Hi, If your running Checkpoint on Linux or SecurePlatform you can do source routing like this.
echo 200 LanA >> /etc/iproute2/rt_tables ip rule add from IPLANA table LanA ip route add default via WANAGATEWAYA dev eth0 table LanA ip route flush cache echo 201 LanB >> /etc/iproute2/rt_tables ip rule add from IPLANB table LanB ip route add default via WANAGATEWAYB dev eth0 table LanB ip route flush cache You'll have to make sure though that your interfaces are change from eth0 to the respective interface of the gateway your sending the packets to. Also write Nat rules to change to the IP of each Gateway so the information flows back to the same interface it left. Regards, Jonathan du Preez. -----Original Message----- From: Peter Goodridge [mailto:[EMAIL PROTECTED] Sent: Monday, December 15, 2003 6:56 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Source Policy Routing Cool! Didn't know that. I still like the external router for this. THX, Pete Goodridge --- Chris Hoff <[EMAIL PROTECTED]> wrote: > I wanted to clarify the licensing issue and the node > counting. In NG, > limited licenses can be defined with multiple > external interfaces within > the object definition, and it will actually treat > each as an external > interface. I have done this at a couple different > client sites with no > problem. > > See Secure Knowledge article skI2989 for further > clarification > > Chris > > -----Original Message----- > From: Peter Goodridge [mailto:[EMAIL PROTECTED] > Sent: Monday, December 15, 2003 10:20 AM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Source Policy Routing > > Hi Yohann, > > First off, you're better off connecting both ISP's > to > a router outside your fw and have it do the routing. > Unless you have a unlimited license, the FW will > think > all the ip addresses from on of the ISP's is one of > your internal networks, and you'll soon run out of > licenses. Second, I'm not sure you can do the type > of routing you want on Secure platform without a > router. > > Once you have the router you can hide NAT each of > your > LANs behind different public IP addresses, and tell > the router to treat them differently. > > HTH, > Pete Goodridge > > --- Yohann Eyer <[EMAIL PROTECTED]> wrote: > > Hi, > > > > I have 2 Internet Connections provided by 2 ISP. > > My Firewall have 4 NIC (2 lan & 2 wan). > > I want to configure a policy routing : > > Packets from Lan-A pass through Wan-A and > > packets from Lan-B > > pass through Wan-B. > > I am running CheckPoint NG AI R54 on Secure > > Platform. > > > > Somebody would have an example ? Or a piece of > > advice... > > Thanks > > --yohann > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to > [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > __________________________________ > Do you Yahoo!? > New Yahoo! Photos - easier uploading and sharing. > http://photos.yahoo.com/ > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= __________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
