Hi list,
It is possible to implement a contingency for automatic GW VPN with two
different external networks?
The scenario is as follows:
I have a clusterXL set with two external interfaces for different networks:
Ex: eth0 = 189.31.1.1 eth0 = 200.252.1.1
The deafult route of my firewall points to the routerB.
Ex:
-----------------
| Remote GW |
-----------------
| 200.201.1.1
|
-------------------
| INTERNET |
-------------------
| |
| |
----------- ------------
|RouterA | | RouterB |
----------- ------------
| |
| |
-------- ------
189.31.1.1=eth0| |eth1=200.252.1.1
-------------
| ClusterXL |
-------------
|
When I configure a VPN with my clients, usually my GW VPN use the IP of
eth1.
When I use the GW's IP being as eth0, i put a static route to the IP from
the remote GW to routerA.
But I have a big problem. When one of the links(Internet) fails, VPNS are
unavailable because the need my client change my peer GW's IP VPN to
another network.
What would be the best way to implement a contingency that is transparent to
my clients?
Regards,
Leandro
Scanned by Check Point Total Security Gateway.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
