By allowing any dynamic routing protocol through your firewall would make
your "new more secure" network anything but secure.
At 03:31 PM 4/1/2002 -0600, Burke McCrory wrote:
>At 09:14 PM 3/29/2002 -0500, you wrote:
>>Maybe it's just me here, but I'm not clear on the logic of why you would
>>want to pass any dynamic routing protocol through a PIX, or any firewall
>>for that matter.
>>
>>What Jason illustrates follows what I consider good security practice.
>>That concept can be carried out further, if redundancy is an issue, by
>>implementing multiple OSPF routers and employing HSRP interfaces facing
>>the PIX, which would be a failover bundle.
>>
>>Glenn
>
>
>The idea was to provide a layer of protection between our older multi-site
>network and the new more secure network. I was hoping to not have to go
>put in static routes in all of the routers in the new network but it looks
>like I will. Thanks for the help.
>
>Burke McCrory
>
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
