06-14-2010 02:05 AM
Hi,
I shall be deploying two GSS in two different locations.
Both GSS devices shall be placed on a DMZ using Private IP addressing with NAT to Public addresses to resolve DNS requests.
As replication is not supported using NAT, would it be feasible to configure the second Interface with an IP address on the inside Network which would be used for GUI Management and also GSS-Comunications. Are there any security issues which this approach.
regards
Ian.
06-14-2010 06:19 AM
Hello Ian,
By default, the first Ethernet interface (eth0) is used for both interdevice communications and for communicating with ANM, which you use to manage your GSS devices. You can use the gss-communications interface-config command to change it to eth1. I'm not aware of any security issues with this approach.
Hope this helps,
Sean
06-14-2010 06:55 AM
Sean,
Thanks for the update. I would imagine that due to the NAT restriction on the GSS-Communication interface then this is my only option to get the Primary and Standby devices to sync databases.
As I have internal access between both sites where the GSS are to be deployed my initial thinking was to alloww GSS-Communications over Ethernet 1 interface on the Internal Network, whilst servicing DNS on Ethernet 0 which is on a DMZ.
regards
Ian.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide