From owner-freebsd-questions Fri Jun 30 11: 6:48 2000 Delivered-To: freebsd-questions@freebsd.org Received: from wcug.wwu.edu (sloth.wcug.wwu.edu [140.160.164.200]) by hub.freebsd.org (Postfix) with SMTP id 04B9737C20B for ; Fri, 30 Jun 2000 11:06:39 -0700 (PDT) (envelope-from doc@wcug.wwu.edu) Received: (qmail 27996 invoked by uid 1074); 30 Jun 2000 18:06:34 -0000 Date: Fri, 30 Jun 2000 11:06:34 -0700 (PDT) From: David Daugherty X-Sender: doc@sloth To: jeff@digiman.org Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Dual Nic Firewall Configuration Woes In-Reply-To: <000501bfe2ba$5ec92c20$248039cf@noc.wilkshire.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Try using the dc0 option in the kernel instead. Not sure if that's your problem but I have a netgear NIC which is using dc not de for config. David Software Engineer - NetManage Work email: david.daugherty@netmanage.com Home email: doc@wcug.wwu.edu ICQ 21106703 Washington State Resident On Fri, 30 Jun 2000 jeff@digiman.org wrote: > Good afternoon FreeBSD'ers > > I am in the process of creating a firewall using a > small p-133 with (2) netgear cards (shown as de0 and de1) > and FreeBSD 4.0 > > I am creating this firewall as a drop-in replacement to an ailing > rackmount appliance firewall. > > my problem is as follows: > > the subnet range from the ethernet side of the router is 255.255.255.224 > (since there are only a handful of workstations to be secured) > ***Note that I am using real ip's not 10.10.10.x*** > ***10.10.10.x is for example only*** > > the current firewall has 10.10.10.34 as the external (non-trusted interface) > and 10.10.10.35 as the trusted side of the interface. the router ethernet > port is 10.10.10.33 and is configured as the default gateway for the > firewall. > > I have tried to configure the Freebsd system as follows: > > ifconfig_de0="inet 10.10.10.34 netmask 255.255.255.224" > ifconfig_de1="inet 10.10.10.35 netmask 255.255.255.224" > default_gateway="10.10.10.33" > gateway_enable="yes" > > option BRIDGING > has been added to my kernel configuration > > once the system has been rebooted, I can only ping de0, > if I shutdown de0 then de1 is pingable, but not both at the same > time. this as you can imagine, is very frustrating to the development > of my firewall. any help and guidance from anyone familliar with > the design of firewalls using FreeBSD would be very welcomed. > > thank you in advance. > > Jeff > jeff@digiman.org > www.digiman.org > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message