No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU

Failure to load portal template of USG6310 from SFTP of eSight

Publication Date:  2015-09-10 Views:  89 Downloads:  0
Issue Description

Fault symptom: The portal template for USG6310 used for  users authentication failed to be loaded from eSight

Topology:

The USG6310 are connected to eSight through an IPsec established with a USG6600 only for managemnt traffic.

The IPsec is established by using a Loopback interface on the USG6310.

The command file download sftp was used in a template created on the eSight to be run in all the USG remotly in order to download the portal files templates, the command runs without problem however the files were not downloaded.

The version of eSight is  V200R005C00SPC506

The version of USG6310 is V100R001C20SPC700

 

Solution

To allow the eSight upload the portal templates into the USG, follow the next procedure:

1. Configure white list of the eSight FTP server

Path of FTP configuration file opt\eSight\AppBase\sysagent\etc\sysconf\svcbase\med_node_1_svc.xml

Find the SFTP on the bottom of the configuration items, such as screenshots (note the < config name = "SFTP)"

Under the permitFileType attribute, add the need to increase the file type suffix;

Need to transport the HTML files, are followed by [hH] [tT] [mM] [lL], with "|" as the separator;

Need to transport the PNG file type, are followed by [pP] [nN] (gG), with "|" as the separator;

Save the filethen restart the eSight

2. Upload the portal file to eSight FTP server

eSight FTP server directory: eSight\AppBase\var\iemp\data\ftp

Upload all the portal file to: eSight\AppBase\var\iemp\data\ftp\portal

3. Login in eSight Network, use smart configuration to create a command template and distributed to the device

The command format is as follows:

system

(Enter the command line mode )

file download sftp *.*.*.* admin Changeme123 portal/*.html

(*.*.*.* is the eSight server IP addressadmin should be replaced for user name and Changeme123 for the password*.html is the portal page file)

file download sftp *.*.*.* admin Changeme123 portal/*.png

(*.*.*.* is the eSight server IP addressadmin should be replaced for user name and Changeme123 for the password*.png is the portal relevant picture file)

On USG63100 make a nat policy to make that all the flow that goes to eSight use the Loopback as a source to make that flow going to VPN tunnel. See attachemet configuration example.

END

Contribute Articles
Huawei Enterprise APP

Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.