Attach the Replica Instance to the Primary Instance

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

Attaching the replica instance to the primary instance enables the replica instance to synchronize data with the primary instance. The replica instance records all authentications locally and sends the authentication and log data to the primary instance at regular intervals. When the primary instance is unavailable, the replica instance holds this data locally until the primary instance becomes available.

Note:  The replica instance cannot authenticate users during the attachment process.

The instances use the TCP/IP protocol over an encrypted link for secure database synchronization. Instances can communicate over a local area network (LAN) or a wide area network (WAN).

For information on firewalls, see the appendix “Port Usage” in the RSA Authentication Manager Setup and Configuration Guide.

For information on firewalls, see Port Traffic.

Before you begin 

Confirm the following:

  • You generated a replica package file on the primary instance and downloaded the replica package to your local machine. For instructions, see Generate a Replica Package.

  • You generated a replica package file on the primary instance and downloaded the replica package to your local machine. For instructions, see the Help topic "Generate a Replica Package."

  • The primary and replica instances can resolve and connect to each other on the following ports:

    • 7002/TCP

    • 7022/TCP

    • 1812/TCP

    • 1813/TCP

    Note:  Ports 1812 and 1813 are used by RSA RADIUS. If you do not plan to use RSA RADIUS, you must still open these ports on your network, for example, on any firewalls sitting between the primary instance and the replica instance, for attachment to succeed.

  • The RSA RADIUS service is running on the primary instance.

    Even if you do not plan to use RADIUS, the service must be running for the replica attachment to succeed.

  • The clocks on the primary and replica instances are synchronized. If the clocks are off by more than 10 minutes, the attachment fails.

  • If you deferred attaching the replica instance after it was configured using Quick Setup, power on the replica instance and access Quick Setup. Quick Setup resumes at the Attach to Primary Instance page.

Procedure 

  1. On the Attach to Primary Instance page under Upload Replica Package, click Browse, and select the replica package file to upload from your local machine. Click Next.

  2. Under Provide Credentials, enter your Operations Console administrator User ID and password, and click Next.

After you finish 

  • Check the replication status by viewing the Replication Status Report for the replica instance. In the Operations Console for the replica instance, click Deployment Configuration > Instances > Status Report.

  • If you are using RSA RADIUS, verify the replication status of the RADIUS server. In the Security Console for the replica instance, click RADIUS > RADIUS Servers.

  • Make sure that the web browsers used to access the Security Console or the Operations Console have JavaScript enabled. See your web browser documentation for instructions on enabling JavaScript.

  • After the replica instance is attached to the primary instance, network setting changes made in the VMware vSphere Client will no longer take effect. Use the Operations Console in the primary instance to change the network settings.

 

 

Related Concepts

Replica Instance

 

 


Attachments

    Outcomes