Two agents network topology avoid business disruptions

Enterprise 2020-03-13 21:09:05 views: null

Two agents network topology avoid business disruptions

When the main branch network line failure, you can set up a temporary wireless network through the 4G network card, access to the SAP system through a proxy server to ensure services are not interrupted. After testing 4G phone card through the following network topologies can be implemented 20+ terminals simultaneously access SAP business operations.

clip_image002

(Two Proxy) Proxy Host Configuration

system version:

Win10

Network address configuration:

IP1 used to link external network

IP1: 192.168.8.2

Mask: 255.255.255.0

Gw: 192.168.8.1

Dns:192.168.8.1

IP2 for the network proxy

IP2:192.168.20.1

Mask: 255.255.255.0

Computer access for only the local network segment, gateway is not configured

CCProxy server settings

clip_image003

clip_image004

Service area

Account settings within the network to allow the use of all

clip_image006

Let proxy host only allowed to link SAP server

1, through a proxy server, extra security.

2, within penetrate the network.

3, save traffic, after all, limited 4G traffic.

Proxifier settings

Add the proxy server

End needs to configure the proxy server (CCProxy may be used)

Support account password verification IP + mode.

clip_image008

clip_image010

Rules Configuration

Add sap flow through a proxy server access

The default rule is set to reject. Traffic that does not match all refused to save traffic. Only allows the office.

clip_image012

clip_image013

clip_image015

Network client settings Proxifer:

Requirements and CCproxy in the same network segment

Server Address: 192.168.20.1 server port: 1080 using anonymous link

clip_image017

Client-side rules setting:

For only the flow of 192.168.2.100

Default deny all traffic

clip_image019

(Agent) CCProxy proxy server configuration

Set Scocks5 service port 1080

We need to do port mapping in the corporate router entrance

Achieve penetration within the network through a public IP or domain name

clip_image020

Use account and password verification

clip_image022

socks5

SOCKS5 proxy is a protocol that use TCP / IP protocol to play an intermediary role between the front end of the machine and the server machine communications, making the internal network front end of the machine becomes able to access the Internet network server, or to make communication more secure. SOCKS5 server to forward to the real target server requests sent to the front to simulate the behavior of a front end. Here, between the front and SOCKS5 also carried out via TCP / IP communication protocol, the tip will be sent to the original request to the real server to server SOCKS5 and SOCKS5 server forwards the request to the real server.

Socks5 proxy almost most of the services, so easy to internal network security threat, we can combine wf.msc

Limited access range.

Limited range of firewall access

For example, to disable port 3389 Remote Desktop Services

We can add the station refused to rule

clip_image023

The same address range may be combined to add more rules to define access range.

Guess you like

Origin blog.51cto.com/xzty1/2477974
Recommended
Ranking
How to make the url of the picture have the download attribute and force the download. Jump browser to download automatically.
Lr CC 8.3 Installation Guide
MD5Utils (MD5 encryption tools! Unsalted)
Econ 325 (004)
Photo studio photography appointment app based on java SpringBoot and Vue uniapp
What is b
2017 Second Guangdong strong network Cup online game --Nonstandard
myeclipse8.5 add tomact7
mpeg1, mpeg2 and mpeg4 standard comparative analysis and summary
Tencent sub-sub-group 6-color program
Daily
More
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)
2024-04-16(23)

Code World

© 2018 codetd.com