Lynn
maybe my drawing was not completely clear.
The outer firewall is NATting whereas the inner is routing to keep the DMZ
and the secure network apart. We were planning to provide server hosting
for remote networks but the design included dual hosted servers with a SAN
device on the seconf
On Wednesday 22 October 2003 02:26 am, Erich Titl wrote:
Hi
I am deploying Bering 1.2 systems as firewalls/VPN tunnel endpoints to
build what they call extruded subnets in freeswan jargon
Here a little bit of ASCII art
client net
10.230.60.0/24 (for historical reasons)
¦
10.230.60.1
Lynn
At 23:56 22.10.2003 -0500, Lynn Avants wrote:
On Wednesday 22 October 2003 02:26 am, Erich Titl wrote:
Hi
I am deploying Bering 1.2 systems as firewalls/VPN tunnel endpoints to
build what they call extruded subnets in freeswan jargon
Here a little bit of ASCII art
client net
On Thursday 23 October 2003 02:50 am, Erich Titl wrote:
[...]
There is no NAT on the inner firewall, but then there is no NETBIOS traffic
either through the firewall.
Hmmm... so it is running proxy-arp on the inner firewall (assuming this
is the only way you can filter w/o routing).
I know
Hi
I am deploying Bering 1.2 systems as firewalls/VPN tunnel endpoints to
build what they call extruded subnets in freeswan jargon
Here a little bit of ASCII art
client net
10.230.60.0/24 (for historical reasons)
¦
10.230.60.1
Bering / customer VPN endpoint
xx.xx.xx.xx (any old public address)