Hi:
To a certain extent, it depends on how your network is designed, and how
you implement NAT on the firewall. YMMV.
We use dynamic NAT to mask the IP addresses of the internal network hosts.
There is a VIP on the secure and non-secure interfaces of the firewall. All
outbound traffic is NAT'd to the VIP on the non-secure interface. The
routers on the secure network default all traffic to the VIP on the secure
network interface. The VIPs will fail over to the other node in the cluster
in the event that one fails.
Regards.
Bob Webber
AT&T Global Network Services
Tel: (905) 762-7433
Fax: (905) 762-7497
Notes: Bob Webber/Markham/IBM@IBMCA
Internet: [EMAIL PROTECTED]
"Logic merely enables one to be wrong with authority" - Doctor Who
J�rg Oertel <[EMAIL PROTECTED]>@beethoven.us.checkpoint.com> on 01/31/2002
08:31:51 AM
Please respond to Mailing list for discussion of Firewall-1
<[EMAIL PROTECTED]>
Sent by: Mailing list for discussion of Firewall-1
<[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
cc:
Subject: [FW-1] Question about Rainwall
You Rainwall guys out there can propably answer my question.
How do you implement the routing from your protected LAN to the world? I
mean, usually you have a default gateway configured at each
workstation/PC. But in a Rainwall HA configuration you've got a bunch of
IP addresses for the firewalls. How does it work?
Any comments, at which technical or abstract level ever, are welcome.
Kind regards/Mit freundlichen Gr��en
J�rg Oertel
--
Joerg Oertel Tel:02225/8820
MOSAIC SOFTWARE AG Fax:02225/882201
Feldstra�e 8 e-mail:[EMAIL PROTECTED]
53340 Meckenheim www.mosaic-ag.com
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
