| Configuring the WSM using Device Manager |
To configure the public-side network in the basic FWLB example:
|
VLAN
|
11
|
|
Name
|
FWLB
|
|
State
|
Enabled
|
|
Ports
|
7, 8
|
|
VLAN
|
12
|
|
Name
|
FWLB
|
|
State
|
Enabled
|
|
Ports
|
5, 6
|
|
5
|
Default VLAN
|
12
|
|
6
|
Default VLAN
|
12
|
|
7
|
Default VLAN
|
11
|
|
8
|
Default VLAN
|
11
|
|
1
|
7 and 8
|
|
2
|
5 and 6
|
There must be an IP interface for general WSM management (IF1), in addition to a public-side IP interface for each firewall path being load balanced (IF2 and IF3).
|
Later in this procedure, you'll configure one private-side IP interface on a different subnet for each firewall path being load balanced.
|
Using the hash metric, all traffic between specific IP source/destination address pairs flows through the same firewall. This ensures that sessions established by the firewalls are maintained for their duration.
|
|
Index
|
10
|
|
Name
|
FWLB
|
|
Filter
|
Enabled
|
|
Action
|
Allow
|
|
Source IP Address
|
Any
|
|
Destination IP Address
|
172.21.8.0
|
|
Destination IP Mask
|
255.255.255.0
|
This filter redirects all inbound traffic, and load balances it among the defined real servers in the group. In this network, the real servers in group 1 represent IP interfaces on the private-side WSM.
|
|
Port
|
5
|
|
Filtering
|
Enabled
|
|
Filters Applied
|
10 and 100
|
|
Port
|
6
|
|
Filtering
|
Enabled
|
|
Filters Applied
|
10 and 100
|
|
Static Route
|
[1 - 128]
|
|
Destination IP Address
|
210.1.2.200
|
|
IP Subnet Mask
|
255.255.255.255
|
|
Gateway IP Address
|
192.168.1.10
|
|
IP Interface
|
2
|
|
Static Route
|
[1 - 128]
|
|
Destination IP Address
|
210.1.20.1
|
|
IP Subnet Mask
|
255.255.255.255
|
|
Gateway IP Address
|
192.168.10.20
|
|
IP Interface
|
3
|
See also: