Date: Fri, 23 Feb 2001 22:52:35 -0500 (EST) From: "G. Jason Middleton" <gmiddl1@gl.umbc.edu> To: Lucas Bergman <lucas@slb.to> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: setting up a firewall (Was: dual homed host) Message-ID: <Pine.LNX.4.31L.02.0102232250310.18420-100000@linux1.gl.umbc.edu> In-Reply-To: <20010223141221.D28130@billygoat.slb.to>
next in thread | previous in thread | raw e-mail | index | archive | help
well did all the info you guys suggested and gotthe follwing error
arp:24.18.90.1 is on de0 but got reply from 08:00:3e:11:f9:45 on dc0
de0 is live on the internet and dc0 ion the dead ip (192.168.0.1)
they both are configured with the DNS and gateway for my ISP
still reding but cannot find details about this stuff
Jason
On Fri, 23 Feb 2001, Lucas Bergman wrote:
> > i am setting up a firewall and i have been battling with getting the
> > damn things to work together.. i am using sysinstall to chagne the
> > ip addys and the dns entries and the mask etc etc. I set de0 up
> > for the live ip (internet ip from my ISP) and i set up dc0 with the
> > dead ip (192.168.0.1 or 192.168.0.2) not sure which one i should
> > use.
>
> It doesn't matter. Conventionally, though, the packet router (as this
> machine will be) on a class C net has its last octet set to 1.
>
> > SO when i am setting up dc0 what should i set the dns entry to?
>
> I'm not sure what you mean. Do you mean that you have your own DNS
> server and you want to give the address on dc0 an entry (an "A"
> record)? Do you mean to ask what address you should give as your DNS
> server?
>
> In fact, the answer to the second question depends on the answer to
> the second, so please try to clarify this.
>
> > And what should i set the gateway to? Can they be on the same
> > subnet?
>
> The "gateway" ("default route" might be a better way of putting it) on
> the firewall machine should be set to the address given to you by your
> ISP, which is certainly on the same subnet as the routable address you
> have (on de0).
>
> > Info would be appreciated and yes i am already reading the handbook
> > and lso Greg Lehey's book as well as Oreilly's tcp/ip for netork
> > administrators.
>
> Good man.
>
> Of course, if you have any other machines inside the firewall, you'll
> want to set up natd; the man page (natd(8)) is quite good.
>
> Lucas
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
G. Jason Middleton
_______________________________________________________________________________
Announcement:
The revolution will not be televised.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.31L.02.0102232250310.18420-100000>