Support

To contact Tallac for support please send email to Support@Tallac.com

FAQ hotlink
Branch Office 1000 (Luna D125)  Quick start guide
ECP100-5P Quick start guide
Using a Tallac Gateway with an existing Firewall
Download
Download
Download
 

FAQ - Key Features

Configuring Notifications

Notification emails can be sent to any email address, regardless if they have a Tallac SD-LAN user account, you may select different alarm levels and choose which Sites(s) for notification. Minor Alarms: Device is rebooted Major Alarms: Device Command Failure Critical Alarms: Device is offline and is not communicating with Tallac Cloud



Wi-Fi: Managing Radio Settings

Radio Settings can be configured for individual access points, defaults are provided typical use models. Making adjustments for conflicting channels and adjusting power settings for coverage often requires specialist knowledge. Auto RF is designed to analyze neighboring wi-fi access points and make updates to the channels to optimize performance, it can be scheduled to run at specific times of the week, or upon request WMM is Wi-Fi Multimedia for quality of service (QoS) in Wi-Fi networks



Wi-Fi: Captive Portal

Tallac provides three types of captive portal with intuitive guided configurations Click Through. This basic configuration provides a the user with an easy to identify Wi-Fi network name and image and the options to customize the terms of use, and to define the duration of the session Email with validation. This is the most common configuration with options to allow users to validated with email, Facebook, Google+ and LinkedIn. Typically users are given Wi-Fi access for 5 minutes to access email for validation, and session limits can be set for any length of time before requiring validation. Session data is available for analysis exporting into marketing solutions such as MailChimp or Constant Contact or SFDC Voucher. This configuration is used when selling Wi-Fi to users and can be configured to limit the number of connected devices and to limit access to a total connected time for example 24hrs which could be over the duration of a week or total simply a predetermined period for example 24hrs from activation



Switch Configuration

Tallac 24 port POE switches can be managed from the Cloud. Quickly understand the status of each port with green indicating the port is active, additional information includes MAC address(s) of connected clients, VLAN ID’s associated with each port, data throughput and errors. Tallac Management VPN provides easy access to the full switch feature set so that more involved configurations can be implemented without the need to be physically be on site. To enable remote management feature for your account please contact support@tallac.com



Management VPN

The Tallac Secure Management VPN capability enables a direct, secure connection to the Remote Site Automation device, WiFi Access Point, or Switch from anywhere to access the embedded device management features for additional configuration and troubleshooting. This secure VPN connectivity allows you to establish a secure connection to the LAN allowing access to the local network, web UI, and console of any type of networked device. For more information on how to enable this feature, please contact Tallac support at support@tallac.com.



Groups

Groups streamline how you organize the management of your sites. You can add one or more sites to a group and then invite members with various roles Manager: Has the equivalent permissions as the primary Tallac Cloud account owner Customer: Has read only access to the group Clerk: Has permissions to provide captive vouchers In addition the Tallac SD-BRANCH account owner may support@tallac.com to enable Management VPN and Ordering features



Inventory

You can self register new devices to your cloud account and then deploy these devices to your sites as needed sites. You can also decommission devices and redeploy to different sites as needed, or leave as decommissioned for future deployment



Automation: Gateway Configuration & DHCP

Once you have added the ECP100-5P device to your site and it is powered on and active on the Tallac Cloud, you will be able to enable gateway mode. To operate in gateway mode be sure to connect the yellow WAN port to your internet/broadband connection.
To operate in gateway mode you need to have a Virtual Network (VNet). A default Virtual Network will be created for you when you set your Device Operating Mode to “Gateway” if you have not created your own Virtual Network(s). To create your own new virtual network (if you want your own virtual network instead of the default virtual network): - Go to “Virtual Networks” on the left navigation bar under the “Site”
- Hit the “+New Virtual Network” button to create a new virtual network
- Enter the VLAN name in the “Network Name” field o If you are using Tallac WiFi you can select the “include WiFi configuration” setting (or if you are not using Tallac WiFi you can unselect it).
o You can select “specify a tagged VLAN” if you want to specify the VLAN as tagged
o After you have completed your selections, hit “Next”
- For the Gateway screen: o If the Tallac ECP100-5P is your gateway device, select “Tallac Gateway” from the pull down menu and ensure addresses and settings are correct
o Hit “Save” to save configurations
Once VNETs are established, you now will go the ECP100-5P Device screens to complete your configuration:
- Select your ECP100-5P/Tallac Gateway device under “Devices” on the left navigation bar (under “Sites”).
- Go the “Setup” tab at the top of your screen o Select the “Edit Config” button
o To run your ECP100-5P in gateway mode, “Gateway” mode should be selected as the Device Operating Mode
o Configure your “WAN Port IP Configuration” settings (DHCP, static). You will need to use the static configuration when a specific IP address is provided by your WAN circuit provider.
o You can also configure your “Management IP Settings” for your management access here including IP setting (DHCP, Static). (Note: These settings are for your Management IP Configuration and are for management access and are separate from your Gateway/WAN Port IP Configuration rules. If you are using a DHCP server no additional configuration is needed.).
o Configure any “Port Forwarding Rules” for WAN port(s)
o Your Virtual Network that you created should show up under the “LAN Port Setup” at the bottom of the setup screen
o Save your configuration and settings by selecting “Apply Config”
Your device will now reboot and will be configured and operating in gateway mode.



Automation: Port Forwarding

Port Forwarding allows remote computers to connect to a specific computer or service within a private local-area network In a typical residential network, nodes obtain Internet access through a DSL or cable modem connected to a router or network address translator (NAT/NAPT). Hosts on the private network are connected to an Ethernet switch or communicate via a wireless LAN. The NAT device's external interface is configured with a public IP address. The computers behind the router, on the other hand, are invisible to hosts on the Internet as they each communicate only with a private IP address. When configuring port forwarding the access point or ECP100-5P must be in gateway mode., The administrator sets aside one port number on the gateway for the exclusive use of communicating with a service in the private network, located on a specific host. External hosts must know this port number and the address of the gateway to communicate with the network-internal service. Often, the port numbers of well-known Internet services, such as port number 80 for web services (HTTP), are used in port forwarding, so that common Internet services may be implemented on hosts within private networks. Typical applications include the following: Running a public HTTP server within a private LAN Permitting Secure Shell access to a host on the private LAN from the Internet Permitting FTP access to a host on a private LAN from the Internet Running a publicly available game server within a private LAN For example an FTP server uses port 21 so a typical configuration would be to create a rule in the set up tab for WAN interface port 21 to Destination IP Address 192.168.1.200 on port 21



Automation: Ports

The Port screen tab allows you to view port status and what is connected to each port, to enable/disable networking per port, and to get statistics by port

The Port Screen tab provides port status at the top and on left side per port (green, gray, red)

Toggle switch (green on, gray off) allows you to enable port (networking) on/off at a port level

Friendly names – There is a box next to the port name that allows you to type/add a friendly name to provide a more descriptive name of what is attached to port (i.e. Eth 1 Security Camera, Eth 2 WiFi Access Point, etc.).

Statistics – to the right of the screen for each port there are basic statistics provided for data transmitted, data received, errors and drops



Automation: Power

The power screen tab allows you to view power status by port, to turn power on or off by port, to initiate a remote power reboot and configure cycle times, and to get a view of status by port and when it was last updated

On the power screen you are able to quickly view power status by port at the top of the screen and to the left side of the port on the screen (green, red)

You can quickly turn power on or off with the “toggle” button (“Off/On”) by moving the button to the right to turn power on for a given port or by moving the power toggle button to the left to turn the power off for a given port

You can also initiate a remote power reboot for a port by selecting the “start” button and it will initiate a power reboot for that port. You have the ability to customize the cycle time by port by selecting the up/down arrows to adjust the time. The default is set to a cycle time of 15 seconds.

On the right side of the screen, you will see a quick status of when the port was “last changed”



Automation: Rules and Custom Automations

On the “Rules” tab you have the ability to set standard automations and rules and configure custom automation rules.
STANDARD AUTOMATIONS 1. Automated WAN reboot - This rule will reboot the broadband modem and router when the internet connection has been lost. Wait times, Retries and Alerts are user definable. To configure automated WAN reboots: o Go to the “Rules” tab
o Under “Standard Automations” ” and “Modem reboot when internet is not available” switch the toggle to “on” by moving the toggle switch to the right and then select the “Edit” button to configure and set the automated WAN reboot rule. - Select the port by clicking on the port which the modem is connected to - Select the port that the router is connected to if there is a router connected (or select “none” if no router is connected) - Configure the wait time for how long you want the WAN/internet connection to be lost before power cycling for automated WAN reboot (default is 15 seconds) - Configure the wait time for retries and alerts to set the length of time to wait before retrying additional reboot(s) - Configure the maximum number of times to attempt the automated reboot. - When you have completed your configuration parameters, hit “Save” to save your configuration. 2. WAN failover to LTE - This rule will monitor the primary broadband connection and if it becomes unavailable will divert internet traffic to the USB modem. This rule also provides the ability to select specific business critical traffic to failover to LTE. Please refer to the ECP100-5P datasheet for compatible USB LTE modems from Verizon and AT&T. To configure WAN failover to LTE: o Go to the “Rules” tab
o Under “Standard Automations” and “WAN assignments & failover” switch the toggle to “on” by moving the toggle switch to the right and then select “Edit” to configure and set automated WAN failover to LTE.
- Select the specific business critical traffic that you want to failover to LTE by selecting specific VNET to failover by switching the specific VNET toggle “on” by moving the toggle switch to the right
- Configure wait time for how long the internet connection is lost before failing over to LTE (default is 15 seconds)
- Configure how long after the internet connection is restored to wait before shutting down the LTE (default is 15 seconds)
- Configure an amount of time connection is lost before sending an alert (default is 30 seconds)
- When you have completed your configuration parameters, hit “Save” to save your configuration. CUSTOM AUTOMATIONS
Custom Automations allow you to set customized rules and actions that can apply to one or more AC/Ethernet/USB ports. Custom animations include: power on, power off and power cycling specific devices/ports, establishing custom power schedules for repeated reboots, and defining custom monitoring rules and actions.
1. Custom Power Schedules – allow you to quickly configure ongoing power reboot schedules to improve ongoing network health and/or set specific schedules for powering on or off devices in the branch office.

To configure custom power schedules: o Go to the “Rules” tab
o Under the “Power Schedule” section, select the “+New” button to configure a new power schedule rule.
- Add a “Name” for the Power Schedule rule
- Select the ports to apply the Power Schedule rule to
- Select the action to take for the Power Schedule rule (Turn power On, Off, or Power Cycle)
- Select the specific time to turn power On
- Select the specific time to turn power Off
- Select the specific day(s) to repeat the Power Schedule rule
o When you have completed your configuration parameters, hit “Save” to save your configuration. 2. Custom Monitoring Rules – provide the ability to set customized rules and automated
actions for Ping or HTTP tests for any port in addition to allowing easy customization of policies for test intervals, retries, and thresholds and alerts. To configure custom monitoring rules:
o Go to the “Rules” tab
o Under the “Monitoring Rules” section, switch the toggle to “on” by moving the toggle switch to the right and then select the “+New” button to configure new monitoring rules and actions.
- Add a “Name” for the monitoring rule
- Select the “Test Type” – Ping or HTTP
- Enter the “Ping Address”
- Enter the “Test Interval” to set the time interval between tests
- Enter the “Test Timeout” to set the amount of time allowed for the test to complete
- Enter the “Test Retries” to set the number of failures before taking action
- Select the “Interface” from the pull down menu
- Select the port(s) to apply the monitoring rule to
- Enter the “Restart Interval” to set how long to wait between power cycles
- Enter the “Retry Interval” to set how long to wait between retries
- Enter the “Retry Maximum” to set how many failed reboots to allow
- Set the “Alert Threshold” to set how many failed reboots to allow before sending an alert o When you have completed your configuration parameters, hit “Save” to save your configuration.



Automation: Discovery

The Discovery capability will discover and display a list of any connected devices. This can be very helpful for knowing what devices are connected for better manageability and security.

To enable Discovery, go the “Action” tab at top right of the dashboard screen and select “Discovery” to discover and view connected devices. Discovered devices are shown at the site level and can be accessed from the Discovery tab



Automation: Vulnerability Scans

Vulnerability scans perform a scan/penetration test to identify open and possibly vulnerable application services. The vulnerability scan scans devices on the network to determine what application ports are open and closed, does OS fingerprinting, and identifies the version of services that are running in addition to evaluating those services for vulnerabilities. The scan provides a detailed report that can be exported and archived to support security, compliance and auditing.
To run vulnerability scans:
- Go to the “Site” level on the left navigation bar
- Go to the “Discovered Clients” tab
- Hit the “Start” button under the “Client Scan” column to start a vulnerability scan on a specific device
- Once the scan is complete you will see a “View” button to the right of the “Start” button. Hit the “View” button to view the results of the vulnerability scan. Select the buttons to download or print the vulnerability scan if desired.



WAN/Internet Statistics

WAN/Internet statistics reports provide WAN reports showing WAN clients, average usage, and specific usage by client. The reports offer customizable options to filter clients and select specific time period snapshots for reporting by hour, day, week or month views.
To view WAN/internet statistics:
- Go to the “Site” level on the left navigation bar
- Go to the “Internet Traffic” tab
- Select the specific time period view you would like – hour, day, week or month view
- Select client view desired (all or filtered)



LTE Out of Band Device Access

The Tallac Remote Site Automation device with LTE enabled provides the ability to remotely access the device via LTE (out of band access) even when the WAN and internet is down. This provides remote access and the ability to remotely diagnose and manage the issue at the branch office even when the WAN and internet is down.



UPS Connectivity and Status

A UPS device can be connected to a USB port on the ECP100-5P for power backup/redundancy.
To connect a UPS device to the ECP100-5P:
- Connect the UPS device to a USB port on the ECP100-5P
- Go to Device Setup Screen (Select device under “Site” on left hand navigation bar, and go to the “Setup” screen tab)
- USB information will show up under “USB Information” on the “Setup” screen and will display device description, type of device, manufacturer of the device, and will provide status information for the UPS device (UPS status, battery status and percent charge, battery time remaining). The same status information will also show up on the Port screen for the connected USB port.