Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
357
Views
0
Helpful
2
Replies

GSS-Communication on Second Interface

iwearing
Level 1
Level 1

‎06-14-2010 02:05 AM

Hi,

I shall be deploying two GSS in two different locations.

Both GSS devices shall be placed on a DMZ using Private IP addressing with NAT to Public addresses to resolve DNS requests.

As replication is not supported using NAT, would it be feasible to configure the second Interface with an IP address on the inside Network which would be used for GUI Management and also GSS-Comunications. Are there  any security issues which this approach.

regards

Ian.

Labels:
0 Helpful
2 Replies 2

Sean Merrow
Level 4
Level 4

‎06-14-2010 06:19 AM

Hello Ian,

By default, the first Ethernet interface (eth0) is used for both interdevice communications and for communicating with ANM, which you use to manage your GSS devices.  You can use the gss-communications interface-config command to change it to eth1.  I'm not aware of any security issues with this approach.

Hope this helps,

Sean

0 Helpful

iwearing
Level 1
Level 1
In response to Sean Merrow

‎06-14-2010 06:55 AM

Sean,

Thanks for the update. I would imagine that due to the NAT restriction on the GSS-Communication interface then this is my only option to get the Primary and Standby devices to sync databases.

As I have internal access between both sites where the GSS are to be deployed my initial thinking was to alloww GSS-Communications over Ethernet 1 interface on the Internal Network, whilst servicing DNS on Ethernet 0 which is on a DMZ.

regards

Ian.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents