Loading...

Network Router in the Cloud for Global Repository Cell (GRC): Datacenter CommServe

A datacenter CommServe is one of two CommServe hosts that can communicate using a network router (a SnapProtect proxy) placed in the perimeter network (which is logically in the cloud). To set up this feature, you create pseudo clients, then configure the SnapProtect firewalls to communicate through the router that you have placed in the cloud.

Creating the Pseudo Clients

  1. From the CommCell Console for the datacenter CommServe host, right-click Client Computers > New Client > File System > Windows.
  2. Enter the Client Name and Host Name for the proxy computer, then click Next.
  3. Review the Summary information, then click Finish. A pseudo client for the proxy computer now appears under Client Computers. (Its gray icon indicates that it is a pseudo client.)
  4. Right-click Client Computers > New Client > File System > Windows.
  5. Enter the Client Name and Host Name for the remote CommServe host, then click Next.
  6. Review the Summary information, then click Finish. A pseudo client for the remote CommServe host appears under Client Computers.

    Once you have completed the setup procedures, the remote CommServe host communicates with the datacenter CommServe host using the proxy computer.

Configuring the Firewalls

After creating the two pseudo clients, configure the SnapProtect firewalls between each pseudo client and the datacenter CommServe computer by following this procedure:

  1. Right-click the proxy client, then click Properties > Network.
  2. On the Firewall Configuration tab, select Configure Firewall Settings > Advanced. Read the warning and click OK.
  3. On the Incoming Connections tab, click Add.
    1. In From, select the CommServe computer that is in the datacenter.
    2. In State, select RESTRICTED.
    3. Click OK.
  4. Click Add again.
    1. In From, select the remote CommServe computer.
    2. In State, select RESTRICTED.
    3. Click OK.
  5. Click the Incoming Ports tab and review the port number in the Listen for tunnel connections on port box. This port will be used for communication between the proxy client and the datacenter CommServe host. Change it if necessary.
  6. (Optional) If you need more than the one port in Listen for tunnel connections on port, enter a From port number (and a To port number if you are adding a range of ports), then click Add. Repeat this as many times as required to enter all the ports you need. The Additional open ports box displays the complete list.
  7. Click the Options tab, then select This computer is in DMZ and will work as a proxy.
  8. If required, change these default values:
    • Keep-alive Interval, seconds: 600
    • Tunnel Init interval, seconds: 30
    • Default Outgoing Tunnel Protocol: Regular
  9. Click OK repeatedly until you have closed all dialog boxes.
  10. Under Client Computers, right-click the CommServe computer that is in the datacenter, then click Properties > Network.
  11. On the Firewall Configuration tab, select Configure Firewall Settings.
  12. On the Incoming Connections tab, click Add.
    1. In From, select the proxy client.
    2. In State, select BLOCKED.
    3. Click OK.
  13. Click Add again.
    1. In From, select the remote CommServe computer.
    2. In State, select BLOCKED.
    3. Click OK.
  14. Click the Outgoing Routes tab, then click Add.
    1. In Remote Group/Client, select the proxy client.
    2. Click OK.
  15. Click Add again.
    1. In Remote Group/Client, select the remote CommServe computer.
    2. For Route Type, select Via Proxy.
    3. Select the proxy client from the Remote Proxy list, then click OK.
  16. Under Client Computers, right-click the remote CommServe computer, then click Properties > Network.
  17. On the Firewall Configuration tab, select Configure Firewall Settings > Advanced. Read the warning and click OK.
  18. On the Incoming Connections tab, click Add.
    1. In From, select the proxy client.
    2. In State, select BLOCKED.
    3. Click OK.
  19. Click Add again.
    1. In From, select the CommServe computer that is in the datacenter.
    2. In State, select BLOCKED.
    3. Click OK.
  20. Click the Outgoing Routes tab, then click Add.
    1. In the Remote Group/ Client list, select the proxy client.
    2. Click OK.
  21. Click Add again.

    1. In the Remote Group/ Client list, select the CommServe computer that is in the datacenter.
    2. For Route Type, select Via Proxy.
    3. In the Remote Proxy list, select the proxy client.
    4. Click OK.