Configure the Gateway for Remote Access
If the Appliance Gateway node will be managed remotely by the - Enterprise Service Manager, select option 5 (Display Remote Management configuration) from the Gateway Main Menu.
If the Appliance Gateway node will be managed remotely by the
Layer7 API Gateway- Enterprise Service Manager, select option
5(Display Remote Management configuration) from the Gateway Main Menu.
(1) Software Gateways cannot be remotely managed. (2) Restart the Gateway for configuration changes to take effect, using option
Rfrom the Gateway main menu.
1) Listener IP Address
Select this option to enter the IP address of the Internal Management LAN. This is the "ssg_eth0" interface shown in the diagrams under Network Deployment Guide.
If the IP of ssg_eth0 is not readily available or if your deployment contains only a single network interface, enter "
*" (asterisk) or "
localhost" as the listener IP address.
2) Listener Port
Select this option to change the listening port from the default "8765".
Ensure that the IP address/port number combination is valid and is not used by another process.
The listen port is stored in the cluster property
node.processControllerExternalPort. You can update this listen port in the future by modifying the cluster property.
3) Remote Node Management Enabled
Select this option to enable or disable remote management for the node:
To enable remote management, enter
To disable remote management, enter
By default, remote management is disabled on all nodes.
4) New Trusted Certificate
4) Delete Trusted Certificate
Select this option to enable trust between the node and the Enterprise Service Manager that will be remotely controlling it.
Option 4 will read "
New Trusted Certificate" if trust has not yet been established. Once trust is established, it will read "
Delete Trusted Certificate".
To enter a new trusted certificate:
Do one of the following:
This downloads the certificate from the Enterprise Service Manager and stores it as a trusted certificate on the Gateway.
Tip:The ESM port number is defined using option
7(Display Enterprise Service Manager configuration menu).
This thumbprint method offers the flexibility of establishing trust without dealing with firewall issues associated with opening another port.
If you enter a thumbprint, you can only review the thumbprint; the other certificate details are not yet available.
2. Examine the certificate details and enter
yto accept it.
A node can be remotely managed by only one Enterprise Service Manager at (ESM) a time. To change the ESM that is managing a node, first delete the trusted certificate and then add a new trusted certificate.
To delete a trusted certificate:
Once the certificate is deleted, you can use option 4 again to enter the trusted certificate from another ESM.