> >Ok, I think our procedure would be: > >create interface alias with new IP at the inner IF of FW > >What exactly do you mean interface alias? virtual (aka logical) >IP? SunScreen can handle those (you do not need to modify your >policy, the same policy is applied to all logical interfaces as >is applied to the physical interface).
Yes, that's it, a new IP for the same NIC, the inner interface. >If you're referring to virtual interfaces, then you do not need to >tell the firewall about them at all, due to the way that Solaris >networking works. I see, I'll test it. Thank you. >If you do not explicitly use your firewall's IP addrs in your policy, >and instead use "localhost", then you do not need to modify your policy >at all. Simply reactivating the policy after the IP addr is changed >will update the definition of "localhost" used in the active policy. -- Inaki Agirre Computers Engineer Sistems and Network Services Computers Department Public University of Navarre Arrosadia Campus tfno: 948168413 fax: 948169022 email: [EMAIL PROTECTED] _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
