Hello, For the last couple of weeks, I've had a problem(s) surface that had never come up before. I'm running a cluster configuration of 2 Nokia IP440's with Checkpoint NG AI R55. The usual route downstream is from the IDC's router, thought the primary firewall, down to a F5 load balance appliance. As you all know, the load balancer will then make the decision as to which of the 2 web servers (Windows 2003 Standard Servers, mutli-homed NICs) to send traffic. What we started see happening was, the traffic destined for the external interface on the firewall, was instead routing through the internal interface. Firewall was saying, "no way, address spoof", and then dropping the outbound packets. This started happening out of nowhere. Checked every route on every device under the sun. Started to add new one's in hoping I could catch a break. You guys have to understand, no other sites/services were having this problem. Only these 2003 servers, which had been routing correctly for a bit of time. So as a test, I bypassed the whole DMZ route. Come in through the firewalls, go through an internal router, and then to only one of the 2003 servers. Made the necessary static route change within the firewall. Worked for a few days, then start seeing Connection contains real IP of Nated address. So, changed over to the other server. Same thing. Traffic is fine for a while, and then Connection contains IP of NATed address. I know I'm missing something. Any help you guys/girls could provide would be great. Thanks Lenny
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
