Configuring servers in separate networks

When BigFix and BigFix Inventory servers are installed in separate networks, automatic lookup of their IP addresses might not work correctly. It might happen, for example in networks that use network address translation (NAT). To ensure that IP addresses of the servers are correct and the communication between them works, change the default settings, and manually enter the IP addresses or domain names of the servers.

About this task

By default, the address of BigFix server is automatically retrieved from the database. In case of separate networks, the address might contain a local address of the server that cannot be recognized outside of its network. After you specify the IP address of BigFix server, you also need to specify the correct address of BigFix Inventory server to allow BigFix server to access the software catalog.

Procedure

  1. During the initial configuration of BigFix Inventory, while specifying the connection details of the BigFix server, select Disable automatic address lookup, and enter the host name of BigFix server. The address is always created based on the provided host name and port number.
    Note: To access this panel after the installation, log in to BigFix Inventory, and click Management > Data Sources.


    Tip: To check whether BigFix host is correct, access the following URL from network: http://hostname:port/UploadReplication. Expected message: Error: no query parameters specified.
  2. On the computer where BigFix Inventory server is installed, add an environment variable with new addresses that will be used by BigFix server to access the software catalog.
    1. Go to one of the following directories, and create the server.env file.
      • Linux install_dir/wlp/usr/servers/server1
      • Windows install_dir\wlp\usr\servers\server1
    2. Add one or more environment variables to the file:
      • BigFix Inventory Server 10.0.13 or lower
        SERVER_URL_CATALOG=https://DNS/IP address:port
        A single environment variable which defines DNS or IP address of BigFix Inventory server that BigFix server uses to obtain the software catalog and deliver it to the clients. This catalog is then used during the catalog-based software scan.
        When using BigFix Platform version 10.0.8 or higher, provided DNS/IP address must match the server DNS name provided in the SSL certificate. Otherwise such connection will be rejected. If the DNS name provided in the certificate does not match, the connection is rejected.
      • BigFix Inventory Server 10.0.14 or higher
        BIGFIX_SERVER_URL_FOR_DATASOURCE_ID_datasource_id=http://DNS/IP address:port
        Example: BIGFIX_SERVER_URL_FOR_DATASOURCE_ID_3=http://correctbigfix.acme.org:52311
        One or more environment variables that define DNS or IP addresses of BigFix servers that are used to obtain the software catalog and deliver it to the clients. This catalog is then used during the catalog-based software scan.
        datasource_id is an id of the datasource for which the BigFix server DNS or IP address has to be masked in the catalog download action with a value of given environment variable.
        Proper values of datasource_id are presented in the first column of the Management > Data Sources panel.
  3. Restart the BigFix Inventory server.