I've done it both ways, the more secure method is > Firewall -> load balancing -> web servers
otherwise your load balancer is on the internet. using the Firewall-load balancer..you'd just create an object in the firewall rules which is the ip address of the virtual object defined in the load balancer (virtual ip which is load balanced to multiple webservers defined in the load balancer). I've used both Cisco Local Directors, and F5 Big IP and both worked well for load balancing. Wally Hughes --- "Figaro, Nicolas" <[EMAIL PROTECTED]> wrote: > Hi, > > I'd like to use a load balancing equipment (like > cisco css) in front of > web servers. > > The goal is to have the load balancing capability > and isolate the web > servers lan, > to avoid someone who takes control of one server to > spread a virus > inside my network. > > The config could be : > > Load balancing -> firewall -> web servers > > Firewall -> load balancing -> web servers > > I can't use the logical server functionnality of > checkpoint, because > most servers use https. > > Has anyone ever done this ?? > > What are the hints ?? > > Thanks > > Nicolas figaro > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= __________________________________ Do you Yahoo!? Get better spam protection with Yahoo! Mail. http://antispam.yahoo.com/tools ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
