manualshive.com logo in svg

PaloAlto Networks TECHDOCS ION 9000, Справочник по аппаратуре, Страница: 28 / 32

Поделиться
Скачать
PaloAlto Networks TECHDOCS ION 9000 Скачать руководство пользователя страница 28

Install the ION 9000

Connect the controller 1 port to a copper 1G ethernet port, similar to how client PC or Laptops

are connected to a corporate network. Ensure that you allow outbound internet access on port

443 to enable communicaon between the controller port and the Prisma SD-WAN controller

service.
Aer this port is connected and the ION 9000 powered on, the ION 9000 automacally connects

and registers with the Prisma SD-WAN controller. Aer the registraon, the ION 9000 is available

for claiming and configuraon in the Prisma SD-WAN console.

Configure Peering Ports

The Prisma SD-WAN ION 9000 uses the peering ports to communicate with WAN edge or core

or WAN distribuon routers via BGP. The routers may be connected using one physical port per

router or mulple routers can share a single port by using a shared Layer 2 VLAN.
The below figure shows the peering port topologies of an ION 9000.

Depending on the number, type and choice of routers and Layer 2 or Layer 3 configuraons, the

number of peering ports required may vary. However, any non-controller port may be used for a

peering port. These ports are set-up and idenfied at configuraon me.
To pre-cable the peering ports before configuraon:

1.

Plan the type and the number of ION 9000 ports needed for peering configuraon.

2.

Physically plug in the ports from the ION 9000 devices to the appropriate routers or switches.

3.

Record the ION port numbers and connecng router or switch port informaon for future

reference.

Configure Internet Ports

The Prisma SD-WAN ION 9000 uses the internet ports to receive inbound VPN connecons from

the internet. Typically, ION 9000 devices use one internet port per data center and this port must

be able to receive traffic from the internet.
The internet port must specifically allow inbound UDP 4500 to the ION 9000 from remote ION

devices. If a firewall or NAT is used outside the ION 9000 on this port, UDP 4500 needs to be

port forwarded or passed-through from the firewall or NAT device.
To pre-cable the internet ports before configuraon:

1.

Plan the type and the number of ION 9000 ports needed for VPN configuraon.

2.

Physically plug in the ports from the ION 9000 devices to the appropriate devices.

ION 9000 Hardware Reference

28

©

2021 Palo Alto Networks, Inc.

Содержание TECHDOCS ION 9000

Страница 1: ...ION 9000 Hardware Reference docs paloaltonetworks com...

Страница 2: ...s paloaltonetworks com search html Have feedback or ques ons for us Leave a comment on any page in the portal or write to us at documenta on paloaltonetworks com Copyright Palo Alto Networks Inc www p...

Страница 3: ...N Device Compliance Statement 17 ION 9000 Installa on Kit Components 19 Power on the ION 9000 20 Shut down the ION 9000 20 Reboot the ION 9000 20 Install the ION 9000 21 Rack Mount the ION 9000 22 Ins...

Страница 4: ...Table of Contents ION 9000 Hardware Reference 4 2021 Palo Alto Networks Inc...

Страница 5: ...ou install or service a Palo Alto Networks next genera on rewall or appliance The following topics apply to all Palo Alto Networks rewalls and appliances except where noted Tamper Proof Statement Thir...

Страница 6: ...uct The tracking number provided to you electronically when ordering the product matches the tracking number that is physically labeled on the box or crate The integrity of the tamper proof tape used...

Страница 7: ...egin Third Party Component Support Before you consider installing third party hardware read the Palo Alto Networks Third Party Component Support statement ION 9000 Hardware Reference 7 2021 Palo Alto...

Страница 8: ...est raccord e la terre Use grounded and shielded Ethernet cables to ensure agency compliance with electromagne c compliance EMC regula ons French Transla on Des c bles Ethernet blind s reli s la terr...

Страница 9: ...C or DC from the power inputs to fully de energize the hardware French Transla on Tous les appareils Palo Alto Networks avec au moins deux sources d alimenta on D branchez tous les cordons d alimenta...

Страница 10: ...Before You Begin ION 9000 Hardware Reference 10 2021 Palo Alto Networks Inc...

Страница 11: ...sma SD WAN Instant On Network ION 9000 and plan your deployment ION 9000 ION 9000 Ports ION 9000 Front Panel with LEDs ION 9000 Speci ca ons ION Device Compliance Statement ION 9000 Installa on Kit Co...

Страница 12: ...oy the ION 9000 in an o path model enabling elas c non disrup ve scale out and high availability HA The ION 9000 Establishes connec vity to the data center network and exchanges rou ng informa on Term...

Страница 13: ...e Controller Ports This port is used by the ION device to communicate with the Prisma SD WAN controller By default controller ports are DHCP enabled Internet Peering Ports These ports are used as inte...

Страница 14: ...ight Powered o Displays Controller connec vity status Blue light Connected No light Not Connected Displays disk status Orange light blinking Displays disk ac vity HA LED O Not con gured Solid Green Ac...

Страница 15: ...rogrammable inline fail to wire capability for use in branch device mode Throughput Throughput Up to 10 Gbps Power and Mechanical Type Wa s 1 1 Hot swappable redundant PSUs 450W AC Power input AC 100...

Страница 16: ...it ports for other features BGP peers Layer 2 connec vity to two separate network devices that are currently par cipa ng in any dynamic rou ng protocol BGP OSPF EIGRP with each other Internet connec v...

Страница 17: ...a ng to electrical equipment designed for use within certain voltage limits Federal Communica ons Commission FCC statement for a Class A digital device or peripheral This equipment has been tested and...

Страница 18: ...um rique de la classe A est conforme la norme NMB 003 du Canada Korean Communica ons Commission KCC Class A Statement This equipment is an electromagne c compa ble device for business purposes Class A...

Страница 19: ...h square hole adapters 2x Moun ng brackets with accompanying screws 2x 19 inch slide lock ears with accompanying screws 2x Red Cat 5E crossover rollover ethernet cable 1x Grey Cat 5E straight through...

Страница 20: ...following ways Shut down using the Device Toolkit commands Run the device toolkit command debug shutdown to shut down the device Ensure the device is physically accessible to turn it back on before ex...

Страница 21: ...Install the ION 9000 Deploy the Prisma SD WAN ION 9000 in the following modes Rack Mount the ION 9000 Install the ION 9000 in Virtual In Path Con gura on Install ION 9000 in High Availability 21...

Страница 22: ...Install the ION 9000 Rack Mount the ION 9000 Rack mount the ION 9000 on a standard 19 inch rack with square holes ION 9000 Hardware Reference 22 2021 Palo Alto Networks Inc...

Страница 23: ...e bu on towards the front to fully withdraw it from the rails The ION 9000 uses the chassis moun ng brackets to a ach to the slide rails for moun ng on the rack 3 A ach the moun ng brackets to both si...

Страница 24: ...Install the ION 9000 ION 9000 Hardware Reference 24 2021 Palo Alto Networks Inc...

Страница 25: ...he ng pins through the rails 3 A ach the chassis moun ng brackets to either side of the ION 9000 4 Slide the ION 9000 into the rack and con rm that the device is installed securely If the rack has unt...

Страница 26: ...ith the slide rail slot and push the ION 9000 in 2 Slide the bracket release bu on on both the brackets and slide the ION 9000 into the rack un l it clicks into place 3 Secure the ION 9000 into the ra...

Страница 27: ...ographic distribu on Seamlessly transi on tra c to another ION 9000 or the legacy rou ng network when there is a failure The following gure illustrates the virtual in path deployment architecture of a...

Страница 28: ...d may vary However any non controller port may be used for a peering port These ports are set up and iden ed at con gura on me To pre cable the peering ports before con gura on 1 Plan the type and the...

Страница 29: ...Install the ION 9000 3 Record the ION port numbers and connec ng device port informa on for future reference ION 9000 Hardware Reference 29 2021 Palo Alto Networks Inc...

Страница 30: ...on between branch sites and data center clusters STEP 1 Add a second ION 9000 to the data center that requires high availability HA STEP 2 Use the same ports to cable the second ION 9000 STEP 3 On the...

Страница 31: ...dress or the NAT port is unique for each ION device There is no addi onal con gura on required on the second ION device except the IP addresses Both the ION 9000 devices peer with the same core and WA...

Страница 32: ...Install the ION 9000 The following image illustrates the se ng up BGP for ION 9000 HA ION 9000 Hardware Reference 32 2021 Palo Alto Networks Inc...

Отзывы:

Нет отзывов