Black Box KV1416A-R2 Placing ServSwitch CX with IP behind a router or firewall, Port settings

Page 41

Placing ServSwitch CX with IP behind a router or firewall

A possible point of contention between the ServSwitch CX with IP and a firewall can occasionally arise over the use of IP ports. Every port through the firewall represents a potential point of attack from outside and so it is advisable to minimise the number of open ports. The ServSwitch CX with IP usually uses two separate port numbers, however, these are easily changeable and can even be combined into a single port.

IMPORTANT: The correct configuration of routers and firewalls requires advanced networking skills and intimate knowledge of the particular network. Black Box cannot provide specific advice on how to configure your network devices and strongly recommend that such tasks are carried out by a qualified professional.

Port settings

As standard, the ServSwitch CX with IP uses two ports to support its two types of viewer:

Port 80 for users making contact with a web browser, and

Port 5900 for those using the VNC viewer.

When these port numbers are used, VNC viewers and web browsers will locate the ServSwitch CX with IP correctly using only its network address. The firewall/ router must be informed to transfer any traffic requesting these port numbers through to the ServSwitch CX with IP.

When a web server is also on the local network

If you need to change the VNC port number

If you change the VNC port to anything other than 5900, then each VNC viewer user will need to specify the port address as well as the IP address. For instance, if you set the VNC port to ‘11590’ and the IP address is ‘192.168.47.10’ then VNC viewer users will need to enter:

192.168.47.10::11590

(Note the double colons that separate the IP address and port number).

The firewall/router would also need to be informed to transfer all traffic to the new port number through to the ServSwitch CX with IP.

Addressing

When the ServSwitch CX with IP is situated within the local network, you will need to give it an appropriate local IP address, IP network mask and default gateway. This is achieved most easily using the DHCP server option which will apply these details automatically. If a DHCP server is not available on the network, then these details need to be applied manually in accordance with the network administrator.

The firewall/router must then be informed to route incoming requests to port 5900 or port 80 (if available) through to the local address being used by the ServSwitch CX with IP.

®

  

Port 80 is the standard port used by web (HTTP) servers. If the ServSwitch CX with IP is situated within a local network that also includes a web server or any other device serving port 80 then, if you want to use the web browser interface from outside the local network environment, the HTTP port number of the ServSwitch CX with IP may need to be changed.

When you change the HTTP port to anything other than 80, then each remote browser user will need to specify the port address as well as the IP address. For instance, if you set the HTTP port to ‘8000’ and the IP address is ‘192.168.47.10’ then browser users will need to enter:

http://192.168.47.10:8000

(Note the single colon that separates the IP address and the port number).

The firewall/router would also need to be informed to transfer all traffic to the new port number through to the ServSwitch CX with IP.

ServSwitch CX with IP has a local address and net mask, i.e.

IP address: 192.168.0.3

Net mask: 255.255.255.0

CAM

Remote user with VNC viewer accesses IP address: 129.7.1.10

Internet and automatically uses port

5900.

Firewall/router address: 129.7.1.10

The firewall routes the request from the VNC viewer on port 5900 through to the ServSwitch CX with IP at local address 192.168.0.3

 



40

Page 40 Page 42
Image 41
Page 40 Page 42
Contents ServSwitch CX Contents Further information Index Introduction Front panel buttons ServSwitch CX features front and rearWhat’s in the box What you may additionally need ServSwitch CX ServSwitch CX with IPConnections MountingRack brackets Connections To connect the local user port Local userTo connect a remote user Remote user via CX Remote extenderCable lengths for remote user locations To connect the Global user IP network port Global user IP network portTo connect a server system Server system via SAMTo connect a modem or Isdn adapter Modem/ISDN portTo connect the power supply Power in connectionTo connect and address the switch boxes Power control portSee also Cascading multiple unitsHow cascade connections operate 43 41 Addressing servers in a cascadeNumbering diagram Connecting ServSwitch CX units in cascadeTips for successful cascading To connect units in cascadeTo test a specific link Using cascaded serversTesting specific links to cascaded servers Multiple video head connections Slave ServSwitch CXOverall initial configuration To access the configuration menu local and remote users Configuration menusTo access the configuration menu global users HotkeysConfiguration menus layout General security and configuration stepsTo enable general security To set an Admin passwordAccess to all servers Press Access to no servers Press Admin userRegistering users edit user list To create/edit user accountsTo create/edit server entries Tips when creating/editing server entriesRegistering servers edit computer list Video compensation See Remote user skew adjustment for detailsVertical edges of images Server video compensationTo apply server video compensation To display a suitable high contrast image Remote user video compensationTo apply remote user video compensation If the image controls cannot provide a crisp imageTo use skew adjustment Remote user skew adjustmentUsing the supplied skew pattern Creating a skew test patternNum Lock for Red, Caps Lock for Green Autoscanning To select an autoscan modeTo select an autoscan period To define an autoscan listPreparations for configuration save/load Saving and restoring configuration settingsTo reset ServSwitch CX models What to do if the Admin password has been forgottenTo reset the ServSwitch CX with IP models Configuration screensTo restore mouse operation when hot plugging Which restore setting do I use?Hot plugging and mouse restoration Recognising an IntelliMouse-style mouseTo configure IP-specific settings Initial IP configurationTo use the initial IP-configuration sequence User Accounts IP configuration by global userTo configure IP details from a global user location Viewer encryption settings Encryption settingsServSwitch CX with IP encryption settings Positioning ServSwitch CX with IP in the network Networking issuesAddressing Placing ServSwitch CX with IP behind a router or firewallPort settings DNS addressing To discover a DHCP-allocated IP addressBy configuration page via viewer Placing ServSwitch CX with IP alongside the firewallEnsuring sufficient security PortsPower control sequences Power switching configurationTo configure the power sequences for each host server To control two or more ports simultaneouslyKvmadmin command ip address parameters Kvmadmin utilityKvmadmin -getconfig kvm1.cfg Kvmadmin -setusers users.csvUpgrading ServSwitch CX models and SAMs Performing upgradesItems required to use the upgrade utility To use the KVM Firmware Uploader utilitySelect the upgrade file to be used Select the items to be upgradedWhere Vxxx is the upgrade file version number Commence the upgradePerform upgrade button Upgrading ServSwitch CX with IP modelsTo upgrade ServSwitch CX with IP models ServSwitch CX with IP models ServSwitch CX modelsComputer button and numeric indicator User button and numeric indicatorTo gain access as a local or remote user Local and remote user accessTo select a server using the front panel controls Selecting a serverKeep Pressed down until all other Numbers have been entered To select a server using hotkeysStandard hotkeys To select a server using mouse buttons Advanced method To select a server using the on-screen menuTo select a server using mouse buttons Confirmation box Logging in and outSelecting cascaded servers To use the Routing status feature To change banner colours or disable the bannerReminder banner Routing statusUser preferences and functions Power switching via configuration menuTo switch a server on or off Global user access To download the VNC viewer Global user access via VNC viewerTo access via the VNC viewer To access via your web browser Global user access via web browserMenu bar Using the viewer windowWhen using the viewer window To select a host ConfigureMouse pointers Power switching via viewer Access mode shared/privateAuto calibrate Re-synchronise mouseControls Single Mouse ModeMouse Control Resync MouseWhen entering codes KVM switch menuVideo Settings Keyboard Control InfoIncreased by 50% when a slow link is detected Using automatic configurationsSetting the Threshold manually Host system informationIf you need to enter a port number Access via dial up modem or Isdn linkTo initiate a dial up link To enter a port number in a Web browserSupported web browsers Viewer encryption settingsWindows LinuxWhen logging on using VNC viewer, I cannot enter a username TroubleshootingGetting assistance Techhelp@blackbox.co.ukConfigure IP port Appendix 1 Configuration menusTo access the configuration menus Functions OSD Colour User PreferencesReminder Banner Reminder ColourAutoscan Mode Mouse SwitchingGlobal Preferences Screen SaverOSD Dwell Time User TimeoutRS232 Mouse Type Mouse TypeKeypads Controls Setup OptionsLanguage Exclusive UseAutomatic Logout DDC Options Advanced OptionsUnit Configuration Configure IP portNetwork Configuration Reset Configuration Modem ConfigurationTo clear IP access control Clearing IP access controlWhat is IP access control? To access the remote configuration pages Appendix 2 Configuration pages via viewerUser accounts Admin Password Unit configurationHardware Version Firmware VersionAdvanced unit configuration Time & date configuration IP Access Control Network configurationMAC address IP Network MaskTo define a new IP access control entry Setting IP access controlTo reorder access control entries To edit/remove access control entriesModem port Serial port configurationPower control port Erase Host Configuration Host configurationAdd entry for unrecognised host To create a new host entryExamples Port/host addressing using Port DirectPort Direct To copy and paste the log Logging and statusSyslog Server IP Address For further details To get hereColour/Encoding Appendix 3 VNC viewer connection optionsAuto select Preferred encodingDisable all inputs view-only mode Enable all inputsInputs CustomiseMisc ScalingDefaults Save Defaults ReloadIdentities Load / SaveAppendix 4 VNC viewer window options Security Appendix 5 Browser viewer optionsEncoding and colour level IP addresses Appendix 6 Addresses, masks and portsNet masks Want to know more?Net masks the binary explanation 154Single locations Calculating the mask for IP access controlAll locations Address rangesPorts Security issues with portsRS232 serial flash upgrade cable Appendix 7 Cable and connector specificationsPower switch to power switch daisy chain cable Multi-head synchronisation cable Creating macro sequences Appendix 8 Hotkey sequence codesPermissible key presses Appendix 9 Supported video modes General Public License Linux Safety informationEnd user licence agreement European EMC directive 89/336/EEC Radio Frequency EnergyFCC Compliance Statement United States Canadian Department of Communications RFI statementCertification notice for equipment used in Canada FCC requirements for telephone-line equipmentInstrucciones de seguridad Normas Oficiales Mexicanas NOM electrical safety statement109 Index 111 112 Country Web Site/Email Phone Fax BlackBox subsidiary contact details
Top Page Image Contents