Configuring the WSM using Device Manager # Go back one pageGo to the next page#Go to this book's Index

Configuring private-side network devices

To configure the private-side network devices (WSM-1 and WSM-2) in the VPN configuration example:

  1. Define and enable VLAN 2 for ports 3 and 4. See Configuring a VLAN.
  2. Turn off Spanning Tree Protocol (STP) on ports 3 and 4. See Enabling or disabling spanning tree on a port.
  3. Define the private-side network IP interfaces using the settings in the following table. See Manually configuring an IP interface.
  4. Create one private-side network IP interface on a different subnet for each VPN device being load-balanced.

    Field in Device Manager Setting for WSM-1 Setting for WSM-2
    Interface Number
    1
    1
    IP Address
    30.0.0.10
    30.0.0.11
    IP Subnet Mask
    255.255.255.0
    255.255.255.0
    VLAN
    1
    1
    State
    Enabled
    Enabled
    BOOTP Relay
    Disabled
    Disabled
    Interface Number
    2
    2
    IP Address
    20.0.0.10
    20.0.0.20
    IP Subnet Mask
    255.255.255.0
    255.255.255.0
    VLAN
    2
    2
    State
    Enabled
    Enabled
    BOOTP Relay
    Disabled
    Disabled
    Interface Number
    3
    3
    IP Address
    20.0.0.11
    20.0.0.21
    IP Subnet Mask
    255.255.255.255
    255.255.255.255
    VLAN
    2
    2
    State
    Enabled
    Enabled
    BOOTP Relay
    Disabled
    Disabled

  5. Configure routes for each of the IP interfaces using the VPN devices as gateways. Configure one static route for each VPN device being load-balanced using the settings in the following table. See Configuring static routes.

    Field
    in Device Manager
    Setting
    for WSM-1 and WSM-2
    Static Route
    [1 - 128]
    Destination IP Address
    10.0.0.10
    IP Subnet Mask
    255.255.255.255
    Gateway IP Address
    20.0.0.101
    IP Interface
    2
    Static Route
    [1 - 128]
    Destination IP Address
    10.0.0.11
    IP Subnet Mask
    255.255.255.255
    Gateway IP Address
    20.0.0.102
    IP Interface
    3
    Static Route
    [1 - 128]
    Destination IP Address
    10.0.0.20
    IP Subnet Mask
    255.255.255.255
    Gateway IP Address
    20.0.0.101
    IP Interface
    2
    Static Route
    [1 - 128]
    Destination IP Address
    10.0.0.21
    IP Subnet Mask
    255.255.255.255
    Gateway IP Address
    20.0.0.102
    IP Interface
    3

  6. Enable virtual routing for the WSM. See Enabling virtual routing on the WSM.
  7. Configure VRRP for virtual routers 1 and 2 by making the settings in the following table. See Configuring a virtual router.

    Field
    in Device Manager
    Setting
    for WSM-1 and WSM-2
    Virtual Router Number
    1
    Virtual Router ID
    1
    IP Address
    30.0.0.50
    IP Interface
    1
    State
    Enabled
    Priority
    101
    Load Sharing
    Disabled
    Track VRs
    Enabled
    Track VLAN Ports
    Enabled
    Virtual Router Number
    2
    Virtual Router ID
    2
    IP Address
    20.0.0.1
    IP Interface
    2
    State
    Enabled
    Priority
    101
    Load Sharing
    Disabled
    Track VRs
    Enabled
    Track VLAN Ports
    Enabled

  8. Enable Server Load Balancing (SLB) on the private-side network WSMs. See Enabling or disabling server load balancing.
  9. Configure real servers for health checking VPN devices using the settings in the following table. See Configuring each real server.

    Field
    in Device Manager
    Setting
    for WSM-1 and WSM-2
    Real Server
    1
    IP Address
    10.0.0.10
    State
    Enabled
    Name
    VPN Server 1
    Real Server
    2
    IP Address
    10.0.0.11
    State
    Enabled
    Name
    VPN Server 2
    Real Server
    3
    IP Address
    10.0.0.20
    State
    Enabled
    Name
    VPN Server 3
    Real Server
    4
    IP Address
    10.0.0.21
    State
    Enabled
    Name
    VPN Server 4

  10. Configure real server group 1 with the hash metric; and add real servers 1, 2, 3, and 4 to the group. Use the settings in the following table. See Configuring a real server group.

    Field
    in Device Manager
    Setting
    for WSM-1 and WSM-2
    Group
    1
    Name
    VPN Group
    Metric
    hash
    Real Servers
    1, 2, 3, 4

  11. Enable RTS on the necessary ports (ports 3 and 4). See Configuring ports for server load balancing.
  12. Enable filter processing on the server ports (port 1) so that the responses from the real server will be looked up in the VPN session table. See Enabling or disabling filtering on a port.
  13. Apply and save the configuration, and reboot the WSM.

See also:


Go back one pageGo to the next page##Go to this book's Index