...
Configuring Secure64 Support
Table of Contents |
---|
Note | ||
---|---|---|
| ||
ProVision uses port 22 to communicate with and configure Secure64 infrastructure - please ensure that this is addressed in any ACLs/firewalls ProVision also uses port 53 to do zone checks if the DNS Module is enabled and in use. Please ensure that your Secure64 infrastructure is configured to accept DNS lookups from the ProVision server |
...
The initial setup of the Secure64 Authoritative server is as follows:
Step 1: Create an nsd.conf file under the root directory / of your S64 Auth server
...
Note | ||
---|---|---|
| ||
Make sure to add the line include: 6connect_nsd.conf to the nsd.conf file |
...
Note |
---|
[authdnsadmin@Secure64DNS]# cat 6connect_nsd.conf AutoGenerated by 6connect ProVision. Do not manually edit. zone: name: atestzone.com zonefile: /test12/6connectGeneric/m/atestzone.com.zone zone: name: Testzone2.com zonefile: /test12/6connectGeneric/m/Testzone2.com.zone |
...
In the example above, two Zones have transferred.
To look at the contents of each zone you can cd to the proper directory /test12/6connectGeneric and find the zone files in an alphabetical directory structure as follows:
Info |
---|
[authdnsadmin@Secure64DNS]# cd 6connectGeneric [authdnsadmin@Secure64DNS]# cd test12 changed to test12 |
...
Step 7: Validate Zone data in Your Infrastructure
...
Info | ||
---|---|---|
| ||
When you setup ProVision to communicate via SSH to a Secure64 server, a ley/fingerprint is saved to the local hosts file. If you modify the IP address, but do not clear out the hosts file, then ProVision will think this is an attack and prevent communication with the Secure64 server. To rectify this issue, you may need to reset the host file so that a new SSH host key can be added for the IP address. To do this manually, please follow the following steps: 1) The admin needs to login to the ProVision server via SSH/CLI If you have any issues, please contact 6connect support per your Support Agreement/Plan. |
Additional Information
For additional information on working in DNS, see the following sections: