[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Redundancy & HA

To: "'Gunjan Mathur @9netave'" <[email protected]>, [email protected]
Subject: RE: [FW1] Redundancy & HA
From: Michael Liberte <[email protected]>
Date: Tue, 2 Jan 2001 09:12:37 +0200
Sender: [email protected]

Define two more routes in your DMZ:

100.x.x.1 ==> 10.x.1 and 200.x.x.1 ==> 10.x.10;

leave the default routes intact.

-----Original Message-----
From: Gunjan Mathur @9netave [mailto:[email protected]]
Sent: Saturday, December 30, 2000 6:57 AM
To: [email protected]
Subject: [FW1] Redundancy & HA

Hi,

I'm trying to create a redundant environment for HA. my setup is like this

100.x.x.1    10.x.1           10.x.x.2

ISP1 ---- FW1 ------------| DMZ

               |                 |

             LAN              | Server

               |                 |

ISP2 ---- FW2 ------------|  here

200.x.x.1     10.x.10

On my DMZ server I specify defalut route from both the FW:

ie : route 0.0.0.0 10.x.x.1 AND route 0.0.0.0 10.x.x.10

Now I saw strange behaviour, some time request commig from FW1 lost or some time from FW2 lost.

What could be the reason of this? As I could understand that if request come from FW1 with the real IP (not 10.x.x.) and replies goes back from FW2 (b'cuz  system have two default route) then I lost It can't reach FW1 client.

I'm accessing Database in my DMZ.

How I can solve this problem?

Thanks

Gm

Prev by Date: [FW1] Securemote Error: Inappropiate policy
Next by Date: [FW1] Q regarding Fw between networks setup
Prev by thread: [FW1] dnsinfo.C
Next by thread: [FW1] Q regarding Fw between networks setup
Index(es):
- Date
- Thread