Paradyne 9783, FrameSaver DSL Limiting Telnet Access

Security and Logins

5-5

9783-A2-GB20-00 July 2000

Limiting Telnet Access

Telnet access can be limited by:

HDisabling Telnet access completely.

HRequiring a login for Telnet sessions that are not on the TS Management

Link.

HAssigning an access level for Telnet sessions.

HDisabling TS Management Link access.

To limit Telnet access via a service provider’s troubleshooting management link,

see

Limiting Telnet or FTP Access Over the TS Management Link

.

"Procedure

To limit Telnet access when the session is not on the TS Management Link:

1. Select the Telnet and FTP Session options.

Main Menu

→

Configuration

→

Management and Communication

→

Telnet and FTP Sessions

2. Set the following configuration options, as appropriate.

To . . . Set the configuration option . . .

Disable Telnet access Telnet Session to Disable.

Require a login Login Required to Enable.

NOTE: User ID and password combinations

must be defined. See

Creating a Login

.

Assign an access level Session Access Level to Level-2 or Level-3.

NOTE: Regardless of a user’s login access

level, a user cannot operate at a level higher

than the access level specified for the Telnet

session (e.g., if a user has a Level-1 login and

Level-2 telnet access has been set, the

Level-1 user can only operate as a Level-2

user).

If you are going to allow users to configure the

unit, keep the access at Level-1.

3. Save your changes.

See

Configuring Telnet and/or FTP Session Support

in Chapter 4,

Configuration

Options,

for more information about setting Telnet configuration options.

Contents

Main Page i Contents About This Guide 1 About the FrameSaver DSL Unit 2 User Interface and Basic Operation 3 Configuration Procedures 4 Configuration Options 5 Security and Logins iii 6 Operation and Maintenance 7 FTP Operation iv 8 Troubleshooting 9 Setting Up OpenLane for FrameSaver Devices v 10 Setting Up Network Health for FrameSaver Devices A Menu Hierarchy B SNMP MIBs and Traps, and RMON Alarm Defaults Page vii About This Guide FTP Operation. Operation and Maintenance. Security and Logins. Configuration Options. viii Section Description ix Product-Related Documents Document Number Document Title x Conventions Used Convention Used When Used 1-1 About the FrameSaver DSL Unit 1 System Overview 1-2 FrameSaver DSL Features and Benefits Features 1-3 1-4 Benefits About the FrameSaver DSL Unit 1-5 The following diagram shows the FrameSaver DSL unit in a frame relay network. 1-6 FrameSaver DSL Feature Sets Advanced SLV Features Basic Features 1-7 Advanced SLV Features Basic Features 1-8 Basic Features 1-9 1-10 Advanced SLV Features OpenLane SLM System 1-11 OpenLane SLM System Page 2-1 User Interface and Basic Operation 2 2-2 Logging On 2-3 Saving Configuration Options Configuration Procedures 2-4 Main Menu Menu Hierarchy User Interface and Basic Operation 2-5 Screen Work Areas Screen Format Description User Interface and Basic Operation 2-6 Navigating the Screens Keyboard Keys Use the following keyboard keys to navigate within the screen area: Press . . . To . . . 2-7 Function Keys Screen Work Areas 2-8 Selecting from a Menu Switching Between Screen Areas Screen Work Areas 2-9 Selecting a Field Entering Information Page 3-1 Configuration Procedures 3 3-2 Basic Configuration 3-3 Configuration Option Areas Configuration Option Tables FrameSaver DSL 9783 Quick Reference 3-4 Accessing and Displaying Configuration Options 3-5 Changing Configuration Options PVC Connections User Interface and Basic Operation 3-6 Saving Configuration Options 4-1 Configuration Options 4 Overview 4-2 4-3 Using the Easy Install Feature Easy Install 4-4 Table 4-1. Easy Install Configuration Options (1 of 2) 4-5 Table 4-1. Easy Install Configuration Options (2 of 2) Configuring the Ethernet Port 4-6 Setting Up So the Router Can Receive RIP Entering System Information and Setting the System Clock 4-7 Configuration Option Tables Configuring the Overall System 4-8 Configuring Frame Relay and LMI for the System System Frame Relay and LMI Table 4-2. System Frame Relay and LMI Options (1 of 2) 4-9 Table 4-2. System Frame Relay and LMI Options (2 of 2) 4-10 Configuring Service Level Verification Options SLV options are selected from the System menu (see Table 4-3). Service Level Verification Table 4-3. Service Level Verification Options (1 of 2) 4-11 Table 4-3. Service Level Verification Options (2 of 2) 4-12 Configuring General System Options General 4-13 Configuring the Physical Interfaces Configuring the Network Interface Physical 4-14 Configuring the User Data Port Data Ports Physical Table 4-6. Data Port Physical Interface Options (1 of 2) 4-15 Table 4-6. Data Port Physical Interface Options (2 of 2) 4-16 Configuring Frame Relay for the Data Port Data Ports Frame Relay Table 4-7. Data Port Frame Relay Options (1 of 2) 4-17 Table 4-7. Data Port Frame Relay Options (2 of 2) 4-18 Configuring ATM for the Network Interface 4-19 Configuring Circuit and DLCI Records Data Port Configuration Network Configuration 4-20 Table 4-9. DLCI Record Options (2 of 3) 4-21 Table 4-9. DLCI Record Options (3 of 3) quality of service 4-22 Configuring PVC Connections Configuring Management PVCs PVC Connections 4-23 Table 4-10. PVC Connection Options (2 of 2) 4-24 Setting Up Management and Communication Options Configuring Node IP Information Node IP 4-25 Table 4-11. Node IP Options (1 of 3) 4-26 Table 4-11. Node IP Options (2 of 3) 4-27 Table 4-11. Node IP Options (3 of 3) , 4-28 Configuring Management PVCs Configuring Node IP Information Configuring Circuit and DLCI Records Management PVCs 4-29 Table 4-12. Management PVC Options (2 of 3) Interface 4-30 Table 4-12. Management PVC Options (3 of 3) For nonmultiplexed DLCIs: For multiplexed DLCIs: Setting Up So the Router Can Receive RIP Configuring General SNMP Management General SNMP Management 4-32 4-33 Configuring Telnet and/or FTP Session Support Telnet and FTP Session 4-34 Table 4-14. Telnet and FTP Session Options (2 of 3) 4-35 Table 4-14. Telnet and FTP Session Options (3 of 3) 4-36 Configuring SNMP NMS Security SNMP NMS Security 4-37 Configuring SNMP Traps RMON Alarm Defaults SNMP MIBs and Traps, and SNMP Traps 4-38 Table 4-16. SNMP Traps Options (2 of 3) linkname 4-39 Table 4-16. SNMP Traps Options (3 of 3) 4-40 Configuring the Ethernet Port Ethernet Port Table 4-17. Ethernet Port Options (1 of 2) 4-41 Table 4-17. Ethernet Port Options (2 of 2) 4-42 Configuring the Communication Port Communication Port Table 4-18. Communication Port Options (1 of 4) 4-43 Table 4-18. Communication Port Options (2 of 4) 4-44 Table 4-18. Communication Port Options (3 of 4) 4-45 Table 4-18. Communication Port Options (4 of 4) Configuring Node IP Information 4-46 Configuring the COM Port to Support an External Modem Connectors, Cables, and Pin Assignments External Modem (Com Port) Standard EIA-232-D Crossover Cable 5-1 Security and Logins 5 5-2 Limiting Access Configuration Options, Configuring the Communication Port Controlling Asynchronous Terminal Access 5-3 Communication Port Resetting the Unit and Restoring Communication 5-4 Controlling External COM Port Device Access Controlling Telnet or FTP Access 5-5 Limiting Telnet Access Configuring Telnet and/or FTP Session Support Limiting Telnet or FTP Access Over the TS Management Link Telnet and FTP Sessions 5-6 Limiting FTP Access Configuring Telnet and/or FTP Session Support Telnet and FTP Sessions 5-7 Limiting Telnet or FTP Access Over the TS Management Link 5-8 Controlling SNMP Access Disabling SNMP Access 5-9 Assigning SNMP Community Names and Access Levels 5-10 Limiting SNMP Access Through IP Addresses Configuring General SNMP Management General SNMP Management Management and Communication Configuration Creating a Login Administer Logins 5-12 Modifying a Login Deleting a Login 6-1 Operation and Maintenance 6 6-2 Displaying System Information nn.nn.nn nnnn-nnx Identity View this field . . . To find the . . . Viewing LEDs and Control Leads DSL FrameSaver SLV FrameSaver LED Descriptions 6-5 6-6 Control Lead Descriptions 6-7 Device Messages (Seen at an FTP terminal.) 6-8 Table 6-5. Device Messages (2 of 5) FTP Operation Changing Software FTP Operation 6-9 Table 6-5. Device Messages (3 of 5) 6-10 Table 6-5. Device Messages (4 of 5) Upgrading System Software FTP Operation 6-11 Table 6-5. Device Messages (5 of 5) 6-12 Status Information 6-13 System and Test Status Messages Status System and Test Status Self-Test Results Messages Last System Reset Date and Time Health and Status Messages nnnn nnnn Change Operating Mode) 6-15 Table 6-7. Health and Status Messages (2 of 3) nnnn atm link 6-16 Table 6-7. Health and Status Messages (3 of 3) nnnn Time Slot Assignment Configuration Test Status Messages nnnn frame_relay_link [Interface] Pttn 6-18 Table 6-8. Test Status Messages (2 of 2) 6-19 PVC Connection Status DLCI Name PVC connection statuses are selected from the Status menu. PVC Connection Status 6-20 Table 6-9. PVC Connection Status (2 of 2) Field What It IndicatesStatus 6-21 Network Interface Status Network Interface Status can be viewed from the Status menu. Network Interface Status Network Interface Status Screen Example Table 6-10. Network Interface Status Field Status What It Indicates IP Routing Table IP Routing Table 6-23 Table 6-11. IP Routing Table Values Column What It Indicates name 6-24 Performance Statistics 6-25 Clearing Performance Statistics 6-26 Service Level Verification Performance Statistics yyy Service Level Verification xx,yyy, 6-27 Table 6-12. Service Level Verification Performance Statistics (2 of 2) 6-28 DLCI Performance Statistics DLCI 6-29 Table 6-13. DLCI Performance Statistics (2 of 2) 6-30 Frame Relay Performance Statistics Frame Relay 6-31 Table 6-14. Frame Relay Performance Statistics (2 of 2) (contd) 6-32 ATM Performance Statistics ATM 6-33 6-34 Ethernet Performance Statistics The following statistics appear when Ethernet is selected from the Performance Statistics menu. Ethernet 6-35 Trap Event Log Standards Compliance for SNMP Traps Status Trap Event Log SNMP MIBs and Traps, and RMON Alarm Defaults Page 7-1 FTP Operation 7 7-2 FTP File Transfers Transferring Collected Data from to to/from 7-3 Security and Logins Creating a Login in Chapter 5, 7-4 Upgrading System Software Changing Software xxxxxx 7-5 Determining Whether a Download Is Completed Changing Software 7-6 Transferring Collected Data Configuration Options) NOTES: Viewing Captured Packets from the Menu-Driven User Interface 8-1 Troubleshooting 8 8-2 DTE Loopback IP Ping Test Lamp Test Problem Indicators 8-3 Resetting the Unit and Restoring Communication Resetting the Unit from the Control Menu Resetting the Unit By Cycling the Power 8-4 Restoring Communication with an Improperly Configured Unit 8-5 Troubleshooting Management Link Feature FTP Operation Transferring Collected Data Control Viewing Captured Packets from the Menu-Driven User Interface Viewing Captured Packets from the Menu-Driven User Interface LMI Packet Capture Utility Display LMI Trace Log 8-7 Alarms Status System and Test Status Table 8-1. Alarm Conditions (1 of 4) Alarm Condition What It Indicates What To Do 8-8 Table 8-1. Alarm Conditions (2 of 4) 8-9 Table 8-1. Alarm Conditions (3 of 4) nnnn atm link 8-10 Table 8-1. Alarm Conditions (4 of 4) 8-11 Trap Event Log Operation and Maintenance Trap Event Log Troubleshooting Tables Device Problems 8-12 Table 8-2. Device Problems (2 of 2) Symptom SolutionsPossible Cause Restoring Communication with an Improperly Configured Unit xxxxxxxx 8-13 ATM Problems 8-14 Frame Relay PVC Problems Table 8-4. Frame Relay PVC Problems Symptom Possible Cause Solutions 8-15 Tests Available 8-16 Test Timeout Feature Aborting All Tests Configuration Options Starting and Stopping a Test 8-17 Aborting All Tests Starting and Stopping a Test 8-18 PVC Tests 8-19 PVC Loopback Network PVC Tests Data Port PVC Tests Send Pattern [Network PVC Tests/Data Port PVC Tests] Monitor Pattern [Network PVC Tests/Data Port PVC Tests] Connectivity Network PVC Tests 8-21 DTE Loopback Data Port Physical Tests CAUTION: 8-22 IP Ping Test nn " IP Ping 8-23 " 8-24 Lamp Test 9-1 Setting Up OpenLane for FrameSaver Devices 9 OpenLane Support of FrameSaver Devices Setting Up the OpenLane SLM System Setting Up FrameSaver and SLV Support OpenLane Support of FrameSaver Devices Setting Up the OpenLane SLM System About This Guide Product-Related Documents OpenLane 5.x Service Level Management for UNIX Quick Start Installation Instructions OpenLane 5.x Service Level Management for Windows NT Quick Start Installation Instructions Setting Up FrameSaver and SLV Support Page 10-1 Setting Up Network Health for FrameSaver Devices 10 10-2 Network Health Installation Guide Network Health Traffic Accountant Reports Guide Installation and Setup of Network Health 10-3 Discovering FrameSaver Elements Discovering Elements elements 10-4 Configuring the Discovered Elements Discovering Elements 10-5 Grouping Elements for Reports Managing Groups and Group Lists 10-6 Generating Reports for a Group Health Reports Guide Running Reports from the Console About Service Level Reports About At-a-Glance Reports Reports Applicable to FrameSaver SLV Devices 10-8 Page 10-10 Page Menu Hierarchy A-2 Menu Hierarchy Frame Relay Mode Status Identity A-3 Control Easy Install System Information Control Page B-1 SNMP MIBs and Traps, and RMON Alarm Defaults B B-2 MIB Support Downloading MIBs and SNMP Traps B-3 System Group (mib-2) FrameSaver Units sysDescr (system 1) FrameSaver Units sysObjectID (system 2) B-4 Interfaces Group (mib-2) Paradyne Indexes to the Interface Table (ifTable) B-5 NetScout Indexes to the Interface Table (ifTable) DLCI number interface number hhhh-hhh For the DTE side: Standards Compliance for SNMP Traps Examples: B-7 Trap: warmStart Trap: authenticationFailure B-8 Traps: linkUp and linkDown B-9 Table B-6. linkUp and linkDown Variable-Bindings (1 of 3) Interface Variable-Bindings Possible Cause Sample strings: B-10 Table B-6. linkUp and linkDown Variable-Bindings (2 of 3) Interface Possible CauseVariable-Bindings (contd) B-11 Table B-6. linkUp and linkDown Variable-Bindings (3 of 3) Interface Possible CauseVariable-Bindings B-12 Traps: enterprise-Specific B-13 s B-14 B-15 Traps: RMON-Specific RMON Alarm and Event Defaults Two traps are defined to support the Alarm and Events Groups of RMON. See B-16 RMON Alarm and Event Defaults Traps: RMON-Specific Standards Compliance for SNMP Traps Physical Interface Alarm Defaults Frame Relay Link Alarm Defaults Physical Interface Alarm Defaults B-18 Frame Relay Link Alarm Defaults B-19 Table B-10. Frame Relay Link Alarm Defaults (2 of 2) Item Interval MIB/Tag/OID Event Sample Type DLCI Alarm Defaults Paradyne Area B-21 Table B-11. DLCI Alarm Defaults Paradyne Area (2 of 3) Item Interval MIB/Tag/OID Event Sample Type B-22 B-23 Object ID Cross-References (Numeric Order) B-24 Table B-14. History OID Cross-Reference (1 of 5) Object ID (OID)1Item MIB/Tag B-25 Table B-14. History OID Cross-Reference (2 of 5) B-26 Table B-14. History OID Cross-Reference (3 of 5) B-27 Table B-14. History OID Cross-Reference (4 of 5) B-28 Table B-14. History OID Cross-Reference (5 of 5) See Table B-15 for an RMON alarm OID cross-reference. B-29 Table B-15. Alarm OID Cross-Reference (1 of 2) Object ID (OID) Item MIB/Tag B-30 Table B-15. Alarm OID Cross-Reference (2 of 2) Object ID (OID) MIB/TagItem C-1 Connectors, Cables, and Pin Assignments C Rear Panel Connectors, Cables, and Pin Assignments C-2 DSL Network Interface Cable Pin #8 Pin #1 Figure C-1. DSL Network Interface Cable with RJ48C Connector ) 8-Pin Plug COM Port Connector Connectors, Cables, and Pin Assignments C-4 Standard EIA-232-D Crossover Cable C-5 C-6 Data Port Connector Standard V.35 Straight-through Cable C-7 Ethernet Port Connector Page D-1 Technical Specifications D Table D-1. FrameSaver DSL Technical Specifications (1 of 2) Specification Criteria Technical Specifications D-2 Table D-1. FrameSaver DSL Technical Specifications (2 of 2) Specification Criteria E-1 Equipment List E Equipment See page E-2 for cables you can order. Description Model/Feature Number Equipment List E-2 Cables This table lists cables you can order. Description Part Number Feature Number IN-1 Index Numbers A B C D IN-3 E F G IN-4 H I K L IN-5 M N IN-6 O P Q R IN-7 S IN-8 T IN-9 U V W