From: Justin Cook (Justin.Cook@computerland.co.nz)
Date: Wed Sep 04 2002 - 01:31:54 GMT-3
I have heard for a trainer that a good method is to set up neighbor commands
and allow OSPF TCP Port (Cant remember what port) through the firewall as
the neighbor command converts it from multi to uni.
This is assuming you have default gateway pointing out external interface
(May require statics if on a DMZ) and a route to the internal router
Please correct me anyone if this is incorrect as I have not had an
opportunity to test it yet
-- Justin Cook Systems Consultant MCSE +I, CCDP, CCNP(Security, Voice) Computerland Wellington-----Original Message----- From: Charles Huang [mailto:routing@icharles.no-ip.com] Sent: Wednesday, 4 September 2002 7:19 a.m. To: CCIE Subject: OT: Passing Routing information across Firewall
Hi All,
This may be a bit OT.
does anybody know how to pass routing formation across the firewall ? tunnel would be an option to pass routing updates ONLY. The "normal" IP traffic should still passes through the firewall. Assuming the firewall does not support any routing protocol. Here is a little diagram hope it might clarify the question.
10.1.1.0/24--R1--192.168.1.0/24--Firewall--192.168.2.0/24--R2--10.2.2.0/24
R2 needs to learn 10.1.1.0/24 from R1 R1 needs to learn 10.2.2.0/24 from R2 tunnel between R1 & R2 is an option. but only to pass route update/hello only. all IP traffic must route through the firewall.
Any help would be appreciated Thanks in advance Charles
This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:43 GMT-3