[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall Public IP's?

>>>>> "DP" == Daniel Pittman <daniel@rimspace.net> writes:
[on proxy arp]
    DP> This is so that the client machines can still see the Cisco
    DP> box, which is presumably their default gateway, right?

I was thinking that the Cisco would be expecting to see a class C on
the internal ethernet and would just put things on the wire (after arp).  
Since they cannot touch the Cisco, the next best thing is to fake it
with proxy-arp!

    DP> I forgot to mention the easiest way to deal with that; setting
    DP> the firewall machine as the default gateway for the clients
    DP> also works.

Yup, that would take care of the internal side.  Though proxy-arp
probably would make things work OK with just the host route to the 
Cisco on the debian box.



To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: