Infoblox Infoblox-550 Скачать руководство пользователя страница 19 | Manualshive

Страница: 19 / 40

Infoblox Infoblox-550 Скачать руководство пользователя страница 19

Configuration Examples

18

Infoblox User Guide

7.

Log back in to the device. When you log in the second time, you access the Infoblox GUI application. For system
requirements to use the GUI, see

Table 2

on page 11.

Task 1.4

Define a NAT Address

Because the firewall translates the public IP address 1.1.1.2 to the interface IP address 10.1.5.2, all DNS queries
originating outside the firewall use 1.1.1.2 (not 10.1.5.2) to reach the Infoblox device. Accordingly, you must
configure the device to indicate to other external DNS servers that its address is 1.1.1.2.

1.

From the ID Device perspective, click

ns1.corp100.com

->

Edit

->

ID Device Properties.

2.

In the

ID Device

editor, click

NAT

and enter the following:

—

Enable NAT compatibility: Select check box.

—

Group: None

—

NAT (V)IP Address: 1.1.1.2

3.

Click the

Save

icon.

The glue record is an A record for a name server. The device automatically generates the A record for
ns1.corp100.com using either the interface address or NAT address (if configured). To verify that the A record uses
the NAT address (1.1.1.2) instead of the interface address (10.1.5.2):

1.

Click

DNS

to open the DNS perspective, and then click

DNS Members

->

+

(for Infoblox) ->

ns1.corp100.com

->

Edit

->

Member DNS Properties.

2.

In the Member DNS Properties editor, click

General

.

3.

In the table labelled

Member address for glue record inside view

, select the default view and click

Modify

.

4.

In the

Select Member Address

dialog box, select

NAT IP address

.

5.

Click the

Save

and

Restart Services

icons.

Task 1.5

Enable Zone Transfers on the Legacy Name Server

To allow the device to import zone data from the legacy server at 10.1.5.3, you must configure the legacy server to
allow zone transfers to the device at 10.1.5.2.

Legacy BIND Server

1.

Open the named.conf file using a text editor and change the allow-transfer statement as shown below:

For All Zones

— To set the allow-transfer statement as a global statement in the named.conf file for all zones:

options {

zone-statistics yes;

directory "/var/named/named_conf";

version "";

recursion yes;

listen-on { 127.0.0.1; 10.1.5.3; };

…

allow-transfer { 10.1.5.2

; };

transfer-format many-answers;

};

«
...
17
18
19
20
21
...
»

Содержание Infoblox-550

Страница 1: ...Version 4 0 Infoblox User Guide For the Infoblox 550 Appliance P N 400 0106 100 Rev A...

Страница 2: ...rver 18 Task 1 6 Import Zone Data 19 Task 1 7 Designate the New Primary on the Secondary Name Server at the ISP Site 21 Task 1 8 Configure NAT and Policies on the Firewall 22 Example 2 HA Pair for Int...

Страница 3: ...nc without the prior written consent of Infoblox Inc is prohibited For Open Source Copyright information see Open Source Copyright and License Statements in the Online Help Trademark Statements Infobl...

Страница 4: ...ces In addition to DNS and DHCP services it also includes RADIUS Remote Authentication Dial In User Service proxy and TFTP Trivial File Transfer Protocol network services You can configure and manage...

Страница 5: ...ion buttons communication ports and indicator lights The back panel components include the power connector and switch fan and air vent and the model and serial number label Figure 2 shows the componen...

Страница 6: ...the hard drive processes data Power Indicator An LED that glows green to indicate when there is power to the device MGMT Port A 10 100 1000 Mbps fast ethernet port that you can use for device manageme...

Страница 7: ...s 1 and 2 transmit data and the twisted pair connecting to pins 3 and 6 receive data For 1000Base T connections all four twisted pair wires are used for bidirectional traffic Figure 3 Connector Pin As...

Страница 8: ...e device can withstand Power specifications describe the electrical range within which the device circuitry can operate System Specifications Form Factor 1 U rack mountable device Dimensions 1 75 H x...

Страница 9: ...cifications by region Region Plug Type Cable Type Maximum Power Rating Maximum Temperature Rating North America NEMA5 15P 3 prong male plug VCTF 3C 18 AWG 7A 125 V 75 C Japan NEMA5 15P 3 prong male pl...

Страница 10: ...e side of the device Note There are five evenly spaced holes on each side of the device You can secure the brackets to any two adjacent holes so that you can mount the device more or less deeply in th...

Страница 11: ...es fail to auto negotiate the optimal settings see the Infoblox Administrator Guide for steps you can take to resolve the problem 3 HA pair To ensure that VRRP Virtual Router Redundancy Protocol works...

Страница 12: ...s to operate an Infoblox device Table 2 Software and Hardware Requirements for the Management System Management System Software Requirements Management System Hardware Requirements GUI ACCESS Microsof...

Страница 13: ...ompts Internet Explorer prompts you to save the JNLP file Click Cancel and make the file association as follows 1 Click Start Control Panel Folder Options File Types New 2 In the File Extension field...

Страница 14: ...and passwords are case sensitive Using an SSHv2 Client In addition to making a direct serial connection to the Infoblox device through its console port you can also access the Infoblox CLI remotely ac...

Страница 15: ...pe help command after the command prompt For example help ping Synopsis ping hostname IP address numerical Description Send 5 sequential ICMP ECHO requests to a remote host and display the results Use...

Страница 16: ...n communicate with devices on the public network The FQDN and IP address of the external secondary DNS server are ns2 corp100 com and 2 2 2 2 The ISP hosts this server The primary and secondary server...

Страница 17: ...mediately goes into input mode in which you can enter the IP address netmask and gateway for the LAN1 port 2 Use the navigation buttons to enter the following information IP Address 10 1 5 2 Netmask 2...

Страница 18: ...he destination IP address you entered in step 1 To stop the warning messages from occurring each time you log in to the GUI you can generate a new self signed certificate or import a third party certi...

Страница 19: ...ddress or NAT address if configured To verify that the A record uses the NAT address 1 1 1 2 instead of the interface address 10 1 5 2 1 Click DNS to open the DNS perspective and then click DNS Member...

Страница 20: ...ause you cannot later convert A records to host records it is more efficient to create the corp100 com zone and define host records manually Infoblox host records are data models that represent IP dev...

Страница 21: ...ormation and then click OK to close the dialog box Name ns2 corp100 com IP Address 2 2 2 2 Stealth Clear check box 8 Click the Save icon 9 In the Infoblox Views panel of the DNS perspective click for...

Страница 22: ...1 1 3 To remove it select ns1 the host record for 1 1 1 3 and then click Edit Remove Task 1 7 Designate the New Primary on the Secondary Name Server at the ISP Site In this example the external secon...

Страница 23: ...ll to allow bidirectional DNS traffic to and from ns1 corp100 com and NTP traffic from ns1 corp100 com to the NTP server at 3 3 3 3 For example enter the following commands on a Juniper firewall runni...

Страница 24: ...0 com at 2 2 2 2 It also uses DHCP to provide dynamic and fixed addresses The HA pair consists of two devices nodes The IP addresses of the VIP virtual IP address of the HA pair and the HA and LAN1 po...

Страница 25: ...ange printer2 10 1 2 2 bb bb bb Address Range ethernet3 10 1 6 2 24 ethernet0 10 1 6 1 24 ethernet2 10 1 2 1 24 ethernet1 10 1 1 1 24 ethernet4 10 1 4 1 24 Server Network Router Relay Agent on e1 and...

Страница 26: ...Appliance Startup Wizard which guides you through the basic deployment of the device on your network To set up an HA pair you must connect to and configure each device individually Node 1 1 Open a br...

Страница 27: ...x Appliance Startup Wizard opens with a splash screen that provides basic information about the wizard and then displays license agreement information Beginning on the third wizard screen enter or sel...

Страница 28: ...if corresponding A and PTR records are present You can then modify the host records to add MAC addresses However if you only import forward mapping zone data the Infoblox device cannot create host re...

Страница 29: ...the following Name corp100 com Comment Internal DNS zone 5 In the Primary Server Assignment section click Select Member to open the Select ID Grid Member dialog box 6 Select ns3 corp100 com and then...

Страница 30: ...port Wizard hyperlink Networks You can create all the subnetworks individually which in this example are 10 1 1 0 24 10 1 2 0 24 10 1 4 0 24 and 10 1 5 0 24 or you can create a parent network 10 1 0 0...

Страница 31: ...erver for each zone In this example the device creates four reverse mapping zones You must modify each zone by assigning ns3 corp100 com as its primary DNS server 1 From the DNS perspective click Info...

Страница 32: ...st delete the IP address for that host and then add the same IP address with the MAC address 1 From the DNS perspective click Infoblox Views for Infoblox Views for default for Forward Mapping Zones fo...

Страница 33: ...warders in the order that they appear in the Forwarders list starting from the top of the list If the first forwarder does not reply the device tries the second one The device keeps track of the respo...

Страница 34: ...internal network to allow the following DHCP DNS and NTP traffic To allow messages to pass from the DHCP clients in the DMZ the web mail and FTP servers to ns3 in the Server network configure policies...

Страница 35: ...to one hour at a slightly greater interval of time before you plan to switch DNS service to the device for example three days before the switch over By changing the lease length this far in advance yo...

Страница 36: ...blox hosts and as fixed addresses Three distinct views of IP address usage To monitor the usage of IP addresses on your network you can see the following different views High level overall network vie...

Страница 37: ...ttings and network DHCP range and host settings for the Infoblox DHCP server DHCP Leases Contains a real time record of DHCP leases DHCP Lease History Contains an historical record of DHCP leases DHCP...

Страница 38: ...ration on the device or HA pair you must do two additional steps 1 Save a backup file of the device or HA pair to your local management system 2 On the ID grid master add the device or HA pair as a ne...

Страница 39: ...ystem log From the ID Grid perspective click grid_master File System Log active_node 3 Click OK 4 Type the location of the backup file or navigate to the file and select it and then click OK After the...

Страница 40: ...ach dialog box infoblox com The Infoblox Web site contains a number of useful resources such as Infoblox Technical Support http www infoblox com support Access the knowledgebase software downloads rel...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды