user manual
Table Of Contents
- Cisco ONS 15454 SDH Reference Manual
- Contents
- About this Guide
- Shelf and FMEC Hardware
- Common Control Cards
- Electrical Cards
- Optical Cards
- Ethernet Cards
- Storage Access Networking Cards
- Card Protection
- Cisco Transport Controller Operation
- Security and Timing
- Circuits and Tunnels
- SDH Topologies and Upgrades
- CTC Network Connectivity
- Alarm Monitoring and Management
- Ethernet Operation
- Hardware Specifications
- A.1 Shelf Specifications
- A.2 SFP Specifications
- A.3 General Card Specifications
- A.4 Common Control Card Specifications
- A.5 Electrical Card and FMEC Specifications
- A.5.1 E1-N-14 Card Specifications
- A.5.2 E1-42 Card Specifications
- A.5.3 E3-12 Card Specifications
- A.5.4 DS3i-N-12 Card Specifications
- A.5.5 STM1E-12 Card Specifications
- A.5.6 BLANK Card
- A.5.7 FMEC-E1 Specifications
- A.5.8 FMEC-DS1/E1 Card Specifications
- A.5.9 FMEC E1-120NP Card Specifications
- A.5.10 FMEC E1-120PROA Card Specifications
- A.5.11 FMEC E1-120PROB Card Specifications
- A.5.12 E1-75/120 Impedance Conversion Panel Specifications
- A.5.13 FMEC-E3/DS3 Card Specifications
- A.5.14 FMEC STM1E 1:1 Card Specifications
- A.5.15 FMEC-BLANK Card Specifications
- A.5.16 MIC-A/P Card Specifications
- A.5.17 MIC-C/T/P Card Specifications
- A.6 Optical Card Specifications
- A.6.1 OC3 IR 4/STM1 SH 1310 Card Specifications
- A.6.2 OC3 IR/STM1 SH 1310-8 Card Specifications
- A.6.3 OC12 IR/STM4 SH 1310 Card Specifications
- A.6.4 OC12 LR/STM4 LH 1310 Card Specifications
- A.6.5 OC12 LR/STM4 LH 1550 Card Specifications
- A.6.6 OC12 IR/STM4 SH 1310-4 Card Specifications
- A.6.7 OC48 IR/STM16 SH AS 1310 Card Specifications
- A.6.8 OC48 LR/STM16 LH AS 1550 Card Specifications
- A.6.9 OC48 ELR/STM16 EH 100 GHz Card Specifications
- A.6.10 OC192 SR/STM64 IO 1310 Card Specifications
- A.6.11 OC192 IR/STM64 SH 1550 Card Specifications
- A.6.12 OC192 LR/STM64 LH 1550 Card Specifications
- A.6.13 OC192 LR/STM64 LH ITU 15xx.xx Card Specifications
- A.7 Ethernet Card Specifications
- A.8 Storage Access Networking Card Specifications
- Administrative and Service States
- Network Element Defaults
- Index
12-26
Cisco ONS 15454 SDH Reference Manual, R5.0
April 2008
Chapter 12 CTC Network Connectivity
12.5 External Firewalls
The following access control list (ACL) example shows a firewall configuration when the proxy server
gateway setting is not enabled. In the example, the CTC workstation's address is 192.168.10.10. and the
ONS 15454 SDH address is 10.10.10.100 The firewall is attached to the GNE CTC, so inbound is CTC
to the GNE and outbound is from the GNE to CTC. The CTC Common Object Request Broker
Architecture (CORBA) Standard constant is 683 and the TCC CORBA Default TCC Fixed (57790).
access-list 100 remark *** Inbound ACL, CTC -> NE ***
access-list 100 remark
access-list 100 permit tcp host 192.168.10.10 any host 10.10.10.100 eq www
access-list 100 remark *** allows initial contact with ONS 15454 SDH using http (port 80)
access-list 100 remark
access-list 100 permit tcp host 192.168.10.10 683 host 10.10.10.100 eq 57790
access-list 100 remark *** allows CTC communication with ONS 15454 SDH GNE (port 57790)
***
access-list 101 remark *** Outbound ACL, NE -> CTC ***
access-list 101 remark
access-list 101 permit tcp host 10.10.10.100 any host 192.168.10.10 eq 683
access-list 101 remark *** allows alarms etc., from ONS 15454 SDH (random port) to the CTC
workstation (port 683) ***
access-list 100 remark
access-list 101 permit tcp host 10.10.10.100 host 192.168.10.10 established
access-list 101 remark *** allows ACKs from ONS 15454 SDH GNE to CTC ***
The following ACL example shows a firewall configuration when the proxy server gateway setting is
enabled. As with the first example, the CTC workstation address is 192.168.10.10 and the
ONS 15454 SDH address is 10.10.10.100. The firewall is attached to the GNE CTC, so inbound is CTC
to the GNE and outbound is from the GNE to CTC. CTC CORBA Standard constant (683) and TCC
CORBA Default TCC Fixed (57790).
access-list 100 remark *** Inbound ACL, CTC -> NE ***
access-list 100 remark
access-list 100 permit tcp host 192.168.10.10 any host 10.10.10.100 eq www
access-list 100 remark *** allows initial contact with the 15454 SDH using http (port 80)
***
access-list 100 remark
access-list 100 permit tcp host 192.168.10.10 683 host 10.10.10.100 eq 57790
access-list 100 remark *** allows CTC communication with the 15454 SDH GNE (port 57790)
***
access-list 100 remark
access-list 100 permit tcp host 192.168.10.10 683 host 10.10.10.100 eq 1080
access-list 100 remark *** allows CTC communication with the 15454 SDH GNE proxy server
(port 1080) ***
access-list 100 remark
access-list 100 permit tcp host 192.168.10.10 683 host 10.10.10.100 range 10240 10495
access-list 100 remark *** allows CTC communication with the 15454 SDH ENEs (ports 10240 -
10495) via the GNE proxy server
***
access-list 100 remark
access-list 100 permit tcp host 192.168.10.10 host 10.10.10.100 established
access-list 100 remark *** allows ACKs from CTC to the 15454 SDH GNE ***
access-list 101 remark *** Outbound ACL, NE -> CTC ***
10240-12287 Proxy client D
57790 Default TCC listener port OK
1. D = deny, NA = not applicable, OK = do not deny
Table 12-9 Ports Used by the TCC2/TCC2P (continued)
Port Function Action
1