Cisco and ARP troubles

Warren Togami warren at togami.com
Thu Apr 12 01:43:25 PDT 2001


Yeah.  The PIX is probably technically superior to Netfilter, but I'm
pushing management to remove it due to a number of problems that we have had
with the unit.  Our (vastly intelligent) sys admin bought the PIX box
without approval from the department chair.  At the time we were exploring
the firewall choices available, then suddenly the guy surprises us one day
and says "Oh, by the way, I installed a firewall."

That would have been fine because it was a good deal at $3,900, except our
sys admin had no clue how to use it and the resulting fall out due to poor
planning and lack of understanding in the way it interacted with the network
costed us another $6,000 in hardware and software upgrades.  For some reason
he couldn't get Win95 clients to work behind the PIX, so his solution was to
upgrade every machine to 98.  Many of those machines needed expensive RAM
upgrades (EDO and Fast Page RAM is so damn expensive compared to PC100+).
The licenses for the 98 upgrades would be the cost of Windows Me upgrades,
because Microsoft no longer sells 98 licenses.  The RAM is already paid for,
but I want to avoid paying for Win98 on the many obsolete Win95 machines
which are not very useful even with the extra RAM.

It confuses me why they didn't ask Cisco for help in making their Win95
machines work... it has to be possible.

The department chair also sees the Linux firewall as an opportunity for the
school to take a stance in an Open Source commitment.   We're planning an
"Open Source in Education Initiative", building and using OSS solutions in
an educational setting, then pushing it to state education by holding an OSS
Educator's Conference inviting public and private schools administrators and
techs statewide.

So the reasons for Linux instead of PIX are both political and saving around
$5,000.  The PIX still isn't paid for so we're trying to see if we can
return it.  If not I'll attempt to sell it on Ebay.  Anyone want an almost
brand new PIX? =)

Warren Togami
warren at togami.com

----- Original Message -----
From: "Dusty" <dusty at sandust.com>
To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
Sent: Wednesday, April 11, 2001 10:11 PM
Subject: [luau] Re: Cisco and ARP troubles


> I am not sure what your problem is, but I am curious why you would replace
the PIX with a Linux box?  I am all for Linux, but PIX is one of the fastest
firewalls on the market.
>
> Dusty



More information about the LUAU mailing list