Cisco Cisco Packet Data Gateway (PDG)
Sample L3 Interchassis HA Configuration
▀ SecGW VM Configuration (StarOS)
▄ SecGW Administration Guide, StarOS Release 17
180
interface icsr
ip address <srp_interface_icsr_IPv4-address_mask_per_CPU-VM>
#exit
subscriber default
exit
aaa group default
#exit
ip route <srp_iproute_IPv4-address_mask> <srp_iproute_IPv4-address> icsr
#exit
connectedapps
sess-userid cisco
sess-passwd encrypted password <encrypted_password>
sess-name <srp_hsrp-group_number>
sess-ip-address <connectapps_session_IPv4-address>
rri-mode BOTH
ha-chassis-mode inter
ha-network-mode L3
ca-certificate-name ca-cert-tls
activate
#exit
wsg-lookup
priority 1 source-netmask 28 destination-netmask 28
priority 2 source-netmask 32 destination-netmask 32
priority 3 source-netmask 16 destination-netmask 16
priority 4 source-netmask 24 destination-netmask 24
priority 5 source-netmask 16 destination-netmask 24
#exit
port ethernet 1/10
no shutdown
vlan <port_1/10__vlan_id>
no shutdown
bind interface ike wsg
#exit
#exit
port ethernet 1/11
no shutdown
vlan <port_1/11_vlan_id_wsg>
no shutdown
bind interface clear wsg
#exit
vlan <port_1/11_vlan_id_srp>
no shutdown
bind interface icsr srp
#exit
#exit
end
ip address <srp_interface_icsr_IPv4-address_mask_per_CPU-VM>
#exit
subscriber default
exit
aaa group default
#exit
ip route <srp_iproute_IPv4-address_mask> <srp_iproute_IPv4-address> icsr
#exit
connectedapps
sess-userid cisco
sess-passwd encrypted password <encrypted_password>
sess-name <srp_hsrp-group_number>
sess-ip-address <connectapps_session_IPv4-address>
rri-mode BOTH
ha-chassis-mode inter
ha-network-mode L3
ca-certificate-name ca-cert-tls
activate
#exit
wsg-lookup
priority 1 source-netmask 28 destination-netmask 28
priority 2 source-netmask 32 destination-netmask 32
priority 3 source-netmask 16 destination-netmask 16
priority 4 source-netmask 24 destination-netmask 24
priority 5 source-netmask 16 destination-netmask 24
#exit
port ethernet 1/10
no shutdown
vlan <port_1/10__vlan_id>
no shutdown
bind interface ike wsg
#exit
#exit
port ethernet 1/11
no shutdown
vlan <port_1/11_vlan_id_wsg>
no shutdown
bind interface clear wsg
#exit
vlan <port_1/11_vlan_id_srp>
no shutdown
bind interface icsr srp
#exit
#exit
end