On Fri, Nov 23, 2012 at 12:05 PM, Mark Olliver <[email protected]> wrote:
> Hi All, > > We are considering implementing pfsense as our new standard firewall at > multiple sites around the world, externally we will be running BGP and > advertising ipv4 & ipv6 address to our partners however, we are trying to > establish the best option for internal addressing. > We have decided so far that we would look to use /32 addresses internally > using ospf to route and find where the gateways are, this is not a problem. > This issue comes at the firewall as ideally we need to send the packets > back out the same firewall they arrived via so that we keep state-full > tracking happy. So my question is what would be the best method of enabling > this with pfsense, if there a way to tag packets so that they know to leave > via the same route. > > You can use even the sloppy state on your rules to overcome the issue with keep state. > Thanks > > Mark > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list >
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
