I'm using firewall cluster running NG AI R54 together with RainWall. I have
not encountered any problem dealing with SecuRemote/SecureClient. The way
I'm set up the VPN connections from my SecuRemote/SecureClient is to connect
to the virtual IP of the firewall cluster but not to the individual
firewall's IP in a cluster.
In your case, you should connect your SecuRemote/SecreClient to your
RainWall/RainConnect cluster's virtual IP rather to the individual firewall.
Hope, this can help you to understand.
Regards,
Alex
----- Original Message -----
From: "Richard" <expinet1 AT YAHOO DOT CA>
To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Sent: Wednesday, November 24, 2004 12:26 AM
Subject: [FW-1] Securemote / SecureClient with Rainwall / Rainconnect
Cluster
Hi,
we are testing RainConnect in a lab setup for ISP
redundancy and we are having problems configuring
Securemote/SecureClient (SR/SC) to connect to the
alternate IP when our first ISP is down.
Here's the setup :
2 ISP links
2 fw gateways forming a single cluster running
Rainwall/RainConnect
1 management station
2 IP address ranges (1 for each ISP)
We can connect to the VPN cluster with either ISP1's
address for the cluster or ISP2's address and download
the topology. But after that, SC/SR will always try to
connect to the ISP1's address of the cluster as it is
hardcoded in the userc.c file. Once ISP1 is down,
there's no way to establish a VPN.
Anyone have a similar setup working?
BTW, I am in contact with both Rainfinity and
Checkpoint on this matter but wanted to know if anyone
would have a special trick or some magic...
;-)
Thanks!
Richard
__________________________________________________________
Lèche-vitrine ou lèche-écran ?
magasinage.yahoo.ca
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
