[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] 2nd external interface on FW
Ivan, Firewall license is based on either hostid or IP address of interface, usually external interface. You can use 2 interfaces as external interfaces even if your license is based on single interface. Firewall assume IP address of that interface as hostid for system. It is your Firewall policy that determines what is internal/external interface for practical purpose. I think here you are trying to load balance/failover between two ISPs if that is the case my opinion is to use external router which can do all this and connect Firewall after this router. router will deal with all ISP quirks. But anyway if you are connecting Firewall directly to ISP(such as Nokia boxes etc.) then just define 2 default routes (one for each interface) and machine should be able to failover if one interface (i.e one ISP) is down. IN general I can forsee few operational problems here. As OS may be confused so does FW-1 when one interface suddenly disappears especially when you are using Encryption. Thanks, Rajeev On Tuesday 02 October 2001 22:11, Ivan More wrote: > Hi, > > We are running FW-1 ver 4.0 on an NT4 server. > > As our higher management wants redundancy to the > Internet and suggested to have 2 External interfaces > on the FW-1 ver 4.0 to 2 different ISP to provide > redundancy? > > I do not think this is possible on FW-1 4.0. > > Is there such a licensing? > > Could someone provide or point me to such information > as to whether it is possible? > > I need concrete information to convince them. > > Thanks in advance. > > > Cheers, > Ivan > > _______________________________________________________ > Do You Yahoo!? > Get your free @yahoo.ca address at http://mail.yahoo.ca > > > =========================================================================== >===== To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > =========================================================================== >===== -- ******************************************************************** Rajeev Kumar ([email protected]) http://www.rajeevnet.com ******************************************************************** -- PGP PUBLIC KEY -- http://www.rajeevnet.com/crypto/mypubkey ******************************************************************** What's New on rajeevnet.com: o Unix/Windows password Sync: http://www.rajeevnet.com/linux/passwd_sync/passwd_sync.html o Wonders of 'dd' and 'netcat' :: Cloning Operating Systems http://www.rajeevnet.com/tips_hints/os_clone/os_cloning.html ******************************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|