Tripp Lite B097016 Owners Manual for B093- B097- and B098-Series Console Serve - Page 58

IPsec VPN

Get Tripp Lite B097016 PDF manuals and user guides View all Tripp Lite B097016 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 58 highlights

4. Serial Port, Host, Device and User Configuration Note: To set up a new serially connected RPC, UPS or EMD device, first configure the serial port, designate it as a device, and then enter a name and description for that device in the Serial & Network: RPC Connections (or UPS Connections or Environmental). When applied, this will automatically create a corresponding new managed device with the same name/description as the RPC/UPS host (refer to 8. Power, Environment and Digital I/O). The outlet names on the PDU are by default "Outlet 1" "Outlet 2". When connecting a particular managed device that draws power from the outlet, the outlet will take the name of the powered managed device. 4.8 IPsec VPN The console servers include Openswan, a Linux implementation of the IPsec (IP security) protocols, which can be used to configure a Virtual Private Network (VPN). The VPN allows multiple sites or remote administrators to access the Tripp Lite advanced console server (and managed devices) securely over the internet. The administrator can establish encrypted authenticated VPN connections between advanced console servers distributed at remote sites and a VPN gateway (such as Cisco router running IOS IPsec) on their central office network: • Users and administrators at the central office can then securely access the remote console. servers and connected serial console devices and machines on the Management LAN subnet at the remote location as though they were local. • With serial bridging, serial data from controller at the central office machine can be securely connected to the serially controlled devices at the remote sites (refer to 4.1 Configure Serial Ports). The road warrior administrator can use a VPN IPsec software client such as TheGreenBow (www.thegreenbow.com/vpn_ gateway.html) or Shrew Soft (www.shrew.net/support ) to remotely access the advanced console server and every machine on the Management LAN subnet at the remote location. Configuration of IPsec is quite complex so Tripp Lite provides a simple GUI interface for basic set up as described below. However, for more detailed information on configuring Openswan IPsec at the command line and interconnecting with other IPsec VPN gateways and road warrior IPsec software, refer http://wiki.openswan.org 4.8.1 Enable the VPN Gateway Select IPsec VPN on the Serial & Networks menu. 58

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
58
Note:
To set up a new serially connected RPC, UPS or EMD device, first configure the serial port, designate it as a device, and then enter a
name and description for that device in the
Serial & Network: RPC Connections
(or
UPS Connections
or
Environmental
). When applied,
this will automatically create a corresponding new managed device with the same name/description as the RPC/UPS host (refer to
8. Power,
Environment and Digital I/O
).
The outlet names on the PDU are by default “Outlet 1” “Outlet 2”. When connecting a particular managed device that draws power from the
outlet, the outlet will take the name of the powered managed device.
4.8 IPsec VPN
The console servers include Openswan, a Linux implementation of the IPsec (IP security) protocols, which can be used to
configure a Virtual Private Network (VPN). The VPN allows multiple sites or remote administrators to access the Tripp Lite
advanced console server (and managed devices) securely over the internet.
The administrator can establish encrypted authenticated VPN connections between advanced console servers distributed at
remote sites and a VPN gateway (such as Cisco router running IOS IPsec) on their central office network:
• Users and administrators at the central office can then securely access the remote console. servers and connected serial
console devices and machines on the Management LAN subnet at the remote location as though they were local.
• With serial bridging, serial data from controller at the central office machine can be securely connected to the serially
controlled devices at the remote sites (refer to
4.1 Configure Serial Ports
).
The road warrior administrator can use a VPN IPsec software client such as TheGreenBow (www.thegreenbow.com/vpn_
gateway.html) or Shrew Soft (www.shrew.net/support ) to remotely access the advanced console server and every machine on
the Management LAN subnet at the remote location.
Configuration of IPsec is quite complex so Tripp Lite provides a simple GUI interface for basic set up as described below.
However, for more detailed information on configuring Openswan IPsec at the command line and interconnecting with other
IPsec VPN gateways and road warrior IPsec software, refer
4.8.1 Enable the VPN Gateway
Select
IPsec VPN
on the
Serial & Networks
menu.
4. Serial Port, Host, Device and User Configuration