The Legacy Mode Screen - ZyXEL Communications ZyWALL USG 200 Series User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 200 Series:
- User manual (902 pages) ,
- Manual (1157 pages) ,
- Reference manual (394 pages)
Table of Contents
Advertisement
39.5 The Legacy Mode Screen
Virtual Router Redundancy Protocol (VRRP)
Legacy mode device HA uses Virtual Router Redundancy Protocol (VRRP) to create
redundant backup gateways to ensure that a default gateway is always available.
The ZyWALL uses a custom VRRP implementation and is not compatible with
standard VRRP.
While active-passive mode only requires a single cluster ID for the entire virtual
router, legacy mode device HA requires you to configure a separate VRRP group
and Virtual Router ID (VRID) for each interface in a virtual router.
Additional VRRP Notes
• It is possible to set up two virtual routers so that they back up each other.
• VRRP uses IP protocol 112.
VRRP Groups
In legacy mode, you create a VRRP group to add one of its interfaces to a virtual
router. You can add any Ethernet or VLAN interface with a static IP address. You do
not configure VRRP groups for virtual interfaces.
• You can only use interfaces that have static IP addresses.
• You can only enable one VRRP group for each interface, and you can only have
one active VRRP group for each virtual router.
• If you create a VRRP group for an Ethernet interface that has a VLAN interface
configured on it, make sure you create a separate VRRP group for the VLAN
interface. This will avoid an IP conflict if the backup ZyWALL takes over for the
master.
• When the ZyWALL is the master, the interface uses its IP address, the IP
address of the virtual router. If the ZyWALL is a backup, the interface uses its
management IP address.
• You can only have one active VRRP group for each interface, and you can only
have one active VRRP group for each virtual router (VR ID).
• You can set up authentication for a VRRP group. If you select AH MD5
authentication, the VRRP group uses IP protocol 51 (AH), instead of IP protocol
112 (VRRP).
Link Monitoring and Management Access
Link monitoring has a backup ZyWALL take over all of an unavailable master
ZyWALL's static IP addresses. This way the backup ZyWALL takes over all of the
master ZyWALL's functions. This also means you can only access the original
master ZyWALL through its management IP address.
ZyWALL USG 100/200 Series User's Guide
Chapter 39 Device HA
709
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
