96 IBM Tivoli Remote Control Across Firewalls
Figure 3-1 General testing scenario
This scenario includes interconnected TMR using the Hub and Spoke
architecture, two different Gateways and a set of Endpoints. One of the
Gateways is placed in the DMZ (less secure side) to which the Target Endpoints
belong, while the other one is placed on the more secure side, to which the
Controller Endpoints belong.
Our Administrators have been defined in the TMR Spoke environment, where we
have the Controllers. The intention here is to establish Remote Control sessions
from TMR Spoke environment (more secure side) to DMZ (less secure side). In
our scenario, we defined the Endpoint tic01006 to be a Controller and the
Endpoints tic01005 and tic01007 to be the Targets.
Endpoint
Windows TS server
Endpoint Gateway
AIX 5.1 - tic01002
Hub TMR server
AIX 5.1 - tic01010
Firewall
De-Militarized
Zone (DMZ)
Spoke TMR server
AIX 5.1 - tic01002
Endpoint Gateway
Windows - tic01005
Endpoint
Endpoint
Windows
tic01006
Endpoint
Endpoint
TMR Spoke
TMR Hub
Endpoint
Windows
tic01005
Endpoint
Windows
tic01007