From owner-freebsd-questions@FreeBSD.ORG Tue Oct 7 18:23:12 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4FEC916A4DD for ; Tue, 7 Oct 2003 18:23:12 -0700 (PDT) Received: from smtp018.mail.yahoo.com (smtp018.mail.yahoo.com [216.136.174.115]) by mx1.FreeBSD.org (Postfix) with SMTP id 11D2843F85 for ; Tue, 7 Oct 2003 18:23:11 -0700 (PDT) (envelope-from ecrist@tech-con-inc.com) Received: from c-24-245-12-69.mn.client2.attbi.com (mnslinky@24.245.12.69 with plain) by smtp.mail.vip.sc5.yahoo.com with SMTP; 7 Oct 2003 21:35:29 -0000 From: Eric F Crist Organization: Tech-Con, Inc To: Luke Kearney , FreeBSD Questions Date: Tue, 7 Oct 2003 16:35:19 -0500 User-Agent: KMail/1.5.2 References: <20031007110654.B2D9.LUKEK@meibin.net> <001f01c38ccd$638ec0b0$450cf518@grog> <20031007211958.B2F5.LUKEK@meibin.net> In-Reply-To: <20031007211958.B2F5.LUKEK@meibin.net> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_YGzg/ZUQKu8PcDH"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200310071635.20143.ecrist@tech-con-inc.com> Subject: Re: IPF and Routing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: ecrist@adtechintegrated.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2003 01:23:12 -0000 X-List-Received-Date: Wed, 08 Oct 2003 01:23:12 -0000 --Boundary-02=_YGzg/ZUQKu8PcDH Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline On Tuesday 07 October 2003 07:21 am, Luke Kearney wrote: > Thanks for your response. It may well be that I end up doing exactly > that to fix this issue in the short term. But there are some internal > resources that I don't want to have live IP's so I am trying for the > workable NAT solution. > > Regards, > > LukeK > > > On Tue, 7 Oct 2003 07:20:15 -0500 > > "Minnesota Slinky" granted us these pearls of wisdom: > > Why bother doing nat? You *could* just setup a DHCP server on the > > gateway for the remaining IP address and when the other 14 machines came > > online, they could dynamically pull the IP addy. Just set some very > > strict rules on the incoming packets to the rest of the internal > > network. This is a similar thing to what I did when I had an 8-block > > from Qwest a couple years ago. > > > > HTH > > > > Eric F Crist > > AdTech Integrated Systems, Inc > > (952) 403-9000 Do you mind if I ask you to elaborate on the configuration of your network = and=20 which services you don't want accessed? =2D-=20 Eric F Crist AdTech Integrated Systems, Inc (952) 403-9000 --Boundary-02=_YGzg/ZUQKu8PcDH Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQA/gzGYWxy3JtXvWloRAuDAAKCXvVeXy83j67wunTkbQk8dHQIzKwCZAXiA 7xqsBeM547nsTYaNzBFFyRY= =3chH -----END PGP SIGNATURE----- --Boundary-02=_YGzg/ZUQKu8PcDH--