Table of Contents
Advertisement
The above will only allow access by external clients on the Internet. To also allow internal clients
on lannet access, the IP Policy must be rewritten using an Interface Group object which combines
both the wan and lan interfaces.
A-2: First, create the InterfaceGroup:
add Interface InterfaceGroup my_if_group Members=wan,lan
B-2: Now, create an SLBPolicy object:
gw-world:/> add SLBPolicy SourceInterface=my_if_group
Web Interface
A. Create an Object for each of the web servers:
1.
Go to: Objects > Address Book > Add > IP4 Address
2.
Enter a suitable name, in this example server1
3.
Enter the IP Address as 192.168.1.10
4.
Click OK
5.
Repeat the above to create an object called server2 for the 192.168.1.11 IP address
B. Specify the SLB_SAT IP rule:
1.
Go to: Policies > Firewalling > Main IP Rules > Add > SLB Policy
2.
Now enter:
•
Name: my_web_slb_policy
•
Source Interface: wan
•
Source Network: all-nets
•
Destination Interface: core
•
Destination Network: wan_ip
•
Service: http-all
3.
Add server1 and server2 to Selected
4.
Click OK
The above will only allow access by external clients on the Internet. To also allow internal clients
on lannet access, the IP Policy must be rewritten using an Interface Group object which combines
both the wan and lan interfaces.
SourceNetwork=all-nets
DestinationInterface=core
DestinationNetwork=wan_ip
Service=http-all
Name=my_web_slb_policy
SLBAddresses=my_server_group
817
Chapter 10: Traffic Management
- Quick Links:
- User Manual
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
