Date: Thu, 01 Oct 1998 12:44:26 -0500 From: Kim Shrier <kim@tinker.com> To: Alejandro Galindo Chairez AGALINDO <agalindo@servidor.exsocom.com.mx> Cc: questions@FreeBSD.ORG Subject: Re: Firewall with 2 NIC and a NET class C Message-ID: <3613BF7A.8ADA1392@tinker.com> References: <Pine.BSF.3.96.981001095955.29413B-100000@servidor.exsocom.com.mx>
next in thread | previous in thread | raw e-mail | index | archive | help
Alejandro Galindo Chairez AGALINDO wrote: > > On Thu, 1 Oct 1998, Kim Shrier wrote: > > > You have a couple of ways to approach this. You could use network address > > translation and have private addresses for all your machines. The "public" > > machines would have static mappings to real IP addresses that are aliased > > on the outside interface of the firewall. You would also use ipfw rules to > > control the traffic. > > ok i like the idea to have static mappings to real IP addrs. that are > aliased on the out interface, how can i do that? > ... snip ... > > Actually, the external router's ethernet port now is 208.195.117.2 with a > mask /25, i will need to change the mask here too? and if yes, why the > router indicate to me invalida mask /25? (the router is a CISCO 4000). > > Other questions: > > I think if its posible to connect the firewall directly with the > Router (without a hub) with a cross cable dos it work? or is necesary to > use the hub? > > and how can i setup the routes in the firewall? To start off, I will need to know how many machines are going to be publicly accessible and what protocols need to be able to get to them. You can connect the firewall directly to the router if you use a cross cable. Since you will have 2 different network addresses on the two nic cards, all you will need to do is specify a default route and the rest will be handled by the IP forwarding code. Kim Shrier kim@tinker.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3613BF7A.8ADA1392>
