Web OS 10.0 Application Guide
10.
Configure the filters to allow local subnet traffic on the dirty side of the VPN device to
reach the VPN device interfaces.
>> # ../filt 100
>> # ena
>> # sip any
>> # dip 192.168.10.0/dmask 255.255.255.0
>> # action allow
>> # ../filt 110
>> # ena
>> # sip any
>> # dip 224.0.0.0/dmask 255.0.0.0
>> # action allow
11.
Create a filter to allow the management firewall (Policy Server) to reach the VPN firewall.
>> # ../filt 120 ena
>> # sip 192.168.10.120
>> # smask 255.255.255.255
>> # dip 10.0.0.0
>> # dmask 255.255.255.0
12.
Create the redirection filter and enable firewall load balancing.
This filter will redirect inbound traffic, redirecting it among the defined real servers in the group.
>> # ../filt 224
>> # ena
>> # sip any
>> # dip any
>> # action redir
>> # ../filt 224/adv
>> # fwlb ena
13.
Add filters to the ingress port.
>> # ../port 1
>> # filt ena
>> # add 100/add 110/add 224
14.
Apply and save the configuration, and reboot the switch.
>> # apply
>> # save
>> # /boot/reset
n
364
Chapter 14: Virtual Private Network Load Balancing
212777-A, February 2002