FW1 will completely ignore IPX traffic ("ships in the night", if so desired), and thus the OS will route it. However, the suggestion Padhu offers below would allow you to pass IPX through the firewall without actually installing an IPX stack on your firewalling machine, which would be preferable if it is feasible in your environment.
Dan Hitchcock
CCNP, CCSE, MCSE
Security Operations Technical Lead
Breakwater Security Associates, Inc.
"Safe Harbor for E-Business"
dhitchcock (at) breakwatersecurity (dot) com
http://www.breakwatersecurity.com
206-770-0700 work
The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think you have received this email message in error, please email the sender at [EMAIL PROTECTED]
-----Original Message-----
From: Padhu [mailto:[EMAIL PROTECTED]]
Sent: Sunday, March 10, 2002 4:53 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] IPX with FW1
Nope. Unless there is a new version i haven't heard of.
You could try building a GRE tunnel and encapsulate IPX on that.
GRE uses IP - Protocol type 47. So try building a rule with SRC and
Destination of tunnel end points and allow IP type 47 in the rulebase.
Cheers,Padhu
