> Documentation > CommCell Management > Network > Network Routes > Configuring Network Routes After Installation > Network Gateway in a Perimeter Network

Setting Up Network Gateway Connections Using a Predefined Network Topology

The Commvault software simplifies the network configuration by providing predefined network topology types that you can use when setting up connectivity between client groups. The client groups use a network topology instance to establish connections between themselves.

If you are setting up group-to-group network connectivity through a network gateway, consider using the network topology for network gateway connections. During the configuration of the network topology instance, you will need to designate three client groups to be used for internal clients, external clients, and network gateway clients.

Note

  • The topology for network gateway connections lets you configure multiple client computers to provide a single logical network gateway function. When internal and external clients have established a connection to the logical network gateway, the communication becomes bi-directional.

  • See Using a Smart Network Topology When Setting Up Network Connections.

Before You Begin

  • Create the following three client groups to be used in the network gateway topology, as follows:

    • An infrastructure group, which will contain CommServe and internal MediaAgents.

    • A client group, which will contain all clients.

    • A network gateway client group, which will act as a network gateway client.

  • You must have administrative management permissions on the client groups that you plan to use in the network topology instance.

Procedure

  1. From the CommCell Browser, right-click Network Topologies > New Topology.

    The Network Topology dialog box is displayed.

  2. In the Topology Name box, enter a name for this instance of a network gateway arrangement.

  3. Optional: In the Description box, enter a description for this topology.

  4. In the Client Type list, choose the type of client that you will include in the topology, as follows:

    • Servers: Click if your clients are servers.

    • Laptops: Click if your clients are laptops that need to connect to servers.

  5. For Topology Type, click Via Network Gateway.

  6. If Client Type is set to Servers, do the following:

    Note

    See Using a Smart Network Topology When Setting Up Network Connections.

    1. In the Trusted Client Group 1 (Clients) list, select a client group that will initiate connections to the network gateway group.

    2. In the Trusted Client Group 2 (Infrastructure) list, select another client group that will initiate connections to the network gateway group.

    3. In the Network Gateway Group list, select the client group that you want to designate as the network gateway group.

  7. If Client Type is set to Laptops, do the following:

    Note

    See Using a Smart Network Topology When Setting Up Network Connections.

    1. In the Infrastructure Client Group list, select a client group that will initiate connections to the network gateway group.

    2. In the Laptop Client Group list, select a laptop group that will initiate connections to the network gateway group.

    3. In the Network Gateway/DMZ Group list, select the client group that you want to designate as the network gateway group.

  8. Review the Make clients from Trusted Client Group 1 use network gateways for all traffic (Servers) or the Make clients from Laptop Client Group to use network gateways for all traffic (Laptops) check box:

    Important

    If you use third-party port mappings (TPPM) or Commvault VPN services, you must clear the Make clients from Trusted Client Group 1 use network gateways for all traffic check box.

    • To allow external clients to communicate directly with other hosts, clear the check box or define network routes to the other hosts.

      By default, all traffic originating from clients in the Trusted Client Group 1 (Servers) or the Infrastructure Group (Laptops) list will use network routes when communicating with any other host.

    • If the check box is selected, review the following considerations:

      • The CommServe host and all MediaAgent hosts (that communicate with members of the Trusted Client Group 1) must be in the selected Trusted Client Group 2. Otherwise, you must define network routes to the other hosts.

      • If a client communicates with MediaAgents (or a CommServe) that are not part of the Trusted Client Group 2 or that have not been configured with other network routes, communications with the MediaAgent (or CommServe) will fail.

      • If you make changes to the Trusted Client Group 1, you do not need to push the network configuration.

  9. Click OK.

What to Do Next

  1. Set up the Commvault network gateway. For more information, see Setting up the Commvault network gateway.

  2. If your clients do not have the Commvault software installed, install the Commvault software on the clients that will be part of the network topology.

    During the client installation, configure the client to connect to the CommServe computer through a network gateway. For network settings instructions during the installation, see Setting Up Connectivity to the CommServe Computer Using a Network Gateway.

    Note

    Make sure to assign the client to the Trusted Client Group 1 that you defined in the topology.

  3. From the CommCell Browser, right-click the network topology that you configured, click Push Network Configuration, and then click OK.

You can configure additional advanced network settings, such as the Default Outgoing Tunnel Protocol option or the Number of Tunnels per Route, at the client computer group level. For information about the available settings, see Incoming Ports and Options. For information about accessing the client computer group network settings, see Configuring Network Settings.

Loading...