How To Set Up A Pploe On A Pc Orca On A Ipad Orca (Networking) On A Macbook Orca 2.5 (Netware) On An Ipad 2.2 (Netrocessor



Similar documents
Enabling NAT and Routing in DGW v2.0 June 6, 2012

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Chapter 3 Security and Firewall Protection

UIP1868P User Interface Guide

Multi-Homing Security Gateway

Apple Mac. AT&T DSL Internet Service Implementation Planner Apple Mac PC Configuration Guide Version 1.2 Page 1

Firewall Defaults and Some Basic Rules

Dynamic DNS How-To Guide

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Route Based Virtual Private Network

Network Setup Guide. 1 Glossary. 2 Operation. 1.1 Static IP. 1.2 Point-to-Point Protocol over Ethernet (PPPoE)

Chapter 2 Preparing Your Network

Broadband Phone Gateway BPG510 Technical Users Guide


Lab Configuring Access Policies and DMZ Settings

Broadband Router ALL1294B

Securepoint Security Systems

Configuring a customer owned router to function as a switch with Ultra TV

SETTING UP REMOTE ACCESS FOR Q-SEE DVR SYSTEMS MODEL NUMBER: QC40198

Load Balance Mechanism

How To - Setup Cyberoam VPN Client to connect to a Cyberoam for the remote access using preshared key

Multi-Homing Dual WAN Firewall Router

Chapter 4 Customizing Your Network Settings

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

Securepoint Security Systems

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

1. Hardware Installation

TW100-BRF114 Firewall Router. User's Guide. Cable/DSL Internet Access. 4-Port Switching Hub

STATIC IP SET UP GUIDE VERIZON 7500 WIRELESS ROUTER/MODEM

Barracuda Link Balancer Administrator s Guide

Basic ViPNet VPN Deployment Schemes. Supplement to ViPNet Documentation

Chapter 2 Connecting the FVX538 to the Internet

Chapter 4 Customizing Your Network Settings

Fireware How To Network Configuration

How To Setup Cyberoam VPN Client to connect a Cyberoam for remote access using preshared key

Internet Access Setup

Initial Access and Basic IPv4 Internet Configuration

Chapter 1 Configuring Basic Connectivity

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS

NETWORK SETUP GLOSSARY

Please enter the Network WAN page and click the Edit icon of WAN1. Figure The WAN setting of Network

HOWTO: How to configure IPSEC gateway (office) to gateway

Technical Support Information

1 PC to WX64 direction connection with crossover cable or hub/switch

Chapter 5 Customizing Your Network Settings

LevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0

Chapter 1 Connecting Your Router to the Internet

TW100-BRV204 VPN Firewall Router

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

Securepoint Security Systems

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Appendix C Network Planning for Dual WAN Ports

Quick Installation Guide DAP Wireless N 300 Access Point & Router

PPTP Server Access Through The

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

How to configure DNAT in order to publish internal services via Internet

Setting up and creating a Local Area Network (LAN) within Windows XP by Buzzons

NETWORK SETUP INSTRUCTIONS

< Introduction > This technical note explains how to connect New SVR Series to DSL Modem or DSL Router. Samsung Techwin Co., Ltd.

Load Balancing Router. User s Guide

DIR-100. Before You Begin. Check Your Package Contents. Triple Play Router

BR-6104K / BR-6104KP Fast Ethernet Broadband Router User s Manual

How to establish a Leased Line Connection

DSL-G604T Install Guides

your Gateway Windows network installationguide b wireless series Router model WBR-100 Configuring Installing

HowTo: Logging, reporting, log-analysis and log server setup Version 2007nx Release 3. Log server version 2.0

Configuring WAN Failover & Load-Balancing

Lab Configuring Access Policies and DMZ Settings

Internet Access Setup

Unified Threat Management

CCProxy. Server Installation

For extra services running behind your router. What to do after IP change

Common Application Guide

Version Date Status Owner Released for HiPath OpenOffice ME V1 F. Kneissl / K.-W. Weigt

Wireless-N. User Guide. Broadband Router WRT300N WIRELESS. Model No.

If you have questions or find errors in the guide, please, contact us under the following address:

XRT-401C XRT-402C XRT-204C

Setting up VPN connection: DI-824VUP+ with Windows PPTP client

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel

Polycom. RealPresence Ready Firewall Traversal Tips

Network/VPN Overlap How-To with SonicOS 2.0 Enhanced Updated 9/26/03 SonicWALL,Inc.

Load Balancer LB-2. User s Guide

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address

User Guide. Linksys E1000. Wireless-N Router

Proscend 120. VDSL2 Router. User Manual. Version 0.01

Configuring Network Address Translation (NAT)

Wireless Broadband Router. Manual

First Installation Guide

LinkProof DNS Quick Start Guide

Chapter 3 LAN Configuration

Protecting the Home Network (Firewall)

IPitomy 1000 User Guide

Application Notes for Configuring a SonicWALL VPN with an Avaya IP Telephony Infrastructure - Issue 1.0

EDGE FX Network configuration

Using a simple crossover RJ45 cable, you can directly connect your Dexter to any computer.

The Billion 8800NL - All-In-One Bridge modem solution for the UK For use with a dedicated firewall

KNX IP Interface 730 KNX IP Router 750 KNX IP LineMaster 760 KNX IP BAOS 770 KNX IP BAOS 771 KNX IP BAOS 772 KNX IP BAOS 777

Com.X Router/Firewall Module. Use Cases. White Paper. Version 1.0, 21 May Far South Networks

Transcription:

HowTo: Mutlipath routing and source routing Securepoint Security Systems Version 2007nx Release 3

Content 1 Multipath routing with two direct DSL connections... 4 1.1 Attaching DSL provider... 4 1.2 Attaching DSL interfaces... 5 1.3 Attaching a second internet network object... 7 1.4 Attaching Hide-NAT... 9 1.5 Routing and weighting...10 2 Multipath with one direct DSL connection and one connection over a router...12 2.1 Network configuration...12 2.2 Hide-NAT...13 2.3 Routing and weighting...14 2.4 Disadvantage of the router connection...15 3 Source routing...16 2

Multipath routing The linking of multiple DSL or other internet connections with Securepoint systems is also known as multipath routing. Multipath routing not only increases the bandwidth of the internet connection but also offers redundancy. If you use different provider the effect ascends. The data transfer can be allocated weighted lines. If one line drops down the Securepoint System direct the data transfer through the other available connection. This causes a higher load for the stable connections but it assures the availability of the services. If the connection will reestablished the transfer will automatically conduct over all lines. The Securepoint Systems will not only manage the multipath routing they also manage the load balancing for an optimal load sharing between the separate lines. 3

1 Multipath routing with two direct DSL connections In this configuration the Securepoint appliance acts as a router. The Appliance is directly connected to the modems. 1.1 Attaching DSL provider To configure a multipath environment with two DSL connections you have to dispose two DSL providers at first. Go to the menu item Network and choose the entry DSL provider or click the icon network and switch to the tab DSL provider. fig. 1 Network - tab DSL provider Click the icon New. The dialogue DSL provider appears. Enter your connection data you have received from your provider. Don t check the box at Set default route automatically. If you use a dynamic DNS service, switch to the tab Dyn-DNS and enter the data of you Dyn-DNS provider. fig. 2 Enter the data of the DSL provider 4

Repeat the procedure for the second DSL provider. fig. 3 two DSL provider - without default route 1.2 Attaching DSL interfaces Depending on whether your provider uses the protocol PPPoE or PPTP, you have to attach two PPPoE interfaces or two PPTP interfaces or one of each kind. Switch to the tab Interfaces. Click the arrow beneath the icon New and select the according DSL interface. fig. 4 dropdown menu of the icon New In this example we use two PPPoE interfaces. The dialogue PPPOE-Interface [ppp0] Add appears. On the tab General select an interface (eth0 or eth2) and for DSL provider one of the two attached DSL provider. The name of the DSL interface will be generated automatically by the program. The name is composed of ppp and a consecutive number. 5

fig. 5 bind PPPoE interface to eth0 fig. 6 zones will be kept Repeat this procedure. Click on the icon Update to adopt the changes. fig. 7 view after attaching the DSL interfaces 6

1.3 Attaching a second internet network object You have to create a second internet object to setup separate rules for the different DSL connections. Go to the menu item Firewall and choose the entry Network objects or click the icon Firewall and switch to the tab Network objects. fig. 8 view of the existing network objects To distinguish between the both internet connections you can rename the existing internet object. Click on the object any by using the right mouse button and select modify from the context menu. In the dialog Modify network change the name of the object to any1 for example. fig. 9 select network object fig. 10 rename network object 7

Now create a network object for the second DSL connection. Click on the arrow beneath the icon Computer and select Computer from the dropdown menu or simply click on the icon Computer. fig. 11 attaching computer The dialog Add computer appears. Create the network object like the object any1. Select dmz1 for Sector. Select internet for Group. fig. 12 create network object Add other needed network objects (if not yet carried out). fig. 13 view of network objects 8

1.4 Attaching Hide-NAT To using the Network Address Translation for both DSL connections you have to setup following settings. These settings can only be made, if a network object for the internal net exits. Switch to the tab Hide NAT. Click on the icon New. Enter the data like shown below. fig. 14 Hide NAT settings for the first connection... fig. 15... and for the second one. fig. 16 view of Hide NAT entries 9

1.5 Routing and weighting You have to set default routes for both DSL connections. Do not set the default route automatically at the attaching of the DSL provider. The second DSL interface would overwrite the default route of the first interface. Go to the menu item Network and select the entry Routing or click the icon Network and switch to the tab Routing. Click the icon Default Route. Attach consecutively a default route for each connection. Update the routing by clicking the icon Update. fig. 17 default route for ppp0 fig. 18 default route for ppp1 10

fig. 19 update the settings by click the icon Update In this example the weighting for both connections is 1. This means, that both connections are used in equal shares. If you use connections with different bandwidth, you have to adjust the weighting. Without adjustment the Securepoint appliance cannot assure an optimal load balancing. Example: You have a connection with 2 MBit and one with 6 MBit. The second connection has the triple bandwidth of the first one. So you must give the second connection the triple weighting of the first connection. Set the weighting for the first connection to 1 and the weighting for the second one to 3. You can also use 5 for the first connection and 15 for the second connection. Important is the factor between the weighting values not the difference. 11

2 Multipath with one direct DSL connection and one connection over a router In this setting the Securepoint manage one DSL connection and one internet connection over a router. For the DSL connection a provider must be attached (cf. 1.1 Attaching DSL provider). 2.1 Network configuration For setting up the direct DSL connection take a look to chapter 1. If you bind the direct DSL connection at eth0, connect the router to the interface eth2. Go to the menu item Network and select the entry Interfaces or click the icon Network. Click with the right mouse button on the entry for the interface eth2 and select Modify from the context menu or highlight the entry eth2 and click the icon Modify. Enter a static IP address out of the network range of the router. If only the appliance is connected to the router, disable the DHCP services of the router. fig. 20 configurate eth2 12

2.2 Hide-NAT This configuration also needs two network objects for the internet. One for each connection. To attach these take a look to chapter 1.3. You have to adjust the Hide-NAT settings. Go to the menu item Firewall and select the entry Hide-NAT or click the icon Firewall and switch to the tab Hide-NAT. Click the icon New. The dialog Hide-NAT appears. Attach one entry for the direct DSL connection NAT Relationship ppp0 and one entry for the router connection NAT Relationship eth2. fig. 21 attach Hide-NAT entry for the DSL connection fig. 22 Hide-NAT for router connection fig. 23 view of the Hide-NAT entries 13

2.3 Routing and weighting Attach default routes. Go to the menu item Network and select the entry Routing or click the icon Network and switch to the tab Routing. Click the icon Default Route. Attach default routes for the interface ppp0 and the interface eth2. Note: To attach a default route for the interface eth2 you have to enter the IP address of the interface. Enter a weighting value. Update the routes by clicking the icon Update. Only with adjusted weighting values the Securepoint appliance can assure an optimal load balancing. Same values for the weighting means, that the connections will be used in equal shares. If you use connections with different bandwidths you have to adjust the weighting values. Example: You have a connection with 2 MBit and one with 6 MBit. The second connection has the triple bandwidth of the first one. So you must give the second connection the triple weighting of the first connection. Set the weighting for the first connection to 1 and the weighting for the second one to 3. You can also use 5 for the first connection and 15 for the second connection. Important is the factor between the weighting values not the difference. fig. 24 default route for ppp0 (DSL) fig. 25 default route for eth2 (router) using the IP of the interface 14

Now update the routes by clicking on the icon Update. fig. 26 update routes Afterwards save your settings and update the rules. Click the icon Save and save the settings under the actually configuration or click on the arrow beneath the icon and select Save as and save the settings under a new configuration. Afterwards click the icon Rule update, to attach the changes to the firewall. fig. 27 icons for saving and updating 2.4 Disadvantage of the router connection This scenario has in contrary to the configuration with two directly DSL connections the disadvantage, that the appliance don t notices, when the DSL connections of the router gets lost. The appliance will further on try to send the data packets over the router although it has no connection to the internet. If the appliance manages the DSL connections directly, it will notice the breakdown of one connection. The appliance will conduct the whole traffic over the remaining connection. This will stress the data link, but the connection will not abort. If the second connection is available again, the appliance automatically continues the load balancing. 15

3 Source routing Some applications (for example: mail server, VPN) require that the data packets are always sent or received over the same interface to work properly. To realize this you have to set a precise route for the computer the application runs on. Go to the menu item Network and select the entry Routing or click the icon Network an switch to the tab Routing. Click on the icon New. Apply a route for the computer the application (for example: mail server) runs on. fig. 28 apply source route for one computer In the shown example the applications runs on the computer with the IP address 192.168.3.30. Network mask must be 32 to specify only this computer. The interface to use is ppp0 and the destination is set to any IP address. 16