Subscribe to Our Youtube Channel
Related Manuals for H3C MSR3610-I iMC EAD
Summary of Contents for H3C MSR3610-I iMC EAD
- Page 1 H3C MSR3610-I iMC EAD End-user Admission Defense Gateway VM Deployment Guide New H3C Technologies Co., Ltd. http://www.h3c.com Software version: MSR-CMW710-E0809 Document version: 5W100-20200619...
- Page 2 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
- Page 3 Preface This deployment guide describes the fundamentals of VM deployment on the H3C MSR3610-I iMC EAD End-user Admission Defense Gateway, including the VM login method, network configuration, and service data interaction modes. It also covers the following information: • How to deploy the EAD gateway.
- Page 4 GUI conventions Convention Description Window names, button names, field names, and menu items are in Boldface. For Boldface example, the New User window opens; click OK. Multi-level menus are separated by angle brackets. For example, File > Create > > Folder.
- Page 5 It is normal that the port numbers, sample output, screenshots, and other information in the examples differ from what you have on your device. Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.
-
Page 6: Table Of Contents
Contents Introduction ····················································································· 1 Factory defaults ························································································································· 1 Interfaces ·························································································································· 1 Default VM parameters ········································································································· 2 VM login method ························································································································ 2 VM network configuration ············································································································ 3 Service data interaction modes of the VM ······················································································· 3 ... -
Page 7: Introduction
Introduction The H3C MSR3610-I iMC EAD End-user Admission Defense Gateway (referred to as the EAD gateway hereinafter) can cooperate with access services (for example, L2TP, 802.1X, and portal) to achieve the following purposes: • Ensure endpoint access security. • Prevent endpoints from network threats. -
Page 8: Default Vm Parameters
Default VM parameters The EAD gateway is shipped with a VM. The default VM parameters are as follows: • The VM name is EAD_VM, which is case sensitive. • The VM operating system is CentOS. • The login username of the VM operating system is root, which is case sensitive. •... -
Page 9: Vm Network Configuration
Figure 3 VM login through the IP address of a VLAN interface VM network configuration The VM deployed on the EAD gateway is assigned a high-performance SR-IOV NIC by default. The NIC is shipped with IP address 10.1.1.2/30 and gateway 10.1.1.1. For a client host to access the VM, use one of the following methods: •... -
Page 10: Layer 3 Routing
Figure 4 Intra-VLAN broadcasting mode Layer 3 routing The VM NIC belongs to a VLAN. Set the IP address of the VLAN interface to an IP address reachable to the client hosts, and specify the default gateway of the VM as the IP address of the VLAN interface. The client hosts interact with the VM through a Layer 3 Ethernet interface or VLAN interface of the EAD gateway, as shown in Figure... -
Page 11: Deploying The Ead Gateway In A Network
Deploying the EAD gateway in a network Deployment process The EAD gateway ensures endpoint access security, controls endpoints' access behaviors, and backs up authentication data in the network. Figure 6 shows the deployment process of the EAD gateway in a network. Figure 6 Deployment process Preparations for EAD gateway deployment Preparing a management host and tool software... -
Page 12: Connecting The Management Host And The Ead Gateway
Connecting the management host and the EAD gateway Use the serial cable to connect the management host and the console port of the EAD gateway. The management host can use the PuTTY software to log in to the CLI of the EAD gateway through the serial cable. -
Page 13: Preparing For Vnc Viewer Login
EAD_VM running # (Optional.) Start the VM. <H3C> system-view [H3C] vmm [H3C-vmm] start vm EAD_VM Domain EAD_VM started Obtaining the VNC port number of the VM # Obtain the VNC port number of the VM. <H3C> display vncport vm EAD_VM... -
Page 14: Logging In To The Vm
Logging in to the VM In this example, IP address 192.168.0.1/23 is used as the VNC server IP address. This IP address is the default IP address of VLAN-interface 1 on the EAD gateway. Logging in to the desktop of the VM On the management host, open VNC Viewer, and connect to the desktop of the VM by using the VNC server in the format of VNC server IP address:VNC port number, as shown in Figure... -
Page 15: Configuring Vm Network Settings
Logging in to the VM operating system As a best practice to ensure VM security, change the default login password of the VM operating system. After you use VNC Viewer to log in to the desktop of the VM, enter the username and password to log in to the VM operating system. - Page 16 Figure 12 Opening the wired connection Click the gear icon as shown in Figure Figure 13 Opening the network setting configuration page Configure IP address settings for the VM, as shown in Figure Figure 14 Configuring IP address settings...
-
Page 17: Configuring The Ead Gateway Through Imc
After the management host and the EAD gateway become reachable, you can access the IMC Web interface to configure the EAD gateway through the management host. For more information about IMC, see user manuals for the H3C Intelligent Management Center in the network management section of technical documents on H3C websites. - Page 18 Figure 16 IMC services Click the Process and Deploy tabs to view the status of the IMC service processes and the deployment status of the EAD component, respectively, as shown in Figure 17 Figure Figure 17 IMC service processes...
-
Page 19: Example: Deploying The Ead Gateway In A Network
Figure 18 IMC component deployment Example: Deploying the EAD gateway in a network Network configuration As shown in Figure 19, configure the EAD gateway to control the access behaviors of Device A, Device B, and Device C. Device A, Device B, and Device C access Layer 2 Ethernet interface GigabitEthernet 0/2 on the EAD gateway through the switch. - Page 20 Figure 19 Network diagram Procedure Configure the IP address of the management host as 192.168.0.2/23 and the default gateway as 192.168.0.1. (Details not shown.) Configure the IP addresses of Device A, Device B, and Device C as 192.168.0.3/23, 192.168.0.4/23, and 192.168.0.5/23, respectively. Configure their default gateway as 192.168.0.1.
-
Page 21: Configuring Raid
Figure 20 Logging in to the Web interface of the IMC platform Configuring RAID About RAID Redundant Array of Independent Disks (RAID) ensures data reliability and speeds up data reading and writing by storing data in multiple hard disks. By default, the EAD gateway is built with dual SIC-M2-SATA drives and the drives have been configured to operate in RAID 1 mode. -
Page 22: Configuring Raid
<H3C> system-view [H3C] raid [H3C-raid] Create RAID 1. [H3C-raid] create raid level 1 Restoring a RAID About this task If one of the member SIC-M2-SATA drives in RAID 1 is damaged, you can replace the damaged drive with a new drive to restore the RAID. -
Page 23: Removing A Raid
Enter RAID view. <H3C> system-view [H3C] raid [H3C-raid] Restore RAID md0. [H3C-raid] restore raid md0 Removing a RAID Restrictions and guidelines Removing a RAID also clears all data from the member SIC-M2-SATA drives of the RAID. Procedure Enter RAID view. -
Page 24: Stopping The Vm
Enable VM auto-start on VM EAD_VM. [H3C-vmm] autostart vm EAD_VM Disable VM auto-start on VM EAD_VM. [H3C-vmm] undo autostart vm EAD_VM Backing up the VM About this task Perform this task to back up the VM after the VM is stopped. The backup file is a .vmb file. -
Page 25: Restoring The Vm
Procedure Enter VMM view. <H3C> system-view [H3C] vmm Export the VM to file md0:/EAD_VM.pkg. [H3C-vmm] export vm EAD_VM md0:/EAD_VM.pkg Uninstalling the VM Restrictions and guidelines Perform this task to uninstall the VM after the VM is stopped. Procedure Enter VMM view. -
Page 26: Configuring Vms
[H3C-vmm] create-disk md0:/EAD_VM.qcow size 30 format qcow2 # Add the disk to VM EAD_VM. [H3C-vmm] add disk vm EAD_VM format qcow2 disk-file md0:/EAD_VM.qcow disk-bus ide Configuring VMs For more information about configuring hard disks, vNICs, memory, vCPUs, and other parameters for the VM and the related commands, see the following manuals: •... - Page 27 Task Command information. Display the VM VNC port number. display vncport vm vm-name Display the bindings between vCPUs display vmcpupin [ vm vm-name ] and physical CPUs. Display VM disk usage information. display vmdisk-usage vm vm-name Display physical NIC information. display passthrough Display the SR-IOV NIC network display vm-network-mode...
Need help?
Do you have a question about the MSR3610-I iMC EAD and is the answer not in the manual?
Questions and answers