-
Chris:
I didn't "redo the config" per se.... I changed the default route on the clients through DHCP provided by my AD servers.... It all seems to be fine now... At least, I haven't had any complaints and the systems is passing mail etc. just like I envisioned it would when I added the darned route.... I've given up thinking aloud about this.... People think I'm nucking futs walking around saying "If the default gateway of the client is 192.168.3.1 and the default gateway of the router at 192.168.3.1 is 192.168.3.4 then......"... ;)
Road: No pix.... I'm a Watchguard kid... Used to be really expensive but now the price seems comparable..... Having never used a pix I can't comment on pro's and cons but the Watchguard is a pretty powerful firewall with lots of "sexy" features.... Try one... You'll like it.... The only thing I don't like is the manuals and the online help.... They frigging suck.... You either already understand _all_ the terminology _they_ use, up front, or you are lost..... It's trial and error time.... 'cos the help is like M$'s... Totally accurate but of no use to anyone.... I'm still finding cool features that some nice documentation would have turned me on to 5 years ago.... :rolleyes:
-
That is exactly why I like the Pix, it's a defacto standard and the syntax is well documented in countless forums, web sites and books. And if you are inlcined the cost of a SmartNet subscription gets you world class cisco geeks at any time of the day. HOWEVER, if you are using a VPN for remote access... the Watchguard is very cost effective. Especially hardware based. Cisco VPN licensing is way too expensive, at least last time I checked. And to get the same kind of interface you have to license Cisco Enterprise Manager, which is very nice. The newer Pix boxes might even be easier to use, mine are a few years old now.
