You may want to check the previous post on this to see the limitations with PBR
-GS ________________________________ From: Independent IT Consultant <[email protected]> To: [email protected] Sent: Thu, February 11, 2010 9:46:51 AM Subject: Re: [FW-1] help please on Checkpoint routing/traffic flow You're looking to do POLICY BASED ROUTING. It's very possible to do (dependent on OS), but is not something that TAC likes to hear about. If your enforcement point is linux or secureplatform, then google iproute2. On Wed, Feb 10, 2010 at 4:18 AM, Peter Addy <[email protected]> wrote: > Hi > > Routing has never been aa strong point of mine, hence a question on > Checkpoint routing > > > > > > Is it possible to have connections coming into our firewall > that will normally leave the external interface default route, but leave > through > a different interface that has a external ip address that is a routable IP > such > as a 62.x.x. > > > > So the default route is not taken for certain incoming host connections > which are routed through a separate tagged interface that has a routable > address, can we do this with static routing and Nat? > > > > Do connections have to leave the same interface they come in > on? > > > > We are running vrrp not load balancing > > Thanks > > > > > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
