Thread: Management server behind another NGX FW
View Single Post
  #2 (permalink)  
Old 2006-07-31
dondma dondma is offline
Junior Member
  
Join Date: 2006-07-26
Posts: 13
Rep Power: 0
dondma has an average reputation (10+)
Default Re: Management server behind another NGX FW
Make sure the firewalls are not dropping the traffic due to spoofing. From each cluster object check the interfaces and spoofing settings. If necessary, create groups containing all the networks that can be seen behind each interface including those that extend beyond the other firewall cluster.

Example:

[Networks A, B]
|
|
[Cluster A]
|
|
[10.87.244.0/24 network]
|
|
[Cluster B]
|
|
[Networks C, D, E]

Spoofing setup -
Cluster A upper interface - Networks A, B
Cluster A 10.87.244.0 interface - Networks 10.87.244.0, C, D, and E
Cluster B 10.87.244.0 interface - Networks 10.87.244.0, A and B
Cluster B lower interface - Networks C,D, and E

D
Reply With Quote