Hi all,
1, There is No Software without bug.
2, Try to find out what kind of features would you like to use and ask
the TAC for version that has the specified features in stable state.
3, ASA can route back traffic on the same interface. (But, my point of
view: a firewall should not be a router, they are different services
that are migrated because of the bloody marketing who create
multifunctional devices without the knowledge of networking! At the end
there will be the big f*uckin' BOX, that will do everything, like email
server, firewall, router, web server, application server, cache engine,
vpn terminator, load balancer, ... EVERYTHING!)
4, The config and the OS management is very fast and easy at ASA and
PIX.
5, The GUI is sick at ASA and the people also who expect GUI for a Cisco
product. I do not understand why GUI is so important?...
6, I was drunken and I am reeeeaally sick now :-)))
Just another option:
http://www.balabit.com/products/zorp/
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of
cisco4ng
Sent: 2006. november 23. 2:56
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Checkpoint vs. Cisco ASA
I am very aware of this command in version 7.2(x). Sadly, it was not
available for me
because some of the my customers are still on 7.1(2) or lower and
version 7.2(x), according
to Cisco, is still buggy.
my 2c
Robby Cauwerts <robby AT CAUWERTS DOT BE> wrote:
On 11/22/06, cisco4ng wrote:
>
> 2) Pix/ASA is NOT a router so there are things that you can do in
> Checkpoint that you can not do with Pix/ASA. For example, if you have
> two networks 192.168.1.0/24 and 192.168.2.0/24 and they are both
> behind the pix firewall. The problem is that hosts in network
> 192.168.1.0/24 can not communicate with hosts in network
> 192.168.2.0/24 due to hairpinning. In other words, traffics can not go
> in and out of the same interface due to security level on the pix/ASA.
Do you mean "*same-security-traffic permit intra-interface" *?
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807
34db7.shtml
*
*
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================
---------------------------------
Everyone is raving about the all-new Yahoo! Mail beta.
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
