Manualshelf

PCM+ Agent with ONE zl Module Installation and Getting Started Guide 2009-11

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
1-30
Getting Started
Example PCM+ Agent Module Deployment
PCM+ Agent Module Overview
The PCM+ Agent Module is located in switch Slot C. Port C2 is an untagged
member of VLAN 25 in the private network, a VLAN in Zone1. If the private
network has a Management VLAN, port c2 should be an untagged member of
that VLAN. If subnets are used in the private network it must be configured to
allow communication between the PCM+ Agent Module and any devices to
be managed.
Configuring an Agent-Initiated Connection
The PCM+ Agent Module, behind the firewall, establishes a connection with
the PCM+ Server using port 51111 (the default Server port). An Agent-initiated
connection requires using the Agent Web browser interface on port 8080 to
change the connection setting, by clicking the Initiates Connections box on the
Agent Connection page. The Agent’s Source Address (SA) is translated to a
Public address by the TMS zl Module. The NAT and firewall access policies
are described below.
NAT Policies. The Zone1 to External policies NAT traffic from the PCM+
Agent Module to the PCM+ 3.10 Server. The External to Self policies are used
for a destination NAT. The External zone is the zone from which the traffic to
be translated arrives. The destination zone is the Self zone because the traffic
to be translated is originally destined to a public IP address (42.167.195.23)on
the TMS zl Module. The PCM+ 3.10 Server IP address is 42.167.195.21; the PCM+
Agent Module IP address is 172.17.2.2.
Zone1 to Externa
l
External to Self
Service Source Destination Translate NAT Value
ICMP 172.17.2.2 42.167.195.21 Source 42.167.195.23
TCP/Port 8080 172.17.2.2 42.167.195.21 Source 42.167.195.23
TCP/Port 51111 172.17.2.2 42.167.195.21 Source 42.167.195.23
SSH 172.17.2.2 42.167.195.21 Source 42.167.195.23
Service Source Destination Translate NAT Value
ICMP 42.167.195.21 42.167.195.23 Destination 172.17.2.2
TCP/Port 8080 42.167.195.21 42.167.195.23 Destination 172.17.2.2
TCP/Port 51111 42.167.195.21 42.167.195.23 Destination 172.17.2.2
SSH 42.167.195.21 42.167.195.23 Destination 172.17.2.2