[Shorewall-newbies] RE: Two Firewalls????

Tom Eastep teastep at shorewall.net
Thu Mar 11 10:16:17 PST 2004


On Thursday 11 March 2004 09:41 am, Kirti S. Bajwa wrote:

>
> Thank you again for your help. If all the questions are answered, please
> let me know if our design for the Shorewall firewall is workable or not?
>

I believe that if you configure the firewalls as bridges, then the design is 
Ok. If they are routers, then I believe that you *do* need a failover 
strategy. Such a strategy would certainly be required is you were to use 
Proxy ARP for example since you don't want both firewalls answering ARP 
who-has requests from your Cisco router.

Right now the Shorewall bridge code is experimental. I expect Shorewall 2.0.0 
to be released this weekend after which time, I will release 2.0.1 Beta 1 
containing the bridge code.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-newbies mailing list