 | ||
 Standby FW uses cluster address | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-11-30 | |||
| |||
 Standby FW uses cluster address Hi, We are running a clustered NG FP3 solution. When the primary is running we have no problems, however when we are in failover, the primary (that has now become the standby) firewall is still sending traffic using the cluster address as the source IP. Obviously when this traffic comes back it goes to the active firewall that now holds the cluster address. How do I configure the standby firewall to use it's local IP instead of the cluster address when it's in standby? Thanks.  |
| 2006-11-30 | |||
| |||
| Re: Standby FW uses cluster address You can solve this by setting up manual NAT rules to force the fw members real address. Place on top of NAT rulebase and reinstall policy NO: 1 ORIGINAL PACKET SOURCE: primary_gateway DESTINATION: Any SERVICE: Any TRANSLATED PACKET: SOURCE: =Original DESTINATION: =Original SERVICE: =Original INSTALL ON: gw_cluster NO: 2 ORIGINAL PACKET SOURCE: secondary_gateway DESTINATION: Any SERVICE: Any TRANSLATED PACKET: SOURCE: =Original DESTINATION: =Original SERVICE: =Original INSTALL ON: gw_cluster |
| 2006-12-21 | |||
| |||
| Re: Standby FW uses cluster address Is there any reasons why by doing so? |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
