Network Security Library
Javascript Feeds    RSS Feed    Security Dashboard    SearchSecurity.com
About | Contact | Advertise | Site Map
Print Printer Friendly     
intrusion detection E-mail      Save Save This

CheckPoint NG Rules to Allow VRRP


{LANG_NAVORIGIN} Firewall CheckPoint
Mitchell Rowton 02/21/2004





Step 1

Create objects for all of the physical and logical IP addresses on both firewalls.

Example

PriNSPint3 - 10.0.0.3 SecNSPint3 - 10.0.0.2 VirNSPint3 - 10.0.0.1 Do this for every interface

Step 2

Create a VRRP multicast object.

Example

mcast.net-224.0.0.18 - 224.0.0.18 Step 3

Create a simple group that contains all of the objects in Step 1.

Step 4

Create a rule with the source as the simple group in step 3 and the destination of the same simple group plus the object created in step 2. Permit the VRRP service between these.

Example

Source
FW_Interface_Group

Destination
FW_Interface_Group
mcast.net-224.0.0.18

Action
Accept

Service
VRRP
IGMP













E-Mail Link

Your IP address will be sent with this e-mail
From e-mail to e-mail



Stats
2866 Views
4.75/5 Rating
4 Votes
Papers
Newest
Highest Rated
Most Viewed
Reference

Services
Javascript Feeds
RSS (New Papers)
Security Dashboard

Our Stuff
About SecurityDocs
Advertise
Contact

Valid HTML 4.01!
Valid CSS!


Unless otherwise noted, all paper copyrights are owned by the author. The rest copyright 2003-2005 TechTarget

Privacy : Contact