SOLIDserver Quick Start

Version 8.2
SOLIDserver Quick Start
SOLIDserver Quick Start
Revision: #127564

Publication date February 20, 2023

Copyright © 2000-2023 EfficientIP
All product specifications and information provided in this document are subject to change or update without notice and should not be
construed as a commitment by EfficientIP. EfficientIP assumes no responsibility or liability for any mistakes, inaccuracies or omissions
that may appear in this document. All statements and recommendations in this document are believed to be accurate at the time they
are drafted but are presented without any representation or warranty of any kind, either express or implied, regarding their accuracy,
completeness, performance, up-to-dateness or suitability for any particular use or purpose, or with respect to the infringement of any
right. In particular, EfficientIP makes no representation or warranty that the results that may be obtained from your use of our products
will be effective, accurate or reliable or that the quality of the products will meet your expectations. Users must take full responsibility
for their application of any product.

This document aims at detailing EfficientIP proprietary solutions. As our solutions rely on several third-party products, created by other
companies or organizations, it may redirect readers to third-party websites and documentation for further information. EfficientIP cannot
be liable for or expected to provide said information regarding products maintained or created by third parties.

In no event shall EfficientIP be liable for any special, punitive, indirect, incidental or consequential damages of any kind including, but
not limited to, loss of present or prospective profits or business, loss of data, business interruption, damages to reputation or image,
whether in an action of contract, negligence, or other action, arising out of or in connection with the use, reliance upon or performance
of the products provided by EfficientIP or any information contained herein.

All EfficientIP products and documentation are subject to separate licensing terms which users must agree to and comply with in order
to use such products and documentation.
Table of Contents
1. Purpose of this Guide .................................................................................................... 1
2. Access and Configuration .............................................................................................. 2
1. Connecting to SOLIDserver ................................................................................... 2
2. Requesting a License ............................................................................................ 3
3. Configuring the NTP Server ................................................................................... 4
4. Activating the License ............................................................................................ 6
5. Securing SSH Access to the Appliance ................................................................... 6
6. Defining the Internal Module Setup ......................................................................... 7
7. Making Sure the Relevant Services are Running ..................................................... 7
3. Initial Setup ................................................................................................................... 8
1. Setting Up the DNS ............................................................................................... 8
2. Setting Up the DHCP ........................................................................................... 10
3. Setting Up the IPAM ............................................................................................ 12
4. Setting Up NetChange ......................................................................................... 14
4. Next Steps .................................................................................................................. 17
Configuring User Access to SOLIDserver ................................................................. 17
Going Further With Your Appliance ........................................................................... 17

iv
Chapter 1. Purpose of this Guide
This guide aims at getting your first hand on how to use SOLIDserver on your network from
the connection and basic configuration to the interactions between the modules.

It is only relevant if you already installed SOLIDserver following any of these guides:
• Configuring SOLIDserver on Hardware Appliances.
• SOLIDserver Installation on Virtual Appliances.
• SOLIDserver Deployment on Amazon Web Services Cloud Environment.
• SOLIDserver Deployment on Microsoft Azure Cloud Environment.
• Reimaging SOLIDserver on Hardware Appliances.
• SOLIDserver Installation on SDS-50 Hardware Appliances.

To get an overview of SOLIDserver potential, you must follow the chapters in order:
1. Access and Configuration details how to connect to the GUI and make the first configurations.
2. Initial Setup describes additions in the modules IPAM, DNS, DHCP and NetChange to see
how they can interact.
3. Next Steps describes how to complete the configuration and start using SOLIDserver.

Note that this guide only details operations relevant to having a first look at SOLIDserver software
and are all performed by the only user available at installation, ipmadmin, who belongs to the
group admin.

To learn more about all the available modules and operations of the software, once you are
connected to the GUI, you can access SOLIDserver Administrator Guide from the menu ? >
Administrator Guide.

1
Chapter 2. Access and Configuration
The appliance configuration and proper first use requires:
1. Connecting to SOLIDserver GUI with the superuser credentials.
2. Requesting a License to have a valid license.
3. Configuring the NTP Server to ensure the appliance is on time.
4. Activating the License to have access to all relevant modules.
5. Securing SSH Access to the Appliance by changing the SSH password to secure CLI access.
6. Defining the Internal Module Setup to enable the inter-module interactions.
7. Making Sure the Relevant Services are Running.

1. Connecting to SOLIDserver
To connect to SOLIDserver, you need the IP address you configured.

To connect to SOLIDserver for the first time

1. Open your browser, in the URL field type in https://<SOLIDserver-configured-IP-address>.
2. Hit Enter. The browser displays a security warning because the default certificate is in use.
Your browser probably identified that the certificate is not from a trusted certifying authority
and that the hostname on the certificate is invalid or does not match the name of the site.
3. Accept the certificate. SOLIDserver login page appears.

ddi.mycorp.com

Login

Password

Figure 2.1. First connection to SOLIDserver

4. In the field Login, type in ipmadmin, the default superuser login.

5. In the field Password, type in admin, the default superuser password.
6. Hit Enter. The page Main dashboard opens, this is the homepage of SOLIDserver.

On the Main dashboard, the gadgets provide an overview of the appliance configurations and
services status. They assist you during the first configurations and later on to monitor your appli-
ance.
• SOLIDserver Configuration Checklist indicates the configurations that are set and the
ones that must be set .
• System Information sums up the system and user related information.

2
 Access and Configuration

After the first connection, it indicates that you are Connected as ipmadmin and that there is
No license installed.
• General Information indicates which services are running , stopped , or not configured
yet .
It also indicates the IP Addresses, Default gateway and potential Hostname you set when you
installed SOLIDserver.

Now you must request a license.

2. Requesting a License
After the first connection, you need to request a license from EfficientIP. They will generate and
send you a valid license key that you must add to the GUI to activate the license and use
SOLIDserver.

Each license key is unique and specific to one SOLIDserver appliance, you cannot use the
same license key on several appliances.

To request a license key

1. Retrieve the request license key, from SOLIDserver Main Dashboard.
a. In the gadget System Information, click on the link Request license . The wizard Request
license opens.
b. Read the Software License Agreement and click on NEXT . The next page opens.
c. Copy the content of the field Request key, you need it to fill out the request license
form.
d. Click on OK to close the wizard.
2. Send the request key to Efficient IP via the form Request Your License.
a. Go to the page http://www.efficientip.com/license-request/.
b. In the fields First Name, Last Name, Email, Phone, Company and Country Name,
specify your contact details. All these fields are required.
c. In the field License Period Request, select the length of your choice: 1 month, 2 months,
3 months, 6 months or Permanent. This field is required.
d. If you selected Permanent, the following fields appear.
Fill them with the information provided by EfficientIP.

Table 2.1. Required information for permanent licenses

Field Description
Contract Number Your Maintenance contract number. This field is required.
(if permanent license) The Maintenance contract number is composed of 12 digits and your client
name, it looks as follows 221231200101CORP. The first 6 digits are the
maintenance expiry date (yymmdd) and the next 6 digits are the maintenance
start date (yymmdd).
EfficientIP Serial Number Your appliance serial number. This field is required.
(if permanent license) For virtual appliances, it looks as follows SW550-0123. For hardware appli-
ances, it looks as follows A1B23R4.

e. In the field SOLIDserver Model, specify your model number. This field is required. It
looks as follows SDS-570.
f. In the field Request Key, paste your request key or the content of your request key file.
This field is required.

3
 Access and Configuration

g. In the field Number of External Managed Servers (MVSM, if any), specify the total
number of servers - DNS, DHCP... - you intend to manage from SOLIDserver.
h. In the section Optional Module, tick all the optional modules you might need: DNS
1
Guardian, DNS GSLB, NetChange, Device Manager or SPX.
i. If relevant, fill in the field If requester is NOT end customer, please provide your
contact information (Name, Company, Email, Phone): with all the appropriate data.
j. In the drop-down list Language, you can select in which language to display the Privacy
Policy. By default, English is selected, you can change to French, German or Spanish.
The panel provides a link towards EfficientIP Privacy Statement.
k. Tick the box I accept the Terms and Conditions.
l. Click on SUBMIT to send us your information.

While the license is being generated, you must configure the NTP server, before activating the
license you will receive.

3. Configuring the NTP Server

You should configure the NTP server and enable the service NTP before activating the license.

The Network Time Protocol (NTP) ensures clock synchronization on a network. Configuring an
NTP server allows you to synchronize the time of your appliance, which ensures a proper activ-
ation of the license and allows you to manage a dynamic addressing of your network. With the
NTP configured, the DHCP server we add in the next chapter can deliver leases.

Before configuring the NTP server, keep in mind that:

• You can configure your appliance with public or private NTP servers and each server can have
a specific stratum level.
• You should configure at least 3 reference NTP servers for all the NTP clients on your network.
• The reference NTP servers must be reachable when you start the service.
• All the services must be set at the same time to prevent any management problems.

To configure the NTP server

1. In the sidebar, click on Administration or Admin Home. The page Admin Home opens.
2. In the section System, click on Services configuration. The page Services configuration
opens.
3. In the column Name, click on NTP server. The wizard NTP Servers Configuration opens.
4. Specify the NTP server(s):
a. In the field NTP server, specify the IP address or hostname of the server. It can be an
IPv4 or IPv6 address.
b. In the field Stratum, you can specify a level between 0 and 15. By default nothing is
specified, the stratum is retrieved from the server. We strongly advise against setting a
stratum if it is not necessary.
c. Click on ADD . The server and stratum are moved to the list NTP servers.
d. Repeat these steps for as many servers as you need.
• To update an entry in the list, select it. It is displayed in the field(s) again. Edit the
field(s) and click on UPDATE .
• To delete an entry from the list, select it and click on DELETE .

1
If you do not tick this box, you are using NetChange-IPL, NetChange basic options.

4
 Access and Configuration

• To discard changes, click on CANCEL .

To order the entries, select them one by one and click on the arrows to move them up
or down .
5. Click on NEXT . The page Edit the NTP configuration opens.
6. Set the restrictions of the NTP server(s).
a. In the drop-down list Type, select IPv4 or IPv6.
b. In the field IP address, specify an IPv4 address, an IPv6 address or default.
c. In the field Mask, you can set the netmask of the IPv4 or IPv6 address you specified in
the field IP address. If you specified default, it is useless to set a mask.
d. In the field IP peer limit, you can specify the maximum number of requests for each
client IP address. The IP address and Mask you set identify the clients. You can set any
value between 0 and 65535 in the field, 0 means that no client can query the NTP
server(s). By default, no peer limit is configured, the field is set to -1.
e. In the field Flags, you can set one or several flags, separated by a space. The field
accepts the flags kod, limited, lowpriotrap, noepeer, nomodify, noquery, noserve, notrap,
notrust, ntpport and version.
f. Click on ADD . The configuration is moved to the Restriction list.
g. Repeat these steps for as many restrictions as you need.
• To update an entry in the list, select it. It is displayed in the field(s) again. Edit the
field(s) and click on UPDATE .
• To delete an entry from the list, select it and click on DELETE .
• To discard changes, click on CANCEL .

7. Click on OK to complete the operation. The report opens and closes. The NTP server line
is marked To add.
8. Right now your configuration is pending. In the menu, select Tools > Apply configuration.
The wizard opens, click on OK to complete the operation.

Once you configured the NTP server, you must enable the service NTP. It automatically starts
it.

To enable the service NTP

From the page Services configuration:
1. At the end of the line NTP server, in the column Enabled, click on Disabled. The wizard
Enable a service opens.
2. Click on OK to complete the operation. The report opens and closes. The NTP server line
is marked To add.
3. Right now your configuration is pending. In the menu, select Tools > Apply configuration.
The wizard opens, click on OK to complete the operation. The NTP server is marked Enabled.

Under the line NTP server, the appliance time and date are displayed.

If the appliance is not on time, you need to force an NTP update. Before forcing the NTP update:
• Make sure that at least one NTP server is configured and reachable, otherwise you might
not be able to access your appliance at all.
• Keep in mind that forcing the update restarts all the services that rely on NTP, like the
services DNS, DHCP and SNMP, and logs you out.

5
 Access and Configuration

To force an NTP update

From the page Services configuration:
1. Under the line NTP server, click on FORCE UPDATE.The wizard Force NTP update opens.
2. Click on OK to complete the operation. The report opens and closes. The page refreshes
and you are logged out while all the services restart.
3. Log in again.

Now that the NTP is configured, started and on time, you can activate the license.

4. Activating the License

Once EfficientIP has answered your request and sent you a license key, you can add it to the
appliance to activate your licence as detailed below. Note that the appliance should be time
synchronized before activating the license.

To activate a license
1. From the EfficientIP email response to your license request, copy the license key.
2. Back in SOLIDserver GUI:
a. If you did not force the NTP update, in the sidebar click on Quit Administration. The
Main dashboard opens.
b. If you forced the NTP update, stay on the Main dashboard.
3. In the gadget System Information, click on the link Add license . The wizard opens.
4. Read the License Agreement and click on NEXT . The page Add a license opens.
5. In the field License(s), paste the license key.
6. Click on OK to complete the operation.The page refreshes. In the gadget System Information
the License type is updated and all the modules that come with your license are visible.

Now that you activated the license, all the modules it includes are displayed in the sidebar, in
addition to the modules Dashboards and Administration.

You can secure access to the appliance.

5. Securing SSH Access to the Appliance

By default, you can access the appliance via SSH with the account admin. Its password is admin.

To secure administrative access to the appliance, you need to change the password.

To change the SSH password

From the Main dashboard:
1. In the gadget SOLIDserver Configuration Checklist, next to Change SSH password, click
on Configuration. The wizard Change SSH password opens.
2. In the field New password, specify the password of your choice.
3. In the field Confirm password, specify the password again.
4. Click on OK to complete the operation. The wizard closes and the page refreshes. The
configuration is now marked .

This new SSH password must be specified when you add the DNS and DHCP servers in the
next chapter.

6
 Access and Configuration

Now that the password is changed, you can define the Internal module setup.

6. Defining the Internal Module Setup

The Internal module setup allows you to enable the interaction between the modules IPAM, DNS
and DHCP. That way you can manage your resources and objects on one page and update them
in other modules.

The interaction relies on advanced properties available in all three modules.

To configure the internal module setup

From the Main dashboard:
1. At the bottom of the gadget SOLIDserver Configuration Checklist, next to Internal module
setup, click on Configuration. The wizard Internal module setup opens.
2. Activate all module interactions:
a. In the drop-down list Architecture, select IPAM.
b. Tick the box Use DNS.
c. Tick the box Use DHCP.
3. Click on OK to complete the operation. The wizard closes and the page refreshes. The In-
ternal module setup is marked .

Now you must ensure all relevant services are running.

7. Making Sure the Relevant Services are Running

You must make sure that the services DNS, DHCP and NTP are running.

To make sure all the relevant services are running

From the Main dashboard:
1. In the gadget General information, look at the Services.
Any service preceded by is configured and started, it is running.
2. Make sure the service DNS is preceded by .
3. Make sure the service DHCPv4 is preceded by .
4. Make sure the service NTP is preceded by .
5. If they are all configured and running, you can go to the next chapter.
If either is preceded by , it is stopped and you must start it:
a. Click on the service. The wizard Start a service opens.
b. Click on OK . The wizard refreshes and closes. The service is preceded by .

Note that the gadget SOLIDserver Configuration Checklist sums up your configurations so far:
• NTP servers configuration is followed by a .
• Change SSH password is followed by a .
• Internal module setup is followed by a .

Now that you configured the appliance and the relevant services are running, you can make the
initial setup detailed in the next chapter.

7
Chapter 3. Initial Setup
To have an overview of SOLIDserver potential for network management, you must:
1. Add a DNS server and zone, as detailed in the section Setting Up the DNS.
2. Add a DHCP server, as detailed in the section Setting Up the DHCP.
3. Add an IPAM space containing a block-type network and a terminal network of IP addresses,
as detailed in the section Setting Up the IPAM.
4. Add one of your network devices and start managing it via NetChange, as detailed in the
section Setting Up the NetChange.

Each section of the setup corresponds to a dedicated module in SOLIDserver GUI. If your license
does not include the module NetChange, you can skip the last step.

In the procedures below, only the fields relevant to the module initial configurations are
mentioned.

To learn more about any object, module or field, refer to the Administrator Guide, it is accessible
in the menu ? > Administrator Guide.

1. Setting Up the DNS

The Domain Name System (DNS) is a hierarchical distributed naming system that locates devices
connected on your network and resolves queries that convert IP addresses into intelligible domain
names or domain names into IP addresses. Its dedicated module is divided as follows:
• Server: the highest level of the DNS hierarchy. Without it, you cannot manage DNS databases.
Servers can contain views, zones and resource records (RRs).
• View: an optional level that allows you to grant or limit user access to your zones, based on
the location of the query and/or the interface that received the query. Views can contain zones
and resource records.
• Zone: the second level where you define the domains you manage. There are several zone
types that define the DNS resolution of your domains, whether to convert an IP address into
a domain name, or the contrary. You can even manage RPZ zones. Zones contain resources
records (RRs).
• RR: the lowest level of the hierarchy, the content of your zones. Each zone contains an SOA
and NS record, you can add many more record types, A, AAAA, PTR..., in each zone. The
records you can add in a zone depend on its type.

You can add as many servers, views and zones as you need, to resolve IPv4 or IPv6 queries.
You can even sign zones with DNSSEC. For more details, refer to the Administrator Guide.

In the sections below, we add an EfficientIP DNS server managing IPv4 queries, add it to a smart
architecture and add one of the Master name zones it manages.

Note that we strongly recommend using smart architectures because they provide a backup for
the configuration and data for the physical servers they manage. Five smart architectures are
available to manage DNS servers: Master/Slave, Stealth, Multi-Master, Single-Server and Farm.

Adding a DNS Server

You can manage different types of DNS servers from the page All servers. In the procedure below
we add an EfficientIP DNS server to show you the basic configuration steps.

8
 Initial Setup

To add an EfficientIP DNS server

1. In the sidebar, go to DNS > Servers. The page All servers opens.
2. In the menu, select Add > EfficientIP. The wizard Add an EfficientIP DNS server opens.
3. In the field Name, specify a DNS resolvable fully qualified domain name (FQDN) for your
server.
4. In the field Management IP address, specify the IPv4 address of your appliance to manage
the local DNS server.
5. Tick the box Configure enrollment parameters. The field "Admin" account password ap-
pears.
6. Empty the field "Admin" account password and specify your SSH password.You changed
it in the previous chapter.
7. Click on OK to complete the operation. The report opens and closes. The server is listed, it
appears Busy in the column Status. It will change to OK after a while.

Now you must add a smart architecture to manage the physical server.

To manage a DNS server via a smart architecture

1. In the menu, select Add > Smart architecture.The wizard Add a DNS smart architecture
opens.
2. In the field DNS Name, name the smart architecture with a valid FQDN.
3. In the list DNS smart architecture, select Single-Server. The page refreshes.
4. Click on NEXT . The page DNS servers role configuration opens.
5. In the drop-down list Available DNS servers, the physical server you just added is selected.
6. Click on + MASTER . The server is moved to the Master DNS server(s) list.
7. Click on OK to complete the operation. The report opens and closes. The smart architecture
is now listed above the physical server it contains.

If the server Status is Timeout, you must synchronize it.

To synchronize a server
1. In the sidebar, go to DNS > Servers. The page All servers opens.
2. Tick the smart architecture and the server.
3. In the menu, select Edit > Synchronize. The wizard Synchronization opens.
4. Click on OK to complete the operation. The report opens and close. The list is visible again.

As you added a smart architecture, back on the Main dashboard, in the gadget SOLIDserver
Configuration Checklist the line DNS smart architecture is followed by a .

Now you must add a zone in your server.

Adding a DNS Zone

When deploying a name server, it is important to understand the difference between a zone and
a domain. A zone is a delegated point within a DNS structure, and is made up of adjoining elements
from the domain structure, which are governed by a name server.

You can add six types of zones on the page All zones, they can resolve an IP address using a
name or a name using an IP address. In the procedure we add on the most basic one, the Master
name zone to the smart architecture, it resolves a name using an IP address.

9
 Initial Setup

To add a master name zone

1. From the page All servers, click on the Name of the smart architecture. The page All zones
opens.
2. In the menu, click on Add. The wizard Add a DNS zone opens.
3. Click on NEXT . The next page opens.
4. In the field Name, name the zone respecting the syntax given in RFC1034.
5. Click on NEXT . The last page opens.
6. In the field Responsible, fill in your email address.
7. Click on OK to complete the operation. The report opens and closes. The zone is listed.

If you click on the zone Name, you open the page All RRs where the SOA and the NS records
of the zone were automatically added.

Now that you manage a zone and a server from a DNS smart architecture, you need to continue
the initial setup in the module DHCP.

2. Setting Up the DHCP

The Dynamic Host Configuration Protocol (DHCP) allows you to configure channels of commu-
nication between the devices on your network and to automate parameter assignments to the
clients connecting to the network, from a valid IP address to specific DHCP options. Its dedicated
module is divided as follows:
• Server: the highest level of the DHCP hierarchy. Without the server, you cannot provide access
to your network to DHCP clients. Servers can contain scopes, ranges, leases, statics and
groups.
• Shared networks: an optional level of the hierarchy. They allow different scopes to serve a
common network segment.
• Scope: the second level of the hierarchy. The scope listens to certain parts of the network
(subnet-type networks) and provides whatever the clients requests, if it can. The scope can
contain statics or ranges delivering leases.
• Range: the third level of the hierarchy. It indicates a dynamic addressing configuration of the
DHCP. Ranges can contain the clients leases.
• Lease: the lowest level of the hierarchy in a dynamic addressing configuration. A lease is a
client access to a certain area of the network for a limited amount of time and can correspond
to a specific IP address of the IPAM module.
• Group: an optional second level of the hierarchy in a fixed addressing configuration. It allows
you to assign a number of options to clients. Groups contain statics.
• Static: the lowest level of hierarchy in a fixed reservation configuration, whether it relies on
pairs of IP and MAC addresses or on statics without IP address. Note that adding a static with
IP address also adds the corresponding lease whenever the client is active on the network.

You can add as many servers, shared networks, scopes, ranges, groups and statics as you need,
to answer IPv4 or IPv6 requests. For more details, refer to the Administrator Guide.

In the sections below, we add an EfficientIP DHCP server managing IPv4 queries and add it to
a smart architecture.

Note that we strongly recommend using smart architectures because they provide a backup for
the configuration and data for the physical servers they manage. Four smart architectures are
available to manage DHCPv4 servers: One-to-One, One-to-Many, Split-Scope and Single-Server

10
 Initial Setup

and Farm. Three smart architectures are available to manage DHCPv6 servers: Single-Server,
Split-Scope and Stateless.

Adding a DHCP Server

You can manage different types of DHCP servers from the page All servers. In the procedure
below we add an EfficientIP DHCP server to show you the basic configuration steps.

Note that a proper configuration of the DHCP requires to add a server, a scope and either a range
of leases or a number of statics. However, for now we only add objects at server level. In the rest
of the chapter, you will see that adding a subnet-type network in the IPAM can automatically add
a scope in the DHCP, thanks to the advanced properties you enabled when you configured the
internal module setup.

To add an EfficientIP DHCP server

1. In the sidebar, go to DHCP > Servers. The page All servers opens.
2. In the menu, select Add > Server > EfficientIP. The wizard Add a DHCP server opens.
3. In the field DHCP server name, name your server with a valid FQDN.
4. In the field Management IP address, specify the IPv4 address of your appliance to manage
the local DHCP server.
5. Tick the box Configure enrollment parameters. The field "Admin" account password ap-
pears.
6. Empty the field "Admin" account password and specify your SSH password.You changed
it in the previous chapter.
7. Click on OK to complete the operation. The report opens and closes. The server is listed.

Now you must add a smart architecture to manage the physical server.

To manage a DHCP server via a smart architecture

1. In the sidebar, go to DHCP > Servers. The page All servers opens.
2. In the menu, select Add > Server > Smart architecture. The wizard Add a DHCP
server opens.
3. In the field DHCP server name, name your server with a valid FQDN.
4. Click on NEXT . The next page opens.
5. In the DHCP smart architecture list, select Single-Server. The page refreshes.
6. Click on NEXT . The last page opens.
7. In the list Available DHCP servers, double click on the name of the physical server you just
added. The server is moved to list Selected DHCP servers.
8. Click on OK to complete the operation. The report opens and closes. The smart architecture
is now listed above the physical server it contains.

If the server Status is Timeout, you must synchronize it.

To synchronize a server
1. In the sidebar, go to DHCP > Servers. The page All servers opens.
2. Tick the smart architecture and the server.
3. In the menu, select Edit > Synchronize. The wizard Synchronization opens.
4. Click on OK to complete the operation. The report opens and close. The list is visible again.

11
 Initial Setup

As you added a smart architecture, back on the Main dashboard, in the gadget SOLIDserver
Configuration Checklist the line DHCP smart architecture is followed by a .

Now that you manage a DHCPv4 server from a smart architecture, you need to continue the initial
setup in the module IPAM.

3. Setting Up the IPAM

The Internet Protocol Address Management (IPAM) module allows you to plan, track, organize
and manage IP addresses on your network. Its dedicated module is divided as follows:
• Space: the highest level of the IPAM hierarchy, the essential entry point of the IP address
management. It defines an addressing range in which every IP address is unique. The spaces
can contain block-type and subnet-type networks, pools and/or IP addresses.They can contain
IPv4 and IPv6 addresses.
• Network, or block-type network: the second level of the hierarchy, where you set the range
of IPv4 or IPv6 addresses that you manage within your space. It is mandatory to add at least
one block-type network to manage IP addresses. Block-type networks contain subnet-type
networks.
• Network, or subnet-type network: the third level of the hierarchy, where you manage IPv4
or IPv6 addresses that you can assign. It is mandatory to add at least one terminal subnet-type
network to manage IP addresses. Subnet-type networks can contain pools and/or IP addresses.
• Pool: an optional level of the hierarchy that allows you to configure common options. Pools
contain IPv4 or IPv6 addresses.
• IP addresses: the lowest level of the hierarchy, where you associated an IPv4 or IPv6 address
with a MAC address. IP addresses belong to terminal networks and/or pools. Within your
spaces, each IP address must be unique.

You can add as many spaces, networks, pools and addresses as you need, for IPv4 and/or IPv6.
For more details, refer to the Administrator Guide.

In the sections below, we add a space, a block-type network and a terminal network. These ad-
ditions automatically update the DNS and DHCP.

Note that from the IPAM you can also set up Variable Length Subnet Masking (VLSM) at space
and network level, you can even preconfigure organizations and apply them as templates.

Adding a Space
You can add as many spaces as you need from the page All spaces. The space is the entry point
of the IPAM, it is a container that does not correspond to any IP address, it contains them. It can
hold as many IPv4 et IPv6 addresses as you need, organized in as many block-type networks,
subnet-type networks and pools as needed.

To add a space
1. In the sidebar, go to IPAM > Spaces. The page All spaces opens, the only space listed
is Local, the default space.
2. In the menu, click on Add. The wizard Add a space opens.
3. In the list VLSM parent space, select None.
4. Click on NEXT . The next page opens.
5. In the field Space name, name the space.

12
 Initial Setup

6. In the drop-down list Advanced properties, select All. The page refreshes.
7. Configure the IPAM to DNS replication properties:
a. In the drop-down list DNS server, select your DNS smart architecture. The page re-
freshes.
b. In the field Domain list, double click on your zone. It is moved to the Selected domains
list.
c. In the drop-down list Default domain, select your zone.
d. In the drop-down list DNS server for reverse zones, select your smart architecture.
The page refreshes.
e. Tick the box Update DNS to automate the retrieval of IPAM data from the DNS server.
8. Configure the IPAM to DHCP replication properties:
a. In the field DHCP failover channel, select the failover channel of your smart architecture,
it is named failover-<your-smart-server>. The page refreshes.
b. Tick the box Add a DHCP static to automate the addition of statics for every assigned
IP address. The page refreshes.
9. Click on OK to complete the operation. The report opens and closes. The new space is listed.

Now you must add a block-type network in your space.

Adding a Block-type Network

The block-type network defines the IP addresses you can manage. You can add IPv4 and IPv6
block-type networks from the page All networks of one space.

To add an IPv4 block-type network

1. From the page All spaces, click on the Name of your new space. The page All networks
opens, it is empty.
2. On the right-end side of the menu, make sure the button V4 is black, otherwise click on it.
The page refreshes and the button turns black.
3. In the menu, click on Add. The wizard Network type selection opens.
4. In the drop-down list Network type, Block is selected.
5. Click on NEXT . The wizard Add an IPv4 Network opens.
6. In the field Network Name, name the network.
7. In the field Address, specify the start IP address 192.168.0.0 .
8. In the drop-down list Prefix, select 16 [CIDR]. The content of the field Netmask automatically
changes to 255.255.0.0 [CIDR].
9. In the drop-down list Advanced properties, select All. The page refreshes.
In the sections IPAM to DNS replication and IPAM to DHCP replication the data configured
at space level is already applied to your block-type network.
10. Click on OK to complete the operation. The report opens and closes. The network is listed.

Now you must add a terminal network in your block-type network.

Adding a Subnet-type Network

The terminal subnet-type network defines the IP addresses you can assign.You also add subnet-
type networks from the page All networks.

13
 Initial Setup

To add a terminal network

1. From the page All networks, click on the Name of the block-type network you just added.
The page All networks opens, it is empty.
2. In the menu, click on Add. The wizard Add an IPv4 Network opens.
3. In the field Network Name, name the subnet-type network.
4. In the field Address, type in 192.168.42.0 .
The content of the field Netmask automatically changes and displays 255.255.255.0 .
The content of the field Prefix automatically changes and displays 24, you are adding a /24
network.
5. In the drop-down list Advanced properties, select All. The page refreshes.
In the sections IPAM to DNS replication and IPAM to DHCP replication the data configured
at space level is already applied to your terminal network.
6. Click on OK to complete the operation. The report opens and closes. The subnet-type network
is listed.

Now that you have a space, block-type network and terminal network, go to the modules DNS
and DHCP to see how the selection of both smart architectures in the module IPAM affected both
modules:
In the DNS
Go to the page All servers and click on the Name of the smart architecture, the page All
zones opens. It now contains a reverse zone that was added from the terminal network you
added. That zone contains the SOA and NS records
In the DHCP
Go to the page All servers and click on the Name of the smart architecture, the page All
scopes opens. It now contains a scope that was added from the terminal network you added,
it has the same name and manages the same addresses.

Now that you manage a space and two networks, you need to continue and finish the intial setup
in the module NetChange. If your license does not include NetChange, you can go to the chapter
Next Steps.

4. Setting Up NetChange
NetChange offers an overview of your network devices and allows you to manage and/or monitor
devices and their content.

To collect information NetChange relies on the SNMP protocol and on the MIB of each device.
Its dedicated module is divided as follows:
• Network device: the highest level of NetChange hierarchy, where you manage and monitor
all the devices on your network. They can contain routes, VLANs, ports, configurations files,
interface IP addresses and/or discovered items.
• Route: one of the second levels of hierarchy where you can view and partially manage the
IPv4 and IPv6 routing tables of your layer 3 network devices.
• VLAN: one of the second levels of the hierarchy where you can manage the VLANs of your
network devices. VLANs allow you to connect network devices with discovered items.
• Port: one of the second levels of the hierarchy where you can manage the ports of your network
devices. Ports allow you to connect network devices with discovered items.
• Configuration: one of the second levels of the hierarchy where you can manage the configur-
ation file versioning of the network devices that support it.

14
 Initial Setup

• Address: one of the second levels of the hierarchy where you can view the interface IP ad-
dresses of the imported network devices.
• Discovered item: the lowest level of the hierarchy where you can manage the devices connec-
ted to your network devices, in IPv4 and IPv6. The devices are identified through their MAC
address and are connected to a network device via VLANs or ports.

You can add as many network devices as you need and track all discovered items on the network.
The module allows you to know where and when a device has been connected, on which device
and port, in which VLAN, etc. You can even create NetChange objects in other modules. For
more details, refer to the Administrator Guide.

In the section below, we add one network device and use neighboring protocols to automatically
discover all the devices it is connected to. This addition automatically updates the IPAM.

Note that all the information you collect depend on the MIB of each device and on your license,
it defines what you can manage rather than simply monitor.

Adding Network Devices

You can add as many network devices as you need, from a number of vendors, from the page
All network devices.

Adding a network device actually imports it on the page via its IP address. To have a proper
overview of the neighboring protocols, you should specify a device located on a network segment
containing several network devices.

To add a network device

1. In the sidebar, go to NetChange > Network devices. The page All network devices
opens.
2. In the menu, click on Add. The wizard Add network devices opens.
3. In the field IP Address, specify the IP address of the device you want to add.
4. In the drop-down list Target space, select the space you added earlier.
5. Click on OK to complete the operation. The report opens and takes a while before closing.
The device is listed.

If you click on the network device Name, you can display all the objects it contains.

Now, to have an overview of how you can automate the addition, we use the menu Import to find
the other devices connected to your network through the neighboring protocols CDP (Cisco
Discovery Protocol), NDP (Neighbor Discovery Protocol) and LLDP (Link Layer Discovery Pro-
tocol).

To import other network devices using CDP/NDP/LLDP

1. From the page All network devices, tick the device you just added.
2. In the menu, select Import > Using CDP/NDP/LLDP. The wizard Add network device
opens.
3. In the drop-down list Target space, select the same space again.
4. Click on OK to complete the operation. The report opens and takes a while before closing.
The new devices are listed.

In the IPAM, the selected Target space is updated with the IP addresses retrieved from your
network devices.

15
 Initial Setup

Now that you manage network devices, the initial setup is done. You can complete the configur-
ation of SOLIDserver in the chapter Next Steps.

16
Chapter 4. Next Steps
Now that you made the initial setup, you have an overview of SOLIDserver.

To complete the appliance configuration, you probably need to grant user access.

You can even go further and have a look at what SOLIDserver has to offer, in addition to all the
other available modules.

Configuring User Access to SOLIDserver

Within SOLIDserver, user rights and resources depend on the group they belong to.

Being logged as the superuser, ipmadmin, you belong to the most privileged group, admin. Users
of that group can perform all operations and have access to all existing resources. Some operations
can only be performed by the users of that group, in which case it is specified in the procedure.

To configure access to other users, you need to:

1. Add or import users.
2. Add a group of users.
3. Configure that group with users. At group level, the users are considered a resource.
4. Configure that group with rights. From the page Rights of each group you can grant or deny
access to operations in all modules to the users of the group.
5. Configure that group with resources. From the page Resources of each group, you can add
existing objects as resource.The resources define the list of objects on which users can perform
operations. If a group does not have resources, its users are granted rights that they cannot
use on any object.

Note that you can also configure and enable authentication rules relying on Active Directory,
LDAP, RADIUS and OpenID Connect to securely log in external users. For more details regarding
users, groups and authentication rules, refer to the part Right Management of the Administrator
Guide.

Going Further With Your Appliance

SOLIDserver provides more than object management in its modules.

It offers a set of monitoring tools:

• You can configure alerts to monitor objects and statuses.
• You can generate a set of reports from the modules DHCP, DNS, NetChange and Administra-
tion.
• You can track users and sessions and even monitor and redirect operation logs.

It also offers customization tools:

• You can customize the appliance login page with an image and/or a disclaimer.
• You display and create all sorts of gadgets on the dashboards.
• You can add smart folders to organize IPAM, DHCP and DNS data in a dedicated panel.

Note that you can even configure several SOLIDserver appliances in High Availability.

17
 Next Steps

In addition, your license can include more modules, metrics and options. You may have access
to the following modules:
• Network Object Manager allows you to map out object interactions and their connections
through interfaces managed via network objects and folders.
• Application allows you to tailor application traffic and optimize user experience. Relying on
Global Server Load Balancing (GSLB), it allows you to add applications, pools and nodes to
define and deploy specific traffic policies on your network.
• Guardian allows you to secure DNS services by detecting threats and activating counter
measures to ensure service continuity. Guardian completes the DNS configuration, for recursive
and authoritative resolution, by providing policies and triggers that you deploy on your network.
• Cloud Observer allows you to retrieve private IPv4 and IPv6 data from Amazon, Google,
VMware and/or Azure cloud and monitor it via folders, networks, instances and IP addresses.
• Workflow allows you to delegate user operations in the modules IPAM and DNS. Based on
addition, editing and deletion requests, it allows you to set up an execution and validation
process for end users.
• Device Manager allows you to map out all the equipment on your network. You can automat-
ically retrieve or manually add the devices, ports and interfaces you manage from the module.
• VLAN Manager allows you to create and handle Virtual Local Area Networks (VLANs) and
Virtual Extensible LAN (VXLAN) to set up layer 2 data exchange between networks and devices
you manage in other modules.
• Identity Manager allows you to retrieve Active Directory (AD) authentication events and
monitor user connections to AD domains via identities and sessions.
• VRF allows you to inventory all the Virtual Routing and Forwarding (VRF) and VRF Route
Targets, the exchange of routes between the VRFs, on your network.
• SPX, or Service Provider eXtension (SPX), allows you to configure and manage networks that
you were allocated by the RIPE (Réseaux IP Européens) or the APNIC (Asia-Pacific Network
Information Center).

All the available operations and modules are described in the Administrator Guide, accessible
from the GUI in the menu ? > Administrator Guide.

18