[nsp] NetFlow through a firewall?
Gert Doering
gert at greenie.muc.de
Thu May 8 10:14:32 EDT 2003
Hi,
On Wed, May 07, 2003 at 09:56:55PM -0400, Temkin, David wrote:
> A couple of people suggested that, but that's making it *worse* - not
> better... I'd rather open a single application specific UDP port through my
> firewall than open an entire tunnel that if someone compromises the router
> can gain full access inside...
You can do both, of course. Setup an IPSEC tunnel (that terminates on
the firewall) and filter the decapsulated packets.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de
More information about the cisco-nsp
mailing list