Hi all,
I have a special ISP Retundacy scenario that need to share with you and
find a better solution.
The client have two SPLAT inspection modules running ClusterXL and one
Smartcenter, both at R62.
Interface arrange :
Eth0, defined as External, on cluster have an internal IP 192.168.1.1
Eth1, defined as External, on cluster have an external IP
200.200.200.1
Eth2, defined as Internal, on cluster have an internal IP 192.168.2.1
Fw1 IP ends in .2 and Fw2 ip ends in .3
Traffic arrange :
Eth0 leads to an internal network that have outbound internet access
thru other firewall and offers
inbound NATed access to cluster IP address and some internal
hosts of this client that are
behind Eth2 interface.
Eth1 leads to Internet thru a local internet link.
Eth2 leads to internal client lan.
Desired solution :
Client wants to keep using Eth0 internet path as the primary connection
and Eth1 as a secondary
Internet path.
Incomming connections, incluinding VPN site-to-site or remote access
could be recieved thru both
paths
I?ve initiated an ISP Retundacy config but got stucked with some NAT
problems as no Nat can be
applied in Eth1 traffic.
As i could understand, most of guides uses a scenario that both internet
links are direct attached to
cluster nodes and this indirect internet connection is never addressed.
Any1 have some clue ?
--
Antonio Costa
CCNA/CCSE/MCSE/LinuxAdmin
Sao Paulo / Brasil
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
