> Can I have a firewall with the 2 nic cards on the same network. > I have this set up. > > <Router 192.168.1.0/24> ----- <switch>------<servers 192.168.1.0/24> > > I want > > <Router 192.168.1.0/24> ----- <192.168.1.0/24(eth0) FW >192.168.1.0/24(eth1)>------<switch>------<servers 192.168.1.0/24> > > Is it possible?
It is doable. Usually called a "dropin configuration". I prefer to call it a "drop dead configuration", because it is brittle, and a hell to debug if anything goes wrong. If you must support this setup, learn about "proxy ARP", "ICMP redirect", and all the niceties under /proc/sys/net/. It is vital that you learn for yourself how to set this up - this is the only chance you have to not get totally lost in the troubleshooting you'll do later. best regards Patrick
