5.1. How to Configure a Private Network on Solaris Trusted Extensions

5.1. How to Configure a Private Network on Solaris Trusted Extensions
Prev	Chapter 5. Configuring Solaris Trusted Extensions	Next

This procedure is required if your Sun Ray server is configured on a private network. See the Alternate Network Configurations chapter in the Administration Guide for more information.

Use the Solaris Management Console (SMC) Security Templates to assign the cipso template to the Sun Ray server. Assign all other Sun Ray devices on the network an admin_low label. The admin_low template is assigned to the range of IP addresses you are planning to use in the utadm command.

The /etc/security/tsol/tnrhdb file should contain the following entries when you finish:

192.168.128.1:cipso
192.168.128.0:admin_low

Become root from ADMIN_LOW (global zone).
Start the Solaris Management Console (SMC).
```
# smc &
```
Make the following selections:
1. In the SMC, select Management Tools->Select hostname:Scope=Files, Policy=TSOL.
2. Select System Configuration->Computers and Networks->Security Templates->cipso.
3. From the menu bar, choose Action->Properties->Hosts Assigned to Template.
4. Select Host and type the IP Address of the Sun Ray interconnect
  (for example, 192.168.128.1).
5. Click Add and then OK.
6. Select System Configuration->Computers and Networks->Security Families->admin_low.
7. From the menu bar, choose Action->Properties->Hosts Assigned to Template.
8. Select Wildcard.
9. Type the IP Address of the Sun Ray Interconnect Network (192.168.128.0).
10. Click Add and then OK.
Assign all Sun Ray servers in the failover group a cipso label.
1. Select System Configuration->Computers and Networks->Security Families->cipso.
2. From the menu bar, choose Action->Properties->Hosts Assigned to Template.
3. Select Host and type the IP Address of the other Sun Ray server.
4. Click Add and then OK.
Reboot the Sun Ray server.
```
# /usr/sbin/reboot
```