Hi,
I've tried it, but it doesn't seem work :-(
I've made a mistake in my explanation below though, the second node isn't
using the ip-address of the first as I said before, it's using the virtual
ip-address of the cluster. Don't know if this changes anything for the
solution proposed below?
Kind regards,
Michael
-----Original Message-----
From: René Caspar [mailto:caspar AT GENESISCOM DOT CH]
Sent: Thursday, 27 October 2005 10:31
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Cluster using wrong IP address
Hi Michael
try to set up two nat-rules which look like:
---------------------
src: [cluster-node 1]
dst: any
xlatesrc: original
xlatedst: original
---------------------
src: [cluster-node 2]
dst: any
xlatesrc: original
xlatedst: original
---------------------
cu
Rene
On Thu, 27 Oct 2005 08:24:51 +0200
"Hendriks, Michael"
<mhendriks.consultant AT UPCBROADBAND DOT COM> wrote:
> Hi,
>
> I have got a problem with my nokia vrrp cluster, both
>nodes are running ntp
> to sync their time with an internal ntp server.
> The active node is doing just fine, it send and receives
>the packets without
> a problem, but the second node is sending packets with a
>source address of
> the active node and therefore the reply packets will be
>send back to the
> active node which then drops the packets.
>
> Can anybody explain why this is happening and how I can
>fix it?
>
> Kind regards,
>
> Michael
>
>
> ********* DISCLAIMER *********
>
> This message and any attachment are confidential and may
>be privileged or
> otherwise protected from disclosure and may include
>proprietary
> information.If you are not the intended recipient,
>please telephone or email
> the sender and delete this message and any attachment
>from your system. If
> you are not the intended recipient you must not copy
>this message or
> attachment or disclose the contents to any other person
>
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
Mit freundlichen Grüssen / Best Regards
René Caspar
Security Engineer
GENESIS COMMUNICATION
René Caspar
Bernstrasse 34
CH-3072 Ostermundigen
Telefon: ++41 (0)31 560 35 35
Fax: ++41 (0)31 560 35 45
Mobile: ++41 (0)79 471 21 86
E-Mail: caspar AT GenesisCom DOT ch
Web: www.GenesisCom.ch
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
