> -----Original Message-----
> From: mouss [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, 25 October 2000 10:43 PM
> To: Ben Nagy
> Cc: '[EMAIL PROTECTED]'
> Subject: RE: Dual firewall question
>
>
> At 09:46 25/10/00 +0930, Ben Nagy wrote:
> >Not so hasty - I think he's got a solution there.
> >
> >If he's saying what I think he's saying then it can work:
> >
> >On the WWW box, have two NICs. NIC one is connected to FW1
> and ISP1, NIC2 to
> >FW2, ISP2. As long as each NIC has a _different_ default
> gateway it will
> >work fine. You just have a NAT mapping at each ISP for the
> internal address
> >of NIC1 and NIC2 respectively. Oh, and don't enable IP forwarding.
> >
> >This means that traffic from ISP1 comes in via NIC1. The
> response goes OUT
> >via NIC1 and therefore uses ISP1 as the gateway.
>
> I disagree here. why would responses go through the same NIC?
> the outgoing NIC
> is determined on the basis of the destination address, not of
> the source
> address.
*grin*
If you don't have ip forwarding enabled on the box, how is the response
going to get anywhere if it _doesn't_ use the same NIC?
Cheers,
--
Ben Nagy
Network Consultant, Volante Solutions
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
