Load Balancing & Networking
The new rule shows that packets from network internal:net are allowed into the system if they are
being sent to the same network. Without this rule, the newly added IP address could not be
reached from the rest of the network.
Also note that IPv4/6 rule 1 allows Equalizer traffic if it is on the local host interface (lo0), and
IPv4/6 rule 3 blocks all traffic which didn't fall into one of the previous rules. This is the default
deny rule. IPv6 rule 2 is an automatically-added rule for link-local IPv6 addresses, which is
always there if any networks are configured.
If all of the clients and servers for this Equalizer are on the internal:net network, we're done,
however, most installations have customers which are on a different network, usually the
Internet.
98
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
Summary of Contents for Equalizer GX Series
Page 18: ......
Page 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 42: ......
Page 52: ......
Page 64: ......
Page 72: ......
Page 76: ......
Page 228: ......
Page 238: ......
Page 476: ......
Page 492: ......
Page 530: ......
Page 614: ......
Page 626: ......
Page 638: ......
Page 678: ......
Page 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 754: ......
Page 790: ......
Page 804: ......
Page 842: ......
Page 866: ......