Firewall Wizards mailing list archives
Re: Say it ain't so
From: "Paul D. Robertson" <proberts () clark net>
Date: Thu, 18 Sep 1997 20:36:38 -0400 (EDT)
On Wed, 17 Sep 1997, Jim Leo wrote:
installation/Firewall) and was told that every device behind the firewall would have to 'be touched' for anything to work. It almost sounds like a complete rework of the network setup/standard. We were told that all IP addresses would have to be changed. Somehow I get the impression that this is the installers idea, and I'm not quite willing to by into it. I feel that it should be possible to 'plug-in' any properly configured firewall (with the exception of the proxies) and not have to reconfigure machines. Am I wrong?
Probably not. If you're using illegal IP addresses behind the firewall though, you __really__ should re-number your machines and do things properly, this is likely your best chance to do so. Also, if you're using CIDR-type subnet masks, and the firewall has an OS version which won't route classlessly, then if you don't have an inside screening router, you'll have to re-address to fit classful subnet boundries. Lastly, if the new security architecture has some different rules for different machines there may be some method to re-numbering. I'd advise going to an IP address management scheme like BOOTP, or DHCP if you're going to renumber. It makes things a great deal easier in the long run. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () clark net which may have no basis whatsoever in fact." PSB#9280
Current thread:
- Say it ain't so Jim Leo (Sep 18)
- Re: Say it ain't so Erik Van Riper (Sep 18)
- Re: Say it ain't so Neil Ratzlaff (Sep 18)
- Re: Say it ain't so Colin Campbell (Sep 18)
- Re: Say it ain't so Paul D. Robertson (Sep 18)
- Re: Say it ain't so Rick Murphy (Sep 19)
- Re: Say it ain't so Paul D. Robertson (Sep 19)
- Re: Say it ain't so Carl Friedberg, carl () comets com (Sep 19)
- <Possible follow-ups>
- Re: Say it ain't so jim (Sep 18)
- RE: Say it ain't so Giesinger, Nick HE0 (Sep 18)
- Re: Say it ain't so Sandeep_Talwar (Sep 18)
- RE: Say it ain't so Russ (Sep 19)
- Re: Say it Ain't So Jim Leo (Sep 19)