Creating a Replication Target (CLI)

A replication target establishes a secure communication connection between source and target appliances.

Before You Begin

See Checking Source and Target Compatibility to ensure your replication target is compatible with the source.

If you need to ensure that the replication traffic goes over a particular network interface, set up a static route for the target that specifies that interface as shown in Setting Up Network Interfaces and Static Routing (CLI).

1. Source appliance: Go to configuration services replication targets.
2. Enter the target command.

   host_source:> configuration services replication targets> target
   host_source:configuration services replication target (uncommitted)>

3. Set the target properties.

   • hostname - The fully qualified domain name, or IPv4 or IPv6 address of the target appliance. The recommended value to use is the target's fully qualified domain name. See the description for host_match.

   • user - The name of the user on the target appliance who is authorized to set up replication relations (appliance/allow_peerSetup authorization). It is not recommended to use the "root" user account.

   • Choose one of the following authentication options and set its value:

     password - The password for the user specified in the user property.

     token - The REST authorization token for the user specified in the user property. For information about REST tokens, see Preference Properties.

   • label - The name of the target to display in the BUI and CLI of the source appliance.

   • host_match - When this property is true, the system verifies that the target hostname specified in the hostname property matches the host specified in the certificate. For example, if the certificate subject common name only has a domain name, and if you specify an IP address for hostname, this hostname check fails. If the hostname check fails, the certificate trust check described in the following step is not performed and the target is not created.

     If the target is using an ASN-based certificate, specify the target's fully qualified domain name for the value of the hostname property.

     If you set host_match to false, hostname validation is not performed.

     For stronger security, set the value of the hostname property to the target's fully qualified domain name, and make sure the host_match property is set to true.

   hostname:configuration services replication target (uncommitted)> set hostname=hostname
   hostname:configuration services replication target (uncommitted)> set root_password=pw
   hostname:configuration services replication target (uncommitted)> set label=repl_1
   hostname:configuration services replication target (uncommitted)> set host_match=true

4. Commit the changes.

   The certificate trust check is performed to verify whether the certificate is trusted.

   If the certificate is not trusted by the source, the certificate is presented for you to review, and you are prompted to accept or reject the certificate as described in Testing the Connection (CLI). If you accept the certificate, the certificate is added to the trust list of the source, and the target is created. If you reject the certificate, the certificate is not added to the trust list of the source, and the target is not created.

   If the certificate is already trusted, the target is created, and you are not prompted to accept the certificate.

Related Topics

• Testing the Connection (CLI)

• Editing a Replication Target (CLI)

• Replication Targets

• Remote Replication Workflow

• Remote Replication Concepts

• Backing Up, Replicating, and Restoring Encrypted Projects and Shares