = 0 or 1 Default: 1 Description: V0 Displays result codes as digits (terse response).

V1 Displays result codes as words (verbose response). Command: Wn Result Code Options Values: n = 0, 1, or 2 Default: 2


W

Description: W0 CONNECT result code reports serial port speed, disables protocol result codes. W1 CONNECT result code reports serial port speed, enables protocol result codes. W2 CONNECT result code reports line speed, enables protocol result codes.

Command: Xn Result Code Selection Values: n = 0–7 Default: 4 Description: X0 Basic result codes (e.g., CONNECT); does not look for dial tone or

busy signal. X1 Extended result codes (e.g., CONNECT 46000 V42bis); does not look for dial tone or busy signal. X2 Extended result codes with NO DIALTONE; does not look for busy signal. X3 Extended result codes with BUSY; does not look for dial tone. X4 Extended result codes with NO DIALTONE and BUSY. X5 Extended result codes with NO DIALTONE and BUSY. X6 Extended result codes with NO DIALTONE and BUSY. X7 Basic result codes with NO DIALTONE and BUSY.

Command: Yn Long Space Disconnect Values: n = 0 Default: 0 Description: Y0 Disables sending or responding to long space break signal on

disconnect. Y1 Enables sending or responding to long space break signal on disconnect. (Not supported.)

Command: Zn Modem Reset Values: n = 0 or 1 Default: None Description: Z0 Resets modem to profile saved by the last _W command.

Z1 Same as Z0. Command: &Bn V.32 Auto Retrain Values: n = 1 Default: 1 Description: &B0 Disables V.32 auto retrain. (Not supported.)

&B1 Enables V.32 auto retrain. Command: &Cn Data Carrier Detect (DCD) Control Values: n = 0, 1, or 2 Default: 1 Description: &C0 Forces the DCD circuit to be always high.

&C1 DCD goes high when the remote modem’s carrier signal is detected, and goes low when the carrier signal is not detected. &C2 DCD drops on disconnect for time set by S18, then goes high again (for some CBX phone systems).

Command: &Dn Data Terminal Ready (DTR) Control Values: n = 0, 1, 2, or 3 Default: 2 Description: &D0 Modem ignores the true status of the DTR signal and responds

as if it is always on.

Copyright © Communication Devices Inc. UniGuard X

&D1 If DTR drops while in online data mode, the modem enters command mode, issues an OK, and remains connected. &D2 If DTR drops while in online data mode, the modem hangs up. If the signal is not present, the modem will not answer or dial. &D3 If DTR drops, the modem hangs up and resets as if an ATZ command were issued.

Command: &En XON/XOFF Pacing Control Values: n = 12 or 13 Default: 12 Description: &E12 Disables XON/XOFF pacing.

&E13 Enables XON/XOFF pacing. (_K4 must also be set.) Note: &E13 has no effect if hardware control (_K3) is selected.

Command: &Fn Load Factory Settings Values: n = 0 Default: None Description: &F0 Loads factory settings as active configuration.

Note: See also the Z command. Command: &Gn V.22bis Guard Tone Control Values: n = 0, 1, or 2 Default: 0 Description: &G0 Disables guard tone.

&G1 Sets guard tone to 550 Hz. &G2 Sets guard tone to 1800 Hz. Note: The &G command is not used in North America.

Command: &Kn Flow Control Selection Values: n = 0, 3, or 4 Defaults: 3 Description: &K0 Disables flow control.

&K3 Enables CTS/RTS hardware flow control. &K4 Enables XON/XOFF software flow control.

Command: &Qn Asynchronous Communications Mode Values: n = 0, 5, 6, 8, or 9 Default: 5 Description: &Q0 Asynchronous with data buffering. Same as \N0.

&Q5 Error control with data buffering. Same as \N3. &Q6 Asynchronous with data buffering. Same as \N0. &Q8 MNP error control mode. If MNP error control is not established, the modem falls back according to the setting in S36. &Q9 V.42 or MNP error control mode. If neither error control is established, the modem falls back according to the setting in S36.

Command: &Sn Data Set Ready (DSR) Control Values: n = 0 or 1 Default: 0 Description: &S0 DSR is always high (on).

&S1 DSR goes high only during a connection.

Command: &Tn V.54 Test Commands Values: n = 0, 1, 3 or 6 Default: None Description: &T0 Abort. Stops any test in progress.


Y

&T1 Initiates local analog loopback test. &T3 Initiates local digital loopback test. &T6 Initiates remote digital loopback test. Note: To stop a test, you must use the escape sequence (+++AT) before typing AT&T0.

Command: &V Display Current Settings Values: n/a Description: Displays the active modem settings, including the callback security

settings if callback security is enabled. If the setup password has been entered, it also displays the callback security passwords.

Command: &Wn Store Current Configuration Values: n = 0 Default: None Description: &W0 Stores current modem settings in nonvolatile memory and

causes them to be loaded in place of the factory defaults at power-on or following the ATZ command. See also &F. &W1 Clears user default settings from nonvolatile memory and causes the factory defaults to be loaded at power-on or following the ATZ command.

Command: &Z y=x Store Dialing Command Values: y = 0–3 (callback security disabled) or 0–29 (callback security enabled)

x = Dialing command string Default: None Description: Stores dialing command x in memory location y. Dial the

stored number using the command ATDS=y. See also the #CBSn command.

Command: &&S Speaker Codec Loopback Values: n/a Description: Provides a loopback from the microphone to the speaker. For

testing and debugging only.

Command: \An Select Maximum MNP Block Size Values: n = 0, 1, 2, or 3 Default: 3 Description: \A0 64-character maximum.

\A1 128-character maximum. \A2 192-character maximum. \A3 256-character maximum.

Command: \Bn Transmit Break Values: n = 0–9 in 100 ms units Default: 3 Description: In non-error-correction mode only, sends a break signal of the specified length to a remote modem. Works in conjunction with the \K command. Command: \Jn Data Buffer Control Values: n = 0 Default: 0 Description: \J0 Enables data buffer—serial port speed is independent of connect

speed. \J1 Disables data buffer—serial port speed is forced to the line speed.

Copyright © Communication Devices Inc. UniGuard Z

Command: \Kn Break Control Values: n = 0–5 Default: 5 Description: Controls the response of the modem to a break received from

the computer, the remote modem, or the \B commnd. The response is different for each of three different states. Data mode. The modem receives the break from the computer: \K0 Enters online command mode, no break sent to the remote modem. \K1 Clears data buffers and send break to the remote modem. \K2 Same as \K0. \K3 Sends break immediately to the remote modem . \K4 Same as \K0. \K5 Sends break to the remote modem in sequence with the transmitted data. Data mode. The modem receives the break from the remote modem: \K0 Clears data buffers and sends break to the computer. \K1 Same as \K0. \K2 Sends break immediately to the computer. \K3 Same as \K2. \K4 Sends break to the computer in sequence with the received data. \K5 Same as \K4. Online command mode. The modem receives a \Bn command from the computer: \K0 Clears data buffers and sends break to the remote modem. \K1 Same as \K0. \K2 Sends break immediately to the remote modem. \K3 Same as \K2. \K4 Sends break to the remote modem in sequence with the transmitted data. \K5 Same as \K4.

Command: \Nn Error Correction Mode Selection Values: n = 0–5, or 7 Default: 3 Description: \N0 Non-error correction mode with data buffering (buffer mode;

same as _Q6). \N1 Direct mode. \N2 MNP reliable mode. If the modem cannot make an MNP connection, it disconnects. \N3 V.42/MNP auto-reliable mode. The modem attempts first to connect in V.42 error correction mode, then in MNP mode, and finally in non-error-correction (buffer) mode with continued operation. \N4 V.42 reliable mode.If the modem cannot make a V.42 connection, it disconnects. \N5 V.42, MNP, or non-error correction (same as \N3). \N7 V.42, MNP, or non-error correction (same as \N3).

Command: \Qn Flow Control Selection Values: n = 0, 1, or 3 Default: 3 Description: \Q0 Disables flow control (same as _K0).

\Q1 XON/XOFF software flow control (same as _K4). \Q2 CTS-only flow control. Not supported. \Q3 RTS/CTS hardware flow control (same as _K3).

Command: \T n Inactivity Timer


AA

Values: n = 0, 1–255 Default: 0 Description: \Tn Sets the time (in minutes) that the modem waits after the last

character is sent or received before it disconnects. A value of zero disables the timer. Applies only in buffer mode. Note: You can also set the inactivity timer by changing the value of S30.

Command: \Vn Protocol Result Code Values: n = 0, 1, or 2 Default: 1 Description: \V0 Disables the appending of the protocol result code to the DCE

speed. \V1 Enables the appending of the protocol result code to the DCE speed. \V2 Same as \V1.

Command: \Xn XON/XOFF Pass-Through Values: n = 0 or 1 Defaults: 0 Description: \X0 Modem responds to and discards XON/XOFF characters.

\X1 Modem responds to and passes XON/XOFF characters.

Command: -Cn Data Calling Tone Values: n = 0 or 1 Defaults: 0 Description: -C0 Disables V.25 data calling tone to deny remote data/fax/voice

discrimination. -C1 Enables V.25 data calling tone to allow remote data/fax/voice discrimination.

Command: %A Adaptive Answer Result Code Enable Values: n = 0 or 1 Default: 0 Description: The %A command controls whether the DATA and FAX result

codes will be sent by the modem. The modem must be in fax mode for this command to work. Also, the modem must be set to +FAA=1, which enables the modem to distinguish between a fax and a data call. When these commands are enabled, the modem sends DATA to the computer when it detects data tones, and FAX when it detects fax tones. These strings are used by some servers to select the appropriate communication program. %A0 Disables adaptive answer result codes. %A1 Enables adaptive answer result codes. Note: For descriptions of the +FAA= and other fax commands, see the Multi-Tech Fax Class 2 Developer’s Kit.

Command: %B View Numbers in Blacklist Values: n/a Description: If blacklisting is in effect, AT%B displays the numbers for

which the last call attempted in the previous two hours failed. In countries that do not require blacklisting, the ERROR result code appears.

Command: %Cn Data Compression Control Values: n = 0 or 1

Copyright © Communication Devices Inc. UniGuard BB

Default: 1 Description: %C0 Disable sV.42bis/MNP 5 data compression.

%C1 Enables V.42bis/MNP 5 data compression.

Command: %DCn AT Command Control Values: n = 0 or 1 Default: 0 Description: %DC0 The modem responds to AT commands.

%DC1 The modem ignores AT commands. Note: The modem will respond to AT%DC for 10 seconds after it is turned on.

Command: %En Fallback and Fall Forward Control Values: n = 0, 1, or 2 Default: 2 Description: %E0 Disables fallback and fall-forward.

%E1 Enables fallback, disables fall-forward. %E2 Enables fallback and fall-forward.

Command: $Dn DTR Dialing Values: n = 0 or 1 Default: 0 Description: $D0 Disables DTR dialing.

$D1 Dials the number in memory location 0 when DTR goes high. Command: $EBn Asynchronous Word Length Values: n = 0 or 1 Default: 0 Description: $EB0 Enables 10-bit mode.

$EB1 Enables 11-bit mode. Command: $SBn Serial Port Baud Rate Values: n = speed in bits per second Default: 57600 Description: $SB300 Set serial port to 300 bps.

$SB1200 Set serial port to 1200 bps. $SB2400 Set serial port to 2400 bps. $SB4800 Set serial port to 4800 bps. $SB9600 Set serial port to 9600 bps. $SB19200 Set serial port to 19200 bps. $SB38400 Set serial port to 38400 bps. $SB57600 Set serial port to 57600 bps. $SB115200 Set serial port to 115200 bps. $SB230400 Set serial port to 230400 bps.

Command: +ES=n Enable Synchronous Buffered Mode Values: n = 6 Default: None Description: Allows an H.324 video application direct access to the synchronous

data channel. On underflow, the modem sends HDLC flag idle (0x7E) to the remote modem.·This special error control mode is overridden by any of the following commands: _F, _M, _Q, or \N. AT+ES=? shows the only allowed value. AT+ES? shows the current value.


CC

Command: +VCID=n Caller ID Selection Values: n = 0, 1, or 2 Default: 0 Description: Enables Caller ID detection and configures the reporting and

presentation of the Caller ID data that is detected after the first ring. The reported data includes the date and time of the call, the caller's name and number, and a message. +VCID=0 Disables Caller ID +VCID=1 Enables Caller ID with formatted data +VCID=2 Enables Caller ID with unformatted data

Command: #CBAn Callback Attempts Values: n = 1–255 Default: 4 Description: Sets the number of callback attempts that are allowed after

passwords have been exchanged between modems.· Command: #CBDn Callback Delay Values: n = 0–255 Default: 15 Description: Sets the length of time (in seconds) that the modem waits before

calling back the remote modem. Command: #CBF? Callback Failed Attempts Display Values: n/a Default: n/a Description: Requests the number of failed callback passwords since reset

or power-up. This number can be stored to nonvolatile memory using the _W command.

Command: #CBFR Callback Failed Attempts Reset Values: n/a Default: n/a Description: Resets the number of failed callback passwords to 0. This does

not reset the number stored in nonvolatile memory. Command: #CBIn Local Callback Inactivity Timer Values: n = 1–255 Default: 20 Description: Sets the time (in minutes) that the modem waits for a command

before forcing the user to enter the setup password again. Command: #CBN y= x Store Callback Password Values: y = 0–29

x = password Defaults: None Description: Sets the callback security password for the y memory location.

The password must have 6 to 10 characters, and cannot include the + or - characters.

Command: #CBPn Callback Parity Values: n = 0, 1, or 2 Default: 0 Description: Sets parity for the callback security messages.

#CBP0 No parity. #CBP1 Odd parity.

Copyright © Communication Devices Inc. UniGuard DD


EE

#CBP2 Even parity.

Command: #CBRy Callback Security Reset Values: y = 0–29 Default: None Description: Clears the password and phone number in the y memory location. Command: #CBS n Callback Enable/Disable Values: n = 0, 1, 2, or 3 Default: 0 Description: #CBS0 Disables callback security.

#CBS1 Enables local and remote callback security. #CBS2 Enables remote callback security only. #CBS3 Disables callback security until local hangup or reset.

Command: #P n Set 11-bit Parity Values: n = 0 or 1 Default: 2 Description: #P0 No parity.

#P1 Odd parity. #P2 Even parity.

Command: #S x Enter Setup Password Values: x= password (1–8 characters, case sensitive) Default: MTSMODEM Description: Enters the callback security setup password. Command: #S= x Store Setup Password Values: x= password (1–8 characters, case sensitive) Default: MTSMODEM Description: Stores a new callback security and remote configuration setup

password. Command: +++AT<CR> Escape Sequence Values: n/a Description: Puts the modem in command mode (and optionally issues a

command) while remaining online. Type +++AT and up to ten command characters, then press ENTER. Used mostly to issue the hang-up command: +++ATH<CR>.

Command: %%%AT<CR> Remote Configuration Escape Sequence Values: n/a Description: Initiates remote configuration mode while online with remote

modem. The remote configuration escape character (%) is defined in register S13.

S-Registers Certain modem values, or parameters, are stored in memory locations called S-registers. Use the S command to read or to alter the contents of S-registers (see previous section). Register Unit Range Default Description S0 1 ring 0, 1–255 1 Sets the number of rings until the modem answers. ATS0=0 disables autoanswer completely. S1 1 ring 0–255 0 Counts the rings that have occurred. S2 decimal 0–127 43 (+) Sets ASCII code for the escape sequence char- 128–255 acter. Values greater than 127 disable escape. S3 decimal 0–127 13 (^M) Sets the ASCII code for the carriage return character. S4 decimal 0–127 10 (^J) Sets the ASCII code for the line feed character. S5 decimal 0–32 8 (^H) Sets the ASCII code for the backspace char- 33–127 acter. Values over 32 disable backspace. S6 seconds 2–65* 2* Sets the time the modem waits after it goes off-hook before it begins to dial the telephone number. S7 seconds 1–255* 50* Sets the time the modem waits for a carrier signal before aborting a call. Also sets the wait-for-silence time for the @ dial modifier. S8 seconds 2–65 2 Sets the length of a pause caused by a comma character in a dialing command. S9 decimal 0, 1–127 37 (%) Sets ASCII code for remote configuration escape character. S9=0 disables remote configuration. S10 100 ms 1–254 20 Sets how long a carrier signal must be lost before the modem disconnects. S11 1 ms 50–150* 95* Sets spacing and duration of dialing tones. S18 50 ms 0–255 20 Sets the time the CD signal drops before going high again. Used for some PBX and CBX phone systems. See _C2 command. S28 decimal 0, 1–255 1 0 disables, 1–255 enables V.34 modulation. S30 1 minute 0, 1–255 0 Sets the time the modem waits before it disconnects when no data is sent or received. A value of zero disables the timer. See also the \T command S35 decimal 0–1 0 0 disables, 1 enables the V.25 data calling tone, which allows remote data/fax/voice discrimination.

• These values may be different outside North America. S36 decimal 0–7 7 Specifies the action to take in the event of a negotiation failure when error control is selected. (See S48.) S37 decimal 0–19 0 Sets the maximum V.34 “upstream” speed at which the modem attempts to connect. Value Speed 0 maximum modem speed 1 reserved 2 1200/75 bps 3 300 bps 4 reserved 5 1200 bps 6 2400 bps 7 4800 bps

Copyright © Communication Devices Inc. UniGuard FF

8 7200 bps 9 9600 bps 10 12000 bps 11 14400 bps 12 16800 bps 13 19200 bps 14 21600 bps 15 24000 bps 16 26400 bps 17 28800 bps 18 31200 bps 19 33600 bps S38 decimal 0–23 1 Sets the maximum 56K “downstream” speed at which the modem attempts to connect. The default maximum speed is 56K bps. Value V.90 mode K56flex mode 0 56K disabled 56K disabled 1 56K autorate 56K autorate 2 28000 bps 32000 bps 3 29333 bps 34000 bps 4 30666 bps 36000 bps 5 32000 bps 38000 bps 6 33333 bps 40000 bps 7 34666 bps 42000 bps 8 36000 bps 44000 bps 9 37333 bps 46000 bps 10 38666 bps 48000 bps 11 40000 bps 50000 bps 12 41333 bps 52000 bps 13 42666 bps 54000 bps 14 44000 bps 56000 bps 15 45333 bps 16 46666 bps 17 48000 bps 18 49333 bps Register Unit Range Default Description 19 50666 bps 20 52000 bps 21 53333 bps 22 54666 bps 23 56000 bps S42 decimal 0–1 1 Enables/disables the 56K auto rate. When 56K auto is disabled, fallback to V.34 is also disabled. 0 = disable; 1 = enable. S48 decimal 7 or 128 7 Enables (7) or disables (128) LAPM negotiation. The following table lists the S36 and S48 configuration settings for certain types of connections. S48=7 S48=128 LAPM or async Async LAPM or hangup Do not use LAPM, MNP, or aysnc LAPM, MNP, or hangup MNP or hangup MNP or async S36=0, 2 S36=1, 3 S36=4, 6 S36=5, 7


GG

Copyright © Communication Devices Inc. UniGuard HH

S89 seconds 0, 5–255 10 Sets the length of time in the off-line command mode before the modem goes into standby mode. A value of zero prevents standby mode; a value of 1–4 sets the value to 5. S108 decimal 0–3, 6, 7 6 Selects the 56K digital loss if using the modem thru a PBX line. The default value is -6 dB loss, the value used when calling from a typical POTS line long distance. Value Digital loss 0 -0 dB digital loss, no robbed-bit signaling 1 -3 dB PBX digital loss 2 -2 dB digital loss 3 -3 dB digital loss 6 -6 dB digital loss 7 -0 dB digital loss with robbed-bit signaling S109 decimal 0–2 1 Selects the 56K operating mode. Value 56K mode 0 K56flex mode (V.90 disabled) 1 Dual mode (K56flex or V.90) 2 V.90 mode (K56flex disabled) Register Unit Range Default Description

Result Codes In command mode your modem can send responses called result codes to your computer. Result codes are used by communications programs and can also appear on your monitor. Terse Verbose Description 0 OK Command executed 1 CONNECT Modem connected to line 2 RING Ring signal detected 3 NO CARRIER Carrier signal lost or not detected 4 ERROR Invalid command 5 * CONNECT 1200 Connected at 1200 bps 6 NO DIALTONE No dial tone detected 7 BUSY Busy signal detected 8 NO ANSWER No answer at remote end 10 * CONNECT 2400 Connected at 2400 bps 11 * CONNECT 4800 Connected at 4800 bps 12 * CONNECT 9600 Connected at 9600 bps 13 * CONNECT 14400 Connected at 14400 bps 14 * CONNECT 19200 Connected at 19200 bps 24 * CONNECT 7200 Connected at 7200 bps 25 * CONNECT 12000 Connected at 12000 bps 26 * CONNECT 16800 Connected at 16800 bps 40 * CONNECT 300 Connected at 300 bps 55 * CONNECT 21600 Connected at 21600 bps 56 * CONNECT 24000 Connected at 24000 bps 57 * CONNECT 26400 Connected at 26400 bps 58 * CONNECT 28800 Connected at 28800 bps 59 * CONNECT 31200 Connected at 31200 bps 60 * CONNECT 33600 Connected at 33600 bps 70 * CONNECT 32000 Connected at 32000 bps, 56K rate 71 * CONNECT 34000 Connected at 34000 bps, 56K rate 72 * CONNECT 36000 Connected at 36000 bps, 56K rate


II

73 * CONNECT 38000 Connected at 38000 bps, 56K rate 74 * CONNECT 40000 Connected at 40000 bps, 56K rate 75 * CONNECT 42000 Connected at 42000 bps, 56K rate 76 * CONNECT 44000 Connected at 44000 bps, 56K rate 77 * CONNECT 46000 Connected at 46000 bps, 56K rate 78 * CONNECT 48000 Connected at 48000 bps, 56K rate 79 * CONNECT 50000 Connected at 50000 bps, 56K rate 80 * CONNECT 52000 Connected at 52000 bps, 56K rate 81 * CONNECT 54000 Connected at 54000 bps, 56K rate 82 * CONNECT 56000 Connected at 56000 bps, 56K rate 88 DELAYED Delay is in effect for the dialed number 89 BLACKLISTED Dialed number is blacklisted * EC is added to these result codes when the extended result codes configuration option is enabled. EC is replaced by one of the following codes, depending on the type of error control connection: V42bis —V.42 error control (LAP-M) and V.42bis data compression V42 —V.42 error control (LAP-M) only MNP5 —MNP 4 error control and MNP 5 data compression MNP4 —MNP 4 error control only NoEC —No error control protocol). 90 BLACKLIST FULL Blacklist is full 100 * CONNECT 28000 Connected at 28000 bps, 56K rate (V.90) 101 * CONNECT 29333 Connected at 29333 bps, 56K rate (V.90) 102 * CONNECT 30666 Connected at 30666 bps, 56K rate (V.90) 103 * CONNECT 33333 Connected at 33333 bps, 56K rate (V.90) 104 * CONNECT 34666 Connected at 34666 bps, 56K rate (V.90) 105 * CONNECT 37333 Connected at 37333 bps, 56K rate (V.90) 106 * CONNECT 38666 Connected at 38666 bps, 56K rate (V.90) 107 * CONNECT 41333 Connected at 41333 bps, 56K rate (V.90) 108 * CONNECT 42666 Connected at 42666 bps, 56K rate (V.90) 109 * CONNECT 45333 Connected at 45333 bps, 56K rate (V.90) 110 * CONNECT 46666 Connected at 46666 bps, 56K rate (V.90) 111 * CONNECT 49333 Connected at 49333 bps, 56K rate (V.90) 112 * CONNECT 50666 Connected at 50666 bps, 56K rate (V.90) 113 * CONNECT 53333 Connected at 53333 bps, 56K rate (V.90) 114 * CONNECT 54666 Connected at 54666 bps, 56K rate (V.90) Terse Verbose Description * EC is added to these result codes when the extended result codes configuration option is enabled. EC is replaced by one of the following codes, depending on the type of error control connection: V42bis —V.42 error control (LAP-M) and V.42bis data compression V42 —V.42 error control (LAP-M) only MNP5 —MNP 4 error control and MNP 5 data compression MNP4 —MNP 4 error control only NoEC —No error control protocol).

Copyright © Communication Devices Inc. UniGuard JJ

INDEX Add Users, 24 Audit trail, 10 Audit Trail, 17, 29, 30 Authenticate, 18 authentication, 7, 8, 9, 20, 25, 28 baud rate, 19 Boxes, 29 Bypass, 18, 20 Calculator Token, 25, 26 Call Back user, 10, 24 Call Back User, 24 Connectors, 20 Cryptocard Calculator, 25 DCD, 18, 19 default Key, 29 Default Password, 20 Defaults, 17 Define Message Functions, 27 DES, 5, 7, 8, 9, 10, 24, 25 Displays, 18 DPI Calculator, 25 DTR, 18, 19 Encryption, 7, 8, 9, 10, 24, 25 First User Message Delay, 28 Host Accessing a Modem, 10 Host Connect Message, 27 Host Dial Out, 29 Host Port, 20, 21 Host to Modem Access, 28 Inactivity Time, 28 LED, 18 Maintenance Port, 17, 20, 21 modem, 32, 35, 36, 37, 38, 40, 41, 42, 43, 46, 47, 49

Modem Functions, 18 Modify Report Settings, 30 Pager User, 8, 10, 25 Password, 7, 8, 9, 18, 20, 27, 28 PC Token, 8, 9 Power, 18, 20, 22 power supply, 22 primary message, 9 Primary message, 27 private key, 25, 29 Reports, 17, 30 RJ45, 21 Roving User, 10, 24 Secondary message, 27 Secure Call Through, 24 Secure Call through User, 10, 25 Secure Call Through User w/Encryption, 24 security level, 28 Soft Token, 9 switches, 19 System Key, 29 System Options, 27, 28 System Password, 28 terminal, 10, 21, 27, 30 time and date, 28 Token, 7, 8, 9, 10, 24, 25, 26 Token User, 25 Type of User, 24 User Functions, 24 User ID, 24 user profiles, 9 WinGuard, 8, 9, 25 X9.17, 25, 29

Date post:	11-Jan-2016
Category:	Documents
Upload:	ruben-ortiz-caram
View:	228 times
Download:	7 times

AGA 12.3

Documents