Checkpoint routing

Checkpoint routing
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Networking Firewalls    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Checkpoint routing Ben Rogers 05-17-2006
Posted by Ben Rogers on May 17, 2006, 11:28 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi,

A question to all guru's


we have the following setup



----Internet-------Firewall/Gateway-----192.168.125.0/24---------router--------192.168.126.0/24-----
| LAN1 LAN2

|
DMZ

The current setup works ok but a "route add 192.168.126.0 mask
255.255.255.0 192.168.125.41" command (interface on router) needs to be
added to workstations in the 192.168.125.0 network to access the
192.168.126.0 network. What my question is, are we able to set our
checkpoint firewall/gateway (default gateway for all workstations on
125.0 network) to route to the 126.0 network doing away with having to
add a persistent route on 'all' workstations?

Any help on the matter would be greatly appreciated


Posted by Volker Birk on May 18, 2006, 7:14 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> What my question is, are we able to set our
> checkpoint firewall/gateway (default gateway for all workstations on
> 125.0 network) to route to the 126.0 network doing away with having to
> add a persistent route on 'all' workstations?

You could use another topology. With this topology you have, it's
required to have the route in every routing table, if this should be
sensible. You could send every packet to the default gateway, though,
then sending it to router 2 afterwards.

You could use routing protocols, too, which configure your boxes
more automatically.

Yours,
VB.
--
At first there was the word. And the word was Content-type: text/plain

Posted by Dophi on May 18, 2006, 10:53 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
You can add a route to your firewall for 192.168.126.0/24 or just add
one more interface with an IP address belonging to 192.168.126.0/24 on
firewall.

The topology looks like
---------- 192.168.126.0/24
|
Internet---firewall ---- 192.168.125.0/24
|
DMZ


Similar ThreadsPosted
Routing for a Virtual Server in Checkpoint September 17, 2006, 12:48 am
routing March 1, 2005, 7:38 pm
VPN and routing between branches July 21, 2005, 10:59 am
Routing on Netscreen 5XP July 29, 2005, 11:57 am
Routing question.. October 25, 2005, 2:00 pm
Netscreen 25 DMZ Routing August 25, 2007, 1:38 pm
Simple (?) routing question November 23, 2004, 12:36 am
TCP Routing/IPTABLES question. February 23, 2005, 10:00 am
routing issue on SunScreen fw March 24, 2005, 12:47 am
netscreen 25 routing question May 11, 2005, 6:00 pm

The site map in XML format XML site map

Contact Us | Privacy Policy