Advanced Configuration Features
57
Horizon Compact Release 1.01.00 Wireless Ethernet Product User Manual – Volume 2
only with each other and not any additional Horizon Compact systems. Once Unique Authentication is
set, the Horizon Compact only accepts Ethernet data from its peer. It ignores all other sources of traffic
arriving over the airwaves. Each node is programmed with its peer’s identification number. Use CLI
command get hw inventory. The Unit Serial Number is the identification number to be used. The
identification number corresponds to the Unit Serial Number of the peer
node. For example, endpoint A
has a Unit Serial Number ‘1234’ and endpoint B has Unit Serial Number ‘5678’. The peer identifier for
endpoint B is ‘1234’ (serial number of its peer) and the peer identifier for endpoint A is ‘5678’ (serial
number of its peer).
When you select Unique Authentication, you must set the authentication failure action.
3.7.3 Group Authentication
Group authentication is used when more than two Horizon Compact nodes communicate with each other
and are contained within a geographical area under the control of a service provider or enterprise. The
advantage of using Group Authentication for a group of Horizon Compact nodes is that only traffic
destined for that particular network is accepted.
A group of Horizon Compact nodes uses a group ID to establish inter-node communication.
Administrators create a group ID string consisting of up to eight characters. You must program the group
ID string on each node. The group ID string can consist of the characters 0 to 9, a to z, and A to Z. Illegal
characters that cannot be used are {! @ # $ % ^ &* (,) ; : ’ ” + - ~}.
3.7.4 Authentication Polling
When authentication is enabled, the system attempts to communicate (poll) a specified Horizon Compact
node every five seconds to re-authenticate the node. If the Authentication Mode is set to NONE, the
system does not attempt to authenticate.
When the corresponding nodes complete the authentication dialogue, the Horizon Compact reverts to
normal operation. Once the corresponding nodes respond, authentication is re-established, operation
reverts to normal, and any failure action reverts to normal.
The system reports an authentication failure if 24 polls receive no positive response. This means that
there must be an authentication failure for approximately two consecutive minutes before the system
determines there is a failure and reports it. An authentication failure is not necessarily an indication of a
failed transmission issue. There are other alarms for issues with the transmission path such as loss of
signal or loss of Ethernet traffic.
3.7.5 Authentication Failure Action
If authentication fails, you can specify how the Horizon Compact system responds:
• allow Ethernet traffic to continue to flow and do not raise an alarm , i.e., does
nothing.
• allow Ethernet traffic to continue to flow, but raise an alarm.
• block the flow of Ethernet traffic.
Note: When Authentication is enabled it is recommended that out-of-band management (via Port 2)
be used. This will prevent management access from being lost if an illegal attempt to access the
system occurs, causing authentication to lock out Ethernet traffic (includes management) from Port 1.
Note: Authentication takes place out–of–band.
To Next Page
Loading...