VPN

Is BLACKbox a VPN server?

BLACKbox hardware device can also serve as a VPN server over various protocols that are:

  1. P2P
  2. L2TP with pre-shared key
  3. L2TP with certificate

Port and static IP of the ISP router needs to be forwarded to BLACKbox for a secure connection.

Can BLACKbox support multiple VPNs?

No, BLACKbox is not an internet load-balancing device and hence cannot support multiple VPNs currently.

If there are multiple Internet connectivity over which a VPN connection needs to be established, a router with a round-robin configuration will be required. This router can then forward the VPN port from multiple static IPs to the LAN IP of BLACKbox in the network.

However, multiple VPN support would be provided in the next version of BLACKbox.

What is the bandwidth required for a VPN connection?

The bandwidth requirement for a VPN connection is totally based on usage. The size of the bandwidth at the hub location, spoke location, and remote user’s end will depend on the average file size accessed by the users, the number of users at each spoke location, types of software being used, and the type of client-server applications being accessed over VPN.

What type of internet connectivity is suggested on the host and clientside when connected via VPN?

A leased line on the host side (hub location where BLACKbox is hosted) and broadband with static IP on spoke locations is recommended for a multiple office locations use case. MPLS between the hub and spoke will give the best results.

For single hub and remote users (Work From Home) use case, leased line on the host side and stable 4G connectivity on remote user’s end is recommended.

Which products of BLACKbox are equipped with a VPN server?

VPN is a hardware-specific feature of BLACKbox. Hence, the following products of BLACKbox are equipped with VPN functionality:

  1. BLACKbox Prime T
  2. Turbo T
  3. Twin Prime T
  4. Twin Turbo T

DHSS, BLACKbox AAA, BLACKbox Duo, and DCDR solutions do not come with the VPN functionality.

Is BLACKbox VPN secured?

Yes, BLACKbox uses open SSL for VPN connectivity. The user also has an option to integrate their own enterprise digital certificate to create an SSL tunnel.

Can we configure a third-party VPN while using BLACKbox?

Yes, it is possible to use a third-party VPN. It is not necessary to use the BLACKbox VPN. Any VPN router or firewall with VPN capability can be configured to access BLACKbox data or AAA from outside the office network.

Do we need static IP in case of a multi-location scenario?

Yes, suppose it is intended to use a single BLACKbox for multiple locations by hosting BLACKbox at one location and making it accessible from other locations. In that case, static IP is required at each location wherefrom multiple users require to access BLACKbox hosted at the central location.

It will create an IPSEC tunnel, which will provide essential data security.

How can BLACKbox be connected using IPSEC?

It can be done by having MPLS or P2P, or Internet Bandwidth with Static IP at each location. The ISP router or firewall at the central location should be configured to accept connections on specific ports from the trusted locations’ static IPs and should be forwarded to BLACKbox. This is how IPSEC can be used to connect BLACKbox with multiple locations.

How to configure NAT for BLACKbox?

Every firewall or ISP router has a port forwarding function. It is required to forward a list of ports which will accept connection from outside and forward the request to the BLACKbox IP address assigned in LAN. This is how NAT can be configured for BLACKbox.

How to ensure the security of BLACKbox?

As far as the hardware is concerned, BLACKbox should be placed at a safe location. For data security, BLACKbox is accessible only on a VPN from outside the office network (LAN).

How can OneDrive be accessed when the user is not connected to BLACKbox VPN?

One drive is accessible on the internet. If the computer is connected to the internet, one drive will be connected. But, this will lead to the possibility of data leakage. BLACKbox folders will serve as a private cloud.

Please check if there is an actual need for the user to connect to one drive, as it will compromise the objective of data leakage prevention.

Are all files stored on the BLACKbox device?

If forced centralization is applied, all the files will reside on BLACKbox.

What is the configuration required in the firewall to access BLACKbox remotely?

Specific ports related to VPN should be opened in the firewall and should be forwarded to BLACKbox.

In case of VPN failure, how can a remote user access data?

In case of VPN failure, the SMB port can be opened to allow access. However, this is not recommended due to security concerns.

Will local internet work after connecting BLACKbox VPN?

You can configure VPN to allow or disallow local internet. If you choose to disallow local internet, local internet will not work.

Does BLACKbox support multifactor authentication during remote access?

No.

Does anybody with the correct credentials access BLACKbox AAA via browser? Is it possible to restrict the usage of particular devices?

There are two options:

  1. If you have restricted browser-based access to remote users through VPN, only those who have got a VPN client installed can access the application over the browser.
  2. If you have not provided a VPN, anybody who has a user name and password can access the application over the browser.

So if you want to restrict the usage of your application on certain devices, you should install a VPN on those specific devices only, and the user should not know the password of the VPN so that the user cannot configure that VPN on any other device.

How do we access the files on the private cloud from a computer without an installed agent?

Installing an agent to access data from a private cloud is compulsory. If you want to access data without installing the agent, you need to subscribe to the BLACKbox AAA license for the required number of users through which you can access the data over an internet browser.

Do we need a static IP?

If BLACKbox is installed on-premise and you want to access it remotely, you need static IP. You do not need a static IP for the BLACKbox OneCloud subscription.

Can we install Personal Domain SSL and Wildcard Certificate in BLACKbox for security?

Yes

Can VPN users be live monitored by the admin?

No

Back to categories