HP UX 11i Volume Management (LVM/VxVM) Software manual

44Using Veritas Enterprise Administrator Firewall support

To connect

1Allow for an alias of port 2148 on server A to be a particular port on the firewall machine.

2Let Pf be the port on the firewall machine F which is an alias for port 2148 on server A.

3Connect using the GUI to port Pf on F. You are actually managing server A

VEA uses Anonymous Deffie Hellman key exchange and is therefore vulnerable to the man-in-the-middle attack. Therefore it is recommended that SSH or some kind of tunnelling software be used if going across the internet. If SSH is used set up port forwarding from client to firewall port Pf and use SSH to tunnel.

Example 3

For the case where 2148 is forwarded through the firewall (punch through):

To connect

1Let machines A and B be the servers on the secure side of the firewall.

2Let client be on the internet/intranet side

client ---> firewall ---> AB

3Configure TCP/IP routing on the client such that packets destined for AB are routed to firewall F.

4Add A and B to /etc/hosts (or equivalent) for name resolution if required.

5Connect to A or B or both machines (depending on which are to be managed).

Image 40

HP UX 11i Volume Management (LVM/VxVM) Software manual Client --- firewall --- AB

Contents

Veritas Enterprise Administrator 5.0.1 Users Guide Unix is a registered trademark of The Open Group Contents Chapter Dialog boxes Contents Introducing the Veritas Enterprise Administrator console About the Veritas Enterprise Administrator console VEA features Veritas Enterprise Administrator home Main window 2shows the main window of VEA Object tree and grid Quick access barObject tree Menu bar Grid Toolbar Status areaConsole view Tasks view Multiple selections Accessing tasksOpening a new window Alternatively, you can select File New Window Page Using Veritas Enterprise Administrator Setting up your system About Veritas Enterprise AdministratorStarting Veritas Enterprise Administrator Using the start menu Using the command lineFrom a Windows client From a Unix client Selecting an alternate profile Startup profileIf no profiles exist Setting Veritas Enterprise Administrator preferences See Setting the console view on Setting connection preferences Reconnecting hostsAdjusting the history settings Adding and removing favorite hosts Setting advanced preferences Setting general preferencesSetting language preference Number of unfiltered messages Setting the console viewFilter messages Setting user accounts Viewing objects and object properties Selecting objects Navigational view Console view Details viewTasks view Properties of an object Performing tasksRunning tasks from the menu bar Running tasks from a popup menu Connecting and disconnecting hosts and domainsRunning tasks from the task assistant Connecting to a host or domain Clicking on File Connect Disconnecting from a host Logon authenticationSwitching between connected hosts Using the control panel Exiting the Veritas Enterprise Administrator clientViewing different products Viewing the alert log 4shows the alert log Previous and next alert sets Viewing alert details Viewing the task log Previous and next task sets Configuring logs Printing viewsManaging user profiles Task details Selecting a startup profile Creating a new profile Firewall support Changing your passwordDeleting a profile Example C.d1234 Client --- firewall --- AB Keyboard shortcuts About accessibilityAbout accelerators About mnemonics Keyboard mapping conventions Actions Dialog boxes Conventions Mnemonic Accelerator Accessibility Dialog boxes Tabbed pages Changing the selection Accessibility Dialog boxes Glossary Clicking the mouse Index VEA