From owner-freebsd-questions@FreeBSD.ORG Tue Aug 2 23:26:16 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E9A116A41F for ; Tue, 2 Aug 2005 23:26:16 +0000 (GMT) (envelope-from nikolas.britton@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id E05F343D48 for ; Tue, 2 Aug 2005 23:26:15 +0000 (GMT) (envelope-from nikolas.britton@gmail.com) Received: by wproxy.gmail.com with SMTP id i4so1762wra for ; Tue, 02 Aug 2005 16:26:15 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=e3ifUUxvmVmxs8XTT4qfzIOzgzWf02l3GR0xJREiEOLJfhSll6vadJ/EBSVHezO1239GfjYwdqxoY6R/NzOGCRUFQvyQ4fW5zNx3eo+B9zBD5RQtffm0rjRnE76+ZtkJWggbGt4IlACzRHakQ7lUk40su4Cilz1LQ6p/v1Ct/xw= Received: by 10.54.53.62 with SMTP id b62mr56217wra; Tue, 02 Aug 2005 16:26:15 -0700 (PDT) Received: by 10.54.124.11 with HTTP; Tue, 2 Aug 2005 16:26:15 -0700 (PDT) Message-ID: Date: Tue, 2 Aug 2005 18:26:15 -0500 From: Nikolas Britton To: Stephan Weaver In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <42EFBABF.90108@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: Networking with FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nikolas Britton List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 23:26:16 -0000 On 8/2/05, Stephan Weaver wrote: >=20 >=20 > >From: Chuck Swiger > >To: Stephan Weaver > >CC: freebsd-questions@freebsd.org > >Subject: Re: Networking with FreeBSD > >Date: Tue, 02 Aug 2005 14:26:07 -0400 > > > >Stephan Weaver wrote: > >[ ... ] > >>Thank You So Very Much for your quick response. > > > >You're welcome. > > > >>I am familar with firewalling, but i never done something like this. > >>Mabee you can give me an actual Example from my reference. > >>Using my networks ect. > > > >Sure, if I had lots of free time and nothing else to do, I could probabl= y > >write up a security policy, firewall rules, along with pretty network > >topology diagrams and so forth. But I was up 'til 2AM doing pretty much > >just that for a client yesterday (*), and I'd rather not spend that much > >effort again today without a good cause, or at least more beer. :-) > > > >There is an expectation on the freebsd lists that you spend your own tim= e > >to learn about the tasks you want to accomplish before asking other peop= le > >to repeat what the documentation says for your own specific use case. > >("Read the docs. Try stuff out. Ask questions which show what you've d= one > >and what the specific error message or problem you have is.") > > > >>What i want to do is seperate the network's on the same wire. > > > >Hmm. Why do you want to put separate subnets on the same wire? > > > >(What does that mean to you, anyway? Using the same external ISP > >connection? All boxes all on the same ethernet hub? Something else? > >Consider IPsec. :-) > > > >-- > >-Chuck > > > >(*): Client is in Denmark. They wanted stuff "urgently" by this morning > >their time, after getting me something to respond to yesterday at 4PM my > >time. Bleh, this "global outsourcing" thing really is overrated.... > > >=20 >=20 > What i want to do in a nutshell, > Connect all stores together via fibre, and protect my HeadOffice Lan, whi= ch > will now be connected to all the stores. And Have some sort of security. What fibre? how far are the stores? fibre networking gear? you have fibre going all the way to your stores from HQ? Also, why do you have pixel, httpd, and samba servers on different LANs? Internet | =20 | |--------WANs 1-4, 192.168.2/24, 192.168.3/24, 192.168.4/24, 192.168= .5/24 Firewall ------ DMZ 192.168.1/24 ----- Pixel, httpd, samba | | HQ LAN 192.168.0/24 OR:=20 Internet | | |-----WAN, 192.168.2/24 Firewall ------- DMZ, 192.168.1/24 ----- Pixel, httpd | |------- Samba | HQ LAN 192.168.0/24 OR: Internet | | |-------WAN(s) Firewall | | HQ LAN Etc. =20 We need more info to help you.