> > Now the problem: I have only a cross-over cable from the router to > > the firewall, so I cannot connect the backup firewall. Using > > a switch is pointless: the switch may die too. Switches are relatively easy to set up in failover configuration ( most cisco gear supports it ) (well, the problem would the be, how to connect such setup to router with single ethernet jack ). As far as fail-over firewalls go, they're pretty easy to set up, apt-cache show vrrd (or maybe even better apt-cache show ucarp ) This little daemon makes it easy to set up two firewalls, the only problem would be that in case of failure all nat-ted connections get dropped and you have to reconnect. If you want to avoid that, go for OpenBSD and their firewall sync. ( btw, with ucarp you can create dual firewall with one machine running Debain and the other running OpenBSD ). I used to set up such thingies with debian as primary and freebsd running as backup ( which theoretically 'protects' you from critical failures in debian ).
-- Dariush Pietrzak, Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
