Re: [FW-1] telnet problem between cluster members

Subject:	Re: [FW-1] telnet problem between cluster members
From:	Jean-Francois Gobin <gobin AT GOBINJF DOT BE>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 25 Jul 2003 10:37:10 +0200

Hello Wen,

So, you've defined a gateway cluster with two members (fw1 & fw2). You
also defined the topology of the cluster (remember NOT to declare there
the net you want for sync).

If you don't have a product like cluster XL or VRRP (it may run under
linux), it's not possible to expose a "virtual" IP. So I wonder how you do
it.

Anyway, in "tracker", which fw reports the spoofing ? Which source IP
? Which destination IP ?

JF

On Fri, 25 Jul 2003, Wen Guangcheng wrote:

> Hi reinhard,
> Thanks a lot.
> > does it work if you cpstop both firewalls?
>
> Yes. I am sure.
>
> do you use nokia clustering oder
> > VRRP?
>
> No.
> I have tried it on Solaris8 and also Linux.
>
> > do you see any drop in your fw1 logs?
>
> Yes. The message_info is cluster member IP is being spoofed.
> BTW, ping between the cluster members is OK.
>
> Regards,
>
> --Wen
>
> > At 15:34 25.07.2003 +0900, you wrote:
> > >Hello Gurus,
> > >I have set up two cluster members(NG FP3(HF2)) and a
> > >SmartCenter server without checking Cluster XL in the
> > >tab of Gateway Cluster Properties. telnet between the
> > >two cluster members is OK. But after #cpstop on one of
> > >cluster member, telnet between the cluster members does
> > >not work, while it is OK between a cluster member and
> > >other host. It seems this does not happen in FP2/FP1.
> > >Why does it happen? and howto make telnet still work
> > >between the cluster members even after #cpstop on one
> > >of cluster member? Thanks in advance.
> > >
> > >Best regards,
> > >
> > >--Wen
> > >
> > >=================================================
> > >To set vacation, Out-Of-Office, or away messages,
> > >send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > >in the BODY of the email add:
> > >set fw-1-mailinglist nomail
> > >=================================================
> > >To unsubscribe from this mailing list,
> > >please see the instructions at
> > >http://www.checkpoint.com/services/mailing.html
> > >=================================================
> > >If you have any questions on how to change your
> > >subscription options, email
> > >fw-1-owner AT ts.checkpoint DOT com
> > >=================================================
> >
> > --
> > Reinhard Stich,   ASSIST    R.Stich AT internet-security DOT at
> > Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33
> > Tel: +43 1 370 94 40  RS784-RIPE Fax: +43 1 370 94 40-10
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

--
Jean-Francois Gobin - Administrateur gobinjf.be
http://www.gobinjf.be   mailto:gobin AT gobinjf DOT be

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] telnet problem between cluster members, Wen Guangcheng Re: [FW-1] telnet problem between cluster members, Reinhard Stich Re: [FW-1] telnet problem between cluster members, Wen Guangcheng Re: [FW-1] telnet problem between cluster members, Jean-Francois Gobin <=

Previous by Date:	Re: [FW-1] telnet problem between cluster members, Wen Guangcheng
Next by Date:	Re: [FW-1] Radius/NT Groups, Pedro Boavida
Previous by Thread:	Re: [FW-1] telnet problem between cluster members, Wen Guangcheng
Next by Thread:	[FW-1] How to disable split-dns inside encryption dom?, Reinhard . Posmyk
Indexes:	[Date] [Thread] [Top] [All Lists]