Greetings everyone, Recently I've been working on getting our Remote Site Appliances set up for our offices and after creating this guide I thought I would share it with the good folks at ITNinja. While this isn't a generic guide for every situation on setting up a RSA on an ESX, it's my hope that people in similar situations to myself will find this guide helpful. Follow the steps below to create a KACE Remote Site Appliance on an ESX server. This allows you to manage computer inventory, deploy software and image computers even across the world.
- Make sure you have the latest RSA OVF files. At the time of writing it’s 3.4.62457. You can find the location to download the latest OVF HERE.
- Copy the OVF file and vmdk files over to the site you’re planning on to deploy the RSA to.
- I.e. if you’re deploying to a geographically remote site , copy the OVF files to the file server prior to trying to deploy the template.
- Open up vSphere and log into the ESX server you want to deploy it on and choose File -> Deploy OVF Template. When it asks for the source paste the location and file name of the OVF file that you copied over in Step 2.
- i.e. \\UKSERVER\Software\K2000 RSA 3.4\k2000_extender_3.4.62457.ovf
- Click Next on the OVF Template Details page. Then name the RSA along this naming scheme: SITEVMRSA and click next.
- i.e. UKVMRSA, INVMRSA, KOVMRSA, etc.
- Select the datastore you’ll use then click next.
- You’ll want to double check with the system admin or IT manager to make sure you’re good to carve out 250GB+ for this RSA.
- Choose Thin Provision and click Next. Click Next on Network Mapping as well.
- Don’t check “Power on After Deployment” and click finish. It will now build the RSA server. This may take around 15-20 Minutes
- Select the RSA server in vSphere and choose Edit Virtual Machine Settings. Then change the Network Adapter’s Network Label if needed. Click OK to close. And power on the RSA.
- Open the console and when prompted for the username enter konfig and when prompted for the password enter konfig. (These are the default credentials for the RSA)
- When asked for a language make sure English is highlighted and hit enter. (Unless English isn't your language of course)
- When prompted for the network setup follow this guide:
- Host Name: SITEVMRSA (i.e. KOVMRSA, INVMRSA, UKVMRSA)
- Domain Name: Your Domain
- IP Address, Default Gateway, Subnet Mask
- Leave Network Speed as Auto-negotiate
- Primary DNS: IP address of local DC (i.e. KOVMDC01 = 172.X.X.X)
- Secondary DNS: HQ DNS server: 172.X.X.X
- Tab down to the bottom and hit save.
- Pull up your browser and type in rsaserver/login (i.e. kovmrsa/login or invmrsa/login) (Don't forget you need a DNS entry to hit it like this, otherwise you'll need to use the IP address in step 11.3.)
- Accept the End User Agreement.
- Login with username admin password admin. (These are the default credentials)
- Click the Alert that leads you to Registration and Licensing. Click Edit. Enter Company Name, Organization Name is set to the name of the site (i.e. Zeeco India, Zeeco Asia), and put in the KACE Administrator’s email address. Send Crash reports to KACE.
- Click Add License Key. Input the License you received for your K2000 then Save.
- Log back in and click the alert to change the time settings. Select the Time zone closest to the location of the site.
- Then go to Settings & Maintenance -> Kace Linking and enable KACE Linking. The default options are fine.
- Go to Control Panel -> Managed Linked Appliances -> Choose Action -> Add New Linked Appliance. Input k2000name.domainfor the host name and paste in the Linking Key from the K2000.
- For the Linking Key you’ll need to log in to the K2000 go to Settings & Maintenance -> KACE Linking and copy the linking key.
- Log in to the K2000 and go to Settings & Maintenance -> Managed Linked Appliances -> Choose Action -> Add New Linked Appliance. Input rsaserver.domainand paste the linking key from the RSA Server.
- For the Linking Key you’ll need to log in to the RSA and go to Settings & Maintenance -> KACE Linking and copy the linking key.
- When linking the remote site to the main K2000 use rsaserver.domain this is due to KACE needing to do a reverse lookup so without the domain it doesn’t recognize it.
- In the K2000 go to Deployments -> Remote Sites -> Choose Action -> Add New Remote Site Appliance -> Select the remote site you just linked. In steps 20 and 21. Then click Next.
- Input Site Remote Site K2000 in the notes, set the update scheduling to go through every day at 12 PM. Then checkmark the installations and boot environments you want to bring over. Click Save and Sync.
- Go to the DHCP server for that location and under IPv4 server options set Option 66 to the IP address of the RSA server and then set Option 67 to kbox2000.0
- At this point the server will sync and you’ll be ready to use your Remote Site Appliance!
So there you have it! I hope this will help others in a similar situation. If anyone has any questions or suggestions please don't hesitate to comment and let me know!
is that a firewall problem?
can you tell me the ports i have to open for the rsa?
sorry for my english! - blackbyte 11 years ago