Configuring a One-Way Network Topology for Amazon RDS Database Protection

Configure a one-way network topology so that the CommServe computer and the MediaAgent can communicate with the network gateway.

Client Groups

This topology uses the following client groups:

• A group that contains the CommServe computer and the MediaAgent

• A group that contains the network gateway server

Before You Begin

• Create a client group that contains the CommServe computer and the MediaAgent.

• Create a client group that contains the network gateway server.

For more information, see Creating a Client Computer Group.

Procedure

1. Create a one-way network topology for the client groups with the following parameters:

   • Topology Type: One-Way

   • Servers: The client group that contains the CommServe computer and the MediaAgent.

   • DMZ Client Group: The client group that contains the network gateway server.

   For more information, see Setting up a One-Way Direct Connection (Server to Client) Using a Predefined Network Topology.

   Note

   The only package that you need to install on the network gateway server is the File System core package.

2. Configure the network gateway server client group to use port 443:

   1. From the Command Center navigation pane, go to Manage > Network.

      The Network page appears.

   2. Click Network Topologies.

      The Network topologies page appears.

   3. On the upper-right area of the page, click Add topology.

      The General page of the Add topology configuration wizard appears.

   4. In the Topology name box, enter a name for topology.

   5. For Client type, select Servers.

   6. From the Topology Type list, select Network gateway.

   7. Click NEXT.

      The Network page of the configuration wizard appears.

      Note

      See Using a Smart Network Topology When Setting Up Network Connections.

   8. In the Servers list, select a server group that will initiate connections to the network gateway group.

   9. Move the Advanced toggle key to right and edit the following options:

      • Tunnel port: Set this to 443.

      • Keep-alive interval. The interval (in seconds) for sending keep-alive packets, to maintain the session if backup traffic has an extended pause. Set this to 180 (default), or enter another interval. To avoid idle session timeouts on cloud-based clients, set the interval to 200 seconds or less.

   10. In the Network gateways list, select the server group that you want to designate as the network gateway group.

   11. Optional: Click the advanced toggle next to the Network gateways list to edit the Tunnel port and Keep-alive interval settings as described above.

   12. In the Infrastructure machines list, select another server group that will initiate connections to the network gateway group.

   13. Optional: Click the advanced toggle next to the Infrastructure machines list to edit the Tunnel port and Keep-alive interval options, as described above.

   14. Click NEXT.

       The Advanced page of the configuration wizard appears.

   15. Optional: Edit the following advanced options:

       • Move the Encrypt traffic toggle key to the right to encrypt network traffic (HTTPS).

       • Select Encrypted, Authenticated, Regular, or Raw from the tunnel protocol list.

       • Select the Parallel data transfer streams for long distance networks (default value is 1, and maximum value is 8).

   16. Click SUBMIT.