Firewall Not Enabled; Figure 9-9 Proxy Server Gateway Settings - Cisco ONS 15600 Reference Manual

9.2.7 Scenario 7: Provisioning the ONS 15600 Proxy Server
If you launch CTC against a node through a NAT (Network Address Translation) or PAT (Port Address
Note
Translation) router and that node does not have proxy enabled, your CTC session starts and initially
appears to be fine. However CTC never receives alarm updates and disconnects and reconnects every two
minutes. If the proxy is accidentally disabled, it is still possible to enable the proxy during a reconnect
cycle and recover your ability to manage the node, even through a NAT/PAT firewall.
ENEs that belong to different private subnetworks do not need to have unique IP addresses. Two ENEs
Note
that are connected to different GNEs can have the same IP address. However, ENEs that connect to the
same GNE must always have unique IP addresses.
Figure 9-9

9.2.7.1 Firewall Not Enabled

Figure 9-10
central office LAN and to ONS 15600 ENEs. The central office LAN is connected to a NOC LAN, which
has CTC computers. The NOC CTC computer and craft technicians must both be able to access the
ONS 15600 ENEs. However, the craft technicians must be prevented from accessing or seeing the NOC
or central office LANs.
In the example, the ONS 15600 GNE is assigned an IP address within the central office LAN and is
physically connected to the LAN through its LAN port. ONS 15600 ENEs are assigned IP addresses that
are outside the central office LAN and given private network IP addresses. If the ONS 15600 ENEs are
collocated, the craft LAN ports could be connected to a hub. However, the hub should have no other
network connections.
Cisco ONS 15600 Reference Manual, R8.0
9-12
Proxy Server Gateway Settings
shows an ONS 15600 proxy server implementation. A ONS 15600 GNE is connected to a
Chapter 9 Management Network Connectivity