Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Han_Lung_Kuo
Explorer

Spark Device NAT for two wan link

 

Hi All,

  I have a checkpoint 1530 Cluster (HA Mode, Local Management, R80.20.30)

and have two wan link (ISP Redundancy: HA Mode).


  I create "Server" objects and set public ip for WAN1 IP, NAT function is work

001.jpg

but when I create another "Server" object for same server:port to NAT WAN2 IP, system show error:

"Another server has the same IP address and overlapping ports"


  I try add manual NAT for WAN2

005.jpg

, icmp and udp look like work, but tcp not.

firewall policy log show traffic accept.


  Does have method to setting NAT for two wan link?

 

0 Kudos
7 Replies
G_W_Albrecht
Legend Legend
Legend

How many servers do you have ? One server that can be reached over 2 ISPs is defined with an internal IP and gets two NAT rules, one for every ISP.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Han_Lung_Kuo
Explorer

  I have two servers:


WAN 1 IP-1 & WAN 2 IP-1 NAT to Server 1 internal IP
WAN 1 IP-2 & WAN 2 IP-2:8888 NAT to Server 2 internal IP:80
                                              :8889                                                :81

now I do WAN 1 NAT using "Server" objects, how can I do to config WAN 2 NAT?

 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Better contact CP TAC in chat - they can resolve this asap.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
G_W_Albrecht
Legend Legend
Legend

@_Val_ , can you put this into SMB corner ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin

I got ya

0 Kudos
the_rock
Legend
Legend

@G_W_Albrecht gave you good suggestion, contact TAC and have them resolve this for you. Im pretty sure based on the NAT rules you have they are correct, so not sure why its saying that another server has same IP, maybe confirm if thats the case. Can you take screenshot and upload of objects server1 and server2?

0 Kudos
Han_Lung_Kuo
Explorer

Update:

  I contact TAC and finally know this is a known limitation: sk179550

 

Thanks everyone.

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events