I'd like to build a gentoo box to act as a single router between a
hardware firewall (appliance) and two internal separate network
segments. The goal is to allow both internal segments to access the
Internet via the same firewall, but not allow them to see eachother.
Here's my general idea - please tell me if it makes sense so far.
1. Cable modem connected to ISP
2. Hardware firewall connected to cable modem on Internet port, and an internal port to eth0 on the Gentoo box
3. Gentoo box has 3 NICs: eth0 connected to the hardware firewall's
internal lan port. eth1 connected to switch for internal lan segment 1.
eth2 connected to switch for internal lan segment 2
4. Configure the NICs as follows:
eth0 and firewall internal port are in 192.168.0.0/24 subnet
eth1 is in 192.168.1.0/24 subnet
eth2 is in 192.168.2.0/24 subnet
Sound OK so far?
Next steps I think are figuring out how to provide DHCP to both
internal subnets from the same Gentoo box, and what gateway address(es)
the clients should use. Finally, I need to be able to do
port-forwarding from the outside to a specific host on one of the
internal subnets. Can I do that?
One quandary I have is regarding the hardware firewall. We have money
invested in it, but does it buy me anything now that we are creating
the 2 separate subnets? Should I just sell it and let the Gentoo box be
the firewall as well?
Thanks for any insight, as always.
--
Mark
[unwieldy legal disclaimer would go here - feel free to type your own]
- [gentoo-user] making my own router Mark
- Re: [gentoo-user] making my own router W.Kenworthy
- Re: [gentoo-user] making my own router Bill Roberts
- RE: [gentoo-user] making my own router Dave Nebinger
