Monitoring, Management & Location Tracking

What is a support connection?A

Aruba Employee

A support connection is a point to point IP tunnel that is initiated from the AMP to Aruba's support server. Although this tunnel itself is not encrypted, only encrypted protocols such as SSH and SSL are allowed through the tunnel.

By default, port 23 TCP is used. To accommodate security policies based on port/protocol, the support connection is configurable to be any one of the following TCP ports: 22, 23(default), 80, 443 or 5000. The destination host for this communication is support-connection.airwave.com.

To configure another port, just change the PORT setting on line 6 of /var/airwave/support/make_conf.sh. For example, change

PORT=23

to

PORT=443

Then do this from the command line:

# service support_connection restart

Example content of make_conf.sh:

[root@snowwhite support]# cat make_conf.sh
#!/bin/sh

PROFILENAME=$1
PASSWORD=$2
TUNADDRESS=$3
PORT=23

cat << EOF > /var/airwave/support/vtun.conf
options {
port $PORT; # Listen on this port.

# Syslog facility
syslog daemon;

# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}

$PROFILENAME {
type tun;
proto tcp;
keepalive 10:6;
compress no;
encrypt no;
password $PASSWORD;
up {
ifconfig "%% $TUNADDRESS netmask 255.255.255.252 mtu 1450";
};
}
EOF

Once the tunnel is established, Aruba TAC and Engineering resources with the proper credentials are provided with SSH and SSL access to the AMP for advanced troubleshooting and information gathering procedures.

A support connection is typically used when a standard desktop-sharing based support session is unfeasible due to the limitations in speed, latency and interactivity.

To start a support connection:
AirWave support will create a profile for you to connect to the Support Connection Server. You will be able to download the config for that profile like this:

# get_support_config <Name_of_Profile>

Once the unique config file has been downloaded you can start, stop, or check the status of the Support Connection with these commands:

# service support_connection restart
# service support_connection stop
# service support_connection status

Unless it's stopped with the stop command, it will remain open for 4 days. Note that to start a connection, the restart command is given. This does not imply that the support connection is always active. By using the restart commnand, if an existing support connection happens to be active, the script will close that one off before starting a new one and prevents duplicate connections from being opened.

Version history
Revision #:
1 of 1
Last update:
‎06-29-2014 09:07 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.