How Can I Configure Network Security for SMS?
Network security configuration and requirements for SMS are as follows:
- Network requirements on source servers: Sources servers can access HUAWEI CLOUD and communicate with API Gateway.
- Network communications requirements: The network connection between the source server and the target ECS is normal. You can use elastic IP addresses, VPN connections, or Direct Connect connections on the target ECSs to ensure that source servers can access target ECSs.
- EIP: Data on the source server is transmitted to the target ECS over the Internet.
- Private line or VPN: Data on the source servers is transmitted to the target ECS through the internal network. You need to set up a private line or VPN connection before migration.
- Target ECS port requirements: The security group in the VPC to which the target ECSs belong must be configured to enable TCP ports 8899 and 8900 for Windows OSs and enable port 22 for Linux OSs. To ensure that the source servers can connect to the target ECSs, you can run the Telnet command to test the connectivity between the source and target networks and ports.
For details about how to configure the security group rules for a VPC, see How Can I Configure the Security Group Rules for Target ECSs?Figure 1 SMS networking principle