RE: [FW1] routes ?

Goodwin, Russell Thu, 02 Nov 2000 10:44:10 -0800

If you need people to access the 212.x addresses from the public internet
then the route will be required on the Cisco box.
I hope these addresses have been changed, by the looks of them they have as
I would expect them to be from the same class C. It has been said before
here many times, it is not a good idea to put real IP address out on these
kind of lists. They are public and everyone would then know what your router
and Firewall IP addresses are. 
Some people love to get their hands on this kind of info, it wouldn't be to
hard to get the ip of your DNS, FTP and mail server from this info either. 

Hope the info helps,

Russell Goodwin


-----Original Message-----
From: Alberto D�az [mailto:[EMAIL PROTECTED]]
Sent: 02 November 2000 18:05
To: [EMAIL PROTECTED]
Subject: [FW1] routes ?



        Hi,

        I have the FireWall-1 Gateway and my system is:

                Internet
                   |
                 Router
                   |
                   | (1)
                  FW1
                   |
                   | (2)
                   |
        --------------
         |      |       |
         |      |       |
      serv.  Serv.   Serv.
        web      mail   DNS,FTP

        the segment net (1) is: 210.160.188.0 / 255.255.255.240
        and the segment net (2) is: 212.170.188.16 / 255.255.255.240

        The ethernet interface in the Cisco router has the ip =
210.160.188.1 and
the external interface in the firewall  is 210.160.188.2 I have a static
rule in the CISCO router
                ip route 212.170.188.16 255.255.255.240 210.160.188.2

        With this rule all traffic to the segment (2) is routed to the
firewall and
the firewall filters that traffic.

        Is it necessary to route the trafic to the firewall or can I remove
this
static rule in the router and in the firewall? Could the firewall work fine
without the static rule in the router?

        -----------------------------------------------
XXXXXXXXXXX   -------------------------------------------

        And if I used NAT in the FireWall with rules like this
                source          destination     service |       source
destination     service
                   any        210.160.188.5        any  |          any
212.170.188.20   any
                   any         210.160.188.8       any    |        any
212.170.188.19   any

        would it be necessary a static rule like this in the router?

                ip route 210.160.188.0  255.255.255.240  210.160.188.2

        ---------------------------------------------
 XXXXXXXXXXX  ----------------------------------------------

        Thank You.







============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
RE: [FW1] routes ?

Reply via email to
