Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8
111112113114115116117118119120
Configuring FWLB for NAT Firewalls
May 31, 2012 © 2012 Brocade Communications Systems, Inc. 7 - 13
Commands for Standby ServerIron A (External Standby)
SI-StandbyA(config)# server fw-group 2
SI-StandbyA(config-tc-2)# fwall-info 1 1 3.3.3.20 192.168.2.2
SI-StandbyA(config-tc-2)# fwall-info 2 2 3.3.3.20 192.168.2.3
SI-StandbyA(config-tc-2)# fwall-info 3 1 4.4.4.20 192.168.2.2
SI-StandbyA(config-tc-2)# fwall-info 4 2 4.4.4.20 192.168.2.3
SI-StandbyA(config-tc-2)# fwall-info 5 8 192.168.2.1 192.168.2.1
SI-StandbyA(config-tc-2)# exit
SI-StandbyA(config)# static-mac-address abcd.4321.a53d ethernet 2 high-priority
router-type
SI-StandbyA(config)# static-mac-address abcd.4321.2499 ethernet 1 high-priority
router-type
Commands for Active ServerIron B (Internal Active)
SI-ActiveB(config)# server fw-group 2
SI-ActiveB(config-tc-2)# fwall-info 1 1 192.168.2.10 4.4.4.10
SI-ActiveB(config-tc-2)# fwall-info 2 2 192.168.2.10 4.4.4.11
SI-ActiveB(config-tc-2)# fwall-info 3 1 192.168.1.10 4.4.4.10
SI-ActiveB(config-tc-2)# fwall-info 4 2 192.168.1.10 4.4.4.11
SI-ActiveB(config-tc-2)# fwall-info 5 8 4.4.4.30 4.4.4.30
SI-ActiveB(config-tc-2)# exit
SI-ActiveB(config)# static-mac-address abcd.4321.249b ethernet 1 high-priority
router-type
SI-ActiveB(config)# static-mac-address abcd.4321.a53f ethernet 2 high-priority
router-type
Commands for Standby ServerIron B (Internal Standby)
SI-StandbyB(config)# server fw-group 2
SI-StandbyB(config-tc-2)# fwall-info 1 1 192.168.1.10 3.3.3.10
SI-StandbyB(config-tc-2)# fwall-info 2 2 192.168.1.10 3.3.3.11
SI-StandbyB(config-tc-2)# fwall-info 3 1 192.168.2.10 3.3.3.10
SI-StandbyB(config-tc-2)# fwall-info 4 2 192.168.2.10 3.3.3.11
SI-StandbyB(config-tc-2)# fwall-info 5 8 3.3.3.30 3.3.3.30
SI-StandbyB(config-tc-2)# exit
SI-StandbyB(config)# static-mac-address abcd.4321.a53e ethernet 2 high-priority
router-type
SI-StandbyB(config)# static-mac-address abcd.4321.249a ethernet 1 high-priority
router-type
Command Syntax
Syntax: server fw-group 2
Syntax: [no] fwall-info <path-num> <portnum> <other-ServerIron-ip> <next-hop-ip>
The syntax for adding static MAC entries differs depending on whether you are using a stackable or chassis
ServerIron.
Syntax for chassis devices:
Syntax: [no] static-mac-address <mac-addr> ethernet <portnum> [priority <0-7>] [host-type | router-type]
Syntax for stackable devices:
Syntax: static-mac-address <mac-addr> ethernet <portnum> [to <portnum> ethernet <portnum>]
[normal-priority | high-priority] [host-type | router-type | fixed-host]
The priority can be 0 – 7 (0 is lowest and 7 is highest) for chassis devices and either normal-priority or high-priority
for stackable devices.
The defaults are host-type and 0 or normal-priority.