opengear ACM7000 Remote Site Gateway
Tlhahisoleseding ya Sehlahiswa
Litlhaloso:
- Sehlahisoa: ACM7000 Remote Site Gateway
- Mohlala: ACM7000-L Tsela ea ho Resilience
- Tsamaiso ea Tsamaiso: Mookameli oa Motheo oa IM7200
- Li-server tsa Console: CM7100
- Mofuta: 5.0 - 2023-12
Litaelo tsa Tšebeliso ea Sehlahisoa
Mehato ea Tšireletso:
Se ke oa hokela kapa oa hakolla seva sa console nakong ea sefefo sa motlakase. Kamehla sebelisa suppressor kapa UPS ho sireletsa lisebelisoa ho tloha ho nako e telele.
Tlhokomeliso ea FCC:
Sesebelisoa sena se lumellana le Karolo ea 15 ea melao ea FCC. Ts'ebetso ea sesebelisoa sena e ipapisitse le maemo a latelang: (1) Sesebelisoa sena se kanna sa se ke sa baka tšitiso e kotsi, mme (2) sesebelisoa sena se tlameha ho amohela tšitiso efe kapa efe e ka bakang ts'ebetso e sa batleheng.
FAQs
- P: Na nka sebelisa ACM7000 Remote Site Gateway nakong ea sefefo sa motlakase?
- A: Che, ho eletsoa hore u se ke ua kopanya kapa ua khaola seva sa console nakong ea sefefo sa motlakase ho thibela tšenyo.
- P: Ke mofuta ofe oa melao ea FCC eo sesebelisoa se lumellanang le eona?
- A: Sesebelisoa se lumellana le Karolo ea 15 ea melao ea FCC.
Bukana ea Mosebelisi
ACM7000 Remote Site Gateway ACM7000-L Resilience Gateway IM7200 Infrastructure Manager CM7100 Console Servers
Mofuta oa 5.0 - 2023-12
Polokeho
Latela mehato ea tšireletso e ka tlase ha u kenya le ho sebelisa seva sa console: · U se ke ua tlosa likoahelo tsa tšepe. Ha ho na likarolo tse ka sebelisoang ke opareitara kahare. Ho bula kapa ho tlosa sekoahelo ho ka u pepesetsa voltage e ka bakang mollo kapa tshoso ya motlakase. Fetisetsa litšebeletso tsohle ho basebetsi ba tšoanelehang ba Opengear. · Ho qoba ho tsosoa ke motlakase, khoele ea motlakase e sireletsang fatše e tlameha ho hokelloa fatše. • Hula polaka ka linako tsohle, eseng thapo, ha u khaola thapo ea motlakase soketeng.
Se ke oa hokela kapa oa hakolla seva sa console nakong ea sefefo sa motlakase. Hape sebelisa suppressor kapa UPS ho sireletsa lisebelisoa ho tloha nakoana.
Phatlalatso ea Tlhokomeliso ea FCC
Sesebelisoa sena se lumellana le Karolo ea 15 ea melao ea FCC. Ts'ebetso ea sesebelisoa sena e ipapisitse le tse latelang
maemo: (1) Sesebelisoa sena se ka 'na sa se ke sa baka tšitiso e kotsi,' me (2) sesebelisoa sena se tlameha ho amohela tšitiso leha e le efe e ka bakang ts'ebetso e sa batleheng.
Lits'ebetso tse nepahetseng tsa li-backups le lisebelisoa tse hlokahalang tsa polokeho li lokela ho sebelisoa ho itšireletsa khahlanong le kotsi, lefu kapa tšenyo ea thepa ka lebaka la ho hloleha ha sistimi. Tšireletso e joalo ke boikarabelo ba mosebedisi. Sesebelisoa sena sa seva sa khomphutha ha sea lumelloa ho sebelisoa e le ts'ehetso ea bophelo kapa sistimi ea bongaka. Liphetoho leha e le life kapa liphetoho tse entsoeng ho sesebediswa sena sa seva sa khomphutha ntle le tumello e hlakileng kapa tumello ea Opengear li tla hlakola Opengear molato leha e le ofe kapa boikarabello ba kotsi kapa tahlehelo e bakoang ke ho se sebetse hantle. Thepa ena ke ea ts'ebeliso ea kahare mme likhoele tsohle tsa puisano li lekanyelitsoe ka hare ho moaho.
2
Bukana ea Mosebelisi
Copyright
©Opengear Inc. 2023. Litokelo Tsohle Li Sirelelitsoe. Tlhahisoleseding e tokomaneng ena e ka fetoha ntle le tsebiso mme ha e emele boitlamo ho lehlakoreng la Opengear. Opengear e fana ka tokomane ena “joalokaha e le,” ntle le tiisetso ea mofuta ofe kapa ofe, e hlahisoang kapa e ka hlalosoang, ho kenyeletsoa, empa ho sa felle feela, litiisetso tsa ho sebetsa hantle kapa khoebo bakeng sa morero o itseng. Opengear e ka etsa lintlafatso le/kapa liphetoho bukeng ena kapa ho(li)hlahiswa le/kapa mananeo a hlalositsweng bukeng ena ka nako efe kapa efe. Sehlahisoa sena se ka kenyelletsa liphoso tsa tekheniki kapa liphoso tsa mongolo. Liphetoho li etsoa nako le nako ho boitsebiso bo mona; liphetoho tsena li ka kenyelletsoa likhatisong tse ncha tsa khatiso.\
Khaolo ea 1
Bukana ena
MOEKETSI ENA
Bukana ena ea Mosebelisi e hlalosa ho kenya, ho sebetsa, le ho laola li-server tsa Opengear console. Bukana ena e nka hore u tloaelane le Marang-rang le marang-rang a IP, HTTP, FTP, ts'ebetso ea ts'ireletso ea mantlha, le marang-rang a kahare a mokhatlo oa hau.
1.1 Mefuta ea basebelisi
Seva ea console e tšehetsa lihlopha tse peli tsa basebelisi:
· Batsamaisi ba nang le litokelo tse sa lekanyetsoang tsa tlhophiso le taolo holim'a console
seva le lisebelisoa tse hokahaneng hammoho le lits'ebeletso tsohle le likou ho laola lisebelisoa tsohle tse hokahaneng le lisebelisoa tse hokahantsoeng tsa marang-rang (baamoheli). Batsamaisi ba thehiloe joalo ka litho tsa sehlopha sa basebelisi ba admin. Motsamaisi a ka khona ho fihlella le ho laola seva sa khomphutha a sebelisa sesebelisoa sa config, mola oa taelo oa Linux kapa Console-based Management Console.
· Basebelisi ba hlophisitsoeng ke molaoli ba nang le meeli ea phihlello le taolo ea bona.
Basebelisi ba na le moeli view ea Management Console mme e ka fihlella lisebelisoa tse hlophisitsoeng tse lumelletsoeng feela le hapeview likoung tsa likepe. Basebelisi bana ba hlophisitsoe e le litho tsa sehlopha se le seng kapa tse ngata tse lokiselitsoeng esale pele tse kang PPTPD, dialin, FTP, pmshell, basebelisi, kapa lihlopha tsa basebelisi tseo molaoli a ka li entseng. Ba lumelletsoe feela ho etsa taolo e boletsoeng ho lisebelisoa tse itseng tse hokahaneng. Basebelisi, ha ba lumelletsoe, ba khona ho fihlella le ho laola lisebelisoa tsa serial kapa tsa marang-rang tse hoketsoeng ba sebelisa lits'ebeletso tse boletsoeng (mohlala, Telnet, HHTPS, RDP, IPMI, Serial over LAN, Power Control). Basebelisi ba hole ke basebelisi ba seng karolong e le 'ngoe ea LAN le seva sa console. Mosebelisi ea hole a ka ba tseleng a hokela lisebelisoa tse laoloang marang-rang a sechaba, molaoli ofising e 'ngoe e hokelang seva ea khokahanyo holim'a VPN ea khoebo, kapa ka phapusing e le 'ngoe kapa ofising e le' ngoe empa e hokahane le VLAN e arohaneng le console. seva.
1.2 Console ea Tsamaiso
Opengear Management Console e u lumella ho hlophisa le ho beha leihlo likarolo tsa seva sa hau sa Ongear console. Management Console e sebetsa ka har'a sebatli mme e fana ka a view ea seva sa console le lisebelisoa tsohle tse hokahaneng. Batsamaisi ba ka sebelisa Console ea Tsamaiso ho lokisa le ho laola li-server tsa khomphutha, basebelisi, boema-kepe, baamoheli, lisebelisoa tsa motlakase, le litlaleho tse amanang le tsona. Basebelisi bao e seng batsamaisi ba ka sebelisa Management Console ka phihlello e fokolang ea menyetla ho laola lisebelisoa tse khethiloeng, review likutu tsa bona, 'me u li fihlele u sebelisa tse hahelletsoeng Web Theminale.
Seva ea console e tsamaisa sistimi e kenelletseng ea Linux, 'me e ka hlophisoa moleng oa taelo. U ka fumana phihlello ea mohala oa taelo ka cellular / dial-in, ka ho hokela ka kotloloho ho serial console / modem port ea seva, kapa ka ho sebelisa SSH kapa Telnet ho hokela seva sa console holim'a LAN (kapa ho hokela le PPTP, IPsec kapa OpenVPN) .
6
Bukana ea Mosebelisi
Bakeng sa litaelo tsa mola oa taelo (CLI) le litaelo tse tsoetseng pele, khoasolla Opengear CLI le Scripting Reference.pdf ho https://ftp.opengear.com/download/documentation/manual/previous%20versions%20archived/
1.3 Lintlha tse ling
Ho fumana lintlha tse ling, ikopanye le: · Opengear Products Web Sebaka: Bona https://opengear.com/products. Ho fumana tlhaiso-leseling ea morao-rao mabapi le se kenyellelitsoeng ho seva sa hau sa khomphutha, etela karolo ea Seo se kenyellelitsoeng sehlahisoa sa hau. · Tataiso ea ho Qala ka Potlako: Ho fumana Tataiso ea ho Qala ka Potlako bakeng sa sesebelisoa sa hau bona https://opengear.com/support/documentation/. · Opengear Tsebo Base: Etela https://opengear.zendesk.com ho fumana lingoloa tsa tekheniki, malebela a theknoloji, Lipotso-potso, le litsebiso tsa bohlokoa. · Opengear CLI le Scripting Reference: https://ftp.opengear.com/download/documentation/manual/current/IM_ACM_and_CM710 0/Opengear%20CLI%20and%20Scripting%20Reference.pdf
7
Khaolo ea 2:
Tlhophiso ea Sistimi
TIISETSO MOKHATLO
Khaolo ena e fana ka litaelo tsa mohato ka mohato bakeng sa tlhophiso ea pele ea seva sa hau sa console le ho se hokahanya le LAN ea Tsamaiso kapa ea Ts'ebetso. Mehato ke:
Kenya tšebetsong Console ea Tsamaiso. Fetola password ea motsamaisi. Beha boema-kepe ba mantlha ba LAN ea seva ea aterese ea IP. Khetha litšebeletso tse tla lumelloa le ho fihlella litokelo. Khaolo ena e boetse e bua ka lisebelisoa tsa software tsa puisano tseo mookameli a ka li sebelisang ho fihlella seva sa console, le ho hlophisoa ha likou tse eketsehileng tsa LAN.
2.1 Khokahano ea Console ea Tsamaiso
Seva ea hau ea console e tla e hlophisitsoe ka aterese ea IP ea kamehla 192.168.0.1 le subnet mask 255.255.255.0 bakeng sa NET1 (WAN). Bakeng sa tlhophiso ea pele, re khothaletsa hore o hokele komporo ka kotloloho ho khomphutha. Haeba u khetha ho hokela LAN ea hau pele u phethela mehato ea pele ea ho seta, etsa bonnete ba hore:
· Ha ho lisebelisoa tse ling ho LAN tse nang le aterese ea 192.168.0.1. · Seva ea console le komporo li karolong e le 'ngoe ea LAN, ha ho na router e kentsoeng
lisebelisoa.
2.1.1 Ho hlophisoa komporo e hokahantsoeng Ho lokisa seva ea khomphutha ka sebatli, komporo e hoketsoeng e lokela ho ba le aterese ea IP e boemong bo lekanang le ba seva ea khomphutha (bakeng sa mohlala.ample, 192.168.0.100):
· Ho lokisa Aterese ea IP ea komporo ea hau ea Linux kapa Unix, tsamaisa ifconfig. · Bakeng sa li-PC tsa Windows:
1. Tobetsa Qala > Litlhophiso > Paneli ea Taolo 'me u tobetse habeli Lihokelo tsa Marang-rang. 2. Tobetsa ka ho le letona ho Khokahano ea Sebaka sa Lehae ebe u khetha Properties. 3. Khetha Internet Protocol (TCP/IP) ebe o tobetsa Properties. 4. Khetha Sebelisa aterese e latelang ea IP ebe u kenya lintlha tse latelang:
o Aterese ea IP: 192.168.0.100 o Subnet mask: 255.255.255.0 5. Haeba u batla ho boloka litlhophiso tsa hau tse teng tsa IP bakeng sa khokahano ena ea marang-rang, tobetsa E tsoetseng pele 'me Eketsa tse ka holimo e le khokahanyo ea bobeli ea IP.
2.1.2 Khokelo ea sebatli
Bula sebatli ho PC e hokahaneng / setsing sa mosebetsi ebe u kenya https://192.168.0.1.
Kena ka:
Username> motso Password> kamehla
8
Bukana ea Mosebelisi
Lekhetlo la pele ha u kena, u tlameha ho fetola password ea motso. Tobetsa Romela.
Ho phethela phetoho, kenya phasewete e ncha hape. Tobetsa Romela. Ho hlaha skrine sa Welcome.
Haeba tsamaiso ea hau e na le modem ea cellular u tla fuoa mehato ea ho lokisa likarolo tsa router ea cellular: · Lokisa khokahano ea modem ea cellular (System> Dial page. Sheba Khaolo ea 4) · Lumella ho fetisetsa marang-rang a marang-rang (Sistimi> Leqephe la Firewall. Sheba Khaolo ea 4) · Numella IP ho ikhakanya bakeng sa khokahanyo ea cellular (Sistimi > Leqephe la Firewall. Sheba Khaolo ea 4)
Ka mor'a ho qeta mehato e 'ngoe le e' ngoe e ka holimo, u ka khutlela lethathamong la litlhophiso ka ho tobetsa letšoao la Opengear k'honeng e kaholimo ho le letšehali skrineng. ELA HLOKO Haeba o sa khone ho hokahana le Management Console ho 192.168.0.1 kapa haeba e le ea kamehla.
Username / Password ha e amoheloe, tsosolosa seva sa hau sa console (Sheba Khaolo ea 10).
9
Khaolo ea 2: Tlhophiso ea Tsamaiso
2.2 Seta Mookameli
2.2.1 Fetola password ea motso oa kamehla O tlameha ho fetola senotlolo sa motso ha o qala ho kena sesebelisoa. U ka fetola senotlolo sena ka nako efe kapa efe.
1. Tobetsa Serial & Network > Basebedisi & Lihlopha kapa, skrineng sa Kamohelo, tobetsa Fetola password ea kamehla ea tsamaiso.
2. Tsamaisetsa tlase 'me u fumane motso oa mosebedisi tlas'a Users ebe o tobetsa Edit. 3. Kenya phasewete e ncha maemong a Password le Netefatsa.
HLOKOMELA Ho hlahloba Boloka Lekunutu ho pholletsa le li-firmware tsa ho hlakola ho boloka phasewete hore e se hlakole ha firmware e seta bocha. Haeba phasewete ena e lahlehile, sesebelisoa se tla hloka ho khutlisoa firmware.
4. Tobetsa Etsa kopo. Kena ka password e ncha 2.2.2 Theha motsamaisi e mocha Etsa mosebelisi e mocha ea nang le litokelo tsa tsamaiso 'me u kene u le mosebedisi bakeng sa mesebetsi ea tsamaiso, ho e-na le ho sebelisa motso.
10
Bukana ea Mosebelisi
1. Tobetsa Serial & Network > Basebedisi & Lihlopha. Tsamaisetsa tlase ho leqephe ebe o tobetsa konopo ea Add User.
2. Kenya Username. 3. Karolong ea Lihlopha, hlahloba lebokose la admin. 4. Kenya phasewete ho Diphasewete mme o netefatse dikarolo.
5. U ka boela ua eketsa Linotlolo tse Authorized SSH 'me u khethe ho Thibela Tiiso ea Phasewete bakeng sa mosebelisi enoa.
6. Dikgetho tse ding bakeng sa mosebedisi enwa di ka setwa leqepheng lena ho kenyeletswa Dial-in Options, Access Hosts, Accessable Ports, le Accessible RPC Outlets.
7. Tobetsa konopo ea Etsa kopo tlase skrineng ho theha mosebelisi enoa e mocha.
11
Khaolo ea 2: Tlhophiso ea Tsamaiso
2.2.3 Eketsa Lebitso la Tsamaiso, Tlhaloso ea Tsamaiso, le MOTD. 1. Kgetha Sistimi > Tsamaiso. 2. Kenya Lebitso la Tsamaiso le Tlhaloso ea Tsamaiso bakeng sa seva sa console ho fana ka ID e ikhethang le ho etsa hore ho be bonolo ho e tseba. System Name e ka ba le litlhaku tse 1 ho isa ho tse 64 tsa alphanumeric le litlhaku tse khethehileng tse underscore (_), tlosa (-), le nako (.). Tlhaloso ea Sistimi e ka ba le litlhaku tse fihlang ho 254.
3. MOTD Banner e ka sebelisoa ho hlahisa molaetsa oa temana ea letsatsi ho basebelisi. E hlaha ka holimo ka letsohong le letšehali la skrine ka tlase ho letšoao la Opengear.
4. Tobetsa Etsa kopo.
12
Khaolo ea 2: Tlhophiso ea Tsamaiso
5. Kgetha Sistimi > Tsamaiso. 6. MOTD Banner e ka sebelisoa ho hlahisa molaetsa oa temana ea letsatsi ho basebelisi. E hlaha ho
ka holimo ka letsohong le letšehali la skrine ka tlase ho letšoao la Opengear. 7. Tobetsa Etsa kopo.
Tlhophiso ea marang-rang ea 2.3
Kenya aterese ea IP bakeng sa boema-kepe ba Ethernet (LAN/Network/Network1) ho sebara ea khomphutha kapa u lumelle hore moreki oa eona oa DHCP a iphumanele aterese ea IP ho tsoa ho seva sa DHCP. Ka nako e sa lekanyetsoang, seva sa khomphutha se na le sebatli sa DHCP se lumelletsoeng 'me se amohela ka bohona aterese efe kapa efe ea marang-rang ea IP e fanoeng ke DHCP marang-rang a hau. Boemong bona ba pele, seva sa khomphutha se tla arabela ho aterese ea eona ea kamehla ea Static 192.168.0.1 le aterese ea eona ea DHCP.
1. Tobetsa System > IP ebe o tobetsa konopo ea Network Interface. 2. Khetha DHCP kapa Static bakeng sa Mokhoa oa Tlhophiso.
Haeba u khetha Static, kenya aterese ea IP, Subnet Mask, Gateway le lintlha tsa seva sa DNS. Khetho ena e tima moreki oa DHCP.
12
Bukana ea Mosebelisi
3. Sebapali sa LAN sa console se iphumanela lebelo la khokahanyo ea Ethernet. Sebelisa lethathamo la ho theoha ha Media ho notlela Ethernet ho 10 Mb/s kapa 100Mb/s le ho Full Duplex kapa Half Duplex.
Haeba u kopana le tahlehelo ea pakete kapa ts'ebetso e mpe ea netweke ka Setting ea Auto, fetola li-setting tsa Ethernet Media ho seva sa console le sesebelisoa seo e hoketsoeng ho sona. Maemong a mangata, fetola ka bobeli ho 100baseTx-FD (100 megabits, full duplex).
4. Haeba u khetha DHCP, seva sa console se tla batla lintlha tsa tlhophiso ho tsoa ho seva sa DHCP. Khetho ena e tima aterese efe kapa efe e sa fetoheng. Aterese ea MAC ea seva sa console e ka fumanoa ho label ho base plate.
5. O ka kenya aterese ya bobedi kapa lenane la diaterese le arohaneng le dikoma ho CIDR, mohlala, 192.168.1.1/24 e le IP Alias.
6. Tobetsa Sebelisa 7. Kopanya hape sebatli khomphuteng e hokahaneng le seva sa console ka ho kenya
http://your new IP address.
Haeba o fetola aterese ea IP ea seva sa console, o hloka ho lokisa komporo ea hau hape hore e be le aterese ea IP sebakeng se ts'oanang sa marang-rang joalo ka aterese e ncha ea seva. U ka beha MTU ho li-interface tsa Ethernet. Ena ke khetho e tsoetseng pele e ka sebelisoang haeba maemo a hau a ho romelloa a sa sebetse le MTU ea kamehla ea li-byte tse 1500. Ho seta MTU, tobetsa Sistimi > IP ebe o tobetsa konopo ea Network Interface. Tsamaisetsa tlase lebaleng la MTU mme o kenye boleng bo lakatsehang. Maemo a sebetsang a tsoa ho 1280 ho isa ho 1500 bakeng sa likhokahano tsa 100-megabit, le 1280 ho isa ho 9100 bakeng sa likhokahano tsa gigabit Haeba borokho kapa bonding bo lokisoa, MTU e behiloeng leqepheng la Network Interface e tla hlophisoa likhokahanong tseo e leng karolo ea borokho kapa bond. . ELA HLOKO Maemong a mang, mosebelisi ea boletsoeng MTU a kanna a se sebetse. Bakhanni ba bang ba NIC ba ka potisa li-MTU tse kholo ho isa boleng bo lumelletsoeng mme ba bang ba tla khutlisa khoutu ea phoso. U ka sebelisa taelo ea CLI ho laola boholo ba MTU: configure
# config -s config.interfaces.wan.mtu=1380 hlahloba
# config -g config.interfaces.wan config.interfaces.wan.address 192.168.2.24 config.interfaces.wan.ddns.provider none config.interfaces.wan.gateway 192.168.2.1 config.interfaces.wan.ipv6mode config. .interfaces.wan.media Auto config.interfaces.wan.mode static config.interfaces.wan.mtu 1380 config.interfaces.wan.netmask 255.255.255.0
13
Khaolo ea 2: Tlhophiso ea Tsamaiso
2.3.1 Phetoho ea IPv6 Sebapali sa console sa Ethernet se sebelisana le IPv4 ka ho sa feleng. Li ka hlophisoa bakeng sa ts'ebetso ea IPv6:
1. Tobetsa Tsamaiso > IP. Tobetsa tab ea Litlhophiso tse Akaretsang 'me u hlahlobe Enable IPv6. Haeba u lakatsa, tobetsa konopo ea Disable IPv6 bakeng sa lebokose la ho hlahloba la Cellular.
2. Hlophisa liparamente tsa IPv6 leqepheng le leng le le leng la sebopeho. IPv6 e ka hlophisoa bakeng sa mokhoa oa Automatic, o tla sebelisa SLAAC kapa DHCPv6 ho lokisa liaterese, litsela, le DNS, kapa mokhoa oa Static, o lumellang hore boitsebiso ba aterese bo kenngoe ka letsoho.
2.3.2 Phetoho ea Dynamic DNS (DDNS) Ka Dynamic DNS (DDNS), seva sa console eo aterese ea eona ea IP e abetsoeng ka matla e ka fumanoa ho sebelisoa moemeli ea tsitsitseng kapa domain name. Theha ak'haonte ka mofani oa litšebeletso oa DDNS ea u khethileng. Ha u theha ak'haonte ea hau ea DDNS, u khetha lebitso la mosebelisi, password, le lebitso la moamoheli tseo u tla li sebelisa e le lebitso la DNS. Bafani ba litšebeletso tsa DDNS ba u lumella ho khetha lebitso la moamoheli URL ebe o beha aterese ea pele ea IP e lumellanang le lebitso la moamoheli URL.
14
Bukana ea Mosebelisi
Ho nolofalletsa le ho lokisa DDNS ho leha e le efe ea Ethernet kapa likhokahano tsa marang-rang tsa cellular ho seva sa console. 1. Tobetsa System > IP ebe u tsamaisetsa tlase karolong ea Dynamic DNS. Khetha mofani oa litšebeletso oa DDNS oa hau
ho tsoa lethathamong le theolelang la Dynamic DNS. Hape o ka seta tlhahisoleseding ya DDNS tlasa tab ya Cellular Modem tlasa Sistimi > Daela.
2. Ka Lebitso la Moemedi wa DDNS, kenya lebitso la moamohedi la DNS le tshwanelehang ka botlalo bakeng sa seva sa khomphutha ea hau, mohlala, yourhostname.dyndns.org.
3. Kenya DDNS Username le DDNS Password bakeng sa akhaonto ea DDNS ea mofani oa litšebeletso. 4. Hlalosa boholo ba nako e pakeng tsa liapdeite ka matsatsi. Ntlafatso ea DDNS e tla romelloa le haeba e
aterese ha e so fetohe. 5. Hlalosa Nako e fokolang pakeng tsa licheke bakeng sa liaterese tse fetotsoeng ka metsotsoana. Lintlafatso li tla
romela haeba aterese e fetohile. 6. Hlalosa Boiteko bo phahameng ka ho fetesisa e leng palo ea makhetlo a ho leka ho apdeita
pele o tela. Sena ke 3 ka ho sa feleng. 7. Tobetsa Etsa kopo.
15
Khaolo ea 2: Tlhophiso ea Tsamaiso
2.3.3 Mokhoa oa EAPoL bakeng sa WAN, LAN le OOBFO
(OOBFO e sebetsa ho IM7216-2-24E-DAC feela)
Fetileview EAPoL IEEE 802.1X, kapa PNAC (Port-based Network Access Control) e sebelisa mekhoa ea boipheliso ea IEEE 802 LAN e le ho fana ka mokhoa oa ho netefatsa le ho fana ka tumello ea lisebelisoa tse khomaretsoeng boema-kepeng ba LAN bo nang le ntlha-to- litšoaneleho tsa khokahano ea lintlha, le ho thibela phihlello ea koung eo maemong ao netefatso le tumello li hlolehang. Boema-kepe maemong ana ke ntlha e le 'ngoe ea ho hokahana le meaho ea LAN.
Ha node e ncha e se nang mohala kapa ea wired (WN) e kopa phihlello ho sesebelisoa sa LAN, sebaka sa phihlello (AP) se kopa boitsebahatso ba WN. Ha ho sephethephethe se seng ntle le EAP se lumelletsoeng pele WN e netefatsoa ("kou" e koetsoe, kapa "ha e netefatsoe"). Node e se nang mohala e kopang netefatso hangata e bitsoa Mokopi, Mokopi o na le boikarabello ba ho arabela data ea Authenticator e tla theha lintlha tsa eona. Ho joalo le ka sebaka sa ho fihlella; Authenticator ha se sebaka sa phihlello. Ho e-na le hoo, sebaka sa ho kena se na le Authenticator. Authenticator ha e hloke ho ba sebakeng sa phihlello; e ka ba karolo e kantle. Ho sebelisoa mekhoa e latelang ea Netefatso:
· Mokopi oa EAP-MD5 o Mokhoa oa EAP MD5-Challenge o sebelisa username/password e hlakileng
· EAP-PEAP-MD5 o EAP PEAP (Protected EAP) MD5 mokhoa oa netefatso o sebelisa mangolo a mosebelisi le setifikeiti sa CA
· Mokhoa oa netefatso oa EAP-TLS o EAP TLS (Transport Layer Security) o hloka setifikeiti sa CA, setifikeiti sa moreki le senotlolo sa lekunutu.
Protocol ea EAP, e sebelisetsoang ho netefatsa, qalong e ne e sebelisetsoa ho daela PPP. Boitsebahatso e ne e le lebitso la mosebelisi, 'me netefatso ea PAP kapa CHAP e ile ea sebelisoa ho lekola phasewete ea mosebelisi. Ha boitsebiso bo romelloa ka mokhoa o hlakileng (eseng ka mokhoa o patiloeng), motho ea mobehang ka lonya a ka tseba hore na mosebelisi ke mang. "Ho pata boitsebiso" ka hona ho sebelisoa; boitsebiso ba 'nete ha bo romeloe pele kotopo ea TLS e patiloeng e phahama.
16
Bukana ea Mosebelisi
Ka mor'a hore boitsebiso bo rometsoe, mokhoa oa ho netefatsa o qala. Protocol e sebelisitsoeng lipakeng tsa Mokopi le Authenticator ke EAP, (kapa EAPoL). Authenticator e kopanya hape melaetsa ea EAP ho fomete ea RADIUS, 'me e e fetisetsa ho Seva ea Tiiso. Nakong ea netefatso, Authenticator e fetisetsa lipakete lipakeng tsa Mokopi le Seva ea netefatso. Ha ts'ebetso ea netefatso e felile, Seva ea netefatso e tla romela molaetsa oa katleho (kapa ho hloleha, haeba netefatso e hlolehile). Authenticator ebe e bula "port" bakeng sa Mokopi. Litlhophiso tsa netefatso li ka fumaneha ho tsoa leqepheng la EAPoL Supplicant Settings. Boemo ba EAPoL ea hajoale bo hlahisoa ka botlalo leqepheng la Status Statistics ho EAPoL tab:
Kakaretso ea EAPoL ho ROLE ea marang-rang e bonts'oa karolong ea "Connection Manager" ho Dashboard interface.
17
Khaolo ea 2: Tlhophiso ea Tsamaiso
Ho bontšitsoe ka tlase ke example katleho ea netefatso:
IEEE 802.1x (EAPOL) ts'ehetso ea li-switch port tsa IM7216-2-24E-DAC le ACM7004-5: E le ho qoba li-loops, basebelisi ha baa lokela ho hokela li-switch port tse fetang e le 'ngoe ho switch e tšoanang ea boemo bo holimo.
18
Bukana ea Mosebelisi
2.4 Ho fihlella Litšebeletso le Tšireletso ea Matla a Brute
Mookameli a ka fihlella seva sa console le likoung tsa serial tse hokahaneng le lisebelisoa tse laoloang a sebelisa mefuta e mengata ea liprothokholo / lits'ebeletso. Bakeng sa phihlello ka 'ngoe
· Ts'ebeletso e tlameha ho hlophisoa pele le ho nolofalloa ho sebetsa ho seva sa console. · Ho fihlella ka firewall ho tlameha ho lumelloa bakeng sa khokahano e 'ngoe le e' ngoe ea marang-rang. Ho thusa le ho lokisa tshebeletso: 1. Tobetsa Sistimi > Ditshebeletso ebe o tobetsa tab ya Di-setting tsa Tshebeletso.
2. Lumella le ho lokisa lits'ebeletso tsa mantlha:
HTTP
Ka kamehla, tšebeletso ea HTTP ea sebetsa 'me e ke ke ea tima ka botlalo. Ka ho sa feleng, phihlello ea HTTP e koetsoe lihokelong tsohle. Re khothaletsa phihlello ena hore e lule e koaletsoe haeba sebara ea khomphutha e fumaneha u le hole le Marang-rang.
HTTP e 'ngoe e u lumella ho hlophisa boema-kepe bo bong ba HTTP ho mamela. Ts'ebeletso ea HTTP e tla tsoelapele ho mamela ho TCP port 80 bakeng sa likhokahano tsa CMS le sehokelo empa e ke ke ea fumaneha ka firewall.
HTTPS
Ka ho sa feleng, ts'ebeletso ea HTTPS e ea sebetsa 'me e nolofalitsoe lihokelong tsohle tsa marang-rang. Ho khothaletsoa hore ho sebelisoe feela phihlello ea HTTPS haeba seva sa console se lokela ho laoloa holim'a marang-rang afe kapa afe a sechaba. Sena se tiisa hore batsamaisi ba na le phihlello e sireletsehileng ea sebatli ho menyetla eohle e ho seva sa console. E boetse e lumella basebelisi ba lokiselitsoeng ka nepo ho fihlella sebatli se sireletsehileng ho li-menu tse khethiloeng Laola.
Ts'ebeletso ea HTTPS e ka koaloa kapa ea buloa hape ka ho hlahloba HTTPS Web Tsamaiso le boema-kepe bo bong bo boletsoeng (boema-kepe ba kamehla ke 443).
Telnet
Ka linako tsohle, tšebeletso ea Telnet e ea sebetsa empa e koetsoe lihokelong tsohle tsa marang-rang.
Telnet e ka sebelisoa ho fa molaoli monyetla oa ho fihlella khetla ea line ea taelo ea sistimi. Ts'ebeletso ena e ka ba molemo bakeng sa batsamaisi ba lehae le phihlello ea mosebelisi ho li-serial consoles tse khethiloeng. Re khothalelitse hore o tima ts'ebeletso ena haeba khomphutha ea khomphutha e tsamaisoa u le hole.
Lebokose la ho hlahloba la Enable Telnet shell shell le tla nolofalletsa kapa ho tima tšebeletso ea Telnet. Sebaka se seng sa Telnet seo u ka mamelang ho sona se ka hlalosoa ho Alternate Telnet Port (boema-kepe ba kamehla ke 23).
17
Khaolo ea 2: Tlhophiso ea Tsamaiso
SSH
Ts'ebeletso ena e fana ka phihlello e sireletsehileng ea SSH ho seva sa console le lisebelisoa tse khomaretsoeng
'me ka ho sa feleng tšebeletso ea SSH e ntse e sebetsa ebile e nolofalitsoe ho li-interfaces tsohle. Ho joalo
o khothalelitse hore u khethe SSH joalo ka protocol moo motsamaisi a hokelang teng
Seva ea console ka Marang-rang kapa marang-rang afe kapa afe a sechaba. Sena se tla fana ka
likhokahano tse netefalitsoeng lipakeng tsa lenaneo la moreki oa SSH sebakeng se hole
khomphutha le sever ea SSH ho seva sa console. Bakeng sa tlhaiso-leseling e batsi ka SSH
tlhophiso Sheba Khaolo ea 8 - Netefatso.
The Enable SSH command shell checkbox e tla nolofalletsa kapa ho tima tšebeletso ena. Sebaka se seng sa SSH seo u ka mamelang ho sona se ka hlalosoa ho SSH shell port (boema-kepe ba kamehla ke 22).
3. Lumella le ho lokisa lits'ebeletso tse ling:
TFTP/FTP Haeba karete ea flash ea USB kapa flash e ka hare e fumanoa ho seva sa khomphutha, ho hlahloba Numella tšebeletso ea TFTP (FTP) ho nolofalletsa ts'ebeletso ena le ho seta seva sa kamehla sa tftp le ftp ho USB flash. Li-server tsena li sebelisetsoa ho boloka config files, boloka lintlha tsa phihlello le tsa transaction jj. Files e fetisetsoang ho sebelisoa tftp le ftp e tla bolokoa tlas'a /var/mnt/storage.usb/tftpboot/ (kapa /var/mnt/storage.nvlog/tftpboot/ ka lisebelisoa tsa ACM7000series). Ho se hlahlojoe Numella tšebeletso ea TFTP (FTP) e tla tima tšebeletso ea TFTP (FTP).
DNS Relay Checking E nolofaletsa DNS Server/Relay e nolofalletsa karolo ea DNS e le hore bareki ba ka hlophisoa ka IP ea seva sa console bakeng sa boemo ba bona ba seva sa DNS, 'me seva sa console se tla fetisetsa lipotso tsa DNS ho seva sa sebele sa DNS.
Web Etsa hore ho hlahlojoe Terminal Web Terminal e lumella web phihlello ea sebatli ho khetla ea line ea taelo ea sistimi ka Manage> Terminal.
4. Hlalosa linomoro tse ling tsa boema-kepe bakeng sa Raw TCP, ho toba Telnet/SSH le litšebeletso tse sa netefatsoang tsa Telnet/SSH. Seva ea console e sebelisa mekhahlelo e ikhethileng bakeng sa likou tsa TCP / IP bakeng sa phihlello e fapaneng
lits'ebeletso tseo basebelisi ba ka li sebelisang ho fihlella lisebelisoa tse hokelletsoeng likoung tsa serial (joalo ka ha ho boletsoe ho Khaolo ea 3 Configure Serial Ports). Mookameli a ka beha maemo a mang bakeng sa lits'ebeletso tsena 'me likou tsena tsa bobeli li tla sebelisoa ho phaella ho tse sa lekanyetsoang.
Aterese ea boema-kepe ea kamehla ea TCP/IP bakeng sa phihlello ea Telnet ke 2000, 'me sebaka sa Telnet ke IP Address: Port (2000 + serial port #) ke hore 2001 2048. Haeba mookameli a ne a ka beha 8000 e le setsi sa bobeli sa Telnet, serial. port #2 ho seva sa console e ka fumaneha Telnet ho IP
Aterese:2002 le Aterese ea IP:8002. Motheo oa kamehla oa SSH ke 3000; bakeng sa Raw TCP ke 4000; mme bakeng sa RFC2217 ke 5000
5. Litšebeletso tse ling li ka lumelloa le ho hlophisoa ho tsoa lenaneng lena ka ho khetha Tobetsa mona ho lokisa:
Nagios Ho fihlella ho li-daemone tsa tlhahlobo tsa Nagios NRPE
NKOTI
Ho fihlella daemon ea tlhokomelo ea NUT UPS
SNMP E nolofalletsa snmp ho seva sa console. SNMP e emisitsoe ka ho sa feleng
NTP
6. Tobetsa Etsa kopo. Molaetsa oa netefatso oa hlaha: Liphetoho tsa Molaetsa ho litlhophiso li atlehile
Litlhophiso tsa Phihlello ea Litšebeletso li ka hlophisoa ho lumella kapa ho thibela phihlello. Sena se totobatsa hore na ke batsamaisi ba lits'ebeletso ba lumelletsoeng ba ka sebelisang sehokelo se seng le se seng sa marang-rang ho hokela ho seva sa khomphutha le ka seva ea khokahanyo ho lisebelisoa tse hoketsoeng tsa serial le netweke tse hoketsoeng.
18
Bukana ea Mosebelisi
1. Kgetha tab ya Phihlello ya Tshebeletso ho Sistimi > Leqephe la ditshebeletso.
2. Sena se bonts'a lits'ebeletso tse lumelletsoeng bakeng sa likhokahano tsa marang-rang tsa seva sa console. Ho ipapisitsoe le mofuta o itseng oa seva ea li-console li-interfaces tse bonts'itsoeng li ka kenyelletsa: · Khokahano ea marang-rang (bakeng sa khokahano ea Ethernet ea mantlha) · Management LAN / OOB Failover (likhokahanyo tsa Ethernet tsa bobeli) · Dialout / Cellular (V90 le 3G modem) · Dial-in (ka hare). kapa modem ea V90 ea kantle) · VPN (IPsec kapa Open VPN khokahano efe kapa efe ea marang-rang)
3. Sheba/u se hlahlobe bakeng sa netweke e nngwe le e nngwe hore na phihlello ya tshebeletso e lokela ho dumellwa / e holofatswe Karabo ho ICMP echoes (ke hore, ping) dikgetho tsa phihlello tsa tshebeletso tse ka hlophiswang sebakeng sena.tage. Sena se lumella seva sa console ho araba likopo tse kenang tsa ICMP echo. Ping e nolofalitsoe ke kamehla. Bakeng sa ts'ireletso e eketsehileng, o lokela ho tima ts'ebeletso ena ha o qeta tlhophiso ea pele O ka lumella lisebelisoa tsa serial port hore li fihlelle ho tsoa ho marang-rang a khethiloeng ka Raw TCP, Telnet / SSH e tobileng, lits'ebeletso tse sa netefatsoang tsa Telnet/SSH, jj.
4. Tobetsa Etsa kopo Web Litlhophiso tsa Tsamaiso Lebokose la ho hlahloba la Nuble HSTS le nolofalletsa tšireletso e tiileng ea lipalangoang tsa HTTP. Mokhoa oa HSTS o bolela hore hlooho ea StrictTransport-Security e lokela ho romelloa holim'a lipalangoang tsa HTTPS. Ea lumellanang web sebatli se hopola sehlooho sena, 'me ha se kopuoa ho ikopanya le moamoheli a le mong holim'a HTTP (thota) se tla fetohela ho sona
19
Khaolo ea 2: Tlhophiso ea Tsamaiso
HTTPS pele o leka HTTP, ha feela sebatli se fihletse sebaka se sireletsehileng hang mme se bone hlooho ea STS.
Tšireletso ea matla a Brute Force (Micro Fail2ban) e thibela ka nakoana li-IP tse bontšang matšoao a lonya, joalo ka ho hloleha ha li-password tse ngata haholo. Sena se ka thusa ha lits'ebeletso tsa marang-rang tsa sesebelisoa li pepesehetse marang-rang a sa tšepahaleng joalo ka WAN ea sechaba le litlhaselo tse ngotsoeng kapa software worms li leka ho hakanya lintlha tsa mosebelisi le ho fumana phihlello e sa lumelloeng.
Tšireletso ea Brute Force e kanna ea fuoa monyetla bakeng sa lits'ebeletso tse thathamisitsoeng. Ka mokhoa o ikhethileng, hang ha ts'ireletso e nolofalitsoe liteko tse 3 kapa ho feta tse hlōlehileng tsa ho hokahanya nakong ea metsotsoana e 60 ho tsoa mohloling o itseng oa IP e etsa hore e thibeloe ho hokahanya ka nako e lokiselitsoeng. Moeli oa ho leka le nako ea Thibelo e ka etsoa ka mokhoa o ikhethileng. Lithibelo tse Matla li boetse li thathamisitsoe 'me li ka nchafatsoa ka ho kenya leqephe bocha.
HLOKOMELA
Ha o sebetsa marang-rang a sa tšepahaleng, nahana ka ho sebelisa mekhoa e fapaneng e sebelisoang ho notlela phihlello e hole. Sena se kenyelletsa netefatso ea senotlolo sa sechaba sa SSH, VPN, le Melao ea Firewall ho
ho fihlella hole le lenane la tumello ho tsoa ho marang-rang a tšeptjoang feela. Sheba Setsi sa Tsebo sa Opengear bakeng sa lintlha.
2.5 Khokahano Software
U hlophisitse liprothokholo tsa phihlello hore moreki oa motsamaisi a ka li sebelisa ha a hokela ho sebara ea khomphutha. Bareki ba basebelisi le bona ba sebelisa liprothokholo tsena ha ba fihlella lisebelisoa tse kenyellelitsoeng tsa seva sa console le mabotho a hoketsoeng ke marang-rang. U hloka lisebelisoa tsa software tsa puisano tse thehiloeng ho mookameli le k'homphieutha ea mofani oa mosebedisi. Ho hokela o ka sebelisa lisebelisoa tse kang PuTTY le SSTerm.
20
Bukana ea Mosebelisi
Lihokelo tse fumanehang khoebong li kopanya protocol e tšepahalang ea SSH e nang le lisebelisoa tse tsebahalang tsa ho fihlella joalo ka Telnet, SSH, HTTP, HTTPS, VNC, RDP ho fana ka phihlello e sireletsehileng ea taolo e hole le lits'ebetso tsohle tse laoloang. Tlhahisoleseding e mabapi le ho sebelisa li-connectors bakeng sa ho fihlella sebatli ho Management Console ea seva sa console, ho fihlella Telnet / SSH ho mohala oa taelo ea seva sa console, le TCP / UDP e hokahanyang le mabotho a marang-rang a amanang le seva sa console e ka fumanoa Khaolong ea 5. Li-Connectors li ka ba teng e kentsoe ho Windows PC, Mac OS X le litsing tse ngata tsa Linux, UNIX le Solaris.
2.6 Tsamaiso ea Tsamaiso ea Marang-rang
Li-server tsa Console li na le likou tse eketsehileng tsa marang-rang tse ka lokisetsoang ho fana ka phihlello ea LAN ea taolo le / kapa phihlello kapa phihlello ea kantle ho sehlopha. 2.6.1 Etsa hore li-server tsa Management LAN Console li khone ho hlophisoa e le hore boema-kepe ba bobeli ba Ethernet bo fane ka tsela ea tsamaiso ea LAN. Heke e na le li-firewall, router le likarolo tsa seva sa DHCP. U hloka ho hokela switch ea kantle ea LAN ho Network 2 ho hokela baamoheli ho LAN ena ea taolo:
ELA HLOKO Boema-kepe ba bobeli ba Ethernet bo ka hlophisoa hore e be boema-kepe ba Management LAN kapa boema-kepe ba OOB/Failover. Netefatsa hore ha ua fana ka NET2 joalo ka Failover Interface ha u ne u lokisa khokahano ea mantlha ea Netweke ho Sistimi > IP menu.
21
Khaolo ea 2: Tlhophiso ea Tsamaiso
Ho lokisa monyako oa Tsamaiso ea LAN: 1. Kgetha tab ya Sebopeho sa Taolo ya LAN ho Sistimi > IP menu mme o tlose tekeno Disable. 2. Lokisa Aterese ea IP le Subnet Mask bakeng sa LAN ea Tsamaiso. Tlohela masimo a DNS a se na letho. 3. Tobetsa Etsa kopo.
Ts'ebetso ea heke ea tsamaiso e nolofalitsoe ka li-firewall tsa kamehla le melao ea router e lokiselitsoeng hore LAN ea Tsamaiso e fihlellehe feela ka ho fetisa koung ea SSH. Sena se tiisa hore likhokahano tse hole le tsa lehae ho Lisebelisoa tse Laoloang ho LAN ea Tsamaiso li bolokehile. Likou tsa LAN le tsona li ka hlophisoa ka mokhoa oa borokho kapa o tlamiloeng kapa tsa hlophisoa ka letsoho ho tsoa moleng oa taelo. 2.6.2 Hlophisa li-server tsa DHCP Seva ea DHCP e nolofalletsa ho aba liaterese tsa IP ka mokhoa o itekanetseng ho lisebelisoa tse ho Management LAN tse sebelisang bareki ba DHCP. Ho nolofalletsa seva ea DHCP:
1. Tobetsa System > DHCP Server. 2. Ho tab ya Network Interface, Hlahloba Noble DHCP Server.
22
Bukana ea Mosebelisi
3. Kenya aterese ea Gateway e tla fuoa bareki ba DHCP. Haeba sebaka sena se sala se se na letho, ho sebelisoa aterese ea IP ea seva sa console.
4. Kenya Primary DNS le Secondary DNS address ho fana ka bareki ba DHCP. Haeba karolo ena e sala e se na letho, ho tla sebelisoa aterese ea IP ea seva sa console.
5. Ka boikhethelo, kenya suffix ea Domain Name ho fana ka bareki ba DHCP. 6. Kenya nako ea Default ea Ho hira le nako e kholo ea ho hira ka metsotsoana. Ena ke palo ea nako
hore aterese ea IP e fanoeng ka matla e nepahetse pele moreki a tlameha ho e kopa hape. 7. Tobetsa Etsa kopo Seva ea DHCP e fana ka liaterese tsa IP ho tsoa libakeng tse itseng tsa liaterese: 1. Tobetsa Eketsa lebaleng la Matlapa a Kabo ea Aterese e Matla. 2. Kenya Aterese ea ho Qala ea Letamo la DHCP le Aterese ea ho Qetela. 3. Tobetsa Etsa kopo.
23
Khaolo ea 2: Tlhophiso ea Tsamaiso
Seva ea DHCP e boetse e ts'ehetsa liaterese tsa IP tse fanoeng esale pele hore li abeloe liaterese tse ikhethileng tsa MAC le ho boloka liaterese tsa IP hore li sebelisoe ke mabotho a hokahantsoeng a nang le liaterese tse tsitsitseng tsa IP. Ho boloka aterese ea IP bakeng sa moamoheli ea itseng:
1. Tobetsa Eketsa sebakeng sa Liaterese Tse Behelitsoeng. 2. Kenya Lebitso la Moamoheli, Aterese ea Hardware (MAC) le aterese ea IP e bolokiloeng
moreki oa DHCP ebe o tobetsa Etsa kopo.
Ha DHCP e abile liaterese tsa moamoheli, ho khothaletsoa ho li kopitsa lethathamong le abetsoeng esale pele e le hore aterese e tšoanang ea IP e abeloe hape ha ho ka qala bocha.
24
Bukana ea Mosebelisi
2.6.3 Khetha Failover kapa Broadband OOB Console li-server li fana ka khetho ea failover kahoo ha ho na le bothata ba ho sebelisa khokahanyo e kholo ea LAN bakeng sa ho fumana seva sa console ho sebelisoa tsela e 'ngoe ea ho kena. Ho bulela failover:
1. Khetha leqephe la Network Interface ho Sistimi > IP menu 2. Khetha Failover Interface e tla sebelisoa ha ho na le ou.tage marangrang a maholo.
3. Tobetsa Etsa kopo. Failover e ba mafolofolo ka mor'a hore u bolela ka ho toba libaka tsa ka ntle ho probed ho tsosa failover le ho theha likou failover.
2.6.4 Ho kopanya likou tsa marang-rang Ka mokhoa o ikhethileng, li-port tsa marang-rang tsa Management LAN tsa seva li ka fihlelleha ho sebelisoa SSH tunneling / port forwarding kapa ka ho theha kotopo ea IPsec VPN ho seva sa console. Likou tsohle tsa marang-rang tse nang le marang-rang ho li-server tsa console li ka kopanngoa ka ho kopanngoa kapa ho tlamisoa.
25
Bukana ea Mosebelisi
· Ka kamehla, Interface Aggregation e koetsoe ho Sistimi > IP > Menu ea Litlhophiso tse Akaretsang · Khetha Li-interfaces tsa Bridge kapa Bond Interfaces.
o Ha borokho bo buletsoe, sephethephethe sa marang-rang se fetisetsoa libakeng tsohle tsa Ethernet ntle le lithibelo tsa firewall. Likou tsohle tsa Ethernet kaofela li hokahane ka mokhoa o hlakileng lera la sehokelo sa data (layer 2) kahoo li boloka liaterese tsa tsona tse ikhethang tsa MAC.
o Ka bonding, sephethephethe sa marang-rang se tsamaisoa lipakeng tsa likou empa se le teng ka aterese e le 'ngoe ea MAC
Mekhoa ena ka bobeli e tlosa mesebetsi eohle ea Tsamaiso ea LAN le Ts'ebetso ea Out-of-Band/Failover Interface le ho tima Seva ea DHCP.
25
Khaolo ea 2: Tlhophiso ea Tsamaiso
2.6.5 Litsela tse tsitsitseng Litsela tse tsitsitseng li fana ka tsela e potlakileng haholo ea ho tsamaisa data ho tloha subnet e le 'ngoe ho ea ho subnet e fapaneng. O ka khouta ka thata tsela e bolellang seva / router ea console hore e fihle subnet e itseng e sebelisa tsela e itseng. Sena se ka ba molemo bakeng sa ho fihlella li-subnet tse fapaneng sebakeng se hole ha u sebelisa khokahano ea OOB ea cellular.
Ho kenyelletsa tseleng e tsitsitseng ho tafole ea tsela ea Sisteme:
1. Khetha tab ea Litlhophiso tsa Tsela ho Sistimi > IP General Settings menu.
2. Tobetsa Tsela e Ncha
3. Kenya Lebitso la Tsela bakeng sa tsela.
4. Sebakeng sa Destination Network/Host, kenya aterese ea IP ea sebaka seo u eang ho sona / moamoheli eo tsela e fanang ka phihlello ho eona.
5. Kenya boleng sebakeng sa netmask sa Destination se supang netweke kapa moamohedi. Nomoro efe kapa efe pakeng tsa 0 le 32. Subnet mask ea 32 e khetholla tsela ea baeti.
6. Kenya Route Gateway ka aterese ea IP ea router e tla tsamaisa lipakete ho ea netwekeng eo e eang ho eona. Sena se ka 'na sa tloheloa se se na letho.
7. Khetha Interface eo u tla e sebelisa ho fihla moo u eang teng, e ka 'na ea siuoa e le None.
8. Kenya boleng karolong ea Metric e emelang metric ea khokahano ena. Sebelisa nomoro efe kapa efe e lekanang le kapa e kholo ho feta 0. Sena se tlameha ho beoa haeba litsela tse peli kapa ho feta li thulana kapa li na le lipehelo tse nyallanang.
9. Tobetsa Etsa kopo.
HLOKOMELA
Leqephe la lintlha tsa litsela le fana ka lethathamo la marang-rang a marang-rang le li-modem tseo tsela e ka tsamaeang ho tsona. Tabeng ea modem, tsela e tla hokelloa ho nako efe kapa efe ea ho daela e thehiloeng ka sesebelisoa seo. Tsela e ka hlalosoa ka heke, sebopeho kapa ka bobeli. Haeba sebopeho se boletsoeng se sa sebetse, litsela tse lokiselitsoeng bakeng sa sebopeho seo li ke ke tsa sebetsa.
26
Bukana ea Mosebelisi 3. SERIAL PORT, HOST, DEVICE & CONFIGURATION
Seva ea console e nolofalletsa ho fihlella le ho laola lisebelisoa tse khomaretsoeng ka serial le lisebelisoa tse khomaretsoeng ke marang-rang (mabotho). Mookameli o tlameha ho lokisa litokelo tsa ho kena ho se seng le se seng sa lisebelisoa tsena le ho bolela litšebeletso tse ka sebelisoang ho laola lisebelisoa. Mookameli a ka boela a theha basebelisi ba bacha 'me a bolela litokelo tsa motho ka mong tsa ho fihlella le ho laola.
Khaolo ena e akaretsa mohato o mong le o mong oa ho lokisa marang-rang a hokahaneng le lisebelisoa tse hoketsoeng ka serially: · Serial Ports ho theha liprothokholo tse sebelisoang lisebelisoa tse hokahaneng ka serially · Basebelisi le Lihlopha ba theha basebelisi le ho hlalosa tumello ea ho fihlella ho e mong le e mong oa basebelisi bana · Netefatso lintlha tse qaqileng Khaolong ea 8 · Baamoheli ba marang-rang ba lokisang phihlello ea likhomphutha tsa lehae tse hokahantsoeng kapa lisebelisoa (baamoheli) · Configuring Trusted Networks - khetha liaterese tsa IP tse tšeptjoang ho basebelisi ho fihlella ho tloha · Cascading le Redirection of Serial Console Ports · Ho hokela matla (UPS, PDU, le IPMI) le lisebelisoa tsa tlhahlobo ea tikoloho (EMD) · Serial Port Redirection e sebelisa lifensetere tsa PortShare le bareki ba Linux · Lisebelisoa tse Laoloang - e fana ka khokahanyo e kopaneng. view ea likhokahano tsohle · IPSec e nolofalletsang khokahano ea VPN · OpenVPN · PPTP
3.1 Hlophisa Li-Ports tsa serial
Mohato oa pele oa ho lokisa "serial port" ke ho seta Litlhophiso tse Tloaelehileng joalo ka liprothokholo le liparamente tsa RS232 tse tla sebelisoa bakeng sa khokahano ea data boema-kepeng boo (mohlala, sekhahla sa baud). Khetha hore na boema-kepe bo tla sebetsa ka mokhoa ofe. Boema-kepe bo bong le bo bong bo ka hlophisoa ho ts'ehetsa e 'ngoe ea mekhoa ena ea ts'ebetso:
· Mokhoa o holofetseng ke oa kamehla, boema-kepe ba serial ha bo sebetse
27
Khaolo ea 3:
Serial Port, Host, Device & Configuration User
· Mokhoa oa seva oa Console o nolofalletsa phihlello e akaretsang ea boema-kepe ba serial console ho lisebelisoa tse khomaretsoeng ka serial
* Mokhoa oa sesebelisoa o hlophisa "serial port" hore e hokahane le PDU, UPS kapa Environmental Monitor Devices (EMD) e laoloang ka bohlale.
· Seva ea Terminal Server e etsa hore boema-kepe ba serial bo emele nako ea ho kena ea ho kena.
marangrang.
1. Kgetha Serial & Network > Serial Port ho hlahisa lintlha tsa serial port. Tobetsa Edit haufi le boema-kepe ho ba
hlophisitsoe bocha. Kapa tobetsa Edit Multiple Ports ebe u khetha hore na ke likou life tseo u lakatsang ho li hlophisa e le sehlopha. 3. Ha u se u lokiselitse litlhophiso tse tloaelehileng le mokhoa oa koung ka 'ngoe, theha syslog leha e le efe e hōle (sheba likarolo tse latelang bakeng sa tlhahisoleseding e tobileng). Tobetsa Sebelisa 4. Haeba seva sa console se hlophisitsoe ka mokhoa oa ho beha leihlo oa Nagios, sebelisa likhetho tsa Nagios Settings ho nolofalletsa litšebeletso tse khethiloeng ho Moamoheli hore li behoe leihlo. boemakepe. Tsena li ikemetse ka mokhoa oo boema-kepe bo sebelisoang ka oona. Liparamente tsena tsa serial port li tlameha ho hlophisoa hore li tsamaellane le li-parameter tsa serial port sesebelisoa seo u se hokelang boema-kepeng boo:
28
Bukana ea Mosebelisi
· Ngola label bakeng sa boema-kepe · Khetha sekhahla se nepahetseng sa Baud Rate, Parity, Data Bits, Stop Bits le Flow Control bakeng sa boema-kepe bo bong le bo bong.
· Beha Pinout ea Port. Ntho ena ea menu e hlaha bakeng sa likou tsa IM7200 moo pin-out bakeng sa koung e 'ngoe le e' ngoe ea serial ea RJ45 e ka hlophisoa e le X2 (Cisco Straight) kapa X1 (Cisco Rolled)
· Beha mokhoa oa DTR. Sena se o fa monyetla oa ho khetha hore na DTR e lula e tiisitsoe kapa e tiisitsoe feela ha ho na le seshene e sebetsang ea mosebelisi
· Pele o tsoela pele ka tlhophiso e 'ngoe ea serial port, o lokela ho hokela likou ho lisebelisoa tsa serial tseo ba tla beng ba li laola le ho netefatsa hore li na le litlhophiso tse tšoanang.
3.1.2
Mokhoa oa Seva ea Console
Khetha Mokhoa oa Seva ea Console ho nolofalletsa phihlello ea taolo e hole ho serial console e hokelletsoeng boema-kepeng bona ba serial:
Boemo ba ho Rengoa ha Lifate Sena se bolela boemo ba tlhahisoleseling e lokelang ho kenngoa le ho hlahlojoa.
29
Khaolo ea 3: Serial Port, Host, Device & User Configuration
Mohato oa 0: Tlosa ho rema lifate (ka ho sa feleng)
Mohato oa 1: LIKETSAHALO, LOGOUT le Liketsahalo tsa SIGNAL
Mohato oa 2: LIKETSAHALO tsa LOGIN, LOGOUT, SIGNAL, TXDATA le RXDATA
Mohato oa 3: Liketsahalo tsa LOGIN, LOGOUT, SIGNAL le RXDATA
Mohato oa 4: Liketsahalo tsa LOGIN, LOGOUT, SIGNAL le TXDATA
Input/RXDATA ke data e fumanweng ke sesebediswa sa Opengear ho tswa sesebedisweng sa serial se hoketsweng, mme output/TXDATA ke data e rometsweng ke sesebediswa sa Opengear (mohlala, se tlantsweng ke mosebedisi) ho sesebediswa se hoketsweng sa serial.
Li-consoles tsa lisebelisoa hangata li lumellana le litlhaku tsa morao ha li ntse li thaepa kahoo TXDATA e tlatsitsoeng ke mosebelisi e amoheloa e le RXDATA, e bonts'itsoeng ho terminal ea bona.
TLHOKOMELISO: Kamora ho kopa senotlolo, sesebelisoa se hoketsoeng se romela litlhaku tsa * ho thibela password hore e se ke ea hlaha.
Telnet Ha ts'ebeletso ea Telnet e kentsoe tšebetsong ho seva sa khomphutha, moreki oa Telnet komporong ea mosebelisi a ka hokela sesebelisoa sa serial se hokelletsoeng boema-kepeng bona ba serial ho seva sa khomphutha. Hobane likhokahano tsa Telnet ha lia ngolisoa, protocol ena e khothaletsoa feela bakeng sa likhokahano tsa lehae kapa tsa VPN.
Haeba likhokahano tse hole li ntse li hokelloa ka sehokelo, Telnet e ka sebelisoa bakeng sa ho fihlella ka mokhoa o sireletsehileng lisebelisoa tsena tse khomaretsoeng.
HLOKOMELA
Ka mokhoa oa seva sa khomphutha, basebelisi ba ka sebelisa sehokelo ho theha likhokahano tse sireletsehileng tsa Telnet tseo e leng SSH e hoketsoeng ho tsoa ho likhomphutha tsa bareki ho ea koung ea serial ho seva sa khomphutha. Lihokelo li ka kengoa ho li-PC tsa Windows le li-platform tse ngata tsa Linux mme e nolofalletsa likhokahano tse sireletsehileng tsa Telnet hore li khethoe ka ntlha-le-tobetsa.
Ho sebelisa sehokelo ho fihlella li-consoles ho li-port tsa serial tsa li-console, lokisa sehokelo ka seva sa khokahanyo joalo ka heke, le joalo ka moamoheli, 'me u nolofalletse tšebeletso ea Telnet ho Port (2000 + serial port #) ke hore 2001.
U ka sebelisa liphutheloana tse tloaelehileng tsa puisano joalo ka PuTTY ho theha khokahano e tobileng ea Telnet kapa SSH likoung tsa serial.
ELA HLOKO Ka mokhoa oa seva sa Console, ha o hokela koung ea serial o hokela ka pmshell. Ho hlahisa BREAK boema-kepe ba serial, thaepa tatelano ea litlhaku ~b. Haeba u etsa sena ka mofuta oa OpenSSH ~~b.
SSH
Ho khothalletsoa hore u sebelise SSH e le protocol ha basebelisi ba hokela ho seva sa console
(kapa hokela ka har'a seva ea khomphutha ho li-serial consoles tse hoketsoeng) ka Marang-rang kapa efe kapa efe
marangrang a mang a sechaba.
Bakeng sa phihlello ea SSH ho li-consoles ho lisebelisoa tse hokelletsoeng ho li-port tsa serial tsa console, o ka sebelisa sehokelo. Lokisa sehokelo ka seva sa console joalo ka heke, le joalo ka moamoheli, 'me u nolofalletse ts'ebeletso ea SSH ho Port (3000 + serial port #) ke hore 3001-3048.
U ka sebelisa liphutheloana tse tloaelehileng tsa puisano, joalo ka PuTTY kapa SSTerm ho SSH hokela atereseng ea boema-kepe ea IP _ Port (3000 + serial port #) ke hore 3001.
Likhokahano tsa SSH li ka hlophisoa ho sebelisoa SSH port 22 e tloaelehileng. Sebaka sa serial se kenang se khetholloa ka ho kenya tlhaloso ho lebitso la mosebedisi. Syntax ena e tšehetsa:
:
:
30
Bukana ea Mosebelisi
: : Bakeng sa mosebelisi ea bitsoang chris ho fihlella serial port 2, ha a theha SSTerm kapa moreki oa PuTTY SSH, ho fapana le ho thaepa lebitso la mosebelisi = chris le ssh port = 3002, e 'ngoe ke ho thaepa username = chris:port02 (kapa lebitso la mosebelisi = chris: ttyS1) le ssh port = 22. Kapa ka ho ngola username=chris:serial le ssh port = 22, mosebelisi o hlahisoa ka khetho ea khetho ea koung:
Syntax ena e thusa basebelisi ho theha lithanele tsa SSH ho likoung tsohle tsa serial tse nang le port e le 'ngoe ea IP 22 e tlamehang ho buloa ka har'a firewall / heke ea bona.
ELA HLOKO Ka mokhoa oa seva sa console, o hokela boema-kepe ba serial ka pmshell. Ho hlahisa BREAK boema-kepe ba serial, thaepa tatelano ea litlhaku ~b. Haeba u etsa sena ka OpenSSH, thaepa ~~b.
TCP
RAW TCP e lumella likhokahano ho sokete ea TCP. Ha mananeo a puisano a tšoana le PuTTY
hape e ts'ehetsa RAW TCP, protocol ena hangata e sebelisoa ke ts'ebeliso ea tloaelo
Bakeng sa RAW TCP, aterese ea kamehla ea boema-kepe ke IP Address _ Port (4000 + serial port #) ke hore 4001 4048.
RAW TCP e boetse e nolofalletsa boema-kepe ba serial hore bo kenngoe ho seva sa khomphutha se hole, kahoo lisebelisoa tse peli tsa serial port li ka hokahana ka mokhoa o hlakileng holim'a marang-rang (bona Khaolo ea 3.1.6 Serial Bridging)
RFC2217 Ho khetha RFC2217 ho thusa ho tsamaisa boema-kepe ba serial boema-kepeng boo. Bakeng sa RFC2217, aterese ea kamehla ea boema-kepe ke IP Address _ Port (5000 + serial port #) ke hore 5001 5048.
Ho na le software e khethehileng ea bareki e fumanehang bakeng sa Windows UNIX le Linux e tšehetsang RFC2217 virtual com ports, kahoo moamoheli ea hole a ka hlokomela le ho laola lisebelisoa tse hokelletsoeng ka thoko joalo ka ha eka li hokahane le boema-kepe ba serial ea lehae (sheba Khaolo ea 3.6 Serial Port Redirection bakeng sa lintlha)
RFC2217 e boetse e nolofalletsa boema-kepe ba serial hore bo kenngoe ho seva sa khomphutha se hole, kahoo lisebelisoa tse peli tsa serial port li ka hokela pepenene holim'a marang-rang (bona Khaolo ea 3.1.6 Serial Bridging)
Telnet e sa netefatsoang Sena se nolofalletsa Telnet ho fihlella boema-kepe ba serial ntle le mangolo a netefatso. Ha mosebelisi a fihlella seva sa console ho Telnet ho boema-kepe ba serial, ba fuoa molaetsa oa ho kena. Ka Telnet e sa netefatsoang, ba hokela ka kotloloho boema-kepeng ntle le phephetso ea ho kena ka har'a seva sa console. Haeba moreki oa Telnet a potlakela ho netefatsa, data efe kapa efe e kentsoeng e lumella khokahano.
31
Khaolo ea 3: Serial Port, Host, Device & User Configuration
Mokhoa ona o sebelisoa le sistimi e kantle (joalo ka conserver) e laolang netefatso ea mosebelisi le litokelo tsa phihlello boemong ba sesebelisoa sa serial.
Ho kena ka har'a sesebelisoa se hokahaneng le seva sa khomphutha ho ka hloka netefatso.
Bakeng sa Telnet e sa netefatsoang aterese ea boema-kepe ea kamehla ke IP Address _ Port (6000 + serial port #) ke hore 6001 6048.
SSH e sa netefatsoang Sena se nolofalletsa SSH ho fihlella boema-kepe ba serial ntle le lintlha tsa netefatso. Ha mosebelisi a fihlella seva sa console ho Telnet ho boema-kepe ba serial, ba fuoa molaetsa oa ho kena. Ka SSH e sa netefatsoang ba hokela ka kotloloho boema-kepeng ntle le phephetso efe kapa efe ea ho kena ka har'a seva sa console.
Mokhoa ona o sebelisoa ha o na le sistimi e laolang netefatso ea mosebelisi le litokelo tsa phihlello boemong ba sesebelisoa sa serial empa o lakatsa ho khorela seshene marang-rang.
Ho kena ka har'a sesebelisoa se hokahaneng le seva sa khomphutha ho ka hloka netefatso.
Bakeng sa Telnet e sa netefatsoang aterese ea boema-kepe ea kamehla ke IP Address _ Port (7000 + serial port #) ke hore 7001 7048.
The : mokhoa oa ho fihlella boema-kepe (joalo ka ha ho hlalositsoe karolong e kaholimo ea SSH) kamehla e hloka netefatso.
Web Terminal Sena se nolofalletsa web phihlello ea sebatli ho boema-kepe ba serial ka Laola> Lisebelisoa: Sesebelisoa se sebelisa Management Console e hahiloeng ho terminal ea AJAX. Web Terminal e hokahana joalo ka mosebelisi ea netefalitsoeng oa Management Console mme ha e netefatse hape. Sheba karolo ea 12.3 bakeng sa lintlha tse ling.
Lebitso la IP
Lumella ho fihlella boema-kepe ba serial u sebelisa aterese e itseng ea IP, e boletsoeng ka sebopeho sa CIDR. Boema-kepe bo bong le bo bong ba serial bo ka abeloa lebitso le le leng kapa ho feta la IP, le hlophisitsoeng ho latela marang-rang a marang-rang. A serial port e ka khona, mohlalaample, e fumanehe ka bobeli 192.168.0.148 (e le karolo ea marang-rang a ka hare) le 10.10.10.148 (e le karolo ea LAN ea Tsamaiso). Hape hoa khonahala ho etsa hore boema-kepe ba serial bo fumanehe ho liaterese tse peli tsa IP marang-rang a tšoanang (bakeng sa mohlalaample, 192.168.0.148 le 192.168.0.248).
Liaterese tsena tsa IP li ka sebelisoa feela ho fihlella boema-kepe bo itseng ba serial, bo fumanehang ho sebelisoa linomoro tsa boema-kepe tse tloaelehileng tsa TCP tsa lits'ebeletso tsa seva sa console. Bakeng sa mohlalaample, SSH ho serial port 3 e ka fumaneha ho port 22 ea serial port alias IP (ha e le atereseng ea mantlha ea seva ea console e fumaneha boema-kepeng ba 2003).
Ts'ebetso ena e ka hlophisoa hape ka leqephe la li-port edit tse ngata. Tabeng ena liaterese tsa IP li sebelisoa ka tatellano, 'me boema-kepe ba pele bo khethiloeng bo kenya IP mme tse latelang li ntse li eketseha,' me linomoro li tlōle bakeng sa likou leha e le life tse sa khethoang. Bakeng sa mohlalaample, haeba ho khethiloe likou tsa 2, 3 le 5 'me IP alias 10.0.0.1/24 e kentsoe bakeng sa Network Interface, liaterese tse latelang li abeloa:
Boema-kepe ba 2: 10.0.0.1/24
Boema-kepe ba 3: 10.0.0.2/24
Boema-kepe ba 5: 10.0.0.4/24
IP Aliases e boetse e tšehetsa liaterese tsa IPv6. Phapang feela ke hore liaterese ke linomoro tsa hexadecimal, kahoo port 10 e ka lumellana le aterese e qetellang ka A, le 11 ho e 'ngoe e qetellang ka B, ho fapana le 10 kapa 11 joalo ka IPv4.
32
Bukana ea Mosebelisi
Encrypt Traffic / Netefatsa Numella encryption e sa reng letho le netefatso ea likhokahano tsa serial tsa RFC2217 u sebelisa Portshare (bakeng sa ts'ebeliso e matla ea encryption VPN).
Nako ea Pokello Hang ha khokahanyo e se e thehiloe bakeng sa boema-kepe bo itseng ba serial (joaloka khokahanyo ea RFC2217 kapa khokahanyo ea Telnet komporong e hole), litlhaku life kapa life tse kenang boema-kepeng boo li fetisetsoa marang-rang ho latela litlhaku. Nako ea ho bokella e bolela nako ea nako eo litlhaku tse kenang li bokelloang pele li romeloa e le pakete holim'a marang-rang.
Escape Character Fetola tlhaku e sebelisoang bakeng sa ho romela litlhaku tse balehang. Ea kamehla ke ~. Fetolela Backspace Na u nke sebaka sa boleng ba "backspace" ba CTRL+? (127) ka CTRL+h (8). Power Menu Taelo ea ho hlahisa menu ea matla ke ~p mme e nolofalletsa taelo ea matla a khetla hore a
mosebelisi a ka laola khokahano ea matla ho sesebelisoa se laoloang ho tloha moleng oa taelo ha ba le Telnet kapa SSH e hokahane le sesebelisoa. Sesebelisoa se laoloang se tlameha ho hlophisoa ka khokahano ea eona ea Serial port le khokahanyo ea Matla e lokiselitsoe.
Khokahano e le 'Ngoe Sena se lekanyetsa boema-kepe ho khokahanyo e le 'ngoe kahoo haeba basebelisi ba bangata ba na le litokelo tsa phihlello bakeng sa boema-kepe bo itseng ke mosebelisi a le mong feela ka nako ea ka fihlelang boema-kepe boo (ke hore, ho qhekella ha koung ha ho lumelloe).
33
Khaolo ea 3: Serial Port, Host, Device & User Configuration
3.1.3 Sesebelisoa (RPC, UPS, Environmental) Mokhoa ona o lokisa sebaka se khethiloeng sa serial hore se buisane le "UPS", Remote Power Controller / Power Distribution Units (RPC) kapa Environmental Monitoring Device (Tikoloho)
1. Khetha mofuta o lakatsehang oa Sesebelisoa (UPS, RPC, kapa Environmental)
2. Tsoela pele leqepheng le loketseng la sesebediswa (Serial & Network > UPS Connection, RPC Connection kapa Environmental) joalo ka ha ho hlalositsoe Khaolong ea 7.
3.1.4 ·
Mokhoa oa Seva ea Terminal
Khetha Mokhoa oa Seva sa Terminal le Mofuta oa Terminal (vt220, vt102, vt100, Linux kapa ANSI) ho nolofalletsa getty boema-kepeng bo khethiloeng ba serial.
The getty e lokisa boema-kepe mme e emetse hore ho be le khokahanyo. Khokahano e sebetsang sesebelisoa sa serial e bonts'oa ka pinana e phahamisitsoeng ea Data Carrier Detect (DCD) sesebelisoa sa serial. Ha khokahano e fumanoa, lenaneo la getty le fana ka ho kena: kapele, 'me le kopa lenaneo la ho kena ho sebetsana le ho kena ha sistimi.
HLOKOMELA Ho khetha mokhoa oa Terminal Server ho tima Port Manager bakeng sa boema-kepe boo ba serial, kahoo data ha e sa kenngoa bakeng sa litlhokomeliso joalo-joalo.
34
Bukana ea Mosebelisi
3.1.5 Serial Bridging Mode Ka serial bridging, serial data on a nomination serial port on one console server e kenyelelitsoe ka har'a lipakete tsa marang-rang ebe e tsamaisoa ka marang-rang ho ea ho seva sa bobeli sa console moo e emeloang e le data ea serial. Li-server tse peli tsa li-console li sebetsa joalo ka mohala oa serial holim'a marang-rang a IP. Seva e le 'ngoe ea console e lokiselitsoe ho ba Seva. Sebapali sa serial port se tla kengoa borokhong se behiloe ka har'a mokhoa oa seva sa Console o nang le RFC2217 kapa RAW e lumelletsoeng. Bakeng sa seva sa Client console, boema-kepe ba serial bo tla koaheloa bo tlameha ho hlophisoa ka Mokhoa oa Bridging:
· Khetha Mokhoa oa ho Bridging oa Serial 'me u hlalose aterese ea IP ea seva sa khomphutha ea Seva le aterese ea boema-kepe ea TCP ea boema-kepe ba serial bo hole (bakeng sa RFC2217 ho tsamaisa sena e tla ba 5001-5048)
· Ka ho sa feleng, moreki ea tsamaisang borokho o sebelisa RAW TCP. Khetha RFC2217 haeba ona e le mokhoa oa seva oa khomphutha oo u o boletseng ho seva sa khomphutha ea seva
· U ka boloka likhokahano ka Ethernet ea lehae ka ho nolofalletsa SSH. Hlahisa le ho kenya linotlolo.
3.1.6 Syslog Ntle le ho rema lifate le ho beha leihlo tse ka sebelisoang ho phihlello ea taolo ea serial-a khomaretsoe le marang-rang, joalo ka ha ho boletsoe Khaolong ea 6, seva sa console se ka hlophisoa ho ts'ehetsa protocol ea syslog e hole boema-kepeng bo bong le bo bong. motheo:
· Khetha libaka tsa Syslog Facility/Priority ho nolofalletsa ho rengoa ha sephethephethe sebakeng se khethiloeng sa serial ho seva sa syslog; le ho hlophisa le ho nka khato ho melaetsa e kentsoeng (ke hore, e tsamaise hape / romella lengolo-tsoibila la tlhokomeliso.)
35
Khaolo ea 3: Serial Port, Device and User Configuration
Bakeng sa mohlalaample, haeba komporo e hoketsoeng ho serial port 3 ha ea lokela ho romela letho boema-kepeng ba eona ba serial console, molaoli a ka beha Setsi sa boema-kepe boo ho local0 (local0 .. local7 li etselitsoe boleng ba sebaka sa sebaka), le Bohlokoa ho bo bohlokoa. . Nthong ena e tlang pele, haeba seva sa syslog sa seva sa console se fumana molaetsa, se hlahisa tlhokomeliso. Sheba Khaolo ea 6. 3.1.7 Phallo ea NMEA ACM7000-L e ka fana ka phallo ea data ea GPS NMEA ho tloha ho GPS ea ka hare / modem ea cellular. Phatlalatso ena ea data e hlahisoa e le phallo ea data ea serial ho port 5 mefuteng ea ACM.
Litlhophiso tse Tloaelehileng (sekhahla sa baud joalo-joalo) li hlokomolohuoa ha ho etsoa litlhophiso tsa serial port ea NMEA. O ka hlakisa Maqhubu a ho Lokisa (ke hore, sekhahla sena sa ho lokisa GPS se bontša hore na litokiso tsa GPS li fumanoa hangata hakae). U ka sebelisa litlhophiso tsohle tsa Console Server Mode, Syslog le Serial Bridging boema-kepeng bona.
U ka sebelisa pmshell, webshell, SSH, RFC2217 kapa RawTCP ho fihla molapong:
Bakeng sa mohlalaample, sebelisa le Web Theminale:
36
Bukana ea Mosebelisi
3.1.8 USB Consoles
Liseva tsa Console tse nang le likou tsa USB li tšehetsa likhokahano tsa USB ho lisebelisoa tse tsoang ho barekisi ba fapaneng, ho kenyeletsoa Cisco, HP, Dell le Brocade. Likou tsena tsa USB li ka sebetsa joalo ka likou tse hlakileng tsa RS-232 ha adaptara ea USB-to-serial e hokahantsoe.
Likou tsena tsa USB li fumaneha e le likou tsa li-portmanager tse tloaelehileng 'me li hlahisoa ka lipalo ho web UI kamora likou tsohle tsa serial tsa RJ45.
ACM7008-2 e na le likou tse robeli tsa serial tsa RJ45 ka morao ho seva sa console le likou tse 'ne tsa USB ka pele. Ho Serial & Network> Serial Port tsena li thathamisitsoe e le
Boema-kepe # Sehokelo
1
RJ45
2
RJ45
3
RJ45
4
RJ45
5
RJ45
6
RJ45
7
RJ45
8
RJ45
9
USB
10 USB
11 USB
12 USB
Haeba ACM7008-2 e itseng e le mohlala oa cellular, port #13 - bakeng sa GPS - le eona e tla thathamisoa.
7216-24U e na le likou tsa serial tse 16 tsa RJ45 le likou tse 24 tsa USB ka sefahleho sa eona se ka morao hammoho le likou tse peli tsa USB tse shebileng ka pele le (mohlala oa cellular) GPS.
Likou tsa serial tsa RJ45 li hlahisoa ho Serial & Network > Serial Port e le linomoro tsa boema-kepe 1. Likou tse 16 tse ka morao li nka linomoro tsa boema-kepe 24, 'me likou tsa USB tse shebileng ka pele li thathamisitsoe ho linomoro tsa boema-kepe 17 le 40 ka ho latellana. 'Me, joalo ka ACM41-42, haeba 7008-2U e itseng e le mohlala oa cellular, GPS e hlahisoa ho nomoro ea 7216.
Litlhophiso tse tloaelehileng (sekhahla sa baud, joalo-joalo) li sebelisoa ha ho lokisoa likou, empa lits'ebetso tse ling li kanna tsa se sebetse ho ipapisitse le ts'ebetsong ea chip ea serial ea USB.
3.2 Eketsa le ho Fetola Basebelisi
Motsamaisi o sebelisa khetho ena ea menyetla ho theha, ho hlophisa le ho hlakola basebelisi le ho hlalosa tumello ea ho kena ho e mong le e mong oa basebelisi bana.
37
Khaolo ea 3: Serial Port, Device and User Configuration
Basebelisi ba ka fuoa tumello ea ho fihlella lits'ebeletso tse boletsoeng, likoung tsa serial, lisebelisoa tsa motlakase le li-host tse hoketsoeng tsa marang-rang. Basebelisi bana le bona ba ka fuoa boemo bo felletseng ba botsamaisi (ka tlhophiso e felletseng le taolo le litokelo tsa phihlello).
Basebelisi ba ka eketsoa ka lihlopha. Lihlopha tse tšeletseng li hlophisitsoe ka mokhoa oa kamehla:
admin
E fana ka litokelo tse sa lekanyetsoang tsa tlhophiso le taolo.
pptpd
E lumella ho kena ho seva sa PPTP VPN. Basebelisi ba sehlopha sena ba na le li-password tsa bona tse bolokiloeng ka mongolo o hlakileng.
dialine
E dumella ho daela ho kena ka modem. Basebelisi ba sehlopha sena ba na le li-password tsa bona tse bolokiloeng ka mongolo o hlakileng.
ftp
E lumella ftp ho fihlella le file ho fihlella lisebelisoa tsa polokelo.
pmshell
E beha khetla ea kamehla ho pmshell.
basebelisi
E fa basebelisi litokelo tsa mantlha tsa taolo.
Sehlopha sa batsamaisi se fa litho litokelo tse felletseng tsa batsamaisi. Mosebelisi oa admin a ka fihlella seva sa khomphutha a sebelisa litšebeletso life kapa life tse nolofalitsoeng ho Sistimi> Litšebeletso Ba ka fihlella leha e le efe ea Li-Hosts tse hokahantsoeng kapa lisebelisoa tsa serial port ba sebelisa litšebeletso life kapa life tse lumelletsoeng bakeng sa likhokahano tsena. Ke basebelisi ba tšepahalang feela ba lokelang ho ba le phihlello ea batsamaisi
Sehlopha sa basebelisi se fa litho monyetla o fokolang oa ho fihlella seva sa console le mabotho a hokahantsoeng le lisebelisoa tsa serial. Basebelisi bana ba ka fihlella karolo ea Tsamaiso ea menu ea Management Console mme ha ba na mokhoa oa ho fumana mohala oa taelo ho seva sa console. Ba ka fihlella feela li-Hosts le lisebelisoa tsa serial tse ba hlahlobiloeng, ba sebelisa lits'ebeletso tse lumelletsoeng.
Basebelisi ba lihlopheng tsa pptd, dialin, ftp kapa pmshell ba thibetse phihlello ea khetla ea basebelisi ho lisebelisoa tse laoloang tse khethiloeng empa ba ke ke ba ba le phihlello e tobileng ho seva sa console. Ho kenyelletsa sena, basebelisi ba tlameha ho ba setho sa basebelisi kapa lihlopha tsa admin
Mookameli a ka theha lihlopha tse ling tse nang le lisebelisoa tse khethehileng tsa matla, li-serial port le tumello ea ho fumana moamoheli. Basebelisi ba lihlopheng tsena tse ling ha ba na monyetla oa ho kena lenaneng la Management Console ebile ha ba na mokhoa oa ho fumana mohala oa taelo ho seva sa console.
38
Bukana ea Mosebelisi
Motsamaisi a ka theha basebelisi ka sesebelisoa se ikhethileng sa matla, koung ea serial le tumello ea phihlello ea moamoheli bao e seng setho sa lihlopha life kapa life. Basebelisi bana ha ba na monyetla oa ho kena ho menu ea Management Console kapa ho fihlella mohala oa taelo ho seva sa khomphutha. 3.2.1 Theha sehlopha se secha Ho theha lihlopha tse ncha le basebelisi ba bacha, le ho arola basebelisi joalo ka litho tsa lihlopha tse itseng:
1. Kgetha Serial & Network > Basebedisi & Lihlopha ho hlahisa lihlopha tsohle le basebelisi 2. Tobetsa Add Group ho eketsa sehlopha se secha.
3. Eketsa Lebitso la Sehlopha le Tlhaloso bakeng sa sehlopha ka seng se secha, 'me u khethe Makhotla a Finyehang, Maemakepe a Fihlehang le Li-RPC tse fumanehang tseo basebelisi ba sehlopha sena se secha ba tla khona ho li fumana.
4. Tobetsa Etsa kopo 5. Mookameli a ka Fetola kapa a Hlakola sehlopha sefe kapa sefe se ekelitsoeng 3.2.2 Ho theha basebelisi ba bacha Ho theha basebelisi ba bacha, le ho arola basebelisi e le litho tsa lihlopha tse itseng: 1. Kgetha Serial & Network > Basebedisi & Lihlopha ho hlahisa. lihlopha tsohle le basebelisi 2. Tobetsa Add User
39
Khaolo ea 3: Serial Port, Device and User Configuration
3. Kenya Username bakeng sa mosebedisi e mong le e mong e motjha. Hape o ka kenyelletsa lintlha tse amanang le mosebelisi (mohlala, lintlha tsa mabitso) sebakeng sa Tlhaloso. Username e ka ba le litlhaku tse 1 ho isa ho tse 127 tsa alphanumeric le litlhaku "-" "_" le "".
4. Hlalosa hore na ke Lihlopha life tseo u lakatsang hore mosebelisi e be setho sa 5. Kenya Password e tiisitsoeng bakeng sa mosebelisi e mong le e mong e mocha. Litlhaku tsohle li lumelletsoe. 6. SSH pass-key netefatso e ka sebelisoa. Beha linotlolo tsa sechaba tsa sechaba/poraefete tse lumelletsoeng
li-keypairs bakeng sa mosebelisi enoa sebakeng sa Authorized SSH Keys 7. Sheba Thibela Tiiso ea Phasewete ho lumella feela netefatso ea linotlolo tsa sechaba bakeng sa mosebelisi enoa.
ha o sebedisa SSH 8. Sheba Numella ho daela hape ho menu ya Dial-in Options ho dumella khokahanyo e tswang ya ho daela morao.
ho hlohlelletsoa ke ho kena boema-kepeng bona. Kenya Nomoro ea Mohala ea Daela-Boela le nomoro ea mohala eo u ka e letsetsang ha mosebelisi a kena 9. Sheba Li-Hosts tse Finyehang le/kapa Li-Ports tse fihlellehang ho khetha li-ports tsa serial le li-host tse hoketsoeng ke marang-rang u lakatsa hore mosebelisi a be le litokelo tsa phihlello ho 10. ho na le li-RPC tse hlophisitsoeng, hlahloba Li-Accessible RPC Outlets ho hlakisa hore na mosebelisi a khona ho laola mabenkele afe (ke hore Power On/Off) 11. Tobetsa Etsa kopo. Mosebelisi e mocha o tla khona ho fihlella lisebelisoa tsa marang-rang tse fumanehang, Li-Ports le RPC Outlets. Haeba mosebelisi e le setho sa sehlopha, ba ka khona ho fihlella sesebelisoa / boema-kepe / sebaka sefe kapa sefe se fumanehang ho sehlopha
40
Bukana ea Mosebelisi
Ha ho na meeli ho palo ea basebelisi bao u ka ba behang kapa palo ea basebelisi ka boema-kepe ba serial kapa moamoheli. Basebelisi ba bangata ba khona ho laola / ho beha leihlo kou e le 'ngoe kapa moamoheli. Ha ho na meeli palo ea lihlopha 'me mosebelisi e mong le e mong e ka ba setho sa lihlopha tse ngata. Mosebelisi ha a tlameha ho ba setho sa lihlopha life kapa life, empa haeba mosebelisi e le setho sa sehlopha sa basebelisi ba kamehla, ba ke ke ba khona ho sebelisa Management Console ho laola likou. Le hoja ho se na meeli, nako ea ho lokisa bocha e eketseha ha palo le ho rarahana ho ntse ho eketseha. Re khothaletsa palo e akaretsang ea basebelisi le lihlopha ho bolokoa ka tlase ho lilemo tse 250. Mookameli a ka boela a fetola litlhophiso tsa phihlello bakeng sa basebelisi leha e le bafe ba teng:
· Khetha Serial & Network > Basebedisi & Lihlopha ebe o tobetsa Edit ho fetola litokelo tsa phihlello ea mosebelisi · Tobetsa Tlosa ho tlosa mosebelisi · Tobetsa Tlosa ho thibela ka nakoana litokelo tsa phihlello.
3.3 Netefatso
Sheba Khaolo ea 8 bakeng sa lintlha tsa tlhophiso ea netefatso.
3.4 Baamoheli ba Marang-rang
Ho beha leihlo le ho fihlella khomphutha kapa sesebelisoa sa marang-rang se nang le marang-rang u le hole (se bitsoang Moamoheli) u tlameha ho tsebahatsa Moamoheli:
1. Ho kgetha Seri & Netweke > Baamohedi ba Netweke e hlahisa di-Hosts tsohle tse hoketsweng netweke tse dumeletsweng ho sebediswa.
2. Tobetsa Eketsa Moamoheli ho nolofalletsa ho fihlella Moamoheli e mocha (kapa khetha Edita ho nchafatsa litlhophiso tsa Moamoheli ea teng)
41
Khaolo ea 3: Serial Port, Device and User Configuration
3. Haeba Moamoheli e le PDU kapa UPS sesebelisoa sa matla kapa seva e nang le taolo ea matla ea IPMI, hlakisa RPC (bakeng sa IPMI le PDU) kapa UPS le Mofuta oa Sesebelisoa. Mookameli a ka lokisa lisebelisoa tsena 'me a lumella hore na ke basebelisi bafe ba nang le tumello ea ho potoloha matla ba le remoutu, joalo-joalo Sheba Khaolo ea 7. Ho seng joalo tlohela Mofuta oa Sesebelisoa o behiloe ho None.
4. Haeba seva sa console se hlophisitsoe ka mokhoa oa ho beha leihlo oa Nagios, u tla boela u bone likhetho tsa Nagios Settings ho nolofalletsa litšebeletso tse khethiloeng ho Host hore li behoe leihlo.
5. Tobetsa Etsa kopo. Sena se theha Host e ncha hape se theha sesebelisoa se secha se laoloang se nang le lebitso le tšoanang.
3.5 Marang-rang a Tšeptjoang
The Trusted Networks setsi se u fa khetho ea ho khetha liaterese tsa IP tseo basebelisi ba tlamehang ho ba ho tsona, ho ba le phihlello ea li-ports tsa serial tsa console:
42
Bukana ea Mosebelisi
1. Kgetha Seri & Netweke > Maqhubu a Tshepehang 2. Ho eketsa netweke e ntjha e tshetilweng, kgetha Eketsa Molao. Ha ho le sieo Melao, ha ho na mokhoa oa ho kena
mefokolo mabapi le aterese ea IP eo basebelisi ba ka fumanehang ho eona.
3. Khetha Li-Ports tse Finyehang tseo molao o mocha o lokelang ho sebelisoa ho tsona
4. Kenya Aterese ea Netweke ea subnet e lumelletsoeng ho fihlella
5. Hlalosa mefuta e mengata ea liaterese tse lokelang ho lumeloa ka ho kenya Network Mask bakeng sa mofuta o lumelletsoeng oa IP, mohlala.
· Ho lumella basebelisi bohle ba nang le khokahano e itseng ea netweke ea Sehlopha sa C ho boema-kepe bo khethiloeng, eketsa Molao o Mocha oa Trusted Network:
Aterese ea IP ea Marang-rang
204.15.5.0
Mask a subnet
255.255.255.0
· Ho lumella mosebelisi a le mong feela ea fumanehang atereseng e itseng ea IP ho hokela:
Aterese ea IP ea Marang-rang
204.15.5.13
Mask a subnet
255.255.255.255
· Ho lumella basebelisi bohle ba sebetsang ho tloha ka har'a mefuta e itseng ea liaterese tsa IP (bolela leha e le efe ea liaterese tse mashome a mararo ho tloha ho 204.15.5.129 ho isa 204.15.5.158) ho lumelloa ho hokela boema-kepe bo khethiloeng:
Aterese ea Host /Subnet
204.15.5.128
Mask a subnet
255.255.255.224
6. Tobetsa Etsa kopo
43
Khaolo ea 3: Serial Port, Device and User Configuration
3.6 Serial Port Cascading
Li-Cascaded Ports li u thusa ho kopanya li-server tse abuoang e le hore palo e kholo ea likou tsa serial (ho fihla ho 1000) e ka hlophisoa le ho fihlella ka aterese e le 'ngoe ea IP mme e laoloe ka Management Console e le' ngoe. Seva e le 'ngoe ea li-console, Primary, e laola lisebelisoa tse ling tsa li-console e le li-unit tsa Node le likou tsohle tsa serial ho li-unit tsa Node li hlaha joalo ka ha eka ke karolo ea Primary. Ho kopanya ha Ongear ho hokahanya Node ka 'ngoe le Primary ka khokahano ea SSH. Sena se etsoa ho sebelisoa netefatso ea senotlolo sa sechaba, kahoo Primary e ka fihlella Node ka 'ngoe e sebelisa li-key pair tsa SSH (ho fapana le ho sebelisa li-password). Sena se tiisa likhokahano tse netefalitsoeng tse netefalitsoeng lipakeng tsa Primary le Node tse nolofalletsang li-server tsa Node console ho ajoa sebakeng sa heno ho LAN kapa hole le lefats'e.
3.6.1 Hlahisa le ho kenya linotlolo tsa SSH Ho theha netefatso ea linotlolo tsa sechaba u tlameha ho qala ka ho hlahisa li-key pair tsa RSA kapa DSA ebe u li kenya ho li-server tsa Primary le Node console. Sena se ka etsoa ka bohona ho tsoa ho Primary:
44
Bukana ea Mosebelisi
1. Khetha System > Tsamaiso ho Primary's Management Console
2. Sheba Hlahisa linotlolo tsa SSH ka bo eona. 3. Tobetsa Etsa kopo
Ka mor'a moo, u tlameha ho khetha hore na u tla hlahisa linotlolo u sebelisa RSA le/kapa DSA (haeba u sa tiisehe, khetha RSA feela). Ho hlahisa sete e 'ngoe le e' ngoe ea linotlolo ho hloka metsotso e 'meli' me linotlolo tse ncha li senya linotlolo tsa khale tsa mofuta oo. Ha moloko o mocha o ntse o tsoela pele, mesebetsi e itšetlehileng ka linotlolo tsa SSH (mohlala, cascading) e ka emisa ho sebetsa ho fihlela e nchafatsoa ka sete e ncha ea linotlolo. Ho etsa linotlolo:
1. Sheba mabokose bakeng sa linotlolo tseo u lakatsang ho li hlahisa. 2. Tobetsa Etsa kopo
3. Hang ha linotlolo tse ncha li entsoe, tobetsa sehokelo Tobetsa mona ho khutla. Linotlolo li kentsoe
ho Li-Node tsa Primary le tse hokahaneng.
3.6.2 Hlahisa le ho kenya linotlolo tsa SSH Ka tsela e 'ngoe haeba u na le RSA kapa DSA key pair u ka li kenya ho li-consoleserver tsa Primary le Node. Ho kenya linotlolo tsa bohlokoa tsa sechaba le tsa poraefete ho seva sa Primary console:
1. Kgetha Sistimi > Tsamaiso ho Console ya Tsamaiso ya Mathomo
2. Batla sebakeng seo u se bolokileng RSA (kapa DSA) Key Key 'me u e kenye ho SSH RSA (DSA) Key Key.
3. Batla ho RSA e bolokiloeng (kapa DSA) Private Key ebe u e kenya ho SSH RSA (DSA) Private Key 4. Tobetsa Etsa kopo
45
Khaolo ea 3: Serial Port, Device and User Configuration
Ka mor'a moo, o tlameha ho ngolisa Senotlolo sa Sechaba e le Senotlolo se lumelitsoeng ho Node. Tabeng ea Primary e le 'ngoe e nang le Node tse ngata, u kenya senotlolo se le seng sa sechaba sa RSA kapa sa DSA bakeng sa Node ka 'ngoe.
1. Khetha Tsamaiso > Tsamaiso ho Node's Management Console 2. Batla ho RSA e bolokiloeng (kapa DSA) Key Key 'me u e kenye ho Node's SSH Authorized Key.
3. Tobetsa Etsa kopo Mohato o latelang ke ho hatisa ka menoana khokahanyo e 'ngoe le e 'ngoe e ncha ea Node-Primary. Mohato ona o tiisa hore o theha seboka sa SSH ho seo u nahanang hore u sona. Khokahanong ea pele Node e fumana menoana e tsoang ho Primary e sebelisoang likhokahanong tsohle tsa kamoso: Ho theha lethathamo la menoana ea pele ho seva sa mantlha e le motso le ho theha khokahano ea SSH ho moamoheli o hole oaNode:
# ssh remhost Hang ha khokahano ea SSH e se e thehiloe, o kopuoa ho amohela senotlolo. Araba ka e, 'me monoana o kenyelelitsoe lethathamong la mabotho a tsebahalang. Haeba u kopuoa ho fana ka phasewete, ho bile le bothata ba ho kenya linotlolo.
1. Kgetha Serial & Network > Cascaded Ports on the Primary's Management Console: 2. Ho eketsa tšehetso ea lihlopha, khetha Add Node.
U ke ke ua eketsa Node ho fihlela u hlahisitse linotlolo tsa SSH. Ho hlalosa le ho lokisa Node:
46
Bukana ea Mosebelisi
1. Kenya aterese ea IP e hōle kapa Lebitso la DNS bakeng sa seva sa Node console 2. Kenya Tlhaloso e khutšoanyane le Letšoao le khutšoanyane bakeng sa Node 3. Kenya palo e feletseng ea li-ports tsa serial ho Node unit ho Node ea Ports 4. Tobetsa Etsa kopo. Sena se theha kotopo ea SSH lipakeng tsa Primary le Node e ncha
Lenane la Serial & Network > Cascaded Ports le bonts'a li-node tsohle le linomoro tsa boema-kepe tse fanoeng ho Primary. Haeba seva sa mantlha sa console se na le likou tse 16 tsa sona, likou tsa 1-16 li abetsoe ho Primary, kahoo node ea pele e kenyellelitsoeng e fuoa nomoro ea boema-kepe 17 ho ea pele. Ha u se u kentse li-server tsohle tsa Node console, li-port tsa serial tsa Node le lisebelisoa tse hokahaneng li ka lokisoa ebile lia fumaneha ho tsoa ho menu ea Primary's Management Console mme li fumaneha ka aterese ea IP ea mantlha.
1. Khetha e loketseng Serial & Network > Serial Port le Edit ho configure likou tsa serial ho
Node.
2. Khetha Serial & Network e loketseng > Basebedisi & Lihlopha ho eketsa basebelisi ba bacha ba nang le litokelo tsa ho kena
ho li-port tsa serial tsa Node (kapa ho holisa litokelo tsa phihlello tsa basebelisi ba teng).
3. Kgetha Seri & Netweke e loketseng > Maqhubu a Tshepehang ho hlakisa diaterese tsa netweke tseo
e ka fihlella likou tsa serial tsa node tse khethiloeng. 4. Khetha Litlhokomeliso tse nepahetseng le ho rema lifate > Litlhokomeliso ho lokisa Khokahano ea Node port, State.
Litlhokomeliso tsa Match Paterone ea Changeor. Liphetoho tsa tlhophiso tse entsoeng ho Primary li phatlalalitsoe ho li-node tsohle ha u tobetsa Etsa kopo.
3.6.4 Tsamaiso ea Li-Node The Primary e laola li-serial ports tsa Node. Bakeng sa mohlalaample, haeba o fetola litokelo tsa phihlello ea mosebelisi kapa o hlophisa tlhophiso efe kapa efe ea serial port ho Primary, tlhophiso e ntlafalitsoeng. files li romelloa ho Node e 'ngoe le e' ngoe ka ho ts'oana.Node ka 'ngoe e etsa liphetoho ho litlhophiso tsa sebaka sa bona (mme e etsa feela liphetoho tse amanang le likou tsa eona tse khethehileng). U ka sebelisa Node Management Console ea lehae ho fetola litlhophiso ho boema-kepe bofe kapa bofe ba serial (joalo ka ho fetola litefiso tsa baud). Liphetoho tsena li ngoloa nakong e tlang nakong e tlang Primary e romela tlhophiso file nchafatsa. Le ha Primary e le taolong ea mesebetsi eohle e amanang le node serial port, ha se ea mantlha holim'a likhokahano tsa marang-rang tsa node kapa holim'a sistimi ea Node Console Server. Mesebetsi ea li-node tse kang IP, SMTP & SNMP Settings, Date & Time, DHCP server e tlameha ho laoloa ka ho fihlella node ka 'ngoe ka ho toba' me mesebetsi ena ha e e-s'o ngoloe ha liphetoho tsa tlhophiso li phatlalatsoa ho tsoa ho Primary. Litlhophiso tsa Node's Network Host le IPMI li tlameha ho hlophisoa sebakeng se seng le se seng.
47
Khaolo ea 3: Serial Port, Device and User Configuration
Primary's Management Console e fana ka khokahanyo e kopaneng view ea litlhophiso tsa eona le likou tsa serial tsa Node kaofela. The Primary ha e fane ka kopo e kopantsoeng ka botlalo view. Bakeng sa mohlalaampLeha ho le joalo, haeba u batla ho tseba hore na ke mang ea kentsoeng ho li-ports tsa serial ho tloha ho tse ka sehloohong, u tla bona hore Status > Active Users e bontša feela basebelisi bao ba sebetsang likoung tsa Primary, kahoo u ka 'na ua hloka ho ngola mangolo a tloaelehileng ho fana ka sena. view.
3.7 Tsamaiso ea Boema-kepe (PortShare)
Software ea Ongear's Port Share e fana ka theknoloji ea "serial port" ea "virtual port" ea Windows le Linux tseo u li hlokang ho bula likou tse hole tsa serial le ho bala lintlha tse tsoang ho lisebelisoa tsa serial tse hokahaneng le seva sa hau sa khomphutha.
PortShare e fanoa mahala le seva e 'ngoe le e' ngoe ea khomphutha mme o na le laesense ea ho kenya PortShare komporong e le 'ngoe kapa ho feta bakeng sa ho fihlella sesebelisoa leha e le sefe sa serial se hokahaneng le boema-kepe ba seva sa console. PortShare bakeng sa Windows The portshare_setup.exe e ka khoasolloa sebakeng sa ftp. Sheba Buka ea Mosebelisi ea PortShare le Qalo e Potlakileng bakeng sa lintlha tse mabapi le ho kenya le ts'ebetso. PortShare bakeng sa Linux Mokhanni oa PortShare bakeng sa Linux o etsa limmapa tsa serial port ea console ho ea boema-kepeng ba leka ba amohelang. Opengear e lokolitse porthare-serial-client e le sesebelisoa se bulehileng sa Linux, AIX, HPUX, SCO, Solaris le UnixWare. Sesebelisoa sena se ka khoasolloa ho tsoa sebakeng sa marang-rang sa ftp. Setsi sena sa PortShare serial port redirector se u lumella ho sebelisa sesebelisoa sa serial se hoketsoeng ho remote console server joalo ka ha eka se hokahane le boema-kepe ba hau ba lehae. Porthare-serial-client e theha pseudo tty port, e hokahanya ts'ebeliso ea serial ho pseudo tty port, e amohela data ho tsoa ho pseudo tty port, e e fetisetsa ho seva sa console ka marang-rang mme e amohela data ho tswa ho seva sa console ka marang-rang ebe oa e fetisetsa. ho ea koung ea pseudo-tty. The .tar file e ka khoasolloa ho tsoa sebakeng sa marang-rang sa ftp. Sheba Buka ea Mosebelisi ea PortShare le Qalo e Potlakileng bakeng sa lintlha tse mabapi le ho kenya le ts'ebetso.
48
Bukana ea Mosebelisi
3.8 Lisebelisoa tse Laoloang
Leqephe la Lisebelisoa tse Laolang le hlahisa tse kopantsoeng view ea likhokahano tsohle ho sesebelisoa se ka fihlellehang le ho hlahlojoa ka seva sa console. Ho view dikgokelo tsa disebediswa, kgetha Serial & Netweke > Lisebelisoa tse Laolwang
Skrine sena se bonts'a lisebelisoa tsohle tse laoloang ka Tlhaloso / Lintlha le lethathamo la likhokahano tsohle tse hlophisitsoeng:
· Serial Port # (haeba e hokahane ka serially) kapa · USB (haeba USB e hokahantsoe) · Aterese ea IP (haeba marang-rang a hokahantsoe) · Lintlha tsa Power PDU/outlet (haeba li hlokahala) le likhokahano life kapa life tsa UPS Lisebelisoa tse kang li-server li ka ba le khokahano ea matla a fetang bonngoe. (mohlala, ho fanoa ka matla a mabeli) le likhokahano tsa marang-rang tse fetang bonngoe (mohlala, bakeng sa BMC/processor processor). Basebelisi bohle ba ka khona view likhokahano tsena tsa lisebelisoa tse laoloang ka ho khetha Laola > Lisebelisoa. Batsamaisi ba ka boela ba hlophisa le ho kenya / ho hlakola lisebelisoa tsena tse laoloang le likhokahano tsa tsona. Ho lokisa sesebediswa se seng se ntse se le teng le ho eketsa kgokelo e ntjha: 1. Kgetha Edita ho Serial & Netweke > Disebediswa tse Laolwang ebe o tobetsa Eketsa Connection 2. Kgetha mofuta wa kgokelo bakeng sa kgokelo e ntjha (Serial, Network Host, UPS kapa RPC) ebe o kgetha.
khokahanyo ho tsoa lethathamong le hlahisitsoeng la mabotho a sa abuoang / likou / mabenkele
49
Khaolo ea 3: Serial Port, Device and User Configuration
Ho kenya sesebediswa se laolwang sa netweke se setjha: 1. Mookamedi o eketsa sesebediswa se setjha se laolwang sa netweke se hoketsweng a sebedisa Add Host ho Serial & Network > menu ya Network Host. Sena se iketsetsa sesebelisoa se laoloang se tsamaisanang le sona. 2. Ha o eketsa netweke e ntjha e hoketsweng sesebediswa sa motlakase sa RPC kapa sa UPS, o seta Network Host, o e bitsa RPC kapa UPS. Eya ho RPC Connections kapa UPS Connections ho lokisa khokahanyo e nepahetseng. Sesebelisoa se tsamaisanang le se secha se laoloang se nang le Lebitso / Tlhaloso e ts'oanang le RPC / UPS Host ha e etsoe ho fihlela mohato ona oa khokahano o phetheloa.
ELA HLOKO Mabitso a marang-rang a PDU e sa tsoa thehoa ke Outlet 1 le Outlet 2. Ha o hokela sesebelisoa se itseng se laoloang se hulang matla ho tsoa ho tsoa, sephutheloana se nka lebitso la sesebelisoa se laoloang se tsamaisoang.
Ho kenya sesebediswa se setjha se laolwang ka serially: 1. Beakanya boemakepe ba serial o sebedisa Serial & Network > Serial Port menu (Sheba Karolo 3.1 Configure Serial Port) 2. Kgetha Serial & Netweke > Lisebelisoa tse Laolwang ebe o tobetsa Kenya Sesebediswa 3. Kenya Sesebediswa. Lebitso le Tlhaloso ea sesebelisoa se laoloang
4. Tobetsa Add Connection 'me u khethe Serial le Port e hokahanyang sesebelisoa se laoloang
5. Ho eketsa kgokelo ya matla ya UPS/RPC kapa kgokelo ya netweke kapa kgokelo e nngwe ya serial tobetsa Eketsa Khokelo
6. Tobetsa Etsa kopo
HLOKOMELA
Ho seta sesebediswa sa RPC UPS kapa EMD se hoketsweng serially, lokisa sebaka sa serial port, o se hlalose jwalo ka Sesebediswa, ebe o kenya Lebitso le Tlhaloso bakeng sa sesebediswa seo ho Serial & Network > RPC Connections (kapa UPS Connections kapa Environmental). Sena se theha sesebelisoa se secha se laoloang se nang le Lebitso / Tlhaloso e tšoanang le ea RPC/UPS Host. Mabitso a marang-rang a PDU ena e sa tsoa thehoa ke Outlet 1 le Outlet 2. Ha o hokela sesebelisoa se laoloang se hulang matla ho tsoa, sephutheloana se nka lebitso la Sesebelisoa se laoloang se tsamaisoang.
3.9 IPsec VPN
ACM7000, CM7100, le IM7200 li kenyelletsa Openswan, ts'ebetsong ea Linux ea liprothokholo tsa IPsec (IP Security), tse ka sebelisoang ho hlophisa Virtual Private Network (VPN). VPN e lumella liwebsaete tse ngata kapa balaoli ba hole ho fihlella seva sa khomphutha le lisebelisoa tse laoloang ka mokhoa o sireletsehileng Marang-rang.
50
Bukana ea Mosebelisi
Motsamaisi a ka theha likhokahano tse netefalitsoeng tsa VPN lipakeng tsa li-server tsa khomphutha tse ajoang libakeng tse hole le heke ea VPN (joalo ka Cisco router e tsamaisang IOS IPsec) marangrang a bona a liofisi tse bohareng:
· Basebelisi ba ofising e bohareng ba ka fumana li-server tsa remote console ka mokhoa o sireletsehileng le lisebelisoa tse hokahaneng tsa serial console le metjhini ho Management LAN subnet sebakeng se hole joalo ka ha eka ke tsa lehae.
· Li-server tsena tsohle tse hole le li-remote console li ka beoa leihlo ka CMS6000 ho netweke e bohareng · Ka serial bridging, serial data from controller at central office office can be securely
e hokahane le lisebelisoa tse laoloang ka serial libakeng tse hole Mookameli oa mohlabani oa litsela a ka sebelisa VPN IPsec software client ho fihlella seva sa console le mochine o mong le o mong ho subnet ea Management LAN sebakeng se hole.
Tlhophiso ea IPsec e rarahane haholo kahoo Opengear e fana ka sebopeho sa GUI bakeng sa ho seta ha motheo joalokaha ho hlalositsoe ka tlase. Ho nolofalletsa VPN gateway:
1. Khetha IPsec VPN ho Serial & Networks menu
2. Tobetsa Eketsa 'me u tlatse skrine ea Add IPsec Tunnel 3. Kenya lebitso lefe kapa lefe le hlalosang leo u lakatsang ho le tsebahatsa IPsec Tunnel eo u e eketsang joalo ka
WestStOutlet-VPN
51
Khaolo ea 3: Serial Port, Device and User Configuration
4. Khetha Mokhoa oa Netefatso o tla sebelisoa, ebang ke li-signature tsa RSA digital kapa Shared Secret (PSK) o Haeba u khetha RSA u kopuoa ho tobetsa mona ho hlahisa linotlolo. Sena se hlahisa senotlolo sa sechaba sa RSA bakeng sa seva sa console (Left Public Key). Fumana senotlolo se tla sebelisoa hekeng e hole, sehe le ho se manamisa ka har'a Senotlolo sa Sechaba sa Right
o Haeba o kgetha Sephiri se arolelanweng, kenya sephiri se arolelanweng esale pele (PSK). PSK e tlameha ho ts'oana le PSK e hlophisitsoeng ka lehlakoreng le leng la kotopo
5. Ho Protocol ea Authentication khetha protocol ea netefatso e tla sebelisoa. Netefatsa e le karolo ea encryption ea ESP (Encapsulating Security Payload) kapa ka thoko u sebelisa protocol ea AH (Authentication Header).
52
Bukana ea Mosebelisi
6. Kenya ID ea Le letšehali le ID ea ho le letona. Sena ke sesupo se sebelisoang ke Moamoheli oa Lehae/heke le moamoheli oa hole/heke bakeng sa lipuisano le netefatso ea IPsec. ID ka 'ngoe e tlameha ho kenyelletsa @ mme e ka kenyelletsa lebitso la domain le tšoanelehang ka botlalo (mohlala left@example.com)
7. Kenya IP ea sechaba kapa aterese ea DNS ea heke ena ea Opengear VPN e le Aterese ea Le letšehali. U ka siea sena se se na letho ho sebelisa sebopeho sa tsela ea kamehla
8. Ho Aterese e nepahetseng kenya aterese ea IP kapa DNS ea sechaba ea pheletsong e hole ea kotopo (hafeela pheletso e hole e na le aterese e tsitsitseng kapa DynDNS). Ho seng joalo tlohela sena se se na letho
9. Haeba monyako oa Opengear VPN o sebetsa e le tsela ea VPN ho kena subnet ea lehae (mohlala, seva sa khomphutha se na le Management LAN e hlophisitsoeng) kenya lintlha tsa poraefete tsa subnet ho Left Subnet. Sebelisa CIDR notation (moo nomoro ea aterese ea IP e lateloang ke slash le palo ea likotoana tsa `one' ho binary notation ea semake sa marang-rang). Bakeng sa mohlalaample, 192.168.0.0/24 e bontša aterese ea IP moo li-bits tse 24 tsa pele li sebelisoang e le aterese ea marang-rang. Sena se tšoana le 255.255.255.0. Haeba phihlello ea VPN e le ho seva sa console feela le lisebelisoa tsa eona tse hokelletsoeng tsa serial console, tlohela Subnet e Le letšehali e se na letho.
10. Haeba ho na le heke ea VPN pheletsong e hole, kenya lintlha tsa poraefete tsa subnet ho Right Subnet. Sebelisa notation ea CIDR 'me u tlohele letho haeba ho na le moamoheli ea hole feela
11. Kgetha Qala Tonopo haeba kgokelo ya kotopo e tla qalwa ho tswa pheletsong ya seva ya Left console. Sena se ka qalisoa feela ho tsoa ho heke ea VPN (Ka ho le letšehali) haeba pheletso e hole e lokiselitsoe ka aterese ea IP e sa fetoheng (kapa DynDNS).
12. Tobetsa Etsa kopo ho boloka liphetoho
ELA HLOKO Lintlha tsa tlhophiso tse entsoeng ho seva sa console (seo ho thoeng ke Moamoheli oa Leqele kapa Lehae) li tlameha ho ts'oana le setaele se kentsoeng ha u lokisa Remote (Ka ho le letona) moamoheli/heke kapa moreki oa software. Sheba http://www.opengear.com/faq.html bakeng sa lintlha tse mabapi le ho lokisa likhutlo tsena tse hole
3.10 OpenVPN
ACM7000, CM7100, le IM7200 e nang le firmware V3.2 mme hamorao e kenyelletsa OpenVPN. OpenVPN e sebelisa laeborari ea OpenSSL bakeng sa encryption, netefatso, le setifikeiti, ho bolelang hore e sebelisa SSL/TSL (Secure Socket Layer/Transport Layer Security) bakeng sa phapanyetsano ea bohlokoa mme e ka encrypt ka bobeli data le liteishene tsa taolo. Ho sebelisa OpenVPN ho lumella ho aha li-VPN tsa marang-rang, ntlha-to-point ho sebelisa X.509 PKI (Public Key Infrastructure) kapa tlhophiso e tloaelehileng. files. OpenVPN e lumella ts'ebetso e sireletsehileng ea data ka koung e le 'ngoe ea TCP / UDP holim'a marang-rang a sa sireletsehang, kahoo e fana ka phihlelo e sireletsehileng ea libaka tse ngata le tsamaiso e sireletsehileng ea hole ho seva sa console ho Internet. OpenVPN e boetse e lumella tšebeliso ea liaterese tsa Dynamic IP ke seva le moreki kahoo e fana ka motsamao oa bareki. Bakeng sa mohlalaample, kotopo ea OpenVPN e ka thehoa pakeng tsa bareki ba roaming windows le seva sa Ongear console ka har'a setsi sa data. Tlhophiso ea OpenVPN e ka ba e rarahaneng kahoo Opengear e fana ka sebopeho sa GUI bakeng sa ho seta ha motheo joalokaha ho hlalositsoe ka tlase. Lintlha tse felletseng li fumaneha ho http://www.openvpn.net
3.10.1 Numella OpenVPN 1. Kgetha OpenVPN ho menu ya Serial & Networks
53
Khaolo ea 3: Serial Port, Device and User Configuration
2. Tobetsa Eketsa 'me u tlatse skrine ea Add OpenVPN Tunnel 3. Kenya lebitso leha e le lefe le hlalosang leo u lakatsang ho le tsebahatsa OpenVPN Tunnel eo u e eketsang, bakeng sa ex.ample
NorthStOutlet-VPN
4. Khetha mokhoa oa ho netefatsa o tla sebelisoa. Ho netefatsa o sebedisa disetifikeiti, kgetha PKI (X.509 Certificates) kapa kgetha Custom Configuration ho kenya tlhophiso e tlwaelehileng. files. Litlhophiso tsa tloaelo li tlameha ho bolokoa ho /etc/config.
ELA HLOKO Haeba o khetha PKI, theha: Setifikeiti se arohaneng (se tsejoang hape e le senotlolo sa sechaba). Setifikeiti sena File ke *.crt file thaepa Senotlolo sa Private bakeng sa seva le moreki e mong le e mong. Senotlolo sena sa Private File ke *.senotlolo file mofuta
Setifikeiti sa Primary Certificate Authority (CA) le senotlolo se sebelisoang ho saena se seng le se seng sa seva
le litifikeiti tsa bareki. Setifikeiti sena sa Root CA ke *.crt file type Bakeng sa seva, o kanna oa hloka dh1024.pem (Diffie Hellman parameters). Sheba http://openvpn.net/easyrsa.html bakeng sa tataiso ea tsamaiso ea mantlha ea RSA. Bakeng sa mekhoa e meng ea netefatso bona http://openvpn.net/index.php/documentation/howto.html#auth.
5. Khetha Mokhanni oa Sesebelisoa o tla sebelisoa, ebang ke Tun-IP kapa Tlanya-Ethernet. Bakhanni ba TUN (network tonnel) le TAP (network tap) ke bakhanni ba marang-rang ba tšehetsang IP tunneling le Ethernet tunneling, ka ho latellana. TUN le TAP ke karolo ea kernel ea Linux.
6. Khetha UDP kapa TCP e le Protocol. UDP ke protocol ea kamehla le e ratoang bakeng sa OpenVPN. 7. Sheba kapa o tlose tekeno konopo ea Compression ho nolofalletsa kapa ho tima khatello. 8. Ka Tunnel Mode, khetha hore na ena ke Qetello ea Moreki kapa Seva ea kotopo. Ha o matha joalo ka
Seva, seva sa console se ts'ehetsa bareki ba bangata ba hokahantsoeng le seva sa VPN ka koung e le 'ngoe.
54
Bukana ea Mosebelisi
3.10.2 Hlophisa joalo ka Seva kapa Moreki
1. Tlatsa Lintlha tsa Client kapa Lintlha tsa Seva ho latela Mokhoa o khethiloeng oa Tunnel. o Haeba moreki a khethiloe, Aterese ea Seva ea mantlha ke aterese ea Seva ea OpenVPN. o Haeba Seva e khethiloe, kenya aterese ea IP Pool Network le mask a IP Pool Network bakeng sa IP Pool. Marang-rang a hlalosoang ke aterese/mask ea IP Pool Network e sebelisetsoa ho fana ka liaterese tsa ho hokela bareki.
2. Tobetsa Etsa kopo ho boloka liphetoho
55
Khaolo ea 3: Serial Port, Device and User Configuration
3. Ho kenya disetifikeiti tsa netefatso le files, khetha Laola OpenVPN Files tab. Kenya kapa u shebe ho litifikeiti tse nepahetseng tsa netefatso le files.
4. Etsa kopo ho boloka liphetoho. E bolokiloe files li hlahisoa ka bofubelu ka letsohong le letona la konopo ea Upload.
5. Ho nolofalletsa OpenVPN, Fetola kotopo ea OpenVPN
56
Bukana ea Mosebelisi
6. Sheba konopo e nolofalitsoeng. 7. Etsa kopo ea ho boloka liphetoho HLOKOMELA Etsa bonnete ba hore nako ea tsamaiso ea seva sa console e nepahetse ha u sebetsa le OpenVPN ho qoba
litaba tsa netefatso.
8. Khetha Lipalo-palo ho menu ea Boemo ho netefatsa hore kotopo ea sebetsa.
57
Khaolo ea 3: Serial Port, Device and User Configuration
3.10.3 Windows OpenVPN Client le Server e theha Karolo ena e hlalosa ho kengoa le ho hlophisoa ha moreki oa Windows OpenVPN kapa seva sa Windows OpenVPN le ho theha khokahano ea VPN ho seva sa khomphutha. Li-server tsa Console li hlahisa Windows client config ka tsela e iketsang ho tloha ho GUI bakeng sa Lekunutu le Abelanoeng Pele (Static Key File) litlhophiso.
Ka mokhoa o mong OpenVPN GUI bakeng sa software ea Windows (e kenyelletsang sephutheloana se tloaelehileng sa OpenVPN hammoho le Windows GUI) e ka khoasolloa ho tsoa ho http://openvpn.net. Ha e se e kentsoe mochining oa Windows, lets'oao la OpenVPN le eketsoa sebakeng sa Tsebiso se ka lehlakoreng le letona la sebaka sa mosebetsi. Tobetsa ka ho le letona aekhoneng ena ho qala le ho emisa likhokahano tsa VPN, ho hlophisa litlhophiso, le view likota.
Ha software ea OpenVPN e qala ho sebetsa, C: Lenaneo FilesOpenVPNconfig foldara e seketsoe bakeng sa .opvn files. Sephutheli sena se hlahlobiloe hape bakeng sa tlhophiso e ncha files neng kapa neng ha letšoao la OpenVPN GUI le tobetse ka ho le letona. Hang ha OpenVPN e kentsoe, etsa tlhophiso file:
58
Bukana ea Mosebelisi
U sebelisa mohlophisi oa mongolo, theha xxxx.ovpn file mme o boloke ho C: Lenaneo FilesOpenVPNconfig. Bakeng sa mohlalaample, C: Lenaneo FilesOpenVPNconfigclient.ovpn
Mohlankanaample tlhophiso ea bareki ba OpenVPN Windows file e bontšitsoe ka tlase:
# tlhaloso: IM4216_client client proto udp verb 3 dev tun remote 192.168.250.152 port 1194 ca c:\openvpnkeys\ca.crt cert c:\openvpnkeys\client.crt key c:\openvpnkeys-nobi-key-clientpers-client. tun comp-lzo
Mohlankanaampka tlhophiso ea OpenVPN Windows Server file e bontšitsoe ka tlase:
seva 10.100.10.0 255.255.255.0 port 1194 keepalive 10 120 proto udp mssfix 1400 persist-key persist-tun dev tun ca c:\openvpnkeys\ca.crt cert cnkeys:\openvpnkeys. key dh c:\openvpnkeys\dh.pem comp-lzo leetsi 1 syslog IM4216_OpenVPN_Server
Tokiso ea Windows client/server file dikgetho ke:
Likhetho #tlhaloso: Seva ea bareki proto udp proto tcp mssfix leetsi
dev tun dev tap
Tlhaloso Ena ke maikutlo a hlalosang tlhophiso. Mehala ea maikutlo e qala ka `#' 'me e hlokomolohuoa ke OpenVPN. Hlalosa hore na sena e tla ba tlhophiso ea moreki kapa seva file. Ka tlhophiso ea seva file, hlalosa letamo la aterese ea IP le maske a marang-rang. Bakeng sa mohlalaample, seva 10.100.10.0 255.255.255.0 Beha protocol ho UDP kapa TCP. Moreki le seva ba tlameha ho sebelisa litlhophiso tse tšoanang. Mssfix e beha boholo ba boholo ba pakete. Sena se na le thuso bakeng sa UDP feela haeba mathata a hlaha.
Beha tlaleho file boemo ba mantsoe. Boemo ba "log verbosity" bo ka beoa ho tloha ho 0 (bonyane) ho isa ho 15 (boholo). Bakeng sa mohlalaample, 0 = khutsa ntle le liphoso tse bolaeang 3 = tlhahiso e mahareng, e ntle bakeng sa tšebeliso e akaretsang 5 = e thusa ka mathata a ho lokisa liphoso 9 = verbose, e ntle bakeng sa ho rarolla mathata Khetha `dev tun' ho theha kotopo ea IP e tsamaisoang kapa `dev tap' ho theha kotopo ea Ethernet. Moreki le seva ba tlameha ho sebelisa litlhophiso tse tšoanang.
59
Khaolo ea 3: Serial Port, Device and User Configuration
hole Port Keepalive
http-moemeli kafile lebitso>
certfile lebitso>
senotlolofile lebitso>
dhfile lebitso> Nobind persist-key persist-tun cipher BF-CBC Blowfish (default) cipher AES-128-CBC AES cipher DES-EDE3-CBC Triple-DES comp-lzo syslog
Lebitso la moamoheli / IP ea seva ea OpenVPN ha e sebetsa joalo ka moreki. Kenya lebitso la moamoheli oa DNS kapa aterese ea IP e sa fetoheng ea seva. Boema-kepe ba UDP/TCP ba seva. Keepalive e sebelisa ping ho boloka nako ea OpenVPN e phela. 'Keepalive 10 120′ pings metsotsoana e meng le e meng e 10 mme e nka hore thaka e hole e theohile haeba ha ho ping e amohetsoeng ka nako ea bobeli e 120. Haeba moemeli a hlokeha ho fihlella seva, kenya lebitso la seva sa moemeli DNS kapa IP le nomoro ea boema-kepe. Kenya setifikeiti sa CA file lebitso le sebaka. Setifikeiti se tšoanang sa CA file e ka sebelisoa ke seva le bareki bohle. Tlhokomeliso: Netefatsa hore `' e 'ngoe le e 'ngoe tseleng ea directory e nkeloa sebaka ke `\'. Bakeng sa mohlalaample, c:openvpnkeyssca.crt e tla ba c:\openvpnkeys\ca.crt Kenya setifikeiti sa moreki kapa seva file lebitso le sebaka. Moreki e mong le e mong o lokela ho ba le setifikeiti le senotlolo sa hae files. Tlhokomeliso: Netefatsa hore `' e 'ngoe le e 'ngoe tseleng ea directory e nkeloa sebaka ke `\'. Kena file lebitso le sebaka sa senotlolo sa moreki kapa seva. Moreki e mong le e mong o lokela ho ba le setifikeiti le senotlolo sa hae files. Tlhokomeliso: Netefatsa hore `' e 'ngoe le e 'ngoe tseleng ea directory e nkeloa sebaka ke `\'. Sena se sebelisoa ke seva feela. Kenya tsela e eang senotlolo ka liparamente tsa Diffie-Hellman. `Nobind' e sebelisoa ha bareki ba sa hloke ho ikamahanya le aterese ea lehae kapa nomoro ea boema-kepe ea lehae. Ho joalo ho litlhophiso tse ngata tsa bareki. Khetho ena e thibela ho kenya linotlolo bocha nakong ea ho qala bocha. Khetho ena e thibela ho koala le ho buloa hape ha lisebelisoa tsa TUN/TAP ho qala bocha. Kgetha kriptographic cipher. Moreki le seva ba tlameha ho sebelisa litlhophiso tse tšoanang.
Numella compression ho sehokelo sa OpenVPN. Sena se tlameha ho etsoa ho mofani le ho seva. Ka mokhoa o ikhethileng, li-log li fumaneha ho syslog kapa, haeba e sebetsa joalo ka ts'ebeletso ho Window, ho Lenaneo FilesOpenVPNlog directory.
Ho qala kotopo ea OpenVPN ka mor'a ho thehoa ha tlhophiso ea bareki / seva files: 1. Tobetsa ka ho le letona letšoao la OpenVPN sebakeng sa Tsebiso 2. Khetha sebatli se sa tsoa etsoa kapa tlhophiso ea seva. 3. Tobetsa Connect
4. Lekota file e bontshwa ha kgokelo e thehwa
60
Bukana ea Mosebelisi
5. Hang ha e se e thehiloe, letšoao la OpenVPN le bontša molaetsa o bontšang khokahanyo e atlehileng le IP e fanoeng. Tlhahisoleseding ena, hammoho le nako eo khokahanyo e thehiloeng ka eona, e fumaneha ka ho phenya holim'a letšoao la OpenVPN.
3.11 PPTP VPN
Li-server tsa Console li kenyelletsa PPTP (Point-to-Point Tunnel Protocol) seva. PPTP e sebelisoa bakeng sa likhokahano holim'a sehokelo sa 'mele kapa se hlakileng sa serial. Liphello tsa PPP li itlhalosa aterese ea IP ea sebele. Litsela tse eang marang-rang li ka hlalosoa ka liaterese tsena tsa IP e le khoro, e leng se etsang hore sephethephethe se romeloe kotopong. PPTP e theha kotopo lipakeng tsa li-endpoints tsa PPP mme e tsamaisa data ka mokhoa o sireletsehileng ho pholletsa le kotopo.
Matla a PPTP ke boiketlo ba eona ba tlhophiso le ho kopanngoa ho lisebelisoa tsa motheo tsa Microsoft. Hangata e sebelisoa bakeng sa ho hokahanya bareki ba Windows ba hole ba le bang. Haeba u nka komporo ea hau e nkehang leetong la khoebo, u ka letsetsa nomoro ea lehae ho hokela ho mofani oa litšebeletso tsa phihlello ea Marang-rang (ISP) 'me u thehe khokahanyo ea bobeli (tunnel) ho netweke ea ofisi ea hau ho pholletsa le Marang-rang, 'me u be le phihlello e tšoanang ea hau. marangrang a khoebo joalo ka ha eka o hokahantsoe ka kotloloho ho tsoa ofising ea hau. Basebelisi ba mehala ba ka boela ba theha kotopo ea VPN holim'a modem ea cable kapa lihokelo tsa DSL ho ISP ea bona ea lehae.
61
Khaolo ea 3: Serial Port, Device and User Configuration
Ho theha khokahano ea PPTP ho tsoa ho moreki ea hole oa Windows ho ea ho sesebelisoa sa hau sa Opengear le marang-rang a lehae:
1. Numella le ho lokisa seva ea PPTP VPN sesebelisoa sa hau sa Opengear 2. Beha liakhaonto tsa basebelisi ba VPN sesebelisoa sa Opengear 'me u nolofalletse tse loketseng.
netefatso 3. Lokisa bareki ba VPN libakeng tse hole. Moreki ha a hloke software e khethehileng joalo ka
PPTP Server e tshehetsa software e tlwaelehileng ya PPTP ya moreki e kenyelleditsweng le Windows NT mme hamorao 4. Hokela ho VPN e hole 3.11.1 Numella seva sa PPTP VPN 1. Kgetha PPTP VPN ho lenane la Serial & Networks.
2. Khetha Netefatsa lebokose la ho hlahloba ho nolofalletsa PPTP Server 3. Khetha Bonyane Bopaki bo Hlokahalang. Ho fihlella ho haneloa ho basebelisi ba hole ba lekang ho
hokela ho sebelisa sekema sa netefatso se fokolang ho feta sekema se khethiloeng. Merero e hlalositsoe ka tlase, ho tloha ho matla ho isa ho a fokolang. Netefatso e Encrypted (MS-CHAP v2): Mofuta o matla ka ho fetisisa oa netefatso o ka sebelisoang; sena ke
khetho e khothaletsoang · Netefatso e Encrypted Weakly (CHAP): Ona ke mofuta o fokolang oa password e patiloeng.
netefatso ho sebelisoa. Ha ho khothalletsoe hore bareki ba hokahane ba sebelisa sena kaha se fana ka tšireletso e nyane haholo ea password. Hape hlokomela hore bareki ba hokelang ba sebelisa CHAP ha ba khone ho hlakola sephethephethe
62
Bukana ea Mosebelisi
Netefatso e sa Ngolisoang (PAP): Ena ke netefatso ea password e hlakileng. Ha o sebelisa mofuta ona oa netefatso, password ea moreki e fetisoa e sa ngolisoa.
· Ha ho na 4. Khetha Boemo bo Hlokehang ba Encryption. Ho hana ho kena ho basebelisi ba hole ba lekang ho hokela
ba sa sebeliseng boemo bona ba encryption. 5. Ho Aterese ea Lehae kenya aterese ea IP ho abela pheletso ea seva ea khokahanyo ea VPN 6. Ho Liaterese tsa Remote kenya letamo la liaterese tsa IP ho abela moreki ea kenang VPN.
likhokahano (mohlala 192.168.1.10-20). Ena e tlameha ho ba aterese ea mahala ea IP kapa mefuta e mengata ea liaterese tse tsoang marang-rang tseo basebelisi ba hole ba li abetsoeng ha ba ntse ba hokahantsoe le sesebelisoa sa Opengear 7. Kenya boleng bo lakatsehang ba Maximum Transmission Unit (MTU) bakeng sa likhokahano tsa PPTP lebaleng la MTU (li-defaults 1400) 8. Lefapheng la Seva ea DNS, kenya aterese ea IP ea seva sa DNS e abelang liaterese tsa IP ho hokahanya bareki ba PPTP 9. Sebakeng sa WINS Server, kenya aterese ea IP ea seva sa WINS e fanang ka liaterese tsa IP ho hokahanya moreki oa PPTP. 10. Etsa hore Verbose Logging e thuse ho rarolla mathata a khokahanyo 11. Tobetsa Sebelisa Litlhophiso 3.11.2 Eketsa mosebelisi oa PPTP 1. Kgetha Basebedisi le Lihlopha ho menu ea Serial & Networks 'me u phethe likarolo tse boletsoeng karolong ea 3.2. 2. Netefatsa hore sehlopha sa pptpd se hlahlobiloe, ho lumella ho fihlella seva sa PPTP VPN. Tlhokomeliso - basebelisi ba sehlopha sena ba na le li-password tsa bona tse bolokiloeng ka mongolo o hlakileng. 3. Boloka lebitso la mosebedisi le phasewete bakeng sa ha o hloka ho hokela khokahanong ya VPN 4. Tobetsa Etsa kopo
63
Khaolo ea 3: Serial Port, Device and User Configuration
3.11.3 Hlophisa moreki oa PPTP o hole Netefatsa hore khomphutha ea VPN e hole e na le khokahano ea Marang-rang. Ho theha khokahano ea VPN ho pholletsa le Marang-rang, u tlameha ho theha likhokahano tse peli tsa marang-rang. Khokahano e le 'ngoe ke ea ISP,' me khokahano e 'ngoe ke ea kotopo ea VPN ho sesebelisoa sa Opengear. ELA HLOKO Mokhoa ona o theha moreki oa PPTP ho sistimi ea Windows Professional. Mehato
e ka fapana hanyane ho latela phihlello ea marang-rang ea hau kapa haeba u sebelisa mofuta o mong oa Windows. Litaelo tse qaqileng haholoanyane li fumaneha ho tsoa ho Microsoft web sebaka. 1. Kena ho moreki oa hau oa Windows ka litokelo tsa motsamaisi 2. Ho tsoa ho Network & Sharing Center ho Panel ea Taolo khetha likhokahano tsa marang-rang ebe u theha khokahano e ncha.
64
Bukana ea Mosebelisi
3. Khetha Sebelisa My Internet Connection (VPN) 'me u kenye Aterese ea IP ea sesebelisoa sa Opengear Ho hokela bareki ba VPN ba hole le marang-rang a lehae, o hloka ho tseba lebitso la mosebelisi le password bakeng sa ak'haonte ea PPTP eo u e kentseng, hammoho le Internet IP. aterese ea sesebelisoa sa Opengear. Haeba ISP ea hau e sa u abela aterese ea IP e sa fetoheng, nahana ka ho sebelisa tšebeletso ea DNS e matla. Ho seng joalo, o tlameha ho fetola litlhophiso tsa moreki oa PPTP nako le nako ha aterese ea hau ea IP ea Marang-rang e fetoha.
65
Khaolo ea 3: Serial Port, Device and User Configuration
3.12 Letsetsa Hae
Li-server tsohle tsa li-console li kenyelletsa karolo ea Call Home e qalang ho hlophisoa ha kotopo e sireletsehileng ea SSH ho tloha ho seva sa console ho ea ho Opengear Lighthouse e bohareng. Seva ea console e ngolisa e le mokhethoa ho Lighthouse. Ha e se e amoheloa moo e fetoha Seva ea Console e laoloang.
Lighthouse e beha leihlo ho Managed Console Server mme balaoli ba ka khona ho fihlella ho Managed Console Server ka Lighthouse. Phihlello ena e fumaneha le ha sebatli se hole sa khomphutha se ka morao ho firewall ea motho oa boraro kapa se na le liaterese tsa poraefete tsa IP tse sa tsamaeeng.
HLOKOMELA
Lighthouse e boloka likhokahano tsa SSH tse netefalitsoeng tsa sechaba ho e 'ngoe le e 'ngoe ea Li-server tsa eona tse Laolehileng tsa Console. Likhokahano tsena li sebelisetsoa ho beha leihlo, ho tsamaisa le ho fihlella Managed Console Server le lisebelisoa tse laoloang tse hoketsoeng ho Managed Console Server.
Ho laola Li-server tsa Local Console, kapa li-server tse fumanehang ho Lighthouse, li-SSHconnections li qalisoa ke Lighthouse.
Ho laola li-server tsa Remote Console, kapa li-server tse kentsoeng mollo, tse sa khoneng ho tsamaisoa, kapa ho seng joalo li sa fihlellehe ho Lighthouse, likhokahano tsa SSH li qalisoa ke Managed ConsoleServer ka khokahano ea pele ea Call Home.
Sena se tiisa likhokahano tse sireletsehileng, tse netefalitsoeng le ho nolofalletsa likarolo tsa Managed Console Server hore li ajoe sebakeng sa heno ho LAN, kapa hole le lefats'e ka bophara.
3.12.1 Hlophisa mokhethoa oa Call Home Ho theha seva sa khomphutha joalo ka mokhethoa oa tsamaiso ea Call Home ho Lighthouse:
1. Kgetha Letsa Lehae ho Serial & Netweke menu
2. Haeba ha u so hlahise kapa u kentse konopo ea SSH bakeng sa seva sena sa khomphutha, etsa joalo pele u tsoela pele.
3. Tobetsa Add
4. Kenya aterese ea IP kapa lebitso la DNS (mohlala, aterese e matla ea DNS) ea Lighthouse.
5. Kenya Lekunutu leo o le lokisitseng ho CMS joalo ka Password ea Lehae la Call.
66
Bukana ea Mosebelisi
6. Tobetsa Etsa kopo Mehato ena e qala khokahanyo ea Call Home ho tloha ho seva sa console ho Lighthouse. Sena se theha boema-kepe ba SSHlistening ho Lighthouse mme se beha seva sa console hore e be mokhethoa.
Hang ha mokhethoa a se a amohetsoe ho Lighthouse kotopo ea SSH ho seva sa console e khutlisetsoa morao ka har'a khokahano ea Call Home. Seva ea console e fetohile Seva ea Managed Console mme Lighthouse e ka hokela le ho e beha leihlo ka kotopo ena. 3.12.2 Amohela mokhethoa oa Call Home e le Managed Console Server on Lighthouse Karolo ena e fana ka ho fetaview mabapi le ho hlophisa Lighthouse ho beha leihlo li-server tsa Lighthouse tse hokahaneng ka Call Home. Bakeng sa lintlha tse ling bona Buka ea Mosebelisi ea Lighthouse:
1. Kenya Password ea Lehae ea Call e ncha ho Lighthouse. Phasewete ena e sebelisoa ho amohela
Letsetsa Homeconnections ho tsoa ho li-server tsa mokhethoa oa console
2. Lighthouse e ka ikopanya le seva sa console e tlameha ho ba le IP e tsitsitseng
aterese kapa, haeba u sebelisa DHCP, e lokisetsoe ho sebelisa tšebeletso ea DNS e matla
The Configure > Managed Console Servers skrineng ho Lighthouse e bonts'a boemo ba
Local andremote Managed Console Server le bonkgetheng.
Karolo ea Managed Console Servers e bonts'a li-server tsa console tse behiloeng leihlo ke
Lighthouse.Karolo ea Detected Console Servers e na le:
o Li-server tsa Local Console tse thathamisang li-server tsohle tse teng ho
subnet e tšoanang le Lighthouse, 'me ha li behoe leihlo
67
Khaolo ea 3: Serial Port, Device and User Configuration
o Li-server tsa Remote Console tse thathamisang li-server tsohle tse thehileng khokahano ea Call Home mme li sa behoe leihlo (ke hore, bakhethoa). U ka tobetsa Refresh ho nchafatsa
Ho kenyelletsa mokhethoa oa seva ea khomphutha lethathamong la Managed Console Server, e khethe ho tsoa lenaneng le theohang la Remote Console Servers ebe o tobetsa Eketsa. Kenya Aterese ea IP le SSH Port (haeba likarolo tsena li sa phethoa ka bo eona) 'me u kenye Tlhaloso le Lebitso le ikhethang bakeng sa seva sa Managed Console seo u se eketsang.
Kenya Lekunutu la Remote Root (ke hore Password ea Sistimi e behiloeng ho seva sena sa Managed Console). Lekunutu lena le sebelisoa ke Lighthouse ho phatlalatsa linotlolo tsa SSH tse entsoeng ka boits'oaro mme ha li bolokoe. Tobetsa Etsa kopo. Lighthouse e theha likhokahano tse sireletsehileng tsa SSH ho tloha le ho tswa ho Managed Console Server mme e fumana lisebelisoa tsa eona tse laoloang, lintlha tsa akhaonto ea mosebedisi le litlhokomeliso tse lokiselitsoeng o ka lokisa li-setting tsa Advanced: · Kena SSH Server Port le SSH User. · Kenya lintlha tsa hore SSH port(s) e fetele pele ho theha
Ka ho khetha Seva ea ho Mamela, u ka theha boema-kepe bo hole ho ea pele ho tloha ho Seva ho ea ho yuniti ena, kapa kou ea Lehae ho ea pele ho tloha yuniti ena ho ea ho Seva:
68
Bukana ea Mosebelisi
· Hlalosa Boema-kepe bo Mamelang boo u tla fetisetsa ho bona, tlohela sebaka sena se se na letho ho fana ka boema-kepe bo sa sebelisoeng · Kenya Seva e Lebeletsoeng le Port ea Target e tla ba moamoheli oa likhokahano tse fetisitsoeng
3.13 IP Passthrough
IP Passthrough e sebelisetsoa ho etsa khokahanyo ea modem (mohlala, modem ea ka hare ea cellular) e hlahe joaloka khokahanyo e tloaelehileng ea Ethernet ho router ea motho oa boraro e theohelang tlaase, e lumellang router e tlaase ho sebelisa khokahanyo ea modem e le sebopeho sa WAN sa mantlha kapa se bolokang.
Sesebelisoa sa Opengear se fana ka aterese ea IP ea modem le lintlha tsa DNS ho sesebelisoa se tlase ho feta DHCP mme se fetisa sephethephethe sa marang-rang ho ea le ho tsoa modem le router.
Ha IP Passthrough e fetola Opengear hore e be borokho ba modem-to-Ethernet halofo, lits'ebeletso tse ling tsa layer 4 (HTTP/HTTPS/SSH) li ka emisoa ho Opengear (Li-Intercepts tsa Ts'ebeletso). Hape, lits'ebeletso tse sebetsang ho Opengear li ka qala likhokahano tsa cellular tse tsoang kantle ho router e tlase.
Sena se lumella Opengear hore e tsoele pele ho sebelisoa bakeng sa taolo ea kantle ho sehlopha le tlhokomeliso hape e laoloe ka Lighthouse, ha e ntse e le ka IP Passthrough mode.
3.13.1 Setupo sa Router ea Downstream Ho sebelisa khokahanyo ea failover ho router e tlase (e tsejoang hape e le Failover to Cellular kapa F2C), e tlameha ho ba le likhokahano tse peli kapa ho feta tsa WAN.
HLOKOMELA Failover in IP Passthrough context e etsoa ke router e tlase, 'me mokhoa oa failover o hahelletsoeng ka ntle ho Opengear ha o fumanehe ha o ntse o le maemong a IP Passthrough.
Hokela segokanyimmediamentsi sa Ethernet WAN ho router e tlase ho Opengear's Network Interface kapa Management LAN port ka thapo ea Ethernet.
Lokisa sebopeho sena ho router e tlase ho fumana litlhophiso tsa marang-rang ka DHCP. Haeba ho hlokahala, lokisa router e tlase bakeng sa failover pakeng tsa sebopeho sa eona sa mantlha le boema-kepe ba Ethernet bo hokahaneng le Opengear.
3.13.2 IP Passthrough Pre-Configuration mehato e hlokahalang ho nolofalletsa IP Passthrough ke:
1. Lokisa Sehokelo sa Marang-rang le moo ho sebetsang Tsamaiso ea LAN e hokahanang le litlhophiso tsa marang-rang tse sa fetoheng. · Tobetsa Serial & Network > IP. · Bakeng sa Sehokelo sa Marang-rang le moo ho hlokehang Management LAN, khetha Static bakeng sa Mokhoa oa Tlhophiso ebe o kenya li-setting tsa marang-rang (sheba karolo e nang le sehlooho se reng Network Configuration bakeng sa litaelo tse felletseng). · Bakeng sa sebopeho se hokahaneng le router e tlase, o ka khetha marang-rang afe kapa afe a ikemetseng a ikemetseng marang-rang ana a teng feela lipakeng tsa Ongear le router e tlase mme hangata ha e fumanehe. · Bakeng sa segokanyimmediamentsi sa sebolokigolo, se lokisetse kamoo o neng o tla etsa ka tlwaelo ho netweke ya lehae. · Bakeng sa lihokelo ka bobeli, siea Gateway e se na letho.
2. Beakanya modem ka mokgwa wa Kamehla O Tswa ntle le sehlopha.
69
Khaolo ea 3: Serial Port, Device and User Configuration
· Bakeng sa khokahanyo ea cellular, tobetsa Sistimi > Daela: Modemo ea ka hare ea Cellular. · Khetha Numella ho daela 'me u kenye lintlha tsa mofani oa thepa joalo ka APN (sheba karolo ea Modemo ea Cellular
Khokahano bakeng sa litaelo tse qaqileng). 3.13.3 IP Passthrough Configuration Ho lokisa IP Passthrough:
· Tobetsa Serial & Network > IP Passthrough 'me u hlahlobe Enable. · Khetha Modem ea Opegear eo u ka e sebelisang bakeng sa khokahanyo e holimo. · Optionally, kenya Aterese ea MAC ea khokahanyo ea khokahanyo e tlase ea router. Haeba aterese ea MAC e teng
ha e hlalosoe, Opengear e tla fetela sesebelisoa sa pele se tlase se kopang aterese ea DHCP. · Khetha Sehokelo sa Ongear Ethernet seo u tla se sebelisa bakeng sa ho hokela router e tlase.
· Tobetsa Etsa kopo. 3.13.4 Melato ea Litšebeletso Tsena li lumella Opengear ho tsoela pele ho fana ka litšebeletso, mohlalaample, bakeng sa taolo e kantle ho sehlopha ha o le maemong a IP Passthrough. Lihokelo tsa aterese ea modem boema-kepeng bo itseng ba ho emisa li sebelisoa ke Opengear ho e-na le ho feta ho router e tlase.
· Bakeng sa ts'ebeletso e hlokoang ea HTTP, HTTPS kapa SSH, hlahloba Bulela · Fetola Porto ea Intercept ho ea boema-kepeng bo bong (mohlala, 8443 bakeng sa HTTPS), sena se na le thuso haeba u
batla ho tsoela pele ho lumella router e tlase hore e lule e fumaneha ka koung ea eona e tloaelehileng. 3.13.5 IP Passthrough Boemo Hlakola leqephe ho view karolo ea Boemo. E bonts'a Aterese ea Kantle ea IP ea modem e fetisoang, Aterese ea ka Hare ea MAC ea router e tlase (e lula feela ha router e tlase e amohela khiro ea DHCP), le boemo ba kakaretso ba ts'ebeletso ea IP Passthrough. U ka 'na ua hlokomelisoa ka boemo ba failover ea router e tlaase ka ho hlophisa Tlhahlobo ea Tšebeliso ea Boitsebiso bo Routed tlas'a Litlhokomeliso le ho Rema lifate> Karabelo ea Auto. 3.13.6 Litlhokomeliso Li-routers tse ling tse theohelang tlaase li ka 'na tsa se lumellane le tsela ea heke. Sena se ka etsahala ha IP Passthrough e hokahanya marang-rang a 3G a cellular moo aterese ea heke e leng aterese ea moo u eang teng 'me ha ho na tlhahisoleseling ea subnet e fumanehang. Opengear e romela DHCP netmask ea 255.255.255.255. Hangata lisebelisoa li nka sena e le tsela e le 'ngoe ea moamoheli sehokelong, empa lisebelisoa tse ling tsa khale tse tlase li ka ba le mathata.
70
Bukana ea Mosebelisi
Lits'ebeletso tsa lehae li ke ke tsa sebetsa haeba Opengear e sebelisa tsela ea kamehla ntle le modem. Hape, li ke ke tsa sebetsa ntle le haeba tšebeletso e nolofalitsoe 'me mokhoa oa ho fumana litšebeletso o nolofalitsoe (sheba Sistimi> Litšebeletso, tlas'a tab ea Phihlello ea Tšebeletso fumana Dialout/Cellular).
Likhokahano tse tsoang kantle tse tsoang ho Opengear ho ea lits'ebeletso tse hole lia tšehetsoa (mohlala, ho romella litemoso tsa lengolo-tsoibila tsa SMTP, maraba a SNMP, ho fumana nako ea NTP, lithanele tsa IPSec). Ho na le kotsi e nyane ea ho hloleha ha khokahano haeba bobeli ba Opengear le sesebelisoa se tlase se leka ho fihlella boema-kepe bo tšoanang ba UDP kapa TCP sebakeng se le seng se hole ka nako e le 'ngoe ha ba khethile nomoro ea boema-kepe e tsoang sebakeng se le seng.
3.14 Configuration holim'a DHCP (ZTP)
Lisebelisoa tsa Opengear li ka fanoa nakong ea ho qala ha tsona ho tloha ho seva sa DHCPv4 kapa DHCPv6 ho sebelisa config-over-DHCP. Ho fana ka marang-rang a sa tšepahaleng ho ka nolofalloa ka ho fana ka linotlolo ho USB flash drive. Ts'ebetso ea ZTP e ka boela ea sebelisoa ho etsa ntlafatso ea firmware mabapi le khokahano ea pele ea marang-rang, kapa ho ingolisa ketsahalong ea Lighthouse 5.
Boitokisetso Mehato e tloaelehileng ea ho hlophisa marang-rang a tšepahalang ke:
1. Lokisa sesebelisoa sa Ongear sa mofuta o tšoanang. 2. Boloka tlhophiso ea eona joalo ka bekapo ea Opengear (.opg) file. 3. Kgetha Sistimi > bekapo ya tlhophiso > bekapo e hole. 4. Tobetsa Boloka bekapo. Sebopeho sa backup file — model-name_iso-format-date_config.opg — e jarollotsoe ho tloha sesebelisoa sa Opengear ho ea ho sistimi ea lehae. U ka boloka tlhophiso joalo ka xml file: 1. Kgetha Sistimi > bekapo ya tlhophiso > Tlhophiso ya XML. Sebaka se ka fetolehang se nang le
tlhophiso file ka sebopeho sa XML e hlaha. 2. Tobetsa tšimong ho etsa hore e sebetse. 3. Haeba u sebelisa sebatli sefe kapa sefe ho Windows kapa Linux, tobetsa ka ho le letona ebe u khetha Khetha Tsohle ho tsoa ho
menyu ea maemo kapa tobetsa Control-A. Tobetsa ka ho le letona ebe u khetha Kopitsa ho tsoa ho menu ea maemo kapa tobetsa Control-C. 4. Haeba u sebelisa sebatli leha e le sefe ho macOS, khetha Edita > Khetha Tsohle kapa u tobetse Taelo-A. Khetha Edit > Kopitsa kapa tobetsa Command-C. 5. Ho mohlophisi oa mongolo oo u o ratang, theha tokomane e ncha e se nang letho, beha lintlha tse kopilitsoeng tokomaneng e se nang letho ebe u boloka file. Whatever file-lebitso leo u le khethang, le tlameha ho kenyelletsa .xml filesehlongoana sa lebitso. 6. Kopitsa .opg kapa .xml e bolokilweng file ho bukana e shebaneng le sechaba ho a file Seva e sebeletsang bonyane e 'ngoe ea liprothokholo tse latelang: HTTPS, HTTP, FTP kapa TFTP. (Ke HTTPS feela e ka sebelisoang haeba khokahano lipakeng tsa file seva le sesebelisoa sa Opengear se tla lokisoa se tsamaea holim'a marang-rang a sa tšepahaleng.). 7. Lokisa seva sa hau sa DHCP ho kenyelletsa khetho ea `morekisi e khethehileng' bakeng sa lisebelisoa tsa Opengear. (Sena se tla etsoa ka tsela e khethehileng ea seva ea DHCP.) Khetho e khethehileng ea morekisi e lokela ho hlophisoa khoele e nang le URL ea .opg kapa .xml e hatisitsoeng file mohatong o ka holimo. Khetho ea likhoele ha ea lokela ho feta litlhaku tse 250 'me e tlameha ho fella ka .opg kapa .xml.
71
Khaolo ea 3: Serial Port, Device and User Configuration
8. Hokela sesebelisoa se secha sa Opengear, ebang ke fektheri-reset kapa Config-Erased, ho netweke 'me u sebelise matla. Ho ka nka metsotso e ka bang 5 hore sesebelisoa se iqalise bocha.
Example ISC DHCP (dhcpd) tlhophiso ea seva
Se latelang ke example sekhechana sa phetisetso ea seva sa DHCP bakeng sa ho fana ka setšoantšo sa .opg se sebelisa sesebelisoa sa ISC DHCP, dhcpd:
khetho sebaka opengear khoutu bophara 1 bolelele bophara 1; khetho opengear.config-url khoutu 1 = mongolo; sehlopha sa "opengear-config-over-dhcp-test" {
match if option vendor-class-identifier ~~ “^Opengear/”; morekisi-khetho-sebaka sa opengear; khetho opengear.config-url "https://mohlample.com/opg/${class}.opg”; }
Setupo sena se ka fetoloa ho ntlafatsa setšoantšo sa tlhophiso ho sebelisa opengear.image-url khetho, le ho fana ka URI ho setšoantšo sa firmware.
Seta ha LAN e sa tsheptjoe Haeba khokahano lipakeng tsa file seva le sesebelisoa sa Opengear se lokiselitsoeng se kenyelletsa marang-rang a sa tšepahaleng, mokhoa oa matsoho a mabeli o ka fokotsa bothata.
ELA HLOKO Mokhoa ona o kenyelletsa mehato e 'meli eo ho eona ho ka bang thata, kapa ho ke ke ha khoneha, ho theha tšepo ka botlalo. Taba ea pele, ketane ea litlatsetso ho tloha ho thehoeng ha drive ea USB flash e tsamaisang data ho isa ts'ebetsong ea eona. Ea bobeli, matsoho a hokahanyang USB flash drive ho sesebelisoa sa Opengear.
· Hlahisa setifikeiti sa X.509 bakeng sa sesebelisoa sa Opengear.
· Kopanya setifikeiti le senotlolo sa sona sa lekunutu hore se be se le seng file e bitsoang client.pem.
· Kopitsa client.pem ho USB flash drive.
· Hlophisa seva sa HTTPS hore motho o kene ho .opg kapa .xml file e lekanyelitsoe ho bareki ba ka fanang ka setifikeiti sa moreki sa X.509 se hlahisitsoeng ka holimo.
· Beha kopi ea setifikeiti sa CA se saenneng setifikeiti sa seva sa HTTP — ca-bundle.crt — ho USB flash drive e bering client.pem.
· Kenya USB Flash drive ho sesebelisoa sa Opengear pele o hokela matla kapa marang-rang.
· Tsoela pele ts'ebetso ho tsoa ho `Kopitsa .opg e bolokiloeng kapa .xml file ho bukana e shebaneng le sechaba ho a file seva' ka holimo ho sebelisa protocol ea HTTPS lipakeng tsa moreki le seva.
Lokisetsa koloi ea USB 'me u thehe setifikeiti sa X.509 le senotlolo sa poraefete
· Hlahisa setifikeiti sa CA e le hore moreki le likopo tsa ho saena setifikeiti sa seva (CSRs) li ka saena.
# cp /etc/ssl/openssl.cnf . # mkdir -p mohlalaampleCA/newcerts # echo 00 > exampleCA/serial # echo 00 > exampleCA/crlnumber # touch exampleCA/index.txt # openssl genrsa -out ca.key 8192 # openssl req -e ncha -x509 -matsatsi 3650 -key ca.key -out demoCA/cacert.pem
-subj /CN=ExampleCA # cp demoCA/cacert.pem ca-bundle.crt
Mokhoa ona o hlahisa setifikeiti se bitsoang ExampleCA empa lebitso lefe kapa lefe le lumelletsoeng la setifikeiti le ka sebelisoa. Hape, mokhoa ona o sebelisa openssl ca. Haeba mokhatlo oa hau o na le ts'ebetso ea khoebo ka bophara, e bolokehileng ea ho hlahisa CA, e lokelang ho sebelisoa ho fapana le hoo.
72
Bukana ea Mosebelisi
· Hlahisa setifikeiti sa seva.
# openssl genrsa -out server.key 4096 # openssl req -new -key server.key -out server.csr -subj /CN=demo.example.com # openssl ca -days 365 -in server.csr -out server.crt
- senotlolofile ca.key -pholisi ea leano_eng kapa eng -batch -notext
ELA HLOKO Lebitso la moamoheli kapa aterese ea IP e tlameha ho tšoana le khoele e sebelisoang ho fana URL. Ka nako ea khaleample ka holimo, lebitso la moamoheli ke demo.example.com.
· Hlahisa setifikeiti sa moreki.
# openssl genrsa -out client.key 4096 # openssl req -new -key client.key -out client.csr -subj /CN=ExampleClient # openssl ca -days 365 -in client.csr -out client.crt
- senotlolofile ca.key -policy policy_engho -batch -notext # cat client.key client.crt > client.pem
* Fometa USB flash drive joalo ka molumo o le mong oa FAT32.
· Tsamaisa client.pem le ca-bundle.crt files ho bukana ea metso ea li-flash drive.
Ho lokisa litaba tsa ZTP Sebelisa sebopeho sa log sa ZTP ho lokisa litaba tsa ZTP. Ha sesebelisoa se ntse se leka ho etsa ts'ebetso ea ZTP, tlhahisoleseding ea log e ngotsoe ho /tmp/ztp.log ho sesebelisoa.
Se latelang ke example ea log file ho tloha mathateng a atlehileng a ZTP.
# cat /tmp/ztp.log Wed Dec 13 22:22:17 UTC 2017 [5127 tsebiso] odhcp6c.eth0: tsosolosa config ka DHCP Wed Dec 13 22:22:17 UTC 2017 [5127 tsebiso] odhcp6c 0. bakeng sa marang-rang ho rarolla Wed Dec 10 13:22:22 UTC 27 [tsebiso ea 2017] odhcp5127c.eth6: NTP e tlohile: ha ho seva Wed Dec 0 13:22:22 UTC 27 [2017 info] odhcp5127c.ethc.6 = barekisi http://[fd0:1:07:2218::1350]/tftpboot/config.sh' Wed Dec 44 1:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec.6 (n/a) Wed Dec 0 2:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec.6 (n/a) Wed Dec 0 3:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec6. ) Wed Dec 0 4:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec.6 (n/a) Wed Dec 0 5:13:22 UTC 22 [28 info] odhcp2017c.ethc.5127: barekisi /a) Wed Dec 6 0:6:13 UTC 22 [22 info] odhcp28c.eth2017: ha ho na firmware ea ho khoasolla (vendorspec.5127) backup-url: leka http://[fd07:2218:1350:44::1]/tftpboot/config.sh … backup-url: ho qobella wan config mode ho backup ea DHCP-url: ho beha lebitso la moamoheli ho acm7004-0013c601ce97 backup-url: mojaro o atlehile Wed Dec 13 22:22:36 UTC 2017 [5127 tsebiso] odhcp6c.eth0: katleho ea config load Wed Dec 13 22:22:36 UTC 2017 [5127 info] odhcp6c.eth0: ha ho lighthouse configuration (ha ho lighthouse configuration. 3/4/5) Wed Dec 6 13:22:22 UTC 36 [2017 tsebiso] odhcp5127c.eth6: tokisetso e phethiloe, eseng ho qala bocha
Liphoso li tlalehiloe tlalehong ena.
3.15 Ho Ingolisa ho Lighthouse
Sebelisa Ngoliso ho Lighthouse ho ngolisa lisebelisoa tsa Opengear molemong oa Lighthouse, ho fana ka phihlello e bohareng ea li-ports tsa console, le ho lumella tlhophiso e bohareng ea lisebelisoa tsa Opengear.
Sheba Tataiso ea Mosebelisi ea Lighthouse bakeng sa litaelo tsa ho ngolisa lisebelisoa tsa Opengear ho Lighthouse.
73
Khaolo ea 3: Serial Port, Device and User Configuration
3.16 Numella DHCPv4 Relay
Tšebeletso ea DHCP e fetisetsa lipakete tsa DHCP lipakeng tsa bareki le li-server tsa DHCP tse hole. Ts'ebeletso ea phepelo ea DHCP e ka nolofalloa ho seva sa Ongear console, e le hore e mamele bareki ba DHCP maemong a tlase a khethiloeng, a phuthe le ho fetisetsa melaetsa ea bona ho li-server tsa DHCP a sebelisa tsela e tloaelehileng, kapa a phatlalatsoa ka kotloloho ho li-interfaces tse holimo tse khethiloeng. Ka hona, moemeli oa relay oa DHCP o amohela melaetsa ea DHCP 'me a hlahisa molaetsa o mocha oa DHCP ho romela ho sebopeho se seng. Mehatong e ka tlase, li-server tsa console li ka hokela ho li-circuit-ids, Ethernet kapa li-modem tsa sele li sebelisa tšebeletso ea DHCPv4 Relay.
DHCPv4 Relay + DHCP Option 82 (circuit-id) Infrastructure - Sebaka sa DHCP seva, ACM7004-5 bakeng sa relay, lisebelisoa leha e le life tse ling bakeng sa bareki. Sesebelisoa leha e le sefe se nang le karolo ea LAN se ka sebelisoa e le relay. Ho sena mohlalaample, 192.168.79.242 ke aterese ea sehokelo se fetisetsoang sa moreki (joalo ka ha ho hlalositsoe ho tlhophiso ea seva ea DHCP. file ka holimo) le 192.168.79.244 ke aterese e ka holimo ea lebokose la li-interface, 'me enp112s0 ke sebopeho se tlase sa seva sa DHCP.
1 Infrastructure – DHCPv4 Relay + DHCP Option 82 (circuit-id)
Mehato ho DHCP Server 1. Hlophisa seva ea DHCP v4 ea sebakeng seo, haholo-holo, e lokela ho ba le "moeti" e kenang ka tlase ho mofani oa DHCP: host cm7116-2-dac { # hardware ethernet 00:13:C6:02:7E :41; moemedi wa kgetho ya moamohedi.circuit-id “relay1”; aterese e tsitsitseng 192.168.79.242; } Tlhokomeliso: mohala oa "hardware ethernet" o tlositsoe, e le hore seva sa DHCP se sebelise "circuit-id" ho fana ka aterese bakeng sa moreki ea amehang. 2. Qala hape Seva ea DHCP ho kenya bocha tlhophiso ea eona e fetotsoeng file. pkill -HUP dhcpd
74
Bukana ea Mosebelisi
3. Eketsa ka bouena tsela ea moamoheli ho sehokelo sa moreki "relayed" (sehokelo se ka morao ho DHCP relay, eseng lihokelo tse ling tseo moreki a ka bang le tsona:
sudo ip route add 192.168.79.242/32 via 192.168.79.244 dev enp112s0 Sena se tla thusa ho qoba taba ea asymmetric routing ha moreki le seva sa DHCP ba batla ho fihlellana ka sehokelo sa moreki, ha moreki a e-na le likhokahano tse ling sebakeng se le seng. subnet ea letamo la liaterese la DHCP.
Tlhokomeliso: Mohato ona ke oa bohlokoa ho ts'ehetsa seva ea dhcp mme moreki a khona ho fihlella e mong.
Mehato ka lebokoseng la Relay - ACM7004-5
1. Hlophisa WAN/eth0 ka mokhoa oa static kapa dhcp (eseng mokhoa o sa lokisoang). Haeba e le boemong bo tsitsitseng, e tlameha ho ba le aterese ea IP ka har'a letamo la aterese ea seva sa DHCP.
2. Kenya kopo ena ka CLI (moo 192.168.79.1 e leng aterese ea seva sa DHCP)
config -s config.services.dhcprelay.enabled=on config -s config.services.dhcprelay.lowers.lower1.circuit_id=relay1 config -s config.services.dhcprelay.lowers.lower1.role=lan config -s config.services .dhcprelay.lowers.total=1 config -s config.services.dhcprelay.servers.server1=192.168.79.1 config -s config.services.dhcprelay.servers.total=1 config -s config.services.dhcprelay.uppers.upper1 .role=wan config -s config.services.dhcprelay.uppers.total=1
3. Sebopeho se tlase sa DHCP relay se tlameha ho ba le aterese ea IP e tsitsitseng ka har'a letamo la aterese ea seva sa DHCP. Ho sena mohlalaample, giaddr = 192.168.79.245
config -s config.interfaces.lan.address=192.168.79.245 config -s config.interfaces.lan.mode=static config -s config.interfaces.lan.netmask=255.255.255.0 config -d config.interfaces.lan.disabled -r ipconfig
4. Ema nakoana hore moreki a fumane khiriso ea DHCP ka relay.
Mehato ho Moreki (CM7116-2-dac ho example kapa OG CS efe kapa efe)
1. Hokela LAN/eth1 ea moreki ho LAN/eth1 ea moreki 2. Lokisa LAN ea moreki ho fumana aterese ea IP ka DHCP joalo ka tloaelo 3. Hang ha clie
Litokomane / Lisebelisoa
 |
opengear ACM7000 Remote Site Gateway [pdf] Bukana ea Mosebelisi ACM7000 Remote Site Gateway, ACM7000, Remote Site Gateway, Site Gateway, Gateway |