Date: Fri, 1 Nov 1996 18:29:17 -0800 From: "Neil C. Jensen" <njensen@salsa.habaneros.com> To: "'questions@freebsd.org'" <questions@freebsd.org> Subject: routing / firewall question Message-ID: <01BBC822.97F241A0@ppp01.habaneros.com>
next in thread | raw e-mail | index | archive | help
I've seen similiar questions to this, but could not find a definitive
answer in the archives....
I have 32 IP addresses subnetted from a class C. I presently have the
following setup:
[ Internet ] <-------------------> Router <-------------------------> real
& virtual servers
ISDN xxx.xxx.xxx.97 ethernet xxx.xxx.xxx.98-126
I would like to add a firewall using TIS's fwtk (for telnet and ftp) and
perhaps the CERN HTTP proxy server (or Apache 1.2 proxy when it is
released). The network will then look like:
ISDN ethernet ethernet
[ Internet ] <-------> Router <--------> Firewall <--------> My machines
Where I get confused is at the Firewall. My understanding is that the two
network interfaces must be on separate subnets. How can I address the two
interfaces on the firewall and still retain the maximum number of IP
address for the rest of my machines? (I saw some mail in the archives about
using private addresses between the router and firewall, but apparently
this does not work with the proxy servers on the firewall).
On a related question, just to make sure I understand this correctly; does
the CERN proxy server reside on the firewall, instead of using fwtk's
http-gw?
Many thanks in advance.
Neil Jensen
Habanero Studios Ltd.
Vancouver, Canada
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BBC822.97F241A0>