Re: firewalls for dummies?
On Thu, Jul 01, 1999 at 08:34:53AM -0700, Stuart Marshall wrote:
> The current network looks like:
> X.Y.(116 or 12).xxx
> upstream router ------------------ switched_hub ---- local_machine_a
> X.Y.116.254 || \___ local_machine_b
> X.Y.12.254 (alias) switched_hub ---- ....
> ||
> ....
>
>
> I would like it to look like:
>
>
> upstream router ------ firewall -- switched_hub ---- local_machine_a
> X.Y.116.254 || \___ local_machine_b
> X.Y.12.254 (alias) switched_hub ---- ....
> ||
> ....
the easiest and most straight-forward way, is to get the upstream
router to route everything for your networks through your firewall's
IP (ie. they do: route add -net x.y.116.0 gw your.firewall.ip)
no fancy firewall rules or ARP trickery
(the proxy arp method won't need help from upstream, but won't scale
well if you have lots of machines)
--
- Gus
Reply to: