How it Works
Lucent Technologies
Loading...
Stinger
Administration Manual
374 pgs3.79 Mb0
Table of contents
Loading...

Lucent Technologies Stinger Administration Manual

Stinger®
Administration Guide
Part Number: 7820-0712-008
For software version 9.7.0
August, 2004
Copyright © 2002, 2003, 2004 Lucent Technologies Inc. All rights reserved.
This material is protected by the copyright laws of the United States and other countries. It may not be reproduced, distributed, or altered in any fashion by any entity (either internal or external to Lucent Technologies), except in accordance with applicable agreements, contracts, or licensing, without the express written consent of Lucent Technologies. For permission to reproduce or distribute, please email your request to techcomm@lucent.com.
Notice
Every effort was made to ensure that the information in this document was complete and accurate at the time of printing, but information is subject to change.
For latest information, refer to online product documentation at www.lucent.com/support.
This product may utilize zlib for the execution of certain compression functions. (C) 1995-2002 Jean-loup Gailly and Mark Adler. Provided "AS IS" without warranty of any kind.
European Community (EC) RTTE compliance
Hereby, Lucent Technologies, declares that the equipment documented in this publication is in compliance with the essential require­ments and other relevant provisions of the Radio and Telecommunications Technical Equipment (RTTE) Directive 1999/5/EC.
To view the official Declaration of Conformity certificate for this equipment, according to EN 45014, access the Lucent INS online documentation library at http://www.lucentdocs.com/ins.
Safety, compliance, and warranty Information
Before handling any Lucent Access Networks hardware product, read the Edge Access and Broadband Access Safety and Compliance Guide included in your product package. See that guide also to determine how products comply with the electromagnetic interference (EMI) and network compatibility requirements of your country. See the warranty card included in your product package for the limited warranty that Lucent Technologies provides for its products.
Security statement
In rare instances, unauthorized individuals make connections to the telecommunications network through the use of access features.
Trademarks
Lucent, the Lucent logo, and all Lucent brand and product names are trademarks or registered trademarks of Lucent Technologies Inc. Other brand and product names are trademarks of their respective holders.
Ordering Information
You can order the most up-to-date product information and computer-based training online at http://www.lucentdocs.com/bookstore.
How to comment
To comment on this information product, go to the Online Comment Form (http://www.lucent-info.com/comments/enus/) or email your comments to the Comments Hotline (comments@lucent.com).
Lucent Technologies

Customer Service

Product and service information, and software upgrades, are available 24 hours a day. Technical assistance options accommodate varying levels of urgency.

Finding information and software

To obtain software upgrades, release notes, and addenda for this product, log in to Lucent OnLine Customer Support at http://www.lucent.com/support.
Lucent OnLine Customer Support also provides technical information, product information, and descriptions of available services. The center is open 24 hours a day, seven days a week. Log in and select a service.

Obtaining technical assistance

Lucent OnLine Customer Support at http://www.lucent.com/support provides easy access to technical support. You can obtain technical assistance through email or the Internet, or by telephone. If you need assistance, make sure that you have the following information available:
Customer Service

Active service or maintenance contract number, entitlement ID, or site ID

Product name, model, and serial number

Software version or release number

Software and hardware options

If supplied by your carrier, service profile identifiers (SPIDs) associated with your line

Whether you are routing or bridging with your Lucent product

Type of computer you are using

Description of the problem

Obtaining assistance through email or the Internet

If your services agreement allows, you can communicate directly with a technical
engineer through Email Technical Support or a Live Chat. Select one of these sites when you log in to http://www.lucent.com/support.

Calling the technical assistance center (TAC)

If you cannot find an answer through the tools and information of Customer Support OnLine Customer Support for a list of telephone numbers inside and outside the United States.
or if you have a very urgent need, contact TAC. Access
at
http://www.lucent.com/support
Lucent OnLine
and click
Contact Us
Lucent
Alternatively, call 1-866-LUCENT8 (1-866-582-3688) from any location in North America for a menu of Lucent services. Or call +1 510-747-2000 for an operator. If you do not have an active services agreement or contract, you will be charged for time and materials.
Stinger® Administration Guide iii
Contents
Customer Service ........................................................................................................iii
About This Guide ..............................................................................xix
What is in this guide .................................................................................................xix
What you should know.............................................................................................xix
Documentation conventions ......................................................................................xx
Stinger documentation set ........................................................................................xxi
Chapter 1 Administering a Stinger System ......................................................1-1
About standalone and hosted Stinger systems ......................................................... 1-1
Logging into a Stinger unit....................................................................................... 1-2
Enabling basic security measures ............................................................................. 1-2
Changing the default Admin password ............................................................... 1-3
Securing the serial port of each control module................................................ 1-3
Specifying a management-only Ethernet interface ........................................... 1-4
Securing Telnet access ....................................................................................... 1-5
Managing administrative access to the unit ............................................................. 1-5
Logging into the Stinger unit ............................................................................. 1-6
Creating a new administrative profile ............................................................... 1-6
Enabling two level authentication ..................................................................... 1-7
Specifying the maximum number of login attempts ....................................... 1-11
Authentication from a remote shelf to a host Stinger unit.............................. 1-11
User account and user password expiration .................................................... 1-12
What happens when a user account or user password expires ................ 1-12
RADIUS support for account and password expiration ............................ 1-12
Setting expiration dates for user accounts and passwords ........................ 1-13
Enforcing a password check ...................................................................... 1-14
Changing a user password......................................................................... 1-14
Creating Telnet access control lists .................................................................. 1-15
Assigning permissions ...................................................................................... 1-16
Understanding command permissions ...................................................... 1-17
Specifying group permissions for commands and profile access ............... 1-19
Specifying a time-out for user logins ............................................................... 1-24
Setting the command-line prompt .................................................................. 1-24
Setting log levels for each login ....................................................................... 1-24
Logging in as a different user ........................................................................... 1-25
Displaying the current user ............................................................................. 1-25
Basic system settings .............................................................................................. 1-25
Setting the system name.................................................................................. 1-25
Setting the system time and date..................................................................... 1-26
Stinger® Administration Guide v
Contents
Viewing the system time and date ............................................................ 1-26
Changing the system time ......................................................................... 1-26
Changing the system date ......................................................................... 1-26
Configuring system clocking ............................................................................ 1-27
Displaying the current clock-source.......................................................... 1-27
Configuring trunk ports as clock sources .................................................. 1-27
Displaying basic system information ...................................................................... 1-28
Displaying system hardware information and software version ..................... 1-28
System and module uptime ............................................................................. 1-29
Using the status window.................................................................................. 1-30
Displaying the status window ................................................................... 1-30
Understanding the status window ............................................................ 1-31
Connection status information.................................................................. 1-31
General status information........................................................................ 1-32
Line and channel status ................................................................................... 1-32
Log message information .......................................................................... 1-33
Customizing the status window display .................................................... 1-34
Changing current status window sizes...................................................... 1-34
Viewing the factory configuration and software licenses ................................ 1-35
Managing administrative connections ................................................................... 1-35
Displaying administrative session information with the userstat command ... 1-35
Customizing the output of the userstat command.................................. 1-36
Displaying information related to a known IP address ............................. 1-36
Displaying information related to a known username.............................. 1-37
Using the view left session command ......................................................... 1-37
Displaying administrative users ....................................................................... 1-38
Terminating a user connection ........................................................................ 1-38
Disconnecting an idle connection .................................................................... 1-38
Resetting a Stinger system...................................................................................... 1-39
Chapter 2 Working with Stinger Shelves and Modules ..................................2-1
Understanding physical addressing on Stinger units................................................ 2-1
Viewing system components .................................................................................... 2-3
Using the show command................................................................................... 2-3
Field description from the output of the show command ............................ 2-4
Displaying the status of LPMs, PSMs, and CLT modules............................. 2-4
Monitoring the status of remote shelves ........................................................... 2-5
Using the remote-shelf-stat profile .......................................................... 2-5
Displaying information about enabled remote shelves ............................... 2-7
Displaying hosted MRT system topology and statistics ............................... 2-7
Displaying a picture of the topology............................................................ 2-8
Sending an init packet to a remote shelf................................................... 2-11
Viewing information about a particular module ............................................. 2-11
Using the show command with the shelf and slot numbers ...................... 2-11
Using the slot-info profile....................................................................... 2-12
Opening a session with a module .......................................................................... 2-12
Sample open commands................................................................................... 2-13
Opening a session ...................................................................................... 2-13
Ending a session ........................................................................................ 2-13
Module-level commands ................................................................................. 2-13
Changing a module’s state ..................................................................................... 2-14
vi Stinger® Administration Guide
Contents
Using the slot command................................................................................. 2-14
Using slot-admin profiles ................................................................................ 2-14
Changing the state of a module’s interface ............................................................ 2-15
Using the device command ............................................................................. 2-15
Using the device-state profile........................................................................ 2-16
Removing a module and its configuration ............................................................. 2-17
Removing LIMs that use system-generated ATM addresses............................ 2-17
Replacing a LIM and retaining the existing ATM addresses on the slot .......... 2-17
Moving a LIM that uses system-generated ATM addresses ............................. 2-18
Recovering from a failed module installation ........................................................ 2-18
Using the nvram command ............................................................................... 2-18
Removing the module ..................................................................................... 2-19
Chapter 3 Configuring logging, Syslog, and call logging services .................3-1
Configuring system logging and Syslog services ...................................................... 3-1
Overview of log profile parameters ................................................................... 3-1
Configuring system logging ............................................................................... 3-4
Enabling command logging ............................................................................... 3-4
Viewing command logs ............................................................................... 3-5
Viewing the cmd-log profile ........................................................................ 3-6
Saving command logs.................................................................................. 3-7
Storing log messages across system resets ................................................... 3-7
Configuring the Stinger unit Syslog facility .................................................... 3-10
Enabling the Syslog facility on the Stinger unit ........................................ 3-11
Specifying a session ID base ...................................................................... 3-12
Configuring the Syslog daemon ................................................................ 3-12
Configuring call logging ......................................................................................... 3-12
Overview of call logging .................................................................................. 3-12
Enabling call logging ........................................................................................ 3-13
Chapter 4 Monitoring System and Network Processor operations................4-1
Maintaining ASIC Integrity ...................................................................................... 4-1
Checking the defaults for control module self-tests .......................................... 4-1
Enabling centralized integrity checks ................................................................ 4-4
Optimizing system performance .............................................................................. 4-4
Optimizing performance with filters and flow classification ............................. 4-5
Overview of system profile settings............................................................. 4-5
Configuration recommendations ................................................................ 4-6
Adjusting network processor FPP memory compaction .................................... 4-6
Configuring queue size from controller to LIM ................................................. 4-7
Monitoring network processor operations ............................................................... 4-7
Monitoring network processor operations on the IP2000 module.................... 4-7
Enabling and disabling statistics collection.................................................. 4-8
Monitoring IP QoS ...................................................................................... 4-8
Monitoring statistics for a connection ....................................................... 4-11
Monitoring FPP statistics ........................................................................... 4-12
Global RSP statistics................................................................................... 4-13
Monitoring logical port traffic ................................................................... 4-13
Scheduler traffic and error statistics .......................................................... 4-15
Displaying APP driver statistics ................................................................. 4-15
Monitoring network operations on the the Fast Ethernet Trunk module ...... 4-15
Stinger® Administration Guide vii
Contents
Enabling, disabling, and clearing statistics collection ................................ 4-16
Displaying Ethernet traffic and error statistics and traffic rates ................ 4-17
Displaying ATM statistics—Fast Ethernet Trunk module.......................... 4-19
Obtaining AAL5 statistics .......................................................................... 4-20
Chapter 5 Monitoring Interfaces on LIMs and Trunk Modules.......................5-1
Where to find related information ........................................................................... 5-1
Summary of profiles and commands for monitoring interfaces............................... 5-2
Using profiles to monitor LIM and trunk interfaces................................................. 5-3
Monitoring trunk module interfaces ................................................................. 5-3
Monitoring LIM interfaces ................................................................................. 5-4
Displaying interface information.............................................................................. 5-6
Displaying trunk port status .............................................................................. 5-7
Resetting trunk statistics .................................................................................... 5-8
Displaying LIM interfaces .................................................................................. 5-8
Displaying ADSL LIM interfaces.................................................................. 5-8
Displaying T1 and E1 interfaces ................................................................ 5-10
Displaying IMAgroups ..................................................................................... 5-10
Testing IMA connectivity ................................................................................. 5-10
Displaying DSL performance settings..................................................................... 5-10
Displaying the current time ............................................................................. 5-11
Displaying ADSL physical entries .................................................................... 5-11
Displaying channel entries............................................................................... 5-11
Displaying interval statistics for disruption of service events .......................... 5-12
Displaying interval totals for ADSL block counts ............................................ 5-12
Displaying disruption of service statistics......................................................... 5-12
Displaying ADSL block counts ......................................................................... 5-13
Displaying performance data interval.............................................................. 5-14
Displaying channel performance intervals ...................................................... 5-15
Displaying monitor parameters ....................................................................... 5-16
Displaying time and interval information........................................................ 5-16
Displaying initialization failure statistics.......................................................... 5-16
Monitoring LIM and LIM port redundancy ........................................................... 5-17
Overview of port redundancy parameters ....................................................... 5-17
Verifying port redundancy status .................................................................... 5-18
Verifying slot configuration redundancy status ............................................... 5-18
Displaying redundancy or ignore-lineup settings for LIM ports...................... 5-19
Monitoring redundant trunk groups...................................................................... 5-20
Chapter 6 Managing System Configuration and Memory..............................6-1
Saving system configuration .................................................................................... 6-1
Saving the configuration to a local file .............................................................. 6-2
Saving the configuration to a network host ...................................................... 6-2
Saving the configuration in GZIP compressed format ....................................... 6-2
Displaying NVRAM usage statistics .......................................................................... 6-2
Clearing system configuration.................................................................................. 6-3
Retaining configuration information after clearing NVRAM ................................... 6-3
How it works ..................................................................................................... 6-3
Loading a default.cfg file from the TFTP server .............................................. 6-4
Verifying that the default.cfg is saved to the desired directories .................... 6-4
Issuing the nvram command on a system with a default.cfg file..................... 6-5
viii Stinger® Administration Guide
Contents
Restoring or updating system configuration ............................................................ 6-6
Restoring from a local file .................................................................................. 6-6
Restoring from a network host .......................................................................... 6-6
Updating the configuration................................................................................ 6-6
Transferring code images between control modules ................................................ 6-7
Using FTP to transfer files......................................................................................... 6-9
FTP client command-line interface .................................................................... 6-9
Typical command-line FTP file transfer ............................................................. 6-9
FTP client URL interface .................................................................................. 6-10
Username and password details ................................................................ 6-11
URL path details ........................................................................................ 6-11
Typical FTP URLs ............................................................................................. 6-11
Sample FTP URL with complete syntax .................................................... 6-11
Sample FTP URL with no URL path or local directory .............................. 6-12
Sample FTP URL with no username or password ..................................... 6-12
Sample FTP URL by specifying a source IP Address .................................. 6-12
Using extended profiling ........................................................................................ 6-13
Requirements and limitations.......................................................................... 6-13
Enabling extended profiling............................................................................. 6-13
Restoring an earlier configuration after enabling extended profiling.............. 6-13
Using a script to configure a Stinger unit ............................................................... 6-14
Timing the saving of profiles .................................................................................. 6-15
Reloading profiles from RADIUS............................................................................ 6-15
Loading specific module images ............................................................................. 6-15
Using the load-select profile.......................................................................... 6-16
Loading images for unknown modules ........................................................... 6-16
Loading an extracted code image .................................................................... 6-17
Using the load configuration command with an ATM VCC ......................... 6-17
Managing PCMCIA flash cards ............................................................................... 6-17
Formatting a flash card .................................................................................... 6-18
Displaying the contents of flash ....................................................................... 6-18
Compressing and uncompressing files on a flash card..................................... 6-18
Checking the file system .................................................................................. 6-19
Chapter 7 Administering the SNMP Agent.......................................................7-1
Overview of Stinger SNMP support ......................................................................... 7-1
Stinger unit as an SNMP agent .......................................................................... 7-1
Requirement for a soft IP address ...................................................................... 7-2
Overview of the snmp profile .................................................................................... 7-2
Activating the SNMP agent ...................................................................................... 7-3
Securing the SNMP agent ........................................................................................ 7-4
Enabling read-write access and setting community strings ............................... 7-4
Configuring host address security...................................................................... 7-4
Enabling host address security .................................................................... 7-4
Configuring the snmp-manager profile ......................................................... 7-5
Example of configuring host address security ............................................. 7-6
Configuring SNMPv3 USM privacy ................................................................... 7-6
Verifying the SNMPv3 license is enabled .................................................... 7-6
SNMPv3 USM features ................................................................................ 7-6
Enabling SNMPv3 USM privacy .................................................................. 7-7
Using the snmpv3-usm-user profile.............................................................. 7-7
Stinger® Administration Guide ix
Contents
Generating authentication keys .................................................................. 7-9
Generating privacy keys .............................................................................. 7-9
Example of SNMPv3 USM configuration .................................................. 7-10
Restricting the agent to SNMPv3 .............................................................. 7-10
SNMPv3 notifications ................................................................................ 7-11
Configuring view-based access control ............................................................ 7-13
Enabling VACM......................................................................................... 7-14
Mapping a security name and security model to a security group............ 7-14
Specifying view names for different types of access .................................. 7-15
Defining views........................................................................................... 7-16
Managing SNMP interfaces .................................................................................... 7-17
Verifying SNMP state ....................................................................................... 7-18
Using the admin-state-perm-if profile..................................................... 7-18
Using the admin-state-phys-if profile..................................................... 7-19
Viewing SNMP interface numbers ................................................................... 7-21
Initiating interface state changes ..................................................................... 7-21
Resetting the SNMP interface table sequentially ............................................. 7-22
Naming convention for SNMP-configured profiles ................................................ 7-22
Default naming convention ............................................................................. 7-22
Configurable naming convention .................................................................... 7-23
Selecting the naming convention for connection profiles............................... 7-23
Chapter 8 Watchdogs, Alarms, and Traps ........................................................8-1
Configuring SNMP watchdogs ................................................................................. 8-1
Settings in a watchdog-config profile ................................................................ 8-3
Enabling a watchdog to monitor fan failure...................................................... 8-3
Watchdog routines for input relays ................................................................... 8-4
Watchdog routines for a remote shelves ........................................................... 8-4
Defining alarms ........................................................................................................ 8-4
Overview of alarm profile settings ..................................................................... 8-5
Sample alarm profile configuration .................................................................. 8-7
Working with alarms ......................................................................................... 8-7
Listing alarms using the alarm command.................................................... 8-7
Using the alarm-stat profile ....................................................................... 8-8
Acknowledging alarms ................................................................................ 8-9
Clearing alarms ........................................................................................... 8-9
Turning off an alarm status light ................................................................. 8-9
Closing a relay ............................................................................................. 8-9
Setting alarms for events on remote shelves ..................................................... 8-9
Monitoring environmental conditions ............................................................ 8-12
Configuring alarm settings for the alarm MIB................................................. 8-12
Setting the maximum number of alarms in alarmClearTable ..........8-13
Clearing alarms from alarmActiveTable and alarmClearedTable ......8-13
Deleting an alarm model table .................................................................. 8-13
Configuring SNMP traps......................................................................................... 8-13
Creating a trap profile ...................................................................................... 8-13
Configuring the trap profile ............................................................................ 8-14
Trap classes ...................................................................................................... 8-15
Alarm class traps ....................................................................................... 8-15
Security class traps .................................................................................... 8-18
Port class trap ............................................................................................ 8-19
x Stinger® Administration Guide
Contents
Slot class trap............................................................................................. 8-19
OSPF class traps......................................................................................... 8-20
Typical uses of traps and trap classes......................................................... 8-22
Traps not belonging to any class ............................................................... 8-23
Monitoring ADSL threshold values ................................................................. 8-23
Specifying the dsl-threshold profile ........................................................ 8-24
Overview of the dsl-threshold profile settings ........................................ 8-24
Lucent-specific ADSL threshold traps ....................................................... 8-25
Enabling the system to generate ADSL threshold traps ............................ 8-26
How the system generates link-state traps for trunk ports .............................. 8-26
Configuring trap sequencing and heartbeat traps............................................ 8-28
Trap sequencing and the heartbeat trap.................................................... 8-28
Configuring trap sequencing and the sending of heartbeat traps ............. 8-29
Enabling traps for events on remote shelves ................................................... 8-30
Stinger trap optimization ................................................................................. 8-31
Optimizing the number of traps generated by the system ........................ 8-31
Trap optimization ...................................................................................... 8-32
Displaying information about notification logs ............................................... 8-32
Chapter 9 Working with IP Traffic ....................................................................9-1
Testing IP connectivity ............................................................................................. 9-1
Displaying the IP interface table............................................................................... 9-2
Displaying and modifying IP routes ......................................................................... 9-4
Using the netstat command to display the IP routing table ............................. 9-4
Modifying the IP routing table........................................................................... 9-5
Adding a static IP route to the routing table ............................................... 9-5
Deleting a static IP route from the routing table ......................................... 9-5
Tracing IP routes ...................................................................................................... 9-6
Displaying IP protocol statistics ................................................................................ 9-6
Displaying IP route cache information..................................................................... 9-9
Verifying name service settings ................................................................................ 9-9
Displaying the ARP cache....................................................................................... 9-10
Displaying the DNS host table ................................................................................ 9-11
Displaying the Ethernet information ..................................................................... 9-11
Displaying the contents of Ethernet packets.................................................... 9-12
Displaying Ethernet statistics and error counters ............................................ 9-12
Displaying information about IGMP ...................................................................... 9-13
Displaying WAN IP interface information.............................................................. 9-15
Displaying packets on WAN IP interfaces ........................................................ 9-15
Displaying WAN data for a particular user ...................................................... 9-16
Displaying WAN data during connection establishment for users .................. 9-16
Chapter 10 Monitoring OSPF routing ...............................................................10-1
Overview of the OSPF command ........................................................................... 10-1
Displaying general information about OSPF routing ............................................. 10-2
Displaying the OSPF database ................................................................................ 10-4
Displaying OSPF external advertisements ....................................................... 10-6
Displaying OSPF internal advertisements ........................................................ 10-7
Displaying the OSPF link-state database ................................................................ 10-7
Displaying OSPF LSAs ............................................................................................ 10-9
Displaying the OSPF routing table ....................................................................... 10-10
Stinger® Administration Guide xi
Contents
Displaying information about OSPF areas............................................................ 10-11
Displaying information about OSPF routers ........................................................ 10-11
Displaying OSPF interfaces................................................................................... 10-12
Displaying summarized information.............................................................. 10-12
Displaying information about a specific interface.......................................... 10-13
Displaying OSPF neighbors .................................................................................. 10-14
Chapter 11 Monitoring ATM and PNNI.............................................................11-1
Monitoring ATM networks .................................................................................... 11-1
Using the ATM status window......................................................................... 11-2
Determining ATM line status........................................................................... 11-3
Displaying the status of ATM internal lines..................................................... 11-4
Changing ATM debug levels ............................................................................ 11-4
Displaying the status of ATM trunk modules and their connections .............. 11-5
Checking the status of a VCC interface........................................................... 11-5
Checking the status of a terminating PVC ....................................................... 11-6
Displaying ATM VCC information and packet statistics .................................. 11-6
Displaying ATM virtual link information ........................................................ 11-7
Displaying ATM virtual link cross-connect information................................ 11-10
Displaying SPVC information ........................................................................ 11-11
Displaying SPVC target ATM addresses ......................................................... 11-13
Monitoring failing SPVCs............................................................................... 11-14
Displaying signal statistics .............................................................................. 11-14
Displaying CAC bandwidth allocation statistics............................................. 11-15
Displaying ATM connection failures .............................................................. 11-17
Displaying QoS statistics ................................................................................ 11-18
Monitoring PNNI nodes ....................................................................................... 11-18
Verifying the PNNI link.................................................................................. 11-19
Displaying general PNNI information ............................................................ 11-20
Displaying PNNI interface information......................................................... 11-21
Displaying information about PNNI logical links........................................... 11-22
Displaying information about the PNNI hierarchy ........................................ 11-24
Displaying details about neighbor nodes ....................................................... 11-27
Displaying local node information................................................................. 11-28
Displaying information about other nodes .................................................... 11-30
Displaying the PNNI topology database ......................................................... 11-32
Displaying the PNNI routing table ................................................................. 11-33
Chapter 12 Diagnostic Testing ..........................................................................12-1
OAM testing ........................................................................................................... 12-1
Overview of F4 and F5 OAM tests................................................................... 12-1
Using the oam command and atm-oam profile to run OAM tests...................... 12-2
Overview of the oam command ................................................................. 12-3
Overview of the atm-oam profile................................................................ 12-4
Enabling F4 OAM on a LIM ...................................................................... 12-7
Continuity check and monitoring ................................................................... 12-9
Continuity check implementation ............................................................ 12-9
Deactivating a continuity check test ....................................................... 12-10
Running F4 and F5 continuity tests using the oam command................. 12-11
Running F5 continuity tests using the atm-oam profile ........................... 12-12
OAM loopback tests ....................................................................................... 12-12
xii Stinger® Administration Guide
Contents
Running F4 and F5 loopback tests using the oam command ................... 12-12
Running F4 and F5 loopback tests using the atm-oam profile ................. 12-14
Specifying that a trap is sent ................................................................... 12-15
Using the oamloop command................................................................... 12-16
Configuring loopback on OC3, E3, and DS3 interfaces........................... 12-16
Displaying OAM entries................................................................................. 12-17
Fault reporting and alarms ............................................................................ 12-21
Traps for AIS/RDI and continuity check alarms ............................................ 12-22
Internal and external diagnostic tests .................................................................. 12-22
Running an internal diagnostic test (IDT) ..................................................... 12-22
Running an external diagnostic test (EDT) feature ....................................... 12-24
Digital loopback....................................................................................... 12-24
Analog loopback...................................................................................... 12-25
Running built-in self tests (BISTs) on DSL ports ........................................... 12-25
Supported LIMs ....................................................................................... 12-25
Enabling the built-in self test using the command-line interface ........... 12-25
Relay alarm testing............................................................................................... 12-26
Overview of the inputrelaytest command.................................................. 12-26
Examples using the inputrelaytest command............................................. 12-27
Displaying the status of input relays.............................................................. 12-29
Configuring a bit-error rate test (BERT) .............................................................. 12-29
Testing DSL copper loops ..................................................................................... 12-30
Using the line-tests profile ......................................................................... 12-30
Galvanic isolation test .................................................................................... 12-31
Using the line-tests profile ................................................................... 12-31
Using the isolate command................................................................... 12-32
Multiport tone generation test....................................................................... 12-33
Using the line-tests profile ................................................................... 12-33
Using the gen-tone command................................................................. 12-33
Appendix A Using Debug Commands .................................................................A-1
Enabling debug permissions .....................................................................................A-1
Enabling debug output .............................................................................................A-2
Setting debug levels..................................................................................................A-2
Getting online help for debug commands ................................................................A-2
Summary of common debug commands .................................................................A-3
System and devices debugging.................................................................................A-3
Displaying IP2000 module network processor information ........................A-4
Displaying network processor connection information ..............................A-5
Obtaining information about routes on the network processor .................A-6
Obtaining detailed information for a DID ...................................................A-7
Displaying ARP entries ................................................................................A-8
Displaying SED parameters for a DID .........................................................A-8
Displaying multicast group information......................................................A-8
Displaying IP QoS details.............................................................................A-8
Displaying bridge group information ..........................................................A-9
Displaying scheduler IDs associated with a logical port ............................A-10
Displaying information for a specific queue..............................................A-11
Displaying details for a specific scheduler .................................................A-11
Displaying Fast Ethernet trunk protocol and connection information............A-11
Displaying connection information ...........................................................A-12
Displaying ATM information.....................................................................A-13
Stinger® Administration Guide xiii
Contents
Displaying AAL5 channel information......................................................A-14
Displaying Ethernet device information....................................................A-14
Displaying Stinger port information ................................................................A-16
Resetting TCP port 23 ......................................................................................A-16
Displaying the serial numbers..........................................................................A-17
Modifying Stinger unit functionality ...............................................................A-17
RADIUS debugging.................................................................................................A-17
Using the acct-failsafe debug command......................................................A-18
Verifying settings in the external-auth profile ...............................................A-18
Displaying RADIUS accounting session status .................................................A-19
Displaying RADIUS authentication and accounting statistics..........................A-20
Interface debugging ................................................................................................A-21
Displaying network interface mappings ..........................................................A-21
Using the EOC command on ADSL interfaces .................................................A-22
Control module debugging.....................................................................................A-23
Displaying the status of redundant control modules .......................................A-23
Displaying interface management information ...............................................A-24
Appendix B Stinger Log Messages...................................................................... B-1
Fatal and warning error messages............................................................................B-1
Reviewing the fatal error log ............................................................................. B-1
Clearing the fatal error log................................................................................. B-2
Definitions of fatal errors .........................................................................................B-2
Definitions of warning messages .............................................................................. B-4
Fatal crash information on the console.................................................................... B-7
Syslog messages........................................................................................................B-7
PCMCIA flash card error messages........................................................................... B-8
load command messages ................................................................................... B-9
format command messages.............................................................................. B-10
dircode command messages............................................................................B-10
Index .......................................................................................... Index-1
xiv Stinger® Administration Guide
Figures
Figure Sample contents of a status window 1-31 Figure Front panel of a Stinger FS unit 2-2 Figure Status window for ATM VCCs 11-3 Figure Data passing through a modems digital circuitry 12-25 Figure Data passing through a modems digital and analog circuitry 12-25
Stinger® Administration Guide xv
Tables
Table 1-1 Permissions and associated commands ........................................... 1-18
Table 1-2 .Message levels ................................................................................ 1-25
Table 2-1 How TAOS organizes Stinger module functions ............................... 2-2
Table 2-2 Description of Reqd, Oper, and Slot Type fields................................ 2-4
Table 2-3 Statistics displayed for a remote shelf ............................................... 2-9
Table 2-4 Statistics displayed for the host shelf............................................... 2-10
Table 2-5 Statistics displayed in an open session on the remote shelf ............ 2-10
Table 4-1 Sample call performance statistics with different values of
np-update-time............................................. 4-6
Table 5-1 Where to find additional information ............................................... 5-1
Table 5-2 Summary of profiles and commands for monitoring interfaces........ 5-2
Table 5-3 Field descriptions for status commands............................................. 5-6
Table 7-1 SNMP parameters and associated tasks............................................. 7-2
Table 8-1 Hosted MRT alarm events ............................................................... 8-10
Table 8-2 Compact Remote alarm events ....................................................... 8-10
Table 8-3 Parameters that enable or disable traps in the alarm class.............. 8-15
Table 8-4 Parameters that enable or disable traps in the security class .......... 8-18
Table 8-5 Parameter that enables or disables traps in the port-state class ...... 8-19
Table 8-6 Parameter that enables or disables traps in the slot class ................ 8-20
Table 8-7 Parameters that enable or disable traps in the OSPF class .............. 8-20
Table 8-8 Lucent-specific ADSL threshold traps ............................................. 8-25
Table 8-9 ADSL threshold traps and required settings in the trap profile...... 8-26
Table 8-10 Description of fields for the output of the nlmstat command ........ 8-33
Table 8-11 Additional fields reported by the nlmstat Ipaddress command .... 8-34
Table 11-1 Profiles and commands for monitoring ATM networks .................. 11-1
Table 11-2 Commands and profiles for monitoring PNNI operations............. 11-19
Table 12-1 Direction specified by the remote peer and the results ................. 12-10
Table A-1 Commonly used debug commands ................................................... A-3
Table B-1 Load command error messages (loading a tar file) ........................... B-9
Table B-2 Load command error messages (uploading to PCMCIA flash cards) B-9
Table B-3 Format command error messages ................................................... B-10
Table B-4 Dircode command error messages .................................................. B-10
Stinger® Administration Guide xvii

About This Guide

This guide explains how to administer a Stinger unit and manage its operations. To use this guide, you must have set up the Stinger system as described in the Getting Started Guide for your Stinger unit and configured it for network connectivity as described in the Stinger ATM Configuration Guide.

What is in this guide

Each chapter in this guide focuses on a particular aspect of Stinger unit administration and operations. The chapters describe tools for system management, network management, and SNMP agent management.
To perform many of the tasks in this manual, you must have administrative permission on the Stinger unit. For instructions on logging into the Stinger unit with administrative permissions, see Logging into a Stinger unit on page 1-2.
Note This manual describes the set of features for Stinger units running software
version TAOS 9.7.0. Some features might not be available with earlier versions or specialty loads of the software.
Warning Before installing or operating your Stinger unit, be sure to read the safety
instructions in the Edge Access and Broadband Access Safety and Compliance Guide. For information specific to your unit, see the Safety-Related Electrical, Physical, and Environmental Information appendix in your unit’s Getting Started Guides.

What you should know

This guide attempts to provide enough information to enable an administrator who is not an expert in a particular network technology to operate and troubleshoot a Stinger unit. However, this guide does not provide a complete explanation of any network management topic. For best results, when working with the following capabilities on a Stinger unit, make sure that you have some applicable general knowledge:
Line configuration and testing
Connection negotiation and authentication
Connection cost management and accounting
IP routing
Network security
Stinger® Administration Guide xix
About This Guide

Documentation conventions

Documentation conventions
Following are all the special characters and typographical conventions used in this manual:
Convention Meaning
Monospace text Represents text that appears on your computer’s screen, or that
could appear on your computers screen.
Boldface monospace text
Italics Represent variable information. Do not enter the words
[ ] Square brackets indicate an optional argument you might add
| Separates command choices that are mutually exclusive.
> Points to the next level in the path to a parameter or menu
Key1+Key2 Represents a combination keystroke. To enter a combination
Press Enter Means press the Enter or Return key or its equivalent on your
Represents characters that you enter exactly as shown (unless the characters are also in italics—see Italics, below). If you could enter the characters but are not specifically instructed to, they do not appear in boldface.
themselves in the command. Enter the information they represent. In ordinary text, italics are used for titles of publications, for some terms that would otherwise be in quotation marks, and to show emphasis.
to a command. To include such an argument, type only the information inside the brackets. Do not type the brackets unless they appear in boldface.
item. The item that follows the angle bracket is one of the options that appear when you select the item that precedes the angle bracket.
keystroke, press the first key and hold it down while you press one or more other keys. Release all the keys at the same time. (For example, Ctrl+H means hold down the Ctrl key and press the H key.)
computer.
Introduces important additional information.
Note
Warns that a failure to follow the recommended procedure
Caution
Warning
Warning
xx Stinger® Administration Guide
could result in loss of data or damage to equipment.
Warns that a failure to take appropriate safety precautions could result in physical injury.
Warns of danger of electric shock.

Stinger documentation set

The Stinger documentation set consists of the following manuals, which can be found at http://www.lucent.com/support and http://www.lucentdocs.com/ins.
Read me first:
Edge Access and Broadband Access Safety and Compliance Guide. Contains
important safety instructions and country-specific information that you must
read before installing a Stinger unit.
TAOS Command-Line Interface Guide. Introduces the TAOS command-line
environment and shows you how to use the command-line interface
effectively. This guide describes keyboard shortcuts and introduces
commands, security levels, profile structure, and parameter types.
Installation and basic configuration:
Getting Started Guide for your Stinger platform. Shows how to install your
Stinger chassis and hardware. This guide also shows you how to use the
command-line interface to configure and verify IP access and basic access
security on the unit, and how to configure Stinger control module
redundancy on units that support it.
About This Guide
Stinger documentation set
Module guides. For each Stinger line interface module (LIM), trunk module,
or other type of module, an individual guide describes the module's features
and provides instructions for configuring the module and verifying its status.
Configuration:
Stinger Compact Remote Installation and Configuration Guide. Provides an
overview of the Stinger Compact Remote and provides instructions for the
installation and replacement of its components. This guide also describes how
to configure and manage the Compact Remote as a hosted unit
Stinger ATM Configuration Guide. Describes how to integrate the Stinger into
the ATM and Digital Subscriber Line (DSL) access infrastructure. The guide
explains how to configure PVCs, and shows how to use standard ATM
features such as quality of service (QoS), connection admission control
(CAC), and subtending.
Stinger IP2000 Configuration Guide. For Stinger systems with the IP2000
control module, this guide describes how to integrate the system into the IP
infrastructure. Topics include IP-routed switch-through ATM PVCs and RFC
1483 PVCs that terminate on the IP2000, IEEE 802.1Q VLAN, and
forwarding multicast video transmissions on DSL interfaces.
Stinger Private Network-to-Network Interface (PNNI) Supplement. For the optional
PNNI software, this guide provides quick-start instructions for configuring
PNNI and soft PVCs (SPVCs), and describes the related profiles and
commands.
Stinger SNMP Management of the ATM Stack Supplement. Describes SNMP
management of ATM ports, interfaces, and connections on a Stinger unit to
provide guidelines for configuring and managing ATM circuits through any
SNMP management utility.
Stinger T1000 Module Routing and Tunneling Supplement. For the optional T1000
module, this guide describes how to configure the Layer 3 routing and virtual
private network (VPN) capabilities.
Stinger® Administration Guide xxi
About This Guide
Stinger documentation set
RADIUS: TAOS RADIUS Guide and Reference. Describes how to set up a unit to use the Remote Authentication Dial-In User Service (RADIUS) server and contains a complete reference to RADIUS attributes.
Administration and troubleshooting: Stinger Administration Guide (this guide). Describes how to administer the Stinger unit and manage its operations. Each chapter focuses on a particular aspect of Stinger administration and operations. The chapters describe tools for system management, network management, and Simple Network Management Protocol (SNMP) management.
Reference:
Stinger Reference. An alphabetic reference to Stinger profiles, parameters, and
TAOS Glossary. Defines terms used in documentation for Stinger units.
commands.
xxii Stinger® Administration Guide

Administering a Stinger System

About standalone and hosted Stinger systems . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Logging into a Stinger unit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Enabling basic security measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Managing administrative access to the unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Basic system settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-25
Displaying basic system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-28
Managing administrative connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-35
Resetting a Stinger system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-39
This chapter describes the system administration tasks that you might perform on the Stinger unit, such as enabling basic security, configuring and managing administrative access to a system, configuring and displaying basic system settings, and managing user connections.
1
To use this chapter, you must have performed the tasks described in the Getting Started Guide for your unit and the Stinger ATM Configuration Guide. You can obtain
Stinger manuals at http://www.lucent.com/support.
Note On a Stinger MRT device, control module and line interface module (LIM)
functions are incorporated into the units chassis. The terms control module and LIM in this guide refer to the control module and the LIM port functions on a Stinger MRT and not to physical modules.

About standalone and hosted Stinger systems

In this document, a Stinger FS, Stinger FS+, Stinger LS, Stinger RT, Stinger MS+ or Stinger MRT unit that does not provide host functions to other Stinger units is referred to as a standalone unit.
You can provision and manage up to five cascaded Stinger MRT units as a single hosted system, with a single management interface. Only one of the Stinger MRT units supports ATM trunk interfaces, and that unit must be the controlling unit (the host) for the hosted system. The other cascaded units (remote shelves) are included in the hosted system topology by enabling the remote shelf through a profile for that shelf ID. For more information about the hosted operations of Stinger MRT units, see the Stinger MRT Getting Started Guide for your unit.
Stinger® Administration Guide 1-1
Administering a Stinger System

Logging into a Stinger unit

Stinger FS+, Stinger LS, and Stinger RT units with revision 2.0, revision 2.1, and IP2000 control modules can also support host functions to Stinger Compact Remote units. The Stinger Compact Remote unit is a small temperature-hardened unit that extends the reach of host Stinger units located in the central office. For more information about the hosted operations of a Compact Remote unit, see the Stinger Compact Remote Getting Started Guide.
On hosted systems, provisioning and management of the remote shelves is performed on the host. The look and feel of the host management interface is very similar to that of a standalone system, except that some commands require that you specify a shelf ID in the physical address of a slot or port, and the shelf ID is also displayed in the output of commands that previously showed only slot and port information. For more information about shelf, slot, and port addressing on Stinger systems, see Understanding physical addressing on Stinger units on page 2-1.
Logging into a Stinger unit
When you log into a Stinger unit, you actually connect to its control module. If the Stinger unit contains two control modules, you can connect to either control module.
Note On units with redundant control modules, only one control module is active at
a time. The secondary control module becomes the primary (active) control module if the primary control module can no longer support the Stinger unit. The unit transfers any configuration changes that you make on the primary control module to the secondary control module, except for changes to IP addresses. Each control module must have a unique IP address.
To administer the system, you can log in from a PC connected to the control module’s serial port, or from a workstation that has Telnet access to the system. When you log in, you are prompted for a username:
User:
To log in with administrative privileges, enter the default password (Ascend) assigned to the Stinger admin login at the factory:
User: admin Password: Ascend
The name specified in the name parameter of the admin user profile appears as your system prompt. For example:
admin>
If you are already connected to the Stinger unit as a different user, use the auth command to log in as the administrator:
admin> auth user Password:
For additional information about user profiles, see Managing administrative access to the unit on page 1-5.

Enabling basic security measures

The Stinger unit is shipped with certain default parameters set to allow easy access for the initial configuration. After you have initially logged in as administrator, ensure that the following three basic security tasks have been completed:
1-2 Stinger® Administration Guide
Change the default admin password.
Secure the serial port on both control modules.
Specify one of the Ethernet ports as a management-only port.
You can also manage administrative access to the Stinger unit by specifying the types of tasks administrative users can perform on the Stinger unit. See “Managing administrative access to the unit on page 1-5.
If the Stinger unit will be configured for SNMP, see also Securing the SNMP agent on page 7-4.

Changing the default Admin password

Because the admin login has superuser privileges, you must change the default password immediately. Be sure to write down the password you assign and store it in a safe place.
To change the password for the admin login, proceed as follows:
admin> read user admin USER/admin read
admin> set password = top-secret
admin> write USER/admin written
Administering a Stinger System
Enabling basic security measures
All subsequent administrator logins are required to supply the new password. (For more information about configuring user profiles, see Managing administrative access to the unit on page 1-5.)

Securing the serial port of each control module

The default settings for the control module allow anyone connecting to the serial port to access the system as the admin user, without logging in or being authenticated. Therefore, you must configure each control module to request a username and password and to automatically log the user out when the terminal session is terminated.
To secure the serial port on a single or primary control module, proceed as follows:
1 Read the serial profile of the primary (or single) control module:
admin> read serial {1 8 2}
The serial profile index refers to a physical port on the control module. The serial port is always designated as the second physical port of the control module.
2 Set the user-profile parameter to null:
admin> set user-profile =
3 Set the auto-logout parameter to yes:
admin> set auto-logout = yes
With this setting, the system automatically logs off the current user profile if the Data Terminal Ready (DTR) signal is lost on the serial port.
4 Write the profile:
admin> write
Stinger® Administration Guide 1-3
Administering a Stinger System
Enabling basic security measures
If your Stinger unit is operating with two control modules, both are working in parallel. As a result, the primary control module does not copy over this configuration to the secondary control module. You must secure both serial ports manually.
The following sample commands show how to secure the serial port on a secondary control module:
admin> read serial {1 9 2}
admin> set user-profile =
admin> set auto-logout = yes
admin> write
Now users connecting to a control module must supply a valid username and password for access to the Stinger unit.

Specifying a management-only Ethernet interface

You can specify that a control modules Ethernet interface is for management only. Following is the relevant parameter, which is shown with its default setting:
[in IP-INTERFACE/{ { any-shelf any-slot 0 } 0 }] management-only-interface = no
Setting the management-only-interface parameter to yes means that incoming traffic on the interface terminates in the system itself and is not forwarded on any other interface. In addition, only traffic generated by the system is forwarded onto the management-only interface. Traffic generated externally is dropped by the interface.
To configure a management interface for each of the control modules, proceed as in the following example:
admin> read ip-int {{ 1 8 1 } 0} IP-INTERFACE/{ { shelf-1 slot-8 1 } 0 } read
admin> set management-only = yes
admin> write IP-INTERFACE/{ { shelf-1 slot-8 1 } 0 } written
admin> read ip-int {{ 1 9 1 } 0} IP-INTERFACE/{ { shelf-1 slot-9 1 } 0 } read
admin> set management-only = yes
admin> write IP-INTERFACE/{ { shelf-1 slot-9 1 } 0 } written
Verifying the Ethernet port status
You can view the Ethernet’s port status using the ifmgr command. For the system to respond to this command, your user profile must be enabled with debug privileges. For information on enabling debug privileges see Enabling debug permissions on page A-1.
To verify that an Ethernet interface has been set for management only, display the output of the ifmgr -d command, as shown in the following example:
admin> ifmgr -d bif slot sif u m p ifname host-name remote-addr local-addr
1-4 Stinger® Administration Guide
--------------------------------------------------------------------------­000 1:09 000 * ie0 - 0.0.0.0/32 134.112.26.201/32 001 1:09 001 * ie1 - 0.0.0.0/32 0.0.0.0/32 002 1:09 002 * lo0 - 0.0.0.0/32 127.0.0.1/32 003 0:00 000 * rj0 - 0.0.0.0/32 127.0.0.2/32 004 0:00 000 * bh0 - 0.0.0.0/32 127.0.0.3/32 005 1:09 000 * wanabe - 0.0.0.0/32 127.0.0.3/32 006 0:00 000 * local - 0.0.0.0/32 127.0.0.1/32 007 0:00 000 * mcast - 0.0.0.0/32 224.0.0.0/32 008 0:00 000 - tunnel0 - 0.0.0.0/32 134.112.26.201/32 009 0:00 000 * vr0_main - 0.0.0.0/32 134.112.26.201/32 010 0:00 000 - sip0 - 0.0.0.0/32 0.0.0.0/32 011 1:05 006 * p wan11 bir-2-2 222.222.222.222/32 222.222.222.1/32
The u column displays an asterisk (*) to indicate that the interface is operational or a hyphen (-) to indicate that it is disabled.

Securing Telnet access

If the telnet-password parameter in the ip-global profile (without specifying a user-profile name), you can configure a Stinger system to support mild
authentication for telnet access. When a user attempts to access the system via telnet, the user must provide a password when prompted. After telnet authentication, the user goes through the terminal session authentication similar to authentication for console access.
Administering a Stinger System

Managing administrative access to the unit

User authentication can be internal or external based on system configuration. If the user-profile parameter in the ip-global profile is set with the name of a user profile, then the terminal session's user authentication is bypassed. To ensure that the user is authenticated for telnet access, the user-profile parameter should not be set to any user profile. See also, Creating Telnet access control lists on page 1-15 for more information about managing Telnet access to the system.
Managing administrative access to the unit
You create and define administrative access to the Stinger unit using user profiles. Do not confuse them with connection profiles. You configure user profiles to provide access to the Stinger command-line interface to monitor or configure the unit. In contrast, connection profiles contain authentication and configuration information for a remote device or user and allow the remote user to connect to the Stinger unit for WAN or LAN access.
You can create any number of user profiles and fine-tune the privileges they allow. In addition to authentication and permission information, user profiles also contain parameters that affect how the users environment appears at login.
A Stinger unit is shipped with the predefined user profiles admin and default. An admin user profile provides full read-write permissions, while the default user profile authorizes minimal use of commands.
Many sites choose to create some administrative accounts with read-only permissions, to allow certain users to check status windows, read log buffers, and enter diagnostic commands. You need at least one administrative account with read­write permissions, but you might choose to create several read-only accounts.
Stinger® Administration Guide 1-5
Administering a Stinger System
Managing administrative access to the unit
For information about managing administrative sessions, see “Managing administrative connections on page 1-35.

Logging into the Stinger unit

To log into the Stinger unit for administrative tasks, use a profile that has write permissions, as in the following example:
% telnet myStinger User: admin Password: mypassword
admin>
If you are already logged into the Stinger unit, make sure you are at the highest level by entering the list .. command (possibly more than once), as in the following example:
admin> list .. name = ““ physical-address* = { shelf-1 slot-1 1 } line-interface = { yes esf b8zs eligible middle-priority inband wink-start digi+
admin> list .. error: at highest level

Creating a new administrative profile

You use the new user command to create a new administrative profile. You must then activate and authenticate the new profile.
To creat e a new user profile based on the user profile admin, append admin to the new user command. The following example shows how to create a new user profile named test, with full administrative privileges:
admin> new user admin USER/admin read
admin> set name = test
admin> set password = test-pw
admin> write USER/admin written
To create a new user profile based on the user profile default, use the new user command with no additional arguments. The following example shows how to create a new user profile named test2, with default administrative privileges:
admin> new user USER/default read
admin> set name = test2
admin> set password = my-password
admin> write USER/test2 written
1-6 Stinger® Administration Guide
To activate a user profile, proceed as follows:
admin> read user test USER/test read
admin> set active-enabled = yes
admin> write USER/test2 written
If you are connected to the Stinger unit as a different user, use the auth command to log in as the administrator:
admin> auth user Password:

Enabling two level authentication

You can configure the system to require a second level of authentication for the following types of access to a Stinger unit or for any combination of the following:
Telnet access using system IP address

system console access
Administering a Stinger System
Managing administrative access to the unit

modem access

opening a session from a remote shelf to a host Stinger unit
By default, the system uses only single-level authentication.
If two-level authentication is enabled, at login, the system prompts the user to log in twice, each time with a different username and password.
Note After an NVRAM operation, the system defaults to a single level of
authentication.
To enable two-level authentication, you must perform the following tasks, in the following recommended order:
1 Create a second-level user profile and link it to a first level user profile.
2 Specify the type of access for which two-level authentication is required,
systemwide.
Note Before enabling two-level authentication for a system, make sure that you
have configured first-level and second-level user profiles for your system. If you configure the system to require two-level authentication without defining first-level and second-level user profiles, you might be unable to log into the system.
Settings in the user profile and comparable RADIUS attributes
To configure second-level authentication for a system, configure first and second level user profiles that define the user name and password for each login level. Then, specify a first-level profile for the second-level user profile.
You use the following parameters in the user profile to designate the login level for a user profile and to associate a first-level user profile with a second-level user profile. The comparable RADIUS attributes are also shown below.
Stinger® Administration Guide 1-7
Administering a Stinger System
Managing administrative access to the unit
Command-line interface parameter
RADIUS attribute Specifies
first-level-user Ascend-First-
Level-User
login-level
Ascend-User-Login­Level
A user cannot use a first-level user profile name and password to login for the second level of authentication or use a second-level user profile name and password to login at the first level of authentication.
If you are configuring the system for RADIUS support, keep the following in mind:
If the rad-serv-enable and rad-auth-client parameters are enabled in the external-auth by selecting the appropriate setting for the cli-user-auth parameter in the external-auth profile. If the system is set for single-level authentication, the
system uses the RADIUS server for single level authentication. If the system is configured for two-level authentication, RADIUS authentication also requires two levels of authentication.

For all telnet user accounts, first and second level, the attribute Ascend-Telnet­Profile must be set to a valid Stinger user profile.

For a second level user, the attribute Ascend-First-Level-User must specify a first-level user account.

The attributes Ascend-User-Login-Level and Ascend-First-Level-User must be set as part of the check list items in the telnet user account.
Name of a first-level user profile. The default setting is null. If possible, do not assign a first-level user profile to more than one second-level user profile.
Login level for this user profile. Specify one of the following values:

first-level (the default)—This user profile is to be used for first level authentication.

second-level—This user profile is to be used for second level authentication. If the login-level parameter is set to second-level, you must specify the name of a valid first-level user profile for the first-level-user parameter.
profile, external authentication is supported by a RADIUS server
1-8 Stinger® Administration Guide
Loading...
+ 344 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use