RE: [fw-wiz] fun problem - possibly not possible
- From: "Paul Melson" <pmelson@xxxxxxxxx>
- Date: Fri, 24 Mar 2006 13:40:04 -0500
-----Original Message-----
Subject: Re: [fw-wiz] fun problem - possibly not possible
If I follow the instruction/diagram correctly, the problem here is thatboth the sprayer and
the destination host are on the same network, on the same firewallinterface, all configured
with private IPs and public NAT addresses.
What protocol(s) are you using Network Dispatcher for? I'm not sure I
understand why 1) Network Dispatcher has to reference the other servers by
their public addresses and not their DMZ addresses and 2) why you've got the
firewall doing NAT for the servers you're trying to load balance with
Network Dispatcher.
The sprayer can't ping the hosts it's listening for by their public IPaddresses, get an
error concerning NATs. Add an alias for those IPs on that DMZ interface,get an arror about
routes...
If you were doing this with almost anything other than a PIX, this would
probably work the way you have it configured. But since a PIX won't route
or NAT across the same interface, it doesn't work. That said, I don't think
you need it configured that way in order for this to work.
PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] fun problem - possibly not possible
- From: Brian Loe
- Re: [fw-wiz] fun problem - possibly not possible
- References:
- Re: [fw-wiz] fun problem - possibly not possible
- From: Brian Loe
- Re: [fw-wiz] fun problem - possibly not possible
- Prev by Date: Re: [fw-wiz] fun problem - possibly not possible
- Next by Date: Re: [fw-wiz] fun problem - possibly not possible
- Previous by thread: Re: [fw-wiz] fun problem - possibly not possible
- Next by thread: Re: [fw-wiz] fun problem - possibly not possible
- Index(es):
Relevant Pages
|
