Not sure why you'd need more than one or two public IP
addresses, but in any case, you need a router/firewall to
protect the lan(s). It doesn’t mean you won't use port
forwarding, because if you host your own email or web
servers, then you will have to forward those ports to the
correct internal/private IPs.

You want the bridge, or in some modems it's called a DMZ, to
put the efw right out there with seemingly nothing between
it and the internet. It doesn’t have to be this way, but it
makes things a little nicer if you don’t have two routers to
have to configure. (most dsl modems are also nat routers)

Basically, you're turning off the router functions of the
modem when you turn on transparent bridging, so that the efw
(or whatever firewall you use) becomes the sole router.
That’s why you would then assign the public IPs to the efw.

If you google your dsl modem model number with the word
'bridge', you should find many sites that will walk you thru
setting it up...




-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Kenneth Lundström
Sent: Wednesday, August 06, 2008 3:08 PM
To: efw-user@lists.sourceforge.net
Subject: [Efw-user] Routed vs. bridge internet

I´m about to change ISP and my new ISP was installed couple
weeks ago. 
But I don´t understand how to configure the modem and
firewall to get 
things to operate correctly. It is an SDSL connection.

My old ISP gave me sex public adresses that are configured
into the EFW. 
Via portforwarding everything is working just great. The
modem was just 
an bridge. All servers are on private adresses behind the
firewall on 
the orange interface.

The new ISP gives me a routed connection, I got the WAN
adress, with a 
gateway and netmask. Then I got twelve LAN adresses that are
public. How 
should I configure my modem (Zyxel Prestige 792H) and Endian
to get 
everything working. I still want to use private adresses on
the servers. 
The ISP says that I should configure the modem as an bridge,
put the WAN 
adressen on Endians red interface and then configure those
LAN adresses 
directly to all servers. Doesn´t that mean that no
portforwaring is 
used, whats do point with the firewall at all.


Kenneth



------------------------------------------------------------
-------------
This SF.Net email is sponsored by the Moblin Your Move
Developer's challenge
Build the coolest Linux based applications with Moblin SDK &
win great prizes
Grand prize is a trip for two to an Open Source event
anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user

Reply via email to