Layer7 API Management

  • 1.  Need to test firewall connectivity

    Posted Nov 14, 2016 01:43 AM

    Greetings All,

     

    I have a scenario to test my firewall --> Need to create a policy which will receive a host-name or IP with a port number as parameter and with those parameters a connectivity test will be performed showing if remote server is accessible or not.

     

    Please suggest how to proceed.

     

    Thanks in advance.

     

    Regards

    Praty



  • 2.  Re: Need to test firewall connectivity

    Posted Nov 14, 2016 03:46 AM

    Hi Pratyush,

     

    You mention that you need a connectivity test to see if a remote server is available or not. What protocol would you like to use to see if the remote server is available? Ex: Ping, http, ftp....

     

    Regards

    Seenu Mathew



  • 3.  Re: Need to test firewall connectivity

    Posted Nov 14, 2016 11:22 PM

    Hello Seenu,

     

    We are planning to use Ping and HTTPS as of now.

     

    Thanks

    Praty



  • 4.  Re: Need to test firewall connectivity
    Best Answer

    Broadcom Employee
    Posted Nov 16, 2016 04:33 AM

    Hello Praty,

     

    So, you can publish a simple policy, probably with a name "Test Connection Service : /testConnection" which will have a Route via HTTPS assertion, and Compare assertion to compare the routing reason code. It might look like below:

    Hope that Helps!

     

    Thanks,

    Vaseem



  • 5.  Re: Need to test firewall connectivity

    Posted Nov 16, 2016 05:21 AM

    Thanks alot Vaseem



  • 6.  Re: Need to test firewall connectivity

    Broadcom Employee
    Posted Nov 14, 2016 09:11 AM

    Hi pratysin,

     

    If you need to test connectivity to the gateway over a specific port you can use CURL:

     

    curl -v telnet://hostname:port

    i.e:  curl -v telnet://ssg910.com:8081

     

    If it is successful you will received a 'connected' message, otherwise a connection refused.

     

     

    Regards,

    Joe



  • 7.  Re: Need to test firewall connectivity

    Broadcom Employee
    Posted Nov 14, 2016 05:15 PM

    Hi Praty,

    The target host-name/Ip need to be a http server/ftp server etc. Then you can use Route via HTTP/Route via FTP etc. to test the connection. 

     

    Regards,

    Mark