[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VRRP issue
Chris, I ran into a similiar problem and had to do the following.... create a workstation called VRRP-MULTICAST with an ip of 224.0.0.18 next create a policy rule that states source FW1 and FW2, destination VRRP-MULTICAST, service vrrp, accept this needs to go above your stealth rule. if you do not have this, your stealth rule will drop the vrrp packets and your FW's end up hanging. Hope this helps, -Ryan Nobrega -Southern CT State University -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Chris Koger Sent: Thursday, August 02, 2001 8:24 AM To: Fw-1-Mailinglist Subject: [FW1] VRRP issue Hello all and TIA for any help that anyone may be able to give. Here's the scenario: I have two Nokia boxes (IP330s) that I am working on both running IPSO 3.3-FCS3; each has two interfaces. I am trying to get VRRP up and running. I can enter all of the information for VRRP and apply and save it, but when I enter the IP of the backup address for them to represent (the VRRP address), the boxes fail - total freeze, no response. They then have to be rebooted and all of the info remains in the VRRP config except the IP address. If I try again, the same thing happens. If I enter both IP address (two interfaces), the machine doesn't come back at all even after rebooting. Has anyone seen this? If so, what was your resolution? Nokia has not returned with an answer. More info: The two machines have been running for about a month awaiting an implementation date with everything configured except VRRP - they are taking the place of another older firewall. This issue occurs with or without the firewall software running and with or without the ifwd interface monitoring daemon running. I know this is a firewall mailing list, but I hope someone has some info. Again, thanks. Chris Koger ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|