Citrix Systems switch 4 Manual De Usuario

Initial Setup of External Firewalls and Load Balancers

157

#         sec.name   source        community

com2sec    local      localhost     public

com2sec   mynetwork   0.0.0.0       public

Setting to 0.0.0.0 allows all IPs to poll the NetScaler server.

b.

Map the security names into group names:

#      group.name   sec.model  sec.name 

group   MyRWGroup     v1         local 

group   MyRWGroup     v2c        local 

group   MyROGroup     v1        mynetwork 

group   MyROGroup     v2c       mynetwork

c.

Create a view to allow the groups to have the permission to:

incl/excl subtree mask view all included .1

d.

Grant access with different write permissions to the two groups to the view you created.

# context     sec.model     sec.level     prefix     read     write     notif 

  access      MyROGroup ""  any noauth     exact      all      none     none 

  access      MyRWGroup ""  any noauth     exact      all      all      all

3.

Unblock SNMP in iptables.

iptables -A INPUT -p udp --dport 161 -j ACCEPT

4.

Start the SNMP service:

service snmpd start

5.

Ensure that the SNMP service is started automatically during the system startup:

chkconfig snmpd on

When the first VM is created for a new account, CloudPlatform programs the external firewall and load
balancer to work with the VM. The following objects are created on the firewall:

• A new logical interface to connect to the account's private VLAN. The interface IP is always the first

IP of the account's private subnet (e.g. 10.1.1.1).

• A source NAT rule that forwards all outgoing traffic from the account's private VLAN to the public

Internet, using the account's public IP address as the source address

• A firewall filter counter that measures the number of bytes of outgoing traffic for the account