Manualshelf

Veritas Enterprise Administrator 5.0 User's Guide, HP-UX 11i v3, First Edition, May 2008

ManualsBrandsHP ManualsSoftwareHP-UX 11i Volume Management (LVM/VxVM) Software
31323334353637383940
37Using the VEA
Firewall support
Example 1
If a.b.c.d is a firewall machine, then:
Port 1234 on a.b.c.d = 2148 on veaserver1, and
Port 3456 on a.b.c.d = 2148 on veaserver2
...
and so on.
Now, if the client wishes to connect to veaserver1 then, it should specify the
following in the connection box:
a.b.c.d:1234
This then connects to veaserver1 and displays veaserver1 in the connected
hosts, history and favorites databases. The firewall:port combination is stored in
the wallet for subsequent connection to the server if requested by the user.
Example 2
client ---> Internet ---> firewall ---> server
and
client ---> firewall ---> server
We need to do the following:
1 Allow for an alias of port 2148 on server A to be a particular port on the
firewall machine.
2 Let Pf be the port on the firewall machine F which is an alias for port 2148
on server A.
3 Connect using the GUI to port Pf on F. You are actually managing server A
Note: VEA uses Anonymous Deffie Hellman key exchange and is therefore
vulnerable to the man-in-the-middle attack. Therefore it is recommended that
SSH or some kind of tunnelling software be used if going across the internet. If
SSH is used set up port forwarding from client to firewall port Pf and use SSH to
tunnel.