Adding Secure Access Clusters; Chapter 4 Adding Secure Access Clusters; Adding A Secure Access Cluster Overview - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 Manual
Configuring secure access devices guide
Hide thumbs
Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01:
- Manual (444 pages) ,
- Administration manual (1026 pages) ,
- Installation manual (244 pages)
Table of Contents
Advertisement
CHAPTER 4
Adding Secure Access Clusters
Adding a Secure Access Cluster Overview
Copyright © 2010, Juniper Networks, Inc.
Adding a Secure Access Cluster Overview on page 23
Adding a Secure Access Cluster with Imported Cluster Members on page 24
When you add a Secure Access cluster in NSM, you first add the cluster and then add
each member. Adding a member is similar to adding a standalone device.
Secure Access clusters can be configured by the device administrator to operate in
active/passive mode or in active/active mode. Clusters in active/passive mode are made
up of a primary member and a secondary member. All traffic flows through the primary
member. If the primary member fails, then the secondary member takes over.
In active/active mode, traffic is load-balanced across all cluster members. If one member
fails, then load balancing takes place among the surviving members.
In active/active Network Connect (NC) deployments, we recommend that you do the
following:
Split the NC IP pool into node-specific subpools.
Perform static route configuration on the backend router infrastructure in a coordinated
fashion, with static routes to each subpool pointing to the internal IP address of the
hosting cluster node as the next-hop gateway.
NOTE: The Secure Access device does not support a common IP address
pool for NC for an active/active cluster.
The number of members permitted in a cluster depends on whether the cluster is
configured in active/active mode or in active/passive mode. You can have no more than
two cluster members in active/passive mode. In active/active mode you can have up to
eight members.
Before you can activate a cluster member in NSM, the device administrator must have
already created the cluster and added, configured, and enabled the physical cluster
member. See the Juniper Network Secure Access Administration Guide for details on
creating and configuring clusters.
23
Advertisement
Chapters
Table of Contents
