Solved

Checkpoint IP Appliances

Posted on 2010-08-27
5
491 Views
Last Modified: 2013-11-16
Hi,

Is it possible to configure clustering on different IP subents, either for load sharing or active/passive

I.e. one firewall located on site A another in Site B
0
Comment
Question by:skywalker101
  • 2
  • 2
5 Comments
 
LVL 18

Expert Comment

by:deimark
ID: 33542538
Not sure I understand your requirements here.

Can you elaborate a little?  Please give an example using a basic diagram with networks listed at each site.
0
 

Author Comment

by:skywalker101
ID: 33542889
Hi,

I have attached diagram 2 sites with replica hardware in each site, it a DR senario but I want to loadshare between each site. The Ip's are fake but it will be the same concept.  The idea is if one firewall fails the other site will take the load without have 2 firewalls in each site

Each site will be on a different subnet, so I don't think this is possibe as the default gateway of the router connecting the LAN, will be pointing to the firewall which will be on a differnet subnet, although I am not sure
basic-network.vsd
0
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 33543618
Thats a lot clearer thanks.

In short, given this deployment, then no, you cannot cluster these devices.

Reasons include:

1.  Multiple WAN connections can be catered for using ISP redundancy, but this cannot be actioned over a cluster in different sites
2.  Each cluster interface needs to be in the same subnet to allow for the cluster IP creation.

If you had full layer 2 connectivity between each site and kept the same subnets on each side, you can then cluster across 2 sites, but the main requirement is layer2 connectivity,

HTH
0
 

Author Comment

by:skywalker101
ID: 33543863
Thanks

Layer 2 is still a Possibility.  Have not decided on Layer 2 or layer 3 connecting the sites
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question