Yeah I've been wondering the same thing, if youset its own external interface as its own default gateway it works, but that seems somewhat odd... I've asked for a cp technie to come in and discuss it...
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]] On Behalf Of Alberto Sent: 30 January 2003 12:55 To: [EMAIL PROTECTED] Subject: [FW-1] route problem in ClusterXL Hi! I'm trying to use a ClusterXL with load sharing. It's three networks, clients, servers and external. I'm checking connectivity with pings. Text policy allows everything. It's CP NG FP3 HF1. Between private networks there's no problem. Problem is when trying to ping from clients or servers network to the external one. It's due to especial 'new cpha/load sharing' interface configuration. In private networks, cluster members interfaces belongs to the same net than the virtual ip, or cluster ip..So firewalls has no problem routing them. but the external interfaces belongs to a private network, different from the public routable ip of the external cluster virtual interface. It is the configuration proposed in cluster XL manual, for saving to public ip, I think. Well, the question is how do the firewall reach the external network? Their external interfaces do not belong to it, and there is no router in that network. Any idea?... thanks. ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
