October 13, 2008 03:21pm pdt

1. ericpete 16,050
2. kenfcamp 14,689
3. a0k0a7 13,748
4. Chris-Dent 13,550
5. julianmatz 12,700
6. RSLE 9,400
7. tigermatt 8,800
8. meverest 7,585
9. PsychoFelix 6,500
10. giltjr 6,200
11. LegendZM 5,750
12. humeniuk 5,500
12. mwecom... 5,500
14. Abs_jaipur 5,350
15. omarfarid 5,250
16. _etoptas 5,000
17. uetian1707 4,900
18. SteveDallas 4,600
19. cyberweb... 4,564
20. hbustan 4,500
21. btpringle 4,000
21. jojuez 4,000
21. davystocks 4,000
24. Labsy 3,914
25. Sembee 3,800

1. humeniuk 548,533
2. periwinkle 205,855
3. kenfcamp 117,454
4. coreybrya... 109,735
5. kohashi 85,427
6. julianmatz 49,968
7. hendridm 48,861
8. Chris-Dent 42,200
9. a0k0a7 39,038
10. GameOver 34,296
11. Computron 31,549
12. gg234 28,178
13. leew 25,982
14. rvthost 23,300
15. cheekycj 21,198
16. ericpete 20,908
17. cyberweb... 18,034
18. TechSoEasy 17,760
19. Abs_jaipur 16,850
20. beatboxra... 16,298
21. Sembee 15,975
22. giltjr 15,400
23. Tacobell777 15,021
24. m1tk4 13,994
25. grblades 13,808

06.24.2008 at 01:22PM PDT, ID: 23512504

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

6.6

Help Setting up BGP with two ISP providers and 1 Checkpoint Firewall VPN-1 UTM running SPLAT

Asked by rdelrosario in ISPs & Web Hosting, Checkpoint Firewall, Network Management

Tags: BGP ISP Redundancy Routing Firewalls

We have a Checkpoint NGX R65 VPN-1 UTM Firewall running SPLAT. It has 3 interfaces. 1 public interface (to our T1 Router), 1 DMZ interface, 1 Internal Lan Interface.

We are wanting to have another ISP for Internet Redundancy and wanted to implement BGP. However, I've read conflicting information regarding the physical & Logical implementation. Here is my understanding of how we can implement BGP with our current configuration. WE DO NOT have the option of running another firewall.

First some questions to get out of the way:

1. We don't need to do anything with the Firewall correct? BGP is done at the router level and then it just hands the packets to the firewall? So need to change anything on the Checkpoint Firewall?

2. BGP does not load balance, but I can pre-determine what provider to use as the primary correct?

3. Packets never flow from both routers at the same time in a BGP setup right? Its either going to be one ISP's router talking at a time, not both?

Regarding the physical implementation:
Assuming I pick up another provider say XO communication for our 2nd provider and they supply us with a BGP capable router.... Can I then just unplug the cat5 connection from our primary router (verizon) from the Public interface on the firewall... introduce a shared hub... then plug in both Verizon and XO routers into the shared hub, then plug the public interface of the firewall to the shared hub so that all 3 devices can see each other... then let BGP do its thing.

Regarding the logical routing:
I assume that I can have 1 provider be the primary ISP and be used all the time unless it is unavailable. In this situation, I'd like the XO provider to take inbound traffic to the IP's that were originally assigned by our verizon provider. We'd also like to have all outbound traffic always use XO as it is likely going to be a fatter pipe.

I'm to understand that in a nut shell:
1. apply for an ASN.
2. setup BGP with each router.
3. hookup each router to the firewall

Please advise to the above and any things worth noting that maybe an issue from my limited description. Start Free Trial

Keywords: Help Setting up BGP with two ISP provi…

	Title
1	OWA configuration on checkpoint/Exc…
2	Checkpoint NAT and WAN configuration
3	Help deciding on VPN solution for multi…
4	checkpoint subnets
5	DMZ and Checkpoint
6	Checkpoint

Loading Advertisement...

20080716-EE-VQP-32 / EE_QW_2_20070628

Help Setting up BGP with two ISP providers and 1 Checkpoint Firewall VPN-1 UTM running SPLAT

Asked by rdelrosario in ISPs & Web Hosting, Checkpoint Firewall, Network Management

Tags: BGP ISP Redundancy Routing Firewalls

About this solution