So when you tried transparent mode of the Cisco devices, what kind of
devices are they connected, lan switch or just routers?
I mean if you connected them to the lan swtich on which running STP, I
think the packets should not be sent to both of the CISCO devices.
-----Original Message-----
From: king loose [mailto:kingloose@gmail.com]
Sent: Wednesday, April 20, 2005 12:13 AM
To: vtlists@wyae.de; firewalls@securityfocus.com
Subject: Fwd: FW: Transparent firewall + HSRP
Volker
I have tired Transparent mode with VRRP and Nokia with CISCO
HSRP and was unsucessful in getting it to work, due to
packets traveling via both CISCO devices.I am now using
routing protocols to my vendors instead of HSRP.
Good luck.
-----Original Message-----
From: Volker Tanger [mailto:vtlists@wyae.de]
Sent: Friday, April 15, 2005 3:52 AM
To: firewalls@securityfocus.com
Subject: Re: Transparent firewall + HSRP
Good morning!
On Thu, 14 Apr 2005 14:08:16 +0200
Paolo Ottolino <paolo.ottolino@business-e.it> wrote:
does anyone know if the implementation of a mixed, transparent
(bridging) and packet, firewall on a router (like CISCO
with IOS) can
cause problems in a redundant architecture, by using, say,
the HSRP or
VRRP?
Sorry, you lost me somewhere. Where is which firewall
located? You have Ciscos with IOS - and classic packet
filters (routed). Where are the transparent systems located?
Generally speaking transparent firewalls are treated just
like cables with respect to the routing protocols - except
that failure detection might be a problem without active probing.
Bye
Volker
--
Volker Tanger http://www.wyae.de/volker.tanger/
--------------------------------------------------
vtlists@wyae.de PGP Fingerprint
378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB
--------------------------------------------------------------
----------
--
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world
attacks from CORE IMPACT. Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_04
0708
to learn more.
------------------------------------------------------------------------
--
The information in this e-mail, and any attachment therein, is
confidential and for use by the addressee only. If you are not the
intended recipient, please return the e-mail to the sender and delete it
from your computer. Although The Bank of New York attempts to sweep
e-mail and attachments for viruses, it does not guarantee that either
are virus-free and accepts no liability for any damage sustained as a
result of viruses.
------------------------------------------------------------------------
--
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
--
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
