Skip to content

HySecure HA Configuration

Environment

  • Hysecure Gateway Active Node Deployment in Azure Cloud
  • Gateway Version: v5299

Pre-Requisites

In this Article we will be completing below steps.

Info

  • Enroll First Security Officer Account
  • Create New Cluster
  • Add Standby Nodes to New Cluster
  • Add Real Node to New Cluster

Install Desktop Client

Step 1: To Enroll First Security Officer Account, Download Desktop Client , Launch the Web Browser and go to https://IP_Address_of_Active_Node

img

Step 2: Open download folder and install VPNClientSetup.exe.

img

Step 3: Right click on VPNClientSetup & Select Run as administrator.

img

Step 4: Select UAC Prompt.

img

Step 5: Select Install.

img

Step 6: Select Reboot Now & click on Finish.

img

Enroll Passphrase using Desktop Client

Step 1: Launch Accops HySecure Client from Desktop.

img

Step 2: Enter HySecure Server Address , Select Checkbox * Login with a digital certificate then Click on Action Menu.

img

Step 3: Go to Action and select Enroll Client SSL Certificate from Dropdown Menu.

img

Step 4: Enter Passphrase, Set New Passowrd and Confirm New Password then click on Submit.

Example

PassPhrase: XXXXXXXXXXXXX

Password: xxxxxxxxxxxxxxxx

Confirm Password: xxxxxxxxxxxxxxxx

img

Step 5: Accept SSL Warning and select check box Donot show this warning dailog again.

img

Step 6: Enrollment of First Security Officer Account using Desktop Client is completed.

img

Create HA Active Cluster

Step 1: Open HySecure client, Enter Server Address, Select Certificate from Dropdown Menu, Enter Password and click on Login.

Example

Hysecure Server: 20.197.75.13

Select Checkbox Login with a digital certificate

Certificate: so_hysecure_gateway_standby

Password: XXXXXXXX

img

Step 2: Launch HySecure Management console.

img

Step 3: Go to High Availability and Set Install Type , Create a New Cluster, Select Node Type as Active Load Balacer(also HySecure gateway), Enter VIP(Internal Load Balancer IP Address), Subnet Mask, select Virtual Interface and then click on Submit.

img

Step 4: Confirm added details and click on OK.

img

Step 5: Gateway Successfully Converted to HA Primary Node.

img

Step 6: Change Gateway state to Run State from Configuration state.

img

Step 7: Close Browser and Log Out from HySecure client and relogin again for further configuration.

img

Step 8: Update HA Configuration as below and click on SAVE and then select RELOAD SERVICE.

Example

Virtual IP Address: 10.100.101.9

Virtual IP Network Mask Address: 255.255.255.224

Primary Load Balacer Server IP Address: 10.100.101.4

Backup Load Balacer Server IP Address :10.100.101.6

Load Balanced Port Number:80,443

img

Step 9: Click on Add HySecure Servers.

img

Step 10: Add VPN SERVER Details and click on SAVE.

img

Step 11: Add Standby and Real Node in HySecure Server Lists.

Important

Before adding Standby Node and Real Node to Active Cluster Hysecure Servers should be listed in HA Configurations as below.

img

Step 12: Verify High Availability Module Status as below.

img

Add Standby Node to Cluster

Step 1: Follow steps for Enrolling Standby Node Passphrase.

Step 2: Open HySecure client, Enter Server Address, Select Certificate from Dropdown Menu, Enter Password and click on Login.

Example

Hysecure Server: 20.205.229.191

Select Checkbox Login with a digital certificate

Certificate: so_hysecure_gateway_standby

Password: XXXXXXXX

img

Step 3: Go to High Availability and Set Install Type, Join node to Cluster, Select role of node as Backup Load Balacer(also HySecure Gateway), Enter VIP(Internal Load Balancer IP Address) & Subnet Mask then click on Submit.

img

Step 4: Please wait for synchronising configuration files.

img

Step 5: Standby Node successfully added into cluster.

img

Add Real Node to Cluster

Step 1: Follow steps for Enrolling Real Node Passphrase.

Step 2: Open HySecure client, Enter Server Address, Select Certificate from Dropdown Menu, Enter Password and click on Login.

Example

Hysecure Server: 20.205.230.145

Select Checkbox Login with a digital certificate

Certificate: so_hysecure_gateway_standby

Password: XXXXXXXX

img

Step 3: Go to High Availability and Set Install Type, Join node to Cluster, Select role of node as HySecure Gateway, Enter VIP(Internal Load Balancer IP Address) & Subnet Mask then click on Submit.

img

Step 4: Real Node successfully added into cluster.

Verify Cluster Status

img

Add Standby Node to Private Load Balancer

Here we will be adding Standby Node in Internal Load Balancer for HA Failover.

Step 1: Go to Load Balancer and Select Accops-Gateway-Internal-Load-Balancer

img

Step 2: Select Backend-Accops-Gateway-Active-Passive-Node

img

Step 3: Click on Add and select Virtual Machine.

Important

You can only attach virtual machines in southeastasia that have a standard SKU public IP configuration or no public IP configuration. All IP configurations must be on the same virtual network.

img

Step 4: Select hysecure-gateway-standby-node to Add virtual machines to backend pool.

img

Step 5: Verify Accops-Gateway-Active-Passive-Node and click on Save.

img

Step 5: Review Backend Pools.

img

Step 6: Update Accops-Gateway-Internal-Load-Balancer Load Balancing rule Health Probe from Health-Probe-TCP-443 to Health-Probe-Statuscheck

Note

Health Probe need to be updated in Load Balancing Rule once Active Passive HA failover is ready. img

Important

Before Changing Health Probes in Load Balancing Rules

img

After Changing Health Probes in Load Balancing Rules img

img

Step 7: Verify Internal HA failover using Internal Load Balancer IP for Active and Standby Failover.

Add Web Nodes to Public Load Balancer

Note

HySecure Active, Standby and Real Node can be a part of Web Nodes to handle end user loads.

Once Active cluster* is ready then add all nodes to Public Load Balancer to Accept End User Web Nodes.

Step 1: Go to Load Balancer and Select Accops-Gateway-Public-Load-Balancer

img

Step 2: Select Backend-Accops-Gateway-Web-Node

img

Step 3: Select Virtual Network Accops-Virtual-Network and click on Add

img

Step 4: Select Virtual Machine from as below then click on Add.

img

Step 5: Click on Save.

img

Step 6: Review Web Nodes.

img

Step 7: Open Web Browser and access using Public Load Balancer IP.

img

Whats' Next

Help/Support

Please send a mail to support@accops.com for further Help/Support.

Back to top