Date: Tue, 2 Aug 2005 18:26:15 -0500 From: Nikolas Britton <nikolas.britton@gmail.com> To: Stephan Weaver <stephanweaver@hotmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Networking with FreeBSD Message-ID: <ef10de9a0508021626447b8136@mail.gmail.com> In-Reply-To: <BAY20-F12D790F4DCB8BB90254A43A8C20@phx.gbl> References: <42EFBABF.90108@mac.com> <BAY20-F12D790F4DCB8BB90254A43A8C20@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/2/05, Stephan Weaver <stephanweaver@hotmail.com> wrote:
>=20
>=20
> >From: Chuck Swiger <cswiger@mac.com>
> >To: Stephan Weaver <stephanweaver@hotmail.com>
> >CC: freebsd-questions@freebsd.org
> >Subject: Re: Networking with FreeBSD
> >Date: Tue, 02 Aug 2005 14:26:07 -0400
> >
> >Stephan Weaver wrote:
> >[ ... ]
> >>Thank You So Very Much for your quick response.
> >
> >You're welcome.
> >
> >>I am familar with firewalling, but i never done something like this.
> >>Mabee you can give me an actual Example from my reference.
> >>Using my networks ect.
> >
> >Sure, if I had lots of free time and nothing else to do, I could probabl=
y
> >write up a security policy, firewall rules, along with pretty network
> >topology diagrams and so forth. But I was up 'til 2AM doing pretty much
> >just that for a client yesterday (*), and I'd rather not spend that much
> >effort again today without a good cause, or at least more beer. :-)
> >
> >There is an expectation on the freebsd lists that you spend your own tim=
e
> >to learn about the tasks you want to accomplish before asking other peop=
le
> >to repeat what the documentation says for your own specific use case.
> >("Read the docs. Try stuff out. Ask questions which show what you've d=
one
> >and what the specific error message or problem you have is.")
> >
> >>What i want to do is seperate the network's on the same wire.
> >
> >Hmm. Why do you want to put separate subnets on the same wire?
> >
> >(What does that mean to you, anyway? Using the same external ISP
> >connection? All boxes all on the same ethernet hub? Something else?
> >Consider IPsec. :-)
> >
> >--
> >-Chuck
> >
> >(*): Client is in Denmark. They wanted stuff "urgently" by this morning
> >their time, after getting me something to respond to yesterday at 4PM my
> >time. Bleh, this "global outsourcing" thing really is overrated....
> >
>=20
>=20
> What i want to do in a nutshell,
> Connect all stores together via fibre, and protect my HeadOffice Lan, whi=
ch
> will now be connected to all the stores. And Have some sort of security.
What fibre? how far are the stores? fibre networking gear? you have
fibre going all the way to your stores from HQ?
Also, why do you have pixel, httpd, and samba servers on different LANs?
Internet
| =20
| |--------WANs 1-4, 192.168.2/24, 192.168.3/24, 192.168.4/24, 192.168=
.5/24
Firewall ------ DMZ 192.168.1/24 ----- Pixel, httpd, samba
|
|
HQ LAN 192.168.0/24
OR:=20
Internet
|
| |-----WAN, 192.168.2/24
Firewall ------- DMZ, 192.168.1/24 ----- Pixel, httpd
|
|------- Samba
|
HQ LAN 192.168.0/24
OR:
Internet
|
| |-------WAN(s)
Firewall
|
|
HQ LAN
Etc. =20
We need more info to help you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ef10de9a0508021626447b8136>