Date: Tue, 15 Sep 1998 11:22:59 -0700 (PDT) From: Dan Busarow <dan@dpcsys.com> To: chas <panda@peace.com.my> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: How to use FBSD as a proxy between firewall and LAN. (or shouldn't I ?) Message-ID: <Pine.BSF.3.96.980915111542.28424G-100000@java.dpcsys.com> In-Reply-To: <3.0.32.19980915230005.00d6dacc@mail.peace.com.my>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 15 Sep 1998, chas wrote: > Trying to implement a firewall/network : > > |<--> Server Farm A > | > |<--> Server Farm B > [INet]<--> Router <--> Firewall | > |<--> FBSD Proxy <-- LAN > | > |<--> free > > The firewall is on a Sun box with a quad-NIC using commercial > firewall software. The LAN has over 100 PCs. > > Does it make sense to use a FreeBSD box as I have shown > above to act as a Proxy (and also router) between the LAN > and the Firewall ? Does this network layout make sense or > have I lost the plot ? (not that I really understood it in > the first place). Sure. You need to turn on IPFW in the kernel and build a new kernel (see the Handbok) and run natd on the NIC connected to the Sun. Also run a DHPC server on the FreeBSD box to assign all those PCs their RFC1918 addresses. (both Wide and ISC dhcp's are in ports) In /etc/rc.conf set firewall_type="OPEN" gateway="YES" You can tighten up the firewall later if desired. > To set up the FreeBSD proxy above, will it really require > static routes for all the PCs between the LAN and the Firewall ? No Dan -- Dan Busarow 949 443 4172 Dana Point Communications, a California corporation dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980915111542.28424G-100000>