Initial Log-In and Infinity VIP Setup Tool
Important! The instructions in this section presume the following:
You have already connected the VIP hardware appliance ports (AoIP, WAN, or both) to their respective switches.
You know the IP addresses you wish to use for the VIP AoIP and WAN ports.
You know the IP address range reserved for the various VIP components.
See the Network Connections and Configuration Section for more information.
Initial Log-In
Connect keyboard, mouse, and monitor to the VIP appliance as shown in the Installation and Startup section and apply AC power.
After the boot sequence is complete, the screen should appear as shown below in Figure 1.
At the telosinfinityserv login prompt, type "admin".
If the log-in screen differs from what is shown below, press "Enter."
Upon logging in for the first time, you will be prompted to set a password for the admin account. Passwords must be at least six characters long. Remember to hit "Enter" after entering your password.
Important! The password will not be displayed on-screen as you type. Please be very careful typing your password. If you feel you have made an error while entering your password, backspace beyond the number of characters you have entered to ensure you have deleted all entered text, then enter your password. See Figure 2 below.
After you have carefully and successfully entered your password, the Telos VIP Setup menu will appear as shown in Figure 3 below. If the menu does not appear and the admin prompt remains, type "vip-setup-admin" followed by the "Enter" key to enter the setup menu.
System Network Setup
Once Infinity VIP setup has been run, the "Telos VIP Setup" menu will appear. Use the arrow keys to highlight "1 Set up System Network", then click "OK".
The Network Manager TUI window will appear. Highlight "Edit a connection", then click "OK".
The "Edit" selector window will appear.
Highlight either "WAN" or "AoIP" as appropriate, then click "Edit".
Important! In early versions of the VIP appliance, selections labeled ENO0 and ENO1 appear in addition to WAN and AoIP. In this case, open ENO0 to edit the AoIP address and ENO1 to edit the WAN address. Do not edit the WAN and AoIP selections.
Later versions show only options for WAN and AoIP.
The "Edit Connection" window will appear allowing the IP configuration information to be entered and may require help from your IT manager.
Figure 7 below shows an example of a VIP configuration where only the AoIP network is used, necessitating addresses for the Gateway and DNS Server.
If necessary, repeat the above steps for the remaining network.
Important! If you are unsure about any of the information required to complete these steps, please contact Telos Alliance Support for assistance.
Exiting or Restarting
On occasion, it may be necessary to quit the VIP Setup Menu to restart or terminate the configuration process. Clicking on the “Exit” button at any time will return you to the console prompt.
If the menu does not appear and the admin prompt remains, type "vip-setup-admin" followed by the "Enter" key to enter the setup menu.
Docker Network Setup
The Docker network must also be configured. From the Telos VIP Setup menu, highlight "Set up Docker Network", then click "OK". If prompted, enter the admin password.
A confirmation window will appear confirming that the Docker network setup configuration is required.
Enter the first IP address of the block you reserved for VIP. See the Network Connections and Configuration section for more information. This IP address is used for internal routing and should not be used on any containers or devices on the AoIP network.
Note - The Docker Network option can be rerun multiple times. Docker networks consist of a Name and GUID (Globally Unique IDentifier). If the Docker network named 'telosmacvlan' exists, each time this setup is run that network will be deleted. It is then recreated with the same name (telosmacvlan) and a new GUID. All containers will need to be attached to the new 'telosmacvlan' network and rebuilt or they will fail to start. The 'telosmacvlan' and old GUID the container refers to no longer exist.
VIP Domain Name Setup
The Domain is needed in order for clients to connect for the VIP from external networks or the Internet. The name needs to resolve to the public IP address of the VIP Server Appliance. Alternatively, it can point at a router that forwards the traffic to the VIP server.
There are security and internet connectivity considerations that are addressed in the Security and Internet Access section.
If the configuration is using an Internet router, the following ports must be forwarded:
TCP 443 (HTTPS) - Provides access to the VIP Client WEB
TCP 80 (HTTP) - Needed during the setup of Letsencrypt security certificate validation
Note - You may test networks or systems using a temporary IP address by using one of the free DNS services to obtain a domain name for the network. For example, https://www.noip.com/download?page=win.
From the Telos VIP Setup utility, highlight "Set VIP Domain Name", then click "Enter".
Enter your fully qualified domain name, then click "OK".
Verify the new domain name by clicking "Yes."
Web Authentication
There are two different options that nginx can use to secure web access: Basic authentication, and authentication using OpenID Connect (OIDC).
Basic authentication is enabled by default**.** The default login is "user" with no password**.** Select Basic Authentication to change the login to ‘admin’ and a password of your choosing.
OpenID Connect is the third generation of OpenID technology. It is an authentication layer on top of the OAuth 2.0 authorization framework.[82]. It allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as obtaining the end-user's basic profile information in an interoperable and REST-like manner.
Applying the Configuration
Important - The next step - updating the proxy server - is critical! The nginx reverse proxy needs to be updated with your existing containers and IP addresses. Without this configuration update, invites to panels that navigate to <YourDomain>/beacon or <YourDomain>/vipX will fail.
The configuration must be updated any time IP addresses are updated or new VIP containers are added, or they will be inaccessible.
Last updated
