Hi, ok, actually with my cluser-ip customer cannot download the topology. With the gateway-ips it works. With my pda and a secure client, I can perform a site update and I can connect then trough the cluster-ip. All my securemote user needs to create a new site with one of the cluster-members-ip and a update of the siet failed. What do I wrong?
br christian 2005/6/11, Charalambos Klitiropoulos <[EMAIL PROTECTED]>: > Hello, > > the topology information is downloaded from the gateway. Normally SecuRemote > should connect to the cluster address (so that your users don't need to know > which one of your firewalls is active any given moment). If the cluster > address is virtual (.1 cluster address, .2 and .3 the address of the > firewalls) you need to configure your high availability solution so that the > active node accepts packets destined for the cluster address. > > On 6/11/05, Christian Franke <[EMAIL PROTECTED]> wrote: > > > > Hi, > > > > I am very familiar with both SecuRemote and SecurClient in a non HA > > environment. I need to understand how SecuRemote works in a HA > > environment. > > Here are some of the questions which would be great to have an answer to. > > > > 1. When setting up a site with SecuRemote which address do I use to > > download > > the topology (Management Station, Cluster Address, Firewall-1 Module > > Address)? How can I setup the adress to use for download the topology > > to the Cluster Adress - this doesnt work in my case, but I can > > download the topology with the first Cluster Member Adress? > > 2. When a key exchange takes place which address does the SecuRemote > > client talk to and where does the reply come from. > > 3. When using IKE encryption with SecuRemote the Topology can be > > downloaded from the firewall-1 module or the Management Station, is > > this still the case if operating in an HA environment? > > -- > > Christian Franke <[EMAIL PROTECTED]> > > -------------------------------------------------------- > > powered by Sun Java Linux Desktop > > -------------------------------------------------------- > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > -- Christian Franke <[EMAIL PROTECTED]> -------------------------------------------------------- powered by Sun Java Linux Desktop -------------------------------------------------------- ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
