SISTEM KEAMANAN JARINGAN (FIREWALL) SYSTEM SECURITY NETWORK (Firewall)
Firewall
2
Firewall ISP B Network_B_Publ ic ISP A Network_A_Pub lic Users Pc’s R1 Active router R2 Standby router Server Farm Fa0/0 Fa0/0 Fa0/1 not used currently Same Subnet Default gateway firewall inside interface Firewall Default gateway is HSRP address of R1 and R2 Sw 1 Sw 2
description
ISP A Network_A_Public. ISP B Network_B_Public. Fa0/1 not used currently. R2 Standby router. R1 Active router. Fa0/0. Fa0/0. Same Subnet. Sw 1. Sw 2. Firewall Default gateway is HSRP address of R1 and R2. Firewall. Default gateway firewall inside interface. Users Pc’s. - PowerPoint PPT Presentation
Transcript of Firewall
Firewall
ISP BNetwork_B_Public
ISP A Network_A_Public
Users Pc’s
R1 Active router R2 Standby router
Server Farm
Fa0/0 Fa0/0
Fa0/1 not used currently
Same Subnet
Default gateway firewall
inside interface
Firewall Default gateway is HSRP address of R1 and R2
Sw 1 Sw 2
Connectivity Description
• R 1 and R2 are internet routers with Network_A and Network_B routed respectively by ISP
• NAT done on both routers
• Public addresses undergo NATing once again in firewall and then packets reach the server farm.
• When packets are returning back , their source address is changed in firewall and then those are directed to default gateway. That is R1 and R2 HSRP address of Fa0/0.
• Packets those arrived from router 2 must leave from router 2 serial link. So that those will undergo proper NAT. ( in this case a source address ISP B ).
• In order to do this a policy based routing is applied on the fa0/0 of R1. This policy routes the packets to fa0/0 of R2 those were arrived from ISP B
• In this case can we bundle fa0/0 and fa 0/1 of each router so that redundancy will be achieved.
• Can HSRP be formed on such bundled interface , in case R1 fails to work
