Sebastien Guay wrote: > Maybe I understand it the wrong way (in that case it will be more a > Linux-HA question) but I will have two fully functionnal firewall. From > the ROUTER pov, a packet destined to SERVER can pass through FW1 as well > as FW2. But it should only through FW1 OR FW2 (whichever is active). Well, you have a VIP which is on either firewall (actually two VIPs, one for the inside interface, one for the outside). Packets to your inside network are routed to that VIP, rather than to a specific firewall. The router has no comprehension of fw1 or fw2 - Only that there is an IP it sends packets for your subnet to. David _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
