4.1 Terminal Proxy Tab
Terminal Proxy feature allows remote clients to log in to the managed devices through netLD server. One useful aspect of using Terminal Proxy is that you
do not have to input the login information on the console — netLD automatically feeds the information for you. It also logs all the operation history with
various information that can be later reviewed when something happens.
Also, using this feature results in the more secure network because the password do not have to be sent through the World Wide Web. Moreover,
outsourcing the management eﬀort is more secure because the operators do not have to know the actual device password. The outside operators, they
just have to know the login passwords of Net Line Dancer instances and NOT the device passwords, avoiding access to the critical security information
in your network.
Consequently, Terminal Proxy provides a centralized management of the devices (even on the devices beyond netLD backup coverage).
Figure 4.1.1: Operation Model of Terminal Proxy
To set up the Terminal Proxy feature, follow these steps described in this section:
4.1.1 Available Commands
address or host
address or host
Connect to devices with either SSH or
telnet. (You have to set up the
Credentials prior to the connection.)
Show the list of up to 20 devices
starting with the character.
show the details of the device.
Show the list in just the same way as
connect command does.
Terminate the SSH session with netLD.
Show the list of commands.
Switch the current network (in terms of
Sec. 2.5) to the specified one.
Show the current version of netLD.
4.1.2 Setup the Terminal Proxy
First, since this feature is disabled by default, enable Terminal Proxy in the settings window. Go to Settings → Network Servers and check on the
Enable the Terminal Server Proxy (SSH). You can change the port that SSH communicate through with the Terminal Server Proxy SSH Port below.
Click on the OK button to save the change. Remember that you must open the access to the SSH port in your firewall program!
Before trying to log in, take a memo of the netLD server IP address.
First, open and start an SSH client and connect to the netLD server. The type of the client does not matter – you can use a standard OpenSSH on
various OSes like UNIX, Mac OSX, Linux and Windows machines (additional installation is required on Windows.)
In this example, we assume the server is 192.168.0.77 and the client is bash.Again, remember that you must open the access to the SSH port in your
Log in to the netLD server as an usual SSH session. The username and pass- word are the same as those used in the usual browser GUI interface
login. Note that you have to specify the appropriate port upon login. On Linux version it is 2222 and on windows version it is 22 (same as what SSH
uses by default). Check the port at Terminal Server Proxy SSH port in Server Settings window → Network Servers.
bash> ssh email@example.com -p 2222
Active network: Default
Welcome to Net LineDancer - 2014/03/26 11:33:20 JST
Connect the IP address of a device with connect <IP address or host name>. You can automatically login to the devices as an administrator,
with already enabled state, as long as netLD already has the correct credential information of the device.
netld# connect 10.0.2.2
Resolving device 10.0.2.2...
Connecting to device 10.0.2.2...
Warning: skipping login authentication until an administrative user is added.
NEC Portable Internetwork Core Operating System Software
Copyright (c) NEC Corporation 2001-2010. All rights reserved.
Copyright (c) 1985-1998 OpenROUTE Networks, Inc.
Copyright (c) 1984-1987, 1989 J. Noel Chiappa.
Enter configuration commands, one per line. End with CNTL/Z.
When you are done, enter exit several times to go back to the netLD SSH session. (However the number is device-specific.) The first exit is for
exiting the enabled mode in the device CUI and the second exit is for exiting the session with the device. Upon logout, netLD takes a backup
automatically. Also, when a configuration change has been detected, the event is automatically stored into the configuration history.
IX2025_LVI(config)# exit exit
Connection to 10.0.2.2 closed.
To exit the netLD session, again hit exit.
Connection to 192.168.0.77 closed.
During the session with the netLD server, connect c shows the list of top 10 host names starting with c in your network. Enter the key number of the
device, then hit Enter. It automatically tries to log in, and when successful, the prompt on the device appears. Also, the auto-completion is available,
e.g., connect c <Tab> shows all host names starting from c. When the target device was not in the list, you can narrow down the list of the matched
devices by entering additional characters, like Cisco <Tab>, and the list contains only the devices starting with Cisco.
You cannot login to the devices in the Network which you are not authorized.Without an authorization,you can login only to the devices in the Default network.To switch the network, enter network <network name>.More descriptions are available in Sec.2.5, p.35.
4.1.4 Terminal Proxy Log
You can check the terminal proxy history in Terminal Proxy tab. double-click on a log and you will see the detailed log on the lower pane.
Terminal Proxy log.
Menu Items Description
Device IP Address Device IP address you logged in
Device Hostname Hostname you logged in
Make/Model Make/Model you logged in
Protocol Protocol used
User Login User
Client IP Address IP address of original client login
Session Start Time of Session Start
Session End Time of Session End
In terminal log, there are five kinds of searches available.
Device IP address and hostname you logged in
Text Searches for the query Texts in the command input and output.
User Login user of netLD
Client IP The IP address that the user logged in from.
Session date Specify the range of dates to search.
Tips: Right-click on a device in Device View, then click on the Show Terminal
Proxy Logs. It provides an easy access to the terminal history of the device.
4.1.5 Verifying the Log from Change History
As in the normal backups, if a backup was performed due to the changes made in the proxy terminal, Configuration Change History shows the change, and
you can check the backup status. Click on the button while selecting the configuration, and the change summary tab shows up in the status pane.
Click on the button while selecting the configuration.
The change summary tab shows up in the status pane.
4.1.6 Exporting the Log Files
Clicking the Export button in the Terminal Proxy Tab in the mane pane creates an zip archive in a specified folder.
The files in the archive are organized into sub directories as follows:
– <network name>
∗ 10.0.0.1 (1812J-B)
∗ 10.0.0.201 (cisco2500b.intra.dar.co.jp)
∗ 10.0.0.203 (cisco2600a.intra.dar.co.jp)
∗ 10.0.0.208 (C2801)
∗ . . .