top of page
Search

OOB Remote Network-Based Access

The Use Case for OOB Remote Network-Based Access

This document describes how to access remote devices over IP networks from the Bumblebee portal. To access the CLI terminal of remote devices via serial console interfaces, refer to this link.


Network-based access in this context refers to connecting to the remote devices' HTTP, HTTPS, or SSH ports for configuration and troubleshooting purposes.


For example, a firewall in a remote office can normally be managed through its cloud portal. However, there are times when the firewall loses its connection to the portal due to bugs or misconfiguration. In such cases, the ability to access these firewalls remotely for troubleshooting and recovery significantly reduces downtime, labor costs, and business disruption.


Another common scenario involves a remote device with a local web portal running on a private IP address. While this portal can be accessed locally at the deployment site, administrators in a different location typically connect via VPN. If the VPN is down or an issue with the VPN itself needs to be troubleshot, having an out-of-band (OOB) access method—such as through the Bumblebee portal—becomes essential to minimize truck rolls


Connection Method 1: Connect to Eth1 Port

In this method, the remote access path is the same as the site data path, that is, access session packets go over the Eth1 LAN port, as shown below.


OOB Remote Network Based Access
Network Based Access Model 1: Connect to Eth1 Port

This method works as long as the CPE can reach the device over IP. For example, In a Pass Through deployment, all devices on the /29 subnet can be accessed using this method. In a Router Mode deployment, all devices on the Eth1 subnet can be accessed.


The caveat in this method is that any device behind the firewall or any NAT device cannot be accessed unless specific configuration is made on the firewall due to the one directional NAT function.


Add Device

You can manually add devices to be accessed on the Bumblebee Portal. Follow these steps.


  1. Login to the Bumblebee portal

  2. Click Network Based Access on the left navigation menu under OOB Remote Control

  3. Select a CPE from the drop down menu

  4. Click Add Device


Connection Method 2: Connect to Eth3 port

In this method, the managed devices are connected to Bumblebee CPE Eth3 port, as shown blow


OOB Remote Network Based Access Model 1
Network Based Access Method 2: Connect to Eth3 Port

Plug and Play

In this method, Bumblebee CPE Eth3 runs a DHCP server on 169.254.1.1/16. You can plug in the device to this port to obtain its IP address or statically configures its IP address.


Discover Device

All the devices connecting to Eth3 subnet can be auto discovered. To do so, follow the steps below.


  1. Login to the Bumblebee portal

  2. Click Network Based Access on the left navigation menu under OOB Remote Control

  3. Select a CPE from the drop down menu

  4. Click Discover Device


Note in this model, the devices cannot access the Internet via this port. The traffic direction only goes from Eth3 to the devices.


Connecting to Device

Once the devices have been auto discovered or added, the next step is to access the device.

The device can be accessed over HTTP, HTTPS and SSH. To do so, follow the steps below.


  1. Login to the Bumblebee portal

  2. Click Network Based Access on the left navigation menu under OOB Remote Control

  3. Select a CPE from the drop down menu

  4. Select a device, click Actions -> New Connection

  5. Change the Port number if needed. The default port for HTTP is 80, the default port for HTTPS is 443 and the default port for SSH is 22

  6. Click HTTP Connect to access the device's HTTP portal. Click HTTPS Connect to access the device's HTTPS portal. Click SSH Connect to access the device's CLI interface.

  7. It takes 2 - 3 minutes to establish the connection. Once the connection is established, click Open Console.

  8. For HTTP and HTTPS, click Open Console. A new browser window opens for the target portal.

  9. For SSH, download a Jump Host key and follow the instruction to SSH into the device.


Edit a Device Name

Each discovered or added device can be renamed for better recognition. To edit a name, select one device, click Actions -> Edit Device Name


Display Connections

Once a connection is made, the session is displayed in the second half of the page, as shown below.


Display Network-based access connections
Network-based access connections

Disconnect a Connection

To disconnect, select a connection, click Actions -> Disconnect





Comments

bottom of page