It'd probably be smart to just keep the openbsd firewall in place, even with a blank ruleset, behind the PIX.
A PIX can't handle any traffic once it has a serious ruleset.
-davidu
That is actually our plan down the road. We're going to have another firewall protecting our servers from our user base, and as a second line or protection in case of an intrusion. My boss knows you shouldn't have two of the same firewall protecting your network, so we'll definitely be using OpenBSD for that.
At 10:54 AM 12/9/2004, you wrote:
What was their reasoning from switching from OBSD --> Cisco? They weren't spending enough money? ;)
~M
Apparently. We had a consulting company come in that has a lot of sway with upper management and their big buzzword was Cisco (we're also forced to ditch our 3com switches for Cisco's...). So our steering committee is making us do the transition, even though this consulting company did an intrusion test on us and got nowhere ;)
James Cammarata [EMAIL PROTECTED] www.sngx.net home: 314-966-5976 work: 314-872-2426 cell: 314-409-0583 ______________________________________________________________ Out the Ethernet, through the router, down the fiber, off another router, down the T1, past the fire-wall ..nothing but Net