RE: [FW1] SecuRemote Query

Fri, 09 Jun 2000 06:54:12 -0700 


Well.......the proprietary dialup network operates by building an LF2 tunnel
between the NAS and the router on the customer premises. This allows them to
offer dialup facilities to many customers on the same network
infrastructure.

It means that the routers that terminate the dialup links on the customer
premises don't "see" each other and therefore neither do the firewalls.

Steve


-----Original Message-----
From: Robert MacDonald [mailto:[EMAIL PROTECTED]]
Sent: 09 June 2000 14:18
To: steve.pollard; fw-1-mailinglist
Subject: RE: [FW1] SecuRemote Query



Steve,

How would the network you dial into differentiate between
them if they both have the same IP? What about making
use of a VIP?

- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n   F o o d    S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]

>>> <[EMAIL PROTECTED]> 6/9/00 7:21:44 AM >>>

  <snip>

>The problem is a bit more complex than that. The SR users are not dialling
>in through the Internet, they are dialling in through a proprietary dialup
>network which could route them to one or other of the gateway locations in
a
>random (load balanced) way. This means that the SR user could end up at
>either gateway. If the SR setup says that they have a primary gateway at
>10.0.1.1, for example, and they end up at the other on 10.0.2.1 then they
>won't get a connection, presumably.
>
>I had thought about giving both firewalls the same IP address since they
>don't know about each other. It would then not matter which firewall the SR
>user ended up at. BUT......

   <snip>

>Steve Pollard



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to