...
To open the network settings window, click on Tools > Network Settings. This will open a window similar to the ones shown below:
Content of the network settings window:
...
| Warning |
|---|
The AWS EC2 environment has specific characteristics that could conflict with interface configurations made via the Charon Manager. Please refer to the Amazon AWS documentation and to the sections Network Management and Example of a More Complex Network Configuration AWS Networking and Charon-SSP to understand the networking behaviour behavior of an AWS instance better before you change any interface settings via the Charon Manager. In particular, if you added a second interface to the system, do not apply any changes via the Network Manager Settings until you created a configuration file for the second interface and are sure both interfaces are working correctly. |
...
Open the network settings window as described above by clicking on Tools > Network Settings.
Using the network settings window, you can set up the existing host system network interfaces according to your requirements. The window also contains previously created bridge and VLAN interfaces.The Apply button confirms any changes made and Close discards them
First, select the interface that is to be configured.
After selecting an interface, you can then set the following host system network interface parameters:
IP setting: specify the method used for the IPv4 addressing of the interface. Options are Automatic (DHCP), Manual, and None.
IP address: if manual addressing is selected, the host IP address can be added in this field. The field is inactive if DHCP or None is selected.
Netmask: if manual addressing is selected, the netmask for the host IP address can be added in this field. The field is inactive if DHCP or None is selected.
Gateway: if manual addressing is selected, the default gateway for the host can be added in this field. The field is inactive if DHCP or None is selected.
Be careful not to select a default gateway not matching the AWS subnet structure. Doing so may cause you to permanently lose access to your instance. In some cases when several network interfaces are configured on the Charon host, a second routing table has to be created on the Charon host. This is not supported by the Charon Manager and must be configured from the command-line. See AWS Networking and Charon-SSP for more information.DNS server 1 and DNS server 2: if manual addressing is selected, enter the IP address of one or two DNS name servers. Inactive if DHCP or None is selected.
The Apply button confirms any changes made and Close discards them.
| Div | ||
|---|---|---|
| ||
Managing Virtual Networks
...
|
|
This will open the virtual network configuration window as shown here. Configure the virtual bridge. The configuration settings are described below. |
|
| Div | ||
|---|---|---|
| ||
Virtual bridge (i.e., virtual network) configuration options:
Virtual network configuration options | |
|---|---|
| Field | Description |
| Create for SSH VPN | If set to ON, a special virtual network will be created to be used as the basis for creating an SSH VPN tunnel as described in SSH VPN - Connecting Charon Host and Guest to Customer Network. This is the most relevant configuration mode for the Charon-SSP AWS product. |
Binding interface | If set to ON, a physical interface can be selected from the Virtual bridge interface |
drop-down menu, on which the bridge is configured. The bridge is connected to the host system LAN. This option is listed for completeness. It is not suitable for Charon-SSP AWS. If set to OFF, a user-defined name can be entered in the Virtual bridge name field. This name will be used in naming the bridge and TAP interfaces instead of using the physical interface name. The bridge is internal to the host system. Always OFF if Create for SSH VPN is enabled. | |
STP for bridge | Enable or disable the Spanning Tree Protocol on the virtual bridge. Always OFF if binding interface is set to ON or SSH VPN is enabled. |
Virtual bridge interface |
Drop-down menu to select a physical interface that will provide an external network connection to the bridge. Inactive if the binding interface is disabled and if SSH VPN is enabled. | |
Virtual bridge name | Used to set a user-defined bridge name if the binding interface is disabled. This name will be used in place of the physical interface name when creating the bridge and TAP interfaces. Inactive if the binding interface is enabled. Fixed name vpnX for SSH VPN configuration (X = 0, 1, ...). |
Number of virtual adapters | Specify how many virtual adapters are needed. |
IP settings | Specify the method used for addressing the interface used to connect the host to the external network. Options are Automatic (DHCP), Manual, and None. If the binding interface is disabled, manual configuration is mandatory (to assign a configuration to the host-internal bridge interface). |
IP address | If manual addressing is selected, the host IP address can be added in this field. The field is inactive if DHCP or None is selected. |
Netmask | If manual addressing is selected, the netmask for the host IP address can be added in this field. The field is inactive if DHCP or None is selected. |
Gateway | If manual addressing is selected, the default gateway for the host can be added in this field. The field is inactive if SSH VPN configuration, DHCP or None is selected.
|
DNS server 1 and DNS server 2 | If manual addressing is selected, you can add the IP address of one or two DNS name servers. Inactive if SSH VPN configuration is selected. |
The virtual network connected to a binding interface consists of
...
X is a number from 0 up to the number of virtual adapters (0 to configured number minus 1) specified in Number of the virtual adapters. These devices can then be configured for use as virtual Ethernet controllers.
| Div | ||
|---|---|---|
| ||
Deleting a Virtual Network
...
Follow the menu path Tools > Network Settings to open the network settings window.
Select the bridge you want to delete and click on the Remove button. This will open a confirmation window.
To delete all virtual network interfaces associated with the selected bridge, click on OKYES.
Following the instructions above will immediately delete all TAP devices and the bridge.
...
Shrinking a virtual network may make it necessary to adjust a number of virtual machine configurations because the name of their virtual Ethernet interface has changed.
| Div | ||
|---|---|---|
| ||
Managing VLAN Interfaces
This option is described for completeness. However, it is normally not relevant for the Charon-SSP AWS product.
Adding a VLAN Interface
|
|
This will open the VLAN configuration window as shown here. Configure the |
VLAN interface. The configuration settings are described below. |
|
| Div | ||
|---|---|---|
| ||
VLAN configuration options:
VLAN configuration options | |
|---|---|
| Field | Description |
Parent interface | Select the host system |
Ethernet interface that will serve as the base interface for the LAN connection. | |
VLAN ID | Enter the VLAN number matching the customer’s LAN configuration. Values: 2-4094. The interface name of the new interface has the format: <parent-interface>.<vlan-id> |
IP settings | Specify the method used for addressing the interface used to connect the host to the external network. Options are Automatic (DHCP), Manual, and None. |
IP address | If manual addressing is selected, the host IP address can be added in this field. The field is inactive if DHCP or None is selected. |
Netmask | If manual addressing is selected, the netmask for the host IP address can be added in this field. The field is inactive if DHCP or None is selected. |
Gateway | If manual addressing is selected, the default gateway for the host can be added in this field. The field is inactive if DHCP or None is selected. |
DNS server 1 and DNS server 2 | If manual addressing is selected, you can add the IP address of one or two DNS name servers. |
Deleting a VLAN Interface
...
Follow the menu path Tools > Network Settings to open the network settings window.
Select the VLAN interface you want to delete and click on the Remove button. This will open a confirmation window.
To delete the VLAN interface, clickon OKYES.
Following the instructions above will immediately delete the VLAN interface.
...