Lino, You can define 2 vlans under the physical interface eth0c0 on both boxes and the put the vrrp addresses on top. Of course you'd then need a vlan capable switch in front of your Nokias and configure it appropriate. I have such a setup here with IPSO 3.9 up and running. I discovered the same problems with subinterfaces in earlier versions and did a lot of testing / debugging without any solution do I decided to use vlans...
--- Lino Eduardo Avila RodrÃguez <[EMAIL PROTECTED]> schrieb: > Help Help!! > > I've configured the IP Clustering but I have one issue. The external > interface has a subinterface. > > The configuration of the interface eth0c0 is: > 148.x.x.252 > 200.x.x.252 > > On the other nokia interface eth0c0 is: > > 148.x.x.253 > 200.x.x.253 > > In the cluster configuration when I try to set up a cluster for the > 200.x.x.254 > > I got an error that the interface eth0c0 already has a cluster interface > configured. > > I read in nokia that multi addressed interfaces are not supported in the 3.6 > release. Would it be supported in IPSO 3.9? > > Any thoughts?? > > > Lino E. Avila > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf Of Richard > Turner > Sent: Miércoles, 30 de Noviembre de 2005 10:40 a.m. > To: [email protected] > Subject: [FW-1] SIP through Firewall > > Hi, > > Wondered if anyone out there can help me with SIP? > > Using R55 on windows. > > I have a SIP server (asterisk) internally. I wanted to > have staff at home using their SecureClients in Office > mode able to connect to the asterisk server to make > calls etc. When ever the software clients connect to > the server to register I get SIP errors on the > firewall > > I've tried a number of combinations - with and without > Office mode, with and with out encryption and I get > errors like : > sip reason: Illegal redirection > xxx.xx.13.41->192.168.1.2 > > or > sip reason: Attack Info - Malformed SIP datagram, > OPTION message is out of state > or > > message_info: Connection contains real IP of NATed > address > > > I have tried an number of rules but mainly along the > line of > > Any VoipDomain SIP_any client_encrypt > > where VoipDomain contains my internal network and the > asterisk server. > > Should I abandon this and go for unencrypted traffic? > If I give the asterisk server a static nat address, it > it enough to use the VOIPDomain object as the > destination object? > > Any help would be appreciated > > Richard > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ___________________________________________________________ Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
