CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 3 of 3

Thread: Nat for two private IP with one public IP

  1. #1
    Join Date
    2011-10-03
    Posts
    76
    Rep Power
    9

    Default Nat for two private IP with one public IP

    Hi,

    We have two private internal server ip address and one public IP address.
    Requirement is that whenever user from internet access public IP address (203.X.X.X) connection should be go on both the internal server (Like load balancing algorithm- round robin).

    We have configure static NAT for two internal server ip address with the same public IP address, but connection coming only on one internal server which is configured first in NAT/rule base.

    How can we configure load balancing on checkpoint.
    Gateway is VSX 12200.

    Thanx
    Arjun
    Thanx
    Arjun

  2. #2
    Join Date
    2012-07-19
    Posts
    106
    Rep Power
    8

    Default Re: Nat for two private IP with one public IP

    Quote Originally Posted by sawant.arjun@gmail.com View Post
    Hi,

    We have two private internal server ip address and one public IP address.
    Requirement is that whenever user from internet access public IP address (203.X.X.X) connection should be go on both the internal server (Like load balancing algorithm- round robin).
    I'd say you should take a look at sk87641, as you probably want to use a "Logical Server" object for that. Round robin and connection stickyness seem to be supported, but I have no experience with that kind of objects. Most setups I've seen bring their own load balancers.

    Note: Check Point does not recommend this, as this feature will be removed. Not sure if it is available in R80+. I'd recommend a real load balancer behind the gateway.
    Last edited by Jejerod; 2017-06-16 at 07:55.

  3. #3
    Join Date
    2006-07-28
    Location
    San Francisco, USA
    Posts
    2,494
    Rep Power
    16

    Default Re: Nat for two private IP with one public IP

    That used to be one of those questions that used to get asked in old Check Point exam. I don't think I ever saw anyone ever actually implement it though.

    You're better off using a load-balancer. Either commercial, or just use something like haproxy, since it doesn't sound like you need any complex features.

Similar Threads

  1. Private IP & NAT
    By avilT in forum Miscellaneous
    Replies: 4
    Last Post: 2013-02-18, 10:10
  2. DMZ - Public or private IP addressing
    By dazzler in forum Miscellaneous
    Replies: 15
    Last Post: 2012-09-15, 02:01
  3. SSH Authentication using Private/Public Keys
    By goldberg in forum Authentication
    Replies: 2
    Last Post: 2008-08-12, 09:49
  4. Public to private NAT
    By TLS82 in forum NAT (Network Address Translation)
    Replies: 5
    Last Post: 2008-03-14, 11:45
  5. VPN private to public ip
    By guy-1 in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 2
    Last Post: 2007-05-14, 05:24

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •