sheik
Can you further describe why would I need to keep my
current FW address for my virtual IP? Since my global
FW/VPNs communicate with my management station isn't
the MGT station more important to keep the same?
Thanks
Chris
--- Sheik Abdulla <[EMAIL PROTECTED]> wrote:
> Hi Chris,
>
> You need to keep your existing FW IP, 192.168.1.1 as
> Virtual IP for HA for
> both boxes. You need to configure this Gateway
> cluster in SEP mode.
> Individual Nokia boxes will have different IP
> addresses of the same subnet,
> e.g., 192.168.1.3 & 4. Whereas you have to have your
> management station
> separately with another IP address, e.g.,
> 192.168.1.5. (Your router is
> 192.168.1.2, as you said).
>
> You need to mention the mangement station address in
> both boxes. For
> further clarification go through
> http://support.checkpoint.com
>
> regards,
> sheik
> [EMAIL PROTECTED]
>
>
> ----- Original Message -----
> From: "Chris H" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, September 11, 2001 5:58 AM
> Subject: [FW1] FW Architecture Advise
>
>
>
> I have an enterprise FW/VPN and management module
> installed on the same server in a large production
> environment. This box controls and runs over 12
> FW/VPN modules around the world. Most offices have
> no
> IS support (i.e. no hands to help make changes.) I
> am
> changing the enterprise FW/VPN management server
> from
> an NT server to 2 Nokia 440's in an HA
> configuration.
> The advise I need is:
> Since I have all of those FW/VPN boxes running VPNs
> with and looking at my FW's managment modules
> current
> IP address, lets say it is 198.6.1.1, and my router
> (connection to the internet) is setup as 198.6.1.2
> what is the easiest way to setup my Nokia's in HA
> without having to change my FW/VPNs around the
> world.
> My first thought:
> Setup the Nokia's as say 198.6.1.3 and leave my
> management server setup as 198.6.1.1 This would
> allow
> the management module to continue communicating with
> my remote FW/VPN boxes. However this leaves my
> management server sitting exposed to the internet
> with
> just a router access list to protect it.
> Any help is appreciated
> Thanks
> Chris
>
>
> __________________________________________________
> Do You Yahoo!?
> Get email alerts & NEW webcam video instant
> messaging with Yahoo! Messenger
> http://im.yahoo.com
>
>
>
============================================================================
> ====
> To unsubscribe from this mailing list, please
> see the instructions at
>
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
> ====
>
__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
