Article Content
Article Number | 000025607 |
Applies To | RSA ACE/Server RSA Authentication Manager 6.1 Sun Solaris / SPARC Cisco PIX Firewall |
Issue | Remote Administration to server through a firewall doing Network Address Translation ACE/Server does not have a public IP address. ACE/Server is on a high-security LAN behind the firewall. The IP address of the ACE/Server is non-routable, and cannot be seen from outside the firewall. User wants to perform remote administration through the firewall because the database administrators are coming from Internet to the remote admin machine. User does not want to give ACE/Server a public IP address. How can this be achieved? |
Resolution | To do remote administration to a server with a non-routable IP address, perform the following steps: sdrepmgmt list sdrepmgmt modify Enter the Primary server name. Enter the translated IP address as alias Ip address Windows: go to Start, Settings, Control Panel, RSA Ace Server, click 'Stop'. UNIX: execute the /ace/prog/aceserver stop and sdconnect shutdown commands
2. Add an Alias to the Primary and Replica in the Replica Database: Windows: Start, Programs, RSA Ace/Server, Configuration Tools, Replication Management -click on the Primary Ace/Server, click on 'Details' -go down to 'Alias information' in the middle of the page -type in the Secondary IP address, then click 'Add', then click ok at the bottom of the page -repeat the process for any Replicas that have more than 1 ip address -restart the Ace/Server: go to Start, Settings, Control Panel, RSA Ace Server, click 'Start' UNIX: - sdrepmgmt modify - provide the name of the ACE/Server - add the secondary IP address for the Primary when you get to the 'Alias1 []:' prompt;
3. After performing the above, you will end up with the following when you view the Replica Database (Windows: Start, Programs, RSA Ace/Server, Configuration Tools, Replication Management, click on the Primary, then click 'Details', click on the Replica, then click 'Details'; UNIX: /ace/prog/sdrepmgmt list): Replica 0: <name of the Primary Ace Server> IP Address: <primary ip address of the Ace Server> Replica Service Name: securidprop_00 Service Port Number: 5505 Startup Delay Interval: 0 Replication Interval: 100 Enabled: 1 Primary: 1 Connected: 0 Replica Marked For Unconditional Push: 0 Replica Sequence Number: 9 Alias 1: <secondary IP address of the Ace Server> Alias 2: Alias 3: IP Address: <primary ip address of the Replica Ace Server> Replica Service Name: securidprop_01 Service Port Number: 5506 Startup Delay Interval: 10 Replication Interval: 100 Enabled: 1 Primary: 0 Connected: 0 Replica Marked For Unconditional Push: 0 Replica Sequence Number: 20 Alias 1: <secondary IP address of the Ace Server> Alias 2: Alias 3: |
Legacy Article ID | 6.0.372895.2621673 |