I too have got away with adding multiple IP's to the internal interface in certain circumstances but external is a different story. If you add a secondary IP externally then the FW may start using that IP as the source causing a wide array of problems. The official way to add IP's to an interface is through vlan tagging.
-GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Neil Kemp Sent: Friday, December 16, 2005 10:22 AM To: [email protected] Subject: Re: [FW-1] Two IPs on an interface. You can add secondary IP addresses and it will work. You have to take into account routing, licencing of Checkpoint sometimes, etc etc. I have had it working internally before. Cheers. On 16/12/05, Alex Simbun <[EMAIL PROTECTED]> wrote: > > Hi, > Just wonder, is it possible to have two different IPs on > firewall's interface? I have a firewall cluster which has two quad-card > on both machine assigned to each (separate) network. The first ports (on > both quad-card) are connected to external network with public IPs. > Currently, our network undergoing some major changes including IPs > arrangements. I wanted to set another new IPs on the existing ports > (along-side with the existing IPs). I believed this will not work but > for the sake of curiosity, I want to know if there's a possibility. > Thanks for answering my 'strange' question. > > Regards, > Alex Simbun > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
