| Home Prev |  NetWall 300 Series Getting Started Guide
|
Next |
|---|
The NetWall 300 Series product is able to support the Zero Touch feature in the Clavister InControl management software product. This means that it is possible to power up a brand new NetWall 300 Series, connect it to the Internet, and the NetWall 300 Series device will automatically register itself with an InControl server. The device can then be remotely brought under centralized InControl management and configured remotely, without any local configuration needing to be done.
However, this feature will only work if the following prerequisites are true:
The version of InControl being used for device management is 2.00.00 or later.
The FQDN or IP address of the management InControl server has been set in the MyClavister account associated with the NetWall 300 Series device. This is done by logging in to the relevant MyClavister account, selecting Settings and then selecting the Zero Touch tab. Only one InControl server address can be associated with one MyClavister account.
The zero touch feature has been enabled for the license associated with the NetWall 300 Series device. This in the MyClavister account by selecting Licenses and then enabling the Zero Touch button next to the relevant license. If the zero touch button is grayed out then the feature is not available with that device. There is an option in the previous step to always enable zero touch by default for all new licenses.
The cOS Core configuration is in its "default" state. Following an upgrade to a version that supports zero touch or any configuration change, this will require a manual reset to the default cOS Core configuration. In the Web Interface this is done by going to:
Status > Maintenance > Device Reset > Reset to Factory
And then selecting the following option:
Reset the configuration to default
Note that a full hardware reset to factory defaults will undo any cOS Core version upgrade and this should therefore not be done. Also note that any configuration change that is saved after a reset to the default configuration will disable the zero touch feature.
The NetWall 300 Series can be connected to an ISP or other network that can provide Internet access and that has a DHCP server enabled which can provide a public DNS server address to the device. Note that physical connection to the Internet should be performed only after the device is running a zero touch supporting version of cOS Core with the factory default configuration.
Access is not blocked by surrounding network equipment for TCP traffic on port 998. This traffic is required for the NetWall 300 Series to communicate with the InControl server. DNS traffic between the NetWall 300 Series and public DNS servers must also not be blocked.
Internet Connections Must Use a Specific Interfaces for Zero Touch
When the NetWall 300 Series is running a version of cOS Core that supports the zero touch feature, the initial connection to the Internet for InControl management should be made via the G6 or S1 interface for the feature to function.Zero Touch Can Also Simplify Hardware Replacement
In addition to simplifying the addition of a new NetWall 300 Series, the zero touch feature can also simplify hardware replacement of a NetWall 300 Series with another NetWall 300 Series. When the replacement hardware is connected to the Internet, InControl can automatically install the correct license as well as the correct cOS Core version. In addition, InControl will upload its copy of the cOS Core configuration from the old hardware.A complete description of the zero touch feature and how it functions can be found in the separate InControl Administration Guide in the chapter titled Zero Touch.
