We define the topology to cover all Address space we in the OSPF areas. If something out of that scope is added we update topology it doesn't happen often.
On Mon, Mar 5, 2012 at 4:00 PM, O'Flynn, Derek <[email protected]> wrote: > When using OSPF how do you keep the anti-spoofing working properly? If > the routes are dynamically being learned internally, how does the > spoofing configuration of the interface get updated? Do you need to > update the topology on the gateway object frequently? Is it done > automatically? > > Derek O'Flynn > LSU Health Sciences Center > Enterprise Information Security > New Orleans Office - (504) 568-6130 > Baton Rouge Office - (225) 922-2387 > > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[email protected]] On Behalf Of David > DeSimone > Sent: Friday, February 17, 2012 11:01 AM > To: [email protected] > Subject: Re: [FW-1] OSPF On SPLAT > > MikeCC <[email protected]> wrote: > > > > What experience do people have running OSPF on Power 1 SPLAT based > > appliances? > > We use OSPF on SPLAT (UTM-1 500's) to route inter-office traffic over a > dedicated circuit, with fallback to Internet routing if the circuit > fails. We've found this configuration to work well for us, no hiccups > or stability problems that we've noticed... Though we also don't > monitor it too closely, either. But, since our configuration is > probably much simpler and different from yours, I'm not sure it's a good > data point to help you. > > Keep in mind that you need a SPLAT Pro license per gateway (meaning a > cluster of two gateways needs two licenses) in order to run routing > protocols like OSPF and RIP. > > Fortunately those licenses are not too expensive. Compared to the other > hardware/software costs, that is. > > -- > David DeSimone == Network Admin == [email protected] > "I don't like spinach, and I'm glad I don't, because if I > liked it I'd eat it, and I just hate it." -- Clarence Darrow > > > This email message is intended for the use of the person to whom it has > been sent, and may contain information that is confidential or legally > protected. If you are not the intended recipient or have received this > message in error, you are not authorized to copy, distribute, or > otherwise use this message or its attachments. Please notify the sender > immediately by return e-mail and permanently delete this message and any > attachments. Verio, Inc. makes no warranty that this email is error or > virus free. Thank you. > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > -- "The wild requires that we learn the terrain, nod to all the plants and animals and birds, ford the streams and cross the ridges and tell a good story when we get back home." Gary Snyder ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
