Black Box ET0010A User Manual
EncrypTight Component Connections
EncrypTight User Guide
31
Figure 11
Out-of-band management of ETKMSs located on different Ethernet networks
ETKMS to PEP Connections
The communications between the ETKMSs and the PEPs require a connection between the Ethernet ports
on each ETKMS and the management port on each PEP. The ETKMS to PEP connections depend on the
network type: IP network or Ethernet network.
on each ETKMS and the management port on each PEP. The ETKMS to PEP connections depend on the
network type: IP network or Ethernet network.
This section addresses connections between external ETKMSs and the PEPs. If you also use a local
ETKMS, the basic principles discussed here still apply. However, a local ETKMS runs on the same
workstation as the ETPM. Therefore the communications between the local ETKMS and the PEPs require
a connection between an Ethernet port on the management workstation and the management port on each
PEP.
ETKMS, the basic principles discussed here still apply. However, a local ETKMS runs on the same
workstation as the ETPM. Therefore the communications between the local ETKMS and the PEPs require
a connection between an Ethernet port on the management workstation and the management port on each
PEP.
This section includes the following topics:
●
●
ETKMS to PEP Connections in IP Networks
shows one external ETKMS connecting to two PEPs. The connections between the ETKMS
and the first PEP co-located on the same network is a straightforward connection. The ETKMS’s Ethernet
port connects through the internal protected network to the PEP’s management port.
port connects through the internal protected network to the PEP’s management port.
When managing in-line, the connection between the ETKMS and the second PEP located on a different
network must pass through the data ports on both PEPs to get to the management port on the second
PEP.
network must pass through the data ports on both PEPs to get to the management port on the second
PEP.
To successfully pass management traffic, be sure that the Enable passing TLS traffic in the clear
feature is enabled on all of the PEPs. By default, the Layer 3 PEPs pass all TLS traffic (port 443) in the
clear. This option is configured on the Features tab of the ETEMS Appliance editor.
feature is enabled on all of the PEPs. By default, the Layer 3 PEPs pass all TLS traffic (port 443) in the
clear. This option is configured on the Features tab of the ETEMS Appliance editor.