>I am seeing a boat load of Broadcast traffic from my internal network to my
>Firewall. Does anyone have any idea how I can stop this? I have blocked it at
>the Firewall but it fills up the logs real fast.
Do you have an option to block but not log?
>My thought is to do something
>at my internal default router which currently routes all internet traffic
>through the Firewall. The other thought is to make sure no workstations are
>setup to broadcast file and print (bigger headache).
If you've got another router interface to burn, you can make the link
between the inside router and the firewall a dedicated subnet. This is
what I do. Keeps all the broadcast stuff from other subnets away
from the firewall, minus any misconfigured inside PCs who are trying
to broadcast for name resolution using addresses that head toward
the Internet. (If someone makes a typo on their address, it will send
to .255 of that subnet assuming a mask of 255.255.255.0. Presumably,
they managed to find the router via rdisc or some such.)
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
