On Wed, 17 Jun 1998, Nicolette Mull wrote:
| They use a firewall called "BOX", and they want to integrate it with
| their AFS environment.
|
| Does anyone have any experience with using third party firewalls with
| their AFS? This is a great concern for them, and they are looking for
| help in doing this.
I can't really offer any help. We took a look at the AFS protocol wrt
proxy issues to see if it could be proxied through our firewall product
ANS Interlock.
Given the nature of the protocol I would expect it to be extremely
difficult to proxy AFS traffic through the firewall. If your firewall
does packet forwarding them you can probably 'punch a hole' but useful
things like callbacks won't work. Some would argue then the box isn't a
firewall anyways...the approach our developers took was to remove all
kernel-level packet-forwarding capabilities, which pretty much ruled out
a happy AFS-Interlock marriage.
-bws
--
Brian W. Spolarich - ANS Communications - [EMAIL PROTECTED] - 734-214-7311
"Not a whit, we defy augury." - Hamlet, V, ii
