RE: splitting a subnet in an odd way
Leonardo Boselli wrote:
> You forget one thing: there are 10 other machines (addresses 3 to 13)
> that need not to be firewalled, and must be accessible from
> ANY pother
> ost either internally and externally, without passing the FW.
> The second group really is not a problem, since are just virtual
> addresses for a machine in the first group, that self-firewall !
> However user in the third, internal group should access these
> About proxy-arping 230 machines: what commands would you suggest
> for dcoing that , the way i used for a small group did havoc on some
> network monitoring tools !
I think the best solution would be a briding firewall. No need for 230
proxy-arps, and (if correctly set up) nearly invisible to the outside world.
4.html> for more info and links.