[Date Prev][Date Next][Thread Prev][Thread Next][Thread Index]

Re: [fw1-gurus] Dual WAN IP

Subject: Re: [fw1-gurus] Dual WAN IP
From: Norman Zhang <norman.zhang@xxxxxxxxxxxxxxxxxxxx>
To: Phoneboy <fw1-gurus@xxxxxxxxxxxxxxxxxx>
Date: Wed, 29 Dec 2004 14:20:17 -0800

I'm using AI R55 on W2K SP4a. I like to connect firewall to a dual WANrouter (e.g., Xincom XC-DPG502). But I heard this would not work withCP, as new session will switched between 2 WAN interface. Thus, causingCP to drop them as spoofing. Anyone has some positive experience withdual WAN routers with CP?
Some clarification, please. Will the firewall connect via a single
interface to the router? If so, there's no reason that wouldn't work, as
the firewall would just see src/dst IPs. If you're trying to do link
failover between the router and firewall, you should look at ISP
redundancy, though I have no idea if it would actually work in your
situation. But I do have customer's doing things like clustered
firewalls behind VRRP or HSRP failover routers using BGP peering to
multiple ISPs, and it works.

Sorry I didn't clarify myself. CP will work with with the router on 1WAN connection. I don't think it will load-balance or fail-over betweenthe 2 WAN connections.

I've been discussing this here,http://www.dslreports.com/forum/remark,12092074~mode=flat~start=20.Please feel free to comment.


Regards,
Norman Zhang

---------------------------------------------------------------------
FireWall-1 Gurus Mailing List (http://www.phoneboy.com/gurus)
To unsubscribe, mailto:fw1-gurus-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, mailto:fw1-gurus-help@xxxxxxxxxxxxxxxxxx

References:
- [fw1-gurus] Dual WAN IP
  - From: Norman Zhang
- Re: [fw1-gurus] Dual WAN IP
  - From: Rob Hughes

Prev by Date: Re: [fw1-gurus] SIP Dropped
Next by Date: RE: [fw1-gurus] Connect to Management Server very slow
Previous by thread: Re: [fw1-gurus] Dual WAN IP
Next by thread: [fw1-gurus] Happy Holidays from phoneboy.com
Index(es):
- Date
- Thread