Cisco Cisco Packet Data Gateway (PDG)

Sample L2 Interchassis HA Configuration

▀ SecGW VM Configuration (StarOS)

▄ SecGW Administration Guide, StarOS Release 18

146

SecGW VM Configuration (StarOS)

Important:

Each SecGW (CPU-VM complex) must be separately configured as described below for

corresponding VSMs in both the primary and backup ASR 9000 chassis. There are four CPU-VM complexes per ASR
9000 VSM.

The unique parameters for each CPU-VM complex must correspond with interface settings configured for the primary
and backup ASR 9000 chassis.

Notes:



Enable hidden CLI test-commands.



Install SecGW License.



Assign unique host name per CPU-VM complex.



Set crash log size to 2048 with compression.



Require Session Recovery.



Create local context with unique parameters per CPU-VM complex.



Enable wsg-service with unique parameters per CPU-VM complex.



Create SRP context with unique parameters per CPU-VM complex.



Enable Connected Apps session with unique password and session name per CPU-VM complex.



Set wsg-lookup priorities.



Appropriately configure ethernet ports with unique parameters per CPU-VM complex. Refer to the tables below

for mapping of sample IP addresses for each SecGW.

Table 5. StarOS IP Address Mapping - SecGW1

Variable

Primary ASR 9000

Backup ASR 9000

<interfsace_LOCAL1_IPv4-address>

100.100.100.1 255.255.255.0

192.168.122.15 255.255.255.0

<iproute_:LOCAL1_IPv4-address_mask>

0.0.0.0 0.0.0.0 100.100.100.10

0.0.0.0 0.0.0.0 192.168.122.2

<wsg_acl1_permit_IPv4-address_mask>

65.65.0.0 0.0.255.255
45.45.0.0 0.0.255.255

<wsg_acl1_permit_IPv6-address/mask>

2065:: ::ffff:ffff:ffff:ffff
2045:: ::ffff:ffff:ffff:ffff

<wsg_pool1_IPv4-address>

45.45.0.1
45.45.58.254

<wsg_pool1_IPv6-address/mask>

2045::/56

<crypto_foo_local_IPv4-addrress>

35.35.35.35

<crypto_foo-1_local_IPv6-addrress>

2035::35

<wsg_interface_clear_IPv4-address_mask>

51.51.51.11 255.255.255.0

61.61.61.11 255.255.255.0