37.4 Feature Parameters. Westermo RFI-219-F4G-T7G, Viper-212A-T5G-P8-HV, RFI-219-F4G-T7G-F8, RFI-211-F4G-T7G, L106-F2G, Viper-212A, L205-S1, Viper-112A-T5G, L110-F2G, Viper-112A-T3G
Add to my manuals
1088 Pages
advertisement
37.4
Feature Parameters
MAX_SSL_INSTANCES 3
MAX_SSL_PUSH_SUBNETS 10
MAX_SSL_CN_BIND_INST 100
Westermo OS Management Guide
Version 4.22.0-0
954 © 2017 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.22.0-0
Chapter 38
WeConnect
This chapter describes the WeOS support for the Westermo WeConnect service.
Westermo WeConnect is a centralised on-line connectivity service offered by
Westermo as a separate product (not normally included in the purchase of a
WeOS product).
The idea of the service is to connect equipment and networks through the Internet in an easy way, but at the same time safe and encrypted using standard VPN features.
The secured networks set up by WeConnect can be used in many ways such as remote management, interconnection of remote network locations, centralised logging and alerts, emergency access, etc.
WeConnect is managed with an on-line web portal. In this portal you are able to define your virtual secure networks and create VPN configurations for WeOS units and other clients and nodes. For more information about the service and how to sign up for it, please visit Westermo’s home page at http://www.westermo.
com/ .
In WeOS, WeConnect is set up using an installer that takes you through some easy steps that takes care of the configuration for you.
You only need the Secure Network Code and the One Time Password (OTP) for your unit from the WeConnect web portal to be able to run the installer. WeOS will use the Code and OTP to make an encrypted download of the configuration and certificates from the on-line portal service. The VPN will automatically connect when the installer procedure is completed and your unit instantly becomes part of your secured network.
© 2017 Westermo Teleindustri AB 955
Westermo OS Management Guide
Version 4.22.0-0
WeConnect utilises these standard features in WeOS for its operations:
SSL VPN - This is used for the encrypted tunnel that connects to your We-
Connect secure network.
RIP - This protocol is run inside the SSL VPN tunnel to receive routes from other units and networks in the secure network. It also announces the local networks on your unit so they can be reached remotely.
Firewall - Automatic forward rules for the WeConnect SSL VPN tunnel are added. It is recommended that you use the firewall, but not mandatory.
The SSL VPN tunnel is run in UDP mode. This makes the WeConnect service perform well on most types of Internet connections. There is no requirement of fixed public IP number for your unit, and accessing the Internet via external firewalls and NAT will work in most cases.
Note
WeConnect is using the IPv4 networks 198.18.0.0/16 and 198.19.0.0/16 internally for its operation. You can not use these networks, or subnets within these networks, for other purposes on your WeOS unit while using
WeConnect.
956 © 2017 Westermo Teleindustri AB
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 2 Legal information
- 3 Table of Contents
- 10 I Introduction to WeOS and its Management Methods
- 11 1 Introduction
- 11 1.1 Westermo and its WeOS products
- 11 1.2 Getting Started
- 12 1.3 Introduction to WeOS
- 12 1.4 How to read this document
- 14 1.5 Westermo products running WeOS
- 17 2 Quick Start
- 17 2.1 Starting the Switch for the First Time
- 18 2.2 Modifying the IP Setting
- 30 3 Overview of Management Methods
- 31 3.1 When to use the WeConfig tool
- 31 3.2 When to use the Web
- 32 3.3 When to use the CLI
- 34 4 Management via Web Interface
- 35 4.1 Document Conventions
- 36 4.2 Logging in
- 38 4.3 Navigation
- 41 4.4 System Overview
- 48 5 Management via CLI
- 48 5.1 Overview of the WeOS CLI hierarchy
- 50 5.2 Accessing the CLI
- 54 5.3 Using the CLI
- 60 5.4 General CLI commands
- 64 6 WeOS SNMP Support
- 64 6.1 Introduction and feature overview
- 77 6.2 Managing SNMP via the web interface
- 81 6.3 Manage SNMP Settings via the CLI
- 86 II Common Switch Services
- 87 7 General Switch Maintenance
- 87 7.1 Overview
- 123 7.2 Maintenance via the Web Interface
- 138 7.3 Maintenance via the CLI
- 169 8 General System Settings
- 169 8.1 Overview of General System Features
- 172 8.2 Managing System Settings via Web
- 177 8.3 Managing System Settings via CLI
- 191 9 Authentication, Authorisation and Accounting
- 192 9.1 Overview over AAA
- 201 9.2 Managing AAA via the web
- 221 9.3 Managing AAA via the CLI
- 241 9.4 Feature Parameters
- 242 10 Ethernet Port Management
- 242 10.1 Overview of Ethernet Port Management
- 257 10.2 Managing port settings via the web interface
- 261 10.3 Managing port settings via the CLI
- 271 11 Ethernet Statistics
- 271 11.1 Ethernet Statistics Overview
- 278 11.2 Statistics via the web interface
- 283 11.3 Statistics via the CLI
- 286 12 SHDSL Port Management
- 286 12.1 Overview of SHDSL Port Management
- 292 12.2 Managing SHDSL ports via the web interface
- 300 12.3 Managing SHDSL ports via the CLI
- 306 13 ADSL/VDSL Port Management
- 306 13.1 Overview of ADSL/VDSL Port Management
- 320 13.2 Managing ADSL/VDSL ports via the web interface
- 332 13.3 Managing ADSL/VDSL ports via the CLI
- 337 14 Power Over Ethernet (PoE)
- 337 14.1 Overview of Power over Ethernet (PoE)
- 341 14.2 Managing PoE via the web interface
- 345 14.3 Managing PoE via the CLI interface
- 348 15 Virtual LAN
- 348 15.1 VLAN Properties and Management Features
- 359 15.2 Port-based network access control
- 364 15.3 Managing VLAN settings via the web interface
- 374 15.4 Managing VLAN settings via the CLI
- 386 16 FRNT
- 386 16.1 Overview of the FRNT protocol and its features
- 390 16.2 FRNT and RSTP coexistence
- 392 16.3 Managing FRNT settings via the web interface
- 397 16.4 Managing FRNT settings via the CLI
- 400 17 Ring Coupling and Dual Homing
- 401 17.1 Overview
- 415 17.2 Managing via the Web
- 419 17.3 Managing via CLI
- 429 17.4 Feature Parameters
- 430 18 Spanning Tree Protocol - RSTP and STP
- 430 18.1 Overview of RSTP/STP features
- 436 18.2 Managing RSTP via the web interface
- 440 18.3 Managing RSTP via the CLI
- 445 19 Media Redundancy Protocol
- 445 19.1 Overview of the MRP protocol and its features
- 449 19.2 Managing MRP settings via the web interface
- 452 19.3 Managing MRP settings via the CLI
- 456 20 Link Aggregation
- 456 20.1 Link Aggregation Support in WeOS
- 467 20.2 Managing Link Aggregation via the Web
- 471 20.3 Managing Link Aggregation via CLI
- 476 21 Multicast in Switched Networks
- 476 21.1 Overview
- 482 21.2 Managing IGMP in the Web Interface
- 484 21.3 Managing IGMP in the CLI
- 488 22 General Network Settings
- 488 22.1 Overview
- 489 22.2 Network interfaces
- 505 22.3 General IP settings
- 508 22.4 Managing network interfaces via the web
- 515 22.5 Managing general IP settings via the web
- 521 22.6 Managing network interfaces via the CLI
- 532 22.7 Managing general IP settings via the CLI
- 548 22.8 Feature Parameters
- 549 23 DHCP Server
- 550 23.1 Overview of DHCP Server Support in WeOS
- 564 23.2 Configuring DHCP Server Settings via the Web
- 571 23.3 Configuring DHCP Server Settings via the CLI
- 583 23.4 Feature Parameters
- 584 24 DHCP Relay Agent
- 585 24.1 Overview of DHCP Relay Agent Support
- 596 24.2 Configuring DHCP Relay Agent via the Web
- 599 24.3 Configuring DHCP Relay Agent via the CLI
- 606 25 Alarm handling, LEDs and Digital I/O
- 606 25.1 Alarm handling features
- 619 25.2 Managing Alarms via the Web
- 625 25.3 Managing Alarms via the CLI
- 652 25.4 Digital I/O
- 654 25.5 LEDs
- 657 26 Logging Support
- 658 26.1 Logging Support in the web interface
- 659 26.2 Managing Logging Support via the CLI
- 661 III Router/Gateway Services
- 662 27 IP Routing in WeOS
- 662 27.1 Summary of WeOS Routing and Router Features
- 670 27.2 Static unicast routes via Web
- 673 27.3 Enabling Routing, Managing Static Routing, etc., via CLI
- 675 28 Dynamic Routing with OSPF
- 675 28.1 Overview of OSPF features
- 689 28.2 OSPF Web
- 693 28.3 Managing OSPF via the CLI
- 705 29 Dynamic Routing with RIP
- 705 29.1 Overview of RIP Features
- 711 29.2 RIP Web
- 714 29.3 Managing RIP via the CLI
- 723 30 IP Multicast Routing
- 723 30.1 Summary of WeOS Multicast Routing Features
- 727 30.2 Managing Multicast Routing via Web Interface
- 732 30.3 Managing Multicast Routing via CLI
- 736 31 Virtual Router Redundancy (VRRP)
- 737 31.1 Introduction to WeOS VRRP support
- 744 31.2 Managing VRRP via the web interface
- 749 31.3 Managing VRRP via the CLI
- 757 32 Firewall Management
- 758 32.1 Overview
- 785 32.2 Firewall Management via the Web Interface
- 809 32.3 Firewall Management via the CLI
- 823 IV Virtual Private Networks and Tunnels
- 824 33 Overview of WeOS VPN and Tunnel support
- 824 33.1 WeOS support for VPNs
- 825 33.2 Tunneling using PPP
- 825 33.3 Tunneling using GRE
- 826 34 PPP Connections
- 827 34.1 Overview of PPP Properties and Features
- 837 34.2 Managing PPP settings via the web interface
- 843 34.3 Managing PPP settings via the CLI
- 854 35 GRE tunnels
- 854 35.1 Overview of GRE tunnel Properties and Management Features
- 858 35.2 Managing GRE settings via the web interface
- 860 35.3 Managing GRE settings via the CLI
- 864 36 IPsec VPNs
- 865 36.1 Overview of IPsec VPN Management Features
- 886 36.2 Managing VPN settings via the web interface
- 896 36.3 Managing VPN settings via the CLI
- 913 36.4 Feature Parameters
- 914 37 SSL VPN
- 914 37.1 Overview of SSL VPN Management Features
- 933 37.2 Managing SSL VPN settings via the web interface
- 939 37.3 Managing SSL VPN settings via the CLI
- 954 37.4 Feature Parameters
- 955 38 WeConnect
- 957 38.1 Installing WeConnect via the Web
- 959 38.2 Installing WeConnect via the CLI
- 961 38.3 Troubleshooting
- 965 V Serial Port Management and Applications
- 966 39 Serial Port Management
- 967 39.1 Overview of Serial Port Management
- 970 39.2 Managing serial ports via the web interface
- 973 39.3 Managing serial ports via the CLI interface
- 979 40 Serial Over IP
- 979 40.1 Overview of Serial Over IP
- 991 40.2 Managing Serial Over IP via the web interface
- 998 40.3 Managing Serial Over IP via the CLI interface
- 1014 41 Modbus Gateway
- 1016 41.1 Managing Modbus Gateway via the web interface
- 1020 41.2 Managing Modbus Gateway via the CLI interface
- 1029 42 MicroLok II Gateway
- 1029 42.1 Overview of MicroLok Gateway Properties and Management Features
- 1034 42.2 Managing MicroLok Gateway via the web interface
- 1038 42.3 Managing MicroLok Gateway via the CLI interface
- 1045 VI Train Specific Protocols
- 1046 43 TTDP
- 1046 43.1 Overview of TTDP Management Features
- 1065 43.2 Managing TTDP settings via the CLI
- 1072 VII Appendixes
- 1073 Acronyms and abbreviations
- 1076 References
- 1081 Index