On Mon, Jul 09, 2001 at 03:12:03PM -0400, Sawyer, Douglas (D.G.) wrote:
:
: Has anyone used Cisco's 11150 series content switch for HA on firewalls? I would be
:interested in knowing the outcome. Also if you used VPN, does fail over work without
:re-keying?
:
It works pretty much the same as it does with any load balancer. Just make
sure you're doing some sort of src/dst hashing, to prevent asymmetric paths.
No re-keying will be required IF you setup a gateway cluster.
: I am aware of required changes to Objects.C and the syncing between FW's. However
:my main interests lies in wither or not this is a viable means of HA vs. other
:software products available.
:
No objects.c changes, just sync the firewalls.
--
Jason Costomiris <>< | Technologist, geek, human.
jcostom {at} jasons {dot} org | http://www.jasons.org/
Quidquid latine dictum sit, altum viditur.
My account, My opinions.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
