Sometimes, you might be unsure if your Nebula Access Point has indeed reached out to the Nebula Control Center. This tutorial will help you check the Connectivity of your Nebula Access Point.
Check the LED status of the device.
Upon the first installation, NAPs should right away perform a firmware upgrade, you will be able to notice the LED blinking rapidly in either Red or Amber color. You can refer to the user guide in online documents in NCC to see the LED behavior of different models in which you can determine the next items to check.
Check connectivity status in local GUI
Access the local GUI by typing the IP of your NAP or by default IP 192.168.1.2 if no DHCP server is in the network.
Here you can find 4 statuses indicating the following information.
- Ethernet: The LAN connection to the gateway
- Internet: The connection to 8.8.8.8 will determine connected or not
- Nebula Connectivity Status: Indicates the connection to the Nebula connectivity server
- Activation Status: Whether or not the device has been registered
Check firewall settings
On NCC, in Help> Security policy information, enlists the ports required for nebula devices to be online and work properly.
TCP 6667 / 4335 Port used for device netconf connection and management to Nebula Control Center.
TCP 443: Port for users to access HTTPS websites in this case Nebula control center webpage, with PCs or laptops.
UDP 123: Port for NTP time sync, Nebula devices requires synchronizing a universal time, the feedback from Nebula devices to the server and also statistical information greatly requires the correct time kept on the devices.
Check the Routing to Nebula Servers
In the case of access points to have internet connection but not connecting to Nebula servers, you can traceroute to the domain of Nebula connectivity server to know which part of the traffic stopped or if it's possible to reach. Our servers are hosted by Amazon Web Services (AWS), so if the traceroute is possible to reach any Amazon domains or routers, then the connection should be good.
The domain for our servers is
Connectivity Server: d.nebula.zyxel.com
a. Open cmd, type "nslookup d.nebula.zyxel.com" for the DNS to resolve the IPs of the domain
b. Traceroute any of the IP, ex: tracert 52.210.235.173
c. After the routes have been shown, find the available IP of the last few hops for example. 52.93.7.176, and query them online to see which company/org. own the router. If you see Amazon IPs, then you’ll know the routine to the server should be good to reach AWS.
Note: Ping is not able to get the response from the server as they will be discarded.
Verification
If all the requirements for Nebula devices are met, should you be able to see the access points online and configurable in the Nebula Control Center?
Comments
0 comments
Please sign in to leave a comment.