 | ||
 Cluster multiple IP's | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-10-09 | |||
| |||
 Cluster multiple IP's Hi CheckPoint experts, myself a humble newbe. I´m trying to set up a cluster with NGX/ClusterXL, Load balancing mode. Our problem is that we need to cluster a whole IP range - "192.168.0.2-254" Is this possible with ClusterXL? We can only get a 1 IP cluster up and running. Or am I missing some fundamental knowledge?!? Have trying with VLAN but without luck. Anybody have a solution, thanks in advance! Michael  |
| 2006-10-10 | |||
| |||
| Re: Cluster multiple IP:s Could you explain this a bit further? Do you mean that you want to have 253 cluster IPs on one interface of a firewall? What on earth would you do that for? It would leave only one IP available for a host in that subnet - what would be the point? |
| 2006-10-10 | |||
| |||
| Re: Cluster multiple IP:s Thanks for very fast reply! Sorry that I didn´t explain it correct, it should be an IP range of external/public IP:s, not an internal range... And the purpose of it should be to get multiple/diffrent HTTPS/SSL connections to diffrent locations/servers, and as i understand HTTPS/SSL needs a unice IP. For example. Customer A needs a HTTPS/SSL connection to https://login.customerA.com and customer B need to get to https://login.customerB.com Our enviroment: ISP router: "192.168.0.1" - internal IP:s just for exempel... Our IP range: "192.168.0.2-254" We need to get diffrent services on diffrent IP:s accessible from Internet, preferable with a Load balanced cluster (NGX ClusterXL). I guess that I´m missing some basic knowledge, but is this possible or should I us diffrent solution? Best regards from the newbe. |
| 2006-10-10 | |||
| |||
| Re: Cluster multiple IP:s In that case you probably want to do NAT. You don't want to configure a whole lot of cluster IPs. You will only configure one cluster IP, and tell your upstream router to route to the firewall cluster IP for the range of addresses you will be using for NAT. You can do this with either routing - use something other than your NAT range for the network between the firewall and router - or you can do it with proxy ARP. Read through this post How to view the automatic proxy arps NGX for some stuff about routing and NAT. I think you've got a bit of reading on routing, NAT, and clustering coming up. |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
