Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Dual T1's on the same Firewall??

Status
Not open for further replies.
quikslvr311

quikslvr311

MIS
Oct 2, 2002
26
0
0
US
Does anyone know if it is possible to have 2 T1's come into the same FW-1 box? I wanted to separate internal and external traffic with 2 different T's..... My only worry was choosing a default route with securemote......

Anyone ever set anything up like this, or is it necessary to have 2 FW's to do this??

Any help would be appreciated...
 
Sort by date Sort by votes
It is totaly feasible to do this but comlicated. SecureRemote clients should not be an issue, you can control which link they use to come in by sepecifiying which public IP address to use. Outbound NATing could be fun though. You can only specify one default gateway and this will be used for all outbound traffic and hide NAT, but if you want to use the other T1 for inbound then you will have to configure Static NAT's using the public range for the Inbound connection e.g. Mail server, for outbound return traffic they will go out on the default gateway route and Checkpoint will translate the source address (i.e. mail server internal IP) to the Public IP of the INBOUND link, but this should not affect the routing as it will route on destination address.
 
Upvote 0 Downvote
Well let me start off by saying that we currently have a 4.1 FW. Could you elaborate more on how I would set something like this up???
 
Upvote 0 Downvote
Well first I would add the NIC in to the firewall and configure with a public addres on the second T1. Set up a static NAT (with IP address of the New T1)for any internal object and a rule to allow access and then test from the Internet. If that works your pretty much there, just start switching all your inbound access NAT's to the new addresses on the second T1. I assume you are using NATing
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
141
Sameer258
Sameer258
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
60
Russtoleum
Russtoleum
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
116
nnaarrnn
nnaarrnn
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
56
PauS0n
PauS0n
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
70
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top