VMware VSHIELD APP 1.0 - API Manual do Utilizador Página 53
- Página / 132
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
VMware, Inc. 53
Chapter 5 vShield Edge Management
</vshieldEdgeConfig>
Configure VPN
vShieldEdgeagentssupportsite‐to‐siteIPsecVPNbetweenanEdgeapplianceandremotesites.Onbothends,
staticone‐to‐oneNATisrequiredfortheVPNaddress.vShieldEdgeagentssupportpre‐sharedkeymode,
x/5‐0Certificatemode,IPunicasttraffic,andnodynamicroutingprotocolbetween
theEdgeandremoteVPN
routers.BehindeachremoteVPNrouter,youcanconfiguremultiplesubnetstoconnecttheinternalnetwork
behindavShieldEdgethroughIPSectunnels.SubnetsandtheinternalnetworkbehindvShieldEdgemust
havenon‐overlappingaddressranges.
YoucandeployavShieldEdgeagentbehinda
NATdevice,whichtranslatestheEdgeagent’sVPNaddress
intoapublicaccessibleaddressfacingtheInternet;remoteVPNroutersusethispublicaddresstoaccessthe
vShieldEdge.RemoteVPNrouterscanbelocatedbehindaNATdeviceaswell.Youmustprovideboththe
VPNnativeaddressand
theNATpublicaddresstosetupthetunnel.
AllVPNsettingsconfiguredbyusingRESTrequestsappearun der thevShieldEdge>VPNta b forthe
appropriatevShieldEdgeinthevShieldManageruserinterfaceand inthevSphereClientplug‐in.
FortheVPNschema,see“vShieldEdgeSchemas”on
page 116.SampleXMLrequestbody:
Example 5-27. Configure a VPN
POST https://<vsm-ip>/api/2.0/networks/<internal-portgroup-vc-moref-id>/edge
<vshieldEdgeConfig xmlns="vmware.vshield.edge.2.0">
<ipsecSiteToSiteConfig>
<globalConfig>
<id>10.112.2.50</id>
<ipAddress>10.112.2.50</ipAddress>
<enableLog>false</enableLog>
</globalConfig>
<siteConfig>
<peerName>site1</peerName>
<peerId>site1</peerId>
<peerIpAddress>10.112.2.145</peerIpAddress>
<localSubnet>192.168.10.0/24</localSubnet>
<peerSubnet>192.168.20.0/24</peerSubnet>
<authenticationMode>psk</authenticationMode>
<preSharedKey>test</preSharedKey>
<encryptionAlgorithm>3des</encryptionAlgorithm>
<enablePfs>true</enablePfs>
<dhGroup>dh2</dhGroup>
</siteConfig>
</ipsecSiteToSiteConfig>
</vshieldEdgeConfig>
Forthedatapathtowork,youneedtochangethedefaultfirewallpolicytoallow,orpunchFirewallrulesto
allowdatatrafficonVPNandinternalinterfaces.Rules:
The<id>isauniqueIDusedbyallpeerstoidentifythisvShieldEdgeVPNgateway.Intheexample,itis
thesameas<ipAddress>.
SimilartothepreSharedKeyinsiteConfig,theoptionalpreSharedKeyForDynamicIpSitesin
globalConfigisapre‐sharedkeyforusebyallpeerswhenconnectingwithanunknownIPaddress.
The<peerName>adescriptivenameofthepeer.
The<peerId>isanIDtouniquelyidentifythepeer,usedtodefinepoliciesforthepeerandforpeer
authentication.Forpeersusingcertificateauthentication,thisIDmustbethecommonnameinthepeer’s
certificate.ForPSKpeers,thisIDcanbeanystring,butideallythepublicIP
addressoftheVPNorthe
FQDNfortheVPNservice.
- EN-000840-00 1
- 2 VMware, Inc 2
- Contents 3
- 5 vShieldEdgeManagement 43 4
- 6 vShieldAppManagement 59 5
- 6 VMware, Inc 6
- Appendix 105 7
- 8 VMware, Inc 8
- About This Book 9
- Support Offerings 10
- VMware Professional Services 10
- Overview of VMware vShield 11
- 12 VMware, Inc 12
- Endpointin5.0.1 13
- Multitenancy 14
- How REST Works 15
- Using the vShield REST API 15
- About the REST API 16
- RESTful Workflow Patterns 16
- VMware, Inc. 17 17
- 18 VMware, Inc 18
- VMware, Inc. 19 19
- Querying vShield Manager Logs 20
- User Management 21
- Update a Local User Account 22
- Remove a User Account 23
- Role Management 24
- Get List of Possible Roles 25
- Get List of Scoping Objects 25
- Create an IPset on a Scope 25
- Get Details of an IPset 26
- Modify an Existing IPset 26
- Delete an IPset 26
- Create a MACset on a Scope 27
- Get Details of a MACset 27
- Modify an Existing MACset 27
- Delete a MACset 28
- Get Members for a Scope 29
- Get Security Group Details 29
- Modify a Security Group 30
- Delete a Security Group 30
- Add Member to Security Group 30
- List Applications on a Scope 31
- Add Application to a Scope 31
- Get Details of an Application 32
- Modify Application Details 32
- Delete Application from Scope 32
- 34 VMware, Inc 34
- Data Security 35
- 36 VMware, Inc 36
- VMware, Inc. 37 37
- 38 VMware, Inc 38
- Installing a vShield Edge 39
- 40 VMware, Inc 40
- VMware, Inc. 41 41
- Uninstalling a vShield Edge 42
- Configuring vShield Edge 43
- Switch to New API Version 44
- Configuring Edge Services 45
- Configure Firewall 46
- Change Firewall Rule to Allow 47
- Revert Firewall to Default 48
- Configure Static Routing 49
- Configure NAT 49
- Delete NAT Configuration 50
- Configure Load Balancer 51
- Miscellaneous 52
- Configure VPN 53
- Manage VPN Service 54
- Delete the VPN Configuration 54
- VMware, Inc. 55 55
- Operating vShield Edge 56
- Debugging and Support 57
- Get Service Statistics 58
- Retrieve Datacenter State 59
- Modify Datacenter State 60
- Query Firewall Configuration 60
- VMware, Inc. 61 61
- ResponseBody: 62
- 64 VMware, Inc 64
- VMware, Inc. 69 69
- Change Firewall Configuration 70
- Working with SpoofGuard 71
- Working with Namespaces 72
- Get Namespace Details 73
- Delete a Namespace 73
- Get Flow Statistics 74
- Get Flow Meta-Data 75
- Example: 76
- VMware, Inc. 77 77
- Synchronizing vShield App 78
- Upgrading vShield App 79
- 80 VMware, Inc 80
- VMware, Inc. 81 81
- Register a Vendor 82
- Register a Solution 82
- Activate a Solution 83
- Get Vendor Registration 83
- Get Solution Registration 83
- Get IP Address of a Solution 84
- Activation Information 85
- Status Codes and Error Schema 86
- VMware, Inc. 87 87
- 88 VMware, Inc 88
- VMware, Inc. 89 89
- Query Regulations 90
- Enable a Regulation 90
- Query Classification Value 91
- 92 VMware, Inc 92
- VMware, Inc. 93 93
- Configure File Filters 94
- Query Saved Policy 95
- Data Security Scanning 96
- Querying Scan Results 97
- 98 VMware, Inc 98
- VMware, Inc. 99 99
- Request: 100
- Response: 100
- Querying Violation Details 101
- Get List of Violating Files 102
- VMware, Inc. 103 103
- Appendix 105
- 106 VMware, Inc 106
- VMware, Inc. 107 107
- 108 VMware, Inc 108
- VMware, Inc. 109 109
- 110 VMware, Inc 110
- VMware, Inc. 111 111
- 112 VMware, Inc 112
- VMware, Inc. 113 113
- 114 VMware, Inc 114
- VMware, Inc. 115 115
- 116 VMware, Inc 116
- VMware, Inc. 117 117
- 118 VMware, Inc 118
- VMware, Inc. 119 119
- 120 VMware, Inc 120
- VMware, Inc. 121 121
- 122 VMware, Inc 122
- VMware, Inc. 123 123
- 124 VMware, Inc 124
- VMware, Inc. 125 125
- 126 VMware, Inc 126
- VMware, Inc. 127 127
- Error Message Schema 128
- VMware, Inc. 129 129
- 130 VMware, Inc 130
Manuais e produtos relacionados com Software de gestão do sistema VMware VSHIELD APP 1.0 - API
Software de gestão do sistema VMware VIEW COMPOSER 2.5 - ARCHITECTURE PLANNING EN-000350-01 Especificações
(72 páginas)
(72 páginas)
Software de gestão do sistema VMware VIEW COMPOSER 2.5 - ARCHITECTURE Manual do Utilizador
(63 páginas)
(63 páginas)
Software de gestão do sistema VMware ESX 4.0 - GETTING STARTED UPDATE 1 Guia de Instalação
(370 páginas)
(370 páginas)
Software de gestão do sistema VMware VCENTER CONFIGURATION MANAGER FOUNDATION CHECKER 3.0 Guia de Instalação
(229 páginas)
(229 páginas)
Software de gestão do sistema VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Manual do Utilizador
(162 páginas)
(162 páginas)
Software de gestão do sistema VMware THINAPP 4.6 - MIGRATING APPLICATIONS TECHNICAL NOTE Especificações
(72 páginas)
(72 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.040 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais