From owner-freebsd-questions  Sat Mar  4 21: 1:42 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from fedde.littleton.co.us (fedde.littleton.co.us [216.17.174.44])
	by hub.freebsd.org (Postfix) with ESMTP id C226A37B8BC
	for <questions@FreeBSD.ORG>; Sat,  4 Mar 2000 21:01:38 -0800 (PST)
	(envelope-from cfedde@fedde.littleton.co.us)
Received: from fedde.littleton.co.us (localhost.fedde.littleton.co.us [127.0.0.1])
	by fedde.littleton.co.us (8.10.0.Beta10/8.10.0.Beta10) with ESMTP id e2551UT25872;
	Sat, 4 Mar 2000 22:01:30 -0700 (MST)
Message-Id: <200003050501.e2551UT25872@fedde.littleton.co.us>
To: Systems Administrator <geniusj@ods.org>
Cc: questions@FreeBSD.ORG
From: Chris Fedde <chris@fedde.littleton.co.us>
Subject: Re: Routing between 2 interface.. 
In-reply-to: Your message of "Sat, 04 Mar 2000 22:46:29 EST."
             <Pine.BSF.4.10.10003042241070.52500-100000@ods.org> 
Date: Sat, 04 Mar 2000 22:01:30 -0700
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Systems Administrator writes:
 +---------------
 | I'm trying to setup a "dropin firewall" .. Such that when a packet reaches
 | our network, it goes through the main router (the cisco) and then passes
 | through the firewall (the freebsd box) and then hits the rest of the lan..
 | I'm trying to do this in this way..
 | 
 | 63.236.135.1(Main Router) -> 63.236.135.232(Firewall NIC 1) ->
 | 63.236.135.233 (Firewall NIC 2 -- Same Machine) -> rest of lan
 | 
 | If that makes any sense :).. If you could help me with this.. I am very
 | lost right now ;).. If you need more details, etc.. Feel free to contact
 | me..
 | 
 | Thanks in advance,
 | -JD-
 +---------------

From the addressing that you are using you'll have to use host routes on each
interface (subnetmask 255.255.255.255 aka /0) 

Also unless there is a real good reason not to I'd set up natd on your
firewall box and use one of the private IP networks on your LAN

    3. Private Address Space

       The Internet Assigned Numbers Authority (IANA) has reserved
       the following three blocks of the IP address space for
       private networks:

        10.0.0.0        -   10.255.255.255
        172.16.0.0      -   172.31.255.255
        192.168.0.0     -   192.168.255.255

	-- RFC 1597

__
Chris Fedde	  <chris@fedde.littleton.co.us>
303 773 9134


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message