Managed Services 1.0

Space shortcuts

Page tree

Versions Compared

Old Version 1

changes.mady.by.user user-f48d1

Saved on

compared with

New Version Current

changes.mady.by.user Andrea So

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space KMS and version Current
Sv translation
languageen

Overview

A Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer. It offers a secure, client-initiated way for customers to access their Prinergy system running on

 Overview 

...

an Azure VM. 

Instructions are provided for both Windows and Mac clients.

Prerequisites

Point-to-site gateway configured with:

  •     tunnel type of IKEv2 and OpenVPN (SSL)
  •     SKU of VpnGw1 or better

Installation & Configuration

  1. Create root certificate and client certificates:
    1. Mac:
      1. Install openssl if it is not already installed.

      2. Execute commands to create root certificate:

        Code Block
        # Generate root private key 
openssl genrsa -aes256 -out RootAzureVPN.key 2048

# Generate a root certificate valid for 10 years
openssl req -x509 -sha256 -new -key RootAzureVPN.key -out RootAzureVPN.cer -days 3650 -subj /CN=RootAzureVPN

      1. Execute commands to create client certificate: 

        Code Block
        # Generate a certificate request
openssl genrsa -out clientCert.key 2048
openssl req -new -out clientCert.req -key clientCert.key -subj /CN=ClientAzureVPN

# Generate a certificate from the certificate request and sign it as the CA that you are.
openssl x509 -req -sha256 -in clientCert.req -out clientCert.cer -CAkey RootAzureVPN.key -CA RootAzureVPN.cer -days 1800 -CAcreateserial -CAserial serial

# Pack key and certificate in a .pfx (pkcs12 format)
openssl pkcs12 -export -out clientCert.pfx -inkey clientCert.key -in clientCert.cer -certfile RootAzureVPN.cer
    2. Windows 10 and Windows Server 2016:
      1. https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site
        • Note: 2016 theoretically should work but certificate could not be installed in Azure?
        • The following commands are executed in Powershell in ‘Run as administrator’ mode

      2. Create a self-signed root certificate:

        Code Block
        $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
-Subject "CN=P2SRootCert" -KeyExportPolicy Exportable `
-HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" `
-KeyUsageProperty Sign -KeyUsage CertSign

        IMPORTANT: `in each command line tells Powershell the command continues into next the line

      3. Create a client certificate:

        Code Block
        New-SelfSignedCertificate -Type Custom -DnsName P2SChildCert -KeySpec Signature `
-Subject "CN=P2SChildCert" -KeyExportPolicy Exportable `
-HashAlgorithm sha256 -KeyLength 2048 `
-CertStoreLocation "Cert:\CurrentUser\My" `
-Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")

      4. Check that at least the two generated/registered certificates are listed:

        Code Block
        PS C:\> Get-ChildItem -Path "Cert:\CurrentUser\My"

Thumbprint                                Subject
----------                                -------
F3C3B23CDCBFC90AA606446966E2FAAD49B70AC5  CN=P2SRootCert
44E1451EE36DBCD82A1B752ECC854CBE0271C520  CN=P2SChildCert
  2. Install root certificate in Azure:
    1. Connect to the Azure Portal from the client where the certificates were generated from.
    2. Open the root certificate .cerfile in a TextEdit (Mac) or Notepad (Windows) and copy the parts between the -----BEGIN CERTIFICATE-----and -----END CERTIFICATE-----lines from the generated certificate.Image Removed
      IMPORTANT:       Be sure the editor you use does not alter the formatting of the content.
    3. Navigate to VNET Gateway’s Point-to-site configuration in the Portal and add it to the root certificate list.
    4. Save the change.
  3. Install client certificate on the client – Windows & Mac: https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-how-to-vpn-client-install-azure-cert
  4. Download VPN config from Azure Portal to client.
    1. Login to Azure Portal from the client
    2. Navigate to the VNET Gateway’s Point-to-site configuration
    3. Click the ‘Download VPN client’ button:
  5. Install VPN config on client:
    1.  Mac:
      1. IKEv2: https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-vpn-client-configuration-azure-cert
      2. OpenVPN: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-openvpn-clients 
    2.  Windows:
      1. OpenVPN:https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-openvpn-clients
  6. Optional: Add a host file entry with the primary servers private IP if you want to reference it by name from the client
    1.  Mac:
      1. Launch the Terminal application found in Applications/Utilities
      2. Type: sudo nano /etc/hosts<Enter>
      3. Enter Administrator password when prompted and hit Enter
      4. Add an entry for the primary server – eg: 10.1.234.3 PrinergyPrimaryName
      5. Save the file: Control+O
      6. Exit nano: Control+X
    1. Windows:
      1. Edit C:\Windows\System32\drivers\etc\hosts
      2. Add an entry for the primary server – eg: 10.1.234.3 PrinergyPrimaryName
      3. Save the file

Using Kodak Workshop and other workflow software from the client

  1. Connect the Azure VPN if not already connected
  2. If Workshop is not already installed map a drive the Workshop installer on the Azure VM and install Workshop and related software
  3. Start Workshop.
  4. If it does not automatically find the primary server, enter the name or IP address

RDC to an Azure VM from the client

Please open a support call with Kodak if you need assistance with setting up a point to site connection. Additional information can be found on the Partner Place website (partnerplace.kodak.com). Authenticated customers can log in and find the instructions by searching for answer ID 76120.

Sv translation
languagede

Überblick 

Mit einer Point-to-Site (P2S) VPN-Gateway-Verbindung können Sie von einem einzelnen Client-Computer aus eine sichere Verbindung zu Ihrem virtuellen Netzwerk herstellen. Sie bietet eine sichere, Client-gesteuerte Möglichkeit für Kunden, auf ihr Prinergy-System zuzugreifen, das auf einer Azure-VM läuft.  

Voraussetzungen

Point-to-Site-Gateway konfiguriert mit:

  • Tunneltyp von IKEv2 und OpenVPN (SSL)
  • SKU von VpnGw1 oder besser

Wenn Sie Hilfe bei der Einrichtung einer Point-to-Site-Verbindung benötigen, wenden Sie sich bitte an den Support von Kodak. Weitere Informationen finden Sie auf der Partner Place Website (partnerplace.kodak.com). Authentifizierte Kunden können sich anmelden und die Anweisungen finden, indem sie nach der Antwort-ID 76120 suchen.

Sv translation
languagees

Visión general 

Una conexión de puerta de enlace VPN punto a sitio (P2S) le permite crear una conexión segura a su red virtual desde un ordenador cliente individual. Ofrece una forma segura, iniciada por el cliente, para que los clientes accedan a su sistema Prinergy que se ejecuta en una VM Azure.  

Requisitos previos

Puerta de enlace punto a punto configurada con:

  • tipo de túnel de IKEv2 y OpenVPN (SSL)
  • SKU de VpnGw1 o superior

Por favor, abra una llamada de soporte con Kodak si necesita ayuda para configurar una conexión punto a sitio. Encontrará información adicional en el sitio web Partner Place (partnerplace.kodak.com). Los clientes autenticados pueden iniciar sesión y encontrar las instrucciones buscando la respuesta ID 76120.

Sv translation
languagefr

Vue d'ensemble 

Une connexion de passerelle VPN point à site (P2S) vous permet de créer une connexion sécurisée à votre réseau virtuel à partir d'un ordinateur client individuel. Elle offre aux clients un moyen sécurisé d'accéder à leur système Prinergy exécuté sur une VM Azure.  

Conditions préalables

Passerelle point à site configurée avec :

  • type de tunnel IKEv2 et OpenVPN (SSL)
  • SKU de VpnGw1 ou mieux

Veuillez ouvrir un appel de support avec Kodak si vous avez besoin d'aide pour configurer une connexion point à site. Des informations supplémentaires sont disponibles sur le site Web Partner Place (partnerplace.kodak.com). Les clients authentifiés peuvent se connecter et trouver les instructions en recherchant l'ID de réponse 76120.

Sv translation
languageit

Panoramica 

Una connessione gateway VPN Point-to-Site (P2S) consente di creare una connessione sicura alla rete virtuale da un singolo computer client. Offre un modo sicuro e avviato dal cliente per accedere al proprio sistema Prinergy in esecuzione su una macchina virtuale Azure.  

Prerequisiti

Gateway point-to-site configurato con:

  • tipo di tunnel IKEv2 e OpenVPN (SSL)
  • SKU di VpnGw1 o superiore

Se avete bisogno di assistenza per la configurazione di una connessione point to site, aprite una chiamata di supporto con Kodak. Ulteriori informazioni sono disponibili sul sito Web Partner Place (partnerplace.kodak.com). I clienti autenticati possono accedere e trovare le istruzioni cercando l'ID risposta 76120.

Sv translation
languageja

概要 

Point-to-Site (P2S) VPNゲートウェイ接続を使用すると、個々のクライアントコンピュータから仮想ネットワークへのセキュアな接続を作成できます。これは、顧客がAzure VM上で実行されているPrinergyシステムにアクセスするための、セキュアでクライアント主導の方法を提供します。 

前提条件

Point-to-Siteゲートウェイが構成されていること:

  • IKEv2およびOpenVPN(SSL)のトンネルタイプ
  • VpnGw1以上のSKU

ポイント・ツー・サイト接続のセットアップにサポートが必要な場合は、コダックにサポートコールを依頼してください。その他の情報は、パートナープレースウェブサイト(partnerplace.kodak.com)でご覧いただけます。認証されたお客様はログインして、回答ID 76120を検索して手順を見つけることができます。

Sv translation
languagept_BR

Visão geral 

Uma conexão de gateway VPN Point-to-Site (P2S) permite criar uma conexão segura com sua rede virtual a partir de um computador cliente individual. Ela oferece uma maneira segura e iniciada pelo cliente para que os clientes acessem o sistema Prinergy em execução em uma VM do Azure.  

Pré-requisitos

Gateway ponto a site configurado com:

  • Tipo de túnel IKEv2 e OpenVPN (SSL)
  • SKU de VpnGw1 ou superior

Abra uma chamada de suporte com a Kodak se precisar de ajuda para configurar uma conexão ponto a site. Informações adicionais podem ser encontradas no site Partner Place (partnerplace.kodak.com). Os clientes autenticados podem fazer login e encontrar as instruções pesquisando a ID de resposta 76120.

Sv translation
languagezh

概述 

点到点 (P2S) VPN 网关连接可让您从单个客户端计算机创建到虚拟网络的安全连接。它为客户访问在 Azure 虚拟机上运行的 Prinergy 系统提供了一种安全的、由客户端发起的方式。 

前提条件

点到点网关配置为

  • 隧道类型为 IKEv2 和 OpenVPN (SSL)
  • VpnGw1 或更高版本的 SKU

如果您在设置点到点连接时需要帮助,请拨打柯达支持电话。其他信息可在 Partner Place 网站 (partnerplace.kodak.com) 上找到。已通过身份验证的客户可登录并通过搜索答案 ID 76120 找到说明。

Sv translation
languagezh_TW

...