Just because a cat has kittens in the oven, you don't call them biscuits. A firewall can route, but it is not a router. Both have specialized tasks. You can fix a car with a swiss army knife, but why would you want to? -- Bill Thompson bi...@mahagonny.com
On February 5, 2015 7:19:43 PM PST, Jeff McAdams <je...@iglou.com> wrote: > >On Thu, February 5, 2015 20:02, Joe Hamelin wrote: >>> On Feb 5, 2015, at 2:49 PM, Ralph J.Mayer <rma...@nerd-residenz.de> >>> wrote: >>> a router is a router and a firewall is a firewall. Especially a >Cisco ASA >>> is no router, period. >> >> Man-o-man did I find that out when we had to renumber our network >after >> we got bought by the French. > >> Oh, I'll just pop on a secondary address on this interface... What? > >> Needed to go through fits just to get a hairpin route in the thing. > >> The ASA series is good at what it does, just don't plan on it acting >like >> router IOS. > >Sorry, but I'm with Owen. > >Square : Rectangle :: Firewall : Router > >A firewall is a router, despite how much so many security folk try to >deny >it. And firewalls that seem to try to intentionally be crappy routers >(ie, ASAs) have no place in my network. > >If it can't be a decent router, then its going to suck as a firewall >too, >because a firewall has to be able to play nice with the rest of the >network, and if they can't do that, then I have no use for them. I'll >get >a firewall that does.