Transcript Product Overview:

The Network Menu
1
The Network Menu
 Static Routing
The Static Routing functionality within GD eSeries allows users to easily configure
static routes to networks not managed by the appliance.
Keep in mind that the networks defined in (i.e. managed by) the GD eSeries don’t
need static routes in order to communicate properly (including remote VPN networks). The
GD will automatically build the routes for all GD hosted networks.
2
The Network Menu
 Static Routing example
3
The Network Menu
 Static Routing example
Source Network: The source network, in CIDR notation.
Destination Network: The destination network, in CIDR notation.
Route Via: Four options are available to define through where should the traffic be
channeled: Static Gateway, Uplink, OpenVPN User, or L2TP User. In case “Static Gateway” is
selected, the IP address of a gateway should be provided in the text box on the right.
Otherwise, a drop-down will appear, proposing the choice among the available uplinks,
OpenVPN users, or L2TP users.
Enabled: A ticked checkbox means that the rule is enabled (default). If unchecked, then the
rule is only created but not activated: It can always be enabled later.
Remark: A remark or comment to explain the purpose of the rule.
4
The Network Menu
 Interfaces
GD eSeries supports various
types of uplinks, or WAN devices,
including ethernet (static or
DHCP), PPPOE, ISDN, PPTP,
ADSL, UMTS CDMA or HSDPA
modems.
You can have multiple uplinks
connected to a GD eSeries device
as long as you have enough
physical ports to accommodate
all of your internal and external
interfaces.
By using multiple uplinks, you
can create WAN failover policies
that allow you to use an
alternate uplink connection in
case your primary connection
goes offline.
5
The Network Menu
 Multiple Uplinks example
6
The Network Menu
 Create New Uplink (WAN)
Type: Choose the uplink type to unveil the corresponding additional required
configuration settings.
Uplink is enabled: Tick this checkbox to enable the uplink.
Start uplink on boot: This checkbox specifies whether an uplink should be enabled at
boot time or not. This option could be useful for a backup uplink that you don’t want to
start during the boot procedure.
Uplink is managed: Tick this checkbox for the uplink to be managed (i.e. monitored and
restarted if needed).
If this uplink fails activate…: If enabled, an alternative connection can be chosen from a
drop-down menu, which will be activated when this uplink fails.
Check if these hosts are reachable: Tick this option to enter a list of IP or hostnames that
will be pinged when the uplink fails, as to check if it is unavailable or has reconnected.
7
The Network Menu
 Create New Uplink (WAN)
In the advanced settings panel,
two additional options can be
customized:
Reconnection timeout: The time
interval (in seconds) after which an
uplink tries to reconnect if it fails.
This value depends on the
provider’s settings. If unsure, leave
this field empty.
MTU: A custom value for the MTU
size.
8
The Network Menu
 Policy Routing
The Policy Routing feature of eSeries provides a more granular and dynamic ability
to create policy routes based on any number of criteria (IP, MAC, port, etc.). The most
common use of this feature is to “split” internal traffic across multiple external (Internet)
connections.
In addition, when setting up policy routes across internet connections, the eSeries
can automatically failover from one link to another. In the event an uplink going down,
GD eSeries will automatically re-route the specified policies to the backup uplink, if so
desired, to prevent any unnecessary downtime.
9
The Network Menu
 Multiple Uplinks & Policy Routing Example
10
The Network Menu
 Multiple Uplinks & Policy Routing Example
Source: It allows to choose the source networks. Several entries, one per line, are
accepted, but all must belong to the same type: a zone/interface, OpenVPN/L2TP user(s),
Ips/networks, or MAC addresses. To apply the rule to all sources, select <ANY>.
Destination: It allows the choice of the destination networks, in form of a list of IPs,
networks, OpenVPN or L2TP users. Again, by selecting <ANY> the rule will match every
destination.
Service/Port: The next two drop-down menus allow to specify the service, protocol, and a
destination port for the rule when the TCP, UDP, or TCP+UDP protocols are selected. Some
predefined combinations service/protocol/port exist.
User defined: Allows you to specify a custom protocol and the ports to block, an option
that proves useful when running services on ports different from the standard ones.
11
The Network Menu
 Multiple Uplinks & Policy Routing Example
Route Via: The uplink that should be used for this rule. If the uplink becomes unavailable, there
is the option for the routing be carried over to the backup link corresponding to the selected
uplink.
Type of Service: The type of service (TOS) can be chosen here, if its implementation is required.
Remark: A remark or comment to explain the purpose of this rule.
Position: The position in which to insert the rule, i.e., the relative position in the list of rules.
Enabled: Tick this checkbox to enable the rule (default). If unchecked, the rule is created but not
active – it can be enabled later.
Log all accepted packets: This checkbox must be ticked to log all the packets affected by this
rule.
12
The Network Menu
 Policy Route – Orange Zone
13
The Network Menu
 Policy Route – Green Zone
14
The Network Menu
 Policy Route Example
15