12-22-2016 09:36 PM
Firstly, I really appreciate about your sincere reply on my previous question.
I want to configure a isolated heartbeat Network that are different from main traffic subnet to attain HA between two vTMS.
I plan to add new NIC card on each vTM.
So, they'll communicate to the other by using private IP address. And, I want to limit their heartbeat flow solely heartbeat N/W.
I know that it can be succeed through enabling flipper!use_bindip option and change management IP to new N/W.
but, the problem is that I can't connect to admin web-page if I choose the solution as I mentioned above
because I usually connect admin web-page through remote connection.
In summary, my question is that I want to know if it is possible to configure isolated heartbeat N/W without changing management IP address.
01-17-2017 09:17 AM
I checked into this for you and received the following response:
Management IP Address and Admin Server Port
The traffic manager can be configured to only allow management on one specific IP address. This restricts all admin server access, SOAP management, REST API access and other control information to this IP. This setup is useful if you want to completely separate your public and private networks. It is currently only possible to restrict access to a single IPv4 address, but it does not need to be the same as the IP address your traffic manager name resolves to. If None is selected, access will not be restricted and any of the raised IP addresses can be used to manage the traffic manager.
So the System > Security > Management IP Address and Admin Server Port > bindip configuration key is as close as you can get. But it does not satisfy the objective you described in bold font.
Perhaps the best option would be to have a word with your Sales Engineer (SE) to see if your design objective can be met in some other way. If your SE is unable to assist, it's possible an RFE can be raised to get this request considered for future release.
We hope this helps - please let us know if we may further assist via the Community.
Brocade Community Team