1
00:00:01,570 --> 00:00:08,280
In this section we're going to talk about using your life to access configure and manage your devices.

2
00:00:10,860 --> 00:00:12,980
So first of all what are the options.

3
00:00:13,140 --> 00:00:19,260
Well it can connect locally with a console cable and this means basically connecting your PC or Mac

4
00:00:19,350 --> 00:00:27,050
directly to Fort game console port The other option is to remotely connect to the front gate through

5
00:00:27,050 --> 00:00:27,880
the network.

6
00:00:28,190 --> 00:00:37,160
And this means you will either use the telnet on 4:23 or S-sh on for two of the full values to connect

7
00:00:37,280 --> 00:00:38,360
to the device.

8
00:00:38,570 --> 00:00:42,490
And this must be enabled in advance for connections to be accessed.

9
00:00:42,500 --> 00:00:49,520
Remember what we said in a previous section that the box comes fully law and you have to enable options

10
00:00:49,640 --> 00:00:55,560
and features as you go through configuration enabling your device in the network.

11
00:00:56,520 --> 00:01:03,900
The other one is to go to Asia it is like we have just these cost and then access this your life from

12
00:01:03,900 --> 00:01:05,440
the web based manager.

13
00:01:05,460 --> 00:01:13,410
It was if you remember in the right top corner clicking there and the web page will just fire up a connection

14
00:01:13,410 --> 00:01:20,410
for you and hopefully also have the opportunity to connect to the gate as we have talked.

15
00:01:20,420 --> 00:01:26,490
Also with 40 Explorer you will be cabled directly for gate appliance.

16
00:01:26,490 --> 00:01:29,010
Now let's talk a little bit about permissions.

17
00:01:29,010 --> 00:01:36,570
So access profiles control the level of the access of every user route and then on the gate.

18
00:01:37,080 --> 00:01:44,940
So once you launch in really right or no access rights we may provide the admin account that we have

19
00:01:44,940 --> 00:01:49,300
just used up to this point exist by default and it cannot be deleted.

20
00:01:49,470 --> 00:01:56,710
It makes sense as it will mean that you will be locked out you have no user password pair to log into

21
00:01:56,760 --> 00:02:03,180
the device and do your job full permissions are associated with the admin account.

22
00:02:03,350 --> 00:02:12,300
Similarly like the route and the straight account on Linux or Unix platforms you can create are granted

23
00:02:12,300 --> 00:02:16,180
necessary admin access ESPERAR configuration.

24
00:02:16,200 --> 00:02:23,540
So lets start first of all on configuring what's needed in order to remotely access configure and manage

25
00:02:23,680 --> 00:02:24,940
your game device.

26
00:02:25,200 --> 00:02:32,220
And then we are looking at the permissions section in order to get started.

27
00:02:32,370 --> 00:02:36,790
First draw a little diagram so you can understand what I'll be doing.

28
00:02:37,020 --> 00:02:41,500
So I'll just take a new page and here is how it looks.

29
00:02:41,610 --> 00:02:49,980
So we have 240 Gates in our network now we have the one that we have just configure in you use all the

30
00:02:49,980 --> 00:02:51,590
features and everything.

31
00:02:51,840 --> 00:03:06,030
So this will be this will be the 40 says and this one is the 40 that we have moved to transpire at this

32
00:03:06,030 --> 00:03:06,340
point.

33
00:03:06,340 --> 00:03:09,370
I have a connection between these two for.

34
00:03:09,840 --> 00:03:15,470
And it's on board three or three as well.

35
00:03:17,790 --> 00:03:21,060
I will just configure an activity between the two.

36
00:03:21,090 --> 00:03:33,020
I will take 10 0 0 0 that's sledged 24 and let's say the 40 access code will be the wire and the 40

37
00:03:33,330 --> 00:03:39,480
transferred that to Arthur enabling connectivity and testing to ping

38
00:03:42,190 --> 00:03:51,990
basically that these ICMP protocol will just enable port three on four to transfer Portugais to permit

39
00:03:52,050 --> 00:04:00,030
let's say Thailand although it's not recommended as everything it's transmitted in plaintext so information

40
00:04:00,030 --> 00:04:01,440
is not encrypted.

41
00:04:01,680 --> 00:04:08,130
And then I also enable S-sh and last just to test our connectivity.

42
00:04:08,140 --> 00:04:17,610
I will just connect on the 40 x x x again and fire up S-sh connections so that I get access for the

43
00:04:17,890 --> 00:04:29,070
transport for the I have now logged in both in for gate access course and also for a transfer.

44
00:04:29,360 --> 00:04:32,650
So first of all is there still exist.

45
00:04:32,710 --> 00:04:34,370
It's mean and mean

46
00:04:37,170 --> 00:04:42,480
and let's see how the configuration looks on port three shows system

47
00:04:46,080 --> 00:04:51,330
show system interface or three.

48
00:04:51,480 --> 00:04:55,310
Nothing has been configure its default configuration.

49
00:04:55,560 --> 00:04:58,740
Let's configure it configure system interface

50
00:05:01,970 --> 00:05:15,110
and Port three said I'd be about warm sledged twin for existence save the configuration.

51
00:05:15,250 --> 00:05:27,220
So we have the admin password system interface or three basic default configuration configure system

52
00:05:27,490 --> 00:05:39,290
interface and for three said IP then tells you that you the to sledged 24 umask

53
00:05:43,290 --> 00:05:52,820
and let's say that it shows system interface for three gradely on this site.

54
00:05:55,710 --> 00:06:01,320
Show system interface for three.

55
00:06:01,640 --> 00:06:04,210
You have to do that you know about one.

56
00:06:04,590 --> 00:06:10,650
And on the other one 10.0 that you rode up to let's see if we have been connectivity

57
00:06:14,430 --> 00:06:20,640
exit executed being can go do those up to.

58
00:06:20,720 --> 00:06:22,640
It seems that it's not working.

59
00:06:22,760 --> 00:06:26,270
Got ICMP code 3 this nation unbridgeable.

60
00:06:26,290 --> 00:06:27,530
Now why is that.

61
00:06:27,550 --> 00:06:35,350
It's because on Wall Street we haven't enabled any ICMP or ping connectivity so let's do that config

62
00:06:35,350 --> 00:06:43,330
system interface for three set allow access ping

63
00:06:46,600 --> 00:06:47,290
being again

64
00:06:55,940 --> 00:06:57,660
working.

65
00:06:57,680 --> 00:07:07,100
Now why is the let's allow ICMP on the side as well of course show system interface 4:03.

66
00:07:07,270 --> 00:07:13,690
We haven't allowed the configure system interface for three.

67
00:07:13,720 --> 00:07:19,720
So basically at this point packets will go into the other gay we're coming back but they were injected

68
00:07:19,750 --> 00:07:21,890
by this Watergate so we have to allow.

69
00:07:22,000 --> 00:07:24,860
I simply want to get the on this part as well.

70
00:07:30,230 --> 00:07:31,130
All three

71
00:07:34,010 --> 00:07:40,910
said allow access being and say execute.

72
00:07:40,940 --> 00:07:42,990
Been out there that you all got to

73
00:07:58,740 --> 00:08:04,230
now and it means that configuration has been applied.

74
00:08:04,470 --> 00:08:06,040
So let's see now.

75
00:08:06,390 --> 00:08:12,990
OK so now we have connectivity between the two devices control See if you want to stop it so stop the

76
00:08:12,990 --> 00:08:17,520
Bing before it's going to send for five packets.

77
00:08:17,700 --> 00:08:20,890
So now that we have connectivity we can try

78
00:08:24,000 --> 00:08:29,120
execute S-sh so we can try to S-sh or telnet to the other device.

79
00:08:29,520 --> 00:08:34,290
Again it will not work as this court is not permitting

80
00:08:37,250 --> 00:08:39,490
is not permitting anything else.

81
00:08:39,740 --> 00:08:44,050
So ICMP So lets configure it now.

82
00:08:48,530 --> 00:08:52,900
So compelled to allow access Telenet.

83
00:08:53,000 --> 00:08:57,930
Mr. Sage and exit and the black liberation

84
00:09:00,630 --> 00:09:03,820
exigeant S-sh on divides them.

85
00:09:03,990 --> 00:09:19,660
10.0 first of all is age 2 0 0 to now we have a new host named Watergate 64 and as you can see it was

86
00:09:19,660 --> 00:09:29,080
48 x and of course so we have successfully executed a remote connection to the other 40.

87
00:09:29,380 --> 00:09:30,450
Let's exit the

88
00:09:34,750 --> 00:09:38,290
connection to 10.00 to explode.

89
00:09:38,650 --> 00:09:43,270
This is how easy it is to connect to get a device remotely.

90
00:09:43,270 --> 00:09:48,250
So we don't have to be exactly near the device to configure it.

91
00:09:48,250 --> 00:09:51,670
You can connect remotely at that age.

92
00:09:51,910 --> 00:10:01,170
And again the NSA is the preferred way because the traffic between the devices is encrypted OK.

93
00:10:01,180 --> 00:10:08,210
So we are now back the graphical user interface and then having our credentials and log in.

94
00:10:08,230 --> 00:10:15,550
So I'm saying a little bit earlier about the access profiles what they are and why should we use them

95
00:10:15,920 --> 00:10:17,290
for access profiles.

96
00:10:17,320 --> 00:10:23,850
Control the level of administrative access of every user admin or admin on the fourth key.

97
00:10:24,040 --> 00:10:29,050
So let's create another profile and another user and test it.

98
00:10:29,080 --> 00:10:36,370
If you do have the same level of rights I will do basically an Access program that will be my configuration

99
00:10:36,430 --> 00:10:41,630
and only permit ready access.

100
00:10:41,740 --> 00:10:57,800
So let's go to System Admin profiles and create the new one the name will be really only we don't think

101
00:10:58,340 --> 00:11:08,380
while and let's say that if you have only read on your rights when it successfully connects the phone

102
00:11:08,610 --> 00:11:12,360
to get the plants it's OK.

103
00:11:14,930 --> 00:11:18,350
Now we really do administrators create a new one.

104
00:11:18,350 --> 00:11:24,050
So the admin is the default one of our own Read-Only admin.

105
00:11:24,480 --> 00:11:28,060
The same for password cargo.

106
00:11:28,140 --> 00:11:34,000
I mean it's a local user administrative profiler.

107
00:11:34,210 --> 00:11:39,280
So this is really only prova to match the user and the profile.

108
00:11:39,280 --> 00:11:40,740
This is the place and hit.

109
00:11:40,750 --> 00:11:41,460
OK.

110
00:11:44,520 --> 00:11:45,160
Good.

111
00:11:45,540 --> 00:11:53,810
Let's see how things look when we just connect with really only one logout.

112
00:11:54,020 --> 00:12:02,590
And now we say our and men are to me.

113
00:12:02,810 --> 00:12:10,970
We have now connected with the with only administration is going to network interfaces and let's say

114
00:12:10,970 --> 00:12:14,080
we want to do the sport.

115
00:12:14,430 --> 00:12:17,750
We have selected and we don't have the added option.

116
00:12:17,840 --> 00:12:19,540
Double click on it.

117
00:12:19,970 --> 00:12:23,500
Well we can see the options here with the added interface.

118
00:12:23,510 --> 00:12:26,770
It's not available at interface option.

119
00:12:26,780 --> 00:12:31,940
Can we put an alias we can but we don't have the OK.

120
00:12:31,940 --> 00:12:33,930
We cannot save our options.

121
00:12:34,160 --> 00:12:35,470
So hit.

122
00:12:35,810 --> 00:12:36,940
And that's it.

123
00:12:38,940 --> 00:12:49,810
We log in with the rogue user admin just to get network interface is for fall.

124
00:12:49,820 --> 00:12:51,290
We have the option of.