Just wanted to share with you briefly a setup of simple peering of 2 steelheads in your lab or office using physical in-path deployment .
You will need :
1- Two machines with vmware workstations
2- Evaluation license of 2 steelheads .
3- Two windows VMs and two steelhead VMS to be installed on each workstation .
4- Client/Server FTP software to be installed on both windows VMs for traffic production .
5- Last but not least , an external router which could be a wireless home dsl router capable of using a secondary ip address on its Lan interface .
After doing the installation and licensing , here is how to configure the network cards :
You will get 4 network adapters on your steelhead VM .Make sure to match the MAC addresses from steelhead console using show interfaces command to that listed in the VM settings :
1- AUX network adapter .You can shut it down from the steelhead console as it will not be used . Here it is Network Adapter 2
2- Primary network adapter : Configure it to use a separate "host-only" VMnet together with your PC .Create a VMware Network Adapter for this VMnet .You will use this adapter as the GW for your primary interface . Here I am using VMnet7 with network 192.168.3.0
3- Lan network Adapter : This should be in the same VMnet with that of the windows network adapter .
Assign the router interface network to this VMnet using the "Virtual network Editor" .Here the router interface is 10.10.8.1/24 so I am using 10.10.8.0 for this network. Here I am using VMnet13 . No need to connect a host virtual adapter to this network .
The Windows VM network card will be 10.10.8.5/24 with GW 10.10.8.1 which is the router interface .
The in-path interface can take 10.10.8.2/24 for example with GW 10.10.8.1 which is the router interface as well .
4- The Wan network adapter : This should be bridged to the wireless newtork card or connected to VMnet0 which is by default bridged
to the wireless network card and hence will provide the steelhead VM access to the wireless network .
Final step is to make this similar setup on the other side steelhead VM on the other side of the wan with the secondary wan router interface .
How to Test :
1-Use ping -I source_ip destination_ip to do ping tests using your in-path ip address (pings use the primary interfaceby default)
2- Make sure you can see the windows VM MAC address as well as the router MAC address in the steelHead ARP table .
3- You should be able to ping all hops from windows VMs .
If all successful , you should be able to initiate peering between the 2 steelheads using the FTP software .
Hope this setp will be helpful