Hi, On Wed, 2003-06-04 at 04:09, dballester wrote: > well, my unknowledge ) resides. I have been reading about "ip route" > command and I think that with Linux pure firewalling I could activate a > routing based on dest ip, > saying something like 'all packets from my LAN with destination address > different of another company LAN, launch it trougth ADSL router' and 'all > packets from my LAN with destination address equal to another of my company > LANs, launch it trougth FR router'. Set your default gateway to point to the adsl router and add a static route to your company's WAN using a command similar to the following: route add -net 192.168.70.0/24 gw 192.168.10.254 This will not survive a reboot, so put it in a startup file somewhere...like at the end of /etc/rc.d/rc.local (or at the proper place ,something like /etc/sysconfig/static-routes in rhl < 8.0 and /etc/sysconfig/network-scripts/route-eth0 for rhl 9...search google a bit...) > But i don't know if Checkpoint uses > linux firewalling tools, is own firewalling tools ( without iptables, > netfilter...) and if I apply the necessary changes to allow ip routing, > this will create conflicts with Checkpoint. Check Point does not use the linux firewalling tools...but adding a static route doesn't either. Just add the static route and modify the Check Point rules to activate your new network and all should be well. The only thing to watch out for is to set your company's wan interface as "External" in the firewall's properties or else Check Point will count every host on that network as needing a license... Marc.
