Manualshelf

User manual

ManualsBrandsWide Bank ManualsComputer equipment28 DS3
111112113114115116117118119120
Configuration
Basic Configuration
6-12 July 2004 Wide Bank 28 DS3 - Release 2.4
NOTE: When security is on and the user secu is logged in, turning security off logs off
the user secu. Similarly, turning security on automatically logs in the user secu.
Security integrity is provided by denying access if a user name or password is entered
incorrectly. After three consecutive unsuccessful login attempts, the login prompt will not
appear for 10 seconds, and an SNMP trap (cliLoginFailureTrap) is sent to the Network
Management System (NMS). After the 10-second delay, the prompt wll reappear and another
login attempt can be made. This three-attempt rule applies to both RS-232 and Telnet sessions
but a Telnet session will be disconnected after three unsuccessful attempts, requiring
reconnection after a 10-second delay.
NOTE: Whenever a user logs in or out of the CLI interface or the TL1 interface, an event
is recorded in the event log. The log entry indicates the name of the user that logged in or
out.
User Interface Access (Security Upgrade Option)
With the Wide Bank’s Security Upgrade option, you can selectively disable the following user
interfaces to prevent unauthorized access:
Ethernet port – Prevents SNMP, TCP/IP TL1, and Telnet sessions over the Ethernet
port.
9-pin RS-232 CLI port – Prevents CLI sessions over the RS-232 CLI port.
25-pin RS-232 TL1 port – Prevents TL1 sessions over the RS-232 TL1 port.
SNMP management – Prevents SNMP sessions over the Ethernet port and over the DS3
C-bit PPP data link.
TL1 management – Prevents TL1 sessions over the 25-pin RS-232 TL1 port, over the
Ethernet port, and over the DS3 C-bit PPP data link.
The Ethernet port and RS-232 CLI port cannot both be disabled. One of these ports must
remain active to provide CLI management access. If you disable the RS-232 port, you must
first assign a valid IP address to the Wide Bank for Ethernet access (cannot be null, 0.0.0.0, or
255.255.255.255). For information about setting the IP address, see Configuring IP and PPP
Addresses on page 6-15.
If you disable SNMP management, SNMP sessions are disabled over the Ethernet port and the
DS3 C-bit PPP data link. If you disable TL1 management, TL1 is disabled over the 25-pin RS-
232 TL1 port, the Ethernet port, and the DS3 C-bit PPP data link. In a PPP remote management
configuration, a local Wide Bank is connected via DS3 to a remote Wide Bank. The local Wide
Bank can route messages originating from the Ethernet channel to the remote Wide Bank over
the C-bit link. The remote Wide Bank responds over the C-bit link to the local Wide Bank
which then routes the responses back over its Ethernet channel. Disabling SNMP or TL1 in the
local Wide Bank does not prevent SNMP or TL1 sessions over the C-bit link to the remote Wide
Bank. To prevent SNMP or TL1 sessions to the remote Wide Bank via the C-bit link, these
interfaces must be disabled for the remote Wide Bank as well.