Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] a little OT: Router/Firewall Issues

To: [email protected]
Subject: Re: [FW-1] a little OT: Router/Firewall Issues
From: saman kumara dissanayake <[email protected]>
Date: Tue, 27 Nov 2001 17:07:42 -0000
Organization: globe internet limited
References: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

i am using fw-1 on nt .it is working fine.but i want to configre it to as
follows

set of people only for email access
set of people only for internet access

i ty like this

i create user
i create groups
if i put rules and servises it is not working

clients are using tcp/ip .how i popup password if their are try to access
internet.

plese try to advise me

saman


----- Original Message -----
From: "Reed Mohn, Anders" <[email protected]>
To: <[email protected]>
Sent: Tuesday, November 27, 2001 9:02 AM
Subject: Re: [FW-1] a little OT: Router/Firewall Issues


> Well, as I said in my post, I'm not too familiar with the routing
> protocols, so I'm not usre about these things:
>
> 1. Can the firewall in question support these routing protocols?
>    (That depends on the OS, I guess)
> 2. If not, can the internal router see that the link is down,
>    even if it's "next hop" is up?
>    I mean, if you have
>      |rtr1| ---- |FW| --- |rtr2| --- |Internet|
>    will rtr1 be able to see that the link from rtr2 to
>    the Internet is down?
>
> Cheers,
> Anders :)
>
>
> -----Original Message-----
> From: Dan Hitchcock [mailto:[email protected]]
> Sent: 26. november 2001 17:56
> To: [email protected]
> Subject: Re: [FW-1] Router/Firewall Issues
>
>
>
> Aren't we just talking about running a routing protocol here, as Anders
> suggested?  Yes, you'll need to configure static routing (or use an
internal
> routing protocol) to ensure that all devices on each subnet (including the
> firewalls) know how to get to the other subnet.  In order to automate the
> failover, you'll need to use a routing protocol like EIGRP, BGP, or OSPF
on
> your external router to detect the "down" connection and instruct your
> internal routers, A-1 or B-1, to use the T1 as default rather than the
local
> firewall.  Your internal clients will therefore need to use the internal
> routers as their default gateway (A-1 at siteA, B-1 at siteB).  You may
have
> best success passing BGP through your firewall.
>
> HTH - please post with further questions.
>
> Dan Hitchcock
> CCNP, CCSE, MCSE
> Security Analyst
> Breakwater Security Associates, Inc.
> "Safe Harbor for E-Business"
> dhitchcock (at) breakwatersecurity (dot) com
> http://www.breakwatersecurity.com <http://www.breakwatersecurity.com>
>work
>
> The information contained in this email message may be privileged,
> confidential and protected from disclosure.  If you are not the intended
> recipient, any dissemination, distribution or copying is strictly
> prohibited.  If you think you have received this email message in error,
> please email the sender at [email protected]
>
> ===============================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ===============================================
>

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- Re: [FW-1] a little OT: Router/Firewall Issues
  - From: "Reed Mohn, Anders" <[email protected]>

Prev by Date: Re: [FW-1]
Next by Date: Re: [FW-1] SecureRemote/SecureClient on win9x w/ NT authenticatio n..
Previous by thread: Re: [FW-1] a little OT: Router/Firewall Issues
Next by thread: Re: [FW-1] a little OT: Router/Firewall Issues
Index(es):
- Date
- Thread