• Setting up a SDT Secure Tunnel for VNC (Section 6.9).
• Using SDT to IP connect to hosts that are serially attached to the console server (Section 6.10).
6.1 Configuring for SSH Tunneling to Hosts
To set up the console server to SSH tunnel to access a network attached host:
Add the new host and the permitted services using the Serial & Network: Network Hosts menu as detailed in Network Hosts (Chapter 5.4).
Only these permitted services will be forwarded through by SSH to the host. All other services (TCP/UDP ports) will be blocked.
NOTE: Following are some of the TCP Ports used by SDT in the console server:
22
SSH (All SDT Tunneled connections)
23
Telnet on local LAN (forwarded inside tunnel)
80
HTTP on local LAN (forwarded inside tunnel)
3389
RDP on local LAN (forwarded inside tunnel)
5900
VNC on local LAN (forwarded inside tunnel)
73XX
RDP over serial from local LAN – where XX is the serial port number (that is, 7301 to 7302 on a 2-port console server)
79XX
VNC over serial from local LAN – where XX is the serial port number
Add the new Users using Serial & Network: Users & Groups menu as detailed in Network Hosts (Chapter 5.4). Users can be authorized to
access the console server ports and specified network attached hosts. To simplify configuration, the Administrator can first set up Groups
with group access permissions, then Users can be classified as members of particular Groups.
6.2 SDT Connector Client Configuration
The SDT Connector client works with all Black Box console servers. Each of these remote console servers has an embedded OpenSSH based
server that you can configure to port forward connections from the SDT Connector client to hosts on their local network (as detailed in the
previous chapter). You can also pre-configure the SDT Connector with the access tools and applications that are available to run when
you've established access to a particular host.
SDT Connector can connect to the console server using an alternate OoB access. It can also access the console server itself and access
devices connected to serial ports on the console server.
6.2.1 SDT Connector installation
The SDT Connector set up program (SDTConnector Setup-1.n.exe or sdtcon-1.n.tar.gz) is included on the CD supplied with your Black Box
console server.
Run the set-up program.
NOTE:
For Windows clients, the SDTConnectorSetup-1.n.exe application will install the SDT Connector 1.n.exe and the config file
defaults.xml. If there is already a config file on the Windows PC, then it will not be overwritten. To remove an earlier config file,
run the regedit command and search for "SDT Connector," then remove the directory with this name.
For Linux and other Unix clients, SDTConnector.tar.gz application will install the sdtcon-1.n.jar and the config file defaults.xml.
Chapter 6: Secure SSH Tunneling and SDT Connector
Figure 6-2. SDT connector setup window.
724-746-5500 | blackbox.com
41