Date: Tue, 13 Apr 1999 15:58:05 +0200 From: Thomas Uhrfelt <thomas.uhrfelt@plymovent.se> To: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: Gating - IPFilter etc. Message-ID: <01BE85C6.6ECE8680.thomas.uhrfelt@plymovent.se>
next in thread | raw e-mail | index | archive | help
I am in the process of setting up a gateway/firewall and I need all the help I can possibly get, so this description is going to be rather lenghty I fear. Today we are running a WinNT Server based network, but since we are getting a "constant" connection to Internet and we are planning to install some sort of firewall I thought I should use FreeBSD instead of a MicroSoft sollution. Here is a brief description of the network today: Approx 40 workstations + 2 NT Servers + (192.168.1.xxx) -------------> (192.168.1.1) Router (Dynamic IP) 1 AS/400 Here is the first step of my "planned" change: Approx 40 workstations + 2 NT Servers + (192.168.2.xxx) ----> (192.168.2.1) FreeBSD (192.168.2.2) -------> (192.168.2.1) Router (Dynamic IP) 1 AS/400 The reason for changing the routers IP is that I don't want to change all the clients as we don't use DHCP. I was planning to use IPFilter+IFNAT on the FreeBSD box to accomplish this task. So now I need to know if there is any good beginners documentation on IPFilter + IFNAT and/or if its possible at all to accomplish this using these tools. I also want to put in rather restrictive rules on what is allowed to be passed through the BSD box, so I need a pretty elaborate doc on the IPFilters capabilities ( easy to understand wouldnt be bad either ). Anyone care to enlighten me on this subject? PS: The later changes will pretty much only involve a static IP on the other side of the router and a hardware VPN sollution ( if anyone can direct me to a VPN sollution for FreeBSD that is good, that would also be appriciated ) DS. / Thomas Uhrfelt Datortekniker PlymoVent AB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BE85C6.6ECE8680.thomas.uhrfelt>