Initiating secure tunnels with the CLI


You can initiate a secure tunnel to an agent using either of the following commands:

--init-tunnel –ip ip_address
--init-tunnel –host hostname

This task requires that the bmmtm_agent is running on the agent system, and is configured for Service-initiated tunneling.

 

Tunnel initiation via hosttool is usually only required when the agent is initially deployed. It is only required if the following conditions are true:

  • The agent is deployed with service-initiated tunneling enabled.
  • The agent is not already known to the service tier or the agent was previously known to the service tier but has not connected since its ConnectionInitiation preference was changed (e.g. a new deployment changed the tunnel initiation preference to Service-initiated, and it overwrote the previous deployment). Check the Object Repository view of the agent to see the current preference published to the services.

If the agent is already known to the service tier (e.g. if it was switched to service-initiated tunneling via the ConnectionInititation agent preference), then the services are able to automatically determine that a tunnel must be initiated.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*