Lantronix SLC 8000 Advanced Console Manager User Guide - Page 100
Forwarding Connections Commands, VPN Settings
View all Lantronix SLC 8000 Advanced Console Manager manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 100 highlights
6: Basic Parameters IP Address The IP address to route the traffic to. Outgoing TCP Port The TCP port to route the traffic to. This should be a TCP port that is open and listening on the device. 3. To create a new connection, click Create New Connection. Return to the Forwarding page, the new connection will be shown in the Current Forwarding Connections table at the bottom. Note: In the CLI "show connections" output, an extra SSH In connection to the console manager will be shown for each forwarding connection - this is the SSH tunnel for the port forwarding connection. 4. To edit an existing connection, click the checkbox in the right column in the Current Forwarding Connections table. This will fill in the text fields at the top with the current settings. Change the settings as needed and then click Configure. This will tear down the current connection and restart it with the new settings. After returning to the Forwarding page, the updated connection will be shown in the Current Forwarding Connections table at the bottom. The connection will persist across reboots until it is terminated. 5. To terminate an existing connection, click the checkbox in the right column in the Current Forwarding Connections table. Select the Keep Connection checkbox to suspend the connection (it can be restarted later using the Restart button). Click Terminate. This will tear down and remove the connection. Forwarding Connections Commands Go to Connection Commands to view CLI commands which correspond to the web page entries described above. VPN Settings This page can be used to create a Virtual Private Network (VPN) tunnel to the SLC unit for secure communication between the SLC and a remote host or gateway. The SLC unit supports IPSec tunnels using Encapsulated Security Payload (ESP). The SLC supports host-to-host, net-to-net, host-to-net, and roaming user tunnels. Note: To allow VPN tunnel access if the SLC firewall is enabled, traffic to UDP ports 500 and 4500 from the remote host should be allowed, as well as protocol ESP from the remote host. The SLC provides a strongSwan-based VPN implementation (version 5.6.3). The SLC UI provides access to a subset of the strongSwan configuration options, and also allows upload of a custom ipsec.conf file, which gives an administrator access to most strongSwan configuration options. For more information on strongSwan, see https://www.strongswan.org and the strongSwan FAQ. A list of Internet Key Exchange IKEv1 and IKEv2 cipher suites is available on the strongSwan Wiki. NAT Traversal is handled automatically without any special configuration. VPN related routes are installed in a separate table and can be viewed in the detailed VPN status or in the IP Routes table. When a tunnel is up, the amount of data passed through the tunnel can be viewed in the status with the bytes_i (bytes input) and bytes_o (bytes output) counters. An example of the VPN status is below (the status will vary depending on the authentication, subnets and algorithms used). For example, the status displays the IP addresses on either side of the tunnel (192.168.1.103 and SLC™ 8000 Advanced Console Manager User Guide 100