Swee-Chuan,
Your scenario indicates that the firewall would be the default gateway
for internal machines. I would add to your question what the advantages
would be of including an internal router ahead of your inside network.
We have a case where a department wants to connect the internal network
side of the their firewall directly to a etherswitch rather than an
internal router:
<ISP><External Router><firewall><etherswitch><internal network segments>
I am curious if anyone on the list sees a problem of not having an
internal router in your scenario or of going from the firewall directly
into an etherswitch.
Thanks, Roger
Swee-Chuan Khoo wrote:
>
> hi,
>
> is there a standard policy on fw-1 with standard network
> setup like the following.
>
> Internet <--> router <--> fw-1 <--> internal lan
>
> thanx
>
> ----------------------------------------------------------------
> Swee-Chuan Khoo sckhoo @
asiapac .
net
> System Administrator - Internet Evangelist
> http://www.asiapac.net/~sckhoo/ #include <std.disclaimner>
> ----------------------------------------------------------------
> Astronimical Soc M'sia http://www.asiapac.net/~sckhoo/asm.html
>
> "Simplify - There is no value in complexity, it's too difficult to
> manage."
Follow-Ups:
References:
|
|
