Managed devices may present an IP-based management interface in addition to (or sometimes instead of) the traditional serial or USB console port. This interface may serve a web-based GUI, SSH-based CLI and/or a programmable network API via gNMI, NETCONF or RESTful HTTPS.
The Software-Defined Infrastructure module allows human operators and automation tools to centrally and securely access and manage these IP-based management interfaces when they are connected to remote Lighthouse nodes.
The module's IP Access feature enables a central VPN service for this purpose. IP Access is designed to automate the complexity of managing a VPN infrastructure by automating client configuration management and IP connectivity between the client and target device IP.
IP Access provides an OpenVPN service on Lighthouse that creates a layer 2 bridge between connecting clients and the node's Management LAN interface. This allows connected clients to access hosts on the node's Management LAN, as if they were physically connected at the remote site.