This article describes how to secure network traffic from the Service Virtual Machine to the NetScaler VPX instances on the NetScaler SDX appliance.

Background

Communication from the Service Virtual Machine to the NetScaler VPX instances is HTTP by default.

To configure HTTPS access for the NetScaler VPX instances, you must secure the network traffic between the Service Virtual Machine and NetScaler VPX instances.
If you do not secure the network traffic from the Service Virtual Machine configuration, the NetScaler VPX Instance State appears as Out of Service and the Status shows Inventory from instance failed.

Instructions

To secure network traffic from the Service Virtual Machine to the NetScaler VPX instances, complete the following procedure:

1. Log on to the Service Virtual Machine Graphical User Interface (GUI) management.

2. Open Configuration > System > Change System Settings.

3. Change Management Service to NetScaler Communication to https, as shown in the following screen shot:

   

4. Run the following command on the NetScaler VPX instance, to change the Management Access (-gui) to SECUREONLY:
   set ns ip ipaddress -netmask ipaddress -arp ENABLED -icmp ENABLED -vServer DISABLED -telnet ENABLED -ftp ENABLED -gui SECUREONLY -ssh ENABLED -snmp ENABLED - mgmtAccess ENABLED -restrictAccess DISABLED -dynamicRouting ENABLED -ospf DISABLED -bgp DISABLED -rip DISABLED -hostRoute DISABLED -vrID 0