Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8
81828384858687888990
Configuring Multizone FWLB
May 31, 2012 © 2012 Brocade Communications Systems, Inc. 6 - 17
Zone3-SI-A(config-tc-2)# fw-name FW1
Zone3-SI-A(config-tc-2)# fw-name FW2
Zone3-SI-A(config-tc-2)# l2-fwall
Zone3-SI-A(config-tc-2)# sym-priority 1
Zone3-SI-A(config-tc-2)# fwall-info 1 1 209.157.24.13 209.157.23.1
Zone3-SI-A(config-tc-2)# fwall-info 2 1 209.157.24.14 209.157.23.1
Zone3-SI-A(config-tc-2)# fwall-info 3 16 209.157.24.13 209.157.23.254
Zone3-SI-A(config-tc-2)# fwall-info 4 16 209.157.24.14 209.157.23.254
Zone3-SI-A(config-tc-2)# fwall-info 5 1 209.157.25.15 209.157.23.1
Zone3-SI-A(config-tc-2)# fwall-info 6 1 209.157.25.16 209.157.23.1
Zone3-SI-A(config-tc-2)# fwall-info 7 16 209.157.25.15 209.157.23.254
Zone3-SI-A(config-tc-2)# fwall-info 8 16 209.157.25.16 209.157.23.254
Zone3-SI-A(config-tc-2)# fwall-info 9 5 209.157.23.15 209.157.23.15
Zone3-SI-A(config-tc-2)# exit
Zone3-SI-A(config)# vlan 1
Zone3-SI-A(config-vlan-1)# static-mac-address abcd.5200.3489 ethernet 1 high-
priority router-type
Zone3-SI-A(config-vlan-1)# static-mac-address abcd.5200.0b4c ethernet 16 high-
priority router-type
Zone3-SI-A(config-vlan-1)# exit
Zone3-SI-A(config)# write memory
Zone3-SI-A(config)# exit
Zone3-SI-A# reload
Commands on Zone3-SI-S in Zone 3
The following commands configure ServerIron “Zone3-SI-S”, on the right side of zone 3 in Figure 6.2 on page 6-8.
ServerIron(config)# hostname Zone3-SI-S
Zone3-SI-S(config)# ip address 209.157.23.12 255.255.255.0
Zone3-SI-S(config)# ip default-gateway 209.157.23.254
Zone3-SI-S(config)# no span
Zone3-SI-S(config)# ip policy 1 fw tcp 0 global
Zone3-SI-S(config)# ip policy 2 fw udp 0 global
Zone3-SI-S(config)# server router-ports 5
Zone3-SI-S(config)# server fw-port 9
Zone3-SI-S(config)# trunk switch ethernet 9 to 10
Zone3-SI-S(config)# vlan 10 by port
Zone3-SI-S(config-vlan-10)# untagged 9 to 10
Zone3-SI-S(config-vlan-10)# exit
Zone3-SI-S(config)# vlan 1
Zone3-SI-S(config-vlan-1)# always-active
Zone3-SI-S(config-vlan-1)# exit
Zone3-SI-S(config)# server fw-name FW1 209.157.23.1
Zone3-SI-S(config-rs-FW1)# exit
Zone3-SI-S(config)# server fw-name FW2 209.157.23.254
Zone3-SI-S(config-rs-FW2)# exit
Zone3-SI-S(config)# access-list 2 permit 209.157.25.0 0.0.0.255
Zone3-SI-S(config)# server fw-group 2
Zone3-SI-S(config-tc-2)# fwall-zone Zone2 2 2
Zone3-SI-S(config-tc-2)# fw-name FW1
Zone3-SI-S(config-tc-2)# fw-name FW2
Zone3-SI-S(config-tc-2)# l2-fwall
Zone3-SI-S(config-tc-2)# sym-priority 1
Zone3-SI-S(config-tc-2)# fwall-info 1 16 209.157.24.13 209.157.23.1
Zone3-SI-S(config-tc-2)# fwall-info 2 16 209.157.24.14 209.157.23.1
Zone3-SI-S(config-tc-2)# fwall-info 3 1 209.157.24.13 209.157.23.254
Zone3-SI-S(config-tc-2)# fwall-info 4 1 209.157.24.14 209.157.23.254
Zone3-SI-S(config-tc-2)# fwall-info 5 16 209.157.25.15 209.157.23.1