Date: Sun, 3 Sep 2000 00:25:59 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: "Michael P. Neuman" <neubyneu@twcny.rr.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Routing questions... Message-ID: <20000903002559.E62475@149.211.6.64.reflexcom.com> In-Reply-To: <000a01c0152c$61add360$0400a8c0@cmsnet.net>; from neubyneu@twcny.rr.com on Sat, Sep 02, 2000 at 06:23:12PM -0400 References: <000a01c0152c$61add360$0400a8c0@cmsnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[All of your paragraphs are on one line and your diagram is over 110
characters wide. Please try to put newlines in at about 72 columns so
it all fits nice on 80 column displays. Thanks.]
On Sat, Sep 02, 2000 at 06:23:12PM -0400, Michael P. Neuman wrote:
> Hello everyone,
> 
> I'm trying to configure my network and routing.  I currently have 1 FreeBSD box acting as a NAT firewall which routes my internal LAN to the internet over a cable modem.  I'm trying to add a dedicated firewall for added security.  Here is the configuration I would like to have:
> 
> | ------------ |                                | --------------------- |     | -------------------------- |
> |  Internet | ----- Cable Modem --- | FBSD Firewall | ---- | FBSD File Server | ----- HUB ---- Internal LAN
> | ------------ |                                | --------------------- |     | -------------------------- |
> 
> The Firewall and File Server are two separate boxes.  The firewall I assume will use NAT to connect to the cable internet service.  If you have any advice on how to configure this.  Please let me know ASAP.  Thanks!
It seems like it would be easier to just do,
          }
 Internet }-----[ FreeBSD FW ]----[   Hub    ]
          }                        |  |  |  |
                                   |  |  |  |
                                   |  |  | [ FreeBSD Server ]
                                   |  |  |
                                  { rest of
                                     LAN }
And have one LAN. However, your setup is not tough. There really is
not much of any trick to do it. For example,
                       192.168.0.0/24             192.168.1.0/24
           }                 |
  Internet }---[FreeBSD FW]------[FreeBSD Server]-----[Hub]
           }                                           |||
                                                    { interal
                                                       LAN }
Just put the right setup for the interfaces and default server on the
FreeBSD server and the routing is taken care of there. You'd need to
add a static route for the 192.168.1.0/24 net on the firewall.
-- 
Crist J. Clark                           cjclark@alum.mit.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000903002559.E62475>
