From owner-freebsd-questions Tue Nov 5 3:10: 5 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E79A37B401 for ; Tue, 5 Nov 2002 03:10:04 -0800 (PST) Received: from smtp.hispeed.ch (isp247n.hispeed.ch [62.2.95.247]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1216643E6E for ; Tue, 5 Nov 2002 03:10:03 -0800 (PST) (envelope-from locus@hispeed.ch) Received: from rock.stable.ch (dclient217-162-34-199.hispeed.ch [217.162.34.199]) by smtp.hispeed.ch (8.12.6/8.12.6/tornado-1.0) with ESMTP id gA5BA0oP018716 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Tue, 5 Nov 2002 12:10:01 +0100 Received: from locus by rock.stable.ch with local (Exim 3.33 #1) id 1891aq-0008va-00 for freebsd-questions@FreeBSD.ORG; Tue, 05 Nov 2002 12:10:00 +0100 Date: Tue, 5 Nov 2002 12:10:00 +0100 From: Thomas Spreng To: freebsd-questions@freebsd.org Subject: Re: bridging the right way? Message-ID: <20021105111000.GA33654@rock.stable.ch> Mail-Followup-To: freebsd-questions@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Nov 05, 2002 at 10:09:16AM +0100, Jonas Sonntag wrote: > hi list > > i'm looking for a little advice here. > i've got a fbsd server conected to the internet via rl0. there are about 30 > workstation in 192.168, fbsd does nat for, those are connected via rl1. > now, on rl1, behind nat there's also a win2k server in here which should > soon get connected to the internet, too (being accessible from the > internet). i don't want to plug the win2k server next to the fbsd box into > our isp's router. this way i'd had to set up an extra firewall on the win2k > box, instead i'd like all connection to and from the internet with the win > server to go through my existing ruleset on the fbsd box, leaving the win > server on the inside interface rl1. > just assiging one of the official ip's to the win box didn't work, so i was > doing some reading and found out that bridging seemed to be the way to go. > now i wonder: those how-to's say it's not nescessary to assign an ip to both > interfaces, but i definitly still need an ip from the 192.168 subnet on the > inside interface. just as the win2k box still needs to stay accessible with > it's 192.168 adress. > so...is it possible this way, or would it be far smarter to plug a third nic > into the fbsd box only for bridging ? Hi, another solution would be to redirect the traffic from the fbsd box to the win2k server. If you want the win2k server to have an external ip of its own you can add an ip alias to your fbsd box and then redirect all traffic to this ip to the win2k server. Thats probably the easiest solution. greets, tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message