Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Checkpoint IP Appliances

Posted on 2010-08-27
5
Medium Priority
?
498 Views
Last Modified: 2013-11-16
Hi,

Is it possible to configure clustering on different IP subents, either for load sharing or active/passive

I.e. one firewall located on site A another in Site B
0
Comment
Question by:skywalker101
  • 2
  • 2
4 Comments
 
LVL 18

Expert Comment

by:deimark
ID: 33542538
Not sure I understand your requirements here.

Can you elaborate a little?  Please give an example using a basic diagram with networks listed at each site.
0
 

Author Comment

by:skywalker101
ID: 33542889
Hi,

I have attached diagram 2 sites with replica hardware in each site, it a DR senario but I want to loadshare between each site. The Ip's are fake but it will be the same concept.  The idea is if one firewall fails the other site will take the load without have 2 firewalls in each site

Each site will be on a different subnet, so I don't think this is possibe as the default gateway of the router connecting the LAN, will be pointing to the firewall which will be on a differnet subnet, although I am not sure
basic-network.vsd
0
 
LVL 18

Accepted Solution

by:
deimark earned 2000 total points
ID: 33543618
Thats a lot clearer thanks.

In short, given this deployment, then no, you cannot cluster these devices.

Reasons include:

1.  Multiple WAN connections can be catered for using ISP redundancy, but this cannot be actioned over a cluster in different sites
2.  Each cluster interface needs to be in the same subnet to allow for the cluster IP creation.

If you had full layer 2 connectivity between each site and kept the same subnets on each side, you can then cluster across 2 sites, but the main requirement is layer2 connectivity,

HTH
0
 

Author Comment

by:skywalker101
ID: 33543863
Thanks

Layer 2 is still a Possibility.  Have not decided on Layer 2 or layer 3 connecting the sites
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question