HP Secure Key Manager User Manual
Page 203
Example 2. Example 2
Used for Outgoing Connections
Default Gateway
Inter-
face
-----------------------------------------------------------------—
no
none
Ether-
net #1
yes
10.20.41.1
Ether-
net #2
All responses to incoming packets leave from 10.20.41.1 - except the responses to incoming packets
from the 172.17.7.0 addresses (the local subnet of Ethernet #1). Those responses leave from the
Ethernet #1 interface. All connections initiated by the SKM appliance leave from 10.20.41.1.
Example 3. Example 3
Used for Outgoing Connections
Default Gateway
Inter-
face
-----------------------------------------------------------------—
yes
172.17.7.1
Ether-
net #1
no
10.20.41.1
Ether-
net #2
In this example:
•
All responses to incoming packets destined for IPs bound to Ethernet #1 leave from 172.17.7.1.
•
All responses to incoming packets destined for IPs bound to Ethernet #2 leave from 10.20.41.1.
•
If packets destined for Ethernet #1 are received by the Ethernet #2 interface, the response packets
will still leave from 172.17.7.1. Likewise, any packets destined for Ethernet #2 that are received
by the Ethernet #1 interface will still leave from 10.20.41.1.
•
If one of the default gateways should fail, the other interface is not affected. For example, if
172.17.7.1 fails, IPs bound to Ethernet #1 will be unreachable - but the Ethernet #2 interface will
operate normally.
•
All connections initiated by the SKM appliance (regardless of destination) leave from 172.17.7.1,
because 'Used for Outgoing Connections' is configured for that gateway. If this gateway fails, all
outgoing connections fail.
Example 4. Example 4
Used for Outgoing Connections
Default Gateway
Inter-
face
-----------------------------------------------------------------—
yes
172.17.7.1
Ether-
net #1
no
10.20.41.1
Ether-
net #2
Secure Key Manager
203