to not allow a firewall to run routing protocols,
could someone give me advice on how to set up my
proposed redundant firewalls.
Please refer to my ugly ASCII network.
[BGP]---[BGP]
| |
--[PIX]---[PIX]--
| | | |
| [ A ]---[ A ] |
| | | |
--[CPT]---[CPT]--
| |
[ B ]---[ B ]
I plan to have two failover PIXs right behind two
BGP routers to the Internet. On the inside of the PIXs
I have one connection going to Network A and another
going to Network B. But right in front of Network B
(critical production network), I have a load balancing
set of Checkpoint firewalls. The Checkpoints are
connected to both Network A & B.
I want it done so that the Checkpoint will forward
data to A when destined there and send all other
packets to the PIX. However, if the Checkpoint's link
to the PIX goes down, I want it to be able to send
traffic through network A and through the PIX from
there. I want it to work the other way around for the
PIX going to network B.
My question is, how would I do that if the
firewalls don't run a routing protocol? Do the PIXs
allowing for floating statics?
Thanks for your help.
Michael
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]