SISTEM KEAMANAN JARINGAN (FIREWALL) SYSTEM SECURITY NETWORK (Firewall)
Firewall
description
Transcript of Firewall
![Page 1: Firewall](https://reader036.fdocuments.us/reader036/viewer/2022082517/56813c0e550346895da580c1/html5/thumbnails/1.jpg)
Firewall
ISP BNetwork_B_Public
ISP A Network_A_Public
Users Pc’s
R1 Active router R2 Standby router
Server Farm
Fa0/0 Fa0/0
Fa0/1 not used currently
Same Subnet
Default gateway firewall
inside interface
Firewall Default gateway is HSRP address of R1 and R2
Sw 1 Sw 2
![Page 2: Firewall](https://reader036.fdocuments.us/reader036/viewer/2022082517/56813c0e550346895da580c1/html5/thumbnails/2.jpg)
Connectivity Description
• R 1 and R2 are internet routers with Network_A and Network_B routed respectively by ISP
• NAT done on both routers
• Public addresses undergo NATing once again in firewall and then packets reach the server farm.
• When packets are returning back , their source address is changed in firewall and then those are directed to default gateway. That is R1 and R2 HSRP address of Fa0/0.
• Packets those arrived from router 2 must leave from router 2 serial link. So that those will undergo proper NAT. ( in this case a source address ISP B ).
• In order to do this a policy based routing is applied on the fa0/0 of R1. This policy routes the packets to fa0/0 of R2 those were arrived from ISP B
• In this case can we bundle fa0/0 and fa 0/1 of each router so that redundancy will be achieved.
• Can HSRP be formed on such bundled interface , in case R1 fails to work