Re: Firewall
>> eth0 xxx.xxx.xxx.1 :Connected to the internal network
>> eth1 xxx.xxx.xxx.2 :Connected to the internet.
>> # note that the xxx.xxx.xxx are the same subnet since we are allocated a
>> class C domain.
>>
>> my routing table looks similar to this:
>> DESTINATION GATEWAY GENMASK ... IFACE
>> xxx.xxx.xxx.254 0.0.0.0 255.255.255.255 eth1
>> xxx.xxx.xxx.0 0.0.0.0 255.255.255.0 eth0
>> 0.0.0.0 xxx.xxx.xxx.254 0.0.0.0
>> eth1
>>
> Sorry for the poor formatting.
>
>What you need is subnetting your class C network in several smaller
subnets.
>The first one would be x.x.x.0/255.255.255.252 (or 248 if you want several
>addresses outside your firewall, for an i.e. Intrusion detection system)
>The other ones would fit your needs.
>
>The firewall would then have a NIC (eth0) in the first subnet (x.x.x.0/30
>(or/29)), and the second one (eth1) would be in any other.
>--
Well I tried all of that and it didn't seem to help me out. I am stuck using
the gateway to the internet as xxx.xxx.xxx.254 and I can't change this. I
have only been trying to get out right now, which shouldn't involve our ISP
doing any routing work. I subneted our class C network using a netmask of
255.255.255.252 and put the gateway address as xxx.xxx.xxx.1 and the machine
inside the firewall as xxx.xxx.xxx.2, the firewall machine can still see the
outside and inside world and the inside machine can still see both IP
addresses of the firewall machine. Any other thoughts?
0 / Derek Wueppelmann
(D Libraxus Inc.
/ \ dwueppel@libraxus.com
Reply to:
- References:
- Firewall
- From: "Derek Wueppelmann" <dwueppel@libraxus.com>
- Re: Firewall
- From: Marc Dubrowski <marcus@kbinirsnb.be>