DX Unified Infrastructure Management

  • 1.  UIM hub in dmz with tunneling

    Posted Sep 20, 2017 02:15 PM

    Hi All,

    Can anyone tell me if there is a step by step document they can share that describes how to set up a hub in the dmz, and tunneling it back to the Primary Hub utilizing port 40003? I've read the  https://docops.ca.com/ca-unified-infrastructure-management/8-5-1/en/installing-ca-uim/install-secondary-hubs/windows-secondary-hub  document but it does not go into a lot of specifics.

     

    TIA



  • 2.  Re: UIM hub in dmz with tunneling
    Best Answer

    Broadcom Employee
    Posted Sep 20, 2017 06:33 PM

    Try the following Knowledge Documents to see if they give you the additional details you are looking for:

     

    For Windows hubs:

    TEC000002642 : How to setup Nimsoft Monitor Tunnels

     

    Additional information for Linux/UNIX hub:

    TEC000003735 : CA UIM: Tunnel Setup Using tunnelsetup Utility



  • 3.  Re: UIM hub in dmz with tunneling

    Posted Sep 20, 2017 07:31 PM

    Hi Kathy,

    Thank you for the documentation, it is very informative. Just what we were looking for. One last question. In the Documentation it refers to the Tunnel Server and the Tunnel client.  I am guessing that the Tunnel Client refers to the hub on the inside of the secure zone. The Tunnel Server is on the internal corporate network, does the tunnel server  have to be the Primary Hub server or can it be one of the Secondary hubs? We have 1 primary and two secondary hubs.

     

    Patrick



  • 4.  Re: UIM hub in dmz with tunneling

    Broadcom Employee
    Posted Sep 21, 2017 02:23 AM

    Patrick -

     

    Another Knowledge Document to address your question about which hub should be the tunnel server and which the tunnel client:

     

    TEC000002809 : Which Side of the Tunnel Should Be the Tunnel Client? The Tunnel server?

     

    Based on this document, it is generally recommended that your Primary hub NOT be configured as a tunnel server.  This hub has so much other work going on that the additional duties of the tunnel server will only bog this hub down further.  If you need a tunnel connection to the primary hub, make it a tunnel client.