In this section:
Overview
Use these instructions to configure your SBC(s) with basic network interface information, and to configure SecureLink application to allow Ribbon personnel to remotely set up your SBC platform.
SecureLink is a third-party remote access management tool used extensively by Ribbon Support team to allow dedicated remote connectivity into Ribbon equipment while providing customers with the latest in security and audit capabilities. SecureLink creates an outbound connection to Ribbon, and only allows inbound traffic from Ribbon (e.g. only Ribbon personnel can use this connection).
Prerequisites
- SBC server is racked, cabled and powered up.
Server names are known (i.e. “XYZSBC1a” and “XYZSBC1b” as an HA pair).
BMC, management and DNS IPs are known (use table below).
DNS registration code is known (use table below).
Router is configured and connected to SBC mgmt. ports.
Router can send traffic to public Internet.
User obtained from Ribbon the unique registration code for each SBC unit.
User provided server name(s), mgmt. IP(s), and NTP IP to Ribbon.
The following table depicts the information needed to install SecureLink, and is divided into three sections. You will use this information in the subsequent sections below.
- BMC Network
- Network Mgmt Interfaces
- DNS Configuration
Click here to download an example Prerequisites Table in MS Excel.
Procedure
Referencing the above three configuration details, perform the following steps to install SecureLink for remote access:
1. Configure BMC For Remote Access
The SBC servers ship pre-configured with IP address 169.254.77.1 to facilitate out of the box access to the BMC web interface. You must configure your PC/laptop IP address to be on this network so that it can communicate with the SBC 5400/7000 server.
Connect your PC/Laptop via an Ethernet cable to the Field Service Port (FSP) at the back of SBC unit as shown in one of the figures below, and power up the SBC (if not already on).
NoteThe SBC 5400 chassis rear view shown above includes four media ports.
- Verify that both link LEDs at the FSP are lit. If only the left LED is lit, your PC/laptop network adapter link speed may be set to 10 Mbps. Check the PC/laptop Device Manager, and if necessary set your PC/laptop link speed to 100 Mbps/Full Duplex.
- If your PC/laptop uses DHCP and Automatic Private IP Address setting is enabled (default setting), the PC/laptop will be assigned an IP address in the same subnet as the initial BMC IP; therefore proceed to step 5. If your PC/laptop does not use DHCP, proceed to the next step to configure a static IP.
From Control Panel, set your PC/Laptop IP address to 169.254.77.2, subnet mask to 255.255.255.0, and default gateway to 169.254.77.1.
Windows 7 Path: Control Panel > Network and Sharing Center > Local Area Connection > Local Area Connection Properties > Internet Protocol Version 4 (TCP/IPv4) Properties
Type the pre-configured IP address 169.254.77.1 in a web browser (Firefox recommended. If using Internet Explorer, you must manually add "https://169.254.77.1" as a trusted site) to connect to the BMC web interface.
NoteIf you receive a security certificate warning, ignore the warning and continue to the website.
Log on to SBC BMC GUI. The SBC BMC main screen is displayed.
Navigate to Configure > Network.
The Network Settings screen is displayed.
Enter the BMC IP Address, Prefix and Default Gateway network settings, and click Save to save the configuration.
Disconnect the laptop from FSP, and then connect the FSP Port to the router.
Connect a PC to the IP network that can access the BMC IP address.
Continue to section B to configure network management interfaces.
2. Configure Network Management Interfaces
Configure primary and secondary management IP interfaces.
- Open a browser and enter the new BMC IP address to connect to the BMC web interface.
Log on to the SBC BMC GUI.
The SBC BMC main screen is displayed.- Navigate to Configuration > Platform Management Network. The Platform Management Network Settings screen is displayed.
- Configure the following network settings for both Management Interfaces 0 and 1, and then click Save:
- IPv4 Address
- IPv4 Address Prefix
IPv4 Default Gateway
- Continue to section 3 to configure SecureLink.
3. Configure SecureLink From EMA
- Check that port 22 is set to allow access to securelink.sonusnet.com.
- From same network as management IPs, open a browser and enter new mgmt. IP.
- Log on to the SBC EMA Platform Mode. Upon initial login, you are prompted to change password. Change the password accordingly.
Navigate to Administration > System Administration and select Secure Link from the navigation panel.
From the SecureLink window, enter DNS IP Address associated with your network and the assigned Registration Code (obtained from Ribbon).
Click Enable Gatekeeper Access.
Wait a minute or two for Gatekeeper access field to change to "enabled" before proceeding.
Click Test SecureLink Access to perform Host name lookup and Direct connectivity tests.
Observe "Passed" indication for both tests. The SBC is now configured for SecureLink remote access!
If you have an HA configuration, return to section 1. Configure BMC For Remote Access and repeat all steps in this procedure for the second SBC 7000 series unit. Then continue to the next step. (Be sure to use Unit B’s information from the Prerequisites Table).
Contact your Ribbon representative to test remote connectivity to SBC 7000 series platform via SecureLink.