Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Simon_Macpherso
Advisor

SMO and Internet Traffic

Hello,

Is a separate internet link required to be configured on one of the uplink ports for all traffic that is not SMO management traffic (Security Gateway configuration, policy installation, remote connections and logging) i.e. the SMO default route?

Regards,

Simon

0 Kudos
2 Replies
Chris_Atkinson
Employee Employee
Employee

Multiple "internet" links are not required.

For hosts talking to the Mgmt IP of the Security Group their default route/gateway shouldn't be the Mgmt IP itself rather an intermediate switch/router which will direct internet traffic via the data ports of the Security Group.

CCSM R77/R80/ELITE
0 Kudos
Simon_Macpherso
Advisor

I’m assuming we can’t route non-SMO management WAN traffic over the management ports (eth1-Mgmt1, eth2-Mgmt1).

We intend to deploy a new external /24 IP range as part of this deployment.

Do we need to allocate two separate IP blocks for both the SMO and WAN connectivity?

 

0 Kudos