On Wed, 12 Jun 2002, Dave Row wrote:
For security reasons, I don't like the idea of tunneling OSPF through the
firewall (via GRE or whatever), because there's no way for the firewall to
apply policy to the tunnel traffic (if the tunnel were maliciously used to
pass non-OSPF traffic, the
, 2002 4:09 PM
To: Dave Row
Cc: [EMAIL PROTECTED]
Subject: Re: OSPF *on* Check Point FW-1
Dave,
I've been monitoring/researching threads re: OSPF neighbors
separated by a firewall. I've worked and worked on this, and have given up
on the notion (BTW, it boils down to hellos [both multicast
Dave,
I've been monitoring/researching threads re: OSPF neighbors
separated by a firewall. I've worked and worked on this, and have given up
on the notion (BTW, it boils down to hellos [both multicast and unicast]
being sent with a TTL of 1, *not* simply opening the right ports/protocols).
Too
Dave,
W2K Server comes with an optional routing package that includes OSPF. For
NT you can install the Routing and RAS package which also includes OSPF:
http://www.microsoft.com/ntserver/nts/downloads/winfeatures/rras/rrasdown.a
sp
I played around with the RR package in a lab some time ago