manualshive.com logo in svg

Spectracom 9289, Instruction Manual

Ensure you are getting the most out of your Spectracom 9289 with the comprehensive Instruction Manual available for free download from our website. This manual is essential for setting up and using your device effectively. Get your copy today at manualshive.com and maximize your product's capabilities.

Share
Download
background image

Model 9289 

 

Spectracom Corporation 

 

 

NetClock/NTP Network Time Provider Instruction Manual 

3-90

3.4.20 Configuring IPSec 

Internet Protocol Security (IPSec) is a suite of IP protocols that authenticates and encrypts 
network communications. IPSec supports IPv6 and IPv4 as of this writing. 
 
IPSec defines a Security Association (SA), consisting of secured communications between two 
network devices. Configuring IPSec requires us to define SA Policy (SAP) and SA Descriptors 
(SAD). SAP determines what network traffic can or must be secured through IPSec. SAD 
describes actively secured conversations. All network traffic for an SA contains an identical 
Security Parameter Index (SPI). 
 

3.4.20.1  AH vs. ESP 

An Authentication Header (AH) and an Encapsulating Security Payload (ESP) are the primary 
protocols used by IPSec. They authenticate (AH) or authenticate and encrypt (ESP) the data 
across that connection. Typically, they are used independently, but it is possible to use them 
together. The NetClock supports both protocols. 
 

3.4.20.2  Transport Mode vs. Tunnel Mode 

Transport mode provides a secure connection between two endpoints by encapsulating the IP 
payload. Tunnel mode encapsulates the entire IP packet/ 
 

NOTE: 

Tunnel mode is used to form a traditional Virtual Private Network (VPN), in which the 
tunnel creates a secure path across a distrusted Internet connection. The NetClock 
supports

 Transport mode ONLY.

 

 

3.4.20.3  MD5 vs. SHA-1 vs. DES vs. 3DES vs. AES 

An IPSec connection can use two or three encryption choices from among those available. 
Authentication calculates an Integrity Check Value (ICV) over the data packet’s contents. It is 
usually built on a hash algorithm (for example, MD5 or SHA-1). It uses a secure key known to 
both endpoints, allowing the recipient to compute the ICV as the sender has computed it. If the 
recipient gets the same value, the sender has effectively authenticated itself. 

 

3.4.20.4  IKE vs. Manual Keys 

To communicate, the devices at both endpoints must possess the same secure keys. Keys can 
be entered manually. They may also be generated dynamically between two hosts through 
Internet Key Exchange (IKE). The NetClock supports both IKE and manual keys. 
 

3.4.20.5  Main Mode vs. Aggressive Mode 

The initial IKE exchange may be efficient or it may be secure.  This tradeoff is governed by the 
exchange mode, Main or Aggressive. Main mode is completely secure and requires six packets 
to be sent between the two devices. Aggressive mode requires only three packets be sent 
between the two devices, but it is less secure. 
  

NOTE: 

The NetClock supports both Main and Aggressive modes. Aggressive mode is NOT 
recommended because of the security risks involved. 

 

Summary of Contents for 9289

Page 1: ...WORK TIME PROVIDER MODEL 9289 INSTRUCTION MANUAL 95 Methodist Hill Drive Rochester NY 14623 Phone US 1 585 321 5800 Fax US 1 585 321 5219 www spectracomcorp com Part Number 1151 5000 0050 Manual Rev E...

Page 2: ...Corporation Printed in USA Specifications subject to change or improvement without notice Spectracom NetClock Ageless TimeGuard TimeBurst TimeTap LineTap MultiTap VersaTap and Legally Traceable Time a...

Page 3: ...com products must be returned with the description of the claimed defect and identification of the individual to be contacted if additional information is needed Spectracom products must be returned p...

Page 4: ...o communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which ca...

Page 5: ...g 2 5 2 5 GPS Antenna Installation 2 5 2 5 1 Antenna Cable for Outdoor Antenna 2 5 2 5 2 Cable Lengths 2 6 2 5 3 Model 8224 GPS Splitter 2 7 2 5 4 Model 8226 Impulse Suppressor 2 7 2 5 5 Model 8227 GP...

Page 6: ...3 4 15 Configuring Network Security 3 66 3 4 16 If You Cannot Access a Secure NetClock 3 78 3 4 17 Configuring User Accounts 3 79 3 4 18 Configuring SNMP v1 v2 and v3 3 82 3 4 19 Configuring LDAP and...

Page 7: ...88 RS 485 Interface 2 16 Figure 2 14 TimeBurst RS 485 Interface 2 17 Figure 3 1 Entering to the Configuration in the Web UI 3 1 Figure 3 2 Web Browser User Interface Web UI 3 2 Figure 3 3 Security Net...

Page 8: ...S Screen 3 41 Figure 3 35 System Time Screen 3 43 Figure 3 36 Local System Clock Screen 1 of 4 3 44 Figure 3 37 Local System Clock Screen 2 of 4 3 45 Figure 3 38 Local System Clock Screen 3 of 4 3 46...

Page 9: ...n 3 103 Figure 3 79 Event Log Screen 3 104 Figure 3 80 GPS Qualification Log Screen 3 105 Figure 3 81 Journal Log Screen 3 106 Figure 3 82 NTP Log Screen 3 107 Figure 3 83 IKE Log Screen 3 108 Figure...

Page 10: ...other aspects of this product UL has only tested for fire shock or casualties as outlined in UL s Standard s for Safety for Information Technology Equipment UL60950 1 UL Certification does not cover...

Page 11: ...ariety of time code outputs are included to meet the requirements of numerous systems including a 10 100 Base T LAN port up to two RS 232 serial ports and up to two RS 485 data bus ports Alarm outputs...

Page 12: ...e mailed to Spectracom Sales Support at sales spectracomcorp com For repairs and technical support questions may be e mailed to Spectracom Technicians at techsupport spectracomcorp com Visit Spectrac...

Page 13: ...pping damaging immediately may forfeit any claim against the carrier In addition notify Spectracom Corporation of shipping damage or shortages in order to obtain a replacement or repair services NOTE...

Page 14: ...the dial out modem Option 03 Connector DB9 female pin assignments conform to EIA TIA 574 standard data communication equipment Character structure ASCII 9600 baud 1 start 8 data 1 stop no parity 1 4 3...

Page 15: ...millisecond of UTC Configuration Baud rate and output Data Formats are selected using the web browser user interface Bit rate selections are 1200 2400 4800 and 9600 baud There are eight Data Format se...

Page 16: ...hat are hourly daily or weekly only count as a single event so many events can be programmed Major Minor Alarms Relay contacts allow remote monitoring of operational status A power failure CPU failure...

Page 17: ...anual 1 7 1 4 12 Mechanical and Environmental Dimensions EIA 19 rack mount W x 1 75 H 1U x 11 00 D 483 mm W x 44 mm H x 305 mm D Weight 6 lbs 27 kg Temperature 32 to 122 F 0 to 50 C operating range 40...

Page 18: ...Model 9289 Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 1 8...

Page 19: ...area such as adjacent cabinets as any other equipment that has a connection between the earthed conductor of the same DC supply circuit and the earthing conductor and also the point of earthing of the...

Page 20: ...input jack on the back of the NetClock 8 Verify the NetClock front panel Sync lamp illuminates green Synchronization may take up to 20 minutes approximately 9 If supplied with Option 03 Dial out Modem...

Page 21: ...e Serial on rear panel NOT AVAILABLE NO Data Format 2 always reflects UTC It can t be configured as local time Data Format 3 Remote Serial on rear panel 12 00 YES None Data Format 4 Remote Serial on r...

Page 22: ...ing electrode conductor or to a bonding jumper from an earthing terminal bar or bus to which the DC supply system earthing electrode conductor is connected This equipment shall be located in the same...

Page 23: ...ears to the front of the unit Slide the unit into the rack and connect the ears to the rack using appropriate screws not provided 2 5 GPS Antenna Installation 2 5 1 Antenna Cable for Outdoor Antenna W...

Page 24: ...ble sources the attenuation characteristics at the GPS frequency of 1575 42 MHz must be known To ensure optimum receiver performance the total antenna cable attenuation must not exceed 16 dB regardles...

Page 25: ...26 Impulse Suppressor to protect the receiver from damaging voltages occurring on the antenna coax Voltages exceeding the impulse suppresser trip point are shunted to the system ground The Model 8226...

Page 26: ...t The Model 8227 provides 20 dB of gain and is powered by the NetClock receiver Figure 2 4 Model 8227 Inline Amplifier Two LMR 400 field installable N type connectors are provided with the Model 8227...

Page 27: ...ers and hubs Use standard CAT 5 cable with RJ45 connectors When connecting to a hub or router use a straight through wired cable When connecting directly to a PC use a crossover wired cable 2 6 1 Opti...

Page 28: ...uests for time there is no output The Multicast mode broadcasts the time stamp every second The Interrogation mode is the factory default This mode should be changed to Multicast mode in the web brows...

Page 29: ...ble A 3 position terminal block is supplied in the ancillary kit for each of the Remote Connections Also included in the ancillary kit is a jeweler s type screwdriver to tighten the screws Connector p...

Page 30: ...s once per second time data stream in RS 485 levels RS 485 is a balanced differential transmission which offers exceptional noise immunity long cable runs and multiple loading These characteristics ma...

Page 31: ...210 1 Table 2 3 Cable Sources for RS 485 Lines Over 1500 Feet For cable runs less than 1500 feet a lower cost twisted pair cable may be used Refer to Table 2 4 for possible sources In addition Catego...

Page 32: ...Digital Message 9288 Time Server TimeView 230 8179T TimeTap 8179T TimeTap TimeView 400 TimeBurst RS 485 In Out Terminal Block RS 485 In Out Terminal Block Terminal Block RS 485 In Out Terminal Block...

Page 33: ...off when exposed to handling or movement Figure 2 10 Wire Strain Relief TimeView display clocks use a 6 position terminal block to connect to the RS 485 data bus Connect the TimeView to the NetClock...

Page 34: ...nnect the Model 9288 to the NetClock as shown in Figure 2 13 Figure 2 13 Model 9288 RS 485 Interface The Model 8185 TimeBurst provides a digital time of day data burst to a radio transmitter The TimeB...

Page 35: ...data bus can be split in two directions as shown in Figure 2 9 In a split bus configuration terminate the devices installed on each end of the bus Some Spectracom products include a built in terminat...

Page 36: ...Model 9289 Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 2 18...

Page 37: ...where appropriate After installing the NetClock verify that power is connected and wait for the device to boot up The front panel display provides certain configuration data on start up The right pane...

Page 38: ...on a computer connected to the network and log in as an administrator The http session will be redirected automatically to an https session and a security certificate pop up window will be displayed A...

Page 39: ...lt administrator account is set at the factory as admin The password is admin123 After entering the login name and password and successfully logging into the NetClock the user will see a Web UI screen...

Page 40: ...pectracom Corporation NetClock NTP Network Time Provider Instruction Manual 3 4 Refer to the Initial Network Configuration section to continue your product configuration Figure 3 4 Security Network Sc...

Page 41: ...le to connect a PC or laptop computer to the serial setup port on the back of the NetClock After making this connection use a terminal program such as HyperTerminal to log into the NetClock as an admi...

Page 42: ...Configure the COM1 properties as shown in Figure 3 7 Bits per second should be 9600 Data bits should be 8 Parity should be none Stop bits should be 1 Flow control should be none When the connection is...

Page 43: ...min and the password admin123 Login names and passwords are case sensitive A successful login will return the prompt admin x x x x where x x x x is the IP address of the NetClock Typing help in the Co...

Page 44: ...fields are specific to your setup Your network administrator may assign and provide some or all of the required information If you are not using DHCP in conjunction with DNS using domain names rather...

Page 45: ...3 10 Serial Port Pin Configuration PIN SIGNAL I O DESCRIPTION 2 RXD O Receive Data RS 232 output data to PC 3 TXD I Transmit Data RS 232 input data from PC 5 GND Signal Common 6 DSR O Data Set Ready...

Page 46: ...3 2 2 Initial Network Setup At the CLI enter the command net config Set the prompted values to complete initial network setup In this manual the convention enter is used to indicate pressing the enter...

Page 47: ...rver if any DHCP Setting This enables or disables DHCP This must be set for IPv4 and IPv6 The NetClock always generates a static IPv6 address in addition to the dynamic IPv6 address es Gateway When th...

Page 48: ...s format NOTE Setting the gateway to Disabled will cause the values in the Gateway Address field to be ignored NOTE Changing the IP address of the NetClock to a different subnet will prompt the NetClo...

Page 49: ...P Disabled Disabled or Enabled with SNMP v3 w encryption Web User Interface NTP Enabled With no MD5 Values Entered Enabled Use MD5 authentication with user defined keys Web User Interface Daytime Prot...

Page 50: ...less the HALT command is first issued to the NetClock To be absolutely certain that it is safe to remove power wait 60 seconds after the HALT command is issued before removing power The HALT command m...

Page 51: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 15 Figure 3 16 System Reboot Halt Screen 2 of 3 Figure 3 17 System Reboot Halt Screen 3 of 3...

Page 52: ...Issuing the HALT Command through the CLI From the CLI Figure 3 18 enter halt Figure 3 19 Entering reboot will reboot the system Figure 3 20 NOTE Wait 60 seconds after entering the HALT command before...

Page 53: ...g the System from the CLI 3 3 3 Issuing the HALT Command through SNMP The Reboot MIB location options in the NetClock Figure 3 21 are as follows HALT to shutdown NOTE Wait 60 seconds after shutting do...

Page 54: ...he table tfSystemObjsInfo The REBOOT option Figure 3 22 provides the choices of NO or YES for Reboot and Halt to initiate a shut down request Figure 3 22 Rebooting the Unit through SNMP To Reboot the...

Page 55: ...er Instruction Manual 3 19 Figure 3 23 Halting the Unit through SNMP Figure 3 24 Successful Halt The Set Successful Table box Figure 3 24 will display to indicate that the Halt request to shut down th...

Page 56: ...creens are accessible through the menu at the bottom of the screen which is displayed after a successful login These screens their functions and example configurations where applicable are presented i...

Page 57: ...provides greater accuracy and error checking than does SNTP NTP and SNTP can be used to synchronize the time on any computer equipment compatible with the Network Time Protocol This includes CISCO ro...

Page 58: ...ss at a user selected rate The rates available are included in the dropdown menu The NTP clients can use unicast broadcast or a combination of both to discover and synchronize with the NTP server The...

Page 59: ...gured as potential time references The maximum number of NTP servers used as time references allowed is 12 For best results more than 4 NTP time servers are recommended As few as 1 NTP time server may...

Page 60: ...ure 3 29 they will appear in the Trusted Sym Key ID dropdown menu NOTE Checking the Clear box in the NTP References grids will immediately remove a defined server from the list The dropdown menus for...

Page 61: ...he NetClock and any network client with which the NetClock is to communicate The maximum number of Key ID Key String pairs is 15 Only those keys for which the Trusted box has been checked will appear...

Page 62: ...passphrase readable ASCII no spaces and check Generate Certificate to generate a certificate in the text window at the bottom of the screen NOTE Generate Certificate must always be clicked to generat...

Page 63: ...k the Generate option under Autokey Groupkey to generate a certificate in the text window Cut and paste this text into the text window on the other unit s and click the Upload option to upload it Once...

Page 64: ...n NOTE The NTP Reference Status lines bear different colors for different codes Red is a reject the peer is discarded as unreachable Yellow is an outlyer the peer is discarded by the clustering algori...

Page 65: ...rface configuration to the factory default settings Figure 3 34 Interface Menu With optional ports installed the NetClock has two serial ports RS 232 ports and two remote output ports RS 485 ports tha...

Page 66: ...m the dropdown box The default is 9600 baud The Data Fomat is the format in which the date and time stamps are sent from the NetClock Several Data Formats are supported The default is Format 0 NOTE Da...

Page 67: ...tion Manual 3 31 Figure 3 36 Interface Remote Port 1 Screen Clicking the link to create and edit local systems clocks will display the Local System Clock screen Refer to the System configuration scree...

Page 68: ...dit or create system clocks The display font may also be changed and includes a custom font named Mark When you make a change to the front panel display configuration and click Submit the change in th...

Page 69: ...dow mounted antenna will have difficulties maintaining at least four satellites continuously the window mount antenna Model 8228 should not be used when disciplining of the 10 MHZ is desired The anten...

Page 70: ...to set the Interface values and the Interface values ONLY to the factory settings 3 4 4 Sysplex Timing The NetClock may be used as an external time source ETS to synchronize an IBM Sysplex Timer This...

Page 71: ...r Sysplex Timing The Sysplex Timer must be configured to use Protocol 2 NetClock 2 and connected to the NetClock Serial Comm 1 port via a 9 pin serial cable not included Older Sysplex Timers 9037 001...

Page 72: ...ms GPS System Time Local System Clocks System Mode Modem Configuration if the NetClock includes the modem option Reboot Holdover and Log Configuration NOTE Refer to Options for modem configuration and...

Page 73: ...one or more network devices SNMP enabled devices must have an SNMP agent application that is capable of handling network management functions requested by a network manager The agent is also responsib...

Page 74: ...ol FTP from the NetClock using an FTP agent such as Microsoft FTP CoreFTP or any other shareware freeware FTP program To obtain the MIB file via FTP using your FTP program log in as an administrator a...

Page 75: ...se are the only user defined Netclock Alarms Clicking the check box to the left of a particular user defined alarm will enable that alarm condition Each alarm condition may be set to exist for a speci...

Page 76: ...ted or a cable short or open is detected This is a Minor alarm 3 4 7 Configuring GPS The System GPS screen Figure 3 44 allows the user to configure the GPS receiver to provide more accurate results an...

Page 77: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 41 Figure 3 44 System GPS Screen...

Page 78: ...n read the current location of the unit calculated by the GPS receiver without logging in The GPS receiver will automatically update this field when it has a Position Fix Check the GPS Signal Status p...

Page 79: ...t the system time manually for test purposes or if there is no external time reference available Setting the system time when the NetClock is connected to an external time reference will result in the...

Page 80: ...al clocks or time zones to be used with any of the remote ports serial ports event timers or front panel displays Once defined these local clocks can be used by any interface and will cause that inter...

Page 81: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 45 Figure 3 47 Local System Clock Screen 2 of 4...

Page 82: ...Instruction Manual 3 46 Figure 3 48 Local System Clock Screen 3 of 4 Enter any name you wish for the Local Clock Name up to 20 characters long It can be any meaningful name that helps you know your po...

Page 83: ...nfigure to Unit s Physical Locality By selecting this option the unit will compute the Time Zone Offset automatically based on the location of the unit provided by GPS receiver If you select this feat...

Page 84: ...T rule always standard time Automatically configure to unit s physical locality Manually defined by region Manually defined by week and day Manually defined by month and day No DST Rule Always Standar...

Page 85: ...time end time and the hour to change for the daylight saving By selecting this option the DST rule could be defined based on the day and month of the local time defined for this Interface If you sele...

Page 86: ...he corresponding fields of the Change Amount section Review the changes made and click Submit The browser will display the status of the change The unit will allow you to define different Time Zone an...

Page 87: ...Mode screen Figure 3 50 The system supports two modes of operation These are single satellite mode and standard mode Use single satellite mode if you are using a window mount antenna and cannot recei...

Page 88: ...on and configuration settings To activate system modem or security options click the Activate Option box choose the option you wish to activate and enter the activation key provided by Spectracom befo...

Page 89: ...nterval between the loss of the primary external reference and the moment that the NetClock declares loss of time synchronization is known as holdover While the unit is in holdover mode the time outpu...

Page 90: ...n The NetClock has a user configurable variable holdover period so that it can be adjusted for personal requirements and desires A user can change the length of time that a unit waits in the holdover...

Page 91: ...the user sets the length below or above the limits or if the error is too small or large the NetClock will notify the user that this setting is outside its allowable parameters If the unit is current...

Page 92: ...n screen Figure 3 54 the user may configure remote Syslog servers with which the NetClock will communicate Facilities and severities are defined by the Syslog server and must be set up in the NetClock...

Page 93: ...remotely using the TIMER ALARM RELAYS connector on the rear panel This connector provides the common NO and NC contacts for three relays These relays can be connected to an alarm lamp horn or other in...

Page 94: ...ned Major Alarm Figure 3 56 Relay Output Screen The Event Timer Relay screen Figure 3 57 and the Relay Current Event Scheduler screen Figure 3 59 allow for the configuration of 128 events that can tur...

Page 95: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 59 Figure 3 57 Event Timer Relay Screen...

Page 96: ...Model 9289 Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 3 60 Figure 3 58 Edit View Event Timers...

Page 97: ...en it will occur The relay can be set to occur hourly daily weekly monthly and yearly Hourly The event will happen every hour at the minute second and millisecond that is specified within 100 millisec...

Page 98: ...Model 9289 Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 3 62 Figure 3 59 Relay Current Event Scheduler Screen...

Page 99: ...ration Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 63 Figure 3 60 Relay Reset ALL Event Timers Screen From the Reset ALL Event Timers screen Figure 3 60 the user may clear any s...

Page 100: ...er Instruction Manual 3 64 The Set Event Clock screen Figure 3 61 allows the user to select the local system clock that drives the event function The user may also access the create edit local system...

Page 101: ...selected relay by clicking Submit If the relays are not connected to external devices an audible clicking noise will emit from the NetClock This noise indicates the relays are responding to the test...

Page 102: ...63 From this menu the user may access screens to configure network security file transfers user accounts SNMP features LDAP features and RADIUS features Spectracom 9300 series products use OpenSSH and...

Page 103: ...er OpenSSH and OpenSSL provide industrial strength encryption allowing for secure remote administration via command line HTTPS web pages and secure file transfers The user is permitted to enable or di...

Page 104: ...may define the NetClock s host name The DNS servers are set automatically if using DHCP and manually if not using DHCP The same is true of the IP configuration Certain information that must be entered...

Page 105: ...ol The NetClock implements the server components of SSH SCP and SFTP For more information on OpenSSH refer to www openSSH org SSH uses Host Keys to uniquely identify each SSH server Host Keys are used...

Page 106: ...chooses to delete both the RSA and DSA keys SSH will not function In addition if SSH Host Keys are being generated at the time of deletion the key generation processes are stopped any keys created wi...

Page 107: ...ient system and accept the new Host Public Key Please consult your specific SSH client s software s documentation The SSH client utilities SSH SCP and SFTP allow for several modes of user authenticati...

Page 108: ...only account password authentication The user should place the new public key s file in the ssh directory Secure shell sessions using an SSH client can be performed using the admin or a user defined a...

Page 109: ...2 Perform an SCP file transfer from the device using Public Key with Passphrase authentication scp i id_rsa scp 10 10 200 5 ssh Enter passphrase for key id_rsa mysecretpassphrase publickeys 100 5 00...

Page 110: ...nd instructions regarding their use can be found at HTTP www chiark greenend org uk sgtatham putty 3 4 15 4 Configuring HTTPS The OpenSSL library provides the encryption algorithms used for secure HTT...

Page 111: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 75 Figure 3 68 Security HTTPS Screen 1 of 2...

Page 112: ...en 2 of 2 Each Spectracom secure product comes with a default Spectracom self signed certificate which will outlast the product warranty The typical expiration of the certificate is about 10 years HTT...

Page 113: ...er should choose the fields based on the company s security policy Note that it can take several minutes for the certificate request the private key and self signed certificate are created The larger...

Page 114: ...signed certificate is overwritten with the specified file name In both cases the secure Spectracom product s web server loads this new self signed certificate and private key after the user selects a...

Page 115: ...es the certificate the certificate and private keys and deletes the Host Keys or forgets the Passphrase access to the secure Spectracom product can become denied To restore access to your system you m...

Page 116: ...P Network Time Provider Instruction Manual 3 80 From the Security User Account screen Figure 3 70 the user may create and assign privileges to up to 16 local users Click Create New and Submit to creat...

Page 117: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 81 Figure 3 71 Security User Account Screen Assigning Privileges...

Page 118: ...1 of 3 3 4 18 Configuring SNMP v1 v2 and v3 From the SNMP Security screen Figure 3 72 the user can define the network locations hostnames and protocols used in communicating with SNMP v1 v2 and v3 use...

Page 119: ...poration Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 83 Figure 3 73 SNMP Security Screen 2 of 3 NOTE When selecting an engine ID for SNMPv3 pick an arbitrary hexadecimal number...

Page 120: ...Model 9289 Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 3 84 Figure 3 74 SNMP Security Screen 3 of 3...

Page 121: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 85 Figure 3 75 Security LDAP General Screen...

Page 122: ...dministrator if you are not sure and choose the types of services allowed to request authentication from the LDAP server Figure 3 76 Security LDAP Client Configuration Screen 1 of 2 From the LDAP Clie...

Page 123: ...server If SSL is checked text sent to the LDAP server is encrypted A sample configuration for an OpenLDAP server would be as follows DN for search base dc spectracomcorp dc com Bind DN cn manager dc...

Page 124: ...sers dc test dc spectracomcorp dc com Bind password test Search filter objectclass User Login attribute sAMAccountName DN for password ou users dc test dc spectracomcorp dc com one Group DN cn enginee...

Page 125: ...ity RADIUS Client Configuration Screen From the Security RADIUS Client Configuration screen Figure 3 79 the user identifies the addresses of the network s RADIUS servers From this screen the user also...

Page 126: ...traditional Virtual Private Network VPN in which the tunnel creates a secure path across a distrusted Internet connection The NetClock supports Transport mode ONLY 3 4 20 3 MD5 vs SHA 1 vs DES vs 3DES...

Page 127: ...IKE SA To establish an IPSec connection between the Spectracom Netclock and an IPv4 addressed host A using IKE SA configuration we must first configure the IPSec IKE to communicate with host A To do...

Page 128: ...Configuration Exchange Mode defines the mode for Phase 1 when the IKE daemon is the initiator You may select all three options meaning the NetClock supports Main Aggressive and Base exchange modes or...

Page 129: ...to the location specified in the Using Preshared key located in field NOTE After the file is uploaded its file privileges will be changed automatically to deny unauthorized users access to the preshar...

Page 130: ...or NULL as desired or as required by your network administrator Authentication Algorithm defines another algorithm used for Phase 2 Select HMAC SHA1 or HMAC MD5 as desired or required Compression Alg...

Page 131: ...list Select Both for the Direction which means IPSec security protection is required for both incoming and outgoing packets Security protection may also be applied to incoming packets only or to outg...

Page 132: ...ult or Unique Default means the kernel consults the system wide default for the protocol specified Use means the kernel uses an SA if it is available while the kernel keeps normal operation otherwise...

Page 133: ...an IPSec connection between the NetClcok and an IPv6 addressed host B using manual SA configuration refer to the IPSec Manual SA Configuration screen Figure 3 83 3 4 20 7 1Manual Security Associations...

Page 134: ...the 0x prefix Enter the desired values manually NOTE SPI values between 0 and 255 are reserved and cannot be used at this time Make sure to check the AH or ESP boxes for the key configurations used If...

Page 135: ...curity policy from the IPSec General screen Figure 3 85 NOTE The manual SA values must be configured BEFORE the manual SA option is enabled from the IPSec General screen Figure 3 85 If the feature is...

Page 136: ...ion may also be applied to incoming packets only or to outgoing packets only from the drop down list Select Ipsec to use IPSec as the security policy You may also select None or Discard Selecting None...

Page 137: ...n view system logs and monitor that status of the NetClock s GPS signal The user may also view system and NTP statuses from this menu NOTE The times indicated in all log entries are UTC no correction...

Page 138: ...om Corporation NetClock NTP Network Time Provider Instruction Manual 3 102 Figure 3 87 Alarm Log Screen The Alarm Log Figure 3 87 is a running list of the alarms with descriptive information experienc...

Page 139: ...tion Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 103 Figure 3 88 Authorization Log Screen The Authorization Log Figure 3 88 is a running list of authenticated users who have acc...

Page 140: ...Model 9289 Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 3 104 Figure 3 89 Event Log Screen The Event Log Figure 3 89 is a running list of the event timer relay activity...

Page 141: ...ion Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 105 Figure 3 90 GPS Qualification Log Screen The GPS Qualification Log Figure 3 90 is a running list of the NetClock s GPS satell...

Page 142: ...tClock NTP Network Time Provider Instruction Manual 3 106 Figure 3 91 Journal Log Screen Whenever a user changes the NetClock s configuration the change who performed it and what the change was is rec...

Page 143: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 3 107 Figure 3 92 NTP Log Screen The NTP Log Figure 3 92 is a running list of NTP activity on the NetClock...

Page 144: ...Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 3 108 Figure 3 93 IKE Log Screen The IKE Log Figure 3 93 is useful for troubleshooting the status of the IPSec IKE SA conf...

Page 145: ...el 9289 NetClock NTP Network Time Provider Instruction Manual 3 109 Figure 3 94 Operational Log Screen The Operational Log Figure 3 94 is a running list of NetClock operations such as system updates a...

Page 146: ...tion Manual 3 110 Figure 3 95 System Log Screen The System Log Figure 3 95 is a running list of system information and status messages that may be used by factory personnel for troubleshooting This lo...

Page 147: ...Network Time Provider Instruction Manual 3 111 Figure 3 96 Update Log Screen The Update Log Figure 3 96 is a running list of software updates performed on the NetClock Software updates are performed...

Page 148: ...rformance during installation and later troubleshooting The page describes the number of satellites being tracked and will indicate that the NetClock is acquiring if it is still searching for qualifie...

Page 149: ...h the circuit which may be due to a disconnected antenna a severed antenna cable or a damaged antenna The receiver will attempt to continue the normal acquisition and tracking process regardless of th...

Page 150: ...the receiver signal NOTE The NTP Status screen is discussed in the Configuring NTP section of this manual Figure 3 98 System Status Screen 1 of 2 The System Status screen Figure 3 98 consists of four...

Page 151: ...en powered up for the internal temperature of the unit the status of the major and minor alarms the current time synchronization status and the current external reference identifier Time Source The ti...

Page 152: ...enna Sense is a current status of the antenna antenna cable and the GPS receiver If the antenna cable is currently not connected shorted or open and or if there is a problem with the GPS receiver or a...

Page 153: ...em option Option 03 we will provide a key hash that will enable the feature to be turned on Please contact our Sales department to purchase the option The purchase price of the modem option includes t...

Page 154: ...Model 9289 Spectracom Corporation NetClock NTP Network Time Provider Instruction Manual 3 118...

Page 155: ...zed or not synchronized Sync LED The power light will be blank if power is not applied or green if power is applied The Sync light has many states to indicate the current status of the unit The Ethern...

Page 156: ...ly ready to receive satellite data Flashing Red GPS antenna fault This flash may occur over any of the other color conditions at runtime Red On Unit fault Time may not be valid Overrides all other ind...

Page 157: ...Up to two RS 485 connectors RS 485 Ports 1 and 2 provide an RS 485 data output for synchronizing devices that accept an RS 485 input such as wall display clocks and add on Model 9288 Ethernet Time Ser...

Page 158: ...a test of the emergency evacuation horns on May 9th 2007 from 10 00 AM to 10 05 AM The event timer is configured using the Web UI Relays are configurable as events or alarm outputs Refer to the appro...

Page 159: ...modem dial out call the call service indicates that a Leap second adjustment at the end of this current calendar month will occur 4 3 2 Leap Second Alert Notification The NetClock will announce a pend...

Page 160: ...to apply the Leap second at UTC midnight Not local time midnight The Local time at which the adjustment is made will depend on which Time Zone you are located in A Sequence of seconds output when add...

Page 161: ...Hours 00 23 Colon separator MM Minutes 00 59 SS Seconds 00 60 D Daylight Saving Time indicator S I D O TZ Time Zone XX Time Zone offset 00 23 The leading edge of the first character CR marks the on ti...

Page 162: ...D THU FRI SAT DD Numerical Day of Month 1 31 MMM Month JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC YY Year without century 99 00 01 etc HH Hours 00 23 Colon separator MM Minutes 00 59 SS Seconds 0...

Page 163: ...ge Data Format 1 output on a Remote RS 485 port to a leading 0 type rem mod rem 1 2 1 zero enter Where 1 or 2 is the desired Remote port number To change Data Format 1 output on a Serial port back to...

Page 164: ...the output data stream When the receiver is unable to track any GPS satellites a timer is started Table 6 2 Table of Quality Indicators lists the quality indicators and the corresponding error estima...

Page 165: ...c Status Space space separator YYYY Year 1999 2000 2001 etc MM Month Number 01 12 DD Day of the Month 01 31 HH Hours 00 23 MM Minutes 00 59 SS Seconds 00 60 Positive or Negative UTC offset Time Differ...

Page 166: ...receding the change out of DST The leap second indicator L is defined as Space When a leap second correction is not scheduled at the end of the month L When a leap second correction is scheduled at th...

Page 167: ...ks the on time point of the data stream The time synchronization status character I is defined as Space Whenever the front panel time synchronization lamp is green When the receiver is unable to track...

Page 168: ...00 59 SS Seconds 00 60 Decimal Separator SSS Milliseconds 000 999 L Leap Second Indicator space L D Daylight Saving Time Indicator S I D O The leading edge of the first character CR marks the on time...

Page 169: ...hown below CR LF I YYYY DDD HH MM SS D XX CR LF or CR LF I YYYY DDD HH MM SS D XX CR LF where CR Carriage Return LF Line Feed I Time Sync Status space YYYY Four digit year indication space separator D...

Page 170: ...degress 000 180 mm mmmm minutes 00 0000 59 9999 e direction E East W West Q Quality Indicator 0 No 3D fix 1 3D fix SS Number of satellites tracked 0 8 YY Y Dilution of precision 00 0 99 9 AAAAA a M An...

Page 171: ...ic command for example help time or help option and then pressing the enter key displays detailed information about the command NOTE Commands typed at the CLI are case sensitive All terms and commands...

Page 172: ...d to access and manage the log system USAGE log COMMAND OBJECT HANDLE COMMAND show Shows the contents of a log get Gets the record HANDLE from a log OBJECT j Journal log a Alarm log g GPS qualificatio...

Page 173: ...or the local clock dst Assigns a new daylight saving rule to the clock 6 6 net The command net is used to configure the network interface The net command consists of a set of subcommands that are used...

Page 174: ...n help ser The ser group of commands are used to setup serial ports RS 232 USAGE ser COMMAND SERIAL Arguments COMMAND disp Displays the current serial port settings all Configures all settings of a se...

Page 175: ...ith the capability to use a modem to dial out via an analog phone line for time retrieval if GPS reception is either lost or cannot be obtained due to site limitations The modem can be configured in t...

Page 176: ...serial setup port will operate Two options are available Console mode and Client mode The screen and the menu available at the left of the screen vary depending on the mode Console Mode In this mode...

Page 177: ...Spectracom Corporation Model 9289 NetClock NTP Network Time Provider Instruction Manual 7 3 Figure 7 1 System Modem Configuration Screen Console Mode...

Page 178: ...cating a short or open in the antenna cable and SNMP traps associated with the GPS reference input will be fully enabled By contrast when Primary Time Source is selected the antenna problem alarm and...

Page 179: ...ngs if the unit is currently out of sync When a unit is configured in client mode while it is in time sync the Dialout now checkbox will be greyed out disabled 7 1 4 ACTS Server Mode The ACTS Server f...

Page 180: ...er uses this information to notify the modem client of a pending leap second It does so through time messages sent to the modem client Daylight Saving Time This field is used to specify the month and...

Page 181: ...ng The ACTS Server Statistics screen Figure 7 5 accessible using the left hand menu provides all data for the current day and the previous day For each day it shows the number of attempted and complet...

Page 182: ...6 helps the user monitor the behavior of the ACTS server daemon including when it is started when it is stopped and how it is configured The log records information about each time message it sends to...

Page 183: ...Log 7 1 5 Modem Dial Out Setup The modem dial out feature is used as either a Secondary Backup time reference when all other external time references become unavailable or can also be used as a primar...

Page 184: ...l out to obtain time Try Calling This field specifies how many times the dial out modem software will try to connect to the selected phone number Setting this field s value to 0 will generate a warnin...

Page 185: ...is scheduled for a dial out and time synchronization will be lost Boot This field specifies how long the modem software will wait after being powered up to check the unit s time synchronization status...

Page 186: ...nal reference this period can be lengthened to longer than the typical amount of time needed to synchronize to the external reference The System Modem Calibrate screen Figure 7 9 is used to calibrate...

Page 187: ...of day the modem is most likely to be used for time synchronization such as for primary mode of operation Calibrate Status The status of calibration is displayed at the top of the screen If the calib...

Page 188: ...more calls that are made the more accurate the calculation will be This should not be lowered from the default but it may be safely raised Calibration Call Interval This is the interval between calibr...

Page 189: ...s well as user input Calibration calls happen upon a user request Time verification calls happen on a user specified interval if holdover is entered from time synchronization with another source Time...

Page 190: ...he holdover timer reset In addition if a leap second is to be inserted at the end of the month then the clock will be scheduled to do so Time synchronization calls will be made once the unit has gone...

Page 191: ...ng the status of the front panel sync lamp flashing green after connection to NIST and verifying the Model dial out logs The Modem Dialout Log Figure 7 11 is a running list of the NetClock s modem act...

Page 192: ...character what it is when it is received and the advance time included in the message If the sync lamp is also flashing red this is because the GPS antenna is disconnected from the NetClock This is n...

Page 193: ...and 38 Damon Hart Davis d hd org ARCRON MSF clock driver 35 39 Rainer Pruy Rainer Pruy informatik uni erlangen de monitoring trap scripts statistics file handling 36 40 Dirce Richards dirce zk3 dec co...

Page 194: ...e credit is given to the author and the OpenBSD project by leaving this copyright notice intact 5 The Rijndael implementation by Vincent Rijmen Antoon Bosselaers and Paulo Barreto is in the public dom...

Page 195: ...as such any Copyright notices in the code are not to be removed If this package is used in a product Eric Young should be given attribution as the author of the parts of the library used This can be i...

Page 196: ...tions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither t...

Page 197: ...e references to SSH1 protocol which is not supported Added Sysplex Timing section before Configuring the Interface SNMP Updated Option 03 Modem section to include ACTS Server mode Updated System Log C...

Page 198: ...Spectracom Corporation 95 Methodist Hill Drive Rochester NY 14623 www spectracomcorp com Phone US 1 585 321 5800 Fax US 1 585 321 5219...

Reviews:

No comments

Related manuals for 9289

LEXIBOOK Automatic Travel RL705 Instruction Manual preview
Automatic Travel RL705
Brand: LEXIBOOK Pages: 22
La Crosse Technology WS-8001UM Instruction Manual preview
WS-8001UM
Brand: La Crosse Technology Pages: 13
Karma DAY BREAK RA 5015 Instruction Manual preview
DAY BREAK RA 5015
Brand: Karma Pages: 12
LA CROSSE CLOCK 404-3045B Manual preview
404-3045B
Brand: LA CROSSE CLOCK Pages: 2
Radio Shack Compact AM/FM Owner'S M Operation And Instruction Manual preview
Compact AM/FM
Brand: Radio Shack Pages: 12
BRG Precision Products WF12LCDA User Manual preview
WF12LCDA
Brand: BRG Precision Products Pages: 4
Somogyi Home OC 02 Instruction Manual preview
Home OC 02
Brand: Somogyi Pages: 11
Datexx DESK PILOT II DF-551 Operation Manual preview
DESK PILOT II DF-551
Brand: Datexx Pages: 4
Datexx EXACTIME DRC-608 User Manual preview
EXACTIME DRC-608
Brand: Datexx Pages: 5
RCA RP5440 Specification Sheet preview
RP5440
Brand: RCA Pages: 2
Renkforce W784P-NP Operating Instructions preview
W784P-NP
Brand: Renkforce Pages: 4
Eurochron EFW 9000 Operating Instructions Manual preview
EFW 9000
Brand: Eurochron Pages: 8
Johnson SVR120 Instructions For Use Manual preview
SVR120
Brand: Johnson Pages: 12
La Crosse W88631 Instruction Manual preview
W88631
Brand: La Crosse Pages: 6
Electrohome CR61 User Manual preview
CR61
Brand: Electrohome Pages: 24
Ambient Weather RC-8401 User Manual preview
RC-8401
Brand: Ambient Weather Pages: 21
Konig HAV-WKL10 Manual preview
HAV-WKL10
Brand: Konig Pages: 30
Dakota Digital CLK-1002B Manual preview
CLK-1002B
Brand: Dakota Digital Pages: 4

Brands by name

Popular brands

Load more brands