Partners Blog Contact Us

Super Admin: Configuring Your Server

Follow

This article includes the following sections for Configuring Your Server:

The very first time you log into your VidyoConnect for WebRTC Server, you are required to change the default System Console password to one that is more secure. This System Console account is also the same one used when accessing the Admin portal.

Logging in to the System Console

To log in to your System Console (also referred to as the Admin Console) and change the default password:

  1. Access the system console via the Console tab of a connected vSphere client or remotely via SSH using the 192.168.1.110 default IP over port 2222.
  2. Log in using the default Administrator account:

    User Name: admin

    Password: password (case sensitive)
  3. At the login prompt, enter admin.
  4. At the “(current) UNIX Password” prompt, enter password.

    The password is case sensitve.

    The Secure Password Change screen displays and prompts you to enter a new password and then enter it again.
  5. At the Password prompt, enter a new password.

    When selecting a new password, follow these guidelines:

    • The password should not be too similar to the old password.
    • The password must be at least 3 characters different from the old password.
    • The password should not be too simple or too short.
    The algorithm here is a point system to satisfy the min password length (the default is length 8 characters). The password gets extra points if it contains numbers, upper case, lower case, or special characters. Each point is equivalent to 1 character.

    • The password should not be a case change only of the old password or should not be the reverse of the old password.
  6. At the “Retype new password:” prompt, type your new password again.

    If the passwords don’t match, you’ll be prompted to try again. If the passwords match, the System Console main menu displays.

    Logging_in_to_the_System_Console_of_Your_Server_and_Changing_the_Default_Password_1.png

Configuring the Network Settings at the System Console

Each type of Vidyo server (VidyoPortal, VidyoRouter, VidyoGateway, or VidyoReplay) has a different default IP address and is necessary to perform the steps in this section:

  • VidyoPortal: 192.168.1.100
  • VidyoRouter:168.1.105 (optional external component)
  • VidyoGateway: 192.168.1.110 (optional external component)
  • VidyoReplay: 192.168.1.115 (optional external component)

 

The basic network setup for each type of Vidyo server is basically the same. You must perform a network setup for each of your Vidyo servers.

 

To configure the network settings at the System Console:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    The following illustrations show the System Console after you have logged in using a keyboard and VGA monitor plugged directly into the VidyoPortal.
  2. Enter 1 to configure IP Address.
  3. Press the Enter key.
  4. Enter 1 to select the PRODUCTION INTERFACE option or 2 to select the MANAGEMENT INTERFACE option depending on which one contains the IP you want to configure.
  5. Press the Enter key.

    Configuring_the_network_settings_at_the_system_console_1.png

    The Management Interface should not be used to transfer any media.
    For more information, see the Configuring RADIUS section.

     

  6. Enter 1 to select the IPv4 (Static) option to set the server IP address, subnet mask, default gateway, and MAC addresses, hostname, domain name, and FQDN.
  7. Press the Enter key on your keyboard after providing each value.

  8. Enter y and press the Enter key after you have entered the required information.

    Configuring_the_network_settings_at_the_system_console_3.png

    Unless you’re using the Hot Standby software option, the Native FQDN and Public FQDN should be the same.

    If you are using the Hot Standby software option, the Native FQDN will be the Native FQDN of the Active or Standby VidyoPortal and the Public FQDN will be the same as the Cluster FQDN. For more information, see Requesting System Licenses and Applying System License Keys and the Hot Standby section below.

    The Public FQDN provided here is the same one you use when requesting your license keys from Vidyo Support. For more information, see Requesting system licenses and applying system license keys and Applying the system license keys to your system.

     

  9. Enter 2 to configure DNS Nameserver to set the fully qualified domain name (if it exists) for the VidyoPortal and the IP addresses of the DNS servers:

    • Enter two DNS server IP addresses.
      If you have only one DNS server, use the same one twice.

      Configuring_the_network_settings_at_the_system_console_4.png
    • Enter y and press the Enter key once you have entered the required information.
      The System Console main menu displays.
  10. Enter the remaining network settings for the server as needed, confirming by typing y and pressing Enter after entering each prompt:

    • Enter 3 to configure NTP Time Servers to set the NTP (Network Time Protocol) time server.
    • Enter 4 to configure Time Zone to specify the time zone you are working in.
    • Enter 5 to configure Ethernet Options to set the MTU (Maximum Transmission Unit) size if necessary.
  11. Enter 14 to restart the server.
  12. Press the Enter key.

    When the server restarts, it will have the new network settings. Be sure to record your network settings, as you will need them for further configuration of your system.

Changing the Other Default Passwords

Besides changing the default password for the Vidyo Server (often referred to as the System Console or Admin Console), you should also change the following additional default passwords to ensure security and prevent unauthorized access:

  • VidyoPortal/VidyoOne Super Administrator

  • VidyoPortal/VidyoOne Administrator (per tenant)

    • Editing a user. In a multi-tenant system, you must do this for each Tenant Administrator.
  • VidyoRouter Administrator

  • VidyoManager Administrator

    • This password is tied to the System Console password.
  • VidyoProxy Administrator

    • This password is tied to the System Console password.

For more information about System Administrator Console Menu Options, see Understanding system administrator console menu options and Understanding the More Options Menu on the System Console.

Supporting Multiple System Console Accounts

System Console accounts can be used on the VidyoPortal, the VidyoRouter, and the VidyoGateway.

The System Console menu allows for the creation of up to ten System Console accounts. These accounts are created from the System Console.

To create System Console accounts:

  1. Log in to the System Console of your Vidyo Server.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

     

  2. Enter m for more options.
  3. Enter 19 to access the User Maintenance menu.

    Supporting_Multiple_System_Console_Accounts_1.png

    The User Maintenance screen provides the following options:

    • Enter A to add a user.

      Supporting_Multiple_System_Console_Accounts_2.png
    • Enter B to remove a user.
    • Enter C to show all user accounts.
    • Enter x to exit.
    The current user is also shown on the User Maintenance menu.

    In addition to accessing the the System Console menu, the ten System Console accounts can also access the VidyoGateway Admin pages.

     

    Each new System Console account has a default password of password, which is case sensitive.

    The System Console accounts force a password change on first login. To prevent the use of default passwords, each new System Console user must be present at the local console during account creation. That user must log in and change their password and it must satisfy the password complexity requirements.

Understanding System Administrator Console Menu Options

The following list takes you through configurations on the System Console menu options.

Understanding_System_Administrator_Console_Menu_Options_1.png

The following describes the options on the Main Menu.

  1. Configure IP Address – Enter 1 to configure your server IP address, subnet mask, and default gateway addresses. Initially, information must be configured locally. You can also use this option to configure the domain name, hostname, local FQDN, and public FQDN values.

    Configuration Example:
    IP Address Mode: static
    Network Interface: Production
    IPv4 Address: 192.168.1.100
    Subnet Mask: 255.255.255.0
    Default Gateway: 192.168.1.1
    Hostname: portal
    Domain Name: example.com
    Local FQDN: vidyoportal.example.com
    Public FQDN: publicvidyoportal.example.com

    The Public FQDN can match the Local or Native FQDN if desired.


    For more information, see Configuring the Network Settings at the System Console and the Configuring RADIUS section.
  2. Configure DNS Nameserver – Enter 2 to specify the Domain Nameserver.

    Configuration Example:
    Primary DNS Server for Host: 192.168.1.10
    Secondary DNS Server for Host: 192.168.1.11

  3. Configure NTP Time Servers – Enter 3 to set the Network Time Protocol (NTP) time server. Change to synchronize the system with a different time server.

    Configuration Example:
    Primary NTP Server: pool.ntp.org

  4. Configure Time Zone – Enter 4 to specify the time zone of your server. Change as necessary for accurate billing records.

    Configuration Example:
    US/Eastern

  5. Configure Ethernet Options – Enter 5 to set the Maximum Transmission Unit (MTU) size. The default is 1500. Only change this setting if your network MTU size is less than 1500. You can also turn autonegotiation on or off. Autonegotiation is on by default.

    Configuration Example:
    MTU Size: 1500
    Autonegotiation: On

    When Autonegotiation is set to Off, it means 100/Full.

  6. Display IP Address – Enter 6 to view the IP address.
  7. Display DNS Nameserver – Enter 7 to view the DNS servers.

    Configuration Example:
    Primary DNS Server for Host: 192.168.1.10
    Secondary DNS Server for Host: 192.168.1.11

  8. Query NTP Time Servers – Enter 8 to query NTP server.

    This command doesn’t work if the domain name server is not defined.
  9. Display Kernel IP Routing Table – Enter 9 to view how your server is configured for Ethernet routing.
  10. Display ARP Table – Enter 10 to display router and MAC address information. This information is read-only.
  11. Ping Utility – Select 11 to ping network addresses. Use Ctrl+c to stop pinging.
  12. Traceroute Utility – Enter 12 to run the utility.

    The system then prompts you for an IP address and port:

    • If you provide an IP address but do not provide the port, the system will display the trace route to the IP address you specified.
    • If you provide an IP address and also provide the port, the system will check if any ports in the firewall are blocking access to your Vidyo server, and then display them.
    Press Enter without providing an IP address to return to the Main Menu.
  13. Set ‘admin’ Password – Enter 13 for password menu options including functions to reset the admin password to the default value and change password.

    Adhere to the password guidelines explained in Logging in to the System Console.
  14. Reboot system – Enter 14 to restart your server.

    It can take up to a minute for your server to restart.
  15. Shutdown System – Shuts down your server.
  16. Restore HTTP(S) settings to default – Enter 16 to return HTTP settings to their default values (HTTP and port 80).

    This option is not available on the VidyoGateway and VidyoReplay System Console menu.
  17. ... (more options) – Enter m for a submenu containing additional options.

    For more information, see Understanding the More Options Menu on the System Console.
  18. Exit System Administrator Console – Enter x to close the SSH session. This command also closes SSH clients, if one is used.

Understanding the More Options Menu on the System Console

The following list describes commands on the More Options menu.

  1. Configure IP Address – Enter 1 to configure your server IP address, subnet mask, and default gateway addresses. Initially, information must be configured locally. You can also use this option to configure the domain name, hostname, local FQDN, and public FQDN values.
  2. Configure Adobe Connect Plugin – Enter 17 to configure your Adobe Connect Server and Adobe Connect Plugin.
  3. Display System ID – Enter 18 to display system identification data including the Local Time, Universal Time, and the System ID.
  4. User Administration – Enter 19 to perform user maintenance and create additional System Console accounts.

    For more information, see Supporting Multiple System Console Accounts.
  5. Hot Standby – This menu item only displays if you have the Hot Standby option applied on your system. Select H to access the Hot Standby menu.

    For more information, see the Hot Standby section.
  6. Vidyo Support – This menu enables a two-stage authentication process for the Vidyo Customer Support team that enables them to remotely SSH into the VidyoPortal for troubleshooting purposes.
  7. Advanced Options – Enter A to access advanced options.

    For more information, see Understanding the Advanced Options System Administrator Console Menu.
  8. Restart Web Services – Enter W to restart your Web services.
  9. ... (back to previous menu) – Enter b to return to the Main Menu from More Options.

Configuring FIPS on Your Vidyo Server

FIPS is the Federal Information Processing Standard 140-2. By default, FIPS mode is enabled on your Vidyo server.

FIPS Certified Modules include the following:

The following steps show you how to enable or disable FIPS mode from the System Console.

To disable or enable FIPS mode:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console of Your Server and Changing the Default Password.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 1 to disable FIPS-mode.

    This setting toggles between disable and enable states.
  5. Enter y to verify disabling (or enabling) the FIPS-mode change.
  6. Enter x to exit Advanced Options.
  7. Enter 14 to reboot the system.

    When your system comes back online, FIPS is then disabled (or enabled) on your Vidyo server.

Managing Network Routes

Static routes are used in deployments where Vidyo servers are in a DMZ between two segregated firewalls with no route for either internal or external traffic. Network Routes are also used when the Management Interface is enabled and you want to route traffic across that network.

Vidyo recommends this feature not replace adding proper network router to your DMZ to handle the proper subnet routes. Static route setup can lead to security vulnerabilities and should only be configured by advanced network administrators. Vidyo is not responsible for any possible security risk resulting from static route configurations.

 

You can either add a static route for one host at a time or add a route covering a range of IP addresses using a subnet mask.

To manage network routes:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 2 to select the Network Route Management option.

    Managing_Network_Routes.png

    The Route Management screen displays. Use this screen to add, remove, or remove all routes, navigate routes using Next or Previous, and exit the Route Management screen.
  5. Enter X to return to the Advanced Options menu.

Currently, you can only add a static route for one host at a time. Adding static routes for a range of IP addresses (or subnet) is not supported at this time.

To add network routes:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 2 to select the Network Route Management option.
  5. Enter 1 to add a Network Route.
  6. Enter the following information:

    • Destination – Enter an IP address of the target machine for your network route.

      You can either add a static route for one host at a time or add a route covering a range of IP addresses using a subnet mask. To specify a range (e.g.,172.16.1.0 – 172.16.1.255), you would enter 172.16.1.0/24, where 24 is the subnet mask.
    • Gateway – Enter the IP address of the Gateway through which your network route will travel.
    • Interface – Enter the PRODUCTION (eth0) or MANAGEMENT (eth1) interface you want your network route to use.

      If you want to cancel adding your Network Route, press Enter while providing no Destination, Gateway, or Interface information. The system tells you that you must provide valid information and to press any key. Press any key to return to the Route Management screen.

  7. Select y to confirm the change and add your Network Route.

    Your Network Route is then listed and numbered on the top of the Route Management screen.

    Adding_NetworkRoute.png
  8. Enter X to return to the Advanced Options menu.

To remove a network route:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 2 to select the Network Route Management option.
  5. Enter 2 to remove a Network Route.

    Adding_NetworkRoute.png
  6. Select y to confirm removing the selected Network Route.
  7. Select X to return to the Advanced Options menu.

To remove all of your network routes:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 2 to select the Network Route Management option.
  5. Enter 2 to remove all of your Network Routes.
  6. Enter y to confirm removing all of your Network Routes.
  7. Enter X to return to the Advanced Options menu.

To navigate your network routes:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 2 to select the Network Route Management option.

    • Enter N to navigate to the next Network Route.
    • Enter P to navigate to the previous Network Route.
  5. Enter X to return to the Advanced Options menu.

 

Adding Static Network Route 

 

With the addition of the Management Interface capability, the System Console allows you to add static network routes to the system.

 

To add static network routes to the system:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Select 2 to select the Network Route Management option.

    Adding_Static_Network_Routes_1.png
  5. Enter 1 to add a new route.
  6. Enter the Destination IP or Network (using Slash notation for the subnet mask).
  7. Enter the IP address of the route you want to use.

    Adding_Static_Network_Routes_2.png
  8. Select y to confirm your changes.

Configuring SNMP

SNMP is built into Vidyo Servers. For help on enabling and configuring SNMP, please see articles below:

For SNMP polling, you would use standard SNMP commands from an SNMP service. This would be something that is documented by the SNMP service provider or standard SNMP commands.

 

Enable SNMP only after configuring SNMP2 community strings or SNMPv3 users and creating notifications or traps.

To enable SNMP:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 4 to select the SNMP Administration option.
  5. Enter A to enable SNMP.

    The feature toggles between Enable and Disable states.
  6. Enter y to confirm the change and enable or disable SNMP.
  7. Enter X to exit the SNMP Administration menu.
  8. Enter x to exit Advanced Options.
  9. Enter 14 to reboot the system.

    When your system comes back online, SNMP is then enabled (or disabled).

You can configure notifications or traps that can be sent to your network management server via SNMP2 community strings or local SNMPv3 users. Notifications are created as either SNMPv2 or SNMPv3.

To create an SNMPv2 notification:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 4 to select the SNMP Administration option.
  5. Enter D to configure SNMP Notification.

    The SNMP Notification menu displays.
  6. Enter 1 to select the SNMPv2 Notification option.

    The SNMPv2 Notification menu displays.
  7. Enter 1 to select the SNMPv2 Notification option.
  8. Enter the IP or FQDN address of your network management server.
  9. Enter I or T to configure an Inform or Trap notification type.

    The system asks for the values in the remaining steps if your notification type is Inform or Trap.
  10. Enter your community string.

    The community string must be at least eight characters and contain no spaces.
  11. Enter y to confirm.

    After SNMPv2 notifications are created, they are listed in the top of the SNMPv2 Notification menu and Delete SNMPv2 Notification option displays as a second option.
  12. Enter X to return to the SNMP Notification menu.

To delete an SNMPv2 notification:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 4 to select the SNMP Administration option.
  5. Enter D to configure SNMP Notification.

    The SNMP Notification menu displays.
  6. Enter 1 to select the SNMPv2 Notification option.

    The SNMPv2 Notification menu displays.
  7. Enter 1 to select the SNMPv2 Notification option.
  8. Enter 2 to select the Delete SNMPv2 Notification option.
  9. Enter the number of the notification user you wish to delete.
  10. Select y to confirm.
  11. Select X to return to the SNMP Notification menu.

You can configure notifications or traps that can be sent to your network management server via SNMP2 community strings or local SNMPv3 users. Notifications are created as either SNMPv2 or SNMPv3.

To create an SNMPv3 notification:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 4 to select the SNMP Administration option.
  5. Enter D to configure SNMP Notification.

    The SNMP Notification menu displays.
  6. Enter 2 to select the SNMPv3 Notification option.

    The SNMP Notification menu displays.
  7. Enter 1 to select the SNMPv3 Notification User option.
  8. Enter the IP or FQDN address of your network management server.
  9. Enter I or T to configure an Inform or Trap notification type.

    The system asks for the values in the remaining steps if your notification type is Inform or Trap.
  10. Enter your Remote Engine ID if necessary.
  11. Enter your username.

    The username must be at least eight characters and contain no spaces.
  12. Enter and verify an authentication password of your choice.

    • This password uses SHA authentication.
    • The password must be at least eight characters.
    • Vidyo does not currently support MD5 authentication.
  13. Enter and verify a second authentication password of your choice.

    • This password uses AES encryption.
    • The password must be at least eight characters.
    • Vidyo does not currently support DES encryption.
      After SNMPv3 notification users are created, they are listed in the top of the SNMPv3 Notification menu and Delete SNMPv3 Notification User displays as a second option.
  14. Select X to return to the SNMP Notification menu.

To delete an SNMPv3 notification:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 4 to select the SNMP Administration option.
  5. Enter D to configure SNMP Notification.

    The SNMP Notification menu displays.
  6. Enter 1 to select the SNMPv3 Notification option.

    The SNMPv3 Notification menu displays.
  7. Enter 1 to select the SNMPv3 Notification option.
  8. Enter 2 to select the Delete SNMPv3 Notification option.
  9. Enter the number of the notification user you wish to delete.
  10. Enter y to confirm.
  11. Enter X to return to the SNMP Notification menu.

You can create two SNMPv2 community strings on your system that can access your network management server. One community string has read-only access and the other has read-write access.

To configure an SNMP community string:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter A to select the SNMP Administration option.
  5. Enter B to configure SNMPv2 Community String

    • Minimum required length is 8
    • Maximum length is 32
    • Characters are not allowed (e.g. &, SPACE, TAB,!,$,*,^,(,),{,})
  6. Select from the menu based on the SNMPv2 Community String type desired:

    • Enter 1 to create a read-only SNMPv2 community string, and then enter the read-only community string.

      The username must be at least eight characters and contain no spaces.
      After the read-only community string is created, the Create ReadOnly Community String option toggles and becomes the Delete ReadOnly Community String option.
    • Enter 2 to create a read-write SNMPv2 community string, and then enter a read-write community string.

      The username must be at least eight characters and contain no spaces.
    • Enter y to confirm.

      After the read-write community string is created, the Create ReadWrite Community String option toggles and becomes the Delete ReadWrite Community String option.
    • Enter x to return to the SNMP Administration menu.

To delete an SNMP community string:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter A to select the SNMP Administration option.
  5. Enter B to configure SNMPv2 Community String.
  6. Select from the menu based on the SNMPv2 Community String type desired:

    • Enter 1 to delete the read-only SNMPv2 community string, and then enter y to confirm.

      After the read-only community string is deleted, the Delete ReadOnly Community String option toggles and becomes the Create ReadOnly Community String option.
    • Enter 2 to delete a read-write SNMPv2 community string, and then enter y to confirm.

      After the read-write community string is deleted, the Delete ReadWrite Community String option toggles and becomes the Create ReadWrite Community String option.
    • Enter x to return to the SNMP Administration menu.

You can create two local SNMPv3 users on your system that can access your network management server. One user can have read-only access and the other can have read-write access.

To configure a local SNMPv3 user:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Select A for Advanced Options.
  4. Select 4 to select the SNMP Administration option.
  5. Select C to configure Local SNMPv3 User (User-based Security Model).
  6. Select from the menu based on the SNMPv3 User type desired:

    • Enter 1 to create a local SNMPv3 user with read-only access, and then enter a username for your local SNMPv3 user with read-only access.
      The username must be at least eight characters and contain no spaces.
    • Enter and verify an authentication password of your choice.
      • This password uses SHA authentication.
      • The password must be at least eight characters.
      • Vidyo does not currently support MD5 authentication.
    • Enter and verify a second authentication password of your choice.
      • This password uses AES encryption.
      • The password must be at least eight characters.
      • Vidyo does not currently support DES encryption.
        After the read-only user is created, the Create ReadOnly User option toggles and becomes the Delete ReadOnly User option.
    • Select 2 to create a local SNMPv3 user with read-write access, and then enter a username for your local SNMPv3 user with read-write access.
      The username must be at least eight characters and contain no spaces.
    • Enter and verify an authentication password of your choice.
      • This password uses SHA authentication.
      • The password must be at least eight characters.
      • Vidyo does not currently support MD5 authentication.
    • Enter and verify a second authentication password of your choice.
      • This password uses AES encryption.
      • The password must be at least eight characters.
      • Vidyo does not currently support DES encryption.
        After the read-write user is created, the Create ReadWrite User option toggles and becomes the Delete ReadWrite User option.
    • Enter x to return to the SNMP Administration menu.

To delete a local SNMPv3 user:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Select m for more options.
  3. Select A for Advanced Options.
  4. Select 4 to select the SNMP Administration option.
  5. Select C to configure Local SNMPv3 User (User-based Security Model).
  6. Select from the menu based on the SNMPv3 User type desired.

    • Select 1 to delete the local SNMPv3 user with read-only access.
    • Select y to confirm.

      After the read-only user is deleted, the Delete ReadOnly User option toggles and becomes the Create ReadOnly User option.
    • Select 2 to delete the local SNMPv3 user with read-write access.
    • Select y to confirm.

      After the read-write user is deleted, the Delete ReadWrite User option toggles and becomes the Create ReadWrite User option.
    • Select x to return to the SNMP Administration menu.

Managing Hostnames

Hostname entries can be added to a single hostfile on your VidyoPortal. These entries are used to map an IP addresses to a specific Hostname or FQDN.

Vidyo recommends that this feature not replace adding proper records to your internal and external DNS servers. It should only be used to support DMZ deployments where there is no DNS server access from the DMZ and allowing the different servers to properly locate each other.


The Cluster FQDN of the VidyoPortal can be added to the hostfile to avoid making DNS queries from your VidyoManager, VidyoRouter, and VidyoProxy to the same VidyoPortal on which they reside. If you use the same Public FQDN as your Cluster FQDN, then it is not necessary to add the Cluster FQDN to your hostfile.

To manage hostnames:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 5 to select the Hostname Management option.

    Managing_Hostnames.png

    The Host Entries screen displays. Use this screen to add, remove, or remove all hostnames; navigate hostnames using Next or Previous; and exit the Host Entries screen.
  5. Select X to return to the Advanced Options menu.

To navigate your hostnames:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 5 to select the Hostname Management option.
  5. Enter N to navigate to the next Hostname.
  6. Enter P to navigate to the previous Hostname.
  7. Select X to return to the Advanced Options menu.

To add hostnames:

    1. Log in to the System Console.

      For more information, see Logging in to the System Console.

      Press the Enter key after each prompt.

    2. Enter m for more options.
    3. Enter A for Advanced Options.
    4. Enter 5 to select the Hostname Management option.
    5. Enter 1 to add a Hostname.
    6. Enter the following information:

      • Hostname/FQDN – Enter a Hotname or FQDN you want to map to a specific IP address.
      • IP Address – Enter the IP address you want to map to the specific Hostname or FQDN.

        If you want to cancel adding your Hostname, press Enter while providing no Hostname/FQDN or IP Address information. The system tells you that you must provide valid information and to press any key. Press any key to return to the Host Entries screen.

    7. Enter y to confirm the change and add your Hostname.

      Your Hostname is then listed and numbered on the top of the Host Entries screen.

      Managing_Hostnames.png
    8. Enter X to return to the Advanced Options menu.

To remove hostnames:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 5 to select the Hostname Management option.
  5. Enter 2 to remove a Hostname.
  6. Enter the corresponding number of the Hostname you want to remove.

    Managing_Hostnames.png
  7. Enter y to confirm removing the selected Hostname.
  8. Enter X to return to the Advanced Options menu.

To remove all of your hostnames:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 5 to select the Hostname Management option.
  5. Enter 2 to remove all of your Hostnames.
  6. Enter y to confirm removing all of your Hostnames.
  7. Enter X to return to the Advanced Options menu.

 

Enabling Secure Shell Access on the Management Interface

As a System Console Administrator, you can enable secure shell access (SSH) to the Management Interface of your system for you and other System Console Administrator accounts. This option is disabled by default.

When SSH is enabled on your Vidyo server, it runs on port 2222.

 

Secure shell access (SSH) is only permitted on the Management interface. If you enable SSH, be sure to setup whitelist IP filters to ensure access is only granted to specific machines.

To create System Console accounts:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 5 to enable SSH.
  5. Enter y to change the current setting.


Enabling an Emergency Admin User

As a System Console Administrator, you can enable a single Emergency Admin user. This option is disabled by default.

The Emergency Admin user can only access the system with a directly connected keyboard and monitor.

 

The Emergency Admin user can only log in via the System Console and re-enable and reset a System Console Admin user’s password. When enabled, the Emergency Admin user’s default password is password. You should immediately change this password; however, note that this password does not have to adhere to the password guidelines explained in Logging in to the System Console.

In order to reset a System Console Admin user’s password, you must know the username. The user’s password is automatically reset to the default password, which is password.

To enable emergency admin users:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 7 to select Emergency User.

    The Emergency Account menu provides the following options:

    • Enter A to add (or remove) the emergency account.

      EmergencyAdminUsers.png
    • Enter B to show the emergency account.
    • Enter C to change the password of the emergency account.

      When enabled, the Emergency Admin user’s default password is password. You should immediately change this password; however, note that this password does not have to adhere to the password guidelines explained in Logging in to the System Console.

  5. Enter X to exit.

Configuring Your SSH Port

You can configure your SSH port to either 22 or 2222.

To configure your SSH port:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter 6 to select the SSH Configuration option.

    Configuring_Your_SSH_Port_1.png
  5. Enter 1 to toggle 22 and 2222 options.
  6. Enter y to confirm.
  7. Enter X to exit.
  8. Enter x to exit Advanced Options.
  9. Enter 14 to reboot the system.

    When your system comes back online, your SSH port is changed.


Configuring Your Web SSL/TLS Settings

You can configure your web SSL/TLS settings to ensure that your network is secure at all times.

To configure your web SSL/TLS settings:

  1. Log in to the System Console.
    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.



  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter A to select the Web SSL/TLS Settings option.
  5. Select the appropriate web SSL/TLS setting to enable the desired level of security for your network.

    Web_SSL_TLS.png

    Enter Y or N to confirm all changes after each selection.


    • Enter 1 to select the Default (Default Cipher Suite/TLS 1.0 or Higher) option for old backward compatibility that works with all clients back to Windows® XP/IE6.
    • Enter 2 to select the Intermediate (TLS 1.0 or Higher) option for compatibility with legacy clients as old as Firefox® 1, Chrome™ 1, IE 7, Opera 5, Safari® 1, Windows XP IE8, Android™ 2.3, and Java™ 7.
    • Enter 3 to select the Modern (TLS 1.2 or Higher) option for compatibility with modern clients such as Firefox 27, Chrome 30, IE 11 on Windows 7, Edge, Opera 17, Safari 9, Android 5.0, and Java 8, which provides a higher level of security.
    • Enter 4 to select the Reload Web Security Config option to reload the Apache with the new settings without dropping active calls. New sessions will use the updated settings.

      For additional information about these settings, refer to the following web page: https://wiki.mozilla.org/Security/Server_Side_TLS.

      You should use the Reload Web Security Config option after selecting either the Default (Default Cipher Suite/TLS 1.0 or Higher), Intermediate (TLS 1.0 or Higher), or Modern (TLS 1.2 or Higher) option and confirming all changes so that active calls on your system are not disrupted.

  6. Enter x to return to the Advanced Options menu.

Configuring Your VidyoRouter Media Priority

You can configure the media priority to allow media traffic on your production interface only, or you can allow it on both production and management interfaces but must give priority to either one.

 

To configure your VidyoRouter media priority:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter P to select the Media Priority option.

    VR_Media_Priority.png

    Confirming any change to your VidyoRouter media priority selection will disrupt active calls on your system.

  5. Select from the menu based on the interface prioritzation you want your VidyoRouter to give media in your system:

    • Enter 1 to select the PRODUCTION (default) option to only allow media traffic on your production interface, and then enter y to confirm.
    • Enter 2 to select the PRODUCTION and MANAGEMENT option to allow media traffic on both production and management interfaces, but give priority to production, and then enter y to confirm.
    • Enter 3 to select the MANAGEMENT and PRODUCTION option to allow media traffic on both production and management interfaces, but give priority to management, and then enter y to confirm.
  6. Enter x to return to the Advanced Options menu.

You can configure whether or not you will allow VidyoRouters to register to the VidyoPortal on your production interface only, or both your production and management interfaces.

To configure service accessibility:

  1. Log in to the System Console.

    For more information, see Logging in to the System Console.

    Press the Enter key after each prompt.

  2. Enter m for more options.
  3. Enter A for Advanced Options.
  4. Enter S to select the Service Accessibility option.

    ServiceAccessibility.png

    Confirming any change to your service accessibility selection will disrupt active calls on your system.

  5. Select from the menu based on which interfaces you want to allow your VidyoRouter to register to the VidyoPortal:

    • Enter 1 to select the PRODUCTION (default) option to only allow VidyoRouters to register to the VidyoPortal on your production interface, and then enter y to confirm.
    • Enter 2 to select the PRODUCTION and MANAGEMENT option to permit media traffic on both production and management interfaces, but give priority to production, and then enter y to confirm.
  6. Enter x to exit Advanced Options.


Logging in to the Super Admin Portal

Now that you have connected your Vidyo Server to the network, you must log in as the Super Admin and configure the VidyoPortal in order to ensure that it can function within your VidyoConferencing system.

To log in as the Super Admin:

  1. Enter the IP or FQDN address (Fully Qualified Domain Name) for the VidyoPortal in the address bar of a web browser, followed by a forward slash and the word “super”:

    http://[IP or FQDN address]/super

  2. Log in using the new password that you have set. Otherwise, log in using the default Super Admin user name and password:

    User Name: super

    Password: password (case sensitive)

    Logging_In.png


Checking the Status of the Components

To check the status of the components:

  1. Log in to the Super Admin portal using your Super Admin account.

    For more information, see Logging in to the Super Admin Portal.
  2. Click the Components tab.

    Status_Components.png
  3. Verify that the VidyoManager component has a Status of UP.


Requesting System Licenses and Applying System License Keys

After purchasing your license, if you’re running VidyoPortal Virtual Edition or the Hot Standby software option, you’ll receive Fully Qualified Domain Name (FQDN) licenses (removing license dependency to your Vidyo hardware). Otherwise, you’ll receive System ID-based licenses (licenses tied to your Vidyo hardware).

By default, you will receive System ID-based license unless you are running VidyoPortal Virtual Edition or using the Hot Standby software option. Using VidyoPortal Virtual Edition or the Hot Standby software option requires an FQDN license.

Existing customers with System ID-based licenses using VidyoPortal Virtual Edition or the Hot Standby software option can be converted to an FQDN license by contacting Vidyo Support.

System ID-based licenses and FQDN-based licenses were sent to the email address you provided when making your purchase. However, if you do not possess these licenses, you may request them after providing your configured system information and using the procedures in this section.

The Vidyo licensing team usually sends out keys within one business day from the time you submit the required information from the Vidyo website form. Licenses are sent to the email address you provided.

If you have any licensing questions, please contact Vidyo's license team with your MAC address, System ID, and Public FQDN at licenses@vidyo.com.

If you’re running the VidyoPortal Virtual Edition or the Hot Standby software option and were able to provide your FQDN at the time of purchase, your FQDN-based licenses were sent to the email address you provided at that time. However, if you do not possess these licenses, you may request them after providing your configured system information and using the procedures in this section.

To request Vidyo FQDN-based licenses:

  1. Contact the Vidyo license team with your MAC address, System ID, and Public FQDN at licenses@vidyo.com if you were unable to provide an FQDN for your license at the time of purchase.

    Otherwise, if you did provide an FQDN when ordering, your license keys were provided in the email sent to you after order processing.
  2. Submit your system information using the form on the Vidyo website.

System ID-based licenses and FQDN-based licenses were sent to the email address you provided when making your purchase. However, if you do not possess these licenses, you may request them after providing your configured system information and using the procedures in this section.

To request Vidyo System ID-based licenses:

  1. Request Vidyo system ID-based licenses from the Vidyo license team with your MAC address, System ID, and Public FQDN at licenses@vidyo.com if you did not receive an email containing your System ID-based licenses after order processing.

    Otherwise, if you did receive an email containing your System ID-based licenses after order processing, proceed by applying the license keys to your system.
  2. Submit your system information using the form on the Vidyo website.

Your VidyoPortal ships with factory default licensing. You need to apply your full Vidyo system license keys in order to access the license quantities and options purchased. The procedure for doing this varies depending on whether or not you are running the Hot Standby software option.

Your VidyoPortal ships with factory default licensing. You need to apply your full Vidyo system license keys in order to access the license quantities and options you purchased.

If you do not possess these licenses, you may request them after providing your configured system information.

Applying licenses:

The procedure differs for applying system license keys to your system if you are running the Hot Standby software option.

System ID-based licenses and FQDN-based licenses were sent to the email address you provided when making your purchase. However, if you do not possess these licenses, you may request them after providing your configured system information.

You will receive an email from Vidyo Customer Support to the address you provided with your purchase order from the license request web page. This email contains a single .zip archive containing specific files based on the VidyoPortal version you are running as follows:

Applying_System_License_Keys_to_Your_System_1.png

The email also includes a license information text file that includes license information details. This file is prefixed with “LicenseInfo.”

Your VidyoPortal system-wide license defines the term (length) of your license, the number of VidyoLines, and installations available for use as well as whether it is currently being used:

  • A single- or multi-tenant system
  • Licensed for UC integration, encryption, Hot Standby, Executive lines, and APIs (the API license is also used to enable Adobe Connect integration)

To apply the system license keys to your system:

  1. Log in to the Super Admin portal using your Super Admin account.

    For more information, see Logging in to the Super Admin Portal.

    The Components page displays by default.
  2. Click the Settings tab.

    The Upload System License page displays by default.

    Applying_System_License_Keys_to_Your_System_2.png
  3. Click Browse.

    Applying_System_License_Keys_to_Your_System_3.png
  4. Upload your VidyoManager license if you are running a VidyoPortal version earlier than 3.2 by doing the following:

    • Select the appropriate VidyoManager license file based on the VidyoPortal version you are running.

      The license file for users running VidyoPortal version 3.2 or later is prefixed with “v3.” The license file for users running VidyoPortal version 3.0 or 3.1 is prefixed with “v2” and contains syslicense in the name. The license file for users running VidyoPortal versions earlier than 3.0 contains syslicense in the name without a “vx” prefix.

    • Click Upload to apply the license.
  5. Upload the license file for all VidyoPortal versions:

    • Select the appropriate license file based on the VidyoPortal version you are running.

      The license file for users running VidyoPortal version 3.2 or later is prefixed with “v3.” The license file for users running VidyoPortal version 3.0 or 3.1 is prefixed with “v2” and contains syslicense in the name. The license file for users running VidyoPortal versions earlier than 3.0 contains syslicense in the name without a “vx” prefix.

    • Click Upload to apply the license.
  6. Click the Tenants tab and edit the Default Tenant by clicking the Default Tenant Name.
  7. Allocate the full set of licenses to the Default Tenant.

    Applying_System_License_Keys_to_Your_System_4.png
  8. Click Save.

Licensing User Types Overview:

VidyoLines Licensing Model
User Type VidyoLines*
Super Admin -
Admin
Operator
Executive Desktop -
Normal User
Guest
VidyoRoom (used for VidyoRoom as well as for VidyoPanorama 600) -
VidyoGateway -
VidyoPanorama 1.0 -


*In the VidyoLines licensing model all users with a checkmark consume a line for all calls.

 


Setting the Language for the Super Admin Interface

The VidyoPortal’s Super Admin interface is available in these 15 languages:

  • Chinese (Simplified)
  • Chinese (Traditional)
  • English
  • Finnish
  • French
  • German
  • Italian
  • Japanese
  • Korean
  • Polish
  • Portuguese
  • Spanish
  • Thai
  • Turkish

Interfaces are immediately modified after selecting your preferred language using the drop-down.
Preferred language changes to the Super Admin interface have no effect on the Admin and VidyoDesktop interfaces.

 

To set the language of your Super Admin portal:

  1. You can set the language of your Super Admin portal in either of the following ways:

    • Use the language drop-down on the upper-right corner of the Super Admin Login page.

      System_Language.png

      The language drop-down may be used before or after logging in to the system.
    • Use the Super Account screen from inside the Super Admin portal:
      • Log in to the Super Admin portal using your Super Admin account.
        For more information, see Logging in to the Super Admin Portal.
        The Components page displays by default.
      • Click the Settings tab.
      • Click Super accounts on the left menu.
  2. Select the Super Admin’s language from the Language drop-down.
  3. Click Save.

    Setting_the_Language_for_the_Super_Admin_Interface_2.png

    You are automatically logged out of the Super Admin Portal.


Managing Your Super Admin Accounts

The Super accounts tab allows you to create and change Super Accounts.

This section provides steps to view, edit, and add Super Admin Accounts.

Caution: Each Super Account is required to have a valid, resolvable, email address in order to function properly in your VidyoConferencing system.

Viewing Your Super Accounts

To view your super accounts:

  1. Log in to the Super Admin portal using your Super Admin account.

    For more information, see Logging in to the Super Admin Portal.

    The Components page displays by default.
  2. Click the Settings tab.

    The Upload System License page displays by default.
  3. Click Super accounts on the left menu.

    The Super Accounts page displays.

    Viewing_SuperAccounts_1.png
  4. Click an existing account Member Name to access its details.

    You can also click Add below the Super Accounts list. Adding or Editing account details show the same screen with different headings. Fields marked with an asterisk cannot be left blank.

    Viewing_SuperAccounts_2.png

    Change the default Super Account email address so you receive important system notifications.



    For security purposes, you should change the password for Super Admin access as soon as possible.
  5. Modify field values for your Super Account as desired.
  6. Click Save.

    For information about adding multiple super accounts, see Adding Multiple Super Admin Accounts.


Editing Super Account Information and Changing the Password

To edit super account information and change the password:

  1. Log in to the Super Admin portal using your Super Admin account.

    For more information, see Logging in to the Super Admin Portal.

    The Components page displays by default.
  2. Click the Settings tab.

    The Upload System License page displays by default.
  3. Click Super accounts on the left menu.

    The Super Accounts page displays.
  4. Click an existing account Member Name to access its details.

    You can also click Add below the Super Accounts list. Adding or Editing account details show the same screen with different headings. Fields marked with an asterisk cannot be left blank.
  5. Select the Change Password checkbox.

    The Password and Verify Password fields display.

    Editing_SuperAccount_Info.png
  6. Enter your current password in the Your Current Password field.
  7. Enter your new password in the New Password For The User field.
  8. Enter your new password again in the Verify New Password field.
  9. Click Save to complete the password change.

    The system indicates a password mismatch until the last letter is typed in the Verify New Password field.

Super Admins can create and delete multiple Super Admin accounts.

To add multiple Super Admin accounts:

  1. Log in to the Super Admin portal using your Super Admin account.

    For more information, see Logging in to the Super Admin Portal.
  2. Click the Settings tab.

    The Upload System License page displays by default.
  3. Click Super accounts.

    The Super Accounts page displays.

    MultipleSuperAdminAccounts.png
  4. Click Add to add a new Super Admin account.

    MultipleSuperAdminAccounts_2.png
  5. Enter field values for your new Super Account.

    Fields marked with an asterisk cannot be left blank.

    Caution: Each Super Account is required to have a valid, resolvable email address in order to function properly in your VidyoConferencing system.

  6. Select the Enable checkbox to enable the account.
  7. Click Save.
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.