Re: Topology Question

From: Bit Twister (BitTwister_at_localhost.localdomain)
Date: 05/25/03 

Date: Sun, 25 May 2003 01:48:48 GMT

On Sat, 24 May 2003 17:31:37 -0400, neptuna wrote:
> Hi
> I am setting up a secure internet connection for a small office LAN. Just
> wanted to get some ideas on how to set it up. The internet connection is via
> cable modem (the external IP will be from DHCP). The border router/fw will
> be a Netgear Prosafe Firewall. I also have a dual homed linux box that I
> would like to use as a second firewall or DMZ. I am not sure how to make the
> linux box a second firewall. How many subnets do I need to set it up. Would
> the linux firewall be on the same subnet as my the internal client machines?
> Do i need another box with 2 nics?
> Thanks for any suggestions.

This aught to give you an idea.

Except for 192.168.x.x (Private network) numbers
these ip addresses are for this discussion.

You change the 24.x.x.xx to your ISP numbers.
Use the 192.168.x.x so your internal lan/private network routes correctly.

24.x.x.xx is your ISP assigned address.
ggg.ggg.ggg.1 is your ISP gateway/router.
fw is my firewall.
I borrowed hysterion's (on MindSpring Enterprises) drawing

192.168.1.1 pc1 node's gateway
192.168.1.14 pc1 node's ip
   |
   v
x pc1 printer 24.x.x.xx
x \ / |
x \ / v
x Switch---------eth1_fw_eth0---cablemodem-----ISPgateway---Internet
x / ^ ^
x / | |
x pc2 192.168.1.1 ggg.ggg.ggg.1
   ^ lan gateway
   |
192.168.1.12 pc2 node's ip
192.168.1.1 pc2 node's gateway

Relevant Pages

  • Performance impact of ipfilter/ipnat ?
    ... firewall, nat box to separate the main office lan from the routable ... However I have just done a setup in Seoul, where the Internet connection ... Logged directly into the FreeBSD box I ...
    (comp.unix.bsd.freebsd.misc)
  • Re: Error Code 13: Guide Info Will Not Download
    ... I've disabled all firewalls I know this as an XP Media Center machine on the ... austin, tx ... The internet connection and firewall can be ruled out as suspects. ...
    (microsoft.public.windows.mediacenter)
  • Re: Error Code 13: Guide Info Will Not Download
    ... I've disabled all firewalls I know this as an XP Media Center machine on the ... austin, tx ... The internet connection and firewall can be ruled out as suspects. ...
    (microsoft.public.windows.mediacenter)
  • Re: AD-DNS-DHCP
    ... but for now the logon script rout command is good enough. ... DHCP look at setting up User Classes. ... gateway address Options in the same scope but applied to different ... Internet Connection #1 ...
    (microsoft.public.windows.server.active_directory)
  • Re: [fw-wiz] MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall
    ... It looks like you are experimenting a Path MTU Discovery issue. ... >sites via our central office's Internet connection. ... >The Cisco GRE tunnel has a MTU size of 1420 set at both ends for it's ... >uses a Cisco PIX firewall instead, the remote Paris users ARE able to ...
    (Firewall-Wizards)