Chapter 18 DLPs F300 to F399
DLP- F332 Change Node Access and PM Clearing Privilege
Step 1 In node view, click the Provisioning > Security > Access tabs.
Step 2 In the Access area, provision the following:
•LAN access—Choose one of the following options to set the access paths to the node:
–No LAN Access—Allows access to the node only through data communications channel (DCC) connections. Access through the TSC RJ-45 port and backplane is not permitted.
–Front only—Allows access through the TSC RJ-45 port. Access through the DCC and the backplane is not permitted.
–Backplane only—Allows access through DCC connections and the backplane. Access through the TSC RJ-45 port is not allowed.
–Front and Backplane—Allows access through DCC, TSC RJ-45, and backplane connections.
•Restore Timeout—Sets a time delay for enabling of front and backplane access when DCC connections are lost and “DCC only” is chosen in LAN Access. Front and backplane access is enabled after the restore timeout period has passed. Front and backplane access is disabled as soon as DCC connections are restored.
Step 3 In the Shell Access area, set the shell program used to access the node:
•Access State: Allows you to set the shell program access mode to Disable (disables shell access), Non-Secure, or Secure. Secure mode allows access to the node using the Secure Shell (SSH) program. SSH is a terminal-remote host Internet protocol that uses encrypted links.
•Telnet Port: Allows access to the node using the Telnet port. Telnet is the terminal-remote host Internet protocol developed for the Advanced Agency Research Project Network (ARPANET). Port 23 is the default.
•Enable Shell Password: If checked, enables the SSH password. To disable the password, you must uncheck the check box and click Apply. You must type the password in the confirmation dialog box and click OK to disable it.
Step 4 In the TL1 Access area, select the desired level of TL1 access. Disabled completely disables all TL1 access; Non-Secure, and Secure allows access using SSH.
Step 5 In the PM Clearing Privilege field, choose the minimum security level that can clear node PM data: PROVISIONING or SUPERUSER.
Step 6 Select the Enable Craft Port check box to turn on the shelf controller serial ports.
Step 7 Select the EMS access state from the list. Available states are Non-Secure and Secure (allows access using SSH).
In the TCC CORBA (IIOP/SSLIOP) Listener Port area, choose a listener port option:
•Default - TCC Fixed—Uses Port 57790 to connect to ONS 15454s on the same side of the firewall or if no firewall is used (default). This option can be used for access through a firewall if Port 57790 is open.
•Standard Constant—Uses Port 683 (IIOP) or Port 684 (SSLIOP), the Common Object Request Broker Architecture (CORBA) default port number.
•Other Constant—If the default port is not used, type the Internet Inter-ORB Protocol (IIOP) or SSLIOP port specified by your firewall administrator.
Step 8 In the SNMP Access area, set the Simple Network Management Protocol (SNMP) access state to Non-Secure or Disabled (disables SNMP access).
Step 9 Click Apply.
| Cisco ONS 15600 SDH Procedure Guide, R8.0 |
18-32 | October 2007 |
