DOC 6501_Release V
ATS-6501 Users Guide
8
#allow ntp from anywhere
$cmd pass udp from any to me dst-port 123 keep-state
#allow snmp from anywhere
$cmd pass udp from any to me dst-port 161 keep-state
#$cmd pass tcp from any to me dst-port 161 keep-state
#$cmd pass udp from any to me dst-port 10161 keep-state
#$cmd pass tcp from any to me dst-port 10161 keep-state
# allow outgoing
$cmd pass ip from me to any keep-state
#deny all policy
$cmd drop ip from any to any
NOTE: This example file is loaded on each system in file:
/usr/tsc/site/firewall/allow_ssh_ntp_snmp.rules
2.2.5 USB Ports
The USB ports on the rear panel allow:
• Users to access the command port (94000-115200). See section 2.2.2.2. Users can
set the IP Address on the box following the instructions on section 2.2.3.B-C. The
system will automatically connect to the command port and provide the ATS-6501>
command prompt.
• The ATS-6501 to communicate with a 5071A Cesium Clock (94001-5071A). See
section 2.6.
Note: Microsemi recommends if you are going to use these cables they should be plugged into
the unit when it is powered on. If not, power the unit down, connect the desired cable(s) and
power the unit back up.
2.2.6 RADIUS Authentication
A radius server can be used to allow remote authentication. To configure, edit the
/etc/radius.conf file with the RADIUS server address and the shared password setup on the
Radius Server.
# $TSC$
#
# Note: Be sure to configure /etc/nsswitch.conf, /etc/pam.d/sshd
#
# Also be sure to add "gateway_user" to /etc/master.passwd (using the vipw command)
#
# gateway_user:*:1001:1001::0:0:Timing Solutions Corporation:/usr/tsc:/usr/tsc/bin/gateway
#
# RADIUS client config. The fields are
#
# Service type
# Server host
# Shared secret
# Timeout (optional)
# Retries (optional)
To Next Page
Loading...
