General information for AWS on Amazon Web-Portal: https://aws.amazon.com/de/
To install Tosibox VCL via CLI you have to install CLI to your computer and perform 3 steps:
1. Install CLI
2. CLI peliminary steps
3. Run VCL installer script
Important: VCL WAN and LAN interfaces have to be in different subnets! It is not allowed to use same subnet!
1. AWS CLI install for PC/MAC/LINUX/...
"aws" command line tools installer:
https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html
https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html
Check current cli version on your machine:
Terminal command: $ aws --version
aws-cli/2.0.7 Python/3.7.4 Darwin/19.4.0 botocore/2.0.0dev11
2. CLI preliminary steps
-------------------------------
1. Navigate to My security credentials (under IAM/User)
2. Under "Access keys for CLI, SDK, & API access" Create access Key and
make note of the access Key and secret Key
Access key: xxxxxxxxxxxxxxxxxxx
Secret access key: xxxxxxxxxxxxxxxxxxxxxxxxxx
3. start configuration
`# aws configure --profile [PROFILENAME]`
I used here: `# aws configure --profile awsprofile`
4. Fill in your details and enter the access key and secret key
user:aws user aws configure --profile awsprofile
AWS Access Key ID [****************HH26]: xxxxxxxxxxxxxxxxxxx
AWS Secret Access Key [****************QL70]: xxxxxxxxxxxxxxxxxxxxxxxxx
Default region name [None]: eu-north-1
Default output format [None]:
user:user$
5. Set the profile to your environment variable
`# export AWS_PROFILE=[PROFILENAME]`
I used: # export AWS_PROFILE=awsprofile
3. Run VCL installer script tosibox-virtual-central-lock.sh
user$ ./tosibox-virtual-central-lock.sh install
Here is the full LOG:
=======================================================
STEP 1: TOSIBOX(R) Virtual Central Lock deployment
In order to install VCL, you need to enter the
activation code that can be ordered from Tosibox Sales
sales@tosibox.com
Notice, that you need TOSIBOX(R) Key in order to start
using TOSIBOX(R) Ecosystem.
You may purchase TOSIBOX(R) Key from:
- https://www.tosibox.com/contact-us/distributors/
- https://www.verkkokauppa.com/ (search tosibox)
=======================================================
Enter a unique name for your deployment in lowercase (empty to cancel): newdep2
Using name: newdep2 for deployment..
If you want to get your IP automatically from ipinfo.io, use switch -i auto
Enter your source IP address (default 0.0.0.0/0 to allow all)
Allowed IP-address is: 0.0.0.0/0.
More information: The IP is for activation so that it blocks access to the activation screen from all expect your IP. (it is available even though it’s not seen when you use the script)
From the scripts –help: -i, --source-ip [CIDR/auto] CIDR or 'auto' for automatic from ipinfo.io to restricting activation traffic only to your IP. NOTICE: activation traffic is unencrypted and anyone in your local network or in the network path could eavesdrop the traffic.
Select the cloud service (number) to be used.
1) aws
2) az
#? 1
Enter the region (number) for your instance:
1) eu-north-1 5) eu-west-1 9) ca-central-1 13) us-east-1
2) ap-south-1 6) ap-northeast-2 10) ap-southeast-1 14) us-east-2
3) eu-west-3 7) ap-northeast-1 11) ap-southeast-2 15) us-west-1
4) eu-west-2 8) sa-east-1 12) eu-central-1 16) us-west-2
#? 1
Using region: eu-north-1
Enter the availability zone (number):
1) eu-north-1a
2) eu-north-1b
3) eu-north-1c
#? 1
Using availability zone: eu-north-1a
Creating an AWS CloudFormation deployment for TOSIBOX(R) Virtual Central Lock
Your AWS profile is: awsprofile
Finding AMI id for region: ami-026bd8fcaa648a508
Creating deployment bucket..
make_bucket: newdep2
Packaging deployment..
Uploading to 6e6fc2e7a5377fbfda86b410d18b0b6b.template 1046 / 1046.0 (100.00%)
Successfully packaged artifacts and wrote output template to file packaged-template.yaml.
Execute the following command to deploy the packaged template
aws cloudformation deploy --template-file /Users/user/Downloads/aws/aws/packaged-template.yaml --stack-name <YOUR STACK NAME>
Creating deployment..
Waiting for changeset to be created..
Waiting for stack create/update to complete
Successfully created/updated stack - newdep2
=======================================================
STEP 2: Activation
Next we start activation of the Virtual Central Lock
This will phase take about 10 minutes and as it will
Download the latest software packages from TOSIBOX
software repository.
=======================================================
Name: newdep2 given..
Using name: newdep2 for deployment..
Using aws for deployment..
Enter activation code (empty to cancel): 1p18axxxxxxxxxxxxxxxxxxCrQQvKf
The activation url is: http://ec2-13-49-80-169.eu-north-1.compute.amazonaws.com/cgi-bin/vcl-activation
Activating license..
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 11 0 11 0 0 29 0 --:--:-- --:--:-- --:--:-- 29
Waiting until VCL installs.
Activation in progress.
Installing license.
Downloading software.................................
Waiting until the VCL restarts.
=======================================================
STEP 3: Remote matching
In order to start using the Virtual Central Lock,
start your TOSIBOX(R) Key and select:
Devices -> Remote Matching
After that enter the remote maching code, and
access your TOSIBOX(R) Virtual Central Lock by
connecting your TOSIBOX(R) Key and accessing the
admin user interface.
=======================================================
Please wait until the VCL system restarts (may take 5-10 minutes).
Waiting for the remote matching code.........................................................................................................
Use remote matching code to serialize : 10011220xxxxxxxxxxxxxagqZTm3sX2Zf6
Finished.
=======================================================
Alternative STEP 2+3: Activation+Remote Matching
If you experience problems with activation via cli you can start VCL webinterface bei open it via public IPv4-address shown in AWS EC2 vcl-instance.
Put in activation code and wait a couple of minutes (activation process will not show finish in that window)
Go to AWS >/ec2/mark your instances-id (vcl) > Menu Action/Monitor/System protocol
In system protocol you get the remote matching code:
Connect to VCL via Tosibox Key:
AWS – Amazon Management Console:
Problems with installation regarding WAN/LAN adapter:
Make 100% sure WAN subnet is
a) same availability zone where wanted LAN subnet is
B) is different from LAN (no overlapping networks)
If not, both cases require reinstall.
If availability zone is anyway different, it cannot be changed after VCL is activated. WAN port is bound to first Virtual Adapter and that’s it. If it is wrong or has to be moved LAN Access is required or -> Reinstall.
Tip:
Create WAN and LAN interface before you start to install VCL, with that you can be 100% sure that WAN is in same availability zone, but not overlapping networks/same subnet as LAN.
You cannot add network adapters from different availability zones to one appliance.