test

SunScreen EFS Release 3.0 Release Notes

SunScreen EFS 3.0 Reference Manual

The following supplements the SunScreen EFS 3.0 Reference Manual.

HA in Stealth Mode

Chapter 2 of the SunScreen EFS 3.0 Reference Manual states that HA is supported only in routing mode. SunScreen EFS 3.0 supports HA in routing mode and in stealth mode.

Note -

When you activate the configuration for HA in stealth mode, the console displays a list of error messages. You can disregard these messages; the Screen is functioning properly. For more information, see "Error Message When Activating HA Stealth Configuration (4252244)".

Mixed Interfaces

SunScreen EFS 3.0 supports both routing and stealth interfaces on a single Screen. You can model a Screen with a mixture of routing and stealth interfaces as though it were two completely separate Screens, one containing the stealth interfaces and the other containing routing interfaces. If you configure your Screen in this way, you must have at least two interfaces of each type.

The following sections show two supported configurations.

Separate Network

The separate network configuration consists of a Screen that has two stealth interfaces and two routing interfaces. Although both types of interfaces are on the same machine, packets cannot pass between the stealth and routing interfaces.

Figure 1-1 Separate Network Configuration

Graphic

This configuration is subject to the following restrictions:

Proxied Stealth

The proxied stealth configuration consists of a Screen that has two stealth interfaces, two routing interfaces, and a router that passes packets from a stealth interface to a routing interface. Use this type of configuration if you want to use proxy services with a stealth machine.

Figure 1-2 Proxied Stealth Configuration

Graphic

This configuration is subject to the following restrictions: