Apply Sends the router’s configuration.
Copy Allows creating by duplicating a new router object that takes on the same
characteristics as the edited router.
Cancel Cancels the router’s configuration.
Tables of gateways used and backup gateways
Both of these tables contain the following columns:
Host (Mandatory) Clicking on this column will open the objects database to allow selecting a host that
makes up the router.
Device(s) for testing
availability
(Mandatory)
Host or host group to ping in order to determine the connectivity of the gateway. The
value selected may be the gateway itself (Test the gateway directly), a host or a
group of third-party hosts. The availability test may be disabled for the selected
gateway by selecting the value No availability testing.
NOTE
If the value No availability testing has been selected for all gateways, the function
enabling a switchover to backup gateways will then be disabled.
Weight Allows assigning a priority between the various gateways for the load balancing
mechanism. A gateway with a higher weight will therefore be used more often when
balancing traffic load.
(Optional) Comments Any text.
NOTE
Parameters that define the interval between two availability tests (“frequency”), the
maximum waiting time for a response (“wait”) and the number of tests to perform before
declaring the gateway uncontactable (“tries”) can only be configured via CLI command:
CONFIG OBJECT ROUTER NEW name=<router name> [tries=<int>] [wait=<seconds>]
[frequency=<seconds>] update=1.
The default values suggested are 15 seconds for the “frequency” parameter, 2 seconds for
the “wait” parameter and 3 for the "tries" parameter.
Advanced properties
Load balancing The firewall allows distributed routing between the various gateways used through
several methods:
l No load balancing: only the first gateway defined in the "List of gateways used" and
"List of backup gateways" will be used for routing.
l By connection: all gateways defined in the "List of gateways used" will be used. The
load balancing algorithm is based on the source (source IP address, source port)
and the destination (destination IP address, destination port) of the traffic. The rate
at which the various gateways are used will be related to their respective weights.
l By source IP address: all gateways defined in the "List of gateways used" will be
used. An algorithm allows balancing routing based on the source of the routed
traffic. The rate at which the various gateways are used will be related to their
respective weights.
Page 244/448 sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
SNS - USER CONFIGURATION MANUAL V.3
NETWORK OBJECTS
To Next Page
Loading...
