|
1
|
You’ll add users to the Orchestrator server database. By default, the Orchestrator uses this local database for authentication. However, you can also to point to a RADIUS or TACACS+ server for that function.
|
Orchestrator Administration > Authentication
|
2
|
In the Navigation Pane, use contextual menus to create a group or groups to which you’ll assign each appliance. For example, you may choose to create a group for Engineering or Finance.
|
|
3
|
The Orchestrator adds appliances by discovery.
|
|
•
|
When you add an NX, VX, or VRX appliance to your network, you use Appliance Manager’s Monitoring > Orchestrator Reachability page to add the Orchestrator’s IP address.
|
Note 
To specify an appliance’s deployment, you need to configure it in the appliance itself, via Appliance Manager.
To specify an appliance’s deployment, you need to configure it in the appliance itself, via Appliance Manager. As soon as the Orchestrator establishes communication, all of the appliance’s existing configuration, alarm, and statistical data is available immediately.
|
4
|
Create and apply configuration templates. Create templates for non-unique variables and apply across one or more appliances. They include templates for SNMP, DNS, date and time, tunnel characteristics, SSL certificates, web-related parameters, user-defined applications, policies, logging, etc.
|
IMPORTANT: Templates will REPLACE all settings on the appliance with the template settings unless the template has a MERGE option and that option is selected.
|
•
|
You can create template rules with priority from 1000 – 9999, inclusive. When you apply the template to an appliance, the Orchestrator deletes all appliance entries in that range before applying its policies.
|
|
•
|
If you access an appliance directly (via the WebUI or the command line interface), you can create rules that have higher priority (1 – 999) than Orchestrator rules and rules that have lower priority (10000 – 65534).
|
|
5
|
Subnet sharing is a method for automatically routing a flow into the appropriate tunnel for optimization based on destination IP alone. The appliance builds a subnet table from entries added automatically by the system or manually by a user. When two appliances are connected by a tunnel, they exchange this information ("learn" it) and use it to route traffic to each other.
|
Locally connected networks are automatically added to the subnet table. You will need to add any additional local subnets manually.
|
6
|
If tunnels don’t already exist, then:
|
|
•
|
You can enable each appliance’s auto tunnel feature. This feature automatically creates tunnels between Silver Peak appliances that have network connectivity and active flows.
|
|
•
|
If you prefer to retain more control and configure the tunnels yourself, you can disable the auto tunnel feature in the appliance’s system configuration and create the configurations manually.
|
