PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Similar documents

How To - Setup Cyberoam VPN Client to connect to a Cyberoam for the remote access using preshared key

How To Setup Cyberoam VPN Client to connect a Cyberoam for remote access using preshared key

Chapter 3 Security and Firewall Protection

WAN Traffic Management with PowerLink Pro100

PPTP Server Access Through The

Appendix C Network Planning for Dual WAN Ports

Using IPsec VPN to provide communication between offices

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

Firewall Defaults and Some Basic Rules

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address

Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost.

WAN Failover Scenarios Using Digi Wireless WAN Routers

Barracuda Link Balancer

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

Small Business Server Part 2

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

How To Configure A Vyatta As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net (Dspv) On A Network With A D

Network Services Internet VPN

Introduction. Technology background

Configuring a VPN for Dynamic IP Address Connections

LinkProof DNS Quick Start Guide

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Configuring IPsec VPN with a FortiGate and a Cisco ASA

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Chapter 2 Connecting the FVX538 to the Internet

Configuring High Availability for Embedded NGX Gateways in SmartCenter

Creating a VPN with overlapping subnets

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Based on the VoIP Example 1(Basic Configuration and Registration), we will introduce how to dial the VoIP call through an encrypted VPN tunnel.

Inbound Load Balance. User Manual

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

Chapter 3 LAN Configuration

Application Note. SIP Domain Management

Route Based Virtual Private Network

Tech-Note Bridges Vs Routers Version /06/2009. Bridges Vs Routers

CORE Enterprise on a WAN

Internet Load Balancing Guide. Peplink Balance Series. Peplink Balance. Internet Load Balancing Solution Guide

UIP1868P User Interface Guide

Edgewater Routers User Guide

How To Set Up A Pploe On A Pc Orca On A Ipad Orca (Networking) On A Macbook Orca 2.5 (Netware) On An Ipad 2.2 (Netrocessor

Configuring an IPsec VPN to provide ios devices with secure, remote access to the network

Chapter 4 Virtual Private Networking

How do I configure multi-wan in Routing Table mode?

EXINDA NETWORKS. Deployment Topologies

How To Configure Apple ipad for Cyberoam L2TP

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

ISG50 Application Note Version 1.0 June, 2011

Best Practices: Pass-Through w/bypass (Bridge Mode)

Load Balance Router R258V

For extra services running behind your router. What to do after IP change

Configuring Network Address Translation (NAT)

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015

VPN Only Connection Information and Sign up

Edgewater Routers User Guide

Configuring IP Load Sharing in AOS Quick Configuration Guide

How to configure VLAN and route failover

MANAGED FIREWALL SERVICE. Service definition

Figure 41-1 IP Filter Rules

Chapter 4 Customizing Your Network Settings

Bandwidth-based load-balancing with failover. The easy way. We need more bandwidth.

Barracuda Link Balancer Administrator s Guide

Configuration Example

Optimal Network Connectivity Reliable Network Access Flexible Network Management

ZyWALL USG ZLD 3.0 Support Notes

PFSENSE Load Balance with Fail Over From Version Beta3

Quick Guide of HiDDNS Settings (with UPnP)

How To Industrial Networking

Digi Connect WAN Application Helper Configuring and Testing the Digi Connect WAN GSM

QoS (Quality of Service)

Source-Connect Network Configuration Last updated May 2009

F-SECURE MESSAGING SECURITY GATEWAY

Apliware firewall. TheGreenBow IPSec VPN Client. Configuration Guide.

Chapter 4 Security and Firewall Protection

Configuring IPsec VPN between a FortiGate and Microsoft Azure

Chapter 4 Customizing Your Network Settings

Setting up D-Link VPN Client to VPN Routers

ADTRAN 3120 / 3130 Internet Configuration Guide

How To Set Up A Vpn Tunnel Between Winxp And Zwall On A Pc 2 And Winxp On A Windows Xp 2 On A Microsoft Gbk2 (Windows) On A Macbook 2 (Windows 2) On An Ip

Scenario 1: One-pair VPN Trunk

Multi-Homing Security Gateway

Configuration Guide. How to Configure SSL VPN Features in DSR Series. Overview

Application Description

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Application Notes for Configuring a SonicWALL VPN with an Avaya IP Telephony Infrastructure - Issue 1.0

Chapter 4 Firewall Protection and Content Filtering

I. What is VPN? II. Types of VPN connection. There are two types of VPN connection:

How To Configure An Ipsec Tunnel On A Network With A Network Gateways (Dfl-800) On A Pnet 2.5V2.5 (Dlf-600) On An Ipse Vpn

Chapter 12 Supporting Network Address Translation (NAT)

FAQ: BroadLink Multi-homing Load Balancers

Chapter 6 Virtual Private Networking

How To Configure L2TP VPN Connection for MAC OS X client

How to set up Inbound Load Balance under Drop-in Mode

Howto: How to configure static port mapping in the corporate router/firewall for Panda GateDefender Integra VPN networks

Total solution for your network security. Provide policy-based firewall on scheduled time. Prevent many known DoS and DDoS attack

nexvortex Setup Template

Transcription:

Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Find your network example: 1. Basic network with and 2 WAN lines - click here 2. Add a web server to the LAN - click here 3. Add a web, mail and pptp server to the LAN - click here 4. Duplicate web servers* on the LAN - click here 5. Basic network with, 2 WAN lines and a Firewall - click here 6. Add Ipsec server to the Firewall - click here 7. Activate Authoritative DNS server on the - click here ** Duplicate servers allow two or more servers (i.e. two mail servers or two web servers) MORE

Find your network example: 8. VPN Failover using DNS - click here

Network Scenario #1 Objective: to achieve bandwidth aggregation and outbound redundancy for a simple LAN with no firewall and no internal servers hosted. Network topology and services: - 2 ADSL lines to 2 ISPs - - s in the LAN - typical traffic: web browsing, e-mail, file transfer - DNS, web and mail services hosted outside the LAN, at the ISP s site

Network Scenario #1 Basic Network Features: - Outbound Session load balancing - Outbound Redundancy ISP A ISP B Configuration: As shown Router A eth0: 63.218.217.109 Router B eth0: 53.222.83.129 WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 LAN IP: 192.168.1.30 Ethernet IP addr: 192.168.1.1 IP addr: 192.168.1.2 Back to index

Network Scenario #2 Objectives: to achieve bandwidth aggregation and outbound redundancy for a LAN with a web server and no firewall. Further, to increase the bandwidth available for the web server. Network topology and services: - 2 ADSL lines to 2 ISPs - - s in the LAN - typical traffic out: web browsing, e-mail, file transfer - typical traffic in: web access, e-mail - DNS and mail services are hosted outside the LAN, at the ISP s site

Network Scenario #2 Network with one server Features: - Outbound Session load balancing - Outbound Redundancy ISP A ISP B Configuration - Port forward port 80 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 192.168.1.100 Router A eth0: 63.218.217.109 Router B eth0: 53.222.83.129 WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 LAN IP: 192.168.1.30 Ethernet Web Server MyCo.com IP: 192.168.1.100 IP addr: 192.168.1.1 IP addr: 192.168.1.2 Back to index

Network Scenario #3 Objectives: to achieve bandwidth aggregation and outbound redundancy for a LAN with a web server, mail server and a VPN server (using PPTP or IPSEC). Network topology and services: - 2 ADSL lines to 2 ISPs - - s in the LAN - typical traffic out: web browsing, e-mail, file transfer - typical traffic in: pptp, web access, e-mail, file transfer - DNS authority outside the LAN, at the ISP s site

Network with three servers Network Scenario #3 Configuration Features: - Outbound Session load balancing - Outbound Redundancy ISP A ISP B - Port forward port 80 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 192.168.1.100 - Port forward port 25 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 192.168.1.101 - Port forward port 1723 - Protocol forward 47 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 192.168.1.102 Router A eth0: 63.218.217.109 Router B eth0: 53.222.83.129 WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 LAN IP: 192.168.1.30 Mail Server mail.myco.com IP: 192.168.1.101 PPTP Server vpn.myco.com IP: 192.168.1.102 Ethernet Web Server MyCo.com IP: 192.168.1.100 IP addr: 192.168.1.1 IP addr: 192.168.1.2 Back to index

Network Scenario #4 Objectives: to achieve bandwidth aggregation and outbound redundancy for a LAN with 2 web servers and no firewall. Further, to increase the bandwidth available for the web servers. Network topology and services: - 2 ADSL lines to 2 ISPs - - s in the LAN - typical traffic out: web browsing, e-mail, file transfer - typical traffic in: web access, e-mail - DNS and mail services are hosted outside the LAN, at the ISP s site

Network with Duplicate Servers Features: - Outbound Session load balancing - Outbound Redundancy Network Scenario #4 ISP A ISP B Configuration - Port forward port 80 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 192.168.1.100 - Port forward port 80 Source IP: 63.218.217.111 and 53.222.83.131 Destination IP: 192.168.1.103 Router A eth0: 63.218.217.109 Router B eth0: 53.222.83.129 WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 LAN IP: 192.168.1.30 Web Server MyCo.com IP: 192.168.1.100 Web Server YourCo.com IP: 192.168.1.103 Ethernet IP addr: 192.168.1.1 IP addr: 192.168.1.2 Back to index

Network Scenario #5 Objectives: to achieve bandwidth aggregation and outbound redundancy for a LAN with a firewall. To increase the bandwidth available for the workstations while maintaining security. Network topology and services: - 2 ADSL lines to 2 ISPs - - s in the LAN - typical traffic out: web browsing, e-mail, file transfer - typical traffic in: e-mail and file transfer - DNS, web and mail services are hosted outside the LAN, at the ISP s site

Network Scenario #5 Basic Network with Firewall Features: - Outbound Session load balancing - Outbound Redundancy - LAN Security ISP A ISP B Configuration As shown Router A eth0: 63.218.217.109 Router B eth0: 53.222.83.129 WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 LAN IP: 10.10.10.1 FIREWALL CONFIGURATION As shown Firewall External IP: 10.10.10.2 Internal IP: 192.168.1.30 Gateway IP: 10.10.10.1 Ethernet IP addr: 192.168.1.1 IP addr: 192.168.1.2 Back to index

Network Scenario #6 Objectives: to achieve bandwidth aggregation and outbound redundancy for a LAN with a web server. To increase the bandwidth available for the web server and assure network security with a firewall. Network topology and services: - 2 ADSL lines to 2 ISPs - - s in the LAN - typical traffic out: web browsing, e-mail, file transfer - typical traffic in: web access, e-mail - DNS and mail services are hosted outside the LAN, at the ISP s site

Network Scenario #6 Network with Firewall and one server Features: - Session load balancing - Outbound Redundancy - LAN Security ISP A ISP B POWERLINK CONFIGURATION - Port forward port 80 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 10.10.10.2 Router A eth0: 63.218.217.109 Router B eth0: 53.222.83.129 WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 FIREWALL CONFIGURATION Port 80 left open for incoming traffic NAT- Source IP: 10.10.10.2 Dest IP: 192.168.1.30 LAN IP: 10.10.10.1 Firewall External IP: 10.10.10.2 Internal IP: 192.168.1.30 Gateway IP: 10.10.10.1 IP addr: 192.168.1.1 Ethernet Back to index Web Server IP addr: 192.168.1.2 MyCo.com IP: 192.168.1.100

Network Scenario #7 Objectives: to achieve bandwidth aggregation and inbound and outbound redundancy for a LAN with a web server. To increase the bandwidth available for the web server while maintaining remote clients security and DNS (inbound) redundancy. Network topology and services: - 2 ADSL lines to 2 ISPs - configured as DNS authoritative server - s in the LAN - typical traffic out: web browsing, e-mail, file transfer - typical traffic in: web access, e-mail and file transfer - mail services are hosted outside the LAN, at the ISP s site

Network with IPsec Firewall and one LAN server is Authoritative DNS Server Features: - Outbound & Inbound Session load balancing - Outbound & Inbound Redundancy - LAN Security - VPN access of LAN - Automatic failover of VPN tunnels - Instant removal of faulty WAN lines from DNS advertisement Router A eth0: 63.218.217.109 Network Scenario #7 ISP A ISP B - Port forward port 80 & 500 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 10.10.10.2 - Protocol forward protocol 50 Remote clients use 63.218.217.110 or 53.222.83.130 to connect to the VPN server - DNS Server enabled - Create domain MyCo.com www.myco.com = 63.218.217.110 & 53.222.83.130 Router B eth0: 53.222.83.129 Configuration WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 LAN IP: 10.10.10.1 FIREWALL CONFIGURATION Port 80 left open for incoming traffic NAT- Source IP: 10.10.10.2 Dest IP: 192.168.1.30 Firewall & IPSEC Server External IP: 10.10.10.2 Internal IP: 192.168.1.30 Gateway IP: 10.10.10.1 Ethernet MyCo.com IP: 192.168.1.100 IP addr: 192.168.1.1 IP addr: 192.168.1.2 Back to index Web Server

Network Scenario #8 Objectives: to achieve automatic failover of VPN tunnels. Network topology and services: - 2 ADSL lines to 2 ISPs - configured as DNS authoritative server - s in the LAN - VPN clients establishing connection based on vpn.myco.com

Network Scenario #8 Remote VPN connection established to vpn.myco.com. Broken tunnel fails over to second line based on DNS lookup from. is Authoritative DNS Server Features: - Outbound & Inbound Session load balancing - Outbound & Inbound Redundancy - LAN Security - VPN access of LAN - Automatic failover of VPN tunnels - Instant removal of faulty WAN lines from DNS advertisement ISP A x Internet Router A eth0: 63.218.217.109 FIREWALL CONFIGURATION Port 80 left open for incoming traffic NAT- Source IP: 10.10.10.2 Dest IP: 192.168.1.30 ISP B x - Port forward port 80 & 500 Source IP: 63.218.217.110 and 53.222.83.130 Destination IP: 10.10.10.2 - Protocol forward protocol 50 Remote clients use vpn.myco.com to connect to the VPN server - DNS Server enabled - Create domain MyCo.com www.myco.com = 63.218.217.110 & 53.222.83.130 vpn.myco.com = 63.218.217.110 & 53.222.83.130 x Configuration Router B eth0: 53.222.83.129 WAN IP 1: 63.218.217.110 WAN IP 2: 53.222.83.130 LAN IP: 10.10.10.1 Firewall & IPSEC Server External IP: 10.10.10.2 Internal IP: 192.168.1.30 Gateway IP: 10.10.10.1 IP addr: 192.168.1.1 Ethernet Web Server IP addr: 192.168.1.2 MyCo.com IP: 192.168.1.100