Is anyone using different interfaces for the FW-FW sync and the FW-FWMS (Management server) communication? if so, how do you specify which interface to use? We are currently doing state sync on the "internal" interface of our 2 FWs, and we would like to change it so the state sync is done over a dedicated interface (cross-over cable between the FWs). I previously used the -n option of the putkey to specify the interface for syncronization: fw putkey -n <Internal-IP-FW#1> <Internal-IP-FW#2> (these same internal interfaces were in the sync.conf file) I used the -n option to specify the *same* internal interface for communication with the FWMW: fw putkey -n <Internal-IP-FW#1> <IP-FWMS> So, the obvious thing would be to redo the FW-to-FW putkey like this: fw putkey -n <CrossOver-IP-FW#1> <CrossOver-IP-FW#2> (and put these interfaces in the sync.conf file) But, I *think* I heard/read that the -n was effective for *all* of the putkeys on a FW (i.e. you are specifying the interface for all putkey-dependent communication). If this is true, then my FW will also try to communicate with the FWMS on the interface leading to the other FW... Is that true? Thanks in advance, -- DH ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
