Chat now with support
Chat with Support

Cloud Access Manager 8.1.2 - How To Deploy Cloud Access Manager in a Virtual Private Cloud

Dell™ One Identity Cloud Access Manager 8.1.2 - How to Deploy Cloud Access Manager in a Virtual Private Cloud

This guide describes how to deploy Dell™ One Identity Cloud Access Manager within a virtual private cloud that is connected to your on-premise network using a site-to-site virtual private network (VPN). This enables you to rent virtual machines, hosted by a third party, rather than purchase hardware to host on-premise. The example in this guide describes how to use the Windows Azure™ platform with a Dell SonicWALL VPN device. Virtual private clouds from other Cloud providers, such as Amazon, and other VPN devices supporting IPSec site-to-site can also be used.

For information on deploying Cloud Access Manager on-premise, please refer to the Dell™ One Identity Cloud Access Manager Installation Guide.

Figure 1 illustrates how to extend an on-premise network into a Windows Azure™ virtual private cloud to deploy Cloud Access Manager off-premise. A Dell SonicWALL VPN device connects the on-premise network to the cloud network to enable access to the cloud network, just like any other remote office and allows the virtual machines in the cloud network to behave as if they were on-premise. You can use the on-premise VPN device to restrict access to and from the cloud network if required.

Creating a virtual network

1
From the Windows Azure™ portal, click Create a virtual network to start the wizard.
2
On the DNS Servers and VPN Connectivity tab, enter the IP address of at least one Active Directory® Domain Name System (DNS) server residing on the on-premise network.
3
Select the Configure site-to-site VPN check box.
4
On the Site-to-Site Connectivity tab, enter the address space used by the on-premise network and the public IP address used by the SonicWALL VPN device.
5
On the Virtual Network Address Spaces tab, enter the address space to use for the virtual network. This must not clash with the on-premise network.
9
Return to the network dashboard and click CREATE GATEWAY, then select Static Routing.

Configuring the Dell SonicWALL device

4
Select a Policy Type of Site-to-Site.
5
Select an Authentication Method of IKE using Preshared Secret.
6
In the IPsec Primary Gateway Name or Address field, enter the GATEWAY IP ADDRESS displayed on the Virtual Network page of the Windows Azure Management Portal.
7
In the Shared Secret field, enter the VPN KEY obtained from the Windows Azure™ network dashboard.

8
On the Network tab, select the local and remote network security objects created in steps 1 and 2.
9
On the Proposals tab, select an Exchange type of Main Mode and an Encryption type of AES-256.
10
Finally, on the Advanced tab, in the VPN Policy bound to: field, select Zone WAN interface.

Establishing the IPSec VPN connection

Within the Windows Azure™ user interface, navigate to the network dashboard and click Connect to establish the virtual private network (VPN) connection.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating