Lantronix SRA Series CLI Reference PDF 1.47 MB - Page 5

Lantronix Secure Remote Access (SRA) CLI Reference Product Description The Lantronix Secure Remote Access (SRA) solution creates a secure tunnel to provide a bidirectional communication channel from a Network Operations Center (NOC) to a Remote Site. The solution generally does not require configuration changes to the Remote Site Firewall. The Remote Access Device (RAD) is located at a Remote Site and initiates a connection with the Management Access Portal (MAP) located at the NOC or Host Site. Once the tunnel is established, the Network Administrator at the NOC can connect via VPN over the tunnel to devices in the same network as the Remote Access Device, or through Port Forwarding to any device the RAD can address. SRA provides the capability for a Network Managed Services company or Integrator team to configure and monitor network devices at an end-user customer site with minimal interaction with the remote network. Note that when using VPN mode, the IP addresses at the Remote Site and the NOC or Host Site cannot overlap (i.e., must be on different networks (sub-networks)). For More Information For Lantronix Drivers, Firmware, etc. go to the Product Support webpage (logon required). For Lantronix Manuals, Brochures, Data Sheets, etc. go to the Support Library (no logon required). Related Manuals include: • Secure Remote Access (SRA) Quick Start Guide, 33837 • Secure Remote Access (SRA) Install Guide, 33838 • Secure Remote Access (SRA) CLI Reference, 33839 • Release Notes (version specific) SRA - Secure Remote Access for Configuration and Monitoring SRA provides the capability for the Integrator team to configure and monitor network devices at an end user customer site with minimal interaction with the remote network. • Uses a WebSocket tunnel over port 443 to provide a secure bidirectional communication channel. • Does not require configuration changes to the Firewall as port 443 is open for https traffic. • WebSocket Client at End Customer Site can either: o Initiate the connection to the WebSocket server at the host and keep the connection up, or: o Poll the WebSocket Server on the Appliance at the Integrator to see if it needs to communicate with the End customer network, then establish the WebSocket tunnel for as long as it is needed, then close the connection. • Once the WebSocket tunnel is established, the Network Administrator can log into the VPN server on the appliance at the End customer site and manage the devices accessible in that network. • VPN connection is made over the WebSocket, so it does not require configuration changes to the firewall. 33839 Rev. B https://www.lantronix.com/ Page 5 of 100