VMware Cloud Community
ingvargo
Enthusiast
Enthusiast
‎07-07-2015 08:54 AM
Jump to solution

remove vShield portgroup

hi

i am in the process of removing vShield 5.5.3 from Vmware 5.5 enviroment, i have unistalled endpoints off the esx servers but now i have the portgroups left and the virtual appliance, i cannot find anything in the documents how to do this correctly but like to ask if anyone knows how to do this?

BR

Ingvar

Tags (1)
Reply
0 Kudos
1 Solution

Accepted Solutions
Sreec
VMware Employee
VMware Employee
‎07-07-2015 10:44 PM
Jump to solution


To remove all vShield components

Always start with automated uninstall feature(You have already done this)



a)Remove the vmservice-vswitch that was created during the install (assuming there is no other device that uses this vswitch). This is a service vSwitch with no physical adapters that was created during the install. This will have 2 port groups, one called vmservice-vmknic-pg and the other vmservice-vsheild-pg.


b)Remove the 169.x.x.x address given to the Net.DVFilterBindIpAddress property for the host.  Select the ESXi host on the left hand side tree, on the right hand pane select the Configuration tab and click on Advanced Settings under Software. In the Advaced Settings page look for the Net section and select it. Scroll all the way down and then make your way up until you find Net.DVFilterBindIpAddress = 169.254.1.1. Remove the 169.254.1.1 and click OK



After performing same step on all the host finally do a web manager restart


Log-into the vShield Manager console and restart the web-manager component:


            Manager#no web-manager
            Manager#web-manager

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

View solution in original post

Reply
0 Kudos
7 Replies
Sreec
VMware Employee
VMware Employee
‎07-07-2015 10:44 PM
Jump to solution


To remove all vShield components

Always start with automated uninstall feature(You have already done this)



a)Remove the vmservice-vswitch that was created during the install (assuming there is no other device that uses this vswitch). This is a service vSwitch with no physical adapters that was created during the install. This will have 2 port groups, one called vmservice-vmknic-pg and the other vmservice-vsheild-pg.


b)Remove the 169.x.x.x address given to the Net.DVFilterBindIpAddress property for the host.  Select the ESXi host on the left hand side tree, on the right hand pane select the Configuration tab and click on Advanced Settings under Software. In the Advaced Settings page look for the Net section and select it. Scroll all the way down and then make your way up until you find Net.DVFilterBindIpAddress = 169.254.1.1. Remove the 169.254.1.1 and click OK



After performing same step on all the host finally do a web manager restart


Log-into the vShield Manager console and restart the web-manager component:


            Manager#no web-manager
            Manager#web-manager

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
ingvargo
Enthusiast
Enthusiast
‎07-08-2015 08:29 AM
Jump to solution

Thanks Sree

now the portgroups are gone and the ip address in the advanced config.

what is the best way to remove the vshield appliance and deregister vshield from the vmware console?

BR

Ingvar

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎07-08-2015 11:49 AM
Jump to solution

I believe you are talking about partner antivirus solution since this is endpoint environment.Mostly you will be getting host un preparation option in partner appliance manager solution .Remember that while using the solution you would installed thin agent inside the guest machine via vmtools.Either you can leave it as it is or just remove the agent from each guest O/S.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
SRoland
VMware Employee
VMware Employee
‎07-08-2015 01:53 PM
Jump to solution

> now the portgroups are gone and the ip address in the advanced config.

> what is the best way to remove the vshield appliance and deregister vshield from the vmware console?

If under the 'appliance' here you mean the vCNS/vShield manager and if the 'vmware console' means the vSphere client then :

- power off the Manager

- unregister the vShield extension form vCenter as it is written in KB 1025360
the vShield Manager plugin is the 'com.vmware.vShieldManager'

Of course do it after you unprepared all the element in vShield manager, otherwise you might get issues with the leftovers.

HTH

//Roland

Reply
ingvargo
Enthusiast
Enthusiast
‎07-09-2015 02:09 AM
Jump to solution

Thanks Roland

yes i mean the appliance that is for vSphere vShield ( VMware vCloud Networking and Security )

i thought that maybe turning the appliance off and remove it was not just enough.

so is shutting down the appliance, removing the extension and delete the vShileld appliance is sufficent to get the enviroment as it was before vShield installation?

i have already unistalled all drivers and cleaned up the hosts.

BR

Ingvar

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎07-09-2015 07:08 AM
Jump to solution

Yes,those steps are sufficient enough.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
DCV009
Contributor
Contributor
‎12-03-2018 08:13 AM
Jump to solution

Hi,

I have Vshield 5.5 environment. I want to remove it completely from our current environment and then upgrade to 6.5.

Are there any best practices? This is our prod enviroment. Just want to make sure.

Please help,

Mathi

Reply
0 Kudos