Publication Date: 2018-04-30 | Views: 918 | Downloads: 0 | Author: l00509359 | Document ID: EKB1001542625
[Issue Description]:Customers want to access eSight services through domain names, but do not know how to configure them.
(1) centralized deployment of eSight
(2) isolation of internal and external networks
(3) the external network visits eSight through the domain name, and the internal network accesses eSight through the IP address. DNS servers are usually deployed outside the network, and intranet is not effective.
[operating system & database]:operating system: Windows/Linux, database: MySQL/SQL Server/Oracle
[prerequisites]:the client has configured DNS services to map the domain name and IP address.
Step one: modify the hosts file and set the mapping relationship between domain name and IP. This is just mapping the domain name to IP on the esight server locally.---Windows environment: modify C:\Windows\System32\drivers\etc\ hosts, increase the corresponding relationship between IP and domain name.
Note: not restarting the network management after modification
---Linux environment: the Linux environment modifies the /etc/hosts file, increasing the corresponding relationship between IP and domain name.
Add the following in the hosts file:
Step two: modify the sso.xml file. The file path is "network management installation directory > / product path name >/etc/oms.sso".
Modify the content of client-trusted-ip, increase the IP address inside and outside the eSight, and ensure that the IP both inside and outside the network is trusted.
Step three: modify the esightsso.ssoclient.ext.xml file. The file path is "network management installation directory > / product path name >/etc/oms.sso/ext".
Note: as the V3R8 version restarts eSight, the configuration file ssoclient.xml will be overwritten, so this configuration file is required for esightsso.ssoclient.ext.xml.
1)open the esightsso.ssoclient.ext.xml file. The default configuration is as follows:
2)increase 3 server, including 1 extranet IP (10.19.100.111), 1 intranet IP (x.x.50.43), 1 domain name x.x.in, as shown in the following figure
(1) if multiple server is configured, entryAddressMapping must be configured.
(2) if the internal and external network is isolated, it is necessary to modify the IP address of the URL address in the private of the external network server configuration to the IP address of the intranet.
With the above configuration completed, the eSight service can be restarted to access eSight through the domain name.