Configure your new Guardium®
deployment to use IPv6 addresses exclusively.
Before you begin
Warning: If you set the IP mode to IPv6, Guardium cannot
communicate with systems running on other network protocols and any previous network settings are
wiped out.
Ensure that you meet these prerequisites:
- Your central manager and managed units are running on V11.1 or later.
- Your network is configured to use Guardium over
IPv6.
- All devices in your environment use IPv6 addresses. For example, the Guardium
system and all Guardium
agents, such as S-TAPs, are assigned IPv6 addresses.
- The Domain Name System (DNS) of your network is configured for IPv6.
Procedure
- On the central manager, set the IP mode to IPv6 by running the CLI
command store system ipmode ipv6.
Important: Do not restart the network until you complete step
2.
- Set up IPv6 by running the following CLI commands.
- store system hostname <hostname>
Where
<hostname> can be resolved by the DNS for IPv6 addresses.
- store system domain <domain name>
Where
<domain> is the domain name of your network.
- store network interface ip <IP address>
Where
<IP address> is the primary IPv6 address of your Guardium system in
Classless Inter-Domain Routing (CIDR) notation. For example, store network interface ip
2002:0920:c000:3145:0000:0000:0000:0013/96
.
- store network routes defaultroute <IP address>
Where
<IP address> is the IPv6 address of the default router.
- store network resolvers <IP address>
Where
IP address is one or more IPv6 addresses for your DNS
servers.
- Restart the network configuration by running the CLI command restart
network.
- Verify that you can ping your Guardium system's IPv6 address.
- Repeat steps 1 - 4 on each managed unit.
- Register managed units to the central manager using the CLI command register
management <central manager IP> <port> from each managed unit.
Where
<central manager IP> is the IPv6 address of the central manager and
<port> is the port number. For example,
register management
2620:1f7:807:a000:920:8400:0:182 8443
. Repeat this step for each managed unit.
Important: To avoid connectivity issues during registration, use the IP address and not the
hostname. To unregister a managed unit from a central manager, use the same IP mode and IP address
that was used during registration.
- After the central manager and managed units are configured, the environment is ready to
register databases, devices, and other agents to the Guardium
system using IPv6 addresses.