VMware NSX Installation and Configuration Part 3 –NSX Manager vCenter Integration,SSO,Syslog & License confguration

1 In a Web browser, navigate to the NSX Manager appliance GUI at https://IP or FQDN and log in as admin with the password that you configured during NSX Manager Installation.

2 Under Appliance Management, click Manage vCenter Registration.

1

3 Edit the vCenter Server element to point to the vCenter Server’s IP address or hostname, and enter the vCenter Server user name and password. For the user name, the best practice is to enter administrator@vsphere.local or an alternative account that you have created. Do not use the root account.

4 Check that the certificate thumbprint matches the certificate of the vCenter Server. If you installed a CA-signed certificate on the CA server, you are presented with the thumbprint of the CA-signed certificate. Otherwise, you are presented with a self-signed certificate.

5 Do not tick Modify plugin script download location, unless the NSX Manager is behind a firewall type of masking device. This option allows you to enter an alternate IP address for NSX Manager. Note that putting NSX Manager behind a firewall of this type is not recommended.

6 Confirm that the vCenter Server status is Connected.

2.png

3

4.png

7 If vCenter Web Client is already open, log out of vCenter and log back in with the same Administrator role used to register NSX Manager with vCenter. If you do not do this, vCenter Web Client will not display the Networking & Security icon on the Home tab. Click the Networking & Security icon and confirm that you can see the newly deployed NSX Manager

5.png

Configure Single Sign On:

SSO makes vSphere and NSX more secure by allowing the various components to communicate with each other through a secure token exchange mechanism, instead of requiring each component to authenticate a user separately.

You can configure lookup service on the NSX Manager and provide the SSO administrator credentials to register NSX Management Service as an SSO user. Integrating the single sign on (SSO) service with NSX improves the security of user authentication for vCenter users and enables NSX to authenticate users from other identity services such as AD, NIS, and LDAP.

With SSO, NSX supports authentication using authenticated Security Assertion Markup Language (SAML) tokens from a trusted source via REST API calls. NSX Manager can also acquire authentication SAML tokens for use with other VMware solutions. NSX caches group information for SSO users. Changes to group memberships will take up to 60 minutes to propagate from the identity provider (for example, active directory) to NSX.

Procedure:

1 Log in to the NSX Manager virtual appliance. In a Web browser, navigate to the NSX Manager appliance GUI at https://, and log in as admin with the password that you configured during NSX Manager Installation.

2 Click the Manage tab, then click NSX Management Service.

3 Type the name or IP address of the host that has the lookup service. If you are using vCenter to perform the lookup service, enter the vCenter Server’s IP address or hostname, and enter the vCenter Server user name and password.

4 Type the port number. Enter port 443 if you are using vSphere 6.0. For vSphere 5.5, use port number 7444. The Lookup Service URL is displayed based on the specified host and port.

6.png

7.png

8

Specify a Syslog Server:

If you specify a syslog server, NSX Manager sends all audit logs and system events to the syslog server. Syslog data is useful for troubleshooting and reviewing data logged during installation and configuration. NSX Edge supports two syslog servers. NSX Manager and NSX Controllers support one syslog server.

Procedure

1 In a Web browser, navigate to the NSX Manager appliance GUI at https://.

2 Log in as admin with the password that you configured during NSX Manager installation.

3 Click Manage Appliance Settings.

9.png

10.png

4 From the Settings panel, click General.

5 Click Edit next to Syslog Server.

6 Type the IP address or hostname, port, and protocol of the syslog server. If you do not specify a port, the default UDP port for the IP address/host name of the syslog server is used.

11

Install and Assign NSX for vSphere License:

In vSphere 6.0, complete the following steps to add a license for NSX.

a Log in to the vSphere Web Client.

b Click Administration and then click Licenses.

c Click the Assets tab, then the Solutions tab.

d Select NSX for vSphere in the Solutions list. From the All Actions drop-down menu, select Assign license….

e Click the Add ( ) icon. Enter a license key and click Next. Add a name for the license, and click Next. Click Finish to add the license.

f Select the new license.

g (Optional) Click the View Features icon to view what features are enabled with this license. View the Capacity column to view the capacity of the license.

h Click OK to assign the new license to NSX.

12.png

13

14

In the next blog , i will talk about the NSC Controller cluster deployment and configuration.

One thought on “VMware NSX Installation and Configuration Part 3 –NSX Manager vCenter Integration,SSO,Syslog & License confguration

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s