13-28
Cisco ONS 15454 Reference Manual, R7.0
78-17191-01
Chapter 13 Management Network Connectivity
13.6 13.6 Open GNE
To set up proxy and firewall subnets in CTC, use the Provisioning > Network > Proxy and Firewalls
subtabs. The availability of proxy and/or firewall tunnels depends on the network access settings of the
node:
If the node is configured with the SOCKS proxy server enabled in GNE or ENE mode, you must set
up a proxy tunnel and/or a firewall tunnel.
If the node is configured with the SOCKS proxy server enabled in proxy-only mode, you can set up
proxy tunnels. Firewall tunnels are not allowed.
If the node is configured with the SOCKS proxy server disabled, neither proxy tunnels nor firewall
tunnels are allowed.
Figure 13-18 shows an example of a foreign node connected to the DCC network. Proxy and firewall
tunnels are useful in this example because the GNE would otherwise block IP access between the PC
and the foreign node.
Figure 13-18 Proxy and Firewall Tunnels for Foreign Terminations
Figure 13-19 shows a remote node connected to an ENE Ethernet port. Proxy and firewall tunnels are
useful in this example because the GNE would otherwise block IP access between the PC and foreign
node. This configuration also requires a firewall tunnel on the ENE.
Remote CTC
10.10.20.10
10.10.20.0/24
10.10.10.0/24
Interface 0/0
10.10.20.1
Router A
Interface 0/1
10.10.10.1
ONS 15454
GNE
10.10.10.100/24
ONS 15454
ENE
10.10.10.250/24
Non-ONS node
Foreign NE
130.94.122.199/28
ONS 15454
ENE
10.10.10.150/24
ONS 15454
ENE
10.10.10.200/24
115748
Local/Craft CTC
192.168.20.20
Ethernet
SONET