Yes. Perhaps I am missing something. You have 2 seperate external ISP routers that both have their own IP bolcks, one plugs into your external (default gateway) interface. The other is plugged into what? I would assume you have setup an addtional interface on the FW so it can talk to the new router through this interface. I would also assume you are doing auto hide nat for your internal network, set for hide behind gateway, which will hide the outgoing traffic behind which ever interface it leaves. You have to have some type of rule(s) in place for your internal network traversing the FW to be able to reach this router, but I think you do have this in place since you can ping through to your current extenal router. If you traceroute from your FW to the new router where does this go?
________________________________ From: Mike Darr <[email protected]> To: [email protected] Sent: Wednesday, September 9, 2009 1:48:44 PM Subject: Re: [FW-1] 2 T-1's When you say get interfaces you mean in the topology section for the gateway? If so, yes. Not sure there should be a policy for this. It is just an outside interface. We do not have one for the existing. We do not on our router. -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of Gary Scott Sent: Wednesday, September 09, 2009 10:10 AM To: [email protected] Subject: Re: [FW-1] 2 T-1's Did you do a get interfaces after adding the new one? Policy allowing this? NAT in the way? -GS ________________________________ From: Mike Darr <[email protected]> To: [email protected] Sent: Wednesday, September 9, 2009 8:11:41 AM Subject: Re: [FW-1] 2 T-1's We are in the process of moving our Verizon line to an ATT line. I hung a hub off the outside of the firewall to connect two T-1's, Verizon and ATT. For some reason I cannot ping the new ATT router. It is on the same network as the outside firewall address. I rebooted the firewall and all routers with no success. I can ping the ATT router from the Verizon router and the firewall, but nothing inside out. I show it goes through in Tracker. Tarcert shows it stops at the inside address of the firewall. Has to be something minute. Mike -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of Gary Scott Sent: Tuesday, September 08, 2009 4:06 PM To: [email protected] Subject: Re: [FW-1] 2 T-1's You can have as many routers hung off the FW as you want. What exactly are you looking to do? -GS ________________________________ From: Mike Darr <[email protected]> To: [email protected] Sent: Tuesday, September 8, 2009 3:03:11 PM Subject: [FW-1] 2 T-1's Is it possible to hang two routers off the back of a Checkpoint Firewall? Thanks Mike Darr Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
