Good Morning,
I am having an issue with my implementation that I am hoping someone
else has seen/worked around.
I have 3 sites, site 1 is a Nokia IP350 VRRP site with 2 appliances. My
management station is behind this site. My other 2 sites are single
IP350.
I have a static NAT address set up for the management station. The issue
is that If I have the private IP address of the management station on
the general tab of the management station object, only the site 1
servers send logs. If I use the public IP on the general tab, only the
remote servers report their logs to the management station.
I can do a TCPdump and see that the enforcement modules are trying to
send to the IP address that is assigned on the general tab. I have a
host file setup on each Nokia with the private IP of the management
station on site 1 modules and the public IP on the remote modules.
Is there a way to force the modules to use the host file for address
translation instead of the rulebase objects?
Thanks
Bill Harmon
NSI Software Network Administrator
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
