Chris Pressley wrote:
>
> Assume I setup a dual-homed firewall. My internal net connects to the
> internal interface on the firewall, and my external interface on the
> firewall connects to a T-1, then on to the ISP's router. The interface on
> my ISP's router is on the same network as my external interface. Two
> questions:
>
> 1. Do I need a router between my firewall external interface and my T-1 (I
> have to connect something to the CSU/DSU, right?).
If you can convert signal from your CSU/DSU to whatever interface at
your
firewall, then you don't need it coz the firewall machine can run
routed.
>
> 2. Should I have a router between my firewall external interface and my
> T-1, give that my ISP's router is on the same network, for security reasons?
I would recommend a router, beside routing it should do some simple
packet filtering before hitting the firewall.
>
> Thanks,
> Chris
--
--------------------------------------------------------------
Ping Onn Cheng The Network Connections
Network Consultant 41 Jalan USJ 10/1, Taipan Crest
Tel : 03-7337757 Subang Jaya, Selangor
http://www.asiapac.net/~ping Malaysia
--------------------------------------------------------------
References:
|
|
