Isolated Networks uses an intermediary Virtual Machine to route traffic between your production network and any VLAN networks you have configured on the Isolated Networks Gateway.
Using Isolated Networks with VMware
To begin using the Isolated Networks (henceforth referred to VPC), you will need to deploy the gateway. From the main menu click ‘Options’ and then select ‘VPC Settings’. From here you can either configure the VPC ISO using DHCP or a static address and select the Network for the VPC Gateway to connect to (this should have access to the Virtual Appliance).
Once the gateway has been deployed you can configure the VPC configuration for a recovery block in Orchestrate. When adding a recovery to the block you will find the VPC configuration option under the ‘Target Configuration’ tab.
Note: Some consideration should be taken regarding the configuration. If you have a DHCP server that offers addresses to any request you should configure a separate VLAN port group for the target (recovery) virtual machines to connect to and trunk the port group the VPC Gateway is connect to with this new port group. This will prevent the target (recovery) virtual machines from being assigned an address on the production network.
Step 1 will configure the virtual VLAN network interface. The IP Address you specify here will be used as the gateway for the VLAN Zone. The ‘Gateway’ can be specified as your next hop or left as ‘0.0.0.0’ to use the gateway routing tables.
Step 2 will configure the VLAN zone, including the DHCP range for the VLAN to allow for the target virtual machine to be statically assigned an IP address.
By default, port 22, 590 and 8080 are forwarded to the target environment, however you can configure any additional port requirements that should be allowed on the VLAN network. Forwarding rules are omni-directional and all outbound traffic from the target virtual machine is allowed through the gateway.
Once the configuration has been set you should set the network in the ‘Target Configuration’ to the VMware VLAN port group (if required) and set an IP address within the VPC Zone IP Range.