Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8

111

112

113

114

115

116

117

118

119

120

Configuring FWLB for NAT Firewalls

Figure 7.2 FWLB for Layer 3 firewalls performing NAT—IronClad configuration

To configure IronClad FWLB for NAT firewalls, perform the following tasks.

Table 7.2: Configuration tasks – IronClad FWLB for NAT Firewalls

Task See page...

Configure Global Parameters

Globally enable FWLB 7-10

Identify the partner port (the link between the active and standby ServerIrons) 7-10

Identify the router port (ServerIron ports connected to routers) 7-10

Configure Firewall Parameters

Define the firewalls and add them to the firewall group 7-11

Configure Firewall Group Parameters

Configure the paths and add static MAC entries for the firewall interfaces with the ServerIron 7-12

Specify the ServerIron priority (determines which ServerIron in the active-standby pair is the default

active ServerIron)

7-14

Configure NAT Address Parameters

Disable load balancing for the NAT addresses 7-15

Internal Router

Internet

External Router

Standby

ServerIron A

Standby

ServerIron B

Active

ServerIron B

Active

ServerIron A

192.168.1.1/24

3.3.3.30/24

3.3.3.20/24

192.168.1.10/24

2.2.2.10

4.4.4.20/24

10.10.10.21/2410.10.10.20/24

4.4.4.30/24

192.168.1.2/24

4.4.4.10.24

3.3.3.10/24

192.168.2.2/24

192.168.1.3/24

4.4.4.11.24

3.3.3.11/24

192.168.2.3/24

Port e8

FW1

FW2

SI-A

SI-B

SI-A

Port e8

Port e2

Port e1

Port e2

192.168.2.1/24