Firewall Wizards mailing list archives
Re: OSPF on Firewall
From: Luke Butcher <luke.butcher () alphawest com au>
Date: Thu, 18 Dec 2003 08:53:08 +1100
On Wed, 2003-12-17 at 19:01, Shimon Silberschlag wrote:
Lets say that I have two routers (on an internal network) that talk OSPF between them. Now I have to insert a firewall in-between the two routers.
I am led to believe (by the Communications people I work with) that there is no other option but to install OSPF on the firewall, which doesn't make me feel easy about the solution.
Is it true that there is no other way around this problem?
Firstly I would highly recommend AGAINST installing routing protocols on your firewalls. The Pros and Cons have been debated here many times. I don't see why you just can't pass the OSPF traffic through the firewall, using a GRE tunnel. Being able to setup a GRE tunnel is dependent on your routers however. Regards, Luke Butcher Network/Security Consultant www.alphawest.com.au -- Alphawest Disclaimer --------------------------------------------------------------------------- If this communication is not intended for you and you are not an authorised recipient of this email you are prohibited by law from dealing with or relying on the email or any file attachments. This prohibition includes reading, printing, copying, re-transmitting, disseminating, storing or in any other way dealing or acting in reliance on the information. If you have received this email in error, we request you contact Alphawest immediately by returning the email to postmaster () alphawest com au and destroy the original. This email is confidential and may contain privileged client information. Alphawest has taken reasonable steps to ensure the accuracy and integrity of all its communications, including electronic communications, but accepts no liability for materials transmitted. --------------------------------------------------------------------------- _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX inside interface not accessible using CVPN JC Marze (Dec 13)
- OSPF on Firewall Shimon Silberschlag (Dec 17)
- Re: OSPF on Firewall Paul Robertson (Dec 17)
- RE: OSPF on Firewall Ran Nahmias (Dec 17)
- Re: OSPF on Firewall Luke Butcher (Dec 17)
- Re: OSPF on Firewall Gary Flynn (Dec 17)
- RE: OSPF on Firewall Wes Noonan (Dec 17)
- OSPF on Firewall Shimon Silberschlag (Dec 17)