RE: [fw-wiz] OSPF on Firewall

From: Melson, Paul (PMelson_at_sequoianet.com)
Date: 12/17/03

  • Next message: Paul Robertson: "Re: [fw-wiz] OSPF on Firewall"
    To: "Shimon Silberschlag" <shimons@bll.co.il>, <firewall-wizards@honor.icsalabs.com>
    Date: Wed, 17 Dec 2003 16:30:32 -0500
    
    

    That depends on the firewall. If you implement a bridging firewall, then there should be no reason the routers need to know that anything has changed.

    If inserting the firewall changes the path, then the obvious solution is to have the firewall use OSPF also (assuming it's supported). I don't want to say "no other way," but it does make sense.

    PaulM

    -----Original Message-----
    Lets say that I have two routers (on an internal network) that talk OSPF
    between them.

    Now I have to insert a firewall in-between the two routers.

    I am led to believe (by the Communications people I work with) that there is
    no other option but to install OSPF on the firewall, which doesn't make me
    feel easy about the solution.

    Is it true that there is no other way around this problem?

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Paul Robertson: "Re: [fw-wiz] OSPF on Firewall"

    Relevant Pages

    • Re: [fw-wiz] Hacker pierces hardware firewalls with web page.
      ... I've seen several other posts where people make use of browser exploits to trick the browser into submitting a form to the router/firewall, and if the router has the default password, the attacker can then configure the firewall any way they want. ... With FTP the client connect to the server, then at the start of a file transfer the client tells the server what port to connect to on the client. ... virtually any service on their machine, even when it's behind certain routers that automatically block it to the outside world. ...
      (Firewall-Wizards)
    • RE: [fw-wiz] OSPF on Firewall
      ... Being a dynamic routing protocol, I'm assuming you want to pass OSPF ... Cisco routers, you can use the "neighbor" command within OSPF ... From the firewall perspective, you would need to allow OSPF traffic to ...
      (Firewall-Wizards)
    • Re: Misconceptions
      ... I admit Firewalls and Routers aren't the exact same thing (of ... Personal Firewall, I wonder if that program is any good? ... > handled by anti-virus programs, which should be on ... > A NIDS is just that. ...
      (comp.security.firewalls)
    • Re: Hardware, software or both?
      ... one more question please regarding routers. ... > 2) Software firewalls are easy for the non-technical computer user to ... > of the personal firewall applications. ...
      (comp.security.firewalls)
    • Re: [fw-wiz] Hacker pierces hardware firewalls with web page.
      ... the attacker can then configure the ... transfer the client tells the server what port to connect to on the client. ... A 'helpful' firewall will watch for this message and reconfigure itself to ... routers that automatically block it to the outside world. ...
      (Firewall-Wizards)