Configuring remote syslogging, Access manager security, Access manager and the firewall – RuggedCom RuggedRouter RX1100 User Manual

34. Maintaining The Router

Revision 1.14.3

288

RX1000/RX1100™

34.3.2.3. Configuring remote syslogging

Once a key is successfully obtained from an SEM unit, then remote syslogging to the SEM can be
enabled by clicking on Add remote system logging to the SEM unit. This will add an entry in the
syslog configuration file to transmit system logs to the configured SEM.

If the SEM unit IP address changes, it will be necessary to change the local configuration by stopping
the idefender process (see Bootup and Shutdown), configuring and saving the new SEM IP address,
and restarting the idefender process.

The above steps takes care of the configuration. All that is left to do now is to start the Industrial
Defender Agent itself by enabling the idefender entry in the Bootup and Shutdown menu. A properly
configured SEM unit will now be receiving data from the RuggedRouter. Please note that when the
idefender process is stopped, the remote syslog entry to the SEM unit is automatically removed.

34.4. Access Manager Security

RX1100 owners can use Access Manager's Secure Access Portal to restrict access to critical assets.
This section details how to activate the Secure Access Portal and determine currently negotiated
sessions. Details and recommendations on applying the Access Manager system to networking may
be found in texts referred to in the

About This User Guide

section of the user guide.

34.4.1. What Access Manager's Secure Access Portal Protects And How

The Secure Access Portal protects against unauthorized access to critical assets, including the
router itself. The Secure Access Portal allows connection through an openVPN tunnel from known
management devices to assets behind the firewall operating on known TCP/UDP port numbers.

34.4.2. Access Manager And The Firewall

Access Manager integrates tightly with the firewall, opening it for communications between vetted
clients and critical assets on a demand basis. There are four steps required to activate Access
Manager's Secure Access Portal:

Step 1 of 4 : Access Manager Configuration

1.

Use Access Manager to Create a Secure Access Portal (SAP). See the Industrial Defender
Access Manager User Manual for details or use Help after connecting to the Access Manager.

2.

Using Access Manager, authorize user(s) for defined devices behind a router (SAP).

Step 2 of 4 - Shorewall Configuration

1.

Use the RX1000 Installation Guide and RuggedRouter User Guide to set up the RX1100 and
gain access to rrsetup via the console port. Use Restore a Previous Configuration to Reload
Factory Defaults. Change passwords, port IP address information, set the hostname, and
set the date, time and time zone. Do not use Idefender Setup at this time.

From a web browser, access the RuggedRouter's Webmin user interface to perform the rest
of the steps: