At 09:14 PM 3/29/2002 -0500, you wrote: >Maybe it's just me here, but I'm not clear on the logic of why you would >want to pass any dynamic routing protocol through a PIX, or any firewall >for that matter. > >What Jason illustrates follows what I consider good security practice. >That concept can be carried out further, if redundancy is an issue, by >implementing multiple OSPF routers and employing HSRP interfaces facing >the PIX, which would be a failover bundle. > >Glenn
The idea was to provide a layer of protection between our older multi-site network and the new more secure network. I was hoping to not have to go put in static routes in all of the routers in the new network but it looks like I will. Thanks for the help. Burke McCrory _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
