Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

GSS-Communication on Second Interface

Hi,

I shall be deploying two GSS in two different locations.

Both GSS devices shall be placed on a DMZ using Private IP addressing with NAT to Public addresses to resolve DNS requests.

As replication is not supported using NAT, would it be feasible to configure the second Interface with an IP address on the inside Network which would be used for GUI Management and also GSS-Comunications. Are there  any security issues which this approach.

regards

Ian.

2 REPLIES
Silver

Re: GSS-Communication on Second Interface

Hello Ian,

By default, the first Ethernet interface (eth0) is used for both interdevice communications and for communicating with ANM, which you use to manage your GSS devices.  You can use the gss-communications interface-config command to change it to eth1.  I'm not aware of any security issues with this approach.

Hope this helps,

Sean

New Member

Re: GSS-Communication on Second Interface

Sean,

Thanks for the update. I would imagine that due to the NAT restriction on the GSS-Communication interface then this is my only option to get the Primary and Standby devices to sync databases.

As I have internal access between both sites where the GSS are to be deployed my initial thinking was to alloww GSS-Communications over Ethernet 1 interface on the Internal Network, whilst servicing DNS on Ethernet 0 which is on a DMZ.

regards

Ian.

211
Views
0
Helpful
2
Replies
CreatePlease login to create content