Configuring Acme Packet 3900/4600/6300/6350 FIPS HA
FIPS dictates that critical traffic must be encrypted, not currently supported on this platform. Therefore, on each of the Acme Packet supported platforms in the HA pair, there is a dedicated "Control" port used only to send HA sync traffic between the SBCs. This port is labeled "MGMT1".
Plug the "Control" port of one SBC directly into the "Control" port of the second SBC using a single point-to-point cable, with no hubs, switches, or routers between them. See the following diagram:
The following is an example setup console log for a FIPS
Acme Packet platform primary
E-SBC.
FIPS_VM_Primary# run setup
-----------------------------------------------------------
Thank you for purchasing the Acme Packet SBC. The following
short wizard will guide you through the initial set-up.
A reboot will be required to save changes.
-----------------------------------------------------------
'-' = Previous; '?' = Help; '.' = Clear; 'q' = Exit
GUI ACCESS
If you want to allow GUI to access this SBC, enable this setting
Enable Web GUI (yes/no) [yes] : yes
WEB GUI MODE
Choose which mode to enable for the web GUI
Web GUI Mode
1 - basic
2 - expert
Enter choice [1 - basic] : 2
HIGH AVAILABILITY
This SBC may be a standalone or part of a highly available redundant pair.
SBC mode
1 - standalone
2 - high availability
Enter choice [1 - standalone] : 2
If this SBC is the primary, enter the configuration.
If it is secondary, you can import settings from the primary
SBC role
1 - primary
2 - secondary
Enter choice [1 - primary] : 1
Specify the IP address to set on interface connected for redundancy
Redundancy interface address [169.254.1.1] :
Redundancy subnet mask [255.255.255.252] :
SBC SETTINGS
Unique target name of this SBC [FIPS_VM_Primary] :
IP address on management interface [10.196.33.48] :
Subnet mask [255.255.224.0] :
Management interface VLAN (0 - 4095) [0] :
Gateway IP address [10.196.32.1] :
PEER CONFIGURATION
Peer IP address [169.254.1.2] :
Peer target name [sbc02] : FIPS_VM_Secondary
OC SDM ACCESS SETTINGS
Configure SBC to allow OC Session Delivery Manager to access it
OC SDM access (yes/no) [yes] : no
-- Summary view ---------------------------------------------------------------
GUI ACCESS
1: Enable Web GUI (yes/no) : yes
WEB GUI MODE
2 : Web GUI Mode : expert
HIGH AVAILABILITY
3 : SBC mode : high availability
4 : SBC role : primary
5 : Redundancy interface address : 169.254.1.1
6 : Redundancy subnet mask : 255.255.255.252
7 : Redundancy interface VLAN : N/A
SBC SETTINGS
8 : Unique target name of this SBC : FIPS_VM_Primary
9 : IP address on management interface : 10.196.33.48
10: Subnet mask : 255.255.224.0
11: Management interface VLAN : 0
12: Gateway IP address : 10.196.32.1
AUTOMATIC CONFIGURATION
13: Acquire config from the Primary (yes/no) : N/A
PEER CONFIGURATION
14: Peer IP address : 169.254.1.2
15: Peer target name : FIPS_VM_Secondary
OC SDM ACCESS SETTINGS
16: OC SDM access (yes/no) : no
17: SNMP community string : N/A
18: OC SDM IP address : N/A
Enter 1 - 18 to modify, 'd' to display summary, 's' to save, 'q' to exit. [s]:
FIPS_VM_Secondary# run setup
-----------------------------------------------------------
Thank you for purchasing the Acme Packet SBC. The following
short wizard will guide you through the initial set-up.
A reboot will be required to save changes.
-----------------------------------------------------------
'-' = Previous; '?' = Help; '.' = Clear; 'q' = Exit
GUI ACCESS
If you want to allow GUI to access this SBC, enable this setting
Enable Web GUI (yes/no) [yes] : yes
WEB GUI MODE
Choose which mode to enable for the web GUI
Web GUI Mode
1 - basic
2 - expert
Enter choice [1 - basic] : 2
HIGH AVAILABILITY
This SBC may be a standalone or part of a highly available redundant pair.
SBC mode
1 - standalone
2 - high availability
Enter choice [1 - standalone] : 2
If this SBC is the primary, enter the configuration.
If it is secondary, you can import settings from the primary
SBC role
1 - primary
2 - secondary
Enter choice [1 - primary] : 2
Specify the IP address to set on interface connected for redundancy
Redundancy interface address [169.254.1.2] :
Redundancy subnet mask [255.255.255.252] :
SBC SETTINGS
Unique target name of this SBC [FIPS_VM_Secondary] :
IP address on management interface [10.196.33.40] :
Subnet mask [255.255.224.0] :
Management interface VLAN (0 - 4095) [0] :
Gateway IP address [10.196.32.1] :
AUTOMATIC CONFIGURATION
Acquire config from the Primary (yes/no) [yes] : yes
PEER CONFIGURATION
Peer IP address [169.254.1.1] :
-- Summary view ---------------------------------------------------------------
GUI ACCESS
1: Enable Web GUI (yes/no) : yes
WEB GUI MODE
2 : Web GUI Mode : expert
HIGH AVAILABILITY
3 : SBC mode : high availability
4 : SBC role : secondary
5 : Redundancy interface address : 169.254.1.2
6 : Redundancy subnet mask : 255.255.255.252
7 : Redundancy interface VLAN : N/A
SBC SETTINGS
8 : Unique target name of this SBC : FIPS_VM_Secondary
9 : IP address on management interface : 10.196.33.40
10: Subnet mask : 255.255.224.0
11: Management interface VLAN : 0
12: Gateway IP address : 10.196.32.1
AUTOMATIC CONFIGURATION
13: Acquire config from the Primary (yes/no) : yes
PEER CONFIGURATION
14: Peer IP address : 169.254.1.1
15: Peer target name : N/A
OC SDM ACCESS SETTINGS
16: OC SDM access (yes/no) : N/A
17: SNMP community string : N/A
18: OC SDM IP address : N/A
Enter 1 - 18 to modify, 'd' to display summary, 's' to save, 'q' to exit. [s]:
For more information on configuring HA on the Acme Packet supported platforms, see the appropriate Acme packet Hardware Installation and Maintenance Guide and the Enterprise Session Border Controller ACLI Configuration Guide.