How do I configure GMS on-prem zero touch feature?

Description

Configuring Zero Touch server in On-Prem GMS system (GMS 8.7)

Resolution

Zero Touch (ZT) feature can be enabled and used as per below deployment scenarios:

  • GMS AIOP / Console system with ZT service Included
  • GMS AIOP/ Console system with standalone ZT server/s

NOTE: For Zero Touch feature to function correctly, have SonicOS 6.5.1.1-42n or above (Recommended 6.5.3.x) running on the firewall.

 

All-In-One (AIO) / Console with ZT Agent Service: This is the typical All-In-One GMS deployment scenario where ZT Agent will be included within. No additional configuration needed for ZT

  • Make sure that Zero Touch Agent Service is UP / Running on the GMS system
  • Check and verify the GMS server Public IP under Console | ZeroTouch | Settings page
  • Note: Make sure that ZT server IP is accessible from outside on port 21021.
  • ImageInstall GMS AIO / Console system first and verify that all services are running.
  • Now Install and Configure the Standalone ZT server in GMS deployment.
  • Login to GMS and go to Console | Diagnostics | Cluster Status screen and verify that ‘SonicWall Universal Management Suite – Zero Touch Agent’ service is running on Console / AIO and ZT Agent systems
  • ImageNote: In case of Distributed GMS setup, it is IMPORTANT to keep the ‘SonicWall Universal Management Suite – Zero Touch Agent’ service running on the Console/AIO system
  • Now change URL to go to ‘https://x.x.x.x/sgms/techSupport.html’ Page
  • Go to Zero Touch settings tab and provide Zero Touch Agent Public IP (This should be the Public IP to reach the standalone ZT server) and click ‘Update

ImageNote: Make sure that ZT server IP is accessible from outside on port 21021.

Image 

When using Multiple ZT Agents (More than one ZT Agent roles) in the deployment, you need to have a Load Balancer to take full advantage of multiple ZT Agents and put all the ZT Agent behind a Load Balancer. Then provide the Load balancer Public IP on the ‘https://x.x.x.x/sgms/techSupport.html’ page under Zero Touch Agent Public IP

Note: Make sure that ZT server IP is accessible from outside on port 21021.

Related Articles

  • Analytics On-Prem vs NSM Feature Matrix
    Read More
  • Analytics On-Prem End of Life and NSM Transition FAQ
    Read More
  • NSM On-Prem: Backups over SCP to Windows OpenSSH Server
    Read More

Categories

Management and Reporting
GMS
System
not finding your answers?
Ask the Community