setting_up_a_lucy_master_slave
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
setting_up_a_lucy_master_slave [2019/04/26 15:48] – [Ports and Updates] lucy | setting_up_a_lucy_master_slave [2020/06/03 13:52] – lucy | ||
---|---|---|---|
Line 14: | Line 14: | ||
LUCY's master/ | LUCY's master/ | ||
- | * **Master/ | + | * **Master/ |
- | * **Reflective Master/ | + | * **Reflective Master/ |
Please note: There is a caveat with HTTPS - if you generate SSL on master, you have to put it to proxy by hands, as the proxy doesn' | Please note: There is a caveat with HTTPS - if you generate SSL on master, you have to put it to proxy by hands, as the proxy doesn' | ||
Line 24: | Line 24: | ||
The Master/ | The Master/ | ||
- | {{ proxy1.png?600 }} | + | {{: |
Please contact our support for further help on this topic (support@lucysecurity.com). | Please contact our support for further help on this topic (support@lucysecurity.com). | ||
Line 31: | Line 31: | ||
===== Ports and Updates ===== | ===== Ports and Updates ===== | ||
- | Both master-slave approaches (reverse proxy and DMZ-based) use only https ports (port 443). A " | + | Both master-slave approaches (reverse proxy and DMZ-based) use only HTTPS port (443). A " |
* master should allow connections from slave to port 443 | * master should allow connections from slave to port 443 | ||
+ | * master should allow connections from slave to port 25 (if the SMTP method selected for the incidents reporting) | ||
* master should allow connections from Lucy admin computers to port 443 | * master should allow connections from Lucy admin computers to port 443 | ||
* slave should allow connections from " | * slave should allow connections from " | ||
- | * master must be able to send mails via port 25 | + | * master must be able to send emails |
Line 44: | Line 45: | ||
* slave should allow connections from master to port 443 | * slave should allow connections from master to port 443 | ||
* master should allow connections from Lucy admin computers to port 443 | * master should allow connections from Lucy admin computers to port 443 | ||
- | * slave must be able to send mails via port 25 | + | * slave must be able to send emails |
+ | |||
+ | **Updates**: | ||
+ | |||
+ | ===== Integration with other services Master and Slave ===== | ||
+ | |||
+ | * End-User portal and all end-users must be configured on the Master since Lucy in Proxy mode forwards all traffic (except Admin console page /admin ) to Master. | ||
+ | * SSO Settings and LDAP Settings must be applied to the Master server. | ||
+ | * Mail Server is running on the Master server. In the Proxy mode, SMTP traffic is intercepted by the Slave server and forwarded to the Master server. That means that your domain name used in the sender email address must have an MX record pointed to the Slave server. | ||
+ | * Incident Plugin Settings is configured on the Master and Slave server in the same way. The slave server forwards (SMTP & HTTP) traffic directly to the Master. Incidents are not saved on the Slave server. | ||
+ | |||
+ | ===== Integration with other services Reflective Master and Slave ===== | ||
+ | |||
+ | * End-User portal and all end users must be configured on the Slave server. In case of the option "Do not send emails" | ||
+ | * Only running campaigns are available on the End User portal. To allow users to see their progress and entire statistics you may give access to the End User portal on the Master server. | ||
+ | * In case of " | ||
+ | * Mail Server is running on the Slave server. SMTP traffic is intercepted by the Slave server only, later the statistics are synchronized with the Master. | ||
+ | * SMTP Settings must be the same on both, Master and Slave server. | ||
+ | * Incident Plugin Settings are configured on the Slave server. Incidents are saved on both the Master and Slave server. Slave synchronize each incident with Master. | ||
+ | |||
+ | |||
+ | ===== Master and Slave common information ===== | ||
+ | |||
+ | * Custom admin Port and IP should not limit the communication between the two servers. | ||
+ | * Adapt should be configured on Master. | ||
+ | * LUCY Admin users (including End Users) are not replicated between the Master and Slave server. | ||
+ | * If the option "Do not send emails" | ||
+ | |||
+ | ===== Master and Slave domain info ===== | ||
+ | |||
+ | The following is applicable for both type of Web Proxy configuration (Master \ Proxy configuration and Reflection Master \ Reflection Slave configuration): | ||
+ | |||
+ | * SMTP hostname (Mail Settings) must point to the Slave server | ||
+ | * All domain names used for landing page and sender email must point to the Slave server. | ||
+ | * Master server may have (or may not have) their own domain name for the Admin Console. | ||
+ | * Slave server (in case of use of the End User portal) should have a domain name for the Admin Console that point to that server. | ||
+ | |||
+ | ===== Troubleshooting ===== | ||
+ | |||
+ | There are known issues. | ||
+ | Please contact support in case if you have any questions. | ||
- | **Updates**: | ||
setting_up_a_lucy_master_slave.txt · Last modified: 2020/09/21 08:55 by lucy