On Mon, 23 Apr 2001, JR Ponce de Leon wrote:
> Hi everyone.
>
> Can somebody point me to a good documentation on how to setup a Cisco router
> as a Bridge/Firewall?
If you're just worried about being able to put your router inline, you
should be able to use an IP unnumbered interface on the external side
of your router and use "normal" extended access lists.
> Our internet provider doesn't allow us to manage their router which are in
> our office and we need to setup ACLs. We have another Cisco router and I was
> planning to set it up as a kind of Bridge/Firewall between the LAN (Real
> IPs) and the NET, but I had never dealed with such kind of config.
Alternately, you might want to put some sort of *BSD box in the middle
with IPFilter on it, which should packet filter just fine in bridge mode
(I've never done it, but I've heard it's possible.)
> Any suggestions will be very appreciated.
Theoretically, doing IP unnumbered on the outside of your router, and
using the same address or proxy ARPing on the inside should work. If
you're not using routable address space, you can RFC 1918 the inside and
subnet/NAT at will.
If you can get the ISP to cooperate on re-addressing the internal
interface on their router, things will be easier to understand/set up.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
