NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] failover with NATting



Yes I looked into it, but the problem is that they don't want to purchase
anything new. I havn't spoken to the reps at those companies but I am
assuming the products are pretyy pricey.

Thanks, Eugen B
----- Original Message -----
From: "Kim Longenbaugh" <[email protected]>
To: <[email protected]>
Sent: Friday, November 02, 2001 9:50 AM
Subject: Re: [FW-1] failover with NATting


> Have you looked into products like the LinkProof from Radware and Warp
from Fatpipe?  These appliances can combine t-1s, dsls, etc etc to provide
redundancy and load balancing.  They don't require BGP, and both provide
answers to the DNS issues raised when multi-homed to two different ISPs and
address ranges.  urls are:
> www.radware.com
> www.fatpipeinc.com
>
>
> >>> [email protected] 11/01/01 01:38PM >>>
> Hey guys,
>
> I have an interesting proposal that I am working on for a client of mine.
Please see the sample diagram at:
>
> http://www.macroscape.com/gifs/failover.gif
>
> Here is the scenario. I am trying to design a cheap failover solution. The
customer does not want to pay for a full T-1 or even a frac, so BGP is out
of the question with any DSL provider.
>
> As you can see from the diagram the external router will be doing all the
work as far as NATing the UUnet ip addresses to the DSL provider's
addressing scheme. I have a couple of concerns:
>
> 1. The customer has a HIDE nat for the internal network (hides them behind
the firewall address). So when I have a static route on the DSL router to
point to the NATes address of the firewall back to the UUnet router will all
the HIDE NATs work? I am not so concerend with all the static NATs - that
should be ok.
>
> 2. Second question involves IKE negotiation. If the remote firewall is
setup to negotitate with the actual IP address of the NY firewall and also
the NATted address(in case UUnet is down), will the negotiation work. I know
someone who is doing this with the Cisco VPN solution.
>
> 3. Thidly and probably not lastly - How do I accomplish what I was talking
about in #2 as far as setting up on the remote firewall to establish tunnels
with both (the physical IP address of the firewall as well as the NATed) If
I create another Firewall Object with the NATed Ip address of the firewall-
I think that should work...right?
>
> Thanks for nay help, Eugene B
>
> ===============================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ===============================================
>

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.