beautypg.com

HP Secure Key Manager User Manual

Page 203

background image

Example 2. Example 2

Used for Outgoing Connections

Default Gateway

Inter-

face

-----------------------------------------------------------------—

no

none

Ether-

net #1

yes

10.20.41.1

Ether-

net #2

All responses to incoming packets leave from 10.20.41.1 - except the responses to incoming packets
from the 172.17.7.0 addresses (the local subnet of Ethernet #1). Those responses leave from the
Ethernet #1 interface. All connections initiated by the SKM appliance leave from 10.20.41.1.

Example 3. Example 3

Used for Outgoing Connections

Default Gateway

Inter-

face

-----------------------------------------------------------------—

yes

172.17.7.1

Ether-

net #1

no

10.20.41.1

Ether-

net #2

In this example:

All responses to incoming packets destined for IPs bound to Ethernet #1 leave from 172.17.7.1.

All responses to incoming packets destined for IPs bound to Ethernet #2 leave from 10.20.41.1.

If packets destined for Ethernet #1 are received by the Ethernet #2 interface, the response packets
will still leave from 172.17.7.1. Likewise, any packets destined for Ethernet #2 that are received
by the Ethernet #1 interface will still leave from 10.20.41.1.

If one of the default gateways should fail, the other interface is not affected. For example, if
172.17.7.1 fails, IPs bound to Ethernet #1 will be unreachable - but the Ethernet #2 interface will
operate normally.

All connections initiated by the SKM appliance (regardless of destination) leave from 172.17.7.1,
because 'Used for Outgoing Connections' is configured for that gateway. If this gateway fails, all
outgoing connections fail.

Example 4. Example 4

Used for Outgoing Connections

Default Gateway

Inter-

face

-----------------------------------------------------------------—

yes

172.17.7.1

Ether-

net #1

no

10.20.41.1

Ether-

net #2

Secure Key Manager

203