hi,
> Well .. I'm using a Cisco 2501 over here ... and how I route
> it? Well .. I just
> route one bye one IP ... like below:
>
> ip route 0.0.0.0 0.0.0.0 161.142.5.25
> ip route 161.142.0.0 255.255.0.0 161.142.5.25
> ip route 202.184.73.2 255.255.255.255 202.184.73.3 <-- start
> ip route 202.184.73.4 255.255.255.255 202.184.73.3 <-- routing
> ip route 202.184.73.8 255.255.255.255 202.184.73.3 <-- to the
> ip route 202.184.73.11 255.255.255.255 202.184.73.3 <-- firewall
>
> and so on and so forth .... heheh .. looks tidious eh? but
> that's how I do it
> . anybody has better way .. then please .. point me :) .. As
> you can see here
> . 202.184.73.3 is my firewall .. running on FreeBSD
> 3.0-STABLE ... it's an
> experimental actual .. just play around with some fw rules ..
> but anyway ..
> that's how I do the routing ... well .. have fun!
i think a better way would be to:
1.) use private addresses in your internal network and do masquerading on
the firewall.
or if for some reason you can't:
2.) subnet your current class c in say 4 subnets:
194.130.69.0/26 - between router and firewall
194.130.69.64/26 - for a DMZ
194.130.69.128/26 - internal net
194.130.69.192/26 - internal net
then all you have to say on your cisco is:
ip route 194.13.69.64 255.255.255.192 194.130.69.1
ip route 194.13.69.128 255.255.255.192 194.130.69.1
ip route 194.13.69.192 255.255.255.192 194.130.69.1
which is far more administration friendly.
--jan van rensburg
> -----Original Message-----
> From: Muhammad Najib [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, February 06, 1999 11:29 PM
> To: Chris Bond; [EMAIL PROTECTED]
> Subject: Re: Cisco routing to a firewall on the internal network
>
>
> >Hi,
> >
> >I want to use a linux box that is setup on the internal network for
> >firewalling/filtering. I've managed to setup the linux box without
> >problems. Now I need to route all incoming traffic from the
> router to
> >this machine.
> >
> >We have a Cisco 2503 router with the current network routes:
> >
> >ip default-network 158.43.0.0
> >ip route 0.0.0.0 0.0.0.0 Serial0
> >ip route 158.43.0.0 255.255.0.0 Serial0
> >
> >The machine I want to route all the traffic to on the
> internal ethernet
> >is 194.130.69.1. Any help would be apperiacated.
> >
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
