Hi, I need help with a FW re-configuration operation. I would thank any advice.
Problem: We have a HA (two hosts) SunScreen EFS 3.0b FW which makes NAT and is the GW of our LAN. We want to put an HA Level 7 switches between FW and LAN to protect a internal servers zone, so we want to give GW IP to our (double) L7 switch, and force this one to route outbound traffic through our FW. Ok, I think our procedure would be: create interface alias with new IP at the inner IF of FW duplicate FW policies for IF alias, don't enable now network downtime... disable all policies at FW get down inner IF and alias create virtual server for GW IP at L7 switch, pointing to FW new IP get up inner IF with new IP enable new policies ...end of network downtime The question is: Do you think SunScreen would accept interface alias for this procedure? Admin Manual is laconic at add interface pages... There is a better approach to minimize network downtime? -- Inaki Agirre Computers Engineer Sistems and Network Services Computers Department Public University of Navarre Arrosadia Campus tfno: 948168413 fax: 948169022 email: [EMAIL PROTECTED] _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
