|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] IPSO VRRP issue
Dont forget to enable vrrp connections. Config-> Router Services -> VRRP -> Accept Connections to VRRP IPs: Disabled Enabled Steve -----Original Message----- From: [email protected] Sent: Tue, 30 Jan 2001 13:35:56 -0000 To: [email protected], [email protected], [email protected] Subject: RE: [FW1] IPSO VRRP issue This may be a silly question but if you're pinging a firewall then it shouldn't respond. I always include rules to bar connection to the firewall and ICMP check the implied rules on the firewall and the firewall logs to see if the packet is dropped. Andrew Shore BTcd Information Systems Engineering Internet & Multimedia -----Original Message----- From: Francisco Cabral [mailto:[email protected]] Sent: 30 January 2001 12:43 To: 'Dave Dunaway (ncc0296)'; [email protected] Subject: RE: [FW1] IPSO VRRP issue Same problem here but I can't don't anything else: telnet, ftp, Voyager... When I try to access the VRRP address, I can see the arp entry on the host arp table but no reply... Any ideas? Francisco -----Original Message----- From: Dave Dunaway (ncc0296) [mailto:[email protected]] Sent: Tuesday, January 09, 2001 9:43 PM To: [email protected] Subject: Re: [FW1] IPSO VRRP issue Thanks to all who replied. I'm currently upgrading my boxes to 3.3 :) On Mon, Jan 08, 2001 at 03:45:14PM -0800, Konstantin Matev wrote: > Then upgrade to IPSO 3.3.x and you should be able to ping the VIP address. > It is an option supported in IPSO 3.3.0. > > -Dex > > -----Original Message----- > From: Dave Dunaway (ncc0296) [mailto:[email protected]] > Sent: Monday, January 08, 2001 3:12 PM > To: Vince Kornacki > Cc: 'Chris Arnold'; [email protected] > Subject: Re: [FW1] IPSO VRRP issue > > > > > Er...ok, but in the case where my cisco 6509 using msfc won't add an entry > in its arp table because it can't ping the VRRP vip....what then? :) > Any ideas? > > On Fri, Jan 05, 2001 at 04:58:54PM -0600, Vince Kornacki wrote: > > Chris, > > > > Per RFC 2338, VRRP VIPs are not required to respond to echo-requests > > (pings). > > > > Hope this helps. > > > > Vince Kornacki > > > > -----Original Message----- > > From: Chris Arnold [ mailto:[email protected] > > <mailto:[email protected]> ] > > Sent: Friday, January 05, 2001 4:29 PM > > To: [email protected] > > Subject: [FW1] IPSO VRRP issue > > > > > > > > Hello. I just did the initial VRRP configuration on a pair of Nokias > > (IPSO > > 3.2.1). I followed the instructions in Nokia's knowledgebase and it > > appeared to be correct. I'm seeing the VRRP traffic allowed in the FW > > log > > (CP 4.1 sp2) and netstat -rn and ifconfig -a from the command line(s) > > show > > the virtual IP address (and fail-over appears to work) but I can't ping > > it. > > There are no CP rules blocking this. Any thoughts? > > > > Thanks. > > > > Chris > > > > > > ======================================================================== > > ======== > > To unsubscribe from this mailing list, please see the instructions > > at > > http://www.checkpoint.com/services/mailing.html > > <http://www.checkpoint.com/services/mailing.html> > > ======================================================================== > > ======== > > > > -- > Dave Dunaway [[email protected]] > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== -- Dave Dunaway [[email protected]] Systems Administrator, AT&T Canada, IES tel:, fax:============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ___________________________________________________________________________ Visit http://www.visto.com/info, your free web-based communications center. Visto.com. Life on the Dot. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
