[Shorewall-newbies] RE: Two Firewalls????
teastep at shorewall.net
Thu Mar 11 10:16:17 PST 2004
On Thursday 11 March 2004 09:41 am, Kirti S. Bajwa wrote:
> Thank you again for your help. If all the questions are answered, please
> let me know if our design for the Shorewall firewall is workable or not?
I believe that if you configure the firewalls as bridges, then the design is
Ok. If they are routers, then I believe that you *do* need a failover
strategy. Such a strategy would certainly be required is you were to use
Proxy ARP for example since you don't want both firewalls answering ARP
who-has requests from your Cisco router.
Right now the Shorewall bridge code is experimental. I expect Shorewall 2.0.0
to be released this weekend after which time, I will release 2.0.1 Beta 1
containing the bridge code.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies