>Hello World,
>
>Can you please help me clarify some points for me?
>
>1] If the primary FW-1 v3.0 (in Paris) fails the 2ndary FW-1 v3.0 (in
> London) will, of course, take over. I presume the London FW-1 won't
> take over the IP address of the Paris FW-1 (like what happens with
> the Qualix HA) so I guess the corporate routers will have to be
> re-configured with updated routing tables. How? With a whole lot of
> ICMP redirects?
CheckPoint's HA only works where two firewalls are acting "in parallel"
because they basically share the state tables between the firewalls. The
routing must support dynamic updating so that the "default route" can be
redirected as appropriate. Qualix HA+ does fail over the IPs, etc.
>2] Can a M$-Windows 95 client with PC-SKIP connect to a SKIP-enabled
FW-1
> (remotely or locally) with full SKIP compatibility ?
I would imagine so, provided it's set up correctly. The whole purpose
for using SKIP is for interoperability. I doubt FireWall-1 cares if SKIP
is coming from a FireWall or a Win95 SKIP client.
--
Dameon D. Welch "PhoneBoy" (dwelch @
phoneboy .
com, http://www.uplink.com)
_______________________________________________________
Get Private Web-Based Email Free http://www.hotmail.com
|
|
