Re: [Efw-user] Using Endian without NAT as firewalling router?

Tue, 26 Jun 2007 03:15:57 -0700 

hi

Tim Korves wrote:
> is there a chance to use the endian firewall without the NAT? So that I
> can route my official IPs through it and have a packetfilter applied to
> the connections? We use official IPs in our office which are assigned /
> routed to our connection... Is this possible? A 1:1 NAT (aliases) is
> not, what we'd like to use... At the moment, we're using an old PC
> which's running pfSense and routing and filtering our traffic.

Currently Endian Firewall does NAT between each zone. It is not possible
to go without NAT.
2.1.1 contains 1:1 NAT, so you can map external ip addresses to internal
ones.
External ip addresses always terminate on the RED interface. There is no
possibility to route them through,.
If you try to circumvent this fact, you loose the filtering
functionality of the firewall.

One possibility which maybe could interest you is to join the uplink
interface to the orange zone. A zone bridges together all interfaces
which are part of it. Currently this is more or less like attaching them
to the same switch. The gui does not implement filtering capabilities
between them, however the kernel does!
This will change with 2.2, where we introduce intrazone filtering, which
replaces dmzholes and allows you to filter on the bridge as well as
between the zones.

peter

-- 
:: e n d i a n
:: open source - open minds

:: peter warasin
:: http://www.endian.com   :: [EMAIL PROTECTED]

begin:vcard
fn:Peter Warasin
n:;Peter Warasin
org:Endian GmbH/Srl
adr:;;Pillhof 47;Frangart/Frangarto;BZ;I-39010;Italien/Italia
email;internet:[EMAIL PROTECTED]
tel;work:+39 0471 631763
tel;fax:+39 0471 631764
x-mozilla-html:FALSE
url:http://www.endian.com
version:2.1
end:vcard


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user

Reply via email to