Re: Netscreen 5GT - use Dual untrust or "Shortest path" to utilize backup link!!
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Netscreen 5GT - use Dual untrust or "Shortest path" to utilize backup link!!

From: Biggerbyfar <paul@biggerbyfar.com>
Date: Thu Jul 28 2005 - 17:00:31 CEST



Do you know if the failover is as brutal as a "switch over" effect?


I.e. if untrust1 goes down, untrust2 is used and nothing goes in or out


on untrust1 ?



Try this scenario -



Working in dual untrust mode, two routers setup, both are up (online).


If I try to connect to an internally hosted web server via untrust2 ip


address what happens? Does it not connect because untrust1 is up ?



I've heard of another setup using shortest path first to set two


gateways, one for each router and connect a switch between the two


routers and the firewall i.e. so not strictly 'dual untrusted' but


using two routers none the less.... Does this need trasparent  mode to


work like this?!!



confused....


Received on Thu Sep 29 19:59:44 2005