On Tue, 28 Aug 2007, no-need to-list wrote:
VPN domain cannot overlap, unless you are using all these firewalls in a
cluster mode such as clusterXL.
whatver network segements you have in encrydoamin1 should not exist in
encryption2, tis is the cleanest way to do it.
If you really need to overlap networks segment then you need to do some fancy
NAT(network address translation) and most of the problems are usually routing
or nat or both.
Or look into the concept of MEP. It allows multiple firewalls under common
management to share the encryption domain and allow the user or admin to
determine through which gateway you can enter the network.
Hugo.
--
[EMAIL PROTECTED] http://hugo.vanderkooij.org/
This message is using 100% recycled electrons.
Some men see computers as they are and say "Windows"
I use computers with Linux and say "Why Windows?"
(Thanks JFK, for this quote of George Bernard Shaw.)
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
