Go to the table of contents Go to the previous page Go to the next page
Routing configuration
Deployment and Installation Center | Web and Email Security Solutions | Version 7.8.x
 
Use the Configuration > Routing page to specify:
*
*
Configuring static routes
*
*
*
*
*
*
*
Adding static routes
Static routes can be added one at a time, or many at a time using an import file.
When a static route is added, data entered in each field is validated by the appliance, and an error message is displayed if there is an inconsistency in the route.
To add static routes:
1.
Go to the Configuration > Routing page, select the IPv4 or IPv6 tab, and click Add/Import under Static Routes.
2.
To manually add a single route, select the Add individual route radio button, enter values for all fields, and then click Add Route.
 
3.
a.
Prepare the import file. See Import file specifications, below.
b.
Select the Import route file radio button.
c.
Specify the full path and file name, or Browse to locate the file. Click Import Route to import the routes specified in the file.
The appliance reads the file, validates each route, and reports errors for lines that are invalid.
Duplicate route entries are ignored; duplicate entries are not created.
If the number of routes in the file, combined with the number of existing routes exceeds the 5000 route table limit, the import fails. No routes are added and an error message displays.
Import file specifications:
1.
2.
3.
For IPv4:
destination netmask default-gateway interface
Destination is a subnet address or host IP address.
Netmask determines the proper value of destination.
Default-gateway is the next hop.
Interface is the appliance interface through which traffic is routed. The specified interface must be enabled. If it is disabled, the appliance reports an error and does not add the route.
For IPv6:
destination prefix-length default-gateway interface
Destination is a subnet address or host IP address.
Prefix-length determines the proper value of destination.
Default-gateway is the next hop.
Interface is the appliance interface through which traffic is routed. The specified interface must be enabled. If it is disabled, the appliance reports an error and does not add the route.
Exporting the route table
To export the route table to a text file, click Export Table. Use the Browse dialog to specify a location and name for the file.
All routes in the table, whether enabled or disabled, are exported.
The file is formatted as described above for import files.
Configuring module routes
In some deployments it is necessary or desirable to route some Web Security or Email Security traffic through the appliance C interface (typically web and email traffic is routed through separate, dedicated interfaces [P1/P2, E1/E2] and C is reserved for management traffic). However, some sites might want to route authentication (or other) traffic through the C interface. This is accomplished by defining module routes on the Configuration > Routing page.
The module route table has a maximum limit of 5000 entries.
Adding a module route
1.
In the Module Route section of the Configuration > Routing page, click Add.
2.
 
Note 

Go to the table of contents Go to the previous page Go to the next page
Copyright 2016 Forcepoint LLC. All rights reserved.