Docs
uhas
FAQ for Flagship Edition
Application environment and compatibility

Application Environment and Compatibility

1. Will the failure of the Bastion Host affect the access to the hosts that have been added in the management system?

Answer: If the firewall restricts that the host can only be accessed through the Bastion Host, the unavailability of the Bastion Host will result in the inability to access the host. Temporary relaxation of firewall restrictions is required. If the firewall has no restrictions, it will not be affected.

2. Can the Bastion Host connect to cloud hosts across regions?

Answer: The Bastion Host can use the internal network IP to connect to cloud hosts in all available zones in the same region. Due to network communication issues, the Bastion Host does not support connecting to cloud hosts across regions using internal network IPs, but it can use external network IPs to connect to cloud hosts across regions. If you need to use an internal network IP to manage the cloud host, it is recommended to create a Bastion Host in each region.

3. What connection protocols does the Bastion Host support?

Answer: Supports multiple connection protocols such as SSH, Telnet, RDP, VNC, FTP, HTTP/HTTPS.

4. What PC operating systems and operating environments does the Bastion Host support?

Answer: PC end operating system: supports Windows, Mac, Linux operating systems.

HTML5 operation: supports IE core (IE 10 and above), Firefox, Google and so on.

Client operation and maintenance: Supports multiple terminal tools such as Xshell, SecureCRT, Putty, Mac Terminal.

5. How does the Bastion Host use client tools for operation and maintenance?

Answer: In the client, SSH connects to the bastion host IP + 22222 port, enter the Bastion Host WEB interface username + password, then you can enter the Bastion Host management, search and choose the machine for operation and maintenance. All operation and maintenance operations will be audited by the Bastion Host.

In addition, Windows PC users can also download the configuration files of Xshell and SecureCRT from the Bastion Host WEB interface and import them into the corresponding tools for automatic quick connection configuration.

6. What types of assets can the Bastion Host manage?

Answer: Windows System: Window Server 2003, 2008, 2012, Win7, Win8, etc.

Unix/Unix-like system: Linux, Red Hat Enterprise Linux, HP Unix, Solaris, etc.

Network Devices: Huawei, Cisco, H3C series routers, switches, and other devices.

Database: Oracle, MS SQL, MySQL, etc. (using application publishing function).

Application System: Based on HTTP, HTTPS application system (using application publishing function).

7. What do the resource number/user number/resource concurrent connection number of the Bastion Host refer to?

Answer: Asset number (or resource number): The total number of hosts, network equipment, and application publishing servers managed by the Bastion Host.

User number: The total number of company employees using the Bastion Host.

Resource concurrent connection number: Refers to the number of resource sessions that log in and operate at the same time (including hosts, network equipment, and application publishing servers).

8. Does the Bastion Host support data storage expansion?

Answer: Bastion Host supports data disk expansion to store more audit records. Users only need to carry out data disk expansion operations on the console, and the Bastion Host can complete the expansion after restarting. If you have any issues you can contact the after-sales staff of the Bastion Host.

9. Using the 360 browser on the Bastion Host, unable to log in to the host?

Answer: Need to switch to extreme mode to log in. Compatible mode cannot log in. The compatibility mode of the 360 browser has added Chinese cookies by default when using websocket (theworld_client_none³±”¯), and the tomcat currently used does not support Chinese cookies, causing the connection to fail. It is recommended that customers use the latest versions of Chrome and Firefox to log in to the Bastion Host for operations.

10. Firefox browser logs into the Bastion Host, reporting certificate errors?

Answer: 1. Firefox browser logs into the Bastion Host, reporting certificate errors? Error Code: SEC_ERROR_REUSED_ISSUER_AND_SERIAL. Close the Firefox browser, open the Firefox configuration file, the configuration file is usually located in the following path: Taking account ‘byp’ as an example ” C:\Users\byp\AppData\Roaming\Mozilla\Firefox\Profiles\oqhco3pb.default” directory, find the cert8.db file, delete it, then open the browser.

11. What ports need to be open for the Bastion Host?

Answer: The 22 port corresponds to the console; 22222 port corresponds to the ssh client; 443 port corresponds to web; 8001 port corresponds to mobile APP;

  HA needs to be opened separately (TCP:3306 UDP:694 TCP:6379).
Error prompt messageCheck the network connectivity between bastion host and host