28 MDS™ Master Station MDS 05-6399A01, Rev. F
5.0 DEVICE MANAGEMENT
This section describes the steps for connecting a PC, logging in, and setting unit parameters. The
focus here is on the local serial/USB console interface, but other methods of connection are
available and offer similar capabilities. The key differences are with initial access and
appearance of data.
The MDS
™
Master Station offers several interfaces to allow device configuration and monitoring
of status and performance. These include local serial console, USB, NETCONF, HTTP/HTTPS,
and Secure Shell (SSH) for local and remote access via the WAN and LAN networks. The serial
console, USB, and SSH services offer a command line interface (CLI). There are three user
accounts/roles for management access: admin, tech, and oper. User accounts can be centrally
managed with a RADIUS server, with RADIUS accounts being mapped to one of the three user
accounts/roles. Refer to MDS Orbit MCR Technical Manual (05-6632A01) for details on
configuring RADIUS authentication.
The MDS™ Master Station is designed for high security environments. As such,
management of the device does not support Telnet, but instead implements the more
secure SSH protocol.
5.1 Pre-Configured Settings
The unit is highly configurable to meet field requirements, but comes pre-configured as follows:
• COM1 is configured at a baud rate of 115200, 8N1 for transparent serial payload for MPRS
master stations, and local console for MPRL master stations.
• COM2 is configured to operate at a baud rate of 115200, 8N1 and is enabled for local console
operation.
• USB is enabled for local console operation (proper system drivers must be installed on the
PC connected to the MDS
™
Master Station to use the USB port as a virtual serial device;
these drivers are available from the GE MDS website).
• The Ethernet ports are bridged together, with spanning-tree protocol either enabled
(MPRS), or disabled (MPRL), with a default IP address of 192.168.1.1/24.
5.2 One-Time “Recovery” Passwords
The MDS Orbit platform employs extensive security measures to prevent unauthorized access.
As such, there are no hidden manufacturer passwords or other “backdoors” found in less secure
products.
If a password is lost, there is no way to access the unit, except by using a one-time password
(OTP) for recovery. The user must create this OTP manually. Without a one-time password, the
unit will not be accessible, and the hardware will need to be replaced. The factory will not be
able to assist you if a password is lost, so creating a one-time password is strongly encouraged.
One-Time Passwords: How They Work
One-time recovery passwords put control directly and exclusively in the user’s hands. They are
similar to spare keys for a lock. If you make a spare key, and put it away safely, you can take it
out to quickly gain entry when your primary key is lost. If you don’t make a spare, you are
always at risk of locking yourself out.
To Next Page
Loading...