manualshive.com logo in svg

Engage Black BlackDoor Duo, User Manual, Page: 17 / 25

Share
Download
Engage Black BlackDoor Duo User Manual Download Page 17

BlackDoor Duo

Engage Black

udp port is used to communicate to the remote connection when sae mode is master or slave.
When mode bridge is selected the udp port is used for the bridge packet tunnel to the remote

BlackDoor Duo. This port number is typically 1701 but can be any available port on the router.
setconn connection name remote encrypted routes froute[, route]g
Species routes to be encrypted and sent to the remote BlackDoor Duo. The route must be in CIDR

notation. Example: 192.168.4.0/24. Multiple routes are separated by a comma with no white space

before or after the comma. Valid only in mode route.
setconn connection name local encrypted routes froute[, route]g
Species local routes that are encrypted by the remote and sent to the local BlackDoor Duo.

local enrypted routes should match the remote encrypted routes specied on the remote

BlackDoor Duo. The route must be in CIDR notation. Example: 192.168.3.0/24. Multiple routes

are separated by a comma with no white space before or after the comma. Valid only in mode route.
setconn connection name sae peer id id
Specify a string representing the SAE ID of the BlackDoor Duo remote unit (not this unit). SAE

ID assignment is in the scope of the quantum key distribution network.

4.6.5 Cong Quantum Key Distribution Commands

kme ip address
Species the IP address and optionally port address of the KME unit providing a quantum key to

the BlackDoor Duo.
sae modefo j master j slaveg
When o the BlackDoor Duo does not utilize Quantum Key Distribution. master congures the

BlackDoor Duo to act as a master secure application entity in the quantum key distribution network.

slave congures the BlackDoor Duo to act as a slave secure application entity.
tls modefpsk j nopskg
tls mode selects the type of cipher suite for the TLS communication to the QKD KME unit. psk

indicates a TLS PSK cipher suite where the key is used to authenticate and derive session keys for

the TLS connection. nopsk indicates a TLS cipher suite in which public key certicates are used

for authentication and session keys are established with a Die-Hellman key exchange.
See the Cong BlackDoor Commands section for how to set the TLS PSK key with enterkey.

4.6.6 Conguration Examples

Example:
This is an example of a conguration of the BlackDoor Duo in mode bridge.

4 COMMAND LINE INTERFACE

Page 16

Summary of Contents for BlackDoor Duo

Page 1: ...BlackDoor Duo User s Guide Rev5 Engage Black April 18 2022 Engage Black 9565 Soquel Drive Suite 200 Aptos California 95003 TEL 831 688 1021 FAX 831 688 1421 www engageblack com support engageinc com...

Page 2: ...ork to which such cause arises In no event shall Seller be liable for incidental consequential or punitive damages resulting from any such cause Seller may at its sole option either repair or replace...

Page 3: ...tial area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense NOTE Shielded ethernet cables must be used with the Engage IP T...

Page 4: ...ackDoor Duo Con guration Parameters 8 2 4 1 Interface Speci c Parameters 8 2 4 2 BlackDoor Duo System Parameters 8 3 Installation of BlackDoor Duo 9 3 1 Installing the Hardware 9 3 1 1 Locating BlackD...

Page 5: ...BlackDoor Duo 20 5 2 Ethernet General 20 5 3 High Ethernet Error Count 20 5 4 Can t Communicate using SSH with the BlackDoor Duo 20 5 5 Can t communicate to BlackDoor Duo Console Port 21 5 6 BlackDoo...

Page 6: ...t of BlackDoor Duo is accomplished with a Command Line Interface CLI that is accessed through the console port or an SSH connection Templates of the most common con gurations provide for an Edit and P...

Page 7: ...nd crossover wiring details and includes diagrams of the units Glossary Telecommunication and TCP IP terminology 1 4 2 Intended Audience This manual is intended for administrators of telecommunication...

Page 8: ...in is root The default password for rst time login is also root It is highly recommended that the password be changed upon initial login 2 1 2 SSH Once an IP address has been assigned the user can log...

Page 9: ...2 BlackDoor Duo System Parameters System parameters include BlackDoor Duo Host name the Ethernet IP address and the default router host name Provide a unique name for BlackDoor Duo Example host name A...

Page 10: ...tilated indoor location Access within six feet of a power outlet Two feet additional clearance around the unit to permit easy cable connection As an option BlackDoor Duo can be mounted in a standard 1...

Page 11: ...where the BlackDoor Duo acts as a router Mode Bridge utilizes layer 2 encryption where the BlackDoor Duo acts as a bridge between the LAN1 ports of the local and remote units The con guration procedu...

Page 12: ...to DB9 serial converter as DB9 serial ports are not common on todays computers In this case use the NULL MODEM ADAPTER provided to allow communication between BlackDoor Duo and computer The use of th...

Page 13: ...rface lan1 Note The LAN1 port is the private local interface commonly receives data and LAN2 is the public WAN port and generally sends data 4 3 3 Syntax for Command Parameters fg one of the parameter...

Page 14: ...ed either the current interface per interface command will be used or all interfaces will be shown info details the port type port state etc statistics lists the packets transmitted received etc show...

Page 15: ...on of BlackDoor Duo involves setting parameters for the LAN interfaces The user must specify which interface is being con gured with the command interface lan1 j lan2 To move up one level from Interfa...

Page 16: ...mands section for how to set tls mode The enterkey command causes the unit to reset 4 6 4 Connection Con guration Commands The BlackDoor Duo supports multiple connections to other BlackDoor Duo units...

Page 17: ...r id id Specify a string representing the SAE ID of the BlackDoor Duo remote unit not this unit SAE ID assignment is in the scope of the quantum key distribution network 4 6 5 Con g Quantum Key Distri...

Page 18: ...92 168 3 50 mode bridge Connections bd 1 peer ip address 192 168 4 50 peer conn name bd 2 udp port 1701 default gateway 192 168 4 254 interface lan1 ip address 192 168 2 50 interface lan2 ip address 1...

Page 19: ...4 50 peer conn name bd 2 remote encrypted routes 192 168 5 0 24 local encrypted routes 192 168 2 0 24 default gateway 192 168 4 254 interface lan1 ip address 192 168 5 50 interface lan2 ip address 19...

Page 20: ...d ENG 2 Unit 2 default gateway 192 168 4 254 interface lan1 ip address 192 168 5 50 interface lan2 ip address 192 168 4 50 mode route rekey period 60 kme ip address 10 0 0 76 sae mode slave Connection...

Page 21: ...ch to con rm a good connection If necessary create a stand alone LAN with just the workstation and BlackDoor Duo 5 3 High Ethernet Error Count Cause Bad cabling or building wiring Solution Check all c...

Page 22: ...the remote BlackDoor Duo Note the console port does not support the Ping Command as it does not have an IP Address 5 7 TCP IP Connection An IP Ping program is the best tool for troubleshooting TCP IP...

Page 23: ...rotocol SFTP 6 1 4 Management SSH support with Edit and Paste Template Files Console Port for Out of Band Management Remote con guration monitoring 6 1 5 Power Supply External 12 Volts DC 1Amp with st...

Page 24: ...o and from these addresses in the form of packets Routing Table A routing table is maintained in each router This table lists all networks and routers in the internet and enables routers to determine...

Page 25: ...s for multiple physical networks Subnetting is applicable when a network grows beyond the number of hosts allowed for the IP address class of the site TCP Transmission Control Protocol ensures reliabl...

Reviews:

No comments