Mushroom Networks Documentation

Application Armor Quickstart Guide

App Armor implements various flow algorithms per traffic category. Appliances are shipped with built-in layer7 filters that map common traffic types to the various traffic categories right out of the box and therefore no user configuration is required.

Setting up an apparmor tunnel consists of the following steps: 

  1. Setting up the tunnel between client and server
  2. Setting up the client’s manual network route to direct the correct traffic through the tunnel
  3. Setting up the server’s manual network route
  4. Setting the server’s “flow-pinning” to False
  5. Setting the server’s “Alternative external IP addresses per interface”

NOTE: If you are subscribed to the BBS service provided by Mushroom Networks, then all of the Server-side configurations (steps 3-5) are performed by Mushroom Networks prior to delivery of your device.

Step 1: Setup the tunnel between client and server
(VLL tab -> click “Add” next to “VLL + VoIP Armor Instance”)

 

Step 2: Setup the Client’s manual network routes to direct CBR tunnel traffic into the tunnel
(Advanced tab -> click “Add” next to “Manual Network Routes”)

You can also used a source based advanced route, if you need to route the traffic according to the source subnet.

Step 3: Setup the Server’s manual network routes to direct required traffic into the tunnel
(Advanced tab -> click “Add” next to “Manual Network Routes”)

Step 4: Set the Server’s “Flow Pinning” to False
(Advanced tab -> click “Add” next to “Interface Options”)

Step 5: Set the Server’s “Alternative external IP addresses per interface”
(VLL tab -> click “Add” next to “Alternative external IP addresses per interface”)

Adding and removing Application Armor tunnel instances using mushcli commands:

  • add vll/instance VllInstanceClientTest5: username "apparmor" password "apparmor" targets "162.50.xx.yy"
  • add vll/instance VllInstanceServer: username "apparmor" password "apparmor" pool4 "2" pool6 "1"
    • Then it will ask to re-confirm the password.
  • remove vll/instance/1
  • Enter “help vll/instance” for more options

 

© 2004 – 2024 Mushroom Networks Inc. All rights reserved.

Let’s chat. Call us at +1 (858) 452-1031 or fill the form: