Cloud Connector/en: Unterschied zwischen den Versionen

Aus TERRA CLOUD WIKI
← Zum vorherigen Versionsunterschied
Die Seite wurde neu angelegt: „= Commissioning =“
Keine Bearbeitungszusammenfassung
 
(14 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
<languages/>
<span id="Konfiguration_anfordern"></span>
= Request configuration =
You have the option of ordering the Cloud Connector for different connection types:
* Inline configuration
:* In this variant, the cloud connector is installed in the network as a normal device with a network card (LAN2).
:* In the Cloud Center, please select the following connection type:<br>
:: '''Additional device'''
* Gateway configuration
:* In this variant, the Cloud Connector acts as the primary router. Two network cards are used, one is connected to the Internet, the other to your internal network.
:* In the Cloud Center you have the following options, depending on your requirements:<br>
:: '''Primary Router - DHCP'''
:: '''Primary Router - VDSL'''
:: '''Primary Router - ADSL (PPPOE)'''
:: '''Primary router - static IP -'''
<span id="Nachträgliche_Konfigurationsanpassung"></span>
== Subsequent configuration adjustment ==
In certain situations it may be necessary for us to recreate or adjust your Cloud Connector's configuration file.
In this case, your support colleagues will refer you to the [https://downloads.terracloud.de/files/Formulare%20&%20Zertifikate/terra%20CLOUD_CC%20Konfig%20%C3%84nderungsformular.pdf terra CLOUD_CC Konfig change form].
This must be filled out by you and sent to us at [mailto:support@terracloud.de support@terracloud.de].
<br>
*Please enter your data in the first part of the PDF.
<br>
[[File:CC-Konfig-Reseller-DE.PNG|Reseller-Info]]
<br>
*In the next part, the data of the end customer who will use the Cloud Connector is required.
<br>
[[File:CC-Konfig-Endkunde-DE.PNG|End Customer Information]]
<br>
*You will then be provided with information about the license you have booked for your Cloud Connector.
<br>
[[File:CC-Konfig-Lizenzierung-DE.PNG|License information]]
<br>
*The next part is about the network connection LAN1 and the connection type you want for your Cloud Connector.
:The first field is about the connection type '''Additional device'''. Accordingly, the first network port is not required and you will only be asked for the gateway address of your network.
<br>
[[File:CC-Konfig-Inline-DE.PNG|Inline Gateway information]]
<br>
:The next part is about the ''Gateway'' connection type. Accordingly, the exact connection type must be selected for the first network card.
<br>
[[File:CC-Konfig-Gateway-DE.PNG|Gateway-Info]]
<br>
*Finally, an IP address for your internal network is required for the LAN2 network card.
<br>
[[File:CC-Konfig-LAN2-DE.PNG|LAN2-Info]]
<br>
*Please enter your name and current date at the bottom.
<br>
[[File:CC-Konfig-Unterschrift-DE.PNG|Signature Info]]
<br>
<span id="Inbetriebnahme"></span>
<span id="Inbetriebnahme"></span>
= Commissioning =
= Commissioning =


Securepoint webinar on setting up the Cloud Connector <br>
<br>
https://www.youtube.com/watch?v=aDAc4WV4MtM <br>
'''Note:'''<br>
# Connect your computer via Ethernet to the LAN 2 interface of the supplied UTM firewall <br>
To activate the satellite for the first time and subsequently configure it, it must be connected to an unrestricted internet connection.<br>
# Give your computer the IP address 192.168.175.100 <br>
Furthermore, the satellite software does not support proxy servers.<br>
# Go to the URL https://192.168.175.1:11115 in the browser <br>
<!--<br>
# Log in with user 'admin' and password 'insecure' <br>
Securepoint Webinar on Setting Up the Cloud Connector <br>
# Accept the license agreements and then cancel the configuration wizard. <br>
https://www.youtube.com/watch?v=aDAc4WV4MtM <br>-->
# First, import the license (.crt file) under the menu item Extras -> Register <br>
# Connect your computer via Ethernet to interface A1 (formerly called LAN2) of the supplied UTM firewall <br>
# Assign your computer the IP address 192.168.175.100 <br>
# Open the URL https://192.168.175.1:11115 in your browser <br>
# Log in with the username 'admin' and the password 'insecure' <br>
# Accept the license agreements and Then cancel the configuration wizard. <br>
# First, import the license (.crt file) under the menu item Extras -> Register. <br>
# Under Configuration -> Configuration Management -> Import Configuration, select the .utm file and import it. <br>
# Under Configuration -> Configuration Management -> Import Configuration, select the .utm file and import it. <br>
# Use the “heart” symbol to load the configuration and use the “star” symbol to set it as the start configuration <br>
# Load the configuration using the "heart" icon and set it as the default configuration using the "star" icon. <br>
# You can then reboot the firewall under Configuration -> Restart. <br>
# You can then restart the firewall. The button for this is located at the very bottom of the menu bar. <br>
# Now give your computer an IP from your desired internal network and connect your browser to the IP address of the firewall that you specified in the form. <br>
# Now assign your computer an IP address from your desired internal network and connect to the firewall's IP address, which you specified in the form, using your browser. <br>
# Under Authentication -> Users you can change the admin password. <br>
# Under Authentication -> Users, you can change the administrator password. <br>
::As soon as the configuration has been imported, the administrator password is: Terra001 <br>
::Once the configuration has been imported, the administrator password is: Terra001 <br>
::Please note that a corresponding route to the data center is stored in the location's central gateway if you use the Cloud Connector as an additional device. <br>
::Please note that a corresponding route to the data center must be configured in the site's central gateway if you are using the Cloud Connector as an additional device. <br>
<br />
<br />
<div lang="de" dir="ltr" class="mw-content-ltr">
= Troubleshooting =
= Troubleshooting =
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
<span id="Keine_Verbindung_zum_CC"></span>
== Keine Verbindung zum CC ==
== No connection to CC ==
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
* You cannot connect to the CloudConnector after importing the configuration: <br>
* Sie können sich nach dem Importieren der Konfig nicht mit dem CloudConnector verbinden: <br>
:* '''Cause:'''<br>
:* '''Ursache:''' <br>
::You have not changed your local IP address from 192.168.175.XX to an IP address within the new internal network. <br>
::Sie haben Ihre lokale IP von einer 192.168.175.XX nicht auf eine IP der neuen internen Netze abgeändert <br>
:* '''Solution:''' <br>
:* '''Lösung:''' <br>
::Manually adjust the IP address in Windows. <br>
::IP im Windows manuell anpassen <br>
:* '''Cause:''' <br>
<br>
::The new internal network is not registered as an admin network in the CloudConnector. <br>
:* '''Ursache:''' <br>
:* '''Solution:''' <br>
::Das neue interne Netz ist nicht als Admin-Netz im CC eingetragen <br>
::Connect a keyboard and monitor directly to the CloudConnector and register the network as an admin via the console. <br>
:* '''Lösung:''' <br>
::* Login: admin and Terra001 (or insecure, but then the configuration file appears not to have been imported correctly). <br>
::Tastatur und Bildschirm direkt an den CC anschließen und per Konsole das Netz als Admin eintragen <br>
::*''Run "interface address get" to determine which network is on A1 (formerly called eth1). (Example: IP=192.168.144.1/24 ==> Network=192.168.144.0/24)
::*Login: admin und Terra001 (oder insecure, dann scheint die Config-Datei aber nicht richtig importiert worden zu sein) <br>
::*''Run "manager get" and check if the A1 network (formerly called eth1) is listed there.
::*"interface address get" ausführen ==> welches Netz liegt auf eth1??? (Bsp. IP=192.168.144.1/24 ==> Netz=192.168.144.0/24) <br>
::*''If not, add the network using "manager new NETZ".
::*"manager get" ausführen und prüfen ob das Netz von eth1 dort eingetragen ist <br>
::*''Run "system update rule" and "system config save".
::*wenn nicht mit "manager new NETZ" das Netz eintragen <br>
::*"system update rule" und "system config save" ausführen <br>
<br />
<br />
</div>
<span id="Site2Site_Verbindung_wird_nicht_aufgebaut"></span>
<div lang="de" dir="ltr" class="mw-content-ltr">
== Site2Site connection is not established ==
== Site2Site Verbindung wird nicht aufgebaut ==
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
* The CC does not establish a connection <br>
* Der CC baut keine Verbindung auf <br>
:* '''Cause:''' <br>
:* '''Ursache:''' <br>
::The CC has no internet connection <br>
::Der CC hat keine Internetverbindung <br>
:* '''Solution:''' <br>
:* '''Lösung:''' <br>
::Under "Network ==> Network Tool" ping 8.8.8.8 ==> if this fails, the CC seems to have no internet connection <br>
::Unter "Netzwerk ==> Netzwerk Tool" mittel Ping die 8.8.8.8 anpingen ==> schlägt dies fehl scheint der CC keine Internetverbindung zu haben <br>
<br>
<br>
:* '''Ursache:'''
:* '''Cause:'''
::Der Dienst SSL-VPN ist nicht gestartet <br>
::The SSL-VPN service is not started <br>
:* '''Lösung:'''
:* '''Solution:'''
::Unter "Applications ==> Application Status" den Dienst SSL-VPN neustarten bzw. starten <br>
::Restart or start the SSL-VPN service under "Applications ==> Application Status" <br>
<br />
<br />
</div>
<span id="Keine_Kommunikation_durch_den_Tunnel"></span>
<div lang="de" dir="ltr" class="mw-content-ltr">
== No communication through the tunnel ==
== Keine Kommunikation durch den Tunnel ==
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
* VPN is set up but the clients cannot communicate through the tunnel <br>
* VPN ist aufgebaut aber die Clients können nicht durch den Tunnel kommunizieren <br>
:* '''Cause:''' <br>
:* '''Ursache:''' <br>
::If the CC is the primary device in the network, everything should be fine as far as the clients can ping the CC. <br>
::Wenn der CC als primäres Gerät im Netz steht, sollte alles passen insofern die Clients den CC anpingen können. <br>
::If the CC is in the network as a secondary device, there are two ways to set the routes: <br>
::Steht der CC als sekundäres Gerät im Netz gibt es zwei Arten die Routen zu setzen: <br>
:* '''Solution:''' <br>
:* '''Lösung:''' <br>
::1. The local route gets a central route that routes the internal network of the cloud FW towards the CC <br>
::1. Die lokale Route bekommt eine zentrale Route die das interne Netz der Cloud-FW in Richtung des CC routet <br>
::2. Each client receives a local route for the Internet network of the cloud FW in the direction of the CC <br>
::2. Jeder Client bekommt eine lokale Route für das Internet Netz der Cloud-FW in Richtung des CC <br>
<br>
<br>
:* '''Ursache:''' <br>
:* '''Cause:''' <br>
::Sie haben bei der Buchung kein oder ein falsches Netz angegeben <br>
::You did not specify a network or an incorrect network when booking <br>
:* '''Lösung:''' <br>
:* '''Solution:''' <br>
::An das Support-Team weitergeben [mailto:support@terracloud.de support@terracloud.de] oder (-Sofern Sie mehrere Cloud Connectoren zu einem Paket gebucht haben, kann es sein das nicht alle Client-Profils zu dem Server-Profile zugeordnet wurden. <br>
::Pass on to the support team [mailto:support@terracloud.de support@terracloud.de] or (-If you have booked several Cloud Connectors in one package, it may be that not all client profiles match the server profile were assigned. <br>
::*alle Profile die unter "openvpn remote get" zusehen sind sollten auch in der Spalte "remote" beim Aufruf von "openvpn get" in der Zeile des Servers mit dem Namen "ssl-s2s" zu sehen sein. <br>
::*all profiles that can be seen under "openvpn remote get" should also be visible in the "remote" column when calling "openvpn get" in the line of the server with the name "ssl-s2s". <br>
</div>

Aktuelle Version vom 12. Februar 2026, 10:33 Uhr

Sprachen:

Request configuration

You have the option of ordering the Cloud Connector for different connection types:

  • Inline configuration
  • In this variant, the cloud connector is installed in the network as a normal device with a network card (LAN2).
  • In the Cloud Center, please select the following connection type:
Additional device
  • Gateway configuration
  • In this variant, the Cloud Connector acts as the primary router. Two network cards are used, one is connected to the Internet, the other to your internal network.
  • In the Cloud Center you have the following options, depending on your requirements:
Primary Router - DHCP
Primary Router - VDSL
Primary Router - ADSL (PPPOE)
Primary router - static IP -

Subsequent configuration adjustment

In certain situations it may be necessary for us to recreate or adjust your Cloud Connector's configuration file. In this case, your support colleagues will refer you to the terra CLOUD_CC Konfig change form. This must be filled out by you and sent to us at support@terracloud.de.

  • Please enter your data in the first part of the PDF.


Reseller-Info

  • In the next part, the data of the end customer who will use the Cloud Connector is required.


End Customer Information

  • You will then be provided with information about the license you have booked for your Cloud Connector.


License information

  • The next part is about the network connection LAN1 and the connection type you want for your Cloud Connector.
The first field is about the connection type Additional device. Accordingly, the first network port is not required and you will only be asked for the gateway address of your network.


Inline Gateway information

The next part is about the Gateway connection type. Accordingly, the exact connection type must be selected for the first network card.


Gateway-Info

  • Finally, an IP address for your internal network is required for the LAN2 network card.


LAN2-Info

  • Please enter your name and current date at the bottom.


Signature Info

Commissioning


Note:
To activate the satellite for the first time and subsequently configure it, it must be connected to an unrestricted internet connection.
Furthermore, the satellite software does not support proxy servers.

  1. Connect your computer via Ethernet to interface A1 (formerly called LAN2) of the supplied UTM firewall
  2. Assign your computer the IP address 192.168.175.100
  3. Open the URL https://192.168.175.1:11115 in your browser
  4. Log in with the username 'admin' and the password 'insecure'
  5. Accept the license agreements and Then cancel the configuration wizard.
  6. First, import the license (.crt file) under the menu item Extras -> Register.
  7. Under Configuration -> Configuration Management -> Import Configuration, select the .utm file and import it.
  8. Load the configuration using the "heart" icon and set it as the default configuration using the "star" icon.
  9. You can then restart the firewall. The button for this is located at the very bottom of the menu bar.
  10. Now assign your computer an IP address from your desired internal network and connect to the firewall's IP address, which you specified in the form, using your browser.
  11. Under Authentication -> Users, you can change the administrator password.
Once the configuration has been imported, the administrator password is: Terra001
Please note that a corresponding route to the data center must be configured in the site's central gateway if you are using the Cloud Connector as an additional device.


Troubleshooting

No connection to CC

  • You cannot connect to the CloudConnector after importing the configuration:
  • Cause:
You have not changed your local IP address from 192.168.175.XX to an IP address within the new internal network.
  • Solution:
Manually adjust the IP address in Windows.
  • Cause:
The new internal network is not registered as an admin network in the CloudConnector.
  • Solution:
Connect a keyboard and monitor directly to the CloudConnector and register the network as an admin via the console.
  • Login: admin and Terra001 (or insecure, but then the configuration file appears not to have been imported correctly).
  • Run "interface address get" to determine which network is on A1 (formerly called eth1). (Example: IP=192.168.144.1/24 ==> Network=192.168.144.0/24)
  • Run "manager get" and check if the A1 network (formerly called eth1) is listed there.
  • If not, add the network using "manager new NETZ".
  • Run "system update rule" and "system config save".


Site2Site connection is not established

  • The CC does not establish a connection
  • Cause:
The CC has no internet connection
  • Solution:
Under "Network ==> Network Tool" ping 8.8.8.8 ==> if this fails, the CC seems to have no internet connection


  • Cause:
The SSL-VPN service is not started
  • Solution:
Restart or start the SSL-VPN service under "Applications ==> Application Status"


No communication through the tunnel

  • VPN is set up but the clients cannot communicate through the tunnel
  • Cause:
If the CC is the primary device in the network, everything should be fine as far as the clients can ping the CC.
If the CC is in the network as a secondary device, there are two ways to set the routes:
  • Solution:
1. The local route gets a central route that routes the internal network of the cloud FW towards the CC
2. Each client receives a local route for the Internet network of the cloud FW in the direction of the CC


  • Cause:
You did not specify a network or an incorrect network when booking
  • Solution:
Pass on to the support team support@terracloud.de or (-If you have booked several Cloud Connectors in one package, it may be that not all client profiles match the server profile were assigned.
  • all profiles that can be seen under "openvpn remote get" should also be visible in the "remote" column when calling "openvpn get" in the line of the server with the name "ssl-s2s".
Abgerufen von „https://wiki.terracloud.de/index.php?title=Cloud_Connector/en&oldid=15682