From owner-freebsd-questions Thu Aug 19 11:44:22 1999 Delivered-To: freebsd-questions@freebsd.org Received: from list.wildcoast.co.za (list.wildcoast.co.za [196.25.82.3]) by hub.freebsd.org (Postfix) with ESMTP id BFAAD1530E for ; Thu, 19 Aug 1999 11:43:58 -0700 (PDT) (envelope-from evablunted@earthling.net) Received: from impakt (uta36-01-p40.ec.saix.NET [155.239.168.40]) by list.wildcoast.co.za (8.9.3/8.9.3) with SMTP id UAA07893; Thu, 19 Aug 1999 20:47:30 +0200 Message-ID: <000001beea6f$f4a64780$0a01a8c0@sunshine.co.za> From: "Langa Kentane" To: Cc: "Cisco" , "FreeBSD" References: <6D1C7F13995FD11181C108002BB48A1CCDB873@HQASCEXC5> Subject: Re: router and firewall question Date: Thu, 19 Aug 1999 19:39:59 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Now the other thing I would like to know is how I would go about is that if I use a private network address of 192.168.1.0 and put up my all my servers behind it ie: http server, ftp server, mail server (pop3 and smtp) and a dns server, will I not have problems with that, coz I need the stuff of the company to be able to connect to these from the internet and the other idea is that I want them to dial into the C2511 if the don't have a net connection. The others will work, I think, the http server and stuff by using the host name instead of the ip but then how will the be able to use the dns server since that uses an ip address instead of a host name? PLease help > Actually what you have below won't work. The router will think that hosts > 1-62 are on the local e0 segment - depending on the subnet mask used. The > firewall will create subnets on both the secure and unsecure side. To make > it work this is what I would do: > > R1: > > ip subnet-zero > ! > interface e0 > ip address 192.168.25.1 255.255.255.252 > > Give the ISP the rest of the address space back and use private addresses > for local hosts. The firewall should do the address translation for you. > Keep in mind that if you are going to be putting hosts in the unsecure side > of the firewall you'll want to keep some registered addresses. > > > Kenny Sallee > Army Network Systems Operation Center > Ft. Huachuca, AZ > DSN: 879-8212 > COM: 520-538-8212 > HelpDesk: 1-800-305-3036 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message