Forcepoint KB – ESG Clustering
This manual will follow through the step of configuring an ESG appliances cluster.
The first step is to install an additional ESG Appliance (assuming you already have 1 ESG in your environment):
- Go to your virtualization environment and register a new VM.
- Afterward, pick the ESG newest OVA currently 8.5.5 (download the OVA from the Forcepoint support portal under Downloads > Email security > Appliance > 8.5.5
- After the installation and first configuration (C + P1 Interface IP, Gateway, DNS, NTP, Time zone.)
Now we have 2 ESG Appliances, the next step is to configure the P2 (in the email management console they are called E2 interfaces but they are practically the same; in the CLI you'll need to address them as P2 interfaces) interface, which is responsible for the appliance’s inner communication in the cluster.
We go into the appliance CLI enter CONFIG MODE and type the following command:
For the primary, we configure 192.168.200.1/30
Set interface ipv4 –interface p2 –ip 192.168.200.1 –mask 255.255.255.252
For the secondary, we configure 192.168.200.2/30
Set interface ipv4 –interface p2 –ip 192.168.200.2 –mask 255.255.255.252
Both interface with a CIDR of /30 a network with 2 available IP addresses which is all we need for the “cluster network”
IT IS IMPORTANT TO MENTION THAT THE FOLLOWING ADDRESS IS JUST AN EXAMPLE YOU CAN CHOOSE ANY PRIVATE IP SEGMENT (10.0.0.0,192.168.0.0 etc…)
THE CIDR CAN ALSO VARY ON THE NUMBER OF MACHINES YOU WANT IN YOUR CLUSTER IF YOU WANT 4 ESG YOU NEED A /29 CIDR AND SO ON.
After the interface configuration, we need to connect the ESG to the management console.
We browse to the management console URL (https://<managemnt-FQDN/ip-address>:9443/)
We go into the Email module > Settings > General > Email Appliances.
In the above picture, we will go into add and manually add the new appliance.
In the above picture, we fill in the IP address of the C interface of the new ESG Appliance.
Afterwards, we will see the appliance is added successfully and we have 2 ESG’s in the Appliances list. (Like the below picture, without the cluster mode.)
We go into the Email module > Settings > General > Cluster Mode. And start configuring the cluster.
We fill in the cluster check box, and we get the following screen:
In the Cluster communication IP address, we fill the E2 (P2) we configured in the previous
Steps.
Afterwards, we press the Add button and add the second appliance.
We add the appliance (in the mentioned-above picture there isn’t a second appliance) in your environment you will see the second ESG you’ve configured you add it then press the arrow, and once again choose the P2 interface we configured.
You press OK and then the cluster is configured, and you’ll get this screen:
That’s it you’ve configured an ESG Appliances Cluster.
Enjoy & Good Luck!
Written by Dor Ben Ami
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article