Your workstations should be on private/reserved/RFC-1918 IP addresses. This will have
the added advantage of reducing your drain on Class-C addresses.
You don't "assign all available IP addresses" to the firewall; you make it the gateway
(route) TO those addresses.
In short, yes, you can run multiple servers on multiple IPs through a (Linux) firewall.
If you run the servers behind the firewall, you can use private addresses for them as
well and ONLY allow (map) the relevant ports (SMTP, HTTP, etc) through the firewall,
providing an additional level of security.
An example:
http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO-7.html
>We have a Class-C network and will eventually be using most of the IP
>addresses. Due to this reason we recently setup an ipchains Linux
>firewall/proxy server for the workstations, but the servers are still
>insecure. Is there a way to have a Linux firewall allow for multiple
>http/https/smtp/lotus domino/notes servers behind it? I really don't want
>to have to assign all of the available ip addresses to the firewall then
>port forward each ip address to a different local IP address behind the
>firewall that seems a little redundant not to mention difficult to maintain.
>
>So is it possible to have multiple servers running behind a Linux ipchains
>based firewall?
>If so can you give me some examples or direction to head it? If not any
>suggestions to still use Linux/Unix?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
