HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

451

452

453

454

455

456

457

458

459

460

429

10.1.1.0/24 Direct 0 0 10.1.1.1 GE0/1

10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0

10.2.1.0/24 Direct 0 0 10.2.1.1 GE0/2

10.2.1.1/32 Direct 0 0 127.0.0.1 InLoop0

10.3.1.0/24 OSPF 10 4 10.1.1.2 GE0/1

10.4.1.0/24 OSPF 10 13 10.2.1.2 GE0/2

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

The route to 10.5.1.1/24 is filtered out.

BFD for OSPF configuration example

The following matrix shows the configuration example and hardware compatibility:

Hardware Com

atibilit

F1000-A-EI/F1000-S-EI No

F1000-E No

F5000 Yes

F5000-S/F5000-C No

VPN firewall modules No

20-Gbps VPN firewall modules No

Network requirements

As shown in Figure 278, run OSPF on Firewall A, Firewall B, and Router so that they can reach each other

at the network layer. When the link over which Firewall A and Firewall B communicate through a Layer

2 switch fails, BFD can quickly detect the failure and notify OSPF of the failure. Firewall A and Firewall

B then communicate through Router.

Figure 278 Network diagram

Device Interface IP address

Device

Interface

IP address

Firewall

GE 1/1 192.168.0.102/24

Firewall

GE 1/1

192.168.0.100/24

GE 1/2 10.1.1.102/24 GE 1/2 13.1.1.1/24

Router GE 1/1 10.1.1.100/24

GE 1/2 13.1.1.2/24