Date: Wed, 16 Jan 2008 07:33:25 -0500 From: "Rodrique Heron" <swygue@rodhouse.org> To: fox@verio.net Cc: freebsd-pf@freebsd.org Subject: Re: Forwarding another host Message-ID: <1a5f1a2d0801160433u41453786q4c1e6fca1f0a150f@mail.gmail.com> In-Reply-To: <20080112072307.GB25623@verio.net> References: <4784F7E3.3060508@rodhouse.org> <1199919114.59461.10.camel@xenon> <1a5f1a2d0801100501j664f6b81sebe866b986a05500@mail.gmail.com> <1199977668.36543.12.camel@xenon> <1a5f1a2d0801100910r1316d24dibb2b12720dfda207@mail.gmail.com> <1200009515.36543.27.camel@xenon> <1a5f1a2d0801101837r338b5453m7a8f673e3b03833e@mail.gmail.com> <1200021436.36543.40.camel@xenon> <1a5f1a2d0801110518i398793a9u84a4c8924f62bcde@mail.gmail.com> <20080112072307.GB25623@verio.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1/12/08, David DeSimone <fox@verio.net> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Rodrique Heron <swygue@rodhouse.org> wrote: > > > > Yep! I understand perfectly, now is there anything I can do on the pix > side > > to allow the traffic back to HOST-A ? > > This seems the wrong question to ask. > > Shouldn't you instead be wondering, how can you get the PIX to forward > connections to HOST-B instead of to HOST-A? The PIX is a full firewall > with NAT features, so it can perform the NAT instead of your BSD box, > and since it is the default gateway for return traffic, will have no > trouble applying the translation in both directions. > > I realize this is a FreeBSD mailng list, but you should go for the > simplest solution, because complex solutions tend to fail in complex > ways. You are right, I'm looking into that since I don't know much about the PIX. - -- > David DeSimone == Network Admin == fox@verio.net > "This email message is intended for the use of the person to whom > it has been sent, and may contain information that is confidential > or legally protected. If you are not the intended recipient or have > received this message in error, you are not authorized to copy, dis- > tribute, or otherwise use this message or its attachments. Please > notify the sender immediately by return e-mail and permanently delete > this message and any attachments. Verio, Inc. makes no warranty that > this email is error or virus free. Thank you." --Lawyer Bot 6000 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQFHiGrbFSrKRjX5eCoRAma/AJwJUY1t0WL7C0b1S5M+IDAvFdODTwCdGcH/ > nVtNURikbji5A9RMtPI3DoE= > =S5sQ > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1a5f1a2d0801160433u41453786q4c1e6fca1f0a150f>