[Openswan Users] Openswan and Checkpoint AI (R54) with Rainwall
ken at xelerance.com
Mon Apr 19 14:04:04 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, 19 Apr 2004, Westerhold, Axel wrote:
> I am running into problems connecting Freeswan/Openswan VPN Gateways to
> various Checkpoint/Rainwall Cluster Systems.
> The problems occurs because I haven't been able to identify any item
> within the Openswan config to define multiple IP's for the 'right='
> gateway. This will kill proper communication with Checkpoitn workload
> balancing clusters because a node will answer with an IP different then
> the Virtual IP assigned to the cluster. Many other IPSEC implementations
> (Cisco, Checkpoint etc) allow me to define the cluster node IP in
> addition to the virtual IP. As said I way unable to find this within
> Anyone able to help ?
I've done CP interop for a few years, but not with clusters. Try defining
the virtual IP as rightsubnet=184.108.40.206/32. But I'm not sure what 'a node
will answer with an IP different then the Virtual IP assigned to the
cluster' means - it sounds like its asymmetrical IPsec routing.
Ken Bantoft VP Business Development
ken at xelerance.com Xelerance Corporation
The future is here. It's just not evenly distributed yet.
-- William Gibson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Users