Lucent Technologies SLV 9124 Limiting Telnet Access

Security and Logins

4-5

9124-A2-LB20-00 March 2000

Limiting Telnet Access

Telnet access can be limited by:

HDisabling Telnet access completely.

HRequiring a login for Telnet sessions that are not on the TS Management

Link.

HAssigning an access level for Telnet sessions.

HDisabling TS Management Link access.

To limit Telnet access via a service provider’s troubleshooting management link,

see Limiting Telnet or FTP Access Over the TS Management Link.

"Procedure

To limit Telnet access when the session is not on the TS Management Link:

1. Select the Telnet and FTP Session options.

Main Menu →Configuration →Management and Communication →

Telnet and FTP Sessions

2. Set the following configuration options, as appropriate.

To . . . Set the configuration option . . .

Disable Telnet access Telnet Session to Disable.

Require a login Login Required to Enable.

NOTE: User ID and password combinations

must be defined. See Creating a Login.

Assign an access level Session Access Level to Level-2 or Level-3.

NOTE: Regardless of a user’s login access

level, a user cannot operate at a level higher

than the access level specified for the Telnet

session (e.g., if a user has a Level-1 login and

Level-2 telnet access has been set, the

Level-1 user can only operate as a Level-2

user).

If you are going to allow users to configure the

unit, keep the access at Level-1.

3. Save your changes.

See Configuring Telnet and/or FTP Session Support in Chapter 3, Configuration,

for more information about setting Telnet configuration options.

Contents

Main Page Page i Contents About This Guide 1 About the FrameSaver SLV 9124 2 User Interface and Basic Operation 3 Configuration ii iii 4 Security and Logins 5 Operation and Maintenance iv 6 Troubleshooting 7 Setting Up OpenLane for FrameSaver Devices v 8 Setting Up NetScout Manager Plus for FrameSaver Devices 9 Setting Up Network Health for FrameSaver Devices A Menu Hierarchy B SNMP MIBs and Traps, and RMON Alarm Defaults vi C Connectors, Cables, and Pin Assignments D Technical Specifications E Equipment List Index vii About This Guide Purpose and Intended Audience Document Organization Section Description viii Section Description ix Product-Related Documents Document Number Document Title x Conventions Used Convention Used When Used 1-1 About the FrameSaver SLV 9124 1 SLM Overview 1-2 FrameSaver SLV 9124 Features 1-3 1-4 1-5 Page 2-1 User Interface and Basic Operation 2 2-2 Logging On 2-3 2-4 Main Menu User Interface and Basic Operation 2-5 Screen Work Areas Screen Format Description User Interface and Basic Operation 2-6 Navigating the Screens Keyboard Keys Use the following keyboard keys to navigate within the screen area: Press . . . To . . . 2-7 Function Keys Page 2-9 Selecting a Field Entering Information Page 3-1 Configuration 3 3-2 3-3 Basic Configuration 3-4 Configuration Option Areas 3-5 Accessing and Displaying Configuration Options 3-6 Changing Configuration Options 3-7 Saving Configuration Options 3-8 Minimal Configuration Before Deploying Remote Units Entering System Information and Setting the System Clock 3-9 Setting Up for Trap Dial-Out Setting Up an External Modem for Trap Dial-Out Setting Up Call Directories for Trap Dial-Out 3-10 Setting Up Auto-Configuration 3-11 Selecting a Frame Relay Discovery Mode 3-12 3-13 Automatically Removing a Circuit 3-14 Setting Up Management Setting Up Local Management at the Central Site 3-15 Setting Up So the Router Can Receive RIP Setting Up Service Provider Connectivity at the Central Site 3-16 Setting Up Back-to-Back Operation Changing Operating Mode 3-17 Configuration Option Tables Configuring the Overall System 3-18 Configuring Frame Relay and LMI for the System 3-19 Table 3-1. System Frame Relay and LMI Options (2 of 2) 3-20 Configuring Service Level Verification Options 3-21 Table 3-2. Service Level Verification Options (2 of 2) 3-22 Configuring General System Options 3-23 Table 3-3. General System Options (2 of 2) 3-24 Configuring the Physical Interfaces Configuring the Network Interface 3-25 Table 3-4. Network Physical Interface Options (2 of 4) 3-26 Table 3-4. Network Physical Interface Options (3 of 4) 3-27 Table 3-4. Network Physical Interface Options (4 of 4) 3-28 Configuring the User Data Port 3-29 Table 3-5. Data Port Physical Interface Options (2 of 2) 3-30 Configuring the DSX-1 Interface 3-31 Table 3-6. DSX-1 Physical Interface Options (2 of 2) 3-32 Assigning Time Slots/Cross Connections Assigning Frame Relay Time Slots to the Network Interface 3-33 3-34 Assigning DSX-1 Time Slots to the Network Interface 3-35 3-36 3-37 3-38 Table 3-7. Signaling and Trunk Conditioning Values (2 of 3) Network Side DSX-1 SideMeaning 3-39 Table 3-7. Signaling and Trunk Conditioning Values (3 of 3) Network Side DSX-1 SideMeaning Clearing Assignments 3-40 Configuring Frame Relay for an Interface 3-41 Table 3-8. Interface Frame Relay Options (2 of 3) 3-42 Table 3-8. Interface Frame Relay Options (3 of 3) 3-43 Manually Configuring DLCI Records 3-44 Table 3-9. DLCI Record Options (2 of 3) 3-45 Table 3-9. DLCI Record Options (3 of 3) 3-46 Configuring PVC Connections 3-47 Table 3-10. PVC Connection Options (2 of 2) 3-48 Setting Up Management and Communication Options Configuring Node IP Information 3-49 Table 3-11. Node IP Options (1 of 2) 3-50 Table 3-11. Node IP Options (2 of 2) 3-51 Configuring Management PVCs 3-52 Table 3-12. Management PVC Options (2 of 3) 3-53 Table 3-12. Management PVC Options (3 of 3) 3-54 Configuring General SNMP Management General SNMP Management Table 3-13. General SNMP Management Options 3-55 Configuring Telnet and/or FTP Session Support 3-56 Table 3-14. Telnet and FTP Session Options (2 of 3) 3-57 Table 3-14. Telnet and FTP Session Options (3 of 3) 3-58 Configuring SNMP NMS Security Options 3-59 Configuring SNMP Traps and Trap Dial-Out 3-60 Table 3-16. SNMP Traps and Trap Dial-Out Options (2 of 4) 3-61 Table 3-16. SNMP Traps and Trap Dial-Out Options (3 of 4) 3-62 Table 3-16. SNMP Traps and Trap Dial-Out Options (4 of 4) 3-63 Configuring the Communication Port Communication Port Table 3-17. Communication Port Options (1 of 4) 3-64 Table 3-17. Communication Port Options (2 of 4) 3-65 Table 3-17. Communication Port Options (3 of 4) 3-66 Table 3-17. Communication Port Options (4 of 4) 3-67 Configuring the COM Port to Support an External Modem 3-68 Table 3-18. External Modem (COM Port) Options (2 of 2) 4-1 Security and Logins 4 4-2 Limiting Access Controlling Asynchronous Terminal Access 4-3 4-4 Controlling External COM Port Device Access Controlling Telnet or FTP Access 4-5 Limiting Telnet Access 4-6 Limiting FTP Access 4-7 Limiting Telnet or FTP Access Over the TS Management Link 4-8 Controlling SNMP Access Disabling SNMP Access 4-9 Assigning SNMP Community Names and Access Levels 4-10 Limiting SNMP Access Through IP Addresses 4-11 Creating a Login 4-12 Modifying a Login Deleting a Login 5-1 Operation and Maintenance 5 5-2 Displaying System Information 5-3 Viewing LEDs and Control Leads FrameSaverSLV 5-4 LED Descriptions 5-5 Table 5-2. Network and DSX-1 Interface LEDs Table 5-3. User Data Port LED 5-6 Control Lead Descriptions 5-7 Device Messages 5-8 Table 5-5. Device Messages (2 of 5) 5-9 Table 5-5. Device Messages (3 of 5) 5-10 Table 5-5. Device Messages (4 of 5) 5-11 Table 5-5. Device Messages (5 of 5) 5-12 Status Information 5-13 System and Test Status Messages 5-14 5-15 Table 5-7. Health and Status Messages (2 of 4) 5-16 Table 5-7. Health and Status Messages (3 of 4) 5-17 5-18 Table 5-8. Test Status Messages (2 of 2) 5-19 Network LMI-Reported DLCIs Status 5-20 Table 5-9. Network LMI-Reported DLCIs Status Field Status What It Indicates 5-21 PVC Connection Status 5-22 Table 5-10. PVC Connection Status (2 of 2) Field What It IndicatesStatus 5-23 Time Slot Assignment Status 5-24 5-25 Performance Statistics 5-26 Clearing Performance Statistics 5-27 Service Level Verification Performance Statistics 5-28 Table 5-11. Service Level Verification Performance Statistics (2 of 2) 5-29 DLCI Performance Statistics 5-30 Table 5-12. DLCI Performance Statistics (2 of 2) 5-31 Frame Relay Performance Statistics 5-32 Table 5-13. Frame Relay Performance Statistics (2 of 3) 5-33 Table 5-13. Frame Relay Performance Statistics (3 of 3) 5-34 ESF Line Performance Statistics NOTES: 5-35 5-36 The following performance statistics are collected for ESF line conditions: 5-37 FTP File Transfers 5-38 5-39 Upgrading System Software 5-40 Determining Whether a Download Is Completed Changing Software 5-41 Transferring Collected Data Page 6-1 Troubleshooting 6 6-2 Problem Indicators 6-3 Resetting the Unit and Restoring Communication Resetting the Unit from the Control Menu Resetting the Unit By Cycling the Power 6-4 Restoring Communication with a Misconfigured Unit 6-5 Troubleshooting Management Link Feature LMI Packet Capture Utility Feature 6-6 Viewing Captured Packets from the Menu-Driven User Interface 6-7 Alarms 6-8 Table 6-1. Alarm Conditions (2 of 6) 6-9 Table 6-1. Alarm Conditions (3 of 6) 6-10 Table 6-1. Alarm Conditions (4 of 6) 6-11 Table 6-1. Alarm Conditions (5 of 6) 6-12 Table 6-1. Alarm Conditions (6 of 6) 6-13 Troubleshooting Tables Device Problems Table 6-2. Device Problems (1 of 2) Symptom Possible Cause Solutions 6-14 Table 6-2. Device Problems (2 of 2) Symptom SolutionsPossible Cause 6-15 Frame Relay PVC Problems Table 6-3. Frame Relay PVC Problems Symptom Possible Cause Solutions 6-16 Tests Available Test Timeout Feature 6-17 Starting and Stopping a Test Page 6-19 PVC Tests 6-20 PVC Loopback Send Pattern 6-21 Monitor Pattern Connectivity 6-22 Physical Tests 6-23 Line Loopback 6-24 Payload Loopback 6-25 Repeater Loopback 6-26 DTE Loopback 6-27 Send Line Loopback 6-28 Data Channel Loopbacks on a Frame Relay Link 6-29 Send Remote Line Loopback 6-30 Send and Monitor Pattern Tests 6-31 IP Ping Test " 6-32 Lamp Test 7-1 Setting Up OpenLane for FrameSaver Devices 7 OpenLane Support of FrameSaver Devices 7-2 Setting Up the OpenLane SLM System Setting Up FrameSaver SLV Support 8-1 Setting Up NetScout Manager Plus for FrameSaver Devices 8 8-2 Before Getting Started 8-3 Configuring NetScout Manager Plus 8-4 Adding FrameSaver SLV Units to the NetScout Manager Plus Network 8-5 Verifying Domains and Groups 8-6 Correcting Domains and Groups 8-7 8-8 Adding SLV Alarms Using a Template 8-9 Editing Alarms 8-10 8-11 Adding SLV Alarms Manually 8-12 8-13 Creating History Files 8-14 8-15 Installing the User-Defined History Files 8-16 Monitoring a DLCIs History Data Page 8-18 Monitoring the Agent Using NetScout Manager Plus 8-19 8-20 Statistical Windows Supported 9-1 Setting Up Network Health for FrameSaver Devices 9 9-2 Installation and Setup of Network Health 9-3 Discovering FrameSaver Elements 9-4 Configuring the Discovered Elements 9-5 Grouping Elements for Reports 9-6 Generating Reports for a Group About Service Level Reports About At-a-Glance Reports 9-7 About Trend Reports Reports Applicable to SLV Devices 9-8 9-9 Page Page Menu Hierarchy A-2 Menu Hierarchy System and Test Status Identity LMI Reported DLCIs A-3 Auto-Configuration System Information Administer Logins Load Configuration from: Page B-1 SNMP MIBs and Traps, and RMON Alarm Defaults B B-2 MIB Support Downloading MIBs and SNMP Traps B-3 System Group (mib-2) FrameSaver Units sysDescr (system 1) FrameSaver Units sysObjectID (system 2) B-4 Interfaces Group (mib-2) Paradyne Indexes to the Interface Table (ifTable) B-5 NetScout Indexes to the Interface Table (ifTable) B-6 Standards Compliance for SNMP Traps B-7 Trap: warmStart Trap: authenticationFailure B-8 Traps: linkUp and linkDown B-9 Table B-6. linkUp and linkDown Variable-Bindings (1 of 2) Interface Variable-Bindings Possible Cause B-10 Table B-6. linkUp and linkDown Variable-Bindings (2 of 2) Interface Possible CauseVariable-Bindings B-11 Traps: enterprise-Specific B-12 B-13 B-14 Traps: RMON-Specific B-15 RMON Alarm and Event Defaults B-16 Physical Interface Alarm Defaults B-17 Frame Relay Link Alarm Defaults B-18 B-19 DLCI Alarm Defaults Paradyne Area B-20 DLCI Alarm Defaults NetScout Area B-21 B-22 Object ID Cross-References (Numeric Order) B-23 Table B-14. History OID Cross-Reference (1 of 4) Object ID (OID) 1Item MIB/Tag B-24 Table B-14. History OID Cross-Reference (2 of 4) B-25 Table B-14. History OID Cross-Reference (3 of 4) B-26 Table B-14. History OID Cross-Reference (4 of 4) See Table B-15 on page B-27 for an RMON alarm OID cross-reference. B-27 Table B-15. Alarm OID Cross-Reference (1 of 2) Object ID (OID) Item MIB/Tag B-28 Table B-15. Alarm OID Cross-Reference (2 of 2) Object ID (OID) MIB/TagItem C-1 Connectors, Cables, and Pin Assignments C Rear Panel C-2 COM Port Connector C-3 LAN Adapter Converter and Cable C-4 Standard EIA-232-D Crossover Cable C-5 C-6 Port 1 Connector C-7 Standard V.35 Straight-through Cable Standard V.35 Crossover Cable C-8 T1 Network Cable (Feature No. 3100-F1-500) Canadian T1 Line Interface Cable (Feature No. 3100-F1-510) C-9 DSX-1 Connector DSX-1 Adapter (Feature No. 9008-F1-560) Page D-1 Technical Specifications D Table D-1. FrameSaver SLV 9124 Technical Specifications (1 of 2) Specification Criteria Technical Specifications D-2 Table D-1. FrameSaver SLV 9124 Technical Specifications (2 of 2) Specification Criteria E-1 Equipment List E Equipment See page E-2 for cables you can order. Description Model/Feature Number Equipment List E-2 Cables This table lists cables you can order. Description Part Number Feature Number IN-1 Index Numbers A B C D IN-3 E IN-4 F G H I K M IN-6 N O P IN-7 Q R IN-8 S IN-9 T IN-10 U V W Y