[nsp] OSPF x firewall
Andy Furnell
andy at furnell.org.uk
Wed Dec 31 03:34:54 EST 2003
On Wed, Dec 31, 2003 at 08:38:11AM +0100, Ives Dekoninck wrote:
>
> Hi, Dimitri
>
> IF you need two routers to talk a dynamic routing protocol with a FW in
> the middle, I would suggest running BGP between the two.
>
> The advantage of BGP is that you don't need to be on the same subnet as
> long as it knows the route (static route) to the neighbour. The other
> advantage of running BGP is that on the firewall you only need to open
> TCP port 179 from the inside to the outside network.
>
> Hope this helps,
>
The firewall still has to know where to route the packets while it's
passing them between routers.
A
--
Andy Furnell
andy at furnell.org.uk
More information about the cisco-nsp
mailing list