Seneca Vpn box2 User manual

Page 1

SENECA s.r.l.

Via Austria, 26 - 35127 - PADOVA - ITALY

Tel. +39.049.8705355 - 8705359 Fax. +39.049.8706287

Website: www.seneca.it

Technical service: suppo[email protected] (IT), support@seneca.it (Other)

Commercial information: commerciale@seneca.it (IT), [email protected]t

(Other)

This document is the property of SENECA srl. Unauthorized duplication and reproduction (even partial) is prohibited. The

content of this document refers to the described products and technologies. Despite the continuous effort to achieve

perfection, all the technical data contained in this document can be modified or added for technical and commercial needs;

it is impossible to completely eliminate discrepancies and inconsistencies. However, the content of this documentation is

subject to periodic review. For any question, do not hesitate to contact our structure or write to the e-mail addresses

indicated above.

USER MANUAL

VPN BOX2 Hardware

VPN BOX2 Virtual Machine SW

VIRTUAL PRIVATE NETWORK SERVER

USER MANUAL –VPN-BOX2

Date

Revision

Note

Author

Code

02/05/2023

First edition

MI00601-0

12/05/2023

Translation

MI00601-1

USER MANUAL –VPN-BOX2

TABLE OF CONTENTS

1. SENECA VPN BOX2....................................................................................................5

2. SOFTWARE OPEN SOURCE ......................................................................................6

3. INTRODUZIONE...........................................................................................................6

3.1. SPECIFICHE HARDWARE ................................................................................................................................. 7

3.2. SPECIFICHE VIRTUAL MACHINE (VMWARE).................................................................................................... 7

4. INSTALLAZIONE VPN BOX2.......................................................................................8

4.1. INSTALLAZIONE HARDWARE .......................................................................................................................... 8

4.2. INSTALLAZIONE VM ....................................................................................................................................... 9

5. CONFIGURAZIONE DI RETE ETHERNET DI DEFAULT..........................................10

6. PRIMA CONFIGURAZIONE DEL VPN BOX2............................................................11

6.1. LOGIN ...........................................................................................................................................................12

6.2. WELCOME.....................................................................................................................................................13

6.1. MODE ...........................................................................................................................................................14

6.1. NETWORK .....................................................................................................................................................16

6.1. SECURITY ......................................................................................................................................................18

6.1. LICENSE.........................................................................................................................................................19

7. AMMINISTRAZIONE DEL SERVER...........................................................................20

7.1. HOME ...........................................................................................................................................................20

7.2. DEVICES ........................................................................................................................................................22

7.3. USERS............................................................................................................................................................24

7.4. GROUPS ........................................................................................................................................................28

7.5. NETWORKS (VPN) .........................................................................................................................................31

7.6. CONFIG. GENERAL.........................................................................................................................................34

USER MANUAL –VPN-BOX2

7.7. CONFIG. NETWORK .......................................................................................................................................35

7.8. CONFIG. SNMP..............................................................................................................................................36

7.9. CONFIG. BACKUP (AUTOMATICI)...................................................................................................................37

7.10. CONFIG. CERTBOT .........................................................................................................................................39

7.11. CONFIG. ADVANCED......................................................................................................................................40

7.12. LOGS .............................................................................................................................................................41

7.13. BACKUP.........................................................................................................................................................42

8. RESET DI FABBRICA ED AGGIORNAMENTO DEL VPN BOX2 .............................43

8.1. RESET DI FABBRICA .......................................................................................................................................43

8.1. AGGIORNAMENTO DEL VPN BOX2 ................................................................................................................44

9. CONFIGURAZIONE DEL ROUTER/FIREWALL........................................................45

10. PRINCIPIO DI FUNZIONAMENTO VPN NETWORK SINGLE LAN...........................47

10.1. CONFIGURAZIONE DELLA VPN.......................................................................................................................48

11. PRINCIPIO DI FUNZIONAMENTO VPN POINT TO POINT.......................................49

11.1. CONFIGURAZIONE DELLA VPN.......................................................................................................................50

12. CONNESSIONE TRAMITE VPN CLIENT COMMUNICATOR....................................51

12.1. CONNESSIONE VPN GUI (SL o P2P)................................................................................................................51

12.1. CONNESSIONE VPN SERVICE MODE (SOLO SL) ..............................................................................................52

12.2. CONNESSIONE DIRETTA DAL BROWSER ........................................................................................................53

13. CONNESSIONE TRAMITE CLIENT SMARTPHONE (SOLO MODO SINGLE LAN) 55

14. GLOSSARIO...............................................................................................................57

USER MANUAL –VPN-BOX2

1. SENECA VPN BOX2

ATTENTION!

IN NO EVENT, SHALL SENECA S.R.L. OR ITS SUPPLIERS BE LIABLE FOR LOSS OF REGISTRATION

DATA/INCOME OR FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES RESULTING FROM

NEGLIGENCE OR THE IMPROPER OR IRRESPONSIBLE USE OF Z-LINK2-LO, EVEN IF SENECA IS

AWARE OF SUCH POSSIBLE DAMAGES.

SENECA, ITS SUBSIDIARIES, AFFILIATES, GROUP COMPANIES, ITS SUPPLIERS AND ITS DEALERS DO NOT

WARRANT THAT THE FUNCTIONS WILL FULLY MEET YOUR EXPECTATIONS OR THAT Z-LINK2-LO, THE

FIRMWARE AND THE SOFTWARE ARE ERROR-FREE OR WORK IN A CONTINUOUS WAY.

USER MANUAL –VPN-BOX2

2. SOFTWARE OPEN SOURCE

The Seneca VPN BOX2 product contains Open Source software distributed under the GPL license. In

compliance with section 3b of said license, Seneca provides the sources of this software. It is possible to

request the code by writing an email to sup[email protected] .

3. INTRODUCTION

VPN Box is a server device that allows you to create secure VPN (Virtual Private Network) connections

between geographically distant Systems and Servers/PCs in a simplified way, maintaining centralized

management of all SENECA devices enabled for the use of a VPN.

Remote connections based on VPN technology allow transparent communication using the most common

TCP/IP protocols in the industrial world. Since these are connections based on IP (Internet Protocol), it is

possible to convey multiple communication protocols simultaneously via VPN. For example, it will be possible

to communicate in Modbus TCP/IP with a remote device while carrying out maintenance on the software of

a PLC belonging to the same system.

The SENECA devices compatible with VPN BOX2 allow connections from the system both on the Ethernet and

directly Mobile/Cellphone networks (only products equipped with modem).

The types of VPN that can be created with this product are of two types: VPN Single LAN and VPN Point to

Point.

The Single LAN type solves the cases in which it is necessary to create a connection that allows

communication between devices installed in different and distant sites, so as to form a single network which

can also include the subnets of the devices, if desired; these cases are typical in SCADA and Telecontrol

environments.

The Point to Point type allows a maintainer to reach a single device and, optionally, its subnet to intervene

on it; the typical use is the remote assistance in the field of the machines and the reprogramming of a

PLC/HMI, the verification of some functions and the solution of the problems.

The VPN Box is a server device that needs to be configured via the web interface

The VPN Client Communicator software is provided to create the VPN tunnel between a remote PC and the

network/device.

VPN BOX2 is only compatible with VPN Client Communicator versions > v4.0.0.0.

All the software needed to use the VPN BOX2 product can be downloaded from the official product page in

the SOFTWARE & APP section.

The VPN BOX2 is available in two versions: Hardware and Virtual Machine (vmware) the following are the

characteristics of each version.

USER MANUAL –VPN-BOX2

3.1. HARDWARE SPECIFICATIONS

To obtain the technical specifications of the box pc with which the product is supplied in the "hardware"

version, consult the installation manual of the VPN BOX2 product.

3.2. VIRTUAL MACHINE (VMWARE) SPECIFICATIONS

The Virtual Machine version is supplied in exported OVF format with a general indication of the hardware

requirements of the Virtual application. These requirements must then be suitably modified by the user when

creating the VPN BOX2 Virtual machine in order to take into account:

•Number of Seneca devices to manage

•Number of users to manage

•Workload that the server will have to take care of

For a minimal configuration it is recommended to meet the following requirements:

Requirement

Minimum value admitted

CPU

64 bit / 2 cores

RAM

8 GB

Disc

64 GB SSD

compatible with LINUX distributions

Networking

1xETH (100/1000 Mbit)

Host/Hypervisor

Support host: Intel-VT or AMD-V / Hypervisor: VMware

The configurations can be changed after the creation of the server to ensure the application scalability.

For further instructions on using the OVF format to start a VPN BOX2 Virtual Machine see the VM Installation

chapter.

USER MANUAL –VPN-BOX2

4. VPN BOX2 INSTALLATION

4.1. HARDWARE INSTALLATION

To install the VPN BOX2 hardware, proceed as follows:

•Place the server horizontally on a flat surface

•Connect the hardware box power terminals to a dedicated power source. Power requirements are

listed in the user manual

•The VPN BOX2 hardware does not require a keyboard, mouse or monitor to operate. However, they

may be required in case of technical service by Seneca personnel.

•Start the VPN BOX2 by pressing and releasing the ON/OFF button on the front panel of the box once

only

•The POWER led will light up instantly but the server will not be immediately operational, it will take

a few minutes to start up completely (start-up time max 5 min)

ATTENTION!

the VPN BOX2 is a server device, needs to be switched on and off correctly, avoiding sudden power cuts.

For this reason it is recommended to install a UPS to protect the server power supply.

To turn the server off:

•Press and release the ON/OFF button once

•Wait for the POWER led to switch off completely

•In some cases the normal shutdown procedure may take 1 or 2 minutes.

If the server is blocked from starting up or fails to shut down, proceed with a forced shutdown as follows:

•Press and hold down the ON/OFF button once

•Keep the button pressed until the POWER led goes off.

•Repeat the start procedure

For further details on the installation of the VPN BOX2 hardware, consult the product installation manual.

USER MANUAL –VPN-BOX2

4.2. VM INSTALLATION

In the case of virtual machine installation, the file with the ".ovf" extension must be imported into your

virtualization software. All the supplied accessory files must be in the same folder as the OVF file to avoid

errors during the import and creation of the virtual machine.

The OVF file is compatible with VMware Workstation Pro virtualization software, the instructions below show

how to import the VPN BOX 2 virtual machine application into that software

•Double click on the file name with the .ovf extension to start the application import

•Follow the import virtual machine wizard

•Start the virtual application

•Once the start is complete, the login screen will be displayed on the console. As shown in the following

screenshot

ATTENTION!

No operator action is required on this screen. Simply minimize the console to an icon and use the VPN

BOX2 server via web access with a compatible browser.

USER MANUAL –VPN-BOX2

The VMware compatibility is set as follows:

ESXi: 6.0, 5.5, 5.1, 5.0 - Fusion: 8.x, 7.x, 6.x, 5.x, 4.x - Workstation: 12.0, 11.x, 10.x, 9.x, 8.x

ATTENTION!

The virtual machine and the Guest operating system is of the 64 bit type therefore the Server/PC Host must

be compatible with the Intel-VT or AMD-V technologies which must be previously activated in the bios.

5. DEFAULT ETHERNET NETWORK CONFIGURATION

Regardless of the Hardware or Virtual type, the VPN BOX2 is supplied by default with its Ethernet port set to

DCHP (automatically obtain IP address from the network).

Once connected to the network, the server will try to acquire IP address, gateway and DNS from a DHCP

server present on the network.

To detect the current IP address of the VPN BOX2 it is recommended to use the SDD (Seneca Discovery

Device) software installed on a PC connected to the same network as the box or running directly on the same

Host server on which the Virtual Machine is running.

The SDD software can be easily installed by running the installation program available at the following link:

http://www.seneca.it/products/sdd

once the network has been scanned with the "Scan..." button, the IP address will be visible in the "Address"

column corresponding to the row of the "VPN BOX2" device:

Table of contents

Other Seneca Server manuals

Seneca

Seneca Balto SQ-100 Series User manual

Seneca

Seneca Cloud BOX User manual

Seneca

Seneca XVAULT xNVR200 Installation manual

Seneca

Seneca Z-KEY-WIFI User manual

Seneca

Seneca XVAULT XNVR150 User manual

Seneca

Seneca XVAULT xNVR400 Troubleshooting guide

Popular Server manuals by other brands

HP Tc2120 - Server - 256 MB RAM installation guide

Lenovo

Lenovo ThinkServer RD230 manual

Avocent

Avocent CPS810 Installer/user guide

Dell

Dell PowerEdge R6615 Installation and service manual

FreeWave

FreeWave HT2+ installation guide

GIGA-BYTE TECHNOLOGY

GIGA-BYTE TECHNOLOGY G492-Z50 user manual

Lanner

Lanner HTCA-E400 user manual

Bull

Bull NovaScale T840 E2 user guide

Asus

Asus RS740-E70RS24-EG Configuration guide

Meinberg

Meinberg LANTIME M300/TCR manual 

HP ProLiant SL335s G7 Maintenance and service guide

ZyXEL Communications

ZyXEL Communications VANTAGE RADIUS 50 user guide

Lantronix

Lantronix xDirect-IAP quick start guide

Fujitsu

Fujitsu PRIMEQUEST 2400E3 General description

IBM

IBM 9040-MR9 manual

IBM

IBM 306m - eServer xSeries - 8849 user guide

green hippo

green hippo Hippotizer Nevis+ quick start guide

IBM

IBM 8203-E4A Brochure & specs

Seneca VPN BOX2 User manual

Popular Server manuals by other brands