1. Connect LANforge systems through the normal management LAN for initial configuration. The resources should be visible in the management tab
2. In this case, we are using wiphy0 for the Aux-Mgt interfaces. On the manager system, configure wiphy0 to be on the desired channel, create a virtual AP on wiphy0, and configure it appropriately. The Aux-Mgt checkbox should be selected, a static IP should be assigned, and an appropriate SSID configured. The AP Aux-Mgt port will automatically serve DHCP and will try to NAT and route packets to the wired Management interface.
3. On the other resources, configure the wlanX interface to connect to the AP on the manager system, and select the Aux-Mgt checkbox.
4. The Port-Mgr tab should look something like this when the Aux-Management interfaces are configured.
5. To test that it works properly, you can now remove the wired Manament port connection and wait about 1 minute for the old connection to time out and re-connect to the Auxiliary Management port. Or, just reboot systems with the wired ports unplugged and they should be discovered on the Aux-Mgt ports promptly.

1. Using the Control Panel:
   1. Click Start, Run, control, [enter]
   2. Search and select Network Status and Devices
   3. We click on our device, Ethernet 3:
   4. Find and/or set the IP address: from Status, click Properites
   5. double click TCP/IPv4
   6. you will see and can change the IP address.:
2. Various DOS commands to find the IP addresses on the system:
   1. ipconfig and ipconfig /all
   2. netsh interface ipv4 show address
3. Resetting your DHCP address via command line:
   1. ipconfig /release
   2. ipconfig /renew

1. Method 1: use the Control Panel
   1. Click Start, Run, control, [enter]
   2. Search and select Network Status and Devices
   3. We click on our device, Ethernet 3:
   4. Click Details...
   5. Details will show the MAC address (physical address):
   6. (Suggested) Set the IP address if you have not already.

      For more information see Finding Windows IP Address

2. Method 2: use the DOS command-line. You want to correlate the IP address and MAC address of the Windows ethernet port:
   1. Click Start, Run, and type cmd, and press [Enter]
   2. Show interfaces by name with the command: netsh interface ipv4 show addresses
   3. (Optional) if you do not see results, you might need to start the network autodiscovery service: net start dot3svc
   4. (Optional) Depending on the edition of Windows, the command netsh lan show interfaces will display mac addresses.
   5. Show mac addresses with: getmac /v /fo csv
      _{(The CSV formatted command of the command ensures that we will see the entire name of the interface which can be trimmed short in the default output format.)}
   6. These commands will make it easier to copy using notepad:
      

      netsh interface ipv4 addresses > ifnotes.txt
      getmac /v /fo csv >>ifnotes.txt
      notepad ifnotes.txt

      
   7. Now you can easily copy the values:

set | findstr /i temp

1. When you double click on the PuTTY icon and it launches, you can start customizing your session preferences. We'll name this session jedtest
2. Let's default the window to something large, like 120 columns and 56 rows.
3. The Fixed font can be replaced with the Consolas font.
4. Let's turn on TCP Keep-alive and set IPv4 as the default networking protocol.
5. We login to LANforge resources with user lanforge
6. Generating a SSH keypair is not difficult. Let's enter the path to our public key file.
7. We have done our PuTTY config. Now back to the top Session screen, and click Save

1. Create your own public ssh key.

   For more information see WinScp Net

2. Start Pagent. Configure it to load on startup.
3. In the System Tray you will see the Pagent icon.
4. Right-click the Pagent icon and click Add Key to select your key
5. You will need to provide your pass-phrase to load your key
6. We see a loaded key
7. Here is our key, we will view the .pub file to copy out the public key.
8. In a putty window you will log into your LANforge server and edit /home/lanforge/.ssh/authorized_keys
9. Copy the text and place the "Comment" section at the end when you paste it into your ssh
10. Here is the public key string, with newlines and spaces removed. The Comment text goes at the end.
11. Check the permissions of the authorized_keys file. You might need to use the command

    chmod 600 authorized_keys

    to correct the permissions.
12. The next time we load the jedtest PuTTY session we should not be prompted for our password.

For more information see Installing LANforge Server on Windows

For more information see Installing LANforge Server on Windows

1. In Control Panel, select Hardware and Sound
2. Select Device Manager
3. In the Device Manager window, right-click on the computer and select Scan for hardware changes
   1. There will be an Other devices→Unkown Device entry. Right-click on it. If the options menu only gives you either Scan for hardware changes or Properties, you might need to restart your control panel as Administrator, that is discussed next.

   2. Using the Run as Administrator option to start the Control Panel in administrator mode.

      1. This works best with a CMD window pinned to the task bar. You can do that using Start Menu→ cmdENTER; and then right-click→ Pin to Task Bar option on the task bar icon for the cmd.exe window.
      2. Then right-click→ Run as Administrator on the CMD taskbar icon
      3. Repeat your navigation steps to get to the Device Manager

Uninstall Old Driver

1. Right-click → Uninstall
2. Select Delete the driver software for this device, and click OK
3. Right-click on the computer, and select Scan for Hardware Changes
4. You might need to un-plug and plug-in your Attenuator.
5. If the right-click options menu does not allow you to change drivers, reboot your system.

Install new driver

1. Browse to Desktop\arduino-1.8.9\drivers and click Next
2. You will see the Update Driver Software confirmation. Click Close.

For more information see Installing LANforge Server on Windows

1. Type Control-F for Find
2. Search for Device
3. Select Device Manager
4. In the Device Manager window, right-click on the computer and select Scan for hardware changes

1. Right-click → Uninstall
2. Select Delete the driver software for this device, and click OK
3. Right-click on the computer, and select Scan for Hardware Changes
4. You might need to un-plug and plug-in your Attenuator.
5. If the right-click options menu does not allow you to change drivers, reboot your system.

Install the Arduino IDE Driver

1. In Device Manager, you want right-click on the Unknown Device and select Update Driver Software...
2. Select Browse my computer for driver software:
   1. Browse to Desktop\arduino-1.8.9\drivers and click OK
   2. Click Next
   3. You will see the Update Driver Software confirmation. Click Close.
3. You should not need to reboot your system in order to run the Attenuator.

1. Fedora version 24 and 25 have a bug in the vncserver triggered by xrdp. The effective way to use rdesktop on those systems is to select an Xorg session for connecting (not a Xvnc session).
2. When connecting to Fedora 14-23 systems:
   1. User Name: lanforge
   2. You will not need to fill out the xrdp login screen.
3. When connecting to Fedora 24-25 systems:
   1. Do not specify a user name, and select Always ask for credentials.
   2. Select Xorg as the session type
   3. Specify username lanforge and password lanforge
4. Local Resources
   1. If your rdesktop session immediately closes, you might have hit the xrdp clipboard bug. If so:
   2. For Windows Remote Desktop (mstsc.exe): unselect Local Devices→Clipboard
   3. For Linux rdesktop, use the command: rdesktop -a16 -r cliboard:off -u lanforge [machine-name]
5. Disable remote audio settings
6. Disable local printers
7. Set Server authentication to Connect and do not warn
8. Connection quality can be 16-bit (millions of colors)

1. Check for viewer packages on your LANforge web page: http://192.168.1.101/
2. or download RealVnc
3. or download TightVnc

1. sudo systemctl restart "vncserver@:1.service"
2. or
3. sudo vncserver -kill :1

• openssh
• xorg-server
• xinit
• rxvt
• xlaunch

1. Search for openssh and click the Skip property once to change it to the most recent version to set it to install.
2. xorg-server provides the X display system
3. xinit helps the X system launch
4. xlaunch is what you will drag to your task bar to launch your Cygwig X server
5. rxvt and rxvt-unicode are more useful terminals than the minterm program that Cygwin provides by default.

1. Open a CMD window
2. Go to the cygwin\bin folder:

   C:\> cd \cygwin\bin

3. Use xhost.exe to open permissions:

   C:\> .\xhost.exe +

   

1. http://unix.stackexchange.com/questions/227889/cygwin-on-windows-cant-open-display
2. https://www.cs.virginia.edu/~csadmin/wiki/index.php/Using_Cygwin_for_X11_Forwarding
3. http://www.arsc.edu/arsc/knowledge-base/ssh-and-x11-forwarding-us/index.xml

1. 30GB or larger mSATA drive
2. USB3 mSATA drive adapter
3. The image writing program Etcher

1. in Settings, enable Unsafe mode
2. Select the removable drive

1. click Flash
2. It might take 20 minutes to write a 20GB (uncompressed) image.

1. right click
2. select device

1. When creating the guest, we should use 2 GB of RAM:
2. 60 GB of disk:
3. Omit a floppy drive, use a USB table as pointing device:
4. Allocate two or more cores and PAE/NX:
5. And the usual virtual processor features:
6. We don't need graphics on these nodes, so use minimum graphics memory:
7. Enable RDP access, that is useful. It might be a good habit to allocate separate RDP ports per host, we'll use 9134 for the first guest, 9135 for the second
8. Enable Host I/O caching for your SATA device. Specify the Fedora 27 Server ISO image as the DVD:
9. Disable Audio
10. Configure the network adapter to:
    1. Use the LAN bridged adapter br0
    2. Use a server adapter driver
    3. Enable Promiscuous Mode to allow sniffing
11. Start the installation
12. Under System->Installation Destination please manually partitioning is necessary.
    1. Avoid selecting XFS or BTRFS file systems formats.
    2. Create a 1GB partition for /boot, select ext4 filesystem format.
    3. Use the remainder of the drive space for /
    4. If you want to separate the / and /home partions select 35GB for / partition.
13. Set the root password to lanforge. Click Done twice.
14. Add user LANforge:
    1. Make user lanforge an Administrator
    2. Set password to lanforge
    3. Click Done twice
15. When installation finishes, reboot. You will see a login prompt:
16. Login as root. Do updates: dnf update -y
17. Install perl: dnf install -y perl
18. Set guest's hostname: hostnamectl --static set-hostname atlas-fedora27s01
19. Reboot: shutdown -r now

1. Use wget (or curl) to download lf_kinstall.txt:
2. cd /root
3. wget http://www.candelatech.com/lf_kinstall.txt
4. chmod +x lf_kinstall.pl
5. You don't need to do a burn in, so turn off the disk check:
6. touch /home/lanforge/did_cpuburn
7. Install LANforge: ./lf_kinstall.pl --lfver 5.3.7 --kver 4.13.16+ --do_all_ct
8. You can disable the VNC Server and Xrdp services on these guests:
   systemctl stop vncserver@\:1 xrdp.service
   systemctl disable vncserver@\:1 xrdp.service
   systemctl daemon-reload
9. When installation finishes, reboot: shutdown -r now
10. On next boot, you will see a LANforge kernel option, it should be automatically selected:

1. In the LANforge GUI, choose the Port Mgr tab, and highlight the new enp0s17 port:
2. Click the Create button
3. create one MAC-VLAN port
   1. Select MAC-VLAN
   2. Quantity: 1
   3. Select DHCP-IPv4
   4. Click Apply
4. You will see the new port in the GUI:
5. In the guest VM, you will also see the new port:ip -br a show

1. Shut down the previous VM: shutdown -r now
2. clone the VM
   1. Select the Reinitialize MAC addresses choice, these machine will operate simultaneously.
   2. Verify the MAC address of the new guest is set
   3. Boot the second guest
3. Change the hostname of the second guest: [root@localhost]# echo 'atlas-fedora27s02' > /etc/hostname
4. Make sure that the MAC address of the second guest is not listed in the ifcfg-enp0s17 file.
   1. Compare the adapter to the file:
   2. cd /etc/sysconfig/network-scripts
   3. cat ifcfg-enp0s17
   4. If it is listed, change it or remove it.
5. LANforge changes the /etc/udev/rules.d/70-persistent-net.rules file.Edit tht file those as to match the value of your mac address:
   cd /etc/udev/rules.d
   ip li show enp0s17
   cat 70-persistent-net.rules
   
6. Stop LANforge and change the resource ID for this guest:
   service lanforge stop
   cd /home/lanforge
   ./lfconfig
   resource 5
   config
7. Reboot the second guest: shutdown -r now
8. Start up your first guest (resource 4)
9. In your LANforge GUI, you should see your two VMs.
10. Create a MAC-VLAN port for the second guest

1. In the VOIP tab, click Create
2. You configure:
   1. Side-A will be resource 3
   2. Side-B will be resource 4
   3. Click Apply
3. See the newly created connection:
4. In the VOIP/RPT tab, click Start
5. Monitor traffic on the connection with the Modify->View button

1. We will use a CT525 for our example There are two different types of CT525, some have a I/O shield with colors, others do not. Both have DB9 serial ports:
2. Picture of an unmarked I/O plate:
3. Picture of a colorized I/O plate:
4. Picture of a colorized I/O plate plugged in:
5. Other LANforge chassis models can have either RJ45 or DB9 serial ports.

1. Chances are you will be connecting a USB to Serial adapter to your laptop.
2. Typically, right after you connect the cable to your USB port, you will see a message from Windows letting you know a new drive has been installed.
3. Windows will map this USB adapter to a COM port. Use Device Manager to discover the new COM port:
1. Press the Windows key and type device manager
2. Hit Enter to open the Device Manager
3. In Device Manager, select Ports
4. In this example, we see that our new USB device was assigned COM3.

1. Press the Windows key and search for putty
2. When you double click on the PuTTY icon and it launches, you can start customizing your session preferences
3. Start by setting your connection type (serial), serial device (com3) and speed (115200). Name your session 'com3'
4. Select category Serial, specify the Serial Line COM3, speed (115200) and set both Parity and Flow Control to None.
5. Select the Session→Logging category, select Printable Output and name set the Log file name as you prefer. This allows you to collect your commands as notes for later.
6. Select the Session category, save the com3 profile and click Save
7. Click the Open button. You will see a terminal window appear.

1. If the screen is blank, hit Enter to see a login prompt.
2. Enter username lanforgeEnter, password lanforgeEnter

1. step 1
2. step 1

1. pwdEnter ⋮ print current directory
2. lsEnter ⋮ list items in directory
3. cdEnter ⋮ change to your Home Directory
4. cd /home/lanforgeEnter ⋮ go to LANforge home directory
5. cd /rootEnter ⋮ go to root user's home directory
6. sudo ./serverctl.bash restartEnter ⋮ Restart LANforge service
7. sudo rebootEnter ⋮ reboot machine
8. ip a showEnter ⋮ show interface addresses
9. df -hEnter ⋮ show disk usage
10. mv script.sh.txt /home/lanforge/scripts/script.shEnter ⋮ move file to new name
11. dos2unix script.shEnter ⋮ Remove DOS/Windows CRLF style line endings
12. chmod +x script.shEnter ⋮ Turn script executable
13. ./script.shEnter ⋮ Run script in current directory

1. One common problem with any LANforge machine is cleaning out old kernels. This is an example that shows you how to check disk space and how to remove unused kernels.
2. Check disk space with the df -h command
3. Use the dmesg command to see if there are system warning.
4. go to the /boot directory. The uname -r command tells you which kernel you are currently running. You may remove old ct kernels.
5. In addition to removing old kernels, you can remove modules that correspond to those kernels
6. After old kernels and modules have been removed, we re-run grub2-mkconfig to regenerate the boot menu:
7. the results will look like this:

1. Double-clicking lfclient.bat in the Windows Explorer window will start the client in a CMD window, but the window will disappear when the client quit/exits/leaves.

Be Aware of Quick Edit

1. Quick Edit allows you to highlight text quickly with the mouse; it is a feature of both the CMD and PowerShell windows. CMD windows have the distinct drawback of halting execution while text is highlighted.
2. Press ESC to clear text selection
3. You can change the setting by clicking in the upper left corner, selecting Preferences, then look for Qui,ck Select.

   For more information see Windows Server 2016 Features

1. Pressing Enter after highlighting the text copies the text into your clipboard.
2. The laptop might not have an email client installed. In that case, open notepad.exe or wordpad.exe from via the Start menu, and paste your stack trace into your text editor.
3. If your circumstances don't allow highlighting, copying and pasting, you can take a screen capture, usually by pressing Alt+PrtScr shortcut.
4. When contacting us, please describe the steps you took to reach this error. We need to be able to reproduce the error in order to fix it.

For more information see LANforge Downloads

For more information see Download Notepad++

1. The file opens in the editor at the top. You will want to jump to the end of the file.
2. At the end of the file, notice the -Xmx option for the java program. You will edit this to the maximum amount of memory you want to allow the program.
3. In this example, we've edited the start up script to request 2GB of memory. If you request more than the system will give you, the Java will give you an error and quit.

   For more information see Tuning Java Machines

Give root password for maintenance
(or type Control-D to continue): 

1. The messages beforehand that begin with [ OK ] can be ignored.
2. Messages beginning with ath10k_pci can be ignored.

/dev/sda2 on / type ext4 (rw,relatime,nodelalloc)
/dev/sda4 on /home type ext4 (rw,relatime,nodelalloc)
/dev/sda1 on /boot type ext4 (rw,relatime,nodelalloc)

/dev/mapper/fedora-root on / type ext4 (rw,relatime,nodelalloc)
/dev/mapper/fedora-home on /home type ext4 (rw,relatime,nodelalloc)
/dev/sda1 on /boot type ext4 (rw,relatime,nodelalloc)

1. fsck -fy /dev/sda2 (for /)
2. fsck -fy /dev/sda4 (for /home)
3. fsck -fy /dev/sda1 (for /boot)

1. fsck -fy /dev/mapper/fedora-root (for /)
2. fsck -fy /dev/mapper/fedora-home (for /home)
3. fsck -fy /dev/sda1 (for /boot)

1. Filesystem Check on Every Mount

   The filesystems do not need to be unmounted to set this parameter. Only the partition example is shown, the volumes example uses similar commands.
   1. touch /forcefsck (this technique works with any model of filesystem)
   2. tune2fs -c 1 /dev/sda2 (for /)
   3. tune2fs -c 1 /dev/sda4 (for /home)
   4. tune2fs -c 1 /dev/sda1 (for /boot)

2. Tune the Filesystem for Full Journaling

   The filesystems do not need to be unmounted to set this parameter. The commands for the volumes version is similar to the partition example below.
   1. tune2fs -o journal_data /dev/sda2 (for /)
   2. tune2fs -o journal_data /dev/sda4 (for /home)
   3. tune2fs -o journal_data /dev/sda1 (for /boot)
3. Note: Inspect /etc/fstab for conflicting mount options. The folling example shows mount options applied in the fstab file:
   mount | grep ext4
   

   /dev/sda2 on / type ext4 (rw,relatime,nodelalloc)
   /dev/sda4 on /home type ext4 (rw,relatime,nodelalloc)
   /dev/sda1 on /boot type ext4 (rw,relatime,data=writeback)

   
   grep data= /etc/fstab
   

   UUID=1c1b4732-653f-47dd-a106-ae17cf5b12a9 /boot ext4 data=writeback  1 2

   Notice the fstab entry for /boot? It has overridden the data journaling mode. Erase that setting from the fstab mount options.

4. Enable Metadata Checksumming (optional)

   It is only practical to apply metadata checksumming in the below conditions. You will not be able to apply it to the root filesystem / because it cannot be unmounted when you boot the system.
   1. Fedora 27 or more recent
   2. tune2fs 1.43 or more recent
   3. crc32c or libcrc32c modules loaded
   4. you can unmount the filesystem.
5. To Boot into Emergency Mode, follow these steps:
   1. Reboot system into Emergency Mode by appending the word emergency at the end of your grub boot option.
   2. umount -f /home
   3. umount -f /boot
   4. fsck -fD /dev/sda1 (remember that's /boot)
   5. fsck -fD /dev/mapper/fedora-home
   6. tune2fs -O metadata_csum /dev/sda1
   7. tune2fs -O metadata_csum /dev/mapper/fedora-home

6. Disable Drive Write Caching (optional)

   Drives typically ship with write caching enabled for a performance boost. SSDs have this as well. By turning it off you trade some performance for increased data safety. LANforge systems do not ship with write caching disabled. To make this setting enabled every boot, it needs to be added to /etc/rc.local. LANforge systems have rc-local.service enabled by defualt.
   Only disable write caching if your machine powers off without shutdown frequently
   1. vi /etc/rc.local
   2. Add the line /sbin/hdparm -W0 /dev/sda
   3. Save the file.
   4. Reboot, or issue the command for this booted session:
      /sbin/hdparm -W0 /dev/sda

1. Open a terminal or connect to your lanforge machine via ssh:

2. $ cd /home/lanforge/LANforgeGUI_5.4.1
   $ cp LANforge-auto.desktop ~lanforge/.config/autostart
   $ sudo systemctl restart vncserver@:1.service

3. If you were connected via VNC, your session will close. When you reconnect via VNC, you will see a LANforge GUI running on the desktop. This will now start again every reboot.

$ which openvpn
/usr/sbin/openvpn

 $ sudo apt install openvpn

1. your-laptop.key ← This is your private key
2. your-laptop.crt ← This is your certificate
3. ca.crt ← This is the VPN server certificate
4. candelatech.conf ← The config file for the connection

 $ sudo -s
[/home/amelia] # cd /etc/openvpn
[/etc/openvpn] # cp ~amelia/Downloads/your-laptop.key .
[/etc/openvpn] # cp ~amelia/Downloads/your-laptop.crt .
[/etc/openvpn] # cp ~amelia/Downloads/ca.crt .
[/etc/openvpn] # cp ~amelia/Downloads/candelatech.conf .

 $ cd /etc/openvpn
 $ sudo openvpn candeltech.conf

client
dev               tun1
proto             udp
remote            firewall.candelatech.com 1194
#remote           firewall.candelatech.com 443
script-security   2
resolv-retry      infinite
nobind
persist-key
persist-tun
verb              3
ca                ca.crt
cert              laptop-dell.2019-08-13.jreynolds.candelatech.com.crt
key               laptop-dell.2019-08-13.jreynolds.candelatech.com.key
comp-lzo
cipher            AES-256-CBC

For more information see Openvpn Community Downloads

1. ca.crt ← This is the VPN server certificate
2. your-laptop.key ← This is your private key
3. your-laptop.crt ← This is your certificate
4. candelatech-udp.conf ← The config file for establishing a UDP connection. This is the faster type of connection.
5. candelatech-tcp.conf ← The config file for establishing a TCP connection. TCP OpenVPN connections do not perform as well, and are useful if you are in an environment that only allows outbound TCP port 443.

1. Change the Configuration Files→Folder value to where you saved your config files.
2. Change the Configuration Files→Extension value to conf.
3. Change the Log Files→Folder value to where you want to find your connection logs.
4. Click OK

client
dev               tun1
proto             udp
remote            firewall.candelatech.com 1194
#remote           firewall.candelatech.com 443
script-security   2
resolv-retry      infinite
nobind
persist-key
persist-tun
verb              3
ca                ca.crt
cert              "C:\\Program Files\\OpenVPN\\config\\laptop-dell.2019-08-13.jreynolds.candelatech.com.crt"
key               "C:\\Program Files\\OpenVPN\\config\\laptop-dell.2019-08-13.jreynolds.candelatech.com.key"
comp-lzo
cipher            AES-256-CBC

1. Click on Taskbar up arrow ⋀
2. Right click on the Computer with Padlock
3. Select your connection name
4. Select Connect

Parts review

1. Cables include:
   1. 3 cat5e cables
   2. 2 cat6 cables
   3. 1 USB serial adapter
   4. 1 DB9 female-female cable
   5. Also shown are annenas, with-pin
2. You will also get two small monitor stands and a network power switch. You will be using the legs of both, but discarding one of the stand tops.
3. You will be getting a LED lamp, a USB camera, 8 port network switch, USB hub, camera clamp, USB A-A cables.
4. Your chamber will come with a universal power strip, AC power cord, fan AC-DC power adapter, and a printed test report. This assembly guide does not use the universal power strip. You might find a use for it.
5. Your chamber will also come with a brass pipe mounted to a steel plate. This is a fiber tube that you can pass fiber optic cabling through. For this setup, you can refrain from installing the fiber-pipe. It is not necessary because we are using copper Ethernet cabling.

First items

1. Place the lamp in the chamber
2. Place the power distribution unit (PDU) in the chamber on it's side.
3. Plug the DC barrel connector for the fans into the fan power supply
4. Plug the USB hub USB cable into back of the chamber. The bottom USB port is chamber USB 1 near the top ethernet filter port 3. The top USB port is chamber USB 2.

Power Switch

1. Port 1: USB Hub
2. Port 2: Interior Light
3. Port 5: 5 Chamber Fans
4. Port 6: LANforge system
5. Port 7: DUT
6. Others are un-labeled. If you want to add an Ethernet switch in here, we suggest plugging it into one of the always on ports on the right side.

Assemble the USB camera

1. Your camera clamp and USB camera. Your USB camera might be manual-focus.
2. Screw the bolt of the clamp into the tripod mount of the camera
3. Tighten the clamp to the arm of the lamp near the top joint. The USB cable should be plugged into the LANforge when it is added. If you plug it into the USB hub, only the test-controller will be able to use it.

Check espresso levels in human system

Power cables

1. Plug the PDU cable into the rear of the chamber
2. Plug the USB hub power into port 1
3. Plug the lamp cable into port 2
4. Plug the chamber fan AC cable into port 5
5. Plug the LANforge power-supply into port 6
6. You will probably plug in your DUT power supply last, into port 7

Inline Attenuators

1. This is an SMA connector chart. Make sure your antennas and in-line attenuators have the correct pins
2. Your 16 LANforge SMA terminals are SMA-Female.
3. Screw 16 SMA-Male/SMA-Female inline attenuators onto your CT523c.

Antennas

1. Check that you have SMA-Male antennas (antennas are with-pin).
2. Screw on your antennas. You will not leave them straight like this.
3. Bend the antennas various ways to ensure they provide diversity. Not providing diverse antenna orientation means your equipment will not reach desired MCS rates.

Shelf for DUT

1. You are provided two monitor stand kits as to combine into a shelf for the DUT to rest above the LANforge CT523c. You are going to use the legs from the second kit to extend the legs of the first kit.
2. Use a utility knife or a screw driver to separate any feet from legs sections you do not need.
3. Here is a shelf with five segments per leg. Depending on the size of the rubber feet on your CT523c, it might be just tall enough. The other photos show a table with six segments per leg. Looks like Batman likes my work.
4. This table clears the LANforge unit well.

Network and Serial Cables

1. The network ports on the chamber are passive Ethernet RF filters. The do not have activity lights, they do not require power.
   1. The top USB3 port is USB 2
   2. The bottom USB3 port is USB 1
   3. The top Ethernet port is 3
   4. The middle Ethernet port is 2
   5. The bottom Ethernet port is 1
2. Cable the PDU network to chamber Ethernet port 1
3. Place the LANforge CT523c in the chamber and attach a CAT5e cable to the management port labeled [ MGT ]
4. Plug the management port cable into the chamber port 2
5. Use a CAT6 cable to connect the LANforge [ eth3 ] port to the chamber 3 port. This represents your WAN connection.
6. Connect the DB9 female-female serial cable to the CT523c serial port. It is labled Serial: 115200 8n1. Connect the USB serial adapter to the other end of the DB9 cable.
7. Plug the USB end of the USB serial adapter into the USB hub. Your test controller will be able to login to the LANforge for network configuration and debugging.
8. Plug in power to the CT523c. It is a green DC connector. Place the table over the CT523c.
9. You may place the DUT on the table. Use a CAT6 cable to connect the DUT to the LANforge [ eth2 ] port. LANforge will serve DHCP on [ eth2 ] for the DUT and its connected stations, and will NAT and route packets out of [ eth3 ].
10. Plug your DUT power to into PDU port 7
11. Your DUT probably has a serial connector. Cable your DUTs serial cable into the USB hub.

Controller Setup

1. The test controller (aka Jump Host) pictured here is a 1U rack unit.
   1. Your rack KVM will use the left USB2 ports and VGA port of the test-controller.
   2. Connect chamber port USB 1 to a USB3 port on the test-controller.
   3. You might have to use an extra USB3 hub to control more than two CT820a chambers.
   4. Cable chamber ethernet 1 to switch, this is your PDU
   5. Cable chamber ethernet 2 to switch, this is your LANforge management port.
   6. The picture shows chamber ethernet 3 connected to the switch. This connection is at your discretion. You might have a different WAN upstream network to attach to chamber ethernet 3
   7. The USB ports may be renamed each time the system restarts. To fix this, you can create an /etc/udev/rules.d/81-usb-serial.rules file that defines the USB ports by name using the serial-number of the USB cable if it supports it, or the path (effectively port to which the USB cable is connected).
      #LF on cable with serial number
      SUBSYSTEM=="tty", ENV{ID_SERIAL_SHORT}=="AK066NLY", SYMLINK+="ttyLF1", MODE="0666"
      # AP
      # In case we have something w/out a serial number
      SUBSYSTEM=="tty", DEVPATH=="1-2.1.4", SYMLINK+="ttyAP1", MODE="0666"
      
      You can find the appropriate information with the udevadm info -n /dev/ttyUSB0 command.
2. In the picture the red cable represents the control network. The yellow cable is your connection to your test controller ETH0

1. From the computer that you are trying to connect your SSH tunnel from, open the .bashrc file from '/home/user/'. The .bashrc file can be opened via gedit, vim, or nano. This .bashrc file is where the alias will be setup to properly invoke your ssh.
2. Once the .bashrc file is open, type in your alias in any blank spot (that is not within another for-loop or definition). Flags used in the bash alias creation example below are as followed:
   1. -C = Requests compression of data. This is desirable for slower connections. Recommended.
   2. n = redirects stdin /dev/null. Required when SSH is running in the background.
   3. N = do not execute a remote command, useful for forwarding ports.
   4. v = Verbose mode. Causes SSH to print debugging messages about its progress.
   5. -L = bind_address:port:host:hostport format. Use this flag multiple times to forward multiple ports with one command.
   6. Please visit the SSH man page for further flags and switches:https://linuxcommand.org/lc3_man_pages/ssh1.html
3. The generic setup of bash aliases for SSH are ssh -flags localport:ipaddress:remoteport. In the example included above we've included the following ports for the according reasons:
   1. 4001 -- perl scripts use this for ascii connection to LANforge server
   2. 4002 -- GUI uses this for binary connection to LANforge server
   3. 5901 -- VNC port for display :1
   4. 4131 -- local port for perl scripts to connect to .92.12
   5. 4132 -- local port for GUI to connect to .92.12
   6. 5903 -- local port for VNC to connect to .92.12
4. Further example ssh aliases include:
   1. alias FreyaTunnel="ssh -CnNv -L 5903:192.168.0.6:5901 -L 4131:192.168.0.6:4001 -L 4132:192.168.0.6:4002 lanforge@192.168.0.6"
   2. alias SaltTunnel="ssh -CnN -L 4001:192.168.200.18:4001 salt@10.253.1.6"
5. After editing the .bashrc file, source the file in order for the changes to be applied. This will enable the code without the need to turn off and restart the device.
6. In order for our machine to remember certain passwords and access configurations, some additional edits in the ~/.ssh/config file or $HOME/.ssh/config.
7. Next, this ssh connection will require an ssh key. This means that one needs to be generated. The private key and public key of the key pair must be saved to the local computer while only the public key of the pair must be saved to the remote server.
8. Add your SSH key to the device being forwarded. Finally, add your public key that you generated earlier via SSH. This can be done by typing in ssh-copy-id user@ipaddress (see below example).
9. Once the alias is added to .bashrc file and the ssh key is added to the remote device, open any terminal and simply type in the alias name. This will initiate the tunnel. For example, "FreyaTunnel" in this example would be the alias typed into any terminal. This should incur an instance of your tunnel.

1. There are many ways to set up an SSH tunnel, however, this cookbook will utilize PuTTy.
2. Once PuTTY is downloaded, configure the SSH connection before adding the tunnel.

   For more information see Connecting with PuTTy.

3. Once your session is setup, select your session that was just saved from the last cookbook, then on the left-hand panel, select Connection -> SSH -> Tunnels.
4. After setting up the tunnel, select SSH and enable compression. This will ensure that the tunnel uses data compression.
5. Once all the settings desired are configured, select Session, highlight the session again in Saved Sessions and hit Save for the new session settings. This will make sure that the next time logged in will include all the settings here.
6. Now, the session is saved and can be opened by clicking Open

VRF Driver

1. Virtual stations gain authentic routing as delivered from the AP's DHCP service.   IP sockets bound to that station will not send DNS requests out the host's default gateway, for instance.  This helps accurately test captive portal and HS2.0 web requests that should never know about the management network.
2. Multiple identically numbered networks can be modeled in parallel.   Emulating a peer-to-peer VPN tunnel between two STA devices   that both are on 10.0.0.0/24 networks separated by a WAN.

1. $ touch /home/lanforge/LF_NO_USE_VRF
2. $ sudo reboot

Finding VRF private routes

1. Look for the station's master device:

   ip a show wlan3
   wlan3:  mtu 1500 qdisc noqueue master _vrf6 state DOWN mode DEFAULT group default qlen 1000
   link/ether 00:0e:8e:44:07:a1 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 256 maxmtu 2304

2. When you know the master device you can display that specific routing table:
   1. A routing table with a gateway:

      ip route show vrf _vrf10
      default via 10.40.0.1 dev br0
      10.40.0.0/20 dev br0 scope link src 10.40.0.21

   2. With no default gateway:

      $ ip route show vrf _vrf15
      unreachable default

Associate a station to your DUT

1. Create a station as necessary or use the wlan0 device
   1. if you know the SSID credentials, enter those.
   2. If you need to discover the SSID, enter anything into the SSID box, like asdf so you can start a scan.

   For more information see Create stations

2. Scan for your DUT SSID.
3. Configure your station to use the DUT SSID credentials and DHCP.

Use the vrf_exec.bash script to start Firefox

1. Open a terminal
2. Become root: sudo -s
3. Go to the LANforge directory: cd /home/lanforge
4. Start firefox: ./vrf_exec.bash wlan0 firefox http://10.0.0.1/

Possible difficulties

1. DB/
   YES this is were all your scenarios are saved
2. Desktop/
   only if you save things here
3. Documents/
   only if you save things here
4. Downloads/
   only if you save things here
5. html-reports/
   yes if you want the reports
6. lf_reports/
   yes if you want the data
7. local/
   unlikely unless you customize strongswan
8. report-data/
   yes if you want the data
9. scripts/
   only if you have modified or custom scripts in here
10. trb_entities/
    trb_profiles/
    Table Report Builder saved settings only necessary if you use TRB frequently
11. vr_conf/
    only if you save virtual router settings, nginx configs or want to save dhcp lease files
12. wifi/
    only if you have customized wpa_supplicant.conf or hostapd.conf files

Archiving Data

cd /home/lanforge
tar cjf /home/lanforge-bu.tar.bz2 DB html-reports lf_reports report-data

Copy the Archive

scp /home/lanforge-bu.tar.bz2 lanforge@your-new-machine-ip:/var/tmp

Restore the Data

cd /home/lanforge
tar xvf /var/tmp/lanforge-bu.tar.bz2
sudo service lanforge restart

1. Source the lanforge.profile script:
   $ source /home/lanforge/lanforge.profile
2. Use the command:
     $ ./lf_chamber.pl --targ 192.168.100.10 --status 1
     Expect output similar to:
       Current-Angle: 3599 Door-Open: 0 Table-Moving: 0 Lights: 0 Fan: 1 Jog-Speed: 3 Return-Speed: 3 Absolute-Speed: 3 Jog Angle: 0

1. $ ./chamber-test.sh 192.168.3.123  
       The desktop linux is 192.168.3.64, remember to use Alt-F2, 'mate-terminal' to get a shell.  
       Testing chamber at 192.168.3.123  
       Please close door.  
       Current-Angle: 3599 Door-Open: 0 Table-Moving: 0 Lights: 0 Fan: 1 Jog-Speed: 3 Return-Speed: 3 Absolute-Speed: 3 Jog Angle: 0  
       check output if door is closed: door == 1  
       Please open door.  
       Current-Angle: 3599 Door-Open: 0 Table-Moving: 0 Lights: 0 Fan: 1 Jog-Speed: 3 Return-Speed: 3 Absolute-Speed: 3 Jog Angle: 0  
       check output if door is closed: door == 0  
       Toggle lights  
       Did lights turn on?  
       Current clockwise angle: 3599  counter-clockwise-angle: 1  new-angle: 450  
       Did platform rotate 45 degrees?  
       Did platform rotate another 45? It should be at 90  
       Current clockwise angle: 2978  counter-clockwise-angle: 622  new-angle: 1  
       Did platform rotate back to zero?  
       Did fan turn on?  
       Toggle fan  
       Did fan turn off?  
       Toggle lights  
       Did lights turn off?  
       Current-Angle: 2700 Door-Open: 0 Table-Moving: 0 Lights: 0 Fan: 0 Jog-Speed: 3 Return-Speed: 3 Absolute-Speed: 3 Jog Angle: 621  
       You may close the chamber.

You will want to download

1. LANforgeServer that matches your version of Fedora. For example, Fedora 30 would be LANforgeServer-5.4.5_Linux-F36-x64.tar.gz
2. The modprobe interface script: lf_chamber.pl
3. The chamber test script: chamber-test.sh

Setup

1. Create the following directories:
     sudo mkdir -p /home/lanforge/local/lib
     sudo mkdir -p /home/lanforge/local/bin
2. Chown the directories to your current user:
     sudo chown -R $USER: /home/lanforge
3. Expand the LANforgeServer archive in /home/lanforge:
     tar xf LANforgeServer-5.4.5_F30-x64.tar.gz
4. Copy the mbpoll files to the new directories:
     ,,cp -r LANforgeServer/local/lib/* /home/lanforge/local/lib,,
     cp -r LANforgeServer/local/bin/mbpoll /home/lanforge/local/bin
   

Run the scripts

1. $ export LD_LIBRARY_PATH='/home/lanforge/local/lib:/usr/lib64'
     $ export PATH="/home/lanforge/local/bin:$PATH"
     $ ./lf_chamber.pl --targ 192.168.0.3 --status 1

Download the script

1. cd /home/lanforge/scripts
2. wget https://raw.githubusercontent.com/greearb/lanforge-scripts/master/check_expired_data.bash
3. chmod +x check_expired_data.bash

Find the script help

-d  Find data within this directory (required)
-t    Find data this many days old or older (required)
-f          Delete files (not a default option)
-v          Print files

See the files you would delete:
./check_expired_data.bash -d /home/lanforge/report-data -t 11 -v

Actually delete the files:
./check_expired_data.bash -d /home/lanforge/report-data -t 11 -f

You may create a script in /etc/cron.daily like this:
 ----- ----- ----- ----- ----- ----- ----- ----- -----
#!/bin/bash
LF='/home/lanforge'
E='/home/lanforge/scripts/check_expired_data.bash'
$E -d $LF/report-data -t 11 -f
$E -d $LF/html-reports -t 11 -f
 ----- ----- ----- ----- ----- ----- ----- ----- -----

Running the script is likely places

1. /home/lanforge/Documents
2. /home/lanforge/lf_data
3. /home/lanforge/report-data
4. /home/lanforge/html-reports
5. /home/lanforge/Downloads

Survey where your data

 12736    interop-5.4.5.apk 
 22164    btserver 
 23500    MonkeyRemote-0.4-shaded.jar 
 39500    gua.64 
116536    local 
190444    LANforgeServer-5.4.4 
210004    LANforgeServer-5.4.5 
262628    LANforgeGUI_5.4.4 
267344    backup-lanforge-gui.tar 
269196    LANforgeGUI_5.4.5

Please Avoid...

Packet Capture Files

Also avoid:

1. /
2. /boot
3. /etc
4. /home
5. /lib
6. /opt
7. /run
8. /usr
9. /root
10. /var/log
11. /var/cache
12. /var/spool
13. /var/www
14. /var/run

Creating a cronjob

1. sudo -s
2. cd /etc/cron.daily
3. nano expired_data.bash
4. Copy in your script data and adjust:
   

   #!/bin/bash 
   LF='/home/lanforge' 
   E='/home/lanforge/scripts/check_expired_data.bash' 
   $E -d $LF/report-data -t 11 -f 
   $E -d $LF/html-reports -t 11 -f 

5. chmod +x expired_data.bash
6. Check for errors by running it by hand:
7. ./expired_data.bash

1. Open a VNC/RDP window to the LANforge wished to be used as the 'Manager' and 'Resource' of the final cluster. Click on the Configure LANforge icon located on the VNC session desktop.
2. Once the 'LANforge Installation and Configuration (as superuser)' window opens, click on the Basic tab. Set the Setup Mode to Both, Resource ID to 1, and pick a realm 1-254 (example below is realm 2). Realm 255 means the LANforge is un-clustered.
3. Click on Apply and Exit LANforge Config to save settings.

1. Open a VNC/RDP window to the LANforge wished to be used as the 'Manager' and 'Resource' of the final cluster. Click on the Configure LANforge icon located on the VNC session desktop.
2. Once the 'LANforge Installation and Configuration (as superuser)' window opens, click on the Basic tab. Set the Setup Mode to Resource, Resource ID to 2 or what the next unused Resource number is, and pick the same realm as the manager LANforge (in our example, realm 2).
3. Click on the Clustering tab and in the Connect to Manager input box, put in the Manager's IP address followed by a ':4002'
4. Click on Apply and Exit LANforge Config to save settings.

Prepare the Gateway

1. We do not suggest placing the LANforge in a full DMZ network where all public requests are forwarded to the LANforge. That is not secure.
2. Just forward the SSH port (22/tcp) to the LANforge
3. Disable Universal Plug-n-Play (UPnP)
4. Disable WAN administration ports (those are never secure)

Prepare the LANforge

1. Stop the GUI and disable the autostart GUI feature

   1. killall lfclient.bash
   2. killall java
   3. rm -f /home/lanforge/.config/autostart/LANforge-auto.desktop

2. Configure LANforge server to use loopback as management port

   1. sudo -s
   2. cd /home/lanforge
   3. ./serverctl.bash stop
   4. ./lfconfig
   5. Typical screen:
      

      Interfaces: eth0
      Resource interface assignment:
        Resource 1:
      Specified Resource Addresses:
        127.0.0.1:4004
      Key               Acceptable Values          Value
      **************************************************
      log_level         [0-65535]                  7
      log_dir           [directory path]           /home/lanforge
      add_resource_addr [host:port]                SEE LIST ABOVE
      rem_resource_addr [host:port]                SEE LIST ABOVE
      realm             [1-255]                    255
      resource          [1-511]                    1
      mgt_dev           [ethernet device]          eth0
      mode              [resource, manager, both]  both
      log_file_len      [0-2G]                     0
      bind_mgt          [0-1]                      0
      shelf             [1-8]                      1
      dev_ignore        [eth0 eth1 ... ethN]
      first_cli_port    [1025-4199]                4001
      connect_mgr       [host:port]
      gps_dev           [device file]              NONE
      max_tx            [1-500]                    5
      max_send_mmsg_mem [1000-500000]              32000
      max_send_mmsg_pkts [1-1000]                  500
      keepalive         [1000-500000]              30000
      wl_probe_timer    [50-2000]                  50
      Other Commands:   help, show_all
      ************************************************** 
      If these values are correct, enter "config", otherwise change
      the values by entering the key followed by the new value, for example:
      mode manager
      Your command: 

   6. Your command: mgt_dev lo
   7. Your command: bind_mgt 1
   8. Your command: dev_ignore eth0
   9. Your command: show_all

   10. Key               Acceptable Values          Value
       **************************************************
       log_level         [0-65535]                  7
       log_dir           [directory path]           /home/lanforge
       add_resource_addr [host:port]                SEE LIST ABOVE
       rem_resource_addr [host:port]                SEE LIST ABOVE
       realm             [1-255]                    255
       resource          [1-511]                    1
       mgt_dev           [ethernet device]          lo
       mode              [resource, manager, both]  both
       log_file_len      [0-2G]                     0
       bind_mgt          [0-1]                      1 
       shelf             [1-8]                      1
       dev_ignore        [eth0 eth1 ... ethN]       eth0
       first_cli_port    [1025-4199]                4001
       connect_mgr       [host:port]                
       gps_dev           [device file]              NONE
       max_tx            [1-500]                    5
       max_send_mmsg_mem [1000-500000]              32000
       max_send_mmsg_pkts [1-1000]                  500
       keepalive         [1000-500000]              30000
       wl_probe_timer    [50-2000]                  50
       Other Commands:   help, show_all
       **************************************************
       

   11. Your command: config
   12. ./serverctl.bash restart

Other Security Considerations

1. nfs-server.service (only useful for NFS testing)
2. radiusd.service (used in 802.1x roaming testing)
3. rpc-bind.service (only useful for NFS testing)
4. rpc-mountd.service (only useful for NFS testing)
5. rpc-statd.service (only useful for NFS testing)
6. vncserver@:1.service (if no local GUI needs to run, should only need ssh)
7. xrdp.service (because it can be logged in multiple times)

Connect via SSH

1. Using PuTTY

2. See other cookbook

3. Using OpenSSH

4. OpenSSH is available on Linux, MAC OS X and Windows
   1. The SSH -L option specifies [local-port]:[remote-host]:[remote-port]
   2. ssh -L 4002:127.0.0.1:4002 -CnNv lanforge@gateway-host
   3. Leave that connection running.

5. Using public keys

   You can install a public key to your LANforge and use to avoid typing passwords. Those keys usually reside in your $HOME/.ssh directory.
   1. ssh-keygen -t ed25519
   2. ssh-copy-id lanforge@gateway-host
   3. It is possible to specify the ssh key to avoid copying the wrong one
   4. ssh-copy-id -i $HOME/.ssh/id_ed25519 lanforge@gateway-host
   5. ssh -CnNv -i $HOME/.ssh/ed25519 -L 4002:127.0.0.1:4002 gateway-host

6. Using Your .ssh/config File

   Edit the hostname and IP configuration for the host:

   Host lanforge-a1
       Hostname gateway-host
       User lanforge
       IdentityFile ~/.ssh/id_ed25519     # needs to match the ssh key you shared with ssh-copy-id
       IdentitiesOnly yes                 # useful if you have >6 ssh keys
       Compression yes
       LocalForward 8000 127.0.0.1:80     # for browsing reports on LF system
       LocalForward 4001 127.0.0.1:4001   # for CLI telnet scripts
       LocalForward 4002 127.0.0.1:4002   # for binary GUI protocol
   

   ssh -vnN lanforge-a1

::1 localhost6.localdomain6 localhost6
192.168.1.101 lanforge.localnet lanforge.localdomain
# Loopback entries; do not change.
# For historical reasons, localhost precedes localhost.localdomain:
# See hosts(5) for proper format and other examples:
# 192.168.1.10 foo.mydomain.org foo
# 192.168.1.13 bar.mydomain.org bar
###-LF-HOSTNAME-NEXT-###
127.0.0.1 localhost localhost.localdomain vm-a490 vm-a490-local