I have a couple of issues with ISP Load Balancing on NGX. We have a VPN with an externally managed gateway and this suffers a partial failure when we enable the load balancing, they can connect to us be we cannot connect to them. I have identified that this is down to the automatic NAT rules that are required for the ISP LB. We have a NAT rule that allows all the internal networks to travel over the VPN without being NAT's (original-original-original) and all other traffic towards the internet be NAT'd behind the Gateway Address. When we apply an Auto NAT on the Network Object as per Checkpoints instructions for ISP LB this places 2 rules at the top of the NAT Rulebase one of which supersede the rule described above, therefore the traffic across the VPN is NAT'd behind the gateway address to. This causes the VPN to fail. If anyone has had a similar experience with this or has any ideas I'd appreciate the assistance. Thanks Mark
This e-mail is confidential and may well also be legally privileged. If you have received it in error, you are on notice of its status. Please notify us immediately by reply e-mail and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person: to do so could be a breach of confidence. Thank you for your co-operation. Please contact our IT Helpdesk on +44 (0) 20 7785 2000 or email [EMAIL PROTECTED] if you need assistance. Please refer to http://www.freshfields.com/legalnotice/uk.asp for regulatory information relating to the provision of insurance mediation services. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
