|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Linux 2.2 Firewall
|
"Michael W. Ryan" wrote:
> Okay, here's a question that I can't seem to find an answer for.
>
> My network is a registered class C network. I'm going to use a single
> bastion firewall between the router and the LAN. I want to forward and
> not masquerade (yes, I know masq'ing is more secure, but I think it would
> mess up future plans).
>
Yes
>
> My question is that do I need the two sides of my FW to be two separate
> subnets? I.e. if my router is 192.168.1.1, should the external interface
> of the FW be 192.168.1.2, with a mask of 255.255.255.252, and the internal
> interface be 192.168.1.5, with a mas of... grrr... everything above .4 (I
> can never figure those out).
>
> Also, should the LAN systems then use the FW or the router for their
> gateway?
> Your firewall unless you have a Cisco router also as a firewall. double
> protection, In a nutshell your best bet is the FW
> Thanks.
>
> Michael W. Ryan, MCP, MCT | OTAKON 2000
> mryan@netaxs.com | Convention of Otaku Generation
> http://www.netaxs.com/~mryan/ | http://www.otakon.com/
>
> No, I don't hear voices in my head;
> I'm the one that tells the voices in your head what to say.
>
> ______________________________________________________________________
> Philadelphia Linux Users Group - http://plug.nothinbut.net
> Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
> General Discussion - http://lists.nothinbut.net/mail/listinfo/plug
begin:vcard
n:Sulfare Jr;James
tel;home:610-838-7694
x-mozilla-html:FALSE
url:http:\\www.solinkit.com
org:SoLinkIt;IT
adr:;;Post Office Box 1953;Bethlehem ;PA;18016;USA
version:2.1
email;internet:jsulfare@yahoo.com
title:CTI Engineer/Management
end:vcard
|
|