Will two ASG firewalls compete with each other if they are on the same subnet?
Sparing you the long story, our ASG220 is working fine but it's becoming overwhelmed by heavy FTP/SSH traffic. (Actually I believe it is the IDS that's bringing things to a crawl). Budget costs prevent me from 'upgrading' the 220 right now. A cheap solution would be to buy a 10 user ASG and divert our FTP/SSH traffic to that box, leaving the 220 to do the rest.
My concern is if the two units will compete, being on the same network. I had this problem years ago with a 3com firewall. On those units whenever DNAT rules were set up the WAN port stomped on anything else on the subnet (aside from the router). 3com hinted this was by design.
As long as the WAN interfaces of each ASG use different addresses and the NAT'd systems use the proper default gateway, this should work, correct?
Thanks
This thread was automatically locked due to age.
