1 / 15

Initial Switch Configuration

Initial Switch Configuration. ATM Switch. Objectives. Configure parameters for the following AMI settings on a Marconi ATM switch: System Date and Time Network Time Protocol Switch Name Initial System Menu Settings Syslog Messages Switch Access Userids and Passwords Access Control List

lester-shaw
Download Presentation

Initial Switch Configuration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Initial Switch Configuration ATM Switch

  2. Objectives • Configure parameters for the following AMI settings on a Marconi ATM switch: • System Date and Time • Network Time Protocol • Switch Name • Initial System Menu Settings • Syslog Messages • Switch Access • Userids and Passwords • Access Control List • Telnet Settings

  3. Setting the Date and Time ATM SWITCH:system-> ? : date Get/Set system date and time : modify Modify system configuration : ATM SWITCH:system-> date ?[[-date] <"MM/DD/YYYY HH:MM:SS [+- HH:MM]">] Date[[-timezone] <text>] TimeZone ATM SWITCH:system-> date -timezone EST5EDT ATM SWITCH:system-> date 1/3/2005 07:39:20 EST5EDT,M4.1.0/02:00,M10.5.0/02:00 ATM SWITCH:system-> date 1/3/2005 08:25:00 ERROR: “1/3/2005" is an invalid value for field "-date” <"MM/DD/YYYY HH:MM:SS [+- HH:MM]">” ATM SWITCH:system-> date "01/03/2005 08:25:00"

  4. Network Time Protocol ATM SWITCH:services-> ntp ? loop Display ntp loop filter variables. modify Modify server parameters. peer> The peer directory peers Display ntp server peer list. restrict> The restrict directory show Display ntp server status. ATM SWITCH:services ntp-> show NTP Server Admin Status: Server: disabled Bclient: disabled Debug level: 0 Server Oper Status: Version: xntpd 3-5.93 Fri Jan 10 16:46:40 EDT 1998 (1) Status: server is shutdown Only for date/time, not for AAL1 voice/video timing

  5. Setting the Switch Name ATM SWITCH:-> system ATM SWITCH:system-> modify Usage: [[-name] <text>] System Name [[-contact] <text>] System Contact [[-location] <text>] System Location [[-reservedpmpminvci] <integer>] PMP Minimum Reserved VCI [[-reservedpmpmaxvci] <integer>] PMP Maximum Reserved VCI [[-protocol] <protocol_type>] Transfer Protocol [[-connectionpreservation] (disabled|enabled)] PVx Connection Preservation[[-svxcallpreservation] (disabled|enabled)] SVx/SPVx Preservation[[-atmlayeroam] (enabled|disabled)] ATM Layer OAM [[-httphelpurl] <text>] HTTP Help Url[[-preferredip] <text>] Preferred IP Interface [[-clockscalingfactor] <integer>] Clock Scaling Factor [[-fabric_id] (reset | <MacAddress>)] Fabric ID (MAC Address)[[-pmpenable] (disabled|enabled)] PMP calls Enable/Disable[[-ip_forwarding_mode] (SCP|IPR)] IP Forwarding Mode SCP/IPR[[-utiltimeperiod] (0..60)] B/W Utilization Interval ATM SWITCH:system-> modify -name ASX-200BX ASX-200BX:system->

  6. Other Initial System Menu Options ASX-200BX:system-> ? : modify Modify system configuration : prompt Get/Set the command line prompt : syslog> The syslog directory timeout Get/set the AMI inactivity timeout value ASX-200BX:system-> timeout ? [[-timeout] <0..465000000>] Timeout (in minutes) ASX-200BX:system-> timeout 0 ASX-200BX:system-> prompt default ASX-200BX:system-> prompt myBX myBX:system->    

  7. Syslog Messages ATM SWITCH:system-> syslog ATM SWITCH:system syslog-> ? console Show/Set console syslog statedelete Remove remote syslog entry facility Show/Set syslog facilitynew Setup remote syslog entry session Show/Set the session logging stateshow Display remote syslog entries ATM SWITCH:system syslog-> console Console syslogging is enabled ATM SWITCH:system syslog-> console ? [[-state] (enabled|disabled)] State ATM SWITCH:system syslog-> console disabled

  8. UserID ami Configurable Profiles admin user readonly Configurable Authentication password passcode (SecurID) community/USM (SNMP) Kerberos (Unix-based) Radius (Remote) SSL (http server) PublicKey (Secure Shell) Access Method console telnet http snmp SSH Switch Security

  9. Access Choices per UserID • Console • From local serial port only • Telnet • ATM in-band • Ethernet out-of-band • HTTP • ATM in-band • Ethernet out-of-band • SNMP • ServiceOn Data, HP OpenView, etc. • SSH • Secure replacement to Telnet • Multiple, concurrent incoming sessions • Multiple outgoing sessions • Secure FTP * Versions of ForeThought 9.0 and higher provide IPv6 management application support for Telnet, HTTP, SNMP and SSH

  10. Displaying UserID Information ATM SWITCH:security login-> ? defaults> Configure default login privileges delete Delete a login method expirytime Show/Set account/password expiry time failuremsg Show/Set msg to user on a failed login attempt lock Lock a user account with password auth method modify Modify a login method new Add a login method password Modify a password for a user profiles> The profiles directory publickey> The publickey directory show Show user login methods and status unlock Unlock a user account with password auth method userlog Show user access log ATM SWITCH:security login-> show AuthenticationAcct UserName Application Method Profile Name Locked ----------------------- ------------- --------------- --------------------- ------ ami console password admin no ami http password admin no ami telnet password admin no

  11. Creating a New UserID and/or New Password ATM SWITCH:-> security login ATM SWITCH:security login-> new Usage: [-username] <text <size 3..64>> User Name [-application] <text> Application [-authmethod] <text> Authentication Method [[-profile] <text>] Profile Name (default: user) ATM SWITCH:security login-> new marconi console password user Please enter a password for user marconi: ******** Please enter it again: ******** ATM SWITCH:security login-> password marconi Please enter a new password: ****** Please enter it again: ****** ATM SWITCH:security login->

  12. Security Feature Enhancements ATM SWITCH:security login-> ? defaults> Configure default login privileges delete Delete a login method expirytime Show/Set account/password expiry time failuremsg Show/Set msg to user on a failed login attempt lock Lock a user account with password auth methodmodify Modify a login method new Add a login method password Modify a password for a user profiles> The profiles directory publickey> The publickey directory show Show user login methods and statusunlock Unlock a user account with password auth methoduserlog Show user access log ATM SWITCH:security login profiles config-> ? modify Modify local user account restrictions show Show local user account restrictions ATM SWITCH:security login profiles config-> modify ? [-profile] <text> Profile Name [[-username-minsize] (3..64)] Username Min Size [[-username-alphanum] (enabled|disabled)] Username Alpha-Numeric [[-passwd-minsize] (3..64)] Password Min Size [[-passwd-alphanum] (enabled|disabled)] Password Alpha-Numeric [[-passwd-exptime] <integer>] Password Expires In (Days) [[-passwd-expwarntime <integer>] Password Exp. Warning Period (Days) [[-maxattempts] <integer>] Max Failed Attempts [[-locktime] <integer>] User Acct Lockout Time (Mins) [[-account-exptime] <integer>] Unused Acct Expires In (Days) [[-disallowed-reuse] <integer>] Disallow Last ‘N’ Passwords [[-require-update] (enabled|disabled)] Require Initial Password Update [[-change-delay] <integer>] Delay Between Password Changes (Days)

  13. Access Control Lists • Associate a profile name and AMI command or directory with an access level ATM SWITCH:security login profiles-> ? config> The config directory delete Delete a profile entry modify Modify a profile entry new Add a profile entry show Show profile entries ATM SWITCH:security login profiles-> new ? [-profilename] <text> Profile Name [[-cmddirname] <text>] Command / Directory (default: DEFAULT) [[-access] <Access>] Access Level (default: none) [[-query] <query>] Query (default: “”)

  14. Starting a Telnet Session ATM SWITCH:system-> telnet-sessions ? close Forcibly close a telnet connection reattach Reattach to an existing telnet connection show Show outbound telnet connections telnet Connect to a remote host ATM SWITCH:system telnet-sessions-> telnet Usage: [-host] <Remote InetAddress> Destination Host [[-port] <integer>] Port (default: 23) [[-kerberos] (enabled|disabled)] Use kerberos authentication (default: disabled) [[-forward] (enabled|disabled)] Forward ticket to host (default: disabled) ATM SWITCH:system telnet-sessions-> telnet 192.168.0.200 Connecting to 192.168.0.200 . . . S_ForeThought_ATM _9.0.0.N GA-Update (1.157933) (asx4000) (otherswitch) login: ami : --------------------------------------------------- ATM SWITCH:system telnet-sessions-> show Index Host Port Owning Task State 0 192.168.0.200 23 Serial AMI attached:Connected

  15. Summary • Configure parameters for the following AMI settings on a Marconi ATM switch: • System Date and Time • Network Time Protocol • Switch Name • Initial System Menu Settings • Syslog Messages • Switch Access • Userids and Passwords • Access Control List • Telnet Settings

More Related