Skip to content
CA Privileged Access Manager - 3.1.1
Documentation powered by DocOps

Configure Network Settings

Last update February 14, 2018

Select Configuration, Network, Network Settings to access the network configuration settings. Here, basic network information is shown in the Default Gateway and Network Interfaces fields. These fields are the only required settings, except for an AWS AMI instance where a DNS server is the only required setting. If necessary, specify information necessary for DNS routing. For an AMI instance, the DNS setting is provided by the AMI instance and you must enter that value.

  • Hostname: Specify a unique hostname. Use this setting to distinguish the servers in a cluster. The IP address is not sufficient.
  • Domain Name: Specify the top-level and second-level domains. For example:
  • Default Gateway: Specify the IP address of the routing device where all packets are sent to destinations without an explicit route. The gateway is necessary when sending traffic to the Internet, to remotely managed devices, or for any other resource access. In a production environment, this value should not be "" or empty.
  • DNS Servers: Specify the name or IP address of one or more DNS servers (one per line).  

    Note: If you use a hostname for an NTP server, a DNS server is required here. If you remove all DNS servers, ensure that any configured NTP servers use IP addresses instead. See Configure Date/Time Settings for details.

  • IPv6 Enabled: Set this option to enable IPv6 addressing.
  • Network Interfaces: This table defines network interfaces. The primary network interface is shown in the first row, named GB1. You use more network interfaces for specific features, such as Additional Routes. To add another network interface, enter appropriate values in the IPV4 Address, IPV6 Address, and Netmask columns, in an available row, such as GB2. The following other columns are also present:
    • Teaming: Use this drop-down list to assign network interfaces to a Team. See Network Teaming Interfaces for more information.
    • Speed: Specifies the Ethernet capacity specification. Select Auto (negotiation), 1GB (gigabit/sec), or 100 (100 megabit/sec). Default is Auto.
    • Duplex: Specifies the Ethernet transmission mode. Select Auto (negotiation), Half (half-duplex; alternating bidirectional), or Full (full-duplex; simultaneously bidirectional). Default is Auto.
    • Enabled: Specifies whether the interface is enabled.

Note: Licensing no longer includes the NIC to generate the hardware identification string. This change allows NICs to be added to running machines without breaking the licensing.

Network Teaming Interfaces

You can set up Network Teaming, also known as NIC teaming, bonding, or aggregation, to combine multiple network cards together for enhanced performance or redundancy. A "bond" is set up among multiple network interfaces. This feature is available on the hardware appliance and VMware.

Note: NIC Teaming is available in VMware, configured in vSphere. Before you set up Network Teaming in CA Privileged Access Manager, ensure that no conflicts exist with the vSphere configuration.


CA Privileged Access Manager supports two Modes for Network Teaming:

  • Active Backup: Use this mode for failover purposes. The first selected interface in the list (such as GB1) becomes the primary interface, and any others that are selected are "standby."
  • Adaptive Load Balancing: Use this mode to increase throughput by sharing network traffic among several network interfaces. 


Network interfaces are teamed together as a "bond." CA Privileged Access Manager supports up to four interfaces for teaming on a hardware appliance. On a VMware instance, you can use up to half of the existing teaming interfaces, or up to its maximum index. Assume that each VMware bond must have at least two interfaces. For example, if a VMware instance has seven network adapters, then the maximum allowed bond interfaces is three (BOND1, BOND2, and BOND3).

To set up a bond for network teaming, follow these steps:

  1. Go to Configuration, Network, Network Settings.
  2. Select a Network Teaming Interface bond, such as BOND1.
    1. Enter an IPv4 or IPv6 Address as a virtual network adapter for the bond.

      Note: Each Bond should be configured to use a different subnet. Using the same subnet results in errors.

    2. Enter a Netmask, such as
    3. Select a Speed from the drop-down list, or leave as "Auto."
    4. Select a value for Duplex from the drop-down list, or leave as "Auto."
    5. Select a Mode from the drop-down list, as described in Modes.
  3. In the list under Network Interfaces, select which interfaces should be teamed together with that bond.
    1. For each interface, such as GB1 and GB2, select the bond from the Teaming drop-down list.
    2. An Interface is automatically Enabled once it joins a team.
  4. Click the Update button to save any changes. Click Reset to return the settings to their last saved state without saving. Click Restart Networking to start using the new settings immediately.


To see the status of a Network Team, select its row in the Network Teaming list, and click the Status button. The Network Team Status window opens. The following information appears:

  • Mode: If mode is Active Backup, the Primary Interface (as opposed to the Backup interface) is listed. The Active Interface is the current active interface that sends and receives network traffic. If the Active Interface is not the same the as Primary Interface, the Primary Interface is down and the failover has occurred.
  • Status: A checkmark denoted that the team is operational.
  • Interfaces
    • Status: A checkmark denoted that the interface is operational.
    • Failure Count: This number is a count of the failures of the member interface. This number is reset to zero when networking restarts or when the appliance reboots.

Was this helpful?

Please log in to post comments.

  1. Masaru Narita
    2018-03-18 09:52

    Please add the following note to the Japanese content as well. "Note: Licensing no longer includes the NIC to generate the hardware identification string. This change allows NICs to be added to running machines without breaking the licensing.".

    1. Strejcek, Kier
      2018-04-05 12:47


      We will have to wait until we do a translation maintenance on the 3.1.1 version. That will probably be after 3.2 translation is finished.