1 Remote Access July 10, 2007. 2 What we’ll cover Remote access to NCAR’s network Remote access...
-
Upload
diane-dean -
Category
Documents
-
view
219 -
download
0
Transcript of 1 Remote Access July 10, 2007. 2 What we’ll cover Remote access to NCAR’s network Remote access...
1
Remote Access
July 10, 2007
2
What we’ll cover
Remote access to NCAR’s network Remote access to Servers, Routers,
Switches
3
Remote access to NCAR’s network – via dialup:
Primary Uses Outsource Provider Architecture Configuration
RADIUS Dialup Client
4
Primary Uses
Provide network connectivityWhen working from homeWhen traveling via 1-800When working from remote sitesAs a last resort when no other means of
connectivity is available For NCAR Airplanes
5
Outsource Provider
Level 3 – Managed Modem50 ports, burst up to 150 portsOne local number, one toll free number$30/port MRC + toll free usage
6
Architecture
Local Exchange
Carrier
Dial-up User
SS7 Network
NAS D A C S
NAS Router
Proxy RADIUS Server
Voice Router
L3 Gateway Site
SS7 Gateway
Soft Switch
Soft Switch
L3 Soft Switch Site NCAR Site
NCAR Router
NCAR’s Network
NCAR RADIUS Server
Level 3 Network
1
3
2
2
5 6
Internet
7
8 4
9
Internet
10
7
RADIUS Configuration
L3 does NOT maintain userid/password database. UCAS userid/passwords used for authentication Separate Authorization for Local and toll-free Called number used for authorization “Special” non UCAS users authenticated with <userid>@local Creates accounting records
NCAR’s Radius Proxy
NCAR’s Radius Server
UCASRADIUS requests from Level 3
Level 3’s Radius Proxy
8
Dialup Client Configuration
Local phone number: 720-259-1189 Toll Free Number: 866-450-6664 Authentication Protocol: PAP Userid/password: UCAS userids and
passwords will be used for authenticating calls to the local and toll-free phone numbers.
Networking Protocol: PPP Must use VPN to access NCAR’s network
9
Remote Access via Dialup Stats
Since moving to Level3 182 unique users Longest connected
Total minutes = 175190 Total sessions = 9
Most frequent caller Total session = 581 Total minutes = 9013
Peak simultaneous users, approx 15
10
Remote Access to Servers, Routers, Switches
Types of user interfaces KVM or Terminal Server? Types of remote access
11
Types of user interfaces GUI
windows/ linux servers, etc
Command Line routers, switches,
linux servers, etc
12
KVM or Terminal Server? KVM
Uses Keyboard, Video, and Mouse ports for GUI
Windows/ linux servers, etc
Terminal Server – Uses serial port Routers, switches,
linux servers, etc
13
Types of Remote Access
In Band
IP Network
Telnet or sshx
OOB (Out of Band)
IP Network
Telephone
Network
Console connection via modem
x
14
KVM
Setup & Configuration NCAR’s KVM equipment KVM configuration Server Side configuration Client Side configuration (KVM over IP only)
User Interface OSCAR KVM over IP
15
Setup & Configuration: NCAR’s KVM equipmentNCAR purchased Avocent’s DSView3 management
software, DSR2030, and DSR4030.
16
Setup & Configuration: NCAR’s KVM equipment (cont.)
DSR 2030 DSR 2030DSR 4030ML FL
DSView
DSView Client
Local KMM Local KMM Local KMM
Logical Connection
17
Setup & Configuration: KVM configuration Authentication – KVM over IP uses RADIUS
(token), then local. Local access uses nets/nets. Authorization – KVM over IP allows control of
access to ports/servers. Local access, access to all ports.
Encryption – keyboard, video, mouse from kvm to client
TCP Ports – Default ports are 1078, 3211, 3871, 8192, 2068.
Proxy all sessions through DSView.
18
Setup & Configuration: Server Side configuration
KVM terminator – max distance 150 ft. between DSR and KVM terminator.
Mouse - Mouse acceleration should be turned off and the motion speed should be set to medium.
19
Setup & Configuration: Server Side configuration (cont.)
Video - Supported Screen Resolutions and Refresh Rates640 x 480 @ 60 Hz800 x 600 @ 75 Hz960 x 700 @ 75 Hz1024 x 768 @ 75 Hz1280 x 1024 @ 75 Hz
20
Setup & Configuration: Client Side configuration The DSView 3 software supports the following browsers:
Microsoft Internet Explorer version 6.0 SP1 and later Mozilla version 1.7.3 and later Firefox version 1.0 and later; version 1.5 or later is required for
Macintosh operating systems Netscape version 7.2 and later NOTE: The Macintosh Safari browser is not supported by
DSView 3 software. On supported Macintosh system clients, you must use Firefox version 1.5 or later.
TCP ports 443 and 1078 are used to display the video feed over IP Requires jre version 1.5.0_02 to support the KVM viewer
21
User Interface
Local via the OSCAR (On-Screen Configuration and Activity Reporting) interface
KVM over IP using DSView3
22
User Interface: OSCAR
1) Open the rack mounted KMM (keyboard, mouse, monitor). Hit the “Print Screen” key. Use the password printed on the keyboard to login.
2) You will be presented with OSCAR’s main window . Local users have access to all ports. Use the UP/Down arrows to select a port and hit enter. The video feed from the selected port will appear.
3) To exit, the “Print Screen” key which will take you back to the Main Menu. Click on “Log out” to exit.
23
User Interface: OSCAR (cont.)
OSCAR Interface Navigation BasicsKeystroke Function Print Screen Opens the OSCAR interface. Press Print Screen twice to send the
Print Screen keystroke to the currently selected DSRIQ module. F1 Opens the Help screen for the current dialog box. Escape Closes the current dialog box without saving changes and returns to the
previous one. If the Main dialog box is displayed, pressing Escape closes the OSCAR interface and displays a status flag if status flags are enabled. See the Controlling the status flag section on page 30 for more information. In a message box, pressing Escape closes the pop-up box and returns to the current dialog box.
Enter Completes a switch operation in the Main dialog box and exits the OSCAR interface.
Up/Down Arrows Moves the cursor from line to line in lists. Right/Left Arrows Moves the cursor between columns. When editing a text box,
these keys move the cursor within the column. Page Up/Page Down Pages up and down through Name and Port lists and Help
pages.
24
User Interface: KVM over IP
Live DemoSingle Cursor ModeAuto Scale Mode
25
Terminal Server
NCAR’s equipment User Interface
26
Terminal Server – NCAR’s Equipment
32 port Async card
Cisco 3640
27
Terminal Server – NCAR’s Equipment (cont.)
Cisco 3640
ML
Routers/switches
Network connection
Modem
To Telco
Serial Connections to Console port
28
Terminal Server – User Interface
29
Coming Attractions
Remote access via dialup Cricket stats
KVM Virtual media OOB access via modem Integration with other CISL groups?
Terminal Server Migrate from 3600 to voip routers
30
Links
Remote Access via Dialuphttp://netserver.ucar.edu/nets/internal/docs/ras/index.html
Remote Access - KVMhttp://netserver.ucar.edu/nets/internal/devices/kvm/avocent_kvm.html
Remote Access - Terminal Servershttp://netserver.ucar.edu/nets/internal/devices/term-servers/index.html