Thanks, I'll file a enhancement request. ---------------------------------------- From: "Murali Reddy" <murali.re...@citrix.com> Sent: Monday, January 21, 2013 5:27 PM To: "cloudstack-users@incubator.apache.org" <cloudstack-users@incubator.apache.org>, "k...@cloudcentral.com.au" <k...@cloudcentral.com.au> Subject: Re: Is it possible to use Juniper SRX for Firewall functions in conjunction with Virtual Router for Load Balancing functions
On 20/01/13 9:53 AM, "Kristoffer Sheather - Cloud Central" <kristoffer.sheat...@cloudcentral.com.au> wrote: >CloudStack Users, > >We are currently designing a new solution with specific security >requirements and are considering implementing a Juniper SRX series >firewall. In order to protect the load balancer from public traffic we >intend on deploying an 'in-line' topology where the SRX sits in front of >the load balancer (physical or virtual). > >Is it possible (and preferably tested) to use SRX for >firewall/port-forwarding/VPN and use the CloudStack Virtual Router for >load >balancing? I know the documentation states that you must use SRX with F5 >for 'in-line' mode, however I can't see why you couldn't use the virtual >router instead of a F5. I know that side-by-side configuration works right now. You can have a network offering with SRX providing firewall/PF/Nat services and VR/F5/NetScaler providing LB service. But inline mode, only SRX and F5 combination supported. But one can extend the support for VR/NetScaler as well. Please open a feature request bug. > >If anyone has experience and can advise that would be greatly appreciated. > >Regards, > >Kristoffer Sheather >Cloud Central >Scale Your Data Center In The Cloud >Phone: 1300 144 007 | Mobile: +61 414 573 130 | Email: >k...@cloudcentral.com.au >LinkedIn: | Skype: kristoffer.sheather | Twitter: >http://twitter.com/kristofferjon >
