[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Firewall clusters (HA VPN with Nokia VRRP)
Hi again, How do the firewall cluster objects work for HA VPN solutions (based upon Nokia resolution 2808? In the following example, there are cluster objects that are based upon the VRRP address shared between two firewalls. The general thought is that the encryption gateways would be the cluster objects-except for a leetle NAT problem. On Site B, there is a NAT device that presents the cluster object as a different address than 10.2.1.3. Site A --------------- Site B ---------------------- FWA-1 10.1.1.1 FWB-1 10.2.1.1 FWA-Clus 10.1.1.3 ---- Internet ---- NAT --- FWB-Clus 10.2.1.3 FWB-2 10.1.1.2 FWB-2 10.2.1.2 Will this work? If not, are there other options based upon VRRP and standard VPN-1 (i.e., no StoneBeat, Rainfininty, etc.)? Cheers, --- Gavin ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|