1. Home
  2. Networking Firewalls
  3. Checkpoint routing

Checkpoint routing

Hi,

A question to all guru's

we have the following setup

----Internet-------Firewall/Gateway-----192.168.125.0/24---------router--------192.168.126.0/24----- | LAN1 LAN2

| DMZ

The current setup works ok but a "route add 192.168.126.0 mask

255.255.255.0 192.168.125.41" command (interface on router) needs to be added to workstations in the 192.168.125.0 network to access the 192.168.126.0 network. What my question is, are we able to set our checkpoint firewall/gateway (default gateway for all workstations on 125.0 network) to route to the 126.0 network doing away with having to add a persistent route on 'all' workstations?

Any help on the matter would be greatly appreciated

Reply to
Ben Rogers
Loading thread data ...

You could use another topology. With this topology you have, it's required to have the route in every routing table, if this should be sensible. You could send every packet to the default gateway, though, then sending it to router 2 afterwards.

You could use routing protocols, too, which configure your boxes more automatically.

Yours, VB.

Reply to
Volker Birk

Thanks VB,

Yep I know it's a poor topolopy. We only have about 80 PC's in LAN1, so I might push out the route with sysinternals psexec. We are migrating over to the new LAN2 so LAN1 should only be in existence for a few more weeks.

Reply to
Ben Rogers

You can add a route to your firewall for 192.168.126.0/24 or just add one more interface with an IP address belonging to 192.168.126.0/24 on firewall.

The topology looks like ---------- 192.168.126.0/24 | Internet---firewall ---- 192.168.125.0/24 | DMZ

Reply to
Dophi

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.