Sorry, Martin, I can not give you an answer but I have a question about
your draft picture. Between your two Cisco routers is your firewall
bastion, the question is on your firewall bastion are there two network
cards or just one network card. I mean if you use two network cards then
one connects to Cisco 2504 and the other one connects to Cisco 1003 in
this situation there is no direct connection between Cisco 2504 and Cisco
1003 and all the traffic passes firewall bastion. If your firewall
bastion just has one network card connects then Cisco 2504 and Cisco 1003
has direct connection. I read the book "Firewalls and Internet Security"
and the pictures on the book look like two routers (one is firewall) has
direct connection.
Can anyone clear my mind? Thanks
---------------------- Reply Separator ---------------------
We are about to get connected and the IS guys are nervous about their
data so they insist on a firewall. My budget is almost nil so we'll
probably go with TIS's fwtk running over FreeBSD 2.0. If I understood
what I gathered here and in Cheswick & Bellovin, our setup would look
like this:
+-------------+ +---------+ |
| Inside nets,|---| Cisco |----| +----------+
| servers... | | 2504 | |---| Cisco |----- Internet
+-------------+ | Eth-Eth | | | 1003 |
+---------+ | | Eth-ISDN |
| +----------+
+---------+ |
|Firewall/|----|
|Bastion | |
|(fwtk) | |
+---------+
With static routes between the 1003<->firewall and 2504<->firewall.
Anything heretic/dumb/screwed/laughable... about this ?
__________________________.
Martin Durand | I know I should be working on my .sig file,
nit @
llc .
org | but who reads these things...
Follow-Ups:
|
|
