Cloning Groups
Supported OS and Versions: Gaia R77Note:Gaia "Cloning Groups" are not supported on Security Gateway in VSX mode.
A Cloning Group is a collection of Gaia gateways that synchronize their OS configurations and settings for a number of shared features, for example DNS or ARP. A configuration change in one of the members is automatically propagated to other members. This is useful in ClusterXL. If the ClusterXL members are also members of a Cloning Group, static routes can be synchronized.
You can:
--> Manually define an independent Cloning Group through the Gaia WebUI. To do this, use Manual mode. In manual mode, the administrator creates the Cloning Group and separately adds each member.
--> Configure a ClusterXL cluster as a Gaia Cloning Group. To do this, use ClusterXL mode. All the ClusterXL members become members of the same Cloning Group.
Note: A VRRP Cluster has to be manually defined.
Important:
Synchronization between members of a Cloning Group requires TCP Port
1129 to be open and communication through the port allowed by the
firewall. When the gateways are part of a cluster in SmartDashboard, an
implied rule in the rule base allows this connection. When the gateways
are not part of the same Cluster, the implied rule does not apply. If
the gateways are not part of the same cluster object in SmartDashboard,
make sure there is a rule that allows connections on TCP port 1129.Configuring Cloning Groups – WebUI
Cloning Groups are configured from the gateway WebUI.
1. Open the Gaia gateway WebUI.
The Cloning Group Creation Wizard opens.
3. Select Create a new Cloning Group.
The New Gaia Cloning Group window opens.
> Enter a name for the Cloning Group
> Select an IP address for synchronizing settings between member gateways. Select an address on a secure internal network.
> Enter a password for the administration account (cadmin). This password is necessary to:
> Manage the Cloning Group
>Add other gateways to the Cloning Group
> encrypted traffic between members of the Cloning Group
4. In the Shared Features screen, select features to clone to other members of the group.
Pay attention to which features you want to clone.
5. Click Next for the Wizard Summary and then click Finish.
6. Verify the cloning Group Created:
Join a Cloning Group
1. Open the Gaia gateway WebUI of another Gateway.
2. In System Management > Cloning Group, click Start Cloning Group Creation Wizard.
The Cloning Group Wizard opens.
3. Select join an existing Cloning Group.
4. The Join Existing Cloning Group window opens.
> Enter the IP address of a remote member of the Cloning Group.
> Select an IP address for synchronizing the settings between gateways. Select a secure internal address.
> Enter the password of the Cloning Group administration account (cadmin). (The same password you entered when creating the group.)
5. Click Next for the Wizard Summary and then click Finish.
6. Verify the Cloning Group Joined:
Manage the Cloning Group
1. Sign in to the WebUI of any Clone Group Members/VIP using the cadmin account and password.
Important: No unique URL or IP address is needed to access the Cloning Group WebUI, Use the URL or IP address of the member gateway/VIP.
2. In System Management > Cloning Group, selecting features from the Shared Features list propagates the settings to all members of the group.
3. We can edit shared features and set them :
Editing and setting Shared feature
Here We are taking an example of static route to be shared on all clone Group Members:
1. Sign in to the WebUI of any Clone Group Members/VIP using the cadmin account and password.
2. Implement Default Gateway and some more static routes :
3. Verify on both Group Members for the same entries. On Members Gateways Sign in to the WebUI using the admin account and password and Check the static Routes Entries, All entries are there :
a. On first member:
b. On Second Gateway:
Note: All shared features can be configured and set on all Group Members in the same way.
No comments:
Post a Comment