Firewall Wizards mailing list archives
Re: need advice on a NAT issue.
From: <hesselsp () ashaman dhs org>
Date: Fri, 26 Jan 2001 10:58:09 -0500 (EST)
Thankyou for your email. I beleive I do need state sharing, otherwise when one of the routers dies all the active sessions are lost. A simple router won't do NAT for those weird protocols, such as NetMeeting(which places the src ip inside the data portion of the packet). Unless I am wrong, and the routers do support those protocols. The only thing that checkpoint would get me is support for weird protocols. The only thing that stonebeat would get me is the state sharing... What do you think? --Paul On Fri, 26 Jan 2001 Jeffery.Gieser () minnesotamutual com wrote:
#I need to build a highly available, full function network. #I was thinking about buying FW-1 and (Stonebeat|Rainwall), but it seems to #be that this is a pretty expensive solution. #Considering I don't plan on doing ANY filtering, what do I get from #FW-1 and (Stonebeat|Rainwall)? Absolutely nothing. First of all, Firewall-1 is a pretty expensive solution to just use for NAT. Firewall-1 is supposed to be used for filtering so if you are not going to do any filtering don't waste your money on a firewall. #-high availability #-state sharing #-load balancing #-weird protocol support(ie netmeeting) Why don't you just use a couple of load-balanced routers. If all you need this for is NAT then routers are the best way to go. They can easily be made high availability. You don't need state sharing because all the do is route traffic. If it runs on IP (or SNA, IPX, ect.) it can be routed by a router. On the freeware side of things you can through together a couple of <insert your favorite opensource OS here **cough**BSD**cough**> boxes and let then do NAT. Once again since you don't need to filter, they can just route the traffic. Regards, Jeffery Gieser
-- --Paul _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- need advice on a NAT issue. hesselsp (Jan 25)
- Re: need advice on a NAT issue. Swift Griggs (Jan 26)
- Re: need advice on a NAT issue. hesselsp (Jan 26)
- Re: need advice on a NAT issue. Mike Johnson (Jan 26)
- Re: need advice on a NAT issue. hesselsp (Jan 26)
- <Possible follow-ups>
- Re: need advice on a NAT issue. Jeffery . Gieser (Jan 26)
- Re: need advice on a NAT issue. hesselsp (Jan 26)
- Re: need advice on a NAT issue. Swift Griggs (Jan 26)