TechLibrary

ContentIndex

[+] Expand All

[-] Collapse All

TCA6000 and TCA6500 Timing Clients Installation and Configuration Guide
- Copyright and Trademark Information
- Table of Contents
- List of Figures
- List of Tables
- About the TCA6000 and TCA6500 Timing Clients
  - Documentation Conventions
  - Requesting Technical Support
- TCA6000 and TCA6500 Timing Client Overview
  - TCA6000 and TCA6500 Timing Client Description
    - TCA6000 and TCA6500 Timing Client Description
    - TCA6000 and TCA6500 Chassis Overview
- Installing and Setting Up a TCA6000 or TCA6500 Timing Client
  - Installing and Setting Up a TCA6000 or TCA6500 Timing Client
- Configuring and Upgrading the TCA6000 or TCA6500 Timing Client
  - Configuring a TCA6000 or TCA6500 Timing Client
    - TCA User Accounts Overview
      - Guidelines for User Account Management
    - Dynamic SSL Certificate Overview
    - Accessing the User Interface
    - Requirements for Using the Graphical User Interface
    - Accessing the Graphical User Interface
    - Changing/Resetting the Login Password for Admin User
    - Changing the IP Address
    - Setting IEEE 1588-2008 Precision Time Protocol (PTP) Parameters
    - Configuring Alarms
    - Configuring Traps
    - Creating SNMPv3 Users
    - Managing TCA User Accounts
    - Changing the Login Password for Read/Write User
    - Configuring User Authentication through RADIUS
    - Configuring RADIUS Accounting
    - Specifying Alarm Recipient E-Mail Address Destinations
      - Adding a User to the E-Mail List
      - Removing Users from the Alarm Event Recipient List
    - Resetting Factory Defaults
    - Stopping and Restarting the TCA6000 or TCA6500 Timing Client
  - Upgrading the TCA6000 and TCA6500 Software
- Understanding the TCA6000 and TCA6500 GUI
  - Understanding the TCA6000 and TCA6500 Login Page
  - Understanding the TCA6000 and TCA6500 Status Page
  - Understanding the TCA6000 and TCA6500 Config Page
    - Config Page Description
    - Accessing the Config Page
    - Understanding the Config Page
  - Understanding the TCA6000 and TCA6500 Admin Page
    - Admin Page Description
    - Accessing the Admin Page
    - Understanding the Admin Page
  - Understanding the TCA6000 and TCA6500 Log Page
    - Log Page Description
    - Accessing the Admin Page
    - Understanding the Log Page
- Troubleshooting a TCA6000 or TCA6500 Timing Client
  - Troubleshooting a TCA6000 or TCA6500 Timing Client
    - Event States and Alarm Types
    - Troubleshooting the TCA6000 or TCA6500 Timing Client Using the Event Log
- Appendixes
  - Using Telnet with the TCA6000 and TCA6500 Timing Clients
    - Accessing the Timing Client Using the CLI
    - Changing the IP Address of the Timing Client using the CLI
    - Resetting the Passwords of Both Admin User Account and Enable Mode to Factory Defaults
    - Using the CLI to View Status and Configuration Parameters
      - Options That You Can View in the CLI
      - Viewing an Option in the CLI
    - Using the CLI to Configure Timing Client Parameters
      - Elements that You Can Configure in the CLI
      - Using the CLI to Configure the Timing Client
    - Accessing the Timing Client Using SSH
  - Using the CLI to Configure PTP and Network Interface Parameters
    - Timing Client PTP Functions
    - PTP Profile Types
    - PTP Profile Configuration
    - Sync Source Selection
      - Configuration
      - Status Commands
    - Ethernet Port Network Configuration
      - Configuration
      - Status Commands
    - VLAN Port Association (optional)
      - Configuration Commands
      - Status Commands
  - Using the CLI to Configure User Authentication and RADIUS Accounting
    - User Authentication
      - Configuration Commands
      - Status Commands
    - RADIUS Accounting
      - Configuration Commands
      - Status Commands
  - Specifications
  - Agency Compliance
    - Agency Compliance
  - Cable Specification
    - Console Cable Specification
  - Warranty and Support
- Index
  - Index

admin page
accessing
alarm pane
config pane
description
password pane
service pane
understanding
upgrade pane
agency compliance
alarms
configuring
event states
types
antenna
mounting
mounting conditions    1, 2
mounting requirements

backup scp command
backup tftp command

clear alarm command
clear authlog command
clear daemon log command
clear eventlog command
clear ptp-stat command
clear syslog command
CLI    1
configuring the Timing Client using
options    1
viewing
using to view configuration
using to view status
commands
backup scp
backup tftp
clear alarm
clear authlog
clear daemon log
clear eventlog
clear ptp-stat
clear syslog
config 1/5MHz
config accounting
config accounting-level
config accounting-server add
config accounting-server del
config alarm-email-receiver
config alarm-profile
config antenna-cable-delay-compensation
config antenna-voltage
config auth-order
config change-password
config cli-banner-file
config cli-banner-text
config cli-timeout
config datetime
config dns0
config dns1
config domain
config dst
config e1 output loopback
config e1 output port
config enable-password
config eth0 auto-nego
config eth0 duplex
config eth0 ip
config eth0 ip-mode
config eth0 speed
config gps anti-jamming
config holdover-state
config hostname
config language
config password
config pps-squelch
config ppx
config primary-ptp-server
config ptp add server
config ptp slave
config radius-server add
config radius-server del
config secondary-ptp-server
config snmp contact
config snmp readonly-community
config snmp readwrite-community
config snmp-trap add
config snmp-trap del
config snmp-v3user add
config snmp-v3user del
config snr
config ssl-cert
config ssl-key
config sync-src-priority
config timezone
config unsecured-communication-protocols
config user add
config user class
config user del
config user password
config web
config web-mode
config web-timeout
ftp
halt
ping
reboot
reset config
reset password
restart ptp
restart timeprobe-agent
restore scp
restore tftp
save scp authlog
save scp daemonlog
save scp eventlog
save scp syslog
save tftp authlog
save tftp daemonlog
save tftp eventlog
save tftp syslog
scp
tftp
tftp license
compliance
config 1/5/10MHz command
config accounting
config accounting-level
config accounting-server add
config accounting-server del
config alarm-email-receiver command
config alarm-profile command
config antenna-cable-delay-compensation command
config antenna-voltage command
config auth-order
config change-password
config cli-banner-file
config cli-banner-text
config cli-timeout command
config datetime command
config dns0 command
config dns1 command
config domain command
config dst command
config e1 output loopback command
config e1 output port command
config enable-password command
config eth0 auto-nego command
config eth0 duplex command
config eth0 ip command
config eth0 ip-mode command
config eth0 speed command
config gps anti-jamming command
config holdover-state
config hostname command
config language command
config page
accessing
description
E1 pane
network pane
profile pane
PTP pane
RADIUS pane
SNMPv3 pane
timing pane
trap pane
understanding
Users pane
config password command
config pps-squelch
config ppx command
config primary-ptp-server command
config ptp add server command
config ptp slave command
config ptp slv disable command
config ptp slv domain command
config ptp slv dscp command
config ptp slv enable command
config ptp slv profile command
config ptp unicast acc-master add command
config ptp unicast acc-master del command
config ptp unicast announce command
config ptp unicast delay command
config ptp unicast duration command
config ptp unicast signaling command
config ptp unicast sync command
config radius-server add
config radius-server del
config secondary-ptp-server command
config snmp contact command
config snmp readonly-community command
config snmp readwrite-community command
config snmp-trap add command
config snmp-trap del command
config snmp-v3user add command
config snmp-v3user del command
config snr command
config ssl-cert command
config ssl-key command
config sync-src-priority command
config timezone command
config unsecured-communication-protocols command
config user add
config user class
config user del
config user password
config web command
config web-mode command
config web-timeout command
console cable
specifications
conventions
notice icons
customer support    1, 2
contacting JTAC

depth
dimensions
physical
Dynamic SSL certificate
overview

e-mail lists
adding users
removing users
elements
configurable in the CLI
EMC testing
enable mode password
reset by resetting the Timing Client
reset via CLI
reset via GUI
environmental specifications
event states

factory defaults
resetting
ftp command

graphical user interface
using

halt command
hardware
returning
height
humidity
operating

input voltage
installation instructions
Timing Client
installation requirements
IP address
assigning
changing
reserving

knowledge base

log page
accessing
AuthLog Pane
daemon Pane
description
EventLog Pane
SysLog Pane
understanding
login class
changing by Admin user
via GUI
login page
accessing
description
understanding

mounting conditions
minimal
optimal

notice icons

parameters
configuring (CLI)
password
changing for Admin user
via CLI
via GUI    1, 2
changing for Read-Only user by Admin user
via GUI
changing for Read/Write user by Admin user
via GUI
changing for Read/Write user by Read/Write user
via GUI
reset for Admin user
by resetting the Timing Client
via CLI
via GUI
physical dimensions
ping command
port LEDs
power
consumption
specifications
PTP
setting parameters

reboot command
requirements
installing
mounting the antenna
upgrade
reset config command
reset password command
restart ptp command
restart timeprobe-agent command
restore scp command
restore tftp command
returns
RMA

safety testing
save scp authlog command
save scp daemonlog command
save scp eventlog command
save scp syslog command
save tftp authlog command
save tftp daemonlog command
save tftp eventlog command
save tftp syslog command
scp command
SNMPv3
creating users
specifying contacts
software
upgrading using the CLI
upgrading using the GUI
specifications
console cable
environmental
power
SSH
status page
accessing
alarm pane
description
E1 pane
GPS pane
PTP pane
system pane
timing pane
understanding
support
support, technical     See technical support
system LEDs
understanding

technical support    1
contacting JTAC
telnet
temperature
operating
storage
tftp command
tftp license command
Timing Client
accessing using the CLI
description
installing
stopping and restarting
troubleshooting
unpacking
visually testing
traps
configuring
creating targets
deleting targets

unpacking the chassis
upgrading     See software
user account
admin password changing
via CLI
via GUI    1, 2
admin password reset
by resetting the Timing Client
via CLI
via GUI
creating Read-Only user
creating Read/Write user
deleting Read-Only user
via GUI
deleting Read/Write user
via GUI
guidelines
management
modifying
overview
Read-Only user password changing by Admin user
via GUI
Read/Write user password changing by Admin user
via GUI
Read/Write user password changing by Read/Write user
via GUI
user interface
accessing
requirements for using

warranty
width

Download This Guide

Download this guide: TCA6000 and TCA6500 Timing Clients Installation and Configuration Guide

Configuring User Authentication through RADIUS

The TCA6000 and TCA6500 Timing Clients support RADIUS server authentication, local authentication, or both based on the configured authentication order to authenticate the user logging in to the Timing Client.

When you configure the authentication order as RADIUS server authentication followed by the local authentication, the Timing Client passes the information about the logging user to the configured RADIUS servers for authentication. If any one of the RADIUS server successfully authenticates the user, then the Timing Client allows the user to login. If all the configured RADIUS servers fail to authenticate the user or configured RADIUS servers are not available, then the Timing Client performs the local authentication and allows the user to login after successful local authentication. The Timing Client blocks the logging user if both RADIUS and local authentication fails.

When you configure the authentication order as local authentication followed by the RADIUS server authentication, the Timing Client performs the local authentication to grant access to the logging user. If the local authentication fails to authenticate the user, then the Timing Client passes the information about the logging user to the configured RADIUS servers for authentication. If any one of the RADIUS server successfully authenticates the user, then the Timing Client allows the user to login. If all configured RADIUS servers fail to authenticate the user, then the Timing Client denies access to the logging user.

When you configure the authentication order as RADIUS server authentication only, the Timing Client passes the information about the logging user to the configured RADIUS servers for authentication. If any one of the RADIUS server successfully authenticates the user, then the Timing Client allows the user to login. If all configured RADIUS servers fail to authenticate the user, then the Timing Client denies access to the logging user. If all configured RADIUS servers are not available, then the Timing Client performs local authentication and allows the user to login after successful local authentication.

When you configure the authentication order as local authentication only, the Timing Client performs the local authentication to grant or deny access to the user logging in to the Timing Client.

Note:

The selection of RADIUS authentication server to authenticate user is based on the order in the RADIUS authentication server list.
The user authentication process is implemented only for the Access Request, Access Reject, and Access Accept messages.
The user authentication process is not supported for shell users.

The user authentication process protects the Timing Client from being accessed by unauthorized persons. The usage of RADIUS authentication servers provides the following advantages:

Management of multiple user credentials on remote machine for detailed logging.
Centralized user information and authentication process at one server.
No loss of user information due to Timing Client damage.

To configure user authentication process:

Click the Config tab.
Locate the RADIUS tab across the top tabs of the Config page. See Figure 13.
Figure 13: Timing Client Config Page—RADIUS Pane (Authentication)
Configure the RADIUS authentication server details.
Click the Save button to save the authentication server configuration.
Select the authentication order.
Click the Apply button to apply the configured authentication order.

The following sections describe RADIUS authentication server configuration and authentication order configuration:

Adding a New RADIUS Authentication Server Entry

To add a new RADIUS authentication server entry to the authentication server list:

Click the Config tab.
Locate the RADIUS tab across the top tabs of the Config page. See Figure 13.
In the Server IP field, enter the IP address of the RADIUS authentication server to be used for user authentication.
In the Port field, enter the port through which the specified RADIUS authentication server is contacted for user authentication.
In the Retry field, enter the number of attempts should be made for contacting the specified RADIUS authentication server.
In the Timeout field, enter the time in seconds till which the Timing Client waits for a response from the specified RADIUS authentication server.
In the Secret Word field, enter the password shared with the specified RADIUS authentication server.
Click the Save button to add the RADIUS authentication server entry in the RADIUS Authentication Servers window and memory.

Deleting a RADIUS Authentication Server Entry

To delete a RADIUS authentication server entry from the authentication server list:

Click the Config tab.
Locate the RADIUS tab across the top tabs of the Config page. See Figure 13.
In the RADIUS Authentication Servers window, click the RADIUS authentication server entry to be deleted.
Click the Delete button to remove the entry from the RADIUS Authentication Server window and memory.

Modifying a RADIUS Authentication Server Entry Details

To modify the details of a RADIUS authentication server entry existing in the authentication server list:

Click the Config tab.
Locate the RADIUS tab across the top tabs of the Config page. See Figure 13.
In the RADIUS Authentication Servers window, select the RADIUS authentication server entry to be modified.
Click the Edit button to populate the values of the selected RADIUS authentication server entry in the Server IP, Port, Retry, Timeout, and Secret Word fields.
Modify the populated values.
Click the Save button to save the changes done in the selected RADIUS authentication server entry.

Configuring Authentication Order

To configure the authentication order:

Click the Config tab.
Locate the RADIUS tab across the top tabs of the Config page. See Figure 13.
In the first drop box, select the type of authentication to be performed initially. Select:
- radius: To authenticate the user using the configured RADIUS authentication servers.
- local: To authenticate the user using local settings.
In the second drop box, select the type of authentication to be performed on failure or unavailability of initial authentication. Select:
- radius: To authenticate the user using the configured RADIUS authentication servers.
- local: To authenticate the user using local settings.
Click the Apply button to save the authentication order.