Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Gauntlet and Transparency questions

From: Inno Eroraha <inno () patriot net>
Date: Wed, 11 Nov 1998 09:18:15 -0500
Does anyone know if it is true that transparency in Gauntlet only works

when the firewall is on the same

subnet as the clients?  In other words if I have a trusted network which
is down the other end of an internal leased line, and hence on a different
subnet, that transparency will not work?


This is not a true statment! Gauntlet doesn't descriminate transaparency
based on users location relative to the firewall, unless configured
otherwise. Once transparency is enabled for any given subnet (by Default,
trusted networks have transparency), these networks should be able to
initiate connections transparently regardless of geographical or network
location. Therefore, assuming you have a leased line connecting a UK office
to a Nigerian office, with a Gauntlet firewall located in the Nigerian
office, so long as the UK network is trusted to the firewall, connections
should be transparent to them just like for clients located around the
firewall, unless the FW has been configured otherwise.

Ensure that:

* The subnet in question is in your trusted network table (using entries
like: 123.45.67.* or 123.45.67.0:255.255.255.0, or
123.45.67.64:255.255.255.224, etc.) 

* There isn't an alternate route from your internal "internal leased line"
to the outside of the firewall





-0-
Inno Eroraha
Network Security Consultant
http://patriot.net/~inno/
PGPkey: http://patriot.net/~inno/pgpkey
inno () patriot net
Previous By Date Next
Previous By Thread Next

Current thread: