Dlp- G264 Enable Node Security Mode - Cisco ONS 15454 DWDM Installation And Operation Manual

Chapter 3 Turn Up a Node
DLP-G264 Enable Node Security Mode
Purpose
Tools/Equipment
Prerequisite Procedures
Required/As Needed
Onsite/Remote
Security Level
This task requires TCC2P cards. The security mode options described in this task will not appear in CTC
Note
if TCC2 cards are installed.
The IP address assigned to the TCC2P LAN port must reside on a different subnet from the backplane
Caution
LAN port and the ONS 15454 default router. Verify that the new TCC2P IP address meets this
requirement and is compatible with ONE 15454 network IP addresses.
The node will reboot after you complete this task, causing a temporary disconnection between the CTC
Note
computer and the node.
Click the Provisioning > Security > Data Comm tabs.
Step 1
Click Change Mode.
Step 2
Review the information on the Change Secure Mode wizard page, then click Next.
Step 3
On the TCC Ethernet Port page, enter the IP address and subnet mask for the TCC2P LAN (TCP/IP) port.
Step 4
The IP address cannot reside on the same subnet as the backplane LAN port, nor the ONS 15454 default
router.
Step 5 Click Next.
On the Backplane Ethernet Port page, modify the backplane IP address, subnet mask, and default router,
Step 6
if needed. (You normally do not modify these fields if no ONS 15454 network changes have occurred.)
Step 7 Click Next.
Step 8 On the SOCKS Proxy Server Settings page, choose one of the following options:
•
•
September 2005
This task enables the ONS 15454 security mode. When security mode is
enabled, two IP addresses are assigned to the node. One address is assigned
to the backplane LAN port and the other to the TCC2P RJ-45 TCP/IP
(LAN) port.
TCC2P cards must be installed.
NTP-G103 Back Up the Database, page 13-2
DLP-G46 Log into CTC, page 2-25
As needed
Onsite or remote
Superuser
External Network Element (ENE)—If selected, the CTC computer is only visible to the ONS 15454
to which the CTC computer is connected. The computer is not visible to the DCC-connected nodes.
In addition, firewall is enabled, which means that the node prevents IP traffic from being routed
between the DCC and the LAN port.
Gateway Network Element (GNE)—If selected, the CTC computer is visible to other
DCC-connected nodes. The node prevents IP traffic from being routed between the DCC and the
LAN port.
Cisco ONS 15454 DWDM Installation and Operations Guide, R6.0
DLP-G264 Enable Node Security Mode
3-17