Configuring Multiple NICs on an Existing KeyControl Vault Node

When you deploy a new KeyControl Vault node, you configure the management interface during that process. We strongly recommend that you do not change this interface after you have deployed the node if the node is part of a cluster or if there are VMs registered with the node.

The following procedure describes how to add and configure additional NICs on an already-deployed node. For details about deploying a new KeyControl Vault node, see Installing KeyControl Vault from an OVA Template or Installing the First KeyControl Vault Node from an ISO Image.

1. If the additional NICs you want to use have not yet been configured on the VM in which the KeyControl Vault node is running, do the following:

   1. If the KeyControl Vault node is powered on, shut it down using your hypervisor or the node's Entrust KeyControl System Console. For details, see Using the Entrust KeyControl System Console.

   2. In your hypervisor, add the new NICs to the KeyControl Vault VM and configure them using your corporate standards.

      Note: Make sure that the new NICs use the same adapter type as the existing NICs. For example, if the management interface NIC is of type VMXNET, the new NICs must be of type VMXNET as well.

   3. Make a note of the MAC address you are using for each NIC. When the NICs are displayed in KeyControl Vault, they are identified by their MAC address. Therefore, when you go to configure the NIC in KeyControl Vault later in this procedure, you will need to know its MAC address.
   4. Power on the KeyControl Vault VM.

2. Log in as htadmin on the KeyControl Vault node whose NICs you want to configure.

   KeyControl Vault displays the Entrust KeyControl System Console TUI (Text-based User Interface).

3. Select Manage Network Settings.
4. Select Manage IP Address Settings.

5. On the Interfaces screen, select the NIC you want to configure and press Enter.

   The NIC that is the current management interface has 'Current management interface' listed after the name. We strongly recommend that you do not change this interface after deployment if this node is part of a KeyControl Vault cluster or any VMs are registered with this node. If you select the management interface, acknowledge the configuration request at the prompt.

6. On the Secondary Network Configuration screen, specify the static IP address and netmask for the KeyControl Vault node.

   Note:  

   • Changing the hostname on one NIC changes it for all NICs, including the management interface NIC. If this node is part of a cluster, you should not change the hostname for the node.

   • All NICs must use the same default gateway and DNS server list.

   • Make sure you specify a static IP address and netmask for the KeyControl Vault node.

7. When you have finished specifying the network information, select OK and press Enter.

   KeyControl Vault restarts the network services using the new configuration. Contact with the node via the KeyControl webGUI or by any VMs registered with the node will be unavailable until the restart is finished.

   When the network finishes restarting, KeyControl Vault displays the Entrust KeyControl System Console.

8. Repeat the proceeding steps for any other NICs you want to configure. KeyControl Vault will restart the network services and the node will be unreachable for a short time after each configuration change.

9. If you want to verify the configuration information, select Manage Network Settings. From there, select Show Current Network Configuration to view a list of the configured NICs with their IP addresses and netmasks. The management interface IP address is shown as the main interface. Any additional interfaces that are configured are shown below.