'[FW-1] route based vpn with vpn1 edge'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewall-1
Subject:    [FW-1] route based vpn with vpn1 edge
From:       pkc_mls <pkc_mls () YAHOO ! FR>
Date:       2006-12-29 9:47:33
Message-ID: 4594E435.9000502 () yahoo ! fr
[Download RAW message or body]

Hi,

I'd like to use a route based vpn between a vpn1 edge and a splat cluster.

The connections between the edge and the cluster are done via :
- an MPLS link using private addresses
- an internet link.

the goal is to route in clear via the MPLS when this one is active, and to
route via internet using a VPN tunnel.

So I use ospf on the MPLS to exchange the routes between the edge and 
the fw cluster,
and a default route via internet.

the routing works fine.

now I'd like to set up the VTI and use it.

I declared :
- 1 vti with ip 1.1.1.1 on my vpn1 edge
- 1 vti on each splat : 2.2.2.2 for the virtual interface, 2.2.2.21 for 
splat1, 2.2.2.22 for splat2.

the topology is set.
the vpn domain for the community is set to an empty group. (according to 
the docs).

How can I check for the routing table on the vpn1 edge ?

The gui only shows the static routes, but  as the  packet goes correctly 
through
one of my router, I guess the vpn1 edge learns the ospf routes correctly.

Has anyone ever done this before ?

thanks

	

	
		
___________________________________________________________________________ 
Yahoo! Mail réinvente le mail ! Découvrez le nouveau Yahoo! Mail et son interface révolutionnaire.
http://fr.mail.yahoo.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV@amadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic