Hi Ray,
I have 2 public IP(external and internal)on the interfaces, these IPs are
only a example. The idea is to use both interfaces to comunicate whith
diferents sites. Because in this example FW "Y" cannot use the same
destination IP of the FW "X" to do a VPN with FW "A" (backup reason).
Follows a new diagram:
---------------------------------------------------------------------
FW "A"( 200.201.30.1 - external interface) =======VPN========== FW "X"
(200.179.42.65)
FW "A"( 200.201.29.1 - internal interface ) ======VPN ========= FW "Y"
(200.178.40.3)
----------------------------------------------------------------------
FW "Y" must use the different IP than 200.201.30.1!
It's possible?
Thanks,
John
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Ray
Sent: quarta-feira, 22 de novembro de 2006 18:44
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] VPN X IP
Sorry, I don't understand what you're trying to accomplish. You're showing a
private IP on the external interface and a public IP on the internal
interface.
You can set up more than one site-to-site VPN on a single firewall and use
the rules to keep the traffic separate and/or use a star configuration.
Ray
>From: sec <sec AT UNISYS.COM DOT BR>
>Reply-To: Mailing list for discussion of Firewall-1
><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>Subject: [FW-1] VPN X IP
>Date: Wed, 22 Nov 2006 16:43:15 -0200
>
>Hi,
>
>It's possible to configure 2 VPN's in the same firewall with 2
>diferents IP's? Example:
>
>-----------------------------------------------------------------------
>-----
>-----------------
>
>FW "A"( 192.168.10.10-external) =======VPN====== FW "X"
>
>FW "A"( 172.10.10.1-internal ) =========VPN ====== FW "Y"
>
>-----------------------------------------------------------------------
>-----
>-----------------
>
>FW "A" (NG FP3-same firewall)
>
>Thanks,
>
>John
>
>
>
>=================================================
>To set vacation, Out-Of-Office, or away messages, send an email to
>LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your subscription options,
>email fw-1-owner AT ts.checkpoint DOT com
>=================================================
_________________________________________________________________
Get the latest Windows Live Messenger 8.1 Beta version. Join now.
http://ideas.live.com
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
