opengear ACM7000 Remote Site Gateway User Manual

Musa ukudibanisa okanye ukukhupha iseva ye-console ngexesha lesiphango sombane. Ngalo lonke ixesha sebenzisa isicinezeli okanye i-UPS ukukhusela isixhobo kwizinto ezidlulayo.

Isilumkiso seFCC:

Esi sixhobo sithobela iCandelo le-15 lemithetho yeFCC. Ukusebenza kwesi sixhobo kuxhomekeke kwezi meko zilandelayo: (1) Esi sixhobo asinakubanga luphazamiso luyingozi, kwaye (2) esi sixhobo kufuneka samkele naluphi na uphazamiseko olunokuthi lubangele ukusebenza ngokungeyomfuneko.

Ii-FAQs

Umbuzo: Ngaba ndingasebenzisa i-ACM7000 yeSango elikude leSango ngexesha lesiphango sombane?
- A: Hayi, kucetyiswa ukuba ungaxhumi okanye unqamule umncedisi we-console ngexesha lesiphepho sombane ukukhusela umonakalo.

Umbuzo: Yiyiphi inguqulelo yemithetho yeFCC isixhobo esithobelayo?
- A: Isixhobo sithobela iCandelo le-15 lemithetho yeFCC.

View Fullscreen

Incwadi yokusebenzisa
I-ACM7000 yeSango seNdawo ekuMgama i-ACM7000-L iSango lokuZimela i-IM7200 uMphathi weziSeko ezinguNdoqo CM7100 Iiseva zeConsole
Inguqulo 5.0 - 2023-12

Ukhuseleko
Landela la manyathelo okhuseleko angezantsi xa ufaka kwaye usebenzisa iseva ye-console: · Musa ukususa izigqubuthelo zentsimbi. Akukho macandelo anokusetyenziswa ngumsebenzisi ngaphakathi. Ukuvula okanye ukususa i-inshorensi kunokukubeka esichengeni somthamo onobungozitage enokubangela umlilo okanye umothuko wombane. Thumela yonke inkonzo kubasebenzi abaqeqeshiweyo be-Opengear. · Ukunqanda ukothuka kombane intambo yamandla ekhusela umhlaba kufuneka iqhagamshelwe emhlabeni. • Soloko utsala iplagi, hayi intambo, xa ukhulula intambo yombane kwisokethi.
Musa ukudibanisa okanye ukukhupha iseva ye-console ngexesha lesiphango sombane. Kwakhona sebenzisa i-surge suppressor okanye i-UPS ukukhusela izixhobo kwizinto ezidlulayo.
FCC isilumkiso
Esi sixhobo sithobela iCandelo le-15 lemithetho yeFCC. Ukusebenza kwesi sixhobo kuxhomekeke koku kulandelayo
iimeko: (1) Esi sixhobo asinakubanga luphazamiseko luyingozi, kwaye (2) esi sixhobo kufuneka samkele naluphi na uphazamiseko olunokuthi lubangele ukusebenza ngokungeyomfuneko.
Iinkqubo ezifanelekileyo zokuxhasa ugcino kunye nezixhobo zokhuseleko eziyimfuneko kufuneka zisetyenziswe ukukhusela ekwenzakaleni, ekufeni okanye kumonakalo wepropathi ngenxa yokusilela kwenkqubo. Ukhuseleko olunjalo luxanduva lomsebenzisi. Esi sixhobo seseva ye-console asivunywanga ukuba sisetyenziswe njengenkxaso yobomi okanye inkqubo yonyango. Naluphi na utshintsho okanye iinguqulelo ezenziwe kwesi sixhobo seseva yekhonsoli ngaphandle kwemvume ecacileyo okanye imvume ye-Opengear iyakukhupha i-Opengear yalo naliphi na ityala okanye uxanduva lokwenzakala okanye ilahleko ebangelwe kuko nakuphi na ukungasebenzi kakuhle. Esi sixhobo senzelwe ukusetyenziswa kwangaphakathi kwaye zonke iintambo zonxibelelwano zilinganiselwe ngaphakathi kwesakhiwo.
2

Incwadi yokusebenzisa
Ilungelo lokushicilela
©Opengear Inc. 2023. Onke Amalungelo Agciniwe. Ulwazi olukolu xwebhu lunokutshintsha ngaphandle kwesaziso kwaye alubonisi ukuzibophelela kwicala le-Opengear. I-Oongear ibonelela ngolu xwebhu “njengoko lunjalo,” ngaphandle kwewaranti yalo naluphi na uhlobo, echaziweyo okanye echaziweyo, kubandakanywa, kodwa kungaphelelanga apho, iziqinisekiso ezichaziweyo zokufaneleka okanye ukurhweba ngenjongo ethile. Ivula ingenza uphuculo kunye/okanye utshintsho kule ncwadana okanye kwimveliso kunye/okanye inkqubo echazwe kule ncwadana nangaliphi na ixesha. Le mveliso inokubandakanya ukungachaneki kobugcisa okanye iimpazamo zokuchwetheza. Utshintsho lwenziwa ngamaxesha athile kulwazi olulapha; olu tshintsho lunokudityaniswa kuhlelo olutsha lopapasho.\

Isahluko 1

Le ncwadana

LE NCWADI

Le Ncwadi yoMsebenzisi icacisa ukuhlohla, ukusebenza, kunye nokulawula iiseva zekhonsoli ye-Opengear. Le ncwadana ithatha ukuba uqhelene ne-Intanethi kunye neenethiwekhi ze-IP, i-HTTP, i-FTP, imisebenzi yokhuseleko esisiseko, kunye nenethiwekhi yangaphakathi yombutho wakho.
1.1 Iindidi zabasebenzisi
Iseva ye-console ixhasa iindidi ezimbini zabasebenzisi:
· Abalawuli abanobumbeko olungenamda kunye namalungelo olawulo ngaphezulu kweconsole
umncedisi kunye nezixhobo eziqhagamshelweyo kunye nazo zonke iinkonzo kunye namazibuko ukulawula zonke izixhobo eziqhagamshelwe kwi-serial kunye nezixhobo eziqhagamshelwe kwinethiwekhi (iinginginya). Abalawuli bamiselwa njengamalungu eqela labasebenzisi bolawulo. Umlawuli unokufikelela kwaye alawule iseva yeconsole esebenzisa usetyenziso loqwalaselo, umgca womyalelo weLinux okanye iConsole yoLawulo esekwe kwisikhangeli.
· Abasebenzisi abamiselwe ngumlawuli kunye nemida yokufikelela kunye negunya lokulawula.
Abasebenzisi banomda view yeConsole yoLawulo kwaye inokufikelela kuphela kwizixhobo ezigunyazisiweyo ezicwangcisiweyo kwaye kwakhonaview izigodo zezibuko. Aba basebenzisi bamiselwe njengamalungu omnye okanye ngaphezulu wamaqela abasebenzisi asele eqwalaselwe anje ngePPTPD, dialin, FTP, pmshell, abasebenzisi, okanye amaqela abasebenzisi umlawuli anokuwenza. Bagunyazwe kuphela ukwenza ulawulo oluchaziweyo kwizixhobo ezithile ezixhunyiwe. Abasebenzisi, xa begunyazisiwe, banokufikelela kwaye balawule uthotho okanye izixhobo zothungelwano eziqhagamshelwe usebenzisa iinkonzo ezikhankanyiweyo (umzekelo, iTelnet, HHTPS, RDP, IPMI, Uthotho phezu kweLAN, Ulawulo lwaMandla). Abasebenzisi abakude ngabasebenzisi abangekho kwicandelo elifanayo le-LAN njengeseva ye-console. Umsebenzisi okude unokuba usendleleni edibanisa izixhobo ezilawulwayo kwi-Intanethi kawonke wonke, umlawuli kwenye iofisi eqhagamshela kwiseva ye-console phezu kwe-VPN yeshishini, okanye kwigumbi elinye okanye kwiofisi enye kodwa eqhagamshelwe kwi-VLAN eyahlukileyo kwi-console. umncedisi.
1.2 Ikhonsoli yoLawulo
I-Opengear Management Console ikuvumela ukuba uqwalasele kwaye ubeke iliso kwiifitsha ze-Opengear console server yakho. I-Console yoLawulo iqhuba kwisikhangeli kwaye ibonelela nge view yomncedisi we console nazo zonke izixhobo eziqhagamshelweyo. Abalawuli banokusebenzisa iConsole yoLawulo ukuqwalasela nokulawula iseva yeconsole, abasebenzisi, amazibuko, ababuthi, izixhobo zamandla, kunye neelog ezinxulumene nezilumkiso. Abasebenzisi abangengo-admin banokusebenzisa i-Console yoLawulo kunye nokufikelela kwimenyu encinci ukulawula izixhobo ezikhethiweyo, kwakhonaview iinkuni zabo, kwaye ukufikelela kuzo usebenzisa eyakhelwe-ngaphakathi Web Indawo yokukhwelela.
Umncedisi we console uqhuba inkqubo esebenzayo ye Linux, kwaye ingaqwalaselwe kumgca womyalelo. Unokufumana ukufikelela kumgca womyalelo ngeselula / ukucofa-ngaphakathi, ukudibanisa ngokuthe ngqo kwi-console ye-serial console/i-modem port, okanye ngokusebenzisa i-SSH okanye i-Telnet ukuqhagamshela kwiseva ye-console phezu kwe-LAN (okanye ukudibanisa ne-PPTP, IPsec okanye i-OpenVPN) .
6

Incwadi yokusebenzisa
Ngojongano lomgca womyalelo (CLI) imiyalelo kunye nemiyalelo ephezulu, khuphela i-Opengear CLI kunye neSibhengezo sokuBhala.pdf ukusuka https://ftp.opengear.com/download/documentation/manual/previous%20versions%20archived/
1.3 Ulwazi oluninzi
Ngolwazi oluthe vetshe, jonga: · Iimveliso zeOpengear Web Indawo: Bona https://opengear.com/products. Ukufumana olona lwazi luhlaziyiweyo malunga nokuba kufakwe ntoni kwiseva yakho yekhonsoli, ndwendwela icandelo elithi Yintoni equkiweyo kwimveliso yakho ethile. · ISikhokelo sokuQala ngokukhawuleza: Ukufumana iSikhokelo sokuQala ngokukhawuleza kwisixhobo sakho bona https://opengear.com/support/documentation/. · Isiseko soLwazi lwe-Opengear: Ndwendwela ku-https://opengear.zendesk.com ukuze ufikelele kumanqaku ezobugcisa, iingcebiso zobugcisa, ii-FAQs, kunye nezaziso ezibalulekileyo. · I-Opengear CLI kunye neSibhengezo sokuBhala: https://ftp.opengear.com/download/documentation/manual/current/IM_ACM_and_CM710 0/Opengear%20CLI%20and%20Scripting%20Reference.pdf
7

Isahluko 2:

Uqwalaselo lweNkqubo

UKUQULUNQWA KWENKQUBO

Esi sahluko sinika imiyalelo yesinyathelo-nge-nyathelo yokucwangciswa kokuqala komncedisi wakho we-console kwaye udibanise noLawulo okanye i-LAN yokuSebenza. Amanyathelo ngala:
Vula iConsole yoLawulo. Guqula igama lokugqithisa lomlawuli. Cwangcisa idilesi ye-IP ye-console ye-IP engundoqo ye-LAN port. Khetha iinkonzo eziza kwenziwa kunye nokufikelela kumalungelo. Esi sahluko siphinda sixoxe ngezixhobo zesoftware yonxibelelwano apho umlawuli angasebenzisa ukufikelela kwiseva ye-console, kunye nokucwangciswa kwee-ports ezongezelelweyo ze-LAN.
2.1 Uqhagamshelwano lweConsole yoLawulo
Iseva yakho ye-console iza iqwalaselwe ngedilesi ye-IP engagqibekanga 192.168.0.1 kunye ne-subnet mask 255.255.255.0 ye-NET1 (WAN). Kuqwalaselo lokuqala, sincoma ukuba uqhagamshele ikhomputha ngokuthe ngqo kwikhonsoli. Ukuba ukhetha ukuqhagamshela i-LAN yakho phambi kokuba ugqibezele amanyathelo okuseta, qiniseka ukuba:
· Azikho ezinye izixhobo kwi-LAN ezinedilesi ye-192.168.0.1. · Iseva yekhonsoli kunye nekhompyuter zikwicandelo elinye le-LAN, kungekho mzila odibeneyo
izixhobo zombane.
2.1.1 Ukuseta ikhompyutha eqhagamsheleneyo Ukuqwalasela umncedisi weconsole ngesikhangeli, ikhompyuter eqhagamshelweyo kufuneka ibe nedilesi ye-IP kuluhlu olufanayo nomncedisi weconsole (for ex.ample, 192.168.0.100):
· Ukumisela idilesi ye-IP yeLinux okanye kwikhompyuter ye-Unix, sebenzisa ifconfig. · YeeWindows PC:
1. Cofa Qala > Useto > Iphaneli yokulawula kwaye ucofe kabini uQhagamshelwano lweNethiwekhi. 2. Cofa ekunene kuQhagamshelwano lweNdawo yeNgingqi kwaye ukhethe iiPropati. 3. Khetha iProtokholi ye-Intanethi (TCP/IP) kwaye ucofe iiPropati. 4. Khetha Sebenzisa le dilesi ye-IP ilandelayo uze ufake ezi nkcukacha zilandelayo:
o Idilesi ye-IP: 192.168.0.100 o Imaski ye-Subnet: 255.255.255.0 5. Ukuba ufuna ukugcina useto lwakho olukhoyo lwe-IP yolu qhagamshelwano lwenethiwekhi, cofa kuKukwinqanaba eliphezulu kwaye Yongeza oku ngasentla njengoqhagamshelwano lwesibini lwe IP.
2.1.2 Uqhagamshelwano kwibrowser
Vula isikhangeli kwiPC eqhagamshelweyo / indawo yokusebenzela kwaye ungenise https://192.168.0.1.
Ngena nge:
Igama lomsebenzisi> ingcambu Igama lokugqithisa> elihlala lihleli
8

Incwadi yokusebenzisa
Ngexesha lokuqala ungena, kufuneka utshintshe igama eligqithisiweyo lengcambu. Cofa Thumela.
Ukugqiba utshintsho, faka igama lokugqitha elitsha kwakhona. Cofa Thumela. Isikrini sokwamkela siyavela.
Ukuba inkqubo yakho inemodem yeselula uya kunikwa amanyathelo okuqwalasela iimpawu ze-router yeselula: · Lungiselela uxhulumaniso lwemodem yeselula (Inkqubo > Cofa iphepha. Jonga iSahluko 4) · Vumela ukuthunyelwa kwinethiwekhi yendawo yokuya kwiselula (Inkqubo> Iphepha le-Firewall. Jonga iSahluko 4) · Vumela i-IP masquerading kuqhagamshelo lweselula (Inkqubo > iphepha leFirewall. Jonga iSahluko 4)
Emva kokugqiba inyathelo ngalinye kula angasentla, ungabuyela kuluhlu loqwalaselo ngokucofa uphawu lweOpengear kwikona ephezulu ngasekhohlo kwesikrini. QAPHELA Ukuba awukwazi ukudibanisa kwiKhonsoli yoLawulo kwi-192.168.0.1 okanye ukuba ukusilela
Igama lomsebenzisi / Igama lokugqithisa lamkelwa, seta ngokutsha iseva yakho ye-console (Jonga iSahluko se-10).
9

Isahluko 2: ULungiselelo lweNkqubo
2.2 Ukumisela uMlawuli
2.2.1 Guqula igama lokugqithisa eliyingcambu yeNdlela emiselweyo Kufuneka utshintshe igama lokugqithisa eliyingcambu xa ungena okokuqala kwisixhobo. Ungayitshintsha le phasiwedi nangaliphi na ixesha.
1. Cofa uthotho kunye neNethiwekhi > Abasebenzisi & Amaqela okanye, kwiscreen sokwamkela, cofa Guqula igama eliyimfihlo lolawulo.
2. Skrolela ezantsi kwaye ufumane indawo yomsebenzisi oyingcambu phantsi kwabasebenzisi kwaye ucofe Hlela. 3. Faka igama lokugqitha elitsha kwigama Lokugqithisa kunye neendawo zokuQinisekisa.
QAPHELA Ukukhangela Gcina Igama Lokugqithisa kwi-firmware yokucima igcina igama eliyimfihlo ukuze lingacinywa xa i-firmware iphinda icwangciswa. Ukuba eli gama lokugqithisa lilahlekile, ifowuni iya kufuna ukuba i-firmware ibuyiselwe.
4. Cofa Faka. Ngena nge-password entsha 2.2.2 Misela umlawuli omtsha Yenza umsebenzisi omtsha ngamalungelo olawulo kwaye ungene njengalo msebenzisi kwimisebenzi yolawulo, kunokusebenzisa ingcambu.
10

Incwadi yokusebenzisa
1. Cofa Uthotho & Nenethiwekhi > Abasebenzisi & Amaqela. Skrolela ezantsi kwephepha kwaye ucofe iqhosha lokongeza uMsebenzisi.
2. Faka igama lomsebenzisi. 3. Kwicandelo lamaQela, khangela ibhokisi yolawulo. 4. Faka igama lokugqitha kwi-Password kwaye uqinisekise iindawo.
5. Ungongeza kwakhona amaqhosha aGunyaziweyo e-SSH kwaye ukhethe ukuKhubaza uQinisekiso lwegama lokugqithisa kulo msebenzisi.
6. Iinketho ezongezelelekileyo zalo msebenzisi zinokusetwa kweli phepha ukuquka iiKhetho zoDial-in, iiNdawo eziFikelelekayo, iiPorts ezifikelelekayo, kunye neeNdawo eziFikelelekayo zeRPC.
7. Cofa iqhosha elithi Faka isicelo ezantsi kwesikrini ukwenza lo msebenzisi mtsha.
11

Isahluko 2: ULungiselelo lweNkqubo
2.2.3 Yongeza iGama leSistim, iNkcazelo yeNkqubo, kunye ne-MOTD. 1. Khetha Isixokelelwano > Ulawulo. 2. Faka igama leNkqubo kunye neNkcazo yeNkqubo kumncedisi we-console ukuba anike i-ID ekhethekileyo kwaye wenze kube lula ukuchonga. Igama leSixokelelwano linokuqulatha ukusuka ku-1 ukuya ku-64 oonobumba bealphanumeric kunye nabalinganiswa abakhethekileyo be-underscore (_), thabatha (-), kunye nexesha (.). INkcazelo yeNkqubo ingaqulatha ukuya kuthi ga kwiimpawu ze-254.
3. I-MOTD Banner ingasetyenziselwa ukubonisa umyalezo wosuku kubasebenzisi. Ivela phezulu ekhohlo kwesikrini ngezantsi kwelogo ye-Opengear.
4. Cofa Faka.
12

Isahluko 2: ULungiselelo lweNkqubo
5. Khetha Isixokelelwano > Ulawulo. 6. I-MOTD Banner ingasetyenziselwa ukubonisa umyalezo wosuku kubasebenzisi. Ivela kwi
phezulu ekhohlo kwesikrini ngezantsi kwelogo yeOpengear. 7. Cofa Faka.
Uqwalaselo lwenethiwekhi
Ngenisa idilesi ye-IP yenqununu ye-Ethernet (LAN/Network/Network1) kwi-console server okanye yenza ukuba i-DHCP client yayo ifumane ngokuzenzekelayo idilesi ye-IP kwi-server ye-DHCP. Ngokungagqibekanga, iseva ye-console inomxhasi wayo we-DHCP onikwe amandla kwaye wamkela ngokuzenzekelayo nayiphi na idilesi ye-IP yenethiwekhi eyabelwe ngumncedisi we-DHCP kumsebenzi womnatha wakho. Kule meko yokuqala, umncedisi we-console uya kuphendula kuzo zombini idilesi ye-Static engagqibekanga 192.168.0.1 kunye nedilesi yayo ye-DHCP.
1. Cofa iSistim> IP kwaye ucofe i-Network Interface tab. 2. Khetha nokuba yi-DHCP okanye i-Static yeNdlela yoLungiselelo.
Ukuba ukhetha i-Static, ngenisa idilesi ye-IP, i-Subnet Mask, iSango kunye neenkcukacha zeseva ye-DNS. Olu khetho luvala umxhasi weDHCP.
12

Incwadi yokusebenzisa
3. I-console server ye-LAN port ibona ngokuzenzekelayo isantya soqhagamshelwano lwe-Ethernet. Sebenzisa uluhlu lokuhla lweMedia ukutshixa i-Ethernet ukuya kwi-10 Mb/s okanye i-100Mb/s nakwi-Full Duplex okanye iHalf Duplex.
Ukuba ufumana ilahleko yepakethe okanye ukusebenza kakubi kwenethiwekhi ngoseto oluzenzekelayo, tshintsha useto lwe-Ethernet Media kwiseva yeconsole kunye nesixhobo esiqhagamshelwe kuso. Kwiimeko ezininzi, tshintsha zombini ukuya kwi-100baseTx-FD (i-100 megabits, i-duplex epheleleyo).
4. Ukuba ukhetha i-DHCP, umncedisi we-console uya kukhangela iinkcukacha zoqwalaselo kwiseva ye-DHCP. Olu khetho luvala nayiphi na idilesi engatshintshiyo. Idilesi ye-MAC yomncedisi we-console inokufumaneka kwileyibhile kwi-base plate.
5. Ungangenisa idilesi yesibini okanye uluhlu olwahlulwe ngekoma lweedilesi kubhalo lwe-CIDR, umz. 192.168.1.1/24 njenge-IP Alias.
6. Cofa kwi-Apply 7. Xhuma kwakhona isikhangeli kwikhompyuter eqhagamshelwe kwiseva ye-console ngokungena
http://your new IP address.
Ukuba utshintsha idilesi ye-IP yomncedisi we-console, kufuneka uqwalasele kwakhona ikhomputha yakho ukuba ibe nedilesi ye-IP kuluhlu olufanayo lothungelwano njengedilesi yeseva entsha. Unokuseta i-MTU kwi-Ethernet interfaces. Olu lukhetho oluphambili oluzakusetyenziswa ukuba imeko yobeko lwakho ayisebenzi nge-MTU engagqibekanga ye-1500 bytes. Ukuseta i-MTU, cofa iSistim> IP kwaye ucofe i-Network Interface tab. Skrolela ezantsi kwintsimi ye-MTU kwaye ungenise ixabiso elifunekayo. Amaxabiso asebenzayo asuka kwi-1280 ukuya kwi-1500 ye-100-megabit ujongano, kunye ne-1280 ukuya ku-9100 yojongano lwegigabhithi Ukuba ibhulorho okanye ibhondi iqwalaselwe, iMTU emiselweyo kwiphepha leSijongano somsebenzi womnatha iza kucwangciswa kujongano oluyinxalenye yebhulorho okanye ibhondi. . QAPHELA Kwezinye iimeko, umsebenzisi ochaziweyo i-MTU ayinakusebenza. Abanye abaqhubi be-NIC banokurhangqa ii-MTU ezinkulu ukuya kwelona xabiso liphezulu livumelekileyo kwaye abanye baya kubuyisela ikhowudi yempazamo. Ungasebenzisa kwakhona umyalelo we-CLI ukulawula ubukhulu be-MTU: qwalasela
# config -s config.interfaces.wan.mtu=1380 khangela
# config -g config.interfaces.wan config.interfaces.wan.address 192.168.2.24 config.interfaces.wan.ddns.provider none config.interfaces.wan.gateway 192.168.2.1 config.interfaces.wan.ipv6mode config. .iinterfaces.wan.media Auto config.interfaces.wan.mode config.interfaces.wan.mtu 1380 config.interfaces.wan.netmask 255.255.255.0
13

Isahluko 2: ULungiselelo lweNkqubo
2.3.1 IPv6 uqwalaselo Umncedisi we-console ujongano lwe-Ethernet luxhasa i-IPv4 ngokungagqibekanga. Zinokulungiselelwa ukusebenza kwe-IPv6:
1. Cofa Inkqubo > IP. Cofa i Useto ngokubanzi isithuba kwaye ujonge Vulela IPv6. Ukuba uyanqwena, cofa i Khubaza i-IPv6 yebhokisi yokukhangela yeSellula.
2. Qwalasela iiparamitha ze-IPv6 kwiphepha ngalinye lojongano. I-IPv6 inokulungiswa nokuba yi-Automatic mode, eya kusebenzisa i-SLAAC okanye i-DHCPv6 ukuqwalasela iidilesi, iindlela, kunye ne-DNS, okanye i-Static mode, evumela ukuba ulwazi lwedilesi lufakwe ngesandla.
2.3.2 Ulungelelwaniso lweDNS yeDynamic (DDNS) NgeDynamic DNS (DDNS), iseva ye-console enedilesi ye-IP eyabelwe ngamandla inokufumaneka ngokusebenzisa inginginya esisigxina okanye igama lesizinda. Yenza i-akhawunti kunye nomboneleli wenkonzo we-DDNS oxhaswayo owukhethileyo. Xa ucwangcisa i-akhawunti yakho ye-DDNS, ukhetha igama lomsebenzisi, igama lokugqitha, kunye negama lomninimzi oya kulisebenzisa njengegama le-DNS. Ababoneleli ngenkonzo yeDDNS bakuvumela ukuba ukhethe igama lomamkeli URL kwaye usete idilesi ye-IP yokuqala ukuhambelana nelo gama lenginginya URL.
14

Incwadi yokusebenzisa
Ukwenza kwaye uqwalasele iDDNS kuyo nayiphi na i-Ethernet okanye uqhagamshelo lwenethiwekhi yeselula kwiseva yeconsole. 1. Cofa iSistim> IP kwaye uskrolele phantsi icandelo leDynamic DNS. Khetha umboneleli wakho wenkonzo yeDDNS
ukusuka kuluhlu olwehlayo lweDNS DNS. Ungakwazi nokuseta ulwazi lweDDNS phantsi kweModem yeSewula isithuba phantsi kweSistim > Ukucofa.
2. Kwigama Lomamkeli le-DDNS, ngenisa i-DNS yegama lomamkeli ofanelekileyo kwiseva yeconsole yakho umz. yourhostname.dyndns.org.
3. Faka i-DDNS Igama lomsebenzisi kunye ne-DDNS Password ye-akhawunti yomboneleli wenkonzo ye-DDNS. 4. Cacisa elona thuba liphezulu phakathi kohlaziyo ngeentsuku. Uhlaziyo lweDDNS luya kuthunyelwa nokuba i
idilesi ayitshintshanga. 5. Cacisa iMinimum interval phakathi kweetshekhi zeedilesi ezitshintshiweyo ngemizuzwana. Uhlaziyo luya
ithunyelwe ukuba idilesi itshintshile. 6. Cacisa awona maninzi amalinge okuhlaziya ngohlaziyo olulinani lamaxesha okuzama uhlaziyo
ngaphambi kokuyeka. Lo ngu-3 ngokungagqibekanga. 7. Cofa Faka.
15

Isahluko 2: ULungiselelo lweNkqubo
2.3.3 Imowudi ye-EAPoL ye-WAN, i-LAN kunye ne-OOBFO
(I-OOBFO isebenza kwi-IM7216-2-24E-DAC kuphela)
Ngaphezuluview ye-EAPoL IEEE 802.1X, okanye i-PNAC (i-Port-based Network Access Control) isebenzisa iimpawu zofikelelo lwenyama ye-IEEE 802 LAN yeziseko ezingundoqo ukuze kubonelelwe ngendlela yokuqinisekisa nokugunyazisa izixhobo ezincanyathiselwe kwizibuko le-LAN eline-point-to- iimpawu zoqhagamshelo lwenqaku, kunye nokuthintela ukufikelela kweso sibuko kwiimeko apho uqinisekiso nogunyaziso lusilela. Izibuko kulo mxholo yindawo enye yokuncamathela kwisiseko se-LAN.
Xa i-wireless node entsha (i-WN) icela ukufikelela kwi-LAN resource, indawo yokufikelela (AP) icela i-WN's identity. Ayikho enye i-traffic ngaphandle kwe-EAP evunyelwe ngaphambi kokuba i-WN iqinisekiswe (i-"port" ivaliwe, okanye "ayinakuqinisekiswa"). I-wireless node ecela ukuqinisekiswa ihlala ibizwa ngokuba ngumfaki-sicelo, uMfaki-sicelo unoxanduva lokuphendula kwidatha ye-Authenticator eya kuseka iziqinisekiso zayo. Okufanayo kuya kwindawo yokufikelela; iNgcaciso asiyondawo yofikelelo. Endaweni yoko, indawo yofikelelo iqulethe uMqinisekisi. I-Anticator ayifuni ukuba kwindawo yofikelelo; inokuba licandelo langaphandle. Ezi ndlela zilandelayo zoQinisekiso ziyaphunyezwa:
· Umfaki-sicelo we-EAP-MD5 o Indlela ye-EAP MD5-Challenge isebenzisa igama lomsebenzisi/igama lokugqitha elicacileyo
· EAP-PEAP-MD5 o EAP PEAP (Ekhuselweyo EAP) MD5 indlela yokuqinisekisa isebenzisa iinkcukacha zomsebenzisi kunye nesatifikethi se-CA
· I-EAP-TLS o EAP TLS (uKhuseleko loMaleko wezoThutho) indlela yokuqinisekisa ifuna isatifikethi se-CA, isatifikethi somthengi kunye neqhosha labucala.
Iprothokholi ye-EAP, esetyenziselwa ukuqinisekiswa, yayisetyenziselwa ukucofa-up PPP. Isazisi yayiligama lomsebenzisi, kwaye mhlawumbi PAP okanye CHAP uqinisekiso lwasetyenziswa ukujonga igama lokugqitha lomsebenzisi. Njengoko isazisi sithunyelwa ngendlela ecacileyo (engabhalwanga ngokuntsonkothileyo), umntu osnifa okhohlakeleyo usenokwazi ukuba ungubani na. “Ukufihla isazisi” ke ngoko kusetyenziswa; uchazo lokwenyani aluthunyelwa phambi kokuba itonela ye TLS efihliweyo iphakanyiswe.
16

Incwadi yokusebenzisa
Emva kokuba isazisi sithunyelwe, inkqubo yokuqinisekisa iqala. Umgaqo osetyenziswayo phakathi koMfaki-sicelo kunye noMqinisekisi yi-EAP, (okanye i-EAPoL). I-Athenticator iphinda ifake imiyalezo ye-EAP kwifomati ye-RADIUS, kwaye iyigqithisele kwiSeva yoQinisekiso. Ngexesha loqinisekiso, uMqinisekisi uthumela iipakethi phakathi koMfaki-sicelo kunye neSeva yoQinisekiso. Xa inkqubo yoqinisekiso igqiba, Umncedisi Wokuqinisekisa uthumela umyalezo oyimpumelelo (okanye ukusilela, ukuba uqinisekiso aluphumelelanga). I-Anticator ivula "izibuko" kuMfaki-sicelo. Iisetingi zoQinisekiso zinokufikelelwa kwi-EAPoL Supplicant Settings page. Ubume beEAPoL yangoku iboniswe ngokweenkcukacha kwiphepha leNkcazo-manani yeNdawo kwi-EAPoL thebhu:
I-abstraction ye-EAPoL kwi-ROLEs yenethiwekhi iboniswe kwicandelo "loMphathi woQhagamshelwano" kwi-Dashboard interface.
17

Isahluko 2: ULungiselelo lweNkqubo
Iboniswe ngezantsi yi-example yoqinisekiso oluyimpumelelo:
I-IEEE 802.1x (EAPOL) inkxaso kwii-switch ports ze-IM7216-2-24E-DAC kunye ne-ACM7004-5: Ukuze ugweme i-loops, abasebenzisi akufanele bafake iplagi engaphezu kweyodwa yokutshintsha kwi-switch level efanayo.
18

Incwadi yokusebenzisa
2.4 Ukufikelela kwiiNkonzo kunye noKhuseleko lweBrute Force
Umlawuli unokufikelela kwiseva ye-console kunye ne-serial port edibeneyo kunye nezixhobo ezilawulwayo zisebenzisa uluhlu lweeprotocol / iinkonzo zokufikelela. Kufikelelo ngalunye
· Inkonzo kufuneka iqale iqwalaselwe kwaye yenziwe ukuba isebenze kwiseva yeconsole. · Ukufikelela kwifirewall kufuneka kuvulwe kuqhagamshelo lwenethiwekhi nganye. Ukwenza kunye nokuqwalasela inkonzo: 1. Cofa iSistim > Iinkonzo kwaye ucofe i Useto lweNkonzo ithebhu.

2. Yenza kwaye ulungiselele iinkonzo ezisisiseko:

HTTP

Ngokungagqibekanga, inkonzo ye-HTTP iyasebenza kwaye ayikwazi ukucinywa ngokupheleleyo. Ngokungagqibekanga, ufikelelo lweHTTP luvaliwe kuzo zonke iindawo zojongano. Sicebisa ukuba olu fikelelo luhlale luvaliwe ukuba iseva ye-console ifikelelwe ukude kwi-Intanethi.
Enye i-HTTP ikuvumela ukuba uqwalasele enye izibuko yeHTTP oza kumamela kuyo. Inkonzo ye-HTTP iya kuqhubeka nokuphulaphula kwi-TCP port 80 ye-CMS kunye nonxibelelwano lwe-connector kodwa ayiyi kufumaneka nge-firewall.

HTTPS

Ngokungagqibekanga, inkonzo ye-HTTPS iyasebenza kwaye yenziwe ukuba isebenze kuyo yonke inethiwekhi yojongano. Kuyacetyiswa ukuba kufikelelwe kwi-HTTPS kuphela ukuba iseva ye-console iza kulawulwa kuyo nayiphi na inethiwekhi yoluntu. Oku kuqinisekisa ukuba abalawuli banofikelelo olukhuselekileyo lwesikhangeli kuzo zonke iimenyu ezikumncedisi we console. Ikwavumela abasebenzisi abaqwalaselwe ngokufanelekileyo ukufikelela kwibhrawuza ekhethiweyo Lawula iimenyu.
Inkonzo ye-HTTPS inokucinywa okanye yenziwe ukuba isebenze ngokujonga i-HTTPS Web Ulawulo kunye nelinye izibuko elichaziweyo (izibuko elihlala lihleli lingama-443).

I-Telnet

Ngokungagqibekanga inkonzo yeTelnet iyasebenza kodwa ivaliwe kuzo zonke iindawo zenethiwekhi.
I-Telnet ingasetyenziswa ukunika umlawuli ufikelelo kwiqokobhe lelayini yomyalelo wenkqubo. Le nkonzo inokuba luncedo kumlawuli wendawo kunye nofikelelo lomsebenzisi kwiiconsoles ezikhethiweyo zothotho. Sincoma ukuba uvale le nkonzo ukuba iseva yekhonsoli ilawulwa kude.
I-Vulela i-Telnet yomyalelo webhokisi yokukhangela izakwenza okanye ivale inkonzo ye-Telnet. Enye izibuko yeTelnet ekumamela kuyo ingacaciswa kwiSibuko seTelnet esisesinye (izibuko elihlala lihleli ngama-23).

Isahluko 2: ULungiselelo lweNkqubo

I-SSH

Le nkonzo ibonelela nge-SSH ekhuselekileyo yokufikelela kwiseva ye-console kunye nezixhobo eziqhotyoshelweyo

kwaye ngokungagqibekanga inkonzo ye-SSH iyasebenza kwaye yenziwe ukuba isebenze kuzo zonke iindibano. Yi

iyacetyiswa ukuba ukhethe i-SSH njengomthetho olandelwayo apho umlawuli aqhagamshela kuyo

iseva yeconsole kwi-Intanethi okanye nayiphi na enye inethiwekhi yoluntu. Oku kuya kubonelela

unxibelelwano oluqinisekisiweyo phakathi kwenkqubo yomxhasi weSSH kwindawo ekude

ikhompyuter kunye neseva ye-SSH kwiseva yeconsole. Ngolwazi oluthe vetshe nge-SSH

uqwalaselo Jonga iSahluko sesi-8 – uQinisekiso.

I Yenza iqokobhe lomyalelo we-SSH ibhokisi yokukhangela izakwenza okanye ivale le nkonzo. Elinye izibuko le-SSH lokumamela lingachazwa kwi-SSH yomyalelo wezibuko (izibuko elihlala lihleli ngama-22).

3. Yenza kwaye uqwalasele ezinye iinkonzo:

TFTP/FTP Ukuba ifleshi yekhadi le-USB okanye ifleshi yangaphakathi ichongiwe kwiseva yekhonsoli, ukukhangela Vula i-TFTP (FTP) inkonzo yenza le nkonzo kwaye imise i-tftp engagqibekanga kunye neseva ye-ftp kwi-USB flash. Ezi seva zisetyenziselwa ukugcina uqwalaselo files, gcina ufikelelo kunye neelog zentengiselwano njl.njl. Files idluliselwe kusetyenziswa i-tftp kunye ne-ftp iya kugcinwa phantsi kwe-/var/mnt/storage.usb/tftpboot/ (okanye /var/mnt/storage.nvlog/tftpboot/ kwizixhobo ze-ACM7000series). Ukususa uqwalaselo Vula inkonzo ye-TFTP (FTP) iya kuvala inkonzo ye-TFTP (FTP).

I-DNS Relay Checking Yenza i-DNS Server/Relay yenza i-DNS relay feature ukuze abathengi baqwalaselwe nge-IP ye-console ye-console ye-server yabo ye-DNS, kwaye umncedisi we-console uya kuthumela imibuzo ye-DNS kwi-server ye-DNS yokwenene.

Web UkuJonga iTheminali Vulela Web Itheminali iyakuvumela web ukufikelela kwisikhangeli kwisixokelelwano somyalelo weqokobhe ngokusebenzisa Lawula > Isiphelo.

4. Chaza iinombolo zezibuko ezizezinye ze-Raw TCP, iTelnet/SSH ngqo kunye neenkonzo zeTelnet/SSH ezingavunywanga. Iseva ye-console isebenzisa uluhlu oluthile lwe-TCP/IP izibuko zokufikelela okwahlukeneyo
iinkonzo abasebenzisi abanokusebenzisa ukufikelela kuzo izixhobo ezincanyathiselwe kumazibuko othotho (njengoko kugutyungelwe kwiSahluko sesi-3 Bumba iZibuko zothotho). Umlawuli unokucwangcisa uluhlu olulolunye kwezi nkonzo kwaye ezi zibuko zesibini ziya kusetyenziswa ukongeza kokungagqibekanga.

Idilesi yesiseko ye-TCP/IP yesiseko ye-Telnet yofikelelo yi-2000, kunye noluhlu lwe-Telnet yidilesi ye-IP: Izibuko (2000 + uthotho lwezibuko #) oko kukuthi 2001 2048. Ukuba umlawuli ebenokuseta i-8000 njengesiseko sesibini seTelnet, uthotho. izibuko #2 kumncedisi we console inokufikelela kwiTelnet kwi IP
Idilesi:2002 kunye nedilesi yeIP:8002. Isiseko esisisiseko se-SSH yi-3000; ye-TCP eluhlaza yi-4000; kwaye kwi-RFC2217 yi-5000

5. Ezinye iinkonzo zinokwenziwa kwaye ziqwalaselwe kule menyu ngokukhetha Cofa apha ukuze uqwalasele:

I-Nagios Ukufikelela kwi-Nagios NRPE yokubeka esweni iidamons

I-NUT

Ukufikelela kwi-daemon yokubeka iliso ye-NUT UPS

I-SNMP Yenza i-snmp isebenze kwiseva ye-console. I-SNMP ivaliwe ngokungagqibekanga

NTP

6. Cofa Faka. Umyalezo wokuqinisekisa uyavela: Utshintsho lomyalezo kuqwalaselo luphumelele

Iisetingi zoFikelelo lweeNkonzo zinokusetwa ukuze zivumele okanye zivale ufikelelo. Oku kuxela ukuba yeyiphi eyenzekileyo abalawuli abanokusebenzisa ngaphezulu kojongano lomsebenzi womnatha ngamnye ukudibanisa kwiseva yeconsole kunye neseva yeconsole ukuya kuthotho kunye nezixhobo eziqhagamshelwe kwinethiwekhi.

Incwadi yokusebenzisa
1. Khetha ithebhu yoFikelelo lweNkonzo kwiSistim > Iinkonzo iphepha.
2. Oku kubonisa iinkonzo ezenziweyo zojongano lwenethiwekhi yomncedisi we console. Kuxhomekeke kuhlobo oluthile lweseva yeconsole ujongano olubonisiweyo lunokuquka: · Ujongano lweNethiwekhi (yoluqhagamshelo oluyintloko lwe-Ethernet) · Ulawulo lweLAN / OOB Failover (uqhagamshelo lwe-Ethernet yesibini) · Udawulo/Isellula (V90 kunye ne-3G modem) · Dial-in (yangaphakathi okanye imodem yeV90 yangaphandle) · I-VPN (IPsec okanye i-Open VPN uqhagamshelo phezu kwayo nayiphi na i-interface yenethiwekhi)
3. Khangela/ungakhangeli kuthungelwano ngalunye ukuba loluphi ufikelelo lwenkonzo oluza kwenziwa / lukhubazwe Phendula kwi-ICMP echoes (okt. ping) iinketho zofikelelo lwenkonzo ezinokuthi ziqwalaselwe kuletage. Oku kuvumela umncedisi we-console ukuba aphendule kwizicelo ze-echo ze-ICMP ezingenayo. I-Ping yenziwe ngokungagqibekanga. Ukonyusa ukhuseleko, kufuneka uvale le nkonzo xa ugqibezela uqwalaselo lokuqala Ungavumela izixhobo zezibuko ezilandelelanayo ukuba zifikelelwe kuthungelwano olutyunjiweyo lwenethiwekhi usebenzisa i-Raw TCP, iTelnet ethe ngqo/SSH, iinkonzo zeTelnet/SSH ezingavunywanga, njl.
4. Cofa Faka Web Izicwangciso zolawulo I-Yenza i-HSTS ibhokisi yokukhangela yenza ukuba i-HTTP ikhuseleke ngokungqongqo kuthutho. Imo ye-HSTS ithetha ukuba i-header ye-StrictTransport-Security kufuneka ithunyelwe nge-HTTPS yothutho. Ukuthobela web umkhangeli zincwadi ukhumbula le header, kwaye xa ucelwa ukuba uqhagamshelane nenginginya enye ngaphezulu kweHTTP (ithafa) iyakutshintshela kuyo ngokuzenzekelayo
19

Isahluko 2: ULungiselelo lweNkqubo
I-HTTPS ngaphambi kokuzama i-HTTP, okoko nje isikhangeli sifikelele kwindawo ekhuselekileyo kanye kwaye sabona i-header ye-STS.
Ukhuseleko lweBrute Force Ukhuseleko lwamandla eBrute (Micro Fail2ban) ibhloka okwethutyana umthombo we-IP obonisa iimpawu ezinobungozi, ezifana nokusilela kwegama lokugqitha. Oku kunokunceda xa iinkonzo zenethiwekhi zesixhobo zisesichengeni somsebenzisi womnatha ongathenjwayo njenge-WAN kawonke-wonke kunye nohlaselo olubhaliweyo okanye iintshulube zesoftware zizama ukuthelekelela iinkcukacha zomsebenzisi kwaye zifumane ufikelelo olungagunyaziswanga.

UKhuseleko lweBrute Force lunokuthi luvulelwe iinkonzo ezidwelisiweyo. Ngokungagqibekanga, xa ukhuseleko luvuliwe 3 okanye ngaphezulu iinzame zoqhagamshelo ezingaphumelelanga ngaphakathi kwemizuzwana engama-60 ukusuka kumthombo othile we-IP ibangela ukuba ivalwe ekudibaneni kwexesha eliqwalaselweyo. Umda wokuzama kunye nokuvalwa kwexesha lokuValwa kunokwenziwa ngokwezifiso. Izithintelo eziSebenzayo nazo zidweliswe kwaye zinokuhlaziywa ngokulayisha kwakhona iphepha.

PHAWULA

Xa usebenza kwinethiwekhi engathembekanga, cinga ukusebenzisa iindlela ezahlukeneyo zobuchule ezisetyenziselwa ukutshixa ukufikelela kude. Oku kubandakanya uqinisekiso lwesitshixo sikawonke-wonke se-SSH, i-VPN, kunye neMithetho ye-Firewall ukuya
uluhlu lwabavunyelwayo ukufikelela okude ukusuka kuthungelwano lwemithombo ethembekileyo kuphela. Jonga i-Opengear Knowledge Base ngeenkcukacha.

2.5 ISoftware yoNxibelelwano
Uqwalasele iiprothokholi zofikelelo zomxhasi womlawuli oza kusetyenziswa xa uqhagamshela kwiseva yeconsole. Abathengi bomsebenzisi nabo basebenzisa ezi protocols xa befikelela kwi-console server serial encanyathiselwe izixhobo kunye ne-network attached host host. Udinga izixhobo zesoftware yonxibelelwano olumiselwe kumlawuli kunye nekhompyuter yomxhasi womsebenzisi. Ukuqhagamshela ungasebenzisa izixhobo ezinje ngePuTTY kunye neSSTerm.

Incwadi yokusebenzisa
Iziqhagamshelo ezifumanekayo ngokurhweba zidibanisa iprotocol ethembekileyo ye-SSH enezixhobo zokufikelela ezidumileyo ezifana neTelnet, SSH, HTTP, HTTPS, VNC, RDP ukubonelela ngenqaku-kwaye-cofa ukufikelela okukhuselekileyo kokulawula okude kuzo zonke iinkqubo kunye nezixhobo ezilawulwayo. Ulwazi malunga nokusebenzisa izihlanganisi zokufikelela kwi-browser kwi-Console yoLawulo lwe-console, i-Telnet/SSH ukufikelela kumgca womyalelo weseva ye-console, kunye ne-TCP/UDP edibanisa nemikhosi eqhagamshelwe kwi-server ye-console inokufumaneka kwiSahluko 5. efakwe kwiiPC zeWindows, iMac OS X nakwiinkqubo ezininzi zeLinux, UNIX kunye neSolaris.
2.6 ULungiselelo lweNethiwekhi yoLawulo
Iiseva ze-Console zineechwephesha zenethiwekhi ezongezelelweyo ezinokuthi ziqwalaselwe ukunika ulawulo lwe-LAN ukufikelela kunye / okanye ukuhluleka okanye ukufikelela ngaphandle kwe-band. 2.6.1 Yenza ukuba iiseva zoLawulo lwe-LAN Console ziqwalaselwe ukuze i-port ye-Ethernet yesibini ibonelele ngesango le-LAN yolawulo. Isango line-firewall, i-router kunye ne-DHCP server features. Kufuneka uqhagamshele iswitsha ye-LAN yangaphandle kuNxibelelwano 2 ukuncamathisela iinginginya kolu lawulo lwe-LAN:
QAPHELA Izibuko le-Ethernet lesibini lingaqwalaselwa njengelizibuko lesango loLawulo lweLAN okanye njengeOOB/Failover port. Qinisekisa ukuba awuzange unikezele nge-NET2 njengeFailover Interface xa ubuqwalasela uqhagamshelo lweNethiwekhi eyintloko kwiSistim > imenyu ye-IP.
21

Isahluko 2: ULungiselelo lweNkqubo
Ukuqwalasela isango loLawulo lwe-LAN: 1. Khetha ithebhu yoLawulo lweNdibaniselwano ye-LAN kwiSixokelelwano > imenyu ye-IP kwaye ungachongi Khubaza. 2. Qwalasela idilesi ye-IP kunye ne-Subnet Mask ye-LAN yoLawulo. Shiya imihlaba ye-DNS ingenanto. 3. Cofa Faka.
Umsebenzi wesango lolawulo unikwe amandla nge-firewall engagqibekanga kunye nemithetho ye-router eqwalaselweyo ukuze i-LAN yoLawulo ifikeleleke kuphela nge-SSH yokuthumela i-port. Oku kuqinisekisa udibaniso olukude kunye nolwasekhaya kwizixhobo eziLawulwayo kwi-LAN yoLawulo zikhuselekile. Amazibuko e-LAN nawo angaqwalaselwa kwimo edityanisiweyo okanye edityanisiweyo okanye iqwalaselwe ngesandla ukusuka kumgca womyalelo. 2.6.2 Qwalasela iseva ye-DHCP Umncedisi we-DHCP wenza usasazo oluzenzekelayo lweedilesi ze-IP kwizixhobo ezikuLawulo lwe-LAN ezisebenzisa abaxhasi be-DHCP. Ukwenza iseva yeDHCP isebenze:
1. Cofa iSistim > Iseva ye-DHCP. 2. Kwi-Network Interface tab, Khangela Yenza i-DHCP Server isebenze.
22

Incwadi yokusebenzisa
3. Faka idilesi yeGateway eza kukhutshwa kubathengi beDHCP. Ukuba lo mhlaba ushiywe ungenanto, idilesi ye-IP yomncedisi we console iyasetyenziswa.
4. Faka i-Primary DNS kunye neSekondari DNS idilesi ukukhupha abathengi be-DHCP. Ukuba lo mhlaba ushiywe ungenanto, idilesi ye-IP yomncedisi we console iyasetyenziswa.
5. Ngokuzithandela faka isimamva seGama leDomain ukukhupha abathengi be-DHCP. 6. Faka elona xesha liMiselweyo lokuQesha kunye nelona xesha liphezulu lokuqeshisa ngemizuzwana. Eli lixesha
ukuba idilesi ye-IP eyabelwe ngamandla iyasebenza phambi kokuba umxhasi ayicele kwakhona. 7. Cofa u-Apply Umncedisi we-DHCP ukhupha iidilesi ze-IP kwiidilesi ezikhankanyiweyo: 1. Cofa u-Add kwi-Dynamic Address Allocation Pools field. 2. Faka i-DHCP Pool Idilesi kunye nedilesi yokuQalisa. 3. Cofa Faka.
23

Isahluko 2: ULungiselelo lweNkqubo
Umncedisi we-DHCP ukwaxhasa ukwabiwa kwangaphambili kweedilesi ze-IP ukuba zinikezelwe kwiidilesi ezithile ze-MAC kunye nokugcinwa kweedilesi ze-IP eziza kusetyenziswa ngababukisi abaqhagamshelweyo abaneedilesi ze-IP ezisisigxina. Ukugcinelwa idilesi ye-IP yenginginya ethile:
1. Cofa Yongeza kwindawo yeedilesi ezigciniweyo. 2. Faka igama lomamkeli, idilesi ye-Hardware (MAC) kunye nedilesi ye-IP eGciniwe ngokuzinzileyo
umxhasi weDHCP kwaye nqakraza Faka.
Xa i-DHCP inike iidilesi zenginginya, kuyacetyiswa ukuba uzikhuphele kuluhlu olwabelwe kwangaphambili ukuze idilesi ye-IP efanayo ifakwe kwakhona kwimeko yokuqalisa ngokutsha.
24

Incwadi yokusebenzisa
2.6.3 Khetha iFailover okanye i-broadband OOB Console abancedisi babonelela ngokhetho lwe-faillover ngoko kwimeko yengxaki usebenzisa uqhagamshelwano olungundoqo lwe-LAN yokufikelela kwiseva ye-console enye indlela yofikelelo iyasetyenziswa. Ukwenza i-failover:
1. Khetha iNethiwekhi isiNxulumanisi iphepha kwiSixokelelwano > IP menu 2. Khetha iFailover Interface eza kusetyenziswa xa kukho i-ou.tage kwinethiwekhi engundoqo.
3. Cofa Faka. IFailover iyasebenza emva kokuba ukhankanye iisayithi zangaphandle eziza kuphononongwa ukuze zivuse ifilover kwaye zisete izibuko ze failover.
2.6.4 Ukudibanisa amazibuko othungelwano Ngokungagqibekanga, i-console server's Management LAN network ports ingafikelelwa kusetyenziswa i-SSH tunneling / port forwarding okanye ngokuseka itonela ye-IPsec VPN kumncedisi we-console. Zonke izibuko zothungelwano ezineentambo kwiiseva zeconsole zinokudityaniswa ngokudityaniswa okanye ukubotshwa.
25

Incwadi yokusebenzisa
Ngokungagqibekanga, uHlanganiso lweNdibaniselwano luvaliwe kwiNkqubo > IP > Useto ngokuBanzi menu
o Xa ibhulorho yenziwe yasebenza, itrafikhi yothungelwano ithunyelwa kuwo onke amazibuko e-Ethernet kungekho zithintelo zefirewall. Onke amazibuko e-Ethernet onke aqhagamshelwe elubala kumaleko wekhonkco ledatha (umaleko 2) ukuze agcine iidilesi zawo ezizodwa ze-MAC.
o Ngokudibanisa, itrafikhi yenethiwekhi ithwalwa phakathi kwamazibuko kodwa ikhona ngedilesi enye ye-MAC
Zombini iindlela zisusa zonke iziNdibaniselwano zoLawulo lwe-LAN kunye ne-Out-of-Band/Failover Interface imisebenzi kwaye ukhubaze umncedisi we-DHCP
25

Isahluko 2: ULungiselelo lweNkqubo
2.6.5 Iindlela ezimileyo Iindlela ezingatshintshiyo zibonelela ngendlela ekhawulezayo yokuhambisa idatha ukusuka kwisubnet ukuya kwisubnet eyahlukileyo. Unokwenza ikhowudi enzima indlela exelela umncedisi we-console/umzila ukuba ufike kwi-subnet ethile usebenzisa indlela ethile. Oku kunokuba luncedo ekufikeleleni kwiisubnet ezahlukeneyo kwindawo ekude xa usebenzisa uqhagamshelwano lweselula lweOOB.

Ukongeza kwindlela engatshintshiyo kwitheyibhile yendlela yeSixokelelwano:
1. Khetha i Useto lweNdlela ithebhu kwiSistim > IP iiSetingi ngokuBanzi menu.
2. Cofa iNdlela Entsha
3. Faka iGama leNdlela lendlela.
4. KwiNdawo yoThungelwano/iNdawo yomamkeli, ngenisa idilesi ye-IP yendawo yokufikela yenethiwekhi/umamkeli le ndlela ibonelela ngofikelelo kuyo.
5. Faka ixabiso kwindawo ekuyiyo kuyo i-netmask echaza indawo yothungelwano okanye umamkeli. Naliphi na inani phakathi kwe-0 kunye ne-32. I-subnet mask ye-32 ichaza indlela yokusingatha.
6. Ngenisa iSango leNdlela ngedilesi ye-IP yerutha eya kuthutha iipakethi kuthungelwano lwendawo. Oku kunokushiywa kungenanto.
7. Khetha i-Interface oza kuyisebenzisa ukufikelela kwindawo ekuyiwa kuyo, inokushiywa njenge Akukho.
8. Faka ixabiso kwindawo yeMetric emele i-metric yolu qhagamshelwano. Sebenzisa naliphi na inani elilingana no-0 okanye elikhulu kuno-XNUMX. Oku kufuneka kumiselwe kuphela ukuba iindlela ezimbini okanye ngaphezulu ziyangqubana okanye zineethagethi ezidlulanayo.
9. Cofa Faka.

PHAWULA

Iphepha leenkcukacha zendlela libonelela ngoluhlu lojongano lwenethiwekhi kunye neemodem apho indlela inokubotshwa khona. Kwimeko yemodem, indlela iya kuqhotyoshelwa kuyo nayiphi na iseshoni yocofa esekwe ngeso sixhobo. Indlela inokuchazwa ngesango, ujongano okanye zombini. Ukuba ujongano oluchaziweyo alusebenzi, iindlela ezilungiselelwe olo jongano aziyi kusebenza.

Incwadi yoMsebenzisi 3. I-SERAL PORT, I-HOST, ISIXHOBO & NOQINISEKISO LOMSEBENZISI
Iseva ye-console yenza ukufikelela kunye nolawulo lwezixhobo eziqhotyoshelwe kwi-serial kunye nezixhobo eziqhotyoshelwe kwinethiwekhi (iinginginya). Umlawuli kufuneka aqwalasele amalungelo okufikelela kwisixhobo ngasinye kwaye achaze iinkonzo ezinokuthi zisetyenziswe ukulawula izixhobo. Umlawuli unokuseta abasebenzisi abatsha kwaye achaze ukufikelela komntu ngamnye kunye nolawulo lwamalungelo.
Esi sahluko sigubungela inyathelo ngalinye ekuqwalaseleni uthungelwano oluqhagamshelwe kunye nezixhobo ezincanyathiselwe ngokulandelelana: · IiPorts zothotho ziseta iiprothokholi ezisetyenzisiweyo izixhobo eziqhagamshelwe ngokulandelelana. iinkcukacha kwiSahluko 8 · Inginginya zothungelwano ziqwalasela ukufikelela kuthungelwano lwasekuhlaleni oluqhagamshelwe iikhompyutha okanye izixhobo zombane (iinginginya) · Ukuqwalasela iiNethiwekhi eziThenjiweyo – tyumba iidilesi ze-IP ezithenjiweyo kubasebenzisi ukufikelela ukusuka · UCascading kunye noRedirection of Serial Console Ports · Ukuqhagamshela kumandla (UPS, PDU, kwaye IPMI) kunye nezixhobo zokubeka iliso kokusingqongileyo (EMD) · Ukwalathiswa kwakhona kwePortShare usebenzisa iPortShare windows kunye nabaxhasi beLinux · Izixhobo eziLawulwayo – zibonakalisa ukudityaniswa view kwalo lonke uqhagamshelo · IPSec eyenza uqhagamshelo lweVPN · OpenVPN · PPTP
3.1 Qwalasela amazibuko othotho
Inyathelo lokuqala ekuqwalaseleni uthotho lwezibuko kukuseta Izicwangciso Eziqhelekileyo ezifana nemithetho elandelwayo kunye ne RS232 iparameters eziza kusetyenziselwa uqhagamshelwano lwedatha kweso zibuko (umzekelo, izinga lebhaud). Khetha ukuba izibuko leliphi imo eliza kusebenza kuyo. Isibuko ngasinye singasetwa ukuxhasa enye yezi ndlela zokusebenza:
· Imowudi ekhubaziweyo ayigqibekanga, izibuko lothotho alisebenzi
27

Isahluko 3:

Uthotho lwezibuko, Umamkeli, Isixhobo kunye noqwalaselo lomsebenzisi

· Imowudi yomncedisi weConsole yenza ufikelelo jikelele kwi serial console port kwizixhobo ezincanyathiselwe ngokulandelelanayo
· Imowudi yesixhobo iseta i-serial port ukuba inxibelelane ne-PDU, i-UPS okanye i-Environmental Monitor Devices (EMD)
· Imowudi yoMncedisi weSitena icwangcisa izibuko lothotho ukuba lilindele iseshoni yokungena yesiphelo sendlela engenayo · Imowudi yeBridge yothotho yenza udibaniso olungafihliyo lwezixhobo ezibini zezibuko ngaphezulu kwe
inethiwekhi.
1. Khetha Uthotho & Umsebenzi Wothungelwano > Uthotho lwezibuko ukubonisa iinkcukacha zezibuko lothotho 2. Ngokungagqibekanga, uthotho lwezibuko lusetwa kwimo yomncedisi weConsole. Cofa Hlela ecaleni kwezibuko ukuze ube
iqwalaselwe ngokutsha. Okanye nqakraza Hlela iiPorts ezininzi kwaye ukhethe ukuba yeyiphi izibuko onqwenela ukuwaqwalasela njengeqela. 3. Xa uthe waqwalasela kwakhona izicwangciso eziqhelekileyo kunye nemo yezibuko ngalinye, cwangcisa nayiphi na i-syslog ekude (jonga la macandelo alandelayo ngolwazi oluthile). Nqakraza Faka isicelo 4. Ukuba iseva ye-console iqwalaselwe ngokubeka iliso kwe-Nagios esasaziweyo, sebenzisa iinketho ze-Nagios Settings ukwenza iinkonzo ezityunjiweyo kwi-Host zibekwe esweni. izibuko. Ezi zizimeleyo kwindlela izibuko esetyenziswa ngayo. Olu thotho lweeparamitha zezibuko kufuneka zicwangciswe ukuze zihambelane nothotho lweeparamitha zezibuko kwisixhobo osincamathele kweso siqhagamshelanisi:
28

Incwadi yokusebenzisa

· Chwetheza kwileyibhile yezibuko · Khetha umlinganiselo weBaud ofanelekileyo, iParity, amaBits eDatha, iBits yokuMisa kunye noLawulo lokuHambo kwizibuko ngalinye.

· Cwangcisa i-Port Pinout. Lo mba wemenyu uvela kwizibuko ze-IM7200 apho i-pin-out ye-RJ45 nganye ye-serial port ingamiselwa njenge-X2 (Cisco Straight) okanye i-X1 (i-Cisco Rolled)

· Seta imowudi ye-DTR. Oku kukuvumela ukuba ukhethe ukuba i-DTR isoloko ibasiwe okanye ibasiwe kuphela xa kukho iseshoni yomsebenzisi esebenzayo

· Phambi kokuba uqhubele phambili noqwalaselo olungaphaya lwezibuko, kufuneka uqhagamshele izibuko kwizixhobo zothotho abaza kuzilawula kwaye uqinisekise ukuba banezicwangciso ezihambelanayo.

3.1.2

Imo yomncedisi weConsole
Khetha Indlela yeseva yeConsole ukwenza unikezelo lolawulo olukude kuthotho lwekhonsoli encanyathiselwe kolu thotho lwezibuko:

INqanaba lokuLoga Oku kuchaza inqanaba lolwazi ekufuneka lufakwe kwaye lubekwe esweni.
29

Isahluko sesi-3: I-Serial Port, i-Host, i-Device & Configuration yoMsebenzisi
Inqanaba 0: Khubaza ukugawulwa kwemithi (okuhlala kukho)
Inqanaba loku-1: Ngena nge-LOGIN, UKUPHUMA kunye neziganeko ze-SIGNAL
Inqanaba lesi-2: Ngena nge-LOGIN, LOGOUT, SIGNAL, TXDATA kunye neziganeko ze-RXDATA
Inqanaba lesi-3: Ngena kwi-LOGIN, LOGOUT, SIGNAL kunye neziganeko ze-RXDATA
Inqanaba lesi-4: Ngena nge-LOGIN, LOGOUT, SIGNAL kunye ne-TXDATA imicimbi
Igalelo/i-RXDATA yidatha efunyenwe sisixhobo se-Opengear kwisixhobo sothotho esiqhagamshelweyo, kunye nesiphumo/i-TXDATA yidatha ethunyelwa sisixhobo se-Opengear (umzekelo, esichwethezwe ngumsebenzisi) kwisixhobo sothotho esiqhagamshelweyo.
Iiconsole zesixhobo zikholisa ukuphinda amagama angemva njengoko zichwethezwa ukuze i-TXDATA ichwethezwe ngumsebenzisi ifunyenwe njenge-RXDATA, iboniswe kwi-terminal yabo.
QAPHELA: Emva kokwaziswa ngegama eligqithisiweyo, isixhobo esiqhagamsheleneyo sithumela * abasebenzi ukunqanda igama lokugqitha ekubonisweni.

I-Telnet Xa inkonzo ye-Telnet yenziwe yasebenza kwiseva ye-console, umxhasi weTelnet kwikhompyutha yomsebenzisi unokuqhagamshela kwisixhobo sothotho esincanyathiselwe kolu thotho lwezibuko kwiseva yeconsole. Ngenxa yokuba unxibelelwano lweTelnet alufihlwanga, le protocol icetyiswa kuphela kuqhagamshelo lwasekhaya okanye lweVPN.
Ukuba unxibelelwano olukude luthungelwa ngesidibanisi, iTelnet ingasetyenziselwa ukufikelela ngokukhuselekileyo kwezi zixhobo zincanyathiselwe.

PHAWULA

Kwimo yeseva ye-console, abasebenzisi banokusebenzisa isidibanisi ukuseta uqhagamshelo olukhuselekileyo lweTelnet olukwi-SSH ethontsiweyo ukusuka kwiikhomputha zabo zabathengi ukuya kuthotho lwezibuko kumncedisi we console. Iziqhagamshelo zinokufakelwa kwiiPC zeWindows nakuninzi lwamaqonga eLinux kwaye yenza ukuba uqhagamshelo lweTelnet olukhuselekileyo lukhethwe ngokucofa ngokucofa.

Ukusebenzisa isidibanisi ukufikelela kwiiconsoles kumncedisi weconsole kumazibuko othotho, qwalasela umdibaniso ngomncedisi weconsole njengesango, kwaye njengomamkeli, kwaye wenze inkonzo yeTelnet isebenze kwiPort (2000 + serial port #) ie 2001.

Ungasebenzisa kwakhona iipakethe zonxibelelwano ezisemgangathweni njengePuTTY ukuseta iTelnet ethe ngqo okanye uqhagamshelo lwe-SSH kumazibuko othotho.

QAPHELA Kwimo yomncedisi weConsole, xa uqhagamshela kwizibuko lothotho uqhagamshela nge-pmshell. Ukwenza i BREAK kuthotho lwezibuko, chwetheza ulandelelwano lomsebenzisi ~b. Ukuba wenza oku ngaphezulu kohlobo lwe-OpenSSH ~~b.

I-SSH

Kuyacetyiswa ukuba usebenzise i-SSH njengeprothokholi xa abasebenzisi beqhagamshela kwiseva yeconsole

(okanye uqhagamshele ngomncedisi weconsole kwi-serial consoles eqhotyoshelweyo) phezu kwe-Intanethi okanye nayiphi na

enye inethiwekhi yoluntu.

Ukufikelela kwi-SSH kwiiconsoles kwizixhobo ezincanyathiselwe kwi-console server serial port, ungasebenzisa isidibanisi. Qwalasela isidibanisi ngomncedisi weconsole njengesango, kwaye njengomamkeli, kwaye wenze inkonzo ye-SSH isebenze kwiSibuko (3000 + uthotho lwezibuko #) ie 3001-3048.

Ungasebenzisa kwakhona iipakethe zonxibelelwano eziqhelekileyo, njengePuTTY okanye i-SSTerm ukuya kwi-SSH ukuqhagamshela kwidilesi yezibuko yedilesi ye-IP _ Isibuko (3000 + uthotho lwezibuko #) oko kukuthi 3001

Udibaniso lwe-SSH lunokugcinwa kusetyenziswa i-port ye-SSH esemgangathweni 22. Izibuko lothotho elifikelelwayo lichongwa ngokufakela inkcazo kwigama lomsebenzisi. Le syntax ixhasa:

Incwadi yokusebenzisa
: : Kumsebenzisi ogama linguchris ukufikelela kuthotho lwezibuko 2, xa useka iSSTerm okanye umxhasi wePuTTY SSH, endaweni yokuchwetheza igama lomsebenzisi = chris kunye ne-ssh port = 3002, enye indlela kukuchwetheza igama lomsebenzisi = chris:port02 (okanye igama lomsebenzisi = chris: ttyS1) kunye ne-ssh port = 22. Okanye ngokuchwetheza igama lomsebenzisi=chris:serial kunye ne-ssh port = 22, umsebenzisi unikwe ukhetho lokukhetha izibuko:

Le syntax yenza ukuba abasebenzisi baseke itonela le-SSH kuwo onke amazibuko othotho kunye nezibuko elinye le-IP 22 kufuneka livulwe kwifirewall/isango labo.
QAPHELA Kwimo yomncedisi we console, uqhagamshela kwizibuko lothotho usebenzisa i-pmshell. Ukwenza i BREAK kuthotho lwezibuko, chwetheza ulandelelwano lomsebenzisi ~b. Ukuba wenza oku ngaphezulu kwe-OpenSSH, chwetheza ~~b.

I-TCP

I-RAW TCP ivumela uxhulumaniso kwi-socket ye-TCP. Ngelixa iinkqubo zonxibelelwano ezifana nePuTTY

ikwaxhasa i-RAW TCP, le protocol iqhele ukusetyenziswa sisicelo esiqhelekileyo

Kwi-RAW TCP, idilesi yezibuko engagqibekanga yidilesi yeIP _ Izibuko (4000 + isisiriyali sezibuko #) oko kukuthi 4001 4048

I-RAW TCP kwakhona yenza ukuba i-serial port ifakwe kwi-tunnel kwi-remote console server, ngoko ke izixhobo ezibini ze-serial port ziyakwazi ukudibanisa ngokubonakalayo phezu kwenethiwekhi (bona iSahluko 3.1.6 Ukuqhawula uthotho)

I-RFC2217 Ukukhetha i-RFC2217 yenza ukuba ulandelelwaniso lothotho lwezibuko lwelo zibuko. Kwi-RFC2217, idilesi yezibuko engagqibekanga yidilesi yeIP _ Isibuko (5000 + isisiriyali sezibuko #) oko kukuthi 5001 5048
Isoftware yomxhasi okhethekileyo iyafumaneka kwi-Windows UNIX kunye ne-Linux exhasa i-RFC2217 ye-virtual com port, ngoko ke umamkeli okude unokubeka iliso kwaye alawule izixhobo ezincanyathiselwe ezikude njengokungathi ziqhagamshelwe kwizibuko le-serial lendawo (bona iSahluko 3.6 seSahluko soSetyenzi lokwalathiswa ngokutsha ngeenkcukacha)
I-RFC2217 ikwavumela izibuko lothotho ukuba lidityaniswe kumncedisi we-console ekude, ngoko ke izixhobo ezibini ze-serial port zinokudityaniswa elubala kuthungelwano (bona iSahluko 3.1.6 Uthotho lwe-Serial Bridging)

ITelnet engagunyaziswanga Oku kwenza ufikelelo lweTelnet kuthotho lwezibuko ngaphandle kwengqinisekiso zoqinisekiso. Xa umsebenzisi efikelela kumncedisi weconsole kwiTelnet kwizibuko lothotho, banikwa unikezelo lokungena. NgeTelnet engagunyaziswanga, baqhagamshela ngokuthe ngqo kwizibuko ngaphandle komngeni wokungena kwiseva yeconsole. Ukuba umxhasi weTelnet uyakucela uqinisekiso, nayiphi na idatha engenisiweyo ivumela uqhagamshelwano.

Isahluko sesi-3: I-Serial Port, i-Host, i-Device & Configuration yoMsebenzisi
Le ndlela isetyenziswa nesixokelelwano sangaphandle (esifana nomlondolozi) ukulawula uqinisekiso lomsebenzisi kunye namalungelo ofikelelo kwinqanaba lesixhobo sothotho.
Ukungena kwisixhobo esiqhagamshelwe kwiseva yekhonsoli kunokufuna uqinisekiso.
KwiTelnet eNgavunywanga idilesi yezibuko engagqibekanga yidilesi yeIP _ Izibuko (6000 + uthotho lwezibuko #) oko kukuthi 6001 6048

I-SSH engagunyaziswanga Oku kwenza ufikelelo lwe-SSH kuthotho lwezibuko ngaphandle kwenkcaza zoqinisekiso. Xa umsebenzisi efikelela kumncedisi weconsole kwiTelnet kwizibuko lothotho, banikwa unikezelo lokungena. Nge-SSH engagunyaziswanga baqhagamshela ngokuthe ngqo kwizibuko ngaphandle komngeni wokungena kwiseva yeconsole.
Le mowudi isetyenziswa xa unenye inkqubo elawula uqinisekiso lomsebenzisi kunye namalungelo ofikelelo kumphakamo wesixhobo sothotho kodwa unqwenela ukuguqulela iseshoni ngokuntsonkotha ngapha komsebenzi womnatha.
Ukungena kwisixhobo esiqhagamshelwe kwiseva yekhonsoli kunokufuna uqinisekiso.
KwiTelnet eNgavunywanga idilesi yezibuko engagqibekanga yidilesi yeIP _ Izibuko (7000 + uthotho lwezibuko #) oko kukuthi 7001 7048
I : indlela yonikezelo lwezibuko (njengoko kuchaziwe kweli candelo lingasentla le-SSH) lihlala lifuna uqinisekiso.

Web Itheminali Oku kwenza ukuba web ukufikelela kwisikhangeli kwizibuko lothotho usebenzisa Lawula > Izixhobo: Uthotho usebenzisa iConsole yoLawulo eyakhelweyo kwiterminal yeAJAX. Web Itheminali iqhagamshela njengomsebenzisi oqinisekisiweyo woLawulo lweKhonsoli kwaye ayiqinisekisi kwakhona. Jonga icandelo 12.3 ngeenkcukacha ezithe vetshe.

IP Alias

Yenza ufikelelo kwi-serial port usebenzisa idilesi ethile ye-IP, echazwe kwifomathi ye-CIDR. Uthotho lwezibuko ngalinye linokwabelwa elinye okanye ngaphezulu iziteketiso ze-IP, ziqwalaselwe ngokwesiseko se-network-interface. Izibuko le-serial lingakwazi, umzekeloample, yenziwe ukuba ifikeleleke kuzo zombini 192.168.0.148 (njengenxalenye yothungelwano lwangaphakathi) kunye 10.10.10.148 (njengenxalenye yoLawulo lweLAN). Kuyenzeka kwakhona ukwenza uthotho lwezibuko lufumaneke kwiidilesi ezimbini ze-IP kuthungelwano olufanayo (ngokomzekeloample, 192.168.0.148 kunye 192.168.0.248).

Ezi dilesi ze-IP zingasetyenziswa kuphela ukufikelela kwizibuko lothotho oluthile, olufikelelekayo kusetyenziswa iprotocol ye-TCP yeenombolo zezibuko zeenkonzo zeseva ye-console. UmzekeloampLe, i-SSH kuthotho lwezibuko 3 luza kufikeleleka kwizibuko 22 lothotho lwezibuko IP alias (nangona kwidilesi engundoqo yomncedisi we console ifumaneka kwizibuko 2003).

Eli nqaku lingaqwalaselwa kwakhona ngokusebenzisa izibuko lephepha lokuhlela ezininzi. Kulo mzekelo iidilesi ze IP zisetyenziswa ngokulandelelanayo, kunye nezibuko lokuqala elikhethiweyo lifumana i-IP engenisiweyo kwaye abo balandelayo bafumana unyuso, ngamanani atsitywayo kuwo nawaphi na amazibuko angakhethwanga. Umzekeloample, ukuba izibuko 2, 3 kunye ne 5 zikhethiwe kwaye i IP alias 10.0.0.1/24 ifakwe kuNxibelelwano lweNethiwekhi, ezi dilesi zilandelayo zabelwe:

Izibuko 2: 10.0.0.1/24

Izibuko 3: 10.0.0.2/24

Izibuko 5: 10.0.0.4/24

Ii-IP Aliases zikwaxhasa iidilesi ze-IPv6 alias. Umahluko kuphela kukuba iidilesi zinamanani anehexadecimal, ngoko ke izibuko 10 zinokungqamana nedilesi ephela ngo A, kwaye 11 kwenye ephela ngo B, kunokuba 10 okanye 11 ngokwe IPv4.

Incwadi yokusebenzisa
Fihla iTrafikhi / Qinisekisa Vumela uguqulelo oluntsonkothileyo kunye nongqinisiso lwe-RFC2217 yonxibelelwano lwesiriyeli usebenzisa iPortshare (ukusebenzisa uguqulelo oluluqilima lweVPN).
Ixesha lokuqokelela Xa umdibaniso usekiwe kwizibuko lothotho oluthile (elifana nokwalathisa kwakhona kwe-RFC2217 okanye uqhagamshelwano lweTelnet kwikhompyuter ekude), nawaphi na amagama angenayo kweso zibuko agqithiselwa ngaphezulu komsebenzi womnatha ngokomlinganiswa. Ixesha lokuqokelela lichaza ixesha apho abalinganiswa abangenayo baqokelelwa phambi kokuba bathunyelwe njengepakethi kuthungelwano.
I-Escape Character Guqula imo esetyenzisiweyo ukuthumela abalinganiswa bokubaleka. Okwendalo ngu ~. Buyisela Isithuba sasemva endaweni yexabiso elingagqibekanga lesithuba se-CTRL+? (127) kunye ne-CTRL + h (8). Imenyu yamandla Umyalelo wokuzisa imenyu yamandla ngu ~p kwaye yenza umyalelo wamandla weqokobhe ngoko a
Umsebenzisi unokulawula uqhagamshelwano lwamandla kwisixhobo esilawulwayo ukusuka kwilayini yomyalelo xa iTelnet okanye i-SSH iqhagamshelwe kwisixhobo. Isixhobo esilawulwayo kufuneka simiselwe kunye noqhagamshelo lwezibuko lothotho kunye nodibaniso lwaMandla luqwalaselwe.
UQhagamshelwano Olulodwa Oku kuthintela izibuko kuqhagamshelo olunye ngoko ukuba abasebenzisi abaninzi banamalungelo ofikelelo kwizibuko elithile kuphela umsebenzisi omnye ngexesha anokufikelela kwelo zibuko (okt ukugqogqa kwezibuko akuvumelekanga).
33

Isahluko sesi-3: I-Serial Port, i-Host, i-Device & Configuration yoMsebenzisi
3.1.3 Isixhobo (i-RPC, i-UPS, i-Environmental) Imo Le mowudi iqwalasela i-port ye-serial ekhethiweyo ukunxibelelana ne-serial elawulwayo Unikezelo lwaMandla olungenakuphazamiseka (UPS), uMlawuli waMandla oMgama / iiYunithi zoSasazo lwaMandla (RPC) okanye iSixhobo sokuJonga iNdalo (Esingqongileyo)

1. Khetha uhlobo lwesiXhobo esifunekayo (UPS, RPC, okanye iNdawo)
2. Qhubeleka uye kwiphepha elifanelekileyo lolungiselelo lwesixhobo (Uthotho & Nenethiwekhi > Uqhagamshelo lwe-UPS, uQhagamshelwano lwe-RPC okanye lokusiNgqongileyo) njengoko kucacisiwe kwiSahluko sesi-7.

3.1.4 ·

Imo Yomncedisi Wesiphelo
Khetha Imo Yomncedisi Wesiphelo kunye Nodidi Lwesiphelo (vt220, vt102, vt100, Linux okanye ANSI) ukwenza i getty kwizibuko lothotho olukhethiweyo.

I-getty iqwalasela izibuko kwaye ilinde uxhulumaniso olwenziwayo. Uqhagamshelo olusebenzayo kwisixhobo sothotho luboniswa ngephini eliphakanyisiweyo le-Data Carrier Detect (DCD) kwisixhobo sothotho. Xa uxhulumaniso luchongiwe, inkqubo ye getty ikhupha igama elingenagama: khawuleza, kwaye ibhenela inkqubo yokungena ukusingatha indlela yokungena.
QAPHELA Ukukhetha imowudi yoMncedisi wesiphelo kungasebenzi uMphathi weZibuko kweso siqhagamshelanisi sezibuko, ngoko ke idatha ayisafakwa kwizilumkiso njl.njl.

Incwadi yokusebenzisa
3.1.5 Uthotho lweMowudi yokuBhuqa ngothotho, uthotho lwedatha kwizibuko lothotho olutyunjiweyo kwiseva enye yeconsole ifakwe kwipakethi yothungelwano kwaye ithuthwe ngothungelwano ukuya kumncedisi wesibini weconsole apho imelwe njengedatha yothotho. Iiseva ezimbini ze-console zisebenza njengentambo ye-serial ebonakalayo kwinethiwekhi ye-IP. Umncedisi omnye we console uqwalaselwe ukuba ngumncedisi. I-Server serial port eza kujongwa imiselwe kwimowudi yomncedisi weConsole nge RFC2217 okanye RAW yenziwe yasebenza. Kumncedisi weConsole yoMxumi, isisiriyali sezibuko ekufuneka sifakwe ibhulorho kufuneka simiselwe kwiNdlela yokuBhuqa:
· Khetha iNdlela yokuKhawuleza yothotho kwaye uchaze idilesi ye-IP yomncedisi we-Server console kunye nedilesi yezibuko ye-TCP yesiriyali esikude (ye-RFC2217 ukubhula oku kuya kuba yi-5001-5048)
· Ngokungagqibekanga, umxhasi wonxibelelwano usebenzisa i-RAW TCP. Khetha i-RFC2217 ukuba le yimowudi yeseva yekhonsoli oyixelileyo kumncedisi we console yomncedisi
· Ungalukhusela unxibelelwano nge-Ethernet yendawo ngokuvumela i-SSH. Yenza kwaye ufake izitshixo.
3.1.6 I-Syslog Ukongeza ekugawulweni kwe-inbuilt kunye nokubeka iliso okunokuthi kusetyenziswe kwi-serial-attached kunye ne-network-attached yolawulo lofikelelo, njengoko kugutyungelwe kwiSahluko 6, umncedisi we-console unokuqwalaselwa ukuxhasa i-remote syslog protocol kwi-port ye-serial nganye. isiseko:
· Khetha iSislog Indawo/imimandla ePhambili ukwenza ukuloga kwetrafikhi kuluhlu olukhethiweyo lwezibuko kwiseva yesyslog; kunye nokuhlela nokwenza loo miyalezo ingenisiweyo (okt uqondise ngokutsha / thumela i-imeyile yesilumkiso.)
35

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
Umzekeloample, ukuba ikhompyuter encanyathiselwe kwisiriyali sezibuko 3 ayinakuze ithumele nantoni na ngaphandle kwizibuko leconsole yochungechunge, umlawuli unokuseta iFacility yelo zibuko ukuya local0 (local0 .. local7 zenzelwe ixabiso lendawo yendawo), kunye noMbaluleko wokugxeka. . Koku kuqala, ukuba iseva ye-console iseva ye-syslog ifumana umyalezo, iphakamisa isilumkiso. Jonga iSahluko 6. 3.1.7 Ukusasazwa kwe-NMEA I-ACM7000-L inokubonelela nge-GPS ye-NMEA yokusasazwa kwedatha kwi-GPS yangaphakathi / imodem yeselula. Olu luhlu lwedatha lubonisa njengoluhlu lwedatha kwi-port 5 kwiimodeli ze-ACM.
Izicwangciso eziQhelekileyo (umlinganiselo webhaud njl.njl.) azihoywa xa uqwalasela izibuko lothotho lwe-NMEA. Ungakhankanya i-Fix Frequency (oko kukuthi, izinga lokulungiswa kwe-GPS limisela ukuba ukulungiswa kweGPS kufunyanwa kangaphi). Unako kwakhona ukufaka yonke iNdlela yomncedisi weConsole, iSyslog kunye nesetingi zeSyri Bridging kule port.
Ungasebenzisa i-pmshell, webiqokobhe, i-SSH, i-RFC2217 okanye i-RawTCP ukuze ufike kumsinga:
Umzekeloample, usebenzisa i Web Indawo yokukhwelela:
36

Incwadi yokusebenzisa

3.1.8 USB Consoles
Iiseva ze-Console ezinamachweba e-USB zixhasa uxhulumaniso lwe-console ye-USB kwizixhobo ezivela kuluhlu olubanzi lwabathengisi, kuquka i-Cisco, i-HP, i-Dell kunye ne-Brocade. La mazibuko USB nako ukusebenza njengoko plain RS-232 izibuko uthotho xa USB-to-serial iadaptha iqhagamshelene.

Ezi zibuko ze-USB ziyafumaneka njengeezibuko zeportmanager eziqhelekileyo kwaye zinikezelwe ngokwamanani kwi web UI emva zonke RJ45 izibuko serial.

I-ACM7008-2 ineechwephesha ezisibhozo ze-RJ45 ngasemva kweseva ye-console kunye namachweba amane e-USB ngaphambili. Kuthotho & Nothungelwano > Uthotho lwezibuko ezi dweliswe njenge

Izibuko # Isiqhagamshelo

RJ45

i-USB

10 USB

11 USB

12 USB

Ukuba i-ACM7008-2 ethile imodeli yeselula, i-port #13 - ye-GPS - iya kufakwa kuluhlu.

I-7216-24U ine-16 i-RJ45 izibuko ze-serial kunye ne-24 ye-USB ye-USB kwi-back-face yayo kunye ne-USB ejongene ngaphambili kunye (kwimodeli yeselula) i-GPS.

Izibuko ze-RJ45 ze-serial ziboniswa kwi-Serial & Network> I-Port ye-Serial njengamanani e-port 1. I-16 ye-USB ejongene ne-rearfacing ithatha amanani e-port 24, kwaye izibuko ze-USB ezijonge phambili zidweliswe kwiinombolo ze-port 17 kunye ne-40 ngokulandelelana. Kwaye, njenge-ACM41-42, ukuba i-7008-2U ethile yimodeli yeselula, i-GPS iboniswe kwinombolo ye-7216.

Izicwangciso eziqhelekileyo (izinga le-baud, njl.njl.) zisetyenziswa xa kuqwalaselwa amazibuko, kodwa eminye imisebenzi ayinakusebenza ngokuxhomekeke ekuphunyezweni kwe-chip ye-serial ye-USB ephantsi.

3.2 Yongeza uze uHlele Abasebenzisi
Umlawuli usebenzisa olu khetho lwemenyu ukwenza, ukuhlela kunye nokucima abasebenzisi kunye nokuchaza iimvume zofikelelo kumntu ngamnye kwaba basebenzisi.

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi

Abasebenzisi banokugunyaziswa ukufikelela kwiinkonzo ezikhankanyiweyo, amazibuko othotho, izixhobo zamandla kunye neenginginya ezikhankanyiweyo zothungelwano. Aba basebenzisi banokunikwa ubume bolawulo olupheleleyo (kunye noqwalaselo olupheleleyo kunye nolawulo kunye namalungelo okufikelela).

Abasebenzisi banokongezwa kumaqela. Amaqela amathandathu amiselwe ngokwendalo:

admin

Ibonelela ngamalungelo oqwalaselo kunye nolawulo olungenamda.

pptpd

Ivumela ukufikelela kwi-PPTP iseva yeVPN. Abasebenzisi kweli qela banamagama ayimfihlo agcinwe kumbhalo ocacileyo.

dialin

Ivumela ukufikelela kokucofa ngeemodem. Abasebenzisi kweli qela banamagama ayimfihlo agcinwe kumbhalo ocacileyo.

ftp

Ivumela ukufikelela kwe-ftp kunye file ukufikelela kwizixhobo zokugcina.

iqokobhe

Misela iqokobhe elihlala lihleli kwi-pmshell.

abasebenzisi

Ibonelela abasebenzisi ngamalungelo olawulo asisiseko.

Iqela lolawulo libonelela amalungu ngamalungelo omlawuli opheleleyo. Umsebenzisi wolawulo unokufikelela kwiseva ye-console usebenzisa naziphi na iinkonzo ezinikwe amandla kwiNkqubo> Iinkonzo Bayakwazi ukufikelela kuyo nayiphi na i-Hosts edibeneyo okanye izixhobo ze-serial port usebenzisa naziphi na iinkonzo eziye zavulelwa ezi nxibelelwano. Kuphela ngabasebenzisi abathembekileyo kufuneka babe nofikelelo lomlawuli
Iqela lomsebenzisi libonelela amalungu ngokufikelela okulinganiselweyo kwiseva ye-console kunye nemikhosi edibeneyo kunye nezixhobo ze-serial. Aba basebenzisi banokufikelela kuphela kwicandelo loLawulo lwemenyu yeConsole yoLawulo kwaye abanalo ukufikelela kumgca womyalelo kwiseva yeconsole. Banokufikelela kuphela kwezo Host kunye nezixhobo zothotho ezithe zakhangelwa kubo, besebenzisa iinkonzo ezinikwe amandla.
Abasebenzisi abakwipptd, dialin, ftp okanye pmshell amaqela bathintele ukufikelela kweqokobhe lomsebenzisi kwizixhobo ezichongiweyo ezilawulwayo kodwa abayi kuba nalo naluphi na ufikelelo oluthe ngqo kumncedisi weconsole. Ukongeza oku abasebenzisi kufuneka babe lilungu labasebenzisi okanye amaqela olawulo
Umlawuli unokumisela amaqela ongezelelweyo kunye nesixhobo esithile samandla, i-serial port kunye neemvume zokungena kumamkeli. Abasebenzisi kula maqela ongezelelweyo abanakho ukufikelela kwimenyu yeConsole yoLawulo kwaye abanalo naluphi na ufikelelo lomgca womyalelo kwiseva yeconsole.

Incwadi yokusebenzisa
Umlawuli unokuseta abasebenzisi ngesixhobo esithile samandla, izibuko lothotho kunye neemvume zokungena kumamkeli abangengawo amalungu awo nawaphi na amaqela. Aba basebenzisi abanalo naluphi na ufikelelo kwimenyu yeConsole yoLawulo okanye ukufikelela kumgca womyalelo kwiseva yeconsole. 3.2.1 Misela iqela elitsha Ukuseta amaqela amatsha kunye nabasebenzisi abatsha, kunye nokuhlela abasebenzisi njengamalungu amaqela athile:
1. Khetha Uthotho & Nenethiwekhi > Abasebenzisi & Amaqela ukubonisa onke amaqela kunye nabasebenzisi 2. Cofa Yongeza Iqela ukongeza iqela elitsha
3. Yongeza igama leQela kunye neNkcazelo kwiqela ngalinye elitsha, kwaye utyumbe iiNdawo eziFikelelayo, iiNdawo eziFikelelayo kunye neeNdawo zeRPC eziFikelelayo apho abasebenzisi kweli qela litsha baya kukwazi ukufikelela kuzo.
4. Cofa Faka 5. Umlawuli angaHlela okanye acime naliphi na iqela elongeziweyo onke amaqela kunye nabasebenzisi 3.2.2. Cofa Yongeza Umsebenzisi
39

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
3. Yongeza i-Username kumsebenzisi omtsha ngamnye. Ungabandakanya ulwazi olunxulumene nomsebenzisi (umzekelo, iinkcukacha zoqhagamshelwano) kwindawo yeNkcazo. Igama lomsebenzisi lingaqulatha ukusuka kwi-1 ukuya kwi-127 oonobumba bealphanumeric kunye noonobumba "-" "_" kunye ".".
4. Chaza ukuba ngawaphi amaQela onqwenela ukuba umsebenzisi abe lilungu lawo 5. Yongeza iPassword eqinisekisiweyo kumsebenzisi omtsha ngamnye. Bonke abalinganiswa bavumelekile. 6. Ungqinisiso lweqhosha lokugqitha le-SSH lunokusetyenziswa. Ncamathelisa izitshixo zoluntu ezigunyazisiweyo zoluntu/zabucala
izitshixo zalo msebenzisi kwindawo yeSitshixo se-SSH esiGunyaziweyo
xa usebenzisa i-SSH 8. Khangela Yenza ucofa-Buyela kwi-Dial-in Options menu ukuvumela udibaniso oluphumayo lokucofa ngasemva.
izakuqhutywa ngokungena kweli zibuko. Ngenisa iNombolo yeFowuni yokucofa kunye nenombolo yefowuni yokufowuna kwakhona xa umsebenzisi engena 9. Jonga iiNdawo eziFikelelayo kunye/okanye iiZibuko eziFikelelekayo ukutyumba uthotho lwamazibuko kunye neenginginya ezidityanisiweyo zenethiwekhi unqwenela ukuba umsebenzisi abe namalungelo ofikelelo ku-10. kukho ii-RPC eziqwalaselweyo, khangela iiNdawo ze-RPC eziFikelelekayo ukucacisa ukuba zeziphi iindawo umsebenzisi anokukwazi ukuzilawula (okt ukuVula/Cima) 11. Cofa Faka. Umsebenzisi omtsha uya kukwazi ukufikelela kwiNethiwekhi yeZixhobo, iiPorts kunye neRPC Outlets. Ukuba umsebenzisi ulilungu leqela, banokufikelela kuso nasiphi na esinye isixhobo/izibuko/isixhobo esifumanekayo kwiqela
40

Incwadi yokusebenzisa
Akukho mida kwinani labasebenzisi onokuthi ubamise okanye inani labasebenzisi kwi-serial port okanye umamkeli. Abasebenzisi abaninzi banokulawula / ukujonga izibuko elinye okanye umamkeli. Akukho mida kwinani lamaqela kwaye umsebenzisi ngamnye unokuba lilungu leqela lamaqela. Umsebenzisi akanyanzelekanga ukuba abe lilungu lalo naliphi na iqela, kodwa ukuba umsebenzisi ulilungu leqela elingagqibekanga lomsebenzisi, abayi kukwazi ukusebenzisa iConsole yoLawulo ukulawula amazibuko. Ngelixa kungekho mida, ixesha lokuphinda liqwalaselwe liyakhula njengoko inani kunye nobunzima bukhula. Sicebisa inani elidityanisiweyo labasebenzisi kunye namaqela agcinwe ngaphantsi kwe-250. Umlawuli unokuhlela useto lofikelelo kubo nabaphi na abasebenzisi abakhoyo:
· Khetha Uthotho & Umsebenzi womnatha > Abasebenzisi & Amaqela kwaye ucofe Hlela ukulungisa amalungelo ofikelelo lomsebenzisi · Cofa Cima ukususa umsebenzisi · Cofa Cima ukuvala okwethutyana amalungelo ofikelelo.
3.3 Uqinisekiso
Jonga iSahluko 8 ngeenkcukacha zoqwalaselo loqinisekiso.
3.4 Abamkeli beNethiwekhi
Ukubeka iliso kunye nokufikelela ukude kwikhompyuter enenethiwekhi yendawo okanye isixhobo (esibizwa ngokuba ngumamkeli) kufuneka uchonge umamkeli:
1. Ukukhetha Uthotho & Umsebenzi Wothungelwano > Iinginginya zeNethiwekhi zibonisa zonke iiNgingi zenethiwekhi eziqhagamshelweyo ezivulelwe ukusetyenziswa.
2. Cofa yongeza umamkeli ukwenza ufikelelo kumamkeli omtsha (okanye khetha Hlela ukuhlaziya useto lomamkeli okhoyo)
41

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
3. Ukuba i-Host i-PDU okanye i-UPS isixhobo samandla okanye iseva ene-IPMI yolawulo lwamandla, cacisa i-RPC (ye-IPMI kunye ne-PDU) okanye i-UPS kunye noHlobo lwesiXhobo. Umlawuli unokuqwalasela ezi zixhobo kwaye enze ukuba ngabaphi na abasebenzisi abanemvume yokujikeleza amandla ukude, njl njl. Jonga iSahluko 7. Ngaphandle koko shiya udidi lwesiXhobo lusete kuNonye.
4. Ukuba i-server ye-console iqwalaselwe ngokujongwa kwe-Nagios esasaziweyo, uya kubona kwakhona iiSetingi ze-Nagios iinketho ukwenza iinkonzo ezityunjiweyo zibekwe esweni.
5. Cofa Faka. Oku kudala i-Host entsha kwaye yenza isixhobo esitsha esilawulwayo esinegama elifanayo.
3.5 Uthungelwano oluthembekileyo
Uncedo lothungelwano oluThenjiweyo lukunika ukhetho lokutyumba iidilesi ze-IP ekufuneka abasebenzisi babekwe kuzo, ukuze babe nofikelelo kwi-console server serial port:
42

Incwadi yokusebenzisa
1. Khetha Uthotho & Nenethiwekhi > Uthungelwano oluThenjiweyo 2. Ukongeza inethwekhi entsha ethembekileyo, khetha Faka uMthetho. Xa kungekho Mithetho, akukho ukufikelela
imida malunga nedilesi ye-IP apho abasebenzisi banokubekwa khona.

3. Khetha iiPorts ezifikelelekayo ekuza kusetyenziswa kuzo umthetho omtsha
4. Faka idilesi yeNethiwekhi ye-subnet ukuze uvunyelwe ukufikelela
5. Cacisa uluhlu lweedilesi ezivumelekileyo ngokungenisa iNethiwekhi yesigqubuthelo soluhlu oluvunyelweyo lweIP umz.
· Ukuvumela bonke abasebenzisi ababekwe kuDidi C loqhagamshelo lomsebenzi wothungelwano kwizibuko elichongiweyo, yongeza lo Mthetho ulandelayo womnatha oThenjiweyo:

Idilesi ye-IP yenethiwekhi

204.15.5.0

Imaski yeSnetnet

255.255.255.0

· Ukuvumela umsebenzisi omnye kuphela obekwe kwidilesi ye-IP ethile ukuba aqhagamshele:

Idilesi ye-IP yenethiwekhi

204.15.5.13

Imaski yeSnetnet

255.255.255.255

· Ukuvumela bonke abasebenzisi abasebenza phakathi koluhlu oluthile lweedilesi ze-IP (yithi nayiphi na idilesi kwezingamashumi amathathu ukusuka ku-204.15.5.129 ukuya ku-204.15.5.158) ukuba bavunyelwe uqhagamshelo kwizibuko elichongiweyo:

Idilesi yomamkeli/yeNxibelelwano

204.15.5.128

Imaski yeSnetnet

255.255.255.224

6. Cofa Faka

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
3.6 Uthotho lwePort Cascading
IiPorts eziCascaded zikuvumela ukuba udibanise iiseva ezisasazwayo zeconsole ukuze inani elikhulu leezibuko ze-serial (ukuya kwi-1000) zingaqwalaselwa kwaye zifikeleleke ngedilesi enye ye-IP kwaye ilawulwe ngeConsole yoLawulo enye. Iseva enye ye-console, iPrayimari, ilawula ezinye iiseva ze-console njengeeyunithi zeNode kunye nazo zonke izibuko ze-serial kwiiyunithi zeNode zibonakala ngathi ziyinxalenye yePrimary. Ukudityaniswa kwe-Oongear kudibanisa iNode nganye kwiPrayimari ngoqhagamshelwano lwe-SSH. Oku kwenziwa kusetyenziswa ukuqinisekiswa kwesitshixo sikawonke-wonke, ngoko iPrayimari inokufikelela kwiNode nganye isebenzisa iqhosha le-SSH (kunokusebenzisa amagama ayimfihlo). Oku kuqinisekisa unxibelelwano oluqinisekisiweyo oluqinisekisiweyo phakathi kwePrayimari kunye neeNodes zenza ukuba iiyunithi zeseva yeNode zisasazwe ekuhlaleni kwi-LAN okanye ukude kwihlabathi jikelele.
3.6.1 Ukuvelisa ngokuzenzekelayo kwaye ufake izitshixo ze-SSH Ukuseta ungqinisiso lwesitshixo sikawonke-wonke kufuneka uqale uvelise i-RSA okanye i-DSA key pair kwaye uzifake kwi-Primary and Node console servers. Oku kunokwenziwa ngokuzenzekelayo kwiPrimary:
44

Incwadi yokusebenzisa
1. Khetha iSistim > Ulawulo kwi-Primary's Management Console
2. Jonga Yenza amaqhosha e-SSH ngokuzenzekelayo. 3. Cofa Faka
Okulandelayo kufuneka ukhethe ukuba uvelise izitshixo usebenzisa iRSA kunye/okanye iDSA (ukuba awuqinisekanga, khetha iRSA kuphela). Ukuvelisa isethi nganye yezitshixo kufuna imizuzu emibini kwaye amaqhosha amatsha atshabalalisa izitshixo ezindala zolo hlobo. Ngelixa isizukulwana esitsha siqhuba, imisebenzi exhomekeke kwizitshixo ze-SSH (umzekelo, i-cascade) inokuyeka ukusebenza de ihlaziywe kunye nezitshixo ezintsha. Ukwenza izitshixo:
1. Khangela iibhokisi zamaqhosha onqwenela ukuwavelisa. 2. Cofa Faka
3. Nje ukuba amaqhosha amatsha enziwe, cofa ikhonkco Cofa apha ukubuyisela. Izitshixo zilayishiwe
ukuya kwiPrayimari kunye neeNodi eziqhagamshelweyo.
3.6.2 Yenza ngesandla kwaye ufake izitshixo ze-SSH Ngenye indlela ukuba une-RSA okanye i-DSA key pair ungayifaka kwii-Prayimari kunye ne-Node consoleservers. Ukulayisha isitshixo sesitshixo sikawonke-wonke kunye nesibini sesitshixo sabucala kwi-Primary console server:
1. Khetha iSistim > Ulawulo kwi-Primary's Management Console
2. Bhrawuza kwindawo oyigcinileyo iRSA (okanye iDSA) iSitshixo sikaWonke-wonke kwaye uyilayishe kwi-SSH RSA (DSA) isitshixo sikawonke-wonke.
3. Khangela kwi-RSA egciniweyo (okanye i-DSA) iSitshixo saBucala kwaye uyilayishe kwi-SSH RSA (DSA) iSitshixo saBucala 4. Cofa kwi-Apply
45

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
Okulandelayo, kufuneka ubhalise iSitshixo sikaWonke-wonke njengeSitshixo esiGunyaziweyo kwiNode. Kwimeko yePrayimari enye eneNodes ezininzi, ulayisha i-RSA enye okanye isitshixo sikawonke-wonke se-DSA kwiNode nganye.
1. Khetha iSixokelelwano > Ulawulo kwi-Node yoLawulo lweKhonsoli 2. Khangela kwi-RSA egciniweyo (okanye i-DSA) iSitshixo sikawonke-wonke kwaye uyilayishe kwi-Node ye-SSH eGunyaziweyo Key
3. Cofa u-Apply Inyathelo elilandelayo kukuprinta iFingerprint nganye entsha yoqhagamshelo lweNode-Primary. Eli nyathelo liqinisekisa ukuba useka iseshoni ye-SSH kumntu ocinga ukuba unguye. Kuqhagamshelo lokuqala iNode ifumana umnwe ovela kwiPrayimari esetyenziswa kulo lonke uqhagamshelo lwexesha elizayo: Ukuseka umnwe kuqala kwiseva ePrayimari njengengcambu kwaye usete uqhagamshelo lwe-SSH kwinginginya ekude yeNode:
# ssh remhost Nje ukuba uqhagamshelwano lwe-SSH lusekiwe, uyacelwa ukuba wamkele isitshixo. Phendula ewe kwaye umnwe wongezwa kuluhlu lweenginginya ezaziwayo. Ukuba ucelwe ukuba unikeze igama eliyimfihlo, bekukho ingxaki yokulayisha izitshixo. 3.6.3 Qwalasela iiNodes kunye ne-serial ports yazo Qalisa ukuseta iiNodes kwaye uqwalasele i-Node serial ports from the Primary console server:
1. Khetha Uthotho kunye neNethiwekhi > Iizibuko eziCascade kwiKhonsoli yoLawulo lwePrimary: 2. Ukongeza inkxaso yokudibanisa, khetha Yongeza iNode.
Awunako ukongeza iiNodes de ube wenze izitshixo ze-SSH. Ukuchaza kunye nokuqwalasela iNode:
46

Incwadi yokusebenzisa
1. Faka idilesi ye-IP ekude okanye Igama le-DNS kwi-Node console iseva 2. Faka iNkcazelo emfutshane kunye neLeyibhile emfutshane yeNode 3. Faka inani elipheleleyo lee-serial ports kwiyunithi yeNode kwiNode yeePorts 4. Cofa Faka isicelo. Oku kuseka itonela ye-SSH phakathi kwePrayimari kunye neNode entsha
Uthotho & Nenethiwekhi > IiPorts eziCascade imenu ibonisa zonke iindawo kunye neenombolo zezibuko ezinikezelwe kwiPrayimari. Ukuba i-Primary console iseva ine-16 izibuko zayo, izibuko ze-1-16 zabelwe ngaphambili kwiPrayimari, ngoko i-node yokuqala eyongeziweyo yabelwe inombolo ye-17 ukuya phambili. Nje ukuba wongeze zonke iiseva ze-console ye-Node, i-Node serial ports kunye nezixhobo ezixhunyiwe ziqwalaselwe kwaye zifikeleleke kwi-Primary's Management Console menu kwaye zifikeleleke ngedilesi ye-IP yePrimary.
1. Khetha i Uthotho olufanelekileyo & Umsebenzi womnatha > Isibuko sothotho kwaye Hlela ukuqwalasela izibuko zothotho kwi
Indawo.
2. Khetha uthotho olufanelekileyo & Nenethiwekhi > Abasebenzisi & Amaqela ukongeza abasebenzisi abatsha ngamalungelo ofikelelo
kwiNode serial port (okanye ukwandisa amalungelo okufikelela kubasebenzisi abakhoyo).
3. Khetha uthotho olufanelekileyo & Umsebenzi Wothungelwano > Uthungelwano oluThenjiweyo ukucacisa iidilesi zenethiwekhi leyo
inokufikelela kumazibuko othotho otyunjiweyo. 4. Khetha izilumkiso ezifanelekileyo kunye nokuLogging > Izilumkiso zokuqwalasela uQhagamshelwano lwesibuko seNode, iState.
Izilumkiso zoMtshakiso wePateni yoTshintsho. Utshintsho loqwalaselo olwenziwe kwiPrayimari lusasazwa kuzo zonke iindawo xa ucofa Faka isicelo.
3.6.4 Ukulawula iiNodi Iprayimari ikulawulo lweeNode serial ports. UmzekeloampLe, ukuba utshintsha amalungelo ofikelelo lomsebenzisi okanye uhlele nasiphi na isisiriya sesicwangciso sezibuko kwiPrimary, uqwalaselo oluhlaziyiweyo. files zithunyelwa kwiNode nganye ngokunxuseneyo.INodi nganye yenza utshintsho kuqwalaselo lwazo lwasekhaya (kwaye lwenza kuphela utshintsho oluyelelene namazibuko othotho awo athile). Ungasebenzisa iKhonsoli yoLawulo yeNode yasekuhlaleni ukutshintsha izicwangciso nakweyiphi na indawo yothotho lwezibuko (ezifana nokutshintsha amaxabiso e-baud). Olu tshintsho lubhalwa ngaphezulu kwixesha elizayo xa iPrayimari ithumela uqwalaselo file hlaziya. Ngelixa iPrayimari ilawula yonke imisebenzi enxulumene nothotho lwe-node yezibuko, ayiyonto iphambili ngaphezulu koqhagamshelo lomncedisi womnatha we-node okanye ngaphezulu kwe-Node Console Server system. Imisebenzi ye-Node efana ne-IP, i-SMTP & ne-SNMP Izicwangciso, Umhla kunye nexesha, iseva ye-DHCP kufuneka ilawulwe ngokufikelela kwi-node nganye ngokuthe ngqo kwaye le misebenzi ayibhalwanga ngaphezulu xa utshintsho loqwalaselo lusasazwa kwi-Primary. I-Node's Network Host kunye nezicwangciso ze-IPMI kufuneka ziqwalaselwe kwindawo nganye.
47

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
IConsole yoLawulo lwePrayimari ibonelela ngokudityaniswayo view yezicwangciso zayo kunye nezibuko zothotho lweNode iphela. Iprayimari ayiboneleli ngokudityaniswa ngokupheleleyo view. UmzekeloampLe, ukuba ufuna ukufumanisa ukuba ngubani ongenileyo kumazibuko eserial ecascaded ukusuka kweyokuqala, uya kubona ukuba Imo > Abasebenzisi Abasebenzayo babonisa kuphela abo basebenzisi basebenzayo kumazibuko ePrimary, ngoko unokufuna ukubhala izikripthi zesiko ukunika le view.
3.7 Uthotho lwezibuko lokwalathisa kwakhona (iPortShare)
I-software ye-Oongear ye-Port Share ihambisa iteknoloji yesiriyali se-serial yobuchwephesha kwii-Windows kunye ne-Linux izicelo ezifuna ukuvula izibuko ezikude kwaye zifunde idatha evela kwizixhobo zothotho eziqhagamshelwe kumncedisi wakho weconsole.
IPortShare inikezelwa simahla kunye neseva nganye yekhonsoli kwaye unelayisensi yokufaka iPortShare kwikhompyuter enye okanye ngaphezulu ukuze ufikelele nakwesiphi na isixhobo sothotho esiqhagamshelwe kwizibuko leseva yeconsole. IPortShare yeeWindows I-portshare_setup.exe inokukhutshelwa kwisiza se-ftp. Jonga i-PortShare User Manual kunye nokuQala ngokukhawuleza ngeenkcukacha zofakelo kunye nokusebenza. IPortShare yeLinux Umqhubi wePortShare weLinux ubonisa ikhonkco lomncedisi we-console kwizibuko lokuzama inginginya. I-Oongear ikhuphe i-portshare-serial-client njengesixhobo somthombo ovulekileyo weLinux, AIX, HPUX, SCO, Solaris kunye ne-UnixWare. Esi sixhobo sinokukhutshelwa kwisiza se-ftp. Le PortShare uthotho lomlawuli wezibuko ikuvumela ukuba usebenzise isixhobo sothotho esiqhagamshelwe kumncedisi weconsole ekude ngokungathi iqhagamshelwe kwizibuko lothotho lwakho lobulali. I-porthare-serial-client yenza i-pseudo tty port, idibanisa uthotho lwesicelo kwi pseudo tty port, ifumana idata kwi pseudo tty port, iyigqithisele kumncedisi we console ngomsebenzi womnatha kwaye ifumana idata kumncedisi we console ngomsebenzi womnatha kwaye izigqithisele. kwizibuko le-pseudo-tty. Itar file inokukhutshelwa kwisiza se-ftp. Jonga iPortShare User Manual kunye nokuQala ngokukhawuleza ngeenkcukacha zofakelo kunye nokusebenza.
48

Incwadi yokusebenzisa
3.8 Izixhobo eziLawulwayo
Iphepha leZixhobo eziLawulwayo libonisa oludityanisiweyo view kulo lonke uqhagamshelo kwisixhobo esinokufikelelwa kwaye sibekwe iliso ngomncedisi we console. Ukuya view uqhagamshelo kwizixhobo, khetha Uthotho & Nenethiwekhi > Izixhobo eziLawulwayo
Esi sikrini sibonisa zonke izixhobo ezilawulwayo kunye neNkcazo/Amanqaku kunye noluhlu lwazo zonke iiNxulumano eziqwalaselweyo:
· Uthotho lwezibuko # (ukuba uqhagamshelwe ngokulandelelana) okanye · USB (ukuba i-USB iqhagamshelwe) · Idilesi ye-IP (ukuba inethwekhi iqhagamshelwe) · I-Power PDU/inkcukacha zokuphuma (ukuba ikhona) kunye naluphi na uqhagamshelo lwe-UPS Izixhobo ezifana nabancedisi banokuba noqhagamshelo lwamandla angaphezu kwesinye. (umzekelo unikezelo lwamandla amabini) kunye noqhagamshelwano lothungelwano olungaphezulu kwesinye (umz. lwe-BMC/iprosesa yenkonzo). Bonke abasebenzisi banako view olu qhagamshelwano lwesixhobo esilawulwayo ngokukhetha Lawula > Izixhobo. Abalawuli banokuhlela kwaye bongeze / bacime ezi zixhobo ezilawulwayo kunye noqhagamshelwano lwazo. Ukuhlela isixhobo esisele sikhona kunye nokongeza uqhagamshelwano olutsha: 1. Khetha Hlela kuthotho & Nethwekhi > Izixhobo eziLawulwayo kwaye ucofe Yongeza uQhagamshelwano 2. Khetha uhlobo loqhagamshelo loqhagamshelwano olutsha (iSeriyali, Umamkeli womnatha, UPS okanye RPC) kwaye ukhethe.
udibaniso oluvela kuluhlu olubonisiweyo lwenginginya ezingabiwanga ezimiselweyo/iizibuko/iimpahla
49

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
Ukongeza inethiwekhi entsha eqhagamshelwe isixhobo esilawulwayo: 1. UMlawuli wongeza isixhobo esilawulwayo somsebenzi womnatha omtsha oqhagamshelwe usebenzisa Yongeza Umamkeli kuthotho & Nenethiwekhi > Imenu yomamkeli weNethiwekhi. Oku kwenza ngokuzenzekelayo isixhobo esitsha esilawulwayo esihambelanayo. 2. Xa usongeza inethiwekhi entsha eqhagamshelwe kwi-RPC okanye isixhobo samandla se-UPS, useta i-Network Host, uyichaze njenge-RPC okanye i-UPS. Yiya kuQhagamshelwano lwe-RPC okanye uQhagamshelwano lwe-UPS ukulungisa uqhagamshelwano olufanelekileyo. Isixhobo esitsha esilawulwayo esihambelanayo esineGama elifanayo / Inkcazo njenge-RPC/UPS Umamkeli akwenziwanga de eli nyathelo lokudibanisa ligqitywe.
QAPHELA Amagama aphumayo kwi-PDU esandula ukuyilwa yi-Outlet 1 kunye ne-Outlet 2. Xa uqhagamshela isixhobo esithile esilawulwayo esitsala amandla kwi-outlet, indawo yokuphuma ithatha igama lesixhobo esilawulwayo esiqhutywayo.
Ukongeza isixhobo esitsha esilawulwayo esiqhagamshelwe ngokulandelelana: 1. Qwalasela uthotho lwezibuko usebenzisa Uthotho & Nothungelwano > Uthotho lwezibuko lemenu (Jonga iCandelo 3.1 Qwalasela isiQothi seSeriya) 2. Khetha Uthotho & Nenethiwekhi > Izixhobo eziLawulwayo kwaye ucofe Yongeza icebo 3. Faka icebo. Igama kunye neNkcazelo yesixhobo esilawulwayo

4. Cofa Yongeza uQhagamshelwano kwaye ukhethe i-Serial kunye nePort edibanisa kwisixhobo esilawulwayo

5. Ukongeza uqhagamshelo lwamandla e-UPS/RPC okanye uqhagamshelo lwenethiwekhi okanye olunye uqhagamshelo lothotho cofa Faka uQhagamshelwano

6. Cofa Faka

PHAWULA

Ukuseta iRPC UPS okanye isixhobo se-EMD esiqhagamshelwe ngokulandelelana, qwalasela isiriyali sezibuko, sibonise sona njengeSixhobo, kwaye ungenise Igama neNkcazelo yeso sixhobo kuSeri & Nothungelwano > UQhagamshelwano lweRPC (okanye UQhagamshelwano lwe-UPS okanye Okusingqongileyo). Oku kudala isixhobo esitsha esilawulwayo esihambelanayo kunye neGama / Inkcazo efanayo ne-RPC/UPS Umamkeli. Amagama okuphuma kule PDU esanda kwenziwa yi-Outlet 1 kunye ne-Outlet 2. Xa uqhagamshela isixhobo esilawulwayo esitsala amandla kwi-outlet, i-outlet ithatha igama leSixhobo esilawulwayo esinamandla.

3.9 IPsec VPN
I-ACM7000, CM7100, kunye ne-IM7200 ibandakanya i-Openswan, ukuphunyezwa kwe-Linux ye-IPsec (IP Security) protocol, engasetyenziselwa ukuqwalasela i-Virtual Private Network (VPN). I-VPN ivumela iisayithi ezininzi okanye abalawuli abakude ukuba bafikelele kwiseva ye-console kwaye balawule izixhobo ngokukhuselekileyo kwi-Intanethi.

Incwadi yokusebenzisa
Umlawuli unokuseka uqhagamshelo lwe-VPN olufihliweyo phakathi kweeseva zekhonsoli ezisasazwe kwiindawo ezikude kunye nesango le-VPN (njenge-Cisco router eqhuba i-IOS IPsec) kuthungelwano lwe-ofisi ephakathi:
· Abasebenzisi kwiofisi esembindini banokufikelela ngokukhuselekileyo kwiiseva ezikude zekhonsoli kunye nezixhobo eziqhagamshelweyo ze-serial console kunye noomatshini kwi-subnet yoLawulo lwe-LAN kwindawo ekude ngokungathi basekhaya.
· Zonke ezi seva ze-remote console zinokujongwa nge-CMS6000 kuthungelwano olusembindini.
iqhagamshelwe kwizixhobo ezilawulwa ngokulandelelana kwiindawo ezikude Umphathi womkhosi wendlela unokusebenzisa iVPN IPsec umxhasi wesoftware ukufikelela ukude umncedisi we console kunye noomatshini bonke kuLawulo lwe-LAN subnet kwindawo ekude.
Uqwalaselo lwe-IPsec luntsonkothile kakhulu ngoko ke i-Opengear ibonelela ngojongano lwe-GUI lokuseta okusisiseko njengoko kuchaziwe ngezantsi. Ukwenza isango leVPN:
1. Khetha i-IPsec VPN kuthotho kunye neeNethiwekhi menu
2. Cofa Yongeza kwaye ugqibezele Yongeza IPsec Itonela isikrini 3. Faka naliphi na igama elichazayo onqwenela ukulichonga IPsec Itonela oyongezayo njenge.
I-WestStOutlet-VPN
51

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
4. Khetha iNdlela yoQinisekiso eza kusetyenziswa, nokuba ziisignitsha zedijithali zeRSA okanye iSefihlo eKwabelwana ngaso (PSK) o Ukuba ukhetha iRSA uyacelwa ukuba ucofe apha ukuze wenze izitshixo. Oku kuvelisa i RSA isitshixo sikawonke-wonke somncedisi we console (iSitshixo sikaWonke-wonke sasekhohlo). Khangela iqhosha eliza kusetyenziswa kwisango elikude, lisike kwaye ulincamathelise kwiSitshixo saseKunene sikaWonke-wonke
o Ukuba ukhetha Imfihlo eKwabelwana ngayo, faka imfihlo ekwabelwana ngayo kwangaphambili (PSK). I-PSK kufuneka ihambelane ne-PSK eqwalaselweyo kwelinye icala letonela
5. KwiProtokholi yoQinisekiso khetha iprotocol yokuqinisekisa eza kusetyenziswa. Qinisekisa njengenxalenye ye-ESP (Encapsulating Security Payload) yoguqulelo oluntsonkothileyo okanye ngokwahlukeneyo usebenzisa iprotocol ye-AH (iNtloko yoQinisekiso).
52

Incwadi yokusebenzisa
6. Faka i-ID yasekhohlo kunye ne-ID yasekunene. Esi sisichongi esisetyenziswa ngumamkeli weNgingqi/isango kunye nenginginya ekude/isango elisetyenziselwa uthethathethwano lwe-IPsec kunye noqinisekiso. Isazisi ngasinye kufuneka siquke i-@ kwaye sinokubandakanya igama le-domain eliqeqeshwe ngokupheleleyo (umz. left@example.com)
7. Ngenisa idilesi ye-IP kawonke-wonke okanye ye-DNS yale Opengear VPN gateway njengedilesi yasekhohlo. Ungashiya oku kungenanto ukusebenzisa ujongano lwendlela engagqibekanga
8. Kwidilesi yasekunene faka idilesi ye-IP yoluntu okanye ye-DNS yesiphelo esikude setonela (kuphela ukuba isiphelo esikude sinedilesi engatshintshiyo okanye yeDynDNS). Kungenjalo yiyeke ingenanto
9. Ukuba isango le-Opengear VPN lisebenza njengesango le-VPN kwi-subnet yendawo (umzekelo, iseva ye-console ine-Lan yoLawulo eqwalaselweyo) faka iinkcukacha ze-subnet yabucala kwi-Subnet yaKhohlo. Sebenzisa ubhalo lwe-CIDR (apho inombolo yedilesi ye-IP ilandelwa sisisilayi kunye nenani leebhithi `ezinye' kubhalo lokubini lwemaski yomnatha). Umzekeloample, 192.168.0.0/24 ibonisa idilesi ye-IP apho amasuntswana angama-24 okuqala asetyenziswa njengedilesi yenethiwekhi. Oku kuyafana 255.255.255.0. Ukuba ukufikelela kweVPN kuphela kumncedisi weconsole kunye nezixhobo zayo eziqhotyoshelwe kwi-serial console, shiya i-Subnet yasekhohlo ingenanto.
10. Ukuba kukho isango le-VPN kwindawo ekude, faka iinkcukacha ze-subnet yangasese kwi-Right Subnet. Sebenzisa ubhalo lwe-CIDR kwaye ushiye kungenanto ukuba kukho inginginya ekude kuphela
11. Khetha Qalisa Itonela ukuba uqhagamshelwano lwetonela luza kuqaliswa ukusuka kwisiphelo somncedisi wekhonsoli yasekhohlo. Oku kunokuqaliswa kuphela kwisango leVPN (Ekhohlo) ukuba isiphelo esikude siqwalaselwe nge-static (okanye DynDNS) idilesi yeIP.
12. Cofa u-Apply ukugcina utshintsho
QAPHELA Iinkcukacha zoqwalaselo zicwangciswe kwiseva yeconsole (ebhekiselwa kuyo njengomamkeli wasekhohlo okanye waseKhaya) kufuneka ihambelane nocwangciso olungenisiweyo xa uqwalasela iRemote (Ekunene) umamkeli/isango okanye umxhasi wesoftware. Bona ku-http://www.opengear.com/faq.html ngeenkcukacha zokuqwalasela ezi ziphelo zikude
3.10 OpenVPN
I-ACM7000, CM7100, kunye ne-IM7200 ene-firmware V3.2 kwaye kamva ibandakanya i-OpenVPN. I-OpenVPN isebenzisa ilayibrari ye-OpenSSL ye-encryption, ukuqinisekiswa, kunye nesatifikethi, oku kuthetha ukuba isebenzisa i-SSL / TSL (I-Socket Socket / i-Transport Layer Security) yokutshintshiselana okubalulekileyo kwaye inokubethelela zombini idatha kunye nokulawula iziteshi. Ukusebenzisa i-OpenVPN ivumela ukwakhiwa kweqonga elinqamlezileyo, i-VPN yamanqaku ukuya kwindawo kusetyenziswa nokuba yi-X.509 PKI (i-Public Key Infrastructure) okanye uqwalaselo lwesiko. files. I-OpenVPN ivumela i-tunneling ekhuselekileyo yedatha ngokusebenzisa i-port ye-TCP / UDP enye kwinethiwekhi engakhuselekanga, ngaloo ndlela inikezela ukufikelela okukhuselekileyo kwiindawo ezininzi kunye nokulawula okukude okukhuselekileyo kwi-console server kwi-Intanethi. I-OpenVPN ikwavumela ukusetyenziswa kweedilesi ze-IP zeDynamic ngabo bobabini umncedisi kunye nomxhasi ngaloo ndlela ukubonelela ukuhamba kwabathengi. UmzekeloampLe, itonela ye-OpenVPN inokusekwa phakathi kokuzulazula windows umxhasi kunye neseva ye-Opengear console ngaphakathi kwiziko ledatha. Uqwalaselo lwe-OpenVPN lunokuba nzima ukuze i-Opengear ibonelele nge-GUI yojongano olusisiseko njengoko kuchaziwe ngezantsi. Ulwazi oluthe vetshe luyafumaneka ku-http://www.openvpn.net
3.10.1 Vula i-OpenVPN 1. Khetha i-OpenVPN kuthotho kunye nemenyu yeNethiwekhi
53

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
2. Cofa Yongeza kwaye ugqibezele i-OpenVPN Tunnel screen 3. Faka naliphi na igama elichazayo onqwenela ukulichonga iTunnel ye-OpenVPN oyongezayo, kuba ex.ample
INorthStOutlet-VPN
4. Khetha indlela yoqinisekiso eza kusetyenziswa. Ukuqinisekisa usebenzisa izatifikethi khetha i-PKI (iZatifikethi ze-X.509) okanye khetha uBumbeko lwesiSiko ukulayisha uqwalaselo lwesiko. files. Ulungelelwaniso lwesiko kufuneka lugcinwe kwi /etc/config.
QAPHELA Ukuba ukhetha i-PKI, misela: Isatifikethi esahlukileyo (esaziwa njengeqhosha likawonke-wonke). Esi Satifikethi File yi *.crt file chwetheza Isitshixo saBucala somncedisi kunye nomxhasi ngamnye. Eli Sitshixo saBucala File li *.isitshixo file uhlobo
Isiqinisekiso seSiqinisekiso seSiqinisekiso esiPhambili (CA) kunye nesitshixo esisetyenziselwa ukusayina iseva nganye
kunye nezatifikethi zomthengi. Esi Satifikethi se-CA seNgcambu si-*.crt file Uhlobo Lomncedisi, ungafuna kwakhona i-dh1024.pem (iiparamitha zeDiffie Hellman). Jonga ku-http://openvpn.net/easyrsa.html ngesikhokelo solawulo olungundoqo lwe-RSA. Ukufumana ezinye iindlela zokuqinisekisa bona http://openvpn.net/index.php/documentation/howto.html#auth.
5. Khetha iDriver Device eza kusetyenziswa, nokuba yiTun-IP okanye Tap-Ethernet. I-TUN (itonela yenethiwekhi) kunye ne-TAP (i-tap yenethiwekhi) abaqhubi ngabaqhubi benethiwekhi abaxhasayo abaxhasa i-IP tunneling kunye ne-Ethernet tunneling, ngokulandelanayo. I-TUN kunye ne-TAP ziyingxenye ye-Linux kernel.
6. Khetha nokuba yi-UDP okanye i-TCP njengeProtocol. I-UDP yeyona ndlela imiselweyo nethandwayo ye-OpenVPN. 7. Khangela okanye ungakhangeli iqhosha lokucinezela ukwenza okanye ukuvala ucinezelo. 8. KwiNdlela yeTonelo, khetha ukuba ngaba oku kuMxumi okanye kuMncedisi ekupheleni kwetonela. Xa ubaleka njenge
umncedisi, umncedisi we console uxhasa abathengi abaninzi abaqhagamshela kwiseva yeVPN kwizibuko elinye.
54

Incwadi yokusebenzisa
3.10.2 Misela njengeSeva okanye uMxumi
1. Gcwalisa iiNkcukacha zoMthengi okanye iiNkcukacha zeSeva ngokuxhomekeke kwiNdlela yeTunnel ekhethiweyo. o Ukuba uMthengi ukhethiwe, idilesi yeSeva ePhambili yidilesi ye-OpenVPN Server. o Ukuba umncedisi ukhethiwe, ngenisa idilesi ye IP Pool Network kunye ne IP Pool Network imaski ye IP Pool. Umsebenzi wothungelwano ochazwe yidilesi ye IP Pool Network/imaski isetyenziselwa ukunika iidilesi zokuqhagamshela abathengi.
2. Cofa u-Apply ukugcina utshintsho
55

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
3. Ukufaka izatifikethi zokungqinisisa kunye files, khetha i Lawula i-OpenVPN Files ithebhu. Layisha okanye ukhangele kwizatifikethi zoqinisekiso ezifanelekileyo kunye files.
4. Faka isicelo ukugcina utshintsho. Igciniwe files ziboniswe ngombala obomvu kwicala lasekunene leqhosha lokulayisha.
5. Ukwenza i-OpenVPN isebenze, Hlela itonela ye-OpenVPN
56

Incwadi yokusebenzisa
6. Jonga iqhosha le-Enebled. 7. Faka isicelo sokugcina utshintsho QAPHELA Qinisekisa ukuba ixesha lenkqubo yeseva ye-console lichanekile xa usebenza ne-OpenVPN ukuphepha
imiba yoqinisekiso.
8. Khetha i-Statistics kwi-Status menu ukuqinisekisa ukuba itonela iyasebenza.
57

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
3.10.3 Iklayenti le-Windows OpenVPN kunye nokuseta iSeva Eli candelo lichaza ukufakela kunye noqwalaselo lomthengi weWindows OpenVPN okanye iseva yeWindows OpenVPN kunye nokuseta uqhagamshelo lweVPN kwiseva yeconsole. Iiseva zeConsole zivelisa uqwalaselo lomxhasi weWindows ngokuzenzekelayo ukusuka kwi-GUI yeMfihlo ekwabelwana ngayo kwangaphambili (Isitshixo esimileyo FileUlungelelwaniso.
Ngenye indlela OpenVPN GUI yesoftware yeWindows (ebandakanya iphakheji ye-OpenVPN eqhelekileyo kunye neWindows GUI) inokukhutshelwa kwi-http://openvpn.net. Nje ukuba ifakwe kumatshini weWindows, i icon ye-OpenVPN yongezwa kwiNdawo yeSaziso ebekwe kwicala lasekunene lebar yomsebenzi. Cofa ekunene kule icon ukuze uqalise kwaye uyeke uqhagamshelo lweVPN, uhlele ulungelelwaniso, kunye view iinkuni.
Xa isoftware ye-OpenVPN iqala ukusebenza, iC: Inkqubo FilesVulaVPNifolda yoqwalaselo iskenelwe .opvn files. Olu lawulo lujongiwe kwakhona kuqwalaselo olutsha files nanini na i-icon ye-OpenVPN GUI icofa ekunene. Nje ukuba i-OpenVPN ifakiwe, yenza ulungelelwaniso file:
58

Incwadi yokusebenzisa

Usebenzisa umhleli wokubhaliweyo, yenza i-xxxx.ovpn file kwaye ugcine kwi C: Inkqubo FilesVulaVPNconfig. Umzekeloample, C: Inkqubo FilesVulaVPNconfigclient.ovpn
Umdalaample yoqwalaselo lomxhasi we-OpenVPN Windows file iboniswe ngezantsi:
# inkcazelo: IM4216_umxhasi proto udp isenzi 3 dev tun ekude 192.168.250.152 port 1194 ca c:\openvpnkeys\ca.crt cert c:\openvpnkeys\client.crt isitshixo c:\openvpnkeys nobindpersistkey-client. tun comp-lzo
Umdalaample yoqwalaselo lwe-OpenVPN Windows Server file iboniswe ngezantsi:
mncedisi isitshixo dh c:\openvpnkeys\dh.pem comp-lzo isenzi 10.100.10.0 syslog IM255.255.255.0_OpenVPN_Server
Umxhasi weWindows/uqwalaselo lomncedisi file iinketho zezi:

Iinketho #inkcazo: Umncedisi womxhasi proto udp proto tcp mssfix isenzi
dev tun dev tap

Inkcazelo Le yinkcazo echaza uqwalaselo. Imigca yezimvo iqala ngo`#' kwaye ayihoywa yi-OpenVPN. Cacisa ukuba oku kuya kuba ngumxhasi okanye uqwalaselo lomncedisi file. Kubumbeko lweseva file, chaza idili yedilesi ye-IP kunye ne-netmask. Umzekeloample, iseva 10.100.10.0 255.255.255.0 Cwangcisa iprotocol kwi-UDP okanye i-TCP. Umxhasi kunye nomncedisi kufuneka asebenzise useto olufanayo. I-Mssfix imisela ubungakanani bobungakanani bepakethi. Oku kuluncedo kuphela kwi-UDP ukuba kukho iingxaki.
Misela ilog file inqanaba le-verbosity. Inqanaba le-verbosity yelogi inokumiselwa ukusuka kwi-0 (ubuncinci) ukuya kwi-15 (ubuninzi). Umzekeloample, 0 = cwaka ngaphandle kweempazamo ezibulalayo 3 = isiphumo esiphakathi, ilungile kusetyenziso oluqhelekileyo 5 = inceda ngeengxaki zoxhulumaniso lwe-debugging 9 = i-verbose, igqwesileyo ekuxazululeni ingxaki Khetha `dev tun' ukwenza itonela ye-IP okanye `dev tap' ukuyila itonela ye-Ethernet. Umxhasi kunye nomncedisi kufuneka asebenzise useto olufanayo.

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi

kude Port Keepalive
http-proxy cafile igama>
isiqinisekisofile igama>
isitshixofile igama>
dhfile igama> Nobind qhubeka-isitshixo zingisa-tun cipher BF-CBC Blowfish (ehlala ikho) cipher AES-128-CBC AES cipher DES-EDE3-CBC Triple-DES comp-lzo syslog

Igama lenginginya/IP yeseva ye-OpenVPN xa isebenza njengomthengi. Ngenisa nokuba ligama lomamkeli we-DNS okanye idilesi ye-IP engatshintshiyo yomncedisi. I-UDP/TCP port yomncedisi. I-Keepalive isebenzisa i-ping ukugcina iseshoni ye-OpenVPN iphila. 'Keepalive 10 120′ pings rhoqo kwimizuzwana eyi-10 kwaye ucinga ukuba intanga ekude iphantsi ukuba akukho phing ifunyenweyo kwisithuba sexesha lesibini le-120. Ukuba ummeli uyafuneka ukufikelela kwiseva, ngenisa iseva engummeli yeDNS igama okanye i-IP kunye nenombolo yezibuko. Ngenisa isatifikethi se-CA file igama kunye nendawo. Isatifikethi se-CA esifanayo file ingasetyenziswa ngumncedisi kunye nabo bonke abathengi. Qaphela: Qinisekisa ukuba nganye ethi `' kuluhlu lwendlela endaweni yayo ithi ` \'. Umzekeloample, c:openvpnkeyssca.crt izakuba yi c:\openvpnkeys\ca.crt Ngenisa isiqinisekiso somthengi okanye somncedisi file igama kunye nendawo. Umxhasi ngamnye kufuneka abe nesatifikethi sakhe kunye nesitshixo files. Qaphela: Qinisekisa ukuba nganye ethi `' kuluhlu lwendlela endaweni yayo ithi ` \'. Ngena i file igama kunye nendawo yomxhasi okanye iqhosha lomncedisi. Umxhasi ngamnye kufuneka abe nesatifikethi sakhe kunye nesitshixo files. Qaphela: Qinisekisa ukuba nganye ethi `' kuluhlu lwendlela endaweni yayo ithi ` \'. Oku kusetyenziswa ngumncedisi kuphela. Ngenisa umendo weqhosha kunye neeparamitha zeDiffie-Hellman. `I-Nobind' isetyenziswa xa abaxumi benganyanzelekanga ukuba babophe idilesi yendawo okanye inombolo ethile yezibuko lendawo. Le yimeko kuqwalaselo oluninzi lomxhasi. Olu khetho lunqanda ukulayishwa kwakhona kwezitshixo ngapha kokuqaliswa kwakhona. Olu khetho lunqanda ukuvala kunye nokuvula kwakhona kwe-TUN/TAP izixhobo kwiindawo zokuqalisa kwakhona. Khetha i-cryptographic cipher. Umxhasi kunye nomncedisi kufuneka asebenzise useto olufanayo.
Yenza ucinezelo kwikhonkco le-OpenVPN. Oku kufuneka kwenziwe kubo bobabini umxhasi kunye nomncedisi. Ngokungagqibekanga, iilog zibekwe kwi syslog okanye, ukuba isebenza njengenkonzo kwi Window, kwiNkqubo FilesOpenVPNlog directory.

Ukuqalisa itonela ye-OpenVPN emva kokuyilwa komthengi/umncedisi files: 1. Cofa ekunene kwi icon ye-OpenVPN kwiNdawo yeSaziso 2. Khetha umxhasi osandula ukuyilwa okanye ubumbeko lweseva. 3. Cofa uQhagamshela

4. Ilog file iboniswa njengoko uxhulumaniso lusekiwe
60

Incwadi yokusebenzisa
5. Xa sele kuqalisiwe, i-icon ye-OpenVPN ibonisa umyalezo obonisa uqhagamshelo oluyimpumelelo kunye ne-IP eyabelwe. Olu lwazi, kunye nexesha uqhagamshelo lusekwe, luyafumaneka ngokuskrola kwi icon ye-OpenVPN.
3.11 PPTP VPN
Abancedisi beConsole baquka iPPTP (iPoint-to-Point-Point Tunnel Protocol) iseva. I-PPTP isetyenziselwa unxibelelwano ngekhonkco elibonakalayo okanye elibonakalayo. Isiphelo sePPP sichaza idilesi ye-IP enenyani kubo. Iindlela eziya kuthungelwano zingachazwa ngezi dilesi ze-IP njengesango, nto leyo ekhokelela ekuthunyelweni kwetrafikhi ngapha kwetonela. I-PPTP iseka itonela phakathi kweendawo zokugqibela zePPP kwaye ithutha ngokukhuselekileyo idatha kwitonela.
Amandla e-PPTP kukulula kwayo uqwalaselo kunye nokudityaniswa kwiziseko ezingundoqo zeMicrosoft. Isetyenziswa ngokubanzi ukudibanisa abaxumi beWindows ababodwa. Ukuba uthatha ikhompyuter yakho ephathwayo kuhambo lweshishini, ungacofa inombolo yendawo ukuze uqhagamshele kumboneleli wakho wenkonzo yofikelelo kwi-Intanethi (ISP) kwaye wenze uqhagamshelo lwesibini (itonela) kwinethiwekhi yeofisi yakho kwi-Intanethi kwaye ube nokufikelela okufanayo kweyakho. inethiwekhi yoshishino ngokungathi uqhagamshelwe ngqo kwi-ofisi yakho. Ii-Telecommuters zinokuseta itonela ye-VPN kwimodem yentambo okanye ikhonkco le-DSL kwi-ISP yabo yendawo.
61

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
Ukuseta uqhagamshelo lwePPTP kumxhasi weWindows kwisixhobo sakho seOpengear kunye nenethiwekhi yendawo:
1. Yenza kwaye uqwalasele iseva yePPTP yeVPN kwisixhobo sakho se-Opengear 2. Misela ii-akhawunti zomsebenzisi we-VPN kwisixhobo se-Opengear kwaye uvule ezifanelekileyo.
uqinisekiso 3. Qwalasela abathengi beVPN kwiindawo ezikude. Umxhasi akafuni isoftware ekhethekileyo njengoko
Iseva yePPTP ixhasa isoftware yomxhasi wePPTP esemgangathweni equkwa neWindows NT kwaye kamva 4. Qhagamshela kwindawo ekude VPN 3.11.1 Vula iPPTP iseva yeVPN 1. Khetha PPTP VPN kuthotho & Nethwekhi menu.
2. Khetha i Vumela ibhokisi yokukhangela ukwenza i-PPTP Server 3 isebenze. Khetha Ubuncinane bobuQinisekiso obufunekayo. Ufikelelo lwaliwe kubasebenzisi abakude abazama uku
qhagamshela usebenzisa inkqubo yoqinisekiso buthathaka kunodweliso olukhethiweyo. Ezi zicwangciso zichazwe ngezantsi, ukusuka kweyona inamandla ukuya kweyona ibuthathaka. · Uqinisekiso Olufihliweyo (MS-CHAP v2): Olona hlobo lunamandla longqinisiso olunokusetyenziswa; yi le
ukhetho olucetyiswayo · Uqinisekiso Olufihliweyo olubuthathaka (CHAP): Olu lolona hlobo lubuthathaka lwephasiwedi efihliweyo.
ukuqinisekiswa kokusetyenziswa. Akukhuthazwa ukuba abathengi baqhagamshelane usebenzisa oku njengoko kunika ukhuseleko oluncinci kakhulu lokugqitha. Kwakhona qaphela ukuba abathengi abaqhagamshela usebenzisa iCHAP abakwazi ukuguqulela ngokuntsonkothileyo itrafikhi
62

Incwadi yokusebenzisa
UQinisekiso Olungafihlwanga (PAP): Oku kukuqinisekisa ngokubhaliweyo okungenanto kwegama lokugqitha. Xa usebenzisa olu hlobo loqinisekiso, igama lokugqitha lomxhasi lihanjiswa lingafihlwanga.
· Akukho nanye 4. Khetha iNqanaba elifunekayo lofihlo. Ufikelelo lwaliwe kubasebenzisi abakude abazama ukuqhagamshela
ezingasebenzisiyo umgangatho wofihlo. 5. Kwidilesi yeNgingqi faka idilesi ye-IP ukunika isiphelo somncedisi woqhagamshelo lweVPN
unxibelelwano (umz. 192.168.1.10-20). Oku kufuneka kube yidilesi ye-IP yasimahla okanye uluhlu lweedilesi ezisuka kuthungelwano abathi abasebenzisi abakude babelwe ngelixa beqhagamshelwe kwisixhobo seOpengear 7. Faka ixabiso elinqwenelekayo leYunithi yoThumelo oluPhezulu (MTU) yojongano lwePPTP kwintsimi yeMTU (okungagqibekanga ukuya 1400) 8. Kumhlaba womncedisi we DNS, ngenisa idilesi ye IP yomncedisi we DNS enika iidilesi ze IP ukudibanisa abathengi be PPTP 9. Kwindawo yomncedisi we WINS, ngenisa idilesi ye IP yomncedisi we WINS onika iidilesi ze IP ukudibanisa umxhasi we PPTP. 10. Yenza i-Verbose Logging isebenze ukuncedisa kwiingxaki zoqhagamshelo lokulungisa ingxaki 11. Cofa Faka useto 3.11.2 Yongeza umsebenzisi wePPTP 1. Khetha Abasebenzisi & Amaqela kwimenyu yeSeri & Networks kwaye ugcwalise imihlaba njengoko igutyungelwe kwicandelo 3.2. 2. Qinisekisa ukuba iqela le-pptpd litshekishiwe, ukuvumela ukufikelela kwiseva yePPTP VPN. Qaphela - abasebenzisi kweli qela banamagama ayimfihlo agcinwe kwisicatshulwa esicacileyo. 3. Gcina inqaku legama lomsebenzisi kunye negama lokugqitha xa ufuna ukuxhuma kwi-VPN uxhumano 4. Cofa Faka isicelo
63

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
3.11.3 Seta i-remote PPTP client Qinisekisa ukuba i-PC yeklayenti ye-VPN ekude inoqhagamshelo lwe-Intanethi. Ukwenza uqhagamshelo lweVPN kwi-Intanethi, kufuneka usete uqhagamshelo lwenethiwekhi ezimbini. Olunye uqhagamshelo lolwe-ISP, kwaye olunye uqhagamshelo lolwetonela yeVPN kwisixhobo seOpengear. QAPHELA Le nkqubo iseka umxhasi wePPTP kwinkqubo yokusebenza yeWindows Professional. Amanyathelo
zingohluka kancinane ngokuxhomekeke kunikezelo lwakho lwenethiwekhi okanye ukuba usebenzisa enye inguqulelo ye Windows. Imiyalelo engaphezulu iyafumaneka kuMicrosoft web indawo. 1. Ngena kumxhasi wakho weWindows ngamalungelo omlawuli 2. Ukusuka kwiNethiwekhi & neZiko loKwabelana kwiPhaneli yoLawulo khetha uQhagamshelwano lomsebenzi womnatha kwaye wenze udibaniso olutsha.
64

Incwadi yokusebenzisa
3. Khetha Sebenzisa uQhagamshelwano lwam lwe-Intanethi (VPN) kwaye ngenisa idilesi ye-IP yesixhobo se-Opengear Ukuqhagamshela abaxhasi be-VPN ekude kwinethiwekhi yendawo, kufuneka wazi igama lomsebenzisi kunye negama lokugqitha kwiakhawunti ye-PPTP oyongezileyo, kunye ne-Intanethi ye-IP. idilesi yesixhobo sokuvula. Ukuba i-ISP yakho ayikunikanga dilesi yeIP engatshintshiyo, cinga ukusebenzisa inkonzo yeDNS eguqukayo. Kungenjalo kufuneka ulungise uqwalaselo lomxhasi wePPTP ngalo lonke ixesha idilesi yakho ye-IP yeIntanethi itshintsha.
65

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi

3.12 Fowunela uKhaya
Zonke iiseva ze-console ziquka i-Call Home feature eqala ukuseta itonela ye-SSH ekhuselekileyo ukusuka kwi-console server ukuya kwi-Opengear Lighthouse ephakathi. Umncedisi we-console ubhalisa njengomviwa kwi-Lighthouse. Nje ukuba yamkelwe apho iba ngumncedisi oLawulwayo weConsole.
I-Lighthouse ibeka iliso kwiSeva ye-Console eLawulwayo kunye nabalawuli banokufikelela kwi-Remote Managed Console Server nge-Lighthouse. Olu fikelelo luyafumaneka naxa iseva ye-console ekude isemva kwe-firewall yomntu wesithathu okanye ineedilesi ze-IP zabucala ezingenakushenxiswa.

PHAWULA

I-Lighthouse igcina isitshixo sikawonke-wonke esiqinisekisiweyo soqhagamshelo kwi-SSH nganye kwiiSeva zayo eziLawulwayo zeConsole. Olu nxulumano lusetyenziselwa ukubeka iliso, ukuqondisa kunye nokufikelela kwiiSeva eziLawulwayo zeConsole kunye nezixhobo ezilawulwayo eziqhagamshelwe kwiSeva yeConsole eLawulwayo.

Ukulawula iiSeva zeKhonsoli yeNdawo, okanye iiseva ze-console ezifikelelekayo kwi-Lighthouse, i-SSHconnections iqaliswe yi-Lighthouse.

Ukulawula iiSeva ze-Remote Console, okanye iiseva ze-console ezifakwe kwi-firewalled, zingasebenzi, okanye zingenakufikeleleka kwi-Lighthouse, uxhulumaniso lwe-SSH luqaliswa nguMlawuli we-ConsoleServer ngokusebenzisa uxhulumaniso lokuqala lwe-Call Home.

Oku kuqinisekisa unxibelelwano olukhuselekileyo, oluqinisekisiweyo kwaye yenza ukuba iiyunithi eziLawulwayo zeConsole Servers zisasazwe ekuhlaleni kwi-LAN, okanye ukude kwihlabathi jikelele.

3.12.1 Seta umgqatswa we-Call Home Ukuseta iseva ye-console njengomgqatswa wolawulo lwe-Call Home kwi-Lighthouse:
1. Khetha Fowunela eKhaya kwi Uthotho & Nenethiwekhi menu

2. Ukuba awukavelisi okanye ulayishe isitshixo se-SSH iperi yale seva ye-console, yenza njalo phambi kokuba uqhubeke.
3. Cofa Yongeza

4. Faka idilesi ye-IP okanye igama le-DNS (umzekelo idilesi yeDNS eguqukayo) yeLighthouse.
5. Faka iPassword oyilungisileyo kwi-CMS njenge-Call Home Password.
66

Incwadi yokusebenzisa
6. Cofa ku-Apply La manyathelo aqalise uQhagamshelwano lwaseKhaya lokuFowunela ukusuka kwiseva ye-console ukuya kwi-Lighthouse. Oku kudala izibuko le-SSHlistening kwi-Lighthouse kwaye icwangcisa iseva ye-console phezulu njengomgqatswa.
Nje ukuba umgqatswa amkelwe kwi-Lighthouse itonela ye-SSH kwiseva ye-console iphinda iqondiswe ngasemva ngapha koqhagamshelwano lweKhaya loMnxeba. Umncedisi we-console ube ngumncedisi oLawulwayo we-Console kwaye i-Lighthouse inokuxhuma kwaye ibeke iliso kulo tonela. 3.12.2 Yamkela umgqatswa we-Call Home njengoMlawuli we-Console Server kwi-Lighthouse Eli candelo linika ingcacisoview ekuqwalaseleni i-Lighthouse ukubeka iliso kwiiseva ze-Lighthouse eziqhagamshelwe ngeKhaya loMnxeba. Ukufumana iinkcukacha ezithe vetshe jonga iSikhokelo soMsebenzisi weLighthouse:
1. Faka iPassword yaseKhaya entsha kwiLighthouse. Eli gama lokugqithisa lisetyenziselwa ukwamkela
Fowunela uqhagamshelo lwasekhaya olusuka kwiiseva zekhonsoli yomgqatswa
2. I-Lighthouse inokuqhagamshelwa ngumncedisi we-console kufuneka nokuba ibe ne-IP engatshintshiyo
idilesi okanye, ifusing DHCP, imiliselwe ukusebenzisa inkonzo yeDNS eguqukayo
Uqwalaselo > Ulawulo lweConsole Servers screen kwiLighthouse ibonisa ubume be
Local andremote Managed Console Servers kunye nabaviwa.
Icandelo labaSebenzi beConsole eLawulayo libonisa abancedisi beconsole ababekwe esweni yi
I-Lighthouse.Icandelo le-Detected Console Servers liqulathe:
o Iiseva zeKhonsoli yaseKhaya idrophu-ezantsi edwelisa zonke iiseva zeconsole ezikwi
i-subnet efanayo ne-Lighthouse, kwaye ayijongwa
67

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
o I-Remote Console Servers drop-down edwelisa zonke iiseva zeconsole eziseke uQhagamshelwano lwaseKhaya lokufowuna kwaye azijongwanga (okt abaviwa). Ungacofa uHlaziya ukuhlaziya
Ukongeza umgqatswa weseva ye-console kuluhlu lweSeva eLawulwayo ye-Console, yikhethe kuluhlu oluhlayo lwe-Remote Console kwaye ucofe Yongeza. Ngenisa idilesi ye-IP kunye ne-SSH Port (ukuba le mihlaba ayigqitywanga ngokuzenzekelayo) kwaye ungenise iNkcazelo kunye neGama elahlukileyo lomncedisi weConsole eLawulwayo oyongezayo.
Ngenisa Igama Lokugqithisa leNgcambu ekude (okt Igama Lokugqithisa leNdlela elisekiweyo kule seva yeConsole eLawulayo). Le phasiwedi isetyenziswa yiLighthouse ukusasaza izitshixo ze-SSH ezenziwe ngokuzenzekelayo kwaye azigcinwa. Cofa Faka. I-Lighthouse imisela udibaniso olukhuselekileyo lwe-SSH ukuya kunye nokusuka kwiSeva eLawulwayo yeConsole kwaye ifumana kwakhona iZixhobo zayo eziLawulwayo, iinkcukacha zeakhawunti yomsebenzisi kunye nezilumkiso eziqwalaselweyo. ungaqwalasela useto oluPhezulu: · Ngena kwiSibuko somncedisi we-SSH kunye noMsebenzisi we-SSH. · Faka iinkcukacha zezibuko le-SSH ukuya phambili ukuze liyile
Ngokukhetha umncedisi wokuMamela, ungenza izibuko eKude ukuya phambili ukusuka kumncedisi ukuya kule yunithi, okanye izibuko leNgingqi ukuya phambili ukusuka kule yunithi ukuya kumncedisi:
68

Incwadi yokusebenzisa
· Cacisa iZibuko lokuMamela ukuya phambili ukusuka, shiya lo mmandla ungenanto ukunika izibuko elingasetyenziswanga.
3.13 IP Ukugqitha
IP Passthrough isetyenziselwa ukwenza uqhagamshelo lwemodem (umz. imodem yeselula yangaphakathi) ibonakale njengoqhagamshelo lwe-Ethernet oluqhelekileyo kwirutha yomntu wesithathu ezantsi, evumela irutha esezantsi ukuba isebenzise uqhagamshelo lwemodem njengojongano olusisiseko okanye olugcina i-WAN.
Isixhobo se-Oongear sibonelela ngedilesi ye-IP yemodem kunye neenkcukacha ze-DNS kwisixhobo esisezantsi kwi-DHCP kwaye sidlula i-traffic yenethiwekhi ukuya kunye nokusuka kwimodem kunye ne-router.
Ngelixa i-IP Passthrough ijika i-Opengear ibe yi-modem-to-Ethernet ibhulorho yesiqingatha, ezinye iinkonzo ze-4 (HTTP/HTTPS/SSH) zinokupheliswa kwi-Opengear (Ii-Intercepts zeNkonzo). Kwakhona, iinkonzo ezisebenza kwi-Opengear zinokuqalisa uqhagamshelo oluphuma ngaphandle oluzimeleyo kwirutha esezantsi.
Oku kuvumela i-Opengear ukuba iqhubeke isetyenziselwa ukulawula ngaphandle kwebhendi kunye nokulumkisa kwaye iphinde ilawulwe nge-Lighthouse, ngelixa i-IP Passthrough mode.
3.13.1 Ukuseta i-Downstream Router Ukusebenzisa uxhulumaniso lwe-failover kwi-router esezantsi (i-aka Failover kwi-Cellular okanye i-F2C), kufuneka ibe ne-WAN interfaces ezimbini okanye ngaphezulu.
QAPHELA I-Failover kumxholo we-IP Passthrough yenziwa yi-router esezantsi, kunye ne-built-in-out-ofband ye-failover logic kwi-Opengear ayifumaneki ngelixa i-IP Passthrough mode.
Qhagamshela ujongano lwe-Ethernet WAN kwirutha esezantsi kumdibaniso weNethiwekhi ye-Opengear okanye izibuko loLawulo lwe-LAN ngentambo ye-Ethernet.
Qwalasela olu jongano kwirutha esezantsi ukuze ufumane useto lwenethiwekhi ngeDHCP. Ukuba i-failover iyadingeka, lungiselela i-router esezantsi ye-failover phakathi kojongano oluphambili kunye ne-Ethernet port eqhagamshelwe kwi-Opengear.
3.13.2 IP Passthrough Pre-Configuration Prerequisite amanyathelo okwenza i-IP Passthrough isebenze ngala:
1. Qwalasela i-Network Interface kwaye apho kufanelekileyo ujongano loLawulo lwe-LAN kunye nezicwangciso zenethiwekhi ezimileyo. · Cofa uthotho & Nenethiwekhi > IP. · Kunxibelelwano lweNethiwekhi kwaye apho kufanelekileyo uLawulo lwe-LAN, khetha i-Static yeNdlela yoLungiso kwaye ufake iisetingi zenethiwekhi (bona icandelo elinesihloko esithi Network Configuration ngemiyalelo eneenkcukacha). · Kujongano oluqhagamshelwe kwirutha esezantsi, unokukhetha nayiphi na inethwekhi yabucala ezinikeleyo le nethwekhi ikhona kuphela phakathi kwe-Opengear kunye nerutha esezantsi kwaye ayiqhelekanga ukufikeleleka. · Kolunye ujongano, yiqwalasele ngendlela obuya kwenza ngayo ngokwesiqhelo kumsebenzi womnatha wobulali. · Kuyo yomibini imidibaniso, shiya iGateway ingenanto.
2. Qwalasela imodem kwimowudi eSoloko ikwi-Off-of-band.
69

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
· Xa ufuna uqhagamshelo lweselula, cofa iSistim > Ukucofa: Imodem yeSellula yangaphakathi. · Khetha Vulele uDial-Out kwaye ufake iinkcukacha zenkampani ezifana ne-APN (jonga icandelo leModem yeSelula
Uqhagamshelwano lwemiyalelo eneenkcukacha). 3.13.3 IP Passthrough Configuration Ukumisela i-IP Passthrough:
· Cofa uthotho kunye neNethiwekhi> IP Passthrough kwaye ujonge Vumela. · Khetha iModem yeOpengear oza kuyisebenzisela uqhagamshelo phezulu. Ngokhetho, ngenisa idilesi ye-MAC yojongano oludityanisiweyo lwerutha esezantsi. Ukuba idilesi ye-MAC i
ayichazwanga, iOpengear iyakugqitha kwisixhobo sokuqala esisezantsi sicela idilesi yeDHCP. · Khetha iOpengear Ethernet Interface oza kuyisebenzisela uqhagamshelo kwirutha esezantsi.
· Cofa Faka. 3.13.4 IMithitho yeNkonzo Oku kuvumela iOpengear ukuba iqhubeke nokubonelela ngeenkonzo, umzekeloample, kulawulo olungaphandle kwebhendi xa ikwimowudi ye-IP Passthrough. Uqhagamshelo kwidilesi yemodem kwi(s) ekhankanyiweyo yothintelo iphathwa yiOpengear kunokuba igqithe kwirutha esezantsi.
· Ngenkonzo efunekayo yeHTTP, HTTPS okanye iSSH, khangela Yenza · NgokuKhetha guqula kancinane iPort yokuThintela kwelinye izibuko (umzekelo 8443 yeHTTPS), oku kuluncedo ukuba
ufuna ukuqhubeka ukuvumela i-router esezantsi ukuba ihlale ifikeleleka ngezibuko layo eliqhelekileyo. 3.13.5 IP Imo yokuGqibela ngokutsha Hlaziya iphepha ukuze view icandelo leSimo. Ibonisa idilesi ye-IP yangaphandle ye-modem, idilesi ye-MAC yangaphakathi ye-router esezantsi (ehlala kuphela xa i-router esezantsi iyamkela i-DHCP yokuqeshisa), kunye nesimo esisebenzayo senkonzo ye-IP Passthrough. Unokwaziswa kwimeko ye-failover ye-router esezantsi ngokuqwalasela ukuSetyenziswa kweNgcaciso yeNgcaciso phantsi kwe-Alerts & Logging> Ukuphendula okuzenzekelayo. 3.13.6 Izilumkiso Ezinye iirotha ezisezantsi zinokungahambelani nendlela yesango. Oku kunokwenzeka xa i-IP Passthrough ibhula inethiwekhi yeselula ye-3G apho idilesi yesango idilesi yendawo ukuya kwindawo kwaye akukho lwazi lwe-subnet lukhoyo. I-Opengear ithumela i-DHCP netmask ye-255.255.255.255. Izixhobo zihlala zithatha oku njengendlela enye yomamkeli kujongano, kodwa ezinye izixhobo ezindala ezisezantsi zinokuba nemiba.
70

Incwadi yokusebenzisa
Ungenelelo kwiinkonzo zasekuhlaleni aziyi kusebenza ukuba iOpengear isebenzisa indlela engagqibekanga ngaphandle kwemodem. Kwakhona, abayi kusebenza ngaphandle kokuba inkonzo ivuliwe kwaye ukufikelela kwinkonzo kunikwe amandla (jonga iSistim > Iinkonzo, phantsi kwethebhu yokuFikelela kwiNkonzo fumana iDialout/Cellular).
Uqhagamshelo oluphumayo olusuka kwi-Oongear ukuya kwiinkonzo ezikude ziyaxhaswa (umzekelo, ukuthumela izilumkiso ze-imeyile ze-SMTP, i-SNMP traps, ukufumana ixesha le-NTP, i-IPSec tonela). Kukho umngcipheko omncinci wokusilela koxhulumaniso kufuneka zombini iOpengear kunye nesixhobo esisezantsi zizame ukufikelela kwi UDP efanayo okanye izibuko le TCP kwinginginya ekude ngexesha elinye xa zikhethe ngokungenamkhethe inombolo yezibuko yobulali efanayo.
3.14 Ulungelelwaniso phezu kweDHCP (ZTP)
Izixhobo zokuvula zinokubonelelwa ngexesha lokuqala kwazo kwi-DHCPv4 okanye i-DHCPv6 iseva usebenzisa i-config-over-DHCP. Ukubonelela kwiinethiwekhi ezingathembekanga kunokuququzelelwa ngokubonelela ngezitshixo kwi-USB flash drive. Ukusebenza kwe-ZTP kungasetyenziselwa ukwenza uphuculo lwe-firmware ekuxhumekeni kokuqala kwinethiwekhi, okanye ukubhalisa kumzekelo we-Lighthouse 5.
Ulungiselelo Amanyathelo aqhelekileyo oqwalaselo phezu komsebenzi womnatha othembekileyo ngala:
1. Qwalasela imodeli efanayo yesixhobo se-Ongegear. 2. Gcina uqwalaselo lwayo njengogcino lweOpengear (.opg) file. 3. Khetha Isistim > Ugcino lwesimo > Ugcino olukude. 4. Cofa Gcina i-Backup. Uqwalaselo logcino file — imodeli-name_iso-format-date_config.opg — ikhutshelwa kwisixhobo seOpengear kwisixokelelwano sasekhaya. Ungagcina uqwalaselo njenge xml file: 1. Khetha Isixokelelwano > Ugcino lwesimo > Ubumbeko lwe-XML. Indawo ehlelekayo equlathe i
uqwalaselo file ngefomathi ye-XML iyavela. 2. Cofa ebaleni ukuyenza isebenze. 3. Ukuba usebenzisa nasiphi na isikhangeli kwiWindows okanye kwiLinux, cofa ekunene uze ukhethe Khetha Konke kwi
imenyu yomxholo okanye cinezela Control-A. Cofa ekunene kwaye ukhethe Khuphela kwimenyu yomxholo okanye ucinezele uLawula-C. 4. Ukuba usebenzisa nasiphi na isikhangeli kwi-macOS, khetha Hlela > Khetha Konke okanye ucinezele Umyalelo-A. Khetha Hlela > Khuphela okanye ucinezele Umyalelo-C. 5. Kumhleli okhethiweyo wokubhaliweyo, yenza uxwebhu olutsha olungenanto, ncamathelisa idatha ekhutshelweyo kuxwebhu olungenanto kwaye ugcine file. Noba yintoni file-igama olikhethayo, kufuneka liquke i-.xml fileisimamva segama. 6. Kopa egciniweyo .opg okanye .xml file kulawulo olujongene noluntu kwi a file iseva ekhonza ubuncinane enye kwezi protocols zilandelayo: HTTPS, HTTP, FTP okanye TFTP. (I-HTTPS kuphela enokusetyenziswa ukuba unxibelelwano phakathi kwe file umncedisi kunye nesixhobo esiza-- siqwalaselwe i-Opengear ihamba phezu kwenethiwekhi engathenjwa. 7. Qwalasela iseva yakho ye-DHCP ukuquka `umthengisi othile' ukhetho lwezixhobo ze-Opengear. (Oku kuyakwenziwa ngomncedisi we-DHCP ngendlela ethile.) Umthengisi ukhetho oluthile kufuneka lumiselwe kuluhlu oluqulathe URL ye-.opg epapashiweyo okanye .xml file kwinyathelo elingasentla. Umtya wokukhetha mawungadluli oonobumba abangama-250 kwaye kufuneka uphele nge-.opg okanye .xml.
71

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
8. Qhagamshela isixhobo esitsha se-Opengear, nokuba kusetwa ngokutsha kwasefektri okanye i-Config-Erased, kwinethiwekhi kwaye usebenzise amandla. Kungathatha ukuya kwimizuzu emi-5 ukuba isixhobo siziqalele ngokutsha.
Example ISC DHCP (dhcpd) uqwalaselo lomncedisi
Oku kulandelayo yi-example DHCP iqhekeza loqwalaselo lomncedisi wokusebenzela i .opg yoqwalaselo umfanekiso nge ISC DHCP iseva, dhcpd:
ukhetho indawo yokuvula ikhowudi ububanzi 1 ubude ububanzi 1; ukhetho opengear.config-url ikhowudi 1 = umbhalo; iklasi "opengear-config-over-dhcp-test" {
Tshatisa ukuba ukhetho lomthengisi-udidi-isazisi ~~ “^Opengear/”; umthengisi-ukhetho-indawo yokuvula; ukhetho opengear.config-url "https://example.com/opg/${class}.opg”; }
Olu cwangciso lunokuguqulwa ukuphucula umfanekiso woqwalaselo usebenzisa i-opengear.image-url ukhetho, kunye nokubonelela nge-URI kumfanekiso we-firmware.
Cwangcisa xa i-LAN ingathenjwanga Ukuba udibaniso phakathi kwe file umncedisi kunye nesixhobo se-Oongear esiza kuqwalaselwa sibandakanya inethiwekhi engathembekanga, indlela yezandla ezibini inokunciphisa umba.
QAPHELA Le ndlela yazisa amanyathelo abonakalayo amabini apho ukuthembana kunokuba nzima, okanye akunakwenzeka, ukuseka ngokupheleleyo. Okokuqala, ikhonkco lokugcinwa ukusuka ekudalweni kwedatha ye-USB flash drive ukuya ekuhanjisweni kwayo. Okwesibini, izandla ezidibanisa i-USB flash drive kwisixhobo se-Opengear.
· Yenza isatifikethi se-X.509 sesixhobo se-Opengear.
· Nxulumanisa isatifikethi kunye nesitshixo saso sabucala sibe sisodwa file igama client.pem.
· Kopa client.pem kwi-USB flash drive.
Seta iseva yeHTTPS ukuze ufikelelo kwi-.opg okanye .xml file ithintelwe kubaxhasi abanokubonelela ngesiqinisekiso somthengi we-X.509 esenziwe ngasentla.
· Beka ikopi yesatifikethi ye-CA esayine isatifikethi somncedisi we-HTTP — ca-bundle.crt — kwi-USB flash drive ethwele client.pem.
Faka i-USB flash drive kwisixhobo seOpengear phambi kokuba uncamathisele umbane okanye inethiwekhi.
· Qhubeka nenkqubo ukusuka `Khuphela okugciniweyo .opg okanye .xml file kulawulo olujongene noluntu kwi a file umncedisi' ngaphezulu usebenzisa umthetho olandelwayo weHTTPS phakathi komxhasi kunye nomncedisi.
Lungisa idrayivu ye-USB kwaye wenze isatifikethi se-X.509 kunye nesitshixo sabucala
· Veza isatifikethi se-CA ukuze umxhasi kunye nomncedisi weZicelo zokuSayina iziQinisekiso (CSRs) zisayinwe.
# cp /etc/ssl/openssl.cnf. # mkdir -p exampleCA/newcerts # echo 00 > exampleCA/serial # echo 00 > exampleCA/crlnumber # touch exampleCA/index.txt # openssl genrsa -out ca.key 8192 # openssl req -new -x509 -days 3650 -key ca.key -out demoCA/cacert.pem
-subj /CN=EksampleCA # cp demoCA/cacert.pem ca-bundle.crt
Le nkqubo yenza isatifikethi esibizwa ngokuba yi-ExampI-leCA kodwa naliphi na igama lesatifikethi elivumelekileyo linokusetyenziswa. Kwakhona, le nkqubo isebenzisa openssl ca. Ukuba umbutho wakho uneshishini-ngokubanzi, inkqubo yokuvelisa i-CA ekhuselekileyo, ekufuneka isetyenziswe endaweni yoko.
72

Incwadi yokusebenzisa
· Yenza isatifikethi somncedisi.
# openssl genrsa -out server.key 4096 # openssl req -new -key server.key -out server.csr -subj /CN=demo.example.com # openssl ca -days 365 -in server.csr -out server.crt
-isitshixofile i-ca.key -umgaqo-nkqubo_nantoni na -ibhetshi -nombhalo
QAPHELA Igama lenginginya okanye idilesi ye-IP kufuneka ibe ngumtya ofanayo osetyenziswa ekunikezeni URL. Kwi exampLe ngasentla, igama lomamkeli yi-demo.example.com.
· Veza isatifikethi somthengi.
# openssl genrsa -out client.key 4096 # openssl req -new -key client.key -out client.csr -subj /CN=ExampleClient # openssl ca -days 365 -in client.csr -out client.crt
-isitshixofile ca.key -umgaqo-nkqubo_nantoni na -ibhetshi -nombhalo # ikati client.key client.crt > client.pem
· Fometha i-USB flash drive njengomthamo omnye weFAT32.
· Hambisa i client.pem kunye ne-ca-bundle.crt files kulawulo lweengcambu ze-flash drive.
Ukulungisa imiba ye-ZTP Sebenzisa umsebenzi welog ye-ZTP ukulungisa ingxaki ye-ZTP. Ngelixa isixhobo sizama ukwenza imisebenzi ye-ZTP, ulwazi lwelogi lubhalelwa ku/tmp/ztp.log kwisixhobo.
Oku kulandelayo yi-example yelog file ukusuka kwi-ZTP eyimpumelelo.
# ikati /tmp/ztp.log Wed Dec 13 22:22:17 UTC 2017 [5127 isaziso] odhcp6c.eth0: ukubuyisela config ngeDHCP Wed Dec 13 22:22:17 UTC 2017 [5127 isaziso] odhcp6 ukulinda 0. ukuze inethiwekhi ihlaliswe Wed Dec 10 13:22:22 UTC 27 [2017 isaziso] odhcp5127c.eth6: NTP yeqa: akukho mncedisi Wed Dec 0 13:22:22 UTC 27 [2017 info] odhcp5127c.ethc.6 = abathengisi ' http://[fd0:1:07:2218::1350]/tftpboot/config.sh' Wed Dec 44 1:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec.6 (n/a) Wed Dec 0 2:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec.6 (n/a) Wed Dec 0 3:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec.6. ) Wed Dec 0 4:13:22 UTC 22 [27 info] odhcp2017c.eth5127: vendorspec.6 (n/a) Wed Dec 0 5:13:22 UTC 22 [28 info] odhcp2017c.ethc.5127 (abathengisi) / a) Wed Dec 6 0:6:13 UTC 22 [22 info] odhcp28c.eth2017: akukho firmware ukukhuphela (vendorspec.5127) backup-url: uzama http://[fd07:2218:1350:44::1]/tftpboot/config.sh … backup-url: ukunyanzela wan imowudi yoqwalaselo DHCP backup-url: ukuseta igama lomamkeli kwi-acm7004-0013c601ce97 backup-url: umthwalo uphumelele Wed Dec 13 22:22:36 UTC 2017 [5127 isaziso] odhcp6c.eth0: ngempumelelo config umthwalo Wed Dec 13 22:22:36 UTC 2017 [5127 info] odhcp6c.eth0: akukho lighthouse uqwalaselo/3 uqwalaselo. 4/5/6) Wed Dec 13 22:22:36 UTC 2017 [5127 isaziso] odhcp6c.eth0: ubonelelo lugqityiwe, aluqalisi ngokutsha
Iimpazamo zirekhodwa kule log.
3.15 Ukubhaliswa kwi-Lighthouse
Sebenzisa uBhaliso kwi-Lighthouse ukubhalisa izixhobo ze-Oongear kumzekelo we-Lighthouse, ukubonelela ngofikelelo oluphakathi kwi-console port, kunye nokuvumela ukucwangciswa okuphakathi kwezixhobo ze-Opengear.
Jonga iSikhokelo soMsebenzisi weLighthouse ngemiyalelo yokubhalisa izixhobo zeOpengear kwiLighthouse.
73

Isahluko sesi-3: I-Serial Port, Isixhobo kunye noBumbeko boMsebenzisi
3.16 Vula i-DHCPv4 Relay
Inkonzo ye-DHCP yokudlulisela phambili iipakethi ze-DHCP phakathi kwabaxhasi kunye neeseva ezikude ze-DHCP. Inkonzo ye-DHCP yokudlulisela inokwenziwa kwi-Opengear console iseva, ukwenzela ukuba imamele abathengi be-DHCP kwi-interfaces echongiweyo esezantsi, isonge kwaye idlulisele imiyalezo yabo ukuya kumaseva e-DHCP isebenzisa nokuba yindlela eqhelekileyo, okanye isasazwe ngokuthe ngqo kujongano olunyuliweyo oluphezulu. I-arhente yokudlulisela i-DHCP ngoko ke ifumana imiyalezo ye-DHCP kwaye ivelise umyalezo omtsha we-DHCP ukuze ithunyelwe kwenye indawo. Kumanyathelo angezantsi, iiseva ze-console zinokuxhuma kwii-circuit-ids, i-Ethernet okanye iimodem zeeseli usebenzisa i-DHCPv4 Relay service.
I-DHCPv4 Relay + I-DHCP Option 82 (i-id yesekethe) I-Infrastructure - Iseva ye-DHCP yendawo, i-ACM7004-5 yokubuyisela, naziphi na ezinye izixhobo kubaxhasi. Nasiphi na isixhobo esinendima ye-LAN sinokusetyenziswa njenge-relay. Kule example, i-192.168.79.242 yidilesi yojongano oludityanisiweyo lomthengi (njengoko kuchaziwe kuqwalaselo lomncedisi we-DHCP file ngasentla) kunye ne-192.168.79.244 yidilesi yojongano oluphezulu lwebhokisi yebhokisi, kwaye enp112s0 lujongano olusezantsi lomncedisi weDHCP.
1 Infrastructure – DHCPv4 Relay + DHCP Option 82 (circuit-id)
Amanyathelo kwi-DHCP Server 1. Cwangcisa iseva ye-DHCP v4 yendawo, ngokukodwa, kufuneka iqulathe ungeniso “lomkhosi” njengoko lungezantsi kumxhasi weDHCP: host cm7116-2-dac { # hardware ethernet 00:13:C6:02:7E :41; i-agent-identifier option.circuit-id "relay1"; idilesi esisigxina 192.168.79.242; } Qaphela: umgca we-"hardware ethernet" uvaliwe, ukwenzela ukuba umncedisi we-DHCP asebenzise "i-id yesekethe" ukunika idilesi kumxhasi ofanelekileyo. 2. Qala kwakhona i-DHCP Server ukuze uphinde ulayishe ubumbeko lwayo obutshintshileyo file. pkill -HUP dhcpd
74

Incwadi yokusebenzisa
3. Yongeza ngesandla indlela yenginginya kumxhasi “ujongano olugqithiselweyo” (ujongano ngasemva kwe-DHCP relay, hayi olunye ujongano umxhasi anokuba nalo:
Indlela ye-sudo ip yongeza 192.168.79.242/32 nge-192.168.79.244 dev enp112s0 Oku kuya kunceda ukunqanda umba wendlela ye-asymmetric xa umxhasi kunye nomncedisi we-DHCP befuna ukufikelela kwenye ngojongano oludityanisiweyo lomxhasi, xa umxhasi enolunye ujongano ngendlela efanayo. i-subnet ye-DHCP idilesi pool.
Qaphela: Eli nyathelo liyimfuneko ukuxhasa iseva ye-dhcp kunye nomxhasi okwaziyo ukufikelela omnye komnye.
Amanyathelo kwibhokisi ye-Relay - ACM7004-5
1. Cwangcisa i-WAN/eth0 nokuba kwimo emileyo okanye ye-dhcp (hayi indlela engamiselwanga). Ukuba ikwimo engatshintshiyo, kufuneka ibe nedilesi ye-IP ngaphakathi kwendawo yedilesi yomncedisi we-DHCP.
2. Faka olu lungiselelo nge-CLI (apho 192.168.79.1 idilesi yeseva ye-DHCP)
config -s config.services.dhcprelay.enabled=on config -s config.services.dhcprelay.lowers.lower1.circuit_id=relay1 config -s config.services.dhcprelay.lowers.lower1.role=lan config.services .dhcprelay.lowers.total=1 config -s config.services.dhcprelay.servers.server1=192.168.79.1 config -s config.services.dhcprelay.servers.total=1 config -s config.services.dhcprelay.uppers.upper1 .role=wan config -s config.services.dhcprelay.uppers.total=1
3. I-interface esezantsi ye-DHCP relay kufuneka ibe nedilesi ye-IP engatshintshiyo ngaphakathi kwendawo yedilesi yomncedisi we-DHCP. Kule example, giaddr = 192.168.79.245
config -s config.interfaces.lan.address=192.168.79.245 config -s config.interfaces.lan.mode=static config -s config.interfaces.lan.netmask=255.255.255.0 config -d config.interfaces.lan.disabled -r ipconfig
4. Lindela ixesha elifutshane ukuba umxhasi afumane i-DHCP yokuqeshisa nge-relay.
Amanyathelo kuMthengi (CM7116-2-dac kule example okanye nayiphi na enye i-OG CS)
1. Qhagamshela iLAN/eth1 yomxhasi kwiLAN/eth1 2. Qwalasela i-LAN yomxhasi ukufumana idilesi ye-IP ngeDHCP njengesiqhelo 3. Kanye iclie

Amaxwebhu / Izibonelelo

opengear ACM7000 Remote Site Gateway [pdf] Incwadi yokusebenzisa
I-ACM7000 iSango leSango elikude, i-ACM7000, iSango leSango elikude, iSango leSango, iSango

Iimbekiselo

Incwadi yokusebenzisa

opengear ACM7000 Remote Site Gateway

Ulwazi lweMveliso

Imiyalelo yokusetyenziswa kwemveliso

Ii-FAQs

Le ncwadana

Uqwalaselo lweNkqubo

Uthotho lwezibuko, Umamkeli, Isixhobo kunye noqwalaselo lomsebenzisi

Amaxwebhu / Izibonelelo

Iimbekiselo

Shiya uluvo

Rhoxisa impendulo