Transition Networks
Secure Remote Access Quick Start Guide
33837 Rev. A
Page 1 of 4
Secure Remote Access (SRA)
Quick Start Guide
Note
: See the related manuals for important Ordering,
Features, Specifications, Applications, Back Panels, LEDs,
Unpacking, Package Contents, Power Supply, Setup, Network Config, System Requirements, Product Views,
Troubleshooting, Labeling, Regulatory Agency, Safety, Cautions and Warnings, and Warranty information.
Introduction
The Transition Networks Secure Remote Access (SRA) solution creates a secure tunnel to provide a bidirectional
communication channel from a Network Operations Center (NOC) to a Remote Site. The solution generally does not
require configuration changes to the Remote Site Firewall.
The Remote Access Device (RAD) is located at a Remote Site and initiates a connection with the Management Access
Portal (MAP) located at the NOC or Host Site. Once the tunnel is established, the Network Administrator at the NOC can
connect via VPN over the tunnel to devices in the same network as the Remote Access Device, or via Port Forwarding to
any device the RAD can address. Note: When using VPN mode, IP addresses at the Remote Site and NOC or Host Site
cannot overlap (i.e., must be on different sub- networks).
Package Contents
Verify you have received one SRA-RAD-01 or one SRA-MAP-01, one Doc postcard, one Power Supply per device, this
document, and one Bag with screws, rubber plugs, and rubber feet. One CABLE-SRA-NMC (USB to DB9F Serial Null
Modem Cable) may be included as an optional accessory.
Power Supplies
SRA power supplies include 25168 for North America, 25183 for United Kingdom, and 25184 for Europe.
System Requirements
•
SRA devices must have one interface with a gateway that allows Internet access.
•
You must have OpenVPN (Windows) client installed when using the VPN solution for the remote site; not necessary
for Port Forwarding. Note that some Windows versions allow just one active VPN client connection at a time.
•
When using VPN mode, the IP subnet for the LAN1 interface on the MAP cannot overlap with the IP subnet being
forwarded by any of its RADs.
•
External IP (Internet facing IP) address with available port 443.
•
IP address(es) for the MAP within your network topology.
•
Network setup details of remote sites.
•
A null modem cable with a female DB9 connector, such as the CABLE-SRA-NMC available through Transition
Networks
if using CLI to program units.
MAP Configuration Requirements
“MAP users" refers to users at headquarters/Network Operations Center (NOC) using SRA to access
devices at remote
sites. MAP requirements:
•
The MAP requires Internet accessible port 443 available:
o
this will likely be forwarded from the firewall and it doesn't matter which interface is given port 443;
o
the interface receiving 443 should have a gateway providing Internet access.
•
MAP users will access the Web UI via the LAN1 interface.
•
The MAP must have Internet access to communicate with the RADs; so one interface must have a gateway
assigned statically or via DHCP.
•
If both interfaces are in use, make sure only one has a gateway assigned.
