CloudBridge Plug-ins

This page controls how the Appliance interacts with CloudBridge Plug-in. This page controls how the Appliance interacts with CloudBridge Plug-in. CloudBridge Plug-in support is a licensed option; so this page is greyed out if no Plug-ins are supported by your license.

Signaling Channel Configuration Tab

Figure 1. Signaling Channel Configuration Tab

This tab controls the basic operation of the Appliance when dealing with Plug-ins.

Signaling IP--This is an IP address that is used for the signaling connection between the Plug-in and the Appliance, which transfers status information, and for data connections when using redirector mode.
Signaling Port--This is the port used by the signaling connection. Defaults to port 443 (HTTPS), which is generally the best choice, since it is rarely blocked by firewalls.
Signaling Channel Source Filtering--This feature allows Plug-in clients to be accepted or rejected based on their source IP. This in turn allows Plug-in acceleration to be disabled when it is not appropriate (such as when the client is at the same site as the appliance). If this feature is enabled, a list of rules appears. The appliance compares the source IP of every signaling connection with the list of rules. If the IP matches an "allowed" range, the signaling connection is accepted. If it does not, it is rejected, and the client receives no Plug-in acceleration (and does not consume a Plug-in license.)
Connection Mode--Choices are transparent mode (where connections are intercepted and accelerated by the Appliance transparently, as with Appliance-to-Appliance communication) and redirector mode (where the Plug-in sends accelerated connections to the Appliance explicitly, using the Appliance as a proxy and the signaling IP as the proxy address. Transparent mode is recommended because redirector mode has several liabilities that make it a mode of last resort.
LAN Detection--This feature prevents acceleration when the Plug-in and Appliance are on the same LAN. Such “local acceleration” is undesirable because the Appliance’s bandwidth limit will be applied to local connections, which will greatly reduce the speed of LAN-to-LAN traffic. To use this feature, enable it and set the "Round Trip Time" to a value smaller than your shortest accelerated WAN RTT, but larger than your largest LAN RTT.
Refresh/Cancel/Apply--Depending on context, some subset of these buttons will appear.

Note: Changes to the Status fiels are not updated in real time. Click Refresh to see the actual status.

Acceleration Rules Tab

This tab defines which Plug-in connections will be accelerated. The rules are based on the destination address of the connection’s SYN packet (that is, the IP address of the server). Rules can either include or exclude addresses or port ranges. The first matching entry determines whether Plug-in acceleration is allowed or disallowed.

Note: If the rules on this page specify that acceleration is allowed, acceleration will be enabled even if it is forbidden on the service-class policies page.

Best Practices With Acceleration Rules

Use Accelerate rules for all subnets that are local to the Appliance. Generally this means the LAN subnets at the site where the appliance is installed.
If there are any destination addresses in this space that are not really LAN addresses, add Exclude rules for these addresses and move the Exclude rules above the Accelerate rules. This would include any remote sites with addresses that seem local.
If the appliance is in line with a VPN (and is not in line with anything else), and is operating in transparent mode, you can set the Appliance to accelerate your entire enterprise rather than just the local site. In this case, the only accelerated connections will be from Plug-in VPN connections and accelerating all the traffic between the Plug-in and VPN is optimal.

General Configuration Tab

This tab enables various housekeeping and diagnostic features related to the CloudBridge Plug-in. The operation of most features is TBD.

Figure 2. General Client Configuration