Handle a lot of REDs + Split Tunneling

hi all,

today I received 2 RED-devices.
first one is up and running, really fine [:)]

I would like to know how I can handle a lot of RED-devices later...
Do I have to create a remote network for every single device??? does it have to be a separate network by force?
Nicest way would be bridging it to the local network of the ASG. is that possible?

second thing: Split tunneling.
I would like to route only the traffic for my internal ASG LAN through the RED-tunnel. Is that possible? The clients should surf through their internet-router. SSL-Client can do that!
I saw an other thread regarding this but I dont understand how to do it exactly.

thanks
Markus

Parents

0 tom_01 over 15 years ago


127.0.0.1 OBJS itfhw red_server > REF_hPQYrmwmgU[reds1 (Durlach),itfhw,red_server]
Logged into object 'REF_hPQYrmwmgU'. Use 'w' to write eventual changes.
{
          'split_networks' => [],
          'tunnel_id' => 1,
          'failover_direct' => 0,
          'manual_address' => '0.0.0.0',
          'unlock_code' => '2821985d',
          'manual_netmask' => 24,
          'hardware' => 'reds1',
          'red_id' => 'A3000000C11B78E',
          'mac' => '0c:71:40:e3:1b:21',
          'remote_cert' => 'REF_tRLUDpBUsf',
          'manual_dns' => '0.0.0.0',
          'hub_hostname' => 'thekla.eurescom.eu',
          'name' => 'reds1 (Durlach)',
          'description' => 'Remote Ethernet Server Device',
          'comment' => '',
          'manual_defgw' => '0.0.0.0',
          'type' => 'red',
          'uplink_mode' => 'dhcp',
          'route_mode' => 'default'
        }

Set route_mode to "split" and add REFs for networks that should go over the tunnel to "split_networks".

Example:


127.0.0.1 OBJS itfhw red_server [REF_hPQYrmwmgU] > split_networks=['REF_DefaultInternalNetwork']
{
          'split_networks' => [
                                'REF_DefaultInternalNetwork'
                              ],
          'tunnel_id' => 1,
          'failover_direct' => 0,
          'manual_address' => '0.0.0.0',
          'unlock_code' => '2821985d',
          'manual_netmask' => 24,
          'hardware' => 'reds1',
          'red_id' => 'A3000000C11B78E',
          'mac' => '0c:71:40:e3:1b:21',
          'remote_cert' => 'REF_tRLUDpBUsf',
          'manual_dns' => '0.0.0.0',
          'hub_hostname' => 'thekla.eurescom.eu',
          'name' => 'reds1 (Durlach)',
          'description' => 'Remote Ethernet Server Device',
          'comment' => '',
          'manual_defgw' => '0.0.0.0',
          'type' => 'red',
          'uplink_mode' => 'dhcp',
          'route_mode' => 'default'
        }

127.0.0.1 OBJS itfhw red_server [REF_hPQYrmwmgU] > route_mode=split
{
          'split_networks' => [
                                'REF_DefaultInternalNetwork'
                              ],
          'tunnel_id' => 1,
          'failover_direct' => 0,
          'manual_address' => '0.0.0.0',
          'unlock_code' => '2821985d',
          'manual_netmask' => 24,
          'hardware' => 'reds1',
          'red_id' => 'A3000000C11B78E',
          'mac' => '0c:71:40:e3:1b:21',
          'remote_cert' => 'REF_tRLUDpBUsf',
          'manual_dns' => '0.0.0.0',
          'hub_hostname' => 'thekla.eurescom.eu',
          'name' => 'reds1 (Durlach)',
          'description' => 'Remote Ethernet Server Device',
          'comment' => '',
          'manual_defgw' => '0.0.0.0',
          'type' => 'red',
          'uplink_mode' => 'dhcp',
          'route_mode' => 'split'
        }

Don't forget to save the object with "w".

0 mwoodley over 15 years ago in reply to tom_01

We are keen to get Split Tunnelling working, I have seen the code in this thread. Where do we go after logging in via the shell to enter this code?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 mwoodley over 15 years ago in reply to tom_01

We are keen to get Split Tunnelling working, I have seen the code in this thread. Where do we go after logging in via the shell to enter this code?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 quasar3c279 over 15 years ago in reply to mwoodley

Hi,

just enter "cc" on the commandline. After that you can enter the commands above!

Regards, Mario
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 mwoodley over 15 years ago in reply to quasar3c279

Thanks for the help, I have made the changes now!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 mwoodley over 15 years ago in reply to mwoodley

Having made the changes the split tunnel does not seam to work. In the example shown should the 'REF_DefaultInternalNetwork' be replaced with the display name given to the internal network defined on the ASG??
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 quasar3c279 over 15 years ago in reply to mwoodley

Can you give use the object output from the commanline?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 mwoodley over 15 years ago in reply to quasar3c279

'split_networks' => [
                                'REF_AegisLAN'
                              ],
          'tunnel_id' => 1,
          'failover_direct' => 0,
          'manual_address' => '0.0.0.0',
          'unlock_code' => '6c8d1291',
          'manual_netmask' => 24,
          'hardware' => 'reds1',
          'red_id' => 'A300000A0BABB08',
          'mac' => 'ac:59:ee:09:1a:c0',
          'remote_cert' => 'REF_uQMkpRPXzl',
          'manual_dns' => '0.0.0.0',
          'hub_hostname' => 'mail.aegis-group.co.uk',
          'name' => 'reds1 (RED01)',
          'description' => 'Remote Ethernet Server Device',
          'comment' => '',
          'manual_defgw' => '0.0.0.0',
          'type' => 'red',
          'uplink_mode' => 'dhcp',
          'route_mode' => 'split'
        }
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 mwoodley over 15 years ago in reply to mwoodley

Output is as previous post.
Regards,
M
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 quasar3c279 over 15 years ago in reply to mwoodley

Have you tried to resolv REF_AegisLAN via Webadmin (Support->Advanced->Resolv REF_)?

You should try it with the REF_DefaultInternalNetwork Object, try to resolve it via Webadmin. I don't know how to get the REF_ID from an object, i think Tom or someone else may help with this! But I'm sure you can't just append the DiplayName to the REF_, the REF_ID is an internal unique representation for the object.

Hope this helps a bit...
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 mwoodley over 15 years ago in reply to quasar3c279

Thanks, that all makes sense, does anyone know how to obtain the REF_ID for an object?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 quasar3c279 over 15 years ago in reply to mwoodley
Ok, I have digged a bit! [;)]

Go to the CLI:

cc
127.0.0.1 MAIN > OBJS
127.0.0.1 OBJS > network
127.0.0.1 OBJS network > network
127.0.0.1 OBJS network network > "Hit twice"

You'll see a list with your Network Objects, were you can choose the corresponding REF_ID!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel