Brocade Vyatta vRouter configuration guide
The Brocade Vyatta vRouter is a network appliance that you can spin up in the Rackspace public cloud. It acts as a firewall, VPN gateway, router, and NAT device.
You read more about the Brocade Vyatta vRouter at the Rackspace virtual cloud servers.
The following articles provide detailed configurations for the Brocade Vyatta vrouter:
Configuring a policy-based IPsec site-to-site VPN on a Vyatta vRouter
Configure a Site-to-site VPN using the Vyatta Network Appliance
Creating NAT rules for Vyatta vRouter
Vyatta vRouter: Allow an IP address to access the vRouter via SSH
Vyatta vRouter: Adding a local administrative user
Vyatta vRouter: Configure an interface firewall
The following table shows the list of Rackspace supported features on the Brocade Vyatta vRouter
Feature | Support Status on Vyatta vRouter | |
---|---|---|
Routing | Static routing | Supported |
Static routing with IP SLA tracking | Not supported | |
Dynamic routing protocols OSPF, EIGRP | Not supported | |
Dynamic routing protocols - all other | Not supported | |
IPv6 | Static routing | Not supported |
Static routing with IP SLA tracking | Not supported | |
Dynamic routing protocols | Not supported | |
NAT | Static (one-to-one) | Supported |
PAT (NAT overloading) | Supported | |
Policy NAT/PAT | Supported | |
DNS Doctoring | N/A | |
Connection limits via static NAT | N/A | |
Packet filtering | Layer 3/4 filtering ingress/egress | Supported |
FQDN based filtering | N/A | |
VPN | IPsec - IKEv2 | Not supported |
IPsec LAN-to-LAN Layer 3/4 filtering | Not supported | |
IPsec LAN-to-LAN Pre-shared keys authentication | Supported | |
IPsec LAN-to-LAN Hub and spoke configuration | Supported | |
IPsec LAN-to-LAN Cert-based authentication | Not supported | |
IPsec DMVPN | N/A | |
IPsec remote access with Cisco Client | N/A | |
IPsec remote access with Apple OS X native IPsec client | N/A | |
IPsec remote access with Shrew Soft client | N/A | |
IPsec remote access with group authentication | N/A | |
IPsec remote access with group and user authentication | N/A | |
IPsec remote access with two-factor authentication | N/A | |
IPsec remote access - Multiple VPN groups | N/A | |
IPsec remote access with layer 3/4 filtering | N/A | |
IPsec remote access - Split-tunneling | N/A | |
IPsec remote access - all traffic through VPN (tunnel all) | N/A | |
IPsec remote access - DNS server assignment | N/A | |
IPsec remote access - Client certificate-based authentication | N/A | |
IPsec remote access on Windows 8 | N/A | |
SSL VPN - AnyConnect | N/A (Supported via Open VPN SSL client) | |
SSL VPN - Certificate authentication | Not supported | |
SSL VPN - Two-factor authentication | Not supported | |
SSL VPN - Clientless SSL VPN | Not supported | |
SSL VPN - Secure desktop | N/A | |
SSL VPN - Mobile client | N/A | |
Management | Buffered Logging | Supported |
Log shipping to log correlation device within customer's account | Supported | |
Custom logging, logging lists | Not supported | |
Log retention by Rackspace | Not supported | |
Log analysis, outside of troubleshooting an issue | Not supported | |
Direct customer access if firewall is on TACACS | N/A | |
SNMP read-only for customer | Supported | |
High Availability (HA) | Active/Standby (stateful and non-stateful) | N/A |
Active/Active (stateful and non-stateful) | N/A | |
Clustering of more than two units | N/A | |
Modes and modules | Mode - Multi-Context Routed | N/A |
Mode - Routed | Supported | |
Mode - Transparent | N/A | |
Modules/Configs - Threat-detection | N/A | |
Modules/Configs - IPS Module | N/A | |
Modules/Configs - Cisco Unified Communications Proxy | N/A | |
RackConnect | RackConnect VLANs termination | N/A |
Updated 5 months ago