User guide

To initialize a FIPS cluster member’s security world via the serial console:

1. Insert an administrator card that is pre-initialized with the active cluster member’s

security world into the smart card slot with the contacts facing up.

NOTE: If you have already performed the procedures required to configure

the FIPS appliance, as described in the Quick Start Guide, you might be

able to skip this step.

2. Switch the cryptographic module’s mode switch to I (initialization mode) if it is not

already in that position.

3. Connect to the machine’s serial console.

4. Cycle the power to reboot the machine and watch its serial console. After the system

software starts, you will see a message that the machine is about to boot as a

stand-alone Secure Access and to hit Tab for clustering options. Press the Tab key

as soon as you see this option.

NOTE: The interval to press the Tab key is five seconds. If the machine

begins to boot in stand-alone mode, wait for it to finish and then reboot

again.

5. Enter the number 2 to join the existing cluster or 1 to continue as a standalone Secure

Access.

6. Enter the initialization information as prompted, including:

•

Cluster name

•

Cluster password

•

IP address of a node in the cluster

•

IP address of the node you are adding

•

Netmask

•

Gateway IP address

NOTE: After you initialize members of a Secure Access FIPS cluster with

the same security world, you may disable and re-enable the cluster through

the admin console. You are no longer required to use the serial console

once the cluster members are all members of the same security world.

7. Select 1 to continue joining the cluster.

8. After the FIPS appliance initializes the card, switch the cryptographic module’s mode

switch to O (operational mode).

Chapter 7: Clusters