AW: AW: [Openswan Users] Openswan and Checkpoint AI (R54)
Axel.Westerhold at dts.de
Mon Apr 19 13:59:05 CEST 2004
:-) ! I am honestly not sure this is covered by any RFC or IETF draft. So, I am not saying this has to be supported by Openswan. It seems it is not. I will have to find a different solution for this problem, maybe using a Cisco Pix or putting a Openswan box in one of the DMZs.
Thanks for your help,
DTS Systeme GmbH
Datacenter - IT Security Team
Tel: (+49) 5221 101 1035
Fax: (+49) 5221 101 3001
Cell: (+49) 171 9754 756
Von: Ken Bantoft [mailto:ken at xelerance.com]
Gesendet: Montag, 19. April 2004 14:50
An: Westerhold, Axel
Cc: users at lists.openswan.org
Betreff: Re: AW: [Openswan Users] Openswan and Checkpoint AI (R54) withRainwallCluster Software
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, 19 Apr 2004, Westerhold, Axel wrote:
> Thanks for the quick answer.
> The problem looks like asymmetrical IPsec routing simply because this is
> not a failover solution but a loadbalancing solution. That's why I can
> define a VPN Gateway on Checkpoint and Cisco with more then one IP
> address. That way I can define gateway = VIP,node1,node2. I was
> wondering if this is possible using freeswan.
Not to my knowledge. Can you give details, like RFCs, IETF drafts, or
published documentation on this method of loadbalancing?
Ken Bantoft VP Business Development
ken at xelerance.com Xelerance Corporation
The future is here. It's just not evenly distributed yet.
-- William Gibson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Users