Cloud Connector

Aus TERRA CLOUD WIKI

Version vom 18. Januar 2024, 12:08 Uhr von Christian Toedtmann (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „== Site2Site connection is not established ==“)

Commissioning

Securepoint webinar on setting up the Cloud Connector
https://www.youtube.com/watch?v=aDAc4WV4MtM

  1. Connect your computer via Ethernet to the LAN 2 interface of the supplied UTM firewall
  2. Give your computer the IP address 192.168.175.100
  3. Go to the URL https://192.168.175.1:11115 in the browser
  4. Log in with user 'admin' and password 'insecure'
  5. Accept the license agreements and then cancel the configuration wizard.
  6. First, import the license (.crt file) under the menu item Extras -> Register
  7. Under Configuration -> Configuration Management -> Import Configuration, select the .utm file and import it.
  8. Use the “heart” symbol to load the configuration and use the “star” symbol to set it as the start configuration
  9. You can then reboot the firewall under Configuration -> Restart.
  10. Now give your computer an IP from your desired internal network and connect your browser to the IP address of the firewall that you specified in the form.
  11. Under Authentication -> Users you can change the admin password.
As soon as the configuration has been imported, the administrator password is: Terra001
Please note that a corresponding route to the data center is stored in the location's central gateway if you use the Cloud Connector as an additional device.


Troubleshooting

No connection to CC

  • You cannot connect to the CloudConnector after importing the config:
  • Cause:
You have not changed your local IP from 192.168.175.XX to an IP of the new internal networks
  • Solution:
Adjust IP in Windows manually


  • Cause:
The new internal network is not entered as an admin network in the CC
  • Solution:
Connect the keyboard and screen directly to the CC and enter the network as admin using the console.
  • Login: admin and Terra001 (or insecure, but then the config file doesn't seem to have been imported correctly)
  • Execute "interface address get" ==> which network is on eth1??? (Ex. IP=192.168.144.1/24 ==> Network=192.168.144.0/24)
  • Execute "manager get" and check whether eth1's network is entered there
  • if not enter the network with "manager new NETZ"
  • Run "system update rule" and "system config save"


Site2Site connection is not established

  • The CC does not establish a connection
  • Cause:
The CC has no internet connection
  • Solution:
Under "Network ==> Network Tool" ping 8.8.8.8 ==> if this fails, the CC seems to have no internet connection


  • Cause:
The SSL-VPN service is not started
  • Solution:
Restart or start the SSL-VPN service under "Applications ==> Application Status"


No communication through the tunnel

  • VPN is set up but the clients cannot communicate through the tunnel
  • Cause:
If the CC is the primary device in the network, everything should be fine as far as the clients can ping the CC.
If the CC is in the network as a secondary device, there are two ways to set the routes:
  • Solution:
1. The local route gets a central route that routes the internal network of the cloud FW towards the CC
2. Each client receives a local route for the Internet network of the cloud FW in the direction of the CC


  • Cause:
You did not specify a network or an incorrect network when booking
  • Solution:
Pass on to the support team support@terracloud.de or (-If you have booked several Cloud Connectors in one package, it may be that not all client profiles match the server profile were assigned.
  • all profiles that can be seen under "openvpn remote get" should also be visible in the "remote" column when calling "openvpn get" in the line of the server with the name "ssl-s2s".