You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

In this section:

Related articles:

Overview

Use these instructions to configure your SBC(s) with basic network interface information, and to configure SecureLink application to allow Ribbon personnel to remotely set up your SBC platform.

SecureLink is a third-party remote access management tool used extensively by Ribbon Support team to allow dedicated remote connectivity into Ribbon equipment while providing customers with the latest in security and audit capabilities. SecureLink creates an outbound connection to Ribbon, and only allows inbound traffic from Ribbon (e.g. only Ribbon personnel can use this connection).

Secure Link Architecture (SBC 5000 series example)

 

Prerequisites

  • SBC server is racked, cabled and powered up.
  • Server names are known (i.e. “XYZSBC1a” and “XYZSBC1b” as an HA pair).

  • BMC, management and DNS IPs are known (use table below).

  • DNS registration code is known (use table below).

  • Router is configured and connected to SBC mgmt. ports.

  • Router can send traffic to public Internet.

  • User obtained from Ribbon the unique registration code for each SBC unit.

  • User provided server name(s), mgmt. IP(s), and NTP IP to Ribbon.

The following table depicts the information needed to install SecureLink, and is divided into three sections. You will use this information in the subsequent sections below.

  1. BMC Network
  2. Network Mgmt Interfaces
  3. DNS Configuration

Click here to download an example Prerequisites Table in MS Excel.

Prerequisites Table

 1) BMC Network2) Network Mgmt Interfaces3) DNS Configuration
Unit AUnit B Unit AUnit BUnit AUnit B
IP Address  Mgmt 0:    
  Mgmt 1:    
Prefix  Mgmt 0:   
  Mgmt 1:  
Default Gateway  Mgmt 0:  Registration Code:Registration Code:
  Mgmt 1:    

 

Procedure

Referencing the above three configuration details, perform the following steps to install SecureLink for remote access:

1. Configure BMC For Remote Access

The SBC servers ship pre-configured with IP address 169.254.77.1 to facilitate out of the box access to the BMC web interface. You must configure your PC/laptop IP address to be on this network so that it can communicate with the 

Unable to show "metadata-from": No such page "_space_variables"
server.

  1. Connect  your PC/Laptop via an Ethernet cable to the Field Service Port (FSP) at the back of SBC unit as shown in one of the figures below, and power up the SBC (if not already on).

    Connecting PC to Ethernet Port (SBC 5000 series)

    Note

    The SBC 5210 chassis rear view shown above includes four media ports. The SBC 51x0 chassis only contains two media ports. 

    Connecting PC to Ethernet Port (SBC 7000 series)

  2. Verify that both link LEDs at the FSP are lit. If only the left LED is lit, your PC/laptop network adapter link speed may be set to 10 Mbps. Check the PC/laptop Device Manager, and if necessary set your PC/laptop link speed to 100 Mbps/Full Duplex.

  3. If your PC/laptop uses DHCP and Automatic Private IP Address setting is enabled (default setting), the PC/laptop will be assigned an IP address in the same subnet as the initial BMC IP; therefore proceed to step 5.  If your PC/laptop does not use DHCP, proceed to the next step to configure a static IP.

  4. From Control Panel, set your PC/Laptop IP address to 169.254.77.2, subnet mask to 255.255.255.0, and default gateway to 169.254.77.1.

    Windows 7 Path: Control Panel > Network and Sharing Center > Local Area Connection > Local Area Connection Properties > Internet Protocol Version 4 (TCP/IPv4) Properties

    Network and Sharing Center

  5. Type the pre-configured IP address 169.254.77.1 in a web browser (Firefox recommended. If using Internet Explorer, you must  manually add "https://169.254.77.1" as a trusted site) to connect to the BMC web interface.

    Note

    If you receive a security certificate warning, ignore the warning and continue to the website. 

  6. Log on to SBC BMC GUI. The SBC BMC main screen is displayed.

  7. Navigate to Configure > Network.

    Configuration Screen

    The Network Settings screen is displayed.

    Configuring BMC Network

  8. Enter the BMC IP Address, Prefix and Default Gateway network settings, and click Save to save the configuration.

  9. Disconnect the laptop from FSP, and then connect the FSP Port to the router.

  10. Connect a PC to the IP network that can access the BMC IP address.

  11. Continue to section B to configure network management interfaces.

2. Configure Network Management Interfaces

Configure primary and secondary management IP interfaces.

  1. Open a browser and enter the new BMC IP address to connect to the BMC web interface.
  2. Log on to the SBC BMC GUI.

    Logging into BMC


    The SBC BMC main screen is displayed.

    Configuration Tab

  3. Navigate to Configuration > Platform Management Network. The Platform Management Network Settings screen is displayed.
  4. Configure the following network settings for both Management Interfaces 0 and 1, and then click Save:
    • IPv4 Address
    • IPv4 Address Prefix
    • IPv4 Default Gateway

      Configuring Management Network

  5. Continue to section 3 to configure SecureLink.

3. Configure SecureLink From EMA

  1. Check that port 22 is set to allow access to securelink.sonusnet.com.
  2. From same network as management IPs, open a browser and enter new mgmt. IP.
  3. Log on to the SBC EMA Platform Mode. Upon initial login, you are prompted to change password. Change the password accordingly.
  4. Navigate to Administration > System Administration and select Secure Link from the navigation panel.

    SecureLink Window

  5. From the SecureLink window, enter DNS IP Address associated with your network and the assigned Registration Code (obtained from Sonus).

    Entering DNS IP and Registration Code

  6. Click Enable Gatekeeper Access.

    Enable Gatekeeper Access

  7. Wait a minute or two for Gatekeeper access field to change to "enabled" before proceeding.

    Enable Gatekeeper Access

  8. Click Test SecureLink Access to perform Host name lookup and Direct connectivity tests.

    Test SecureLink Access

  9. Observe "Passed" indication for both tests. The SBC is now configured for SecureLink remote access!

    Test SecureLink Access

  10. If you have an HA configuration, return to section 1. Configure BMC For Remote Access and repeat all steps in this procedure for the second SBC 5000/7000 series unit. Then continue to the next step. (Be sure to use Unit B’s information from the Prerequisites Table).

Contact your Ribbon representative to test remote connectivity to SBC 5000/7000 series platform via SecureLink.

 

Related articles:

  • No labels