Closed Bug 1247444 Opened 10 years ago Closed 10 years ago

need flows for wap101.scl3.mozilla.net

Categories

(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task)

Product:
Infrastructure & Operations Graveyard
Component:
NetOps: DC ACL Request
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: van, Assigned: van)

Details

hostname: wap101.ops.scl3.mozilla.net IP: 10.22.9.84 ports: 5000 and 5247 to hostname: wifi1.ops.[mtv2,sfo1].mozilla.net
Assignee: network-operations → vle
IP/UDP (17) 5000 WLC-WLA communication. This applies to WLC communication with Distributed WLAs and with directly connected WLAs. IP/UDP (17) 5247 WLC-WLA communication. This applies to WLC communication with Distributed WLAs and with directly connected WLAs. This includes CAPWAP data. vle@fw1.ops.scl3.mozilla.net# show | compare [edit security policies from-zone dc to-zone ops] policy fw1--ssh { ... } + policy wap--controllers { + match { + source-address NA-wifi-controllers--set; + destination-address wap101.ops.scl3; + application [ tapa capwap ]; + } + then { + permit; + } + } [edit security zones security-zone dc address-book] address try_releng_usw2 { ... } + address wifi1.ops.sfo1 10.251.0.30/32; + address wifi1.ops.mtv2 10.252.0.30/32; [edit security zones security-zone dc address-book] address-set admin-pek1--set { ... } + address-set NA-wifi-controllers--set { + address wifi1.ops.mtv2; + address wifi1.ops.sfo1; + } [edit security zones security-zone ops address-book] address zlb6.ops.scl3 { ... } + address wap101.ops.scl3 10.22.9.84/32; [edit applications] application openvpn-udpbackup { ... } + application tapa { + protocol udp; + destination-port 5000; + } + application capwap { + protocol udp; + destination-port 5247; + }
added flows and applications.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.