|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Multiple Firewalls with ipfilter?
From: randall ehren (randall
ucsb.edu)
Date: Wed Mar 26 2003 - 15:18:48 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> We're supposed to provide redundant firewall service. I'm wondering
> if anyone has ever tried to do this and if it's realistic. Basically
> 2 firewall machines hooked up so if one fails the other will
> transparently step in. I've googled it to death without much luck.
>
> The security issue here lies in that the 2 firewalls can't talk to
> each other. So if I'm keeping state on a connection then the second
> firewall has to know about that connection otherwise it will close if
> that firewall dies.
http://www.isber.ucsb.edu/~randall/firewall/redundant/
i have this setup in use at work, it's an automatic failover but does not
keep existing connections, so things like SSH sessions would be dropped.
-randall
--
:// randall s. ehren :// voice 805.893.5632
:// systems administrator :// isber|survey|avss.ucsb.edu
:// institute for social, behavioral, and economic research
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]