Re: Addressing Question - PLEASE HELP!

Thu, 07 Dec 2000 11:36:34 -0800 

Save your registered address space. !!  Decide what network capable device 
you would like exposed to the Internet and address the rest with 
10.xxx.xxx.xxx address space.


Serial 0/0 - address assigned by ISP
Port 1 - 1 address up from one assigned to Serial 0/0 - usually some 
internal address used by your ISP
FE0 - first address out of Clas C assigned to you by ISP (unless you are 
lucky person got an address space that is portable), but most likely not
FE2/NIC1 - external IP if you have remote VPN users authenticating via 
RADIUS, or you can NAT, a couple of IP addresses with your ISP to add 
another gooshy later to your VPN IP addresses.

NIC2 - internal address space, then all users internally must authenticate 
via RADIUS to get out
Port 3 - Sacrifical Lambs, hang a couple of boxes out there and let those 
media-hyped hackers go at it..

/mark


At 10:26 AM 12/7/00 -0800, Vaughn Pennington wrote:
>I'm hoping someone can provide me some guidance on setting up a 
>dual-firewall architecture. This is my first experience using two 
>firewalls together and I'm a little fuzzy on the correct way to set up the 
>IP addresses on the various interfaces.  First let me describe the 
>environment.
>
>------------
>   Internet
>------------
>       |
>-Serial0/0-
>2620 router
>---FE0/0---
>      |
>      |
>---Port1-------------------------
>Nokia IP330 with 3 ethernet ports
>---------Port2-----------Port3---
>            |               |
>            |               |
>     -----NIC1-------    --------
>     Novell BorderMgr      DMZ
>     Firewall/Radius     --------
>     -----NIC2-------
>            |
>            |
>     ----------------
>     Private Network
>     ----------------
>
>My first thought was that all the interfaces would get public IPs except 
>for NIC2 which would be a private address.  The BorderManager box will be 
>doing NAT'ing and Radius authentication.  FE0/0, Port1, Port2, Port3 and 
>NIC1 are all public addresses on the same subnet.  Serial0/0 is an IP from 
>my ISP and NIC2 is a 10.X.X.X IP. Am I correct with this config or is the 
>cheese sliding off my cracker?  Any help would be greatly appreciated.  Thanks.
>
>___________________________________________________
>GO.com Mail
>Get Your Free, Private E-mail at http://mail.go.com
>
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to