| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
AW: [FW1] Problem with connecting to a cluster
- To: <[email protected]>
- Subject: AW: [FW1] Problem with connecting to a cluster
- From: "Fitzner Daniel" <[email protected]>
- Date: Thu, 10 May 2001 12:38:43 +0200
- Sender: [email protected]
- Thread-index: AcDYs+C3vWc17sc9QOWxutlQe4kxKQAiCOWg
- Thread-topic: [FW1] Problem with connecting to a cluster
Hi,
maybe I don't explain my situation good enough. My clients connect to a
cluster with a virutal ip x.1 and the answer packet comes from the real
IP's x,2 or x.3 .
The cluster is not in my network an is not administrated by me. I have
no possibility to change this behavior.
I hope with this and my first mail now the problem of me is clear.
Best regards
Daniel Fitzner
------------------------------------------------------------------------
----
---------
Daniel Fitzner
IT-Services
T-Systems debis Systemhaus GEI GmbH / GS Berlin
debis Haus am Potsdamer Platz
10875 Berlin
mail: [email protected]
fon: +49 30 2554-3266
fax: +49 30 2554-3187
-----Ursprüngliche Nachricht-----
Von: Allison, Mark [mailto:[email protected]]
Gesendet: Mittwoch, 9. Mai 2001 20:09
An: Fitzner Daniel
Betreff: RE: [FW1] Problem with connecting to a cluster
Is this a logical server group? If so, you need to add a rule to allow
access the logical server group after the access to the nodes within the
group.
Mark Allison
> Global Cash Access / Central Credit, L.L.C.
>voice
> mailto:[email protected]
>
-----Original Message-----
From: Fitzner Daniel [mailto:[email protected]]
Sent: Wednesday, May 09, 2001 2:39 AM
To: FW1-MailingList (E-mail)
Subject: [FW1] Problem with connecting to a cluster
Hello,
we have a problem with connecting a client to a load balancing cluster.
The cluster consists of three machines with ip 192.168.1.1, 192.168.1.2
and 192.168.1.3. The client always connects to the ip 192.168.1.1 but
gets the answer packet from 192.168.1.2. If I have only the rules :
Source Destination Service Action
192.168.1.1
CLIENT-IP 192.168.1.2 TCP-Destinationport
accept
192.168.1.3
, the fw drops the answer packet from 192.168.1.2. I don't want to allow
a rule like:
Source Destination Service Action
192.168.1.2 CLIENT-IP TCP > 1023
accept
Is there any other possible solution for this problem ????
Best regards
Daniel Fitzner
------------------------------------------------------------------------
----
---------
Daniel Fitzner
IT-Services
T-Systems debis Systemhaus GEI GmbH / GS Berlin
debis Haus am Potsdamer Platz
10875 Berlin
mail: [email protected]
fon: +49 30 2554-3266
fax: +49 30 2554-3187
========================================================================
====
====
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
====
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
