From: Rodgers Moore (rodgers@xxxxxxxxxxxxxx)
Date: Tue Oct 09 2001 - 12:27:30 GMT-3
There's not enough information here to verify your design and I'd have to charg
e you to
do it.
Can it work this way? It depends on the model of PIX, number of users, and Inte
rnet
connection, but probably YES. Is it optimal? No. It would be better to put th
e cache
engine outside the firewall - adjacent to the router.
Rodgers Moore, CCIE# 8153
Martono wrote:
> Hi Group,
> I have a configuration for PIX Firewall and Cache Engine in the
> following diagram,
> but not sure whether it will work well or not. Can someone please help me to
> verify
> this kind of configuration and give me suggestion for the most optimal one ?
> ISP
> |
> |
> Router (WCCP)
> |
> | External Zone (Public IP)
> ----------Cache Engine)DMZ----------PIX Firewalll
> Public IP Address |
> | Internal Zone (Private IP A
ddress)
> Workstation
>
> For workstations in internal zone to access internet, I use PAT by
> translating
> internal IP Address to Public IP Address in PIX outside interface.
>
> Thank you
>
> Regards,
> Martono
-- Rodgers Moore, CCIE #8153, CCNP-Security, CCDP Design and Security Consultant
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 22:33:16 GMT-3