Quote:
Originally Posted by sebastan_bach  hi i am new to checkpoint and i want to know when we are having a cluster and we are using hide nat behind the gateway. then the packets will be natted to the external interface ip address. so when the return traffic comes back to the gateway will the gateway process the packet.
cause i guess as per the documentation when we configure cluster the outside router points route to the internal networks or natted address pointing to the virtual ip on the external interface.
so is it necessary for us to use the virtual ip address as the nat address.
i am not sure abt this can someone pls guide me on this.,
sebastan |
"then the packets will be natted to the external interface ip address. so when the return traffic comes back to the gateway will the gateway process the packet"
I would think that in most circumstances you would want
the outgoing packets hide natted to the Cluster address.
Otherwise in the event of a failover or dynamic load re-balance
the sessions will disappear.
"so is it necessary for us to use the virtual ip address as the nat address."
So yes - I think so.