1. First setup you Primary NoTouch Center instance, this will be the instance in your data center 2. Second setup your Cloud Xtension Instance this will be the external public facing instance
Make sure that "Primary NTC can contact "Cloud Xtension” via SSH port 22. (no traffic is going from external to internal.) There will be a secure tunnel established from NTC to Cloud Xtension
Now open the Settings page in NTC. Scroll down to "Cloud Xtension" \ SSh Public Key. Copy the key. Fill in the Gateway Address of your Cloud Xtension.
Go to Cloud Extension Virtual Appliance console. Click "Cloud Xtension. Switch it on. Paste the copied SSH Public key from NoTouch Center in the field there.
Reboot NTC and Cloud Xtension Virtual Appliances
Your External NoTouch OS devices should be configured with the URL of your newly configured cloud gateway as management URL.
Note: Cloud Xtension will not provide a Managment interface as this is for managing data flow for your NoTouch Endpoints. Management will be through your internal NoTouch Center management URL
- Administrators must be able to open connections to random TCP ports in the range 49152 - 65535 to NoTouch Center Cloud Xtension, so please ensure these are open for any firewall rules on your perimeter network.
- These ports are IANA-assigned for private use and no well-known ports use these services. You are not risking opening access to some service that might be running. That is strictly for on-demand shadowing and assigned randomly. If you think about making that range smaller, think twice, that makes it actually less secure!
For remote shadowing capabilities, you will need to allow Port 6667 from external address's to your Cloud Extension IP \ FW