Hi James , thanks for the info. On 8/1/05, James Lee Bell <[EMAIL PROTECTED]> wrote: > Yes, it can do this but don't do it or you'll be in the mess I'm in. > > Nokia IPSO allows you to have multiple IP's per interface directly. And > if using VRRP, IPSO is intelligent enough to assign the virtual IP's to > the correct physical interfaces. > > You can allow for this in FW-1 by making fake interfaces, or using what > would typically be vlan based interfaces to define. To illustrate, if > your physical interface has x.x.x.1 and y.y.y.1, your checkpoint object > would have interfaces eth1c0 (x.x.x.1) and eth1c1 (y.y.y.1) defined. > > HOWEVER, I repeat, DON'T DO IT. Follow the info on VLANs, which are > defined in cp the same way as above, or you will be sorry. > > In my case, I inherited a 3-tiered DMZ that was originally sized small > in a network subnetting sense, and then grew organically over the years. > Worst interface I've got is one that has 4 local IP's defined and 4 > associated VRRP virtual IP's too (on the primary). It works only because > VRRP on IPSO handles the HA. This structure cannot be approximated by > anything requiring Cluster XL to perform the HA, so I am stuck with > either continuing with Nokia at continuing with crappy situation, or > completely migrating a couple hundred systems to a brand new DMZ > environment that I can create in a more standard sense. > > J Jayavenkatesh wrote: > > Hi, > > Does nokia box allow to configure multiple subnets on a single > > interface?for eg. configure two > > separate address space into the dmz interface like x.x.x.x/28 and y.y.y.y/28 > > > > Thanks in advance. > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= >
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
