Version: 4.2

Local admin

Local admin configuration

The DD1000i has two separated console interfaces called Local admin, one for the DATA IN section and one for the DATA OUT section of the device. They are both accessed and managed in the same manner.

Access Local admin

To access Local admin, follow the instructions below.

Connect to Local admin

Step 1Step 2Step 3Step 4

Connect a keyboard to one of the USB ports, (1) in the image below.
Connect a display to the VGA port, (2) in the image below.
Power on the DD1000i with power buttons on the DD1000i front.
When the login prompt is displayed, log in using
Username: admin
Password: see default password (DDE) on the tamper seal on the device front panel.

info

When making changes in Local admin, settings are only applied to the connected section of the DD1000i.

Once logged in, the following main menu options are displayed:

Device configuration...
Admin password...
Date and time...
Export device logs...
View third-party licenses...
Factory reset...

info

When making changes in Local admin, previously configured and operational services might temporarily pause data transfer but will be resumed as quickly as possible.

Required settings at initial setup

When setting up a DD1000i for the first time it is required to set Certificate configuration.

Before using the DD1000i in an operational environment, it is highly recommended to also set:

IP addresses
Admin password
Date and time

Device configuration

Device configuration includes settings for IP addresses, DNS, certificates for DD Manager communication and hostname. Applying the configuration takes several minutes and therefore it is encouraged to first make all changes in the submenus before selecting Save.

IP configuration

In IP configuration..., IP addresses for the admin interface, ADMIN and data interface, DATA, can be viewed and changed. The IP set for ADMIN will be used to access the DD Manager. The IP set for DATA will be used when transferring data over the diode. DNS can be configured to resolve hostnames into IP addresses.

Default IP addresses are:

Upstream Admin: 192.168.0.100
Upstream Data: 192.168.1.100
Downstream Admin: 192.168.0.101
Downstream Data: 192.168.1.101

DNS configuration

DNS servers are used to resolve hostnames into IP addresses. The data interface DNS setting is used to configure the DNS server used by services. Without a configured DNS server, services will be unable to resolve hostnames. The admin interface DNS setting is used to configure the DNS server used by the non-service functionality of the device, e.g., remote logging. Without a configured DNS server, these functions will be unable to resolve hostnames.

When attempting to resolve a hostname, the primary DNS server will be tried first. If it is unreachable, the secondary DNS server, if configured, will be tried instead.

Change IP addresses, default gateways, and DNS servers

Step 1Step 2Step 3Step 4Step 5Step 6Step 7Step 8

Select Device configuration... from the DD1000i Upstream or Downstream Configuration menu.
Select IP configuration... from the DD1000i Device Configuration menu.
The current IP address settings of the Data and Admin interfaces are displayed. Enter IP address and subnet mask on the format [IP address]/[subnet mask].
The current default gateways of the Data and Admin interfaces are displayed, if previously configured. If no default gateways are displayed, selecting Configure Default Gateway: will make the Default Gateway: parameter available, if needed.
The current primary DNS servers of the Data and Admin interfaces are displayed, if previously configured. If no primary DNS servers are displayed, selecting Configure Primary DNS Server: will make the Primary DNS Server: parameter available, if needed.
The current secondary DNS servers of the Data and Admin interfaces are displayed, if previously configured. If no secondary DNS servers are displayed, selecting Configure Secondary DNS Server: will make the Secondary DNS Server: parameter available, if needed.
Select Confirm to accept the IP settings and to return to the DD1000i Device Configuration menu.
Continue with Certificate or Hostname configuration, or select Save to apply all changes. Saving changes may take several minutes.

warning

It is recommended that all default IP addresses are changed before connecting the DD1000i in an operational environment.

Certificate configuration

In Certificate configuration..., certificates and keys needed for DD Manager access can be uploaded.

See Certificates for information about certificate generation.

warning

Authentication by certificates and keys is required. Without certificates and keys, the DD1000i cannot be configured.

Upload certificates and keys

Step 1Step 2Step 3Step 4Step 5Step 6Step 7Step 8Step 9

Create Certificates and make them available on a USB drive. Insert the USB drive into one of the USB ports on the Upstream or Downstream section of the DD1000i.
Select Device configuration... from the DD1000i Upstream or Downstream Configuration menu.
Select Certificate configuration... from the DD1000i Device Configuration menu.
The Certificate Configuration view is displayed, listing required certificates and keys.
Select Select file under Client CA and locate the CA certificate that will be used to verify client certificates on the inserted USB drive. The selected .crt file name will be displayed after Selected:.
Select Select file under Certificate and locate the Server certificate that will be presented to clients on the inserted USB drive. The selected .crt file name will be displayed after Selected:.
Select Select file under Key and locate the key that corresponds with the selected Server certificate on the inserted USB drive. The selected .key file name will be displayed after Selected:.
Select Confirm to accept selected certificates and files and to return to the DD1000i Device Configuration menu.
Continue with IP or Hostname configuration, or select Save to apply all changes. Saving changes may take several minutes.

Hostname configuration

In Hostname configuration..., the hostname used for identification of the device can be viewed and changed.

The default hostnames are:

Upstream: dd1000i-upstream
Downstream: dd1000i-downstream

Change hostname

Step 1Step 2Step 3Step 4Step 5

Select Device configuration... from the DD1000i Upstream or Downstream Configuration menu.
Select Hostname configuration... from the DD1000i Device Configuration menu.
The current hostname is displayed. Enter a new hostname to be used, if needed.
Select Confirm to accept the hostname.
Continue with IP or Certificate configuration, or select Save to apply all changes. Saving changes may take several minutes.

Location configuration

In Location configuration, a user-defined text identifying the physical location of the device can be viewed and changed. By default, the location text is empty. If SNMP is enabled (see Monitoring), the location is available at the sysLocation object (OID .1.3.6.1.2.1.1.6.0). If the location text is empty, the sysLocation object will contain "Unknown".

Change location

Step 1Step 2Step 3Step 4Step 5

Select Device configuration... from the main menu.
Select Location configuration....
The current location is displayed. Enter a new location to be used.
Select Confirm to confirm the new location.
Once all settings are confirmed for Device configuration..., select Save to apply changes. This will take several minutes.

Access control configuration

LDAP Access control must be configured using Local admin.

Admin password

In Admin password... the administrator can change the password used for administrator access to the Local admin.

The default password can be found on the tamper seal on the DD1000i front panel.

warning

It is recommended that the default password is changed before the DD1000i is placed in an operational environment.

Change administrator password

Step 1Step 2Step 3Step 4Step 5

Select Admin password... from the DD1000i Upstream or Downstream Configuration menu.
The Change Admin Password view is displayed. Enter the Current password.
Enter the New password.
Repeat the new password in Reenter new password.
Select Confirm to save the new password and return to the DD1000i Upstream or Downstream Configuration menu.

Date and time

In Date and time... the system time can be changed for the system, logs and certificate validation.

Change date and time

Step 1Step 2Step 3Step 4Step 5

Select Date and time... from the DD1000i Upstream or Downstream Configuration menu.
The Change Date and time view is displayed.
The current date is displayed. Enter new date on format yyyy-mm-dd.
The current time is displayed. Enter the time on format hh-mm-ss.
Select Confirm to save the new date and time and return to the DD1000i Upstream or Downstream Configuration menu.

Export device logs

Export device logs... is used to export log events from the device to a USB drive. The logs are exported to a .journal file.

Export device logs

Step 1Step 2Step 3Step 4Step 5Step 6

Insert a USB drive into one of the USB ports on the Upstream or Downstream section of the DD1000i.
Select Export device logs... from the DD1000i Upstream or Downstream Configuration menu.
Select the USB drive from the displayed list.
Select Confirm to export log events to the USB drive. Exporting log events may take several minutes.
When the log events have been copied successfully, a confirmation message is displayed, presenting the filename on format [hostname]_[date]_[time].journal containing the log events.
Select Close to return to the DD1000i Upstream or Downstream Configuration menu. Remove the USB drive.

View third party licenses

View third party licenses... displays all licenses.

To view third party licenses, perform the following step:

View third party licenses

Step 1Step 2Step 3

Select View third party licenses... from the DD1000i Upstream or Downstream Configuration menu.
The third party licenses text is displayed. Scroll the text using the Arrow UP and DOWN keys.
Select Close to return to the DD1000i Upstream or Downstream Configuration menu.

Factory reset

Factory reset... allows for a full reset of the DD1000i. All settings will fall back to default values but the firmware will stay on the current version. The action will reset all configuration of the device, including uploaded certificates, services and passwords.

Factory reset

Step 1Step 2

Step 1
Select Factory reset... from the from the DD1000i Upstream or Downstream Configuration menu.
Step 2
A Factory Reset confirmation message is displayed. Select Confirm to trigger the factory reset process. The process may take several minutes.

Local admin configuration​

Access Local admin​

Required settings at initial setup​

Device configuration​

IP configuration​

DNS configuration​

Certificate configuration​

Hostname configuration​

Location configuration​

Access control configuration​

Admin password​

Date and time​

Export device logs​

View third party licenses​

Factory reset​

Local admin configuration

Access Local admin

Required settings at initial setup

Device configuration

IP configuration

DNS configuration

Certificate configuration

Hostname configuration

Location configuration

Access control configuration

Admin password

Date and time

Export device logs

View third party licenses

Factory reset