Wechseln zu:Navigation, Suche
Wiki
Keine Bearbeitungszusammenfassung
 
(19 dazwischenliegende Versionen von 3 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
= Checklist Multipathrouting =
= Checklist Multipathrouting =
In this checklist you can see all settings you have to work off, if you set up a multipath-routing. There are only shown the important steps, for the detailled tutorial you have to read the full tutorial [[#Multipath Routing| Howto-Multipath_Routing_english]].
In this checklist you can see all settings you have to work off, if you set up a multipath-routing. There are only shown the important steps, for the detailled tutorial you have to read the full tutorial [[Howto-Multipath_Routing_english| Howto-Multipath_Routing_english]].


=== Network Configuration ===
=== Network Configuration ===
[[Datei:checklist_interface_settings.png| thumb| 250px|<font size=1>ppp0 and ppp1 in different zones</font>]]
[[Datei:checklist_interface_settings.png| thumb| 400px|<font size=1>ppp0 and ppp1 in different zones</font>]]
# Add ppp interfaces
# Add ppp interfaces
# :""Note:"" Don't set the "default Route".
# :""Note:"" Don't set the "default Route".
# :""Note:"" Don't set zones twice.
# :""Note:"" Don't set zones twice.
<br><br><br>
<br><br><br>
<br><br><br>
<br><br><br>
<br><br><br>
<br><br>


===Netzwerk Objects===
===Netzwerk Objects===


[[Datei:checklist_network_objects.png| thumb| 250px|<font size=1>Add network objects</font>]]
[[Datei:checklist_network_objects.png| thumb| 350px|<font size=1>Add network objects</font>]]
# Add network objects
# Add network objects
#*Add secound network object for the internet ("Internet2").
#*Add second network object for the internet ("Internet2").
#*Add secound network object for the external interface ("external-interface2").
#*Add second network object for the external interface ("external-interface2").
#:'''Note:''' The zone of the external-interface2 is the same as the DMZx.
#:'''Note:''' The zone of the external-interface2 is the same as the DMZx.
<br><br><br><br>
<br><br><br><br>
<br><br>
<br><br><br><br>


===Hide-NAT===
===Hide-NAT===


[[Datei:checklist_hidenat.png| thumb| 250px|<font size=1>Hide-NAT rules for both interfaces.</font>]]
[[Datei:checklist_hidenat.png| thumb| 400px|<font size=1>Hide-NAT rules for both interfaces.</font>]]
# Add hide-NAT
# Add hide-NAT
#:'''Note:''' You have to add a hide-NAT rule for every network behind the firewall per interface.
#:'''Note:''' You have to add a hide-NAT rule for every network behind the firewall per interface.
<br><br><br><br>
<br><br><br><br>
<br><br><br><br>
<br><br><br>


===Routing===
===Routing===


[[Datei:checklist_routing.png| thumb| 250px|<font size=1>add default routes and weighting</font>]]
[[Datei:checklist_routing.png| thumb| 400px|<font size=1>add default routes and weighting</font>]]
#Routing and weighting
#Routing and weighting
#*You have to set a default route for every connection.
#*You have to set a default route for every connection.
#*Set the weihting.
#*Set the weighting.
#*If you are using a high avaiability configuration, you have to set the weighting to 0.
#*If you are using a high availability configuration, you have to set the weighting to 0.
<br>
<br>
<br>
<br>
<br>
<br>
<br>


===Bind Services and Clients to a connection===
===Bind Services and Clients to a connection===


[[Datei:checklist_routing.png| thumb| 250px|<font size=1>Source routing for a fixed service.</font>]]
[[Datei:checklist_routing.png| thumb| 400px|<font size=1>Source routing for a fixed service.</font>]]
[[Datei:checklist_rule_routing.png| thumb| 250px|<font size=1>In the field "Rule Rouing" you have to set an interface</font>]]
[[Datei:checklist_rule_routing.png| thumb| 400px|<font size=1>In the field "Rule Rouing" you have to set an interface</font>]]
#Source Routing
#Source Routing
#*Set a route for a client or a network.
#*Set a route for a client or a network.
Zeile 52: Zeile 63:
===VPN===
===VPN===


[[Datei:checklist_ipsec.png| thumb| 250px|<font size=1>Bind IPSec to an interface</font>]]
[[Datei:checklist_ipsec.png| thumb| 400px|<font size=1>Bind IPSec to an interface</font>]]
[[Datei:checklist_interface_l2tp.png| thumb| 250px|<font size=1>Bind L2TP to an interface</font>]]
[[Datei:checklist_interface_l2tp.png| thumb| 400px|<font size=1>Bind L2TP to an interface</font>]]
#The IPSec connections will be bound on an interface
#The IPSec connections will be bound on an interface
#*'Local Gateway'' pppx
#*'Local Gateway'' pppx

Aktuelle Version vom 21. Dezember 2016, 16:36 Uhr

Checklist Multipathrouting

In this checklist you can see all settings you have to work off, if you set up a multipath-routing. There are only shown the important steps, for the detailled tutorial you have to read the full tutorial Howto-Multipath_Routing_english.

Network Configuration

ppp0 and ppp1 in different zones
  1. Add ppp interfaces
  2. :""Note:"" Don't set the "default Route".
  3. :""Note:"" Don't set zones twice.















Netzwerk Objects

Add network objects
  1. Add network objects
    • Add second network object for the internet ("Internet2").
    • Add second network object for the external interface ("external-interface2").
    Note: The zone of the external-interface2 is the same as the DMZx.









Hide-NAT

Hide-NAT rules for both interfaces.
  1. Add hide-NAT
    Note: You have to add a hide-NAT rule for every network behind the firewall per interface.












Routing

add default routes and weighting
  1. Routing and weighting
    • You have to set a default route for every connection.
    • Set the weighting.
    • If you are using a high availability configuration, you have to set the weighting to 0.







Bind Services and Clients to a connection

Source routing for a fixed service.
In the field "Rule Rouing" you have to set an interface
  1. Source Routing
    • Set a route for a client or a network.
    Note: The whole data traffic will be routed over one connection.













  2. Rule Routing
    • Add a rule routing-rule in the portfilter.
















VPN

Bind IPSec to an interface
Bind L2TP to an interface
  1. The IPSec connections will be bound on an interface
    • 'Local Gateway pppx
    • Route over
    • Local Gateway ID pppx












  2. Bind L2TP connections to an interface (global)
    • Bind on an interface