Allied Telesis Routers and Switches manual Configure the firewall

5.Configure the firewall

Enable the firewall.

enable firewall

Create a firewall policy.

create firewall policy=lb

Set the firewall session timeouts for TCP, UDP and other packet types, in minutes.

set firewall policy=lb tcptimeout=5 udptimeout=5 othertimeout=5

Add the public and private interfaces to the firewall policy.

add firewall policy=lb int=vlan2 type=public

add firewall policy=lb int=vlan3 type=private

Add the redundancy management VLAN to the firewall policy as a private interface.

add firewall policy=lb int=vlan4 type=private

You do not need to add firewall access rules at this step. This example uses triggered scripts to dynamically add access rules, depending on which load balancer is the master (see step 9).

6.Disable the GUI and the HTTP server on port 80

You cannot use the router’s GUI or its HTTP server on port 80 when load balancing web traffic. Therefore, you need to either disable the GUI and server, by using the following commands:

disable gui

disable http server

or change the port that the server uses. For example, to change the port to 8080, use the following command:

set http server port=8080

You can then use the GUI by pointing your browser to the router's private address and the new port (in this example, 192.168.1.200:8080).

Note that this configuration uses some advanced settings that are not available through the GUI, so you cannot use the GUI to create this configuration. You also cannot use the firewall pages in the GUI to modify this configuration’s firewall settings, because the GUI does not recognise this firewall policy. However, you can use the GUI to monitor the router.