-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sergio Alvarez wrote: > Dude, it IS possible. > > Check what I wrote: > > "but the deal here is proxy arp won't work automatically. *To make that > work, you must edit $FWDIR/conf/local.arp* " > > So, there is your solution. Create as many manual NAT rules as you need and > then edit the local.arp file, including the 2 public IPs you are going to > use, associated with the external interface MAC Address. Bare in mind since > this is an HA cluster, you must edit such file on both members and use the > external interface MAC address of each one of them (this is because you are > in an active/standby mode, if you move to a load sharing scheme that could > change, but don't worry about it if you don't plan to change that soon).
Adjusting the router in front might do the trick as well. But a redundant firewall with a single router in front of it. Sounds a bit tricky. That router might die just as well. Hugo. - -- [email protected] http://hugo.vanderkooij.org/ PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc A: Yes. >Q: Are you sure? >>A: Because it reverses the logical flow of conversation. >>>Q: Why is top posting frowned upon? Bored? Click on http://spamornot.org/ and rate those images. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmgJrUACgkQBvzDRVjxmYGqOACdHaNMzM6gSnP80hdM1Ensqgu+ 9TMAn3+pS82zRKAz3hCx/+0IUfFrpsoL =JZuX -----END PGP SIGNATURE----- Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
