Create a Post
Showing results for 
Search instead for 
Did you mean: 

Create Maestro SG in remote site

Hello all,

I have a question I didn’t spot the answer to in the documentation. I need to build a Maestro solution in a location remote to the Smart Management Server and I don’t know best to proceed...

The target site setup is fairly straightforward, an external interface (facing the Internet) and an internal one (facing site). A pair of Maestro orchestrators (140) with a trio of 6600s. Each Maestro will connect to the internal site via interface 5 and the external site via interface 7. The internal links will be a bond, as will the external ones.

My confusion arises over the management interfaces and the Security Group IP address. As the site is remote, there’s no available address to assign to the management interface/Security Group. Using a regular gateway, I’d use the external interface to connect to but is that a legitimate thing to do in this scenario and if it is, how do I bond the interfaces and apply vlans before I can connect to the SG IP address to do so?

I hope that makes sense. Links to documentation, solutions, other similar posts would be really appreciated.



0 Kudos
1 Reply


Yes, you can manage your security group from external interface. You can just assign some dummy IP for eth1-Mgmt interface and not use it.

Please note, Security Group's web services (like WebUI) will work properly only if you disable layer-4 distribution. That is because your connection is expected to be distributed if it comes not from management interface.


Thank you,