RE: IP addressing on firewall

Barry Roche \(LMI\) Wed, 16 Aug 2000 04:16:50 -0700
Sorry Ronneil,

Full URL:

http://www.phoneboy.com/fw1/faq/0197.html

- Barry

-----Original Message-----
From: Ronneil Camara [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 16, 2000 10:21 AM
To: '[EMAIL PROTECTED]'
Subject: RE: IP addressing on firewall


Hi Tobias,

Looks like you misunderstood my POST. I wasn't talking about the host on my
private net, I was talking about the firewall config. Of course, the gateway
ip address that I should put on my host on my private net is 172.16.1.1.

Supposed we have the following config:                   
e0 = 172.16.1.1
e1 = 172.16.1.5
e2 = 222.2.2.2
router lan = 222.2.2.1
                                                  __  __  __
                   .------.                      /  \/  \/  \
private----------e0|  FW  |e2-----> router------>| Internet |
172.16.1.x/24      |      |       222.2.2.1      \__/\__/\__/
                   `------'
                      e1
                      | DMZ
                      | 172.16.1.x/24
                      v
                 http/dns/smtp
                     servers


As far as I know, the e2 should have the gateway address set to 222.2.2.1.
Am I right?

-- 
            .-------------------------------------------------------.
    .^.     | Ronneil Camara,    | [EMAIL PROTECTED] |
    /V\     |--------------------| +632 6354086      +63917 5326993 |
   // \\    | "The only way to   `----------------------------------|
  /(   )\   |          stop a hacker is to think like one."         |
   ^^-^^    |                         ...brilliant misguided youth  |
            `-------------------------------------------------------'

> -----Original Message-----
> From: Reckhard, Tobias [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 16, 2000 5:08 PM
> To: 'Ronneil Camara'; '[EMAIL PROTECTED]'
> Subject: RE: IP addressing on firewall
> 
> 
> Wrong. The 'firewall' is the default gateway of the hosts on 
> the private net
> and in the DMZ. Unless you've got a layer 2 firewall (no, you 
> most probably
> don't).
> 
> Regards
> Tobias Reckhard
> secunet 
> Security Networks AG       Tel   : +49(6196)95888-42
> Mergenthalerallee 77       Fax   : +49(6196)95888-88
> D-65760 Eschborn           E-Mail: [EMAIL PROTECTED]
> 
> > -----Original Message-----
> > From:       Ronneil Camara [SMTP:[EMAIL PROTECTED]]
> > Sent:       Wednesday, August 16, 2000 9:58 AM
> > To: '[EMAIL PROTECTED]'
> > Subject:    RE: IP addressing on firewall
> > 
> > Since we're talking of the firewall which implements DMZ, only the
> > interface
> > that is exposed to the internet should have a gateway and 
> that gateway
> > should have the ip address of the router facing the 
> internet also. I don't
> > need to put any gateway ip address on the private and dmz lan cards,
> > right?
> > 
> > Ronneil
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> 
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
RE: IP addressing on firewall

Reply via email to
