Cisco Systems ONS 15600 SDH

18-32

Cisco ONS 15600 SDH Procedure Guide, R8.0

October 2007

Chapter18 DLPs F300 to F399

DLP- F332 Change Node Access and PM Clearing Privilege

Step1 In node view, click the Provisioning > Security > Access tabs.

Step2 In the Access area, provision the following:

•LAN access—Choose one of the following options to set the access paths to the node:

–

No LAN Access—Allows access to the node only through data communications channel (DCC)

connections. Access through the TSC RJ-45 port and backplane is not permitted.

–

Front only—Allows access through the TSC RJ-45 port. Access through the DCC and the

backplane is not permitted.

–

Backplane only—Allows access through DCC connections and the backplane. Access through

the TSC RJ-45 port is not allowed.

–

Front and Backplane—Allows access through DCC, TSC RJ-45, and backplane connections.

•Restore Timeout—Sets a time delay for enabling of front and backplane access when DCC

connections are lost and “DCC only” is chosen in LAN Access. Front and backplane access is

enabled after the restore timeout period has passed. Front and backplane access is disabled as soon

as DCC connections are restored.

Step3 In the Shell Access area, set the shell program used to access the node:

•Access State: Allows you to set the shell program access mode to Disable (disables shell access),

Non-Secure, or Secure. Secure mode allows access to the node using the Secure Shell (SSH)

program. SSH is a terminal-remote host Internet protocol that uses encrypted links.

•Telnet Port: Allows access to the node using the Telnet port. Telnet is the terminal-remote host

Internet protocol developed for the Advanced Agency Research Project Network (ARPANET).

Port 23 is the default.

•Enable Shell Password: If checked, enables the SSH password. To disable the password, you must

uncheck the check box and click Apply. You must type the password in the confirmation dialog box

and click OK to disable it.

Step4 In the TL1 Access area, select the desired level of TL1 access. Disabled completely disables all TL1

access; Non-Secure, and Secure allows access using SSH.

Step5 In the PM Clearing Privilege field, choose the minimum security level that can clear node PM data:

PROVISIONING or SUPERUSER.

Step6 Select the Enable Craft Port check box to turn on the shelf controller serial ports.

Step7 Select the EMS access state from the list. Available states are Non-Secure and Secure (allows access

using SSH).

In the TCC CORBA (IIOP/SSLIOP) Listener Port area, choose a listener port option:

•Default - TCC Fixed—Uses Port 57790 to connect to ONS 15454s on the same side of the firewall

or if no firewall is used (default). This option can be used for access through a firewall if Port 57790

is open.

•Standard Constant—Uses Port 683 (IIOP) or Port 684 (SSLIOP), the Common Object Request

Broker Architecture (CORBA) default port number.

•Other Constant—If the default port is not used, type the Internet Inter-ORB Protocol (IIOP) or

SSLIOP port specified by your firewall administrator.

Step8 In the SNMP Access area, set the Simple Network Management Protocol (SNMP) access state to

Non-Secure or Disabled (disables SNMP access).

Step9 Click Apply.