The PIX will not propagate routing information. I've argued about this with
Cisco for ages, but they seem to think that having a "secure" platform that
doesn't propagate untrusted routes is better than having a firewall that
works. <sigh>
The best work-around I know if is to make the routers on either side of the
PIX BGP peers, and permit BGP through the PIX. There's also an _egregious_
hack using RIP, but please don't go there.
--
Carson Gaspar - [EMAIL PROTECTED]
Queen trapped in a butch body
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
