Date: Sat, 12 Jul 2003 12:30:21 +1000 (EST) From: <keith@smmc.qld.edu.au> To: <freebsd-questions@FreeBSD.org> Subject: Routing problem.. cisco -->fbsd-->Lan Experts?? Message-ID: <1068.203.221.19.86.1057977021.squirrel@localhost.smmc.qld.edu.au>
next in thread | raw e-mail | index | archive | help
Hi all,
I have a friend with a cisco 827 adsl router. It has config hassles but
when that is sorted, we need to setup a freebsd box inside the cisco
router to handle a /29 block of ips. 3 questions...
a) Should I assume the cisco is not the worlds greatest firewall and setup
the freebsd machine as one (creating a dmz)
b) The /29 block is routed by the ISP to the cisco device. I guess we
need to place a static route on the cisco gadget that directs any of the
incoming /29 block request onto the freebsd box...Correct?
c) Should I use IPNAT on the fbsd box an place all the /29 ips the NIC
facing the cisco and NAT to the internal private IPs of the servers inside
the fbsd Lan? I know I don't have to but if I do this would I have to
config the fbsd as a router (routed or such). I will make it the gateway
for the internal LAN. Is that enough? I think it should be? Ideas please.
Here is the scheme...Will this work is it best? Thanks heaps
ISP
(165.228.233.1)
|
[ADSL Internet]
|
(165.228.233.190)
+CISCO ROUTER+ static route
(10.0.0.1)
|
|
(10.0.0.2,203.228.44.xxx,203.228.44.zzz,203.228.44.zzz..etc)
+FREEBSD Gateway firewall+
------------NAT/PAT-----------------
(192.168.1.1)
/ \
/ \
/ \
/ \
(192.168.1.2) (192.168.1.3) etc etc
WWW server OTHER server
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1068.203.221.19.86.1057977021.squirrel>