Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Pix can manage two routers with ADSL

from [Michael Jones] Network Security [Permanent Link]
Subject: RE: Pix can manage two routers with ADSL
Date: Tue, 17 Aug 2004 23:25:55 -0700 
You are probably better off using an edge router for something like this.

Put the router above the firewall, make sure you harden it, then use 2
default gateways possibly with different cost values to allow a more chosen
route out. A low cost Cisco router with 3 ethernet interfaces would do the
trick.

---Mike

-----Original Message-----
From: JGrimshaw@ASAP.com [mailto:JGrimshaw@ASAP.com]
Sent: Tuesday, August 17, 2004 7:37 AM
To: francisco_gala@inicia.es
Cc: firewalls@securityfocus.com
Subject: Re: Pix can manage two routers with ADSL


I believe that the PIX does not allow for two default gateways.

I have heard of others implementing a similar solution by getting a second
pix, hooking it up to the same switch, and putting an additional default
gateway on the switch.

This can result in assymetrical routing (out one pix and back in the
other), but I haven't heard of any complaints as a result of it--no one
doing this was hosting anything on the Internet via either connection.  It
was just an outbound solution.  I suppose if you wanted to get fancy you
can route map that this VLAN goes out this gateway, or do a QoS where 50%
of the traffic goes out 50% of either gateway, and then vice versa, if you
did not trust the switch's (I am assuming layer 3 switch) round-robin
default gateway packet provisioning.

And one of my friends that has an elaborate setup at home did this with a
cable modem and a DSL connection to meet his speed needs!



"francisco_gala@inicia.es" <francisco_gala@inicia.es>
08/13/2004 03:07 AM
Please respond to
francisco_gala@inicia.es


To
firewalls@securityfocus.com
cc

Subject
Pix can manage two routers with ADSL






Hi everybody,

I have a firewall PIX 525 with five interface. Nowadays Pix allow traffic
from Internet by the outside interface. But I want to configure another
interface with conection to Internet with another ADSL router. So, Is it
possible to use another interface in ordet to connect to Internet?. And
how
can I configure my PIX if it is possible the solution?

Thank you,



--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PIX - VPN with IPSec, backup
Next by Date:  RE: PIX - VPN with IPSec, Arek Słomiński
Previous by Thread:  Re: Pix can manage two routers with ADSL, rfuji
Next by Thread:  RE: SMTP Relay, Dennis Dimka
Indexes:  [Date] [Thread] [Top] [All Lists]