Configure High Availability for VMware SSO using vShield Edge – Part 1

This guide assumes that you have already gone through the SSO server install in high availability, you should currently have 2 SSO servers and a VIP address for load balancing.

  Deploy the vShield Manager template.

 image1

After the OVF file is deployed, power on the vShield Manager virtual machine and open the console.

Log in to the console with the user name admin and password default

At the manager prompt, type enable.

At the Password prompt, type the password default to enable setup mode.

When setup mode is enabled, the prompt string changes to manager#

At the manager# prompt, type setup to begin the setup procedure.

Enter the IP address, subnet mask, default gateway and DNS details.

To change the hostname of vShield Manager.

Type configure terminal

Type hostname xxxxxx

Type exit to exit configure terminal mode

Type copy running-config startup-config

Type reboot to restart vShield Manager

Register vShield Manager with vCenter:

Login to the vShield Manager GUI and Click Settings & Reports.

In the vCenter Server section click on Edit.

Register vShield Manager with vCenter.

2

From vShield Manager GUI.

Click Datacenters.

Select  Datacenter.

Click on the Network Virtualization tab.

Click on the green plus sign to add a vShield Edge.

add vse

Enter Name and Description

Click Next.

4

Configure the credentials for CLI access and enable ssh

Click Next.

6

On the Edge Appliances screen, leave all options at default.

edge appliance

Click on the green plus sign to add the Edge appliance.

Enter vShield Edge placement details

8

Click Add

Click again on the green plus sign to add the Failover Edge appliance.

edge appliance

Select Failover vShield Edge placement details.
Note: Datastore and Host have to be different from the previous ones

10

On the Interfaces screen, click the green plus sign to add the uplink interface.

Enter vnic0 as the name of the interface.

Select the Network to bind ‘connected to’ this will be your management network.

Click the green plus sign to add the IP configuration.

11

Click the plus sign again to add the IP address.

Enter IP address and click OK.

Enter subnet mask and click Save.

Leave everything else default in the parent window.

Click Add.

12

Again on the Interfaces screen, click the green plus sign to add the Internal interface.

Enter int0 as the name of the interface.

Select the Network to bind.

Click the green plus sign to add the IP configuration

int0

Click the plus sign again to add the IP address.

Enter IP address and click OK.
(For IP address use 192.168.2.1)

Enter subnet mask (255.255.255.128) and click Save.

Leave everything else default in the parent window.

Click Add.

Click Next when back on the Interfaces screen.

On the Default Gateway screen, configure the default gateway.

Check Configure Default Gateway.

Enter gateway IP address.

Click Next.

15

On the Firewall & HA screen, check the Configure Firewall default policy checkbox.

Set the Default Traffic Policy to Accept.

We are not going to use firewall capabilities in the loadbalancer.

Click Next.

On the Summary screen, click Finish.

Wait for the Edge deployment process to finish.

fw

That’s the vShield Edge device deployed, in Part 2 we will configure the SSO Virtual Servers

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s