溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
Juniper vSRX防火墻HA配置
實驗網絡拓撲結構
實驗目標
實驗配置步驟:
set groups node0 system host-name Mylab-FW1
set groups node0 interfaces fxp0 unit 0 family inet address 100.100.100.1/24
set groups node1 system host-name Mylab-FW2
set groups node1 interfaces fxp0 unit 0 family inet address 100.100.100.2/24
set apply-groups ${node}
commit and quit
#這個時候防火墻的名稱分別變為Mylab-FW1和Mylab-FW2
#使用cluster reth-count明確聲明需要配置幾個RG組
set chassis cluster reth-count 2
set chassis cluster redundancy-group 0 node 0 priority 100
set chassis cluster redundancy-group 0 node 1 priority 99
set chassis cluster redundancy-group 1 node 0 priority 100
set chassis cluster redundancy-group 1 node 1 priority 99
#配置Fabric Link
set interfaces fab0 fabric-options member-interfaces ge-0/0/2
set interfaces fab1 fabric-options member-interfaces ge-7/0/2
#注意vSRX在完成Cluster之后,備用主機的接口為主用設備接口+7
#配置冗余接口
set interfaces ge-0/0/3 gigether-options redundant-parent reth0
set interfaces ge-0/0/4 gigether-options redundant-parent reth2
set interfaces ge-7/0/3 gigether-options redundant-parent reth0
set interfaces ge-7/0/4 gigether-options redundant-parent reth2
set interfaces reth0 redundant-ether-options redundancy-group 1
set interfaces reth0 unit 0 family inet address 10.1.1.10/24
set interfaces reth2 redundant-ether-options redundancy-group 1
set interfaces reth2 unit 0 family inet address 202.100.1.10/24
#首先關閉集群后重啟
set chassis cluster disable reboot
#使用load factory-default恢復至出廠設置
load factory-default
set system root-authentication plain-text-password
commit
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
