1 / 29

MCC through Firewall

MCC through Firewall. Last Updated 12/19/05. CAM. CAM. MCC Clients will communicate to the DMZ Server namespaces via CAM CAM, by default, uses UDP port. CAM must be configured to use TCP port. MDB. Agents. EM. Global Catalog. Console Logs. Firewall. Global Catalog. DMZ. Local

trung
Download Presentation

MCC through Firewall

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MCC through Firewall Last Updated 12/19/05

  2. CAM

  3. CAM • MCC Clients will communicate to the DMZ Server namespaces via CAM • CAM, by default, uses UDP port. • CAM must be configured to use TCP port.

  4. MDB Agents EM Global Catalog Console Logs Firewall Global Catalog DMZ Local Catalog 4105 X 4105 BLOCKED

  5. Configuring CAM to use TCP port • Execute camsave config • This will generate save.cfg in the cam directory with the current CAM settings • copy save.cfg to cam.cfg. • Update cam.cfg to add *PATH entry • Repeat the same on the MDB server • Recycle CAM to pick the TCP port

  6. Configure CAM to use TCP port

  7. Copy save.cfg to cam.cfg

  8. Update cam.cfg

  9. Verify TCP port

  10. Verify TCP port

  11. Global Catalog

  12. Requirements • Secured zone namespaces should not be displayed for DMZ MCC clients • All DMZ namespaces should be displayed for secured zone MCC Clients • CAM port 4105 to be blocked for inbound traffic

  13. MDB Agents EM Global Catalog Console Logs Firewall Global Catalog DMZ Local Catalog 4105 X 4105 BLOCKED

  14. Global Catalog • For Global Catalog to the DMZServer temporarily select “Only show namespaces published in the new catalog” option • This will synchronize the dmzServer namespaces into the secured zone local catalog • Once this is done, reset the master catalog to the secured zone.

  15. Global Catalog This will copy the DMZServer namespaces into the secured zone local catalog but will not update the DMZServer catalog

  16. DMZ Local Catalog • This confirms none of the secured zone namespaces are copied in the DMZ catalog

  17. Secured Zone Catalog • This confirms DMZ namespaces are copied into the secured zone namespaces

  18. Reset Master Catalog

  19. MCC Client – Secured Zone Displays DMZServer Namespaces

  20. Walk EM through Firewall via MCC

  21. Console Logs

  22. Requirements • Launch MCC clients from the secured zone without opening any CAM port for inbound traffic

  23. MCC Client – Secured Zone

  24. Displays DMZ Console Log

  25. Console Log • Classic conlog gui requires mapping of unishare$ share to display console log. This requires UDP port to be opened for inbound traffic which will not be acceptable to the Firewall Administrator • MCC conlog requires outbound TCP port to be unblocked

  26. Console Log Outbound TCP Port

  27. DMZ Conlog via MCC

  28. Console Logs DMZServer

  29. Questions and Answers Any questions?

More Related