Solved

Checkpoint IP Appliances

Posted on 2010-08-27
5
495 Views
Last Modified: 2013-11-16
Hi,

Is it possible to configure clustering on different IP subents, either for load sharing or active/passive

I.e. one firewall located on site A another in Site B
0
Comment
Question by:skywalker101
  • 2
  • 2
5 Comments
 
LVL 18

Expert Comment

by:deimark
ID: 33542538
Not sure I understand your requirements here.

Can you elaborate a little?  Please give an example using a basic diagram with networks listed at each site.
0
 

Author Comment

by:skywalker101
ID: 33542889
Hi,

I have attached diagram 2 sites with replica hardware in each site, it a DR senario but I want to loadshare between each site. The Ip's are fake but it will be the same concept.  The idea is if one firewall fails the other site will take the load without have 2 firewalls in each site

Each site will be on a different subnet, so I don't think this is possibe as the default gateway of the router connecting the LAN, will be pointing to the firewall which will be on a differnet subnet, although I am not sure
basic-network.vsd
0
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 33543618
Thats a lot clearer thanks.

In short, given this deployment, then no, you cannot cluster these devices.

Reasons include:

1.  Multiple WAN connections can be catered for using ISP redundancy, but this cannot be actioned over a cluster in different sites
2.  Each cluster interface needs to be in the same subnet to allow for the cluster IP creation.

If you had full layer 2 connectivity between each site and kept the same subnets on each side, you can then cluster across 2 sites, but the main requirement is layer2 connectivity,

HTH
0
 

Author Comment

by:skywalker101
ID: 33543863
Thanks

Layer 2 is still a Possibility.  Have not decided on Layer 2 or layer 3 connecting the sites
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Opening Port 80 10 69
iptables and udp ports 23 135
How to keep SonicWall TZ105w and SonicPoint N2 on the same wireless sunbnets 3 81
PCAnywhere 2 149
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question