Connecting to a remote controller

Procedure
  1. Create an HSC with the commandhsc.
  2. 配置的IP地址在HSC经理remote controller with the commandmanager ip. The HSC manager must be reachable via the management port on the switch.
  3. Optionally, change the TCP port on which the HSC communicates with the HSC manager with the commandmanager port. By default, port 6640 is used. The remote controller OVSDB client listens on this default port.
  4. Enable the HSC with the commandenable.
  5. Obtain the default certificate on the HSC with the commandshow crypto pki certificate local-cert pem. Copy the lines between----BEGIN CERTIFICATE-----and-----END CERTIFICATE-------. You need to provide this certificate when configuring the remote controller.

Example

switch(config)#hscswitch(config-hsc)#enableTrust Anchor (TA) profile configurations are not used for HSC authentication. Instead HSC will store the CA certificate from the HSC controller during the first TLS handshake and use it for all future authentications with HSC servers. This CA certificate will not be used for any other certificate-based authentication. Do you want to continue (y/n)?yswitch(config-hsc)#exitswitch(config)#exitswitch#show crypto pki certificate local-cert pemCertificate name: local-cert Associated Applications: captive-portal, hsc, https-server, syslog-client Certificate status: installed Certificate type: self-signed -----BEGIN CERTIFICATE----- MIDITCDskKkeLkDKfjlsafkdjLdfkejwlisfuslekfjsdkfjelfrjsekfslkefjselfkjslde8383 ... 3md0k4o9vjksdoijeknkviocvhsksdoeo399((jifiIIIHFKwlIelId8rekILF:IofJe,kei(gfo9 -----END CERTIFICATE------