Version: 1.15
The Rapid Tunneling server software was developed and tested on CentOS 5.X systems. Xorcom provides RPM for easy server installation in CentOS. Please contact Xorcom technical support (support@xorcom.com) if you want to set up the Rapid Tunneling server in a Debian-like system.
There are two stages to the setup process:
- Server installation
- Server configuration
Overview of the Communication Process
1. Create a connection invitation file
2. Enable the connection
3. Connect the PBX to the Rapid Tunneling Server
3.1. Web-based Rapid Tunneling Client
3.2. The Rapid Tunneling Client Command Line
4. Connect to the Customer’s PBX
5. Disconnect from the Customer’s PBX
6. Other rtadm options
Server Installation
1. Download the latest version of the Rapid Tunneling server RPM file. The RPM file name is:
rapid-tunneling-server-VERSION.noarch.rpm
and is available in the Xorcom ‘yum’ repositories:
http://updates.xorcom.com/astribank/elastix2/repo/
and
http://updates.xorcom.com/astribank/elastix/repo/
2. Install the RPM by running the following command:
rpm -Uvh rapid-tunneling-server-VERSION.noarch.rpm
Server Configuration
The server configuration parameters are defined in the /etc/rapid-tunneling/rtadm file.
The most important parameters are HOST and PORT. They define the IP/hostname and IP port that must be used for connecting to the server’s SSH daemon from outside the LAN. The client computers will connect to the server by using this IP information. For example, if your Rapid Tunneling server is installed behind a NAT router, then you have to define port forwarding to the server SSH service in the NAT router configuration and define the NAT router external IP and port in the HOST and PORT parameters. For example:
HOST=212.1.2.3 PORT=3422
How to Communicate With a Customer’s PBX
1. Create a connection invitation file
1.1 Connect as root to the Rapid Tunneling server and then change to the ‘support’ user:
su - support
1.2. Create a connection invitation file by running the following command:
rtadm create <port> <connection_name>
where, – <port> is any unused local port number, e.g. 12345. It will be used to connect back to the client. – <connection_name> is a string (without spaces) that identifies the client to be remotely supported. Any further administration of the connection will require this connection_name. A file named remote-access-<connection_name>.tar.gz will be created in the subfolder ‘tar’ of the current directory (/var/lib/rapid-tunneling/support)
For example, if you want to create an invitation file for a customer named “John” then you can run:
rtadm create 23456 john
The file /var/lib/rapid-tunneling/support/tar/remote-access-john.tar.gz will be created. This connection invitation file will be used by the customer to initiate a connection from his PBX to the Rapid Tunneling server. Therefore, this file must be sent somehow to the customer. You can copy this file first to your computer and then send it by e-mail.
1.3. Enable the connection
Enable connections using the created invitation by running:
rtadm enable <connection_name>
For example:
rtadm enable john
Note: You can combine the creation and enabling the process in a single command:
rtadm create -e <port> <connection_name>
2. Connect the PBX to the Rapid Tunneling Server
Ask the PBX user to create a connection between the PBX and the Rapid Tunneling server. He can do it by using either the Web-based Rapid Tunneling client or the command line in the Rapid Tunneling client.
2.1. Web-based Rapid Tunneling Client
Connect to the PBX at the address
https://pbx_address/support/
Login as user ‘support’ with password ‘akuo-kfo’ Click Browse, select the remote-access-<connection_name>.tar.gz file and click the Connect button. When the PBX is connected to the server then you will see the status is ‘Connected’.
The user can click the Disconnect button if they want to stop the communication.
In order to change the password for GUI access, connect to the PBX via SSH as user “root” and perform the following command:
htpasswd -m /etc/rapid-tunneling/gui.htpasswd support
You will be prompted to enter a new password.
2.2. The Rapid Tunneling Client Command Line
copy the remote-access-<connection_name>.tar.gz file to your PBX /tmp folder (e.g., via WinSCP) connect to the PBX via SSH and perform the following commands:
su - rapid-tunneling rapid-tunneling /tmp/remote-access-<connection_name>.tar.gz
Check that the connection has been established. Run the rapid-tunneling-status command:
[root@rnd-1 ~]# rapid-tunneling-status Connected
3. Connect to the customer PBX
Once the connection between the customer’s PBX and the Rapid Tunneling server is established it is possible to connect to the PBX from the server:
In order to get the PBX SSH session:
ssh ra-<connection_name>
In order to copy a file from the PBX:
scp ra-<connection_name>:/path/to/file .
In order to copy a file to the PBX:
scp local-file ra-<connection_name>:/path/to/file
Connect to the PBX Web interface:
ssh -g -L 1234:localhost:443 ra-<connection_name>
and then point your Web browser to
https://server_ip:1234
where server_ip is the Rapid Tunneling server’s IP address. Obviously, instead of port 1234 you can use any unused IP port on your server.
Important! You have to enable the GatewayPorts option in the SSH daemon configuration on the Rapid Tunneling server (/etc/ssh/sshd_config) in order to be able to use this feature.
4. Disconnect from the Customer’s PBX
You can disconnect from the PBX by running the following command:
rtadm disconnect <connection_name>
5. Other rtadm options:
Delete the invitation file from the server:
rtadm delete <connection_name>
Show all possible connections, whether they are enabled/disabled and connected/disconnected:
rtadm show
Enable or disable further connections from the specified client:
rtadm enable/disable <connection_name>