Firewall Wizards mailing list archives
Re: need advice on a NAT issue.
From: Mike Johnson <mike.johnson () isunnetworks com>
Date: Fri, 26 Jan 2001 11:50:46 -0500
hesselsp () ashaman dhs org [hesselsp () ashaman dhs org] wrote:
I do have a limit to the number of ports I can filter. Zero. I can not be filtering ANYTHING, all I am using this for is NAT. According to the engineers at stonesoft, they do share state. I am at my wits end here. I can't beleive that their isn't a NAT product that will provide high availability.(or should I say fault tolerant, which is more like what I want.)
Assuming you're not stuck on Firewall 1... Netscreen claims that they failover NAT sessions between their boxes. They copy all session information between the two boxes, which includes NAT info. You could also probably coble something together with ipfilter, if you're looking to do it on the cheap. ipfilter has a method for saving and restoring NAT states (http://coombs.anu.edu.au/~avalon/ipfil-new.html). Mike -- Mike Johnson Network Engineer / iSun Networks, Inc. Morrisville, NC All opinions are mine, not those of my employer _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- need advice on a NAT issue. hesselsp (Jan 25)
- Re: need advice on a NAT issue. Swift Griggs (Jan 26)
- Re: need advice on a NAT issue. hesselsp (Jan 26)
- Re: need advice on a NAT issue. Mike Johnson (Jan 26)
- Re: need advice on a NAT issue. hesselsp (Jan 26)
- <Possible follow-ups>
- Re: need advice on a NAT issue. Jeffery . Gieser (Jan 26)
- Re: need advice on a NAT issue. hesselsp (Jan 26)
- Re: need advice on a NAT issue. Swift Griggs (Jan 26)