Cloud Connector/en: Unterschied zwischen den Versionen

Aus TERRA CLOUD WIKI

(Die Seite wurde neu angelegt: „= Commissioning =“)
(Die Seite wurde neu angelegt: „== Site2Site connection is not established ==“)
Zeile 18: Zeile 18:
::Please note that a corresponding route to the data center is stored in the location's central gateway if you use the Cloud Connector as an additional device. <br>
::Please note that a corresponding route to the data center is stored in the location's central gateway if you use the Cloud Connector as an additional device. <br>
<br />
<br />
<div lang="de" dir="ltr" class="mw-content-ltr">
= Troubleshooting =
= Troubleshooting =
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
<span id="Keine_Verbindung_zum_CC"></span>
== Keine Verbindung zum CC ==
== No connection to CC ==
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
* You cannot connect to the CloudConnector after importing the config: <br>
* Sie können sich nach dem Importieren der Konfig nicht mit dem CloudConnector verbinden: <br>
:* '''Cause:''' <br>
:* '''Ursache:''' <br>
::You have not changed your local IP from 192.168.175.XX to an IP of the new internal networks <br>
::Sie haben Ihre lokale IP von einer 192.168.175.XX nicht auf eine IP der neuen internen Netze abgeändert <br>
:* '''Solution:''' <br>
:* '''Lösung:''' <br>
::Adjust IP in Windows manually <br>
::IP im Windows manuell anpassen <br>
<br>
<br>
:* '''Ursache:''' <br>
:* '''Cause:''' <br>
::Das neue interne Netz ist nicht als Admin-Netz im CC eingetragen <br>
::The new internal network is not entered as an admin network in the CC <br>
:* '''Lösung:''' <br>
:* '''Solution:''' <br>
::Tastatur und Bildschirm direkt an den CC anschließen und per Konsole das Netz als Admin eintragen <br>
::Connect the keyboard and screen directly to the CC and enter the network as admin using the console. <br>
::*Login: admin und Terra001 (oder insecure, dann scheint die Config-Datei aber nicht richtig importiert worden zu sein) <br>
::*Login: admin and Terra001 (or insecure, but then the config file doesn't seem to have been imported correctly) <br>
::*"interface address get" ausführen ==> welches Netz liegt auf eth1??? (Bsp. IP=192.168.144.1/24 ==> Netz=192.168.144.0/24) <br>
::* Execute "interface address get" ==> which network is on eth1??? (Ex. IP=192.168.144.1/24 ==> Network=192.168.144.0/24) <br>
::*"manager get" ausführen und prüfen ob das Netz von eth1 dort eingetragen ist <br>
::*Execute "manager get" and check whether eth1's network is entered there <br>
::*wenn nicht mit "manager new NETZ" das Netz eintragen <br>
::*if not enter the network with "manager new NETZ" <br>
::*"system update rule" und "system config save" ausführen <br>
::*Run "system update rule" and "system config save" <br>
<br />
<br />
</div>
<span id="Site2Site_Verbindung_wird_nicht_aufgebaut"></span>
<div lang="de" dir="ltr" class="mw-content-ltr">
== Site2Site connection is not established ==
== Site2Site Verbindung wird nicht aufgebaut ==
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
* The CC does not establish a connection <br>
* Der CC baut keine Verbindung auf <br>
:* '''Cause:''' <br>
:* '''Ursache:''' <br>
::The CC has no internet connection <br>
::Der CC hat keine Internetverbindung <br>
:* '''Solution:''' <br>
:* '''Lösung:''' <br>
::Under "Network ==> Network Tool" ping 8.8.8.8 ==> if this fails, the CC seems to have no internet connection <br>
::Unter "Netzwerk ==> Netzwerk Tool" mittel Ping die 8.8.8.8 anpingen ==> schlägt dies fehl scheint der CC keine Internetverbindung zu haben <br>
<br>
<br>
:* '''Ursache:'''
:* '''Cause:'''
::Der Dienst SSL-VPN ist nicht gestartet <br>
::The SSL-VPN service is not started <br>
:* '''Lösung:'''
:* '''Solution:'''
::Unter "Applications ==> Application Status" den Dienst SSL-VPN neustarten bzw. starten <br>
::Restart or start the SSL-VPN service under "Applications ==> Application Status" <br>
<br />
<br />
</div>
<span id="Keine_Kommunikation_durch_den_Tunnel"></span>
<div lang="de" dir="ltr" class="mw-content-ltr">
== No communication through the tunnel ==
== Keine Kommunikation durch den Tunnel ==
</div>


<div lang="de" dir="ltr" class="mw-content-ltr">
* VPN is set up but the clients cannot communicate through the tunnel <br>
* VPN ist aufgebaut aber die Clients können nicht durch den Tunnel kommunizieren <br>
:* '''Cause:''' <br>
:* '''Ursache:''' <br>
::If the CC is the primary device in the network, everything should be fine as far as the clients can ping the CC. <br>
::Wenn der CC als primäres Gerät im Netz steht, sollte alles passen insofern die Clients den CC anpingen können. <br>
::If the CC is in the network as a secondary device, there are two ways to set the routes: <br>
::Steht der CC als sekundäres Gerät im Netz gibt es zwei Arten die Routen zu setzen: <br>
:* '''Solution:''' <br>
:* '''Lösung:''' <br>
::1. The local route gets a central route that routes the internal network of the cloud FW towards the CC <br>
::1. Die lokale Route bekommt eine zentrale Route die das interne Netz der Cloud-FW in Richtung des CC routet <br>
::2. Each client receives a local route for the Internet network of the cloud FW in the direction of the CC <br>
::2. Jeder Client bekommt eine lokale Route für das Internet Netz der Cloud-FW in Richtung des CC <br>
<br>
<br>
:* '''Ursache:''' <br>
:* '''Cause:''' <br>
::Sie haben bei der Buchung kein oder ein falsches Netz angegeben <br>
::You did not specify a network or an incorrect network when booking <br>
:* '''Lösung:''' <br>
:* '''Solution:''' <br>
::An das Support-Team weitergeben [mailto:support@terracloud.de support@terracloud.de] oder (-Sofern Sie mehrere Cloud Connectoren zu einem Paket gebucht haben, kann es sein das nicht alle Client-Profils zu dem Server-Profile zugeordnet wurden. <br>
::Pass on to the support team [mailto:support@terracloud.de support@terracloud.de] or (-If you have booked several Cloud Connectors in one package, it may be that not all client profiles match the server profile were assigned. <br>
::*alle Profile die unter "openvpn remote get" zusehen sind sollten auch in der Spalte "remote" beim Aufruf von "openvpn get" in der Zeile des Servers mit dem Namen "ssl-s2s" zu sehen sein. <br>
::*all profiles that can be seen under "openvpn remote get" should also be visible in the "remote" column when calling "openvpn get" in the line of the server with the name "ssl-s2s". <br>
</div>

Version vom 18. Januar 2024, 12:08 Uhr

Commissioning

Securepoint webinar on setting up the Cloud Connector
https://www.youtube.com/watch?v=aDAc4WV4MtM

  1. Connect your computer via Ethernet to the LAN 2 interface of the supplied UTM firewall
  2. Give your computer the IP address 192.168.175.100
  3. Go to the URL https://192.168.175.1:11115 in the browser
  4. Log in with user 'admin' and password 'insecure'
  5. Accept the license agreements and then cancel the configuration wizard.
  6. First, import the license (.crt file) under the menu item Extras -> Register
  7. Under Configuration -> Configuration Management -> Import Configuration, select the .utm file and import it.
  8. Use the “heart” symbol to load the configuration and use the “star” symbol to set it as the start configuration
  9. You can then reboot the firewall under Configuration -> Restart.
  10. Now give your computer an IP from your desired internal network and connect your browser to the IP address of the firewall that you specified in the form.
  11. Under Authentication -> Users you can change the admin password.
As soon as the configuration has been imported, the administrator password is: Terra001
Please note that a corresponding route to the data center is stored in the location's central gateway if you use the Cloud Connector as an additional device.


Troubleshooting

No connection to CC

  • You cannot connect to the CloudConnector after importing the config:
  • Cause:
You have not changed your local IP from 192.168.175.XX to an IP of the new internal networks
  • Solution:
Adjust IP in Windows manually


  • Cause:
The new internal network is not entered as an admin network in the CC
  • Solution:
Connect the keyboard and screen directly to the CC and enter the network as admin using the console.
  • Login: admin and Terra001 (or insecure, but then the config file doesn't seem to have been imported correctly)
  • Execute "interface address get" ==> which network is on eth1??? (Ex. IP=192.168.144.1/24 ==> Network=192.168.144.0/24)
  • Execute "manager get" and check whether eth1's network is entered there
  • if not enter the network with "manager new NETZ"
  • Run "system update rule" and "system config save"


Site2Site connection is not established

  • The CC does not establish a connection
  • Cause:
The CC has no internet connection
  • Solution:
Under "Network ==> Network Tool" ping 8.8.8.8 ==> if this fails, the CC seems to have no internet connection


  • Cause:
The SSL-VPN service is not started
  • Solution:
Restart or start the SSL-VPN service under "Applications ==> Application Status"


No communication through the tunnel

  • VPN is set up but the clients cannot communicate through the tunnel
  • Cause:
If the CC is the primary device in the network, everything should be fine as far as the clients can ping the CC.
If the CC is in the network as a secondary device, there are two ways to set the routes:
  • Solution:
1. The local route gets a central route that routes the internal network of the cloud FW towards the CC
2. Each client receives a local route for the Internet network of the cloud FW in the direction of the CC


  • Cause:
You did not specify a network or an incorrect network when booking
  • Solution:
Pass on to the support team support@terracloud.de or (-If you have booked several Cloud Connectors in one package, it may be that not all client profiles match the server profile were assigned.
  • all profiles that can be seen under "openvpn remote get" should also be visible in the "remote" column when calling "openvpn get" in the line of the server with the name "ssl-s2s".
Abgerufen von „https://wiki.terracloud.de/index.php?title=Cloud_Connector/en&oldid=5533