Access your Appliance over a Console Server

Document created by Leif Kremkow Employee on Sep 16, 2015Last modified by Robert Dell'Immagine on Sep 25, 2015
Version 3Show Document
  • View in full screen mode

Qualys Appliances do not offer any open ports over which remote management services might be offered. There is no Telnet, SSH, or HTTP/S access.

 

Under most circumstances, this is of no concern to customers. The Appliance is used via the Qualys web interface that is hosted on Qualys' infrastructure. Assuring operational readiness of the Appliance (such as installing scan engine upgrades, operating system patches, or other upgrades), is done by Qualys.

 

Console access to the Appliance allows customers to remotely configure the Appliance for tasks that usually require an operator to be physically present in-front of the device, such as:

  • change the LAN or WAN port configuration (IP address, DNS, VLAN, etc.);
  • change the HTTP/S proxy configuration (new username or password);
  • obtain the ACTIVATION CODE during a remote installation.

In short: anything a user can do with the front panel LCD of the Appliance, can also be done over Console access.

 

With a Console Server users can make the Appliance's Console available over the network.

 

This article presents how to configure an Avocent Cyclades TS100 to make available the Appliance's Console over Telnet.

 

 

1) Use your web browser to access the configuration pages of the TS100

Step-00.png

 

 

2) go to the Serial Ports configuration

Step-01.png

 

 

3) load a CAS profile and adjust it

Step-04.png

 

 

4) save these changes, then go and apply them

Step-05.png

 

 

5) use your system's Telnet to access the TS100 to edit the getty.conf file

Step-06.png

 

6) set getty to "off" in /etc/getty.conf

 

As seen in the screenshot above, you can use vi to edit the file:

vi /etc/getty.conf

 

Then change to:

GETTY=off

 

Write the changes to disk and quit:

:wq

 

Logout from the TS100.

 

See Step (4) to re-apply the configuration.

 

 

7) Telnet to the Console Server port

 

Step-07.png

 

Caveats:

 

Access to the console in this example is not secured - it is neither encrypted, nor subject to restricted access. It would be far better to use SSH for this with pre-shared keys.

 

 

References:

 

  • see the Scanner Appliance User Guide for more information on the configuration menu of the Appliance
  • see also the Avocent Cyclades TS100 Manual

Outcomes