[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Nokia and HA configuration
Hello all, I'm setting up a two Nokia's 440's in a high availability configuration for the first time. I think I have most of the information down correctly, but had a couple of questions. I have three objects setup: Firewall Primary, Firewall Secondary, and Firewall Cluster. Firewall Primary - has all the physical IP Addresses for the primary firewall Firewall Secondary - has all the physical IP Addresses for the backup firewall Firewall Cluster - has the logical IP addresses I've also set a rule at the top of my rulebase for the VRPP broadcast. 1) My question is what object do I use in my rules? Do I use the Cluster object, Firewall objects, or all three? 2) Do I have to enter Authentication, Encryption, etc. information for all three objects? Or can I do it just on the Gateway. The documentation says that some options should go away when I include firewalls in a cluster, but I haven't done that yet. 3) I've configured a NIC on each firewall with IP addresses on the same subnet and connected them with a crossover cable. I intend that to be by sync connection. Where do I specify those interfaces to be the sync connection? Is that even necessary? 4) I connected to the Nokia box via my web browser from the internal NIC card. But if I point my browser to the external NIC, will I be able to connect? If so, is there a way to enable the browser connection only from the internal NIC? I apologize for my ignorance. This configuration was sprung on me in the last minute and I've not had time to research it properly. I've checked out some whitepapers from CheckPoint and they seem a bit contradictory. Any help you can provide would be great. I Sudhir Kondisetty First Consulting Group ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|