Firewall Wizards mailing list archives
Re: private frame relay outside of firewall
From: roger nebel <roger () homecom com>
Date: Sat, 27 Mar 1999 07:28:06 -0500
we see this configuration a lot. the telco has two or more virtual frame connections (Private Virtual Circuits or PVCs) on the serial side of one router. those PVC's can be to the Internet and/or to other "private" connections. note that all the PVC's share the same telco switching fabric so you should make a decision about whether or not you need any traffic protection for confidentiality and integrity (normally encryption aka a VPN). this one router configuration saves costs for the telco (and possibly you) since only one router has to be provisioned and managed. if you trust the users on the other side of the frame cloud then you might bring that connection in behind the firewall on a separate router. if you don't trust what or who is coming in from the frame you isolate yourself behind the firewall. Geoff Nordli wrote:
Am I missing something about a firewall configuration with private frame relay? The layout of the network has the Internet and private frame relay traffic from other branches going directly into the outside of the firewall. There is only one connection coming from the router. The telephone company designed the network with internet connectivty. I would think that there should be 2 connections coming in. 1 from the private frame relay network, which goes behind the firewall. The 2nd coming in from the Internet, which goes in front of the firewall. Do you agree with this configuration thanks Geoff Nordli
Current thread:
- private frame relay outside of firewall Geoff Nordli (Mar 26)
- Re: private frame relay outside of firewall roger nebel (Mar 28)
- RE: private frame relay outside of firewall Geoff Nordli (Mar 29)
- <Possible follow-ups>
- RE: private frame relay outside of firewall Copp, Carlton (Mar 29)
- Re: private frame relay outside of firewall roger nebel (Mar 28)