5.Configure the firewall
Enable the firewall.
enable firewall
Create a firewall policy.
create firewall policy=lb
Set the firewall session timeouts for TCP, UDP and other packet types, in minutes.
set firewall policy=lb tcptimeout=5 udptimeout=5 othertimeout=5
Add the public and private interfaces to the firewall policy.
add firewall policy=lb int=vlan2 type=public
add firewall policy=lb int=vlan3 type=private
Add the redundancy management VLAN to the firewall policy as a private interface.
add firewall policy=lb int=vlan4 type=private
You do not need to add firewall access rules at this step. This example uses triggered scripts to dynamically add access rules, depending on which load balancer is the master (see step 9).
6.Disable the GUI and the HTTP server on port 80
You cannot use the router’s GUI or its HTTP server on port 80 when load balancing web traffic. Therefore, you need to either disable the GUI and server, by using the following commands:
disable gui
disable http server
or change the port that the server uses. For example, to change the port to 8080, use the following command:
set http server port=8080
You can then use the GUI by pointing your browser to the router's private address and the new port (in this example, 192.168.1.200:8080).
Note that this configuration uses some advanced settings that are not available through the GUI, so you cannot use the GUI to create this configuration. You also cannot use the firewall pages in the GUI to modify this configuration’s firewall settings, because the GUI does not recognise this firewall policy. However, you can use the GUI to monitor the router.
Configure Load Balancer Redundancy on Allied Telesis Routers and Switches | 4 |