You might try adding the public IP to the topology of the firewall object (both objects and the clusters object in the case of a cluster). I had to do that once when nating through a pix into the Check Point firewall.
Hth, Robbie -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Mauricio Oliveira Sent: Wednesday, April 26, 2006 4:09 AM To: [email protected] Subject: Re: [FW-1] NGX, SecuRemote and Load Balancer Hi, Under VPN Advanced for the fw object, is Dynamic Interface configuration greyed out? Cheers, Mauricio. -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Hervé SCHLECHT Sent: 26 April 2006 10:43 To: [email protected] Subject: [FW-1] NGX, SecuRemote and Load Balancer Hi, I work on a new configuration with a NGX Firewall, a F5 Link Controler Load Balancer and two external ISP. The NGX external interface have a private IP that is natted on Internet by the Lik Controler. Through the NAT function of the Link Controler the Firewall is available through two public external address. SecureClient ------- ISP1 (Public IP) ------- F5 Link Controler ---------(Private IP) ----------Firewall --------- Protected Server My problem is when I use SecuRemote to mount a VPN to the NGX Firewall. When I create the site, I found the real IP address of the Firewall in the userc.C file. Somebody know if a solution exist to solve this behavior so that when we create the site we receive the public IP address. Second question, if I have two ISP, in this case My Firewall are avalaible through two external IP address. In the SecuRemote / SecureClient, can I declare two connections points, if the first doesn't respond we connect to the Firewall through the second ISP. I have found a solution in changing the IP address directly in the userc.C file, but in this case, we can't use the auto update function. Thanks for your help Hervé SCHLECHT ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= _____________________________________________________________________ This message has been checked for all known viruses by Computers in the City powered by SkyScan Virus Control Centre. For further information visit http://www.citc.it or e-mail [EMAIL PROTECTED] ************************************************************************ The firm is regulated by the Law Society. A list of partners is available for inspection at Olswang, 90 High Holborn, London WC1V 6XX. This email and any attachments are intended only for the use of the individual or entity to which it is directed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this email and you are not the intended recipient or the employee or agent responsible for delivering this email to the intended recipient, please inform the Olswang IT Service Desk on +44 20 7067 5000 and then delete the email from your system. If you are not a named addressee you must not use, disclose, disseminate, distribute, copy, print or reply to this email. Although Olswang routinely screens for viruses, addressees should scan this email and any attachments for viruses. Olswang makes no representation or warranty as to the absence of viruses in this email or any attachments. Please note that to ensure regulatory compliance and for the protection of our clients and business, we may monitor and read emails sent to and fro! m our server(s). ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
