“The virtual router/firewall thus has full control over the entire network – virtualized servers can be exposed  in a DMZ, NAT/PAT can be used, IPsec VPN tunnels can be configured as well as PPTP VPN connections, and  VPN connections can be passed through to virtualized servers.

IPsec VPN tunnels are especially powerful for a partial-site failure situation where the customer site’s firewall  is still operational and can form a VPN tunnel to the virtual router/firewall running in the cloud. In this  situation, the internal IP addresses of the virtualized servers in the cloud can be the same as they were  before, and thus users can transparently use the virtualized servers running in the cloud without any  configuration changes. Point to point VPN tunnels can also be constructed to securely deal with situations  where the customer’s edge firewall is no longer available. Additionally, any public services such as POP3 and  OWA can be exposed through NAT/PAT policy rules—partners then update the DNS records of their servers  to point to the new public IP addresses, and these public services become available again, just as before.”

 
Joining ContinuityCloud Node to Virtual Network
First published Feb 07, 2013 08:49 PM

Scenario

To bring data from the cloud node back down to the local environment or to allow snapshots to continue off the Cloud-hosted-VM production server.

Instructions: Networking

Using networking to open access to a shared directory or the administrative share(s) on the Cloud node.

  1. Ensure the Local to Cloud-hosted-virtual environment is working properly. Please review the Node’s documentation to configure the firewall and VPN settings.
  2. Go to the Cloud node’s > Network and Sharing Center > change adapter settings > virt-Internal-LAN > properties > enable TCP/IPv4 (It will enable the corresponding network services needed).
  3. IP address assignment:
    • Option 1: Static IP address -> be sure to set an IP address matching the scheme you’ve configured for the internal portions of the firewall, virtual server, and your local network.
      • Configure only IP address and subnet mask.
      • Leave default gateway blank
      • Leave DNS blank; I suggest later navigation and destination configuration be done via IP address not hostnames.
    • Option 2: Dynamic IP address -> if you’ve enabled DHCP on the Cloud node’s virtual firewall.
      • Once click the “OKs” to get back to the Manage Adapters screen, you might have to disable and enable the virt-Internal-LAN adapter to properly grab an IP address.
  4. Check adapter settings for proper assignment. Test by pinging the Step#3 IP address from the Cloud-hosted-virtual environment machine(s) and from the local machines on the client side of the VPN.

Instructions: VirtualBox Shared Folders

Using VirtualBox’s “Shared Folders” rather than a networking configuration. The recommended method is the Networking configuration. We offer this alternative if there are special security concerns regarding adding the ContinuityCloud Node to the Virtual Network.

The VirtualBox instructions can be found here: http://www.virtualbox.org/manual/ch04.html#sharedfolders

For clarity and reference, the following instructions should be the easiest set with what is configured on the BDR Appliances and Continuity Cloud Nodes:

  1. Be sure to install the Guest Additions (The running VM window > Devices > Install Guest Additions, might need a reboot.)
  2. Configure the VM to access a shared folder on the host:
    • Option 1: Running VM
      1. On a running VM, Devices menu > Shared Folders > pick Share type (see virtualbox.org link above for “types of shares”).
      2. Click Add Shared Folder icon. (For relevant versions at least to 4.2.4 it should be upper right of the Shared Folders dialogue window.)
      3. Select “Other” from the Folder Path dropdown and pick the relevant folder on the host BDR or Continuity Cloud Node. (eg: X:\VolumeImages or X:\RestoredData)
      4. Name the share (as it will be seen from the guest VM).
      5. Select additional desired options. Typically for the purposes of a snapshot destination, probably want to set as Auto-Mount and Make Permanent
    • Option 2: Before booting VM
      1. On the VirtualBox Manager, select the non-running VM > Settings > Shared Folders
        • Note: Probably will only have “Machine Folders” (not a secondary “Transient Folders” option as if the VM was running)
      2. Proceed through the same steps 3-5 as described above for a Running VM.
        • Note: Probably will not have “Make Permanent” option since it’s expected by configuring it on a shutdown VM.

Conclusion

This configuration will allow a couple things:

  1. If you’re configuring the ShadowProtect agent on the Cloud-hosted-virtual environment machine(s) to save snapshots back to the Cloud node.
    • There are a number of considerations if this is done:
      • How much space is provisioned in the Cloud node?
      • How much space is available for additional chain information?
      • How long will this environment be maintained?
      • Will the ShadowProtect console and ImageManager need to be configured?
      • Perhaps configuring Online Backup Manager, particularly if long term and sending data back into the repository, which may require considerations of folder naming so overwriting / adding ‘versions’ of chains doesn’t happen.
  2. You can access the files on the Cloud node from the local machine on the other side of the VPN.
    • Take Windows Explorer to \\ipaddress-showing-in-virt-Internal-LAN-on-Cloud-node\x$
    • Credentials will be the ContinuityCloud \ _thegivenhashpassword_