Table of Contents
Advertisement
Hardware Support
Package
Customer service shell access
D20MX user accounts
Remote and local user accounts
62
The HSP is a collection of low level firmware files that provide boot loading support and
low level hardware functionality defined by Field-Programmable Gate Array (FPGA)
configuration information. The boot loading support consists of the JMON and Bootrom
files. The HSP also includes an Emergency Recovery Image (ERI) that runs only during the
HSP upgrade procedure to program the FPGAs.
There are two HSP files with the V1.4X release: one for each of the baud rates supported by
the console port of the D20MX (i.e., 9600 and 19200 baud). The name of the HSP file
indicates the baud rate of the console port and the version of the release. For example:
hsp_v140_9600.tar is the v1.40 HSP release for a 9600 baud console port.
In certain cases, GE customer service may require access to a low-level shell called the "C"
shell in the D20MX in order to troubleshoot a problem. The "C" shell is accessible from the
D20M shell by typing c. To leave the shell, type exit.
The "C" shell can only be accessed from an RS232 port of the D20MX, and it must be
enabled by a user whose "Monitor Access Level" is Read/Write (i.e., Administrator role).
Once the "C" shell is enabled, only a user whose "Monitor Access Level" is Maintenance (i.e.,
Engineer role) or Read/Write is able to access the "C" shell.
"C" shell access is enabled by typing eds in the D20M shell. The eds command takes a
parameter which defines how many seconds that a user is allowed to enter the "C" shell.
Until the eds timer expires, a user with appropriate access is allowed to enter or re-enter
the "C" shell as many times as required. After the eds timer expires, entry to the "C" shell is
no longer allowed. If the parameter is not specified, the default timeout is 300 seconds
(5 minutes).
A user log is generated each time a user runs the eds command or enters the "C" shell.
The D20MX supports the following types of user accounts:
•
Remote and local user accounts
•
Factory default user account
•
System default user account
The D20MX supports remote and local user accounts. Use remote user accounts whenever
possible to increase the level of security and to decrease user administration effort. To
implement remote user accounts, the D20MX uses Remote Authentication Dial-In User
Service (RADIUS) with CHAP, EAP-TTLS and PEAP authentication methods. Refer to the
B014-1NCG WESMAINT II+ for the D20MX Configuration Guide for details on how to
configure the D20MX to use RADIUS.
When RADIUS is used, your RADIUS server provides a role ID to the D20MX. The role ID
defines which commands and displays the user is allowed to access while logged in to the
D20MX. To allow your RADIUS server to provide a role ID, configure your RADIUS server to
use the GE vendor profile that is common to many Multilin products. Refer to the B014-
1NCG WESMAINT II+ for the D20MX Configuration Guide for details on how to configure
your RADIUS server and the D20MX with the GE vendor profile. Also refer to Appendix A,
CHAPTER 5: CONFIGURING THE SOFTWARE
GE INFORMATION
D20MX INSTRUCTION MANUAL
Advertisement
Table of Contents
