Keine Bearbeitungszusammenfassung |
|||
(23 dazwischenliegende Versionen von 3 Benutzern werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
= Checklist Multipathrouting = | = Checklist Multipathrouting = | ||
In this checklist you can see all settings you have to work off, if you set up a multipath-routing. There are only shown the important steps, for the detailled tutorial you have to read the full tutorial [[ | In this checklist you can see all settings you have to work off, if you set up a multipath-routing. There are only shown the important steps, for the detailled tutorial you have to read the full tutorial [[Howto-Multipath_Routing_english| Howto-Multipath_Routing_english]]. | ||
=== Network Configuration === | === Network Configuration === | ||
[[Datei:checklist_interface_settings.png| thumb| | [[Datei:checklist_interface_settings.png| thumb| 400px|<font size=1>ppp0 and ppp1 in different zones</font>]] | ||
# Add ppp interfaces | # Add ppp interfaces | ||
# :""Note:"" Don't set the "default Route". | # :""Note:"" Don't set the "default Route". | ||
# :""Note:"" Don't set zones twice. | # :""Note:"" Don't set zones twice. | ||
<br><br><br> | <br><br><br> | ||
<br><br><br> | |||
<br><br><br> | |||
<br><br><br> | |||
<br><br> | |||
===Netzwerk Objects=== | |||
[[Datei:checklist_network_objects.png| thumb| 350px|<font size=1>Add network objects</font>]] | |||
# Add network objects | |||
#*Add second network object for the internet ("Internet2"). | |||
#*Add second network object for the external interface ("external-interface2"). | |||
#:'''Note:''' The zone of the external-interface2 is the same as the DMZx. | |||
<br><br><br><br> | |||
<br><br><br><br> | |||
===Hide-NAT=== | |||
[[Datei:checklist_hidenat.png| thumb| 400px|<font size=1>Hide-NAT rules for both interfaces.</font>]] | |||
# Add hide-NAT | |||
#:'''Note:''' You have to add a hide-NAT rule for every network behind the firewall per interface. | |||
<br><br><br><br> | |||
<br><br><br><br> | |||
<br><br><br> | |||
===Routing=== | |||
[[Datei:checklist_routing.png| thumb| 400px|<font size=1>add default routes and weighting</font>]] | |||
#Routing and weighting | |||
#*You have to set a default route for every connection. | |||
#*Set the weighting. | |||
#*If you are using a high availability configuration, you have to set the weighting to 0. | |||
<br> | |||
<br> | |||
<br> | |||
<br> | |||
<br> | |||
<br> | |||
===Bind Services and Clients to a connection=== | |||
[[Datei:checklist_routing.png| thumb| 400px|<font size=1>Source routing for a fixed service.</font>]] | |||
[[Datei:checklist_rule_routing.png| thumb| 400px|<font size=1>In the field "Rule Rouing" you have to set an interface</font>]] | |||
#Source Routing | |||
#*Set a route for a client or a network. | |||
#:'''Note:''' The whole data traffic will be routed over one connection. | |||
#:<br><br><br><br><br><br><br><br><br><br><br><br><br> | |||
#Rule Routing | |||
#*Add a rule routing-rule in the portfilter. | |||
<br><br><br><br> | |||
<br><br><br><br> | |||
<br><br><br><br> | |||
<br><br><br> | |||
===VPN=== | |||
[[Datei:checklist_ipsec.png| thumb| 400px|<font size=1>Bind IPSec to an interface</font>]] | |||
[[Datei:checklist_interface_l2tp.png| thumb| 400px|<font size=1>Bind L2TP to an interface</font>]] | |||
#The IPSec connections will be bound on an interface | |||
#*'Local Gateway'' pppx | |||
#*''Route over'' | |||
#*''Local Gateway ID'' pppx | |||
#:<br><br><br><br><br><br><br><br><br><br><br><br> | |||
#Bind L2TP connections to an interface (global) | |||
#*''Bind on an interface'' |
Aktuelle Version vom 21. Dezember 2016, 16:36 Uhr
Checklist Multipathrouting
In this checklist you can see all settings you have to work off, if you set up a multipath-routing. There are only shown the important steps, for the detailled tutorial you have to read the full tutorial Howto-Multipath_Routing_english.
Network Configuration
- Add ppp interfaces
- :""Note:"" Don't set the "default Route".
- :""Note:"" Don't set zones twice.
Netzwerk Objects
- Add network objects
- Add second network object for the internet ("Internet2").
- Add second network object for the external interface ("external-interface2").
- Note: The zone of the external-interface2 is the same as the DMZx.
Hide-NAT
- Add hide-NAT
- Note: You have to add a hide-NAT rule for every network behind the firewall per interface.
Routing
- Routing and weighting
- You have to set a default route for every connection.
- Set the weighting.
- If you are using a high availability configuration, you have to set the weighting to 0.
Bind Services and Clients to a connection
- Source Routing
- Set a route for a client or a network.
- Note: The whole data traffic will be routed over one connection.
- Rule Routing
- Add a rule routing-rule in the portfilter.
VPN
- The IPSec connections will be bound on an interface
- 'Local Gateway pppx
- Route over
- Local Gateway ID pppx
- Bind L2TP connections to an interface (global)
- Bind on an interface