
127
1.877.877.2269
BLACKBOX.COM
NEED HELP?
LEAVE THE TECH TO US
LIVE 24/7
TECHNICAL
SUPPORT
1.877.877.2269
CHAPTER 6: FIREWALL, FAILOVER AND OOB ACCESS
6.7.1 OOB ACCESS SETUP
In this mode, the dial-out connection to the carrier cellular network is always on, awaiting any incoming traffic. By default, the only
traffic enabled is incoming SSH access to the console server and its serial ports, and incoming HTTPS access to the console server.
There is a low level of keep alive and management traffic going over the cellular network. Generally, the status reports, alerts and
other traffic from the site can be carried over the main network.
This mode is typically used for out of band access to remote sites. Consequently, to be directly accessed, the appliance needs
to have a Public IP address and it must not have SSH access firewalled. This OOB mode is the default for LES1700 and LES1400
appliances with internal cellular modems. Out-of-band access is enabled by default and the cellular modem connection is always on.
Almost all carriers offer corporate mobile data service/plans with a Public (static or dynamic) IP address. These plans often have a
service fee attached.
With a static Public IP address plan, you can try accessing the console server using the Public IP Address provided by the carrier. By
default, only HTTPS and SSH access is enabled on the OOB connection: you can browse to the console server, but you cannot ping it.
With a dynamic Public IP address plan, a DDNS service will need to be configured to allow the remote administrator to initiate
incoming access. Once this is done, you can then also try accessing the console server using the allocated domain name.
By default, most providers offer a consumer-grade service that provides dynamic Private IP address assignments to 3G devices. This
IP address is not visible across the Internet, but usually it is adequate for home and general business use.
To confirm a consumer-grade service:
Navigate to the Status > Statistics.
Click the Failover & Out-of-Band tab.
In the Always on Out-of-Band — Internal Cellular Modem (cellmodem) section, check the value presented for IP Address.
FIGURE 6-15.
If the value is in one of the private IP Address ranges —
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
— you have a consumer-grade cellular service.
For inbound OOB connection with such a plan, you will need to use Call Home with a VCMS or set up a VPN.
In Out of Band access mode, the internal cellular modem will continually stay connected. The alternative is to set up Failover mode
on the console server.