IPSO clustering with allow both firewalls to be active in for traffic VPN or
otherwise. From previous experience doing this I would consider unicast load
sharing because some routers and switch don't deal well with having the same
MAC address on different ports.
On 8/30/05, Loge VK <logevk AT gmail DOT com> wrote:
>
> will Nokia IP clustering provide load sharing in active-active mode for
> VPN
> setup?
>
> On 8/29/05, Reinhard Stich <r.stich AT internet-security DOT at> wrote:
> >
> > hi,
> >
> > if you say "VRRP AA" your mean vrrp actice-actice?
> >
> > if you want active-active you should use nokia IP clustering, not VRRP
> ...
> >
> > cheers
> > reinhard
> >
> > At 20:50 29.08.2005, you wrote:
> > >Hi,
> > >
> > >I was wondering whether anybody tried S2S VPN between a remote GW and
> > >local Cluster running VRRP AA (opsec) mode. Can we actually achieve
> > >load sharing via configuring a vpn with AA mode? Since in AA we define
> > >some hosts to use one member of AA as gateway and others for second
> > >member, how will the remote peer comes to know whether it has to fwd
> > >packets to first member or second as both members have the same
> > >internal network.
> > >
> > >Is this config possible? If yes, any pointers would be helpful. This
> > >AA config is actually two A/S combined.
> > >
> > >TIA
> > >
> > >-Loge
> > >
> > >=================================================
> > >To set vacation, Out-Of-Office, or away messages,
> > >send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > >in the BODY of the email add:
> > >set fw-1-mailinglist nomail
> > >=================================================
> > >To unsubscribe from this mailing list,
> > >please see the instructions at
> > >http://www.checkpoint.com/services/mailing.html
> > >=================================================
> > >If you have any questions on how to change your
> > >subscription options, email
> > >fw-1-owner AT ts.checkpoint DOT com
> > >=================================================
> >
> > --
> > Reinhard Stich ASSIST R.Stich AT internet-security DOT at
> > Internet Security AG, 1150 Wien, Johnstrasse 29
> > Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
