Re: Linksys hardware firewall enough...?
From: Gary (garyd_at_efn.org.spamsux)
Date: 11/09/04
- Next message: Gary: "Re: Linksys hardware firewall enough...?"
- Previous message: Gary: "Re: Linksys hardware firewall enough...?"
- In reply to:(deleted message) Leythos: "Re: Linksys hardware firewall enough...?"
- Next in thread: Leythos: "Re: Linksys hardware firewall enough...?"
- Reply:(deleted message) Leythos: "Re: Linksys hardware firewall enough...?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 09 Nov 2004 14:40:57 GMT
Leythos wrote:
> Have you tried to put your DFL-80 into Drop-in mode? Meaning that the
> LAN IP is the same as the Public IP? Have you created rules for mapping
> PUBLIC IP to internal PUBLIC IP based on ports / services? All the
> firewalls I've used allow me to use Public IP's (with rules protecting)
> for Internal IP's.
No, the DFL-80 does not support layer 2. The PIX and NetScreens SOHO
class devices can do that as well as OpenBSD's pf:
http://www.openbsd.org/faq/faq6.html#Bridge
However, most SOHO users don't have a need for bridging firewalls.
For the DFL-80, I've found that one-to-one NAT is sufficient. The
firewall answers requests for multiple public IPs and maps traffic to
static private IPs. For example, if we were to use my Comcast IP that's
advertised in my headers, 24.21.82.192 could be mapped to 192.168.1.192.
I could also have 24.21.82.193, 4, and 5 mapped to 192.168.1.193,4,5.
-Gary
- Next message: Gary: "Re: Linksys hardware firewall enough...?"
- Previous message: Gary: "Re: Linksys hardware firewall enough...?"
- In reply to:(deleted message) Leythos: "Re: Linksys hardware firewall enough...?"
- Next in thread: Leythos: "Re: Linksys hardware firewall enough...?"
- Reply:(deleted message) Leythos: "Re: Linksys hardware firewall enough...?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
