FWPULSE
This screen displays the current configuration information for the fwpulse
aand fwpulsed daemons. The administrator can modify the fwpulse configuration
on this screen and then save the updates to the firewall. After saving
the modifications, the administrator will have to go to the T.Rex
Start/Stop Services Menu to refresh
fwpulse and/or fwpulsed before the modifications will take effect.
fwpulse and fwpulsed work as a pair. fwpulse is the monitoring
daemon that actively sends probes to the remote firewall to monitor its
status. fwpulsed listens for probes from fwpulse and responds to
them.
Edit Button
Edit the config file directly rather than using this configuration
screen.
Hostname to assume on a takeover
If specified, this hostname will be used during a takeover. When
the takeover command is issued, hostname on this machine will be changed
to the specified name in this field.
Email address to send alerts to
Specifies the email address to send alerts to when fwpulse detects
an un-responsive remote firewall address.
Interval in seconds between each check to the remote firewall
The number of seconds for fwpulse to sleep between checking on the
remote firewall.
Private port number to use for monitoring remote
firewall
Specifies the port number on the remote firewall for fwpulse
to connect to. This is the port which fwpulsed on the remote firewall
is listening to.
Private encryption key for communications with remote firewall
This is a string of eight 3-digit octal numbers, separated
by blanks, each having a value from 0 to (octal) 377. This set of
numbers is used as a shared key by the paired firewalls to communicate
with each other in private.
Maximum seconds to wait for non-response
Specifies the number of seconds to wait for the remote firewall
before concluding that it is not responding.
Seconds during startup to ignore any non-response
Specifies the number of seconds during startup where a non-response
is to be treated as OK (for example, when the paired firewalls are booted
up at the same time but one completed the bootup sequence before the other
one and the firewall that took longer to boot can appear non-responsive
to a monitoring fwpulse) and we don't want an automatic takeover to occur.
Perform Automatic Takeover
Specifes whether automatic takeovers are to be initiated when
the remote firewall appears to be non-responsive.
Network Rules
This is the area where new network rules can be added and existing
network rules can be modified or removed. See Working
With a Rules Panel for more information.
IP address
This is the remote firewall IP address that FWPULSE should monitor
and that TAKEOVER should assume when the remote firewall is found to be
un-responsive.
Network Interface
This is the local network interface to use for taking over the remote IP
address . If the local machine is running the Solaris Operating
System, this should be specified as an alias to a network interface, e.g.
le0:1.
Router addesss
This is usually the IP address of the router that this network interface
is connected to. If this network interface is not connected
to a router, this Router address
can be the IP address of a third machine which is on this network.
When fwpulse detects a non-response from a remote firewall, fwpulse will
try to get a ping response from this address. Whether fwpulse gets
a response from this address or not helps it determine whether it was a
more general problem on the network or whether it was a problem on the
remote firewall that caused it to not be able to respond. If
Router address is specified, then
Alias must be "No". If Router
address is blank, then Alias
must be "Yes".
Netmask
This is the netmask to be used during a takeover.
Critical Port
This specifies an active TCP port on the remote firewall. The port
should be one that is listened to by the most critical application (e.g.
webgate) of the remote firewall. This provides fwpulse with another
port number, in addtion to Private Port
, to try to connect to. When other methods failed, fwpulse tries
to connect to this port number on the remote firewall as a last resort
attempt to determine whether the remore firewall is really not functional.
Alias
Specifies whether this IP address should be treated as an alias.
fwpulse only monitors IP addresses which are not aliases on the remote
firewall. Monitoring all the alias IP addresses does not add much
value but may prolong the time it takes fwpulse to detect a remote firewall
failure. fwpulse will use all alias and non-alias remote addresses
during an automatic takeover. If Alias
is "Yes", then Router address
must be blank. If Alias is "No",
then Router address must be specified.
Taskbar Pulldown Menu
Task Buttons