2
« on: August 21, 2015, 04:01:35 AM »
Hi,
I am having problems configuring for my 2 sites (Office and DR site). I am using the router mode and have set the VIRT_LAN0 address for both the WANOS appliance. Both the wan and lan IP addresses are now pingable at the Office and DR network.
DR WANOS
wan0 IP : 10.138.140.251
virt_lan0 IP : 10.138.140.250
Office WANOS
wan0 IP : 10.138.227.242
virt_lan0 IP : 10.138.227.243
DR network
10.138.140.x/24
Router
10.138.140.254 (LAN gateway)
10.138.255.2 (WAN p2p IP)
Office network
10.138.56.x/21
Core Router
10.138.63.254 (LAN gateway)
10.138.227.254 (VLAN to connect to DR gateway)
Office to DR Router
10.138.227.250
10.138.255.1 (WAN p2p)
As a test, I have created PBR to route traffic from a specific Office network IP address (10.138.63.198) and also any traffic from the Office WANOS IP to the DR WANOS and set up one server (10.138.140.12) in DR network to point its NIC card gateway to the virt_lan0 IP of DR WANOS.
access-list 110 permit ip host 10.138.63.198 host 10.138.140.12
access-list 110 permit ip host 10.138.227.242 any
route-map WANOS permit 10
match ip address 110
set ip next-hop 10.138.140.251
I checked the debug log on the DR router and confirmed that traffic are routed to the DR WANOS.
Aug 21 02:28:09.118: IP: s=10.138.140.12 (FastEthernet0/1), d=10.138.63.198, len 60, FIB policy match
Aug 21 02:28:09.118: IP: s=10.138.140.12 (FastEthernet0/1), d=10.138.63.198, g=10.138.227.242, len 60, FIB policy routed
Over at the office network, I created a static route on the core router so that all traffic to 10.138.140.12 are routed to the office WANOS virt_lan0 IP.
ip route 10.138.140.12 255.255.255.255 10.138.227.243 name WANOS
At the Office to DR router, I used PBR to route all traffic coming from 10.138.140.12 and from the DR WANOS IP to the Office WANOS wan0 IP.
access-list 110 permit ip host 10.138.140.12 host 10.138.63.198
access-list 110 permit ip host 10.138.140.251 any
route-map WANOS permit 10
match ip address 110
set ip next-hop 10.138.227.242
From the debug log, the traffic is routed correctly.
Aug 21 2015 02:32:03 UTC: IP: s=10.138.63.198 (FastEthernet0/0), d=10.138.140.12, len 60, FIB policy match
Aug 21 2015 02:32:03 UTC: IP: s=10.138.63.198 (FastEthernet0/0), d=10.138.140.12, g=10.138.140.251, len 60, FIB policy routed
Over at the WANOS web interface, when I looked at the peer status, it always shows Local Status as Ready but Peer status as Down. I had left the configuration of both the WANOS as default without creating anything inside Multisite page and the Traffic Policy page.
So, I set up the following config at the multisite page.
DR WANOS
Rule Remote Site Subnet Site Number Peer IP
1 10.138.227.0/24 1 10.138.227.242
2 10.138.56.0/21 1 10.138.227.242
100 0.0.0.0/0 0 Auto Default
Office WANOS
Rule Remote Site Subnet Site Number Peer IP
1 10.138.140.0/24 1 10.138.140.251
100 0.0.0.0/0 0 Auto Default
And the following in the Traffic Policy page.
DR WANOS
# Source Destination Port DSCP Class QoS Rate Bypass
0.0.0.0/0 0.0.0.0/0 Interactive - 17 high - ✔
0.0.0.0/0 0.0.0.0/0 Encrypted - 0 - - ✔
1 10.138.140.0/24 10.138.56.0/21 tcp - 1 - -
2 10.138.140.0/24 10.138.56.0/21 udp - 1 - -
98 0.0.0.0/0 0.0.0.0/0 tcp - 1 - - ✔
99 0.0.0.0/0 0.0.0.0/0 udp - 1 - - ✔
100 0.0.0.0/0 0.0.0.0/0 tcp - 0 - -
Office WANOS
# Source Destination Port DSCP Class QoS Rate Bypass
0.0.0.0/0 0.0.0.0/0 Interactive - 17 high - ✔
0.0.0.0/0 0.0.0.0/0 Encrypted - 0 - - ✔
1 10.138.56.0/21 10.138.140.0/24 tcp - 1 - -
2 10.138.56.0/21 10.138.140.0/24 udp - 1 - -
98 0.0.0.0/0 10.138.140.0/24 tcp - 1 - - ✔
99 0.0.0.0/0 10.138.140.0/24 udp - 1 - - ✔
100 0.0.0.0/0 0.0.0.0/0 tcp - 0 - -
With the above configuration, the peer status is still down.
Can you advise what I can do to get the peer status to up?
Linus
Show Posts