Infoblox Infoblox-550 User Manual Download Page 22 | Manualshive

Page: 22 / 40

background image

Example 1 – Single Infoblox-550 Appliance for External DNS

For the Infoblox-550 Appliance

21

18.

Enter the following information, and then click

OK

to close the dialog box:

—

Name: ns2.corp100.com

—

IP Address: 2.2.2.2

—

Stealth: Clear check box.

19.

Click the

Save

icon.

20.

In the Infoblox Views panel of the DNS perspective, click

+

(for Reverse Mapping Zones) ->

1.1.1.in-addr.arpa

->

Edit

->

Authoritative Zone Properties

.

21.

In the

Authoritative Reverse Zone

editor

,

click

Settings

and enter the following:

—

E-mail address: [email protected]

—

Import zone from: Select check box, and enter

10.1.5.3

in the adjacent text field.

22.

Click the

Save

and

Restart Services

icons.

23.

Click

1.1.1.in-addr.arpa

->

View

->

Records

.

You can see all the imported reverse-mapping zone data in the

Records

panel.

24.

Click

corp100.com

in the Forward Mapping Zones list.

Because you have now imported both the forward- and reverse-mapping zone data, most of the records
appear as host records.

25.

Finally, you must remove the ns1 host record for the legacy server (value 1.1.1.3). To remove it, select

ns1

(the

host record for 1.1.1.3), and then click

Edit

->

Remove

.

Task 1.7

Designate the New Primary on the Secondary Name Server (at the ISP Site)

In this example, the external secondary name server is maintained by an ISP, so you must contact your ISP
administrator to change the IP address of the primary (or

master

) name server. (If you have administrative access

to the secondary name server, you can make this change yourself.)

Because a firewall performing NAT exists between the secondary and primary name servers, specify the NAT
address 1.1.1.2 for the primary name server instead of 10.1.5.2.

Secondary BIND Server

1.

Open the named.conf file using a text editor and set ns1 (with NAT address 1.1.1.2) as the primary (or

master

)

from which ns2 receives zone transfers in the named.conf file for the corp100.com zone:

zone "corp100.com" in {

type slave;

masters { 1.1.1.2; };

notify yes;

file “/var/named/db.corp100.com”;

};

2.

After editing the named.conf file, restart DNS service for the change to take effect.

Secondary Windows 2000/2003 Server

1.

Click

Start

->

All Programs

->

Administrative Tools

->

DNS

.

2.

Click

+

(for ns2) ->

+

(for Forward Lookup Zones) ->

corp100.com

.

3.

Right-click

corp100.com

, and then select

Properties

->

General

.

«
...
20
21
22
23
24
...
»

Summary of Contents for Infoblox-550

Page 1: ...Version 4 0 Infoblox User Guide For the Infoblox 550 Appliance P N 400 0106 100 Rev A...

Page 2: ...rver 18 Task 1 6 Import Zone Data 19 Task 1 7 Designate the New Primary on the Secondary Name Server at the ISP Site 21 Task 1 8 Configure NAT and Policies on the Firewall 22 Example 2 HA Pair for Int...

Page 3: ...nc without the prior written consent of Infoblox Inc is prohibited For Open Source Copyright information see Open Source Copyright and License Statements in the Online Help Trademark Statements Infobl...

Page 4: ...ces In addition to DNS and DHCP services it also includes RADIUS Remote Authentication Dial In User Service proxy and TFTP Trivial File Transfer Protocol network services You can configure and manage...

Page 5: ...ion buttons communication ports and indicator lights The back panel components include the power connector and switch fan and air vent and the model and serial number label Figure 2 shows the componen...

Page 6: ...the hard drive processes data Power Indicator An LED that glows green to indicate when there is power to the device MGMT Port A 10 100 1000 Mbps fast ethernet port that you can use for device manageme...

Page 7: ...s 1 and 2 transmit data and the twisted pair connecting to pins 3 and 6 receive data For 1000Base T connections all four twisted pair wires are used for bidirectional traffic Figure 3 Connector Pin As...

Page 8: ...e device can withstand Power specifications describe the electrical range within which the device circuitry can operate System Specifications Form Factor 1 U rack mountable device Dimensions 1 75 H x...

Page 9: ...cifications by region Region Plug Type Cable Type Maximum Power Rating Maximum Temperature Rating North America NEMA5 15P 3 prong male plug VCTF 3C 18 AWG 7A 125 V 75 C Japan NEMA5 15P 3 prong male pl...

Page 10: ...e side of the device Note There are five evenly spaced holes on each side of the device You can secure the brackets to any two adjacent holes so that you can mount the device more or less deeply in th...

Page 11: ...es fail to auto negotiate the optimal settings see the Infoblox Administrator Guide for steps you can take to resolve the problem 3 HA pair To ensure that VRRP Virtual Router Redundancy Protocol works...

Page 12: ...s to operate an Infoblox device Table 2 Software and Hardware Requirements for the Management System Management System Software Requirements Management System Hardware Requirements GUI ACCESS Microsof...

Page 13: ...ompts Internet Explorer prompts you to save the JNLP file Click Cancel and make the file association as follows 1 Click Start Control Panel Folder Options File Types New 2 In the File Extension field...

Page 14: ...and passwords are case sensitive Using an SSHv2 Client In addition to making a direct serial connection to the Infoblox device through its console port you can also access the Infoblox CLI remotely ac...

Page 15: ...pe help command after the command prompt For example help ping Synopsis ping hostname IP address numerical Description Send 5 sequential ICMP ECHO requests to a remote host and display the results Use...

Page 16: ...n communicate with devices on the public network The FQDN and IP address of the external secondary DNS server are ns2 corp100 com and 2 2 2 2 The ISP hosts this server The primary and secondary server...

Page 17: ...mediately goes into input mode in which you can enter the IP address netmask and gateway for the LAN1 port 2 Use the navigation buttons to enter the following information IP Address 10 1 5 2 Netmask 2...

Page 18: ...he destination IP address you entered in step 1 To stop the warning messages from occurring each time you log in to the GUI you can generate a new self signed certificate or import a third party certi...

Page 19: ...ddress or NAT address if configured To verify that the A record uses the NAT address 1 1 1 2 instead of the interface address 10 1 5 2 1 Click DNS to open the DNS perspective and then click DNS Member...

Page 20: ...ause you cannot later convert A records to host records it is more efficient to create the corp100 com zone and define host records manually Infoblox host records are data models that represent IP dev...

Page 21: ...ormation and then click OK to close the dialog box Name ns2 corp100 com IP Address 2 2 2 2 Stealth Clear check box 8 Click the Save icon 9 In the Infoblox Views panel of the DNS perspective click for...

Page 22: ...1 1 3 To remove it select ns1 the host record for 1 1 1 3 and then click Edit Remove Task 1 7 Designate the New Primary on the Secondary Name Server at the ISP Site In this example the external secon...

Page 23: ...ll to allow bidirectional DNS traffic to and from ns1 corp100 com and NTP traffic from ns1 corp100 com to the NTP server at 3 3 3 3 For example enter the following commands on a Juniper firewall runni...

Page 24: ...0 com at 2 2 2 2 It also uses DHCP to provide dynamic and fixed addresses The HA pair consists of two devices nodes The IP addresses of the VIP virtual IP address of the HA pair and the HA and LAN1 po...

Page 25: ...ange printer2 10 1 2 2 bb bb bb Address Range ethernet3 10 1 6 2 24 ethernet0 10 1 6 1 24 ethernet2 10 1 2 1 24 ethernet1 10 1 1 1 24 ethernet4 10 1 4 1 24 Server Network Router Relay Agent on e1 and...

Page 26: ...Appliance Startup Wizard which guides you through the basic deployment of the device on your network To set up an HA pair you must connect to and configure each device individually Node 1 1 Open a br...

Page 27: ...x Appliance Startup Wizard opens with a splash screen that provides basic information about the wizard and then displays license agreement information Beginning on the third wizard screen enter or sel...

Page 28: ...if corresponding A and PTR records are present You can then modify the host records to add MAC addresses However if you only import forward mapping zone data the Infoblox device cannot create host re...

Page 29: ...the following Name corp100 com Comment Internal DNS zone 5 In the Primary Server Assignment section click Select Member to open the Select ID Grid Member dialog box 6 Select ns3 corp100 com and then...

Page 30: ...port Wizard hyperlink Networks You can create all the subnetworks individually which in this example are 10 1 1 0 24 10 1 2 0 24 10 1 4 0 24 and 10 1 5 0 24 or you can create a parent network 10 1 0 0...

Page 31: ...erver for each zone In this example the device creates four reverse mapping zones You must modify each zone by assigning ns3 corp100 com as its primary DNS server 1 From the DNS perspective click Info...

Page 32: ...st delete the IP address for that host and then add the same IP address with the MAC address 1 From the DNS perspective click Infoblox Views for Infoblox Views for default for Forward Mapping Zones fo...

Page 33: ...warders in the order that they appear in the Forwarders list starting from the top of the list If the first forwarder does not reply the device tries the second one The device keeps track of the respo...

Page 34: ...internal network to allow the following DHCP DNS and NTP traffic To allow messages to pass from the DHCP clients in the DMZ the web mail and FTP servers to ns3 in the Server network configure policies...

Page 35: ...to one hour at a slightly greater interval of time before you plan to switch DNS service to the device for example three days before the switch over By changing the lease length this far in advance yo...

Page 36: ...blox hosts and as fixed addresses Three distinct views of IP address usage To monitor the usage of IP addresses on your network you can see the following different views High level overall network vie...

Page 37: ...ttings and network DHCP range and host settings for the Infoblox DHCP server DHCP Leases Contains a real time record of DHCP leases DHCP Lease History Contains an historical record of DHCP leases DHCP...

Page 38: ...ration on the device or HA pair you must do two additional steps 1 Save a backup file of the device or HA pair to your local management system 2 On the ID grid master add the device or HA pair as a ne...

Page 39: ...ystem log From the ID Grid perspective click grid_master File System Log active_node 3 Click OK 4 Type the location of the backup file or navigate to the file and select it and then click OK After the...

Page 40: ...ach dialog box infoblox com The Infoblox Web site contains a number of useful resources such as Infoblox Technical Support http www infoblox com support Access the knowledgebase software downloads rel...

Reviews:

No comments

Related manuals for Infoblox-550

Internet Backup

Brand: Swisscom Pages: 2

Brand: Check Point Pages: 4

Power Sensor 2000

Brand: Check Point Pages: 4

SMB 1500 Series

Brand: Check Point Pages: 1401

Brand: IBM Pages: 2

Neoware c50 - Thin Client

Brand: Neoware Pages: 5

Brand: Cisco Pages: 6

Brand: Cisco Pages: 2

Brand: Cisco Pages: 7

Brand: Cisco Pages: 222

Brand: PaloAlto Networks Pages: 54

Brand: Cisco Pages: 18

amp threat grid

Brand: Cisco Pages: 50

Brand: EdgeWave Pages: 12

Brand: BluePoint Security Pages: 18

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands