AW: AW: [Openswan Users] Openswan and Checkpoint AI (R54) withRainwallCluster Software

Westerhold, Axel Axel.Westerhold at
Mon Apr 19 13:59:05 CEST 2004


:-) ! I am honestly not sure this is covered by any RFC or IETF draft. So, I am not saying this has to be supported by Openswan. It seems it is not. I will have to find a different solution for this problem, maybe using a Cisco Pix or putting a Openswan box in one of the DMZs.

Thanks for your help,

Axel Westerhold
DTS Systeme GmbH
Datacenter - IT Security Team
Schrewestr. 4-8
Tel: (+49) 5221 101 1035
Fax: (+49) 5221 101 3001
Cell: (+49) 171 9754 756
PK: 1EF597FA

-----Ursprüngliche Nachricht-----
Von: Ken Bantoft [mailto:ken at] 
Gesendet: Montag, 19. April 2004 14:50
An: Westerhold, Axel
Cc: users at
Betreff: Re: AW: [Openswan Users] Openswan and Checkpoint AI (R54) withRainwallCluster Software

Hash: SHA1

On Mon, 19 Apr 2004, Westerhold, Axel wrote:

> Thanks for the quick answer.
> The problem looks like asymmetrical IPsec routing simply because this is
> not a failover solution but a loadbalancing solution. That's why I can
> define a VPN Gateway on Checkpoint and Cisco with more then one IP
> address. That way I can define gateway = VIP,node1,node2. I was
> wondering if this is possible using freeswan.

Not to my knowledge.  Can you give details, like RFCs, IETF drafts, or 
published documentation on this method of loadbalancing?

- -- 
Ken Bantoft			VP Business Development
ken at		Xelerance Corporation

The future is here. It's just not evenly distributed yet. 
        -- William Gibson

Version: GnuPG v1.2.1 (GNU/Linux)


More information about the Users mailing list