Heres a good one i think:
Objective: Build a Bastion Host (Firewall) between an Internal LAN and the
Internet
Here's the scenario:
Internal LAN: Client IP Range = 200.0.0.2 to 200.0.0.252
Firewall: Internal NIC (eth1) IP = 200.0.0.1
Firewall: External NIC (eth0) IP = 200.0.0.253
Cisco Router (Default Gateway to Internet): IP = 200.0.0.254
The question is:
-Can I route the requests from the Internal LAN clients to the Internet via
the firewall, WITHOUT changing the IPs? ( We don't want to use a Private IP
Range. We also don't want to subnet the class C address)
- If the answer is yes, how can you configure ipchains or iptables to deal
with the fact that the internal and external interfaces are on the same
subnet?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
