Will someone (Netscreen) verify that client VPN's capabilities only extend
to a single subnet through their firewall product.
Dave
At 07:48 AM 4/2/01 -0400, Jeff Dell wrote:
>Netscreen support for only 1 subnet? hmm.. I think you need to double check
>that or go upgrade your box. I have implemented it with multiple subnets and
>it works great. It also works very well in a hub and spoke enviornment which
>is very nice in an enterprise enviornment.
>
>Jeff
>
>-----Original Message-----
>From: Steve Kent [mailto:[EMAIL PROTECTED]]
>Sent: Saturday, March 31, 2001 7:00 PM
>To: [EMAIL PROTECTED]
>Subject: Re: Netscreen or Watchguard Firebox
>
>
>The netscreen boxes are nice - easy to configure and monitor. The have ssh
>v.1 and an ssl web interface. They are also very fast. One major drawback
>is that the vpn support is currently limited to a single subnet a real
>problem if you are dealing with a large network. My only experience with
>the Watchgaurd boxes was with a client who had two which kept failing and
>had some real routing limitations. We pulled them out, after attempting to
>speak to Watchgaurd support, and put in PIXes.
>
>--sjk
>
>On Sat, 31 Mar 2001, opie san wrote:
>
> > I have heard very good things about the Netscreen boxes. I normally only
> > work with Nokia/Checkpoint but a customer pointed me to the Netscreen site
>
> > for a look-see. From what I read there it sounds like a smokin cool setup
>
> > that's easy to install and admin. I don't know about the WatchGuard boxes
>
> > at all. HTH.
> >
> > opiesan
> >
> > >From: "Irony" <[EMAIL PROTECTED]>
> > >To: <[EMAIL PROTECTED]>
> > >Subject: Netscreen or Watchguard Firebox
> > >Date: Mon, 26 Mar 2001 09:28:10 -0500
> > >X-Loop: [EMAIL PROTECTED]
> > >
> > >Anyone had any experience with either Netscreen or Watchguard Firebox ?
> > >and does my design appear acceptable ?
> > >
> > > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >
> > >I am recently seeing a lot of attacks from Russia and Japan on my
> > >Gauntlet for NT v5.5. I am not at comfortable that I am getting the
> > >right degree of protection. I am think about doing the following
> > >
> > >Internet -->Router--->Firewall
> > >A----->HoneyPot----->Gauntlet----->IDS--->Internal Network
> > >
> > >Will this work and does it make sense
> > >
> > >I am looking for suggestions for Firewall A. I cannot afford
> > >CheckPoint,
> > >
> > >Thank You
> > >
> > >-
> > >[To unsubscribe, send mail to [EMAIL PROTECTED] with
> > >"unsubscribe firewalls" in the body of the message.]
> >
> > _________________________________________________________________
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
>_____________________________________
>Steven Kent
>Senior Consultant
>onShore, Inc. -- Network Engineering Group
>312.850.5200
>
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
