11-23
Catalyst 6500 Series Content Switching Module Configuration Note
OL-4612-01
Chapter 11 Configuring Firewall Load Balancing
Configuring Regular Firewall Load Balancing
Configuring Virtual Servers on CSM B
To configure three virtual servers on CSM B, perform this task:
Step 13
Switch-B(config-slb-sfarm)# real
200.0.0.3
Identifies Firewall 1 as a real server, assigns an IP
address to its insecure side, and enters real server
configuration submode.
Step 14
Switch-B(config-slb-real)# inservice
Enables the firewall.
Step 15
Switch-B(config-slb-real)# exit
Returns to server farm configuration mode.
Step 16
Switch-B(config-slb-sfarm)# real
200.0.0.4
Identifies Firewall 2 as a real server, assigns an IP
address to its insecure side, and enters real server
configuration submode.
Step 17
Switch-B(config-slb-real)# inservice
Enables the firewall.
1. GENERIC-SF contains the real servers in the internal server farm.
2. SEC-SF contains (firewall 1 and firewall 2)–their secure-side IP addresses are configured as real servers in this server farm.
3. This is a required step when configuring a server farm that contains firewalls.
4. We recommend this step when configuring secure-side firewall interfaces in a server farm.
Command Purpose
Command Purpose
Step 1
Switch-B(config)# module csm 6
Enters multiple module configuration mode and
specifies that CSM B is installed in slot 6.
Step 2
Switch-B(config-module-csm)# vserver
GENERIC-VS
Specifies GENERIC-VS
1
as the virtual server that is
being configured and enters virtual server
configuration mode.
Step 3
Switch-B(config-slb-vserver)# virtual
200.0.0.127 tcp 0
Specifies the IP address, protocol (TCP), and port
(0=any) for this virtual server
2
.
Step 4
Switch-B(config-slb-vserver))# vlan 201
Specifies that the virtual server will only accept
traffic arriving on VLAN 201, which is traffic
arriving from the secure side of the firewalls.
Step 5
Switch-B(config-slb-vserver)# serverfarm
GENERIC-SF
Specifies the server farm for this virtual server
3
.
Step 6
Switch-B(config-slb-vserver)# inservice
Enables the virtual server.
Step 7
Switch-B(config-slb-vserver)# exit
Returns to multiple module configuration mode.
Step 8
Switch-B(config-module-csm)# vserver
SEC-20-VS
Specifies SEC-20-VS
4
as the virtual server that is
being configured and enters virtual server
configuration mode.
Step 9
Switch-B(config-slb-vserver)# virtual
200.0.0.0 255.255.255.0 any
Specifies the IP address, netmask, and protocol (any)
for this virtual server
2
.
Step 10
Switch-B(config-slb-vserver))# vlan 20
Specifies that the virtual server will only accept
traffic arriving on VLAN 20, which is traffic arriving
from the internal server farms.
Step 11
Switch-B(config-slb-vserver)# serverfarm
SEC-SF
Specifies the server farm for this virtual server
5
.
Step 12
Switch-B(config-slb-vserver)# inservice
Enables the virtual server.
Step 13
Switch-B(config-slb-vserver)# exit
Returns to multiple module configuration mode.
To Next Page
Loading...
Need help?
General