ClearBOX 300 is a robust gateway and server appliance designed for small and medium business and distributed enterprise. It comes with or without wireless support. It includes network bypass functionality which allows for some robust and high availability applications.
For information about ClearBOX in general, please refer to the ClearBOX general guide. This guide is for ClearBOX 300 specific operations and issues.
This technical guide is meant to assist engineers in specific needs and high level configuration options for ClearBOX 300 series of appliances. Please click here for a general overview of features listed in ClearBOX 300.
The port above the USB is a serial port.
Looking at the front of the ClearBOX from left to right are the following:
eth0: First Ethernet port. Configured for External by default and set to DHCP (ISP)
eth1: Second Ethernet port. Configured for LAN by default and set to 192.168.1.1
eth5: Sixth Ethernet port. Configure for LAN by default with DHCP running. This port is useful for those that want to configure their ClearBOX without an initial monitor. Set to 172.22.22.22 and can be accessed at https://172.22.22.22:81
serial0: This port looks like an ethernet port but is in fact a Serial Comm port and can be used for console access, modems, or serial heartbeat in high availability modes.
USB0: This is a USB 2.0 port that can be used for keyboard input, USB storage, or any other Linux capable USB purpose.
USB1: This is a USB 2.0 port that can be used for keyboard input, USB storage, or any other Linux capable USB purpose.
Display: LCD display shows a double asterisk when the eziod service is NOT running.
The ClearBOX 300 controls its bypass unit through the BIOS, you will need to change the BIOS settings of ClearBOX 300 to support the Inline Transparent Content Filter mode or the Mission Critical Gateway mode.
|Green||NICs on bypass segment are active and traffic to each NIC is distinct.|
|Red||NICs are being bypassed, the signal is being coupled.|
|Black||The NICs are physically unreachable/offline and the signal is not being bypassed.|
To enable the bypass on ClearBOX Generation 1 or Generation 2, enter the BIOS at power on by pressing the Delete key. Navigate to Advanced > Onboard ByPass Control. For Transparent Content Filtration Bridge, set Group 1 to “Non-Normal, BPE: Enable”. For Mission Critical Gateway set both Group 1 and Group 2 to “Non-Normal, BPE: Enable” (this is only required for the backup unit). If you are changing a previously configure bypass to regular modes without bypass support, set the Group to “Normal, BPE: Disable”. for each of the two bypass segments (For mission critical gateway support). To save these settings, press <Escape> until you reach the Advanced screen. Then navigate to Exit and select Save Changes and Exit. You will know that the bypass is working by the state of the bypass indicator light next to the eth0 jack.
To enable the bypass on ClearBOX Generation 3, boot the system to the command prompt. Ensure that the eziod module is installed:
yum install eziod
Next, determine your bypass system directory:
6-0022/ 6-0026/ i2c-0/ i2c-1/ i2c-2/ i2c-3/ i2c-4/ i2c-5/ i2c-6/
Here you can see the two bypass segments as detected by the driver:
To manipulate the condition of the BIOS for the bypass segment, echo the desired value to the nextboot0 parameter:
For example, if you wanted your backup server to boot with bypass enabled (required for mission critical installations), perform the following:
echo 1 > /sys/bus/i2c/devices/6-0022/nextboot0 echo 1 > /sys/bus/i2c/devices/6-0026/nextboot0
Independent of the BIOS, the bypass is controlled and manipulated at the OS level by echoing values into the controls located on they /sys partition.
ClearBOX 300 Gen 3 was introduced in Q4 of 2012. Any boxes purchased before Q4 2012 are Gen1 or Gen 2. Generation 3 ClearBOX 300 uses Intel i7 processors. To determine if your ClearBOX is Gen3 run the following:
[root@system ~]# cat /proc/cpuinfo |grep "model name" model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz model name : Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
The locations of the sys controls for Generation 1 and 2 ClearBOX are located at:
The locations of the sys controls for Generation 3 ClearBOX are located at:
ClearBOX 300 is shipped by default in Thermal Cruise Mode which means that the fans will step up their speed commensurate with the heat of the processor. This is useful for situations where the ClearBOX may be used in environments which are sensitive to too much noise. This mode also helps preserve the longevity of the fans and reduces the amount of dust that can accumulate inside ClearBOX.
This mode is not as appropriate for heavy use applications like virtualization or heavy use under large content filtration, web services, or database loads. To modify this setting, enter the BIOS and naviagate to Advanced > Hardware Health Configuration. Change the 3 fans to Manual Mode to enable the fans at full speed all the time.
A BIOS update exists for ClearBOX 300 Gen1 which brings more features to expand memory and processor options. Essentially it transforms a Gen1 box to a Gen2 box. There is no update path from Gen1/2 to Gen3. Contact support for more information.
To set ClearBOX 300 to factory defaults perform the following:
To set the BIOS to shipping condition, connect a VGA monitor and USB keyboard to the appropriate ports on ClearBOX and power on. Press the 'Delete' key on your keyboard until it enters the BIOS SETUP UTILITY. Use the keyboard arrows to navigate the menu. You can press Enter to make selections and the 'Escape' key to back out of a menu.
Navigate to the 'Exit' menu. Under this menu select 'Load Optimal Defaults'. When prompted with 'Load Optimal Defaults?', select 'Ok' and press 'Enter'. Once the default settings are loaded, make the following additional changes.
Next, re-enter the BIOS SETUP UTILITY and navigate to the Advanced menu. Navigate further to the Hardware Health Configuration section. Under this section, set the following for all values:
As with the ClearBOX Gen1 and 2, the ClearBOX Gen3 appliance boots primarily from the Compact Flash before handing boot control over to the configured local hard drive. This ensures that the recovery tools and installation media is always available. To set the Compact Flash as the first boot media, navigate to the boot section and set the 1st Boot device as [CF HDD: SanDisk SD…] (see image below)
ClearBOX comes with a Compact Flash or USB which contains the installation that your ClearBOX shipped with. To re-install the operating system attach a VGA monitor and USB keyboard and power on the system. After the BIOS completes, they system will launch to a menu on the Compact Flash. This menu is on a 5 second delay and will continue to boot the system unless interrupted. You can stop the countdown by pressing the arrow keys in the menu.
For USB and for Compact Flash installations where the boot media is not the primary target in the BIOS, you can press 'B' on your keyboard during the boot cycle to boot off of the USB.
<note warning>The following can erase all data on your ClearBOX. Please backup your data before proceeding</note>
From the installation menu, you can re-install your ClearBOX by navigating the menu and selecting the appropriate install option. On some models of ClearBOX, you can 're-install' the system which will format the operating system partition and leave the bindmount data volume alone.
ClearBOX improvements and development continues. This means that you can upgrade your ClearBOX to a newer version by simply replacing the Compact Flash or USB that came installed or included. Simply enter the menu and do a fresh install. Please contact the sales department for information on obtaining an upgraded Compact Flash or USB for your ClearBOX and any licensing upgrades that may also apply.