commvault.com commvault.com
Solved

Firewall Configuration for RHEV

  • 29 July 2021
  • 3 replies
  • 174 views
Kamil W
Rank
Userlevel 4
Badge +11
  • Kamil W Commvault Certified Expert
  • Commvault Certified Expert
  • 83 replies

Hello Guys,

 

I need your help.

 

I am deplying a VM protection (Red Hat Enterprise Virtualization) in the Customer’s environment.

The Customer has the following configuration:

 

 

CS and MA are located outside of Internal Network.

RHEV Manager Server is located behind the Firewall.

VSA Proxy is a part of the RHEV environment (VM running Linux OS)

 

I created a Client Group called ‘DMZ’, then I put the VSA proxy to this group.

I also set the Network Route for DMZ group as follows:

  • From Infastructure Group - Blocked

Then I set the Network Route for Infastructure group as follows:

  • From DMZ Group - Restricted (port 8403)

 

Is anything alse that I need to do to create a RHEV pseudo-client?

Do you think that this Firewall configuration should work or maybe I should set the Firewall in different way?

 

Rgds,

Kamil

icon

Best answer by MichaelCapon 29 July 2021, 14:33

View original

3 replies

MichaelCapon
Rank
Userlevel 6
Badge +14

Hey Kamil,

 

From your description and diagram, it looks like this should work as intended.
Setting Infra as blocked will force the VSA (In DMZ Group) to initiate the tunnel connection on 8403 to the Infrastructure Group servers (CS and MA).

 

Best Regards,

Michael

Kamil W
Rank
Userlevel 4
Badge +11

Many thanks, @MichaelCapon .

 

Rgds,

Kamil

Damian Andre
Rank
Userlevel 7
Badge +23

 

Reply


Terms & ConditionsCookie settings