Creating and Upgrading a Cloud Access Connector¶
With Cloud Access Manager it is possible to have three connector configurations that can be used for different use cases. For more information on the Cloud Access Connector, see Cloud Access Connector.The following section outlines how to create, configure, test and delete a Cloud Access Connector:
Creating a New Connector¶
Prior to creating a new connector you need to ensure that you have Secret Management access from the Key vault in the root resource group. You need get, set and list access to the secrets. Enable this by selecting Access Policies within the Key vault in the root resource group of your Cloud Access Manager deployment.
To create a new connector, follow the instructions for deploying Cloud Access Manager with Azure Cloud Shell and enter the root resource group of the Cloud Access Manager deployment. Select if you want to enable external network access for this connector.
RADIUS Server Settings
If you set new RADIUS server settings when creating a new cloud access connector, these settings will be used by all connectors after their next connection server reboot. The setting if MFA is enabled or disabled is individual to each connector and can only be configured when a connector is created. For more information on the RADIUS server settings within the key vault, see Cloud Access Manager Configuration Storage.
Configuring the Connector¶
Once the Cloud Access Connector has been created you can configure and modify certain scalability and certificate options of the connector from within the Azure portal. To make configurations, select the Cloud Access Connector resource group in Azure.
Testing the Connector¶
Test the Cloud Access Connector and ensure it operates as required. If you intend on using the Cloud Access Manager Management Interface for this connector, try connecting to it. For more information on the Cloud Access Connectors, see Cloud Access Connector.
Modify DNS Records
Use A records for internal routing to the private IP of the application gateway and CNAME for external routing to the aoplication gateway cloudapp.net address. This will direct all new PCoIP or Cloud Access Manager Management Interface connections to use the new connector.
Deleting a Legacy Connector¶
Once you have created, configured and tested your new connector you can delete the legacy connector through the Azure portal.
Any active Management Interface sessions that route to the legacy connector and any active PCoIP connections going through security gateways in the legacy connector will be dropped. Teradici recommends waiting a few hours or overnight after switching DNS records before deleting the legacy connector.