[Date Prev][Date Next][Thread Prev][Thread Next][Thread Index]

Re: [fw1-gurus] Dual WAN IP

Subject: Re: [fw1-gurus] Dual WAN IP
From: Rob Hughes <rob@xxxxxxxxxxxxx>
To: fw1-gurus@xxxxxxxxxxxxxxxxxx
Date: Tue, 28 Dec 2004 05:29:05 -0600

On Wed, 2004-12-22 at 15:58 -0800, Norman Zhang wrote:
> Hi,
> 
> I'm using AI R55 on W2K SP4a. I like to connect firewall to a dual WAN 
> router (e.g., Xincom XC-DPG502). But I heard this would not work with 
> CP, as new session will switched between 2 WAN interface. Thus, causing 
> CP to drop them as spoofing. Anyone has some positive experience with 
> dual WAN routers with CP?
> 

Some clarification, please. Will the firewall connect via a single
interface to the router? If so, there's no reason that wouldn't work, as
the firewall would just see src/dst IPs. If you're trying to do link
failover between the router and firewall, you should look at ISP
redundancy, though I have no idea if it would actually work in your
situation. But I do have customer's doing things like clustered
firewalls behind VRRP or HSRP failover routers using BGP peering to
multiple ISPs, and it works.

Rob

---------------------------------------------------------------------
FireWall-1 Gurus Mailing List (http://www.phoneboy.com/gurus)
To unsubscribe, mailto:fw1-gurus-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, mailto:fw1-gurus-help@xxxxxxxxxxxxxxxxxx

Follow-Ups:
- Re: [fw1-gurus] Dual WAN IP
  - From: Norman Zhang

References:
- [fw1-gurus] Dual WAN IP
  - From: Norman Zhang

Prev by Date: Re: [fw1-gurus] problem with web visualization tools.
Next by Date: [fw1-gurus] Connect to Management Server very slow
Previous by thread: [fw1-gurus] Re: Dual WAN IP
Next by thread: Re: [fw1-gurus] Dual WAN IP
Index(es):
- Date
- Thread