|
Home > |
|---|
If you have been connecting via serial terminal, and the direct administration connection, to configure the HSM Server, you can now make an ethernet connection to your network.
1.Connect the ethernet cable to the upper ethernet port on the HSM appliance back panel and use ssh to open a session on the HSM appliance.
2.Login as admin.
3.Verify correctness
of your network setup by pinging another server (with the lunash
net ping <servername> command) and having the other server
ping this HSM appliance.
Try pinging by IP address, if pinging by hostname is not successful.
If your company uses nameservers, but you are unable to ping by hostname,
then verify the “Name Servers” displayed by net
show.
Note: Some networks might be configured to reject ICMP ping requests, to prevent certain types of network attacks. In such a case, the ping command will fail, even if the HSM appliance is correctly configured. Consult with your network administrator.
4.Verify your Client’s network configuration by attempting to ping the HSM appliance by hostname and by IP address, from the Client. Repeat for each Client where the Client Software was installed.
[OPTIONAL]
Once you know your network setup is correct, you can invoke network time
protocol. To use NTP, you must add one or more servers to the HSM appliance's
NTP server list, and then activate (enable) the servers. Use the sysconf
ntp command as follows:
Add servers
lunash:> sysconf ntp addserver <hostname-OR-ipaddress>
Activate servers
lunash:> sysconf ntp enable
If you then check your NTP status with sysconf ntp status, you might see immediate success (return code 0), or you might get an error message like this...
[myLuna] lunash:>sysconf ntp status
NTP is running
NTP is enabled
Peers:
==============================================================================
remote refid st t when poll reach delay offset jitter
==============================================================================
*LOCAL(0) .LOCL. 10 l 8 64 1 0.000 0.000 0.000
time-c.timefreq .ACTS. 1 u 7 64 1 78.306 -55560. 0.000
==============================================================================
Associations:
==============================================================================
ind assid status conf reach auth condition last_event cnt
===========================================================
1 21859 963a yes yes none sys.peer sys_peer 3
2 21860 9024 yes yes none reject reachable 2
==============================================================================
NTP Time:
==============================================================================
ntp_gettime() returns code 0 (OK)
time d1504c28.95777000 Wed, Apr 14 2014 12:22:00.583, (.583854),
maximum error 7951596 us, estimated error 0 us
ntp_adjtime() returns code 0 (OK)
modes 0x0 (),
offset 0.000 us, frequency 0.000 ppm, interval 1 s,
maximum error 7951596 us, estimated error 0 us,
status 0x1 (PLL),
time constant 2, precision 1.000 us, tolerance 512 ppm,
==============================================================================
Command Result : 0 (Success)
[myLuna] lunash:>[
Note: The return code "5 (ERROR)" indicates a gap between your system time and the NTP server's time. You can expect one of two outcomes:
- if the initial time-gap between your appliance and the server is greater than twenty minutes, the appliance gives up and never synchronizes with that server
- if the initial time-gap is less than twenty minutes, the appliance synchronizes with the server, slowly, over several minutes; this ensures that there is no sudden jump in system time which would be unwelcome in your system logging.
When your connection is working , go to Generate a New HSM Server Certificate".