Scenario 3: Security Desk on Federation™ host network and systems using public IP addresses and NAT - Security Center 5.9 - 5.10

All about Security Center Federation™

Applies to
Security Center 5.9 - 5.10
Last updated
2021-07-28
Content type
Guides > Administrator guides
Language
English (United States)
Product
Security Center
Version
5.10
5.9

If your Security Desk workstation is on the Federation™ host network, use this network configuration when both systems require public IP addresses and the federated system is using network addressing translation (NAT).

IMPORTANT: The following scenario explains one possible network configuration for Security Center Federation™. Your requirements might differ depending on the number of servers you have, your network specifications, and how you route video.

For more information, see your network administrator or contact Genetec™ Technical Support.

Assumptions about your setup

  • The Federation™ host is federating one remote system on a different network.
  • Both servers are configured to route traffic to a public IP address through a router and the federated system is using NAT, as follows:
    Federation™ host:
    • Private IP address of the main server: 192.168.100.10
    • Public IP address: 17.5.0.1
    Federated system:
    • Private IP address of the main server: 192.168.1.10
    • NAT IP address: 192.168.1.20
    • Public IP address: 15.65.0.1
  • You are logged on to the Directory of the Federation™ host from a Security Desk workstation on the same network.
  • The Media Router and redirector on the federated system are not directly accessible from your Security Desk workstation, so you are receiving video from the redirector on the Federation™ host. You must ensure that the Media Routers and redirectors from both sites can communicate with each other.

Architecture overview

Your system setup looks like this:

Network view on Federation™ host

In this scenario, the networks on the Federation™ host system are configured in the Network view task as follows:

  • The main network for the Federation™ host system is called Network.
  • The main server (VM17272) is part of the main Network. The Properties tab of the Network shows that the main server is routing traffic through public IP address 17.5.0.1.
  • The federated network (VM16930 - Security Center Federation™) is nested under the main network, and the main network is the only end point configured for the federated video.

Network view on federated system

In this scenario, the networks on the federated system are configured in the Network view task as follows:

  • The main network for the federated system is called Network.
  • The main server (VM16930) is part of the main Network. The Properties tab of the Network shows that the main server is routing traffic through public IP address 15.65.0.1.
  • To ensure that video requests coming from the Federation™ host are properly identified and that federated video is sent using the public IP address (15.65.0.1), an additional network is configured for the NAT called Federation NAT.

    The Federation NAT network is nested under the main network, and the NAT IP address is configured for the IPv4 address prefix option.

    The main network is configured as the end point, and the Use private address option is not selected.