Lindy CPU IP Access Switch Plus manual Networking issues, Positioning CPU IP in the network

Page 18

Networking issues

Thanks to its robust security the CPU IP offers you great flexibility in how it integrates into an existing network structure. The CPU IP is designed to reside either on an internal network, behind a firewall/router or alternatively with its own direct Internet connection.

Positioning CPU IP in the network

Every network setup is different and great care needs to be taken when introducing a powerful device such as the CPU IP into an existing configuration. A common cause of potential problems can be in clashes with firewall configurations. For this reason the CPU IP is designed to be intelligent, flexible and secure. With the minimum of effort the CPU IP can reside either behind the firewall or alongside with its own separate Internet connection.

Internet

Internet

Firewall/ router

Firewall/ router

Placing CPU IP behind a router or firewall

A possible point of contention between the CPU IP and a firewall can occasionally arise over the use of IP ports. Every port through the firewall represents a potential point of attack from outside and so it is advisable to minimise the number of open ports. The CPU IP usually uses two separate port numbers, however, these are easily changeable and can even be combined into a single port.

IMPORTANT: The correct configuration of routers and firewalls requires advanced networking skills and intimate knowledge of the particular network. LINDY cannot provide specific advice on how to configure your network devices and strongly recommend that such tasks are carried out by a qualified professional.

Port settings

As standard, the CPU IP uses two ports to support its two types of viewer:

Port 80 for users making contact with a web browser, and

Port 5900 for those using the VNC viewer.

When these port numbers are used, VNC viewers and web browsers will locate the CPU IP correctly using only its network address. The firewall/router must be informed to transfer traffic, requesting these port numbers, through to the CPU IP.

When a web server is also on the local network

Port 80 is the standard port used by web (HTTP) servers. If the CPU IP is situated within a local network that also includes a web server or any other device serving port 80 then, if you want to use the web browser interface from outside the local network environment, the HTTP port number of the CPU IP must be changed.

  

IP

Access Switch Plus

LOC REM VNC 100 LNK PWR

KVM link to host system

IP

Access Switch Plus

LOC REM VNC 100 LNK PWR

 

Local

 

 

KVM link to

 

network

 

 

 

 

 

host system

Local

connection

 

 

 

 

 

 

 

 

 

network

 

 

 

 

connection

 

 

 

 

 

 

 

 

 

When you change the HTTP port to anything other than 80, then each remote browser user will need to specify the port address as well as the IP address. For instance, if you set the HTTP port to ‘8000’ and the IP address is ‘192.168.47.10’ then browser users will need to enter:

http://192.168.47.10:8000

(Note the single colon that separates the IP address and the port number).

The firewall/router would also need to be informed to transfer all traffic to the new port number through to the CPU IP.

If you need to change the VNC port number

 

CPU IP situated behind

CPU IP situated alongside

the firewall

the firewall

IMPORTANT: When the CPU IP is accessible from the public Internet or dial up connection, you must ensure that sufficient security measures are employed.

If you change the VNC port to anything other than 5900, then each VNC viewer user will need to specify the port address as well as the IP address. For instance, if you set the VNC port to ‘11590’ and the IP address is ‘192.168.47.10’ then VNC viewer users will need to enter:

192.168.47.10::11590

(Note the double colons that separate the IP address and port number).

The firewall/router would also need to be informed to transfer all traffic to the new port number through to the CPU IP.



17

Image 18
Contents CPU IP Access Switch Plus Contents Index Modem/ISDN port Four simultaneous remote usersLocal user IP network/InternetCPU IP Access Switch Plus features front and rear What’s in the box What you may additionally need CD-ROMDouble unit rack brackets MountingSingle unit rack brackets  Host computer or KVM switch ConnectionsTo connect a local keyboard, video monitor and mouse Local keyboard, video monitor and mouseIP network port To connect the IP network portModem/ISDN port Power supply connectionTo connect the power supply To connect a modem or Isdn portPower control port To connect and address the switch boxesPart 1 Local configuration Initial configurationPart 1 Local configuration Part 2 Remote configurationTime and Date To perform the initial local configurationAdmin password EncryptionViewer encryption settings Encryption settingsCPU IP encryption settings EncryptionHot plugging and mouse restoration Which restore setting do I use?To restore mouse operation when hot plugging Recognising an IntelliMouse-style mouseCPU IP does not display the configuration sequence Resetting the configurationCPU IP asks for an unknown admin password To invoke a configuration reset by main menuPart 2 Remote configuration To perform the remote configurationPositioning CPU IP in the network Networking issuesPort settings Placing CPU IP behind a router or firewallDNS addressing AddressingTo discover a DHCP-allocated IP address Firewall/router addressPlacing CPU IP alongside the firewall Ensuring sufficient securityPorts To configure the power sequences for each host computer Power switching configurationPower control sequences Power OffPerforming a flash upgrade Important Wait until the upgrade is completeTo make a local connection Connecting to the CPU IPLocal connection To view the local control menuRemote connections To avoid the ‘hall of mirrors’ effectRemote connection by VNC viewer To connect using the VNC viewerTo connect using your Web browser Remote connection by Web browserUsing the viewer window When using the viewer windowMenu bar Host selection ConfigureMouse pointers To select a hostAuto calibrate Access mode shared/privatePower control Re-synchronise mouseControls Contrast Setting the Threshold manuallyPhase  Connecting via dial up modem or Isdn link Downloading VNC viewer from the CPU IPIf you need to enter a port number Windows Viewer encryption settingsSupported web browsers LinuxTroubleshooting Getting assistanceAppendix 1 Local configuration menus To access the local configuration menusUnit configuration Network configuration Modem configuration Reset configuration To reset the CPU IP configurationClear IP access control What is IP access control?To clear IP access control Auto select Appendix 2 VNC viewer connection optionsColour/Encoding Preferred encodingInputs MiscSave as defaults DefaultsReload defaults Save configuration file asAppendix 3 VNC viewer window options Appendix 4 Browser viewer options Encoding and colour levelSecurity Appendix 5 Remote configuration menus To access the remote configuration menusMain configuration menu Logged on users User accounts Firmware Version Screensaver timeoutHardware Version Host Keyboard LayoutProtocol timeout Advanced unit configurationIdle timeout Force VNC protocolIP access control IP network maskIP gateway To reorder access control entries Setting IP access controlTo define a new IP access control entry To edit/remove access control entriesSerial port configuration Power control portModem port Host configuration To create a new host entryOccurred Click to clear All log entries Refresh Logging and statusTo copy and paste the log ListAppendix 6 Addresses, masks and ports IP addressesNet masks Binary equivalent Net masks the binary explanationInside a bit-wise and function Binary octet afterAll locations Calculating the mask for IP access controlSingle locations Address rangesSecurity issues with ports Ports4pin RJ10 Appendix 7 Cable and connector specifications6pin mini-DIN 9pin D-type FemaleAppendix 8 Hotkey sequence codes Safety information Other products in the CPU Switch rangeWarranty Safety considerations when using power switches with CPU IPRadio Frequency Energy European EMC directive 89/336/EECFCC Compliance Statement United States USA Germany France ItaliaIndex 