Hello, system is 2 * NOKIA IP390 with IPSO 4.1BUILD033, Checkpoint NGX R60_05. We have the issue, that we want to learn some (1000+) routes from a bunch of adjecent cisco routers via iBGP. They're all coming over one interface, so there are no issues with antispoofing. We're also using SecureClient connects, so we have activated "Hide Cluster Member's outgoing traffic behind the Cluster's IP Address". Because of this, iBGP sessions can not be initiated from the VRRP-member, because the source IP would be rewritten and no traffic would reach the standby-member, but only the master. Besides that, SSH-login takes very long, because auf DNS-lookups, and also no ping from the node to other systems is possible, because the source-ip gets rewritten, too. Is there any chance, to further configure the rewrite of source-adresses of local initiated sessions, so that we can exclude i.e. BGP, ICMP echo etc. from rewriting? Thank you in advance, regards, Dennis
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
