manualshive.com logo in svg

Engage Black BlackDoor Duo, User Manual, Page: 16 / 25

Share
Download
Engage Black BlackDoor Duo User Manual Download Page 16

BlackDoor Duo

Engage Black

keymode fikej manualg
ike uses IKEv2 to establish keys.
manual is selected for manually entering the encryption key via the enterkey command.
rekey period
Species the time in minutes the BlackDoor Duo establishes new encryption and message

authentication keys with the remote unit. Not used when the keymode is manual.
enterkey fauth j encrypt j tlspskg string1 string2
auth string1
Enter a string that is used as an authentication secret. The BlackDoor Duo authentication secret

must be the same as congured on the remote unit in order for an encryption tunnel to be set up.
encrypt string1
encrypt is used for keymode manual. Entery a 64 byte hex string to be used as the encryption

key.
tlspsk string1 string2
tlspsk is used when tls mode psk is selected.
Enter string1 that is the TLS PSK Key ID. Enter string2 that is the TLS PSK Key. The Key

ID and Key must be the same as congured on the remote unit in order for QKD to work properly.

The Key string should be kept secret and as cryptographically sound as possible.
See the Cong Quantum Key Distribution Commands section for how to set tls mode.
The enterkey command causes the unit to reset.

4.6.4 Connection Conguration Commands

The BlackDoor Duo supports multiple connections to other BlackDoor Duo units. There are

special commands to congure the parameters for each connection. Connection parameters have

underscores. Take care to include the underscores when you type in the parameters.
add conn connection name
Creates a connection with the specied name. All subsequent conguration for this connection

species the name. The connection initially has no conguration parameters. The connection must

be congured with all the required conguration parameters for it to be operational.
remove conn connection name
Removes the named connection from the conguration. The connection and all its conguration

parameters are deleted.
setconn connection name peer ip address address
Species the destination ip address of the remote BlackDoor Duo unit.
setconn connection name peer conn name peer-connection-name
Species the peer's connection name.
setconn connection name udp port value
Species the UDP port source and destination address for communication to the remote BlackDoor

Duo. The udp port must be unique for each connection. When mode route is selected the

4 COMMAND LINE INTERFACE

Page 15

Summary of Contents for BlackDoor Duo

Page 1: ...BlackDoor Duo User s Guide Rev5 Engage Black April 18 2022 Engage Black 9565 Soquel Drive Suite 200 Aptos California 95003 TEL 831 688 1021 FAX 831 688 1421 www engageblack com support engageinc com...

Page 2: ...ork to which such cause arises In no event shall Seller be liable for incidental consequential or punitive damages resulting from any such cause Seller may at its sole option either repair or replace...

Page 3: ...tial area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense NOTE Shielded ethernet cables must be used with the Engage IP T...

Page 4: ...ackDoor Duo Con guration Parameters 8 2 4 1 Interface Speci c Parameters 8 2 4 2 BlackDoor Duo System Parameters 8 3 Installation of BlackDoor Duo 9 3 1 Installing the Hardware 9 3 1 1 Locating BlackD...

Page 5: ...BlackDoor Duo 20 5 2 Ethernet General 20 5 3 High Ethernet Error Count 20 5 4 Can t Communicate using SSH with the BlackDoor Duo 20 5 5 Can t communicate to BlackDoor Duo Console Port 21 5 6 BlackDoo...

Page 6: ...t of BlackDoor Duo is accomplished with a Command Line Interface CLI that is accessed through the console port or an SSH connection Templates of the most common con gurations provide for an Edit and P...

Page 7: ...nd crossover wiring details and includes diagrams of the units Glossary Telecommunication and TCP IP terminology 1 4 2 Intended Audience This manual is intended for administrators of telecommunication...

Page 8: ...in is root The default password for rst time login is also root It is highly recommended that the password be changed upon initial login 2 1 2 SSH Once an IP address has been assigned the user can log...

Page 9: ...2 BlackDoor Duo System Parameters System parameters include BlackDoor Duo Host name the Ethernet IP address and the default router host name Provide a unique name for BlackDoor Duo Example host name A...

Page 10: ...tilated indoor location Access within six feet of a power outlet Two feet additional clearance around the unit to permit easy cable connection As an option BlackDoor Duo can be mounted in a standard 1...

Page 11: ...where the BlackDoor Duo acts as a router Mode Bridge utilizes layer 2 encryption where the BlackDoor Duo acts as a bridge between the LAN1 ports of the local and remote units The con guration procedu...

Page 12: ...to DB9 serial converter as DB9 serial ports are not common on todays computers In this case use the NULL MODEM ADAPTER provided to allow communication between BlackDoor Duo and computer The use of th...

Page 13: ...rface lan1 Note The LAN1 port is the private local interface commonly receives data and LAN2 is the public WAN port and generally sends data 4 3 3 Syntax for Command Parameters fg one of the parameter...

Page 14: ...ed either the current interface per interface command will be used or all interfaces will be shown info details the port type port state etc statistics lists the packets transmitted received etc show...

Page 15: ...on of BlackDoor Duo involves setting parameters for the LAN interfaces The user must specify which interface is being con gured with the command interface lan1 j lan2 To move up one level from Interfa...

Page 16: ...mands section for how to set tls mode The enterkey command causes the unit to reset 4 6 4 Connection Con guration Commands The BlackDoor Duo supports multiple connections to other BlackDoor Duo units...

Page 17: ...r id id Specify a string representing the SAE ID of the BlackDoor Duo remote unit not this unit SAE ID assignment is in the scope of the quantum key distribution network 4 6 5 Con g Quantum Key Distri...

Page 18: ...92 168 3 50 mode bridge Connections bd 1 peer ip address 192 168 4 50 peer conn name bd 2 udp port 1701 default gateway 192 168 4 254 interface lan1 ip address 192 168 2 50 interface lan2 ip address 1...

Page 19: ...4 50 peer conn name bd 2 remote encrypted routes 192 168 5 0 24 local encrypted routes 192 168 2 0 24 default gateway 192 168 4 254 interface lan1 ip address 192 168 5 50 interface lan2 ip address 19...

Page 20: ...d ENG 2 Unit 2 default gateway 192 168 4 254 interface lan1 ip address 192 168 5 50 interface lan2 ip address 192 168 4 50 mode route rekey period 60 kme ip address 10 0 0 76 sae mode slave Connection...

Page 21: ...ch to con rm a good connection If necessary create a stand alone LAN with just the workstation and BlackDoor Duo 5 3 High Ethernet Error Count Cause Bad cabling or building wiring Solution Check all c...

Page 22: ...the remote BlackDoor Duo Note the console port does not support the Ping Command as it does not have an IP Address 5 7 TCP IP Connection An IP Ping program is the best tool for troubleshooting TCP IP...

Page 23: ...rotocol SFTP 6 1 4 Management SSH support with Edit and Paste Template Files Console Port for Out of Band Management Remote con guration monitoring 6 1 5 Power Supply External 12 Volts DC 1Amp with st...

Page 24: ...o and from these addresses in the form of packets Routing Table A routing table is maintained in each router This table lists all networks and routers in the internet and enables routers to determine...

Page 25: ...s for multiple physical networks Subnetting is applicable when a network grows beyond the number of hosts allowed for the IP address class of the site TCP Transmission Control Protocol ensures reliabl...

Reviews:

No comments