Date: Tue, 12 Dec 2006 16:38:24 -0500 From: Bill Moran <wmoran@collaborativefusion.com> To: "Bret J Esquivel" <besquivel@immense.net> Cc: freebsd-questions@freebsd.org Subject: Re: Routing Question Message-ID: <20061212163824.f067e80c.wmoran@collaborativefusion.com> In-Reply-To: <008701c71e2f$60ea9130$22bfb390$@net> References: <008701c71e2f$60ea9130$22bfb390$@net>
next in thread | previous in thread | raw e-mail | index | archive | help
In response to "Bret J Esquivel" <besquivel@immense.net>: > > I have a cable modem at my office with a /28 allocated. I have a FreeBSD 6.1 > firewall/router in between the cable modem and the switch to other nodes. My > question is how could I add static routes to say my web server having an > external IP address but still going through the firewall box? NAT is not an > option. > > INET (70.164.48.225/28) -> [xl0] Firewall (70.164.48.226) [xl1] -> [xl0] Web > server (70.164.48.227) I could have swore that someone else recommended bridging, so I won't bother to bring it up. The other option is to set that system up as a router, and build a proper routing table. Your ISP will need to be involved so they know to route traffic to your subnet through your gateway system. You need to enable forwarding in /etc/rc.conf. Then you'll need to subnet your range properly. Something like: 70.164.48.225/29 -> external 70.164.48.241/29 -> internal Then set your external interface on the router to 70.164.48.226 and the internal interface to 70.164.48.242. They you can use 70.164.48.243 - 249 on the inside. Configuring the FreeBSD machine as a bridging firewall will simplify the process, however, and is the approach I would recommend. -- Bill Moran Collaborative Fusion Inc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061212163824.f067e80c.wmoran>