Saturday, January 8, 2011

SCVMM, How to Add a Perimeter Based Hyper V Host

Occasionally you might find the need to add a perimeter / DMZ based Hyper-V host to your SCVMM management scope and as this host is based on a different network to your SCVMM server, there are some different steps that you need to take to deploy the SCVMM agent to it.

If you want to deploy an agent to a server that is based in a perimeter network, then you will need to insert the SCVMM media into the perimeter based host and use the ‘Local Agent’ option from the SCVMM installation splash screen.
Once you select the ‘Local Agent’ option, you will then need to move through the wizard until you reach the ‘This Host is on a perimeter network’ option and this will then need to be selected.
You will then need to supply an Encryption Key password for a newly generated Security File that SCVMM will put into the default specified location that you can see in the ‘Export Security File to’ path.
This file then needs to be copied from the host on the perimeter network to the SCVMM Console Server in your primary network. Once it is copied to the SCVMM Console Server, you need to select ‘Add Host’ from the SCVMM Console and then specify the ‘Windows Server-based host on a perimeter network’ option. When you click ‘Next’ here, you will be presented with a menu that you will need to input in the following information for the perimeter based host:
  • Computer Name or IP Address (the computer name of your perimeter host)

  • Encryption Key (the password you specified earlier)

  • Security File Path (the path to the copied Security File from the perimeter host)

Once your firewall has the relevant ports enabled (the default SCVMM ports are 8100, 80 and 443) to communicate between the networks, then both SCVMM and the remote perimeter based host can talk!

1 comment: