Re: Firewall Public IP's?
>>>>> "DP" == Daniel Pittman <email@example.com> writes:
[on proxy arp]
DP> This is so that the client machines can still see the Cisco
DP> box, which is presumably their default gateway, right?
I was thinking that the Cisco would be expecting to see a class C on
the internal ethernet and would just put things on the wire (after arp).
Since they cannot touch the Cisco, the next best thing is to fake it
DP> I forgot to mention the easiest way to deal with that; setting
DP> the firewall machine as the default gateway for the clients
DP> also works.
Yup, that would take care of the internal side. Though proxy-arp
probably would make things work OK with just the host route to the
Cisco on the debian box.
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com