With the Quest One Total Privileged Access Management (TPAM) High Availability (HA) appliances, what options exist to direct users to the Replica appliance when access to the Primary is no longer successful due to environmental issues?
Connection to the datacenter where the Primary appliance is located has failed or is no longer available. The Replica appliance in datacenter 2 has failed over and is now running in "Primary" mode. How can users access the Replica if the Replica is running on a different IP Address?
Create a DNS Entry for the TPAM appliance. For Example:
- Primary IP is 22.214.171.124
- Replica IP is 126.96.36.199
- DNS entry ‘TPAM.domain.com’ is created and points to 188.8.131.52
- Users connect to TPAM with the URL https://tpam.domain.com/par (https://tpam.domain.com/par)
- When Primary is no longer available and has failed over to the replica, the DNS entry can be manually re-configured to 184.108.40.206
Utilize the PAR Appliance System Status page. The TPAM appliance Status page (https://tpamappliance/status) was created as a means of verifying the current status of the appliance at a glance.
The status page can be parsed by some 3rd party load balancing solutions to direct the user's requests appropriately based on the current running mode of the appliance. Should the Primary appliance become unresponsive, the 3rd party software can redirect users to the Replica appliance.
Please review the Configuration & Administration Manual listed under PAR Appliance Status for more information.