This article will demonstrate how to use Ecessa WANworX products to route all of a sites Internet traffic through a virtual instance running in the VMware Cloud on AWS service.
Use Case
Provides a branch location single IP address failover. All branch location Internet traffic will route through the VMware Cloud on AWS virtual instance to reach the Internet. This allows the branch location access the Internet from one consistent IP address regardless of what local WAN is being used. WAN Virtualization with packet duplication ensures that any local WAN failures are invisible to users at the branch location.
Example Network
Ecessa Office Branch Location: Has a LAN network of 192.168.100.0/24 and two WANs. The Comcast WAN has the IP 173.160.121.100 and the CenturyLink WAN has the IP 65.156.214.229.
VMware Cloud on AWS SDDC: The Ecessa WANworX virtual instance has a single WAN with the IP 192.168.1.2/24 within VMware and the public IP address 18.235.130.174.
Create the virtual machine in the VMware Cloud on AWS SDDC settings
1) Request a public IP to use for the Ecessa WANworX virtual instance.
2) Create a NAT rule to translate all traffic to the previously requested public IP.
3) Create two firewall rules. The "outbound" rule allows all outbound traffic, from the Ecessa WANworX virtual instance, to the Internet. The "inbound" rule allows all inbound traffic, from the Internet, to the Ecessa WANworX virtual instance.
4) Right click on the folder were you would like to store the WANworX instance and choose Deploy OVF Template...
5) Choose the Local File that is the Ecessa virtual instance on your PC.
6) Choose a name and the location for the virtual machine.
7) Choose the destination compute resource for the virtual machine.
8) Select the storage for the configuration and disk files of the virtual machine.
9) Confirm the settings and click Finish.
10) Edit the settings of the virtual machine. Add at least one network interface and deselect the "Connect..." option for the serial port.
11) Power on the virtual machine.
Configure the Ecessa WANworX virtual instance
1) Add a WAN to the virtual instance with the following command.
wan add alias WAN port 1 ip 192.168.1.2/24 gateway 192.168.1.1
commit save
2) Use the registration register command to enable the features of the Ecessa WANworX virtual instance. Details of the registration process can be found at Registering a Virtual Machine.
3) Configure WAN Virtualization endpoints.
4) Create a WAN Virtualization Static Route to duplicate all traffic.
5) Edit the VPN settings to add an Identifier. The identifier must be entered into the VPN configuration of both endpoint devices.
6) Create a Static Route to specify that the 192.168.100.0/24 network is reachable over the WAN Virtualization connection.
7) Create an extra_snat rule for each remote network that will route through the virtual instance.
extra_snat add source 192.168.100.0/24 snat-ip 192.168.1.2 force-loose enable entry enable
commit save
Configure the Ecessa WANworX device at the branch location
1) Configure WAN Virtualization endpoints.
2) Create a WAN Virtualization Static Route to duplicate all traffic.
3) Edit the VPN settings to add an Identifier. The identifier must be entered into the VPN configuration of both endpoint devices.
4) Create a Static Route to specify that all traffic should traverse the WAN Virtualization connection.
0 Comments