Applies To:

Show Versions Show Versions

Archived Manual Chapter: Configuring Advanced Settings
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.

The WANJet appliance includes additional settings that you can configure as needed. It is important that you have a good understanding of your network configuration to perform advanced configuration.
Email alerts: Describes how to configure the system to send an email alert in case of system failure. You configure this setting if you want an administrator to receive immediate notice if the system fails.
Operational modes: Describes how to specify whether the system is active or inactive, whether to use disks for data storage (if available on the system), how to handle traffic in case of failure on WANJet 400 platforms, and how to change the appliance topology (inline or one-arm).
Device certificates: Describes how to view, import, or export device certificates on the system.
Remote redundancy and load balancing: Describes how to set up remote redundant WANJet appliances for failover and load balancing.
Redundant peers: Describes how to configure a second WANJet appliance as a redundant peer.
One-arm topology: Explains using an alternative deployment method, where the appliance connects to the LAN and has no direct connection to the WAN.
Factory default values: Describes how to return all configuration settings to their factory default values.
You can configure the WANJet appliance to send an email that includes a system snapshot (containing current system information) to a specific email address in the event of system failure. To successfully send email alerts, the WANJet appliance must be able to access the mail server. For example, if your SMTP server is on a network that is not accessible from your Management port, you need to set up a management route to the SMTP server. See Adding routes.
1.
In the navigation pane, expand WAN Optimization and click Email Alert.
The WANJet Email Alert screen opens.
2.
In the Email address box, type the email address to which you want the system snapshot sent. If you want the email alert to go directly to F5 Networks, type WANJetSupport@f5.com.
3.
In the From Email address box, type the email address from which you want the email to appear to be sent.
This does not need to be a valid email address, but it should look like a valid address to pass through spam filters. F5 Networks recommends that you use the alias of the WANJet appliance from which the snapshot was taken as the first part of the address (before the @ symbol), and your companys domain name as the second part of the address. For example, WJ_NewYork@company.com.
4.
In the SMTP Server IP box, type the IP address (not the domain name) of an SMTP mail server that is accessible from the WANJet appliance.
5.
In the SMTP Server Port box, type the port number for the mail server to which the SMTP request for the email alert will be sent.
Note: Typically, the port for SMTP is 25; however, the default port that the WANJet appliance uses for email alerts is 443 (which is normally used by SSL traffic). The WANJet appliance uses port 443, because it is more likely to be allowed through by a firewall. Verify that the mail server specified in the SMTP Server IP box is set up to forward traffic on port 443 to port 25.
Email alerts are disabled by default, but F5 Networks recommends that you enable them after you configure the settings on the WANJet Email Alert screen.
7.
Click the Test Me button to confirm that the WANJet appliance can access the mail server and send the email. You can use the test feature to send a simple test message, create a new system snapshot to send, or send all past system snapshots. F5 Networks recommends that you send a test message, because the WANJet appliance does not attempt to resend failed emails.
1.
In the navigation pane, expand WAN Optimization and click Operational Mode.
The Operational Mode screen opens.
2.
For the Mode setting, select one of the following options:
Active
Enables optimization.
Inactive
Optimization does not occur and the WANJet appliance is completely transparent to network traffic.
3.
If your hardware platform includes a hard disk drive, for the TDR-2 Storage Mode setting, select one of the following options:
Disk Based Storage
If the information being optimized consists of large data sets, this option provides better performance. This is the default value.
Memory Based Storage
If the information being optimized consists of smaller data sets, this option provides faster throughput.
4.
For the Failure Mode setting (WANJet 400 only), select one of the following options:
Fail to Wire (default)
If the WANJet appliance fails for any reason, network traffic continues to flow and bypasses the WANJet appliance.
Fail Close
If the WANJet appliance fails for any reason, the appliance breaks the link and stops traffic from passing through.
Note: If you select Fail Close on a WANJet 400, you must also make a hardware adjustment on the appliance. Refer to To enable Fail Close on WANJet 400 hardware, following, for instructions on how to open the unit and change the setting on the NIC.
5.
For the Topology setting, specify the way the WANJet appliance is connected to the network by clicking one of the options:
In-Line
This is the most common network topology. Inline means that the WANJet appliance is located between the LAN (or the LAN switch) and the WAN gateway (or the LAN router).
One-Arm
Select this option if your WANJet appliance is located on a separate, independent link. Refer to Configuring one-arm topology, for additional instructions.
6.
Click the Save button.
1.
Set the Failure Mode setting to Fail Close as described in the previous procedure, To configure the operational mode settings. (Do not forget to click Save to save the changed setting.)
3.
Turn the WANJet appliance upside down. On the bottom of the unit, unscrew the four screws on the left and right edges of the unit.
5.
Facing the front of the WANJet 400 appliance, locate the PXG2BP NIC card on the right near the front of the unit.
The ENB switch is on the left (towards the front of the card), and is turned off by default. The DIS switch is on the right (towards the back of the card), and is turned on by default.
8.
Turn the appliance on. If a warning beep sounds, press the red reset button on the back of the unit next to the power supplies.
9.
On the NIC card, press the ENB switch on the left (the one towards the front of the appliance). You hear an audible click.
1.
Set the Failure Mode setting to Fail to Wire as described in the procedure, To configure the operational mode settings. (Do not forget to click Save to save the changed setting.)
3.
Turn the WANJet appliance upside down. On the bottom of the unit, unscrew the four screws that are on the left and right edges of the unit.
5.
Facing the front of the WANJet 400 appliance, locate the PXG2BP NIC card on the right near the front of the unit.
The ENB switch is on the left (towards the front of the card), and was previously turned on. The DIS switch is on the right (towards the back of the card), and is off.
8.
Turn the appliance on. If a warning beep sounds, press the red reset button on the back of the unit next to the power supplies.
9.
On the NIC card, press the DIS switch on the right (the one towards the center of the appliance). This action produces an audible click.
Sometimes, multiple WANJet appliances need to communicate securely over a network. For example, multiple WANJet appliances might need to collect performance data over a wide area network, for global traffic management. In this case, these WANJet appliances need to exchange SSL certificates and keys to ensure secure data communication.
You can view information about a device certificate that is currently installed on the WANJet appliance. You can also export a certificate or import a different certificate.
You can view information about any SSL certificate and key that you have installed on the WANJet appliance. The specific information you can view about a certificate is:
1.
In the navigation pane, expand System, and click Device Certificates.
This displays the properties of any self-signed certificate.
2.
On the menu bar, click Device Key.
This displays the type and size of the key.
1.
In the navigation pane, expand System and click Device Certificates.
This displays the properties of a self-signed certificate.
2.
At the bottom of the screen, click Import.
This displays the screen for importing either a certificate, or a certificate and key.
3.
From the Import Type list, select an import type, either Certificate or Certificate and Key.
4.
From the Certificate Source setting, click either Upload File or Paste Text:
-If you click Upload File, type a file name or click Browse to navigate to the file containing the certificate.
-If you click Paste Text:
b)
Paste the text into the Certificate Source window.
5.
Click Import.
1.
In the navigation pane, expand System, and click Device Certificates.
This displays the properties of a self-signed certificate.
2.
At the bottom of the screen, click Export.
The screen displays the text of the existing certificate.
3.
Next to the Certificate File setting, click Download <certificate_name>.
1.
In the navigation pane, expand System, and click Device Certificates.
This displays the properties of a self-signed certificate.
2.
At the bottom of the screen, click Renew.
This displays the properties of the certificate and its associated key.
3.
Change any properties as needed.
For detailed information, see the online help.
4.
Click Finished.
1.
In the navigation pane, expand System, and click Device Certificates.
This displays the properties of a self-signed certificate.
2.
On the menu bar, click Device Key
This displays the properties of the key.
3.
Click Import.
4.
From the Import Type list, select an import type, either Certificate or Certificate and Key.
5.
From the Key Source setting, click either Upload File or Paste Text:
-If you click Upload File, type a file name or click Browse.
If you click Browse:
-If you click Paste Text:
b)
Paste the text into the Key Source window.
6.
Click Import.
1.
In the navigation pane, expand System, and click Device Certificates.
This displays the properties of a self-signed certificate.
2.
On the menu bar, click Device Key.
This displays the properties of the key.
3.
Click Export.
The screen displays the text of the key.
4.
Next to the Key File setting, click Download <key_name>.
You can configure two remote WANJet appliances for failover so that if one of the WANJet appliances or a router is not operational, the other one handles all the traffic. When both appliances are operational, the local WANJet appliance automatically load balances traffic between the two remote WANJet appliances.
In this configuration, you set up one WANJet appliance with two remote appliances. The local WANJet appliance can connect to the remote redundant WANJet appliances using a single link (through one router) or using two links (through two routers, as shown in Figure 8.1).
On both of the remote redundant peers, add the single WANJet appliance as a remote WANJet appliance. For example, on both WANJet1 and WANJet2, add WANJet3 as a remote WANJet appliance. Use the same Shared Key on both. Refer to Configuring remote WANJet appliances.
Next, set up the single local WANJet appliance by adding the two remote redundant WANJet appliances, as explained in the following procedure.
Note: You can also set up the two remote WANJet appliances as redundant peers (that is, connected through their Peer ports), however, this is not required. Refer to Configuring redundant peers for instructions on how to set the remote redundant pair up as peers.
1.
On the local WANJet appliance, expand WAN Optimization and click Remote WANJets.
The Remote WANJets screen opens.
2.
Click the Add button.
The Manage Remote WANJet popup screen opens.
3.
Set the WANJet Type to Redundant.
Additional settings for the redundant peer appear at the bottom of the popup screen.
4.
In the WANJet IP box, type the IP address of the first remote WANJet appliance.
5.
In the Send Bandwidth box, specify the bandwidth available for packets traveling from the local WANJet appliance to the first redundant peer:
a)
Type the bandwidth of the link (32622). The default is 622.
b)
Select the unit of measure: kbps (kilobits per second) or mbps (megabits per second). The default is mbps.
6.
In the Receive Bandwidth box, specify the bandwidth available for packets traveling from the remote WANJet appliance to the Local WANJet appliance:
a)
Type the bandwidth of the link (32622). The default is 622.
b)
Select the unit of measure: kbps (kilobits per second) or mbps (megabits per second). The default is mbps.
7.
In the RTT box, type the value for the average round trip time for the WAN link. You determine the RTT by using the ping utility to send a request to a device on the other side of the WAN link and reviewing the command output. The default RTT is 50 milliseconds.
8.
In the WANJet Alias box, type the name of the first remote WANJet appliance.
9.
Leave the settings as they are for WANJet Port (the default value is 3701) and MTU (this setting is available only if you specified a LAN Router).
10.
In the Shared Key box, type the shared key. The only requirement for the key is that it matches the key you used on the two remote appliances. For this example, you must use the same key as you used for WANJet1 and WANJet2 when setting up WANJet3 as a remote appliance.
11.
In the Redundant Peer box, type the IP address for the second remote WANJet appliance.
12.
In the Peer Send Bandwidth box, specify the bandwidth available for packets traveling from the local WANJet appliance to the redundant peer:
b)
Select the unit of measure: kbps (kilobits per second) or mbps (megabits per second).
13.
In the Peer Receive Bandwidth box, specify the bandwidth available for packets traveling from the remote WANJet appliance to the Local WANJet appliance:
b)
Select the unit of measure: kbps (kilobits per second) or mbps (megabits per second).
14.
In the Peer RTT box, specify the total time (in milliseconds) it takes to send a packet to the remote WANJet appliance and receive a response. The default Peer RTT is 50 milliseconds.
15.
Click OK.
The popup screen closes.
16.
On the Remote WANJet screen, click the Save button.
The remote redundant WANJet appliances appear on one line in the Remote WANJet appliance list and share the same alias.
The WANJet appliance supports setting up redundant pairs, or peers, connected through the peer port. Redundancy offers a continuous mode of operation and eliminates a central point of failure for LAN switching and routing. The WANJet appliance supports redundancy using a second WANJet appliance on a LAN, connected to a redundant router. The second WANJet appliance is known as a redundant peer. If one of the LANs routers fail, the corresponding WANJet appliance detects that the router is down, and continues service through the remaining active router and WANJet appliance.
The Peer port is also used in the case of asymmetric routing. The two WANJet appliances connected through their Peer ports exchange information about which appliance is responsible for optimizing specific connections. If the server tries to send packets back through the wrong WANJet appliance, the packets are passed through the Peer port to the other WANJet appliance.
Figure 8.2 shows an example of redundant peer configuration.
To configure the WANJet appliances shown in Figure 8.2, you need to perform the following tasks:
On WANJet3, add both WANJet1 and WANJet2 as remote WANJet appliances, set its type as Redundant, then specify WANJet2s IP address as the Redundant Peer.
2.
Connect the two WANJet appliances from the Peer port on one to the Peer port on the other using a crossover cable or a connection through a switch.
3.
In the navigation pane of the first WANJet appliance, expand WAN Optimization and click Local WANJet.
The Local WANJet screen opens.
4.
Check the Enable Redundant Peer box.
5.
In the Self Peer IP box, type the IP address of the Peer port on the local WANJet appliance. It must be in the same subnet as the redundant peer IP address.
6.
In the Redundant Peer IP box, type the IP address of the WANJet appliance that is the redundant peer of this WANJet appliance.
7.
In the Peer Netmask box, type the netmask of the peer and remote peer subnet. You create a subnet of the IP addresses of the Peer ports on the WANJet appliance and the redundant peer.
8.
Click Save.
The Local WANJet screen refreshes, and the changes are committed to the WANJet appliance.
9.
If the redundant peer is in a different subnet from the local WANJet appliance, on Local WANJet screen, click Local Subnets and clear the Include WANJet Subnet check box.
You can deploy the WANJet appliance out-of-line in a one-arm topology, with one physical connection to the LAN and no direct connection to the WAN.
Figure 8.3 One-arm deployment
In this deployment, the WANJet appliance has a single connection to both the LAN and the WAN through the WAN port. The WAN router (or LAN switch) redirects all relevant traffic to the WANJet appliance, according to the settings you configure.
4.
In the navigation pane, expand WAN Optimization and click Operational Mode.
The Operational Mode screen opens.
5.
For the Topology setting, select One-Arm.
Additional options appear.
6.
For the Redirection Method setting, select one of the following options to specify the method used to route network traffic through the WANJet appliance:
Static Routing
The LAN switch redirects all traffic to the WANJet appliance. You must also configure the IP address of the WANJet appliance as the default gateway on every client in the LAN. If you select this option, the Discovery Method options disappear. Click Save to save this setting.
Transparent Proxy
Select this option if you are using policy-based routing or WCCPv2 to redirect traffic to the WANJet appliance.
7.
For the Discovery Method setting, select one of the following options to specify the method used to determine which traffic to send to the WANJet appliance:
Static
Select this option for policy-based routing. You must also configure a policy or policies on the router to define the criteria to use for redirecting traffic to the WANJet appliance.
WCCPv2
Select this option if you are using WCCPv2 to communicate between the router and the WANJet appliance regarding which traffic to redirect to the WANJet appliance. If you select this option, additional screen elements appear for you to set the WCCP parameters on the WANJet appliance as they are set on each WCCP-enabled router. See To add WCCP parameters for a router, following, for details on how to set the parameters.
Note: When you save any changes to the WCCP configuration, the system must close the current WCCP connections and wait to restart TMM. If you try to make additional changes before the system has completed the reset, a popup message advises you how much longer you must wait.
8.
In the Keep Alive Timer box, enter the frequency in seconds (from 1 to 10) of the control messages exchanged between the router and the WANJet appliance. The default value is 10 seconds.
If you selected WCCPv2 in step 7, you need to configure the WCCP parameters as described in the following procedure.
1.
In the navigation pane, expand WAN Optimization and click Operational Mode.
The Operational Mode screen opens.
2.
To add the parameters for a WCCP-enabled router, click Add.
The Add WCCP Parameters popup screen appears.
3.
In the Router Address box, type the IP address of the router.
4.
In the Service ID box, type the service group identifier (a number between 51 and 100) configured on the router.
5.
In the Priority box, type the priority (a number between 0 and 255) configured on the router. This number is the order in which the router follows the redirection rules.
6.
In the Tunnel box, type the router identifier IP address configured on the router. This IP address identifies the tunnel between the router and the WANJet appliance. If only one IP address is configured for the router, this address is the same as the Router Address in Step 3.
7.
For Redirection Type, select the method the router uses to redirect traffic to the WANJet appliance:
GREThe router uses GRE tunneling.
L2The router uses Layer 2 redirect.
8.
For Return Type, select the method the WANJet appliance uses to return passthrough and unprocessed traffic.
GREThe WANJet appliance uses GRE tunneling.
L2The WANJet appliance uses L2 return.
9.
For Egress Method, select the method the WANJet uses to forward optimized traffic.
Negotiated ReturnThe WANJet appliance negotiates with the router, depending on whether the router supports the method you select for Return Type in Step 8. For example, if you select L2, and the router does not support L2, the appliance uses GRE.
IP ForwardingThe WANJet appliance forwards optimized traffic normally, that is, without encapsulation.
10.
If the router requires a password to communicate with the WANJet appliance, select the Authenticate check box, and type the password in the Password box.
11.
Click OK.
The Add WCCP Parameters screen closes, and the WCCP parameters for the router are listed on the Operational Mode screen.
1.
Click the router address of the router for which you want to change or delete the WCCP parameters.
The Edit WCCP Parameters screen opens.
2.
Edit the information or click the Remove button to remove the WCCP parameters for the router.
3.
Click OK.
The Edit WCCP Parameters screen closes.
4.
Click Save.
Note: When you save changes to the WCCP configuration, the system must close the current WCCP connections and wait to restart TMM. If you try to make additional changes before the system has completed the reset, a popup message advises you how much longer you must wait.
You can restore the factory default values on the WANJet appliance. If you do this, the values in all fields on all screens are reset to the default values. You should restore the defaults only in extreme cases, such as when you want to discard all configuration changes that you have made, and start configuration all over again.
Because the WANJet appliance retains the licensing information, you do not have to revalidate the license. However, you do have to reconfigure the rest of the settings and policies.
Note: Before restoring factory default values, you should back up the current configuration in case you decide that you want to use the policies and settings that you have already entered. Refer to Creating and saving an archive on the WANJet appliance, for the procedure on how to save the current settings.
Important: Only experienced system administrators should reset configuration data to the factory default values. We strongly recommend that you modify these settings only under the guidance of F5 Support personnel.
4.
Type sys-reset.
The system resets the configuration to the factory default values.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)