|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] multiple external interfaces on firewall
"Pulver, Richard" wrote: > > Doesn't the external.if handle what interface is external? As far as I know, > you can have only 1 entry in external.if. So that makes all other interfaces > internal. Only needed if you don't have the unlimited licence. (As it is used to count the number of internal ip addresses.) > In my experience i think that is not possible to have more than one external > interface in the firewall-1. One of the interfaces is external and all the > others are internal, because you have only one "default gateway", all the > traffic that is not internal is sent to that gateway. You can define different default routes with different metrices, depending on the os. I've never done this, and wouldn't suggest to do this. > Is there ever a reason to implement multiple external > interfaces (for internet access) on the same firewall? Hardware failover maybe? Just in case one NIC or cable fails. Any other reason? I wouldn't install any service (as e.g. BGP) on the firewall, this should be done by a router. > If so, how would one go about routing specific address > ranges out the desired interface? Hey, that's normal routing. route address/range to gw/interface Patrick ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
