; ---------------------------------------------------------------------------------------- ; Security Gateway Configuration ; ; The format of this file is a series of key/value pairs, separated by one or more spaces. ; The key part is a string, the value part can either be a string or a list. A list is ; simply a series of key/value pairs enclosed in braces. The values in a list can contain ; more lists for arbitrary nesting. A value may be enclosed in double-quotes (") if it ; contains spaces which should be considered part of the value. The expected type of a ; value depends on which key it is a part of and its context. ; ; Finally, comments can be added on any line by prepending it with a semicolon. ; ---------------------------------------------------------------------------------------- ; ---------------------------------------------------------------------------------------- ; Client Configuration ; ; This section specifies the maximum number of simultaneous clients that can be supported, ; as well as the number of past clients that are remembered to defend against replaying ; valid key-exchange initiator packets repeatedly. ; ---------------------------------------------------------------------------------------- EnableConnectionServices 1 ; Provide connection services to clients ;SgToXbScanFrequencyInSeconds 5 ;SgToXbTimeoutInSeconds 20 ;SgToXbKeyExTimeoutInSeconds 10 ;SgToXbPulseTimeoutInSeconds 5 ;XbToSgTimeoutInSeconds 20 ;XbToSgPulseTimeoutInSeconds 5 ;SpiFlow 1 ; Trace data packets flowing through the gateway ;SpiFlowDataLimit 16 ; Trace first few bytes of data packet payloads ; ---------------------------------------------------------------------------------------- ; Datacenter Configuration ; ---------------------------------------------------------------------------------------- PresenceServer { Ip 10.0.0.1 ; IP of the presence server Port 80 ; Port of the presence server } MonitoringServer { Ip 10.0.0.1 ; IP of monitoring server Port 4002 ; Port of monitoring server } MonitoringServer { Ip 10.0.0.3 ; IP of monitoring server Port 4002 ; Port of monitoring server } ; ---------------------------------------------------------------------------------------- ; Network Interfaces ; ; This section specifies the set of network interfaces the gateway is connected to. ; There must be at least one Internet and one Datacenter Network Interface defined. ; ---------------------------------------------------------------------------------------- NetworkInterface { Type Internet ; Interface is connected to the Internet Ip 10.0.0.2 ; Static IP address of this interface IpMask 255.0.0.0 ; Subnet mask of this interface IpGateway 10.0.0.1 ; Gateway of this interface VLan sg@Internet ; VLan this interface is connected to } NetworkInterface { Type Datacenter ; Interface is connected to the Datacenter Ip 10.1.0.1 ; Static IP address of this interface IpEnd 10.1.254.254 ; Static IP address of this interface IpMask 255.0.0.0 ; Subnet mask of this interface IpGateway 10.0.0.1 ; Gateway of this interface IpAdmin 10.0.0.100 ; Admin IP address of this interface VLan sg@Datacenter ; VLan this interface is connected to } ; ---------------------------------------------------------------------------------------- ; Services ; ; This section specifies the Id and Name of each service that any of the servers ; behind the gateway provide. There is a maximum of 32 services that can be specified. ; Note that only those services which are referenced by the Servers section need be ; listed here. ; ---------------------------------------------------------------------------------------- Service { Id 0 ; Id of the service Name Default ; Name of the service } ; ---------------------------------------------------------------------------------------- ; Servers ; ; Each server in the datacenter is assigned an Id that the client uses as the destination ; port to address UDP or TCP packets. This port is used to route the packet to the ; given server on the datacenter. Note that each server must have a unique Ip/Port pair. ; That is, it is illegal for two server records to point to the same Ip/Port. It is ; acceptable, however, to have two server records point to the same Ip on different Ports. ; ---------------------------------------------------------------------------------------- Server { Id 1 ; The Id of this server (dest port to client) Ip 10.0.0.4 ; Ip of server in datacenter Port 127 ; Port of server in datacenter Service Default ; Service this server provides } Server { Id 2 ; The Id of this server (dest port to client) Ip 10.0.0.5 ; Ip of server in datacenter Port 80 ; Port of server in datacenter Service Default ; Service this server provides } Server { Id 3 ; The id of this server (dest port to client) Ip 10.0.0.6 ; Ip of server in datacenter Port 123 ; Port of server in datacenter Service Default ; Service this server provides }