Stuart Henderson wrote:
--On 16 August 2005 16:56 +0000, Carlos A. Garcia G. wrote:
i have users internal with private ip and others internal with public
ip addresses lets say:
public net usr private net usr
148.233.82.0/24 10.1.0.0/16
| |
internal segment
|
int_if
10.1.0.1
OpenBSD
148.233.82.2
ext_if
|
GATEWAY===>INTERNET
I think you'll want to have two internal network interfaces, one for
each network. Then bridge the network with public addresses to ext_if,
and NAT the private addresses. These two internal interfaces can
either be physical, or (if you have a suitable switch) they can be vlan.
in the int_if and port redirection to have an transparent squid here
rdr on a bridge can be difficult (I never managed to find the correct
way to use ftp-proxy on a bridging firewall and ended up using
ftpsesame instead) - you'll make life a lot simpler by not using
transparent proxy on the network with private addresses, if that's
possible.
do i need to set up routing daemons?
No, not for this.
ok what i have done is this
private users
172.16.0.0/16 ====> +===> int_ifPRIVATE 172.16.0.1/32
public users
switch +=>
ext_if 148.233.81.2==>ROUTER
148.233.82.0/24===> +===>int_ifPUBLIC 148.233.82.254/32
now from the internal i can do everithign private ping and get to
internet, but the public ip get to te int_ifPUBLIC and even to ext_if
but can not reach to internet not mention the ROUTER so what can be the
problem?
