Versions Compared

Old Version 17

changes.mady.by.user W.Erber

Saved on

compared with

New Version 18

changes.mady.by.user W.Erber

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: correct link to networking section; some clarifications

...

Warning

The AWS EC2 environment has specific characteristics that could conflict with interface configurations made via the Charon Manager. Please refer to the Amazon AWS documentation and to the sections Network Management and Example of a More Complex Network Configuration AWS Networking and Charon-SSP to understand the networking behavior of an AWS instance before you change any interface settings via the Charon Manager. In particular, if you added a second interface to the system, do not apply any changes via the Network Manager until you created a configuration file for the second interface and are sure both interfaces are working correctly.

...

  • IP setting: specify the method used for the IPv4 addressing of the interface. Options are Automatic (DHCP), Manual, and None.

  • IP address: if manual addressing is selected, the host IP address can be added in this field. The field is inactive if DHCP or None is selected.

  • Netmask: if manual addressing is selected, the netmask for the host IP address can be added in this field. The field is inactive if DHCP or None is selected.

  • Gateway: if manual addressing is selected, the default gateway for the host can be added in this field. The field is inactive if DHCP or None is selected.
    (warning) Be careful not to select a default gateway not matching the AWS subnet structure. Doing so may cause you to permanently lose access to your instance.
    (warning) In some cases when several network interfaces are configured on the Charon host, a second routing table has to be created on the Charon host. This is not supported by the Charon Manager and must be configured from the command-line. See AWS Networking and Charon-SSP for more information.

  • DNS server 1 and DNS server 2: if manual addressing is selected, enter the IP address of one or two DNS name servers. Inactive if DHCP or None is selected.

...

Virtual network configuration options

FieldDescription
Create for SSH VPNIf set to ON, a special virtual network will be created to be used as the basis for creating an SSH VPN tunnel as described in SSH VPN - Connecting Charon Host and Guest to Customer Network. This is the most relevant configuration mode for the Charon-SSP AWS product.

Binding interface

If set to ON, a physical interface can be selected from the Virtual bridge interface drop-down menu, on which the bridge is configured. The bridge is connected to the host system LAN. This option is listed for completeness. It is not suitable for Charon-SSP AWS.

If set to OFF, a user-defined name can be entered in the Virtual bridge name field. This name will be used in naming the bridge and TAP interfaces instead of using the physical interface name. The bridge is internal to the host system.

Always OFF if Create for SSH VPN is enabled.

STP for bridge

Enable or disable the Spanning Tree Protocol on the virtual bridge. Always OFF if binding interface is set to ON or SSH VPN is enabled.

Virtual bridge interface

Drop-down menu to select a physical interface that will provide an external network connection to the bridge. Inactive if the binding interface is disabled and if SSH VPN is enabled.

Virtual bridge name

Used to set a user-defined bridge name if the binding interface is disabled. This name will be used in place of the physical interface name when creating the bridge and TAP interfaces. Inactive if the binding interface is enabled. Fixed name vpnX for SSH VPN configuration (X = 0, 1, ...).

Number of virtual adapters

Specify how many virtual adapters are needed.

IP settings

Specify the method used for addressing the interface used to connect the host to the external network. Options are Automatic (DHCP), Manual, and None. If the binding interface is disabled, manual configuration is mandatory (to assign a configuration to the host-internal bridge interface).

IP address

If manual addressing is selected, the host IP address can be added in this field. The field is inactive if DHCP or None is selected.

Netmask

If manual addressing is selected, the netmask for the host IP address can be added in this field. The field is inactive if DHCP or None is selected.

Gateway

If manual addressing is selected, the default gateway for the host can be added in this field. The field is inactive if SSH VPN configuration, DHCP or None is selected.

(warning) Be careful not to select a default gateway not matching the AWS subnet structure. Doing so may cause you to permanently lose access to your instance. When you create a custom internal bridge, leave this field empty (the host default gateway will apply).

DNS server 1 and DNS server 2

If manual addressing is selected, you can add the IP address of one or two DNS name servers. Inactive if SSH VPN configuration is selected.

...