Article number
000003776
Affected Versions
7.5
8.0
8.5
Source Hypervisor
All
Target Hypervisor
All

How to Pair sites in ZVR 7.5+ with the new Pairing changes

Viewed 1418 times

Summary

Since we have added security measures to pairing that require an authentication token in ZVR 7.5+, pairing methods have been changed.  In ZVR 8.0, the pairing token complexity has changed along with the introduction of native ZVM -> ZVM encryption.  In ZVR 7.5, and ZVR 8.0 we have improved security when pairing sites.  Prior to ZVR 7.5, the pairing method was insecure because the receiving site never authorized any pair requests.  The recipient site now must generate a token that is used for pairing a remote site.

Please be aware of the following when pairing in ZVR 7.5:
  1. The authentication token when pairing is required.  There is no way to circumvent this.
  2. No backwards compatibility.  This means that a newly installed or unpaired 7.0 site, and a newly installed or unpaired 7.5 site will not be able to pair.  Both sites must be on ZVR 7.5 in order to pair.
  3. Existing ZVR 7.0 sites that are already paired will not lose their pairing as a result of an upgrade.
  4. The pairing token expires after 48 hours.
  5. The pairing token can be used to pair a single site.  If you have a second site to pair, you must generate a new token for that site.
  6. The token is validated and deleted when pairing is completed.

Please be aware of the following when pairing in ZVR 8.0:
  1. The authentication token when pairing is required.  There is no way to circumvent this.
  2. No backwards compatibility.  This means that a newly installed or unpaired 7.5 site, and a newly installed or unpaired 8.0 site will not be able to pair.  Both sites must be on ZVR 8.0 in order to pair.
  3. Existing ZVR 7.5 sites that are already paired will not lose their pairing as a result of an upgrade.
  4. The pairing token expires after 48 hours.
  5. The pairing token can be used to pair a single site.  If you have a second site to pair, you must generate a new token for that site.
  6. The token is validated and deleted when pairing is completed.

Steps

In order to pair Zerto sites 7.5+ you must use the following steps:
  1.   The token is generated in the recipient site ZVM GUI (Sites > Generate Pairing Token).  It presents a small window with the token (a string of characters) and a button to copy the 32 character string to your clipboard. 
  2.   Share this token with the user at the requesting site (e.g. email / messenger)  
  3.   From the requesting site, navigate to the ZVM GUI (Sites > Pair) and enter in information below and click Pair.
Hostname / IP of the recipient ZVM
Port (default 9081 for ZVR 7.5 and lower.  default 9071 for ZVR 8.0 and higher)
Token

 


In order to decrease or increase the time before a token expires you can apply a tweak to modify the value.  The default value is 48 hours. The tweak to apply is t_tokenExpirationPeriodInHours. Please contact support to apply this tweak.