No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionAccess V100R006C20 on FusionCloud V100R006C10 Software Installation Guide 11 (Microsoft AD)

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the VPC

Configuring the VPC

Scenarios

This section describes how to create a VPC on the ServiceCenter tenant portal, create a management subnet for the VPC, and service subnet.

FusionAccess can also be deployed in an existing VPC. If you deploy it in an existing VPC, do not re-create the VPC. You can create and configure subnets.

Procedure

Creating a VPC and management subnet

  1. Use a browser to log in to the ServiceCenter tenant portal as a resource administrator.

    Login address: https://address for accessing the console home page.

    Username and password: Use the actual value created in Dividing Cloud Resources.

  2. Select a region and a project from the drop-down box in the upper left corner of the page.
  3. Use a VDC administrator or VDC operator to the ServiceCenter tenant portal and choose Network > Virtual Private Cloud.
  4. On the Dashboard page, click Apply for VPC.
  5. Set the parameters according to Table 5-1. Retain the default values for the parameters that are not involved or set the parameters according to the actual requirements. Click Apply Now.

    Table 5-1 Parameter description

    Parameter

    Description

    Example Value

    VPC name

    Specifies the VPC name. The name consists of only letters, digits, underscores (_), and hyphens (-).

    vpc-VDI

    Network Name

    Select the configured VPC external network.

    NOTE:

    If you select the same external network for two or more VPCs, the subnet CIDR blocks of these VPCs cannot overlap.

    dummy_external_network

    Subnet Name

    Specifies the subnet name. The name consists of only letters, digits, underscores (_), and hyphens (-).

    subnet-Manager

    CIDR

    Specifies the CIDR block for the subnet. This value must be within the VPC CIDR range.

    172.16.0.0/20

    Gateway

    Specifies the gateway address of the subnet.

    172.16.0.1

Creating a service subnet

  1. On the Virtual Private Cloud page, click VPC name vpc-VDI.
  2. Click the Subnet tab, and then click Create Subnet.
  3. On the Create Subnet page, configure parameters based on Table 5-2 and retain the default values for the parameters that are not involved.

    Table 5-2 Parameter description

    Parameter

    Description

    Example Value

    Name

    Specifies the subnet name. The name consists of only letters, digits, underscores (_), and hyphens (-).

    subnet-Desktop

    CIDR

    Specifies the CIDR block for the subnet. This value must be within the VPC subnet CIDR block.

    192.168.0.0/24

    Gateway

    Specifies the gateway address of the subnet.

    192.168.0.1

  4. Click OK.

(Optional) Applying for NAT

If the desktop VM needs to access the Internet, perform the following steps:

NOTE:

The following steps apply to Region Type I and Region Type II is set to SNAT.

  1. On the NAT tab page, click Apply for NAT.
  2. On the Apply for NAT page, configure parameters based on Table 5-3 and retain the default values for the parameters that are not involved.

    Table 5-3 Parameter description

    Parameter

    Description

    Example Value

    External Network

    Specifies the external network.

    net-01

    Assignment Mode

    Specifies the EIP assignment mode.

    Automatically assigned

    Subnet

    Specifies the subnet for which the SNAT function takes effect. Set this parameter to the management subnet and service subnet.

    subnet-Manager

    subnet-Desktop

  3. Click OK.

Configuring a security group

  1. In the navigation pane on the left, click Security Group.
  2. Click Create Security Group.
  3. Set Name to sg-mgr and click OK to create a security group for the AD/DNS/DHCP ECSs.
  4. Locate the row that contains the target security group, click to expand the security group information, and click Add Rule.
  5. Add rules according to Table 5-4. For details about the rules, see Table 5-5. Then, click OK.

    Table 5-4 Parameter description

    Parameter

    Description

    Protocol

    Specifies the network protocol for which the security group rule takes effect. The value can be TCP, UDP, ICMP, or ANY.

    Direction

    Specifies the transfer direction of the traffic for which the security group rule takes effect. The value can be Inbound or Outbound.

    Inbound traffic flows to ECSs in a security group, and outbound traffic flows from ECSs in a security group.

    Port Range

    Specifies the port or port range for which the security group rule takes effect. The value ranges from 1 to 65535.

    Source

    Specifies the source for which the security group rule takes effect. This parameter is required when Transfer Direction is set to Inbound. The value can be an IP address or a security group.

    Example:
    • xxx.xxx.xxx.xxx/32 (IP address)
    • xxx.xxx.xxx.0/24 (subnet)
    • 0.0.0.0/0 (any IP address)
    • sg-47e7 (3d9e6c1c-9311-4b06-89bc-4c15bec1ed30) (security group)
    Table 5-5 Security group rules of sg-AD

    Transfer Direction

    Protocol

    Type

    Port Range

    Source

    Destination

    Inbound

    Any

    --

    --

    172.16.0.0/20 (management subnet segment)

    --

    Inbound

    Any

    --

    --

    192.168.0.0/24

    (service subnet segment)

    --

Translation
Download
Updated: 2019-07-01

Document ID: EDOC1100021785

Views: 47617

Downloads: 102

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next