Hi Ray,
I have 2 public IP(external and internal)on the interfaces,
these IPs are
only a example. The idea is to use both interfaces to
comunicate whith
diferents sites. Because in this example FW "Y"
cannot use the same
destination IP of the FW "X" to do a VPN with FW
"A" (backup reason).
Follows a new diagram:
------------------------------------------------------------
---------
FW "A"( 200.201.30.1 - external interface)
=======VPN========== FW "X"
(200.179.42.65)
FW "A"( 200.201.29.1 - internal interface )
======VPN ========= FW "Y"
(200.178.40.3)
------------------------------------------------------------
----------
FW "Y" must use the different IP than
200.201.30.1!
It's possible?
Thanks,
John
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AMADEUS.US.CHECKPOINT.COM]
On Behalf Of Ray
Sent: quarta-feira, 22 de novembro de 2006 18:44
To: FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] VPN X IP
Sorry, I don't understand what you're trying to accomplish.
You're showing a
private IP on the external interface and a public IP on the
internal
interface.
You can set up more than one site-to-site VPN on a single
firewall and use
the rules to keep the traffic separate and/or use a star
configuration.
Ray
>From: sec <secUNISYS.COM.BR>
>Reply-To: Mailing list for discussion of Firewall-1
><FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM>
>To: FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM
>Subject: [FW-1] VPN X IP
>Date: Wed, 22 Nov 2006 16:43:15 -0200
>
>Hi,
>
>It's possible to configure 2 VPN's in the same firewall
with 2
>diferents IP's? Example:
>
>--------------------------------------------------------
---------------
>-----
>-----------------
>
>FW "A"( 192.168.10.10-external)
=======VPN====== FW "X"
>
>FW "A"( 172.10.10.1-internal ) =========VPN
====== FW "Y"
>
>--------------------------------------------------------
---------------
>-----
>-----------------
>
>FW "A" (NG FP3-same firewall)
>
>Thanks,
>
>John
>
>
>
>=================================================
>To set vacation, Out-Of-Office, or away messages, send
an email to
>LISTSERVamadeus.us.checkpoint.com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http:
//www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
subscription options,
>email fw-1-ownerts.checkpoint.com
>=================================================
____________________________________________________________
_____
Get the latest Windows Live Messenger 8.1 Beta version. Join
now.
http://ideas.live.com
=================================================
To set vacation, Out-Of-Office, or away messages, send an
email to
LISTSERVamadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http:
//www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription
options, email
fw-1-ownerts.checkpoint.com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERVamadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http:
//www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-ownerts.checkpoint.com
=================================================
|