Hi,
o I'm using an OPSEC cluster solution (StoneBeat FullCluster) with
Check Point VPN-1 NG FP3 HF2 HFA310.
o I've defined cluster IP addresses in the topology section of the
cluster object and not in the topology section of the cluster
members.
o With this configuration, traffic originating from one node leave
the cluster with the cluster IP and not the dedicated IP !!! I can
see a line in the SmartView Tracker indicated me that my node was
translated by rule 0 !
o If I define cluster IP addresses in the cluster members (I deleted
the cluster IP addresses from the cluster topology), and now traffic
is leaving the cluster with the dedicated IP address of the node
which processed the connection.
o Can someone share his experience regarding this problem ?
Regards.
--
Jean-Pierre.FORCIOLI AT cyber-networks DOT fr Cyber Networks France
http://www.freebsd.org http://www.cyber-networks.fr
PGP Key fingerprint = 9AEA 910F CB46 C39B 89EE EF4C 68AC 2AF1 CF17 3713
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xCF173713
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
