Manualshelf

Administrator Guide

ManualsBrandsDell ManualsCloudLink SecureVMHybrid Cloud System for Microsoft
31323334353637383940
Procedures for all these steps are included in the following sections.
Setting up tenant portal access on an isolated network
This is an optional procedure you can do before you go into production.
When the Dell Hybrid Cloud System for Microsoft is deployed, all management VMs are connected to the Management network. This
includes the VM that hosts the Windows Azure Pack management portal for tenants,<
Prex
>APT01, the portal that tenants use o access
cloud services.
Sometimes, you may want to isolate the management network from tenant access. Follow the steps in this section if your organization
requires network level isolation between the tenant portal and other management VMs. This requirement is more common for cloud service
providers.
To isolate trac, the Windows Azure Pack management portal for tenants VM (referred to as the tenant portal VM) must be connected to
another network that is accessible by tenants. This section describes the general requirements and the steps to congure tenant access to
the portal over the isolated network.
NOTE: Dell recommends that you set up tenant access isolation before you replace self-signed certicates and congure AD FS,
or another security token service. In the process of setting up tenant portal access on an isolated network, you change the fully
qualied domain name (FQDN) of the tenant portal in the tenant portal settings. It is best to make the change rst, before you
undertake the other procedures.
Sample naming convention
Examples in this section use the following sample names and addresses:
Management network: VLAN 100
Tenant access network: VLAN 110
Management network address: 10.10.55.0/26
Internal network range: 10.0.0.0/8
Dell Hybrid Cloud System for Microsoft stamp prex: DHCS
Internal domain name (in which the DHCS stamp is deployed): contoso.local
External domain name: contoso.com
Tenant portal VM internal IP address: 10.10.55.14
Tenant portal VM internal FQDN: dhcsapt01.contoso.local
Tenant portal VM external IP address: 172.31.1.5
Tenant portal VM external FQDN: cloudportal.contoso.com
Network requirements
The following diagram illustrates the network conguration for isolated tenant portal access, with examples.
Administration
35