Firewall Not Enabled; Figure 9-9 Proxy Server Gateway Settings - Cisco ONS 15600 Reference Manual

Chapter 9 Management Network Connectivity
9.2.7 Scenario 7: Provisioning the ONS 15600 Proxy Server
If you launch CTC against a node through a NAT (Network Address Translation) or PAT (Port Address
Note
Translation) router and that node does not have proxy enabled, your CTC session starts and initially
appears to be fine. However CTC never receives alarm updates and disconnects and reconnects every
two minutes. If the proxy is accidentally disabled, it is still possible to enable the proxy during a
reconnect cycle and recover your ability to manage the node, even through a NAT/PAT firewall.
Figure 9-9 Proxy Server Gateway Settings

9.2.7.1 Firewall Not Enabled

Figure 9-10 shows an ONS 15600 proxy server implementation. A ONS 15600 GNE is connected to a
central office LAN and to ONS 15600 ENEs. The central office LAN is connected to a NOC LAN, which
has CTC computers. The NOC CTC computer and craft technicians must both be able to access the
ONS 15600 ENEs. However, the craft technicians must be prevented from accessing or seeing the NOC
or central office LANs.
In the example, the ONS 15600 GNE is assigned an IP address within the central office LAN and is
physically connected to the LAN through its LAN port. ONS 15600 ENEs are assigned IP addresses that
are outside the central office LAN and given private network IP addresses. If the ONS 15600 ENEs are
collocated, the craft LAN ports could be connected to a hub. However, the hub should have no other
network connections.
Cisco ONS 15600 Reference Manual, R6.0
9-12