I have a question for pix Firewall gurus in this forum.
I do not have a pair of UR Pix firewall to test this
so I have to ask.
inside network: 192.168.1.0/24
outside network 188.8.131.52/24
default gateway for inside network: 192.168.1.1
default gatway for outside network 184.108.40.206
Right now I have a pair of Checkpoint SPLAT firewall
running in Active/Active mode via Checkpoint ClusterXL.
network 192.168.1.0/24, when going out to the internet,
is NAT'ed to the checkpoint Cluster External IP address
which is 220.127.116.11 (.2 and .3 is the physical ip
address of the checkpoint SPLAT firewall).
If I initiate an FTP or http connection from let say host
192.168.1.10 to external site such as 18.104.22.168 or
www.oracle.com and download a 1GB file, I can see the
the checkpoint firewall does "load-sharing" on both
firewalls, which is expected. Firewall_1 takes 50%
of the traffics and firewall_2 takes the other 50% of the
traffics from the same host 192.168.1.10
Now, customer would like to migrate from checkpoint to
Pix/ASA and maintain the same load-sharing with Pix/ASA.
is this possible?