Chapter 6: Configuration and alignment This chapter describes how to use the web interface to configure the PTP 700 link. It also describes how to align antennas.
Chapter 6: Configuration and alignment Preparing for configuration and alignment Preparing for configuration and alignment This section describes the checks to be performed before proceeding with unit configuration and antenna alignment. Safety precautions All national and local safety standards must be followed while configuring the units and aligning the antennas. Warning Ensure that personnel are not exposed to unsafe levels of RF energy.
Chapter 6: Configuration and alignment Preparing for configuration and alignment Selecting configuration options Use the installation report to determine which configuration options are required. Refer to LINKPlanner on page 3-25. Generating license keys To obtain License Keys for capabilities that are not factory-installed, proceed as follows: 1 Identify and purchase access keys for the required capability upgrades by referring to ODU capability upgrades on page 2-8.
Chapter 6: Configuration and alignment Connecting to the unit Connecting to the unit This section describes how to connect the unit to a management PC and power it up. Configuring the management PC Use this procedure to configure the local management PC to communicate with the PTP 700. Procedure: 1 Select Properties for the Ethernet port. In Windows 7 this is found in Control Panel > Network and Internet > Network Connections > Local Area Connection.
Chapter 6: Configuration and alignment Connecting to the unit 4 Enter an IP address that is valid for the 169.254.X.X network, avoiding 169.254.0.0 and 169.254.1.1. A good example is 169.254.1.3: 5 Enter a subnet mask of 255.255.0.0. Leave the default gateway blank. Connecting to the PC and powering up Use this procedure to connect a management PC and power up the PTP 700. Procedure: 1 Check that the ODU and PSU are correctly connected.
Chapter 6: Configuration and alignment Using the web interface Using the web interface This section describes how to log into the PTP 700 web interface and use its menus. Logging into the web interface Use this procedure to log into the web interface as a system administrator. Procedure: 1 Start the web browser from the management PC. 2 Type the IP address of the unit into the address bar. The factory default IP address is 169.254.1.1. Press ENTER.
Chapter 6: Configuration and alignment Using the web interface Using the menu options Use the menu navigation bar in the left panel to navigate to each web page. Some of the menu options are only displayed for specific system configurations. Use Table 115 to locate information about using each web page.
Chapter 6: Configuration and alignment Main menu Using the web interface Menu option Web page information Installation Installation menu on page 6-9 Graphical Install Graphical Install page on page 6-113 Web Web-Based Management page on page 6-58 Management Local User Accounts Local User Accounts page on page 6-61 RADIUS Configuration RADIUS Configuration page on page 6-66 Login Information Login Information page on page 7-15 Web Properties Webpage Properties page on page 6-67 SNMP SNMP
Chapter 6: Configuration and alignment Installation menu Installation menu This section describes how to use the Installation Wizard to complete the essential system configuration tasks that must be performed on a new link. Caution If the system designer has provided a list of channels to be barred for TDWR radar avoidance, the affected channels must be barred before the units are allowed to radiate on site, otherwise the regulations will be infringed.
Chapter 6: Configuration and alignment Installation menu Disarm Installation page Menu option: Installation (Figure 123). This page is displayed only when unit is armed. Figure 123 Disarm Installation page (top and bottom of page shown) To disarm the unit, click Disarm Installation Agent. Current Installation Summary page Menu option: Installation (Figure 124). This page is displayed only when unit is not armed.
Chapter 6: Configuration and alignment Installation menu Software License Key page Menu option: Installation. Use this page to configure the unit with a new License Key and to review the capabilities of an installed License Key. The appearance of this page varies depending upon which capabilities are enabled by the entered license key.
Chapter 6: Configuration and alignment Installation menu Figure 126 Software License Key page (TDM, IPv6 and other capabilities) Page 6-12
Chapter 6: Configuration and alignment Installation menu Procedures: Note Full capability is available only when both ODUs have the trial active or are already licensed to operate with that capacity. When the trial has started, the Software License Key page displays the Trial Period Remaining attribute (Figure 128). This shows the number of days remaining before the full capability trial period expires.
Chapter 6: Configuration and alignment Installation menu Interface Configuration page Menu option: Installation. Use this page to update the IP interface attributes. The appearance of this page varies depending upon which capabilities have been enabled by license key.
Chapter 6: Configuration and alignment Installation menu Figure 130 Interface Configuration page (IPv6, Aux, SFP, Second Data Service and OOB support) Page 6-15
Chapter 6: Configuration and alignment Installation menu Figure 131 Interface Configuration page (TDM support) Table 116 Interface Configuration attributes Attribute Meaning IP Version The internet protocols to be supported by this ODU: IPv4: IPv4 protocols only. IPv4 attributes are displayed. IPv6: IPv6 protocols only. IPv6 attributes are displayed. Dual IPv4 and IPv6: Both IPv4 and IPv6 protocols. IPv4 and IPv6 attributes are displayed. IPV4 Address The IPv4 internet protocol address.
Chapter 6: Configuration and alignment Installation menu Attribute Meaning Gateway IP Address The IPv4 address of a computer on the current network that acts as an IPv4 gateway. A gateway acts as an entrance and exit to frames from and to other networks. IPv6 Address The IPv6 internet protocol address. This address is used by the family of Internet protocols to uniquely identify this unit on a network. IPv6 Prefix Length Length of the IPv6 subnet prefix (default 64 bits).
Chapter 6: Configuration and alignment Installation menu Attribute Meaning Data Service The port selection for the Data Service: Main PSU Port: The Data Service is connected to the Main PSU Port Aux Port: The Data Service is connected to the Aux Port SFP Port: The Data Service is connected to the SFP Port The Aux Port and SFP Port options are displayed if these ports are enabled in the license key. The Data Service must always be assigned to one of the three wired ports.
Chapter 6: Configuration and alignment Installation menu Configuring port allocations with TDM When TDM is enabled, the Data Service is mapped to the Main PSU Port with no other options presented to the user. Mapping of the Second Data Service, Management Service and Local Management Service have standard options consistent with the Data Service mapping. Table 117 Interface Configuration TDM attributes Attribute Meaning TDM Interface Only displayed when TDM is enabled by license key.
Chapter 6: Configuration and alignment Installation menu PTP 700 supports exactly one instance of the Data Service, and this service is always mapped to one of the three wired ports. It is not possible to operate a link without any port selected to the Data Service. PTP 700 supports zero or one instances of the optional Second Data Service. The Second Data Service is enabled by a license key field, and is automatically licensed in any unit with a Full capacity license.
Chapter 6: Configuration and alignment Installation menu Wireless Configuration page Menu option: Installation (Figure 132). This page is part of the Installation Wizard. Use it to update the wireless attributes. Figure 132 Wireless Configuration page Procedure: • Update the attributes (Table 118). • To save any changes and continue with the Installation Wizard, click Next or click Submit Wireless Configuration.
Chapter 6: Configuration and alignment Installation menu Warning When installing the PTP 700 ATEX/HAZLOC product variants in hazardous locations, follow the instructions contained in the PTP 700 Series Hazardous Location Guide (supplied in box with the products), in addition to the instructions in this user guide. Caution The lower center frequency attribute must be configured to the same value for both the Master and Slave, otherwise the wireless link will fail to establish.
Chapter 6: Configuration and alignment Installation menu Attribute Meaning Dual Payload Disabled: The link maximizes robustness against fading and interference. Enabled: The link attempts to reach maximum throughput at the expense of robustness against fading and interference. Max Receive Modulation Mode The maximum mode the unit will use as its adaptive modulation. By default the Max Receive Modulation Mode is the highest mode available.
Chapter 6: Configuration and alignment Installation menu Attribute Meaning Link Symmetry Only displayed when Master Slave Mode is set to Master. Adaptive: Allows link symmetry to vary dynamically in response to offered traffic load. This is not supported in the following cases: • Where radar avoidance is mandated in the region. • Link Mode Optimization is set to TDM Traffic.
Chapter 6: Configuration and alignment Installation menu Attribute Meaning Fixed Tx Frequency, Fixed Rx Frequency This is only displayed when Spectrum Management Control is set to Fixed Frequency. The settings must be compatible at each end of the link. Once configured, the spectrum management software will not attempt to move the wireless link to a channel with lower co-channel or adjacent channel interference.
Chapter 6: Configuration and alignment Installation menu Attribute Meaning Ranging Mode This can only be modified if Installation Mode is Arm With Tones or Arm Without Tones. Auto..: During alignment, the wireless units use algorithms to calculate link range. To implement automatic ranging, select a value that corresponds to the estimated maximum range of the link: Auto 0 to 40 km (0 to 25 miles). Auto 0 to 100km (0 to 62 miles). Auto 0 to 200km (0 to 125 miles).
Chapter 6: Configuration and alignment Installation menu TDD synchronization page (optional) If TDD Synchronization Mode is set to Enabled in the Step 2: Wireless Configuration page, the Step 3: TDD Synchronization page (Figure 133) is the third Installation Wizard page. For more information on the available options, refer to Configuration options for TDD synchronization on page 3-31. Procedure: • Update the attributes (Table 119). • Click Next.
Chapter 6: Configuration and alignment Installation menu Table 119 TDD Synchronization attributes Attribute Meaning Cluster Master Slave Cluster Master: The first ODU in the synchronization chain. Cluster Slave: The second or subsequent ODU in the chain. PTP-SYNC Site Reference Internal: Standalone operation with no external timing reference. Max Burst Duration The maximum duration of the burst opportunity. Select a value in the range 544 to 2176 microseconds.
Chapter 6: Configuration and alignment Installation menu Confirm Installation Configuration page Menu option: Installation (Figure 134). Use this page to review and confirm the updated wireless configuration of the unit. Figure 134 Confirm Installation Configuration page (top and bottom of page shown) Procedure: • To undo or correct any updates, click Back. • To confirm the updates and arm the installation, click Confirm Configuration and Reboot and click OK to reboot the unit.
Chapter 6: Configuration and alignment System menu System menu This section describes how to configure the IP and Ethernet interfaces of the PTP 700 unit. System Configuration page Menu option: System > Configuration (Figure 135). Use this page to enable AES encryption and to review and update key wireless attributes of the unit.
Chapter 6: Configuration and alignment System menu Figure 136 Mute Transmitter control in System Configuration page Caution Configuring link encryption over an operational link will necessitate a service outage. Therefore, the configuration process should be scheduled during a period of low link utilization.
Chapter 6: Configuration and alignment System menu Attribute Meaning IP Address Label Read only. The IP Address version used to identify the unit in SMTP messages, fault logs and other system outputs. IPv4 or IPv6: The unit is identified using its IPv4 or IPv6 Address. These options are only available when IP Version is set to Dual IPv4 and IPv6 in the in the LAN Configuration page (Table 121).
Chapter 6: Configuration and alignment System menu Attribute Meaning EIRP Only displayed when the ODU is connectorized. Effective Isotropic Radiated Power (EIRP) describes the strength of the radio signal leaving the wireless unit. Use it to verify that the link configuration (Max Transmit Power, Antenna Gain and Cable Loss) does not exceed any applicable regulatory limit. Read only. ATPC Peer Rx Max Power ATPC maximum receive power level at the remote ODU.
Chapter 6: Configuration and alignment System menu LAN Configuration page Menu option: System > Configuration > LAN Configuration. Use this page to control how users connect to the PTP 700 web interface, either from a locally connected computer or from a management network. The appearance of this page varies depending upon which features have been enabled by license key.
Chapter 6: Configuration and alignment System menu Figure 137 LAN Configuration page (Aux and OOB support) Page 6-35
Chapter 6: Configuration and alignment System menu Figure 138 LAN Configuration page (TDM support) Page 6-36
Chapter 6: Configuration and alignment System menu Figure 139 LAN Configuration page (SFP support) Procedure: 1 Review and update the attributes: IP Interface (Table 121); Main PSU or Aux Port (Table 122); Bridging (Table 124).
Chapter 6: Configuration and alignment System menu 2 To save changes, click Submit Updated System Configuration. The system may reboot. 3 If Main PSU Port is selected for Data Service only (and not for Management Service), connect management PC to the port (Aux or SFP) that was selected for Management or Local Management Service 4 If IP Address, Subnet Mask or Gateway IP Address have been changed, reconfigure the local management PC to use an IP address that is valid for the network.
Chapter 6: Configuration and alignment System menu Attribute Meaning Ethernet Loopback Mode Sets a temporary loopback between the selected ports. The loopback is disabled on a reboot. This mode is provided to allow access to a device connected to the local ODU Aux port via either the main PSU or SFP port. Loopback does not work with jumbo frames: the maximum frame size is 1536 bytes in loopback.
Chapter 6: Configuration and alignment System menu Attribute Meaning Auto Negotiation Disabled: Configuration of the Ethernet interface is forced. Enabled: Configuration of the Ethernet interface is automatically negotiated (default). This is the preferred setting. Use the same setting for the Ethernet link partner. Auto Neg Advertisement Forced Configuration Auto Mdix Only displayed when Auto Negotiation is set to Enabled.
Chapter 6: Configuration and alignment System menu Attribute Meaning Forced Configuration Only displayed when SFP Port Auto Negotiation is set to Disabled and SFP port is connected with copper module. This forces the speed and duplex setting of the Ethernet interface. Over-the-air throughput will be capped to the rate of the Ethernet interface at the receiving end of the link. Select a data rate that is within the capability of the Ethernet link partner.
Chapter 6: Configuration and alignment System menu Attribute Meaning Sync E Tracking Disabled: The synchronous Ethernet feature is disabled. Synchronization Status Messages received at the Main PSU port will be discarded. Enabled: The synchronous Ethernet feature is enabled. Internal TDM Use Only: Sync E Tracking is enabled, but is being used internally as part of the TDM feature. Sync E is not available to relay synchronization between external network equipment.
Chapter 6: Configuration and alignment System menu Attribute Meaning Transparent Clock Disabled: The Transparent Clock function is disabled. IEEE 15882008 event frames will be forwarded, but residence time corrections will not be made. Enabled: The Transparent Clock function is enabled. Residence time corrections will be made to IEEE 1588-2008 event frames. Transparent Clock Port This specifies the transparent clock source port. It can be Main PSU or SFP Fiber.
Chapter 6: Configuration and alignment System menu QoS Configuration page Menu option: System > Configuration > QoS Configuration (Figure 140 or Figure 141 or Figure 142). Use this page to control the quality of service configuration. Classification may be based on fields in the Ethernet header (Layer 2) or in the network header (Layer 3). The unit recognizes two network layer protocols: IP and MPLS.
Chapter 6: Configuration and alignment System menu Figure 141 QoS Configuration page (IP/MPLS) Page 6-45
Chapter 6: Configuration and alignment System menu Figure 142 QoS Configuration page showing Out-of-Band Management Procedures: • Review and update the attributes (Table 127, Table 128 and Table 129). • To use IEEE 802.1Q classification rules, click Reset Default Priority Mappings. • To save changes, click: Submit Updated Configuration. Note Priority mapping must be configured the same at both Master and Slave units on the wireless link.
Chapter 6: Configuration and alignment System menu Table 127 QoS Configuration attributes – Data Service Attribute Meaning Bridge The classification of each layer 2 control protocol (L2CP) to an egress queue at the wireless port. MRP CFM R-APS EAPS Data Priority Scheme Ethernet: Classification is based on fields in the Ethernet header (Layer 2). IP/MPLS: Classification is based on fields in the network header (Layer 3). IP includes IPv4 and IPv6.
Chapter 6: Configuration and alignment System menu Figure 143 SFP Configuration page (optical SFP module) Figure 144 SFP Configuration page (copper SFP module) Procedure (only applies when copper SFP module is installed): • • Update the attributes o When optical SFP module is installed (Table 133). o When copper SFP module is installed (Table 131) To save changes, click Submit Updated System Configuration.
Chapter 6: Configuration and alignment System menu Attribute Meaning SFP Port Auto Negotiation Disabled: Configuration of the Ethernet interface is forced. This is to be used as a last resort only if auto-negotiation fails. Enabled: Configuration of the Ethernet interface is automatically negotiated (default). This is the preferred setting. Table 131 SFP Configuration (copper SFP module) attributes Attribute Meaning SFP Port Auto Negotiation Disabled: Configuration of the fiber interface is forced.
Chapter 6: Configuration and alignment System menu TDM Configuration page Menu option: System > Configuration > TDM Configuration (Figure 145). Use this page to control how the unit handles E1 or T1 channels over the wireless bridge. This page is only available when the TDM interface is enabled and the unit is rebooted (Interface Configuration page on page 6-14). Procedure: • Update the attributes (Table 132). • To save changes, click Submit Updated TDM Configuration.
Chapter 6: Configuration and alignment System menu Table 132 TDM Configuration attributes Attribute Meaning TDM Interface Control Display only. Defined in Table 117. TDM Local MAC Address Display only. MAC address of the local NIDU. TDM Remote MAC Address Display only. MAC address of the remote NIDU. License Max Number of TDM Channels Display only. Defined in Table 117. TDM Enabled Channels Display only. Defined in Table 117. TDM Channel Line Code n Defined in Table 117.
Chapter 6: Configuration and alignment System menu Save and Restore Configuration page Menu option: System > Configuration > Save And Restore (Figure 146). Use the Save & Restore Configuration page to take a snapshot of the latest system configuration as a backup. The file can then be used to restore this unit to a known state, or to configure a replacement unit to the same state. The configuration values are encrypted for security.
Chapter 6: Configuration and alignment System menu Note The license key is restored automatically if the configuration file is saved and then loaded on the same unit. However, the license key is not restored if the configuration file is loaded on a different unit. Before restoring configuration to a different PTP 700 unit, ensure that a valid license key is installed (with optional capabilities enabled where appropriate). Most of the configuration can be restored from the backup.
Chapter 6: Configuration and alignment System menu The Reset Configuration page resets the configuration to default settings. After successful execution of Reset Configuration, the ODU reboots and is then accessible via the default IP address (i.e. 169.254.1.1). Figure 147 Reset Configuration page Procedure: • Click Reset Configuration. The user pop up box is displayed to reconfirm: • Click OK to restore configuration to the default settings and reboot of unit.
Chapter 6: Configuration and alignment System menu Software Upgrade page Menu option: System > Software Upgrade (Figure 148). Use this page to upgrade the unit to a new version of PTP 700 operational software. Figure 148 Software Upgrade page Caution Ensure that the correct units are upgraded, as units cannot easily be downgraded afterwards. Caution Software version must be the same at both ends of the link.
Chapter 6: Configuration and alignment System menu 2 On the Cambium Support web page, select the latest PTP 700 software image (dld2 file) and save it to the local management PC. 3 On the Software Upgrade page, click Browse. Navigate to the folder containing the downloaded software image and click Open. 4 Click Upload Software Image. The Software Upgrade Confirmation page is displayed: 5 Click Program Software Image into Non-Volatile Memory. The Progress Tracker page is displayed.
Chapter 6: Configuration and alignment System menu Note The unit will not upload FIPS versions of the software unless the unit has the AES encryption and FIPS licenses installed. Note CSPs are automatically zeroized if FIPS software is loaded in a unit to replace standard (non-FIPS) software, or standard (non-FIPS) software is loaded in a unit to replace FIPS software.
Chapter 6: Configuration and alignment Management menu Management menu This section describes how to configure web-based management of the PTP 700 unit. Web-Based Management page Menu option: Management > Web (Figure 149). Use this page to configure web-based management of the unit.
Chapter 6: Configuration and alignment Management menu Procedure: • Review and update the attributes (Table 133). • To save changes, click Submit Updated Configuration. Table 133 Web-Based Management attributes Attribute Meaning HTTPS Access Enabled Only displayed when HTTPS is configured. No: The unit will not respond to any requests on the HTTPS port. Yes: The unit will respond to requests on the HTTPS port. HTTPS Port Number Only displayed when HTTPS is configured.
Chapter 6: Configuration and alignment Management menu Attribute Meaning Cross Site Request Forgery Protection Enabled: The system is protected against cross-site request forgery attacks at the web-based interface.
Chapter 6: Configuration and alignment Management menu Local User Accounts page Menu option: Management > Web > Local User Accounts. The contents of this page depend upon the setting of Identity Based User Accounts: Disabled (Figure 150) or Enabled (Figure 151). Use this page to ensure that user access to the web-based management interface is controlled in accordance with the network operator’s security policy.
Chapter 6: Configuration and alignment Management menu Figure 151 Local User Accounts page (Identity Based User Accounts enabled) Page 6-62
Chapter 6: Configuration and alignment Management menu Procedure: • Choose whether to set Identity Based User Accounts to Disabled or Enabled. • Review and update the Local User Account Management attributes (Table 134). • If Identity Based User Accounts is set to Enabled: • o Review and update the Password Complexity Configuration attributes (Table 135). To reset all attributes to the best practice values, click Set Best Practice Complexity.
Chapter 6: Configuration and alignment Management menu Attribute Meaning Best practice Minimum Password Length The minimum number of characters required in passwords. 10 Password Can Contain User Name No: Passwords must not contain the user name. No Minimum Mandatory Characters The minimum number of lowercase, uppercase, numeric and special characters required in passwords. Yes: Passwords may contain the user name.
Chapter 6: Configuration and alignment Management menu Note Password Complexity must be set to Best Practice Complexity in FIPS 140-2 secure mode. Table 136 Identity-based user accounts attributes Attribute Meaning Name Enter a user name. Role Select a role from the list: Security Officer, System Administrator or Read Only. Password Enter a password for the user. Passwords must comply with the complexity rules (Table 135). Password Confirm Retype the password to confirm.
Chapter 6: Configuration and alignment Management menu RADIUS Configuration page Menu option: Management > Web > Radius Configuration (Figure 152). Use this page to configure RADIUS authentication. RADIUS authentication is only available when PTP 700 is configured for Identity-based User Accounts and when RADIUS servers are connected to the network. Figure 152 RADIUS Configuration page Note Only users with Security Officer role are permitted to configure RADIUS authentication.
Chapter 6: Configuration and alignment Management menu Table 137 RADIUS Authentication attributes Attribute Meaning RADIUS Client Enabled Enabled: PTP 700 users may be authenticated via the RADIUS servers. Disabled: RADIUS authentication is not used. This may only be selected if at least one user with Security Officer privileges exists. RADIUS Primary Server Specifies the primary server, determining the order in which the servers are tried.
Chapter 6: Configuration and alignment Management menu Figure 153 Webpage Properties page Procedure: • Update the attributes (Table 138). • Click Apply Properties. Table 138 Webpage Properties attributes Attribute Meaning Web Properties View Summary and Status pages without login: Distance Units • If ticked (the default setting), users can view the Summary and Status web pages without entering a password.
Chapter 6: Configuration and alignment Management menu Attribute Meaning Send HTTPS Close Notify Alerts Only displayed when HTTPS is configured. Controls whether or not the HTTPS server sends TLS Close Notify Alerts before it shuts down each socket. Disabled: TLS Close Notify Alerts are not sent before closing each socket. This is the default because these alerts can cause problems with some browsers (e.g. Internet Explorer) Enabled: TLS Close Notify Alerts are sent before closing each socket.
Chapter 6: Configuration and alignment Management menu Table 139 Browser Title attribute variables Variable Meaning $siteName Site Name, as set in the System Configuration page (Table 120). $linkName Link Name, as set in the System Configuration page (Table 120). $masterSlaveMode Master Slave Mode, as set in the Step 2: Wireless Configuration page (Table 118).
Chapter 6: Configuration and alignment Management menu Email Configuration page Menu option: Management > Email (Figure 154). Use this page to enable the PTP 700 to generate Simple Mail Transfer Protocol (SMTP) email messages to notify the system administrator when certain events occur. Figure 154 Email Configuration page Procedure: • Update the attributes (Table 140). • Click Submit Updated Configuration. The Configuration Change Reboot dialog is displayed.
Chapter 6: Configuration and alignment Management menu Table 140 Email Configuration attributes Attribute Meaning SMTP Email Alert Controls the activation of the SMTP client. SMTP Enabled Messages The SMTP Enabled Messages attribute controls which email alerts the unit will send. SMTP Server Internet Address The IPv4 or IPv6 Address of the networked SMTP server. SMTP Server Port Number The SMTP Port Number is the port number used by the networked SMTP server.
Chapter 6: Configuration and alignment Management menu Diagnostic Alarms page Menu option: Management > Diagnostic Alarms (Figure 155). Use this page to select which diagnostic alarms will be notified to the system administrator. Figure 155 Diagnostic Alarms page Procedure: • Tick the required alarms. These alarms are described in Alarms on page 7-17. • Click Submit Updated Configuration.
Chapter 6: Configuration and alignment Management menu Time Configuration page Menu option: Management > Time (Figure 156 and Figure 157). Use this page to set the realtime clock of the PTP 700. Setting the real-time clock manually Use this procedure to keep time without connecting to a networked time server. If SNTP is disabled, it will be necessary to reset the time manually after each system reboot. Procedure: • Set SNTP State to Disabled (Figure 156).
Chapter 6: Configuration and alignment Management menu Procedure: • Set the SNTP State attribute to Enabled (Figure 157). • Review and update the SNTP clock attributes (Table 142). • Click Submit Updated Configuration.
Chapter 6: Configuration and alignment Management menu Figure 157 Time Configuration page (SNTP enabled) Page 6-76
Chapter 6: Configuration and alignment Management menu Table 142 SNTP clock attributes Attribute Meaning SNTP State Enabled: the ODU will obtain accurate date and time updates from a networked time server. SNTP Primary Server Specifies the primary SNTP server, determining the order in which the servers are tried. SNTP Primary Server Dead Time Time (in seconds) to wait before retrying communications with an unresponsive primary SNTP server. Setting the value to zero disables the timer.
Chapter 6: Configuration and alignment Management menu Attribute Meaning Daylight Saving Disabled: Daylight saving adjustments will not be applied to the time. Enabled: Daylight saving adjustments will be applied to the time, according to local rules. To set the clock to UTC time, set Daylight Saving to Disabled. Syslog Configuration page Menu option: Management > Syslog > Syslog configuration (Figure 158). Use this page to configure system logging.
Chapter 6: Configuration and alignment Management menu Procedure: • Update the attributes (Table 143). • Click Submit Updated Configuration. Table 143 Syslog Configuration attributes Attribute Meaning Syslog State When system logging is enabled, log entries are added to the internal log and (optionally) transmitted as UDP messages to one or two syslog servers. Syslog Client Enabled: Event messages are logged. Disabled: Event messages are not logged.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) SNMP pages (for SNMPv3) This section describes how to configure Simple Network Management Protocol version 3 (SNMPv3) traps using the SNMP Wizard. Current SNMP Summary (for SNMPv3) Menu option: Management > SNMP (Figure 159). Use this page to review the current SNMP configuration and start the SNMP Wizard. Figure 159 Current SNMP Summary page (when SNMP is disabled) Procedure: • Review the summary.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Step 1: SNMP Configuration (for SNMPv3) Menu option: Management > SNMP. Part of the SNMP Wizard (Figure 160). Use this page to enable SNMP, select SNMPv3 and configure access to the SNMP server. Figure 160 Step 1: SNMP Configuration page (for SNMPv3) Procedure: • Set SNMP State to Enabled. • Set SNMP Version to v3. The page is redisplayed with SNMPv3 attributes. • Update the attributes (Table 144). • Click Next.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Table 144 Step 1: SNMP Configuration attributes (for SNMPv3) Attribute Meaning SNMP Minimum Privilege Level Minimum security level which is permitted to administer SNMP security settings. Only displayed when Identity Based User Accounts are Enabled on the User Accounts page (Table 134). SNMP State Enables or disables SNMP. SNMP Access Control Enables or disables access control to SNMP management by IP address.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Step 2: SNMP MIB-II System Objects (for SNMPv3) Menu option: Management > SNMP. Part of the SNMP Wizard (Figure 161). Use this page to enter details of the SNMP managed node. Figure 161 Step 2: SNMP MIB-II System Objects page (for SNMPv3) Procedure: • Update the attributes (Table 145). • Click Next.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Step 3: SNMP User Policy Configuration (for SNMPv3) Menu option: Management > SNMP. Part of the SNMP Wizard (Figure 162). This page is only displayed when SNMP Security Mode is set to Web-based in the Step 1: SNMP Configuration page. Use this page to configure which authentication and privacy protocols are required for SNMP users with roles System administrator and Read only. Procedure: • Update the attributes (Table 146). • Click Next.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Attribute Meaning Privacy Protocol The privacy protocol to be used to access the PTP 700 via SNMP. This is disabled when Security Level is set to No Auth No Priv or Auth No Priv. DES: Data Encryption Standard (DES) symmetric encryption protocol. AES: Advanced Encryption Standard (AES) cipher algorithm.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Attribute Meaning Name Name to be used by the SNMP user to access the system. Role Selects which of the two web-based security profiles are applied to this user: System administrator or Read only. Select Disabled to disable the SNMP account. Auth/Priv Indicates whether the Passphrase applies to authentication or privacy protocols.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Figure 164 Step 5: SNMP Trap Configuration page (for SNMPv3) Procedure: • Update the attributes (Table 148). • Click Next.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv3) Table 148 Step 5: SNMP Trap Configuration attributes (for SNMPv3) Attribute Meaning SNMP Enabled Traps Select the events that will generate SNMP traps. SNMP Trap Receiver 1 and SNMP Trap Receiver 2: SNMP Trap Receiver Enabled Disabled: SNMP traps are not sent to the corresponding SNMP Trap Receiver (1 or 2). Enabled: SNMP traps are sent to the corresponding SNMP Trap Receiver (1 or 2).
Chapter 6: Configuration and alignment SNMP pages (for SNMPv1/2c) SNMP pages (for SNMPv1/2c) This section describes how to configure Simple Network Management Protocol version 1 or 2c (SNMPv1 or SNMPv2c) traps using the SNMP Wizard. Current SNMP Summary (for SNMPv1/2c) Menu option: Management > SNMP (Figure 159). Use this page to review the current SNMP configuration and start the SNMP Wizard. Procedure: • Review the summary. • If any updates are required, click Continue to SNMP Wizard.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv1/2c) Procedure: • Set SNMP State to Enabled. • Set SNMP Version to v1/2c. The page is redisplayed with SNMPv1/2c attributes. • Update the attributes (Table 149). • Click Next. Table 149 Step 1: SNMP Configuration attributes (for SNMPv1/2c) Attribute Meaning SNMP Minimum Privilege Level Minimum security level which is permitted to administer SNMP security settings.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv1/2c) Step 3: SNMP Trap Configuration (for SNMPv1/2c) Menu option: Management > SNMP. Part of the SNMP Wizard (Figure 167). Figure 167 Step 3: SNMP Trap Configuration page (for SNMPv1/2c) Procedure: • Update the attributes (Table 150). • Click Next.
Chapter 6: Configuration and alignment SNMP pages (for SNMPv1/2c) Table 150 Step 3: SNMP Trap Configuration attributes (for SNMPv1/2c) Attribute Meaning SNMP Trap Version Select the SNMP protocol version to use for SNMP traps: v1 or v2c. SNMP Enabled Traps Select the events that will generate SNMP traps. SNMP Trap Receiver Enabled Disabled: SNMP traps are not sent to the corresponding SNMP Trap Receiver (1 or 2). Enabled: SNMP traps are sent to the corresponding SNMP Trap Receiver (1 or 2).
Chapter 6: Configuration and alignment Security menu Security menu This section describes how to configure HTTPS/TLS security using the Security Wizard. To configure security for the FIPS 140-2 approved mode, read this section and additionally read Configuring security for FIPS 140-2 applications on page 6-105. Caution Ensure that the operator’s security requirements are configured before connecting the PTP 700 to the network. Otherwise, security may be compromised.
Chapter 6: Configuration and alignment Security menu Security Configuration Wizard page Menu option: Security. Displayed only when AES encryption is enabled by license key (Figure 169). Use this page to review the current security configuration of the unit. Figure 169 Security Configuration Wizard page Procedure: • To continue with the Security Wizard, click Continue to Security Wizard. Step 1: Enter Key of Keys Menu option: Security. Part of the Security Wizard (Figure 170).
Chapter 6: Configuration and alignment Security menu Use this page to enter a Key of Keys to encrypt all critical security parameters (CSPs) before they are stored in non-volatile memory. Figure 170 Step 1: Enter Key of Keys page Caution Erasing or changing the key of keys resets all CSPs. Procedure: • Enter and confirm the generated Key of Keys. • Click Next.
Chapter 6: Configuration and alignment Security menu Step 2: Enter TLS Private Key and Public Certificate Menu option: Security. Part of the Security Wizard (Figure 171). Use this page to select and upload the TLS Private Key and Public Certificate files. Figure 171 Step 2: Enter TLS Private Key and Public Certificate page Caution If the certificates expire, your web browser will display security warnings.
Chapter 6: Configuration and alignment Security menu Step 3: Enter User Security Banner Menu option: Security. Part of the Security Wizard (Figure 172). Use this page to enter a banner that will be displayed every time a user attempts to login to the wireless unit. Figure 172 Step 3: Enter User Security Banner page Procedure: • Update the User Defined Security Banner (optional). • Set the Acknowledgement to No or Yes. • Click Next.
Chapter 6: Configuration and alignment Security menu Step 4: Enter Login Information Settings Menu option: Security. Part of the Security Wizard (Figure 173). Use this page to choose whether or not to display information about previous login attempts when the user logs into the web interface. Figure 173 Step 4: Enter Login Information Settings page Procedure: • Set Display Login Information to No or Yes. • Click Next.
Chapter 6: Configuration and alignment Security menu Step 5: Enter Random Number Entropy Input Menu option: Security. Part of the Security Wizard (Figure 174). Use this page to enter entropy input to seed the internal random number algorithm. Figure 174 Step 5: Random Number Entropy Input page Procedure: • If valid entropy input exists, then an SHA-1 thumbprint of the input is displayed. If this input is correct, then take no action.
Chapter 6: Configuration and alignment Security menu Step 6: Enter Wireless Link Encryption Key Menu option: Security. Part of the Security Wizard (Figure 175). Use this page to enable AES encryption and enter the encryption key. The wireless link encryption key is used to encrypt all traffic over the PTP 700 wireless link. Figure 175 Step 6: Enter Wireless Link Encryption Key page Procedure: • Select the applicable value in the Encryption Algorithm field.
Chapter 6: Configuration and alignment Security menu Step 7: Enter HTTP and Telnet Settings Menu option: Security. Part of the Security Wizard (Figure 176). Use this page to configure network management of the PTP 700 using one or more of the following methods: HTTPS, HTTP, Telnet or SNMP. Figure 176 Step 7: Enter HTTP and Telnet Settings page Caution If HTTPS, HTTP, Telnet and SNMP are all disabled, management access will be impossible until the unit is placed in recovery mode.
Chapter 6: Configuration and alignment Security menu Table 151 HTTP and Telnet attributes Attribute Meaning HTTPS Port Number The port number for HTTPS access. Zero means use the default port. HTTP Access Enabled No: The unit will not respond to any requests on the HTTP port. Yes: The unit will respond to requests on the HTTP port. Remote management via HTTPS is not affected by this setting. HTTP Port Number The port number for HTTP access. Zero means use the default port.
Chapter 6: Configuration and alignment Security menu Step 8: Commit Security Configuration Menu option: Security. Part of the Security Wizard (Figure 177). Use this page to review and confirm the updated security configuration of the unit.
Chapter 6: Configuration and alignment Security menu Procedure: • Review all changes that have been made in the Security Wizard. • To ensure that the changes take effect, click Commit Security Configuration and Reboot. The unit reboots and the changes take effect. Note If the Key of keys is entered or modified in the Security Wizard, user accounts are reset when Commit Security Configuration and Reboot is clicked. It is then necessary to reconfigure them.
Chapter 6: Configuration and alignment Configuring security for FIPS 140-2 applications Configuring security for FIPS 140-2 applications This is a summary of all the configuration tasks that are necessary if the unit is to operate in FIPS 140-2 approved mode. For more information, refer to FIPS 140-2 mode on page 1-53 and Security planning on page 3-51. The common steps for configuring security are described in Security menu on page 6-93.
Chapter 6: Configuration and alignment 7 Configuring security for FIPS 140-2 applications To confirm that the above steps have been completed, check that the FIPS 140-2 logo is displayed in the Navigation Bar: FIPS 140-2 Configuration procedures for FIPS 140-2 To operate the ODU in FIPS 140-2 secure mode: • • Perform the steps in Local User Accounts page on page 6-61, taking care to complete the following additional settings: o Click Set Best Practice Complexity.
Chapter 6: Configuration and alignment 4 Configuring security for FIPS 140-2 applications If the alarm is “Secure mode is configured, but not active”, return to Step 7: Enter HTTP and Telnet Settings on page 6-101 check that HTTP Access Enabled is set to No. If this alarm is displayed, it is also displayed in the System Summary page. Note If it is necessary to exit from FIPS 140 2 mode, refer to Managing security on page 746.
Chapter 6: Configuration and alignment Aligning antennas Aligning antennas This section describes how to align the antennas in a PTP 700 link, use the web interface to assist with alignment, and check wireless performance after alignment. Before performing this task, check that hardware installation is complete (apart from the network connections) at both the Master and Slave sites. Starting up the units Use this procedure to connect one of the units to a management PC and start up both units.
Chapter 6: Configuration and alignment Aligning antennas Aligning antennas Use this procedure to align linked antennas (master and slave), whether integrated or connectorized. The goal of antenna alignment is to find the center of the main beam. This is done by adjusting the antennas while monitoring the receive signal level. Preparation: Ensure that the following parameters are available: • Location of both sites (latitude and longitude). • Bearing to the other end of the link for both sites.
Chapter 6: Configuration and alignment 5 Aligning antennas When the antennas have been aligned on the center of the beam, verify that the receive level is within the predicted range (from the installation report). If this is not the case, go back to step 2. The current value of receive level can be verified by using the graphical installation method (see Graphical Install page on page 6-113) or by selecting menu option Status and monitoring the Receive Power attribute on the System Status page.
Chapter 6: Configuration and alignment Aligning antennas ODU installation tones This is the first of two methods that may be used to monitor receive signal level during antenna alignment. The ODU emits audible tones during installation to assist with alignment. The pitch of the alignment tone is proportional to the received power of the wireless signals. Adjust the alignment of the unit in both azimuth and elevation until the highest pitch tone is achieved.
Chapter 6: Configuration and alignment Aligning antennas During alignment, the installation tones should exhibit the following behavior: • Band scan: When first started up and from time to time, the Master unit will carry out a band scan to determine which channels are not in use. During this time, between 10 and 15 seconds, the Master unit will not transmit and as a consequence of this neither will the Slave unit.
Chapter 6: Configuration and alignment Aligning antennas Graphical Install page Menu option: Installation > Graphical Install (Figure 179). This is the second of two methods that may be used to monitor receive signal level during antenna alignment. Figure 179 Graphical Install page Procedure: • Check that Wireless Link Status (top left) is “Up”, “Registering”, “Searching” or “Acquiring”. • While slowly sweeping the antenna, monitor the trace of receive power over the last three minutes.
Chapter 6: Configuration and alignment Aligning antennas Disarming the units When antenna alignment is complete, use this procedure to disarm both units in the link in order to: • Turn off the audible alignment aid. • Enable adaptive modulation. • Fully enable spectrum management features (such as DSO, if configured). • Clear unwanted installation information from the various systems statistics. • Store the link range for fast link acquisition on link drop. • Enable higher data rates.
Chapter 6: Configuration and alignment Aligning antennas Comparing actual to predicted performance For at least one hour of operation after disarming, use this procedure to monitor the link to check that it is achieving predicted levels of performance. LINKPlanner provides the prediction in the form of an installation report. Procedure: • Select menu option System > Statistics. The System Statistic page is displayed (Figure 181).
Chapter 6: Configuration and alignment Other configuration tasks Other configuration tasks This section describes other configuration tasks. Connecting to the network Use this procedure to complete and test network connections. Procedure: 1 If a management PC is connected directly to the PTP 700, disconnect it. 2 Confirm that all ODU Ethernet interface cables (PSU, SFP and Aux) are connected to the correct network terminating equipment or devices.
Chapter 6: Configuration and alignment Other configuration tasks Upgrading software using TFTP Use this procedure to upgrade software remotely using Trivial FTP (TFTP) triggered by SNMP. Procedure: 1 Check that the TFTP client is enabled. Refer to Web-Based Management page on page 6-58. 2 Set tFTP attributes as described in Table 153. 3 Monitor tFTP attributes as described in Table 154. 4 Reboot the ODU as described in Rebooting the unit on page 7-68.
Chapter 6: Configuration and alignment Other configuration tasks Table 154 Monitoring tFTP attributes Attribute Meaning tFTPSoftwareUpgradeStatus This is the current status of the TFTP software upgrade process. Values: idle(0) uploadinprogress(1) uploadsuccessfulprogrammingFLASH(2) upgradesuccessfulreboottorunthenewsoftwareimage(3) upgradefailed(4). For example, enter this command: snmpget_d.exe -v 2c -c public 10.10.10.10 .iso.3.6.1.4.1.17713.7.9.9.
Chapter 7: Operation This chapter provides instructions for operators of the PTP 700 wireless Ethernet bridge. The following topics are described in this chapter: • System summary and status on page 7-2 • Rebooting and logging out on page 7-15 • Alarms, alerts and messages on page 7-17 • Spectrum Management on page 7-26 • Managing security on page 7-46 • System statistics on page 7-47 • Recovery mode on page 7-62.
Chapter 7: Operation System summary and status System summary and status This section describes how to use the summary and status pages to monitor the status of the Ethernet ports and wireless link. System Summary page Menu option: Home (Figure 182). This page contains a high level summary of the status of the wireless link and associated equipment. Whenever system alarms are outstanding, a yellow warning triangle is displayed on the navigation bar, and the alarm condition is listed.
Chapter 7: Operation System summary and status Attribute Meaning System Clock The system clock presented as local time, allowing for zone and daylight saving (if set). System Status page Menu option: Status (Figure 183). This page provides a detailed view of the operation of the PTP 700 link from both the wireless and network perspectives. Figure 183 System Status page The two PTP 700 Series units are arranged in a master and slave relationship.
Chapter 7: Operation System summary and status Figure 184 System Status page with TDM configured Procedures: • Confirm that the Ethernet Link Status attributes are green and set to Copper Link Up or Fiber Link Up. Equipment The Equipment section of the System Status page contains the attributes described in Table 156. Table 156 System Status attributes - Equipment Attribute Meaning Link Name The link name is allocated by the system administrator and is used to identify the equipment on the network.
Chapter 7: Operation System summary and status Attribute Meaning Site Name The site name is allocated by the system administrator and can be used as a generic scratch pad to describe the location of the equipment or any other equipment related notes. The site name attribute is limited to a maximum size of 63 ASCII characters. Software Version The version of PTP 700 software installed on the equipment. Hardware Version The PTP 700 hardware version.
Chapter 7: Operation System summary and status Ethernet / Internet The Ethernet / Internet section of the System Status page contains the attributes described in Table 157. Table 157 System Status attributes – Ethernet / Internet Attribute Meaning Main PSU Port Status The current status of the Ethernet link to the PSU port: • Green “Copper Link Up”: The Ethernet link is established. • Red “Down”: The Ethernet link is not established.
Chapter 7: Operation System summary and status Wireless The Wireless section of the System Status page contains the attributes described in Table 158. Table 158 System Status attributes – Wireless Attribute Meaning Wireless Link Status The current status of the wireless link: • Green “Up”: A point-to-point wireless link is established. • Red “Down”: The wireless link is not established.
Chapter 7: Operation System summary and status Attribute Meaning Transmit Data Rate The maximum, mean, minimum and latest measurements of Transmit Data Rate (Mbps). See System histograms on page 7-47. Receive Data Rate The maximum, mean, minimum and latest measurements of Receive Data Rate (Mbps). See System histograms on page 7-47. Link Capacity Variant Indicates whether the installed license key is Lite or Full.
Chapter 7: Operation System summary and status Value Meaning Restricted Because Of Byte Errors On The Wireless Link The receiver has detected data errors on the radio and reduced the modulation mode accordingly. The radio may achieve a higher modulation mode as shown by the vector error, but there is some other error source, probably RF interference. Restricted Because Channel Change Is In Progress This is a transient event where the modulation mode is temporarily reduced during a channel change.
Chapter 7: Operation System summary and status Synchronous Ethernet The Synchronous Ethernet section of the System Status page contains the attributes described in Table 160. Table 160 System Status attributes – Synchronous Ethernet Attribute Meaning Sync E Tracking State The state of frequency tracking in Synchronous Ethernet. For a list of values and their meanings, see Table 161.
Chapter 7: Operation System summary and status TDD Synchronization The TDD Synchronization section of the System Status page contains the attributes described in Table 162. Table 162 System Status attributes – TDD Synchronization Attribute Meaning TDD Synchronization Status The status of TDD synchronization. Displayed at a TDD Master if TDD synchronization is active. For a list of values and their meanings, see Table 163.
Chapter 7: Operation System summary and status Value Meaning Holdover The ODU is a Cluster Slave and the 1 pps reference has been lost at the input to an upstream PTP-SYNC unit. The ODU is locked to an upstream ODU that is in the Holdover (No GPS Sync In) state. The ODU is transmitting. If the reference input is not restored at the upstream PTPSYNC unit, the Holdover state will terminate automatically after a period set by TDD Holdover Duration.
Chapter 7: Operation System summary and status TDM The TDM section of the System Status page contains the attributes described in Table 165. Note When TDM is enabled and connected at one link end, up to two minutes may elapse before the TDM link is established (this is known as the settling period). Do not attempt to change the TDM configuration during this settling period.
Chapter 7: Operation System summary and status Table 166 TDM Channel Status values and meanings Value Meaning Up TDM data is being bridged between the TDM ports on local and remote NIDUs (green background). No Signal (Local) No TDM data is being received at the TDM port on the local NIDU. No Signal (Remote) No TDM data is being received at the corresponding TDM port on the remote NIDU.
Chapter 7: Operation Rebooting and logging out Rebooting and logging out This section describes how to reboot the unit and log out of the web interface. Login Information page Menu option: Management > Web > Login Information (Figure 185). Use this page to show recent successful and unsuccessful login attempts on this account. Figure 185 Login Information page Reboot Wireless Unit page Menu option: System > Reboot (Figure 186). Use this page to reboot the ODU or view a list of previous reboot reasons.
Chapter 7: Operation o Rebooting and logging out Click OK. The reboot progress message is displayed. On completion, the unit restarts. Figure 187 Reboot confirmation pop up Change Password page Menu option: Change Password (Figure 188). Use this page to change a personal password. Figure 188 Change Password page (System Administration example) A security officer can change the passwords of other users using the User Accounts page, as described in Local User Accounts page on page 6-61.
Chapter 7: Operation Alarms, alerts and messages Alarms, alerts and messages This section describes how to use alarms, alerts and syslog messages to monitor the status of a PTP 700 link. Alarms Whenever system alarms are outstanding, a yellow warning triangle is displayed on the navigation bar. The warning triangle is visible from all web pages. Procedure: • Click the warning triangle (or menu option Home) to return to the System Summary page and view the alarms.
Chapter 7: Operation Alarms, alerts and messages Table 167 System alarms Alarm Meaning Aux Port Configuration Mismatch Ethernet fragments (runt packets) have been detected when the Aux port is in full duplex. This indicates an autonegotiation or forced configuration mismatch. Aux Port Disabled Warning The Aux port link has been administratively disabled via the SNMP Interface. Aux Port PoE Output Status The Aux port link is down.
Chapter 7: Operation Alarms, alerts and messages Alarm Meaning Incompatible Master and Slave The master and slave ends of the wireless link are different hardware products, or have different software versions. It is very unusual to detect this because incompatible units will normally fail to establish a wireless link. However, some combinations may establish a partial wireless link and detect this situation.
Chapter 7: Operation Alarms, alerts and messages Alarm Meaning Secure Mode Alarm The unit is operating in the FIPS secure mode, but is not in the operational state. To clear an alarm value of Secure mode is not configured ensure that all settings are correct for FIPS 140-4 in the Security Wizard. To clear an alarm value of Secure mode is configured, but not active ensure that HTTP Access Enabled is set to No. SFP Error A non-OK value indicates that the SFP link is down.
Chapter 7: Operation Alarms, alerts and messages Alarm Meaning TDD Synchronization Alarm The reference signal for TDD Synchronization is absent and the ODU is now in holdover with more than 80% of the holdover period elapsed (Reference Signal Lost) or the ODU has reached the end of the configured holdover period and may not be correctly synchronized with the remaining units in the wireless network (Synchronization Lost).
Chapter 7: Operation Alarms, alerts and messages Syslog page Menu option: Management > Syslog (Figure 190). Use this page to view the local log of event messages. Figure 190 Syslog local log Note For more information about system logging, refer to: • System logging (syslog) on page 1-48 describes the system logging feature. • Syslog Configuration page on page 6-78 describes how to enable system logging.
Chapter 7: Operation Alarms, alerts and messages minutes = seconds = “00”-“59” hostname = “0.0.0.0”-“255.255.255.
Chapter 7: Operation Alarms, alerts and messages Facility Severity Identifier Message content syslog(5) warning(4) log_full "Syslog local flash log is 90% full" SC syslog(5) warning(4) log_wrap "Syslog local flash log has wrapped" SC security(4) info(6) radius_auth "RADIUS user=" user-name SC SP "server " ("1" | "2") " at " IP-address SP "succeeded" SC security(4) warning(4) radius_auth_fail "RADIUS user=" user-name SC SP "server " ("1" | "2") " at " IP-address SP ("failed" | "succeeded
Chapter 7: Operation Alarms, alerts and messages Facility Severity Identifier Message content NTP(12) warning(4) time_conn_failed "SNTP connection failed at IP-address=" IP-address SC SP "port-number=" port SC SP "reason=" reason SC Page 7-25
Chapter 7: Operation Spectrum Management Spectrum Management Spectrum Expert This section describes how to use the Spectrum Expert page to monitor the radio spectrum usage of the PTP 700 link. Note Internet Explorer versions up to and including IE8 do not support the HTTP features used in the Spectrum Expert page. Menu option: System > Spectrum Expert This page is used to view and configure spectrum usage.
Chapter 7: Operation Spectrum Management Standard Display mode Figure 191 Spectrum Expert page – Standard Display mode Page 7-27
Chapter 7: Operation Spectrum Management Extended Display Mode Figure 192 Spectrum Expert page – Extended Display mode Note Figure 191 shows the default layout for a unit configured as a Master. On a unit configured as Slave, some of the controls at the bottom of the page are not available. In the remainder of this section, the screen shots shown are for the Master Unit. Note For Spectrum Expert Extended Display mode, Extended Spectrum Scanning is Enabled and Display mode is set to Extended.
Chapter 7: Operation • The Local Timeseries, and • The Peer Timeseries. Spectrum Management These plots are on the right of the corresponding Receive Spectrum plots. See Selecting a Channel and a Time period on page 7-41 for details on the timeseries plots. Clicking on the Hide Details hyperlink returns to the compact layout.
Chapter 7: Operation Spectrum Management Figure 194 Spectrum Expert page showing the Receive Spectrum and Interference Waterfall for the Local unit Figure 195 Spectrum Expert page showing the Receive Spectrum, Timeseries, Interference Waterfall and Histogram for the Local unit Page 7-30
Chapter 7: Operation Spectrum Management Spectrum Management Settings All spectrum management configuration changes are applied at the master ODU only. These changes are then sent from the master to the slave, so that both master and slave keep identical copies of spectrum management configuration. It is therefore possible to swap master and slave roles on an active PTP 700 link without modifying Spectrum Management configuration.
Chapter 7: Operation Spectrum Management Attribute Meaning Asymmetric DSO Only displayed in non-radar regions when DSO is enabled. The default configuration of symmetric operation constrains the link to operate symmetrically, using the same transmit and receive channels. When in symmetric mode the slave unit will always follow the master. If the master moves to a new channel the slave will hop to the same channel.
Chapter 7: Operation Spectrum Management X axis and Y axis The X-axis shows a stylized view of the selectable wireless channels. Note that the distance between adjacent channels may be smaller than the channel bandwidth. If this is the case, adjacent channels overlap. Channels are displayed separately for clarity. The axis is labeled using the channel center frequencies in MHz. The Y-axis shows the interference power levels from –100 to –40 dBm.
Chapter 7: Operation Spectrum Management Metric Description How represented Peak of Means The largest mean interference measurement encountered during the quantization period. The peak of means is useful for detecting slightly longer duration spikes in the interference environment. Upper horizontal bar. Mean of Means The arithmetic mean of the measured means during a quantization period.
Chapter 7: Operation Spectrum Management Figure 196 Spectrum Expert page for Fixed Frequency – Standard display mode Page 7-35
Chapter 7: Operation Spectrum Management Figure 197 Spectrum Expert page for Fixed Frequency – Extended display mode Channel barring is disabled in fixed frequency mode; it is not required as dynamic channel hopping is prohibited in this mode. The only controls available to the master are the Spectrum Expert Display Mode and Interference Threshold attributes. They will have no effect on the operation of the wireless link and will only effect the generation of the channel spectrum graphics.
Chapter 7: Operation Spectrum Management Spectrum Expert page in radar avoidance mode When the link is operating in radar avoidance mode, the Spectrum Expert page (Figure 198) contains the following additional information: • The main page title has the “Radar Avoidance” suffix. • The only controls available to the master are the Interference Threshold attribute. This has no effect on the operation of the wireless link and will only affect the generation of the channel spectrum graphics.
Chapter 7: Operation Spectrum Management Figure 199 Spectrum Expert page with radar avoidance – Extended Display When operating with RTTT (Road transport and Traffic Telematics) Avoidance enabled or other regulatory restrictions on channel usage, all channels marked with a “no entry” symbol with their associated statistics colored black are the prohibited channels.
Chapter 7: Operation Spectrum Management Color State and color Meaning Dark grey Barred The system administrator has barred this channel from use. Because the low signal levels encountered when a unit is powered up in a laboratory environment prior to installation (which makes the grey of the channel bar difficult to see). An additional red “lock” symbol is used to indicate that a channel is barred.
Chapter 7: Operation Spectrum Management Note The channels cannot be barred in the extended view.
Chapter 7: Operation Spectrum Management Selecting a Channel and a Time period The Timeseries plot uses measurements for the selected channel. The Histogram plot uses measurements for the selected channel and the selected measurement period. To select a channel on the Receive Spectrum Page, click within the plot, move the cursor horizontally to the channel you want to select and click to confirm the selection. The Selected channel is shown with a grey background.
Chapter 7: Operation Spectrum Management Interpreting the timeseries plot This plot displays the interference measurements of all previous measurement quantization periods for the selected channel, up to a maximum of 25 h (Figure 202). The channel is selected as described in Selecting a Channel and a Time period. The center frequency of the selected channel is indicated in MHz at the top right of the Timeseries plot.
Chapter 7: Operation Spectrum Management Interpreting the Interference Waterfall plot The Interference Waterfall indicates the level of interference for all the channels in the band over the last 25 h. Figure 203 shows a screen capture example. The channel and measurement period are selected as described in Selecting a Channel and a Time period on page 7-41 The center frequency of the selected channel and the time period are indicated at the top right of the Interefrence Waterfall plot.
Chapter 7: Operation Spectrum Management Viewing the active channel history To display the active channel history, tick the Show Channel Change History control right below the Interference Waterfall plot. The active channel history over the last 25 hours is plotted as a black line overlay on the Interference Waterfall plot. A circle is displayed every time the active channel has changed. By hovering above the circle, the reason for the channel change is indicted, as shown in Figure 204.
Chapter 7: Operation Spectrum Management Interpreting the histogram plot The histogram plot indicates the percentage of the measurements in the selected measurement period where the interference level for the selected channel is at a given level (Figure 206).
Chapter 7: Operation Managing security Managing security This section describes the following procedures: • Exiting FIPS 140-2 approved mode • Zeroising critical security parameters Other security configuration procedures are described in Security menu on page 6-93. Exiting FIPS 140-2 approved mode To exit from the FIPS 140-2 approved mode, install standard (non-FIPS) PTP 700 software. Note The critical security parameters (CSPs) are zeroized when the unit exits from the FIPS 140-2 approved mode.
Chapter 7: Operation System statistics System statistics This section describes how to use the system statistics pages to manage the performance of the PTP 700 link, use the following web pages: System Statistics page Menu option: System > Statistics. Use this page to check system statistics. System histograms The System Histograms section of the System Statistics page (Figure 207) contains eight diagnostic attributes that are presented as arrays of four elements (Table 175).
Chapter 7: Operation System statistics Table 175 System Histogram attributes in the System Statistics page Attribute Meaning Transmit Power The transmit power histogram, calculated over a one hour period. Receive Power The receive power histogram, calculated over a one hour period. Vector Error The vector error measurement compares (over a one hour period) the received signal IQ modulation characteristics to an ideal signal to determine the composite vector error magnitude.
Chapter 7: Operation System statistics System counters The System Counters section of the System Statistics page (Figure 208) contains Data Port Counters (Table 176), Management Agent Counters (Table 178) and Wireless Port Counters and Performance Information (Table 179). Figure 208 System Counters section of the System Statistics page Procedure: • To reset all system counters to zero, click Reset System Counters.
Chapter 7: Operation System statistics Table 177 Second Data Port Counters Attribute Meaning Tx Frames The total number of good frames the bridge has sent for transmission through the port selected for Second Data Service Rx Frames The total number of good frames the bridge has received through the port selected for Second Data Service Table 178 Management Agent Counters Attribute Meaning Packets To Internal Stack The total number of good packets the bridge has transmitted to the internal stack (
Chapter 7: Operation System statistics Attribute Meaning Receive Modulation Mode Detail The receive modulation mode in use. For a list of values and their meanings, see Table 159. Wireless Link Availability Wireless link availability calculated since the last system counters reset. Ethernet Bridging Availability Link availability for bridging Ethernet traffic calculated since the last reset of the system counters.
Chapter 7: Operation System statistics Wireless Port Counters page Menu option: System > Statistics > Wireless Port Counters (Figure 210). Use this page to check the Ethernet performance of the wireless bridge. Figure 210 Wireless Port Counters page Note If the ODU is configured for OOB Remote Management Service, the OOB Management counters will be displayed instead of Second Data counters (i.e.
Chapter 7: Operation System statistics Table 181 Wireless Port Counters attributes Attribute Meaning Tx/Rx Frames Number of frames transmitted and received over the wireless bridge. Rx Frames With Crc Error Number of received frames with CRC errors. Tx/Rx Frames Q0…Q7 Number of transmitted and received frames for each Traffic Class. Tx Drops Q0…Q7 Number of transmitted frames dropped for each Traffic Class.
Chapter 7: Operation System statistics Procedure: • Review the attributes (Table 182). • To change the refresh period, update the Counter Page Refresh Period attribute and click Submit Page Refresh Period. • To reset all counters to zero, click Reset System Counters. Table 182 Main Port Counters attributes Attribute Meaning Tx/Rx Octets Total number of octets (bytes) transmitted and received over the interface. Tx/Rx Frames Total number of frames transmitted and received over the interface.
Chapter 7: Operation System statistics Aux Port Counters page Menu option: System > Statistics > Aux Port Counters (Figure 212). Use this page to check the Ethernet performance of the Aux port. Figure 212 Aux Port Counters page (when Aux port is is allocated to the Local Management Service) Procedure: • Review the attributes (Table 183). • To change the refresh period, update the Counter Page Refresh Period attribute and click Submit Page Refresh Period.
Chapter 7: Operation System statistics SFP Port Counters page Menu option: System > Statistics > SFP Port Counters (Figure 213). Use this page to check the Ethernet performance of the SFP port. Figure 213 SFP Port Counters page (when SFP port is allocated to the Local Management Service) Procedure: • Update the attributes (Table 184). • To change the refresh period, update the Counter Page Refresh Period attribute and click Submit Page Refresh Period.
Chapter 7: Operation System statistics SyncE Status page Menu option: System > Statistics > SyncE Status Use this page to monitor the state of the Synchronous Ethernet function. Note When TDM is enabled (TDM Configuration page on page 6-50), the following restrictions are automatically applied: • The SyncE Status page is hidden. • Main PSU Port Sync E Master Slave Status is set to Master. • Main PSU Port Gigabit Master Slave Status is set to Master.
Chapter 7: Operation System statistics Table 185 Sync E Status attributes Attribute Meaning Sync E Tracking State The state of the Synchronous Ethernet state machine. See Table 186 for further details. Main PSU Port Accepted QL Rx The “accepted” QL received by the Main PSU Port.
Chapter 7: Operation System statistics Attribute Meaning SFP Port Gigabit Master Slave Status This attribute indicates if the SFP Port’s Gigabit Ethernet physical interface is operating as a master (generating a clock) or slave (locking to a clock generated at the other end of the Ethernet link). The “Sync E Tracking State” attribute can take the following values: Table 186 Sync E Tracking State Value Meaning Disabled The synchronous Ethernet feature is disabled.
Chapter 7: Operation System statistics Use this page to monitor the performance of an operational PTP 700 link over time. Figure 215 Diagnostic Plotter page Procedure: • Select a diagnostic from the Diagnostics Selector drop-down list. These are the same as the System Histogram attributes in the System Statistics page (Table 175). • Tick the required Trace Selection boxes: Max, Mean and Min. • Update the Page Refresh Period as required. The default period is 3600 seconds (1 hour).
Chapter 7: Operation System statistics Figure 216 Generate Downloadable Diagnostics page Procedure: • Select a diagnostic from the Diagnostics Selector drop-down list. • Click Generate Diagnostics. The Generate Downloadable Diagnostics page is redisplayed with the name of the generated CSV file. • Click on the CSV file name and save the CSV file to the hard drive of the local computer. • Open the CSV file in MS Excel and use it to generate reports and diagrams.
Chapter 7: Operation Recovery mode Recovery mode This section describes how to recover a PTP 700 unit from configuration errors or software image corruption. Entering recovery mode Use this procedure to enter recovery mode manually. Note The unit may enter recovery mode automatically, in response to some failures. Note Once the unit has entered recovery, it will switch back to normal operation if no access has been made to the recovery web page within 30 seconds.
Chapter 7: Operation Recovery mode Figure 217 Recovery Options page Table 187 Recovery Options attributes Attribute Meaning Software Version The software version of the recovery operating system permanently installed during manufacture. Recovery Reason The reason the unit is operating in Recovery mode, for example “Invalid or corrupt image”. “Unknown” usually means there has been a power outage. MAC Address The MAC address of the unit programmed during manufacture.
Chapter 7: Operation Recovery mode Table 188 Recovery Options buttons Button Purpose Upgrade Software Image Use this option to restore a working software version when software corruption is suspected, or when an incorrect software image has been loaded. Refer to Upgrading software image on page 7-64. Reset IP & Ethernet Configuration back to factory defaults Use this option to reset the IP and Ethernet attributes to factory defaults. Refer to Resetting IP & Ethernet configuration on page 7-65.
Chapter 7: Operation Recovery mode 5 Click Reboot Wireless Unit. When the “Are you sure?” message is displayed, click OK. 6 The unit will now reboot and restart in normal operational mode, and the link should recover. If the unit or link fails to recover, refer to Testing link end hardware on page 8-7. Note The unit will not upload FIPS versions of the software unless the unit has the AES encryption and FIPS licenses installed.
Chapter 7: Operation Recovery mode 4 Click Reboot. When the “Are you sure you want to REBOOT this unit?” message is displayed, click OK. 5 The unit will now reboot. The unit should now start up in normal mode but with the IP and Ethernet configuration reset to factory defaults. If the unit fails to recover, refer to Testing link end hardware on page 8-7 and Cable Diagnostics on page 8-2.
Chapter 7: Operation Recovery mode 2 Click OK. The erase confirmation page is displayed: 3 Click Reboot. When the confirmation message is displayed, click OK. 4 The unit reboots and starts up in normal mode but with all configuration reset to default values. If the unit fails to start up, refer to Testing link end hardware on page 8-7 and and Cable Diagnostics on page 8-2.
Chapter 7: Operation Recovery mode Procedure: 1 Click Zeroize Critical Security Parameters. The confirmation pop up box is displayed: 2 Click OK. The zeroize CSPs confirmation page is displayed: 3 Click Reboot. When the “Are you sure you want to REBOOT this unit?” message is displayed, click OK. 4 The unit will now reboot. The unit should now start up in normal mode but with the security configuration reset to default values.
Chapter 7: Operation • Recovery mode When the “Are you sure you want to REBOOT this unit?” message is displayed, click OK. The unit will now reboot. The unit should now start up in normal operational mode. If the unit fails to start up, refer to Testing link end hardware on page 87.
Chapter 8: Troubleshooting This chapter contains procedures for identifying and correcting faults in a PTP 700 link. These procedures can be performed either on a newly installed link, or on an operational link if communication is lost, or after a lightning strike. The following topics are described in this chapter: • Cable Diagnostics on page 8-2 describes how to perform cable diagnostics test to detect cabling related faults.
Chapter 8: Troubleshooting Cable Diagnostics Cable Diagnostics This section describes how to diagnose cable faults. The Cable Diagnostics feature may be used to test Ethernet cables connected to the Main PSU port and the Aux port.
Chapter 8: Troubleshooting Cable Diagnostics Diagnostics test. If Number of lost packets are less than two (<2) after performing Test ping packet loss, perform Cable Diagnostics test. Otherwise check the ODU’s parameter configurations. Cable Diagnostics test Menu option: System > Cable Diagnostics The Cable Diagnostics feature determines a fault in a cable and its approximate location based on Time Domain Reflectometry (TDR).
Chapter 8: Troubleshooting Cable Diagnostics 1 2 1 Light Orange White/Orange 2 2 2 Orange Orange 3 3 1 Light Green White/Green 4 1 2 Blue Blue 5 1 1 Light Blue White/Blue 6 3 2 Green Green 7 4 1 Light Brown White/Brown 8 4 2 Brown Brown Procedure 1 Select ports for cable diagnostics test: 2 Click “Start Test” button to begin the test: 3 The confirmation pop up box is displayed.
Chapter 8: Troubleshooting 4 Cable Diagnostics On completion of the test, the results are displayed : Note The last test performed results are shown for user reference purpose. Table 190 Cable Diagnostics attributes Attribute Meaning Cable Diagnostics Ports Select ports on which Cable Diagnostics must be executed. Last Test Time The date and time when a Cable Diagnostics test was last executed successfully. Cable Pair The result of the most recent execution of cable diagnostics on a cable pair.
Chapter 8: Troubleshooting Cable Diagnostics Diagnostics. Fault in cables longer than 160 meters (525 feet) may not be detected. The error margin is +/- 2 meters (6.5 feet). Units Unit of cable length in meters.
Chapter 8: Troubleshooting Testing link end hardware Testing link end hardware This section describes how to test the link end hardware when it fails on startup or during operation. Before testing link end hardware, confirm that all outdoor drop cables, that is those that connect the ODU to equipment inside the building, are of the supported type, as defined in Outdoor copper Cat5e Ethernet cable on page 2-33.
Chapter 8: Troubleshooting Testing link end hardware Ethernet LED did not blink 10 times Meaning: The ODU flashes the LED on the AC+DC Enhanced Power Injector 10 times to show that the ODU is powered and booted correctly. Action: 1 Remove the ODU cable from the PSU. Examine it for signs of damage. Check that the ODU cable resistances are correct, as specified in Test resistance in the drop cable on page 5-23. If the ODU cable is suspect, replace it.
Chapter 8: Troubleshooting Testing link end hardware Ethernet LED blinks irregularly Meaning: If the Ethernet LED blinks irregularly, for example two rapid blinks followed by a longer gap, this indicates that the ODU has booted in recovery mode. The causes may be: installation wiring, or a corrupt ODU software load, or sufficient time has not been allowed between a repeat power up. Action: Refer to Recovery mode on page 7-62.
Chapter 8: Troubleshooting Testing link end hardware Ethernet packet test Follow the Ethernet packet test flowchart (Figure 218) and procedures below.
Chapter 8: Troubleshooting Testing link end hardware Test Ethernet packet errors reported by ODU Log into the unit and click Administration, Statistics, Detailed Counters. Click Reset System Counters at the bottom of the page and wait until the Ethernet Rx Packets counter has reached 1 million (the count will only update when the page is refreshed.
Chapter 8: Troubleshooting 5 Testing link end hardware Send 1000 ping packets of length 1500 bytes. The process will take 1000 seconds, which is approximately 17 minutes. If the computer is running a Windows operating system, this is achieved by typing (for an IPv6 address, use the ping6 command): ping –n 1000 –l 1500 where is the IP address of the PTP 700 ODU under test.
Chapter 8: Troubleshooting Testing the radio link Testing the radio link This section describes how to test the link when there is no radio communication, when it is unreliable, when the data throughput rate is too low, or when a unit is causing radio or TV interference. It may be necessary to test the units at both ends of the link. No activity If there is no wireless activity, proceed as follows: 1 Check for Alarm conditions on Home page.
Chapter 8: Troubleshooting Testing the radio link Radio and television interference If a PTP 700 unit is interfering with radio or television reception (this can be determined by turning the equipment off and on), attempt the following corrective actions: • Realign or relocate the antenna. • Increase the separation between the affected equipment and antenna. • Connect the ODU and PSU power supply into a power outlet on a circuit different from that to which the receiver is connected.
Chapter 8: Troubleshooting Testing PTP-SYNC Testing PTP-SYNC This section describes how to test the PTP-SYNC unit and its connections when the PTP-SYNC LEDs do not illuminate correctly, or when a synchronization fault is suspected. Checking the PTP-SYNC LEDs If a fault is suspected in the PTP-SYNC or GPS hardware, check the PTP-SYNC LED states and use Table 191 to choose the correct test procedure.
Chapter 8: Troubleshooting Testing PTP-SYNC STATUS LED is on steady Meaning: There is power but no satellite lock. This probably indicates that a 1PPS synchronization pulse is not detected by the PTP-SYNC unit. Action: Depending on system configuration, take one of the following actions: • System using a GPS receiver module - Ensure that there is a cable connection between the PTP-SYNC GPS/SYNC IN interface and the LPU, also that there is a cable connection between the LPU and the GPS receiver module.
Chapter 8: Troubleshooting Testing PTP-SYNC Cluster timing source GPS LED on master GPS LED on slave(s) Diagnosis GPS receiver providing NMEA data Blink Blink OK Off Any Fault in GPS unit or GPS cable Blink Off Fault in daisy chain cable Off Off OK Off On Fault in alternative 1PPS source Off Off OK Alternative 1PPS source, no NMEA data One ODU is cluster timing master Page 8-17
Chapter 8: Troubleshooting Testing a TDM link Testing a TDM link This section describes how to check the NIDU LEDs and how to perform a TDM loopback test. Checking the NIDU LEDs If a fault is suspected in the NIDU, check the NIDU LED states and use Table 193 to choose the correct test procedure. Table 193 NIDU indicator LED states Port LED State Description and test procedure LAN Green On steady Normal state: Ethernet 1000BaseT signal detected.
Chapter 8: Troubleshooting Testing a TDM link Performing a TDM loopback test The loopback test allows a TDM data stream to be looped back at the copper or wireless interface. A typical T1 or E1 installation test includes a copper loopback on the local unit followed by a wireless loopback on the remote unit. Note The TDM Configuration page is only available when the TDM interface is enabled and the unit is rebooted (Interface Configuration page on page 6-14).
Glossary Term Definition AES Advanced Encryption Standard ANSI American National Standards Institution ARP Address Resolution Protocol ATPC Automatic Transmit Power Control Aux Auxiliary BBDR Broadband Disaster Relief BPSK Binary Phase Shift Keying BW Bandwidth CFM Connection Fault Management CHAP Challenge Handshake Authentication Protocol CSP Critical Security Parameter DC Direct Current DER Distinguished Encoding Rules DES Data Encryption Standard DFS Dynamic Frequency Sele
Glossary Term Definition GE Gigabit Ethernet GUI Graphical User Interface HTTP Hypertext Transfer Protocol IB In-Band IC Industry Canada ICMP Internet Control Message Protocol ICNIRP International Commission on Non-Ionizing Radiation Protection IEEE Institute of Electrical and Electronic Engineers IP Internet Protocol IPSec Internet Protocol Security ISM Industrial Scientific and Medical ITPE Initial Transmit Power Estimate KDB Knowledge Database L2CP Layer Two Control Protocol
Glossary Term Definition NS Neighbor Solicitation NTP Network Time Protocol NUD Neighbor Un-reachability Detection ODU Outdoor Unit OFDM Orthogonal Frequency Division Multiplex OOB Out-of-Band PC IBM Compatible Personal Computer PIDU Powered Indoor Unit POE Power over Ethernet PSU Power Supply Unit PTP Point-to-Point QAM Quadrature Amplitude Modulation QoS Quality of Service QPSK Quadrature Phase Shift Keying R-APS Ring Automatic Protection Switching RADIUS Remote Authentic
Glossary Term Definition TDD Time Division Duplexing TDM Time Division Multiplexing TDWR Terminal Doppler Weather Radar TGB Tower Ground Bus bar TLS Transport Layer Security UNII Unlicensed National Information Infrastructure URL Universal Resource Location USM User-based Security Model UTC time Coordinated Universal Time UTP Unshielded Twisted Pair UV Ultraviolet VACM View-based Access Control Model VLAN Virtual Local Area Network WEEE Waste Electrical and Electronic Equipment