SPLAT does not support it regardless of the CP product you install on it, SPLAT has not been released since it's original version, R55 relates to VPN-1/Firewall-1. Christopher McGill CCSA, CCNA, MCP
________________________________ From: Mailing list for discussion of Firewall-1 on behalf of Christian Franke Sent: Mon 23/05/2005 20:57 To: [email protected] Subject: Re: [FW-1] Dual Network Cards and Redundancy Thanks, any hope in r55 with splat?? 2005/5/23, Chris McGill <[EMAIL PROTECTED]>: > Solution ID: sk22345 > Creation Date: 09/08/2003 > Revised Date: 04/28/2005 > Preferred Product: SecurePlatform > > No. EtherChannel technology is not supported in SecurePlatform NG with > Application Intelligence build R54. > > > Christopher McGill > CCSA, CCNA, MCP > > ________________________________ > > From: Mailing list for discussion of Firewall-1 on behalf of Jameel Akari > Sent: Mon 23/05/2005 19:42 > To: [email protected] > Subject: Re: [FW-1] Dual Network Cards and Redundancy > > On Mon, 23 May 2005, Chris McGill wrote: > > > Two Network cards on the same segment can't share the same IP address as > > this causes problems with the switching tables. Can you provide more > > Not if you just plug them in, no. But there are methods for link > aggragation such as Etherchannel (in Cisco parlance) > > > I've been setting up two systems with secur platform-ha (R55W) which > > has both two network quad-cards installed. Is it possible to configure > > both network cards with the same IP addresses to provide two points of > > access from the network? The idea is that if one connection fails to > > I'm not sure offhand if SPLAT has it built in, or if the FW modules > support it, but you want something like the Linux Ethernet Bonding driver. > The end effect looks like this in ifconfig: > > bond0 Link encap:Ethernet HWaddr 00:90:27:6F:3D:45 > inet addr:10.1.1.19 Bcast:10.1.1.255 Mask:255.255.255.0 > > eth0 Link encap:Ethernet HWaddr 00:90:27:6F:3D:45 > inet addr:10.1.1.19 Bcast:10.1.1.255 Mask:255.255.255.0 > > eth1 Link encap:Ethernet HWaddr 00:90:27:6F:3D:45 > inet addr:10.1.1.19 Bcast:10.1.1.255 Mask:255.255.255.0 > > The actual active interface used to route traffic is "bond0', which is > made of two seperate 100Mb NICs. In this case they go to ports on a > Nortel switch in "trunked mode" - aka etherchannel on a Cisco. Note that > the MACs and IPs are identical. It is up to your switch to sort it out. > > On some switches you can have each physical link go to a different port; > this obviously requires some trunking between switches; I believe a > variation of STP is used to steer traffic by MAC address but I don't > remember the specifics. > > > the first quad-card, the network access to the the system starts > > automatically networking on the second quad-card. > > You can do one better and have it load-balance or load share as well. In > the example above, a dead link will cause all traffic to switch to the > active link in ~100 msec. > > As I said, this is dependent on what SPLAT and the FW1 modules have > built-in support for, but in the general case Linux can do this. Somebody > with an up-to-date SPLAT install can verify. > > (Windows can do this as well; HP/Compaq calls it "teaming" for example.) > > -- > #!/jameel/akari > sleep 4800; > make clean && make breakfast > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > This e-mail and any attachment is for authorised use by the intended > recipient(s) only. It may contain proprietary material, confidential > information and/or be subject to legal privilege. It should not be copied, > disclosed to, retained or used by, any other party. If you are not an > intended recipient then please promptly delete this e-mail and any attachment > and all copies and inform the sender. Thank you. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > -- Christian Franke <[EMAIL PROTECTED]> -------------------------------------------------------- powered by Sun Java Linux Desktop -------------------------------------------------------- ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
