Date: Fri, 24 Mar 2006 13:53:02 -0500 From: Ian Lord <mailing-lists@msdi.ca> To: Imran Imtiaz <imran@darkstar.thelakecity.com.pk>, freebsd-questions@freebsd.org Subject: Re: pix 501 and freebsd Message-ID: <7.0.0.16.2.20060324134859.04e33b90@msdi.ca> In-Reply-To: <200603241837.k2OIbpBo051200@darkstar.thelakecity.com.pk> References: <200603241837.k2OIbpBo051200@darkstar.thelakecity.com.pk>
next in thread | previous in thread | raw e-mail | index | archive | help
At 13:37 2006-03-24, Imran Imtiaz wrote: >how can i use pix firewall to make a transparent to on my freebsd server. >sorry if i am on the wrong place. Not sure if this is what you need, but I guess you are talking about a "layer 2" bridged firewall.. Pix OS supports this only from version 7 and pix 501 and pix 506 cannot upgrade yet to this version (not sure if they will ever be able to) A transparent firewall like this just sits beside your switch and your computer and the only layer 2 traffic that can pass through is arp. All other frame will get deencapsulated and a layer 3 (and up) access-list will be applied. This is what is called a transparent firewall as it is transparent on your network :) With a pix 501, you will need to use nat ou pat or simulate a "router" with the "nat 0" command... Hope this helps
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7.0.0.16.2.20060324134859.04e33b90>