Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Aug 1999 16:51:42 -0700 (PDT)
From:      Brian <bri@sonicboom.org>
To:        Langa Kentane <evablunted@earthling.net>
Cc:        salleek@hqasc.army.mil, Cisco <cisco@groupstudy.com>, FreeBSD <freebsd-questions@FreeBSD.ORG>
Subject:   Re: router and firewall question
Message-ID:  <Pine.BSF.4.10.9908191650080.47216-100000@adsl-216-102-203-44.dsl.snfc21.pacbell.net>
In-Reply-To: <000001beea6f$f4a64780$0a01a8c0@sunshine.co.za>

next in thread | previous in thread | raw e-mail | index | archive | help
You can do port redirection with bsd as a firewall, redirecting port x of
a public address to the same or different port of a private server.
Check the freebsd-questions mailing list archive at www.freebsd.org.
Actually, OpenBSD is slightly more secure.

				Bri


On Thu, 19 Aug 1999, Langa Kentane wrote:

> Now the other thing I would like to know is how I would go about is that if
> I use a private network address of 192.168.1.0 and put up my all my servers
> behind it ie: http server, ftp server, mail server (pop3 and smtp) and a dns
> server, will I not have problems with that, coz I need the stuff of the
> company to be able to connect to these from the internet and the other idea
> is that I want them to dial into the C2511 if the don't have a net
> connection.
> 
> The others will work, I think, the http server and stuff by using the host
> name instead of the ip but then how will the be able to use the dns server
> since that uses an ip address instead of a host name?
> 
> PLease help
> 
> > Actually what you have below won't work.  The router will think that hosts
> > 1-62 are on the local e0 segment - depending on the subnet mask used.  The
> > firewall will create subnets on both the secure and unsecure side.  To
> make
> > it work this is what I would do:
> >
> > R1:
> >
> > ip subnet-zero
> > !
> > interface e0
> > ip address 192.168.25.1 255.255.255.252
> >
> > Give the ISP the rest of the address space back and use private addresses
> > for local hosts.  The firewall should do the address translation for you.
> > Keep in mind that if you are going to be putting hosts in the unsecure
> side
> > of the firewall you'll want to keep some registered addresses.
> >
> >
> > Kenny Sallee
> > Army Network Systems Operation Center
> > Ft. Huachuca, AZ
> > DSN:  879-8212
> > COM:  520-538-8212
> > HelpDesk:  1-800-305-3036
> 
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9908191650080.47216-100000>