Not sure why you'd need more than one or two public IP addresses, but in any case, you need a router/firewall to protect the lan(s). It doesnt mean you won't use port forwarding, because if you host your own email or web servers, then you will have to forward those ports to the correct internal/private IPs.
You want the bridge, or in some modems it's called a DMZ, to put the efw right out there with seemingly nothing between it and the internet. It doesnt have to be this way, but it makes things a little nicer if you dont have two routers to have to configure. (most dsl modems are also nat routers) Basically, you're turning off the router functions of the modem when you turn on transparent bridging, so that the efw (or whatever firewall you use) becomes the sole router. Thats why you would then assign the public IPs to the efw. If you google your dsl modem model number with the word 'bridge', you should find many sites that will walk you thru setting it up... -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenneth Lundström Sent: Wednesday, August 06, 2008 3:08 PM To: efw-user@lists.sourceforge.net Subject: [Efw-user] Routed vs. bridge internet I´m about to change ISP and my new ISP was installed couple weeks ago. But I don´t understand how to configure the modem and firewall to get things to operate correctly. It is an SDSL connection. My old ISP gave me sex public adresses that are configured into the EFW. Via portforwarding everything is working just great. The modem was just an bridge. All servers are on private adresses behind the firewall on the orange interface. The new ISP gives me a routed connection, I got the WAN adress, with a gateway and netmask. Then I got twelve LAN adresses that are public. How should I configure my modem (Zyxel Prestige 792H) and Endian to get everything working. I still want to use private adresses on the servers. The ISP says that I should configure the modem as an bridge, put the WAN adressen on Endians red interface and then configure those LAN adresses directly to all servers. Doesn´t that mean that no portforwaring is used, whats do point with the firewall at all. Kenneth ------------------------------------------------------------ ------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user