user manual
Table Of Contents
- Cisco ONS 15454 SDH Reference Manual
- Contents
- About this Guide
- Shelf and FMEC Hardware
- Common Control Cards
- Electrical Cards
- Optical Cards
- Ethernet Cards
- Storage Access Networking Cards
- Card Protection
- Cisco Transport Controller Operation
- Security and Timing
- Circuits and Tunnels
- SDH Topologies and Upgrades
- CTC Network Connectivity
- Alarm Monitoring and Management
- Ethernet Operation
- Hardware Specifications
- A.1 Shelf Specifications
- A.2 SFP Specifications
- A.3 General Card Specifications
- A.4 Common Control Card Specifications
- A.5 Electrical Card and FMEC Specifications
- A.5.1 E1-N-14 Card Specifications
- A.5.2 E1-42 Card Specifications
- A.5.3 E3-12 Card Specifications
- A.5.4 DS3i-N-12 Card Specifications
- A.5.5 STM1E-12 Card Specifications
- A.5.6 BLANK Card
- A.5.7 FMEC-E1 Specifications
- A.5.8 FMEC-DS1/E1 Card Specifications
- A.5.9 FMEC E1-120NP Card Specifications
- A.5.10 FMEC E1-120PROA Card Specifications
- A.5.11 FMEC E1-120PROB Card Specifications
- A.5.12 E1-75/120 Impedance Conversion Panel Specifications
- A.5.13 FMEC-E3/DS3 Card Specifications
- A.5.14 FMEC STM1E 1:1 Card Specifications
- A.5.15 FMEC-BLANK Card Specifications
- A.5.16 MIC-A/P Card Specifications
- A.5.17 MIC-C/T/P Card Specifications
- A.6 Optical Card Specifications
- A.6.1 OC3 IR 4/STM1 SH 1310 Card Specifications
- A.6.2 OC3 IR/STM1 SH 1310-8 Card Specifications
- A.6.3 OC12 IR/STM4 SH 1310 Card Specifications
- A.6.4 OC12 LR/STM4 LH 1310 Card Specifications
- A.6.5 OC12 LR/STM4 LH 1550 Card Specifications
- A.6.6 OC12 IR/STM4 SH 1310-4 Card Specifications
- A.6.7 OC48 IR/STM16 SH AS 1310 Card Specifications
- A.6.8 OC48 LR/STM16 LH AS 1550 Card Specifications
- A.6.9 OC48 ELR/STM16 EH 100 GHz Card Specifications
- A.6.10 OC192 SR/STM64 IO 1310 Card Specifications
- A.6.11 OC192 IR/STM64 SH 1550 Card Specifications
- A.6.12 OC192 LR/STM64 LH 1550 Card Specifications
- A.6.13 OC192 LR/STM64 LH ITU 15xx.xx Card Specifications
- A.7 Ethernet Card Specifications
- A.8 Storage Access Networking Card Specifications
- Administrative and Service States
- Network Element Defaults
- Index

12-27
Cisco ONS 15454 SDH Reference Manual, R5.0
April 2008
Chapter 12 CTC Network Connectivity
12.6 Open GNE
access-list 101 remark
access-list 101 permit tcp host 10.10.10.100 any host 192.168.10.10 eq 683
access-list 101 remark *** allows alarms and other communications from the 15454 SDH
(random port) to the CTC workstation
(port 683) ***
access-list 100 remark
access-list 101 permit tcp host 10.10.10.100 host 192.168.10.10 established
access-list 101 remark *** allows ACKs from the 15454 SDH GNE to CTC ***
12.6 Open GNE
The ONS 15454 SDH can communicate with non-ONS nodes that do not support point-to-point protocol
(PPP) vendor extensions or OSPF type 10 opaque link-state advertisements (LSA), both of which are
necessary for automatic node and link discovery. An open GNE configuration allows the DCC-based
network to function as an IP network for non-ONS nodes.
To configure an open GNE network, you can provision SDCC, LDCC, and GCC terminations to include
a far-end, non-ONS node using either the default IP address of 0.0.0.0 or a specified IP address. You
provision a far-end, non-ONS node by checking the “Far End is Foreign” check box during SDCC,
LDCC, and GCC creation. The default 0.0.0.0 IP address allows the far-end, non-ONS node to provide
the IP address; if you set an IP address other than 0.0.0.0, a link is established only if the far-end node
identifies itself with that IP address, providing an extra level of security.
By default, the proxy server only allows connections to discovered ONS peers and the firewall blocks
all IP traffic between the DCC network and LAN. You can, however, provision proxy tunnels to allow
up to 12 additional destinations for SOCKS version 5 connections to non-ONS nodes. You can also
provision firewall tunnels to allow up to 12 additional destinations for direct IP connectivity between the
DCC network and LAN. Proxy and firewall tunnels include both a source and destination subnet. The
connection must originate within the source subnet and terminate within the destination subnet before
either the SOCKS connection or IP packet flow is allowed.
To set up proxy and firewall subnets in CTC, use the Provisioning > Network > Proxy and Firewalls
subtabs. The availability of proxy and/or firewall tunnels depends on the network access settings of the
node:
• If the node is configured with the proxy server enabled in GNE or ENE mode, you must set up a
proxy tunnel and/or a firewall tunnel.
• If the node is configured with the proxy server enabled in proxy-only mode, you can set up proxy
tunnels. Firewall tunnels are not allowed.
• If the node is configured with the proxy server disabled, neither proxy tunnels or firewall tunnels
are allowed.
Figure 12-18 shows an example of a foreign node connected to the DCC network. Proxy and firewall
tunnels are useful in this example because the GNE would otherwise block IP access between the PC
and the foreign node.