5
226
Nokia Network Voyager for IPSO 4.0 Reference Guide
cluster interfaces (192.168.1.2 and 192.168.1.3) as gateway addresses. In the example
network, the internal router has the following static routes:
route: 10.1.2.0/24, gateway: 192.168.1.10
route: 10.1.3.0/24, gateway: 192.168.1.10
Configuring IP pools in Cluster Voyager
If you want to use IP pools with a VPN in which a non-Check Point gateway participates, you
must configure the pools in IPSO as well as in NGX. You must configure all the pools on all the
nodes, so it is easiest and less error prone to use Cluster Voyager (or the CCLI) for this task. To
configure IP pools in Cluster Voyager, follow this procedure after you enable support for non-
Check Point gateways:
1.
In the Network Address field under Add New IP Pool, enter the network that the IP pool
addresses will be assigned from.
If you were configuring firewall A in the cluster shown in the previous diagram, you would
enter 10.1.2.0.
Note
To ensure routing symmetry, the IP pool networks must be different on different cluster
nodes.
2.
In the Mask field, enter the appropriate subnet mask.
If you were configuring firewall A in the cluster shown in the previous diagram, you would
enter 24.
3.
In the Member Address field, enter the real IP address of the primary cluster protocol
interface.
If you were configuring firewall A in the cluster shown in the previous diagram, you would
enter 192.168.3.1.
Configuring Join-Time Shared Features
You may want to have many configuration settings be identical on each cluster node. Voyager
makes this easy for you by letting you specify which features will be configured the same on all
cluster nodes. The features that are configured this way are called
join-time shared features
.
Their configurations are shared when:
A system joins (or rejoins) the cluster. In this case, the joining system receives the settings of
the shared features.
A new master is selected. In this case, all the members receive the settings of the shared
features from the master. This occurs in either mode when the original master leaves the
cluster (for example, if it is rebooted). It can also occur in forwarding mode if you manually
adjust the performance rating or if a system with a higher rating becomes joins the cluster.
See
“Configuring the Performance Rating”
for more information.
Summary of Contents for IPSO 4.0
Page 4: ...4 Nokia Network Voyager for IPSO 4 0 Reference Guide ...
Page 182: ...3 182 Nokia Network Voyager for IPSO 4 0 Reference Guide ...
Page 206: ...4 206 Nokia Network Voyager for IPSO 4 0 Reference Guide ...
Page 248: ...5 248 Nokia Network Voyager for IPSO 4 0 Reference Guide ...
Page 266: ...6 266 Nokia Network Voyager for IPSO 4 0 Reference Guide ...
Page 286: ...7 286 Nokia Network Voyager for IPSO 4 0 Reference Guide ...
Page 350: ...8 350 Nokia Network Voyager for IPSO 4 0 Reference Guide ...
Page 478: ...11 478 Nokia Network Voyager for IPSO 4 0 Reference Guide ...