[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] FW Architecture Advise
I have an enterprise FW/VPN and management module installed on the same server in a large production environment. This box controls and runs over 12 FW/VPN modules around the world. Most offices have no IS support (i.e. no hands to help make changes.) I am changing the enterprise FW/VPN management server from an NT server to 2 Nokia 440?s in an HA configuration. The advise I need is: Since I have all of those FW/VPN boxes running VPNs with and looking at my FW?s managment modules current IP address, lets say it is 198.6.1.1, and my router (connection to the internet) is setup as 198.6.1.2 what is the easiest way to setup my Nokia?s in HA without having to change my FW/VPNs around the world. My first thought: Setup the Nokia?s as say 198.6.1.3 and leave my management server setup as 198.6.1.1 This would allow the management module to continue communicating with my remote FW/VPN boxes. However this leaves my management server sitting exposed to the internet with just a router access list to protect it. Any help is appreciated Thanks Chris __________________________________________________ Do You Yahoo!? Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|