How do you setup the DMZ Relay which is a 178.xxx.xxx.xxx internal IP address to use a Public Facing IP Address 10.xxx.xxx.xxx . Using the Name overide fixlet lets you add DNS or leave blank for IP address . However when reviewing the change of the Relay name it is showing the internal IP address. So do I add the 10.xxx.xxx.xxx to the Host File or ?
You can set the Client setting in question (_BESClient_Relay_NameOverride) to the desired public facing IP. This can either be done by the ‘Edit Settings’ dialog, manually on the endpoint, or if using the ‘BES Relay Setting: Name Override’ Fixlet, leverage the 2nd action (set an override on the DNS name of the listed BES Relay), and specify the public facing IP address.
This will then publish the configured name/IP/value in the relays.dat file so that the Clients will know the external address for the given Relay.
1 Like
Aram,
Action 2 let you add DNS name which I believe you are saying add the 10.xxx.xxx.xxx in this field.
IP address is 10.xxx.xxx.xxx i assume the internet access is http://10.xxx.xxx.xxx:52311 .
Since this is not the internal address would you add the 10.xxx.xxx.xxx to the host table of that relay?
The Client Setting value should just be the 10.x.x.x IP (no protocol or port). Note that all this does is change what the Relay advertises as it’s ‘name’ to BigFix Clients, and so does not affect it’s own network configuration. Essentially, for Clients that are configured for automatic Relay selection, the value you configure for this setting is what they will attempt to find. You should not have to change anything in the Relay’s host table.
Thanks Aram for all your quick responses.