Transcript NETS IPT Update

Remote Access
July 10, 2007
1
What we’ll cover


Remote access to NCAR’s network
Remote access to Servers, Routers,
Switches
2
Remote access to NCAR’s
network – via dialup:




Primary Uses
Outsource Provider
Architecture
Configuration


RADIUS
Dialup Client
3
Primary Uses

Provide network connectivity
 When
working from home
 When traveling via 1-800
 When working from remote sites
 As a last resort when no other means of
connectivity is available
 For NCAR Airplanes
4
Outsource Provider

Level 3 – Managed Modem
 50
ports, burst up to 150 ports
 One local number, one toll free number
 $30/port MRC + toll free usage
5
Architecture
L3 Soft Switch
Site
NCAR Site
SS7
Gateway
NCAR’s
Network
SS7
Network
Soft
Switch
Soft
Switch
2
NCAR
RADIUS Server
NCAR Router
3
Local
Exchange
Carrier
1
2
4
9
Dial-up User
Internet
D
A
C
S
5
Voice Router
NAS
8
6
Internet
Proxy
RADIUS Server
Level 3
7
NAS
L3 Gateway
Site
Router
Network
10
6
RADIUS Configuration






L3 does NOT maintain userid/password database.
UCAS userid/passwords used for authentication
Separate Authorization for Local and toll-free
Called number used for authorization
“Special” non UCAS users authenticated with <userid>@local
Creates accounting records
Level 3’s
Radius Proxy
RADIUS requests
from Level 3
NCAR’s
Radius Proxy
NCAR’s
Radius Server
UCAS
7
Dialup Client Configuration






Local phone number: 720-259-1189
Toll Free Number: 866-450-6664
Authentication Protocol: PAP
Userid/password: UCAS userids and
passwords will be used for authenticating calls
to the local and toll-free phone numbers.
Networking Protocol: PPP
Must use VPN to access NCAR’s network
8
Remote Access via Dialup Stats

Since moving to Level3
 182
unique users
 Longest connected


Total minutes = 175190
Total sessions = 9
 Most


frequent caller
Total session = 581
Total minutes = 9013
 Peak
simultaneous users, approx 15
9
Remote Access to Servers,
Routers, Switches



Types of user interfaces
KVM or Terminal Server?
Types of remote access
10
Types of user interfaces

GUI
 windows/
linux
servers, etc

Command Line
 routers,
switches,
linux servers, etc
11
KVM or Terminal Server?

KVM
 Uses
Keyboard,
Video, and Mouse
ports for GUI
 Windows/ linux
servers, etc

Terminal Server –
 Uses
serial port
 Routers, switches,
linux servers, etc
12
Types of Remote Access


In Band
IP Network
x
Telnet or ssh
OOB (Out of
Band)
IP Network
x
Telephone
Network
Console connection via modem
13
KVM

Setup & Configuration
 NCAR’s KVM equipment
 KVM configuration
 Server Side configuration
 Client Side configuration (KVM over IP only)

User Interface


OSCAR
KVM over IP
14
Setup & Configuration: NCAR’s
KVM equipment
NCAR purchased Avocent’s DSView3 management
software, DSR2030, and DSR4030.
15
Setup & Configuration: NCAR’s
KVM equipment (cont.)
DSView
DSView Client
ML
DSR 2030
Local KMM
DSR 4030
Local KMM
FL
DSR 2030
Local KMM
Logical Connection
16
Setup & Configuration: KVM
configuration





Authentication – KVM over IP uses RADIUS
(token), then local. Local access uses nets/nets.
Authorization – KVM over IP allows control of
access to ports/servers. Local access, access to
all ports.
Encryption – keyboard, video, mouse from kvm
to client
TCP Ports – Default ports are 1078, 3211, 3871,
8192, 2068.
Proxy all sessions through DSView.
17
Setup & Configuration: Server Side
configuration

KVM terminator – max distance 150 ft. between
DSR and KVM terminator.

Mouse - Mouse acceleration should be turned off
and the motion speed should be set to medium.
18
Setup & Configuration: Server
Side configuration (cont.)

Video - Supported Screen Resolutions and
Refresh Rates
 640
x 480 @ 60 Hz
 800 x 600 @ 75 Hz
 960 x 700 @ 75 Hz
 1024 x 768 @ 75 Hz
 1280 x 1024 @ 75 Hz
19
Setup & Configuration: Client
Side configuration

The DSView 3 software supports the following browsers:
Microsoft Internet Explorer version 6.0 SP1 and later
 Mozilla version 1.7.3 and later
 Firefox version 1.0 and later; version 1.5 or later is required for
Macintosh operating systems
 Netscape version 7.2 and later
 NOTE: The Macintosh Safari browser is not supported by
DSView 3 software. On supported Macintosh system clients, you
must use Firefox version 1.5 or later.
TCP ports 443 and 1078 are used to display the video feed over IP
Requires jre version 1.5.0_02 to support the KVM viewer



20
User Interface
Local via the OSCAR (On-Screen
Configuration and Activity Reporting)
interface
 KVM over IP using DSView3

21
User Interface: OSCAR

1) Open the rack mounted KMM
(keyboard, mouse, monitor). Hit the
“Print Screen” key. Use the password
printed on the keyboard to login.

2) You will be presented with OSCAR’s
main window . Local users have
access to all ports. Use the UP/Down
arrows to select a port and hit enter.
The video feed from the selected port
will appear.

3) To exit, the “Print Screen” key which
will take you back to the Main Menu.
Click on “Log out” to exit.
22
User Interface: OSCAR (cont.)
OSCAR Interface Navigation Basics
Keystroke Function

Print Screen Opens the OSCAR interface. Press Print Screen twice to send the
Print Screen keystroke to the currently selected DSRIQ module.

F1 Opens the Help screen for the current dialog box.

Escape Closes the current dialog box without saving changes and returns to the
previous one. If the Main dialog box is displayed, pressing Escape closes the
OSCAR interface and displays a status flag if status flags are enabled. See the
Controlling the status flag section on page 30 for more information. In a message
box, pressing Escape closes the pop-up box and returns to the current dialog box.

Enter Completes a switch operation in the Main dialog box and exits the OSCAR
interface.

Up/Down Arrows Moves the cursor from line to line in lists.

Right/Left Arrows Moves the cursor between columns. When editing a text box,
these keys move the cursor within the column.

Page Up/Page Down Pages up and down through Name and Port lists and Help
pages.
23
User Interface: KVM over IP

Live Demo
 Single
Cursor Mode
 Auto Scale Mode
24
Terminal Server


NCAR’s equipment
User Interface
25
Terminal Server – NCAR’s
Equipment
Cisco 3640
32 port Async
card
26
Terminal Server – NCAR’s
Equipment (cont.)
ML
To Telco
Cisco 3640
Modem
Network
connection
Serial Connections
to Console port
Routers/switches
27
Terminal Server – User Interface
28
Coming Attractions

Remote access via dialup
 Cricket

stats
KVM
 Virtual
media
 OOB access via modem
 Integration with other CISL groups?

Terminal Server
 Migrate
from 3600 to voip routers
29
Links

Remote Access via Dialup
http://netserver.ucar.edu/nets/internal/docs/ras/index.html

Remote Access - KVM
http://netserver.ucar.edu/nets/internal/devices/kvm/avocent_kvm.html

Remote Access - Terminal Servers
http://netserver.ucar.edu/nets/internal/devices/term-servers/index.html
30