I have a need to load balance between two http servers.
Server A: 192.168.253.xxx NAT: 207.xxx.xxx.xxx
Server B: 192.168.253.yyy NAT: 207.xxx.xxx.yyy
I can connect individually to Server A and Server B's NATed addresses.
I've defined a group consisting of Server A and Server B's NATed addresses.
I've defined a logical server 207.xxx.xxx.zzz, which uses the group defined
above. I've tried setting this both to HTTP and Other.
I've added 207.xxx.xxx.zzz to the local.arp file in fw40/state, using the
MAC address of the firewall.
I even added the logical server to the group that is used to get past
anti-spoofing.
When I try to connect, it simply times out. No errors or successes show up
in the firewall's log. Interestingly, if I try to connect without the
logical server defined, I get a reject from the cleanup rule, so clearly the
packets are getting to the firewall.
Has anyone had experience with a similar configuration? This has got me
stumped. I've looked through the archives and seen similar questions, but
not many answers.
--
Bill
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
