Firewall Wizards mailing list archives
Problem with Virtual IP addresses for Web Servers
From: "Garrahan, Kelvin" <Kelvin.Garrahan () compaq com>
Date: Mon, 8 May 2000 15:23:31 +0100
Hi, I have recently set-up a Checkpoint Firewall-1 V4.0 SP5 in front of a Web Farm. When a client connects to the Virtual IP address of a Web Server it will be directed to a physical IP address of one of the Servers in the Farm. The problem that I am seeing is that the corresponding response is being dropped at the Firewall since the state table is maintained for the virtual IP address and not the real address. The funny thing is that the service actually works, how? well I think that this is something got to do with the load balancer that we are using (Cisco's Local Director). I would like to clean up my logs by not having responses from the web servers dropped and logged as such. An ideas would be appreciated. regards Kel. Kelvin Garrahan Security Consultant Compaq Network Services, Park House, N.C.R., Dublin 7. Tel: 353-1-8385433 Fax: 353-1-8384239 Email: Kelvin.garrahan () compaq com
Current thread:
- Problem with Virtual IP addresses for Web Servers Garrahan, Kelvin (May 12)