ManualsPro Opengear opengear Remote IP Access Instructions

opengear Remote IP Access Instructions

June 6, 2024
Opengear

opengear-Remote-IP-Access-IMAGE

opener Remote IP Access

INTRODUCTION

Opengear helps you manage, monitor and remediate your network remotely, even when the primary network is down. Our Network Resilience Platform provides an independent management network, giving you secure access to provision, configure and troubleshoot critical IT infrastructure without sending someone to the site – minimizing downtime, protecting SLAs, and saving money.
Opengear Smart Out-of-Band (Smart OOB™) appliances together with Lighthouse management software provide secure, resilient access to critical network and IT infrastructure at remote locations via serial and USB console ports. Our Remote IP Access feature takes this to the next level by providing secure IP access to equipment at edge locations. This enables an engineer or administrator to access critical infrastructure over TCP/IP, typically to equipment connected to an Ethernet management network.
In addition to direct connections to console ports, with Remote IP Access, you can reach the Web GUI of remote equipment over HTTP or HTTPS, perform direct file transfers using TFTP, FTP or SCP, SSH into remote systems or virtual machines, and log in to Linux and Windows servers using VNC or Remote Desktop Protocol (RDP). This feature also allows you to use many other services that run over IP, providing emergency access to remote site equipment over the out- of-band network.

PROXIMITY
When a network engineer goes to a remote site to provision, re-configure or troubleshoots a problem, they will typically take a laptop computer, together with a serial console cable and an Ethernet cable. Each deployed Opengear appliance can provide this connectivity – we call this proximity. With a number of Opengear appliances deployed on the network, you have secure remote access to the attached console ports and to the management networks from one central platform, Lighthouse, which is the hub of the Opengear Smart OOB™ solution.

opengear-Remote-IP-Access-FIG 1

RESILIENCE
The Opengear appliances are connected to Lighthouse over a resilient fabric, the Lighthouse VPN (LHVPN) network. This fabric is an overlay VPN that uses OpenVPN tunnels with X.509 certificates, strong (AES-256-GCM) encryption and redundant connectivity, which may include failover to 4G/LTE cellular or broadband for true out-of-band connectivity.
Lighthouse management software is the central hub of the LHVPN, and also the central point of access for users to connect to remote equipment. Users connect to Lighthouse, are authenticated, and can then use the Console Gateway quick-search to find and connect to console ports using the built-in Web Terminal or their own SSH client. The resilient LHVPN fabric connects Lighthouse users to the remote Opengear appliances and the equipment they are attached to, ensuring that Smart OOB™ access works even if the primary network is down, and that the Opengear appliances automatically fail-over to cellular or broadband.

opengear-Remote-IP-Access-FIG 2

REMOTE IP ACCESS
Remote IP Access adds client VPN capability to Lighthouse. Engineers can launch a VPN client connection to Lighthouse, be authenticated, then automatically connected to the remote site management network. Now the engineer has a secure VPN tunnel to the remote equipment they need to work on, providing the same TCP/IP access they would get if they travelled to the site and plugged into the management LAN. The massive benefit is that they don’t need to physically travel to the site, because they are connected remotely.

opengear-Remote-IP-Access-FIG 3

EASY-TO-USE SECURITY FEATURES
Opengear’s Remote IP Access feature makes use of Lighthouse resilient connectivity and also leverages Lighthouse centralized security. The OpenVPN client connection requires a user to authenticate to Lighthouse with their username and password in the usual way. Lighthouse supports local or remote authentication using AAA (RADIUS, TACACS or LDAP), which may include 2FA/MFA. The Remote IP Access client connection is already multi-factor authenticated: it uses a certificate to authenticate each client, in addition to the username/password combination to map the user into a group from which Lighthouse determines privileges and access to resources – for example, which sites or nodes the user can see and connect to. The Lighthouse administrator can create new certificates for Remote IP Access users from the Web GUI. These certificates are generated within an OpenVPN config file that the user can easily import into their OpenVPN client as a new connection profile. If a user subsequently leaves the company, the Lighthouse admin can simply revoke their certificate to prevent further VPN client access.

SAMPLE USE CASES FOR REMOTE IP ACCESS

Use Case #1: Customer migrating to Virtual Firewalls

Many customers are migrating from traditional hardware-based firewall appliances to a virtual firewall solution. The hardware firewalls have console ports, but many users prefer to manage them from the Web GUI, so they have Remote IP Access already deployed. They can remotely manage new virtual firewalls using IP Access too, in addition to managing the servers that they are running on.

Use Case #2: Customer with Virtual SD-WAN Appliances running under VMware

Serial console connectivity is very useful for network and security engineers – but not all appliances have serial console ports. We see an increasing number of customers beginning to deploy virtual appliances. These Virtual Machines (VMs) or Virtual Network Functions (VNFs) do not have console ports; they are accessed and managed over IP. This is also true of the operating systems and hypervisors which make up an important part of the software stack, all of which must be working for the virtual appliances to operate. Each component in the stack requires remote access for maintenance and upgrades.

Remote IP Access provides secure remote TCP/IP connectivity to each site that has an Opengear appliance deployed. The Opengear appliance provides console access to connected switches and other devices, but network engineers can also access their servers through the VMWare ESXi environment via Web browser, or using embedded lights-out management (LOM) technology like iLO5  HP).The virtual SD-WAN appliance also has a Web GUI providing a status dashboard and admin menus.

Remote IP Access to multiple remote networks and VLANs
Remote IP Access provides secure, remote out-of-band IP access to the management network connected behind each Opengear appliance. We have the ability to push client routes, enabling Remote IP Access users to access the local LAN segment and networks beyond. Data centers and remote sites often have more than one management network. It is not unusual for a data center to have several management VLANs, separated for security reasons – perhaps one VLAN for network management, another for management of security appliances, and several more for different server teams.
For multiple separate management networks or VLANs, Opengear has added mapping capability to the Remote IP Access solution. This feature maps IP Access users, via group membership for scalability, into one or more firewall zones on the remote Opengear appliance. This allows for variation at different sites; each appliance can have different network interfaces, including VLANs, mapped into the appropriate firewall zones. For example, a user who belongs to the Security group gets mapped to the security management zone and is granted IP access to the firewalls. A member of the Blue Server team is mapped to the blue server zone and has IP access to the blue servers. This solution uses the Lighthouse group and Smart Group mapping, together with the firewall zone capability of Opengear NetOps Console Servers to provide a secure, flexible and scalable solution for remote IP Access to multiple edge networks and VLANs.
Note: OM1200 and OM2200 Series NetOps Console Servers have 802.1Q VLAN support (trunk and access ports)

WHICH OPENGEAR APPLIANCES SUPPORT REMOTE IP ACCESS?
The Opengear ACM7000 and IM7200 Series Smart OOB™ console servers support Remote IP Access. The new OM1200 and OM2200 Series NetOps Console Servers also support Remote IP Access, as well as 802.1Q VLANs and L3 segmentation of the built-in switch ports (on models with the built-in switch), enabling connections to multiple management networks or VLANs, as described above.

opengear-Remote-IP-Access-FIG 4

SUMMARY
The Remote IP Access feature adds a very powerful capability to the Opengear Smart OOB™ solution, giving users the ability to access, manage, troubleshoot and remediate their IT and network infrastructure remotely over IP using the Lighthouse VPN resilient fabric connectivity.
The Opengear solution provides both secure console access and full remote IP network access to critical infrastructure at remote sites, even when the production network is down, allowing fast response for remediation, minimizing downtime, avoiding site visits and delays, and saving money.

OPENGEAR REMOTE IP ACCESS: SECURE, SCALABLE, POWERFUL, RESILIENT EASY-TO-

USE

Additional Information
Opengear Remote IP Access is a licensed feature of Lighthouse, included in the Lighthouse Enterprise subscription. It is provided as a NetOps module, called Software Defined Infrastructure (NOM-SDI).
Remote IP Access makes use of the standard OpenVPN protocol, and supports a number of third-party OpenVPN clients on platforms including Windows, Mac, and Linux:

  •  Viscosity (macOS, Windows)
  •  Tunnelblick (macOS)
  •  Pritunl (cross-platform)`
  •  OpenVPN CLI (Linux, Unix, Windows)

Viscosity – OpenVPN Client for Mac and Windows – SparkLabs
https://www.sparklabs.com/viscosity/
Pritunl Client – Open Source OpenVPN Client
https://client.pritunl.com/
CONTACT US OR SCHEDULE A DEMO
If you are interested in the Opengear Smart OOB™ solution, have a question, or would like an IP Access product demo, please contact your local Opengear partner, or contact us directly at the links below:
https://opengear.com/contact-us/
https://opengear.com/schedule-demo/

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>

Opengear User Manuals

openGear OG-HDBT-EAPx Extenders & Receivers Board User Manual
Opengear
opengear OM1200 Twisted Pair Instruction Manual
Opengear
opengear ACM7000 Remote Site Gateway User Manual
Opengear
opengear CM8116 Console Manager 8100 Server User Guide
Opengear
opengear OM2216 Console Server User Guide
Opengear
opengear OG-HDTV-SDI-UHD OG HDMI to SDI Converters User Manual
Opengear
opengear OM1200 Operations Manager NetOps Console Server with Smart Out of Band User Guide
Opengear
opengear Remote IP Access Instructions
Opengear
opengear ACM7004-2 Recelience Gateway User Guide
Opengear
opengear OM1204 Operations Manager 1200 User Guide
Opengear
Opengear Operations Manager User Guide
Opengear
opengear OM1204 Console Server User Guide
Opengear
opengear Lighthouse Management Software Instructions
Opengear
opengear OM1200 NetOps Operations Manager User Guide
Opengear

Related Manuals

HIKVISION DS-PDTT15AM-LM-WB Wireless Tri-Tech AM Detector User Guide
Hikvision
How do I sign in to the NFL SUNDAY TICKET app on my computer, game console, or mobile device?
DirecTV
BRESSER Tempy Thermometer 3pcs Set Instruction Manual
BRESSER
YAUFEY PD221DE 4500 Sq Ft Home Dehumidifier User Manual
YAUFEY
SARTORIUS 64612028-EA Cubis II Precision Balance User Manual
SARTORIUS
CASIO 3561 G-Shock Watch User Guide
Casio
FALCON RIDGE PO-14RANGERCREW-TC01 Chuck Wagon Soft Top Instruction Manual
FALCON RIDGE
VEIKOUS PG0201-07-4 14 ft W x 12 ft L Aluminum Double Hardtop Gazebo Instruction Manual
VEIKOUS
DoorKing 1625 Wedge Barrier Instruction Manual
DOORKING
ANALOG DEVICES LTC6810-1 6-Channel Battery-Stack Monitor DC2515B User Manual
Analog Devices
rizoma ZVP025 Horn Cover User Manual
rizoma
RADEMACHER 7000 01 03 Remote Sensor 9485-F for DuoFern Room Thermostat 9485 Instruction Manual
RADEMACHER
alfi Drop In for Granite Sinks Instruction Manual
alfi
FORTIN 68451 All-In-One Data Interface Remote Starter Installation Guide
FORTIN
Continental SVI-MQ4aMFGE04 Smart Fob User Manual
Continental
childcare 143300-003 Smart Baby Camera User Manual
childcare
witt WPSM900B Sandwich Maker User Guide
witt
signify GWS Wall Sconce Instruction Manual
signify
CHAPIN 2553E Industrial General Duty Poly Sprayer User Guide
CHAPIN
hama 00004665 Spot Light FoldUp 102 LED RGB Ring Light Instruction Manual
Hama
BabyStyle Arendelle Double Wardrobe Instruction Manual
BabyStyle
Artemide Tolomeo Classic LED Clip Spot Light Installation Guide
Artemide
THOMSON HiFi Bookshelf Speakers User Manual
THOMSON
electriQ CD20L 20L Compressor Dehumifidier With Digital Humidistat User Manual
ElectriQ
MTX MUD100.4 AMPLIFIER Owner’s Manual
MTX
Ikra HHS-I-5555 Hedge Trimmer Instruction Manual
IKRA
Efalock 14102472 Synfonia Digital High Speed Hairdryer User Manual
EFALOCK
FORCLAC HL900 Hybrid Rechargeable Headlamp Instruction Manual
FORCLAC
XPOtool 63398 Cunei Per Camper Auto Installation Guide
XPOtool
CleanAIR CNA-113-R02 Verus Air User Manual
CleanAIR
Contact Us   Privacy Policy   3.192ms