Manualshelf

HP VPN Firewall Appliances High Availability Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
181182183184185186187188189190
178
Interface backup configuration examples
Multi-interface backup configuration example
Network requirements
Use interfaces GigabitEthernet 0/2 and GigabitEthernet 0/3 on Firewall A to back up the active
interface GigabitEthernet 0/1, assigning interface GigabitEthernet 0/2 a higher priority, and configure
switchover delays.
Figure 82 Network diagram
Configuration procedure
1. Configure IP addresses:
Follow Figure 82 to configure the IP address and subnet mask for each interfa
ce. (Details not
shown.)
2. Configure a static route:
# On Firewall A, configure a static route to the segment 192.168.2.0/24 where Host B resides.
<FirewallA> system-view
[FirewallA] ip route-static 192.168.2.0 24 gigabitethernet 0/1 1.1.1.2
[FirewallA] ip route-static 192.168.2.0 24 gigabitethernet 0/2 2.2.2.2
[FirewallA] ip route-static 192.168.2.0 24 gigabitethernet 0/3 3.3.3.2
# On Firewall B, configure a static route to the segment 192.168.1.0/24 where Host A resides.
<FirewallB> system-view
[FirewallB] ip route-static 192.168.1.0 24 gigabitethernet 0/1 1.1.1.1
[FirewallB] ip route-static 192.168.1.0 24 gigabitethernet 0/2 2.2.2.1
[FirewallB] ip route-static 192.168.1.0 24 gigabitethernet 0/3 3.3.3.1
3. Configure the standby interfaces and switchover delays on Firewall A:
# Specify interfaces GigabitEthernet 0/2 and GigabitEthernet 0/3 on Router A to back up
GigabitEthernet 0/1, and assign them the priorities 30 and 20, respectively.
[FirewallA] interface gigabitethernet 0/1
[FirewallA-GigabitEthernet0/1] standby interface gigabitethernet 0/2 30
[FirewallA-GigabitEthernet0/1] standby interface gigabitethernet 0/3 20
# Configure switchover delays to 10 seconds.
[FirewallA-GigabitEthernet0/1] standby timer delay 10 10