Brocade Communications Systems ServerIron ADX 12.4.00 Service Manual Page 88
- Page / 188
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
ServerIron ADX Firewall Load Balancing Guide 77
53-1002436-01
Configuration example for basic multizone FWLB
4
DRAFT: BROCADE CONFIDENTIAL
Commands on Zone2-SI in zone 2
The following commands configure ServerIron ADX “Zone2-SI” in zone 2 in Figure 13 on page 73.
The configuration is similar to the one for Zone1-SI, with the following exceptions:
• The management IP address is different.
• The default gateway goes to a different interface on FW1.
• The paths are different due to the ServerIron ADX’s placement in the network. (However, like
Zone1-SI, ServerIron ADX Zone2-SI has a path through each firewall to the ServerIron ADXs in
the other zones, and has a path to its directly attached router.)
• An ACL and zone definition are configured for zone 3. Because this ServerIron ADX is in zone 2,
the configuration does not include an ACL and zone definition for zone 2. This ServerIron ADX
also does not contain an ACL or zone definition for zone 1. As a result, by default, this
ServerIron ADX forwards packets that are not addressed to the ServerIron ADX’s own sub-net,
or to a sub-net in zone 3, to zone 1.
ServerIronADX(config)# hostname Zone2-SI
Zone2-SI(config)# ip address 209.157.24.15 255.255.255.0
Zone2-SI(config)# ip default-gateway 209.157.25.1
Zone2-SI(config)# no span
Zone2-SI(config)# server router-ports 5
Zone2-SI(config)# server fw-name FW1 209.157.25.1
Zone2-SI(config-rs-FW1)# exit
Zone2-SI(config)# server fw-name FW2 209.157.25.254
Zone2-SI(config-rs-FW2)# exit
Zone2-SI(config)# access-list 3 permit 209.157.23.0 0.0.0.255
Zone2-SI(config)# server fw-group 2
Zone2-SI(config-fw-2)# fwall-zone Zone3 3 3
Zone2-SI(config-fw-2)# fw-name FW1
Zone2-SI(config-fw-2)# fw-name FW2
Zone2-SI(config-fw-2)# fwall-info 1 1 209.157.25.15 209.157.24.1
Zone2-SI(config-fw-2)# fwall-info 2 16 209.157.23.11 209.157.24.1
Zone2-SI(config-fw-2)# fwall-info 3 16 209.157.25.15 209.157.24.254
Zone2-SI(config-fw-2)# fwall-info 4 1 209.157.23.11 209.157.24.254
Zone2-SI(config-fw-2)# fwall-info 5 5 209.157.25.200 209.157.25.200
Zone2-SI(config-fw-2)# exit
Zone2-SI(config)# static-mac-address abcd.5200.348b ethernet 1 priority 1
router-type
Zone2-SI(config)# static-mac-address abcd.5200.0b4e ethernet 16 priority 1
router-type
Zone2-SI(config)# write memory
Zone2-SI(config)# exit
- ServerIron ADX 1
- Document History 2
- Contents 3
- About This Document 8
- Document conventions 9
- Notice to the reader 10
- Related publications 11
- ServerIron FWLB Overview 12
- Firewall environments 14
- Load balancing paths 15
- Firewall selection 17
- Hashing mechanism 17
- Stateful FWLB 18
- Health checks 18
- Path health checks 19
- Application health checks 19
- Firewall health check debug 21
- Basic FWLB topology 22
- HA FWLB topology 23
- Failover 24
- Router paths 24
- Multizone FWLB topology 25
- FWLB configuration limits 26
- Configuring Basic FWLB 28
- IPv4 Firewall-1 37
- IPv4 Firewall-2 37
- External 40
- Internal 40
- Firewall-2 42
- Firewall-1 42
- Configuring HA FWLB 48
- Session limits 49
- Session aging 49
- Task Reference 52
- Configuring the firewall port 53
- Configuring the partner port 54
- Configuring the router port 55
- Configuring the firewalls 55
- Adding the firewalls 55
- Connection rate control 57
- Complete CLI example 62
- HA FWLB with VRRP 73
- Usage notes 78
- Configuring Multizone FWLB 82
- Zone 3Zone 2 84
- Zone1-SI(config)# no span 85
- Failover algorithm 92
- Commands on Zone1-SI-A zone 1 92
- DRAFT: BROCADE CONFIDENTIAL 100
- 53-1002436-01 102
- SI-A SI-A 104
- In this chapter 124
- NAT firewalls 124
- Extra firewall method 129
- Access policy method 130
- Specifying the partner port 134
- Specifying the router ports 134
- Configuring FWLB and SLB 146
- Configuring SLB-to-FWLB 148
- Configuring the real servers 149
- Enabling SLB-to-FWLB 150
- Configuring FWLB-to-SLB 152
- Enabling FWLB-to-SLB 154
- FWLB configuration overview 166
- TCP/UDP port statistics 169
- FWLB path information 172
- Field Description 173
- • 6 – TCP 174
- • 17 – UDP 174
- In this appendix 176
- FWLB selection algorithms 182
- Configuration guidelines 186
- Denying FWLB 187
Related products and manuals for Network switches Brocade Communications Systems ServerIron ADX 12.4.00
(12 pages)
(64 pages)© 2020, manymanuals.com. All rights reserved. | 0.563 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals