Deployment Guide A10 Networks/Infoblox Joint DNS64 and NAT64 Solution



Similar documents
Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing

ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example

Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365

Tenable for CyberArk

Deployment Guide MobileIron Sentry

F-SECURE MESSAGING SECURITY GATEWAY

Installing and Using the vnios Trial

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Deployment Guide Microsoft IIS 7.0

Deployment Guide Microsoft Exchange 2013

Configuring Global Protect SSL VPN with a user-defined port

Deployment Guide. AX Series for Microsoft Lync Server 2010

NetBeat NAC Version 9.2 Build 4 Release Notes

STARTER KIT. Infoblox DNS Firewall for FireEye

Configuring and Implementing A10

Quick Start Guide. for Installing vnios Software on. VMware Platforms

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Deployment Guide AX Series with Citrix XenApp 6.5

F-Secure Messaging Security Gateway. Deployment Guide

NEFSIS DEDICATED SERVER

HIPAA Compliance Use Case

This How To guide will take you through configuring Network Load Balancing and deploying MOSS 2007 in SharePoint Farm.

Deployment Guide Oracle Siebel CRM

Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal

TEL 500 WRITE UP WEEK 8 FREE PBX SIP LAB SUBMITTED TO: PROF. RONNY BULL BY: ANUSHA ALIGAPALLY

NSi Mobile Installation Guide. Version 6.2

Semantic based Web Application Firewall (SWAF - V 1.6)

SOA Software API Gateway Appliance 7.1.x Administration Guide

Getting Started with Clearlogin A Guide for Administrators V1.01

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

Configuring User Identification via Active Directory

Configuring a VPN for Dynamic IP Address Connections

Active Directory Integration

SAML 2.0 SSO Deployment with Okta

Thunder Series for SAP BusinessObjects (BOE)

Virtual Appliance Setup Guide

AlienVault. Unified Security Management 5.x Configuring a VPN Environment

Deployment Guide AX Series for Palo Alto Networks SSL Intercept and Firewall Load Balancing

PHD Virtual Backup for Hyper-V

Enable Connectivity for 3PAR Storage:

McAfee SMC Installation Guide 5.7. Security Management Center

A10 Networks Load Balancer

Test Case 3 Active Directory Integration

How To Authenticate An Ssl Vpn With Libap On A Safeprocess On A Libp Server On A Fortigate On A Pc Or Ipad On A Ipad Or Ipa On A Macbook Or Ipod On A Network

Guide to the LBaaS plugin ver for Fuel

Setting Up Scan to SMB on TaskALFA series MFP s.

Thunder ADC for Epic Systems

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Ciphermail Gateway PDF Encryption Setup Guide

Copyright

SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR.

How to Configure Active Directory based User Authentication

INSTALLATION GUIDE. A10 Thunder TM Series vthunder for AWS

nexvortex Setup Guide

Step-by-Step Guide for Setting Up IPv6 in a Test Lab

OneLogin Integration User Guide

Preparing for GO!Enterprise MDM On-Demand Service

QUANTIFY INSTALLATION GUIDE

Basic IPv6 WAN and LAN Configuration

Thunder Series for SAP Customer Relationship Management (CRM)

OCS Training Workshop LAB14. Setup

Quick Start Guide. Sendio System Protection Appliance. Sendio 5.0

To enable an application to use external usernames and passwords, you need to first configure CA EEM to use external directories.

F-Secure Internet Gatekeeper Virtual Appliance

Installing Intercloud Fabric Firewall

How To - Implement Single Sign On Authentication with Active Directory

Step By Step Guide: Demonstrate DirectAccess in a Test Lab

Configuring PPP And SIP

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

IIS, FTP Server and Windows

CommandCenter Secure Gateway

Installing and Configuring Windows Server Module Overview 14/05/2013. Lesson 1: Planning Windows Server 2008 Installation.

Dell Compellent Storage Center

Transferring Your Internet Services

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

Microsoft Exchange 2013 DEPLOYMENT GUIDE

Configuration Guide. Independent T1 Timing. 6AOSCG A February 2012

Scenario: IPsec Remote-Access VPN Configuration

Lieberman Software Corporation Enterprise Random Password Manager

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

Handle Tool. User Manual

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

SonicWALL Mobile Connect. Mobile Connect for OS X 3.0. User Guide

CommandCenter Secure Gateway

TechNote. Configuring SonicOS for MS Windows Azure

Global Server Load Balancing (GSLB) Concepts

If you re not using Citrix XenCenter 6.0, your screens may vary. Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

PROJECT SUMMARY ROWAN UNIVERSITY REQUIREMENTS

Quick Start Guide. Citrix XenServer Hypervisor. Server Mode (Single-Interface Deployment) Before You Begin SUMMARY OF TASKS

Set Up Panorama. Palo Alto Networks. Panorama Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Dynamic DNS How-To Guide

ISE TACACS+ Configuration Guide for Cisco NX-OS Based Network Devices. Secure Access How-to User Series

Discovery Guide. Secret Server. Table of Contents

PriveonLabs Research. Cisco Security Agent Protection Series:

Introduction to Mobile Access Gateway Installation

VX 9000E WiNG Express Manager INSTALLATION GUIDE

About the VM-Series Firewall

Application Notes for Avaya IP Office 7.0 Integration with Skype Connect R2.0 Issue 1.0

Transcription:

Deployment Guide A10 Networks/Infoblox Joint DNS64 and NAT64 Solution DG_ACC_062011.1

TABLE OF CONTENTS 1 Introduction... 3 2 Deployment Guide Overview... 3 3 Lab Setup Requirements... 3 4 Architecture Overview... 4 5 Access Credentials... 5 6 DNS64 and NAT64 Configuration... 6 6.1 Configuration Overview... 7 6.1.1 Enabling NAT64 on NIOS... 7 6.1.2 Verify DNS64 Prefix... 9 6.1.3 NAT64 Interface Configuration... 10 6.1.4 LSN NAT Pool Configuration... 10 6.1.5 NAT64 LID Configuration... 11 6.1.6 Class List Configuration... 12 6.1.7 NAT64 Global Configuration... 13 6.1.8 NAT64 Configuration Validation... 13 6.1.9 DNS64 Configuration Validation... 14 7 Conclusion... 14 2

1 INTRODUCTION A10 Networks and Infoblox offer a comprehensive and jointly tested solution a high performance NAT64 gateway and full DNS64 service that has already been deployed by enterprises and service providers. The solution is enhanced by each company s product features that allow enhanced security, optimized DNS support and scalability. 2 DEPLOYMENT GUIDE OVERVIEW This deployment guide provides detailed instructions for configuring both the A10 Networks and Infoblox portions of the deployment. This basic configuration provides a simple setup of NAT64 that enables IPv6 clients to access IPv4 webservers and DNS64 for AAAA-to-A record conversions. The A10 Networks AX Series will provide the NAT64 solution and the Infoblox NIOS will provide the DNS64 services. The AX Series also offers DNS Load Balancing, DNS64 Load Balancing, DNS Application Firewall and DNS Optimization. 3 LAB SETUP REQUIREMENTS The lab setup has been configured with the following software versions: AX Series: AX 2500 2.6.4-P2 Build 140 NIOS 6.1.0-121754 Note: NAT64 and DNS64 features are supported only on 64-bit ACOS models: AX 2500, AX 2600, AX 3000, AX 5100, and AX 5200. 3

4 ARCHITECTURE OVERVIEW This document illustrates a joint solution of A10 Networks AX Series that provides the NAT64 solution and Infoblox NIOS appliance that provides a full DNS64 solution. Figure 1: A10 and Infoblox solution Figure 2 shows how DNS64 allows the resolution of addresses from the IPv4 network by creating synthesized AAAA records for hosts where no AAAA record is available. This is done by pairing a standards-based IPv6 prefix with the IPv4 address provided by an A record lookup. The IPv4 address is embedded within the last 32 bits of the IPv6 address. Figure 2: DNS64 resolving unknown hosts on IPv6 networks 4

5 ACCESS CREDENTIALS The access credentials are the default settings within the AX Series and NIOS appliances. A10 Networks AX Series access defaults: Default username is admin. Default password is a10. Default management IP address of the device is 172.31.31.31. Infoblox NIOS access defaults: Default username is admin. Default password is infoblox. Default IP address of the device is 192.168.1.2. Note: Both AX Series and NIOS appliances can support a Graphical User Interface (GUI) and Command Line User Interface (CLI).To access the CLI interfaces for both AX Series and NIOS, you will be required to use an SSH client such as putty.exe. 5

6 DNS64 AND NAT64 CONFIGURATION Figure 3 shows the lab setup tested for this deployment. The configuration steps in this section provide: Simple and quick implementation to deploy NAT64 and DNS64 solutions Seamless transition from IPv6 network to access IPv4 contents Figure 3: NAT64 and DNS64 lab overview 6

6.1 CONFIGURATION OVERVIEW This section provides the steps for configuring the following items: DNS64 NIOS NAT64 interface LSN NAT pool NAT64 LID Class list NAT64 global settings 6.1.1 ENABLING NAT64 ON NIOS Note: This document assumes you have already set up the Infoblox system on the network and have enabled it to accept recursive DNS queries. To configure the Infoblox NIOS for DNS64 configuration, log in to the NIOS appliance and navigate to GRID > GRID Manager > DNS > Select the NIOS Appliance > Edit. 1. Click Basic. 2. Click DNS64. 3. Select Enable DNS64. 7

Figure 4: Enabling DNS64 on NIOS 4. Click OK and save the configuration. 8

6.1.2 VERIFY DNS64 PREFIX The DNS64 prefix must have the same value as NAT64 prefix for the solution to work. To verify that the prefix is correct, navigate to Data Management > DNS > Grid DNS Properties. In this example, the DNS64 prefix is configured as 64:ff9b::/96. Figure 5: DNS64 prefix validation 5. Click OK and save the configuration. 6. For detailed information as to how to configure the Infoblox NIOS appliance, refer to: http://ww2.infoblox.com/support/tech_lib/nios/nios_adminguide_6.1.0.pdf 9

6.1.3 NAT64 INTERFACE CONFIGURATION To configure NAT64 features, log in to the AX Series and use the default login credentials above. To configure the NAT64 interfaces, navigate to Config Mode > Service > LSN > Interface. From the Interface drop-down menu, select the interface required and direction as shown below: Figure 6: Interface configuration 6.1.4 LSN NAT POOL CONFIGURATION To configure the LSN NAT pool, navigate to Config Mode > Service > LSN > LSN Pool. 1. Click Add. 2. Enter the following information: Name: "nat64pool Start IP Address: 172.16.1.78 End IP Address: 172.16.1.78 Netmask: 255.255.255.0 10

Figure 7: LSN NAT poolcconfiguration 3. Click OK and save the configuration. Note: One (1) IP address can support up to 64 K flows. 6.1.5 NAT64 LID CONFIGURATION To configure the NAT64 Limit ID (LID), navigate to Mode > Service > LSN > LID. 1. Click Add. 2. Enter ID 1. 3. Select pool "nat64pool" from the LSN Pool drop-down list. Figure 8: LID configuration 4. Click OK and save the configuration. 11

6.1.6 CLASS LIST CONFIGURATION To configure the NAT64 class list, navigate to Config Mode > Service > LSN > Class List. 1. Click Add. 2. Enter the following information: Name: nat64_clients Location: Config IPv4/IPv6: IPv6 3. In the Entry section, enter the following information: IPv6 address: :: Prefix Length: 0 LID: 1 4. Click Add to add the configuration to the list. Figure 9: Class list configuration 5. Click OK and save the configuration. 12

6.1.7 NAT64 GLOBAL CONFIGURATION To configure the NAT64 global parameters, navigate to Config Mode > Service > LSN > NAT64 > Global. 1. In the Global section, next to Prefix, select Well-known. 2. In the Class List Binding section, select nat64_clients, created earlier. 3. Click OK and save the configuration. Note: For additional information as to how to configure the A10 Networks AX Series load balancers, refer to: https://www.a10support.com/support-axseries/techlibrary.php. Login credentials are required to download the materials. 6.1.8 NAT64 CONFIGURATION VALIDATION To validate that the NAT64 configuration works, use the putty.exe application and login to the AX Series. Generate traffic first, then enter the show session command. Query Explanation: Figure 10: Show session output 13

6.1.9 DNS64 CONFIGURATION VALIDATION To validate that the DNS64 is configuration works, open a command shell from the IPv6 client. Use the nslookup command and enter the domain address. If a prefix of 64:ff9b: appears from the nslookup query, the Infoblox DNS64 appliance is working. Figure 11: Nslookup validation For additional software to test your DNS64 solution, download "dig" at: http://ftp.isc.org/isc/bind9/9.7.3/bind9.7.3.zip 7 CONCLUSION The A10 Networks and Infoblox joint solution enables IPv6 migration while ensuring users can still retrieve IPv4-only content and connect to other IPv4 resources as needed. By choosing A10 Networks and Infoblox, customers are assured of a tested, quick solution and a certified solution from proven technology leaders. A10 Networks and Infoblox provide new, reliable and innovative functionality that enables a competitive advantage to companies, ensuring new services can be available and no opportunities are missed as IPv6 becomes standard. 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information