The IP address and hostname for the Operations Center server are both initially detected during the installation of the Operations Center software. If you change the IP address or hostname for the machine on which the Operations Center server is installed, you also need to change the IP address or hostname in the Updating Server Settings Using the Configuration Manager.
Also, if you set any custom properties or have any scripts running that use the IP address or hostname, be sure to make the appropriate change in those files.
The following sections cover the following related topics:
Restrict access to Operations Center components by IP address, including the remote server’s access to the Operations Center server, as well as Operations Center console connections.
To restrict access to Operations Center components by IP Address:
Using a text editor, open the /OperationsCenter_install_path/config/Formula.custom.properties file.
For more information about creating or editing the Formula.custom.properties file, see Section 2.4, Making Custom Changes.
Add or edit the CORBA.Allow command to include the necessary IP addresses.
For example:
CORBA.Allow=206.55.26.20,206.55.26.21,206.55.26.23
Use commas (without extra spaces) to separate multiple IP addresses.
The IP addresses must be complete and cannot use wildcards.
Save the Formula.custom.properties file.
Restart the Operations Center server.
Continue with Section 4.1.2, Configuring NAT.
If you need to allow for Network Address Translation (NAT) devices in Operations Center, refer to the following topics for instructions:
A commonly deployed networking tool is NAT. Although these devices do not meet a strict standard, they are sometimes considered firewalls because they allow machines with nonroutable, private IP addresses to connect to other networks.
If a NAT device exists anywhere in the network topology between the server and any clients, you must make two configuration changes to the server.
Operations Center consoles and other Operations Center components issue a standard request to a target server when they want to communicate with it. This request travels over either the unsecured or secured Web port, and takes the form of a special URL. The originating Operations Center component parses the data returned by this request to determine which port number to use for further communication with the target. This same mechanism used to return port values also specifies the IP address of the server.
However, in the presence of a NAT device, the IP address published by the server is the IP address of the server from the private side of the NAT device, not the public side, and this IP address does not allow the client to successfully pass from the user’s desktop through the NAT device to reach the server.
If the server has multiple network interface cards, the “host” settings usually list each network card interface in a value in the Formula.properties file named CORBA.alternateNetworkInterfaces. The setting for these alternate interfaces conflicts with the hostname setting because server references must be published with names instead of addresses. However, it is possible to specify a mixture of hostnames and IP addresses for CORBA.alternateNetworkInterfaces that allows more flexibility in resolving the server’s location.
To configure for NAT devices:
Update the /OperationsCenter_install_path/config/Formula.custom.properties file for the following properties and values:
|
Property Name |
Set to |
Explanation |
|---|---|---|
|
ooc.iiop.numeric |
false |
If true, specifies a Nonsecure (Standard) HTTP server identifier as a numeric value. If false, uses a hostname instead of IP address. |
|
ooc.fssl.numeric |
false |
If true, specifies a Secure HTTPS server identifier as a numeric value. If false, uses a hostname instead of IP address. |
Although each of these properties is associated with a different server communication protocol, it is best to change both to False in order to be consistent.
For more information about using the Formula.custom.properties file to customize configuration options, see Section 2.4, Making Custom Changes.
Add the following two properties:
|
Property Name |
Set to |
Explanation |
|---|---|---|
|
ooc.iiop.host |
the server hostname |
Specifies a Nonsecure (Standard) HTTP name to be used by the server. |
|
ooc.fssl.host |
the server hostname |
Specifies a Secure HTTPS name to be used by the server. |
After the next successful startup, the server begins publishing the contact information using the hostname specified above, instead of an IP address.
Verify that the changes are in effect for every individual desktop where a Operations Center console resides.
The method of DNS resolution in effect successfully resolves the server’s hostname to the correct public address needed to pass from the user’s desktop through the NAT device to reach the server.