NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] redundant Nokia firewalls



Sounds like routing on the internal router is messed up.  I suspect that the 
default route on you router(or rsm switch) has been set to route to the wall1 
only, you need to amend the config on you router to route to both firewalls as 
a default, thus loadballacing the packets. 

On Mon, 4 Jun 2001 18:47:40 +0100 "Richard Marshall" 
<[email protected]> wrote:
>Hello I hope someone can help...
>
>We are running two nokia IP440's in a redundant configuration using the
>fw4.1 cluster system and mcVRRP. From the managment server i can ping both
>internal and external interfaces of the firewall. However, i can only ping
>the internal interface of te second firewall, not the external interface.
>This means that the managment station cannot push policies to the second
>part of the cluster, and the system status window says that it is
>disconneted. I can only fw fetch a policy to this wall.
>
>Running a tracert from the mgmt station to the internal address of 'wall 2
>reaches the interface in one hop. A tracert to the external address of
>'wall2 from the mgmt station first goes to 'wall 1 then times out returning
>a 'destination host unreachable'.
>
>Has anyone got any ideas what is happening, and how i can get the mgmt
>station to talk to the second firewall?
>
>thanks in advance.
>
>Richard Marshall
>Systems Analyst
>NetDoctor.co.uk
>Tel: + 44 20 7681 8470
>Mobile: + 44 7980 865 306
>MSN Messenger: richiemarshall
>E-mail: [email protected]
>http://www.netdoctor.co.uk
>-----------------------
>Notice of Confidentiality
>This e-mail (and its attachment(s) if any) is intended for the named
>addressee(s) only.
>It contains information which may be confidential and which may also be
>privileged.
>
>Unless you are the named addressee (or authorised to receive it for the
>addressee) you may not read, copy or use it, or disclose it to anyone else.
>
>Unauthorised use, copying or disclosure is strictly prohibited and may be
>unlawful.
>
>
>
>


-- 
Get your firstname@lastname email for FREE at http://Nameplanet.com/?su


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.