How do I distribute global key chains to NEs?
Purpose
Perform the following procedure to distribute one or more global TCP key chains to one or more NEs. When you distribute a global key chain, a local key chain using the Sync With Global distribution mode allows the NE to receive the key chain.
CAUTION Service Disruption |
Releasing, distributing, or deleting a TCP keychain or TCP key can be service-affecting.
Ensure that you understand the implications of these operations before you proceed.
Steps
1 |
Choose Administration→Security→TCP KeyChains from the NFM-P main menu. The TCP KeyChains form opens. | ||
2 |
Verify that none of the key chains in the list that you want to distribute are in Draft configuration mode and go to Step 4 . Otherwise go to Step 3 . | ||
3 |
Verify the local definitions before releasing a global key chain. When you release a global key chain, the key chain is distributed to existing local definitions. When a key chain is in Draft configuration mode, the Distribute button is disabled and the key chain cannot be distributed to an NE. You must first release the key chain for distribution. To release a key chain:
| ||
4 |
To distribute a key chain: Note: Local definitions of key chains that use the Local Edit Only distribution mode do not allow their NEs to receive the distribution of a global key chain. You must set the distribution mode of a local key chain to Sync With Global if you need the associated NE to receive the distribution of a global key chain.
| ||
5 |
To configure the distribution mode of a local definition:
| ||
6 |
Close the TCP KeyChains form. End of steps |