2-12
Cisco ONS 15454 Installation and Operations Guide
November 2001
Chapter2 Software Installation
Logging into the ONS 15454
2.5.2 Accessing ONS 15454s Behind Firewalls
If an ONS 15454 or CTC computer resides behind a firewall th at u ses po rt f ilte ring , you must rec eiv e
an Internet Inter-ORB Protocol (IIOP) port from your network adm ini stra tor an d enabl e th e IIO P por t
on the ONS 15454 and/or CTC computer, depending on whether one or bot h devi ces resi de be hin d
firewalls.
If the ONS 15454 is in a protected network and the CTC co mpu ter is in an ext erna l ne tw ork , as show n
in Figure2-3, enable the IIOP listener port specified by the firewall administrator on the ONS 15454.
The ONS 15454 sends the port number to the CTC computer during the initial contact between the
devices using Hyper-Text Transfer Protocol (HTTP). After the CTC computer obtains the ONS 15454
IIOP port, the computer opens a direct session with the node using the specified IIOP port.
Figure2-3 ONS 15454s residing behind a firewall
If the CTC computer and the ONS 15454 both reside behind firewalls (Figure 2-4), set the IIOP port on
the CTC computer and on the ONS 15454. Each firewall can use a different IIOP port. For example, if
the CTC computer firewall uses IIOP port 4000, and the ONS 1 5454 firewall uses IIOP port 5000, 4000
is the IIOP port set on the CTC computer and 5000 is the IIOP port set on the ONS 15454.
Figure2-4 A CTC computer and ONS 15454s residing behind firewalls

Procedure: Set the IIOP Listener Port on the ONS 15454

Step 1 Log into the ONS 15454 node from a CTC computer that is behind the firewall.
55351
CTC computer
External network Protected network
ONS 15454
Unprotected
network Private
network
IIOP port
IIOP port
Firewall
Port
filtering ONS 15454
55350
CTC computer
Firewall
Port
filtering
Protected network External network Protected network
ONS 15454
Private
network Unprotected
network Private
network
IIOP port IIOP port
IIOP port
Firewall
Port
filtering ONS 15454