Configuring High Availability VLANs
Release 5.1.6.R02 User Guide Supplement June 2005 page 3-7
Traditional Firewall ImplementationThe figure below shows two high availability VLANs that are used to manage a third-party high availabil-
ity firewall cluster. Unsecure traffic from the Internet comes into the OmniSwitch through the ingress port
1/1 of high availability VLAN 10. This traffic is sent to the high availability cluster through the egress
ports that belong to HA VLAN 10 (2/9, 2/10, and 3/5).
Firewall and High Availability Cluster
The third-party high availability firewall cluster sends authorized traffic to ports 4/1, 5/3, and 5/4 that
belong to standard VLAN 20. This traffic is then forwarded on VLAN 20 to the private network.
See “Application Example 1: Firewall Cluster” on page3-16 for instructions on how to config ure the high
availability VLANs in the example above.
OmniSwitch 7800
Data Flow
Private
Network
Internet
OmniSwitch
HA VLAN 10
2/9
2/10
3/5
Standard VLAN 20
4/1 5/3 5/4
Firewall Port Clusters
Data Flow
Ingress
Egress
1/1