Cisco Detector与Guard交互配置
1、在Guard 和Detector 上开启通讯服务service wbm
service internode-comm
permit wbm *
permit ssh *
permit internode-comm *
2、在Detector上配置Guard 远程地址和生成key并将公钥发布到Guard上,配置与Linux下SSH远程对方不需要密码一样。
remote-guard ssh 10.10.10.146
admin@DETECTOR-conf#key generate //自动生成Key
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Keys were successfuly generated. Please use "key publish" to update remote-guards
admin@DETECTOR-conf#key publish
* :remote Guards to activate
<remote-guard-address>:IP address in dotted-decimal notation (A.B.C.D)
admin@DETECTOR-conf#key publish * //发布Key
The authenticity of host '10.10.10.146 (10.10.10.146)' can't be established.
RSA key fingerprint is b1:82:1a:da:18:5a:4f:3b:d3:bd:e2:bf:12:b1:31:69.
Are you sure you want to continue connecting (yes/no)? yes
riverhead@10.10.10.146's password:
Welcome to the blueway AGM
Unauthorized access is prohibited.
Contact yuanboling@hotmail.com for access.
Welcome to the blueway AGM
Unauthorized access is prohibited.
Contact yuanboling@hotmail.com for access.
Welcome to the blueway AGM
Unauthorized access is prohibited.
Contact yuanboling@hotmail.com for access.
admin@DETECTOR-conf#
3、测试验证
admin@DETECTOR#sync zone www.888jk.net local remote-guards
admin@DETECTOR#
或者使用web管理同意一下学习政策
页:
[1]